IFS NS2503-8P/2C GE-DS-82 and GE-DS-82-POE User Manual
P/N 1072571 • REV 00.06 • ISS 31JAN13
Copyright
© 2013 UTC Fire & Security Americas Corporation, Inc.
Interlogix is part of UTC Climate Controls & Security, a unit of United
Technologies Corporation. All rights reserved.
Trademarks and patents
The IFS NS2503-8P/2C GE-DS-82 and GE-DS-82-POE and logo are
trademarks of United Technologies.
Other trade names used in this document may be trademarks or
registered trademarks of the manufacturers or vendors of the respective
products.
Intended use
Use this product only for the purpose it was designed for; refer to the
data sheet and user documentation for details. For the latest product
information, contact your local supplier or visit us online at
www.interlogix.com.
Manufacturer
UTC Fire & Security Americas Corporation, Inc.
2955 Red Hill Avenue
Costa Mesa, CA 92626-5923, USA
EU authorized manufacturing representative:
UTC Fire & Security B.V., Kelvinstraat 7,
6003 DH Weert, The Netherlands
Certification
N4131
FCC compliance
This equipment has been tested and found to comply with the limits for a
Class A digital device, pursuant to part 15 of the FCC Rules. These limits
are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial
environment. This equipment generates, uses, and can radiate radio
frequency energy and, if not installed and used in accordance with the
instruction manual, may cause harmful interference to radio
communications.
You are cautioned that any changes or modifications not expressly
approved by the party responsible for compliance could void the user's
authority to operate the equipment.
ACMA compliance Notice! This is a Class A product. In a domestic environment this
product may cause radio interference in which case the user may be
required to take adequate measures.
Canada
This Class A digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe A est conforme á la norme
NMB-003du Canada.
European Union directives 2004/108/EC (EMC Directive): Hereby, UTC Fire & Security Americas
Corporation, Inc. declares that this device is in compliance with the
essential requirements and other relevant provisions of Directive
2004/108/EC.
2002/96/EC (WEEE directive): Products marked with this symbol
cannot be disposed of as unsorted municipal waste in the European
Union. For proper recycling, return this product to your local supplier
upon the purchase of equivalent new equipment, or dispose of it at
designated collection points. For more information see:
www.recyclethis.info.
Contact information
Contact support
For contact information see our Web site: www.interlogix.com
www.interlogix.com/customer support
.
GE-DS and NS2503 Series User Manual
TABLE OF CONTENTS
IFS NS2503-8P/2C IFS GE-DS-82 IFS GE-DS-82-POE USER MANUAL................1
INTRODUCTION ..............................................................................................................5
Package Contents......................................................................................................................................5
Product Description...................................................................................................................................6
How to Use This Manual............................................................................................................................7
Product Features........................................................................................................................................8
Product Specification............................................................................................................................. 11
INSTALLATION..............................................................................................................14
Hardware Description............................................................................................................................. 14
Switch Front Panel.............................................................................................................................. 14
LED Indications................................................................................................................................... 15
Switch Rear Panel .............................................................................................................................. 18
Install the Switch..................................................................................................................................... 19
Desktop Installation ............................................................................................................................ 19
Rack Mounting.................................................................................................................................... 20
Installing the SFP Transceiver............................................................................................................ 21
SWITCH MANAGEMENT...............................................................................................23
Requirements .......................................................................................................................................... 23
Management Access Overview.............................................................................................................. 24
Web Management.................................................................................................................................... 25
SNMP-Based Network Management ..................................................................................................... 25
Administration Console.......................................................................................................................... 26
Protocols.................................................................................................................................................. 27
Virtual Terminal Protocols .................................................................................................................. 27
SNMP Protocol ................................................................................................................................... 28
Management Architecture .................................................................................................................. 28
WEB-BASED MANAGEMENT
About Web-based Management............................................................................................................. 29
Requirements ..................................................................................................................................... 30
Logging on the switch......................................................................................................................... 30
Main WEB PAGE................................................................................................................................ 32
System...................................................................................................................................................... 33
System Information............................................................................................................................. 34
.......................................................................................29
0
GE-DS-82 and NS2503-8P/2C Series User Manual
IP Configuration .................................................................................................................................. 37
SNMP Configuration........................................................................................................................... 39
Firmware Upgrade.............................................................................................................................. 46
Configuration Backup ......................................................................................................................... 48
Factory Default ................................................................................................................................... 50
System Reboot ................................................................................................................................... 50
Syslog Setting..................................................................................................................................... 51
SMTP Setting...................................................................................................................................... 52
SNTP .................................................................................................................................................. 53
System Log......................................................................................................................................... 53
Port Configuration .................................................................................................................................. 55
Port Control......................................................................................................................................... 55
Rate Control........................................................................................................................................ 57
Port Status .......................................................................................................................................... 58
Port Statistics...................................................................................................................................... 58
Port Sniffer.......................................................................................................................................... 60
Protect Port......................................................................................................................................... 62
Remote Ping ....................................................................................................................................... 63
VLAN configuration ................................................................................................................................ 64
VLAN Overview .................................................................................................................................. 64
Static VLAN Configuration.................................................................................................................. 66
Port-based VLAN................................................................................................................................ 67
802.1Q VLAN...................................................................................................................................... 69
Q-in-Q VLAN....................................................................................................................................... 74
GVRP VLAN ....................................................................................................................................... 78
Spanning Tree Protocol.......................................................................................................................... 81
Theory................................................................................................................................................. 81
Illustration of STP ............................................................................................................................... 84
STP Parameters ................................................................................................................................. 85
STP System Configuration ................................................................................................................. 86
Port Configuration............................................................................................................................... 90
Trunking................................................................................................................................................... 92
Aggregator setting .............................................................................................................................. 93
Aggregator Information....................................................................................................................... 94
State Activity ....................................................................................................................................... 98
Forwarding and Filtering........................................................................................................................ 99
Dynamic MAC Table........................................................................................................................... 99
Static MAC Table.............................................................................................................................. 100
MAC Filtering .................................................................................................................................... 101
1
GE-DS-82 and NS2503-8P/2C Series User Manual
IGMP Snooping ..................................................................................................................................... 102
Theory............................................................................................................................................... 102
IGMP Configuration .......................................................................................................................... 106
Static Multicast Table........................................................................................................................ 108
QoS Configuration ................................................................................................................................ 109
Understand QoS ............................................................................................................................... 109
QoS Configuration ............................................................................................................................ 110
TOS/DSCP ....................................................................................................................................... 113
Access Control List .............................................................................................................................. 116
MAC Limit............................................................................................................................................... 119
MAC Limit Configuration................................................................................................................... 119
MAC Limit Port Status ...................................................................................................................... 120
802.1X Configuration............................................................................................................................ 121
Understanding IEEE 802.1X Port-Based Authentication.................................................................. 121
System Configuration ....................................................................................................................... 123
802.1x Port Configuration................................................................................................................. 125
Misc Configuration ............................................................................................................................ 126
Power over Ethernet (GE-DS-82-POE / NS2503-8P/2C)..................................................................... 127
Power over Ethernet Powered Device.............................................................................................. 127
GE-DS-82-POE / NS2503-8P/2C Power Management.................................................................... 128
PoE Schedule ................................................................................................................................... 132
DHCP Relay & Option 82...................................................................................................................... 134
LLDP....................................................................................................................................................... 136
LLDP Configuration .......................................................................................................................... 136
Per Port Configuration ...................................................................................................................... 137
Users Configuration.............................................................................................................................. 138
CONSOLE MANAGEMENT.........................................................................................141
Login in the Console Interface............................................................................................................. 141
Configure IP address............................................................................................................................ 142
Commands Level .................................................................................................................................. 144
COMMAND LINE INTERFACE
....................................................................................145
Operation Notice ................................................................................................................................... 145
System Commands............................................................................................................................... 146
Switch Static Configuration................................................................................................................. 147
Port Configuration and show status.................................................................................................. 147
Trunk Configuration.............................................................................................................................. 150
Trunking Commands ........................................................................................................................ 150
LACP Command............................................................................................................................... 150
VLAN Configuration.............................................................................................................................. 152
2
GE-DS-82 and NS2503-8P/2C Series User Manual
Virtual LANs...................................................................................................................................... 152
VLAN Mode: Port-based................................................................................................................... 152
Advanced 802.1Q VLAN Configuration............................................................................................ 153
Misc Configuration................................................................................................................................ 156
Administration Configuration.............................................................................................................. 156
Change Username / Password......................................................................................................... 156
IP Configuration ................................................................................................................................ 157
Reboot switch ................................................................................................................................... 158
Reset to Default ................................................................................................................................ 158
TFTP Update Firmware .................................................................................................................... 158
Restore Configure File...................................................................................................................... 158
Backup Configure File ...................................................................................................................... 158
MAC limit................................................................................................................................................ 159
Port Mirroring Configuration................................................................................................................ 159
Quality of Service.................................................................................................................................. 160
QoS Configuration ............................................................................................................................ 160
Per Port Priority ................................................................................................................................ 161
MAC Address Configuration................................................................................................................ 161
STP/MSTP Commands.......................................................................................................................... 163
SNMP...................................................................................................................................................... 167
System Options ................................................................................................................................ 167
Community Strings ........................................................................................................................... 168
Trap Managers ................................................................................................................................. 168
IGMP....................................................................................................................................................... 169
802.1x Protocol...................................................................................................................................... 170
Access Control List .............................................................................................................................. 172
Ipv4 ACL commands ........................................................................................................................ 172
Non-Ipv4 ACL commands ................................................................................................................ 173
Binding................................................................................................................................................... 174
SIP/SMAC binding commands ......................................................................................................... 174
Power over Ethernet Commands (GE-DS-82-POE / NS2503-8P/2C)................................................ 175
Display System PoE status .............................................................................................................. 175
Configure PoE Over Temperature Protection .................................................................................. 176
Configure PoE -- System.................................................................................................................. 177
Configure PoE -- Port ....................................................................................................................... 180
SMTP Commands.................................................................................................................................. 184
User (manage user name and password)........................................................................................... 184
SWITCH OPERATION .................................................................................................185
Address Table........................................................................................................................................ 185
3
GE-DS-82 and NS2503-8P/2C Series User Manual
Learning................................................................................................................................................. 185
Forwarding & Filtering.......................................................................................................................... 185
Store-and-Forward................................................................................................................................ 185
Auto-Negotiation................................................................................................................................... 186
POWER OVER ETHERNET OVERVIEW
What is PoE? ......................................................................................................................................... 187
The PoE Provision Process ................................................................................................................. 188
Stages of powering up a PoE link..................................................................................................... 189
Line Detection................................................................................................................................... 189
Classification..................................................................................................................................... 189
Start-up ............................................................................................................................................. 189
Operation .......................................................................................................................................... 189
Power Disconnection Scenarios....................................................................................................... 189
.....................................................................187
TROUBLE SHOOTING ................................................................................................191
APPENDIX A—RJ-45 PIN ASSIGNMENT...................................................................192
Switch's RJ-45 Pin Assignments......................................................................................................... 192
10/100Mbps, 10/100Base-TX ................................................................................................................ 192
APPENDIX B: LOCAL USER ACCESS LEVEL TABLE .............................................194
4
GE-DS-82 and NS2503-8P/2C Series User Manual
Introduction
The IFS GE-DS-82, GE-DS-82-POE and NS2503-8P/2C switches have 8 10/100Mbps ports with 2 Gigabit TP/SFP fiber optical
combo ports and are equipped with robust layer 2 features; the description of these models as below:
GE-DS-82 :
GE-DS-82-POE :
NS2503-8P/2C :
Managed Switch refers to the Switches mentioned in the cover page of this User’s manual, i.e. GE-DS-82, GE-DS-82-POE
and NS2503-8P/2C.
Package Contents
Open the box of the Managed Switch and carefully unpack it. The box should contain the following items:
Check the contents of your package for following parts:
The Managed Switch
8-Port 10/100Base-TX + 2-Port Gigabit TP/SFP Combo Managed Switch
8-Port 10/100Base-TX + 2-Port Gigabit TP/ SFP Managed PoE Switch
8-Port 10/100Base-TX + 2-Port Gigabit TP/ SFP Managed 802.3at PoE Switch
x1
User’s Manual CD
Quick Installation Guide
19” Rack mount Accessory Kit
Pow er Cord
Rubber Feet
RS-232 DB9 Male Console Cable
If any of these are missing or damaged, please contact your distributor or IFS sales rep immediately, if possible, retain the
original carton and packaging material in case you need to return the product for repair/replacement.
x1
x1
x1
x1
X4
x1
5
GE-DS-82 and NS2503-8P/2C Series User Manual
Product Description
High Performance Wire-Speed Switching
The IFS GE-DS-82 and NS2503-8P/2C series Managed Switches offers 8 10/100Base-TX Ethernet ports with 2 Gigabit TP /
SFP combo ports. These two Gigabit TP/SFP combo ports of these models can be either 1000Base-T for 10/100/1000Mbps or
1000Base-SX/LX through SFP (Small Factor Pluggable) interface. The distance can be extended from 100 meters (TP), or 550
meters (Multi-mode fiber), up to 70 kilometers (Single-mode fiber).
The GE-DS-82 and NS2503-8P/2C series Managed Switch boast a high performance switch’s architecture that is capable of
providing non-blocking switch fabric and wire-speed throughput as high as 5.6Gbps. Its two built-in GbE uplink ports also offer
incredible extensibility, flexibility and connectivity to the Core switches or Servers.
Cost-effective solution with SNMP mo nitor for Network deployment
Not only for catering to the need of easy WEB-based management but also the centralized SNMP application to monitor the
status of Switch and traffic per port, IFS releases the cost-effective Managed Switch. The key features are as below:
WEB / SSL / Telnet / Console management
802.1Q / Q-in-Q VLAN
Rapid Spanning Tree
IGMP Snooping
802.1X Authentication / RADIUS
Access Control List
SNMP and 4 RMON groups
Remote and Centralize Management installation
With its built-in Web-based management, the GE-DS-82 and NS2503-8P/2C series offers an easy-to-use, platform-independent
management and configuration facility. It supports standard Simple Network Management Protocol (SNMP) and can be
monitored via any standard-based management software.
For efficient management, via WEB interface the GE-DS-82 and NS2503-8P/2C series can be programmed for basic switch
management functions such as port speed configuration, Port Trunking, VLAN, Port Mirroring, Rapid Spanning Tree and Misc
Configuration. Additionally, the firmware includes advanced features such as IGMP snooping, QoS (Quality of Service),
broadcast storm and bandwidth control, to enhance bandwidth utilization.
Powerful Security
The IFS GE-DS-82 and NS2503-8P/2C series offers comprehensive Access Control List (ACL) for enforcing security to the
edge. Its protection mechanisms comprises of Port-based 802.1X user and device authentication. Moreover, the switch
provides MAC filter and Static MAC for enforcing security policies to the edge. The administrators can now construct highly
secured corporate networks with considerably less time and effort than before.
6
GE-DS and NS2503 Series User Manual
Power over Ethernet of GE-DS-82-POE and NS2503-8P/2C
The PoE in-line power following the standards IEEE 802.3af / IEEE 802.3at makes the GE-DS-82-POE and the NS2503-8P/2C
able to power on 8 PoE devices at the distance up to 100 meters through the 4-pair Cat 5/5e UTP wire.
How to Use This Manual
This User Manual is structured as follows:
INSTALLATION
The section explains the functions of the Switch and how to physically install the Managed Switch.
SWITCH MANAGEMENT
The section contains the information about the software function of the Managed Switch.
WEB CONFIGURATION
The section explains how to manage the Managed Switch by Web interface.
CONSOLE MANAGEMENT
The section describes how to use the Console management interface.
COMMAND LINE INTERFACE
The section explains how to manage the Managed Switch by Command Line interface.
SWITCH OPERATION
The chapter explains how to does the switch operation of the Managed Switch.
POWER OVER ETHERNET OVERVIEW
The chapter introduce the IEEE 802.3af / IEEE 802.3at PoE standard and PoE provision of the Managed Switch.
TROUBSHOOTING
The chapter explains how to trouble shooting of the Managed Switch.
Appendix A
The section contains cable information of the Managed Switch.
7
GE-DS-82 and NS2503-8P/2C Series User Manual
Product Features
Physical Port
GE-DS-82
8-Port 10/100Base-TX RJ-45 interfaces
2 10/100/1000T TP combo interfaces
2 mini-GBIC/SFP slots, shared with Port-9 and Port-10
Reset button for system management
1 RS-232 male DB9 console interface for Switch basic management and setup
GS-DS-82-POE
8-Port 10/100Base-TX RJ-45 with IEEE 802.3af PoE Injector
2 10/100/1000T TP combo interfaces
2 mini-GBIC/SFP slots, shared with Port-9 and Port-10
Reset button for system management
1 RS-232 male DB9 console interface for Switch basic management and setup
NS2503-8P/2C
8-Port 10/100Base-TX RJ-45 with IEEE 802.3af / IEEE 802.3at PoE Injector
2 10/100/1000Base-T TP combo interfaces
2 mini-GBIC/SFP slots, shared with Port-9 and Port-10
Reset button for system management
1 RS-232 male DB9 console interface for Switch basic management and setup
Layer 2 Features
Prevents packet loss Flow Control:
IEEE 802.3x PAUSE frame Flow Control for Full-Duplex mode
Back-Pressure Flow Control in Half-Duplex mode
High performance Store and Forward architecture, broadcast storm control, runt/CRC filtering eliminates erroneous
packets to optimize the network bandwidth
8K MAC Address Table, automatic source address learning and ageing
Support VLAN:
IEEE 802.1Q Tag-Based VLAN
Port-Based VLAN
Q-in-Q tunneling (Double Tag VLAN)
GVRP for dynamic VLAN Management
Private VLAN Edge (PVE / Protect Port )
Supports Link Aggregation
Up to 13 Trunk groups
Up to 8 ports per trunk group with 1.6Gbps bandwidth (Full Duplex mode)
IEEE 802.3ad LACP (Link Aggregation Control Protocol)
Cisco ether-Channel (Static Trunk)
Support Spanning Tree Protocol:
STP, IEEE 802.1D (Classic Spanning Tree Protocol)
8
MSTP, IEEE 802.1s (Multiple Spanning Tree Protocol, spanning tree by VLAN)
Quality of Service
4 priority queues on all switch ports
Traffic classification:
IEEE 802.1p Class of Service
IP TOS / DSCP code priority
Port Base priority
Strict priority and weighted round robin (WRR) CoS policies
Ingress/Egress Bandwidth control on each port
Multicast
IGMP Snooping v1 and v2
IGMP Snooping v2 fast leave
IGMP Query mode for Multicast Media application
Three IGMP Router modes (Auto, Static and Forbidden)
Static Multicast Table
Security
IEEE 802.1x Port-Based network access control protocol
RADIUS users access authentication
L3 / L4 Access Control List (ACL)
Source IP-MAC / Port-Binding
Port Security for Source MAC address entries filtering
GE-DS-82 and NS2503-8P/2C Series User Manual
Management
Switch Management Interface
- Telnet Command Line Interface
- Web switch management
- SNMP v1, v2c, v3 switch management
- SSL switch management
DHCP client for IP address assignment
DHCP Option82 and DHCP Relay
Link Layer Discovery Protocol (LLDP) for easy network management
Built-in Trivial File Transfer Protocol (TFTP) client
Firmware upgrade via TFTP or HTTP
Configuration restore / backup via TFTP or HTTP
Event message logging to remote Syslog server
Four RMON groups 1, 2, 3, 9 (history, statistics, alarms, and events)
SNMP trap for interface Link Up and Link Down notification
Supports Ping function
Power over Ethernet (GE-DS-82-POE and NS2503-8P/2C)
Complies with IEEE 802.3af / IEEE 802.3at Power over Ethernet End-Span PSE (NS2503-8P/2C only)
Up to 8 IEEE 802.3af devices powered
Up to 5 IEEE 802.3at device powered (NS2503-8P/2C only)
Support PoE Power up to 15.4 Watts for each PoE ports
9
GE-DS-82 and NS2503-8P/2C Series User Manual
Support PoE Power up to 30 Watts for each PoE ports (NS2503-8P/2C only)
Auto detect powered device (PD)
Circuit protection prevent power interference between ports
Remote power feeding up to 100m
PoE Management
IEEE 802.3af and IEEE 802.3at mode switch control
Temperature Threshold control
PoE power usage threshold control
Total PoE power budget control
Per port PoE function enable/disable
PoE Port Power feeding priority
Per PoE port power limit
PD classification detection
PoE Power Supply Over Temperature Protection
PoE Schedule
10
GE-DS-82 and NS2503-8P/2C Series User Manual
Product Specification
Product GE-DS-82 GE-DS-82-POE NS2503-8P/2C
Hardware Specification
10/100Mbps Copper Ports
1000Mbps Copper Ports
SFP/mini-GBIC Slots
Switch Architecture
Switch Fabric
Switch Throughput
Address Table
Share Data Buffer
Flash
DRAM
Maximum Frame Size
Flow Control
LED
Dimensions ( W x D x H)
Weight
Power Requirement
Power Consumption
Operating Temperature
Operating Humidity
Storage Temperature
Layer 2 Functions
Management Interface
Port Configuration
Port Status
VLAN
Spanning Tree
Link Aggregation
Quality of Service
8 10/ 100Base-TX RJ-45
Auto-MDI/MDI-X ports
2 10/100/1000Base-T RJ-45 port
2 SFP interfaces, shared with Port-9 and Port-10
Store-and-Forward
5.6Gbps / non-blocking
4.16Mpps@64Bytes
8K entries
2Mbits
4Mbytes
32Mbytes
9K Bytes
Back pressure for Half-Duplex
IEEE 802.3x Pause Frame for Full-Duplex
Power (Green)
Link/Activity (Green)
10/100 LNK / ACT(Orange)
1000 LNK / ACT(Green)
10/100 LNK / ACT(Orange)
330 x 155 x 44 mm,
1U height
1.2kg 1.6kg 1.74kg
100~240V AC, 50-60 Hz
16 Watts (Full load) 140 Watts (Full PoE Load) 170 Watts (Full PoE Load)
0 ~ 50 Degree C
20% to 95% (Non-condensing)
-10 Degree C ~ 70 Degree C
Console, Telnet, Web Browser, SSL, SNMP v1, v2c, v3
Port disable/enable.
Auto-negotiation 10/100Mbps full and half duplex mode selection.
Flow Control disable / enable.
Bandwidth control and broadcast storm filter on each port.
Display each port’s speed duplex mode, link status, Flow control status. Auto
negotiation status
IEEE 802.1Q Tag-based VLAN, up to 255 VLANs groups, out of 4041 VLAN IDs
Port-based VLAN
Q-in-Q tunneling
GVRP for VLAN Management, up to 128 dynamic VLAN entries
Private VLAN Edge(PVE / Protected port) with two protected port groups
IEEE 802.1D Spanning Tree
IEEE 802.1S Multiple Spanning Tree, up to 15 instances
Static Port Trunk
IEEE 802.3ad LACP (Link Aggregation Control Protocol)
Supports 13 groups of 8-Port trunk support
4 priority queue
Traffic classification based on :
Port-Based priority
8 10/ 100Base-TX RJ-45
Auto-MDI/MDI-X ports
Power (Green)
Link/Activity (Green)
PoE In-Use (Orange)
1000 LNK / ACT(Green)
10/100 LNK / ACT(Orange)
330 x 155 x 44 mm,
1U height
8 10/ 100Base-TX RJ-45
Auto-MDI/MDI-X ports
11
IGMP Snooping
Bandwidth Control
Port Mirror
Security
Access Control List
SNMP MIBs
Power over Ethernet
PoE Standard
PoE Power Supply Type
PoE Power output
Power Pin Assignment
PoE Power Budget
Max. number of Class2 PD
Max. number of Class 3 PD
Max. number of Class 4 PD
Standards Conformance
GE-DS-82 and NS2503-8P/2C Series User Manual
802.1p priority,
IP DSCP/TOS field in IP Packet
v1 and v2
256 multicast groups and IGMP query
Per port Ingress / Egress bandwidth control in steps of 128Kbps
RX / TX / Both
1 to 1 monitor
802.1x Port-Based Network access control
MAC Limit
Static MAC
MAC Filtering
Supports up to 220 rule entries
RFC-1157 SNMP MIB
RFC-1213 MIB-II
RFC-1215 Trap
RFC-2863 Interface MIB
RFC-1493 Bridge MIB
RFC-2674 Extended Bridge MIB (Q-Bridge)
RFC-1643
RFC-2665 EtherLike MIB
RFC-2819 RMON MIB (Group 1, 2, 3,9)
RFC-2737 Entity MIB
POWER-ETHERNET-MIB
- IEEE 802.3af PoE / PSE
- End-Span End-Span
-
- 1/2(+), 3/6(-) 1/2(+), 3/6(-)
- 180W 150W
8
- 8
- - 5W
Per Port 48V DC, 350mA .
Max. 15.4 Watts
IEEE 802.3af PoE / PSE
IEEE 802.3at PoE / PSE
Per Port 52V DC, 600mA
Max. 30 Watts
Safety
Standards Compliance
FCC Part 15 Class A, CE
IEEE 802.3 10Base-T
IEEE 802.3u 100Base-TX/100Base-FX
IEEE 802.3z Gigabit SX/LX
IEEE 802.3ab Gigabit 1000Base-T
IEEE 802.3x Flow Control and Back pressure
IEEE 802.1D Spanning tree protocol
IEEE 802.1w Rapid spanning tree protocol
IEEE 802.1p Class of service
IEEE 802.1Q VLAN Tagging
IEEE 802.1x Port Authentication Network Control
IEEE 802.3af Power over Ethernet ( GE-DS-82-POE only)
12
Cable-Fiber-optic cable
GE-DS-82 and NS2503-8P/2C Series User Manual
RFC 768 UDP
RFC 793 TFTP
RFC 791 IP
RFC 792 ICMP
RFC 2068 HTTP
RFC 1112 IGMP version 1
RFC 2236 IGMP version 2
• 50 / 125µm or 62.5 / 125µm multi-mode fiber cable:
- 1000Base-SX: up to 220 / 550m
• 9 / 125µm single-mode cable, provides long distance for :
- 1000Base-LX / ZX: 10 / 15 / 20 / 30 / 40 / 50 / 60 / 70 / 120km (very on fiber
transceiver or SFP module)
13
GE-DS-82 and NS2503-8P/2C Series User Manual
INSTALLATION
This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier
management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front panel
illustrations in this chapter display the unit LED indicators. Before connecting any network device to the Managed Switch,
please read this chapter completely.
Hardware Description
Switch Front Panel
The unit front panel provides a simple interface monitoring the switch. Figure 2-1 to 2-3 shows the front panel of the Managed
Switches.
GE-DS-82 Front Panel
Figure 2-1: GE-DS-82 Switch front panel
GE-DS-82-POE Front Panel
Figure 2-2: GE-DS-82-POE Switch front panel
NS2503-8P/2C Front Panel
Figure 2-3: NS2503-8P/2C Switch front panel
■ 10/100Mbps TP Interface
Port-1~Port-8: 10/100Base-TX Copper, RJ-45 Twist-Pair: Up to 100 meters.
■ Gigabit TP Interface
Port-9, Port-10: 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters.
■ Gigabit SFP Slots
Port-9, Port-10: 1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module: From 550 meters
(Multi-mode fiber), up to 10/30/50/70 kilometers (Single-mode fiber).
14
GE-DS-82 and NS2503-8P/2C Series User Manual
■ Reset button
On the left portion of front panel, the reset button is designed for rebooting the Managed Switch without a power cycle. The
following is the summary table of Reset button functions:
Reset Button Pressed and Released Function
About 1~3 second Reboot the Managed Switch
Reset the Managed Switch to Factory Default configuration.
The Managed Switch will then reboot and load the default
settings as below:
Until the PWR LED lit off
。 Default Password: admin
。 Default IP address: 192.168.0.100
。 Subnet mask: 255.255.255.0
。 Default Gateway: 192.168.0.254
LED Indications
The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot when
needed.
GE-DS-82 LED indication
Figure 2-4: GE-DS-82 LED panel
System
LED Color Function
PWR Green Illuminates to indicate that the Switch has power.
Per 10/100Base-TX RJ-45 port
LED Color Function
LNK/ACT Green
100 Orange
Illuminates to indicate the link through that port is successfully established.
Blink to indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 100Mbps.
Off: indicate that the port is operating at 10Mbps.
15
Per 10/100/1000Base-T port /SFP interfaces
LED Color Function
Lit: indicate that the port is operating at 1000Mbps.
LNK/ACT 1000 Green
LNK/ACT 10/100
GE-DS-82-POE LED indication
Orange
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 10/100Mbps.
Off: indicate that the port is operating at 1000Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 2-5: GE-DS-82-POE LED panel
System
LED Color Function
PWR Green Illuminates to indicate that the Switch has power.
Per 10/100Base-TX, PoE interfaces (Port-1 to Por-8)
LED Color Function
Illuminates:
LNK/ACT
PoE In-Use
Per 10/100/1000Base-T port /SFP interfaces
LED Color Function
LNK/ACT 1000 Green
LNK/ACT 10/100
Green
Orange
Orange
Blink:
Illuminates:
Off:
Lit: indicate that the port is operating at 1000Mbps.
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 10/100Mbps.
Off: indicate that the port is operating at 1000Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
To indicate the link through that port is successfully established.
To indicate that the Switch is actively sending or receiving data over that
port.
To indicate the port is providing 48VDC in-line power.
To indicate the connected device is not a PoE Powered Device (PD).
16
NS2503-8P/2C LED indication
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 2-6: NS2503-8P/2C LED panel
System
LED Color Function
PWR Green Illuminates to indicate that the Switch has power.
Per 10/100Base-TX, PoE interfaces (Port-1 to Por-8)
LED Color Function
Illuminates:
LNK/ACT
PoE In-Use
Per 10/100/1000Base-T port /SFP interfaces
LED Color Function
LNK/ACT 1000 Green
LNK/ACT 10/100
Green
Orange
Orange
Blink:
Illuminates:
Off:
Lit: indicate that the port is operating at 1000Mbps.
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 10/100Mbps.
Off: indicate that the port is operating at 1000Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
To indicate the link through that port is successfully established.
To indicate that the Switch is actively sending or receiving data over that
port.
To indicate the port is providing 48VDC in-line power.
To indicate the connected device is not a PoE Powered Device (PD).
1. Press the RESET button 1-3 seconds. The Switch will reboot automatically.
2. Press the RESET button for about 10 seconds. The Switch will back to the factory default mode; the
entire configuration will be erased.
3. The 2 Gigabit TP/SFP combo ports are shared with ports 9/10 of GE-DS-82, GE-DS-82-POE, and the
NS2503-8P/2C. Either of them can operate at the same time.
17
GE-DS-82 and NS2503-8P/2C Series User Manual
Switch Rear Panel
The rear panel of the Managed Switch indicates an AC inlet power socket, which works with input power range from 100 to
240V AC, 50-60Hz. Figure 2-7 to Figure 2-8 shows the rear panel of the Switch.
GE-DS-82 Rear Panel
Figure 2-7: GE-DS-82 rear panel.
GE-DS-82-POE and NS2503-8P/2C Rear Panel
Figure 2-8: GE-DS-82-POE and NS2503-8P/2C rear panel
■ Console Port
The console port is a DB9, RS-232 male serial port connector. It is an interface for connecting a terminal directly. Through
the console port, it provides rich diagnostic information includes IP Address setting, factory reset, port management, link
status and system setting. Users can use the attached RS-232 cable in the package and connect to the console port on the
device. After the connection, users an run any terminal emulation program (Hyper Terminal, ProComm Plus, Telix, Winterm
and so on) to enter the startup screen of the device.
1. The device requires a power connection to operate. If your networks should active all the time,
please consider using UPS (Uninterrupted Power Supply) for your device. It will prevent you
Power Notice:
from network data loss or network downtime.
2. For additional protection against unregulated voltage or current surges, you may also want to
consider surge suppression as part of your installation.
18
GE-DS-82 and NS2503-8P/2C Series User Manual
Install the Switch
This section describes how to install the Managed Switch and make connections to it. Please read the following topics and
perform the procedures in the order being presented.
Desktop Installation
To install the Managed Switch on desktop or shelf, please follows these steps:
Step1: Attach the rubber feet to the recessed areas on the bottom of the Managed Switch.
Step2: Place the Managed Switch on the desktop or the shelf near an AC power source.
Figure 2-9: Place the Managed Switch on the desktop
Step3: Keep enough ventilation space between the Managed Switch and the surrounding objects.
When choosing a location, please keep in mind the environmental restrictions discussed in
Chapter 1, Section 5, in Product Specification.
Step4: Connect the Managed Switch to network devices.
A. Connect one end of a standard network cable to the 10/100/1000 RJ-45 ports on the front of the Managed Switch
B. Connect the other end of the cable to the network devices such as printer servers, workstations or routers…etc.
Connection to the Managed Switch requires UTP Category 5 network cabling with RJ-45
tips. For more information, please see the Cabling Specification in Appendix A.
Step5: Supply power to the Managed Switch.
A. Connect one end of the power cable to the Managed Switch.
B. Connect the power plug of the power cable to a standard wall outlet.
When the Managed Switch receives power, the Power LED should remain solid Green.
19
GE-DS-82 and NS2503-8P/2C Series User Manual
Rack Mounting
To install the Managed Switch in a 19-inch standard rack, please follows the instructions described below.
Step1: Place the Managed Switch on a hard flat surface, with the front panel positioned towards the front side.
Step2: Attach the rack-mount bracket to each side of the Managed Switch with supplied screws attached to the package.
Figure 2-10 shows how to attach brackets to one side of the Managed Switch.
Figure 2-10: Attach brackets to the Managed Switch
You must use the screws supplied with the mounting brackets. Damage caused to the parts
by using incorrect screws would invalidate the warranty.
Step3: Secure the brackets tightly.
Step4: Follow the same steps to attach the second bracket to the opposite side.
Step5: After the brackets are attached to the Managed Switch, use suitable screws to securely attach the brackets to the rack,
as shown in Figure 2-11.
Figure 2-11: Mounting the Switch in a Rack
Step6: Proceeds with the steps 4 and steps 5 of session 2.2.1 Desktop Installation to connect the network cabling and supply
power to the Managed Switch.
20
GE-DS-82 and NS2503-8P/2C Series User Manual
Installing the SFP Transceiver
The sections describe how to plug-in an SFP transceiver into an SFP slot.
The SFP transceivers are hot-swappable. You can plug-in and out the transceiver to/from any SFP port without a need to shut
down the Managed Switch. As the Figure 2-12 appears.
Figure 2-12: Plug-in the SFP transceiver
Approved IFS SFP Transceivers
IFS Managed switches supports both single mode and multi mode SFP transceivers. Please refer to below chart, as well as IFS
website for latest compatible SFP modules.
1000Base-SX/LX SFP transceiver:
We recommend using IFS SFPs with the Switch. If you insert a SFP transceiver that is not
supported, the Managed Switch will not recognize it.
21
GE-DS-82 and NS2503-8P/2C Series User Manual
Before connecting to the other switches, workstations or Media Converters do the following:
1. Make sure both sides use the same SFP transceiver, for example: 1000Base-SX to 1000Base-SX, or 1000Bas-LX to
1000Base-LX.
2. make sure that the fiber-optic cable type matches the SFP transceiver model.
To connect to 1000Base-SX SFP transceiver, use the multi-mode fiber cable- with one side must be male duplex LC
connector type.
To connect to 1000Base-LX SFP transceiver, use the single-mode fiber cable-with one side must be male duplex
LC connector type.
Connect the fiber cable
1. Attach the duplex LC connector on the network cable into the SFP transceiver.
2. Connect the other end of the cable to a device – switches with SFP installed, fiber NIC on a workstation or a Media
Converter.
3. Check the LNK/ACT LED of the SFP slot on the front of the Switch. Ensure that the SFP transceiver is operating correctly.
4. Check the Link mode of the SFP port if the link failed.
Remove the transceiver module
1. Make sure there is no network activity. Use the management interface of the switch to disable the port in advance.
2. Remove the Fiber Optic Cable gently.
3. Turn the handle of the MGB module to the horizontal position.
4. Pull out the module gently the handle.
Figure 2-13: Pull out the SFP transceiver
Never pull out the module without pull the handle or the push bolts on the module. Direct pull
out the module may damage the module and SFP module slot of the Managed Switch.
22
GE-DS-82 and NS2503-8P/2C Series User Manual
SWITCH MANAGEMENT
This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the
types of management applications and the communication and management protocols that deliver data between your
management device (work-station or personal computer) and the system. It also contains information about port connection
options.
This chapter covers the following topics:
Requirements
Management Access Overview
Administration Console Access
Web Management Access
SNMP Access
Standards, Protocols, and Related Reading
Requirements
Workstations of subscribers running Windows 98/ME, NT4.0, 2000/XP, MAC OS9 or later, Linux, UNIX or other
platform compatible with TCP/IP protocols.
Workstation installed with Ethernet NIC (Network Interface Card)
Ethernet Port connection
Network cables – Use standard network (UTP) cables with RJ45 connectors.
Above Workstation installed with WEB Browser and JAVA runtime environment Plug-in
Serial Port connection
Above PC with COM Port (DB-9 / RS-232) or USB-to-RS-232 converter
It is recommended to use Internet Explore 6.0 or above to access Managed Switch.
23
GE-DS-82 and NS2503-8P/2C Series User Manual
Management Access Overview
The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:
Web browser interface
An external SNMP-based network management application
An administration console
The administration console and Web browser interface support are embedded in the Managed Switch software and are
available for immediate use. Each of these management methods has their own advantages. Table 3-1 compares the three
management methods.
Method Advantages Disadvantages
Web Browser
SNMP Agent
Console
Ideal for configuring the switch remotely
Compatible with all popular browsers
Can be accessed from any location
User friendly GUIs
Communicates with switch functions at
the MIB level
Based on open standards
No IP address or subnet needed
Text-based
Telnet functionality and HyperTerminal
built into Windows
95/98/NT/2000/ME/XP operating
systems
Secure
Table 3-1: Management Methods Comparison
Security can be compromised (hackers need
only know the IP address and subnet mask)
May encounter lag times on poor connections
Requires SNMP manager software
Least visually appealing of all three methods
Some settings require calculations
Security can be compromised (hackers need
only know the community name)
Must be near switch or use dial-up connection
Not convenient for remote users
Modem connection may prove to be unreliable
or slow
24
GE-DS-82 and NS2503-8P/2C Series User Manual
Web Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the
network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the switch, you
can access the Managed Switch’s Web interface applications directly in your Web browser by entering the IP address of the
Managed Switch.
Figure 3-1: Web management
You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location,
just as if you were directly connected to the Managed Switch’s console port. Web Management requires either Microsoft
Internet Explorer 6.0 or later, Safari or Mozilla Firefox 2.0 or later.
Figure 3-2: Web main screen of Managed Switch
SNMP-Based Network Management
You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network
Manager, HP Openview Network Node Management (NNM) or What’sup Gold. This management method requires the SNMP
agent on the switch and the SNMP Network Management Station to use the same community string. This management
method, in fact, uses two community strings: the get community string and the set community string. If the SNMP Net-work
management Station only knows the set community string, it can read and write to the MIBs. However, if it only knows the get
community string, it can only read MIBs. The default gets and sets community strings for the Managed Switch are public.
25
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 3-3: SNMP management
Administration Console
The administration console is an internal, character-oriented, and command line user interface for performing system
administration such as displaying statistics or changing option settings. Using this method, you can view the administration
console from a terminal, personal computer, Apple Macintosh, or workstation connected to the switch’s console (serial) port.
There are two ways to use this management method: via direct access or modem port access. The following sections describe
these methods. For more information about using the console, refer to Chapter 5 Console Management.
Figure 3-4: Console management
Direct Access
Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a
terminal-emulation program (such as HyperTerminal) to the Managed Switch console (serial) port.
When using this management method, a straight DB9 RS-232 cable is required to connect the switch to the PC. After
making this connection, configure the terminal-emulation program to use the following parameters:
The default parameters are:
57600 bps
8 data bits
No parity
1 stop bit
26
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 3-5: Terminal parameter settings
You can change these settings, if desired, after you log on. This management method is often preferred because you can
remain connected and monitor the system during system reboots. Also, certain error messages are sent to the serial port,
regardless of the interface through which the associated action was initiated. A Macintosh or PC attachment can use any
terminal-emulation program for connecting to the terminal serial port. A workstation attachment under UNIX can use an
emulator such as TIP.
Protocols
The Managed Switch supports the following protocols:
Virtual terminal protocols, such as Telnet
Simple Network Management Protocol (SNMP)
Virtual Terminal Protocols
A virtual terminal protocol is a software program, such as Telnet, that allows you to establish a management session from a
Macintosh, a PC, or a UNIX workstation. Because Telnet runs over TCP/IP, you must have at least one IP address configured
on the Managed Switch before you can establish access to it with a virtual terminal protocol.
Terminal emulation differs from a virtual terminal protocol in that you must connect a terminal directly
to the console (serial) port.
To access the Managed Switch through a Telnet session:
1. Be Sure of the Managed Switch is configured with an IP address and the Managed Switch is reachable from a PC.
2. Start the Telnet program on a PC and connect to the Managed Switch.
The management interface is exactly the same with RS-232 console management.
27
GE-DS-82 and NS2503-8P/2C Series User Manual
SNMP Protocol
Simple Network Management Protocol (SNMP) is the standard management protocol for multi-vendor IP networks. SNMP
supports transaction-based queries that allow the protocol to format messages and to transmit information between reporting
devices and data-collection programs. SNMP runs on top of the User Datagram Protocol (UDP), offering a
connectionless-mode service.
Management Architecture
All of the management application modules use the same Messaging Application Programming Interface (MAPI). By unifying
management methods with a single MAPI, configuration parameters set using one method (console port, for example) are
immediately displayable by the other management methods (for example, SNMP agent of Web browser).
The management architecture of the switch adheres to the IEEE open standard. This compliance assures customers that the
Managed Switch is compatible with, and will interoperate with other solutions that adhere to the same open standard.
28
GE-DS-82 and NS2503-8P/2C Series User Manual
Web-Based Management
This section introduces the configuration and functions of the Web-Based management.
About Web-based Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the
network through a standard browser such as Microsoft Internet Explorer.
The Web-Based Management supports Internet Explorer 6.0. It is based on Java Applets with an aim to reduce network
bandwidth consumption, enhance access speed and present an easy viewing screen.
By default, IE6.0 or later version does not allow Java Applets to open sockets. The user has to
explicitly modify the browser setting to enable Java Applets to use network ports.
The Managed Switch can be configured through an Ethernet connection, make sure the manager PC must be set on same the
IP subnet address with the Managed Switch.
For example, the default IP address of the Managed Switch is 192.168.0.100, then the manager PC should be set at
192.168.0.x (where x is a number between 1 and 254, except 100), and the default subnet mask is 255.255.255.0.
If you have changed the default IP address of the Managed Switch to 192.168.1.1 with subnet mask 255.255.255.0 via console,
then the manager PC should be set at 192.168.1.x (where x is a number between 2 and 254) to do the relative configuration on
manager PC.
29
GE-DS-82 and NS2503-8P/2C Series User Manual
Requirements
Workstations of subscribers running Windows 98/ME, NT4.0, 2000/2003/XP, MAC OS9 or later, Linux, UNIX or other
platform compatible with TCP/IP protocols.
Workstation installed with Ethernet NIC (Network Card).
Ethernet Port connection
Network cables – Use standard network (UTP) cables with RJ45 connectors.
Above PC installed with WEB Browser and JAVA runtime environment Plug-in.
It is recommended to use Internet Explore 6.0 or above to access GE-DS-82 and NS2503-8P/2C
series Managed Switches.
Logging on the switch
1. Use Internet Explorer 6.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The
factory-default IP Address as following:
http://192.168.0.100
2. When the following login screen appears, please enter the default username “admin” with password “admin” (or the
username/password you have changed via console) to login the main screen of Managed Switch. The login screen
shown in Figure 4-1-1 will appear.
Figure 4-1-1: Login screen
Default User name: admin
Default Password: admin
1. After entering the username and password, the main screen appears as Figure 4-1-2.
30
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-1-2: Web main page
2. The Switch Menu on the left of the Web page let you access all the commands and statistics the Switch provides.
Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web
interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch
provides.
1. It is recommended to use Internet Explore 6.0 or above to access Managed Switch.
2. The changed IP address take effect immediately after click on the Apply button, you need
to use the new IP address to access the Web interface.
3. For security reason, please change and memorize the new password after this first setup.
4. Only accept command in lowercase letter under web interface.
5. The WEB configuration of GE-DS-82-POE and NS2503-8P/2C is the same with GE-DS-82
except PoE feature, so the NS2503-8P/2C will be the example to describe how to configure
switch and also, will describe PoE configuration in additional.
31
GE-DS-82 and NS2503-8P/2C Series User Manual
Main WEB PAGE
The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to
access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s
Web browser interface to configure and manage it.
Copper Port Link Status
SFP Port Link Status
Main Screen
Figure 4-1-3: Main Page
Main Functions Menu
Panel Display
The web agent displays an image of the Managed Switch’s ports. The Mode can be set to display different information for the
ports, including Link up or Link down. Clicking on the image of a port opens the Port Statistics page.
The port states are illustrated as follows:
State Disabled Down Link
RJ-45 Ports
SFP Ports
PoE Ports
The PoE Ports panel display is only for GE-DS-82-POE and NS2503-8P/2C.
Main Menu
Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or
monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by select the functions
those listed in the Main Function. The screen in Figure 4-1-4 appears.
32
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-1-4: Managed Switch Main Functions Menu
System
Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the
following topics are provided to configure and view the system information: This section has the following items:
■ System Information Provides basic system description, including contact information.
■ IP Configuration Sets the IP address for management access.
■ SNMP Configuration Configure SNMP agent and SNMP Trap.
■ Firmware Upgrade Upgrade the firmware via TFTP server or Web Brower file transfer.
■ Configuration Backup Save/view the Managed Switch configuration to remote host.
Upload the switch configuration from remote host.
■ Factory Default Reset the configuration of the Managed Switch.
■ System Reboot Restarts the Managed Switch.
33
GE-DS-82 and NS2503-8P/2C Series User Manual
System Information
In System information, it has two parts of setting – Basic and Misc Config. We will describe the configure detail in following.
Basic
The Basic System Info page provides information for the current device information. Basic System Info page helps a switch
administrator to identify the model name, firmware / hardware version and MAC address. The screen in Figure 4-2-1 appears.
The page includes the following fields:
Object Description
Model Name:
Description:
MAC Address:
Firmware Version:
Hardware Version:
Figure 4-2-1: Basic System Information screenshot
Display the system name of the Managed Switch.
Describes the Managed Switch.
Displays the unique hardware address assigned by manufacturer (default).
Displays the Managed Switch’s firmware version.
Displays the current hardware version.
34
GE-DS-82 and NS2503-8P/2C Series User Manual
Misc Config
Choose Misc Config from System Information of Managed Switch, the screen in Figure 4-2-2 will appear.
The page includes the following fields:
Object Description
MAC Address Age-out
Time
Broadcast Storm Filter
Mode
Figure 4-2-2: Switch Misc Config screenshot
Type the number of seconds that an inactive MAC address remains in the
switch’s address table. The value is a multiple of 6.
Default is 300 seconds.
To configure broadcast storm control, enable it and set the upper threshold for
individual ports. The threshold is the percentage of the port’s total bandwidth
used by broadcast traffic. When broadcast traffic for a port rises above the
threshold you set, broadcast storm control becomes active.
35
GE-DS-82 and NS2503-8P/2C Series User Manual
The valid threshold values are 1/2, 1/4, 1/8, 1/16 and OFF.
Default is “OFF”.
To select broadcast storm Filter Packets type. If no packets type by selected,
mean can not filter any packets .The Broadcast Storm Filter Mode will show OFF.
Broadcast Storm Filter
Packets Select
Collision Retry Forever
Hash Algorithm
IP/MAC Binding Enable / disable IP MAC Binding function.
802.1x protocol Enable / disable 802.1x protocols function.
The selectable items as below:
Broadcast Packets
IP Multicast
Control Packets
Flooded Unicast / Multicast Packets
Provide Collision Retry Forever function”Disable” or 16, 32, 48 collision numbers
on Managed Switch. If this function is disabled, when a packet meet a collision,
the Managed Switch will retry 6 times before discard the packets. Otherwise, the
Managed Switch will retry until the packet is successfully sent.
Default value is 16.
Provide MAC address table Hashing setting on Managed Switch; available
options are CRC Hash and Direct Map.
Default mode is CRC-Hash.
Apply button
Press the button to complete the configuration.
36
GE-DS-82 and NS2503-8P/2C Series User Manual
IP Configuration
The Managed Switch is a network device which needs to be assigned an IP address for being identified on the network. Users
have to decide on an IP address to the Managed Switch.
IP address overview
What is an IP address?
Each device (such as a computer) which participates in an IP network needs a unique “address” on the network. It’s similar to
having a US mail address so other people have a known way to send you messages. An IP address is a four byte number,
which is usually written in “dot notation” – each of the bytes’ decimal value is written as a number, and the numbers are
separated by “dots” (aka periods). An example: 199.25.123.1
How do I get one for this box?
The IP addresses on most modern corporate nets are assigned by an employee called a “Network Administrator”, or “Sys.
Admin”. This person assigns IP addresses and is responsible for making sure that IP addresses are not duplicated – If this
happens one or both machines with a duplicate address will stop working.
Another possibility is getting your address assigned to you automatically over the net via DHCP protocol. Enable DHCP function,
and reset the machine. If your network is set up for this service, you will get an IP address assigned over the network. If you
don’t get an address in about 30 seconds, you probably don’t have DHCP set up in your network.
IP Configuration
The IP Configuration includes the IP Address, Subnet Mask and Gateway. The Configured column is used to view or change the
IP configuration. Fill up the IP Address, Subnet Mask and Gateway for the device. The screen is shown in Figure 4-2-3.
The page includes the following fields:
Object Description
DHCP
IP Address
Figure 4-2-3: IP configuration interface
Enable or disable the DHCP client function.
When DHCP function is enabled, the Managed Switch will be assigned an IP
address from the network DHCP server. The default IP address will be replaced
by the assigned IP address on DHCP server. After the user clicks Apply, a
popup dialog shows up to inform the user that when the DHCP client is enabled,
the current IP will lose and user should find the new IP on the DHCP server.
Assign the IP address that the network is using.
37
GE-DS-82 and NS2503-8P/2C Series User Manual
If DHCP client function is enabled, this switch is configured as a DHCP client.
The network DHCP server will assign the IP address to the switch and display it
in this column.
The default IP is 192.168.0.100 or the user has to assign an IP address
manually when DHCP Client is disabled.
Assign the subnet mask to the IP address.
Subnet Mask
Gateway
If DHCP client function is disabled, the user has to assign the subnet mask in
this column field.
Assign the network gateway for the switch.
If DHCP client function is disabled, the user has to assign the gateway in this
column field.
The default gateway is 192.168.0.254.
38
GE-DS-82 and NS2503-8P/2C Series User Manual
SNMP Configuration
SNMP Overview
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of
management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP)
protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and
plan for network growth.
Figure 4-2-4: SNMP configuration interface
An SNMP-managed network consists of three key components: Network management stations (NMSs), SNMP agents,
Management information base (MIB) and network-management protocol:
Network management stations (NMSs): Sometimes called consoles, these devices execute management
applications that monitor and control network elements. Physically, NMSs are usually engineering workstation-caliber
computers with fast CPUs, megapixel color displays, substantial memory, and abundant disk space. At least one NMS
must be present in each managed environment.
Agents: Agents are software modules that reside in network elements. They collect and store management
information such as the number of error packets received by a network element.
Management information base (MIB):A MIB is a collection of managed objects residing in a virtual information store.
Collections of related managed objects are defined in specific MIB modules.
Network-management protocol:A management protocol is used to convey management information between
agents and NMSs. SNMP is the Internet community’s de facto standard management protocol.
39
GE-DS-82 and NS2503-8P/2C Series User Manual
SNMP Operations
SNMP itself is a simple request/response protocol. NMSs can send multiple requests without receiving a response.
Get – Allows the NMS to retrieve an object instance from the agent.
Set – Allows the NMS to set values for object instances within an agent.
Trap – Used by the agent to asynchronously inform the NMS of some event. The SNMPv2 trap message is designed
to replace the SNMPv1 trap message.
SNMP community
An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where
information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than one
SNMP community. It will not respond to requests from management stations that do not belong to one of its communities.
SNMP default communities are:
Write = private
Read = public
System Options
Use this page to define management stations. You can also define a name, location, and contact person for the Managed
Switch.
Figure 4-2-5: SNMP configuration interface
The page includes the following fields:
Object Description
System Name
System Location
System Contact
SNMP Status
An assigned name for this managed node. By convention, this is the node’s
fully-qualified domain name. A domain name is a text string drawn from the
alphabet (A-Za-z), digits (0-9), minus sign (-). No space characters are permitted
as part of a name. The first character must be an alpha character. And the first or
last character must not be a minus sign.
The allowed string length is 0 to 255.
The physical location of this node (e.g., telephone closet, 3rd floor).
The textual identification of the contact person for this managed node, together
with information on how to contact this person.
Indicates the SNMP mode operation. Possible modes are:
Enabled: Enable SNMP mode operation.
Disabled: Disable SNMP mode operation.
Community Strings
Community strings serve as passwords and can be entered as one of the following:
40
GE-DS-82 and NS2503-8P/2C Series User Manual
A
The page includes the following fields:
Object Description
Community Strings: Here you can define the new community string set and remove the unwanted
dd
button
Remove
button
Figure 4-2-6: Community strings interface
community string.
String: Fill the name string.
RO: Read only. Enables requests accompanied by this community string to
display MIB-object information.
RW: Read/write. Enables requests accompanied by this community string to
display MIB-object information and to set MIB objects.
Press the button to add the management SNMP community strings on the
Managed Switch.
Press the button to remove the management SNMP community strings that you
defined before on the Managed Switch.
41
GE-DS-82 and NS2503-8P/2C Series User Manual
Trap Managers
A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is defined,
no traps will be issued. To define a management station as a trap manager, assign an IP address, enter the SNMP community
strings, and select the SNMP trap version.
Figure 4-2-7: Trap Managers interface
The page includes the following fields:
Object Description
IP Address:
Community:
Enter the IP address of the trap manager.
Enter the community string for the trap station.
SNMPv3 Groups
Configure SNMPv3 groups table on this page. The entry index keys are Security Model and Security Name.
The SNMPv3 Groups Configuration screen is shown in Figure 4-2-8.
The page includes the following fields:
Figure 4-2-8: SNMP configuration interface
42
GE-DS-82 and NS2503-8P/2C Series User Manual
Object Description
Group Name:
V1 | V2c | USM
Security Name:
Remove
A string identifying the group name that this entry should belong to.
The allowed string length is 1 to 15.
Indicates the security model that this entry should belong to. Possible security
models are:
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM).
A string identifying the security name that this entry should belong to.
The allowed string length is 1 to 15.
Check to delete the entry. It will be deleted during the next save.
SNMPv3 View
Configure SNMPv3 views table on this page. The entry index keys are View Name and OID Subtree.
The SNMPv3 Views Configuration screen is shown in Figure 4-2-9.
The page includes the following fields:
Object Description
View N ame:
Included | Excluded:
View Subtree
View Mask(Hexadecimal
Digits):
Figure 4-2-9: SNMP configuration interface
A string identifying the view name that this entry should belong to.
The allowed string length is 1 to 15.
Indicates the view type that this entry should belong to. Possible view type are:
included: An optional flag to indicate that this view subtree should be
included.
excluded: An optional flag to indicate that this view subtree should be
excluded.
The OID defining the root of the subtree to add to the named view. The allowed
OID length is 1 to 128. The allowed string content is digital number or asterisk(*)
View mask is defined in order to reduce the amount of configuration information
required when fine-grained access control is required (e.g., access control at
the object instance level)
43
GE-DS-82 and NS2503-8P/2C Series User Manual
SNMPv3 Access
Configure SNMPv3 accesses table on this page. The entry index keys are Group Name, Security Model and Security Level.
The SNMPv3 Accesses Configuration screen is shown in Figure 4-2-10.
The page includes the following fields:
Object Description
Group Name:
V1 | V2c | USM:
SNMP Access:
Read View:
Write View:
Notify View:
Figure 4-2-10: SNMP configuration interface
A string identifying the group name that this entry should belong to.
The allowed string length is 1 to 15.
Indicates the security model that this entry should belong to. Possible security
models are:
v1: Reserved for SNMPv1.
v2c: Reserved for SNMPv2c.
usm: User-based Security Model (USM)
Indicates the security model that this entry should belong to. Possible security
models are:
NoAuth: None authentication and none privacy.
Auth: Authentication and privacy.
Authpriv: Authentication and privacy.
The name of the MIB views defining the MIB objects for which this request may
request the current values.
The allowed string length is 1 to 16.
The name of the MIB views defining the MIB objects for which this request may
potentially SET new values.
The allowed string length is 1 to 16.
Set up the notify view.
Remove Check to delete the selected entry. It will be deleted during the next save.
SNMP V3 usm-user
Configure SNMPv3 users table on this page. The entry index keys are Engine ID and User Name.
The SNMPv3 Users Configuration screen is shown in Figure 4-2-11.
44
GE-DS-82 and NS2503-8P/2C Series User Manual
The page includes the following fields:
Object Description
SNMP User Name:
Auth Type:
Auth Key(8~32):
Private Key(8~32):
Remove Check to delete the selected entry. It will be deleted during the next save.
Figure 4-2-11: SNMP configuration interface
A string identifying the user name that this entry should belong to. The allowed
string length is 1 to 15.
Indicates the authentication protocol that this entry should belong to. Possible
authentication protocol are:
None: No authentication protocol.
MD5: An optional flag to indicate that this user using MD5 authentication
protocol.
The value of security level cannot be modified if an entry already exists. The user
must first ensure that the value is set correctly.
A string identifying the authentication pass phrase.
For MD5 authentication protocol, the allowed string length is 8 to 32.
A string identifying the privacy pass phrase.
The allowed string length is 8 to 32.
45
GE-DS-82 and NS2503-8P/2C Series User Manual
Firmware Upgrade
It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol (TFTP) server.
Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server.
TFTP Firmware Upgrade
The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP
server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP
server. The screen is show in Figure 4-2-12.
Use this menu to download a file from specified TFTP server to the Managed Switch.
Figure 4-2-12: Firmware Upgrade interface
The page includes the following fields:
Object Description
TFTP Server IP Address: Type in your TFTP server IP.
Firmware File Name: Type in the name of the firmware image file to be updated.
46
GE-DS-82 and NS2503-8P/2C Series User Manual
HTTP Firmware Upgrade
The HTTP Firmware Upgrade page contains fields for downloading system image files from the Local File browser to the
device. The Web Firmware Upgrade screen in Figure 4-2-13 appears.
Figure 4-2-13: HTTP Firmware Upgrade interface
To open Firmware Upgrade screen perform the following:
1. Click System -> Web Firmware Upgrade.
2. The Firmware Upgrade screen is displayed as in Figure 4-2-13.
3. Click the “Browse” button of the main page, the system would pop up the file selection menu to choose firmware.
47
GE-DS-82 and NS2503-8P/2C Series User Manual
4. Select on the firmware then click “Upload”, the Software Upload Progress would show the file upload status.
Firmware upgrade needs several minutes. Please wait a while, and then manually
refresh the webpage.
Configuration Backup
TFTP Restore Configuration
You can restore a previous backup configuration from the TFTP server to recover the settings. Before doing that, you must
locate the image file on the TFTP server first and the Managed Switch will download back the flash image.
The page includes the following fields:
Object Description
TFTP Server IP Address:
Restore File Name:
Type in the TFTP server IP.
Type in the correct file name for restoring.
Figure 4-2-14: Configuration Restore interface
48
GE-DS-82 and NS2503-8P/2C Series User Manual
TFTP Backup Configuration
You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the configuration
later. It helps you to avoid wasting time on configuring the settings by backing up the configuration.
The page includes the following fields:
Object Description
TFTP Server IP Address:
Backup File Name:
Figure 4-2-15: Configuration Backup interface
Type in the TFTP server IP.
Type in the file name.
Saves configuration without IP address.
Click the hyper link to download configuration
file.
Click the hyper link to download configuration
file without IP address.
49
Factory Default
GE-DS-82 and NS2503-8P/2C Series User Manual
Reset switch to default configuration. Click
System Reboot
Default
Figure 4-2-16: Factory Default interface
to reset all configurations to the default value.
Reboot the switch in software reset. Click
Reboot
Figure 4-2-17: System Reboot interface
to reboot the system.
50
GE-DS-82 and NS2503-8P/2C Series User Manual
Syslog Setting
The Syslog Setting page allows you to configure the logging of messages that are sent to remote syslog servers or other
management stations. You can also limit the event messages sent to only those messages below a specified level.
Figure 4-2-18: Syslog Setting web interface
The page includes the following fields:
Object Description
Syslog Server IP
Log level None: No send syslog message to syslog server, and Max Age parameters
IP address of syslog server.
of the root bridge, regardless of how it is configured.
Major: only send major syslog to syslog server, eg: link up/down, system
warm/cold start
All: send all syslog messages to syslog server.
51
GE-DS-82 and NS2503-8P/2C Series User Manual
SMTP Setting
The SMTP alarm allows user to set E-Mail account and receiver account, system will send error message via E-Mail if there is
event happened.
The page includes the following fields:
Object Description
SMTP E-Mail Alarm
SMTP Server IP Address
SMTP Port
SMTP Authentication
User (Mail Account)
Password:
Sender email address
Mail to
Allows user to enable or disable SMTP alarm function.
For inputting SMTP server IP address
For inputting SMTP port number, the default value is 25.
Allows user to enable SMTP authentication. Because of almost SMTP server
deny relay mail to different domain, so user has to set a valid account for relaying
mail. If the mail just sends to the same domain, it may no need SMTP
authentication. Please consult to your network administrator first.
For inputting mail account name, not mail address.
For inputting mail account password.
For inputting the e-mail address from administrator.
Allows user to input mail address which who will be noticed alarm.
Figure 4-2-19 : SMTP interface
52
GE-DS-82 and NS2503-8P/2C Series User Manual
SNTP
It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol (TFTP) server.
Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server.
Figure 4-2-20: SNTP Setting Screenshot
The page includes the following fields:
Object Description
SNTP
SNTP server IP
UTC Type Provide “Before-UTC” and “After-UTC” options for UTV Type.
Time Range (0~24)
Time
Apply
Help
Provide Disable or enable SNTP function.
Provide inputting the SNTP server IP address.
Provide input the time range and the available range is 0 to 24.
Provide SNTP Time display.
Press this button to take affect.
Press this button for SNTP Setting information.
System Log
The System Log setting page allows you to configure the logging of error message to switch, such as port link down or link up.
You can also limit the event messages sent to only those messages below a specified level. The web screen as Figure 4-2-21
appears.
53
The page includes the following fields:
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-2-21 : System Log interface
Object Description
System Log Mode
Log Level
Apply
Refresh
<Previous
Next>
Hide
Reset
Click Here to download
System Log file
Allows user to enable or disable system log mode.
Allows user to choose Major or All level for sending error message.
Click “Apply” button to set configuration.
Click “Refresh” button to reload system log web page.
Click ”<Previous” button to back pervious system log page.
Click ”Next>” button to go next system log page.
Click “Hide” button to only display / filter the logs within latest 24hrs.
Click “Reset” button to clear all system log.
Click “Click Here to download System Log file” hyper link to download system
log. The download file format is “.csv”, user could open it by Microsoft Excel
program.
54
GE-DS-82 and NS2503-8P/2C Series User Manual
Port Configuration
Use the Port Configuration Menu to display or configure the Managed Switch’s ports. This section has the following items:
Port Control
Port Status
Port Statistics
Port Sniffer
Port Control
In Port control you can configure the settings of each port to control the connection parameters, and the status of each port is
listed beneath.
Configures port connection settings
Display the current Port link status and speed etc.
Lists Ethernet and RMON port statistics
Sets the source and target ports for mirroring
The page includes the following fields:
Object Description
Port
Description Allows user to input port description for labeling the port.
State
Negotiation
Speed
Figure 4-3-1: Port Control interface
Use the scroll bar and click on the port number to choose the port to be
configured.
Current port state. The port can be set to disable or enable mode. If the port state
is set as ‘Disable’, it will not receive or transmit any packet.
Auto and Force. Being set as Auto, the speed and duplex mode are negotiated
automatically. When you set it as Force, you have to set the speed and duplex
mode manually.
It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
55
GE-DS-82 and NS2503-8P/2C Series User Manual
Duplex
Flow Control
Rate Control:
(Unit: 128KBbps)
Security:
It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
Whether or not the receiving node sends feedback to the sending node is
determined by this item. When enabled, once the device exceeds the input data
rate of another device, the receiving device will send a PAUSE frame which halts
the transmission of the sender for a specified period of time. When disabled, the
receiving device will drop the packet if too much to process.
Port-1 ~ Port-24, supports by-port ingress and egress rate control.
For example, assume port 1 is 10Mbps, users can set its effective egress rate at
1Mbps and ingress rate at 500Kbps. Device will perform flow control or
backpressure to confine the ingress rate to meet the specified rate.
Ingress: Type the port effective ingress rate.
The valid range is 0 ~ 8000. The unit is 128K.
0: disable rate control.
1 ~ 8000: valid rate value
Egress: Type the port effective egress rate.
The valid range is 0 ~ 8000. The unit is 128K.
0: disable rate control.
1 ~8000: valid rate value.
A port in security mode will be “locked” without permission of address learning.
Only the incoming packets with SMAC already existing in the address table can
be forwarded normally.
User can disable the port from learning any new MAC addresses, then use the
static MAC addresses screen to define a list of MAC addresses that can use the
secure port. Enter the settings, then click Apply button to change on this page.
User can disable/Enable port broadcast storm filtering option by port.
BSF:
Jumbo Frame:
The three models support up to 9Kbytes jumbo frame forwarding.
The filter mode and filter packets type can be select in Switch Setting > Misc
Config page.
User can disable/Enable port jumbo frame option by port. When port jumbo
frame is enable, the port forward jumbo frame packet.
56
GE-DS-82 and NS2503-8P/2C Series User Manual
Rate Control
This page provides rate control on each port - it contains Ingress and Egress items and the unit is 128Kbps. The rate control
screen is displayed as in Figure 4-3-2.
The page includes the following fields:
Object Description
Rate Control:
(Unit: 128KBbps)
Port
Ingress
Egress
Figure 4-3-2: Rate Control Interface Screenshot
Port-1 ~ Port-10, supports by-port ingress and egress rate control.
For example, assume port 1 is 10Mbps, users can set its effective egress rate at
1Mbps and ingress rate at 500Kbps. Device will perform flow control or
backpressure to confine the ingress rate to meet the specified rate.
Allows user to choose which port will be limited rate speed.
Type the port effective ingress rate.
The valid range is 0 ~ 8000. The unit is 128K.
0: disable rate control.
1 ~ 8000: valid rate value
Type the port effective egress rate.
The valid range is 0 ~ 8000. The unit is 128K.
0: disable rate control.
1 ~8000: valid rate value.
57
GE-DS-82 and NS2503-8P/2C Series User Manual
Port Status
This page displays current port configurations and operating status – it is a ports’ configurations summary table. Via the
summary table, you can know status of each port clear at a glance, like Port Link Up/Link Down status, negotiation, Link Speed,
Rate Control, Duplex mode and Flow Control.
Figure 4-3-3 : Port Status interface
Port Statistics
The following chart provides the current statistic information which displays the real-time packet transfer status for each port.
The user might use the information to plan and implement the network, or check and find the problem when the collision or
heavy traffic occurs.
Figure 4-3-4: Port Statistics interface
58
The page includes the following fields:
Object Description
GE-DS-82 and NS2503-8P/2C Series User Manual
Port:
Description
Link: The status of linking—‘Up’ or ‘Down’.
State:
Tx Good Packet:
Tx Bad Packet:
Rx Good Packet:
Rx Bad Packet:
Tx Abort Packet:
Packet Collision:
Packet Dropped:
Rx Bcast Packet:
The port number.
Shows port description.
It’s set by Port Control. When the state is disabled, the port will not transmit or
receive any packet.
The counts of transmitting good packets via this port.
The counts of transmitting bad packets (including undersize [less than 64 octets],
oversize, CRC Align errors, fragments and jabbers packets) via this port.
The counts of receiving good packets via this port.
The counts of receiving good packets (including undersize [less than 64 octets],
oversize, CRC error, fragments and jabbers) via this port.
The aborted packet while transmitting.
The counts of collision packet.
The counts of dropped packet.
The counts of broadcast packet.
Rx Mcast Packet:
The counts of multicast packet.
59
GE-DS-82 and NS2503-8P/2C Series User Manual
Port Sniffer
The Port Sniffer (mirroring) is a method for monitor traffic in switched networks. Traffic through a port can be monitored by one
specific port. That is, traffic goes in or out a monitored port will be duplicated into sniffer port.
Figure 4-3-5: Port Mirror application
Configuring the port mirroring by assigning a source port from which to copy all packets and a destination port where those
packets will be sent.
60
GE-DS-82 and NS2503-8P/2C Series User Manual
The page includes the following fields:
Object Description
Select a sniffer mode:
Sniffer Type:
Analysis (Monitoring) Port:
Monitored Port:
1 When the Mirror Mode set to RX or TX and the Analysis Port be selected, the packets to
and from the Analysis Port will not be transmitted. The Analysis Port will accept only
COPPIED packets from the Monitored Port.
2 If you want to disable the function, you must select monitor port to none.
It’ means Analysis port can be used to see the traffic on another port you want to
monitor. You can connect Analysis port to LAN analyzer or netxray.
The port you want to monitor. The monitor port traffic will be copied to Analysis
port. You can select one monitor ports in the switch. User can choose which port
that they want to monitor in only one sniffer type.
Figure 4-3-6: Port Sniffer interface
Disable
Rx
Tx
Both
61
GE-DS-82 and NS2503-8P/2C Series User Manual
Protect Port
There are two protected port groups; ports in different groups can’t communicate.
In the same group, protected ports can’t communicate with each other, but can communicate with unprotected ports.
Unprotected ports can communicate with any ports, including protected ports
Figure 4-3-7: Protected Port Setting Web interface
The page includes the following fields:
Object Description
Port ID Identify the Managed Switch interface.
Enable the Protected function on the selected port.
Protected
Group 1
Group 2
Usually, set the Uplink port or the Port is connected to Core switch or router to be the
Untagged port.
If the check box is not shown as
communicate with any port – including protected ports
Set the protected port to be Group 1 member.
Set the protected port to be Group 2 member.
, then this port is an unprotected port and it can
62
GE-DS-82 and NS2503-8P/2C Series User Manual
Remote Ping
The Remote Ping allows user to check the device connection status via ping.
The page includes the following fields:
Object Description
Remote IP Address
Ping Size
Ping
Result
Save
Reset
Clear
Figure 4-3-8: Remote Ping interface
Allows user to define the IP address of remote device.
Allows user to define ping packet size. Generally, the size should be 64.
Click “Ping” button to start ping to remote device.
Shows ping action result.
If the ping successful, it will be showed “Ping Ok, Send 5 Packet, I 5 Packet”.
If the ping failed, it will showed “Ping Failed”
Click “Save” button to save Remote Ping configuration. User can use ping
function even not save configuration, but after WEB page be refreshed the
configuration clear.
Click “Reset” button will reset all Remote Ping configuration and save
automatically.
Click “Clear” button will clear result message.
63
GE-DS-82 and NS2503-8P/2C Series User Manual
VLAN configuration
VLAN Overview
A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical
layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single
LAN. VLAN also logically segment the network into different broadcast domains so that packets are forwarded only between
ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not necessarily.
VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains.
A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with
each other are assigned to the same VLAN, regardless of where they are physically on the network. Logically, a VLAN can be
equated to a broadcast domain, because broadcast packets are forwarded to only members of the VLAN on which the
broadcast was initiated.
1. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN
membership, packets cannot cross VLAN without a network device performing a routing
function between the VLAN.
2. The Managed Switch supports IEEE 802.1Q VLAN. The port untagging function can be used
to remove the 802.1 tag from packet headers to maintain compatibility with devices that are
tag-unaware.
The Managed Switch supports IEEE 802.1Q (tagged-based) and Port-Base VLAN setting in web management page. In the
default configuration, VLAN support is “802.1Q”.
Port-based VLAN
Port-based VLAN limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of the
VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire department.
On port-based VLAN.NIC do not need to be able to identify 802.1Q tags in packet headers. NIC send and receive normal
Ethernet packets. If the packet’s destination lies on the same segment, communications take place using normal Ethernet
protocols. Even though this is always the case, when the destination for a packet lies on another switch port, VLAN
considerations come into play to decide if the packet is dropped by the Managed Switch or delivered.
IEEE 802.1Q VLANs
IEEE 802.1Q (tagged) VLAN are implemented on the Managed Switch. 802.1Q VLAN require tagging, which enables them to
span the entire network (assuming all switches on the network are IEEE 802.1Q-compliant).
VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only
be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast,
multicast and unicast packets from unknown sources.
VLAN can also provide a level of security to your network. IEEE 802.1Q VLAN will only deliver packets between stations that
are members of the VLAN. Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q
VLAN allows VLAN to work with legacy switches that don’t recognize VLAN tags in packet headers. The tagging feature allows
VLAN to span multiple 802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be
enabled on all ports and work normally.
Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLAN allows VLAN to work
with legacy switches that don’t recognize VLAN tags in packet headers. The tagging feature allows VLAN to span multiple
802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work
normally.
Some relevant terms:
- Tagging – The act of putting 802.1Q VLAN information into the header of a packet.
- Untagging – The act of stripping 802.1Q VLAN information out of the packet header.
802.1Q VLAN Tags
The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their
presence is indicated by a value of 0x8100 in the Ether Type field. When a packet’s Ether Type field is equal to 0x8100, the
packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits of user priority,
1 bit of Canonical Format Identifier (CFI – used for encapsulating Token Ring packets so they can be carried across Ethernet
backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID is the VLAN identifier and is
used by the 802.1Q standard. Because the VID is 12 bits long, 4094 unique VLAN can be identified.
The tag is inserted into the packet header making the entire packet longer by 4 octets. All of the information originally contained
in the packet is retained.
64
GE-DS-82 and NS2503-8P/2C Series User Manual
802.1Q Tag
User Priority CFI VLAN ID (VID)
3 bits 1 bits 12 bits
TPID (Tag Protocol Identifier) TCI (Tag Control Information)
2 bytes 2 bytes
Preamble
Destination
Address
6 bytes 6 bytes 4 bytes 2 bytes 46-1517 bytes 4 bytes
The Ether Type and VLAN ID are inserted after the MAC source address, but before the original Ether Type/Length or Logical
Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be
recalculated.
Adding an IEEE802.1Q Tag
Dest. Addr. Src. Addr. Length/E. type Data Old CRC
Source
Address
VLAN TAG
Ethernet
Type
Data FCS
Original Ethernet
Dest. Addr. Src. Addr. E. type Tag Length/E. type Data New CRC
Priority CFI VLAN ID
New Tagged Packet
Port VLAN ID
Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network
device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire
network – if all network devices are 802.1Q compliant).
Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLAN are
defined on the switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagged packets are assigned the
PVID of the port on which they were received. Forwarding decisions are based upon this PVID, in so far as VLAN are
concerned. Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are also assigned a
PVID, but the PVID is not used to make packet forwarding decisions, the VID is.
Tag-aware switches must keep a table to relate PVID within the switch to VID on the network. The switch will compare the VID
of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VID are different the switch will drop
the packet. Because of the existence of the PVID for untagged packets and the VID for tagged packets, tag-aware and
tag-unaware network devices can coexist on the same network.
A switch port can have only one PVID, but can have as many VID as the switch has memory in its VLAN table to store them.
Because some devices on a network may be tag-unaware, a decision must be made at each port on a tag-aware device before
packets are transmitted – should the packet to be transmitted have a tag or not? If the transmitting port is connected to a
tag-unaware device, the packet should be untagged. If the transmitting port is connected to a tag-aware device, the packet
should be tagged.
Default VLANs
The Managed Switch initially configures one VLAN, VID = 1, called “default.” The factory default setting assigns all ports on
the Switch to the “default”. As new VLAN are configured in Port-based mode, their respective member ports are removed from
the “default.”
VLAN and Link aggregation Groups
In order to use VLAN segmentation in conjunction with port link aggregation groups, you can first set the port link aggregation
group(s), and then you may configure VLAN settings. If you wish to change the port link aggregation grouping with VLAN
already in place, you will not need to reconfigure the VLAN settings after changing the port link aggregation group settings.
65
GE-DS-82 and NS2503-8P/2C Series User Manual
VLAN settings will automatically change in conjunction with the change of the port link aggregation group settings.
Static VLAN Configuration
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain. It allows you to isolate network traffic so
only members of the VLAN receive traffic from the same VLAN members. Basically, creating a VLAN from a switch is logically
equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still plug
into the same switch physically.
The Managed Switch supports Port-based and 802.1Q (Tagged-based) VLAN in web management page. In the default
configuration, VLAN support is “802.1Q”.
Figure 4-4-1: Static VLAN interface
1 No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN
membership, packets cannot cross VLAN without a network device performing a routing
function between the VLAN.
2 The Managed Switch supports Port-based VLAN and IEEE 802.1Q VLAN. The port
untagging function can be used to remove the 802.1 tag from packet headers to
maintain compatibility with devices that are tag-unaware.
66
GE-DS-82 and NS2503-8P/2C Series User Manual
Port-based VLAN
Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another
single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.
In order for an end station to send packets to different VLANs, it itself has to be either capable of tagging packets it sends with
VLAN tags or attached to a VLAN-aware bridge that is capable of classifying and tagging the packet with different VLAN ID
based on not only default PVID but also other information about the packet, such as the protocol.
Figure 4-4-2: Port-based VLAN interface
Create a VLAN and add member ports to it
1. Click the hyperlink “VLAN” \ “Static VLAN” to enter the VLAN configuration interface.
2. Select “Port Based VLAN” at the VLAN Operation Mode, to enable the port-based VLAN function.
3. Click “Add “to create a new VLAN group. Then the following Figure 4-4-3 appears.
4. Type a name and Group ID for the new VLAN, the available range is 2-4094.
5. From the Available ports box, select ports to add to the Managed Switch and click “Add”.
6. Click Apply.
7. You will see the VLAN Group displays.
8. If the port-based VLAN groups list over one page, please click “Next Page” to view other VLAN groups on other page.
9. Use “Delete” button to delete unwanted port-based VLAN groups
10. Use “Edit” button to modify existing port-based VLAN groups.
67
GE-DS-82 and NS2503-8P/2C Series User Manual
By adding ports to the VLAN you have created one port-based VLAN group completely.
The page includes the following fields:
Object Description
Use this optional field to specify a name for the VLAN. It can be up to 16
VLAN Name
Group ID
Port
Member
All unselected ports are treated as belonging to another single VLAN. If the port-based
VLAN enabled, the VLAN-tagging is ignored.
alphanumeric characters long, including blanks.
You can configure the ID number of the VLAN by this item. This field is used to add
VLANs one at a time. The VLAN group ID and available range is 2-4094.
Indicate port 1 to port 10.
Add
Remove
Figure 4-4-3: Static VLAN interface
Defines the interface as a Port-Based member of a VLAN.
Forbidden ports are not included in the VLAN.
68
GE-DS-82 and NS2503-8P/2C Series User Manual
802.1Q VLAN
Tagged-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices from
different switch vendors. IEEE 802.1Q VLAN uses a technique to insert a “tag” into the Ethernet frames. Tag contains a VLAN
Identifier (VID) that indicates the VLAN numbers.
You can create and delete Tag-based VLAN. There are a total of 256 VLAN groups to provide configure. Once 802.1Q VLAN is
enabled, all ports bleong to the default VLAN with the default VID defined as 1. The default VLAN can’t be deleted.
Understand nomenclature of the Switch
■ IEEE 802.1Q Tagged and Untagged
Every port on an 802.1Q compliant switch can be configured as tagged or untagged.
Tagged
Untgged
Frame Leave
Ports with tagging enabled will put the VID number, priority and other VLAN information into the
header of all packets that flow into those ports. If a packet has previously been tagged, the port
will not alter the packet, thus keeping the VLAN information intact. The VLAN information in the
tag can then be used by other 802.1Q compliant devices on the network to make
packet-forwarding decisions.
Ports with untagging enabled will strip the 802.1Q tag from all packets that flow into those
ports. If the packet doesn’t have an 802.1Q VLAN tag, the port will not alter the packet. Thus,
all packets received by and forwarded by an untagging port will have no 802.1Q VLAN
information. (Remember that the PVID is only used internally within the Switch). Untagging is
used to send packets from an 802.1Q-compliant network device to a non-compliant network
device.
Frame Income
Income Frame is tagged Income Frame is untagged
Leave port is tagged Frame remains tagged Tag is inserted
Leave port is untagged Tag is removed Frame remain untagged
69
VLAN Group Configuration
VLAN Group Configuration
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-4-4: VLAN Group Configuration interface
1. Click the hyperlink “VLAN” \ “Static VLAN” to enter the VLAN configuration interface.
2. Select “802.1Q” at the VLAN Operation Mode, to enable the 802.1Q VLAN function.
3. Click Add to create a new VLAN group or Edit to manage existing VLAN groups. Then the VLAN Group column appears.
4. Define a VLAN group ID. Available range is 2-4094.
70
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-4-5: VLAN Group Configuration interface
5. Select specific port as member port and the screen in Figure 4-4-6 appears.
6. After setup completed, please press “Apply” button to take effect.
7. Please press “Back” for return to VLAN configuration screen to add other VLAN group, the screen in Figure 4-33
appears.
8. If there are many groups exceeding the limit of one page, you can click Next to view other VLAN groups.
9. Use Delete button to delete unwanted VLAN.
10. Use Edit button to modify existing VLAN group.
71
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-4-6: 802.1Q VLAN Setting Web Page screen
The page includes the following fields:
Object Description
VLAN Name
VLAN ID
Port
UnTag Member
Once 802.1Q VLAN is enabled, all ports bleong to the default VLAN with the default VID
defined as 1. The default VLAN can’t be deleted.
Use this optional field to specify a name for the VLAN. It can be up to 16
alphanumeric characters long, including blanks.
You can configure the ID number of the VLAN by this item. This field is used to
add VLANs one at a time.
The VLAN group ID and available range is 2-4094.
Indicate port 1 to port 10.
Untag
Tag
Packets forwarded by the interface are untagged.
Defines the interface as a tagged member of a VLAN. All packets
forwarded by the interface are tagged. The packets contain VLAN
information.
72
GE-DS-82 and NS2503-8P/2C Series User Manual
VLAN Filter
802.1Q VLAN Port Configuration
This page is used for configuring the Switch port VLAN. The VLAN per Port Configuration page contains fields for managing
ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Configuration page. All untagged
packets arriving to the device are tagged by the ports PVID.
This section provides 802.1Q Ingress Filter of each port from the Switch, the screen in Figure 4-4-7 appears.
The page includes the following fields:
Object Description
NO
PVID
Ingress Filtering 1
Indicate port 1 to port 10.
Set the port VLAN ID that will be assigned to untagged traffic on a given port.
This feature is useful for accommodating devices that you want to participate in
the VLAN but that don’t support tagging.
Each port allows user to set one VLAN ID, the range being 1~255, and the
default VLAN ID is 1.
The VLAN ID must be the as same as the VLAN ID of the group the port belongs
to, otherwise the untagged traffic will be dropped.
Ingress filtering lets frames belonging to a specific VLAN to be forwarded if the
port belongs to that VLAN.
Enable: Forward only packets with VID matching this port’s configured VID.
Figure 4-4-7: 802.1Q Ingress filter interface
73
GE-DS-82 and NS2503-8P/2C Series User Manual
Disable: Disable Ingress filter function.
Drop untagged frame.
Ingress Filtering 2
Apply button
Disable: Accepts all Packets.
Enable: Only packet with a matching VLAN ID can be allowed to go through the
port.
Press the button to save configurations.
Q-in-Q VLAN
■ IEEE 802.1Q Tunneling (Q-in-Q)
IEEE 802.1Q Tunneling (QinQ) is designed for service providers carrying traffic for multiple customers across their networks.
QinQ tunneling is used to maintain customer-specific VLAN and Layer 2 protocol configurations even when different customers
use the same internal VLAN IDs. This is accomplished by inserting Service Provider VLAN (SPVLAN) tags into the customer’s
frames when they enter the service provider’s network, and then stripping the tags when the frames leave the network.
A service provider’s customers may have specific requirements for their internal VLAN IDs and number of VLANs supported.
VLAN ranges required by different customers in the same service-provider network might easily overlap, and traffic passing
through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer would restrict customer
configurations, require intensive processing of VLAN mapping tables, and could easily exceed the maximum VLAN limit of
4096.
74
GE-DS-82 and NS2503-8P/2C Series User Manual
The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge,
aggregating traffic from numerous independent customer LANs into the MAN (Metro Access Network) space. One of the
purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used
independent of the customers’ VLANs. This is accomplished by adding a VLAN tag with a MAN-related VID for frames entering
the MAN. When leaving the MAN, the tag is stripped and the original VLAN tag with the customer-related VID is again available.
This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering
with the VLAN tags. All tags use Ether Type 0x8100 or 0x88A8, where 0x8100 is used for customer tags and 0x88A8 are used
for service provider tags.
In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the particular
VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC table
requirements is reduced.
Q-in-Q Port Setting
The QinQ VLAN \ QinQ Port Setting screen in Figure 4-4-8 appears.
Figure 4-4-8: Q-in-Q Port Setting interface
75
The page includes the following fields:
Object Description
Enable: Sets the Managed Switch to QinQ mode, and allows the QinQ tunnel port to
QinQ
QinQ TPID
Disable:
The default is for the Managed Switch to function in Disable mode.
The Tag Protocol Identifier (TPID) specifies the ethertype of incoming packets on a
tunnel access port.
802.1Q Tag : 8100
vMAN Tag : 88A8
Default : 802.1Q Tag.
GE-DS-82 and NS2503-8P/2C Series User Manual
be configured.
The Managed Switch operates in its normal VLAN mode.
Port QinQ
QinQ Uplink
Check: Sets the Port to QinQ mode. Or the port operates in its normal VLAN mode.
Default: Un-check.
Check:
Cancel:
Configures IEEE 802.1Q tunneling (QinQ) for an uplink port to another device
within the service provider network.
Configures IEEE 802.1Q tunneling (QinQ) for a client access port to segregate
and preserve customer VLAN IDs for traffic crossing the service provider
network.
76
GE-DS-82 and NS2503-8P/2C Series User Manual
Q-in-Q Tunnel Setting
Business customers of service providers often have specific requirements for VLAN IDs and the number of VLANs to be
supported. The VLAN ranges required by different customers in the same service-provider network might overlap, and traffic of
customers through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer would restrict
customer configurations and could easily exceed the VLAN limit (4096) of the IEEE 802.1Q specification.
Using the QinQ feature, service providers can use a single VLAN to support customers who have multiple VLANs. Customer
VLAN IDs are preserved, and traffic from different customers is segregated within the service-provider network, even when they
appear to be in the same VLAN. Using QinQ expands VLAN space by using a VLAN-in-VLAN hierarchy and retagging the
tagged packets. A port configured to support QinQ is called a QinQ user-port. A port configured to support QinQ Uplink is called
a QinQ uplink-port.
Figure 4-4-9: Q-in-Q Tunnel Setting interface
To configure QinQ Port
1. Enable global QinQ function: select QinQ enable “Enable”.
2. Fill QinQ Tpid.
3. Enable port QinQ function: select QinQ checkbox for special port.
4. Enable port QinQ Uplink function: select QinQ Uplink checkbox for special port.
77
GE-DS-82 and NS2503-8P/2C Series User Manual
GVRP VLAN
GVRP (GARP VLAN Registration Protocol or Generic VLAN Registration Protocol) is a protocol that facilitates control of
virtual local area networks (VLANs) within a larger network. GVRP conforms to the IEEE 802.1Q specification, which defines a
method of tagging frames with VLAN configuration data. This allows network devices to dynamically exchange VLAN
configuration information with other devices.
78
GE-DS-82 and NS2503-8P/2C Series User Manual
GVRP Setting
To configure GVRP
Enable global GVRP function: select GVRP enable “Enable”.
Enable port GVRP function: select GVRP checkbox for special port.
The page includes the following fields:
Object Description
GVRP
Port
Port GVRP
Enable global GVRP function
Indicate port 1 to port 10.
Enable selected port GVRP function
Figure 4-4-10: GVRP Configuration Web interface
79
GE-DS-82 and NS2503-8P/2C Series User Manual
GVRP Table
The GVRP Table can be used to display dynamic VLANs from being learned via GVRP.
The page includes the following fields:
Object Description
VLAN ID
Port Members
Display the learned VLANs via GVRP protocol on GVRP enabled ports.
The Managed Switch allows displaying up to 128 dynamic VLAN entries.
Identify the GVRP enabled port that dynamic VLAN is learned from.
Figure 4-4-11: GVRP Table Web interface
80
GE-DS-82 and NS2503-8P/2C Series User Manual
Spanning Tree Protocol
Theory
The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches,
bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route
exists between any two stations on the network, and provide backup links which automatically take over when a primary link
goes down. The spanning tree algorithms supported by this Managed Switch include these versions:
STP – Spanning Tree Protocol (IEEE 802.1D)
MSTP – Multiple Spanning Tree Protocol (IEEE 802.1s)
STP – The Spanning Tree Protocol (STP) is a standardized method (IEEE 802.1D) for avoiding loops in switching networks.
Enable STP to ensure that only one path at a time is active between any two nodes on the network.
MSTP – The Multiple Spanning Tree Protocol (MSTP) is a standardized method (IEEE 802.1S) for providing simple and full
connectivity for frames assigned to any given VLAN throughout a Bridged Local Area Network comprising arbitrarily
interconnected Bridges, each operating MSTP, STP , or RSTP. MSTP allows frames assigned to different VLANs to follow
separate paths, each based on an independent Multiple Spanning Tree Instance (MSTI), within Multiple Spanning Tree
(MST) Regions composed of LANs and or MST Bridges. These Regions and the other Bridges and LANs are connected into a
single Common Spanning Tree (CST).
The IEEE 802.1D Spanning Tree Protocol and IEEE 802.1s Multiple Spanning Tree Protocol allow for the blocking of links
between switches that form loops within the network. When multiple links between switches are detected, a primary link is
established. Duplicated links are blocked from use and become standby links. The protocol allows for the duplicate links to be
used in the event of a failure of the primary link. Once the Spanning Tree Protocol is configured and enabled, primary links are
established and duplicated links are blocked automatically. The reactivation of the blocked links (at the time of a primary link
failure) is also accomplished automatically without operator intervention.
This automatic network reconfiguration provides maximum uptime to network users. However, the concepts of the Spanning
Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood. It is possible
to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured. Please read the
following before making any changes from the default values.
The Switch STP performs the following functions:
Creates a single spanning tree from any combination of switching or bridging elements.
Creates multiple spanning trees – from any combination of ports contained within a single switch, in user specified
groups.
Automatically reconfigures the spanning tree to compensate for the failure, addition, or removal of any element in
the tree.
Reconfigures the spanning tree without operator intervention.
81
GE-DS-82 and NS2503-8P/2C Series User Manual
Bridge Protocol Data Units
For STP to arrive at a stable network topology, the following information is used:
The unique switch identifier
The path cost to the root associated with each switch port
The port identifier
STP communicates between switches on the network using Bridge Protocol Data Units (BPDUs). Each BPDU contains the
following information:
The unique identifier of the switch that the transmitting switch currently believes is the root switch.
The path cost to the root from the transmitting port.
The port identifier of the transmitting port.
The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on
which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch
uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
The communication between switches via BPDUs results in the following:
One switch is elected as the root switch.
The shortest distance to the root switch is calculated for each switch.
A designated switch is selected. This is the switch closest to the root switch through which packets will be
forwarded to the root.
A port for each switch is selected. This is the port providing the best path from the switch to the root switch.
Ports included in the STP are selected.
Creating a Stable STP Topology
It is to make the root port used the fastest link. If all switches have STP enabled with default settings, the switch with the lowest
MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best
switch, STP can be forced to select the best switch as the root switch.
When STP is enabled using the default parameters, the path between source and destination stations in a switched network
might not be ideal. For instance, connecting higher-speed links to a port that has a higher number than the current root port can
cause a root-port change.
STP Port States
The BPDUs take some time to pass through a network. This propagation delay can result in topology changes where a port that
transitioned directly from a Blocking state to a Forwarding state could create temporary data loops. Ports must wait for new
network topology information to propagate throughout the network before starting to forward packets. They must also wait for
the packet lifetime to expire for BPDU packets that were forwarded based on the old topology. The forward delay timer is used
to allow the network topology to stabilize after a topology change. In addition, STP specifies a series of states a port must
transition through to further ensure that a stable network topology is created after a topology change.
82
GE-DS-82 and NS2503-8P/2C Series User Manual
Each port on a switch using STP exists is in one of the following five states:
Blocking – the port is blocked from forwarding or receiving packets.
Listening – the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state.
Learning – the port is adding addresses to its forwarding database, but not yet forwarding packets.
Forwarding – the port is forwarding packets.
Disabled – the port only responds to network management messages and must return to the blocking state first.
A port transitions from one state to another as follows:
From initialization (switch boot) to blocking.
From blocking to listening or to disabled.
From listening to learning or to disabled.
From learning to forwarding or to disabled.
From forwarding to disabled.
From disabled to blocking.
Switch
Blocking
Listening
Learning
Forwarding
Figure 4-5-1: STP Port State Transitions
You can modify each port state by using management software. When you enable STP, every port on every switch in the
network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly
configured, each port stabilizes to the forwarding or blocking state. No packets (except BPDUs) are forwarded from, or received
by, STP enabled ports until the forwarding state is enabled for that port.
Disable
83
GE-DS-82 and NS2503-8P/2C Series User Manual
Illustration of STP
A simple illustration of three switches connected in a loop is depicted in the below diagram. In this example, you can anticipate
some major network problems if the STP assistance is not applied.
Figure 4-5-2: Before Applying the STA Rules
If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to switch
A and so on. The broadcast packet will be passed indefinitely in a loop, potentially causing a network failure. In this example,
STP breaks the loop by blocking the connection between switch B and C. The decision to block a particular connection is based
on the STP calculation of the most current Bridge and Port settings.
Now, if switch A broadcasts a packet to switch C, then switch C will drop the packet at port 2 and the broadcast will end there.
Setting-up STP using values other than the defaults, can be complex. Therefore, you are advised to keep the default factory
settings and STP will automatically assign root bridges/ports and block loop connections. Influencing STP to choose a particular
switch as the root bridge using the Priority setting, or influencing STP to choose a particular port to block using the Port Priority
and Port Cost settings is, however, relatively straight forward.
In this example, only the default STP values are used.
The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost
between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one
(optional) Gigabit port on both switch B and C. The redundant link between switch B and C is deliberately chosen as a 100
Mbps Fast Ethernet link (default port cost = 200,000). Gigabit ports could be used, but the port cost should be increased from
the default to ensure that the link between switch B and switch C is the blocked link.
84
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-5-3: After Applying the STA Rules
STP Parameters
STP Operation Levels
The Switch allows for two levels of operation: the switch level and the port level. The switch level forms a spanning tree
consisting of links between one or more switches. The port level constructs a spanning tree consisting of groups of one or more
ports. The STP operates in much the same way for both levels.
On the switch level, STP calculates the Bridge Identifier for each switch and then sets the Root
Bridge and the Designated Bridges.
On the port level, STP sets the Root Port and the Designated Ports.
The following are the user-configurable STP parameters for the switch level:
Parameter Description Default Value
Bridge Identifier(Not user
configurable
except by setting priority
below)
Priority
Hello Time
Maximum Age Timer
A combination of the User-set priority and
the switch’s MAC address.
The Bridge Identifier consists of two parts:
a 16-bit priority and a 48-bit Ethernet MAC
address 32768 + MAC.
A relative priority for each switch – lower
numbers give a higher priority and a greater
chance of a given switch being elected as
the root bridge.
The length of time between broadcasts of
the hello message by the switch.
Measures the age of a received BPDU for a
port and ensures that the BPDU is discarded
when its age exceeds the value of the
32768 + MAC
32768
2 seconds
20 seconds
85
GE-DS-82 and NS2503-8P/2C Series User Manual
maximum age timer.
Forward Delay Timer
The following are the user-configurable STP parameters for the port or port group level:
Variable Description Default Value
Port Priority
A relative priority for each
port –lower numbers give a higher priority
and a greater chance of a given port being
elected as the root port.
The amount time spent by a port in the
learning and listening states waiting for a
BPDU that may return the port to the
blocking state.
128
15 seconds
Port Cost
Default Spanning-Tree Configuration
A value used by STP to evaluate paths –
STP calculates path costs and selects the
path with the minimum cost as the active
path.
Feature Default Value
Enable state STP disabled for all ports
Port priority 128
Port cost 0
Bridge Priority 32,768
The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will
occur.
Observe the following formulas when setting the above parameters:
Max. Age _ 2 x (Forward Delay – 1 second)
Max. Age _ 2 x (Hello Time + 1 second)
STP System Configuration
200,000-100Mbps Fast Ethernet ports
20,000-1000Mbps Gigabit Ethernet ports
0 – Auto
This section provides STP-System Configuration from the Managed Switch, the screen in Figure 4-5-4 appears.
The user can view spanning tree information of Root Bridge.
86
Apply
.
The user can modify STP state. After modification, click
GE-DS-82 and NS2503-8P/2C Series User Manual
The page includes the following fields:
Object Description
STP Stat e:
Protocol Version
Priority (0-61440):
Max Age (6-40):
Hello Time (1-10):
Figure 4-5-4: STP System Configuration interface
The user must enable the STP function first before configuring the related
parameters.
A value used to specify the spanning tree protocol, the original spanning tree
protocol (STP, 802.1d) or the multiple spanning tree protocol (MSTP, 802.1s).
The switch with the lowest value has the highest priority and is selected as the
root. If the value is changed, the user must reboot the switch.
The value must be a multiple of 4096 according to the protocol standard rule.
The number of seconds a switch waits without receiving Spanning-tree Protocol
configuration messages before attempting a reconfiguration.
Enter a value between 6 through 40.
The time that controls the switch to send out the BPDU packet to check STP
current status.
Enter a value between 1 through 10.
The number of seconds a port waits before changing from its Rapid
Forward Delay Time
(4-30):
Spanning-Tree Protocol learning and listening states to the forwarding state.
Enter a value between 4 through 30.
87
GE-DS-82 and NS2503-8P/2C Series User Manual
Follow the rule as below to configure the MAX Age, Hello Time, and Forward Delay Time.
2 x (Forward Delay Time value –1) > = Max Age value >= 2 x (Hello Time value +1).
Each switch in a spanning-tree adopts the Hello Time, Forward Delay time, and Max Age
parameters of the root bridge, regardless of how it is configured.
Root Bridge Information
This page provides a status overview for all STP bridge instances.
The displayed table contains a row for each STP bridge instance, where the column displays the following information:
The STP Bridge Status screen in Figure 4-5-5 appears.
Figure 4-5-5: STP Bridge Status page screenshot
88
The page includes the following fields:
Object Description
Priority
MAC Address
Root Path Cost
Root Port
GE-DS-82 and NS2503-8P/2C Series User Manual
The bridge identifier of the root bridge. It is made up from the bridge priority and
the base MAC address of the bridge.
The bridge identifier of the root bridge. It is made up from the bridge priority and
the base MAC address of the bridge.
For the Root Bridge this is zero. For all other Bridges, it is the sum of the Port
Path Costs on the least cost path to the Root Bridge.
The switch port currently assigned the root port role.
Maximum Age
Hello Time
Forward Delay
Path Cost to the Designated Root for the Root Bridge.
Minimum time between transmissions of Configuration BPDUs.
Derived value of the Root Port Bridge Forward Delay parameter.
89
GE-DS-82 and NS2503-8P/2C Series User Manual
Port Configuration
This web page provides the port configuration interface for STP. You can assign higher or lower priority to each port. Spanning
tree protocol will have the port with the higher priority in forwarding state and block other ports to make certain that there is no
loop in the LAN.
The page includes the following fields:
Object Description
Path Cost:
Priority:
Figure 4-5-6: STP Port Configuration interface
The cost of the path to the other bridge from this transmitting bridge at the
specified port.
Enter a number 1 through 200,000,000.
Decide which port should be blocked by setting its priority as the lowest. Enter a
number between 0 and 240.
The value of priority must be the multiple of 16.
90
Admin P2P:
GE-DS-82 and NS2503-8P/2C Series User Manual
The rapid state transitions possible within STP are dependent upon whether the
port concerned can only be connected to exactly another bridge (i.e. it is served
by a point-to-point LAN segment), or can be connected to two or more bridges
(i.e. it is served by a shared medium LAN segment). This function allows the P2P
status of the link to be manipulated administratively.
YES means the port is regarded as a point-to-point link.
NO means the port is regarded as a shared link.
AUTO means the link type is determined by the auto-negotiation between
the two peers.
Admin Edge:
Admin Non STP:
Path cost “0” is used to indicate auto-configuration mode. When the short path cost method is selected
and the default path cost recommended by the IEEE 8021w standard exceeds 65,535, the default is set
to 65,535.
By default, the system automatically detects the speed and duplex mode used on each port, and configures the path cost
according to the values shown below.
Port Type IEEE 802.1D-1998 IEEE 802.1w-2001
Ethernet
Fast Ethernet
Gigabit Ethernet
Port Type Link Type IEEE 802.1D-1998 IEEE 802.1w-2001
Ethernet
Fast Ethernet
Gigabit Ethernet
The port directly connected to end stations won’t create bridging loop in the
network. To configure the port as an edge port, set the port to “YES” status.
The port includes the STP mathematic calculation.
YES is not including STP mathematic calculation.
NO is including the STP mathematic calculation.
50-600 200,000-20,000,000
10-60 20,000-2,000,000
3-10 2,000-200,000
Table 4-5-1: Recommended STP Path Cost Range
Half Duplex
Full Duplex
Trunk
Half Duplex
Full Duplex
Trunk
Full Duplex
Trunk
Table 4-5-2: Recommended STP Path Costs
100
95
90
19
18
15
4
3
2,000,000
1,999,999
1,000,000
200,000
100,000
50,000
10,000
5,000
91
GE-DS-82 and NS2503-8P/2C Series User Manual
Trunking
Port trunking is the combination of several ports or network cables to expand the connection speed beyond the limits of any one
single port or network cable. The Managed Switch supports two types of port trunk technology:
Static Trunk
LACP
The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner
Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation
Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception
functions in an orderly manner. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection.
This feature can expand bandwidth to a device on the network. LACP operation requires full-duplex mode, more detail
information refers to IEEE 802.3ad.
92
GE-DS-82 and NS2503-8P/2C Series User Manual
Aggregator setting
This section provides Port Trunk-Aggregator Setting of each port from the Managed Switch, the screen in Figure 4-6-1 appears.
Figure 4-6-1: Port Trunk—Aggregator setting interface (two ports are added to the left field with LACP enabled)
The page includes the following fields:
Object Description
System Priority:
Group ID:
LACP:
A value which is used to identify the active LACP. The Managed Switch with the
lowest value has the highest priority and is selected as the active LACP peer of
the trunk group.
There are 13 trunk groups to be selected. Assign the “Group ID” to the trunk
group.
Enabled, the trunk group is using LACP. A port which joins an LACP trunk
group has to make an agreement with its member ports first.
Disabled, the trunk group is a static trunk group. The advantage of having
the LACP disabled is that a port joins the trunk group without any
handshaking with its member ports; but member ports won’t know that they
should be aggregated together to form a logic trunk group.
93
GE-DS-82 and NS2503-8P/2C Series User Manual
This column field allows the user to type in the total number of active port up to
four. With LACP static trunk group, e.g. you assign four ports to be the
Work ports:
Please notice that a trunk group, including member ports split between two switches, has to enable the
LACP function of the two switches.
members of a trunk group whose work ports column field is set as two; the
exceed ports are standby/redundant ports and can be aggregated if working
ports fail. If it is a static trunk group (non-LACP), the number of work ports must
equal the total number of group member ports.
Aggregator Information
When you had setup the LACP aggregator, you will see relation information in here.
LACP disabled
Having set up the aggregator setting with LACP disabled, you will see the local static trunk group information on the tab of
Aggregator Information.
Figure 4-6-2: Assigning 2 ports to a trunk group with LACP disabled
94
GE-DS-82 and NS2503-8P/2C Series User Manual
The page includes the following fields:
Object Description
Group Key:
Port Member:
Figure 4-6-3: Static Trunking Group information
This is a read-only column field that displays the trunk group ID.
This is a read-only column field that displays the members of this static trunk
group.
LACP enabled
Having set up the aggregator setting with LACP enabled, you will see the trunking group information between two switches on
the tab of Aggregator Information.
Switch 1 configuration
1. Set System Priority of the trunk group. The default is 32768.
2. Select a trunk group ID by pull down the drop-down menu bar.
3. Enable LACP.
4. Include the member ports by clicking the Add button after selecting the port number and the column field of Work
Ports changes automatically.
95
GE-DS-82 and NS2503-8P/2C Series User Manual
Figure 4-6-4: Aggregation Information of Switch 1
5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above
after the two switches configured.
Switch 2 configuration
6. Set System Priority of the trunk group. For example: 1.
7. Select a trunk group ID by pull down the drop-down menu bar.
8. Enable LACP.
9. Include the member ports by clicking the Add button after selecting the port number and the column field of Work
Ports changes automatically.
96
Loading...