Lancom GS-1224 User Manual

...connecting your business

LANCOM GS-1224

© 2009 LANCOM Systems GmbH, Wuerselen (Germany). All rights reserved.

209

While the information in this manual has been compiled with great care, it may not be deemed an assurance of product
characteristics. LANCOM Systems shall be liable only to the degree specified in the terms of sale and delivery.

The reproduction and distribution of the documentation and software supplied with this product and the use of its contents
is subject to written authorization from LANCOM Systems. We reserve the right to make any alterations that arise as the
result of technical development.

Windows®, Windows Vista™, Windows NT® and Microsoft® are registered trademarks of Microsoft, Corp.

The LANCOM Systems logo, LCOS and the name LANCOM are registered trademarks of LANCOM Systems GmbH. All other
names or descriptions used may be trademarks or registered trademarks of their owners.

Subject to change without notice. No liability for technical errors or omissions.

Products from LANCOM Systems include software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http:/

/www.openssl.org/).

Products from LANCOM Systems include cryptographic software written by Eric Young (eay@cryptsoft.com

).

Products from LANCOM Systems include software developed by the NetBSD Foundation, Inc. and its contributors.

Products from LANCOM Systems contain the LZMA SDK developed by Igor Pavlov.

LANCOM Systems GmbH

Adenauerstr. 20/B2

52146 Wuerselen

Germany

www.lancom.eu

Wuerselen, Dezember 2009

/1

LANCOM GS-1224

쮿 Preface

Preface

Thank you for your confidence in us!

LANCOM Switches are ideally suited to small, medium- sized and performance
networks in business environments.

The LANCOM GS-1224 switch features 20 Gigabit-Ethernet and four combo
ports (TP/SFP), it integrates perfectly into LANCOM's Advanced Routing und
Forwarding and it supports up to 24 active VLANs. It uses bandwidth control
to prioritize the data traffic according to predefined criteria (e.g. voice data or
certain ports).

The LANCOM Switch can be managed with the clearly structured Webconfig
and is supported by the LANCOM Management Tools (LANconfig and
LANmonitor).

EN

This documentation was created by …

... several members of our staff from a variety of departments in order to
ensure you the best possible support when using your

Should you find any errors, or if you would like to suggest improvements, ple­ase do not hesitate to send an e-mail directly to:

info@lancom.eu

Our online services www.lancom.eu are available to you around the



clock if you have any questions on the content in this manual, or if you
require any further support. The area 'Support' will help you with
many answers to frequently asked questions (FAQs). Furthermore, the
knowledgebase offers you a large reserve of information. The latest
drivers, firmware, utilities and documentation are constantly available
for download.
In addition, LANCOM Support is available. For telephone numbers
and contact addresses for LANCOM Support, please refer to the enc­losed leaflet or the LANCOM Systems Web site.

LANCOM

product.

3

LANCOM GS-1224

쮿 Preface

Information symbols

Very important instructions. Failure to observe these may result in damage.



Important instruction that should be observed.



EN

Additional information that may be helpful but is not essential.



4

LANCOM GS-1224

쮿 Contents

Contents

1 Introduction 7

1.1 Key Features in the Device 7

1.2 Just what can your LANCOM Switch do? 8

2 Installation 10

2.1 Package content 10

2.2 System requirements 10

2.3 Status displays and interfaces 10

2.3.1 Connectors, LEDs and buttons on the LANCOM GS-1224
11

2.3.2 Connectors on rear of the LANCOM GS-1224 12

EN

2.4 Mounting and connecting up the LANCOM Switch 12

2.5 Software installation 13

2.5.1 Starting the software setup 13

2.5.2 Which software should I install? 14

3 Configuring and monitoring the LANCOM Switch 15

3.1 Configuration with WEBconfig 15

3.2 Back up and reload the configuration 16

3.3 Monitoring the LANCOM Switch with LANmonitor 17

3.3.1 Ethernet port status 17

5

LANCOM GS-1224

쮿 Contents

EN

4 Operation of Web- based Management 18

4.1 Web Management Home Overview 18

4.2 Configuration 20

4.2.1 System Configuration 20

4.2.2 Port Configuration 22

4.2.3 VLAN Mode Configuration 24

4.2.4 VLAN Group Configuration 27

4.2.5 Aggregation 31

4.2.6 LACP 32

4.2.7 RSTP 33

4.2.8 802.1x Configuration 35

4.2.9 IGMP Snooping 43

4.2.10 Mirror Configuration 44

4.2.11 QoS (Quality of Service) Configuration 45

4.2.12 Filter 48

4.2.13 Rate Limit 49

4.2.14 Storm Control 50

4.2.15 SNMP 51

4.3 Monitoring 53

4.3.1 Detailed Statistics 53

4.3.2 LACP Status 57

4.3.3 RSTP Status 58

4.3.4 IGMP Status 59

4.3.5 Ping Status 60

4.4 Maintenance 61

4.4.1 Warm Restart 61

4.4.2 Factory Default 62

4.4.3 Software Upgrade 62

4.4.4 Configuration File Transfer 62

4.4.5 Logout 63

5 Appendix 64

5.1 Performance data and specification 64

5.2 Connector wiring 65

5.2.1 Ethernet interface 10/100/1000Base-TX 65

5.3 CE-declarations of conformity 65

6

LANCOM GS-1224

쮿 Chapter 1: Introduction

1Introduction

The LANCOM GS-1224 is a websmart layer-2 switch with 20 Gigabit ports (for
twisted pair cable – TP) and four Gigabit dual media ports with TP/SFP, which
meets the IEEE 802.3 Gigabit, Fast Ethernet and Ethernet specifications.

The LANCOM Switches can be configured through WEBconfig.

The overall network management is enhanced and the network efficiency is
also improved to accommodate high bandwidths. In addition, the switch fea­tures comprehensive and useful function such as QoS (Quality of Service),
Spanning Tree, VLAN, Port Trunking, Bandwidth Control, Port Security, SNMP
and IGMP Snooping capability via the intelligent software. It is suitable for
both metro-LAN and office application.

The 10/100/1000 Mbps TP-Ports are standard Ethernet ports that meets all
IEEE 802.3/u/x/z (Gigabit and Fast Ethernet) specifications.

EN

The 1000 Mbps SFP Fiber transceiver are Gigabit Ethernet ports that fully
complies with all IEEE 802.3z and 1000Base-SX/LX standards. The Single
Fiber WDM (BiDi) transceiver is designed with an optic Wavelength Division
Multiplexing (WDM) technology that transports bi-directional full duplex sig­nal over a single fiber simultaneously.

1.1 Key Features in the Device

쮿 QoS:

Support Quality of Service by the IEEE 802.1P standard. There are two
priority queue and packet transmission schedule using Weighted Round
Robin (WRR). User-defined weight classification of packet priority can be
based on either VLAN tag on packets or user-defined port priority.

쮿 Spanning Tree:

Support IEEE 802.1D, IEEE 802.1w (RSTP: Rapid Spanning Tree Protocol)
standards.

쮿 VLAN:

Support Port-based VLAN and IEEE802.1Q Tag VLAN. Support 24 active
VLANs and VLAN ID 1~4094.

쮿 Port Trunking:

Support static port trunking and port trunking with IEEE 802.3ad LACP.

쮿 Bandwidth Control:

Support ingress and egress per port bandwidth control.

7

LANCOM GS-1224

쮿 Chapter 1: Introduction

EN

쮿 Power saving:

The switch can detect inactive links and deactivate the power supply for
the corresponding ports

쮿 SNMP:

SNMP agent. In the device, SNMP agent is a client software which is ope­rating over SNMP protocol used to receive the command from SNMP
manager (server site) and echo the corresponded data, i.e. MIB object.
Besides, SNMP agent will actively issue TRAP information when happe­ned.

The device supports MIB II (RFC1213), Bridge MIB (RFC1493), Interface
Group MIB (RFC2863).

쮿 IGMP Snooping:

Support IGMP version 2 (RFC 2236): The function IGMP snooping is used
to establish the multicast groups to forward the multicast packet to the
member ports, and, in nature, avoid wasting the bandwidth while IP mul­ticast packets are running over the network.

1.2 Just what can your LANCOM Switch do?

Hardware

Supports 20-port 10/100/1000 Mbps TP ports and auto MDIX function

4 Gigabit dual media ports(TP/SFP)

Hot-Plugging for SFP modules

400KB packet buffer

Support of Jumbo frames (maximum 9600 bytes)

Full-duplex flow control (IEEE802.3x)

Satus LEDs

System: Power

TP Port 1-24: LINK/ACT, SPD

LANCOM GS­1224

✔

✔

✔

✔

✔

✔

✔

✔

SFP-Ports 21,22,23,24: LINK/ACT, SPD, SFP

8

✔

Management

LANCOM GS-1224

쮿 Chapter 1: Introduction

LANCOM GS­1224

Concisely the status of port and easily port configuration

Per port traffic monitoring counters

Port mirror function

Static trunk function

802.1Q VLAN

DHCP Broadcasting Suppression to avoid network suspended or
crashed

Trap event while monitored events happened

Default configuration which can be restored to overwrite the current
configuration

Types of QoS: 802.1p Priority and DiffServ DSCP Priority.

Rapid Spanning Tree (802.1w RSTP)

802.1x port security on a VLAN

SNMP access can be disabled and prevent from illegal SNMP access

Bandwidth rating management

✔

✔

✔

✔

✔

✔

✔

✔

✔

✔

✔

✔

✔

EN

HTTP for firmware upgrade, system log upload and config file import/
export

Remote boot through WEBconfig

Options

LANCOM SFP Transceiver:
Item no. 61556 LANCOM SFP-SX-LC1
Item no. 61557 LANCOM SFP-LX-LC1

✔

✔

✔

9

LANCOM GS-1224

쮿 Chapter 2: Installation

2 Installation

This chapter will assist you to quickly install hardware and software. First,
check the package contents and system requirements. The device can be
installed and configured quickly and easily if all prerequisites are fulfilled.

2.1 Package content

EN

Before beginning with the installation, please check that nothing is missing
from your package. Along with the LANCOM Switch the box should contain
the following accessories:

Power cord

19’’ adapter (2 pieces) and mounting materials

LANCOM CD

Printed documentation

Should anything be missing, please take up immediate contact to your dealer
or to the address on the delivery note supplied with your device.

2.2 System requirements

LANCOM

GS-1224

✔

✔

✔

✔

Computers that connect to a LANCOM must meet the following minimum
requirements:

쮿 Operating system with TCP/IP support, such as Windows, Linux, BSD Unix,

Apple Mac OS, OS/2.

쮿 Access to the LAN via the TCP/IP protocol.



2.3 Status displays and interfaces

Meanings of the LEDs

The following section describes the meaning of the LEDs.

10

The LANtools also require a Windows operating system. A web brow­ser under any operating system provides access to WEBconfig.

LANCOM GS-1224

쮿 Chapter 2: Installation

Please be aware that LANmonitor shows far more information about



the status of the LANCOM Switch than the LEDs '→ Monitoring the
LANCOM switch with LANmonitor'.

2.3.1 Connectors, LEDs and buttons on the LANCOM GS-1224

Located on the front of the device are connectors for different cabletypes,
light-emitting diodes (LEDs) that provide information on device status, and
also a button.

EN

쐃 POWER LED

LINK / ACT LED

쐇

Port 1 to 24

10/100/1000

쐋

Mbps LED

SFP (LINK/ACT)

쐏

LED

Reset

쐄

쐃쐇 쐋

Constant green when power is supplied to the device.

쮿 Constant green when the network connection is established to the con-

nected device.

쮿 Blinks during data transfer.
쮿 Off if no network connection can be established to the connected device.

쮿 Constant green when the 1000 Mbps mode is active.
쮿 Constant orange when the 100 Mbps mode is active.
쮿 Off when the 10 Mbps is active.

쮿 Constant green when the network connection is established to the con-

nected device.

쮿 Blinks during data transfer.
쮿 Off if no network connection can be established to the connected device.

Button to reset the system. If you press the button longer than three seconds,
all settings will be reset to default (factory setting).

쐏









TP connectors

쐂

SFP connec-

쐆

tors

Connectors for twisted-pair cables.

Connectors for small form-factor pluggable (SFP) modules.

The device starts after the reset in an unconfigured mode and all set-
tings will get lost. Therefore you should save the actual configuration
before you reset the device!

11

LANCOM GS-1224

쮿 Chapter 2: Installation

2.3.2 Connectors on rear of the LANCOM GS-1224

The following connectors are located on the rear of the device.

EN

LANCOM GS-1224

쐃 Connector for the power supply cable.

쐃

2.4 Mounting and connecting up the LANCOM Switch

Installating the LANCOM Switch involves the following steps:

햲 Mounting – The device is designed for mounting in an available 19” unit

in a server cabinet. If necessary fix the rubber pads to the underside of the
device to prevent any scratching to other equipment.

Ensure that the device has sufficient ventilation to prevent damage



햳 LAN connection – Connect the network devices to the ports of the

from excessive heat build-up.

LANCOM Switch by means of a suitable twisted-pair cable (TP cable). The
connectors automatically detect the avalable data transfer speeds and the
pin assignment (autosensing).





햴 Supply power and switch on – Supply power to the device by means of

the IEC power cable.

햵 Ready for operation? – After a brief self-test, the power LED lights up

continuously. Green LAN-LINK LEDs show which LAN connectors are
being used for a connection.

12

Use only standard TP cables of category CAT 5e or better with a maxi­mum length of 100 m to ensure the best possible transfer of data.
Cross-over cables can be used thanks to the auto-sensing function.

If optical connections are to be used, additional modules can be
purchased as accessories.

2.5 Software installation

The following section describes the installation of the Windows-compatible
system software LANtools, as supplied.

You may skip this section if you use your LANCOM Switch exclusively



with computers running operating systems other than Windows.

LANCOM GS-1224

쮿 Chapter 2: Installation

2.5.1 Starting the software setup

Place the product CD into your drive. The setup program will start automati­cally.

If the setup does not start automatically, run AUTORUN.EXE in the



In Setup, select Install software. The following selection menus will appear
on screen:

root directory of the LANCOM CD.

EN

13

LANCOM GS-1224

쮿 Chapter 2: Installation

2.5.2 Which software should I install?

EN

쮿 LANconfig is the Windows configuration program for all LANCOM

devices. LANconfig searches for all LANCOM devices in your network.
You can use this to start the Web-based configuration of a LANCOM
Switch.

쮿 With LANmonitor you can use a Windows computer to monitor all of

your LANCOM devices. This program displays all important status infor­mation for a LANCOM Switch, such as link status or port PoE state.

쮿 With Documentation you copy the documentation files onto your PC.

Select the appropriate software options and confirm your choice with Next.
The software is installed automatically.

14

LANCOM GS-1224

쮿 Chapter 3: Configuring and monitoring the LANCOM Switch

3 Configuring and monitoring the LANCOM

Switch

3.1 Configuration with WEBconfig

The configuration is done over a graphical user interfacevia a browser
(WEBconfig). Instructions for configuring the device with WEBconfig are avai­lable in the chapter "Web-based configuration".

There are two ways of starting the configuration by browser:

쮿 If you know the device's IP address, simply enter this into the address line

in the browser. The password for accessing the device is "admin".

EN

쮿 If you do not have the device's IP number, LANconfig can be used to

search for it. To start LANconfig click on Start 왘 Programs 왘 LANCOM

왘 LANconfig.

15

LANCOM GS-1224

쮿 Chapter 3: Configuring and monitoring the LANCOM Switch

EN

LANconfig automatically searches for all available devices in your net­work. Any available LANCOM devices will be displayed in the list, inclu­ding the LANCOM Switch. Double-click on this entry to start the browser
automatically with the correct IP address.

What is the IP address of my LANCOM Switch?

The current IP address of the LANCOM Switch after being switched on depends on the network
constellation.

Networks with DHCP server – In its factory settings, the LANCOM Switch is set for auto DHCP
mode, meaning that it searches for a DHCP server to assign it an IP address, subnet mask and
gateway address. The assigned IP address can only be determined by using the appropriate
tools or via the DHCP server. If the DHCP server is a LANCOM device, the IP address of the LAN­COM Switch can be read out from the DHCP table. If this is the case, the LANCOM Switch can
be accessed from any network computer that receives its IP address from the same subnetwork.

Network without a DHCP server – If no DHCP server is present in the network, the LANCOM
Switch waits about 5 minutes and then automatically adopts the address "172.23.56.250".

If this is the case, the LANCOM Switch can be accessed from any network computer with its IP
address set to the address range "172.23.56.x".

3.2 Back up and reload the configuration

With this function you can back up or reload you current configuration for
safety reasons. This backup can be uploaded into a new or defective device.

16

LANCOM GS-1224

쮿 Chapter 3: Configuring and monitoring the LANCOM Switch

3.3 Monitoring the LANCOM Switch with LANmonitor

The current state of the device and all ports can be monitored using the LEDs
on the front panel. With LANmonitor the devices can be observed from any
workstation without being able to see the LEDs. Besides the status informa­tion provided by the LEDs the LANmonitor provides further important infor­mation on the ports.

3.3.1 Ethernet port status

LANmonitor displays the current status of all of the device's Ethernet ports.
This includes monitoring of the state as configured by the admin (config state)
and the actual state (link state) of the port. Each port is displayed with two
colored symbols in LANmonitor:

EN

쮿 The left icon shows the config state:

왏 Gray: The port is deactivated in the configuration
왏 Yellow: The port is activated in the configuration

쮿 The right-hand icon shows the link state:

왏 Gray: No active network device is connected to the port
왏 Green: A network device is connected to the port and active

17

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

4 Operation of Web-based Management

This chapter instructs you how to configure and manage the LANCOM GS­1224 Switch through the web user interface (WEBconfig). With this facility,
you can easily access and monitor through any one port of the switch all the
status of the switch.

The default values of the managed switch are listed in the table below:

EN

IP Adress 172.23.56.250

Subnet Mask 255.255.255.0

Default Gateway 172.23.56.254

Password admin

LANCOM GS-1224

Web Smart Switch supports a simplified user management function which
allows only one administrator to configure the switch at one time. Fill in the
IP address in the address row in a browser to start WEBconfig. The default
password is “admin”.

4.1 Web Management Home Overview

After login, System Information will be displayed as the following screenshot
illustrates:

18

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

The Information of Page Layout

On the top part of the information page, it shows the front panel of the switch.
Linked ports will be displayed in green color, and linked-off ones will be in
black.

The ports for the optional SFP modules show a demonstration of the module,
if it is installed. Ports without installed SFP modules show covered plates.

On the left side, the main menu tree for web is listed in the page. According
to the function name in boldface, all functions can be divided into three parts:
Configuration, Monitoring and Maintenance. The functions of each folder are
described in its corresponded section respectively. When clicking it, the func­tion is performed.

19

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

4.2 Configuration

Configuration includes the following functions: System Configuration, Ports
Configuration, VLAN Mode Configuration, VLAN Group Configuration, Aggre­gation, LACP, RSTP, 802.1X, IGMP Snooping, Mirror, QoS, Filter, Rate Limit,
Storm Control and SNMP.

EN

4.2.1 System Configuration

In the system configuration you can define the basic parameter for the confi­guration and the operation of the device. The switch supports manual IP
address setting and further address information via DHCP or the manual set­ting of a fixed IP address.

Parameter:

쮿 System Description:

The simple description of this switch. Please do not use blanks.

쮿 Firmware Version:

The firmware version of this switch.

20

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Hardware Version:

The hardware version of this switch.

쮿 MAC Address:

It is the Ethernet MAC address of the management agent in this switch.

쮿 Serial Number:

The serial number is assigned by the manufacturer.

쮿 Active IP Address:

Shows the active IP address of this switch.

쮿 Active Subnet Mask:

Shows the active subnet mask of this switch.

쮿 Active Gateway:

Shows the active gateway of this switch.

쮿 DHCP Server:

Shows the IP address of the DHCP server.

쮿 Lease Time Left:

Show the lease time left of DHCP client.

쮿 Device Name:

Set a special name for this switch. Up to 16 characters are allowed in this
parameter. Any alphanumeric character and zero is acceptable.

Default: no default

쮿 DHCP Enabled:

EN

You can enable the automatic delivery of an IP address and activate
further adress information via DHCP.

Default: enabled

쮿 Fallback IP Address:

Fill in an IP address, which is used by the device, if DHCP is disabled or
the DHCP server is not accessible.

Default: 172.23.56.250

쮿 Fallback Subnet Mask:

Fill in a subnet mask, which is used by the device, if DHCP is disabled or
the DHCP server is not accessible.

Default: 255.255.255.0

21

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Fallback Gateway:

Fill in a gateway, which is used by the device, if DHCP is disabled or the
DHCP server is not accessible.

Default: 172.23.56.254

쮿 Management VLAN:

Shows the ID of the management VLAN.

EN

쮿 Password:

Set a password for this switch. Up to 16 characters are allowed in this
parameter. Any alphanumeric character is acceptable.

Default: admin

쮿 Inactivity Timeout(secs):

Set the auto-logout timer. The valid value is 0-60 in the unit of minute and
a decimal point is not allowed. The value 0 means auto-logout timer is
disabled.

Default: 0

4.2.2 Port Configuration

Here you can configure the individual ports.

22

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Parameter:

쮿 Enable Jumbo Frames:

Jumbo frames are not standardized and oversized frames. This function
support jumbo frames of up to 9600 bytes.

Default: disable

쮿 Power Saving Mode:

This function supports Power Saving, to deactivate automatically the
power supply for the ports with inactive links. Select: Enable/ Disable.

Default: enable

쮿 Link:

Shows link status of this port.

쮿 Mode:

Set the speed and duplex of the port. If the media is 1Gbps fiber glass,
there are three modes to choose: Auto Speed, 1000 Full and Disable. If

23

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

the media is TP, the Speed/Duplex is comprised of the combination of
speed mode, 10/100/1000Mbps and duplex mode, full duplex and half
duplex. The following table summarizes the functions the media supports:

Medium NWay Speed Duplex

Twisted Pair ON/OFF 10/100/1000M Full for all, Half for 10/100

1 Gbit-Faser ON/OFF 1000M Full

EN

쮿 Flow Control:

You can tick the check box to enable flow control. If flow control is set
Enable, both parties can send PAUSE frame to the transmitting device(s)
if the receiving port is too busy to handle. When it is set Disable, there
will be no flow control in the port. It drops the packet if too much to
handle.

Default: Disable

쮿 Flow Control status:

To display the Flow control status.

4.2.3 VLAN Mode Configuration

The switch supports Tag-based VLAN (802.1q) and Port-based VLAN. Its
VLAN mode supports 24 active VLANs and and the available VLAN ID range
is from 1~4094. VLAN configuration is used to divide a LAN into smaller ones.
With proper configuration you can not only gain improved security and incre­ased performance but greatly reduced VLAN management.

쮿 VLAN Mode Setting

The VLAN Mode Selection function includes four modes: Port-based, Tag­based and Metro mode.

Parameter:

24

쮿 VLAN Mode:

왏 Port-based:

A port-based VLAN defines its members by port. Any packet coming
in or going out from any port of a port-based VLAN will be accepted.
No filtering criterion applies in a port-based VLAN, the only criterion
is the physical connection to a member port. For example in a port­based VLAN with the member ports 1, 2, 3 and 4, the ports 1, 2, 3
and 4 can communicate with each other, but port 5 can not commu­nicate with them. Each port-based VLAN is identified with an ID (1 to

4094) and you can capture further information about the VLAN in a
description. This switch supports up to maximal 24 port-based
VLANs.

As soon as the VLAN mode is set on “port-based”, the display auto­matically changes to the configuration of the port-based VLAN
groups.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

왏 Tag-based:

A tag-based VLAN identifies its member by VLAN-ID. If there are any
more rules in ingress or egress filtering lists, this rules determines if
the packet will be forwarded or not. The switch supports standard of

802.1q.

Each tag-based VLAN you set up must get a VLAN name and VLAN
ID. A valid VLAN ID is 1 up to 4094. You can create up to 24 Tag VLAN
groups.

As soon as the VLAN mode is set on “tag-based”, the setting double­tag mode will be offered. If the double-tag mode is activated all
packets (tagged or untagged) will get a VLAN tag. Packets which have
already an “inner” tag will get in addition an “outer” tag. Internet ser-

25

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

vice provider use this function for additionally tagging in their own
network of customers VLAN tagged data streams.

If the double-tag mode is activated, you can select the ports on which
the doubled VLAN tags should be used.

EN

After confirmation of the tag-based VLAN mode, the display auto­matically changes to the configuration of the tag-based VLAN groups.

왏 Metro Mode:

26

The Metro mode is a quick method to configure port-based VLANs.
Metro mode can be activated for the ports 21, 22, 23 and 24. This
option is usually used to get a comfortable uplink to the metro ether­net environment.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

After confirmation of the Metro mode the display changes to the con­figuration of the port-based VLAN groups. At the same time for all
ports without metro mode support a VLAN group is set up. This
VLAN group contains the respective port and the ports with metro
mode support. Ports can be deleted manually from certain groups if
needed.

EN

4.2.4 VLAN Group Configuration

Shows the information of VLAN Groups, and allows administrators to
maintain them by modifying and deleting each VLAN group.

The display differs depending on the current VLAN mode:

쮿 If you are in port-based VLAN or in metro mode, it will just show the ID

and the descriptions of the existing members.

쮿 If you are in tag-based VLAN, it will show the ID and the descriptions of

the existing members. Additionally you can define further options for each
port.

The switch can store the configuration of port-based VLAN and tag-based
VLAN separately.

27

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

General functions

쮿 Add:

Adds a new port-based or tag-based VLAN.

쮿 Modify:

Click on Modify to edit the selected VLAN.

쮿 Delete:

EN

Click on Delete to remove the selected VLAN.

VLAN group configuration

Parameter:

쮿 ID (VLAN ID):

ID of the VLAN group (1 to 4094). The packet forwarding is based on this
ID.

쮿 Member:

Select the member ports of the VLAN group.

28

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

VLAN Port Configuration

In tag-based mode you can define further settings for each port. Please click
the Port Config button in the list of tag-based VLAN group.

Parameter:

29

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Ingress Filtering enabled:

If the filter for incoming packets is activated, packets on this port are for­wared only, if the port is member of the corresponding VLAN group.
Packets with other VLAN tags are discarded.

쮿 Packet Type:

왏 All: Forwards all packets (tagged and untagged).
왏 Tagged Only: Forwards tagged packets only and discards untagged

EN

packets.

쮿 Role:

Defines the rules for outgoing packets.

왏 Access: Packets on this port are forwarded untagged. If double tags

are detected, the outer tag will be removed. This option is generally
used if end devices are connected to the port.

왏 Trunk: Packets on this port are forwarded using the current tag.
왏 Hybrid: Similar to trnuk, packets on this port are forwarded using the

current tag. If the current tag matches the “Untagged VLAN ID”, the
tag will be removed.

쮿 Untagged VLAN ID:

Active only if the role is set to hybrid. This value (from 1 to 4094) defines
the tag, which will be removed from outgoing packets.

쮿 PVID (Port VLAN ID):

This VLAN ID from 1 to 4094 is used to tag incoming packets for forwar­ding. Only VLAN IDs which are defined in the list of tag-based VLAN
groups can be used as Port VLAN ID.

30

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

4.2.5 Aggregation

The Aggregation (Port Trunking) Configuration is used to configure the set­tings of Link Aggregation. You can bundle more than one port by same speed,
full duplex and the same MAC to be a single logical port, thus the logical port
aggregates the bandwidth of these ports. This means you can apply your cur­rent Ethernet equipments to build the bandwidth aggregation.

31

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

The Aggregation Configuration displays the current setup of Aggregation
Trunking. With this function you can add a new trunking group or modify the
members of an existing trunking group.

Parameter:

쮿 Normal:

Set up the ports that do not join any aggregation trunking group.

쮿 Group 1-8:

EN

Groups the ports you choose together. Up to 12 ports can be selected for
each group.

The aggregation groups has to be set up one after each other. Group



2 will remain inactive until the ports for group 1 are selected and the
settings are stored with Apply.

4.2.6 LACP

Smart Web Switch supports “Link Aggregation Control Protocol” (LACP). LACP
is a standard network protocol IEEE 802.3ad which dynamically creates and
manages trunk groups.

When you enable LACP link aggregation on a port, the port can automatically
negotiate with the ports at the remote end of a link to establish trunk groups.
LACP also allows port redundancy, that is, if an operational port fails, then one
of the "standby" ports become operational without user intervention.

Parameter:

쮿 Protocol Enabled:

Just tick the check box to enable LACP protocol then press Apply.

쮿 Key Value:

It's a key for an aggregation. This must be an integer value between 1 and
255 or auto select by switch.

32

4.2.7 RSTP

Rapid Spanning Tree protocol (RSTP) detects and resolves network loops,
respectively in case of need (breakdown of a connection) to activate it again.
The protocol allows a switch to communicate with other RSTP compliant swit­ches and to ensure, that only one path exists between two end points in your
network.

Parameter:

쮿 System Priority:

System priority is used to determine the root switch, thus the root of the
spanning tree. The switch with the highest priority (lowest numeric value)
becomes the root switch. If all switches have the same priority, the switch
with the lowest MAC address will become the root switch. Select a value
from the drop-down list box. (The lower the numeric value you assign, the
higher the priority for this system.)

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Default: 32768

쮿 Hello Time:

Hello Time is the time interval, in which the switch tells the following
devices in the spanning tree, with a “hello packet”, that it is still active. If
for example the LANCOM Switch is the root switch of the LAN, all other
bridges will use the hello time assigned by this switch to communicate
with each other. The allowed range is 1-10 second.

Default: 2 seconds

쮿 Max. Age:

If there are no “hello packets” for a certain time, a device in the spanning
tree assumes a change in the structure. In this case all connections in the
network need to be established again.

Maximum Age is the maximum time a switch can wait without receiving
a “hello packet” before attempting to reconfigure. During this time of
reconfiguration, all STP-capable devices in the network send only admi­nistration packets, but no reference data of the connected devices.

The valid value of Max. Age is 6 -40 seconds.

Default: 20 seconds

쮿 Forward Delay:

Forward delay time is the maximum time (in seconds) a switch waits
before changing its state.

33

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

For example the time a brige port needs, to move from “Listening state”
to “Learning state” or from “Learning state” to “Forwarding state”. The
general rule is:

2 * (Forward Delay - 1) >= Max Age >= 2 * (Hello Time + 1).

Default: 15 seconds

쮿 Force Version:

EN

For the STP algorithm you can select between two options in the drop­down list: RSTP or STP. Rapid Spanning Tree Protocol (RSTP) is an exten­sion of STP and reduces the needed time for the new organisation of a
network after structure changed.

RSTP Port Configuration

Enable or disable RSTP protocol on the ports that are selected. Decide if the
Port should be an edge port and set path costs.

Parameter:

쮿 Protocol Enabled:

Just tick the check box beside the port x to enable RSTP protocol, then
press Apply.

쮿 Edge:

An Edge Port is a port connected to a device that knows nothing about
STP or RSTP. Usually, the connected device is an end station. Edge Ports
will immediately transit to forwarding state and skip the listening and
learning state because the edge ports cannot create bridging loops in the
network. This will expedite the convergence. When the link on the edge
port toggles, the STP topology keeps unchanged. Unlike the designate
port or root port though, an edge port will transit to a normal spanning­tree port immediately if it receives a BPDU.

Just tick the check box beside the port x to enable edge function.

쮿 Path Cost:

Path cost is the cost of transmitting a frame on to a LAN through that port.
It is assigned according to the speed of the bridge. The slower the media,
the higher the cost. You can select auto or set the range from 1-

200000000.

34

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

4.2.8 802.1x Configuration

802.1x port-based network access control provides a method to restrict users
to access network resources via authenticating user’s information. This rest­ricts users from gaining access to the network resources through a 802.1x­enabled port without authentication. If a user wishes to touch the network
through a port under 802.1x control, he (she) must firstly input his (her)
account name for authentication and waits for gaining authorization before
sending or receiving any packets from a 802.1x-enabled port.

Before the devices or end stations can access the network resources through
the ports under 802.1x control, the devices or end stations connected to a
controlled port send the authentication request to the authenticator, the
authenticator pass the request to the authentication server to authenticate
and verify, and the server tell the authenticator if the request get the grant of
authorization for the ports.

According to IEEE802.1x, there are three components implemented. They are
Authenticator, Supplicant and Authentication server.

35

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Supplicant:

It is an entity being authenticated by an authenticator. It is used to com­municate with the Authenticator PAE (Port Access Entity) by exchanging
the authentication message when the Authenticator PAE request to it.

쮿 Authenticator:

An entity facilitates the authentication of the supplicant entity. It controls
the state of the port, authorized or unauthorized, according to the result

EN

of authentication message exchanged between it and a supplicant PAE.
The authenticator may request the supplicant to re-authenticate itself at
a configured time period. Once start re-authenticating the supplicant, the
controlled port keeps in the authorized state until re-authentication fails.

A port acting as an authenticator is thought to be two logical ports, a con­trolled port and an uncontrolled port. A controlled port can only pass the
packets when the authenticator PAE is authorized, and otherwise, an
uncontrolled port will unconditionally pass the packets with PAE group
MAC address, which has the value of 01-80-c2-00-00-03 and will not be
forwarded by MAC bridge, at any time.

쮿 Authentication server:

A device provides authentication service, through EAP, to an authentica­tor by using authentication credentials supplied by the supplicant to
determine if the supplicant is authorized to access the network resource.

The overview of operation flow for the following figure is quite simple. When
Supplicant PAE issues a request to Authenticator PAE, Authenticator and Sup­plicant exchanges authentication message. Then, Authenticator passes the
request to RADIUS server to verify. Finally, RADIUS server replies if the request
is granted or denied.

While in the authentication process, the message packets, encapsulated by
Extensible Authentication Protocol over LAN (EAPOL), are exchanged between
an authenticator PAE and a supplicant PAE. The Authenticator exchanges the
message to authentication server using EAP encapsulation. Before success­fully authenticating, the supplicant can only touch the authenticator to per­form authentication message exchange or access the network from the
uncontrolled port.

36

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

In the following figure is the typical configuration, a single supplicant, an
authenticator and an authentication server. B and C is in the internal network,
D is Authentication server running RADIUS, switch at the central location acts
Authenticator connecting to PC A and A is a PC outside the controlled port,
running Supplicant PAE. In this case, PC A wants to access the services on
device B and C, first, it must exchange the authentication message with the
authenticator on the port it connected via EAPOL packet. The authenticator
transfers the supplicant’s credentials to Authentication server for verification.
If success, the authentication server will notice the authenticator the grant. PC
A, then, is allowed to access B and C via the switch. If there are two switches
directly connected together instead of single one, for the link connecting two
switches, it may have to act two port roles at the end of the link: authenticator
and supplicant, because the traffic is bi-directional.

EN

37

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

The following figure shows the procedure of 802.1x authentication. There are
steps for the login based on 802.1x port access control management. The pro­tocol used in the right side is EAPOL and the left side is EAP.

쐃 At the initial stage, the supplicant A is unauthenticated and a port on

switch acting as an authenticator is in unauthorized state. So the access
is blocked in this stage.

쐇 Initiating a session. Either authenticator or supplicant can initiate the

EN

message exchange. If supplicant initiates the process, it sends EAPOL­start packet to the authenticator PAE and authenticator will immediately
respond EAP-Request/Identity packet.

쐋 The authenticator always periodically sends EAP-Request/Identity to the

supplicant for requesting the identity it wants to be authenticated.

쐏 If the authenticator doesn’t send EAP-Request/Identity, the supplicant will

initiate EAPOL-Start the process by sending to the authenticator.

쐄 And next, the Supplicant replies an EAP-Response/Identity to the authen-

ticator. The authenticator will embed the user ID into Radius-Access­Request command and send it to the authentication server for confirming
its identity.

쐂 After receiving the Radius-Access-Request, the authentication server

sends Radius-Access-Challenge to the supplicant for asking for inputting
user password via the authenticator PAE.

쐆 The supplicant will convert user password into the credential information,

perhaps, in MD5 format and replies an EAP-Response with this credential
information as well as the specified authentication algorithm (MD5 or
OTP) to Authentication server via the authenticator PAE. As per the value
of the type field in message PDU, the authentication server knows which
algorithm should be applied to authenticate the credential information,
EAP-MD5 (Message Digest 5) or EAP-OTP (One Time Password) or other
else algorithm.

쐊 If user ID and password is correct, the authentication server will send a

Radius-Access-Accept to the authenticator. If not correct, the authentica­tion server will send a Radius-Access-Reject.

쐎 When the authenticator PAE receives a Radius-Access-Accept, it will send

an EAP-Success to the supplicant. At this time, the supplicant is authori­zed and the port connected to the supplicant and under 802.1x control is

38

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

in the authorized state. The supplicant and other devices connected to this
port can access the network. If the authenticator receives a Radius­Access-Reject, it will send an EAP-Failure to the supplicant. This means
the supplicant is failed to authenticate. The port it connected is in the
unauthorized state, the supplicant and the devices connected to this port
won’t be allowed to access the network.

쐅 When the supplicant issue an EAP-Logoff message to Authentication ser-

ver, the port you are using is set to be unauthorized.

EN

The 802.1X “enabled” is the type of authentication supported in the switch.
In this mode, for the devices connected to this port, once a supplicant is
authorized, the devices connected to this port can access the network
resource through this port.

802.1x Port-based Network Access Control function supported by the switch
is little bit complex, for it just support basic Multihost mode, which can dis­tinguish the device’s MAC address and its VID. The following table is the sum­mary of the combination of the authentication status and the port status
versus the status of port mode, set in 802.1x Port mode, port control state, set
in 802.1x port setting. Here Entry Authorized means MAC entry is authorized.

Port Mode Port Control Authentication Port Status

Disable Don’t Care Don’t Care Port Uncontrolled

Multihost Auto Successful Port Authorized

39

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

Multihost Auto Failure Port Unauthorized

Multihost ForceUnauthorized Don’t Care Port Unauthorized

Multihost ForceAuthorized Don’t Care Port Authorized

Configuration

The 802.1X Server Configuration is used to configure the global parameters
for RADIUS authentication in 802.1X port security application.

EN

Parameter:

쮿 Mode:

Enable or disable 802.1X function.

쮿 RADIUS IP:

RADIUS server IP address for authentication.

Default: 0.0.0.0

쮿 RADIUS UDP Port:

The port number to communicate with RADIUS server for the authentica­tion service. The valid value ranges 1-65535.

Default port number is 1812.

쮿 RADIUS Secret:

The secret key between authentication server and authenticator. It is a
string with the length 1 - 15 characters. The character string may contain
upper case, lower case and 0-9. It is character sense. It is not allowed to
put a blank between any two characters.

Default: None

쮿 Admin State:

This is used to set the operation mode of authorization. There are three
type of operation mode supported: Force Unauthorized, Force Authorized,
Auto.

왏 Force Unauthorized:

40

The controlled port is forced to hold in the unauthorized state, no
matter which EAP negotiation between authenticator and supplicant
takes place.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

왏 Force Authorized:

The controlled port is forced to hold in the authorized state, no mat­ter which EAP negotiation between authenticator and supplicant
takes place.

왏 Auto:

If the port is set to be in authorized or unauthorized state depends on
the result of the authentication exchange between the authenticatior
and supplicant.

Default: Force Authorized

쮿 Port State:

Shows the port status of authorization.

쮿 Re-authenticate:

Using this function all devices connected to this port will have to re­authenticate with username and password when the reauthentication
period expires.

EN

쮿 Re-authenticate All:

Re-authenticate for all ports at once.

Using this function the devices connected to all ports will have to re­authenticate with username and password when the reauthentication
period expires.

쮿 Force Reinitialize:

Using this function all devices connected to this port will have to re­authenticate with username and password immediately.

쮿 Force Reinitialize All:

Using this function the devices connected to all ports will have to re­authenticate with username and password immediately.

41

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Statistics

Choose the port which you want to show of 802.1X statistics, the screen
include Authenticator counters, backend Authenticator counters, dot1x MIB
counters and Other statistics.

Parameters

You can enable or disable Reauthentication function and specify how often a
client has to re-enter his or her username and password to stay connected to
the port.

42

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

Parameter:

쮿 Reauthentication Enabled:

Choose whether regular authentication will take place in this port.

Default: Disable

쮿 Reauthentication Period (1-65535 s):

You can define the time period (in seconds), after a supplicant has to
authenticate again. The time period can not be zero.

Default: 3600 seconds

쮿 EAP timeout (1-255 s):

A timeout condition in the exchange between the authenticator and the
supplicant. The valid range: 1 -255.

Default: 30 seconds

4.2.9 IGMP Snooping

IGMP Snooping lets administrators configure a switch to constrain multicast
traffic on certain ports.

EN

Parameter:

쮿 IGMP Enabled:

Here you can enable general the IGMP function.

Default: disable

쮿 Router Ports:

A Port is router port, if a router is connected, which handle multicast rou­ting. Enable here the corresponding ports.

Default: none

43

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Unregistered IGMP Flooding enabled:

Allows multicat flooding, while the multicast traffic is not registered in the
multicast table.

Default: enable

쮿 VLAN ID:

At the IGMP Enable mode being selected, it will list the VLAN ID number.

EN

쮿 IGMP Snooping Enabled:

If this function is enabled, the switch can handle IGMP-requests in the
network and learns if necessary the membership of certain multicast
groups.

Default: enable

쮿 IGMP Querying Enabled:

If this function is enabled, the switch can distribute IGMP-requests in the
network.

Default: enable

4.2.10 Mirror Configuration

Mirror Configuration is provided to monitor the traffic in the network. This
switch supports one-port mirror multi-ports. For example, we assume that
Port A and Port B are Source Ports, and Port C is Mirror Port respectively, thus,
the traffic passing through Port A and Port B will be copied to Port C for moni­tor purpose.

Parameter:

44

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Source Port:

Set up the port for being monitored. Just tick the check box beside the port
x. Valid ports are port 1-24.

쮿 Mirror Port:

Use the drop-down menu to select a mirror port.

EN

4.2.11 QoS (Quality of Service) Configuration

The switch offers powerful QoS function. This function supports VLAN-tagged
priority that can make precedence of 8 priorities, and DSCP (Differentiated
Services Code Point) on Layer 3 of network framework.

쮿 QoS Configuration

While setting QoS function, please select QoS Mode in drop-down menu
at first. Then you can use 802.1p Priority and DSCP Priority functions. In
this function, you can enable/disable QoS Mode and set Priority Control,
such as: 802.1p and DSCP. The switch only supports Strict Priority. High
priority queue is always passed first.

쮿 802.1p QoS Mode

This function will affect the priority of VLAN tag. Based on priority of VLAN
tag, it can arrange 0~7 priorities, priorities can map to 4 queues of the
switch (low, normal, medium, high) and possess different bandwidth dis­tribution according to your weight setting.

Parameter:

45

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

왏 Prioritize Traffic

Five Prioritize Traffic values are provided: Custom, All Low Priority, All
Normal Priority, All Medium Priority, and All High Priority.

The QoS setting would apply to all ports on the switch if one of the
following values is selected: All Low Priority, All Normal Priority, All
Medium Priority, or All High Priority.

왏 Port Number

EN

When Custom is selected for Prioritize Traffic, you may assign specific
Port Number for 802.1p Configuration.

왏 802.1p Configuration

Each Priority can select any of Queue. In Default, Priority 0 is mapping
to Queue normal, Priority 1 is mapping to Queue low, Priority 2 is
mapping to Queue low, Priority 3 is mapping to Queue normal, Prio­rity 4 is mapping to Queue medium, Priority 5 is mapping to Queue
medium, Priority 6 is mapping to Queue high, and Priority 7 is map­ping to Queue high.

쮿 DSCP QoS Mode

In the late 1990s, the IETF redefined the meaning of the 8-bit SERVICE
TYPE field to accommodate a set of differentiated services (DS). Under the
differentiated services interpretation, the first six bits comprise a code­point, which is sometimes abbreviated DSCP, and the last two bits are left
unused.

DSCP can form total 64 kinds of Traffic Class based on the arrangement of
6-bit field in DSCP of the IP packet. In the switch, user is allowed to set

46

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

up these 64 kinds of Class that belong to any of queue (low, normal,
medium, high).

Parameter:

왏 Prioritize Traffic

Five Prioritize Traffic values are provided: Custom, All Low Priority, All
Normal Priority, All Medium Priority, and All High Priority.

The QoS setting would apply to all ports on the switch if one of the
following values is selected: All Low Priority, All Normal Priority, All
Medium Priority, or All High Priority.

왏 Port Number

When Custom is selected for Prioritize Traffic, you may assign specific
Port Number for DSCP Configuration.

왏 802.1p Configuration

64 kinds of priority traffic as mentioned above, user can set up any of
Queue (low, normal, medium, high). In default, Priority 0-63 are map­ping to Queue high.

EN

47

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

4.2.12 Filter

The filter configuration lets administrators assign certain IP addresses or sub­nets to ports on the switch, from which a login on the switch for configuration
is allowed.

EN

Parameter:

쮿 Source IP Filter:

왏 Mode:

There are three types of mode in this drop-down menu.

Default:disabled.

Disabled:

Allow all IP Address login to this switch and manage it.

Static:

Just allow the IP Address which set by administrator to login to
this switch and manage it..

DHCP:

Allow the IP Address get from DHCP server can login to this switch
and manage it.

Note: If you choose this mode only an DHCP client could be
package forwarding on the port.

왏 IP Address:

왏 IP Mask:

쮿 DHCP Server Allowed:

Just tick the check box under the port x to allow the DHCP Server on this
port.

48

Setting up the IP Address, it can be one IP Address or a LAN.

Setting up the IP Subnet Mask related with the IP Address.

Default: enable

4.2.13 Rate Limit

Ingress and Egress Bandwidth Setting function are used to set up the limit of
Ingress or Egress bandwidth for each port.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Parameter:

쮿 Traffic Rate Unit

Select the data rate as basis for the rate limit. Possible values from
128 Kbps to 32 Mbps.

쮿 Ingress:

Set up the limit of Ingress bandwidth for the port you choose. Incoming
traffic will be discarded if the rate exceeds the value you set up in Data
Rate field. Pause frames are also generated if flow control is enabled. The
format of the packet limits to unicast, broadcast and multicast. Valid
values are multiples (0 to 31) of the traffic rate unit. The resulting limit is
shown on the right next to the drop down box.

Default: No Limit

쮿 Egress:

Set up the limit of Egress bandwidth for the port you choose. Outgoing
traffic will be discarded if the rate exceeds the value you set up in Data
Rate field. Pause frames are also generated if flow control is enabled. The
format of the packet limits to unicast, broadcast and multicast. Valid
values are multiples (0 to 31) of the traffic rate unit. The resulting limit is
shown on the right next to the drop down box.

49

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

Default: No Limit

4.2.14 Storm Control

Storm Control is used to block unnecessary multicast and broadcast frames
that reduce switch's performance. When the function is enabled and values of
storm control are exceeded, multicast and broadcast frames will be dropped.

EN

Parameter:

쮿 ICMP Rate:

Enables the ICMP Storm capability. The setting range is 1k-1024k per
second. If the amount of ICMP packets reachs this value, ICMP packets
will be dropped.

Default: No Limit

쮿 Learn Frames Rate:

To enable the Learn Frames Storm capability. User can use drop-down
menu to select number of frames. The setting range is 1k~1024k per
second.

Default: No Limit

쮿 Broadcast Rate:

To enable the Broadcast Storm capability. User can use drop-down menu
to select number of frames. The setting range is 1k~1024k per second.

Default: No Limit

50

쮿 Multicast Rate:

To enable the Multicast Storm capability. User can use drop-down menu
to select number of frames. The setting range is 1k~1024k per second.

Default: No Limit

쮿 Flooded unicast Rate:

To enable the Flooded unicast Storm capability. User can use drop-down
menu to select number of frames. The setting range is 1k~1024k per
second.

Default: No Limit

4.2.15 SNMP

Any Network Management System (NMS) running the Simple Network
Management Protocol (SNMP) can manage the managed devices equipped
with the SNMP agent, provided that the Management Information Base (MIB)
is installed correctly on the managed devices. The SNMP is a protocol that is
used to govern the transfer of information between the SNMP manager and
agent and traverses the Object Identity (OID) of the Management Information
Base (MIB), described in the form of Structure Management Information
(SMI). The SNMP agent is running on the switch to response the request
issued by the SNMP manager.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Basically, it is passive except issuing the trap information. The switch supports
a switch to turn on or off the SNMP agent. If you set the field SNMP “Enable”,
the SNMP agent will be started up. All supported MIB OIDs, including RMON
MIB, can be accessed via the SNMP manager. If the field SNMP is set
“Disable”, the SNMP agent will be de-activated, the related Community
Name, Trap Host IP Address, Trap and all MIB counters will be ignored.

쮿 SNMP Configuration

This function is used to configure SNMP settings, community name, trap
host and public traps as well as the throttle of SNMP. A SNMP manager
must pass the authentication by identifying both community names, then
it can access the MIB information of the target device. So, both parties
must have the same community name. Once completing the setting, click
Apply and the setting takes effect.

51

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Parameter:

쮿 SNMP enable:

The term SNMP enable here is used for the activation or de-activation of
SNMP.

Default: Disable

쮿 Get/Set/Trap Community:

Community name is used as password for authenticating if the requesting
network management unit belongs to the same community group. If they
both don’t have the same community name, they don’t belong to the
same group. Hence, the requesting network management unit can not
access the device with different community name via the SNMP protocol;
If they both have the same community name, they can talk to each other.

Community name is user-definable with a maximum length of 15 charac­ters and is case sensitive. It is not allowed to put any blank in the commu­nity name string. Any printable character is allowable. The community
name for each function works independently. Each function has its own
community name. Say, the community name for READ only works for the
READ function and can’t be applied to other functions such as WRITE or
TRAP.

Default SNMP function : enable

Default community name for Get: public

Default community name for Set: private

Default community name for Trap: public

52

쮿 System Event:

Select the events, for which should be send a SNMP-Trap (Cold Boot and/
or Warm Boot).

Default: Enable

쮿 TP and Fiber Port Event:

Select the events on the ports, for which should be send a SNMP-Trap
(Link Up and/or Link Down).

4.3 Monitoring

There are five functions contained in the monitoring function: Detailed Stati­stics, LACP Status, RSTP Status, IGMP Status and Ping Status.

4.3.1 Detailed Statistics

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Displays the detailed counting number of each port's traffic. There are shown
all counter information for one port at one time. Click on a port in the upper
screen to show the values of this port. You can activate up to five receive sta­tistics and five transmit statistics at the same time. Confirm your selection with
a click on Apply. With Refresh you can update the table.

53

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

54

Parameter:

쮿 Rx Packets:

The counting number of the packet received.

쮿 RX Octets:

Total received bytes.

쮿 Rx High Priority Packets:

Number of Rx packets classified as high priority.

쮿 Rx Low Priority Packets:

Number of Rx packets classified as low priority.

쮿 Rx Broadcast:

Shows the counting number of the received broadcast packet.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Rx Multicast:

Show the counting number of the received multicast packet.

쮿 Rx Broad- and Multicast:

Shows the counting number of the received broadcast with multicast
packet.

쮿 Rx Error Packets:

Show the counting number of the received error packets.

쮿 Tx Packets:

The counting number of the packet transmitted.

쮿 TX Octets:

Total transmitted bytes.

쮿 Tx High Priority Packets:

Number of Tx packets classified as high priority.

쮿 Tx Low Priority Packets:

Number of Tx packets classified as low priority.

쮿 Tx Broadcast:

Shows the counting number of the transmitted broadcast packet.

쮿 Tx Multicast:

Show the counting number of the transmitted multicast packet.

쮿 Tx Broad- and Multicast:

Shows the counting number of the transmitted broadcast with multicast
packet.

EN

쮿 Tx Error Packets:

Shows the counting number of the received error packets.

쮿 Rx 64 Bytes:

Number of 64-byte frames in good and bad packets received.

쮿 Rx 65-127 Bytes:

Number of 65 ~ 126-byte frames in good and bad packets received.

쮿 Rx 128-255 Bytes:

Number of 127 ~ 255-byte frames in good and bad packets received.

쮿 Rx 256-511 Bytes:

Number of 256 ~ 511-byte frames in good and bad packets received.

55

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Rx 512-1023 Bytes:

Number of 512 ~ 1023-byte frames in good and bad packets received.

쮿 Rx 1024-Bytes:

Number of 1024-max_length-byte frames in good and bad packets recei­ved.

쮿 Tx 64 Bytes:

EN

Number of 64-byte frames in good and bad packets transmitted.

쮿 Tx 65-127 Bytes:

Number of 65 ~ 126-byte frames in good and bad packets transmitted.

쮿 Tx 128-255 Bytes:

Number of 127 ~ 255-byte frames in good and bad packets transmitted.

쮿 Tx 256-511 Bytes:

Number of 256 ~ 511-byte frames in good and bad packets transmitted.

쮿 Tx 512-1023 Bytes:

Number of 512 ~ 1023-byte frames in good and bad packets transmitted.

쮿 Tx 1024-Bytes:

Number of 1024-max_length-byte frames in good and bad packets trans­mitted.

쮿 Rx CRC/Alignment:

Number of Alignment errors and CRC error packets received . A cyclic red­undancy check (CRC) checks a inspection value for data, to detect errors
in the transmitting process and the storage.

쮿 Rx Undersize:

Number of short frames (<64 Bytes) with valid CRC.

쮿 Rx Oversize:

Number of long frames(according to max_length register) with valid CRC.

쮿 Rx Fragments:

Number of short frames (< 64 bytes) with invalid CRC.

쮿 Rx Jabber:

Number of long frames(according tomax_length register) with invalid
CRC.

쮿 Rx Drops:

Frames dropped due to the lack of receiving buffer.

56

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Tx Collisions:

Number of collisions transmitting frames experienced.

쮿 Tx Drops:

Number of frames dropped due to excessive collision, late collision, or
frame aging.

쮿 Tx Overflow:

Number of frames dropped due to the lack of transmitting buffer.

4.3.2 LACP Status

The LACP Status window shows LACP information and status for all ports at
the same time. Within the IEEE specification the Link Aggregation Control Pro­tocol (LACP) provides a method to control the bundling of several physical
ports together to form a single logical channel.

EN

Parameter:

쮿 LACP Aggregation Overview:

Shows the group/port status. Default will set to red sign for “port link
down”. Please check legend table below for all references.

쮿 LACP Port Status:

Group/Port: Shows the port number.

Normal: See Legend.

57

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

4.3.3 RSTP Status

RSTP Status shows the present VLAN bridge information and the status of all
ports.

EN

Parameter:

쮿 VLAN ID:

Shows VLAN ID.

쮿 Bridge ID:

Shows bridge priority setting and bridge ID of the switch, which stands for
the MAC address of this switch.

쮿 Hello Time:

Shows the current hello time of the root bridge.

쮿 Max. Age:

Shows the current root bridge maximum age time.

쮿 Forward Delay:

Shows the current root bridge forward delay time.

쮿 Topology:

Shows the root bridge’s spanning tree topology.

쮿 Root ID:

Shows Root bridge ID of this network segment. If this switch is a root
bridge the text: "This switch is Root" will appear.

58

4.3.4 IGMP Status

Internet Group Management Protocol (IGMP) is used to snoop the status of IP
multicast groups and display its associated information in both tagged VLAN
and non-tagged VLAN networks. When IGMP snooping is enabled in the
switch it analyzes all IGMP packets between hosts connected to the switch
and multicast router in the network. When a switch hears an IGMP report from
a host for a given multicast group, the switch adds the host's port number to
the multicast list for that group. When the switch hears an IGMP Leave, it
removes the host's port from the table entry.

IGMP Status shows the VLAN ID for each multicast group.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Parameter:

쮿 VLAN ID:

Shows VLAN ID for each multicast group.

쮿 Querier:

Shows the group membership queries status.

쮿 Queries transmitted:

Shows the number of group membership queries transmitted.

쮿 Queries received:

Shows the number of group membership queries received.

쮿 V1 Reports:

When a host receives a group membership query, it identifies the groups
associated with the query and determines to which groups it belongs. The

59

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

host then sets a timer, with a value less than the Max Response Time field
in the query, for each group to which it belongs. It calculates the number
of times of IGMPV1 report.

쮿 V2 Reports: See V1.
쮿 V3 Reports: See V1.
쮿 V2 Leaves:

When a host leaves a group, it sends a leave group membership message

EN

to multicast routers on the network. It shows the leaves number.

4.3.5 Ping Status

To set up target IP address for ping function and display ping status.

Ping test function is a tool for detecting, if the target device is alive or not
through ICMP protocol which abounds with report messages. The switch pro­vides ping test function to let you know that, if the target device is available
or not. Fill in an IP address and click Apply. The result will show if the target
device is available. You can update the table with a click on Refresh.

Parameter:

쮿 Ping Parameter:

왏 Target IP address:

60

Set up a Target IP address to ping.

왏 Count:

Use the drop-down menu to set number of echo requests to send.
Four type of number are possible: 1, 5, 10 and 20.

Default: 1

왏 Time Out (in secs):

Use the drop-down menu to set number of echo requests time out in
second. Four type numbers are possible: 1, 5,10 and 20.

Default: 1

NOTE: You need to press Apply to start up after you set the parame­ters.

쮿 Ping Results:

왏 Target IP address:

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

Shows the active target IP address.

왏 Status:

Shows the result of the ping status.

쮿 Received replies:

Shows the received replies number of times.

쮿 Request timeouts:

Shows the timeout of request.

쮿 Average Response times (In ms):

Shows the average response time in milliseconds.

4.4 Maintenance

In this section the functions are described for maintaining the switch.

4.4.1 Warm Restart

Warm restart provides the function to restart the device.



After upgrading software, you must restart the switch to have the new
configuration taken in effect.

61

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

쮿 Warm restart: Press Yes to confirm warm restart function. It will take

around 30 seconds to complete the system boot.

EN

4.4.2 Factory Default

Factory default provides the function to retrieve default settings and replace
current configuration. Except the IP address setting, all settings will be resto­red to the factory default values when "Factory Default" function is perfor­med. If you want to restore all configurations including the IP address setting
to the factory default, please press the "RESET" button on the front panel lon­ger than three seconds.

62

4.4.3 Software Upgrade

You can just click the browse button to retrieve the file you want in your sys­tem to upgrade your switch.

4.4.4 Configuration File Transfer

You can backup your switch's configuration file into your computer folder in
case accident happens. In addition, uploading backup configuration file into
a new or a crashed switch can save much time and avoid mistakes.

4.4.5 Logout

The switch allows you to log out the system to prevent other users from the
system without permission. There are three possibilities to log out or be
logged out.

LANCOM GS-1224

쮿 Chapter 4: Operation of Web- based Management

EN

쮿 Auto Logout: If Auto Logout is ON and no action/no key stroke is done for

the time (in minutes) you set up in the Auto Logout Timer, the switch will
log you out automatically.

쮿 Implicit Logout: If you do not log out and exit the browser, the switch will

automatically log you out.

쮿 Logout Function: The switch allows administrators to log out manually by

Logout function.

63

LANCOM GS-1224

쮿 Chapter 5: Appendix

5 Appendix

5.1 Performance data and specification

LANCOM GS-1224

Performance Switching technology Store and forward with latency less than 5 μs

EN

LAN protocols Link Aggregation Control

Interfaces Ethernet ports 20 ports 10/100/1000 Mbps ethernet, 4 Combo ports TP/SFP 10/

Power supply Internal power supply unit (110–230 V, 50-60 Hz)

Housing Robust metal housing, 19" 1HE (440 x 44,2 x 170 mm) with remo-

Standards CE conformity according to EN 55022, EN 55024, EN 60950

Environment/
Temp erat ure

MAC addresses Support of maximal 8K MAC addresses

Throughput maximal 48 Gbps on the backplane

VLAN Port based and IEEE 802.1q tag based VLAN with up to 4096 VLAN

and up to 24 active VLANs; Supports ingress and egress packet fil­ter in port based VLAN

Maximal 24 groups, max 16 member per group, supports DA, SA

Protocol (LACP)

Multicasting Supports IGMP snooping

Spanning Tree Protokoll
(STP) / Rapid STP

and DA+SA MAC based trunking with automatic failover

802.1d/1w

100/1000 Mbps

vable mounting brackets, network connectors on the front

Temperature range 0–40°C; humidity 5–90%; non-condensing

Accessories 쮿 1000Base-SX SFP module, LANCOM SFP-SX-LC1, item no.

Service 5 years

Support Via Hotline and Internet

64

61556

쮿 1000Base-LX SFP module, LANCOM SFP-LX-LC1, item no.

61557

5.2 Connector wiring

5.2.1 Ethernet interface 10/100/1000Base-TX

8-pin RJ45 sockets (ISO 8877, EN 60603-7)

LANCOM GS-1224

쮿 Chapter 5: Appendix

Connector Pin Fast

1T+BI_DA+*

2T-BI_DA-

3R+BI_DB+

4BI_DC+

5BI_DC-

6R-BI_DB-

7BI_DD+

8BI_DD-

5.3 CE-declarations of conformity

LANCOM Systems herewith declares that the devices of the type described in
this documentation are in agreement with the basic requirements and other
relevant regulations of the 1995/5/EC directive.

Ethernet

Gigabit

Ethernet

EN

The CE declarations of conformity for your device can be found on the relevant
product page on the LANCOM Web site (www.lancom.eu

).

65