Omnitron Systems Technology RuggedNet GPoE+/Mi User Manual

RuggedNet® GPoE+/Mi

4 and 8-Port PoE/PoE+ Fiber Switches

USER MANUAL

Firmware Release 2.1

Table of Contents

1.0 Overview ..........................................................................................................................5

1.1 New Features...................................................................................................................... 5

2.0 Port Structure ..................................................................................................................5

2.1 Overview ............................................................................................................................. 5

2.1.1 Serial Console Port ............................................................................................................................... 5

2.1.2 RJ-45 PoE, SFP and Fixed-Fiber Ports ................................................................................................ 6

2.1.3 Reset Button ............................................................................................................................................ 6

2.2 ConguringDIP-switches .............................................................................................. 6

2.2.1 SW1 and SW2: Mode of Operation ........................................................................................................ 7

2.2.2 SW3 and SW4: Fiber Redundancy ......................................................................................................... 9

2.2.3 SW5: MAC Learning - “MAC Learning/Off” ...........................................................................................10

2.2.4 SW6: Pause - “Pause Off/On” ...............................................................................................................10

2.2.5 SW7: L2CP - “L2CP Tunnel/Discard” .................................................................................................... 10

2.2.6 SW8: PSE Reset - “Off/PoE Reset” ...................................................................................................... 11

3.0 ApplyDCPower ............................................................................................................ 11

4.0 Connect Cables .............................................................................................................12

5.0 Verify Operation ............................................................................................................13

6.0 CommandLineInterface(CLI) .....................................................................................15

6.1 CLICommands................................................................................................................. 17

6.1.1 Authentication, Authorization and Accounting (AAA) ............................................................................. 18

6.1.2 Access Control List (ACL) ......................................................................................................................23

6.1.3 BandwidthProle(BWP) .......................................................................................................................25

6.1.4 Cable Test (CABLETEST) ..................................................................................................................... 29

6.1.5 Contact (CONTACT) .............................................................................................................................. 30

6.1.6 Class of Service (COS) ..........................................................................................................................32

6.1.7 File Directory (DIR) ................................................................................................................................ 35

6.1.8 Ethertype (ETHERTYPE) ......................................................................................................................36

6.1.9 Load Firmware (FWLOAD) .................................................................................................................... 37

6.1.10 IP (IP) .....................................................................................................................................................38

6.1.11 Link Layer Discovery Protocol (LLDP) ................................................................................................... 40

6.1.12 Physical Location (LOCATION) .............................................................................................................44

6.1.13 Link Redundancy (LR) ........................................................................................................................... 46

6.1.14 MAC Table (MACTABLE) ....................................................................................................................... 47

6.1.15 Module Settings (MODULE) .................................................................................................................. 49

6.1.16 Ping (PING) ........................................................................................................................................... 52

6.1.17 Port Attribute (PORT) ............................................................................................................................. 53

6.1.18 Port Access (PORTACCESS) ................................................................................................................ 56

6.1.19 Port Statistics (PORTSTAT) ................................................................................................................... 57

6.1.20 Protocol (PROTOCOL) .......................................................................................................................... 58

6.1.21 Power Sourcing Equipment (PSE)......................................................................................................... 59

6.1.22 Restart (RESTART) ............................................................................................................................... 62

6.1.23 Restore to Factory Defaults (RESTORE) .............................................................................................. 63

6.1.24 IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) ............................................................................ 64

6.1.25 Save (SAVE) ..........................................................................................................................................67

6.1.26 Create and Run a Script File (SCRIPT) ................................................................................................. 68

6.1.27 Firmware Update using Serial Console (SERUPDATE) ........................................................................69

Page 2

6.1.28 SFP (SFP) .............................................................................................................................................71

6.1.29 DisplaytheCommonCongurationParameters(SHOWCONFIG) ....................................................... 73

6.1.30 Simple Network Management Protocol (SNMP).................................................................................... 74

6.1.31 Simple Network Time Protocol (SNTP) ..................................................................................................75

6.1.32 Entry Screen Message Display (SPLASH) ............................................................................................ 76

6.1.33 Secure Shell (SSH) ................................................................................................................................ 77

6.1.34 DIP-SwitchConguration(SWITCH) ..................................................................................................... 79

6.1.35 VLANInterfaceConguration(SWITCHPORT) .................................................................................... 80

6.1.36 SyslogServerConguration(SYSLOG) ................................................................................................ 82

6.1.37 Time (TIME) ........................................................................................................................................... 84

6.1.38 SNMP Trap Host (TRAPHOST) .............................................................................................................85

6.1.39 SNMP Traps (TRAPS) ........................................................................................................................... 86

6.1.40 UserConguration(USER) ................................................................................................................... 88

6.1.41 Firmware Version (VER) ........................................................................................................................ 90

6.1.42 VLAN Table (VLAN) ............................................................................................................................... 91

6.1.43 Zone (ZONE) ......................................................................................................................................... 92

7.0 WebInterface ................................................................................................................93

7.1 Overview ........................................................................................................................... 93

7.1.1 Login ...................................................................................................................................................... 93

7.1.2 Status Screens ......................................................................................................................................94

7.1.2.1 Module Overview ................................................................................................................... 94

7.1.2.2 Module Information ................................................................................................................ 96

7.1.2.3 Port Statistic Overview ........................................................................................................... 97

7.1.2.4 Port Statistics Detailed ........................................................................................................... 98

7.1.2.5 SFP Port Info ....................................................................................................................... 100

7.1.3 HardwareCongurationScreens.........................................................................................................103

7.1.3.1 DIP Switch ........................................................................................................................... 103

7.1.3.2 Port / Interface Overview ..................................................................................................... 105

7.1.3.3 Port / Interface Detailed ....................................................................................................... 107

7.1.3.4 I/O Pins ................................................................................................................................ 110

7.1.4 Service Management ........................................................................................................................... 11 2

7.1.4.1 Module ................................................................................................................................. 112

7.1.4.2 IPConguration ................................................................................................................... 114

7.1.4.3 SNMP ................................................................................................................................... 11 6

7.1.4.4 Time and Date...................................................................................................................... 119

7.1.4.5 NTP / SNTP ......................................................................................................................... 120

7.1.4.6 LLDP .................................................................................................................................... 121

7.1.5 Service Activation ................................................................................................................................ 125

7.1.5.1 VLANConguration ............................................................................................................. 125

7.1.5.2 VLAN Interface ..................................................................................................................... 127

7.1.5.3 Rate Limiting & Shaping ...................................................................................................... 129

7.1.5.4 CoS / QoS ............................................................................................................................ 135

7.1.5.5 Protection ............................................................................................................................. 137

7.1.6 Security ................................................................................................................................................ 141

7.1.6.1 Authenticate, Authorize, Account (AAA) ............................................................................... 141

7.1.6.2 Access Control List (ACL) .................................................................................................... 146

7.1.6.3 Secure Shell (SSH) .............................................................................................................. 147

7.1.6.4 User ..................................................................................................................................... 149

7.1.7 Maintenance ........................................................................................................................................ 153

7.1.7.1 Firmware Upgrade ............................................................................................................... 153

7.1.7.2 Module Maintenance ............................................................................................................ 155

7.1.7.3 Browser Settings .................................................................................................................. 156

7.1.7.4 Syslog .................................................................................................................................. 158

7.1.7.5 SNMP Traps Screen ............................................................................................................ 160

7.1.7.6 Splash Screen ...................................................................................................................... 162

Page 3

8.0 Specications .............................................................................................................164

9.0 Appendix A: Firmware Update ..................................................................................165

9.1 Overview ......................................................................................................................... 165

9.2 SaveCurrentSettings ................................................................................................... 165

9.3 CopytheFilestoYourHardDrive ................................................................................ 165

9.5 UpdatetheGPoE+/Mi .................................................................................................... 165

9.5.1 Updating the Firmware Using FTP ......................................................................................................165

9.5.2 Updating the Firmware Using the Web Interface ................................................................................. 167

10.0 WarrantyandCopyright .............................................................................................170

11.0 CustomerSupportInformation .................................................................................171

Page 4

1.0 OVERVIEW

The

RuggedNet GPoE+/Mi is a industrial ruggedized and temperature-hardened

managed Ethernet switch

that features one or two 1000BASE-X Gigabit ber ports and four or eight 10/100/1000BASE-T RJ-45

Power Sourcing Power-over-Ethernet (PoE and PoE+) ports.

The GPoE+/Mi functions can be congured using easily accessible DIP-switches or using Web, Telnet,

SSH or Serial Console management interfaces.

Web, Telnet and SSH management access is available through any Ethernet port on the GPoE+/Mi.

The GPoE+/Mi is Power Sourcing Equipment (PSE) that provides up to 30W PoE+ (IEEE 802.3at) per RJ-45 port and supports frame sizes up to 10,240 bytes.

The GPoE+/Mi automatically negotiates and delivers the power level required by its Powered Device (PD) partner. When negotiating to PoE (IEEE 802.3af) it delivers up to 15.4 Watts per RJ-45 port. When negotiating to PoE+ (IEEE 802.3at) it delivers up to 30 Watts per RJ-45 port.

1.1 NEWFEATURES

Firmware release 2.1 adds SNMP v1/v2c support as well as SNMP alarm notication. New CLI commands

include snmp, traps and traphosts. New web screens were added for the conguration of SNMP parameters. NetOutlook® supports 2.1 features with IP discovery and alarm reporting.

2.0 PORTSTRUCTURE

2.1 OVERVIEW

The front of the GPoE+/Mi provides access to the management (serial console), RJ-45 PoE, SFP or FixedFiber ports. The SFP ports support 1000BASE-X SFP ber and 10/100/1000BASE-T copper transceivers.

2.1.1 Serial Console Port

To congure the GPoE+/Mi using the serial port, attach a DB-9 serial (RS-232) equipped computer with terminal emulation software such as Procomm or Putty to the serial port on the GPoE+/Mi using a RJ-45 to DB-9 serial cable (not included).

Front Panel Layout

Page 5

The port is a standard RS-232 asynchronous serial interface. The serial ports is congured for 57,600bps, 1 stop, 8 data, parity none. The serial adapter cable pin-outs are illustrated below.

Standard RJ-45 to DB-9 serial cable pin-out

2.1.2 RJ-45PoE,SFPandFixed-FiberPorts

The RJ-45 PoE Ethernet port supports 10BASE-T, 100BASE-TX and 1000BASE-T protocols, autonegotiation, auto MDI/MDI-X crossover and can be manually forced to a specic speed and duplex mode.

The SFP interfaces support SERDES 1000BASE-X ber transceivers and SGMII 10/100/1000BASE-T copper transceivers. The SFP interfaces operate in auto-negotiation and support full duplex operation.

Fixed-ber 1000BASE-X connectors are available with multimode (MM) dual ber, single-mode (SM) dual ber and single-mode single-ber (SF) options. They support ST, SC and LC connectors.

2.1.3 ResetButton

A reset button is available on the front of the switch to restore the switch to factory default values. Press and hold the reset button for more than 5 seconds to restore the switch to factory default values.

2.2 CONFIGURINGDIP-SWITCHES

DIP-switches are located on the top of the RuggedNet GPoE+/Mi. The DIP-switches are used to congure modes of operation, networking features and PoE reset. Any change in the DIP-switches will immediately take effect.

DIP-switch Bank Locations

Page 6

The table below provides a description of each DIP-switch position and function.

Switch Position Function

SW1 & SW2

SW3 & SW4

SW5

SW6

SW7

SW8

LEFT

RIGHT

LEFT

RIGHT

LEFT MAC Learning (factory default)

RIGHT OFF - MAC Learning Disabled

LEFT Pause OFF - Pause Disabled (factory default)

RIGHT ON - Pause Enabled

LEFT L2CP Tunnel (factory default)

RIGHT L2CP Tunnel Discard

LEFT OFF - PoE Reset Disabled (factory default)

RIGHT PoE Reset

Mode of Operation (See Section 2.2.1)

Fiber Redundancy (See Section 2.2.2)

DIP-switch Denitions

2.2.1 SW1andSW2:ModeofOperation

The GPoE+/Mi supports Switch, Directed Switch and Dual Device modes.

The modes are described with MAC learning enabled. When MAC learning is disabled, unicast packets

are forwarded to all ports.

SW1 SW2

LEFT LEFT Switch Mode (factory default) Switch Mode (factory default)

LEFT RIGHT Directed Switch Mode Directed Switch Mode

RIGHT LEFT Reserved Dual Device Mode - Switch Mode

RIGHT RIGHT Reserved Dual Device Mode - Directed Switch Mode

1 Fiber Port 2 Fiber Ports

Function

Modes of Operation

Switch Mode

When congured for Switch Mode (factory default), the module operates as a standard layer 2 switch. Data ow will follow MAC address mapping.

Directed Switch Mode

When an 4-Port model is congured for Directed Switch Mode, trafc from Ports P1 - P4 is only forwarded to the ber uplink port F1, preventing the broadcast trafc from ooding other network ports. Incoming trafc from F1 follows MAC address mapping.

When an 8-Port model is congured for Directed Switch Mode, trafc from Ports P1 - P8 is only forwarded to the ber uplink port F1, preventing the broadcast trafc from ooding other network ports. Incoming trafc from F1 follows MAC address mapping.

Page 7

Directed Switch Mode Single Fiber Port

Models with two ber ports follow the same RJ-45 data ow as above, with the addition of ber port F2 also being forwarded to the ber uplink port F1.

Directed Switch Mode Dual Fiber Port

Two ber ports models can be congured for Directed Switch Mode and Fiber Redundancy (per DIP-switches 3 and 4). Trafc is forwarded to both the primary (F1) and secondary (F2) ber ports. The secondary port will block all trafc while the primary port is active. When the primary port goes down, the secondary port will be active and all trafc will be forwarded out the secondary port (F2).

Directed Switch Mode with Fiber Redundancy

Page 8

Dual Device Mode

Dual Device Mode is only supported on GPoE+/Mi with two ber ports.

When congured for Dual Device Mode, the GPoE+/Mi is congured as two logically independent Layer 2 switches. On the 4-Port models, ber port F1 is associated with RJ-45 Ports P1 - P2 and ber port F2 is associated with RJ-45 Ports P3 - P4. On the 8-Port models, ber port F1 is associated with RJ-45 Ports P1

- P4 and ber port F2 is associated with RJ-45 Ports P5 - P8. Data ow will follow MAC address mapping.

Dual Device Mode

On the 4-Port models congured for Dual Device Mode and Directed Switch Mode, the trafc from Ports 1 - 2 is only forwarded to ber port F1 and Ports 3 - 4 are only forwarded to ber port F2. On the 8-Port models congured for Dual Device Mode and Directed Switch Mode, the trafc from Ports 1 - 4 is only forwarded to ber port F1 and Ports 5 - 8 are only forwarded to ber port F2. This prevents broadcast trafc from ooding other network ports. Incoming trafc from F1 and F2 follows MAC address mapping.

2.2.2 SW3andSW4:FiberRedundancy

SW3 and SW4 are valid on models with two ber ports.

The modes are described with MAC learning enabled. When MAC learning is disabled, the GPoE+/Mi

will send data to all ports.

Dual Device with Directed Switch Mode

Page 9

SW3 SW4

LEFT LEFT Reserved Switch Mode (factory default)

LEFT RIGHT Reserved Switch Mode (factory default)

RIGHT LEFT Reserved Fiber Redundancy Mode - no return to primary (F1)

RIGHT RIGHT Reserved Fiber Redundancy Mode - return to primary (F1)

1 Fiber Port 2 Fiber Ports

Function

Fiber Redundancy

Fiber redundancy is only supported on GPoE+/Mi models with two ber ports.

When congured for Fiber Redundancy Mode no return to primary, the ber ports operate as redundant links. A fault on the primary ber port F1, will cause a fail over to the secondary ber port F2 within 50msec. F1 will become the secondary port once the port has been restored because “no return to primary”

has been selected.

Redundant Fiber with Switch Mode

When congured for Fiber Redundancy Mode return to primary, a fault on the primary ber port F1, will cause a fail over to the secondary ber port F2 within 50msec. The module will return to the primary ber port F1 after the ber link has been restored for 6 seconds.

2.2.3 SW5:MACLearning-“MACLearning/Off”

When this DIP-switch is in the MAC Learning position (factory default), all ports on the module will learn the source MAC address of each received packet and store the address so packets destined for the stored addresses can be forwarded to the appropriate port on the module. When the DIP-switch is in the OFF position, learning is turned off and all received unicast packets are forwarded to all ports.

2.2.4 SW6:Pause-“PauseOff/On”

Setting the DIP-switch to the Pause Off position (factory default) congures the module to advertise no Pause capability on all ports. Pause congures the ow control functionality for the module, including pause mode advertisement and pause functionality.

Setting this DIP-switch to the ON position congures the module to advertise Symmetrical and Asymmetrical Pause capability to all ports.

2.2.5 SW7:L2CP-“L2CPTunnel/Discard”

When this DIP-switch is in the L2CP Tunnel position (factory default), all L2CP frames are tunneled through the module. When this DIP-switch is in the Discard position, all L2CP frames are discarded.

Page 10

2.2.6 SW8:PSEReset-“Off/PoEReset”

The GPoE+/Mi can be congured to disable (reset) the PoE output power for 5 seconds after a loss of receive link on any ber port. This feature is typically used to allow a PD to re-initialize after a failure on the incoming ber.

When this DIP-switch is in the OFF position (factory default), PoE output power does not reset on ber link loss. When this DIP-switch is in the PoE Reset position, the module will disable PoE output power for 5 seconds following a loss of receive link on any ber port.

When ber redundancy is enabled, the loss of ber link on either F1 or F2 will not cause the PD to be reinitialized even though the PSE Reset is enabled. The PD will be re-initialized on a loss of receive link on both ber ports.

When Dual Device Mode is enabled, the loss of ber link will re-initialize the PDs associated with the that ber port. On the 4-Port models, RJ-45 ports 1 - 2 will drop PoE power when a loss of receive link on F1 is detected and RJ-45 ports 3 - 4 will drop PoE power when a loss of receive link on F2 is detected. On the 8-Port models, RJ-45 ports 1 - 4 will drop PoE power when a loss of receive link on F1 is detected and RJ-45 ports 5 - 8 will drop PoE power when a loss of receive link on F2 is detected.

The PoE Reset function is also available through the web management. See Section 7.1.3.2 Port / Interface

Overview.

3.0 APPLYDCPOWER

Power source should be available within 5 ft. of the chassis. The over current protection for connection

with centralized DC shall be provided in the building installation, and shall be a UL listed circuit breaker rated 20 Amps, and installed per the National Electrical Code, ANSI/NFPA-70.

For PoE, the 4-Port model requires 46 to 57VDC @ 2.72 Amp max rated power and the 8-Port model requires 46 to 57VDC @ 5.2 Amp max rated power. For PoE+, this equipment requires 52 to 57VDC. Appropriate overloading protection should be provided on the DC power source outlets utilized.

WARNING: OnlyaDC power source that complies with safety extra low voltage (SELV) requirements can be connected to the DC-inputpower supply.

WARNING REGARDING EARTHING GROUND:

This equipment shall be connected to the DC supply system earthing electrode conductor or to a bonding jumper from an earthing terminal bar or bus to which the DC supply system earthing electrode isconnected.

This equipment shall be located in the same immediate

area (such as adjacent cabinets) as any other equipment that has a connection between the earthed conductor of the same DC supply circuit and the earthing conductor, and also the point of earthing of the DC system. The DC system shall not be earthed elsewhere.

The DC supply source is to be located within the same

premises as this equipment. There shall be no switching or disconnecting devices in

the earthed circuit conductor between the DC source and the earthing electrode conductor.

Locate the DC circuit breaker of the external power source, and switch the circuit breaker to the OFF position.

Prepare a power cable using a three conductor insulated wire (not supplied) with a 14 AWG gauge minimum.

Cut the power cable to the length required.

Page 11

Strip approximately 3/8 of an inch of insulation from the power cable wires.

Connect the power cables to the GPoE+/Mi by fastening the stripped ends to the DC power connector.

WARNING: Note the wire colors used in making the positive, negative and ground connections. Use the same color assignment for the connection at the circuit breaker.

Connect the power wires to the circuit breaker and switch the circuit breaker ON. If any units are installed, their Power LED should indicate the presence of power.

Installation of the equipment should be such that the air ow in the front, back, side and top vents of the

chassis are not compromised or restricted.

Depending on the model number of the module, a second power source is available (as shown). Use the same power supply installation procedure for the second power supply.

Rear View with DC Power Connector

WARNING!!!

NEVER ATTEMPT TO OPEN THE CHASSIS OR

SERVICE THE POWER SUPPLY. OPENING THE

CHASSIS MAY CAUSE SERIOUS INJURYOR DEATH.

THERE ARE NO USER REPLACEABLE OR

SERVICEABLE PARTS IN THIS UNIT.

4.0 CONNECTCABLES

a. When using SFP models, insert the SFP ber transceiver into the SFP receptacle on the front of the

module (see the SFP Data Sheet 091-17000-001 for supported Gigabit transceivers).

NOTE: The release latch of the SFP ber transceiver must be in the closed (up) position before

insertion.

b. Connect an appropriate multimode or single-mode ber cable to the ber port on the front of the module.

It is important to ensure that the transmit (TX) is attached to the receive side of the transceiver at the other end and the receive (RX) is attached to the transmit side. When using single-ber (SF) models,

the TX wavelength must match the RX wavelength at the other end and the RX wavelength must match the TX wavelength at the other end.

c. Connect the Ethernet 10/100/1000 RJ-45 port using a Category 5 or better cable to an external 10BASE-T,

100BASE-TX or 1000BASE-T Ethernet device.

RJ-45 Pinout Alternative A

1 Vport Positive

2 Vport Positive

3 Vport Negative

6 Vport Negative

Voltage Polarity of Alternative A PoE Power

Page 12

d. An alarm relay is available to detect a user congured event. The three contacts closure pins can be

congured for normally open (pin 1 and 2) or normally closed (pin 3 and 2) operation. The relay contacts support 110VDC/125VAC Maximum Voltage at a maximum current of up to 2 amps. Use the supplied connector to attach the wire to the external alarm. Use 16 - 24 AWG wire.

e. An alarm input is available for detecting external events such as door open or closed (pin 4 and 5).

The alarm input provides 3.3VDC to detect an external open or shorted condition. Use the supplied connector to attach the wire to the external alarm. Use 16 - 24 AWG wire.

5.0 VERIFYOPERATION

Verify the GPoE+/Mi is operational by viewing the LED indicators.

Power

LEDIndicators

Legend Indicator Description

OFF Unit not powered

Pwr

Legend Indicator Description

1000

Green - ON Unit powered

Green - Blinking at 1Hz

Indicates reset button has been pressed for more than 5 seconds and the module is being restored to factory default values

Power LED Indicators

Fiber Ports

LEDIndicators-FixedFiberModels

OFF No link

Green - ON Port linked at 1000Mbps

Green - Blinking at 10Hz Port data activity at 1000Mbps

Green - Blinking at 1Hz Port linked at 1000Mbps and in redundant standby mode

Amber - Blinking at 1Hz Port linked at 1000Mbps and receiving Auto Negotiation Remote Fault

Fiber LED Indicators - Fixed Fiber Models

Fiber Ports

LEDIndicators-SFPModels

Legend Indicator Description

OFF No link

Green - ON Port linked at 100Mbps

100

1000

Green - Blinking at 10Hz Port data activity at 100Mbps

Green - Blinking at 1Hz Port linked at 100Mbps and in redundant standby mode

Amber - Blinking at 1Hz Port linked at 100Mbps and receiving Far End Fault Indicator

OFF No link

Green - ON Port linked at 1000Mbps

Green - Blinking at 10Hz Port data activity at 1000Mbps

Green - Blinking at 1Hz Port linked at 1000Mbps and in redundant standby mode

Amber - Blinking at 1Hz Port linked at 1000Mbps and receiving Auto Negotiation Remote Fault

Fiber LED Indicator

NOTE: 10M and 100M operation is only supported using copper SFP transceivers. When negotiated to 10M, both the

100 and 1000 LEDs will be ON (blinking).

Page 13

RJ-45Ports

LEDIndicators

Legend Indicator Description

OFF No link

Green - ON Port linked at 100Mbps

100

1000

(100+1000)

PoE/PSE

Green - Blinking at 10Hz Port data activity at 100Mbps

Amber -ON Port linked at 100Mbps Half-duplex

Amber - Blinking at 10Hz Port data activity at 100Mbps Half-duplex

OFF No link

Green - ON Port linked at 1000Mbps

Green - Blinking at 10Hz Port data activity at 1000Mbps

Amber -ON Port linked at 1000Mbps Half-duplex

Amber - Blinking at 10Hz Port data activity at 1000Mbps Half-duplex

OFF No link

Green - ON Port linked at 10Mbps

Green - Blinking at 10Hz Port data activity at 10Mbps

Amber -ON Port linked at 10Mbps Half-duplex

Amber - Blinking at 10Hz Port data activity at 10Mbps Half-duplex

Green - ON Port PSE is active

Amber - ON Port PSE error/inactive

Amber - Blinking at 1Hz

Amber - Blinking at 10Hz Port PSE inactive due to resistance too high (33k to 500k W)

OFF Port PSE inactive

Port PSE inactive due to resistance too low (< 15k W) or short circuit detected

RJ-45 LED Indicators

NOTE: The PSE LED may turn Amber (ON) when a non-PD device is connected to the port.

Page 14

6.0 COMMANDLINEINTERFACE(CLI)

To access the Command Line Interface, connect to the serial console port on the front of the module per

Section 2.2.

Each module is congured with the following defaults:

IP 1 Address 192.168.1.220 IP 1 Subnet Mask 255.255.255.0 IP 1 Gateway 192.168.1.1

Protocols

IP enabled TELNET enabled

FTP disabled

DHCP Client disabled

Flow Control disabled

Passwords

Serial public (username: admin) FTP public (username: admin) Telnet public (username: admin)

SNMPv1/v2c

Read public

Write private

SNMPv1/v2c agent enabled

User 1 type admin User 1 name admin User 1 password public

General SNMP Parameters

SNMP trap type SNMPv2c SNMP UDP Trap Port Number 162

The GPoE+/Mi supports a common password per user account for the Serial port, Telnet, FTP and SSH. The password is congured using the user command. Passwords for SNMPv1 are congured using the

snmp command.

It is highly recommended that the passwords be changed in order to prevent unauthorized access to the

module.

Page 15

Once accessed, the Password Entry screen will be displayed. Type the username and password. Press

<ENTER>.

-----------------------------------------------------------------------------

Omnitron Systems Technology Technical Support: (949) 250-6510 38 Tesla Sales/Products: (800) 675-8410 Irvine, CA 92618 On the web at: www.omnitron-systems.com

-----------------------------------------------------------------------------

IP address 192.168.1.220 MAC 00-06-87-02-87-50 Serial number 00720087

GPoE+/Mi login:

The 4-Port GPoE+/Mi is used to show all menu examples in the following sections.

Page 16

6.1 CLICOMMANDS

The commands are presented in alphabetical order and are not meant as a conguration guide. Each command has an explanation and conguration example.

Enter ? or help to view the options.

CLI Command summary

For more help on a specic command, type the <command> -h

Command Description ? command summary (same as help command)

aaa authentication, authorization, accounting conguration acl access control list conguration for management access bwp bandwidth prole conguration cabletest cable test for a copper port

contact contact closure status

cos class of service conguration dir directory of the existing les ethertype ethertype tag identication conguration exit exit the CLI session fwload rmware load conguration

h command summary (same as help command) help command summary

ip internet protocol conguration lldp link layer discovery protocol (LLDP) conguration location location conguration lr link redundancy conguration

mactable mac table status

module module global conguration ping ping conguration port port attribute conguration portaccess port access conguration portstat port statistic conguration protocol protocol conguration pse power source equipment (PSE) conguration

restart restart module

restore restore module defaults rstp rapid spanning tree conguration save save conguration changes into permanent memory script create and execute script les serupdate upload rmware update via the serial port sfp small form pluggable port information showcong show basic conguration information status snmp simple network management protocol user conguration sntp simple network time protocol conguration splash splash screen warning message conguration ssh secure shell conguration switch physical switch conguration switchport vlan interface conguration syslog system log message conguration traphost snmp trap host conguration traps snmp trap conguration time time of day conguration user user conguration

ver version status

vlan vlan conguration x exit the CLI session

zone time zone list

Page 17

Keyboard shortcuts are displayed with the menu of module commands.

CLI keyboard shortcuts:

Ctrl+A move the cursor to the beginning of the line

Ctrl+B move the cursor backward one character Ctrl+D delete the character at the cursor

Ctrl+E move the cursor to the end of the line Ctrl+F move the cursor forward one character Ctrl+K erase characters from the cursor to the end of the line

Ctrl+L redisplay the current line on the console

Ctrl+N or down arrow, display the next command in the commands history buffer Ctrl+P or up arrow, display the previous command in the commands history buffer

Ctrl+R starts a new line with the same command previously shown Ctrl+U delete the whole line

Ctrl+W delete the word to the left of the cursor Ctrl+X erase character from the cursor to the beginning of the line Esc+F move the cursor forward one word, skipping white space

Esc+B move the cursor backward one word, skipping white space

Backspace remove the character to the left of the cursor Delete remove the character to the right of the cursor

6.1.1 Authentication,AuthorizationandAccounting(AAA)

The module supports Authentication, Authorization and Accounting (AAA), Remote Authentication Dial-In User Service (RADIUS), Terminal Access Controller Access-Control System Plus (TACACS+) and Port Based Network Access Control (802.1X).

AAA is a framework for controlling access to computer resources, enforcing policies, auditing usage and providing the information necessary to bill for services. AAA congures the client type method for console,

FTP, SSH, Telnet interfaces and the authentication method TACACS+, RADIUS, local, or none.

Remote Authentication Dial-In User Service (RADIUS) is a client/server system that secures networks against unauthorized access. When a user tries to access a specic module, the RADIUS server is contacted

for validation of a correct user name and password.

The user receives one of the following responses from the RADIUS server:

ACCEPT - The user is authenticated.

REJECT - The user is not authenticated and is prompted to reenter the username and password, or

access is denied.

CHALLENGE - A challenge is issued by the RADIUS server and is attempting to collect additional

information from the user including username and password.

CHANGE PASSWORD - A request is issued by the RADIUS server asking the user to select a new

password.

RADIUS is a stateless protocol using UDP, running on Port 1812 between the Client and the Server. A shared secret key is used to encrypt passwords and exchange responses between the client and the server.

Terminal Access Controller Access-Control System Plus (TACACS+) is a connection oriented Authentication, Authorization, and Accounting (AAA) protocol. TACACS+ is used to authenticate, authorize, and for

accounting of TCP connections.

Page 18

TACACS+ implements the following functions:

Authentication is the action of determining the identication of the user (or entity). It also provides

complete control of the authentication process through login and password dialog, challenge and response, and messaging support.

Authorization is the action of determining what a user is allowed to do and provides ne-grained control

over user capabilities for the duration of the user’s session.

Accounting is the action of recording what a user is doing, and/or has done and collects and sends

information used for billing, auditing, and reporting to the TACACS+ daemon.

When a user attempts to log in to a device the control passes to the TACACS+ server which provides the challenge and the user provides the response. This is typically user name, password, and other challenge questions. The information passed between the module and the TACACS+ server is encrypted based upon the TACACS+ protocol specication,

The module will eventually receive one of the following responses from the TACACS+ server during the authentication phase:

ACCEPT - The user is authenticated and service may begin. If the module is congured to require

authorization, authorization begins.

REJECT - The user has failed to authenticate. The user may be denied further access, or will be prompted

to retry the login sequence depending upon how the TACACS+ server is congured.

ERROR - An error occurred at some time during the authentication. If an ERROR response is received,

the module will typically try to use an alternative method for authenticating the user.

CONTINUE - The user is prompted for additional authentication information.

Once the Authentication phase is complete, the Authorization phase begins (if congured on the module). The module again contacts the TACACS+ server and it returns an ACCEPT or RETURN authorization response. If an ACCEPT response is returned, the response contains attributes that are used to direct the

services that the user can access.

Port Based Network Access Control is dened in IEEE 802.1X. It uses EAPoL (Ethernet Authentication Protocol over LAN) to communicate between the Supplicant (Client), Authenticator (XM5) and

Authentication Server.

The Supplicant, or Client, is connected to a port that needs to be authenticated via the EAP Server. EAP

Start Frames are sent from the Supplicant to the Authenticator.

The Authenticator, or switch, requests information from the Supplicant and strips the EAP information

from the EAP Ethernet frame and places that information into a RADIUS frame and transmits the frames towards the EAP RADIUS server. The Authenticator also passes information from the EAP Server to

the Supplicant in the reverse process.

The EAP Server receives the EAP requests and proceeds with the Challenge-Response sequence and

nally allows or denies access to the port.

Page 19

The aaa command provides the ability to congure AAA, RADIUS, TACACS+ and 802.1X parameters. To congure AAA, use the aaa option from the CLI prompt. A list of options is displayed when the aaa -h

command is entered.

> aaa -h

Description:

aaa - authentication, authorization, accounting conguration Syntax:

aaa [-h] aaa -s

aaa {-dis|-ena} {aaa|guestvlan|radius|tacacs+|802.1x}

aaa -ty tacacs+ [-host ipHostList] [-key aKey] [-l4 a1,a3] [-to toVal] aaa -ty radius [-host ipHostList] [-key aKey] [-l4 a1,a3] [-tran rNum] [-to toVal]

aaa -ty 802.1x -p pNum [-ptype pMode] [-auth aTime] [-retry rTime] [-vid gVid] [-dis|-ena guestvlan] [-xmode xModeSel]

aaa -meth authList Switches:

-auth 802.1X reauthorize time in sec, [aTime]: {0..65535}, dt 3600 a value of zero indicates that reauthorization is not required

-dis disable function: {aaa|guestvlan|radius|tacacs+|802.1x}

-ena enable function: {aaa|guestvlan|radius|tacacs+|802.1x} [aaa] authentication, authorization, accounting, dt disabled [guestvlan] 802.1X guest vlan authentication, dt disabled [radius] radius protocol, dt disabled [tacacs+] TACACS+ protocol, dt disabled [802.1x] port based access control (802.1X), dt disabled

-h display help information

-host server ip host list, [ipHostList]: {host1,..,hostn}

-key server key, [aKey], dt not dened

-l4 layer 4 port number list, [a1,a3] [a1] authentication/authorization port number: {1..65535} [a3] accounting port number: {1..65535}

-meth authentication method, [authList]: {local,none,tacacs+,radius}

-p physical port list, [pList]: {1..n|all}

-ptype port authentication mode, [pMode]: {auto|mac|on|off}, dt on

[auto] standard 802.1X authentication on a port [mac] 802.1X MAC bypass authentication on a port [on] port is always authorized, 802.1X disabled

[off] port is always unauthorized

-retry 802.1X EAP retry time in sec, [rTime]: {1..60}, dt 30

-s show current conguration

-to server timeout before error declared in sec, [toVal]: {1..60}, dt 60

-tran RADIUS server request retry count, [rNum]: {0..10}, dt 2

-ty conguration type: {radius|tacacs+|802.1x}

-vid guest VLAN ID assignment, [gVid]: {1..4095}

-xmode 802.1X mode, [xModeSel]: {discard|peer|tunnel} [discard] 802.1X is disabled, 802.1X frames are discarded

[peer] 802.1X is enabled and protocol is operating

[tunnel] 802.1X is disabled, 802.1X frames are tunneled

The options available using the aaa command are shown below.

The -auth switch congures the 802.1X reauthorization timer. A zero value disables the timer.

The -dis switch disables one of the following functions:

aaa disables authentication, authorization, and accounting, default is disabled.

guestvlan disables guest VLAN access, default is disabled.

Page 20

radius disables RADIUS (RFC 2865, RFC 2866), default is disabled.

tacacs+ disables TACACS+, default is disabled.

802.1x disables port based access control (IEEE 802.1X), default is disabled

The -ena switch enables one of the following functions:

aaa enables authentication, authorization, and accounting.

guestvlan enables guest VLAN access

radius enables RADIUS (RFC 2865, RFC 2866).

tacacs+ enables TACACS+.

802.1x enables port based access control (IEEE 802.1X).

The -h switch displays the help screen presented above. It is static and provides help information for the

specic command.

The -host switch congures the IP address of the host. The -ty command species the type of host.

The -key switch congures the secret key used to encrypt and decrypt AAA PDU information between the host and the server.

The -l4 switch congures the TCP or UDP port numbers for the AAA protocol in the following order:

authenticate port (a1), authorization port (a2), accounting port (a3).

The -meth switch selects the authentication method (local, tacacs+, radius or none).

The -p switch selects the port on the module that is associated with the AAA protocol. The default is all ports.

The -ptype switch selects the port authentication mode:

auto congures 802.1X authentication on the port.

mac congures 802.1X MAC bypass authentication on the port.

on congures a port to be authorized, disabling 802.1X EAP.

off congures a port to be unauthorized, blocking the port permanently and disabling 802.1X

EAP.

The -retry switch congures the 802.1X retry time (1 to 60 seconds) for new EAP request identify PDU. The default time value is 30 seconds.

The -s switch displays current AAA settings.

The -to switch congures the AAA server wait timeout value in seconds. When the value expires, the server will declare an ERROR. A value of 0 disables the timer. The default value is 60 seconds.

The -tran switch congures the number of times the module transmits a server request before an ERROR is declared. The default is 2.

The -ty switch congures the AAA protocol type, RADIUS, TACACS+ or 802.1x.

The -vid switch congures the guest VLAN ID.

The -xmode switch congures how the 802.1x frames are handled.

discard when 802.1X is disabled, 802.1X frames are discarded.

peer when 802.1X is enabled and protocol is operating.

tunnel when 802.1X is disabled, 802.1X frames are tunneled.

Page 21

To display the conguration, use the aaa -s command.

> aaa -s

AAA disabled

authentication method local

TACACS+ disabled server(s) authentication Port 49 accounting Port 49 key timeout (sec) 60s

RADIUS disabled server(s) authentication Port 1812 accounting Port 1813 key timeout (sec) 60s

number of retries 2

802.1X disabled (guest VLAN disabled) port F1 tunnel, on port F2 tunnel, on port 1 tunnel, on port 2 tunnel, on port 3 tunnel, on port 4 tunnel, on

To congure the IP address of the RADIUS server, use the following command.

> aaa -host 192.168.1.1 -ty radius

To enable RADIUS, use the aaa -ena radius command.

> aaa -ena radius

Page 22

6.1.2 AccessControlList(ACL)

The acl command provides basic trafc ltering capabilities with Access Control Lists (ACL). Access Control Lists can prevent certain trafc from entering or exiting the management port. ACLs can be congured for ARP, ICMP, IP, TCP and UDP protocols. These protocols can be congured to be permitted or denied access. Two hundred individual ACLs can be congured at one time.

The acl command provides the ability to congure ACL trafc ltering. To congure ACL, use the acl option from the CLI prompt. A list of options is displayed when the acl -h command is entered.

> acl -h

Description:

acl - access control list conguration for management access Syntax:

acl [-h] acl -s acl {-dis|-ena}

acl {-d idx|-dall} acl -dt {deny|permit}

acl -a -ipsrc ipAddr[/plen|,ipAddrEnd] [-proto {arp|icmp|ip|tcp|udp}] [-ty {deny|permit}] [-dst port]

acl -ins idx -ipsrc ipAddr[/plen|,ipAddrEnd] [-proto {arp|icmp|ip|tcp|udp}]

[-ty {deny|permit}] [-dst port]

acl -m idx [-ipsrc ipAddr[/plen|,ipAddrEnd]] [-proto {arp|icmp|ip|tcp|udp}]

[-ty {deny|permit}] [-dst port] Switches:

-a add ACL

-d delete ACL, [idx]: {1..200}

-dall delete all ACLs

-dt default for items not found in ACL list: {deny|permit}, dt permit

-dis disable ACL processing, dt

-dst TCP/UDP destination port, [port]: {-1..65535}

-ena enable ACL processing

-h display help information

-ins insert before ACL, [idx]: {1..199}

-ipsrc source IP address, [ipAddr[/plen|,ipAddrEnd]] [ipAddr] IP address (individual or starting address)

[ipAddrEnd] ending IP address if present (all protocols but arp) [plen] routing prex (subnet mask) length: {1..30}

-m modify ACL, [idx]: {1..200}

-proto protocol: {arp|icmp|ip|tcp|udp}, dt ip

-s show current conguration

-ty ACL access type: {deny|permit}

The options available using the acl command are shown below.

The -a switch adds a new ACL lter.

The -d switch deletes an existing ACL lter by index number.

The -dall switch deletes all congured ACL lters.

The -dt switch selects a default behavior for items not found in the ACL list. The default is permit.

The -dis switch disables ACL processing.

The -dst switch selects a TCP or UDP destination port number for an ACL lter. A value of -1 does not

select a specic TCP or UDP port.

Page 23

The -ena switch enables ACL processing. If the ACL table is empty, the default behavior (-dt) is applied to all Ethernet frames that enter the module.

The -h switch displays the help screen presented above. It is static and provides help information for the

specic command.

The -ins switch inserts before ACL.

The -ipsrc switch selects the IP source address for an ACL lter. The source IP address for ARP is the

Send IP Address.

The -m switch modies an existing ACL lter.

The -proto switch selects the protocol:

arp selects the ARP protocol.

icmp selects the ICMP protocol.

ip selects the IP protocol.

tcp selects the TCP protocol.

udp selects the UDP protocol.

The -s switch displays the congured ACL lters.

The -ty switch selects the ACL access type; permit or deny.

NOTES:

When an ACL type (-ty) is congured as deny with a protocol (-proto) of IP and the IP range (-ipsrc) is specied, the ACL is added to the list but is not properly applied. Example:

> acl -a -proto ip -ipsrc 10.10.16.10,10.10.16.120 -ty deny

Changing the protocol to TCP or adding the IP addresses individually will properly add the ACL to the list. If an error is returned when attempting to delete the ACL, disable ACL processing, delete the ACL and re-enable ACL processing. This will remove the ACL from the list.

It is recommended that ACL policies be added prior to enabling ACLs to avoid the possible loss of connectivity to the module while accessing the module using the Ethernet interface.

To display the conguration, use the acl -s command.

> acl -s

ACL processing is Disabled

Default ACL behavior is ‘permit’

Page 24

To allow access to a device, the module must be congured to allow (permit) ARP and IP. Since ICMP is part of the IP protocol, it must be explicitly excluded. ACL lters are processed in the order displayed.

> acl -dall > acl -a -ipsrc 172.16.9.1,172.16.9.5 -proto icmp -ty deny > acl -a -ipsrc 172.16.9.1,172.16.9.5 -proto ip -ty permit > acl -a -ipsrc 172.16.9.5 -proto arp -ty permit > acl -ena

> acl -s

ACL processing is Enabled

Default ACL behavior is ‘permit’

# ACL Details 1 172.16.9.1..172.16.9.5 ICMP via mgt1: deny 2 172.16.9.1..172.16.9.5 IP via mgt1: permit 3 172.16.9.5 ARP via mgt1: permit

6.1.3 BandwidthProle(BWP)

The bwp command provides the ability to congure and display bandwidth proles (also known as rate- limiting and shaping) associated with each port. Bandwidth proles control the amount of bandwidth

allowed to each port.

Bandwidth proles species the average rate of committed and excess Ethernet frames allowed into the provider’s network. Bandwidth proles consist of the following parameters:

Committed Information Rate (CIR)

CIR species the maximum rate Ethernet frames are delivered per service performance objectives. These frames are referred to as being in-prole (green).

Committed Burst Size (CBS)

CBS is the maximum number of bytes allowed for incoming Ethernet frames maintaining in-prole. The value of CBS will depend on the type of application or trafc being supported. Bursty data applications

will require a larger CBS than more constant rate applications.

Egress Committed Information Rate (ECIR)

ECIR species the average rate Ethernet frames egress the port. When conguring ECIR, an egress queue type can be specied (starvation queuing - strict/low latency, weighted fair queuing - high latency or mixed). Starvation queuing processes all high priority trafc before any low priority trafc and uses a strict priority scheme. Weighted fair queuing will process high priority trafc more often than low priority trafc. The default weighted fair queuing mix is 33 (high priority), 25, 17, 12, 6, 3, 2, 1 (low priority).

Page 25

To congure bandwidth proles, use the bwp option from the CLI prompt. A list of options is displayed

when the bwp -h command is entered.

> bwp -h

Description:

bwp - bandwidth prole conguration Syntax:

bwp [-h] bwp -s [-p pNum] bwp -dall bwp -d -p pNum [-cn cName] bwp -p pNum [-que qType] [-ecir cirRate[,eQueue]] [-epol pType] bwp -p pNum [-cir cirRate] [-cbs cbsSize] [-pol poltype] [-cn cName]

bwp -fwmix qVal

Switches:

-cbs committed burst size in KB, [cbsSize]: {2..256}, dt 15

-cir committed ingress information rate in kb/sec, [cirRate]: {64..1000000}, dt 1000000

-cn class of service name, [cName]: 1-45 ASCII characters

-d delete a specic congured prole or restore dt port conguration

-dall delete all the congured ingress and egress bandwidth proles

-ecir committed egress information rate, [cirRate[,eQueue]] [cirRate] in kb/sec: {64..1000000}, dt 1000000 [eQueue]: {0..7}, dt blank - port based

-epol egress policing type, [pType]: {l1,l2,l3}, dt l2

-fwmix port queue global fairweight mixture, [qVal]: {q7,q6,q5,q4,q3,q2,q1,q0} where ‘x’ is a specic queue and qx is a value from 0..100 for the specic queue and the sum of all queues is 128 max

-h display help information

-p port number, [pNum]: {F1|F2|1...4}

-pol policing count type, [polType]: {l1,l2,l3}, dt is l2

-que type of egress queue, [qType]: {fairweight|starving|qlist} where qlist is {q7,q6,q5,q4,q3,q2,q1,q0}, where qx is ‘sp’ or ‘fw’ ‘sp’ indicates strict priority, but ‘sp’ can only be selected from

queue 7 sequentially to a lower queue number

‘fw’ indicates fairweight

-s show current conguration

NOTE: Port number selection will vary depending on the model.

The options available using the bwp command are shown below.

The -cbs switch sets the Committed Burst Size (maximum number of bytes allowed) of the ingress frames.

The -cir switch sets the Committed Information Rate of the ingress frames.

The -cn switch denes the name of the Class of Service prole.

The -d switch deletes the bandwidth prole.

The -dall switch deletes all congured bandwidth proles.

The -ecir switch denes the Committed Information Rate of the egress frames.

The -epol switch congures the egress policing type used. The options are L1 or L2. The default is L2.

The -fxmix switch denes the global fairweight mix for queues 7 - 0 and is used when -que fairweight fw or

-que qlist fw is selected. All eight egress queue must be dened by the command q7,q6,q5,q4,q3,q2,q1,q0 where qx indicates the weight for the specic queue (0-100 are valid entries. The sum of all weighed values is 128 or less). The queues are separated by a comma (,).

Page 26

The -h switch displays the help screen presented above. It is static and provides help information for the specic command.

The -p switch denes the port associated with the bandwidth prole.

The -pol switch denes the policing count as layer 1 (frame + interframe gap + preamble), layer 2 or layer

3 frame types on a per port basis.

The -que switch denes the type of egress queueing used (fairweight, starving or individually congured).

starving All queues are set up to starving (strict) priority

fairweight All queues are setup for weighted fair queuing using the fwmix setting.

qlist Each of the eight queues are set up individually: q7,q6,q5,q4, q3, q2, q1,q0 where qx

can be one of two values (sp or fw):

sp Queue is set to strict priority. The listing of strict priority queues starts at highest priority

queue (queue 7) and can only be selected from the highest queue sequentially without mixtures of weighted values between strict priority queues.

fw Queue is set to fairweight priority.

The following are some legal combinations:

fw,fw,fw,fw,fw,fw,fw,fw (default fairweight);

sp,sp,sp,sp,sp,sp,sp,sp (default starving);

sp,sp,fw,fw,fw,fw,fw,fw,

sp,sp,sp,sp,fw,fw,fw,fw

The following are not a legal combinations:

sp,fw,fw,sp,fw,fw,fw,fw;

fw,sp,sp,sp,sp,sp,sp,

sp,fw,fw,fw,fw,fw,fw,sp

The actual weight for a queue type of fw is from the respective queue weight from the

fwmix setting.

The -s switch displays the current bandwidth proles.

Page 27

To display the conguration, use the bwp -s command.

> bwp -s

Fairweight mix = 33,25,17,12,6,3,2,1

Port F1: ingress cir 1000000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

Port F2: ingress cir 1000000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

Port 1: ingress cir 1000000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

Port 2: ingress cir 1000000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

Port 3: ingress cir 1000000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

Port 4: ingress cir 1000000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

To congure a bandwidth prole on Port 1 for 500Mbps, use the following command.

> bwp -p 1 -cir 500000 > bwp -s -p 1

Fairweight mix = 33,25,17,12,6,3,2,1

Port 1: ingress cir 500000kbps, cbs 15 kB, L2 policing

egress cir 1000000kbps, L2 policing, queue type fairweight egress queue rate (kbps) q7/q6/q5/q4/q3/q2/q1/q0 =

1000000/1000000/1000000/1000000/1000000/1000000/1000000/1000000

PCP classication over IP

Page 28

6.1.4 CableTest(CABLETEST)

The cabletest command initiates a cable test on xed RJ-45 copper ports. The test checks for breaks in the cable and reports how far from the source the cable break is detected. The cable test will interrupt service

on the selected port.

To initiate a cable test, use the cabletest command from the CLI prompt. A list of options is displayed

when the cabletest -h command is entered.

> cabletest -h

Description:

cabletest - cable test for a copper port Syntax:

cabletest [-h] cabletest -p pNum Switches:

-h display help information

-p port number, [pNum]: {1..n}

The options available using the cabletest command are shown below.

The -h switch displays the help screen presented above. It is static and provides help information for the

specic command.

The -p switch selects initiating port for the cable test.

NOTE: Cable Test is not supported on Port F1 or F2.

In this example, a cable test is initiated on Port 2.

> cabletest -p 2

Testing Port number 2: no cable break detected

In this example, a cable test is initiate on Port 1 showing a break in the cable.

> cabletest -p 1

Testing Port number 1: cable failure detected at 1m from source

Page 29

6.1.5 Contact(CONTACT)

The contact command provides the ability to display the status of the contact closure and alarm input. It also provides the ability to assign a failure type and name to the contact closure.

To congure and display the contact closure, use the contact command from the CLI prompt. A list of options is displayed when the contact -h command is entered.

> contact -h

Description: contact - contact closure status

Syntax:

contact [-h]

contact -mode {none|force|input,power,temp}

contact [-nmc cName] [-nmi cName] [nmo cName] contact -s Switches:

-h display help information

-mode contact closure alarm output mode: {force,input,none,power,temp} [force] output contact is activated

[input] output contact is activated when digital input is open

[none] output contact is never activated, dt

[power] output contact activated when internal power alarm is detected [temp] output contact activated when temperature violation is detected

-nmc selects the name of the normally closed relay, dt “”

-nmi selects the name of the digital input sense, dt “”

-nmo selects the name of the normally open relay, dt “”

-s show current status

The options available using the contact command are shown below.

The -h switch displays the help screen presented above. It is static and provides help information for the

specic command.

The -mode switch selects the type of error that will cause the output relay to close; force, input, none, power, temp. Multiple selections can be entered.

forced Manually close the relay.

none Function is disabled.

input An error condition is declared when the alarm input is detected as closed.

power An error condition is declared when the internal power is greater or less than 5% of nominal

input voltage.

temp An error condition is declared when a temperature violation is detected.

The -nmc switch congures the name of the normally closed relay contacts.

The -nmi switch congures the name for the alarm input.

The -nmo switch congures the name for the normally opened relay contacts.

The -s switch displays the input status (open or closed) and contact closure status (not activated, activated).

Activated indicates a normally open contact has closed or a normally closed contact has opened. Not activated indicates a normally open contact is open or a normally closed contact is closed.

Page 30

+ 141 hidden pages

Omnitron Systems Technology RuggedNet GPoE+/Mi User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual