Page 1
FGSW-2620VM
24-Port 10/100Mbps + 2 Gigabit TP/SFP
Layer 2 Managed Switch
FGSW-2620PVM
User’s Manual of FGSW-2620VM
User’s Manual
24-Port 10/100Mbps + 2 Gigabit TP/SFP
Managed PoE Switch
FGSW-2612PVM
24-Port 10/100Mbps + 2 Gigabit TP/SFP
With 12-Port PoE Managed Switch
FGSW-2624SF
24 100Base-FX SFP Slots + 2 Gigabit TP/SFP
Managed Ethernet Switch
Page 2
User’s Manual of FGSW-Series
Trademarks
Copyright © PLANET Technology Corp. 2009.
Contents subject to which revision without prior notice.
PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners.
Disclaimer
PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes
no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or
fitness for a particular purpose.
PLANET has made every effort to ensure that this User's Manual is accurate; PLANET disclaims liability for any
inaccuracies or omissions that may have occurred.
Information in this User's Manual is subject to change without notice and does not represent a commitment on the part of
PLANET. PLANET assumes no responsibility for any inaccuracies that may be contained in this User's Manual. PLANET
makes no commitment to update or keep current the information in this User's Manual, and reserves the right to make
improvements to this User's Manual and/or to the products described in this User's Manual, at any time without notice.
If you find information in this manual that is incorrect, misleading, or incomplete, we would appreciate your comments and
suggestions.
FCC Warning
This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the
FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is
operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not
installed and used in accordance with the Instruction manual, may cause harmful interference to radio communications.
Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be
required to correct the interference at whose own expense.
CE Mark Warning
This is a Class A product. In a domestic environment, this product may cause radio interference, in which case the user
may be required to take adequate measures.
WEEE Warning
To avoid the potential effects on the environment and human health as a result of the presence of
hazardous substances in electrical and electronic equipment, end users of electrical and electronic
equipment should understand the meaning of the crossed-out wheeled bin symbol. Do not dispose of
WEEE as unsorted municipal waste and have to collect such WEEE separately.
Revision
PLANET 24-Port 10/100Mbps + 2 Gigabit TP/SFP Managed Switch User’s manual
FOR MODELS: FGSW-2620VM(v2) / FGSW-2620PVM / FGSW-2612PVM / FGSW-2624SF(v3)
REVISION: 2.2 (JUL.2009)
Part No.: EM-FGSW-2620VM_2620PVM_2612PVM_2624SF_v2.2 (2080-A92350-004)
2
Page 3
User’s Manual of FGSW-Series
TABLE OF CONTENTS
1. INTRODUCTION ........................................................................................................12
1.1 Package Contents............................................................................................................................... 12
1.2 Product Description............................................................................................................................ 13
1.3 How to Use This Manual..................................................................................................................... 13
1.4 Product Features................................................................................................................................. 15
1.5 Product Specification ......................................................................................................................... 17
2. INSTALLATION..........................................................................................................20
2.1 Hardware Description ......................................................................................................................... 20
2.1.1 Switch Front Panel .................................................................................................................... 20
2.1.2 LED Indications.......................................................................................................................... 21
2.1.3 Switch Rear Panel ..................................................................................................................... 25
2.2 Install the Switch................................................................................................................................. 26
2.2.1 Desktop Installation ................................................................................................................... 26
2.2.2 Rack Mounting........................................................................................................................... 27
2.2.3 Installing the SFP transceiver.................................................................................................... 28
3. SWITCH MANAGEMENT...........................................................................................30
3.1 Requirements ...................................................................................................................................... 30
3.2 Management Access Overview ......................................................................................................... 31
3.3 Web Management................................................................................................................................ 32
3.4 SNMP-Based Network Management ................................................................................................. 33
3.5 Administration Console (FGSW-2620PVM / FGSW-2612PVM) ....................................................... 33
3.6 Protocols.............................................................................................................................................. 35
3.6.1 Virtual Terminal Protocols ......................................................................................................... 35
3.6.2 SNMP Protocol .......................................................................................................................... 35
3.6.3 Management Architecture ......................................................................................................... 35
4. WEB-BASED MANAGEMENT...................................................................................36
4.1 About Web-based Management ........................................................................................................ 36
4.1.1 Requirements ............................................................................................................................ 37
4.1.2 Logging on the switch................................................................................................................ 37
4.1.3 Main WEB PAGE....................................................................................................................... 39
4.2 System.................................................................................................................................................. 40
4.2.1 System Information.................................................................................................................... 41
4.2.1.1 Basic .................................................................................................................................. 41
3
Page 4
User’s Manual of FGSW-Series
4.2.1.2 Misc Config ........................................................................................................................ 42
4.2.2 IP Configuration......................................................................................................................... 44
4.2.3 SNMP Configuration.................................................................................................................. 46
4.2.3.1 SNMP Overview................................................................................................................. 46
4.2.3.2 System Options.................................................................................................................. 47
4.2.3.3 Community Strings............................................................................................................. 48
4.2.3.4 Trap Managers................................................................................................................... 49
4.2.4 Firmware Upgrade..................................................................................................................... 50
4.2.4.1 TFTP Firmware Upgrade ................................................................................................... 50
4.2.4.2 HTTP Firmware Upgrade................................................................................................... 51
4.2.5 Configuration Backup ................................................................................................................ 52
4.2.5.1 TFTP Restore Configuration .............................................................................................. 52
4.2.5.2 TFTP Backup Configuration............................................................................................... 53
4.2.6 Factory Default .......................................................................................................................... 54
4.2.7 System Reboot .......................................................................................................................... 54
4.3 Port Configuration .............................................................................................................................. 55
4.3.1 Port Control................................................................................................................................ 55
4.3.2 Port Status ................................................................................................................................. 57
4.3.3 Port Statistics............................................................................................................................. 58
4.3.4 Port Sniffer................................................................................................................................. 59
4.4 VLAN configuration ............................................................................................................................ 61
4.4.1 VLAN Overview ......................................................................................................................... 61
4.4.2 Static VLAN Configuration......................................................................................................... 64
4.4.3 Port-based VLAN....................................................................................................................... 65
4.4.4 802.1Q VLAN............................................................................................................................. 67
4.4.4.1 VLAN Group Configuration ................................................................................................ 68
4.4.4.2 VLAN Filter......................................................................................................................... 71
4.4.5 Q-in-Q VLAN.............................................................................................................................. 73
4.4.5.1 Q-in-Q Port Setting............................................................................................................. 74
4.4.5.2 Q-in-Q Tunnel Setting ........................................................................................................ 75
4.5 Rapid Spanning Tree .......................................................................................................................... 76
4.5.1 Theory........................................................................................................................................ 76
4.5.2 STP Parameters ........................................................................................................................ 79
4.5.3 Illustration of STP ...................................................................................................................... 80
4.5.4 RSTP System Configuration...................................................................................................... 82
4.5.5 Port Configuration...................................................................................................................... 84
4
Page 5
User’s Manual of FGSW-Series
4.6 Trunking............................................................................................................................................... 86
4.6.1 Aggregator setting ..................................................................................................................... 87
4.6.2 Aggregator Information.............................................................................................................. 88
4.6.3 State Activity .............................................................................................................................. 92
4.7 Forwarding and Filtering .................................................................................................................... 94
4.7.1 Dynamic MAC Table.................................................................................................................. 94
4.7.2 Static MAC Table....................................................................................................................... 95
4.7.3 MAC Filtering............................................................................................................................. 96
4.8 IGMP Snooping ................................................................................................................................... 97
4.8.1 Theory........................................................................................................................................ 97
4.8.2 IGMP Configuration ................................................................................................................. 101
4.9 QoS Configuration ............................................................................................................................ 102
4.9.1 Understand QOS ..................................................................................................................... 102
4.9.2 QoS Configuration ................................................................................................................... 103
4.9.2.1 Priority Queue Service settings........................................................................................ 103
4.9.2.2 QoS PerPort Configuration .............................................................................................. 105
4.9.3 TOS/DSCP .............................................................................................................................. 106
4.9.3.1 TOS/DSCP Configuration ................................................................................................ 107
4.9.3.2 TOS/DSCP Port Configuration......................................................................................... 108
4.10 Access Control List ........................................................................................................................ 109
4.11 MAC Limit ........................................................................................................................................ 113
4.11.1 MAC Limit Configuration........................................................................................................ 113
4.11.2 MAC Limit Port Status ........................................................................................................... 114
4.12 802.1X Configuration ...................................................................................................................... 115
4.12.1 Understanding IEEE 802.1X Port-Based Authentication ...................................................... 115
4.12.2 System Configuration ............................................................................................................ 118
4.12.3 802.1x Port Configuration...................................................................................................... 120
4.12.4 Misc Configuration................................................................................................................. 121
4.13 Power Over Ethernet (FGSW-2620PVM / FGSW-2612PVM) ........................................................ 122
4.13.1 Power over Ethernet Powered Device .................................................................................. 122
4.13.2 Power Management: ............................................................................................................. 123
5. CONSOLE MANAGEMENT ..................................................................................... 127
5.1 Login in the Console Interface ........................................................................................................ 127
5.2 Configure IP address ........................................................................................................................ 128
5.3 Commands Level .............................................................................................................................. 130
6. COMMAND LINE INTERFACE ................................................................................ 131
5
Page 6
User’s Manual of FGSW-Series
6.1 Operation Notice ............................................................................................................................... 131
6.2 System Commands........................................................................................................................... 132
show running-config ..................................................................................................................... 132
copy running-config startup-config............................................................................................... 132
erase startup-config ..................................................................................................................... 132
clear arp ....................................................................................................................................... 132
show arp....................................................................................................................................... 132
ping............................................................................................................................................... 132
6.3 Switch Static Configuration ............................................................................................................. 133
6.3.1 Port Configuration and show status ........................................................................................ 133
port state ...................................................................................................................................... 133
port nego ...................................................................................................................................... 133
port speed .................................................................................................................................... 133
port flow........................................................................................................................................ 133
port rate........................................................................................................................................ 134
port priority ................................................................................................................................... 134
port jumboframe ........................................................................................................................... 134
show port status ........................................................................................................................... 134
show port statistics....................................................................................................................... 135
show port protection..................................................................................................................... 136
6.4 Trunk Configuration.......................................................................................................................... 137
6.4.1 Trunking Commands ............................................................................................................... 137
show trunks .................................................................................................................................. 137
trunk add ...................................................................................................................................... 137
lacp............................................................................................................................................... 137
no trunk ........................................................................................................................................ 138
6.4.2 LACP Command...................................................................................................................... 138
[no] lacp........................................................................................................................................ 138
lacp system-priority ...................................................................................................................... 138
no lacp system-priority ................................................................................................................. 138
show lacp status........................................................................................................................... 138
show lacp ..................................................................................................................................... 138
show lacp agg .............................................................................................................................. 139
show lacp port .............................................................................................................................. 139
6.5 VLAN Configuration.......................................................................................................................... 140
6.5.1 Virtual LANs............................................................................................................................. 140
6
Page 7
User’s Manual of FGSW-Series
6.5.2 VLAN Mode: Port-based.......................................................................................................... 141
show vlan mode ........................................................................................................................... 141
vlan mode..................................................................................................................................... 141
6.5.3 Advanced 802.1Q VLAN Configuration................................................................................... 142
show vlan mode ........................................................................................................................... 142
vlan mode..................................................................................................................................... 142
vlan add........................................................................................................................................ 142
no vlan.......................................................................................................................................... 143
show vlan ..................................................................................................................................... 143
show vlan static............................................................................................................................ 144
show vlan pvid.............................................................................................................................. 144
vlan filter....................................................................................................................................... 145
show vlan filter ............................................................................................................................. 145
6.6 Misc Configuration............................................................................................................................ 147
no mac-age-time .......................................................................................................................... 147
show mac-age-time...................................................................................................................... 147
broadcast...................................................................................................................................... 147
broadcast select ........................................................................................................................... 147
Collision-Retry.............................................................................................................................. 147
6.7 Administration Configuration .......................................................................................................... 148
6.7.1 Change Username / Password................................................................................................ 148
hostname...................................................................................................................................... 148
no hostname ................................................................................................................................ 148
[no] password............................................................................................................................... 148
6.7.2 IP Configuration....................................................................................................................... 148
ip address..................................................................................................................................... 148
ip default-gateway ........................................................................................................................ 149
show ip ......................................................................................................................................... 149
show info ...................................................................................................................................... 149
dhcp.............................................................................................................................................. 149
show dhcp .................................................................................................................................... 149
6.7.3 Reboot switch .......................................................................................................................... 150
boot .............................................................................................................................................. 150
6.7.4 Reset to Default....................................................................................................................... 150
erase startup-config ..................................................................................................................... 150
6.7.5 TFTP Update Firmware ........................................................................................................... 150
7
Page 8
User’s Manual of FGSW-Series
copy tftp firmware......................................................................................................................... 150
6.7.6 Restore Configure File............................................................................................................. 150
copy tftp <running-config | flash> ................................................................................................. 150
6.7.7 Backup Configure File ............................................................................................................. 150
copy <running-config | flash> tftp ................................................................................................. 150
6.8 MAC limit............................................................................................................................................ 151
mac-limit....................................................................................................................................... 151
no mac-limit.................................................................................................................................. 151
Mac-limit....................................................................................................................................... 151
show mac-limit ............................................................................................................................. 151
6.9 Port Mirroring Configuration............................................................................................................ 152
mirror-port..................................................................................................................................... 152
show mirror-port ........................................................................................................................... 152
6.10 Quality of Service............................................................................................................................ 153
6.10.1 QoS Configuration ................................................................................................................. 153
qos priority.................................................................................................................................... 153
qos level ....................................................................................................................................... 154
show qos ...................................................................................................................................... 154
6.10.2 Per Port Priority ..................................................................................................................... 154
port priority ................................................................................................................................... 154
6.11 MAC Address Configuration.......................................................................................................... 155
clear mac-address-table............................................................................................................... 155
mac-address-table static .............................................................................................................. 155
no mac-address-table static mac-addr......................................................................................... 155
show mac-address-table .............................................................................................................. 155
show mac-address table static..................................................................................................... 155
show mac-address-table multicast............................................................................................... 155
smac-address-table static ............................................................................................................ 156
show smac-address-table ............................................................................................................ 156
show smac-address-table multicast............................................................................................. 156
[no] filter........................................................................................................................................ 156
show filter ..................................................................................................................................... 156
6.12 STP/RSTP Commands .................................................................................................................... 157
[no] spanning-tree ........................................................................................................................ 157
spanning-tree forward-delay ........................................................................................................ 157
spanning-tree hello-time............................................................................................................... 157
8
Page 9
User’s Manual of FGSW-Series
spanning-tree maximum-age ....................................................................................................... 157
spanning-tree priority ................................................................................................................... 158
spanning-tree port path-cost ........................................................................................................ 158
spanning-tree port priority ............................................................................................................ 158
show spanning-tree...................................................................................................................... 158
show spanning-tree port............................................................................................................... 158
[no] spanning-tree debug ............................................................................................................. 159
spanning-tree protocol-version .................................................................................................... 159
[no] spanning-tree port mcheck ................................................................................................... 159
[no] spanning-tree port edge-port ................................................................................................ 159
[no] spanning-tree port non-stp.................................................................................................... 159
spanning-tree port point-to-point-mac.......................................................................................... 160
show spanning-tree...................................................................................................................... 160
show spanning-tree port............................................................................................................... 160
6.13 SNMP ................................................................................................................................................ 161
6.13.1 System Options ..................................................................................................................... 161
Snmp /no snmp ............................................................................................................................ 161
Show snmp status........................................................................................................................ 161
snmp system-name...................................................................................................................... 161
snmp system-location .................................................................................................................. 161
snmp system-contact ................................................................................................................... 161
show snmp system....................................................................................................................... 162
6.13.2 Community Strings ................................................................................................................ 162
snmp community .......................................................................................................................... 162
no snmp community ..................................................................................................................... 162
show snmp community................................................................................................................. 162
6.13.3 Trap Managers ...................................................................................................................... 162
snmp trap ..................................................................................................................................... 162
no snmp trap ................................................................................................................................ 163
show snmp trap............................................................................................................................ 163
6.14 IGMP ................................................................................................................................................. 163
igmp.............................................................................................................................................. 163
igmp fastleave .............................................................................................................................. 163
igmp querier ................................................................................................................................. 164
igmp CrossVLAN.......................................................................................................................... 164
igmp debug .................................................................................................................................. 164
9
Page 10
User’s Manual of FGSW-Series
show igmp .................................................................................................................................... 164
igmp clear_statistics..................................................................................................................... 164
6.15 802.1x Protocol................................................................................................................................ 165
dot1x............................................................................................................................................. 165
radius-server host ........................................................................................................................ 165
radius-server key.......................................................................................................................... 165
radius-server nas ......................................................................................................................... 165
show radius-server....................................................................................................................... 165
dot1x timeout quiet-period............................................................................................................ 166
dot1x timeout tx-period................................................................................................................. 166
dot1x timeout supplicant .............................................................................................................. 166
dot1x timeout radius-server.......................................................................................................... 166
dot1x max-req .............................................................................................................................. 166
dot1x timeout re-authperiod ......................................................................................................... 167
show dot1x ................................................................................................................................... 167
dot1x port ..................................................................................................................................... 167
show dot1x port............................................................................................................................ 167
6.16 Access Control List ........................................................................................................................ 168
6.16.1 Ipv4 ACL commands ............................................................................................................. 168
no acl............................................................................................................................................ 168
no acl count.................................................................................................................................. 168
show acl ....................................................................................................................................... 168
acl (add|edit) <1-220> (permit|deny) <0-4094> ipv4 <0-255> ..................................................... 169
acl (add|edit) <1-220> (qosvoip) <0-4094>.................................................................................. 169
6.16.2 Non-Ipv4 ACL commands ..................................................................................................... 170
acl (add|edit) <1-220> (permit|deny) <0-4094> nonipv4 <0-65535>........................................... 170
6.17 Binding............................................................................................................................................. 171
6.17.1 SIP/SMAC binding commands .............................................................................................. 171
bind............................................................................................................................................... 171
no bind.......................................................................................................................................... 171
no bind.......................................................................................................................................... 171
show bind ..................................................................................................................................... 171
bind add........................................................................................................................................ 171
6.18 Power over Ethernet Commands (PLANET FGSW-2620PVM / FGSW-2612PVM)..................... 173
6.18.1 Display System PoE status ................................................................................................... 173
show poe ...................................................................................................................................... 173
10
Page 11
User’s Manual of FGSW-Series
show poe status ........................................................................................................................... 173
6.18.2 Configure PoE Over Temperature Protection ....................................................................... 174
poe temperature-protection enable.............................................................................................. 174
6.18.3 Configure PoE -- System....................................................................................................... 175
poe limit-mode.............................................................................................................................. 175
6.18.4 Configure PoE -- Port ............................................................................................................ 176
poe enable ................................................................................................................................... 176
poe priority.................................................................................................................................... 177
poe maximum-power.................................................................................................................... 177
7. SWITCH OPERATION..............................................................................................179
7.1 Address Table ................................................................................................................................... 179
7.2 Learning ............................................................................................................................................. 179
7.3 Forwarding & Filtering...................................................................................................................... 179
7.4 Store-and-Forward ............................................................................................................................ 179
7.5 Auto-Negotiation ............................................................................................................................... 179
8. POWER OVER ETHERNET OVERVIEW.................................................................181
What is PoE? ........................................................................................................................................... 181
The PoE Provision Process ................................................................................................................... 183
Stages of powering up a PoE link..................................................................................................... 183
Line Detection................................................................................................................................... 183
Classification..................................................................................................................................... 183
Start-up ............................................................................................................................................. 184
Operation .......................................................................................................................................... 184
Power Disconnection Scenarios....................................................................................................... 184
9. TROUBLE SHOOTING.............................................................................................185
APPENDIX A—RJ-45 PIN ASSIGNMENT ................................................................... 187
A.1 Switch's RJ-45 Pin Assignments .................................................................................................... 187
A.2 10/100Mbps, 10/100Base-TX............................................................................................................ 187
APPENDIX B—HOW TO IDENTIFY THE HARDWARE VERSION? ........................189
11
Page 12
User’s Manual of FGSW-Series
1. Introduction
The PLANET Layer 2 Managed Switch series - FGSW-2620VM, FGSW-2620PVM, FGSW-2612PVM and FGSW-2624SF
are multiple 10/100Mbps ports Ethernet Switched with Gigabit TP/SFP fiber optical combo connective ability and robust
layer 2 features; the description of these models as below:
FGSW-2620VM :
FGSW-2620PVM :
FGSW-2620PVM :
FGSW-2624SF :
Terms of “Managed Switch” means the Switches mentioned titled in the cover page of this User’s manual,
i.e.FGSW-2620VM and FGSW-2620PVM.
24-Port 10/100Base-TX + 2-Port Gigabit TP/SFP Combo Managed Switch
24-Port 10/100Base-TX + 2-Port Gigabit TP/ SFP Managed PoE Switch
24-Port 10/100Base-TX + 2-Port Gigabit TP/ SFP Witch 12-Port PoE Managed Switch
24 100Base-FX SFP Slots + 2-Port Gigabit TP/ SFP Managed Switch
1.1 Package Contents
Open the box of the Managed Switch and carefully unpack it. The box should contain the following items:
Check the contents of your package for following parts:
; The Managed Switch
; User’s manual CD
; Quick installation guide
; 19” Rack mount accessory kit
; Power cord
x1
x1
x1
x1
x1
; Rubber feet
; RS-232 DB9 male Console cable
(FGSW-2620PVM and FGSW-2612PVM only)
If any of these are missing or damaged, please contact your dealer immediately, if possible, retain the carton including the
original packing material, and use them against to repack the product in case there is a need to return it to us for repair.
This user manual applies only to hardware FGSW-2620VM version 2 and FGSW-2624SF hardware
version 3.
About how to identify the hardware version? Please refer to Appendix B.
X4
x1
12
Page 13
User’s Manual of FGSW-Series
1.2 Product Description
High Performance Wire-Speed Switching
The PLANET FGSW-2620VM / FGSW-2620PVM / FGSW-2612PVM / FGSW-2624SF Managed Switch offer 24 Ethernet
ports with 2 Gigabit TP / SFP combo ports (Port-25, 26). The type 24 Fast Ethernet ports of FGSW-2620VM and
FGSW-2620PVM / FGSW-2612PVM are 10 / 100Base-TX copper (RJ-45) and FGSW-2624SF is equipped with 24
100Base-FX complied SFP slots. These two Gigabit TP / SFP combo ports of all models can be either 1000Base-T for
10/100/1000Mbps or 1000Base-SX/LX through SFP (Small Factor Pluggable) interface. The distance can be extended
from 100 meters (TP), 550 meters (Multi-mode fiber), up to above 10/50/70/120 kilometers (Single-mode fiber).
The series Managed Switch boast a high performance switch’s architecture that is capable of providing non-blocking switch
fabric and wire-speed throughput as high as 8.8Gbps. Its two built-in GbE uplink ports also offer incredible extensibility,
flexibility and connectivity to the Core switches or Servers.
Power over Ethernet
The PoE in-line power following the standard IEEE 802.3af makes the FGSW-2620PVM able to power on 24 PoE devices
and FGSW-2612PVM ablt to power on 12 PoE at the distance up to 100 meters through the 4-pair Cat 5/5e UTP wire.
Cost-effective solution with SNMP monitor for Network deployment
Not only for catering to the need of easy WEB-based management but also the centralized SNMP application to monitor the
status of Switch and traffic per port, PLANET releases the cost-effective Managed Switch. The key features are as below:
WEB / SSL / Telnet
802.1Q / Q-in-Q VLAN
Rapid Spanning Tree
IGMP Snooping
802.1X Authentication / RADIUS
Access Control List
SNMP and 4 RMON groups
1.3 How to Use This Manual
This User Manual is structured as follows:
Section 2, INSTALLATION
The section explains the functions of the Switch and how to physically install the Managed Switch.
Section 3, SWITCH MANAGEMENT
The section contains the information about the software function of the Managed Switch.
Section 4, WEB CONFIGURATION
The section explains how to manage the Managed Switch by Web interface.
Section 5, CONSOLE MANAGEMENT (For FGSW-2620PVM and FGSW-2612PVM Only)
The section describes how to use the Console management interface.
Section 6, COMMAND LINE INTERFACE
The section explains how to manage the Managed Switch by Command Line interface.
13
Page 14
User’s Manual of FGSW-Series
Section 7, SWITCH OPERATION
The chapter explains how to does the switch operation of the Managed Switch.
Section 8, POWER OVER ETHERNET OVERVIEW
The chapter introduce the IEEE 802.3af PoE standard and PoE provision of the Managed Switch.
Section 9, TROUBSHOOTING
The chapter explains how to trouble shooting of the Managed Switch.
Appendix A
The section contains cable information of the Managed Switch.
14
Page 15
1.4 Product Features
¾ Physical Port
FGSW-2620VM
24-Port 10/100Base-TX RJ-45 interfaces
2-Port Gigabit TP/SFP combo interfaces
Reset button for system management
FGSW-2620PVM / FGSW-2612PVM
24-Port 10/100Base-TX RJ-45 with PoE Injector
2-Port Gigabit TP/SFP combo interfaces
Reset button for system management
1 RS-232 male DB9 console interface for Switch basic management and setup
FGSW-2624SF
24-Port 100Base-FX SFP Fast Ethernet slots
2-Port Gigabit TP/SFP combo interfaces
Reset button for system management
User’s Manual of FGSW-Series
¾ Layer 2 Features
Complies with the IEEE 802.3, IEEE 802.3u, IEEE 802.3ab, IEEE 802.3z Gigabit Ethernet standard
Supports Auto-negotiation and Half-Duplex / Full-Duplex modes for all 10Base-T / 100Base-TX and Full-Duplex
mode for 1000Base-T ports.
Auto-MDI/MDI-X detection on each RJ-45 port
Prevents packet loss Flow Control:
• IEEE 802.3x PAUSE frame Flow Control for Full-Duplex mode
• Back-Pressure Flow Control in Half-Duplex mode
High performance Store and Forward architecture, broadcast storm control, runt/CRC filtering eliminates
erroneous packets to optimize the network bandwidth
8K MAC Address Table, automatic source address learning and ageing
Support VLANs:
• IEEE 802.1Q Tag-Based VLAN
• Up to 255 VLANs groups, out of 4096 VLAN IDs
• Port-Based VLAN
• Q-in-Q tunneling (Double Tag VLAN)
Supports Link Aggregation
• Up to 13 Trunk groups
• Up to 8 ports per trunk group with 1.6Gbps bandwidth (Full Duplex mode)
• IEEE 802.3ad LACP (Link Aggregation Control Protocol)
• Cisco ether-Channel (Static Trunk)
Support Spanning Tree Protocol:
• STP, IEEE 802.1D (Classic Spanning Tree Protocol)
• RSTP, IEEE 802.1w (Rapid Spanning Tree Protocol)
¾ Quality of Service
4 priority queues on all switch ports
Traffic classification:
15
Page 16
• IEEE 802.1p Class of Service
• IP TOS / DSCP code priority
• Port Base priority
Strict priority and weighted round robin (WRR) CoS policies
Ingress/Egress Bandwidth control on each port
¾ Multicast
IGMP Snooping v1 and v2
IGMP Query mode for Multicast Media application
256 multicast groups
¾ Security
Layer 2 / 3 / 4 Access Control List (ACL)
IEEE 802.1x Port-Based Authentication
MAC address Filtering and MAC address Binding
IP address security management to prevent unauthorized intruder
Port Mirroring to monitor the incoming or outgoing traffic on a particular port
User’s Manual of FGSW-Series
¾ Management
Switch Management Interface
• Web switch management
• Telnet Command Line Interface
• SNMP v1, v2c switch management
• Console local management ( FGSW-2620PVM only)
SNMP Trap for alarm notification of events
Four RMON groups 1, 2, 3, 9 (history, statistics, alarms, and events)
Built-in Trivial File Transfer Protocol (TFTP) client
Firmware upload / download via TFTP or HTTP
Configuration upload / download via TFTP or HTTP
Supports Ping function
¾ Power over Ethernet (FGSW-2620PVM / FGSW-2612PVM Only )
Complies with IEEE 802.3af Power over Ethernet End-Span PSE
Up to 24 IEEE 802.3af devices powered (FGSW-26202PVM only)
Up to 12 IEEE 802.3af devices powered (FGSW-2612PVM only)
Support PoE Power up to 15.4 watts for each PoE ports
Auto detect powered device (PD)
Circuit protection prevent power interference between ports
Remote power feeding up to 100m
PoE Management
• Total PoE power budget control
• Per port PoE function enable/disable
• PoE Port Power feeding priority
• Per PoE port power limit
• PD classification detection
• PoE Power Supply Over Temperature Protection
16
Page 17
1.5 Product Specification
User’s Manual of FGSW-Series
Product FGSW-2620VM FGSW-2624SF
Hardware Specification
Hardware Version
10/100Mbps Copper Ports
100Mbps Fiber Ports
1000Mbps Copper Ports
SFP/mini-GBIC Slots
Switch Architecture
Switch Fabric
Switch Throughput
Address Table
Share Data Buffer
Flash
Version 2 Version 3 Version 1
24 10/ 100Base-TX RJ-45
---
Auto-MDI/MDI-X ports
--- 24 SFP slots ---
2 10/100/1000Base-T RJ-45 port
2 SFP interfaces, shared with Port-25 and Port-26
Store-and-Forward
8.8Gbps / non-blocking
6.547Mpps@64Bytes
8K entries
512Kbytes
4Mbytess
FGSW-2620PVM /
FGSW-2612PVM
24 10/ 100Base-TX RJ-45
Auto-MDI/MDI-X ports
DRAM
Maximum Frame Size
Flow Control
LED
Dimensions ( W x D x H)
Weight
Power Requirement
Power Consumption
16Mbytes
9K Bytes
Back pressure for Half-Duplex
IEEE 802.3x Pause Frame for Full-Duplex
Power
Link/Activity (Green)
1000 LNK / ACT(Green)
10/100 LNK / ACT(Green)
440 x 120 x 44 mm,
1U height
1.87kg 2.6kg 2.6kg
100~240V AC, 50-60 Hz
25 Watts (Full load)
Power
Link/Activity (Green)
1000 LNK / ACT(Green)
10/100 LNK / ACT(Green)
440 x 220 x 44 mm,
1U height
23.1 Watts maximum / 73
BTU/hr maximum
Power, FAN Alarm
Link/Activity (Green)
PoE In-Use (Amber)
1000 LNK / ACT(Green)
10/100 LNK / ACT(Green)
440 x 220 x 44 mm,
1U height
FGSW-2620PVM :
210 Watts (Full PoE Load)
FGSW-2612PVM :
Operating Temperature
Operating Humidity
Storage Temperature
Standard: 0 ~ 50 Degree C
10% to 90% (Non-condensing)
-40 Degree C ~ 85 Degree C
17
?? Watts (Full PoE Load)
Page 18
Layer 2 Functions
User’s Manual of FGSW-Series
Management Interface
Port Configuration
Port Status
VLAN
Spanning Tree
Link Aggregation
Quality of Service
Telnet, Web Browser, SNMP v1, v2c
Console, Telnet, Web
Browser, SNMP v1, v2c
Port disable/enable.
Auto-negotiation 10/100Mbps full and half duplex mode selection.
Flow Control disable / enable.
Bandwidth control and broadcast storm filter on each port.
Display each port’s speed duplex mode, link status, Flow control status. Auto
negotiation status
Port-Based VLAN, up to 26 VLAN groups
IEEE 802.1q Tagged Based VLAN , 4K VLAN ID, up to 256 VLAN groups
IEEE 802.1d Spanning Tree
IEEE 802.1w Rapid Spanning Tree
Static Port Trunk
IEEE 802.3ad LACP (Link Aggregation Control Protocol)
Supports 13 groups of 8-Port trunk support
Traffic classification based on :
• Port-Based priority
• 802.1p priority,
• IP DSCP/TOS field in IP Packet
IGMP Snooping
Bandwidth Control
Port Mirror
Security
Access Control List
SNMP MIBs
Power over Ethernet
PoE Standard
v1 and v2
256 multicast groups and IGMP query
Per port Ingress / Egress bandwidth control in steps of128Kbps
RX / TX / Both
802.1x Port-Based Network access control
MAC Limit
Static MAC
MAC Filtering
Supports up to 220 rule entries
RFC-1157 SNMP MIB
RFC-1213 MIB-II
RFC-1215 Trap
RFC-2863 Interface MIB
RFC-1493 Bridge MIB
RFC-2674 Extended Bridge MIB (Q-Bridge)
RFC-1643
IEEE 802.3af Power over
Ethernet / PSE
PoE Power Supply Type
PoE Power output
- End-Span
- Per Port 48V DC, 350mA .
18
Page 19
User’s Manual of FGSW-Series
Max. 15.4 watts
Power Pin Assignment
PoE Power Budget
Max. number of Class2 PD
Max. number of Class 3 PD
Standards Conformance
Safety
Standards Compliance
- 1/2(+), 3/6(-)
FGSW-2620PVM :
190 Watts
FGSW-2612PVM :
110 Watts
FGSW-2620PVM : 24
FGSW-2612PVM : 12
FGSW-2620PVM : 12
FGSW-2612PVM : 6
FCC Part 15 Class A, CE
IEEE 802.3 10Base-T
IEEE 802.3u 100Base-TX/100BASE-FX
IEEE 802.3z Gigabit SX/LX
IEEE 802.3ab Gigabit 1000Base-T
IEEE 802.3x Flow Control and Back pressure
IEEE 802.1d Spanning tree protocol
IEEE 802.1w Rapid spanning tree protocol
IEEE 802.1p Class of service
IEEE 802.1Q VLAN Tagging
IEEE 802.1x Port Authentication Network Control
IEEE 802.3af Power over Ethernet ( FGSW-2620PVM / FGSW-2316PVM only)
Cable-Fiber-optic cable
• 50 / 125µm or 62.5 / 125µm multi-mode fiber cable:
- 100Base-FX : up to 2km
- 1000Base-SX: up to 220 / 550m
• 9 / 125µm single-mode cable, provides long distance for :
- 100Base-FX: up to 10/40/60km (very on fiber transceiver or SFP module)
- 1000Base-LX / ZX: 10 / 15 / 20 / 30 / 40 / 50 / 60 / 70 / 120km (very on fiber
transceiver or SFP module)
19
Page 20
User’s Manual of FGSW-Series
2. INSTALLATION
This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For
easier management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front
panel illustrations in this chapter display the unit LED indicators. Before connecting any network device to the Managed
Switch, please read this chapter completely.
2.1 Hardware Description
2.1.1 Switch Front Panel
The unit front panel provides a simple interface monitoring the switch. Figure 2-1 to 2-4 shows the front panel of the
Managed Switches.
FGSW-2620VM Front Panel
FGSW-2620PVM Front Panel
FGSW-2612PVM Front Panel
Figure 2-1: FGSW-2620VM front panel
Figure 2-2: FGSW-2620PVM Switch front panel
Figure 2-3: FGSW-2612PVM Switch front panel
FGSW-2624SF Front Panel
Figure 2-4: FGSW-2624SF Switch front panel
■ 10/100Mbps TP Interface (FGSW-2620VM, FGSW-2620PVM, FGSW-2612PVM)
Port-1~Port-24: 10/100Base-TX Copper, RJ-45 Twist-Pair: Up to 100 meters.
20
Page 21
User’s Manual of FGSW-Series
■ Gigabit TP Interface
Port-25, Port-26: 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters.
■ Gigabit SFP Slots
Port-25, Port-26: 1000Base-SX/LX mini-GBIC slot, SFP (Small Factor Pluggable) transceiver module: From 550
meters (Multi-mode fiber), up to 10/30/50/70/120 kilometers (Single-mode fiber).
■ Console Port (FGSW-2620PVM / FGSW-2612PVM Only)
The console port is a DB9, RS-232 male serial port connector. It is an interface for connecting a terminal directly.
Through the console port, it provides rich diagnostic information includes IP Address setting, factory reset, port
management, link status and system setting. Users can use the attached RS-232 cable in the package and connect to
the console port on the device. After the connection, users an run any terminal emulation program (Hyper Terminal,
ProComm Plus, Telix, Winterm and so on) to enter the startup screen of the device.
■ Reset button
At the left of front panel, the reset button is designed for reboot the Managed Switch without turn off and on the power.
The following is the summary table of Reset button functions:
Reset Button Pressed and Released Function
About 1~3 second Reboot the Managed Switch
Reset the Managed Switch to Factory Default configuration.
The Managed Switch will then reboot and load the default
settings as below:
Until the PWR LED lit off
。 Default Password: admin
。 Default IP address: 192.168.0.100
。 Subnet mask: 255.255.255.0
。 Default Gateway: 192.168.0.254
2.1.2 LED Indications
The front panel LEDs indicates instant status of port links, data activity and system power; helps monitor and troubleshoot
when needed.
FGSW-2620VM LED indication
Figure 2-5: FGSW-2620VM LED panel
21
Page 22
System
LED Color Function
PWR Green Lights to indicate that the Switch has power.
Per 10/100Base-TX RJ-45 port
LED Color Function
User’s Manual of FGSW-Series
LNK/ACT Green
Per 10/100/1000Base-T port /SFP interfaces
LED Color Function
LNK/ACT 1000 Green
LNK/ACT 100 Green
FGSW-2620PVM LED indication
Lights to indicate the link through that port is successfully established.
Blink to indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 1000Mbps.
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 100Mbps.
Off: indicate that the port is operating at 10Mbps or 1000Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Figure 2-6: FGSW-2620PVM LED panel
System
LED Color Function
PWR Green Lights to indicate that the Switch has power.
Per 10/100Base-TX, PoE interfaces (Port-1 to Por-24)
LED Color Function
LNK/ACT
PoE In-Use
Green
Lights:
Blink:
Lights:
Orange
Off:
To indicate the link through that port is successfully established.
To indicate that the Switch is actively sending or receiving data over that port.
To indicate the port is providing 48VDC in-line power.
To indicate the connected device is not a PoE Powered Device (PD).
22
Page 23
User’s Manual of FGSW-Series
Per 10/100/1000Base-T port /SFP interfaces
LED Color Function
Lit: indicate that the port is operating at 1000Mbps.
LNK/ACT 1000 Green
LNK/ACT 100 Green
FGSW-2612PVM LED indication
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 100Mbps.
Off: indicate that the port is operating at 10Mbps or 1000Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Figure 2-7: FGSW-2612PVM LED panel
System
LED Color Function
PWR Green Lights to indicate that the Switch has power.
Per 10/100Base-TX, PoE interfaces (Port-1 to Por-24)
LED Color Function
LNK/ACT
PoE In-Use
Per 10/100/1000Base-T port /SFP interfaces
Green
Orange
Lights:
Blink:
Lights:
Off:
To indicate the link through that port is successfully established.
To indicate that the Switch is actively sending or receiving data over that port.
To indicate the port is providing 48VDC in-line power.
To indicate the connected device is not a PoE Powered Device (PD).
LED Color Function
Lit: indicate that the port is operating at 1000Mbps.
LNK/ACT 1000 Green
LNK/ACT 100 Green
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 100Mbps.
Off: indicate that the port is operating at 10Mbps or 1000Mbps.
Blink: indicate that the Switch is actively sending or receiving data over that port.
23
Page 24
FGSW-2624SF LED indication
Figure 2-8: FGSW-2624SF LED panel
System
LED Color Function
PWR Green Lights to indicate that the Switch has power.
Per 100Base-FX SFP slot
User’s Manual of FGSW-Series
LED Color Function
LNK/ACT Green
Per 10/100/1000Base-T port /SFP interfaces
LED Color Function
LNK/ACT 1000 Green
LNK/ACT 100 Green
FDX Green
Lights to indicate the link through that port is successfully established.
Lit: indicate that the port is operating at 1000Mbps.
Off: indicate that the port is operating at 10Mbps or 100Mbps.
Blink: indicate that the switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at 100Mbps.
Off: indicate that the port is operating at 10Mbps or 1000Mbps.
Blink: indicate that the switch is actively sending or receiving data over that port.
Lit: indicate that the port is operating at full-duplex mode.
Off: indicate that the port is operating at half-duplex mode.
1. Press the RESET button once. The t Switch will reboot automatically.
2. Press the RESET button for about 10 seconds. The Switch will back to the factory default mode; the
entire configuration will be erased.
3. The 2 Gigabit TP/SFP combo ports are shared with port 25/26 of FGSW-2620VM / FGSW-2620PVM /
FGSW-2612PVM / FGSW-2624SF. Either of them can operate at the same time.
24
Page 25
User’s Manual of FGSW-Series
2.1.3 Switch Rear Panel
The rear panel of the Managed Switch indicates an AC inlet power socket, which accepts input power from 100 to 240V AC,
50-60Hz. Figure 2-9 to Figure 2-12 shows the rear panel of the Switch.
FGSW-2620VM Rear Panel
Figure 2-9: FGSW-2620VM rear panel.
FGSW-2620PVM Rear Panel
FGSW-2612PVM Rear Panel
FGSW-2624SF Rear Panel
1. The device is a power-required device, it means, it will not work till it is powered. If your networks
Figure 2-10: FGSW-2620PVM Switch rear panel
Figure 2-11: FGSW-2612PVM Switch rear panel
Figure 2-12: FGSW-2624SF Switch rear panel
Power Notice:
should active all the time, please consider using UPS (Uninterrupted Power Supply) for your
device. It will prevent you from network data loss or network downtime.
2. In some area, installing a surge suppression device may also help to protect your Managed
Switch from being damaged by unregulated surge or current to the Switch or the power adapter.
25
Page 26
User’s Manual of FGSW-Series
2.2 Install the Switch
This section describes how to install the Managed Switch and make connections to it. Please read the following topics and
perform the procedures in the order being presented.
2.2.1 Desktop Installation
To install the Managed Switch on desktop or shelf, please follows these steps:
Step1: Attach the rubber feet to the recessed areas on the bottom of the Managed Switch.
Step2: Place the Managed Switch on the desktop or the shelf near an AC power source.
Figure 2-13: Place the Managed Switch on the desktop
Step3: Keep enough ventilation space between the Managed Switch and the surrounding objects.
When choosing a location, please keep in mind the environmental restrictions discussed in
Chapter 1, Section 4, in Specification.
Step4: Connect the Managed Switch to network devices.
A. Connect one end of a standard network cable to the 10/100/1000 RJ-45 ports on the front of the Managed Switch
B. Connect the other end of the cable to the network devices such as printer servers, workstations or routers…etc.
Connection to the Managed Switch requires UTP Category 5 network cabling with RJ-45
tips. For more information, please see the Cabling Specification in Appendix A.
Step5: Supply power to the Managed Switch.
A. Connect one end of the power cable to the Managed Switch.
B. Connect the power plug of the power cable to a standard wall outlet.
When the Managed Switch receives power, the Power LED should remain solid Green.
26
Page 27
User’s Manual of FGSW-Series
2.2.2 Rack Mounting
To install the Managed Switch in a 19-inch standard rack, please follows the instructions described below.
Step1: Place the Managed Switch on a hard flat surface, with the front panel positioned towards the front side.
Step2: Attach the rack-mount bracket to each side of the Managed Switch with supplied screws attached to the package.
Figure 2-14 shows how to attach brackets to one side of the Managed Switch.
Figure 2-14: Attach brackets to the Managed Switch
You must use the screws supplied with the mounting brackets. Damage caused to the parts
by using incorrect screws would invalidate the warranty.
Step3: Secure the brackets tightly.
Step4: Follow the same steps to attach the second bracket to the opposite side.
Step5: After the brackets are attached to the Managed Switch, use suitable screws to securely attach the brackets to the
rack, as shown in Figure 2-15.
Figure 2-15: Mounting the Switch in a Rack
Step6: Proceeds with the steps 4 and steps 5 of session 2.2.1 Desktop Installation to connect the network cabling and
supply power to the Managed Switch.
27
Page 28
User’s Manual of FGSW-Series
2.2.3 Installing the SFP transceiver
The sections describe how to insert an SFP transceiver into an SFP slot.
The SFP transceivers are hot-pluggable and hot-swappable. You can plug-in and out the transceiver to/from any SFP port
without having to power down the Managed Switch. As the Figure 2-16 appears.
Figure 2-16: Plug-in the SFP transceiver
Approved PLANET SFP Transceivers
PLANET Managed switches supports both single mode and multi mode SFP transceiver. The following list of approved
PLANET SFP transceivers is correct at the time of publication:
1000Base-SX/LX SFP transceiver:
MGB-SX SFP (1000BASE-SX SFP transceiver – Multi mode / 220m)
MGB-LX SFP (1000BASE-LX SFP transceiver - Single Mode / 10km)
MGB-L30 SFP (1000Base-LX SFP transceiver – Single Mode / 30Km)
MGB-L50 SFP (1000Base-LX SFP transceiver - Single Mode / 50Km)
It recommends using PLANET SFPs on the Switch. If you insert a SFP transceiver that is
not supported, the Managed Switch will not recognize it.
Before connect the other switches, workstation or Media Converter.
1. Make sure both side of the SFP transceiver are with the same media type, for example: 1000Base-SX to
1000Base-SX, 1000Bas-LX to 1000Base-LX.
2. Check the fiber-optic cable type match the SFP transceiver model.
¾ To connect to 1000Base-SX SFP transceiver, use the multi-mode fiber cable- with one side must be male duplex
LC connector type.
28
Page 29
User’s Manual of FGSW-Series
¾ To connect to 1000Base-LX SFP transceiver, use the single-mode fiber cable-with one side must be male
duplex LC connector type.
Connect the fiber cable
1. Attach the duplex LC connector on the network cable into the SFP transceiver.
2. Connect the other end of the cable to a device – switches with SFP installed, fiber NIC on a workstation or a Media
Converter..
3. Check the LNK/ACT LED of the SFP slot on the front of the Switch. Ensure that the SFP transceiver is operating
correctly.
4. Check the Link mode of the SFP port if the link failed. Co works with some fiber-NICs or Media Converters, set the Link
mode to “1000 Force” is needed.
Remove the transceiver module
1. Make sure there is no network activity by consult or check with the network administrator. Or through the
management interface of the switch/converter (if available) to disable the port in advance.
2. Remove the Fiber Optic Cable gently.
3. Turn the handle of the MGB module to horizontal.
4. Pull out the module gently through the handle.
Figure 2-17: Pull out the SFP transceiver
Never pull out the module without pull the handle or the push bolts on the module. Direct pull
out the module with violent could damage the module and SFP module slot of the Managed
Switch.
29
Page 30
User’s Manual of FGSW-Series
3. SWITCH MANAGEMENT
This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes
the types of management applications and the communication and management protocols that deliver data between your
management device (work-station or personal computer) and the system. It also contains information about port connection
options.
This chapter covers the following topics:
Requirements
Management Access Overview
Administration Console Access
Web Management Access
SNMP Access
Standards, Protocols, and Related Reading
3.1 Requirements
Workstations of subscribers running Windows 98/ME, NT4.0, 2000/XP, MAC OS9 or later, Linux, UNIX or
other platform compatible with TCP/IP protocols.
Workstation installed with Ethernet NIC (Network Interface Card)
Ethernet Port connect
• Network cables - Use standard network (UTP) cables with RJ45 connectors.
Above Workstation installed with WEB Browser and JAVA runtime environment Plug-in
Serial Port connect (FGSW-2620PVM / FGSW-2316PVM only)
• Above PC with COM Port (DB-9 / RS-232) or USB-to-RS-232 converter
It is recommended to use Internet Explore 6.0 or above to access Managed Switch.
30
Page 31
User’s Manual of FGSW-Series
3.2 Management Access Overview
The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods:
Web browser interface
An external SNMP-based network management application
An administration console
The administration console and Web browser interface support are embedded in the Managed Switch software and are
available for immediate use. Each of these management methods has their own advantages. Table 3-1 compares the three
management methods.
Method Advantages Disadvantages
Web Browser
SNMP Agent
Console
(FGSW-2620PVM
FGSW-2612PVM)
• Ideal for configuring the switch remotely
• Compatible with all popular browsers
• Can be accessed from any location
• Most visually appealing
• Communicates with switch functions at
the MIB level
• Based on open standards
• No IP address or subnet needed
• Text-based
• Telnet functionality and HyperTerminal
built into Windows
95/98/NT/2000/ME/XP operating
systems
• Secure
• Security can be compromised (hackers need
only know the IP address and subnet mask)
• May encounter lag times on poor connections
• Requires SNMP manager software
• Least visually appealing of all three methods
• Some settings require calculations
• Security can be compromised (hackers need
only know the community name)
• Must be near switch or use dial-up connection
• Not convenient for remote users
• Modem connection may prove to be unreliable
or slow
Table 3-1: Management Methods Comparison
31
Page 32
User’s Manual of FGSW-Series
3.3 Web Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the
network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the switch,
you can access the Managed Switch's Web interface applications directly in your Web browser by entering the IP address
of the Managed Switch.
Figure 3-1: Web management
You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central
location, just as if you were directly connected to the Managed Switch's console port. Web Management requires either
Microsoft Internet Explorer 6.0 or later, Safari or Mozilla Firefox 2.0 or later.
Figure 3-2: Web main screen of Managed Switch
32
Page 33
User’s Manual of FGSW-Series
3.4 SNMP-Based Network Management
You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network
Manager, HP Openview Network Node Management (NNM) or What’sup Gold. This management method requires the
SNMP agent on the switch and the SNMP Network Management Station to use the same community string. This
management method, in fact, uses two community strings: the get community string and the set community string. If the
SNMP Net-work management Station only knows the set community string, it can read and write to the MIBs. However, if it
only knows the get community string, it can only read MIBs. The default gets and sets community strings for the Managed
Switch are public.
Figure 3-3: SNMP management
3.5 Administration Console (FGSW-2620PVM / FGSW-2612PVM)
The administration console is an internal, character-oriented, and command line user interface for performing system
administration such as displaying statistics or changing option settings. Using this method, you can view the administration
console from a terminal, personal computer, Apple Macintosh, or workstation connected to the switch's console (serial) port.
There are two ways to use this management method: via direct access or modem port access. The following sections
describe these methods. For more information about using the console, refer to Chapter 5 Console Management.
Figure 3-4: Console management
33
Page 34
User’s Manual of FGSW-Series
Direct Access
Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a
terminal-emulation program (such as HyperTerminal) to the Managed Switch console (serial) port.
When using this management method, a straight DB9 RS-232 cable is required to connect the switch to the PC. After
making this connection, configure the terminal-emulation program to use the following parameters:
The default parameters are:
57600 bps
8 data bits
No parity
1 stop bit
Figure 3-5: Terminal parameter settings
You can change these settings, if desired, after you log on. This management method is often preferred because you can
remain connected and monitor the system during system reboots. Also, certain error messages are sent to the serial port,
regardless of the interface through which the associated action was initiated. A Macintosh or PC attachment can use any
terminal-emulation program for connecting to the terminal serial port. A workstation attachment under UNIX can use an
emulator such as TIP.
34
Page 35
User’s Manual of FGSW-Series
3.6 Protocols
The Managed Switch supports the following protocols:
Virtual terminal protocols, such as Telnet
Simple Network Management Protocol (SNMP)
3.6.1 Virtual Terminal Protocols
A virtual terminal protocol is a software program, such as Telne t, that allows you to establish a management session from a
Macintosh, a PC, or a UNIX workstation. Because Telnet runs over TCP/IP, you must have at least one IP address
configured on the Managed Switch before you can establish access to it with a virtual terminal protocol.
Terminal emulation differs from a virtual terminal protocol in that you must connect a terminal directly
to the console (serial) port.
To access the Managed Switch through a Telnet session:
1. Be Sure of the Managed Switch is configured with an IP address and the Managed Switch is reachable from a
PC.
2. Start the Telnet program on a PC and connect to the Managed Switch.
The management interface is exactly the same with RS-232 console management.
3.6.2 SNMP Protocol
Simple Network Management Protocol (SNMP) is the standard management protocol for multi-vendor IP networks. SNMP
supports transaction-based queries that allow the protocol to format messages and to transmit information between
reporting devices and data-collection programs. SNMP runs on top of the User Datagram Protocol (UDP), offering a
connectionless-mode service.
3.6.3 Management Architecture
All of the management application modules use the same Messaging Application Programming Interface (MAPI). By
unifying management methods with a single MAPI, configuration parameters set using one method (console port, for
example) are immediately displayable by the other management methods (for example, SNMP agent of Web browser).
The management architecture of the switch adheres to the IEEE open standard. This compliance assures customers that
the Managed Switch is compatible with, and will interoperate with other solutions that adhere to the same open standard.
35
Page 36
User’s Manual of FGSW-Series
4. Web-Based Management
This section introduces the configuration and functions of the Web-Based management.
4.1 About Web-based Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the
network through a standard browser such as Microsoft Internet Explorer.
The Web-Based Management supports Internet Explorer 6.0. It is based on Java Applets with an aim to reduce network
bandwidth consumption, enhance access speed and present an easy viewing screen.
By default, IE6.0 or later version does not allow Java Applets to open sockets. The user has to
explicitly modify the browser setting to enable Java Applets to use network ports.
The Managed Switch can be configured through an Ethernet connection, make sure the manager PC must be set on same
the IP subnet address with the Managed Switch.
For example, the default IP address of the Managed Switch is 192.168.0.100, then the manager PC should be set at
192.168.0.x (where x is a number between 1 and 254, except 100), and the default subnet mask is 255.255.255.0.
If you have changed the default IP address of the Managed Switch to 192.168.1.1 with subnet mask 255.255.255.0 via
console, then the manager PC should be set at 192.168.1.x (where x is a number between 2 and 254) to do the relative
configuration on manager PC.
36
Page 37
User’s Manual of FGSW-Series
4.1.1 Requirements
• Workstations of subscribers running Windows 98/ME, NT4.0, 2000/2003/XP, MAC OS9 or later, Linux, UNIX or other
platform compatible with TCP/IP protocols.
• Workstation installed with Ethernet NIC (Network Card).
• Ethernet Port connect
¾ Network cables - Use standard network (UTP) cables with RJ45 connectors.
¾ Above PC installed with WEB Browser and JAVA runtime environment Plug-in.
It is recommended to use Internet Explore 6.0 or above to access FGSW-2620VM Managed
Switch.
4.1.2 Logging on the switch
1. Use Internet Explorer 6.0 or above Web browser. Enter the factory-default IP address to access the Web interface.
The factory-default IP Address as following:
http://192.168.0.100
2. When the following login screen appears, please enter the default username "admin" with password “admin” (or the
username/password you have changed via console) to login the main screen of Managed Switch. The login screen in
Figure 4-1-1 appears.
Default User name: admin
Default Password: admin
Figure 4-1-1: Login screen
37
Page 38
User’s Manual of FGSW-Series
1. After entering the username and password, the main screen appears as Figure 4-1-2.
Figure 4-1-2: Web main page
2. The Switch Menu on the left of the Web page let you access all the commands and statistics the Switch provides.
Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by
Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed
Switch provides.
1. It is recommended to use Internet Explore 6.0 or above to access Managed Switch.
2. The changed IP address take effect immediately after click on the Save button, you need to
use the new IP address to access the Web interface.
3. For security reason, please change and memorize the new password after this first setup.
4. Only accept command in lowercase letter under web interface.
5. The WEB configuration of FGSW-2620PVM / FGSW-2612PVM / GSW-2624SF is the same
with FGSW-2620VM except PoE feature, so the FGSW-2620VM will be the example to
describe how to configure switch and also, will describe PoE configuration in additional.
38
Page 39
User’s Manual of FGSW-Series
4.1.3 Main WEB PAGE
The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to
access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed
Switch’s Web browser interface to configure and manage it.
Copper Port Link Status
SFP Port Link Status
Main Screen
Figure 4-1-3: Main Page
Main Functions Menu
Panel Display
The web agent displays an image of the Managed Switch’s ports. The Mode can be set to display different information for
the ports, including Link up or Link down. Clicking on the image of a port opens the Port Statistics page.
The port states are illustrated as follows:
State Disabled Down Link
RJ-45 Ports
Help Button
SFP Ports
PoE Ports
39
Page 40
User’s Manual of FGSW-Series
The PoE Ports panel display is only for FGSW-2620PVM and FGSW-2612PVM.
Main Menu
Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its
ports, or monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by select
the functions those listed in the Main Function. The screen in Figure 4-1-4 appears.
Figure 4-1-4: FGSW Managed Switch Main Functions Menu
4.2 System
Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the
following topics are provided to configure and view the system information: This section has the following items:
■ System Information Provides basic system description, including contact information.
■ IP Configuration Sets the IP address for management access.
■ SNMP Configuration Configure SNMP agent and SNMP Trap.
■ Firmware Upgrade Upgrade the firmware via TFTP server or Web Brower file transfer.
■ Configuration Backup Save/view the Managed Switch configuration to remote host.
Upload the switch configuration from remote host.
■ Factory Default Reset the configuration of the Managed Switch.
■ System Reboot Restarts the Managed Switch.
40
Page 41
User’s Manual of FGSW-Series
4.2.1 System Information
In System information, it has two parts of setting – Basic and Misc Config. We will describe the configure detail in
following.
4.2.1.1 Basic
The Basic System Info page provides information for the current device information. Basic System Info page helps a switch
administrator to identify the model name, firmware / hardware version and MAC address. The screen in Figure 4-2-1
appears.
Figure 4-2-1: Basic System Information screenshot
The page includes the following fields:
Object Description
Model Name:
Description:
MAC Address:
Firmware Version:
Hardware Version:
Display the system name of the Managed Switch.
Describes the Managed Switch.
Displays the unique hardware address assigned by manufacturer (default).
Displays the Managed Switch’s firmware version.
Displays the current hardware version.
41
Page 42
User’s Manual of FGSW-Series
4.2.1.2 Misc Config
Choose Misc Config from System Information of Managed Switch, the screen in Figure 4-2-2 appears.
The page includes the following fields:
Object Description
MAC Address Age-out
Time
Broadcast Storm Filter
Figure 4-2-2: Switch Misc Config screenshot
Type the number of seconds that an inactive MAC address remains in the
switch's address table. The value is a multiple of 6.
Default is 300 seconds.
To configure broadcast storm control, enable it and set the upper threshold for
42
Page 43
User’s Manual of FGSW-Series
Mode
Broadcast Storm Filter
Packets Select
Collision Retry Forever
individual ports. The threshold is the percentage of the port's total bandwidth
used by broadcast traffic. When broadcast traffic for a port rises above the
threshold you set, broadcast storm control becomes active.
The valid threshold values are 1/2, 1/4, 1/8, 1/16 and OFF.
Default is “OFF”.
To select broadcast storm Filter Packets type. If no packets type by selected,
mean can not filter any packets .The Broadcast Storm Filter Mode will show OFF.
The selectable items as below:
• Broadcast Packets
• IP Multicast
• Control Packets
• Flooded Unicast / Multicast Packets
Provide Collision Retry Forever function ”Disable” or 16, 32, 48 collision
numbers on Managed Switch. If this function is disabled, when a packet meet a
collision, the Managed Switch will retry 6 times before discard the packets.
Otherwise, the Managed Switch will retry until the packet is successfully sent.
Default value is 16.
Provide MAC address table Hashing setting on Managed Switch; available
Hash Algorithm
802.1x protocol Enable / disable 802.1x protocol.
Apply button
options are CRC Hash and Direct Map.
Default mode is CRC-Hash.
Press the button to complete the configuration.
43
Page 44
User’s Manual of FGSW-Series
4.2.2 IP Configuration
The Managed Switch is a network device which needs to be assigned an IP address for being identified on the network.
Users have to decide a means of assigning IP address to the Managed Switch.
IP address overview
What is an IP address?
Each device (such as a computer) which participates in an IP network needs a unique "address" on the network. It's similar
to having a US mail address so other people have a know way to send you messages. An IP address is a four byte number,
which is usually written in "dot notation" - each of the bytes' decimal value is written as a number, and the numbers are
separated by "dots" (aka periods). An example: 199.25.123.1
How do I get one for this box?
The IP addresses on most modern corporate nets are assigned by an employee called a "Network Administrator", or "Sys.
Admin". This person assigns IP addresses and is responsible for making sure that IP addresses are not duplicated - If this
happens one or both machines with a duplicate address will stop working.
Another possibility is getting your address assigned to you automatically over the net via DHCP protocol. Enable DHCP
function, and reset the machine. If your network is set up for this service, you will get an IP address assigned over the
network. If you don't get an address in about 30 seconds, you probably don't have DHCP.
IP Configuration
The IP Configuration includes the IP Address, Subnet Mask and Gateway. The Configured column is used to view or
change the IP configuration. Fill up the IP Address, Subnet Mask and Gateway for the device. The screen in Figure 4-2-3
appears.
Figure 4-2-3: IP configuration interface
44
Page 45
The page includes the following fields:
Object Description
DHCP
IP Address
User’s Manual of FGSW-Series
Enable or disable the DHCP client function.
When DHCP function is enabled, the Managed Switch will be assigned an IP
address from the network DHCP server. The default IP address will be replaced
by the assigned IP address on DHCP server. After the user clicks Apply, a
popup dialog shows up to inform the user that when the DHCP client is enabled,
the current IP will lose and user should find the new IP on the DHCP server.
Assign the IP address that the network is using.
If DHCP client function is enabled, this switch is configured as a DHCP client.
The network DHCP server will assign the IP address to the switch and display it
in this column.
The default IP is 192.168.0.100 or the user has to assign an IP address
manually when DHCP Client is disabled.
Assign the subnet mask to the IP address.
Subnet Mask
Gateway
If DHCP client function is disabled, the user has to assign the subnet mask in
this column field.
Assign the network gateway for the switch.
If DHCP client function is disabled, the user has to assign the gateway in this
column field.
The default gateway is 192.168.0.254.
45
Page 46
User’s Manual of FGSW-Series
4.2.3 SNMP Configuration
4.2.3.1 SNMP Overview
The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of
management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP)
protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems,
and plan for network growth.
Figure 4-2-4: SNMP configuration interface
An SNMP-managed network consists of three key components: Network management stations (NMSs), SNMP agents,
Management information base (MIB) and network-management protocol:
。 Network management stations (NMSs) : Sometimes called consoles, these devices execute management
applications that monitor and control network elements. Physically, NMSs are usually engineering workstation-caliber
computers with fast CPUs, megapixel color displays, substantial memory, and abundant disk space. At least one
NMS must be present in each managed environment.
。 Agents:Agents are software modules that reside in network elements. They collect and store management
information such as the number of error packets received by a network element.
。 Management information base (MIB):A MIB is a collection of managed objects residing in a virtual information
store. Collections of related managed objects are defined in specific MIB modules.
。 network-management protocol:A management protocol is used to convey management information between
46
Page 47
User’s Manual of FGSW-Series
agents and NMSs. SNMP is the Internet community's de facto standard management protocol.
SNMP Operations
SNMP itself is a simple request/response protocol. NMSs can send multiple requests without receiving a response.
。 Get -- Allows the NMS to retrieve an object instance from the agent.
。 Set -- Allows the NMS to set values for object instances within an agent.
。 Trap -- Used by the agent to asynchronously inform the NMS of some event. The SNMPv2 trap message is designed
to replace the SNMPv1 trap message.
SNMP community
An SNMP community is the group that devices and management stations running SNMP belong to. It helps define where
information is sent. The community name is used to identify the group. A SNMP device or agent may belong to more than
one SNMP community. It will not respond to requests from management stations that do not belong to one of its
communities. SNMP default communities are:
。 Write = private
。 Read = public
4.2.3.2 System Options
Use this page to define management stations. You can also define a name, location, and contact person for the Managed
Switch.
Figure 4-2-5: SNMP configuration interface
The page includes the following fields:
Object Description
• System Name
An administratively assigned name for this managed node. By convention, this is
the node's fully-qualified domain name. A domain name is a text string drawn
from the alphabet (A-Za-z), digits (0-9), minus sign (-). No space characters are
permitted as part of a name. The first character must be an alpha character. And
the first or last character must not be a minus sign.
The allowed string length is 0 to 255.
47
Page 48
User’s Manual of FGSW-Series
A
• System Location
• System Contact
• SNMP Status
The physical location of this node (e.g., telephone closet, 3rd floor).
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 32 to 126.
The textual identification of the contact person for this managed node, together
with information on how to contact this person.
The allowed string length is 0 to 255, and the allowed content is the ASCII
characters from 32 to 126.
Indicates the SNMP mode operation. Possible modes are:
• Enabled: Enable SNMP mode operation.
• Disabled: Disable SNMP mode operation.
4.2.3.3 Community Strings
Community strings serve as passwords and can be entered as one of the following:
The page includes the following fields:
Object Description
Community Strings: Here you can define the new community string set and remove the unwanted
dd
button
Remove
button
Figure 4-2-6: Community strings interface
community string.
String: Fill the name string.
RO: Read only. Enables requests accompanied by this community string to
display MIB-object information.
RW: Read/write. Enables requests accompanied by this community string to
display MIB-object information and to set MIB objects.
Press the button to add the management SNMP community strings on the
Managed Switch.
Press the button to remove the management SNMP community strings that you
defined before on the Managed Switch.
48
Page 49
User’s Manual of FGSW-Series
4.2.3.4 Trap Managers
A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is
defined, no traps will be issued. To define a management station as a trap manager, assign an IP address, enter the SNMP
community strings, and select the SNMP trap version.
Figure 4-2-7: Trap Managers interface
The page includes the following fields:
Object Description
IP Address:
Community:
Enter the IP address of the trap manager.
Enter the community string for the trap station.
49
Page 50
User’s Manual of FGSW-Series
4.2.4 Firmware Upgrade
It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol (TFTP)
server. Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server.
4.2.4.1 TFTP Firmware Upgrade
The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP
server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the
TFTP server. The screen in Figure 4-2-8 appears.
Use this menu to download a file from specified TFTP server to the Managed Switch.
Figure 4-2-8: Firmware Upgrade interface
The page includes the following fields:
Object Description
TFTP Server IP Address: Type in your TFTP server IP.
Firmware File Name: Type in the name of the firmware image file to be updated.
50
Page 51
User’s Manual of FGSW-Series
4.2.4.2 HTTP Firmware Upgrade
The HTTP Firmware Upgrade page contains fields for downloading system image files from the Local File browser to the
device. The Web Firmware Upgrade screen in Figure 4-2-9 appears.
Figure 4-2-9: HTTP Firmware Upgrade interface
To open Firmware Upgrade screen perform the folling:
1. Click System -> Web Firmware Upgrade.
2. The Firmware Upgrade screen is displayed as in Figure 4-2-9.
3. Click the “Browse” button of the main page, the system would pop up the file selection menu to choose firmware.
4. Select on the firmware then click “Upload”, the Software Upload Progress would show the file upload status.
Firmware upgrade needs several minutes. Please wait a while, and then manually
refresh the webpage.
51
Page 52
User’s Manual of FGSW-Series
4.2.5 Configuration Backup
4.2.5.1 TFTP Restore Configuration
You can restore a previous backup configuration from the TFTP server to recover the settings. Before doing that, you must
locate the image file on the TFTP server first and the Managed Switch will download back the flash image.
The page includes the following fields:
Object Description
TFTP Server IP Address:
Restore File Name:
Type in the TFTP server IP.
Type in the correct file name for restoring.
Figure 4-2-10: Configuration Restore interface
52
Page 53
User’s Manual of FGSW-Series
4.2.5.2 TFTP Backup Configuration
You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the
configuration later. It helps you to avoid wasting time on configuring the settings by backing up the configuration.
The page includes the following fields:
Object Description
TFTP Server IP Address:
Backup File Name:
Type in the TFTP server IP.
Type in the file name.
Figure 4-2-11: Configuration Backup interface
53
Page 54
4.2.6 Factory Default
User’s Manual of FGSW-Series
Reset switch to default configuration. Click
Default
Figure 4-2-12: Factory Default interface
to reset all configurations to the default value.
4.2.7 System Reboot
Reboot the switch in software reset. Click
Reboot
to reboot the system.
Figure 4-2-13 : System Reboot interface
54
Page 55
User’s Manual of FGSW-Series
4.3 Port Configuration
4.3.1 Port Control
In Port control you can configure the settings of each port to control the connection parameters, and the status of each port
is listed beneath.
The page includes the following fields:
Object Description
Port:
State:
Negotiation:
Speed:
Duplex:
Figure 4-3-1: Port Control interface
Use the scroll bar and click on the port number to choose the port to be
configured.
Current port state. The port can be set to disable or enable mode. If the port state
is set as ‘Disable’, it will not receive or transmit any packet.
Auto and Force. Being set as Auto, the speed and duplex mode are negotiated
automatically. When you set it as Force, you have to set the speed and duplex
mode manually.
It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
It is available for selecting when the Negotiation column is set as Force. When
the Negotiation column is set as Auto, this column is read-only.
Flow Control:
Whether or not the receiving node sends feedback to the sending node is
determined by this item. When enabled, once the device exceeds the input data
rate of another device, the receiving device will send a PAUSE frame which halts
the transmission of the sender for a specified period of time. When disabled, the
receiving device will drop the packet if too much to process.
55
Page 56
User’s Manual of FGSW-Series
Port-1 ~ Port-24, supports by-port ingress and egress rate control.
For example, assume port 1 is 10Mbps, users can set its effective egress rate at
1Mbps and ingress rate at 500Kbps. Device will perform flow control or
backpressure to confine the ingress rate to meet the specified rate.
Ingress: Type the port effective ingress rate.
Rate Control:
(Unit: 128KBbps)
Security:
BSF:
Jumbo Frame:
The valid range is 0 ~ 8000. The unit is 128K.
0: disable rate control.
1 ~ 8000: valid rate value
Egress: Type the port effective egress rate.
The valid range is 0 ~ 8000. The unit is 128K.
0: disable rate control.
1 ~8000: valid rate value.
A port in security mode will be “locked” without permission of address learning.
Only the incoming packets with SMAC already existing in the address table can
be forwarded normally.
User can disable the port from learning any new MAC addresses, then use the
static MAC addresses screen to define a list of MAC addresses that can use the
secure port. Enter the settings, then click Apply button to change on this page.
User can disable/Enable port broadcast storm filtering option by port.
The filter mode and filter packets type can be select in Switch Setting >
Config page.
User can disable/Enable port jumbo frame option by port. When port jumbo
frame is enable, the port forward jumbo frame packet.
Misc
The model FGSW-2624SF supports Egress Rate Control only; it doesn’t support Ingress
Rate Control function.
The three models support up to 9Kbytes jumbo frame forwarding.
56
Page 57
User’s Manual of FGSW-Series
4.3.2 Port Status
This page displays current port configurations and operating status - it is a ports’ configurations summary table. Via the
summary table, you can know status of each port clear at a glance, like Port Link Up/Link Down status, negotiation, Link
Speed, Rate Control, Duplex mode and Flow Control.
Figure 4-3-2 : Port Status interface
57
Page 58
User’s Manual of FGSW-Series
4.3.3 Port Statistics
The following chart provides the current statistic information which displays the real-time packet transfer status for each port.
The user might use the information to plan and implement the network, or check and find the problem when the collision or
heavy traffic occurs.
Figure 4-3-3: Port Statistics interface
The page includes the following fields:
Object Description
Port:
Typ e:
Link: The status of linking—‘Up’ or ‘Down’.
State:
Tx Good Packet:
Tx Bad Packet:
Rx Good Packet:
The port number.
Displays the current speed of connection to the port.
It’s set by Port Control. When the state is disabled, the port will not transmit or
receive any packet.
The counts of transmitting good packets via this port.
The counts of transmitting bad packets (including undersize [less than 64 octets],
oversize, CRC Align errors, fragments and jabbers packets) via this port.
The counts of receiving good packets via this port.
58
Page 59
User’s Manual of FGSW-Series
Rx Bad Packet:
Tx Abort Packet:
Packet Collision:
Packet Dropped:
Rx Bcast Packet:
Rx Mcast Packet:
The counts of receiving good packets (including undersize [less than 64 octets],
oversize, CRC error, fragments and jabbers) via this port.
The aborted packet while transmitting.
The counts of collision packet.
The counts of dropped packet.
The counts of broadcast packet.
The counts of multicast packet.
4.3.4 Port Sniffer
The Port Sniffer (mirroring) is a method for monitor traffic in switched networks. Traffic through a port can be monitored by
one specific port. That is, traffic goes in or out a monitored port will be duplicated into sniffer port.
Figure 4-3-4: Port Mirror application
Configuring the port mirroring by assigning a source port from which to copy all packets and a destination port where those
packets will be sent.
59
Page 60
User’s Manual of FGSW-Series
The page includes the following fields:
Object Description
Select a sniffer mode:
Sniffer Type:
It’ means Analysis port can be used to see the traffic on another port you want to
Analysis (Monitoring) Port:
Monitored Port:
monitor. You can connect Analysis port to LAN analyzer or netxray.
The port you want to monitor. The monitor port traffic will be copied to Analysis
port. You can select one monitor ports in the switch. User can choose which port
that they want to monitor in only one sniffer type.
Figure 4-3-5: Port Sniffer interface
• Disable
• Rx
• Tx
• Both
1 When the Mirror Mode set to RX or TX and the Analysis Port be selected, the packets
to and from the Analysis Port will not be transmitted. The Analysis Port will accept only
COPPIED packets from the Monitored Port.
2 If you want to disable the function, you must select monitor port to none.
60
Page 61
User’s Manual of FGSW-Series
4.4 VLAN configuration
4.4.1 VLAN Overview
A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the
physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that
appears as a single LAN. VLAN also logically segment the network into different broadcast domains so that packets are
forwarded only between ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not
necessarily.
VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains.
A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate
with each other are assigned to the same VLAN, regardless of where they are physically on the network. Logically, a VLAN
can be equated to a broadcast domain, because broadcast packets are forwarded to only members of the VLAN on which
the broadcast was initiated.
1. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN
membership, packets cannot cross VLAN without a network device performing a routing
function between the VLAN.
2. The Managed Switch supports IEEE 802.1Q VLAN. The port untagging function can be used
to remove the 802.1 tag from packet headers to maintain compatibility with devices that are
tag-unaware.
The Managed Switch supports IEEE 802.1Q (tagged-based) and Port-Base VLAN setting in web management page. In
the default configuration, VLAN support is “802.1Q”.
Port-based VLAN
Port-based VLAN limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of
the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire department.
On port-based VLAN.NIC do not need to be able to identify 802.1Q tags in packet headers. NIC send and receive normal
Ethernet packets. If the packet's destination lies on the same segment, communications take place using normal Ethernet
protocols. Even though this is always the case, when the destination for a packet lies on another switch port, VLAN
considerations come into play to decide if the packet is dropped by the Switch or delivered.
IEEE 802.1Q VLANs
IEEE 802.1Q (tagged) VLAN are implemented on the Switch. 802.1Q VLAN require tagging, which enables them to span
the entire network (assuming all switches on the network are IEEE 802.1Q-compliant).
VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will
only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes
broadcast, multicast and unicast packets from unknown sources.
VLAN can also provide a level of security to your network. IEEE 802.1Q VLAN will only deliver packets between stations
61
Page 62
User’s Manual of FGSW-Series
that are members of the VLAN. Any port can be configured as either tagging or untagging. The untagging feature of IEEE
802.1Q VLAN allows VLAN to work with legacy switches that don't recognize VLAN tags in packet headers. The tagging
feature allows VLAN to span multiple 802.1Q-compliant switches through a single physical connection and allows Spanning
Tree to be enabled on all ports and work normally.
Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLAN allows VLAN to
work with legacy switches that don’t recognize VLAN tags in packet headers. The tagging feature allows VLAN to span
multiple 802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all
ports and work normally.
Some relevant terms:
- Tagging - The act of putting 802.1Q VLAN information into the header of a packet.
- Untagging - The act of stripping 802.1Q VLAN information out of the packet header.
802.1Q VLAN Tags
The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address.
Their presence is indicated by a value of 0x8100 in the Ether Type field. When a packet's Ether Type field is equal to
0x8100, the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3
bits of user priority, 1 bit of Canonical Format Identifier (CFI - used for encapsulating Token Ring packets so they can be
carried across Ethernet backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID
is the VLAN identifier and is used by the 802.1Q standard. Because the VID is 12 bits long, 4094 unique VLAN can be
identified.
The tag is inserted into the packet header making the entire packet longer by 4 octets. All of the information originally
contained in the packet is retained.
802.1Q Tag
User Priority CFI VLAN ID (VID)
3 bits 1 bits 12 bits
TPID (Tag Protocol Identifier) TCI (Tag Control Information)
2 bytes 2 bytes
Preamble
Destination
Address
6 bytes 6 bytes 4 bytes 2 bytes 46-1517 bytes 4 bytes
Source
Address
VLAN TAG
Ethernet
Type
Data FCS
The Ether Type and VLAN ID are inserted after the MAC source address, but before the original Ether Type/Length or
Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC)
must be recalculated.
62
Page 63
User’s Manual of FGSW-Series
Adding an IEEE802.1Q Tag
Dest. Addr. Src. Addr. Length/E. type Data Old CRC
Dest. Addr. Src. Addr. E. type Tag Length/E. type Data New CRC
Original Ethernet
Priority CFI VLAN ID
New Tagged Packet
Port VLAN ID
Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network
device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the
entire network – if all network devices are 802.1Q compliant).
Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLAN
are defined on the switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagged packets are
assigned the PVID of the port on which they were received. Forwarding decisions are based upon this PVID, in so far as
VLAN are concerned. Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are
also assigned a PVID, but the PVID is not used to make packet forwarding decisions, the VID is.
Tag-aware switches must keep a table to relate PVID within the switch to VID on the network. The switch will compare the
VID of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VID are different the switch
will drop the packet. Because of the existence of the PVID for untagged packets and the VID for tagged packets, tag-aware
and tag-unaware network devices can coexist on the same network.
A switch port can have only one PVID, but can have as many VID as the switch has memory in its VLAN table to store them.
Because some devices on a network may be tag-unaware, a decision must be made at each port on a tag-aware device
before packets are transmitted – should the packet to be transmitted have a tag or not? If the transmitting port is connected
to a tag-unaware device, the packet should be untagged. If the transmitting port is connected to a tag-aware device, the
packet should be tagged.
Default VLANs
The Switch initially configures one VLAN, VID = 1, called "default." The factory default setting assigns all ports on the
Switch to the "default". As new VLAN are configured in Port-based mode, their respective member ports are removed from
the "default."
VLAN and Link aggregation Groups
In order to use VLAN segmentation in conjunction with port link aggregation groups, you can first set the port link
aggregation group(s), and then you may configure VLAN settings. If you wish to change the port link aggregation grouping
with VLAN already in place, you will not need to reconfigure the VLAN settings after changing the port link aggregation
63
Page 64
User’s Manual of FGSW-Series
group settings. VLAN settings will automatically change in conjunction with the change of the port link aggregation group
settings.
4.4.2 Static VLAN Configuration
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain. It allows you to isolate network traffic
so only members of the VLAN receive traffic from the same VLAN members. Basically, creating a VLAN from a switch is
logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices
are still plug into the same switch physically.
The Managed Switch supports Port-based and 802.1Q (Tagged-based) VLAN in web management page. In the default
configuration, VLAN support is “802.1Q”.
Figure 4-4-1: Static VLAN interface
1 No matter what basis is used to uniquely identify end nodes and assign these nodes
VLAN membership, packets cannot cross VLAN without a network device performing a
routing function between the VLAN.
2 The Switch supports Port-based VLAN and IEEE 802.1Q VLAN. The port untagging
function can be used to remove the 802.1 tag from packet headers to maintain
compatibility with devices that are tag-unaware.
64
Page 65
User’s Manual of FGSW-Series
4.4.3 Port-based VLAN
Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to
another single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.
In order for an end station to send packets to different VLANs, it itself has to be either capable of tagging packets it sends
with VLAN tags or attached to a VLAN-aware bridge that is capable of classifying and tagging the packet with different
VLAN ID based on not only default PVID but also other information about the packet, such as the protocol.
Figure 4-4-2: Port-based VLAN interface
Create a VLAN and add member ports to it
1. Click the hyperlink "VLAN” \ “Static VLAN" to enter the VLAN configuration interface.
2. Select “Port Based VLAN” at the VLAN Operation Mode, to enable the port-based VLAN function.
3. Click “ Add “ to create a new VLAN group. Then the following Figure 4-4-3 appears.
4. Type a name and Group ID for the new VLAN, the available range is 2-4094.
5. From the Available ports box, select ports to add to the Managed Switch and click Add .
6. Click Apply.
7. You will see the VLAN Group displays.
8. If the port-based VLAN groups list over one page, please click “Next Page” to view other VLAN groups on other page.
9. Use “Delete” button to delete unwanted port-based VLAN groups
10. Use “ Edit” button to modify existing port-based VLAN groups.
By adding ports to the VLAN you have created one port-based VLAN group completely.
65
Page 66
User’s Manual of FGSW-Series
The page includes the following fields:
Object Description
Use this optional field to specify a name for the VLAN. It can be up to 16
VLAN Name
Group ID
Port
Member
alphanumeric characters long, including blanks.
You can configure the ID number of the VLAN by this item. This field is used to add
VLANs one at a time. The VLAN group ID and available range is 2-4094.
Indicate port 1 to port 26.
Add
Remove
Figure 4-4-3: Static VLAN interface
Defines the interface as a Port-Based member of a VLAN.
Forbidden ports are not included in the VLAN.
All unselected ports are treated as belonging to another single VLAN. If the port-based
VLAN enabled, the VLAN-tagging is ignored.
66
Page 67
User’s Manual of FGSW-Series
4.4.4 802.1Q VLAN
Tagged-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices
from different switch venders. IEEE 802.1Q VLAN uses a technique to insert a "tag" into the Ethernet frames. Tag contains
a VLAN Identifier (VID) that indicates the VLAN numbers.
You can create and delete Tag-based VLAN. There are 256 VLAN groups to provide configure. Enable 802.1Q VLAN, the
all ports on the switch belong to default VLAN, VID is 1. The default VLAN can't be deleting.
Understand nomenclature of the Switch
■ IEEE 802.1Q Tagged and Untagged
Every port on an 802.1Q compliant switch can be configured as tagged or untagged.
• Tagged
• Untgged
Frame Leave
Leave port is tagged Frame remains tagged Tag is inserted
Leave port is untagged Tag is removed Frame remain untagged
Ports with tagging enabled will put the VID number, priority and other VLAN information into the
header of all packets that flow into those ports. If a packet has previously been tagged, the port
will not alter the packet, thus keeping the VLAN information intact. The VLAN information in the
tag can then be used by other 802.1Q compliant devices on the network to make
packet-forwarding decisions.
Ports with untagging enabled will strip the 802.1Q tag from all packets that flow into those
ports. If the packet doesn't have an 802.1Q VLAN tag, the port will not alter the packet. Thus,
all packets received by and forwarded by an untagging port will have no 802.1Q VLAN
information. (Remember that the PVID is only used internally within the Switch). Untagging is
used to send packets from an 802.1Q-compliant network device to a non-compliant network
device.
Frame Income
Income Frame is tagged Income Frame is untagged
67
Page 68
4.4.4.1 VLAN Group Configuration
VLAN Group Configuration
User’s Manual of FGSW-Series
Figure 4-4-4: VLAN Group Configuration interface
1. Click the hyperlink "VLAN” \ “Static VLAN" to enter the VLAN configuration interface.
2. Select “802.1Q” at the VLAN Operation Mode, to enable the 802.1Q VLAN function.
3. Click Add to create a new VLAN group or Edit to management exist VLAN groups. Then the VLAN Group column
appears.
4. Input a VLAN group ID and available range is 2-4094.
68
Page 69
User’s Manual of FGSW-Series
Figure 4-4-5: VLAN Group Configuration interface
5. Select specific port as member port and the screen in Figure 4-4-6 appears.
Figure 4-4-6: 802.1Q VLAN Setting Web Page screen
69
Page 70
The page includes the following fields:
Object Description
User’s Manual of FGSW-Series
VLAN Name
VLAN ID
Port
UnTag Member
6. After setup completed, please press “Apply” button to take effect.
7. Please press “Back” for return to VLAN configuration screen to add other VLAN group, the screen in Figure 4-33
appears.
8. If there are many groups that over the limit of one page, you can click Next to view other VLAN groups.
9. Use Delete button to delete unwanted VLAN.
Use this optional field to specify a name for the VLAN. It can be up to 16
alphanumeric characters long, including blanks.
You can configure the ID number of the VLAN by this item. This field is used to
add VLANs one at a time.
The VLAN group ID and available range is 2-4094.
Indicate port 1 to port 26.
Untag
Tag
Packets forwarded by the interface are untagged.
Defines the interface as a tagged member of a VLAN. All packets
forwarded by the interface are tagged. The packets contain VLAN
information.
10. Use Edit button to modify existing VLAN group.
Enable 802.1Q VLAN, the all ports on the switch belong to default VLAN, VID is 1. The
default VLAN can't be deleting.
70
Page 71
User’s Manual of FGSW-Series
4.4.4.2 VLAN Filter
802.1Q VLAN Port Configuration
This page is used for configuring the Switch port VLAN. The VLAN per Port Configuration page contains fields for managing
ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Configuration page. All
untagged packets arriving to the device are tagged by the ports PVID.
This section provides 802.1Q Ingress Filter of each port from the Switch, the screen in Figure 4-4-7 appears.
The page includes the following fields:
Object Description
NO
PVID
Indicate port 1 to port 26.
Set the port VLAN ID that will be assigned to untagged traffic on a given port.
This feature is useful for accommodating devices that you want to participate in
the VLAN but that don't support tagging.
The switch each port allows user to set one VLAN ID, the range is 1~255, default
Figure 4-4-7: 802.1Q Ingress filter interface
71
Page 72
User’s Manual of FGSW-Series
VLAN ID is 1.
The VLAN ID must as same as the VLAN ID that the port belong to VLAN group,
or the untagged traffic will be dropped.
Ingress Filtering 1
Ingress Filtering 2
Apply button
Ingress filtering lets frames belonging to a specific VLAN to be forwarded if the
port belongs to that VLAN.
Enable: Forward only packets with VID matching this port's configured VID.
Disable: Disable Ingress filter function.
Drop untagged frame.
Disable: Acceptable all Packet.
Enable: Only packet with match VLAN ID can be permission to go through the
port.
Press the button to save configurations.
72
Page 73
User’s Manual of FGSW-Series
4.4.5 Q-in-Q VLAN
■ IEEE 802.1Q Tunneling (Q-in-Q)
IEEE 802.1Q Tunneling (QinQ) is designed for service providers carrying traffic for multiple customers across their
networks. QinQ tunneling is used to maintain customer-specific VLAN and Layer 2 protocol configurations even when
different customers use the same internal VLAN IDs. This is accomplished by inserting Service Provider VLAN (SPVLAN)
tags into the customer’s frames when they enter the service provider’s network, and then stripping the tags when the
frames leave the network.
A service provider’s customers may have specific requirements for their internal VLAN IDs and number of VLANs supported.
VLAN ranges required by different customers in the same service-provider network might easily overlap, and traffic passing
through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer would restrict customer
configurations, require intensive processing of VLAN mapping tables, and could easily exceed the maximum VLAN limit of
4096.
The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge,
aggregating traffic from numerous independent customer LANs into the MAN (Metro Access Network) space. One of the
purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used
independent of the customers’ VLANs. This is accomplished by adding a VLAN tag with a MAN-related VID for frames
entering the MAN. When leaving the MAN, the tag is stripped and the original VLAN tag with the customer-related VID is
again available.
This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without
interfering with the VLAN tags. All tags use EtherType 0x8100 or 0x88A8, where 0x8100 is used for customer tags and
0x88A8 are used for service provider tags.
In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the
particular VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC
table requirements is reduced.
73
Page 74
4.4.5.1 Q-in-Q Port Setting
The QinQ VLAN \ QinQ Port Setting screen in Figure 4-4-8 appears.
User’s Manual of FGSW-Series
The page includes the following fields:
Object Description
Enable: Sets the Managed Switch to QinQ mode, and allows the QinQ tunnel port to
QinQ
QinQ TPID
Port QinQ
Disable:
The default is for the Managed Switch to function in Disable mode.
The Tag Protocol Identifier (TPID) specifies the ethertype of incoming packets on a
tunnel access port.
• 802.1Q Tag : 8100
• vMAN Tag : 88A8
Default : 802.1Q Tag.
Check: Sets the Port to QinQ mode. Or the port operates in its normal VLAN mode.
Default: Un-check.
Figure 4-4-8: Q-in-Q Port Setting interface
be configured.
The Managed Switch operates in its normal VLAN mode.
QinQ Uplink
Check:
Configures IEEE 802.1Q tunneling (QinQ) for an uplink port to another device
within the service provider network.
74
Page 75
User’s Manual of FGSW-Series
Cancel:
Configures IEEE 802.1Q tunneling (QinQ) for a client access port to segregate
and preserve customer VLAN IDs for traffic crossing the service provider
network.
4.4.5.2 Q-in-Q Tunnel Setting
Business customers of service providers often have specific requirements for VLAN IDs and the number of VLANs to be
supported. The VLAN ranges required by different customers in the same service-provider network might overlap, and
traffic of customers through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer
would restrict customer configurations and could easily exceed the VLAN limit (4096) of the IEEE 802.1Q specification.
Using the QinQ feature, service providers can use a single VLAN to support customers who have multiple VLANs.
Customer VLAN IDs are preserved, and traffic from different customers is segregated within the service-provider network,
even when they appear to be in the same VLAN. Using QinQ expands VLAN space by using a VLAN-in-VLAN hierarchy
and retagging the tagged packets. A port configured to support QinQ is called a QinQ user-port. A port configured to support
QinQ Uplink is called a QinQ uplink-port.
Figure 4-4-9: Q-in-Q Tunnel Setting interface
To configure QinQ Port
1. Enable global QinQ function: select QinQ enable "Enable".
2. Fill QinQ Tpid.
3. Enable port QinQ function: select QinQ checkbox for special port.
4. Enable port QinQ Uplink function: select QinQ Uplink checkbox for special port.
75
Page 76
User’s Manual of FGSW-Series
4.5 Rapid Spanning Tree
The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning
tree convergence after a topology change. The system also supports STP and the system will auto-detect the connected
device that is running STP or RSTP protocol.
4.5.1 Theory
The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between
switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that
only one route exists between any two stations on the network, and provide backup links which automatically take over
when a primary link goes down. The spanning tree algorithms supported by this switch include these versions:
STP – Spanning Tree Protocol (IEEE 802.1D)
RSTP – Rapid Spanning Tree Protocol (IEEE 802.1w)
The IEEE 802.1D Spanning Tree Protocol and IEEE 802.1W Rapid Spanning Tree Protocol allow for the blocking of links
between switches that form loops within the network. When multiple links between switches are detected, a primary link is
established. Duplicated links are blocked from use and become standby links. The protocol allows for the duplicate links to
be used in the event of a failure of the primary link. Once the Spanning Tree Protocol is configured and enabled, primary
links are established and duplicated links are blocked automatically. The reactivation of the blocked links (at the time of a
primary link failure) is also accomplished automatically without operator intervention.
This automatic network reconfiguration provides maximum uptime to network users. However, the concepts of the
Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood.
It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured.
Please read the following before making any changes from the default values.
The Switch STP performs the following functions:
Creates a single spanning tree from any combination of switching or bridging elements.
Creates multiple spanning trees – from any combination of ports contained within a single switch, in user
specified groups.
Automatically reconfigures the spanning tree to compensate for the failure, addition, or removal of any element
in the tree.
Reconfigures the spanning tree without operator intervention.
Bridge Protocol Data Units
For STP to arrive at a stable network topology, the following information is used:
The unique switch identifier
The path cost to the root associated with each switch port
The port identifier
STP communicates between switches on the network using Bridge Protocol Data Units (BPDUs). Each BPDU contains the
following information:
The unique identifier of the switch that the transmitting switch currently believes is the root switch.
The path cost to the root from the transmitting port.
76
Page 77
User’s Manual of FGSW-Series
The port identifier of the transmitting port.
The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on
which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving
switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
The communication between switches via BPDUs results in the following:
One switch is elected as the root switch.
The shortest distance to the root switch is calculated for each switch.
A designated switch is selected. This is the switch closest to the root switch through which packets will be
forwarded to the root.
A port for each switch is selected. This is the port providing the best path from the switch to the root switch.
Ports included in the STP are selected.
Creating a Stable STP Topology
It is to make the root port a fastest link. If all switches have STP enabled with default settings, the switch with the lowest
MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best
switch, STP can be forced to select the best switch as the root switch.
When STP is enabled using the default parameters, the path between source and destination stations in a switched
network might not be ideal. For instance, connecting higher-speed links to a port that has a higher number than the current
root port can cause a root-port change.
STP Port States
The BPDUs take some time to pass through a network. This propagation delay can result in topology changes where a port
that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops. Ports must wait for
new network topology information to propagate throughout the network before starting to forward packets. They must also
wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology. The forward delay
timer is used to allow the network topology to stabilize after a topology change. In addition, STP specifies a series of states
a port must transition through to further ensure that a stable network topology is created after a topology change.
Each port on a switch using STP exists is in one of the following five states:
Blocking – the port is blocked from forwarding or receiving packets.
Listening – the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state.
Learning – the port is adding addresses to its forwarding database, but not yet forwarding packets.
Forwarding – the port is forwarding packets.
Disabled – the port only responds to network management messages and must return to the blocking state
first.
77
Page 78
A port transitions from one state to another as follows:
From initialization (switch boot) to blocking.
From blocking to listening or to disabled.
From listening to learning or to disabled.
From learning to forwarding or to disabled.
From forwarding to disabled.
From disabled to blocking.
Switch
Blocking
User’s Manual of FGSW-Series
Listening
Learning
Forwarding
Figure 4-5-1: STP Port State Transitions
You can modify each port state by using management software. When you enable STP, every port on every switch in the
network goes through the blocking state and then transitions through the states of listening and learning at power up. If
properly configured, each port stabilizes to the forwarding or blocking state. No packets (except BPDUs) are forwarded from,
or received by, STP enabled ports until the forwarding state is enabled for that port.
Disable
78
Page 79
User’s Manual of FGSW-Series
4.5.2 STP Parameters
STP Operation Levels
The Switch allows for two levels of operation: the switch level and the port level. The switch level forms a spanning tree
consisting of links between one or more switches. The port level constructs a spanning tree consisting of groups of one or
more ports. The STP operates in much the same way for both levels.
On the switch level, STP calculates the Bridge Identifier for each switch and then sets the Root
Bridge and the Designated Bridges.
On the port level, STP sets the Root Port and the Designated Ports.
The following are the user-configurable STP parameters for the switch level:
Parameter Description Default Value
Bridge Identifier(Not user
configurable
except by setting priority
below)
Priority
Hello Time
Maximum Age Timer
Forward Delay Timer
A combination of the User-set priority and
the switch’s MAC address.
The Bridge Identifier consists of two parts:
a 16-bit priority and a 48-bit Ethernet MAC
address 32768 + MAC.
A relative priority for each switch – lower
numbers give a higher priority and a greater
chance of a given switch being elected as
the root bridge.
The length of time between broadcasts of
the hello message by the switch.
Measures the age of a received BPDU for a
port and ensures that the BPDU is discarded
when its age exceeds the value of the
maximum age timer.
The amount time spent by a port in the
32768 + MAC
32768
2 seconds
20 seconds
15 seconds
The following are the user-configurable STP parameters for the port or port group level:
Variable Description Default Value
Port Priority
A relative priority for each
port –lower numbers give a higher priority
and a greater chance of a given port being
elected as the root port.
learning and listening states waiting for a
BPDU that may return the port to the
blocking state.
128
79
Page 80
User’s Manual of FGSW-Series
Port Cost
Default Spanning-Tree Configuration
A value used by STP to evaluate paths –
STP calculates path costs and selects the
path with the minimum cost as the active
path.
Feature Default Value
Enable state STP disabled for all ports
Port priority 128
Port cost 0
Bridge Priority 32,768
The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will
occur.
200,000-100Mbps Fast Ethernet ports
20,000-1000Mbps Gigabit Ethernet
ports
0 - Auto
Observe the following formulas when setting the above parameters:
Max. Age _ 2 x (Forward Delay - 1 second)
Max. Age _ 2 x (Hello Time + 1 second)
4.5.3 Illustration of STP
A simple illustration of three switches connected in a loop is depicted in the below diagram. In this example, you can
anticipate some major network problems if the STP assistance is not applied.
If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to
switch A and so on. The broadcast packet will be passed indefinitely in a loop, potentially causing a network failure. In this
example, STP breaks the loop by blocking the connection between switch B and C. The decision to block a particular
connection is based on the STP calculation of the most current Bridge and Port settings.
Now, if switch A broadcasts a packet to switch C, then switch C will drop the packet at port 2 and the broadcast will end
there. Setting-up STP using values other than the defaults, can be complex. Therefore, you are advised to keep the default
factory settings and STP will automatically assign root bridges/ports and block loop connections. Influencing STP to choose
a particular switch as the root bridge using the Priority setting, or influencing STP to choose a particular port to block using
the Port Priority and Port Cost settings is, however, relatively straight forward.
80
Page 81
A
Port 1
User’s Manual of FGSW-Series
LAN 1
Portcast = 19
Port 3
Bridge ID = 15
Port 2
Portcast = 4
Portcast = 4
Port 1
B
Bridge ID = 30
Port 2
Port 3
Portcast = 19 Portcast = 19
LAN 2 LAN 3
Figure 4-5-2: Before Applying the STA Rules
In this example, only the default STP values are used.
A
Port 1
Portcast = 19
LAN 1
Port 3
Root Bridge
Portcast = 4
Port 2
Portcast = 4
C
Port 2
Port 1
Bridge ID = 20
Port 3
Blocked
Designated Port
Root Port
C
Designated Bridge
Port 2
Port 1
Port 3
Designated Port
Root Port
Port 1
B
Port 2
Port 3
LAN 2 LAN 3
Figure 4-5-3: After Applying the STA Rules
The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port
cost between switches B and C. The two (optional) Gigabit ports (default port cost = 4) on switch A are connected to one
(optional) Gigabit port on both switch B and C. The redundant link between switch B and C is deliberately chosen as a 100
Mbps Fast Ethernet link (default port cost = 19). Gigabit ports could be used, but the port cost should be increased from the
default to ensure that the link between switch B and switch C is the blocked link.
81
Page 82
User’s Manual of FGSW-Series
4.5.4 RSTP System Configuration
This section provides RSTP-System Configuration from the Switch, the screen in Figure 4-5-4 appears.
The user can view spanning tree information of Root Bridge.
The user can modify RSTP state. After modification, click
Apply
.
Figure 4-5-4: RSTP System Configuration interface
The page includes the following fields:
Object Description
RSTP mode:
Protocol Version
Priority (0-61440):
Max Age (6-40):
The user must enable the RSTP function first before configuring the related
parameters.
A value used to specify the spanning tree protocol, the original spanning tree
protocol (STP, 802.1d) or the rapid spanning tree protocol (RSTP, 802.1w).
The switch with the lowest value has the highest priority and is selected as the
root. If the value is changed, the user must reboot the switch.
The value must be a multiple of 4096 according to the protocol standard rule.
The number of seconds a switch waits without receiving Spanning-tree Protocol
configuration messages before attempting a reconfiguration.
Enter a value between 6 through 40.
Hello Time (1-10):
The time that controls the switch to send out the BPDU packet to check RSTP
current status.
Enter a value between 1 through 10.
82
Page 83
The number of seconds a port waits before changing from its Rapid
Forward Delay Time
(4-30):
Follow the rule as below to configure the MAX Age, Hello Time, and Forward Delay Time.
2 x (Forward Delay Time value –1) > = Max Age value >= 2 x (Hello Time value +1).
Each switch in a spanning-tree adopts the Hello Time, Forward Delay time, and Max Age
parameters of the root bridge, regardless of how it is configured.
Spanning-Tree Protocol learning and listening states to the forwarding state.
Enter a value between 4 through 30.
Root Bridge Information
User’s Manual of FGSW-Series
This page provides a status overview for all RSTP bridge instances.
The displayed table contains a row for each RSTP bridge instance, where the column displays the following information:
The RSTP Bridge Status screen in Figure 4-5-5 appears.
Figure 4-5-5: RSTP Bridge Status page screenshot
The page includes the following fields:
Object Description
• Priority
• MAC Address
• Root Path Cost
• Root Port
The bridge identifier of the root bridge. It is made up from the bridge priority and
the base MAC address of the bridge.
The bridge identifier of the root bridge. It is made up from the bridge priority and
the base MAC address of the bridge.
For the Root Bridge this is zero. For all other Bridges, it is the sum of the Port
Path Costs on the least cost path to the Root Bridge.
The switch port currently assigned the root port role.
83
Page 84
User’s Manual of FGSW-Series
• Maximum Age
• Hello Time
• Forward Delay
Path Cost to the Designated Root for the Root Bridge.
Minimum time between transmissions of Configuration BPDUs.
Derived value of the Root Port Bridge Forward Delay parameter.
4.5.5 Port Configuration
This web page provides the port configuration interface for RSTP. You can assign higher or lower priority to each port.
Rapid spanning tree will have the port with the higher priority in forwarding state and block other ports to make certain that
there is no loop in the LAN.
The page includes the following fields:
Object Description
Path Cost:
Figure 4-5-6: RSTP Port Configuration interface
The cost of the path to the other bridge from this transmitting bridge at the
specified port.
Enter a number 1 through 200,000,000.
84
Page 85
Priority:
Admin P2P:
User’s Manual of FGSW-Series
Decide which port should be blocked by setting its priority as the lowest. Enter a
number between 0 and 240.
The value of priority must be the multiple of 16.
The rapid state transitions possible within RSTP are dependent upon whether the
port concerned can only be connected to exactly another bridge (i.e. it is served
by a point-to-point LAN segment), or can be connected to two or more bridges
(i.e. it is served by a shared medium LAN segment). This function allows the P2P
status of the link to be manipulated administratively.
• YES means the port is regarded as a point-to-point link.
• NO means the port is regarded as a shared link.
• AUTO means the link type is determined by the auto-negotiation between
the two peers.
Admin Edge:
Admin Non STP:
Path cost “0” is used to indicate auto-configuration mode. When the short path cost method is selected
and the default path cost recommended by the IEEE 8021w standard exceeds 65,535, the default is set
to 65,535.
By default, the system automatically detects the speed and duplex mode used on each port, and configures the path cost
according to the values shown below.
Port Type IEEE 802.1D-1998 IEEE 802.1w-2001
Ethernet
Fast Ethernet
The port directly connected to end stations won’t create bridging loop in the
network. To configure the port as an edge port, set the port to “YES” status.
The port includes the STP mathematic calculation.
• YES is not including STP mathematic calculation.
• NO is including the STP mathematic calculation.
50-600 200,000-20,000,000
10-60 20,000-2,000,000
Gigabit Ethernet
Table 4-5-1: Recommended STP Path Cost Range
Port Type Link Type IEEE 802.1D-1998 IEEE 802.1w-2001
Ethernet
Fast Ethernet
Gigabit Ethernet
Half Duplex
Full Duplex
Trunk
Half Duplex
Full Duplex
Trunk
Full Duplex
Trunk
3-10 2,000-200,000
100
95
90
19
18
15
4
3
Table 4-5-2: Recommended STP Path Costs
85
2,000,000
1,999,999
1,000,000
200,000
100,000
50,000
10,000
5,000
Page 86
User’s Manual of FGSW-Series
4.6 Trunking
Port trunking is the combination of several ports or network cables to expand the connection speed beyond the limits of any
one single port or network cable. The Managed Switch supports two types of port trunk technology:
Static Trunk
LACP
The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner
Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link
Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and
reception functions in an orderly manner. Link aggregation lets you group up to eight consecutive ports into a single
dedicated connection. This feature can expand bandwidth to a device on the network. LACP operation requires
full-duplex mode, more detail information refers to IEEE 802.3ad.
86
Page 87
User’s Manual of FGSW-Series
4.6.1 Aggregator setting
This section provides Port Trunk-Aggregator Setting of each port from the Managed Switch, the screen in Figure 4-6-1
appears.
Figure 4-6-1: Port Trunk—Aggregator setting interface (two ports are added to the left field with LACP enabled)
The page includes the following fields:
Object Description
A value which is used to identify the active LACP. The Managed Switch with the
System Priority:
Group ID:
LACP:
lowest value has the highest priority and is selected as the active LACP peer of
the trunk group.
There are 13 trunk groups to be selected. Assign the "Group ID" to the trunk
group.
Enabled, the trunk group is using LACP. A port which joins an LACP trunk
group has to make an agreement with its member ports first.
Disabled, the trunk group is a static trunk group. The advantage of having
the LACP disabled is that a port joins the trunk group without any
handshaking with its member ports; but member ports won’t know that they
should be aggregated together to form a logic trunk group.
87
Page 88
This column field allows the user to type in the total number of active port up to
four. With LACP static trunk group, e.g. you assign four ports to be the
Work ports:
Please notice that a trunk group, including member ports split between two switches, has to enable the
LACP function of the two switches.
members of a trunk group whose work ports column field is set as two; the
exceed ports are standby/redundant ports and can be aggregated if working
ports fail. If it is a static trunk group (non-LACP), the number of work ports must
equal the total number of group member ports.
4.6.2 Aggregator Information
User’s Manual of FGSW-Series
When you had setup the LACP aggregator, you will see relation information in here.
LACP disabled
Having set up the aggregator setting with LACP disabled, you will see the local static trunk group information on the tab of
Aggregator Information.
Figure 4-6-2: Assigning 2 ports to a trunk group with LACP disabled
88
Page 89
The page includes the following fields:
User’s Manual of FGSW-Series
Figure 4-6-3: Static Trunking Group information
Object Description
Group Key:
Port Member:
This is a read-only column field that displays the trunk group ID.
This is a read-only column field that displays the members of this static trunk
group.
LACP enabled
Having set up the aggregator setting with LACP enabled, you will see the trunking group information between two switches
on the tab of Aggregator Information.
Switch 1 configuration
1. Set System Priority of the trunk group. The default is 1.
2. Select a trunk group ID by pull down the drop-down menu bar.
3. Enable LACP.
4. Include the member ports by clicking the Add button after selecting the port number and the column field of
Work Ports changes automatically.
89
Page 90
User’s Manual of FGSW-Series
Figure 4-6-4: Aggregation Information of Switch 1
5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown
above after the two switches configured.
Switch 2 configuration
6. Set System Priority of the trunk group. For example: 32768.
7. Select a trunk group ID by pull down the drop-down menu bar.
8. Enable LACP.
9. Include the member ports by clicking the Add button after selecting the port number and the column field of
Work Ports changes automatically.
90
Page 91
User’s Manual of FGSW-Series
Figure 4-6-5: Switch 2 configuration interface
10. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown
above after the two switches configured.
Figure 4-6-6: Switch 1 Aggregator Information
91
Page 92
User’s Manual of FGSW-Series
4.6.3 State Activity
Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the state activity for the members of
the LACP trunk group. You can tick or cancel the checkbox beside the state label. When you remove the tick mark of the
port and click
Apply
, the port state activity will change to
Passive
.
The page includes the following fields:
Object Description
Active: The port automatically sends LACP protocol packets.
Passive:
Figure 4-6-7: State Activity of Switch 1
The port does not automatically send LACP protocol packets, and responds only
if it receives LACP protocol packets from the opposite device.
92
Page 93
User’s Manual of FGSW-Series
Figure 4-6-8: State Activity of Switch 2
A link having two passive LACP nodes will not perform dynamic LACP trunk because both
ports are waiting for an LACP protocol packet from the opposite device.
93
Page 94
User’s Manual of FGSW-Series
4.7 Forwarding and Filtering
The frames of Ethernet Packets contain a MAC address (SMAC address), which shows the MAC address of the equipment
sending the frame. The SMAC address is used by the switch to automatically update the MAC table with these dynamic
MAC addresses. Dynamic entries are removed from the MAC table if no frames with the corresponding SMAC address
have been seen after a configurable age time.
4.7.1 Dynamic MAC Table
Entries in the MAC Table are shown on this page. The Dynamic MAC Table contains up to 8192 entries, and is sorted first
by VLAN ID, then by MAC address. You can view all of the dynamic MAC addresses learned by the listed port.
MAC Table Columns
Object Description
• NO
• MAC
• PORT
• VID
• Typ e
Click “
Clear”
Figure 4-7-1: Dynamic MAC Address interface
The index of the MAC address entry.
The MAC address of the entry.
The ports that are members of the entry.
The VLAN ID of the entry.
Indicates whether the entry is a static or dynamic entry.
to clear the dynamic MAC addresses information of the current port shown on the screen.
94
Page 95
User’s Manual of FGSW-Series
4.7.2 Static MAC Table
You can add a static MAC address that remains in the switch's address table regardless of whether the device is physically
connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or
powered-off device is active on the network again. Via this interface, you can add / modify / delete a static MAC address.
Add the Static MAC Address
You can add static MAC address in the switch MAC table here.
The page includes the following fields:
Object Description
MAC Address:
Figure 4-7-2: Static MAC Addresses interface
Enter the MAC address of the port that should permanently forward traffic,
regardless of the device network activity.
Port num.:
VLAN ID:
Pull down the selection menu to select the port number.
The VLAN ID for the entry.
95
Page 96
User’s Manual of FGSW-Series
4.7.3 MAC Filtering
By filtering MAC address, the switch can easily filter the pre-configured MAC address and reduce the un-safety. You can
add and delete filtering MAC address.
The page includes the following fields:
Object Description
MAC Address:
VLAN ID:
Figure 4-7-3: MAC Filtering interface
Enter the MAC address that you want to filter.
The VLAN ID for the entry.
96
Page 97
User’s Manual of FGSW-Series
4.8 IGMP Snooping
4.8.1 Theory
The Internet Group Management Protocol (IGMP) lets host and routers share information about multicast groups
memberships. IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the
CPU for feature processing. The overall purpose of IGMP Snooping is to limit the forwarding of multicast frames to only
ports that are a member of the multicast group.
About the Internet Group Management Protocol (IGMP) Snooping
Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will
become members of a multicast group. The Internet Group Management Protocol (IGMP) is used to communicate this
information. IGMP is also used to periodically check the multicast group for members that are no longer active. In the case
where there is more than one multicast router on a sub network, one router is elected as the ‘queried’. This router then
keeps track of the membership of the multicast groups that have active members. The information received from IGMP is
then used to determine if multicast packets should be forwarded to a given sub network or not. The router can check, using
IGMP, to see if there is at least one member of a multicast group on a given subnet work. If there are no members on a sub
network, packets will not be forwarded to that sub network.
Figure 4-8-1: Multicast Service
97
Page 98
User’s Manual of FGSW-Series
Figure 4-8-2: Multicast flooding
Figure 4-8-3: IGMP Snooping multicast stream control
98
Page 99
User’s Manual of FGSW-Series
IGMP Versions 1 and 2
Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers
to communicate when joining or leaving a multicast group.
IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data.
The format of an IGMP packet is shown below:
IGMP Message Format
Octets
0 8 16 31
Type Response Time Checksum
Group Address (all zeros if this is a query).
The IGMP Type codes are shown below:
Typ e Meaning
0x11
0x11
0x16 Membership Report (version 2).
0x17 Leave a Group (version 2).
0x12 Membership Report (version 1).
IGMP packets enable multicast routers to keep track of the membership of multicast groups, on their respective sub
networks. The following outlines what is communicated between a multicast router and a multicast group member using
IGMP.
A host sends an IGMP “report” to join a group.
Membership Query (if Group Address is 0.0.0.0).
Specific Group Membership Query (if Group Address is
Present).
A host will never send a report when it wants to leave a group (for version 1).
A host will send a “leave” report when it wants to leave a group (for version 2).
Multicast routers send IGMP queries (to the all-hosts group address: 224.0.0.1) periodically to see whether any group
members exist on their sub networks. If there is no response from a particular group, the router assumes that there are no
group members on the network.
The Time-to-Live (TTL) field of query messages is set to 1 so that the queries will not be forwarded to other sub networks.
IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN, an explicit
leave message, and query messages that are specific to a given group.
99
Page 100
User’s Manual of FGSW-Series
The states a computer will go through to join or to leave a multicast group are shown below:
Non-Member
Leave Group
(Stop Timer)
Delaying Member Idle Member
Join Group
(Send Report,
Start Timer)
Query Received
(Start Timer)
Report Received
(Stop Timer)
Timer Expried
(Send report)
Leave Group
Figure 4-8-4: IGMP State Transitions
IGMP Querier –
A router, or multicast-enabled switch, can periodically ask their hosts if they want to receive multicast traffic. If there is
more than one router/switch on the LAN performing IP multicasting, one of these devices is elected “querier” and
assumes the role of querying the LAN for group members. It then propagates the service requests on to any upstream
multicast switch/router to ensure that it will continue to receive the multicast service.
Multicast routers use this information, along with a multicast routing protocol such as
DVMRP or PIM, to support IP multicasting across the Internet.
100
Loading...