Page 1
MIL-SM8DPA
6-Port 100/1000 SFP with
2 RJ-45/100/1000 SFP Combo Port
Managed Switch
User Guide
Page 2
Page 3
Rev.A1
18-May-11
i
Regulatory Approval
- FCC Class A
- UL 1950
- CSA C22.2 No. 950
- EN60950
- CE
- EN55022 Class A
- EN55024
Canadian EMI Notice
This Class A digital apparatus meets all the requirements of the Canadian Interference-Causing Equipment
Regulations.
Cet appareil numerique de la classe A respecte toutes les exigences du Reglement sur le materiel brouilleur
du Canada.
European Notice
Products with the CE Marking comply with both the EMC Directive (89/336/EEC) and the Low Voltage
Directive (73/23/EE C) issued by the Commission of the European Community Compliance with these
directives imply conformity to the following European Norms:
EN55022 (CISPR 22) - Radio Frequency Interference
EN61000-X - Electromagnetic Immunity
EN60950 (IEC950) - Product Safety
Five-Year Limited Warranty
Transition Networks warrants to the original consumer or purchaser that each of it's products,
and all components thereof, will be free from d efe cts in material and/or workmanship for a
period of five years from the original fa ctory shipment date. Any warranty hereunder is
extended to the original consumer or purchaser and is not assignable.
Transition Networks makes no express or implied warranties including, but not limited to, any
implied warranty of merchantabilit y or fitn ess for a particular purpose, except as expr essly set
forth in this warranty. In no event shall Transition Networks be liable for incidental or
consequential damages, costs, or expen ses arising out of or in connection with the
performance of the product d el i v er e d her eu nder. Transition Networks will in no cas e c o ver
damages arising out of the product being used in a negligent fashion or m an ner.
Trademarks
The MiLAN logo Transition Networks trademarks are registered trademarks of Transition
Networks in the
United States and/or other countries.
To Contact Transition Networks
For prompt response when calling for service information, have the following information
ready:
- Product serial number and revisio n
- Date of purchase
- Vendor or place of purchase
You can reach Transition Networks technical support at:
E-mail: techsupport@transit ion.com
Transition Networks
10900 Red Circle Drive
Minnetonka, MN 55344
United States of America
Telephone: +1.800.526.9267
Fax: +1.952.941.2322
http://www.milan.com
info@ Transition.com
© Copyright 2006 Transition Networks
Page 4
Rev.A1
18-May-11
ii
Table of Contents
1. INTRODUCTION................................................................................................ ..........2
1-1.
OVERVIEW OF MIL-SM8DPA .......................................................... ..............................2
1-2.
CHECKLIST........................................................................................... ...........................6
1-3.
FEATURES............................................................................ ............................................6
1-4.
FULL VIEW OF MIL-SM8DPA........................................................................................8
1-4-1. User Interfaces on the Front Panel (Button, LEDs and Plugs)............................8
1-4-2. AC Power Input on the Rear Panel....................................................... ... ... ...... ... .9
1-5.
VIEW OF THE OPTIONAL MODULES .............. ............................... ............................... ..10
2. INSTALLAT ION.......................................... ................................................................11
2-1.
STARTING MIL-SM8DPA UP ............................................................................ ...........11
2-1-1. Hardware and Cable Installation.................................... ... ... ... ..... ... ... ... ..... ... ... ..11
2-1-2. Installing Chassis to a 19-Inch W i ring Closet Rail............................ ..... ...... .....13
2-1-3. Cabling Requirements .................................................. ...... ... .. ... ...... ... ... .. ...... ... ..13
2-1-3-1. Cabling Requirements for TP Ports............................................................13
2-1-3-2. Cabling Requirements for 100/1000M SX/LX SFP Modul e.....................13
2-1-3-3. Switch Cascading in Topology ................... . .. . .............. . . . .. . .. . .. . .. . .. . . .. . .. . .. . ..14
2-1-4. Configuring the Management Agent of MIL-SM8DPA.......................................17
2-1-4-1. Configuring the Management Agent of MIL-SM8DPA through the
Console RJ-45 Port........................................................ ............................................17
2-1-4-2. Configuring the Management Agent of MIL-SM8DPA through the
Ethernet Port............................................................ ............................... ...................19
2-1-5. IP Address Assignment ......................................... ........ ......... ........ ......... ........ .....20
2-2.
TYPICAL APPLICATIONS ........................................................................................ ........24
3. OPERATION OF WEB-BASED MANAGEMENT.................................................26
3-1.
WEB MANAGEMENT HOME OVERVIEW...................................................................... ..28
3-1-1. System Information.............................. ... .. ...... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ...... ..31
3-1-2. Account Configuration ................................... ........... ......... ........ ......... ........... .....33
3-1-3. Time Configuration................................................. ......... ......... ........... ........ ........34
3-1-4. IP Configuration....................................... ... ... ... ...... .. ... ... ...... .. ... ...... ... .. ... ...... ... ..37
3-1-5. Loop Detection ................... . .. . ............. . .. . ............. . .. . . . .. . .. . ............. . .. . ............. . ....40
3-1-6. Management Policy..................................... ... ... ... ..... ... ... ...... .. ... ... ...... ... .. ... ...... ..41
3-1-7. Syslog......................................................... ..... ... ... ..... ... ... ... ..... ... ... ...... ... .. ... ...... ..44
3-1-8. System Log................................ .. ... ...... ... .. ... ...... ... ... ..... ... ... ... ..... ... ... ... ..... ... ... .....45
3-1-9. Virtual Stack................................... ......... ........... ........ ......... ........ ............ ........ .....46
3-2.
PORT CONFIGURATION.................................................................................... ..............48
3-2-1. Port Configuration .............................. ... ..... ... ... ... ..... ... ... ... ...... .. ... ... ...... .. ... ... .....48
3-2-2.Port Status.................................... ... ... ...... ... .. ...... ... ... .. ...... ... ... .. ...... ... ... ..... ... ... ... ..50
3-2-3. Simple Counter ........................................................ .. ... ... ...... ... .. ...... ... ... .. ...... ... ..53
3-2-4. Detail Counter ............................................. ... ...... ... .. ... ...... ... .. ...... ... ... .. ...... ... ... ..55
3-2-5. Power Saving.................................................. ... ...... .. ... ... ...... ... .. ...... ... ... .. ...... ... ..58
3-3.
VLAN............................ ............................... ................................................................59
3-3-1. VLAN Mode............................................. ........ ........... ......... ........ ......... ........... .....59
3-3-2. T ag-based Group.................................... ........ ......... ........... ........ ......... ........ ........60
3-3-3. Port-based Group...................................................... ... ... ... ..... ... ... ... ...... .. ... ...... ..63
3-3-4. Ports.................................... ...... .. ... ...... ... .. ... ...... ... ... ..... ... ... ... ..... ... ... ...... .. ... ... .....65
3-3-5. Port Isolation..................................................... ... ... ..... ... ... ... ..... ... ... ... ..... ... ... .....67
3-3-6. Management VLAN......................................... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ...... ..68
3-4.
MAC............................................................. ............................... .................................69
Page 5
Rev.A1
18-May-11
iii
3-4-1. Mac Address T a ble............................... ........ ......... ........ ......... ........... ........ ......... ..69
3-4-2. Static Filter............................ ... .. ...... ... ... ... ..... ... ... ... ..... ... ... ... .. ...... ... ... ... ..... ... ... ..71
3-4-3. Static Forward................................................ ...... ... .. ... ...... ... .. ... ...... ... .. ... ...... ... ..72
3-4-4. MAC Alias.............................. ... .. ...... ... ... .. ...... ... ... ..... ... ... ... ..... ... ... ... ...... .. ... ...... ..73
3-4-5. MAC Table........................................ ... ... ..... ... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ...... ..74
3-5.
GVRP ...........................................................................................................................75
3-5-1. Config............................................. ... ... ... ..... ... ... ...... .. ... ... ...... .. ... ...... ... ... .. ...... ... ..75
3-5-2. Counter ........................................................ ... ... ...... .. ... ... ...... .. ... ... ...... ... .. ...... ... ..78
3-5-3. Group......................................................... .. ...... ... ... ..... ... ... ... ..... ... ... ...... .. ... ... .....80
3-6.
QOS(QUALITY OF SERVICE) CONFIGURATION..............................................................81
3-6-1. Ports.................................... ...... .. ... ...... ... .. ... ...... ... ... ..... ... ... ... ..... ... ... ...... .. ... ... .....81
3-6-2. Qos Control List ......................... ...... ... ... .. ...... ... ... ... ..... ... ... ..... ... ... ... ..... ... ... ... .....83
3-6-3.Rate Limiters................................................. ............................... .........................88
3-6-4.Storm Control................. ...... ... ... .. ...... ... ... ..... ... ... ... ..... ... ... ...... ... .. ... ...... ... .. ...... ... ..89
3-6-5.Wizard ...................................................................................................... .............90
3-7.
SNMP CONFIGURATION .............................................................................................100
3-8.
ACL......................................................................... ...................................................108
3-8-1.Ports.................................. ............................... ............................... ....................108
3-8-2.Rate Limiters................................................. ............................... .......................110
3-8-3.Access Control List........................................................... ..................................111
3-8-4.Wizard ...................................................................................................... ...........140
3-9.
IP MAC BINDING ................................................................................... ....................146
3-10.
802.1X CONFIGURATION ..........................................................................................148
3-10-1.Server................................................................................................................152
3-10-2.Port Configuration .......................... ...... ... .. ... ...... ... .. ...... ... ... .. ...... ... ... ... ..... ... ...154
3-10-3.Status.................................................................................. ...............................157
3-10-4. Statistics................................................... .. ... ... ...... .. ... ...... ... .. ... ...... ... ... ..... ... ...158
3-11.
TACACS+....................................... ............................... ............................... ...........159
3-1 1-1. State...................................... ... ..... ... ... ... ..... ... ... ...... .. ... ... ...... ... .. ... ...... ... .. ...... ...159
3-1 1-2. Authentication............................................ ......... ........... ......... ........ ........ .........160
3-11-3.
AUTHORIZATION ....................................................... ............................... ..............161
3-11-4.
ACCOUNTING............................................................ ............................... ..............162
3-12.
TRUNKING CONFIGURATION............................................................................... ......163
3-12-1.Port ...................................................................................................................164
3-12-2 Aggregator V iew..................................................... ........ ........... ......... ........ ......166
3-12-3 Aggregation Hash Mode............................. ............ ........ ........ ......... ........... ......167
3-12-4 LACP System Priority.......................................................................................168
3-13
STP CONFIGURATION.......................... .......................................................................169
3-13-1. Status....................................................... ... ... ...... ... .. ... ...... ... .. ...... ... ... ... ..... ... ...169
3-13-2. Configuration................................................ ... ...... .. ... ... ...... .. ... ...... ... .. ... ...... ...171
3-13-3. STP Port Configuration.................................................... ..... ... ... ...... ... .. ... ......173
3-14
MSTP .................................................................................................................. ......176
3-14-1 Status.................................................................................. ...............................176
3-14-2 Region Config....................................................................................... ............177
3-14-3 Instance View............................................................................. .......................178
3-15.
MIRROR.....................................................................................................................186
3-16.
MULTICAST...................................................................................................... .........188
3-16-1 IGMP mode.......................................................................................................188
3-16-2 IGMP Proxy......................................................... .............................................189
3-16-3 IGMP Snooping.................................. ............................... ...............................191
3-16-4 IGMP Group Allow.................... ............ ........................ ...................................192
3-16-5 IGMP Gr oup M embe rship......... . .. . ............. . .. . .. . .. . .. . . .. . .. . . .. . .. . . .. . .. . .. . . .. . .. . . .. . .. . .. .193
3-16-6 MVR .............................................. ............................... ............................... ......194
3-16-7 MVID .......................................................... ............................... .......................195
Page 6
Rev.A1
18-May-11
iv
3-16-8 MVR Group Allow........................ ........... ............................................ .............196
3-16-9 MVR Group M e mbership ................... . .. . . . ........... .. . . . . .. . . . .. . . ........... ........... .. . . . .. .197
3-17.
ALARM CONFIGURATION ......................................................................... .................198
3-17-1 Events.......................................................... ......................................................198
3-17-2 Email........................................................................................................ .........200
3-18.
DHCP SNOOPING................................................................. ............................... ......201
3-18-1. DHCP Snooping State............................... ............................... .......................201
3-18-2. DHCP Snooping Entry....................................................................................202
3-18-3. DHCP Snooping Client .............................................. ............................... ......203
3-19.
LLDP........................................................................................................................204
3-19-1 . LLDP State......................................................................................................204
3-19-2 . LLDP Entry.....................................................................................................206
3-19-3 . LLDP Counter ................................................................................................208
3-20.
SAVE/RESTORE ..................................... ............................... ............................... ......210
3-20-1. Factory Defaults...................................................... ...... ... ... .. ...... ... ... ... ..... ... ...211
3-20-2 . Save Start.................................................................................... ....................211
3-20-3 . Save User................................................................................. .......................211
3-20-4 . Restore User ...................................................................................................212
3-21.
EXPORT/ IMPORT.......................................................................................................213
3-22.
DIAGNOSTICS................................................................................................... .........214
3-22-1 . Diag ......................................................................................... .......................214
3-22-2 .Ping.......................................................................... ............................... .........215
3-23.
MAINTENANCE................................... ............................... ........................................216
3-23-1 .Warm Restart ...................................................................................................216
3-23-2 . Firmware upgrade................................. ............................... ..........................216
3-24.
LOGOUT ........................................... ............................... ..........................................217
4. OPERATION OF CLI MANAGEMENT.............................. ..................................218
4-1.
CLI MANAGEMENT.......................................... ............................... ............................218
4-1-1. Login ......................................... .. ...... ... ... ..... ... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ......218
4-2.
COMMANDS OF CLI........................................................................ ............................220
4-2-1. Global Commands of CLI...................................................... ... ..... ... ... ... ..... ... ...221
4-2-2. Local Commands of CLI............................................ ........................................227
5. MAINTENANCE.............................................. ... .. ... ... ...... ... .. ... ...... ... ... .. ...... ... ... .. ... ......318
5-1.
RESOLVING NO LINK CONDITION...............................................................................318
5-2.
Q&A...........................................................................................................................318
APPENDIX A TECHNICAL SPECIFICATIONS......................... ......................... .........319
APPENDIX B NULL MODEM CABLE SPECIFICAT IONS..................................... ...322
Page 7
Rev.A1
18-May-11
v
Revision History
Date Revision
18/05/2011 A1
Page 8
Rev.A1
18-May-11
vi
Warning:
Self-demolition on Product is strictly prohibited. Damage caused by self-
demolition will be charged for repairing fees.
Do not place product at outdoor or sandstorm.
Before installation, please make sure input power supply and product
specifications are compatible to each other.
The SSL only provide the CLI for switch management and SSH
default enable without UI for management. (The feature supports
upper FW v5.01 and optional)
Before importing / exporting configuration please make sure the
firmware version is always the same.
After firmware upgrade, the switch will remove the configuration
automatically to latest firmware version.
Page 9
Rev.A0
1-Mar-11
1
About this user’s manual
In this user’s manual, it will not only tell you how to install and connect your
network system but configure and monitor the MIL- SM8DPA through the built-in CLI
and web by RJ-45 Console interface and Ethernet ports step-by-step. Many
explanation in detail of hardware and software functions are shown as well as the
examples of the operation for web-based interface and command-line interface
(CLI).
Overview of this user’s manual
Chapter 1 “Introduction” describes the features of MIL-SM8DPA
Chapter 2 “Installation”
Chapter 3 “Operation of Web-based Management”
Chapter 4 “Operation of CLI Management”
Chapter 5 “Maintenance”
Page 10
Rev.A1
18-May-11
2
1. Introduction
1-1. Overview of MIL-SM8DPA
MIL-SM8DPA, 6-Port 100/1000 Dual Speed SFP + 2-Port RJ-45/100/1000
SFP Managed Switch, is a standard switch that meets all IEEE 802.3/u/x/z Gigabit
Ethernet specifications. The switch can be managed through RJ-45 console port via
directly connection, or through Ethernet port usin g CLI or Web-based management
unit, associated with SNMP agent. With the SNMP agent, the net work administrator
can logon the switch to monitor, configure and control each port’s activity in a
friendly way. The overall network management is enhanced and the network
efficiency is also improved to accommodate hig h bandwidth appli cations . I n additi on,
the switch features comprehensive and useful function such as ACL, IP-MAC
Binding, DHCP Option 82, QoS (Quality of Service), Spanning Tree, VLAN, Port
Trunking, Bandwidth Control, Port Security, SNMP/RMON, IGMP Snooping
capability via the intelligent software. It is suitable for both metro-LAN and office
application.
Others the switch increase support the Power saving for reduce the power
consumption with "ActiPHY Power Management" and "PerfectReach Power
Management" two technique.It could efficient saving the switch power with auto
detect the client idle and cable length to provide different power.
In this switch, Port 7 and Port 8 include two types of media --- TP and
(100/1000M) SFP Fiber (LC, BiDi LC…); this port supports 10/100/1000Mbps TP or
100/1000 Dual Speed SFP Fiber with auto-detected function. (100/1000M) SFP
Fiber transceiver is used for high-speed connection expansion
1000Mbps LC, Multi-Mode, SFP Fiber transceiver
1000Mbps LC, 10km, SFP Fiber transceiver
1000Mbps LC, 30km, SFP Fiber transceiver
1000Mbps LC, 50km, SFP Fiber transceiver
1000Mbps BiDi LC, 20km, 1550nm SFP Fiber WDM transceiver
1000Mbps BiDi LC, 20km, 1310nm SFP Fiber WDM transceiver
100Base-FX FE SFP Fiber Module, LC Multi-Mode
100Base-FX FE SFP Fiber Module, LC Single-Mode 20km
10/100/1000Mbps TP is a standard Ethernet port that meets all IEEE
802.3/u/x/z Gigabit, Fast Ethernet specifications. (100/1000M) SFP Fiber
transceiver is a Gigabit Ethernet port that fully complies with all IEEE 802.3z an d
1000Base-SX/LX standards and 100-FX standards.
1000Mbps Single Fiber WDM (BiDi) transceiver is designed with an optic
Wavelength Division Multiplexing (WDM) technology that transports bi-directional
full duplex signal over a single fiber simultaneously.
For upgrading firmware, please refer to the Section 3- 21 or Section 4-2-2 for
more details. The switch will not stop operating while upgrading firmware and after
that, the configuration keeps unchanged.
The switch also supports the IEEE Standard──802.1AB (Link Layer
Discover y Protocol ),Provide more easy debug tool and enhance the networking
management availability, Others it can provide auto-discovery device and topology
providing.
Page 11
Rev.A1
18-May-11
3
• Key Features in the Device
QoS:
Support Quality of Service by the IEEE 802.1P standard. There are two
priority queue and packet transmission schedule.
Spanning T ree:
Support IEEE 802.1D, IEEE 802.1w (RSTP: Rapid Spanning Tree
Protocol) standards.
VLAN:
Support Port-based VLAN and IEEE802.1Q Tag VLAN. Support 256 active
VLANs and VLAN ID 1~4094.
Port Trunking:
Support static port trunking and port trunking with IEEE 802.3ad LACP.
Bandwidth Control:
Support ingress and egress per port bandwidth control.
Port Security:
Support allowed, denied forwarding and port security with MAC address.
Link Layer Discovery Protocol (LLDP):
IEEE Standard──802.1AB (Link Layer Discovery Protocol),Provide
more easy debug tool and enhance the networking management availabi lity,
Others it can provide auto-discovery device and topology providing
SNMP/RMON:
SNMP agent and RMON MIB. In the device, SNMP agent is a client
software which is operating over SNMP protocol used to receive the
command from SNMP manager (server site) and echo the corresponded
data, i.e. MIB object. Besides, SNMP agent will actively issue TRAP
information when happened.
RMON is the abbreviation of Remote Network Monitoring and is a branch of
the SNMP MIB.
The device supports MIB-2 (RFC 1213), Bridge MIB (RFC 1493), RMON
MIB (RFC 1757)-statistics Group 1,2,3,9, Ethernet-like MIB (RFC 1643),
Ethernet MIB (RFC 1643) and so on.
IGMP Snooping:
Support IGMP version 2 (RFC 2236): The function IGMP snooping is used
to establish the multicast groups to forward the multicast packet to the
member ports, and, in nature, avoid wasting the bandwidth while IP
multicast packets are running over the network.
IGMP Proxy:
The implementation of IP multicast processing. The switch supports IGMP
version 1 and IGMP version 2, efficient use of network bandwidth, and fast
response time for channel changing. IGMP version 1 (IGMPv1) is
described in RFC1112 ,an d IGMP version 2 (IGMPv2) is described in RFC
2236. Hosts interact with the system through the exchange of IGMP
messages. Similarly, when you configure IGMP proxy, the system interacts
Page 12
Rev.A1
18-May-11
4
with the router on its upstream interface through the exchange of IGMP
messages. However, when acting as the proxy, the system performs the
host portion of the IGMP task on the upstream interface as follows:
When queried, sends group membership reports to the
group.
When one of its hosts joins a multicast address group to
which none of its other hosts belong, sends unsolicited
group membership reports to that group.
When the last of its hosts in a particular multicast group
leaves the group, sends an unsolicited leave group
membership report to the all-routers group (244.0.0.2).
Power Saving:
The Power saving using the "ActiPHY Power Management" and
"PerfectReach Power Management" two techniques to detec t the client idle
and cable length automatically and provides the different power. It could
efficient to save the switch power and reduce the power consumption.
Q-in-Q VLAN for performance & security:
The VLAN feature in the switch offers the benefits of both security and
performance. VLAN is used to isolate traffic between different users and
thus provides better security. Limiting the broadcast traffic to within the
same VLAN broadcast domain also enhances performance. Q-in-Q, the use
of double VLAN tags is an efficient method for enabling Subscriber
Aggregation. This is very useful in the MAN.
MVR:
Multicast VLAN Registration (MVR) can support carrier to serve content
provider using multicast for Video streaming application in the network.
Each content provider Video streaming has a dedicated multicast VLAN.
The MVR routes packets received in a multicast source VLAN to one or
more receive VLANs. Clients are in the receive VLANs and the multicast
server is in the source VLAN.
Access Control List (ACL):
The ACLs are divided into EtherTypes. IPv4, ARP protocol, MAC and VLAN
parameters etc. Here we will just go over the standard and extended
access lists for TCP/IP. As you create ACEs for ingress classification, you
can assign a policy for each port, the policy number is 1-8, however, each
policy can be applied to any port. This makes it very easy to determine what
type of ACL policy you will be working with.
IP-MAC-Port Binding:
The IP network layer uses a four-byte address . The Ethern et link l ayer uses
a six-byte MAC address. Binding these t wo address types together allows
the transmission of data between the layers. The primary purpose of IPMAC binding is to restrict the access to a switch to a number of authoriz ed
users. Only the authorized client c an access the Switch’s port by checking
the pair of IP-MAC Addresses and port number with the pre-configured
database. If an unauthorized user tries to access an IP-MAC binding
enabled port, the system will block the access by dropping its packet.
Page 13
Rev.A1
18-May-11
5
SSL and SSH for secure Management: (Optional by Project Requirement, Refer
to device’s FW v5.0x upper)
Secure Sockets Layer (SSL) supports the encryption for all HTTP traffic,
allowing secure access to the browser-based management GUI in the
switch. And Secure Shell (SSH) which supports the encryption for all
transmitted data for secure, remote command-line interface (CLI) access
over IP networks
Note: The SSL only provide the CLI for switch management and SSH
default enable without UI for management.
TACACS+: (Optional by Project Requirement, Refer to device’s FW v5.0x
upper)
The switch supports to ease switch management securit y administration by
using a password with Cisco TACACS+ authentication server
Syslog:
The Syslog is a standard for logging program messages . It allows
separation of the software that generates messages from the system that
stores them and the software that reports and analyzes them. It is
supported by a wide variety of devices and receivers across multiple
platforms.
Page 14
Rev.A1
18-May-11
6
1-2. Checklist
Before you start installing the sw itch, verify that the package contains the
following:
MIL-SM8DPA 6-Port 100/1000 Dual Speed SFP + 2-Port RJ-45/100/1000 SFP
Managed Switch
This User's Manual in CD-ROM
AC Power Cord
RJ-45 transform RS-232 Cable
Please notify your sales representative immediately if any of the aforementioned
items is missing or damaged.
1-3. Features
The MIL-SM8DPA, a standalone off-the-shelf switch, provides the
comprehensive features listed below for users to perform system network
administration and efficiently and securely serve your network.
•
Hardware
• 6 100/1000M Fiber SFP ports
• 2 10/100/1000Mbps TP or 100/1000 Dual Speed SFP Fiber dual media auto
sense
• 1392KB on-chip frame buffer
• Support jumbo frame up to 9600 bytes
• Programmable classifier for QoS (Layer 4/Multimedia)
• 8K MAC address and 4K VLAN support (IEEE802.1Q)
• Per-port shaping, poli cing, and Broadcast Storm Control
• Power Saving with "ActiPHY Power Management" and "PerfectReach Power
Management" techniques.
• IEEE802.1Q Q-in-Q nested VLAN support
• Full-duplex flow control (IEEE802.3x) and half-duplex backpressure
• Extensive front-panel diagnostic LEDs; System: Power, SFP Port1-8: LINK/ACT,
100/1000M, TP Port 7-8: TP(LINK/ACT/Speed)
• Management
• Supports concisely the status of port and easily port configuration
• Supports per port traffic monitoring counters
• Supports a snapshot of the system Information when you login
• Supports port mirror function
• Supports the static trunk function
• Supports 802.1Q VLAN
• Supports user management and limits three users to login
Page 15
Rev.A1
18-May-11
7
• Maximal packet length can be up to 9600 bytes for jumbo frame application
• Supports DHCP Broadcasting Suppression to avoid network suspended or
crashed
• Supports to send the trap event while monitored events happened
• Supports Link Layer Discovery Protocol (LLDP)
• Supports default configuration which can be restored to overwrite the current
configuration which is working on via web browser and CLI
• Supports on-line plug/unplug SFP modules
• Supports Quality of Service (QoS) for real time applications based on the
information taken from Layer 2 to Layer 4, such as VoIP
• Built-in web-based management and CLI management, providing a more
convenient UI for the user
• Supports port mirror function with ingress/egress traffic
• Supports rapid spanning tree (802.1w RSTP)
• Supports multiple spanning tree (802.1s MSTP)
• Supports SSL/SSH supports the encryption for all transmitted data for secure
• Supports ease switch management security administratio n by using a password
with Cisco TACACS+ authentication server
• Supports 802.1X port security on a VLAN
• Supports IP-MAC-Port Binding for LAN security
• Supports user management and only first login administrator can configure the
device. The rest of users can only view the switch
• SNMP access can be disabled and prevent from illegal SNMP access
• Supports Ingress, Non-unicast and Egress Bandwidth rati ng management with
a resolution of 1Mbps
• The trap event and alarm message can be transferred via e-mail
• Supports diagnostics to let administrator knowing the hardware status
• Supports loop detection to protect the switch crash when the networking has
looping issue
• HTTP and TFTP for firmware upgrade, system log upload and confi guration file
import/export
• Supports remote boot the device through user interface and SNMP
• Supports NTP network time synchronization and daylight saving
• Supports 120 event log records in the main memory and display on the local
console
• Supports Syslog a standard for logging program messages and allows
separation of the software that generates messages from the system
Page 16
Rev.A1
18-May-11
8
1-4. Full View of MIL-SM8DPA
1-4-1. User Interfaces on the Front Panel (Button, LEDs and Plugs)
There are 6 TP Gigabit Ethernet ports and 2 SFP fiber ports for optional
removable modules for optional removable modules on t he fro nt panel of th e switch.
LED display area, locating on the left side of the panel, contains a Power LED,
which indicates the power status and 8 ports working status of the s witch. One RJ45 Console interface is offered for configuration or management.
Fig. 1-1 Full View of MIL-SM8DPA
Fig. 1-2 Front View of MIL-SM8DPA
Power Indication LED
Gigabit Ethernet Port
RESET Button:
RESET button is used
to reset the
mana
g
ement system.
SFP Fibe r Port
Fiber Port Status
Indication LEDs
RJ-45 Console Interface
Page 17
Rev.A1
18-May-11
9
• LED Indicators
LED Color Function
System LED
POWER Green Lit when power is on and good
100/1000 SFP Port 1 to 8 LED
LINK/ACT
Green/
Amber
Lit Green when SFP link on 1000Mbps speed
Lit Amber when SFP link on 100Mbps speed
Blinks when any traffic is present
TP Port 7, 8 LED
LINK/ACT Green
Lit Green when TP link good
Blinks when any traffic is present
Speed
Green/
Amber
Lit Green when TP link on 1000Mbps speed
Lit Amber when TP link on 100Mbps speed
Off when 10Mbps or no link occur
Table1-1
1-4-2. AC Power Input on the Rear Panel
One socket on the rear panel is for AC power input.
Fig. 1-3 Rear View of MIL-SM8D PA
AC Line 100-240V 50/60 Hz
Page 18
Rev.A1
18-May-11
10
1-5. View of the Optional Modules
In the switch, Port 7~8 includes two types of media --- TP and SFP Fiber (LC,
BiDi LC…); this port supports 10/100/1000Mbps TP or 100/1000 Dual Speed SFP
Fiber with auto-detected function. 100/1000 Dual Speed SFP Fiber transceiver is
used for high-speed connection expansion; the following are optional SFP types
provided for the switch:
1000Mbps LC, MM, SFP Fiber transceiver (SFP.LC)
1000Mbps LC, SM 10km, SFP Fiber transceiver (SFP.LC.S10)
1000Mbps LC, SM 30km, SFP Fiber transceiver (SFP.LC.S30)
1000Mbps LC, SM 50km, SFP Fiber transceiver (SFP.LC.S50)
1000Mbps BiDi LC, type 2, SM 20km, SFP Fiber WDM transceiver ,
1310nm (SFP.BL3.S20)
1000Mbps BiDi LC, type 1, SM 20km, SFP Fiber WDM transceiver
1550nm (SFP.BL5.S20)
100Base-FX FE SFP Fiber Module, LC Multi-Mode (SFP.FLC)
100Base-FX FE SFP Fiber Module, LC Single-Mode 20km (SFP.FLC.S20)
Fig. 1-4 100/ 1000M-FX/SX/LX LC, SFP Fiber Transceiver
Fig. 1-5 Front View of 1000Base-LX BiDi LC, SFP Fiber Transceiver
Page 19
Rev.A1
18-May-11
11
2. Installation
2-1. Starting MIL-SM8DPA Up
This section will give users a quick start for:
- Hardware and Cable Installation
- Management Station Installation
- Software booting and configuration
2-1-1. Hardware and Cable Installation
At the beginning, please do first:
Wear a grounding device to avoid the damage from electrostatic discharge
Be sure that power switch is OFF before you insert the power cord to power
source
• Installing Optional SFP Fiber Transceivers to the MIL-SM8DPA
Note: If you have no modules, please skip this section.
• Connecting the SFP Module to the Chassis:
The optional SFP modules are hot swappable, so you can plug or unplug it
before or after powering on.
1. Verify that the SFP module is the right model and conforms to the chassis
2. Slide the module along the slot. Also be sure that the module is properly
seated against the slot socket/connector
3. Install the media cable for network connection
4. Repeat the above steps, as needed, for each module to be installed into
slot(s)
5. Have the power ON after the above procedures are done
Fig. 2-1 Installation of Optional SFP Fiber Transceive
r
Page 20
Rev.A1
18-May-11
12
• TP Port and Cable Installation
In the switch, TP port supports MDI/MDI-X auto-crossover, so both types of
cable, straight-through (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 1, 2, 3, 6 in
10/100M TP; 1, 2, 3, 4, 5, 6, 7, 8 to 1, 2, 3, 4, 5, 6, 7, 8 in Gigabit TP) and
crossed-over (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 3, 6, 1, 2) can be used.
It means you do not have to tell from them, just plug it.
Use Cat. 5 grade RJ-45 TP cable to connect to a TP port of the switch and the
other end is connected to a network-aware dev ice such as a workstation or a
server.
Repeat the above steps, as needed, for each RJ-45 port to be connected to a
Gigabit 10/100/1000 TP device.
Now, you can start having the switch in operation.
• Power On
The switch supports 100-240 VAC, 50-60 Hz power supply. The power
supply will automatically convert the local AC power source to DC power. It does not
matter whether any connection plugged into the swit ch or not when power on, ev en
modules as well. After the power is on, all LED indicators will light up immediatel y
and then all off except the power LED still k eeps on. This represents a reset of the
system.
• Firmware Loading
After resetting, the bootloader will load the firmware into the memory. It will
take about 30 seconds, after that, the switch will flash all the LED once and
automatically performs self-test and is in ready state.
Page 21
Rev.A1
18-May-11
13
2-1-2. Installing Chassis to a 19-Inch Wiring Closet Rail
Caution: Allow a proper spacing and proper air ventilation for the cooling fan
at both sides of the chassis.
Wear a grounding device for electrostatic discharge.
Screw the mounting accessory to the front side of the switch (See Fig. 2-2).
Place the Chassis into the 19-inch wiring closet rail and locate it at the proper
position. Then, fix the Chassis by screwing it.
2-1-3. Cabling Requirements
To help ensure a successful installation and keep the network performanc e
good, please take a care on the cabling requirement. Cables with worse
specification will render the LAN to work poorly.
2-1-3-1. Cabling Requirements for TP Ports
For Fast Ethernet TP network connection
The grade of the cable must be Cat. 5 or Cat. 5e with a maximum length of
100 meters.
Gigabit Ethernet TP network connection
The grade of the cable must be Cat. 5 or Cat. 5e with a maximum length of
100 meters. Cat. 5e is recommended.
2-1-3-2. Cabling Requirements for 100/1000M SX/LX SFP Module
It is more complex and comprehensive contrast to TP cabling in the fiber
media. Basically, there are two categories of fiber, multi mode (MM) and single
mode (SM). The later is categorized into several classes by the distance it supports.
They are SX, LX, LHX, XD, a nd ZX. From the viewpoint of connect or type, there
mainly are LC and BIDI LC.
Fig. 2-2
Page 22
Rev.A1
18-May-11
14
Gigabit Fiber with multi-mode LC SFP module
Gigabit Fiber with single-mode LC SFP module
100Base-FX FE SFP Fiber Module, LC Multi-Mode
100Base-FX FE SFP Fiber Module, LC Single-Mode
Gigabit Fiber with BiDi LC 1310nm SFP module
Gigabit Fiber with BiDi LC 1550nm SFP module
The following table lists the types of fiber that we support and those else not
listed here are available upon request.
Multi-mode Fiber Cable and Modal Bandwi dth
Multi-mode 62.5/125m Multi-mode 50/125m
Modal
Bandwidth
Distance
Modal
Bandwidth
Distance
160MHz-Km 220m 400MHz-Km 500m
IEEE 802.3z
Gigabit Ethernet
1000SX 850nm
200MHz-Km 275m 500MHz-Km 550m
Single-mode Fiber 9/125m
Single-mode transceiver 1310nm 10, 30Km
1000BaseLX/LHX/XD/ZX
Single-mode transceiver 1550nm 50Km
TX(Transmit) 1310nm
Single-Mode
*20Km
RX(Receive) 1550nm
TX(Transmit) 1550nm
1000Base-LX
Single Fiber
(BIDI LC)
Single-Mode
*20Km
RX(Receive) 1310nm
Table2-1
2-1-3-3. Switch Cascading in Topology
• Takes the Delay Time into Account
Theoretically, the switch partitions the collision domain for each port in switch
cascading that you may up-link the switches unlimitedly. In practice, the net work
extension (cascading levels & overall diameter) must follow the constraint of the
IEEE 802.3/802.3u/802.3z and other 802.1 series pr otocol specifications, in which
the limitations are the timing requirement from physical signals defined by 802.3
series specification of Media Access Control (MAC) and PHY, and timer from some
OSI layer 2 protocols such as 802.1d, 802.1q, LACP and so on.
The fiber, TP cab le s and devices’ bit-time delay (round trip) are as follows:
1000Base-X TP, Fiber 100Base-TX TP 100Base-FX Fiber
Round trip Delay: 4096 Round trip Delay: 512
Cat. 5 TP Wire: 11.12/m Cat. 5 TP Wire: 1.12/m Fiber C able: 1.0/m
Fiber Cable : 10.10/m TP to fiber Converter: 56
Bit Ti me unit : 1ns (1sec./1000 Mega bit)
Bit Time unit: 0.01s (1sec./100 Me ga bit )
Table 2-2
Page 23
Rev.A1
18-May-11
15
Sum up all elements’ bit-time delay and the overall bit-time delay of
wires/devices must be within Round Trip Delay (bit times) in a half-duplex net work
segment (collision domain). For full-duplex operation, this will not be applie d. You
may use the TP-Fiber module to extend the TP node distance over fiber optic and
provide the long haul connection.
• Ty pical Network Topology in Deployment
A hierarchical network with minimum levels of switch may reduce the timing
delay between server and client station. Basically, with this approach, it will
minimize the number of switches in any one path; will lower the possibility of
network loop and will improve network efficiency. If more than two switches are
connected in the same network, select one switch as Level 1 switch and co nnect all
other switches to it at Level 2. Server/Host is recom mended to co nnect to the Level
1 switch. This is general if no VLAN or other special requirements are applied.
Case1: All switch ports are in the same local area network. Every port can access
each other (See Fig. 2-3).
If VLAN is enabled and configured, each node in the network that can
communicate each other directly is bounded in the same VLAN area.
Here VLAN area is defined by what VLAN you are using. The switch
supports both port-based VLAN and tag-based VLAN. They are different in practical
deployment, especially in physical location. The following diagram shows how it
works and what the difference they are.
Case2a: Port-based VLAN (See Fig.2-4).
Fig. 2-3 No VLAN Configuration Diagram
Fig. 2-4 Port-based VLAN Diagram
Page 24
Rev.A1
18-May-11
16
1. The same VLAN members could not be in different switches.
2. Every VLAN members could not access VLAN members each other.
3. The switch manager has to assign different names for each VLAN groups
at one switch.
Case 2b: Port-based VLAN (See Fig.2-5).
1. VLAN1 members could not access VLAN2, VLAN3 and VLAN4 members.
2. VLAN2 members could not access VLAN1 and VLAN3 members, but they could
access VLAN4 members.
3. VLAN3 members could not access VLAN1, VLAN2 and VLAN4.
4. VLAN4 members could not access VLAN1 and VLAN3 members, but they could
access VLAN2 members.
Case3a: The same VLAN members can be at different switches with the same VID
(See Fig. 2-6).
Fig. 2-5 Port-based VLAN Diagram
Fig. 2-6 Attribute-based VLAN Diagram
Page 25
Rev.A1
18-May-11
17
2-1-4. Configuring the Management Agent of MIL-SM8DPA
We offer you three ways to startup the switch management function. They
are RJ-45 console, CLI, and Web. Users can use any one of them to monitor and
configure the switch. You can touch them through the following procedures.
Section 2-1-4-1: Configuring the Management Agent of MIL-SM8DPA through the
Console RJ-45 Port
Section 2-1-4-2: Configuring the Management Agent of MIL-SM8DPA through the
Ethernet Port
Note: Please first modify the IP address, Subnet mask, Default gateway and DNS
through RJ-45 console, and then do the next.
2-1-4-1. Configuring the Management Agent of MIL-SM8DPA through the
Console RJ-45 Port
To perform the configuration through RJ-45 console port, the switch’s
console port must be directly connected to a DCE device, for example, a PC,
through RJ-45 transform RS-232 cable with RJ-45 connec tor. Next, run a terminal
emulator with the default setting of the switch’s serial port. With this, you can
communicate with the switch.
In the switch, RJ-45 interface only supports baud rate 115200 bps with 8 data
bits, 1 stop bit, no parity check and no flow control.
To configure the switch, please follow the procedures below:
1. Find the RJ-45 transform RS-232 cable with RJ-45 connector bundled.
Normally, it just uses pins 2, 3 and 7. See also Appendix B for more
details on Null Modem Cable Specifications.
2. Attaches the RJ-45 transform RS-232 cable connector to the RJ-45
Console connector on the switch.
3. Attaches the other end of the RJ-45 transform RS-232 cable to PC’s
serial port, running a terminal emulator supporting VT100/ANSI terminal
with The switch’s serial port default settings. For example,
Windows98/2000/XP HyperTerminal utility.
MIL-SM8DPA L2 Man ag ed Switch
Default IP Setting:
IP address = 192.168.1.77
Subnet Mask = 255.255.255.0
Default Gateway = 192.168.1. 254
Terminal or Terminal Emulato
r
Fig. 2-7
RJ-45 transform
RS-232 cable
with RJ-45
connector at
both ends
RJ-45 Console Connector
Page 26
Rev.A1
18-May-11
18
Note: The switch’s serial port default settings are listed as follows:
Baud rate 115200
Stop bits 1
Data bits 8
Parity N
Flow control none
4. When you complete the connection, then press <Enter> key. The login
prompt will be shown on the screen. The default username and
password are shown as below:
Username = admin Password = root
• Set IP Address, Subnet Mask and Default Gateway IP Address
Please refer to Fig. 2-7 CLI Management for details about ex-factory IP
setting. They are default setting of IP address. You can first either configure your PC
IP address or change IP address of the switch, next to change the IP address of
default gateway and subnet mask.
For example, your network address is 10.1.1.0, and subnet mask is
255.255.255.0. You can change the switch’s default IP address 192.168.1.77 to
10.1.1.1 and set the subnet mask to be 255. 255.255.0. Then, choose your default
gateway, may be it is 10.1.1.254.
Default Value MIL-SM8DPA Your Network Setting
IP Address
192.168.1.77 10.1.1.1
Subnet
255.255.255.0 255.255.255.0
Default Gateway
192.168.1.254 10.1.1.254
Table 2-3
After completing these settings in the switch, it will reboot to have the
configuration taken effect. After this step, you can operate the management through
the network, no matter it is from a web browser or Network Management System
(NMS).
Fig. 2-8 the Login Screen for CLI
MIL-SM8DPA
MIL-SM8DPA
Page 27
Rev.A1
18-May-11
19
2-1-4-2. Configuring the Management Agent of MIL-SM8DPA through the
Ethernet Port
There are three ways to configure and monitor the switch through the
switch’s Ethernet port. They are CLI, Web browser and SNMP manager. The user
interface for the last one is NMS dependent and does not cover here. We just
introduce the first two types of management interface.
• Managing MIL-SM8DPA through Ethernet Port
Before you communicate with the switch, you have to finish first the
configuration of the IP address or to know the IP address of the switch. Then,
follow the procedures listed below.
1. Set up a physical path between the configured the switch and a PC by a
qualified UTP Cat. 5 cable with RJ-45 connector.
Note: If PC directly connects to the switch, you have to setup the same
subnet mask between them. But, subnet mask ma y be different for the PC
in the remote site. Please refer to Fig. 2-9 about the switch’s default IP
address information.
2. Run CLI or web browser and follow the menu. Please refer to Chapter 3
and Chapter 4.
Fig. 2-10 the Login Screen for Web
MIL-SM8DPA L 2 Manag ed Swi t ch
Default IP Setting:
IP = 192.168.1.77
Subnet Mask = 255.255.255.0
Default Gateway = 192.168.1.254
Assign a reasonable IP address,
For example:
IP = 192.168.1.100
Subnet Mask = 255.255.255.0
Default Gateway = 192.168.1. 254
Fig. 2-9
Ethernet LAN
Page 28
Rev.A1
18-May-11
20
2-1-5. IP Address Assignment
For IP address configuration, there are three parameters needed to be filled
in. They are IP address, Subnet Mask, Default Gateway and DNS.
IP address:
The address of the network device in th e network is us ed for internetworkin g
communication. Its address structure looks is shown in the Fig. 2-11. It is “classful”
because it is split into predefined address classes or categories.
Each class has its own network range between the network identifier and
host identifier in the 32 bits address. Each IP address comprises two parts: network
identifier (address) and host identifier (address). The form er indicates the network
where the addressed host resides, and t he latter indicates the individual host in t he
network which the address of host refers to. And the host id entifier must be unique
in the same LAN. Here the term of IP address we used is version 4, known as IPv4.
Network identifier Host identifier
Fig. 2-11 IP address structure
With the classful addressing, it divides IP address into three classes, class A,
class B and class C. The rest of IP addresses are for multic ast and broadcast. The
bit length of the network prefix is the same as that of the subnet mask and is
denoted as IP address/X, for example, 192.16 8.1.0/24. Each class has its address
range described below.
Class A:
Address is less than 126.255.255.25 5. There ar e a total of 126 net works c an
be defined because the address 0.0.0.0 is reserved for default route and
127.0.0.0/8 is reserved for loopback function.
0
Class B:
IP address range between 128.0.0.0 and 191.255.255.255. Each class B
network has a 16-bit network prefix followed 16-bit host address. There are 16,384
(2^14)/16 networks able to be defined with a maximum of 65534 (2^16 –2) hosts
per network.
32 bits
Bit # 0 1 7 8 31
Network address Host address
Page 29
Rev.A1
18-May-11
21
10
Class C:
IP address range between 192.0.0.0 and 223.255.255.255. Each class C
network has a 24-bit network prefix followed 8-bit host address. There are
2,097,152 (2^21)/24 networks able to be defined with a maximum of 254 (2^8 –2)
hosts per network.
110
Class D and E:
Class D is a class with first 4 MSB (Most significance bit) set to 1-1-1-0 and
is used for IP Multicast. See also RFC 1112. Class E is a class with first 4 MSB set
to 1-1-1-1 and is used for IP broadcast.
According to IANA (Internet Assigned Numbers Authority), there are three
specific IP address blocks reserved and able to be used for extending internal
network. We call it Private IP address and list below:
Class A 10.0.0.0 --- 10.255.255.255
Class B 172.16.0.0 --- 172.31.255.255
Class C 192.168.0.0 --- 192.168.255.255
Please refer to RFC 1597 and RFC 1466 for more information.
Subnet mask:
It means the sub-division of a class-based network or a CIDR block. The
subnet is used to determine how to split an IP address to the network prefix and the
host address in bitwise basis. It is desi gned to utilize IP address more efficiently and
ease to manage IP network.
For a class B network, 128.1.2. 3, it may have a sub net mask 255.255.0.0 in
default, in which the first two bytes is with all 1s. This means more than 60
thousands of nodes in flat IP address will be at the same network. It’s too large to
manage practically. Now if we divide it into smaller network by extending net work
prefix from 16 bits to, say 24 bits, that’s using its third byte to subnet this class B
network. Now it has a subnet mask 255.255.255.0, in which each bit of the first
three bytes is 1. It’s now clear that the first two bytes is used to identify the class B
network, the third byte is used to ide ntify the s ubnet within this clas s B net work and,
of course, the last byte is the host number.
Bit # 01 2 15 16 31
Network address Host address
Bit # 0 1 2 3 23 24 31
Network address Host address
Page 30
Rev.A1
18-May-11
22
Not all IP address is available in the sub-netted network. Two special
addresses are reserved. They are the addresses with all zero’s and all one’s host
number. For example, an IP address 128.1.2.128, what IP address reserved will be
looked like? All 0s mean the network itself, and all 1s mean IP broadcast.
In this diagram, you can see the subnet mask with 25-bit long,
255.255.255.128, contains 126 members in the sub-netted net work. Another is that
the length of network prefix equals the number of the bit with 1s in that su bnet mask .
With this, you can easily count the number of IP addres ses matched. The following
table shows the result.
Prefix Length No. of IP matched No. of Addressable IP
/32 1 /31 2 /30 4 2
/29 8 6
/28 16 14
/27 32 30
/26 64 62
/25 128 126
/24 256 254
/23 512 510
/22 1024 1022
/21 2048 2046
/20 4096 4094
/19 8192 8190
/18 16384 16382
/17 32768 32766
/16 65536 65534
Table 2-4
10000000.00000001.00000010.1 0000000
25 bits
1 0000000
1 1111111
All 0s = 128.1.2.128
All 1s= 128.1.2.255
SubnetNetwork
Page 31
Rev.A1
18-May-11
23
According to the scheme above, a subnet mask 255.255.2 55.0 will partition a
network with the class C. It means there will have a maximum of 254 effective
nodes existed in this sub-netted net work and is consi dered a physic al network i n an
autonomous network. So it owns a network IP address which may looks like
168.1.2.0.
With the subnet mask, a bigger network can be cut into small pieces of
network. If we want to have more t han two independent networks in a worknet, a
partition to the network must be performed. In this case, subnet mask must be
applied.
For different network applications, the subnet mask may look like
255.255.255.240. This means it is a small net work accommodating a maximum of
15 nodes in the network.
Default gateway:
For the routed packet, if the destination is not in the routing table, all the
traffic is put into the device with the designated IP address, known as default router.
Basically, it is a routing policy. The gateway setting is used for Trap Events Host
only in the switch.
For assigning an IP address to the switch, you just have to ch eck what the IP
address of the network will be connected with the switch. Use the same network
address and append your host address to it.
Fig. 2-12
First, IP Address: as shown in the Fig. 2-12, enter “192.168.1.77”, for
instance. For sure, an IP address such as 192.168.1.x must be set on your PC.
Second, Subnet Mask: as shown in the Fig. 2-12, enter “255.255.255.0”. Any
subnet mask such as 255.255.255.x is allowable in this case.
DNS:
The Domain Name Server translates human readable machine name to IP address.
Every machine on the Internet has a unique IP address. A server generally has a static IP
address. To connect to a server, the client needs to know the IP of the server. However, user
generally uses the name to connect to the server. Thus, the switch DNS client program (such
as a browser) will ask t he DNS to resolve the IP address of the named server.
Page 32
Rev.A1
18-May-11
24
2-2. Typical Applications
The MIL-SM8DPA implements 8 Gigabit Ethernet TP ports with auto MDIX
and two slots for the removable module supporting comprehensive fiber types of
connection, including LC and BiDi-LC SFP modules. For more details on the
specification of the switch, please refer to Appendix A.
The switch is suitable for the following applications.
Central Site/Remote site application is used in carrier or ISP (See Fig. 2-13)
Peer-to-peer application is used in two remote offices (See Fig. 2-14)
Office network(See Fig. 2-15)
Fig. 2-13 Network Connection between Remote Site and Central Site
Central Site
Page 33
Rev.A1
18-May-11
25
Fig. 2-13 is a system wide basic reference connection diagram. This diagram
demonstrates how the switch connects with other network devices and hosts.
Fig. 2-15 Office Network Connection
Fig. 2-14 Peer-to-peer Network Connection
Page 34
Rev.A1
18-May-11
26
3. Operation of Web-based
Management
This chapter instructs you how to configure and manage the MIL-SM8DPA
through the web user interface it supports, to access and manage the 6-Port
100/1000 Dual Speed SFP and 2-Port Gigabit TP/ (100/1000M) SFP Fiber
management Ethernet switch. With this facility, you can easily access and monitor
through any one port of the switch all the status of the switch, including MIBs status,
each port activity, Spanning tree status, port aggregation status, multicast traffic,
VLAN and priority status, even illegal access record and so on.
The default values of the managed switch are listed in the table below:
IP Address 192.168.1.77
Subnet Mask 255.255.255.0
Default Gateway 192.168.1.254
Username admin
Password root
Table 3-1
After the managed switch has been finished configuratio n in the CLI via the
switch’s serial interface, you can browse it. For instance, type http://192.168.1.77
in
the address row in a browser, it will show the following screen (see Fig.3-1) and ask
you inputting username and password in order to login and ac cess authentication.
The default username and password are both “admin”. For the first time to use,
please enter the default username and password, then click the <Login> button.
The login process now is completed.
Just click the link of “Forget Password” in WebUI (See Fig. 3-1) or input
“Ctrl+Z” in CLI’s login screen (See Fig. 4-1~4-2) in case the user forgets the
manager’s password. Then, the system will display a serial N o. for the user. Write
down this serial No. and contact your vendor, t he vendor will give you a temporar y
password. Use this new password as ID and Password, and it will allow the user to
login the system with manager authority temporaril y. Due to the limit of this new
password, the user only can login the system one time, therefore, please modify
your password immediately after you login in the system successfully.
In this login menu, you have to input the complete username and password
respectively, the switch will not give you a shortcut to username automatically. This
looks inconvenient, but safer.
In the switch, it supports a simple user management function allowing only
one administrator to configure the system at the same time. If there are two or more
users using administrator’s identity, the switch will allow the only one who logins first
to configure the system. The rest of users, even with administrator ’s identity, can
only monitor the system. For those who have no administrator’s identity, can only
monitor the system. There are only a maximum of three users able to login
simultaneously in the switch.
Page 35
Rev.A1
18-May-11
27
To optimize the display effect, we recommend you use Microsoft IE 6.0
above, Netscape V7.1 above or FireFox V1.00 above and have the resolution
1024x768. The switch supported neutral web browser interface.
In Fig. 3-2, for example, left section is the whole function tree with web user
interface and we will travel it through this chapter.
Fig. 3-1
Page 36
Rev.A1
18-May-11
28
3-1. Web Management Home Overview
After you login, the switch shows you the system information as Fig. 3-2. This
page is default and tells you the basic information of the system, including “Model
Name”, “System Description”, “Location”, “Contact”, “Device Name”,
“System Up Time”, “Current Time”, “BIOS Version”, “Firmware Version”,
“Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host
Mac Address”, “Device Port”, “RAM Size” , “Flash Size” and “CPU Load”.
With this information, you will know the software version used, MAC address, serial
number, how many ports good and so on. This is helpful while malfunctioning.
Fig. 3-2
MIL-SM8DPA
Page 37
Rev.A1
18-May-11
29
• The Information of Page Layout
On the top s ide, it shows the front panel of the switch. In the front panel, the
linked ports will display green; as to the ports, which are link off, they will be
dark. For the optional modules, the slot will show only a cover plate if no
module exists and will show a module if a module is present. The image of
module depends on the one you inserted. The same, if discon nected, the port
will show just dark, if linked, green. (See Fig. 3-3)
Fig. 3-3 port detail inf ormation
In Fig. 3-3, it shows the basic information of the clicked port. With this, you’ll
see the information about the port status, traffic status and bandwidth rating for
egress and ingress respectively.
On the left-top corner, there is a pull-down list for Auto Logout. F or the sak e of
security, we provide auto-logout function to protect you from illegal user as you
are leaving. If you do not choose any selection in Auto Logo ut list, it means
you turn on the Auto Logout function and the system will be logged out
automatically when no action on th e device 3 minutes later. If OFF is chosen,
the screen will keep as it is. Default is ON.
On the left side, the main menu tree for web is li sted in the page. They are
hierarchical menu. Open the function f older, a sub-menu will be shown. The
functions of each folder are described in its corresponded section respectivel y.
When clicking it, the function is performed. The following list is the full
functiontree for web user interface.
Page 38
Rev.A1
18-May-11
30
Port
MAC
QoS
System
VLAN
GVRP
SNMP
ACL
Root
IP MAC Bindin
g
802.1X
TACACS+
Trunk
STP
MSTP
Mirrorin
g
Multicast
LLDP
Save/Restore
Export/ Import
Alam
DHCP Snoopin
g
Diagnostics
Maintenance
Logout
Page 39
Rev.A1
18-May-11
31
3-1-1. System Information
Function name:
System Information
Function description:
Show the basic system informat ion.
Fig. 3-4
Parameter description:
Model name:
The model name of this device.
System description:
As it is, this tells what this device is. Here, it is “
Managed Switch, 6
port 100/1000 SFP, 2 Port SFP/ RJ-45 Combo
”.
Location:
Basically, it is the location where this switch is put. User-defined.
Contact:
For easily managing and maintaining device, you may write down the
contact person and phone here for getting help soon. You can configure
this parameter through the device’s user interface or SNMP.
Device name:
The name of the switch. User-defined. Default is
MIL-SM8DPA.
MIL-SM8DPA
MIL-SM8DPA
Page 40
Rev.A1
18-May-11
32
System up time:
The time accumulated since t his switch is powered up. Its format is day,
hour, minute, second.
Current time:
Show the system time of the switch. Its format: day of week, month, day,
hours : minutes : seconds, year. For instance, Wed, Apr. 23, 12:10:10,
2004.
BIOS version:
The version of the BIOS in this switch.
Firmware version:
The firmware version in this switch.
Hardware-Mechanical version:
The version of Hardware and Mechanical. The figure before the hyphen
is the version of electronic hardware; the one after the hyphen is the
version of mechanical.
Serial number:
The serial number is assigned by the Transition.
Host IP address:
The IP address of the switch.
Host MAC address:
It is the Ethernet MAC address of the management agent in this switch.
Device Port:
Show all types and numbers of the port in the switch.
RAM size:
The size of the DRAM in this switch.
Flash size:
The size of the flash memory in this switch.
CPU Loading:
The loading of the CPU on this switch.
Page 41
Rev.A1
18-May-11
33
3-1-2. Account Configuration
In this function, only administrator c an create , modif y or delete t he usernam e
and password. Administrator can modify other guest identities’ password without
confirming the password but it is necessar y to modify the administrator-equivalent
identity. Guest-equivalent identity can modify his password only. Please note that
you must confirm administrator/guest identity in the field of Authoriz ation in advance
before configuring the username a nd password. Only one administrator is allowed
to exist and unable to be deleted. In addition, up to 4 gues t acc ou nts can be cr eated.
The default setting for user account is:
Username : admin
Password : root
Fig. 3-5
Page 42
Rev.A1
18-May-11
34
3-1-3. Time Configuration
The switch provides manual and automatic ways to set the system time via
NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour”,
“Minute” and “Second” within the valid value range indicated in each item. If you
input an invalid value, for exa mple, 61 in minute, the s witch will clamp the figur e to
59.
NTP is a well-known protocol used to synchronize the clock of the switch
system time over a network. NTP, an internet draft standard formalized in RFC 1305,
has been adopted on the system is version 3 protocol. The switch provides four
built-in NTP server IP addresses resided in the Internet and an user-defined NTP
server IP address. The time zone is Greenwich-c enter ed which us es the express ion
form of GMT+/- xx hours.
Function name:
Time
Function description:
Set the system time by manual input or set it b y syncing from Time servers.
The function also supports daylight saving for different area’s time adjustment.
Fig. 3-6
Parameter description:
Current Time:
Show the current time of the system.
Manual:
This is the function to adjust the time manuall y. Filling the valid figures in
the fields of Year, Month, Day, Hour, Minute and Second respectively and
press <Apply> button, time is adjusted. The valid figures for the
Page 43
Rev.A1
18-May-11
35
parameter Year, Month, Day, Hour, Minute and Second are >=2000, 1-12,
1-31, 0-23, 0-59 and 0-59 respectively. Input the wrong figure and press
<Apply> button, the device will reject the time adjustment request. There
is no time zone setting in Manual mode.
Default: Year = 2000, Month = 1, Day = 1
Hour = 0, Minute = 0, Second = 0
NTP:
NTP is Network Time Protocol and is used to sync the network time
based Greenwich Mean Time (GMT). If use the NTP mode and select a
built-in NTP time server or manually specify an user-defi ned NTP server
as well as Time Zone, the switch will sync the time in a short after
pressing <Apply> button. Though it synchronizes the time automatically,
NTP does not update the time periodically without user’s processing.
Time Zone is an offset time off GMT. You have to select the time zone
first and then perform time sync via NTP because the switch will combin e
this time zone offset and updated NTP time to come out the local ti me,
otherwise, you will not able to get the correct time. The switch supports
configurable time zone from –12 to +13 step 1 hour.
Default Time zone: +8 Hrs.
Daylight Saving:
Daylight saving is adopted in some countries. I f set, it will adjust the ti me
lag or in advance in unit of hours, according to th e starting date and the
ending date. For example, if you set the day light saving to be 1 hour.
When the time passes over the starting time, the system time will be
increased one hour after one minute at the time since it passed over. And
when the time passes over the ending time, the system time will be
decreased one hour after one minute at the time since it passed over.
The switch supports valid configurable day light sav ing time is –5 ~ +5
step one hour. The zero for this parameter means it need not have to
adjust current time, equivalent to in-act daylight sav in g. You don’t have to
set the starting/ending date as well. If you set daylight s aving to be nonzero, you have to set the starting/ending date as well; otherwise, the
daylight saving function will not be activated.
Default for Daylight Saving: 0.
The following parameters are configurable for the function Daylight
Saving and described in detail.
Day Light Saving Start :
This is used to set when to start performing the day light saving time.
Mth:
Range is 1 ~ 12.
Default: 1
Day:
Range is 1 ~ 31.
Default: 1
Page 44
Rev.A1
18-May-11
36
Hour:
Range is 0 ~ 23.
Default: 0
Day Light Saving End :
This is used to set when to stop performing the daylight saving time.
Mth:
Range is 1 ~ 12.
Default: 1
Day:
Range is 1 ~ 31.
Default: 1
Hour:
Range is 0 ~ 23.
Default: 0
Page 45
Rev.A1
18-May-11
37
3-1-4. IP Configuration
IP configuration is one of the most important configurations in the switch.
Without the proper setting, network manager will not be able to manage or view the
device. The switch supports both manual IP address setting and automatic IP
address setting via DHCP server. When IP address is changed, you must reboot the
switch to have the setting taken effect and use the new IP to browse for web
management and CLI management.
Function name:
IP Configuration
Function description:
Set IP address, subnet mask, default gateway and DNS for the switch.
Fig. 3-7 IP Address Configuration
Parameter description:
DHCP Setting:
DHCP is the abbreviation of Dynamic Host Configuration Protocol. Here
DHCP means a switch to turn ON or OFF the function.
The switch supports DHCP client used to get an IP address automatically
if you set this function “Enable”. When enabled, the switch will issue the
request to the DHCP server resided in the network to get an IP address.
If DHCP server is down or does not exist, the switch will issue the
request and show IP address is under requesting, until the DHC P server
is up. Before getting an IP address from DHCP server, the device will not
continue booting procedures. If set this field “Disable”, you’ll have to
input IP address manually. For more details about IP address and DHCP,
please see the Section 2-1-5 “IP Address Assignment” in this manual.
Default: Disable
Page 46
Rev.A1
18-May-11
38
IP address:
Users can configure the IP settings and fill in ne w values if users set t he
DHCP function “Disable”. Then, click <Apply> button to update.
When DHCP is disabled, Default: 192.168.1.77
If DHCP is enabled, this field is filled by DHCP server and will not allow
user manually set it any more.
Subnet mask:
Subnet mask is made for the purpose to get more network address
because any IP device in a network must own its IP address, composed
of Network address and Host address, otherwise can’t communicate with
other devices each other. But unfortunately, the network classes A, B,
and C are all too large to fit for almost all networks, hence, subnet mas k
is introduced to solve this problem. Su bnet mask uses some bits from
host address and makes an IP address looked Network address , Subnet
mask number and host address. It is shown in the following figure. T his
reduces the total IP number of a net work able to su pport, by the a mount
of 2 power of the bit number of subnet number (2^(bit number of subnet
number)).
Subnet mask is used to set t he subnet mask value, which should be the
same value as that of the other devices resided in the same network it
attaches.
For more information, please also see the Section 2-1-5 “IP Address
Assignment” in this manual.
Default: 255.255.255.0
Default gateway:
Set an IP address for a gateway to handle those packets that do not
meet the routing rules predefined in the device. If a packet does not meet
the criteria for other pre-defined path, it must be forwarded to a default
router on a default path. This means any packet with undefined IP
address in the routing table will be sent to this device unconditionally.
Default: 192.168.1.254
32 bits
Network ID
Host ID
Network ID Host ID
Subnet number
Page 47
Rev.A1
18-May-11
39
DNS:
It is Domain Name Server used to serve the translation between IP
address and name address.
The switch supports DNS client function to re-route the mn emonic name
address to DNS server to get its associated IP address for accessing
Internet. User can specify a DNS IP address for the switch. With this, the
switch can translate a mnemonic name address into an IP address.
There are two ways to specify the IP address of DNS. One is fixed mode,
which manually specifies its IP address, the other is dynamic mode,
which is assigned by DHCP server while DHCP is enabled. DNS can
help you easily remember the mnemonic address name with the
meaningful words in it. Default is no assignment of DNS address.
Default: 0.0.0.0
Page 48
Rev.A1
18-May-11
40
3-1-5. Loop Detection
The loop detection is used to detect the presence of traffic. When switch
receives packet’s(looping detection frame) MAC address the same as oneself from
port, show Loop detection happens. The port will be locked when it received the
looping detection frames. If you want to resume the locked port, please find out the
looping path and take off the looping path, then select the resume the locked port
and click on “Resume” to turn on the locked ports.
Function name:
Loop Detection
Function description:
Display whether switch open Loop detection.
Fig. 3-8
Parameter description:
Port No:
Display the port number. The number is 1 – 8.
Detection Port - Enable:
When Port No is chosen, and enable port' s Loo p detection, the port c an
detect loop happens. When Port-No is chosen, enable port' s Loop
detection, and the port detects loop happen, port will be Locked. If Loop
did not happen, port maintains Unlocked.
Locked Port - Resu me:
When Port No is chosen, enable port' s Loop detection, and the port
detects loop happen, the port will be Locked. When choosing Resume,
port locked will be opened and turned into unlocked. If not choosing
Resume, Port maintains locked.
Page 49
Rev.A1
18-May-11
41
3-1-6. Management Policy
Through the management security configuration, the manager can do the
strict setup to control the switch and limit the user to access this switch.
The following rules are offered for the manager to manage the switch:
Rule 1) : When no lists exists, then it will accept all connections.
Accept
-----------------------------------------------------------------------
Rule 2) : When only “accept lists” exist, then it will deny all connections,
excluding the connection inside of the accepting range.
Accept Deny Accept Deny Accept
-----------------------------------------------------------------------
Rule 3) : When only “deny lists” exist, then it will accept all connections,
excluding the connection inside of the denying range.
Deny Accept Deny Accept Deny
-----------------------------------------------------------------------
Rule 4) : When both “accept and deny” lists exist, then it will deny all
connections, excluding the connection inside of the accepting range.
Accept Deny Deny Deny Accept
-----------------------------------------------------------------------
Rule 5) : When both “accept and deny” lists exist, then it will deny all
connections, excluding the connection inside of the accepting range and NOT
inside of the denying range at the same time.
Accept
Den
y
Deny| Acc | Deny | Acc | Deny
----------------------------------------------------------------------
Accept
Page 50
Rev.A1
18-May-11
42
Function name:
Management Security Configuration
Function description:
The switch offers Management Security Configuration function. With this
function, the manager can easily control the mode that the user connects to
the switch. According to the mode, users can be classified into two types:
Those who are able to connect to the switch (Accept) and those who are
unable to connect to the switch (Den y). Some restrictions also can be placed
on the mode that the user connect to the switch, for example, we can decid e
that which VLAN VID is able to be accepted or denied by the switch, the IP
range of the user could be accepted or denied by the switch, the port that the
user is allowed or not allowed to connect with the switch, or the way of
controlling and connecting to the switch via Http, Telnet or SNMP.
Fig. 3-9
Fig. 3-10
Parameter description:
Add:
A new entry of Management Security Configuration can be created after
the parameters as mentioned above had been setup and then press
<Add> button. Of course, the existed entry also can be modified by
pressing this button.
Delete:
Remove the existed entry of Management Security Configuration from
the management security table.
Page 51
Rev.A1
18-May-11
43
Name:
A name is composed of any letter (A-Z, a-z) and digit (0-9) with maximal
8 characters.
VID:
The switch supports two kinds of options for managed valid VLAN VID,
including “Any” and “Custom”. Default is “Any”. When you choose
“Custom”, you can fill in VID number. The valid VID range is 1~4094.
IP Range:
The switch supports two kinds of options for managed valid IP Range,
including “Any” and “Custom”. Default is “Any”. In case that” Custom”
had been chosen, you can assigned effective IP range. The valid range
is 0.0.0.0~255.255.255.255.
Incoming Port:
The switch supports two kinds of options for managed valid Port Range,
including “Any” and “Custom”. Default is “An y”. You can select the ports
that you would like them to be worked and restricted in t he management
security configuration if ”Custom” had been chosen.
Access Ty pe:
The switch supports two kinds of options
for managed valid Access Type,
including “Any” and “Custom”. Default is “Any”. “Http”, “Telnet” and
“SNMP” are three ways for the access and managing the switch in case
that” Custom” had been chosen.
Action:
The switch supports two kinds of options
for managed valid Action Type,
including “Deny” and “Accept”. Default is “Deny”. When you choose
“Deny” action, you will be restricted and refused to manage the switch
due to the “Access Type” you choose. However, while you select
“Accept” action, you will have the authority to manage the switch.
Page 52
Rev.A1
18-May-11
44
3-1-7. Syslog
The Syslog is a standard for logging program messages . It allows
separation of the software that generates messages from the system that stores
them and the software that reports and analyzes them. It can be used as well a
generalized informational, analysis and debugging mess ages. It is supported by a
wide variety of devices and receivers across multiple platforms.
Function name:
Syslog
Function description:
The Syslog allows you to configure the syslog server address and
enable/disable messages sent to the syslog server from switch port unmber.
Fig. 3-11
Parameter description:
Syslog:
Evoke the “Enable” to enable syslog function .
IP Address:
The IP address of the Syslog Server.
Port:
Filters the log to send syslog message with the selected port of PC host
(or Syslog server , ex: 514).
Page 53
Rev.A1
18-May-11
45
3-1-8. System Log
The System Log provides information about system logs, including
information when the device was booted, how the ports are operating, when users
logged in, when sessions timed out, as well as other system information.
Function name:
System Log
Function description:
The Trap Log Data is displaying the log items including all SNMP Private Trap
events, SNMP Public traps and user logs occurred in the system. In the report
table, No., Time and Events are three fields contained in each trap record.
Fig. 3-11
Parameter description:
No:
Display the order number that the trap happened.
Time:
Display the time that the trap happened.
Desc:
Displays a description event recorded in the System Log.
Clear:
Clear log data.
Page 54
Rev.A1
18-May-11
46
3-1-9. Virtual Stack
Function name:
Virtual Stack
Function description:
Virtual Stack Management(VSM) is the group management function. Through
the proper configuration of this function, switches in the same LAN will be
grouped automatically. And among these switch, one switch will be a master
machine, and the others in this group will become the slave devices.
VSM offers a simple centralized management function. It is not necessary to
remember the address of all devices, manager is c apable of managing the
network with knowing the address of the Master machine. Instead of SNMP or
Telnet UI, VSM is only available in Web UI. While one switch become the
Master, two rows of buttons for group device will appear on the top of its Web
UI. By pressing these buttons, user will be allowed to connect the Web UI of
the devices of the group in the same window without the login of these device.
The most top-left button is only for Master device(See Fig.3-9). The
background color of the button you press will b e changed to re present that th e
device is under your management.
Note: It will remove the grouping temporarily in case that you login the switch
via the console.
The device of the group will be shown as station address ( the last number of
IP Address) + device name on the button (e.g. 196_MIL-SM8DPA), otherwise
it will show ” ---- “ if no corresponding device exists.
Once the devices join the group successfull y, then they are merely able to be
managed via Master device, and user will fail to manage them via
telnet/console/web individually.
Up to 16 devices can be grouped for VSM, however, only one Master is
allowed to exist in each group. For Master redundancy, user may configure
more than two devices as Master device, however, the Master device with the
smaller MAC value will be the Master one. All of these 16 devices can
become Master device and back up with each other .
Fig. 3-10-1
Page 55
Rev.A1
18-May-11
47
Parameter description:
State:
It is used for the activation or de-activation of VSM. Default is Enable.
Role:
The role that the switch would like to play in virtual stack. Two types of
roles, including master and slave are offered for option. Default is Master.
Group ID:
It is the group identifier (GID) which sig ns for VS M. Valid letters are A-Z,
a-z, 0-9, “
- “ and “_” characters. The maximal length is 15 characters.
Page 56
Rev.A1
18-May-11
48
3-2. Port Configuration
Four functions, including Port Status, Port Configuration, Sim ple Count er and
Detail Counter are contained in this function folder for port monitor and
management. Each of them will be described in detail orderly in the following
sections.
3-2-1. Port Configuration
Port Configuration is applied to change the setting of each port. In this
configuration function, you can set/reset the following functions. All of them are
described in detail below.
Function name:
Port Configuration
Function description:
It is used to set each port’s operation mode. The switch supports 3 parameters
for each port. They are state, mode and flow control.
Fig. 3-12
Configuration
Status
Simple Counter
Detail Counter
Port Configuration
Power savin
g
Page 57
Rev.A1
18-May-11
49
Parameter description:
Speed:
Set the speed and duplex of the port. In speed, if the media is 1Gbps
fiber, it is always 1000Mbps and the duplex is full only. If the media is TP,
the Speed/Duplex is comprised of the combination of speed mode,
10/100/1000Mbps, and duplex mode, full duplex and half duplex. The
following table summarized the function the media supports.
Media type NWay Speed Duplex
1000M TP ON/OFF 10/100/1000M Full for all, Half for 10/100
1000M Fiber ON/OFF 1000M Full
In Auto-negotiation mode, no default value. In Forced mode, default
value depends on your setting.
Flow Control:
There are two modes to choose in flow control, including Enable and
Disable. If flow control is set Enable, both parties can send PAUSE frame
to the transmitting device(s) if the receiving port is too busy to handle.
When it is set Disable, there will be no flow control in the port. It drops
the packet if too much to handle.
Maximum Frame:
This module offer 1518~9600 (Bytes) length to make the long packet.
Excessive Collision Mode:
There are two modes to choose when exces sive c ollision ha ppen in halfduplex condition as below:
Discard: The “Discard” mode determines whether the MAC drop frames
after an excessive collision has occurred. If set, a frame is dropped after
excessive collisions. This is IEEE Std 802.3 half-duplex flow control
operation.
Restart: The “Restart” mode determines whether the MAC retransmits
frames after an excessive collision has occurred. If set, a frame is not
dropped after excessive collisions, but the backoff sequence is restarted.
This is a violation of IEEE Std 802.3, but is useful in non-dropping half-
duplex flow control operation.
Description:
Description of device ports can not include “ # % & ‘ + \.
Page 58
Rev.A1
18-May-11
50
3-2-2.Port Status
The function Port Status gathers the information of all ports’ current status
and reports it by the order of port number, media, link status, port state, AutoNegotiation status, speed/duplex, Rx Pause and Tx Pause. An extra media type
information for the module ports 21 and 24 is also offered (See Fig. 3-14).
Function name:
Port Status
Function Description:
Report the latest updated status of all ports in this switch. When any one of the
ports in the switch changes its parameter displayed in the page, it will be
automatically refreshed the port current status about every 5 seconds.
Fig. 3-13
Parameter Description:
Port:
Display the port number. The number is 1 – 8. Both port 7 ~ 8 are
optional modules.
State:
Display the port state. V means the port state is healthy and X means the
port is failure.
Link:
Show that if the link on the port is active or not. If the link is c onnected to
a working-well device, the Link will s how the link “Up”; otherwise, it will
show “Down”. This is determined by the hardware on both devices of the
connection.
No default value.
Page 59
Rev.A1
18-May-11
51
Speed / Duplex Mode:
Display the speed and duplex of all port. There are three speeds 10Mbps,
100Mbps and 1000Mbps supported for TP media, and the duplex
supported is half duplex and full duplex. If the media is 1Gbps fiber, it is
1000Mbps supported only. The status of speed/duplex mode is
determined by 1) the negotiation of both local port and link partner in
“Auto Speed” mode or 2) user setting in “Force” mode. The local port has
to be preset its capability .
Default: None, depends on the result of the negotiation.
Flow Control:
Show each port’s flow control status.
There are two types of flow control in Ethernet, Backpressure for half-
duplex operation and Pause flow control (IEEE802.3x) for full-duplex
operation. The switch supports both of them.
Default: None, depends on the result of the negotiation.
Description:
network managers provide a description of device ports.
Fig. 3-14
Page 60
Rev.A1
18-May-11
52
Parameter description of Port 7 ~ Port 8:
Connector Type:
Display the connector type, for instance, UTP, SC, ST, LC and so
on.
Fiber Type:
Display the fiber mode, for instance, Multi-Mode, Single-Mode.
Tx Central Wavelength:
Display the fiber optical transmitting central wavelength, for
instance, 850nm, 1310nm, 1550nm and so on.
Baud Rate:
Display the maximum baud rate of the fiber module supported, for
instance, 10M, 100M, 1G and so on.
Vendor OUI:
Display the Manufacturer's OUI code which is assigned by IEEE.
Vendor Name:
Display the company name of the module manufacturer.
Vendor P/N:
Display the product name of the naming by module manufacturer.
Vendor Rev (Revision):
Display the module revision.
Vendor SN (Serial Number):
Show the serial number assigned by the manufacturer.
Date Code:
Show the date this SFP module was made.
Temperature:
Show the current temperature of SFP module.
Vcc:
Show the working DC voltage of SFP module.
Mon1(Bias) mA:
Show the Bias current of SFP module.
Mon2(TX PWR):
Show the transmit power of SFP module.
Mon3(RX PWR):
Show the receiver power of SFP module.
Page 61
Rev.A1
18-May-11
53
3-2-3. Simple Counter
The function of Simple Counter collects any information and provides the
counting about the traffic of the port, no matter the packet is good or bad.
In the Fig. 3-15, the window can show all ports’ counter information at the
same time. Each data field has 20-digit long. If the counting is overflo w, the counter
will be reset and restart counting. The data is updated every time interval defined b y
the user. The Refresh Interval is used to set the update frequency.
Function name:
Simple Counter
Function description:
Display the summary counting of each port’s traffic, including Tx Byte, Rx Byte,
Tx Packet, Rx Packet, Tx Collision and Rx Error Packet.
Fig. 3-15
Parameters description:
Packets:
Transmit::
The counting number of the packet transmitted.
Receive:
The counting number of the packet received.
Bytes:
Transmit::
Total transmitted bytes.
Receive:
Total received bytes.
Page 62
Rev.A1
18-May-11
54
Errors:
Transmit::
Number of bad packets transmitted.
Receive:
Number of bad packets received.
Drops
Transmit::
Number of packets transmitted drop.
Receive:
Number of packets received drop.
Auto-refresh:
The simple counts will be refreshed automatically on the UI screen.
Refresh:
The simple counts will be refreshed manually when user use mouse to
click on “Refresh” button.
Clear:
The simple counts will be reset to zero when user use mouse to click
on “Clear” button.
Page 63
Rev.A1
18-May-11
55
3-2-4. Detail Counter
The function of Detail Counter collects any information and provides the
counting about the traffic of the port, no matter the packet is good or bad.
In the Fig. 3-16, the window can show only one port counter information at
the same time. To see another port’s counter, you have to pull down the list of
Select, then you will see the figures displayed about the port you had chosen.
Each data field has 20-digit long. If th e counting is overflow, the counter will
be reset and restart counting. The data is updated every time interval define d by the
user. The valid range is 3 to 10 seconds. The Refresh Interval is used to set the
update frequency. Default update time is 3 seconds.
Function name:
Detail Counter
Function description:
Display the detailed counting number of each port’s traffic. In the Fig. 3-14, the
window can show all counter information of each port at one time.
Fig. 3-16
Parameter description:
Rx Packets:
The counting number of the packet received.
RX Octets:
Total received bytes.
Rx High Priority Packets:
Number of Rx packets classified as high priority.
Rx Low Priority Packets:
Number of Rx packets classified as low priority.
Page 64
Rev.A1
18-May-11
56
Rx Broadcast:
Show the counting number of the received broadcast packet.
Rx Multicast:
Show the counting number of the received multicast packet.
Tx Packets:
The counting number of the packet transmitted.
TX Octets:
Total transmitted bytes.
Tx High Priority Packets:
Number of Tx packets classified as high priority.
Tx Low Priority Packets:
Number of Tx packets classified as low priority.
Tx Broadcast:
Show the counting number of the transmitted broadcast packet.
Tx Multicast:
Show the counting number of the transmitted multicast packet.
Rx 64 Bytes:
Number of 64-byte frames in good and bad packets received.
Rx 65-127 Bytes:
Number of 65 ~ 126-byte frames in good and bad packets received.
Rx 128-255 Bytes:
Number of 127 ~ 255-byte frames in good and bad packets received.
Rx 256-511 Bytes:
Number of 256 ~ 511-byte frames in good and bad packets received.
Rx 512-1023 Bytes:
Number of 512 ~ 1023-byte frames in good and bad packets received.
Rx 1024-Bytes:
Number of 1024-max_length-byte frames in good and bad packets
received.
Tx 64 Bytes:
Number of 64-byte frames in good and bad packets transmitted.
Tx 65-127 Bytes:
Number of 65 ~ 126-byte frames in good and bad packets transmitted.
Tx 128-255 Bytes:
Number of 127 ~ 255-byte frames in good and bad packets transmitted.
Tx 256-511 Bytes:
Page 65
Rev.A1
18-May-11
57
Number of 256 ~ 511-byte frames in good and bad packets transmitted.
Tx 512-1023 Bytes:
Number of 512 ~ 1023-byte frames in good and bad packets transmitted.
Tx 1024-Bytes:
Number of 1024-max_length-byte frames in good and bad packets
transmitted.
Rx CRC/Alignment:
Number of Alignment errors and CRC error packets received.
Rx Undersize:
Number of short frames (<64 Bytes) with valid CRC.
Rx Oversize:
Number of long frames(according to ma x_length r egister) with valid CRC.
Rx Fragments:
Number of short frames (< 64 bytes) with invalid CRC.
Rx Jabber:
Number of long frames(according tomax_length register) with invalid
CRC.
Rx Drops:
Frames dropped due to the lack of receiving buffer.
Rx Errors:
Number of the error packet received.
Tx Collisions:
Number of collisions transmitting frames experienced.
Tx Drops:
Number of frames dropped due to excessive collision, late collision, or
frame aging.
Tx FIFO Drops:
Number of frames dropped due to the lack of transmitting buffer.
Auto-refresh:
The detail counts will be refreshed automatically on the UI screen.
Refresh:
The detail counts will be refreshed manually when user use mouse to
click on “Refresh” button.
Clear:
The detail counts will be reset to zero when user use mouse to click on “Clear”
button
Page 66
Rev.A1
18-May-11
58
3-2-5. Power Saving
The function of Power Saving and provides the Power saving for reduc e the
power consumption with "ActiPHY Power Management" and "Perfec tReach Power
Management" two technique.It could efficient saving the switch Power when the
client idle and detec the cable length to provide different power.
Function name:
Power Saving
Function description:
The function using "ActiPHY Power Management" and "PerfectReach Power
Management" to save the switch’s power consumption.
Fig. 3-16-1
Parameter description:
Power Saving:
The parameter will enable or disable to verify switches hav e the abilit y to
consider the length of any Ethernet cable connected for adjustment of
power usage accordingly. Shorter lengths require less power. link-down
mode removes power for each port that does not have a device attached.
Default: Disable.
Page 67
Rev.A1
18-May-11
59
3-3. VLAN
The switch supports Tag-based VLAN (802.1Q) and Port-based VLAN.
Support 4094 active VLANs and VLAN ID 1~4094. VLAN configuration is used to
partition your LAN into small ones as your demand. Properl y configuring it, you can
gain not only improving security and increasing performance bu t greatly reducing
VLAN management.
3-3-1. VLAN Mode
Function name:
VLAN Mode Setting
Function description:
The VLAN Mode Selection function includes five modes: Port-based, Tagbased, Metro Mode, Double-tag and Disable, you can choose one of them by
pulling down list and selecting an item. Then, click <Apply> button, the
settings will take effect immediately.
Fig. 3-17
Parameter description:
VLAN Mode:
Port-based:
Port-based VLAN is defined by port. A ny packet coming in or outgoing
from any one port of a port-based VLAN will be accepted. No filtering
criterion applies in port-based VLAN. The o nly criterion is the physical
port you connect to. For example, for a port-based VLAN named
PVLAN-1 contains port members Port 1&2&3&4. If you are on the port
1, you can communicate with port 2&3&4. If you are on the port 5, then
you cannot talk to them. Each port-based VLAN you built up must be
assigned a group name. This switch can support up to maximal 24 portbased VLAN gr oups.
Tag-based:
Tag-based VLAN identifies its member by VID. This is quite different
from port-based VLAN. If there are any more rules in ingress filtering list
or egress filtering list, the packet will be screened with more filtering
criteria to determine if it can be forwarded. The switch supports
supplement of 802.1q. For more details, please s ee the section VLAN
in Chapter 3.
Each tag-based VLAN you built up must be as signed VLAN name and
VLAN ID. Valid VLAN ID is 1-4094. User can create total up to 4094
Tag VLAN groups.
Page 68
Rev.A1
18-May-11
60
3-3-2. Tag-based Group
Function name:
Tag-based Group Configuration
Function description:
It shows the information of existed Tag-based VLAN Groups, You can also
easily create, edit and delete a Tag-based VLAN group by pressing <Add>,
<Edit> and <Delete> function buttons. User can add a ne w VLAN group by
inputting a new VLAN name and VLAN ID.
Fig. 3-18
Parameter description:
VLAN Name:
The name defined by administrator is associated with a VLAN group.
Valid letters are A-Z, a-z, 0-9, “
- “ and “_” characters. The maximal
length is 15 characters.
VLAN ID:
VLAN identifier. Each tag-based VLAN group has a unique VID. It
appears only in tag-based and Double-tag mode.
IGMP Proxy:
IGMP proxy enables the switch to issue IGMP host messages on behalf
of hosts that the system discovered through standard IGMP interfaces.
The system acts as a proxy for its hosts. This switch can be set IGMP
function “Enable” or “Disable” by VLAN group. If the VLAN group
IGMP proxy is disabled, the switch will stop the exchange of IGMP
messages in the VLAN group members. If the VLAN group IGMP proxy
is enabled, the switch will support the exchang e of IGMP messages in
the VLAN group members and follow up IGMP proxy router port
configuration, which connects to a rout er closer to the root of the tree.
This interface is the upstream interface. The router on the upstream
interface should be running IGMP. You enable IGMP on the interfaces
that connect the system to its hosts that are farther away from the root of
the tree. These interfaces are known as downstream interfaces. Please
refer to 3-15-1 for detail IGMP Proxy function description.
Page 69
Rev.A1
18-May-11
61
Member Port:
This is used to enable or disable if a port is a member of t he new added
VLAN, “Enable” means it is a member of the VLAN. Just tick the check
box (
) beside the port x to enable it.
Add new VLAN:
Please click on <Add new VLAN> to create a new Tag-based VLAN.
Input the VLAN name as well as VID, configure the SYM-VLAN function
and choose the member by ticking the check box beside the port No.,
then, press the <Apply> button to have the setting taken effect.
Fig. 3-19
Delete Group:
Just press the <Delete> button to remove the selected group entry from
the Tag-based group table.
Fig. 3-20
Note: If you need use PVLAN( Private VLAN) function on Switch then you
need follow up the process as below:
a. Create a VLAN as primary VLAN and the VLAN ID is 2 and evoke the Private
VLAN to enable Private VLAN service.
b. Assign port member to the VLAN2
Page 70
Rev.A1
18-May-11
62
Fig. 3-20-1
c. You need to assign these ports for member of port isolation.
Fig. 3-20-2
d. Press the “Save” to complete the PVLAN configuration process.
Page 71
Rev.A1
18-May-11
63
3-3-3. Port-based Group
Function name:
Port-based Group Configuration
Function description:
It shows the information of the existed Port-based VLAN Groups. You can
easily create, edit and delet e a Port-based VLAN group by pressing <Add>,
<Edit> and <Delete> function buttons. User can add a ne w VLAN group by
inputting a new VLAN name.
Fig. 3-21
Parameter description:
VLAN Name:
The name defined by administrator is associated with a VLAN group.
Valid letters are A-Z, a-z, 0-9, “
- “ and “_” characters. The maximal
length is 15 characters.
Member Port:
This is used to enable or disable if a port is a member of t he new added
VLAN, “Enable” means it is a member of the VLAN. Just tick the check
box (
) beside the port x to enable it.
Add new VLAN:
Create a new Port-based VLAN. Input the VLAN name and choose the
member by ticking the check box beside the port No., then, press the
<Apply> button to have the setting taken effect.
Fig. 3-22
Page 72
Rev.A1
18-May-11
64
Delete Group:
Just press the <Delete> button to remove the selected group entry from
the Port-based group table.
Fig. 3-23
Page 73
Rev.A1
18-May-11
65
3-3-4. Ports
Function name:
Ports (Under tag-base VLAN mode)
Function description:
In VLAN Tag Rule Setting, user can input VID number to each port. The range
of VID number is from 1 to 4094. User also can choose ingr ess filtering rules
to each port. There are two ingress filtering rules which can be applied to the
switch. The Ingress Filtering Rule 1 is “forward o nl y packets with VID matching
this port’s configured VID”. The Ingress Filtering Rule 2 is “drop untagged
frame”. You can also select the Role of each port as Access, Trunk, or Hybrid.
Fig. 3-24
Parameter description:
Port 1-8:
Port number.
VLAN Aware:
Based on IEEE 802.1Q VLAN tag to forward packet
Ingress Filtering:
Discard other VLAN group packets, only forward this port joined VLAN
group packets
Frame Type:
All: Forward all tagged and untagged packets
Tagged: Forward tagged packets only and discard untagged packets
PVID:
This PVID range will be 1-4094. Before you set a num ber x as PVID, you
have to create a Tag-based VLAN with VID x. For example, if port x
receives an untagged packet, the switch will appl y the PVID (assume as
VID y) of port x to tag this packet, the packet then will be forwarded as
the tagged packet with VID y.
Page 74
Rev.A1
18-May-11
66
Role:
This is an egress rule of the port. Here you can choose Access, Trunk or
Hybrid. Trunk means the outgoing packets must carry VLAN tag header.
Access means the outgoing packets carry no VLAN tag header. If
packets have double VLAN tags, one will be dropped a nd the other will
still be left. As to Hybrid, it is similar to Trunk, and both of them will tagout. When the port is set to Hybrid, its packets will be untagged out if the
VID of the outgoing packets with tag is the same as the one in the fi eld of
Untag VID of this port.
Untag VID:
Valid range is 1~4094. It works only when Role is set to Hybrid.
Double Tag:
Double-tag mode belongs to the tag-based mode, however, it would treat
all frames as the untagged ones, which means that tag with PVID will be
added into all packets. Then, these packets will be forwarded as Tagbased VLAN. So, the incoming packets with tag will become the doubletag ones. Scroll to enable the function and default is Disable.
Page 75
Rev.A1
18-May-11
67
3-3-5. Port Isolation
Function name:
Port Isolation
Function description:
Port Isolation provides for an apparatus and method to isolate p orts on layer 2
switches on the same VLAN to restrict traffic flow. The apparatus comprises a
switch having said plurality of ports, each port configured as a protecte d port
or a non-protected port. An address table memory stores an address table
having a destination address and port number pair. A forwarding map
generator generates a forwarding map which is responsive to a destination
address of a data packet. The method for isolating ports on a layer 2 switch
comprises configuring each of t he ports on the layer 2 switch as a protected
port or a non-protected port. A destination address on an data packet is
matched with a physical address on sai d layer 2 switch and a for warding map
is generated for the data packet based upon the destination address on the
data packet. The data packet is then sent to the plurality of ports pursuant to
the forwarding map generated based upon whether the ingress port was
configured as a protected or non-protected port.
Fig. 3-24-1
Parameter description:
Port 1-8:
Port number. To evoke the port which you want to enable the Port
Isolation service.
Save:
Press the “Save” to complete the PVLAN configuration process.
删除的内容
:
Page 76
Rev.A1
18-May-11
68
3-3-6. Management VLAN
Function name:
Management VLAN
Function description:
To assign a specific VLAN for management purpose.
Fig. 3-25
Parameter description:
VID: Specific Management VLAN ID.
Page 77
Rev.A1
18-May-11
69
3-4. MAC
MAC Table Configuration gathers many functions, including MAC Table
Information, MAC Table Maintenance, Static Forward, Static Filter an d MAC Alias,
which cannot be categorized to some function type. They are described below.
3-4-1. Mac Address Table
Function name:
MAC Address Table Information
Function Description:
This function can allow the user to set up the process ing mechanism of MAC
Table. An idle MAC address exceeding MAC Address Age-out Time will be
removed from the MAC Table. The range of Age-out Time is 10-1000000
seconds, and the setup of this time will have no effect on static MAC
addresses.
In addition, the learning limit of MAC mainte nance is able to limit the amount
of MAC that each port can learn.
Fig. 3-26
Parameter description:
Aging Time:
Delete a MAC address idling for a peri od of time from the MAC Table,
which will not affect static MAC address. Range of MAC Address Aging
Time is 10-1000000 seconds. The default Aging Time is 300 seconds.
Page 78
Rev.A1
18-May-11
70
Disable automatic aging:
Stop the MAC table aging timer, the learned MAC address will not age
out automatically
Auto:
Enable this port MAC address dynamic learning mechanism.
Disable:
Disable this port MAC address dynamic learning mechanism, only
support static MAC address setting.
Secure:
Disable this port MAC address dynamic learning mechanism and copy
the dynamic learning packets to CPU
Save:
Save MAC Address Table configuration
Reset:
Reset MAC Address Table configuration
Flush:
Remove all non-static MAC entry
Page 79
Rev.A1
18-May-11
71
3-4-2. Static Filter
Function name:
Static Filter
Function Description:
Static Filter is a function that denies the packet for warding if the p acket’s MAC
Address is listed in the filtering Static Filter table. User can very easily
maintain the table by filling in MAC Address, VID (VLAN ID) and Alias fields
individually. User also can delete the existed entry by clicking <Delete> button.
Fig. 3-27
Parameter description:
MAC:
It is a six-byte long Ethernet hardware address and usuall y express ed by
hex and separated by hyphens. For example,
00 – 40 - C7 - D6 – 00 - 02
VID:
VLAN identifier. This will be filled only when tagged VLAN is applied.
Valid range is 1 ~ 4094.
Alias:
MAC alias name y ou assign.
Page 80
Rev.A1
18-May-11
72
3-4-3. Static Forward
Function Name:
Static Forward
Function Description:
Static Forward is a function that all ows the user in the static forward table t o
access a specified port of the s witch. Static Forward table associated with a
specified port of a switch is set up b y manually inputting MAC addres s and its
alias name.
When a MAC address is assigned to a specific port, all of the switch’s traffics
sent to this MAC address will be forwarded to this port.
For adding a MAC address entry in the allo wed table, you just need to fill in
four parameters: MAC address, associated port, VID and Alias. Just select the
existed MAC address entry you want and click <Delete> but ton, you also can
remove it.
Fig. 3-28
Parameter description:
MAC:
It is a six-byte long Ethernet hardware address and usuall y express ed by
hex and separated by hyphens. For example,
00 – 40 - C7 - D6 – 00 - 01
Port No:
Port number of the switch. It is 1 ~8.
VID:
VLAN identifier. This will be filled only when tagged VLAN is applied.
Valid range is 1 ~ 4094.
Alias:
MAC alias name y ou assign.
Page 81
Rev.A1
18-May-11
73
3-4-4. MAC Alias
Function name:
MAC Alias
Function description:
MAC Alias function is used to let you assign MAC address a plain English
name. This will help you tell which MAC address belongs to which user in the
illegal access report. At the initial time, it shows all pairs of the existed alias
name and MAC address.
There are three MAC alias functions in this function folder, including MAC Alias
Add, MAC Alias Edit and MAC Alias Delete. You can click <Create/Edit>
button to add/modify a new or an existed alias name for a specified MAC
address, or mark an existed entry to delete it. Alias na me must be composed
of A-Z, a-z and 0-9 only and has a maximal length of 15 characters.
Fig. 3-29
Parameter description:
MAC Address:
It is a six-byte long Ethernet hardware address and usuall y express ed by
hex and separated by hyphens. For example,
00 – 40 - C7 - D6 – 00 - 01
Alias:
MAC alias name y ou assign.
Note: If there are too many MAC addresses learned in the table, we
recommend you inputting the MAC address and alias name directly.
Page 82
Rev.A1
18-May-11
74
3-4-5. MAC Table
Function name:
MAC Table
Function Description:
Display the static or dynamic learning MAC entry and the state for the selected
port.
Fig. 3-30
Parameter description:
Alias:
MAC alias name y ou assign.
MAC address:
Display the MAC address of one entry you selected from the searched
MAC entries table.
Port:
The port that exists in the searched MAC Entry.
VID:
VLAN identifier. This will be filled only when tagged VLAN is applied.
Valid range is 1 ~ 4094.
Status:
Dynamic or Static MAC address information.
Refresh:
Refresh function can help you to see current MAC Table status.
Clear:
To clear the selected entry.
Previous Page:
Move to the previous page.
Next Page:
Move to the next page.
Page 83
Rev.A1
18-May-11
75
3-5. GVRP
GVRP is an application based on Generic Attribute Registration Protocol
(GARP), mainly used to automatically and dynamically maintain the group
membership information of the VLANs. The GVRP offers the function providing the
VLAN registration service through a GARP application. It makes use of GARP
Information Declaration (GID) to maintain the ports associated with their attribute
database and GARP Information Propagation (GIP) to communicate among
switches and end stations. With GID information and GIP, GVRP state machine
maintain the contents of Dynamic VLAN Registration Entries for each VLAN and
propagate these information to other GVRP-aware devices to setup and update
their knowledge database, the set of VLANs associated with currently active
members, and through which ports these members can be reached.
In GVRP Configuration function folder, there are three functions supported,
including GVRP Config, GVRP Counter and GVRP Group explained below.
3-5-1. Config
Function name:
GVRP Configuration
Function description:
In the function of GVRP Config, it is used to configure each port’s GVRP
operation mode, in which there are seven parameters needed to be c onfig ured
described below.
Fig. 3-31
Parameter description:
GVRP State:
This function is simply to let you enable or disable GVRP function. You
can pull down the list and click the <Downward> arrow key to choose
“Enable” or “Disable”. Then, click the <Apply> button, the system will
take effect immediately.
Page 84
Rev.A1
18-May-11
76
Join Time:
Used to declare the Join Time in unit of centisecond. Valid time range:
20 –100 centisecond, Default: 20 centisecond.
Leave Time:
Used to declare the Leave Time in unit of centisecond. Valid time range:
60 –300 centisecond, Default: 60 centisecond.
Leave All Time:
A time period for announcement that all registered device is going to be
de-registered. If someone still issues a new join, then a regist ration will
be kept in the switch. Valid range: 1000-5000 unit time, Default: 1000 unit
time.
Default Applicant Mode:
The mode here means the type of participant. There are two modes,
normal participant and non-participant, provided for the user’s choice.
Normal:
It is Normal Participant. In this mode, the switch participates
normally in GARP protocol exchanges. The default setting is
Normal.
Non-Participant:
It is Non-Participant. In this mode, the switch does not send or
reply any GARP messages. It just listens messages and
reacts for the received GVRP BPDU.
Default Registrar Mode:
The mode here means the type of Registrar. There are three types of
parameters for registrar administrative control value, normal registrar,
fixed registrar and forbidden registrar, provided for the user’s choice.
Normal:
It is Normal Registration. The Registrar responds normally to
incoming GARP messages. The default setting is Normal.
Fixed:
It is Registration Fixed. The Registrar ignores all GARP
messages, and all members remain in the registered (IN)
state.
Forbidden:
It is Registration Forbidden. The Registrar ignores all GARP
messages, and all m embers remain in the unregistered
(EMPTY) state.
Restricted Mode:
This function is used to restrict dynamic VLAN be created when this port
received GVRP PDU. There are two modes, disable and enable,
provided for the user’s choice.
Page 85
Rev.A1
18-May-11
77
Disabled:
In this mode, the switch dynamic VLAN will be created when
this port received GVRP PDU. The default setting is Normal.
Enabled:
In this mode, the switch does not create dynamic VLAN when this
port received GVRP PDU. Except received dynamic VLAN message
of the GVRP PDU is an existed static VLAN in the switch, this port
will be added into the static VLAN members dy namically.
Page 86
Rev.A1
18-May-11
78
3-5-2. Counter
Function name:
GVRP Counter
Function description:
All GVRP counters are mainly divided into Received and Transmitted two
categories to let you monitor the GVRP actions. Actually, they are GARP
packets.
Fig. 3-32
Parameter description:
Received:
Total GVRP Packets:
Total GVRP BPDU is received by the GVRP application.
Invalid GVRP Packet s:
Number of invalid GARP BPDU is received by the GARP
application.
LeaveAll Message Packets:
Number of GARP BPDU with Leave All message is received by the
GARP application.
JoinEmpty Message Packets:
Number of GARP BPDU with Join Empty message is received by
the GARP application.
JoinIn Message Packets:
Number of GARP BPDU with Join In message is received by the
GARP application.
LeaveEmpty Message Packets:
Number of GARP BPDU with Leave Empty message is received by
the GARP application.
Page 87
Rev.A1
18-May-11
79
Empty Message Packets:
Number of GARP BPDU with Empty message is received by the
GARP application.
Transmitted:
Total GVRP Packets:
Total GARP BPDU is transmitted by the GVRP application.
Invalid GVRP Packet s:
Number of invalid GARP BPDU is transmitted by the GVRP
application.
LeaveAll Message Packets:
Number of GARP BPDU with Leave All message is transmitted
by the GARP application.
JoinEmpty Message Packets:
Number of GARP BPDU with Join Empty message is transmitted by
the GARP application.
JoinIn Message Packets:
Number of GARP BPDU with Join In message is transmitted by the
GARP application.
LeaveEmpty Message Packets:
Number of GARP BPDU with Leave Empty message is transmitted
by the GARP application.
Empty Message Packets:
Number of GARP BPDU with Empty message is transmitted by the
GARP application.
Page 88
Rev.A1
18-May-11
80
3-5-3. Group
Function name:
GVRP Group VLAN Information
Function description:
To show the dynamic group member and their information.
Fig. 3-33
Parameter description:
VID:
VLAN identifier. When GVRP group creates, each dynamic VLAN group
owns its VID. Valid range is 1 ~ 4094.
Member Port:
Those are the members belonging to the same dynamic VLAN group.
Edit Administrative Control:
When you create GVRP group, you can use Administrative Control
function to change Applicant Mode and Registrar Mode of GVRP group
member.
Page 89
Rev.A1
18-May-11
81
3-6. QoS(Quality of Service) Configuration
The switch support four QoS queues per port with strict or weighted fair
queuing scheduling. There are 8 QoS Control Lists (QCL) for advance
programmable QoS classification, based on IEEE 802.1p, Ethertype, VID, IPv4/IPv6
DSCP and UDP/TCP ports and ranges.
High flexibility in the classification of inc oming frames to a QoS class. The
QoS classification looks for information up to Layer 4, including IPv4 and IPv6
DSCP, IPv4 TCP/UDP port numbers, and user priority of tagged frames. This QoS
classification mechanism is implemented in a QoS control list (QCL). The QoS cla s s
assigned to a frame is used throu gh out th e d ev ic e for providing queuing, scheduling,
and congestion control guarantees to t he frame according to what was configured
for that specific QoS class.
The switch support advanced memory control mechanisms providing
excellent performance of all QoS classes under any tr affic sc enario, including jumbo
frame. A super priority queue with dedicate d memory and strict highest priority in
the arbitration. The ingress super priorit y queue allows traffic recognized as CPU
traffic to be received and queued for transmission to the CPU even when all the
QoS class queues are congested.
3-6-1. Ports
Function name:
Port QoS Configuration
Function description:
To configure each port QoS behavior. Four QoS queue per port with strict or
weighted fair queuing scheduling. There are 8 QoS Control Lists (QCL) for
advance programmable QoS classification, based on IEEE 802.1p, Ethertype,
VID, IPv4/IPv6 DSCP and UDP/TCP ports and ranges.
Fig. 3-34
Page 90
Rev.A1
18-May-11
82
Parameter description:
Number of Classes:
1 / 2 / 4
Port:
User can choose the port (1~8) respectively with Priorit y Class on Per
Port Priority function.
Default Class:
User can set up High Priority or Low Priority for each port respectively.
Low / Normal / Medium / High
QCL:
The number of QCL rule 1~8, each port have to apply one of the QCL
rule for QoS behavior
User priority:
The user priority value 0~7 (3 bits) is used as an index to the eight QoS
class values for VLAN tagged or priority tagged frames.
Queuing Mode:
There are two Scheduling Method, Strict Priority and Weighted Fair.
Default is Strict Priority. After you choose any of Scheduling Method,
please click Apply button to be in operation.
Queue Weighted:
There are four queues per port and four classes weighted number (1 / 2 /
4 / 8) for each queues, you can select the weighted number when the
scheduling method be set to “Weighted Fair” mode.
Page 91
Rev.A1
18-May-11
83
3-6-2. Qos Control List
Function name:
Qos Control List Configuration
Function description:
The
switch support four QoS queues per port with strict or weighted fair
queuing scheduling. There are 8 QoS Control Lists (QCL) for advance
programmable QoS classification, based on IEEE 802.1p, Ether Type, VID,
IPv4/IPv6 DSCP and UDP/TCP ports and ranges.
Fig. 3-35
QCE Configuration:
The QCL consists of 8 QoS Control Entries (QCEs) that are searched
from the top of the list to the bottom of the list for a match. The first
matching QCE determines the QoS classification of the frame. The QCE
ordering is therefore important for the resulting QoS classification
algorithm. If no matching QCE is found, the default QoS class is used in
the port QoS configuration.
Delete this entry
Insert an entry
Edit this entry
Move up this entry
Move down this entry
Page 92
Rev.A1
18-May-11
84
Fig. 3-36
Fig. 3-37
Fig. 3-38
Page 93
Rev.A1
18-May-11
85
Fig. 3-39
Fig. 3-40
Fig. 3-41
Fig. 3-42
Page 94
Rev.A1
18-May-11
86
Parameter description:
QCL#:
QCL number : 1~8
QCE Type:
Ethernet Type / VLAN ID / UDP/TCP Port / DSCP / ToS / Tag Priority
Ethernet Type Value:
The configurable range is 0x600~0xFFFF. Well known protocols already
assigned EtherType values. The commonly used values in the Et herType
field and corresponding protocols are listed below:
Ethertype
(Hexadecimal)
Protocol
0x0800 IP, Internet Protocol
0x0801 X.75 Internet
0x0802 NBS Internet
0x0803 ECMA Internet
0x0804 Chaosnet
0x0805 X.25 Level 3
0x0806 ARP, Address Resolution Protocol.
0x0808 Frame Relay ARP [RFC1701]
0x6559 Raw Frame Relay [RFC1701]
0x8035
DRARP, Dynamic RARP. RARP, Reverse
Address Resolution Protocol.
0x8037 Novell Netware IPX
0x809B EtherTalk (AppleTalk over Ethernet)
0x80D5 IBM SNA Services over Ethernet
0x 80F3
AARP, AppleTa lk Address Resolution
Protocol.
0x8100 IEEE Std 802.1Q - Customer VLAN Tag Type.
0x8137 IPX, Intern et Packet Excha nge.
0x 814C
SNMP, Simple Network Management
Protocol.
0x86DD IPv6, Internet Protocol version 6.
0x880B PPP, Point-to-Point Protocol.
0x 880C GSMP, General Switch Management
Page 95
Rev.A1
18-May-11
87
Protocol.
0x8847
MPLS, Multi-Protocol Label Switching
(unicast).
0x8848
MPLS, Multi-Protocol Label Switching
(multicast).
0x8863
PPPoE, PPP Over Ethernet (Discovery
Stage).
0x8864
PPPoE, PPP Over Ethernet (PPP Session
Stage).
0x88BB LWAPP, Light Weight Access Point Protocol.
0x88CC LLDP, Link Layer Discovery Protocol.
0x8E88 EAPOL, EAP over LAN.
0x9000 Loopback (Configuration Test Protocol)
0xFFFF reserved.
VLAN ID:
The configurable VID range:1~4094
UDP/TCP Port:
To select the UDP/TCP port classification method by Range or Specific.
UDP/TCP Port Range:
The configurable ports range: 0~65535
You can refer to following UDP/TCP port-numbers information.
http://www.iana.org/assignments/port-numbers
UDP/TCP Port No.:
The configurable specific port value: 0~65535
DSCP Value:
The configurable DSCP value: 0~63
Traffic Class:
Low / Normal / Medium / High
Page 96
Rev.A1
18-May-11
88
3-6-3.Rate Limiters
Function name:
Rate Limit Configuration
Function description:
Each port includes an ingress policer, and an egress shaper, which can limit
the bandwidth of received and transmitted frames. Ingress policer or egress
shaper operation is controlled per port in the Rate Limit Configuration.
Fig. 3-43
Parameter description:
Port #:
Port number.
Policer Enabled:
Policer enabled to limit ingress bandwidth by policer rate.
Policer Rate:
The configurable policer rate range:
500 Kbps ~ 1000000 Kbps
1 Mbps ~ 1000 Mbps
Policer Unit:
There are two units for ingress policer rate limit: kbps / Mbps
Shaper Enabled:
Shaper enabled to limit egress bandwidth by shaper rate.
Shaper Rate:
The configurable shaper rate range:
500 Kbps ~ 1000000 Kbps
1 Mbps ~ 1000 Mbps
Shaper Unit:
There are two units for egress shaper rate limit: kbps / Mbps
Page 97
Rev.A1
18-May-11
89
3-6-4.Storm Control
Function name:
Storm Control Configuration
Function description:
The switch support storm ingress policer control function t o limit the Flooded,
Multicast and Broadcast to prevent storm event happen.
Fig. 3-44
Parameter description:
Frame Type:
There three frame types of storm can be controlled: Flooded unicast /
Multicast / Broadcast
Status:
Enable/Disable Selection: means enabled, means disabled
Rate(pps):
Refer to the following rate configurable value lis t, the unit is Packet Per
Second (pps).
1 / 2 / 4 / 8 / 16 / 32 / 64 / 128 / 256 / 512 / 1K / 2K / 4K / 8K / 16K / 32K /
64K / 128K / 256K / 512K / 1024K
Page 98
Rev.A1
18-May-11
90
3-6-5.Wizard
Function name:
Wizard
Function description:
The QCL configuration Wizard is targeted on user can easy to configure the
QCL rules for QoS configuration. The wizard provide the typical network
application rules, user can apply these application easily.
Fig. 3-45
Parameter description:
Please select an Action:
User need to select one of action from following items, then click on
<Next> to finish QCL configuration:
Set up Port Policies
Set up Typical Network Application Rules
Set up TOS Precedence Mapping
Set up VLAN Tag Priority Mapping
Next:
Go to next step.
Cancel:
Abort current configuration back to previous step.
Back:
Back to previous screen.
Page 99
Rev.A1
18-May-11
91
Fig. 3-46 Set up Port Policie s
Parameter description:
QCL ID:
QoS Control List (QCL): 1~19
Port Member:
Port Member: 1~8
Fig. 3-47 Set up Port Policie s
Parameter description:
Wizard Again:
Click on the <Wizard Again> , back to QCL Configuration Wizard.
Finish:
When you click on <Finish>, the parameters will be set according to the
wizard configuration and shown on the screen, th en ask you to click on
<Apply> for changed parameters confirmation.
Page 100
Rev.A1
18-May-11
92
Fig. 3-48 Set up Port Policies Finish
Fig. 3-49 Set up Typical Net work Application Rules
Fig. 3-50 Set up Typical Net work Application Rules
Loading...