Transition Networks mil-sm8dpa User Manual

MIL-SM8DPA

6-Port 100/1000 SFP with

2 RJ-45/100/1000 SFP Combo Port

Managed Switch

User Guide

Rev.A1

18-May-11

i

Regulatory Approval

- FCC Class A

- UL 1950

- CSA C22.2 No. 950

- EN60950

- CE

- EN55022 Class A

- EN55024

Canadian EMI Notice
This Class A digital apparatus meets all the requirements of the Canadian Interference-Causing Equipment
Regulations.

Cet appareil numerique de la classe A respecte toutes les exigences du Reglement sur le materiel brouilleur
du Canada.

European Notice
Products with the CE Marking comply with both the EMC Directive (89/336/EEC) and the Low Voltage
Directive (73/23/EE C) issued by the Commission of the European Community Compliance with these
directives imply conformity to the following European Norms:

EN55022 (CISPR 22) - Radio Frequency Interference
EN61000-X - Electromagnetic Immunity
EN60950 (IEC950) - Product Safety

Five-Year Limited Warranty

Transition Networks warrants to the original consumer or purchaser that each of it's products,
and all components thereof, will be free from d efe cts in material and/or workmanship for a
period of five years from the original fa ctory shipment date. Any warranty hereunder is
extended to the original consumer or purchaser and is not assignable.
Transition Networks makes no express or implied warranties including, but not limited to, any
implied warranty of merchantabilit y or fitn ess for a particular purpose, except as expr essly set
forth in this warranty. In no event shall Transition Networks be liable for incidental or
consequential damages, costs, or expen ses arising out of or in connection with the
performance of the product d el i v er e d her eu nder. Transition Networks will in no cas e c o ver
damages arising out of the product being used in a negligent fashion or m an ner.

Trademarks

The MiLAN logo Transition Networks trademarks are registered trademarks of Transition

Networks in the

United States and/or other countries.

To Contact Transition Networks

For prompt response when calling for service information, have the following information

ready:

- Product serial number and revisio n

- Date of purchase

- Vendor or place of purchase

You can reach Transition Networks technical support at:

E-mail: techsupport@transit ion.com
Transition Networks
10900 Red Circle Drive
Minnetonka, MN 55344
United States of America

Telephone: +1.800.526.9267
Fax: +1.952.941.2322

http://www.milan.com
info@ Transition.com

© Copyright 2006 Transition Networks

Rev.A1
18-May-11

ii

Table of Contents

1. INTRODUCTION................................................................................................ ..........2

1-1.

OVERVIEW OF MIL-SM8DPA .......................................................... ..............................2

1-2.

CHECKLIST........................................................................................... ...........................6

1-3.

FEATURES............................................................................ ............................................6

1-4.

FULL VIEW OF MIL-SM8DPA........................................................................................8

1-4-1. User Interfaces on the Front Panel (Button, LEDs and Plugs)............................8

1-4-2. AC Power Input on the Rear Panel....................................................... ... ... ...... ... .9

1-5.

VIEW OF THE OPTIONAL MODULES .............. ............................... ............................... ..10

2. INSTALLAT ION.......................................... ................................................................11

2-1.

STARTING MIL-SM8DPA UP ............................................................................ ...........11

2-1-1. Hardware and Cable Installation.................................... ... ... ... ..... ... ... ... ..... ... ... ..11

2-1-2. Installing Chassis to a 19-Inch W i ring Closet Rail............................ ..... ...... .....13

2-1-3. Cabling Requirements .................................................. ...... ... .. ... ...... ... ... .. ...... ... ..13

2-1-3-1. Cabling Requirements for TP Ports............................................................13

2-1-3-2. Cabling Requirements for 100/1000M SX/LX SFP Modul e.....................13

2-1-3-3. Switch Cascading in Topology ................... . .. . .............. . . . .. . .. . .. . .. . .. . . .. . .. . .. . ..14

2-1-4. Configuring the Management Agent of MIL-SM8DPA.......................................17

2-1-4-1. Configuring the Management Agent of MIL-SM8DPA through the

Console RJ-45 Port........................................................ ............................................17

2-1-4-2. Configuring the Management Agent of MIL-SM8DPA through the

Ethernet Port............................................................ ............................... ...................19

2-1-5. IP Address Assignment ......................................... ........ ......... ........ ......... ........ .....20

2-2.

TYPICAL APPLICATIONS ........................................................................................ ........24

3. OPERATION OF WEB-BASED MANAGEMENT.................................................26

3-1.

WEB MANAGEMENT HOME OVERVIEW...................................................................... ..28

3-1-1. System Information.............................. ... .. ...... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ...... ..31

3-1-2. Account Configuration ................................... ........... ......... ........ ......... ........... .....33

3-1-3. Time Configuration................................................. ......... ......... ........... ........ ........34

3-1-4. IP Configuration....................................... ... ... ... ...... .. ... ... ...... .. ... ...... ... .. ... ...... ... ..37

3-1-5. Loop Detection ................... . .. . ............. . .. . ............. . .. . . . .. . .. . ............. . .. . ............. . ....40

3-1-6. Management Policy..................................... ... ... ... ..... ... ... ...... .. ... ... ...... ... .. ... ...... ..41

3-1-7. Syslog......................................................... ..... ... ... ..... ... ... ... ..... ... ... ...... ... .. ... ...... ..44

3-1-8. System Log................................ .. ... ...... ... .. ... ...... ... ... ..... ... ... ... ..... ... ... ... ..... ... ... .....45

3-1-9. Virtual Stack................................... ......... ........... ........ ......... ........ ............ ........ .....46

3-2.

PORT CONFIGURATION.................................................................................... ..............48

3-2-1. Port Configuration .............................. ... ..... ... ... ... ..... ... ... ... ...... .. ... ... ...... .. ... ... .....48

3-2-2.Port Status.................................... ... ... ...... ... .. ...... ... ... .. ...... ... ... .. ...... ... ... ..... ... ... ... ..50

3-2-3. Simple Counter ........................................................ .. ... ... ...... ... .. ...... ... ... .. ...... ... ..53

3-2-4. Detail Counter ............................................. ... ...... ... .. ... ...... ... .. ...... ... ... .. ...... ... ... ..55

3-2-5. Power Saving.................................................. ... ...... .. ... ... ...... ... .. ...... ... ... .. ...... ... ..58

3-3.

VLAN............................ ............................... ................................................................59

3-3-1. VLAN Mode............................................. ........ ........... ......... ........ ......... ........... .....59

3-3-2. T ag-based Group.................................... ........ ......... ........... ........ ......... ........ ........60

3-3-3. Port-based Group...................................................... ... ... ... ..... ... ... ... ...... .. ... ...... ..63

3-3-4. Ports.................................... ...... .. ... ...... ... .. ... ...... ... ... ..... ... ... ... ..... ... ... ...... .. ... ... .....65

3-3-5. Port Isolation..................................................... ... ... ..... ... ... ... ..... ... ... ... ..... ... ... .....67

3-3-6. Management VLAN......................................... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ...... ..68

3-4.

MAC............................................................. ............................... .................................69

Rev.A1

18-May-11

iii

3-4-1. Mac Address T a ble............................... ........ ......... ........ ......... ........... ........ ......... ..69

3-4-2. Static Filter............................ ... .. ...... ... ... ... ..... ... ... ... ..... ... ... ... .. ...... ... ... ... ..... ... ... ..71

3-4-3. Static Forward................................................ ...... ... .. ... ...... ... .. ... ...... ... .. ... ...... ... ..72

3-4-4. MAC Alias.............................. ... .. ...... ... ... .. ...... ... ... ..... ... ... ... ..... ... ... ... ...... .. ... ...... ..73

3-4-5. MAC Table........................................ ... ... ..... ... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ...... ..74

3-5.

GVRP ...........................................................................................................................75

3-5-1. Config............................................. ... ... ... ..... ... ... ...... .. ... ... ...... .. ... ...... ... ... .. ...... ... ..75

3-5-2. Counter ........................................................ ... ... ...... .. ... ... ...... .. ... ... ...... ... .. ...... ... ..78

3-5-3. Group......................................................... .. ...... ... ... ..... ... ... ... ..... ... ... ...... .. ... ... .....80

3-6.

QOS(QUALITY OF SERVICE) CONFIGURATION..............................................................81

3-6-1. Ports.................................... ...... .. ... ...... ... .. ... ...... ... ... ..... ... ... ... ..... ... ... ...... .. ... ... .....81

3-6-2. Qos Control List ......................... ...... ... ... .. ...... ... ... ... ..... ... ... ..... ... ... ... ..... ... ... ... .....83

3-6-3.Rate Limiters................................................. ............................... .........................88

3-6-4.Storm Control................. ...... ... ... .. ...... ... ... ..... ... ... ... ..... ... ... ...... ... .. ... ...... ... .. ...... ... ..89

3-6-5.Wizard ...................................................................................................... .............90

3-7.

SNMP CONFIGURATION .............................................................................................100

3-8.

ACL......................................................................... ...................................................108

3-8-1.Ports.................................. ............................... ............................... ....................108

3-8-2.Rate Limiters................................................. ............................... .......................110

3-8-3.Access Control List........................................................... ..................................111

3-8-4.Wizard ...................................................................................................... ...........140

3-9.

IP MAC BINDING ................................................................................... ....................146

3-10.

802.1X CONFIGURATION ..........................................................................................148

3-10-1.Server................................................................................................................152

3-10-2.Port Configuration .......................... ...... ... .. ... ...... ... .. ...... ... ... .. ...... ... ... ... ..... ... ...154

3-10-3.Status.................................................................................. ...............................157

3-10-4. Statistics................................................... .. ... ... ...... .. ... ...... ... .. ... ...... ... ... ..... ... ...158

3-11.

TACACS+....................................... ............................... ............................... ...........159

3-1 1-1. State...................................... ... ..... ... ... ... ..... ... ... ...... .. ... ... ...... ... .. ... ...... ... .. ...... ...159

3-1 1-2. Authentication............................................ ......... ........... ......... ........ ........ .........160

3-11-3.

AUTHORIZATION ....................................................... ............................... ..............161

3-11-4.

ACCOUNTING............................................................ ............................... ..............162

3-12.

TRUNKING CONFIGURATION............................................................................... ......163

3-12-1.Port ...................................................................................................................164

3-12-2 Aggregator V iew..................................................... ........ ........... ......... ........ ......166

3-12-3 Aggregation Hash Mode............................. ............ ........ ........ ......... ........... ......167

3-12-4 LACP System Priority.......................................................................................168

3-13

STP CONFIGURATION.......................... .......................................................................169

3-13-1. Status....................................................... ... ... ...... ... .. ... ...... ... .. ...... ... ... ... ..... ... ...169

3-13-2. Configuration................................................ ... ...... .. ... ... ...... .. ... ...... ... .. ... ...... ...171

3-13-3. STP Port Configuration.................................................... ..... ... ... ...... ... .. ... ......173

3-14

MSTP .................................................................................................................. ......176

3-14-1 Status.................................................................................. ...............................176

3-14-2 Region Config....................................................................................... ............177

3-14-3 Instance View............................................................................. .......................178

3-15.

MIRROR.....................................................................................................................186

3-16.

MULTICAST...................................................................................................... .........188

3-16-1 IGMP mode.......................................................................................................188

3-16-2 IGMP Proxy......................................................... .............................................189

3-16-3 IGMP Snooping.................................. ............................... ...............................191

3-16-4 IGMP Group Allow.................... ............ ........................ ...................................192

3-16-5 IGMP Gr oup M embe rship......... . .. . ............. . .. . .. . .. . .. . . .. . .. . . .. . .. . . .. . .. . .. . . .. . .. . . .. . .. . .. .193

3-16-6 MVR .............................................. ............................... ............................... ......194

3-16-7 MVID .......................................................... ............................... .......................195

Rev.A1
18-May-11

iv

3-16-8 MVR Group Allow........................ ........... ............................................ .............196

3-16-9 MVR Group M e mbership ................... . .. . . . ........... .. . . . . .. . . . .. . . ........... ........... .. . . . .. .197

3-17.

ALARM CONFIGURATION ......................................................................... .................198

3-17-1 Events.......................................................... ......................................................198

3-17-2 Email........................................................................................................ .........200

3-18.

DHCP SNOOPING................................................................. ............................... ......201

3-18-1. DHCP Snooping State............................... ............................... .......................201

3-18-2. DHCP Snooping Entry....................................................................................202

3-18-3. DHCP Snooping Client .............................................. ............................... ......203

3-19.

LLDP........................................................................................................................204

3-19-1 . LLDP State......................................................................................................204

3-19-2 . LLDP Entry.....................................................................................................206

3-19-3 . LLDP Counter ................................................................................................208

3-20.

SAVE/RESTORE ..................................... ............................... ............................... ......210

3-20-1. Factory Defaults...................................................... ...... ... ... .. ...... ... ... ... ..... ... ...211

3-20-2 . Save Start.................................................................................... ....................211

3-20-3 . Save User................................................................................. .......................211

3-20-4 . Restore User ...................................................................................................212

3-21.

EXPORT/ IMPORT.......................................................................................................213

3-22.

DIAGNOSTICS................................................................................................... .........214

3-22-1 . Diag ......................................................................................... .......................214

3-22-2 .Ping.......................................................................... ............................... .........215

3-23.

MAINTENANCE................................... ............................... ........................................216

3-23-1 .Warm Restart ...................................................................................................216

3-23-2 . Firmware upgrade................................. ............................... ..........................216

3-24.

LOGOUT ........................................... ............................... ..........................................217

4. OPERATION OF CLI MANAGEMENT.............................. ..................................218

4-1.

CLI MANAGEMENT.......................................... ............................... ............................218

4-1-1. Login ......................................... .. ...... ... ... ..... ... ... ... ..... ... ... ... ...... .. ... ...... ... .. ... ......218

4-2.

COMMANDS OF CLI........................................................................ ............................220

4-2-1. Global Commands of CLI...................................................... ... ..... ... ... ... ..... ... ...221

4-2-2. Local Commands of CLI............................................ ........................................227

5. MAINTENANCE.............................................. ... .. ... ... ...... ... .. ... ...... ... ... .. ...... ... ... .. ... ......318

5-1.

RESOLVING NO LINK CONDITION...............................................................................318

5-2.

Q&A...........................................................................................................................318

APPENDIX A TECHNICAL SPECIFICATIONS......................... ......................... .........319

APPENDIX B NULL MODEM CABLE SPECIFICAT IONS..................................... ...322

Rev.A1

18-May-11

v

Revision History

Date Revision

18/05/2011 A1

Rev.A1
18-May-11

vi

Warning:

 Self-demolition on Product is strictly prohibited. Damage caused by self-

demolition will be charged for repairing fees.

 Do not place product at outdoor or sandstorm.
 Before installation, please make sure input power supply and product

specifications are compatible to each other.

 The SSL only provide the CLI for switch management and SSH

default enable without UI for management. (The feature supports
upper FW v5.01 and optional)

 Before importing / exporting configuration please make sure the

firmware version is always the same.

 After firmware upgrade, the switch will remove the configuration

automatically to latest firmware version.

Rev.A0

1-Mar-11

1

About this user’s manual

In this user’s manual, it will not only tell you how to install and connect your
network system but configure and monitor the MIL- SM8DPA through the built-in CLI
and web by RJ-45 Console interface and Ethernet ports step-by-step. Many
explanation in detail of hardware and software functions are shown as well as the
examples of the operation for web-based interface and command-line interface
(CLI).

Overview of this user’s manual

 Chapter 1 “Introduction” describes the features of MIL-SM8DPA
 Chapter 2 “Installation”
 Chapter 3 “Operation of Web-based Management”
 Chapter 4 “Operation of CLI Management”
 Chapter 5 “Maintenance”

Rev.A1
18-May-11

2

1. Introduction

1-1. Overview of MIL-SM8DPA

MIL-SM8DPA, 6-Port 100/1000 Dual Speed SFP + 2-Port RJ-45/100/1000
SFP Managed Switch, is a standard switch that meets all IEEE 802.3/u/x/z Gigabit
Ethernet specifications. The switch can be managed through RJ-45 console port via
directly connection, or through Ethernet port usin g CLI or Web-based management
unit, associated with SNMP agent. With the SNMP agent, the net work administrator
can logon the switch to monitor, configure and control each port’s activity in a
friendly way. The overall network management is enhanced and the network
efficiency is also improved to accommodate hig h bandwidth appli cations . I n additi on,
the switch features comprehensive and useful function such as ACL, IP-MAC
Binding, DHCP Option 82, QoS (Quality of Service), Spanning Tree, VLAN, Port
Trunking, Bandwidth Control, Port Security, SNMP/RMON, IGMP Snooping
capability via the intelligent software. It is suitable for both metro-LAN and office
application.

Others the switch increase support the Power saving for reduce the power
consumption with "ActiPHY Power Management" and "PerfectReach Power
Management" two technique.It could efficient saving the switch power with auto
detect the client idle and cable length to provide different power.

In this switch, Port 7 and Port 8 include two types of media --- TP and
(100/1000M) SFP Fiber (LC, BiDi LC…); this port supports 10/100/1000Mbps TP or
100/1000 Dual Speed SFP Fiber with auto-detected function. (100/1000M) SFP
Fiber transceiver is used for high-speed connection expansion

 1000Mbps LC, Multi-Mode, SFP Fiber transceiver
 1000Mbps LC, 10km, SFP Fiber transceiver
 1000Mbps LC, 30km, SFP Fiber transceiver
 1000Mbps LC, 50km, SFP Fiber transceiver
 1000Mbps BiDi LC, 20km, 1550nm SFP Fiber WDM transceiver
 1000Mbps BiDi LC, 20km, 1310nm SFP Fiber WDM transceiver
 100Base-FX FE SFP Fiber Module, LC Multi-Mode
 100Base-FX FE SFP Fiber Module, LC Single-Mode 20km

10/100/1000Mbps TP is a standard Ethernet port that meets all IEEE

802.3/u/x/z Gigabit, Fast Ethernet specifications. (100/1000M) SFP Fiber
transceiver is a Gigabit Ethernet port that fully complies with all IEEE 802.3z an d
1000Base-SX/LX standards and 100-FX standards.

1000Mbps Single Fiber WDM (BiDi) transceiver is designed with an optic
Wavelength Division Multiplexing (WDM) technology that transports bi-directional
full duplex signal over a single fiber simultaneously.

For upgrading firmware, please refer to the Section 3- 21 or Section 4-2-2 for
more details. The switch will not stop operating while upgrading firmware and after
that, the configuration keeps unchanged.

The switch also supports the IEEE Standard──802.1AB （Link Layer
Discover y Protocol ），Provide more easy debug tool and enhance the networking
management availability, Others it can provide auto-discovery device and topology

providing.

Rev.A1

18-May-11

3

• Key Features in the Device

QoS:

Support Quality of Service by the IEEE 802.1P standard. There are two
priority queue and packet transmission schedule.

Spanning T ree:

Support IEEE 802.1D, IEEE 802.1w (RSTP: Rapid Spanning Tree
Protocol) standards.

VLAN:

Support Port-based VLAN and IEEE802.1Q Tag VLAN. Support 256 active
VLANs and VLAN ID 1~4094.

Port Trunking:

Support static port trunking and port trunking with IEEE 802.3ad LACP.

Bandwidth Control:

Support ingress and egress per port bandwidth control.

Port Security:

Support allowed, denied forwarding and port security with MAC address.

Link Layer Discovery Protocol (LLDP):

IEEE Standard──802.1AB （Link Layer Discovery Protocol），Provide
more easy debug tool and enhance the networking management availabi lity,

Others it can provide auto-discovery device and topology providing

SNMP/RMON:

SNMP agent and RMON MIB. In the device, SNMP agent is a client
software which is operating over SNMP protocol used to receive the
command from SNMP manager (server site) and echo the corresponded
data, i.e. MIB object. Besides, SNMP agent will actively issue TRAP
information when happened.

RMON is the abbreviation of Remote Network Monitoring and is a branch of
the SNMP MIB.

The device supports MIB-2 (RFC 1213), Bridge MIB (RFC 1493), RMON
MIB (RFC 1757)-statistics Group 1,2,3,9, Ethernet-like MIB (RFC 1643),
Ethernet MIB (RFC 1643) and so on.

IGMP Snooping:

Support IGMP version 2 (RFC 2236): The function IGMP snooping is used
to establish the multicast groups to forward the multicast packet to the
member ports, and, in nature, avoid wasting the bandwidth while IP
multicast packets are running over the network.

IGMP Proxy:

The implementation of IP multicast processing. The switch supports IGMP
version 1 and IGMP version 2, efficient use of network bandwidth, and fast
response time for channel changing. IGMP version 1 (IGMPv1) is
described in RFC1112 ,an d IGMP version 2 (IGMPv2) is described in RFC

2236. Hosts interact with the system through the exchange of IGMP
messages. Similarly, when you configure IGMP proxy, the system interacts

Rev.A1
18-May-11

4

with the router on its upstream interface through the exchange of IGMP
messages. However, when acting as the proxy, the system performs the
host portion of the IGMP task on the upstream interface as follows:

 When queried, sends group membership reports to the

group.

 When one of its hosts joins a multicast address group to

which none of its other hosts belong, sends unsolicited
group membership reports to that group.

 When the last of its hosts in a particular multicast group

leaves the group, sends an unsolicited leave group
membership report to the all-routers group (244.0.0.2).

Power Saving:

The Power saving using the "ActiPHY Power Management" and
"PerfectReach Power Management" two techniques to detec t the client idle
and cable length automatically and provides the different power. It could
efficient to save the switch power and reduce the power consumption.

Q-in-Q VLAN for performance & security:

The VLAN feature in the switch offers the benefits of both security and
performance. VLAN is used to isolate traffic between different users and
thus provides better security. Limiting the broadcast traffic to within the
same VLAN broadcast domain also enhances performance. Q-in-Q, the use
of double VLAN tags is an efficient method for enabling Subscriber
Aggregation. This is very useful in the MAN.

MVR:

Multicast VLAN Registration (MVR) can support carrier to serve content
provider using multicast for Video streaming application in the network.
Each content provider Video streaming has a dedicated multicast VLAN.
The MVR routes packets received in a multicast source VLAN to one or
more receive VLANs. Clients are in the receive VLANs and the multicast
server is in the source VLAN.

Access Control List (ACL):

The ACLs are divided into EtherTypes. IPv4, ARP protocol, MAC and VLAN
parameters etc. Here we will just go over the standard and extended
access lists for TCP/IP. As you create ACEs for ingress classification, you
can assign a policy for each port, the policy number is 1-8, however, each
policy can be applied to any port. This makes it very easy to determine what
type of ACL policy you will be working with.

IP-MAC-Port Binding:

The IP network layer uses a four-byte address . The Ethern et link l ayer uses
a six-byte MAC address. Binding these t wo address types together allows
the transmission of data between the layers. The primary purpose of IP­MAC binding is to restrict the access to a switch to a number of authoriz ed
users. Only the authorized client c an access the Switch’s port by checking
the pair of IP-MAC Addresses and port number with the pre-configured
database. If an unauthorized user tries to access an IP-MAC binding
enabled port, the system will block the access by dropping its packet.

Rev.A1

18-May-11

5

SSL and SSH for secure Management: (Optional by Project Requirement, Refer
to device’s FW v5.0x upper)

Secure Sockets Layer (SSL) supports the encryption for all HTTP traffic,
allowing secure access to the browser-based management GUI in the
switch. And Secure Shell (SSH) which supports the encryption for all
transmitted data for secure, remote command-line interface (CLI) access
over IP networks

Note: The SSL only provide the CLI for switch management and SSH

default enable without UI for management.

TACACS+: (Optional by Project Requirement, Refer to device’s FW v5.0x
upper)

The switch supports to ease switch management securit y administration by
using a password with Cisco TACACS+ authentication server

Syslog:

The Syslog is a standard for logging program messages . It allows
separation of the software that generates messages from the system that
stores them and the software that reports and analyzes them. It is
supported by a wide variety of devices and receivers across multiple
platforms.

Rev.A1
18-May-11

6

1-2. Checklist

Before you start installing the sw itch, verify that the package contains the
following:

 MIL-SM8DPA 6-Port 100/1000 Dual Speed SFP + 2-Port RJ-45/100/1000 SFP

Managed Switch

 This User's Manual in CD-ROM
 AC Power Cord
 RJ-45 transform RS-232 Cable

Please notify your sales representative immediately if any of the aforementioned
items is missing or damaged.

1-3. Features

The MIL-SM8DPA, a standalone off-the-shelf switch, provides the
comprehensive features listed below for users to perform system network
administration and efficiently and securely serve your network.

•

Hardware

• 6 100/1000M Fiber SFP ports

• 2 10/100/1000Mbps TP or 100/1000 Dual Speed SFP Fiber dual media auto

sense

• 1392KB on-chip frame buffer

• Support jumbo frame up to 9600 bytes

• Programmable classifier for QoS (Layer 4/Multimedia)

• 8K MAC address and 4K VLAN support (IEEE802.1Q)

• Per-port shaping, poli cing, and Broadcast Storm Control

• Power Saving with "ActiPHY Power Management" and "PerfectReach Power
Management" techniques.

• IEEE802.1Q Q-in-Q nested VLAN support

• Full-duplex flow control (IEEE802.3x) and half-duplex backpressure

• Extensive front-panel diagnostic LEDs; System: Power, SFP Port1-8: LINK/ACT,

100/1000M, TP Port 7-8: TP(LINK/ACT/Speed)

• Management

• Supports concisely the status of port and easily port configuration

• Supports per port traffic monitoring counters

• Supports a snapshot of the system Information when you login

• Supports port mirror function

• Supports the static trunk function

• Supports 802.1Q VLAN

• Supports user management and limits three users to login

Rev.A1

18-May-11

7

• Maximal packet length can be up to 9600 bytes for jumbo frame application

• Supports DHCP Broadcasting Suppression to avoid network suspended or
crashed

• Supports to send the trap event while monitored events happened

• Supports Link Layer Discovery Protocol (LLDP)

• Supports default configuration which can be restored to overwrite the current

configuration which is working on via web browser and CLI

• Supports on-line plug/unplug SFP modules

• Supports Quality of Service (QoS) for real time applications based on the

information taken from Layer 2 to Layer 4, such as VoIP

• Built-in web-based management and CLI management, providing a more

convenient UI for the user

• Supports port mirror function with ingress/egress traffic

• Supports rapid spanning tree (802.1w RSTP)

• Supports multiple spanning tree (802.1s MSTP)

• Supports SSL/SSH supports the encryption for all transmitted data for secure

• Supports ease switch management security administratio n by using a password
with Cisco TACACS+ authentication server

• Supports 802.1X port security on a VLAN

• Supports IP-MAC-Port Binding for LAN security

• Supports user management and only first login administrator can configure the

device. The rest of users can only view the switch

• SNMP access can be disabled and prevent from illegal SNMP access

• Supports Ingress, Non-unicast and Egress Bandwidth rati ng management with

a resolution of 1Mbps

• The trap event and alarm message can be transferred via e-mail

• Supports diagnostics to let administrator knowing the hardware status

• Supports loop detection to protect the switch crash when the networking has

looping issue

• HTTP and TFTP for firmware upgrade, system log upload and confi guration file

import/export

• Supports remote boot the device through user interface and SNMP

• Supports NTP network time synchronization and daylight saving

• Supports 120 event log records in the main memory and display on the local

console

• Supports Syslog a standard for logging program messages and allows
separation of the software that generates messages from the system

Rev.A1
18-May-11

8

1-4. Full View of MIL-SM8DPA

1-4-1. User Interfaces on the Front Panel (Button, LEDs and Plugs)

There are 6 TP Gigabit Ethernet ports and 2 SFP fiber ports for optional
removable modules for optional removable modules on t he fro nt panel of th e switch.
LED display area, locating on the left side of the panel, contains a Power LED,
which indicates the power status and 8 ports working status of the s witch. One RJ­45 Console interface is offered for configuration or management.

Fig. 1-1 Full View of MIL-SM8DPA

Fig. 1-2 Front View of MIL-SM8DPA

Power Indication LED

Gigabit Ethernet Port

RESET Button:

RESET button is used
to reset the
mana

g

ement system.

SFP Fibe r Port

Fiber Port Status
Indication LEDs

RJ-45 Console Interface

Rev.A1

18-May-11

9

• LED Indicators

LED Color Function

System LED

POWER Green Lit when power is on and good

100/1000 SFP Port 1 to 8 LED

LINK/ACT

Green/
Amber

Lit Green when SFP link on 1000Mbps speed
Lit Amber when SFP link on 100Mbps speed
Blinks when any traffic is present

TP Port 7, 8 LED

LINK/ACT Green

Lit Green when TP link good
Blinks when any traffic is present

Speed

Green/
Amber

Lit Green when TP link on 1000Mbps speed
Lit Amber when TP link on 100Mbps speed
Off when 10Mbps or no link occur

Table1-1

1-4-2. AC Power Input on the Rear Panel

One socket on the rear panel is for AC power input.

Fig. 1-3 Rear View of MIL-SM8D PA

AC Line 100-240V 50/60 Hz

Rev.A1
18-May-11

10

1-5. View of the Optional Modules

In the switch, Port 7~8 includes two types of media --- TP and SFP Fiber (LC,
BiDi LC…); this port supports 10/100/1000Mbps TP or 100/1000 Dual Speed SFP
Fiber with auto-detected function. 100/1000 Dual Speed SFP Fiber transceiver is
used for high-speed connection expansion; the following are optional SFP types
provided for the switch:

 1000Mbps LC, MM, SFP Fiber transceiver (SFP.LC)
 1000Mbps LC, SM 10km, SFP Fiber transceiver (SFP.LC.S10)
 1000Mbps LC, SM 30km, SFP Fiber transceiver (SFP.LC.S30)
 1000Mbps LC, SM 50km, SFP Fiber transceiver (SFP.LC.S50)

 1000Mbps BiDi LC, type 2, SM 20km, SFP Fiber WDM transceiver ,

1310nm (SFP.BL3.S20)

 1000Mbps BiDi LC, type 1, SM 20km, SFP Fiber WDM transceiver

1550nm (SFP.BL5.S20)

 100Base-FX FE SFP Fiber Module, LC Multi-Mode (SFP.FLC)
 100Base-FX FE SFP Fiber Module, LC Single-Mode 20km (SFP.FLC.S20)

Fig. 1-4 100/ 1000M-FX/SX/LX LC, SFP Fiber Transceiver

Fig. 1-5 Front View of 1000Base-LX BiDi LC, SFP Fiber Transceiver

Rev.A1

18-May-11

11

2. Installation

2-1. Starting MIL-SM8DPA Up

This section will give users a quick start for:

- Hardware and Cable Installation

- Management Station Installation

- Software booting and configuration

2-1-1. Hardware and Cable Installation

At the beginning, please do first:

 Wear a grounding device to avoid the damage from electrostatic discharge
 Be sure that power switch is OFF before you insert the power cord to power

source

• Installing Optional SFP Fiber Transceivers to the MIL-SM8DPA

Note: If you have no modules, please skip this section.

• Connecting the SFP Module to the Chassis:

The optional SFP modules are hot swappable, so you can plug or unplug it
before or after powering on.

1. Verify that the SFP module is the right model and conforms to the chassis

2. Slide the module along the slot. Also be sure that the module is properly

seated against the slot socket/connector

3. Install the media cable for network connection

4. Repeat the above steps, as needed, for each module to be installed into

slot(s)

5. Have the power ON after the above procedures are done

Fig. 2-1 Installation of Optional SFP Fiber Transceive

r

Rev.A1
18-May-11

12

• TP Port and Cable Installation

 In the switch, TP port supports MDI/MDI-X auto-crossover, so both types of

cable, straight-through (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 1, 2, 3, 6 in
10/100M TP; 1, 2, 3, 4, 5, 6, 7, 8 to 1, 2, 3, 4, 5, 6, 7, 8 in Gigabit TP) and
crossed-over (Cable pin-outs for RJ-45 jack 1, 2, 3, 6 to 3, 6, 1, 2) can be used.
It means you do not have to tell from them, just plug it.

 Use Cat. 5 grade RJ-45 TP cable to connect to a TP port of the switch and the

other end is connected to a network-aware dev ice such as a workstation or a
server.

 Repeat the above steps, as needed, for each RJ-45 port to be connected to a

Gigabit 10/100/1000 TP device.

Now, you can start having the switch in operation.

• Power On

The switch supports 100-240 VAC, 50-60 Hz power supply. The power
supply will automatically convert the local AC power source to DC power. It does not
matter whether any connection plugged into the swit ch or not when power on, ev en
modules as well. After the power is on, all LED indicators will light up immediatel y
and then all off except the power LED still k eeps on. This represents a reset of the
system.

• Firmware Loading

After resetting, the bootloader will load the firmware into the memory. It will
take about 30 seconds, after that, the switch will flash all the LED once and
automatically performs self-test and is in ready state.

Rev.A1

18-May-11

13

2-1-2. Installing Chassis to a 19-Inch Wiring Closet Rail

Caution: Allow a proper spacing and proper air ventilation for the cooling fan

at both sides of the chassis.

 Wear a grounding device for electrostatic discharge.
 Screw the mounting accessory to the front side of the switch (See Fig. 2-2).
 Place the Chassis into the 19-inch wiring closet rail and locate it at the proper

position. Then, fix the Chassis by screwing it.

2-1-3. Cabling Requirements

To help ensure a successful installation and keep the network performanc e
good, please take a care on the cabling requirement. Cables with worse
specification will render the LAN to work poorly.

2-1-3-1. Cabling Requirements for TP Ports

 For Fast Ethernet TP network connection

 The grade of the cable must be Cat. 5 or Cat. 5e with a maximum length of

100 meters.

 Gigabit Ethernet TP network connection

 The grade of the cable must be Cat. 5 or Cat. 5e with a maximum length of

100 meters. Cat. 5e is recommended.

2-1-3-2. Cabling Requirements for 100/1000M SX/LX SFP Module

It is more complex and comprehensive contrast to TP cabling in the fiber
media. Basically, there are two categories of fiber, multi mode (MM) and single
mode (SM). The later is categorized into several classes by the distance it supports.
They are SX, LX, LHX, XD, a nd ZX. From the viewpoint of connect or type, there
mainly are LC and BIDI LC.

Fig. 2-2

Rev.A1
18-May-11

14

 Gigabit Fiber with multi-mode LC SFP module

 Gigabit Fiber with single-mode LC SFP module

 100Base-FX FE SFP Fiber Module, LC Multi-Mode

 100Base-FX FE SFP Fiber Module, LC Single-Mode

 Gigabit Fiber with BiDi LC 1310nm SFP module

 Gigabit Fiber with BiDi LC 1550nm SFP module

The following table lists the types of fiber that we support and those else not
listed here are available upon request.

Multi-mode Fiber Cable and Modal Bandwi dth

Multi-mode 62.5/125m Multi-mode 50/125m

Modal

Bandwidth

Distance

Modal
Bandwidth

Distance

160MHz-Km 220m 400MHz-Km 500m

IEEE 802.3z
Gigabit Ethernet
1000SX 850nm

200MHz-Km 275m 500MHz-Km 550m
Single-mode Fiber 9/125m

Single-mode transceiver 1310nm 10, 30Km

1000Base­LX/LHX/XD/ZX

Single-mode transceiver 1550nm 50Km

TX(Transmit) 1310nm

Single-Mode

*20Km

RX(Receive) 1550nm
TX(Transmit) 1550nm

1000Base-LX
Single Fiber
(BIDI LC)

Single-Mode

*20Km

RX(Receive) 1310nm

Table2-1

2-1-3-3. Switch Cascading in Topology

• Takes the Delay Time into Account

Theoretically, the switch partitions the collision domain for each port in switch
cascading that you may up-link the switches unlimitedly. In practice, the net work
extension (cascading levels & overall diameter) must follow the constraint of the
IEEE 802.3/802.3u/802.3z and other 802.1 series pr otocol specifications, in which
the limitations are the timing requirement from physical signals defined by 802.3
series specification of Media Access Control (MAC) and PHY, and timer from some
OSI layer 2 protocols such as 802.1d, 802.1q, LACP and so on.

The fiber, TP cab le s and devices’ bit-time delay (round trip) are as follows:

1000Base-X TP, Fiber 100Base-TX TP 100Base-FX Fiber

Round trip Delay: 4096 Round trip Delay: 512

Cat. 5 TP Wire: 11.12/m Cat. 5 TP Wire: 1.12/m Fiber C able: 1.0/m

Fiber Cable : 10.10/m TP to fiber Converter: 56
Bit Ti me unit : 1ns (1sec./1000 Mega bit)

Bit Time unit: 0.01s (1sec./100 Me ga bit )

Table 2-2

Rev.A1

18-May-11

15

Sum up all elements’ bit-time delay and the overall bit-time delay of
wires/devices must be within Round Trip Delay (bit times) in a half-duplex net work
segment (collision domain). For full-duplex operation, this will not be applie d. You
may use the TP-Fiber module to extend the TP node distance over fiber optic and
provide the long haul connection.

• Ty pical Network Topology in Deployment

A hierarchical network with minimum levels of switch may reduce the timing
delay between server and client station. Basically, with this approach, it will
minimize the number of switches in any one path; will lower the possibility of
network loop and will improve network efficiency. If more than two switches are
connected in the same network, select one switch as Level 1 switch and co nnect all
other switches to it at Level 2. Server/Host is recom mended to co nnect to the Level
1 switch. This is general if no VLAN or other special requirements are applied.

Case1: All switch ports are in the same local area network. Every port can access

each other (See Fig. 2-3).

If VLAN is enabled and configured, each node in the network that can
communicate each other directly is bounded in the same VLAN area.

Here VLAN area is defined by what VLAN you are using. The switch
supports both port-based VLAN and tag-based VLAN. They are different in practical
deployment, especially in physical location. The following diagram shows how it
works and what the difference they are.

Case2a: Port-based VLAN (See Fig.2-4).

Fig. 2-3 No VLAN Configuration Diagram

Fig. 2-4 Port-based VLAN Diagram

Rev.A1
18-May-11

16

1. The same VLAN members could not be in different switches.

2. Every VLAN members could not access VLAN members each other.

3. The switch manager has to assign different names for each VLAN groups
at one switch.

Case 2b: Port-based VLAN (See Fig.2-5).

1. VLAN1 members could not access VLAN2, VLAN3 and VLAN4 members.

2. VLAN2 members could not access VLAN1 and VLAN3 members, but they could
access VLAN4 members.

3. VLAN3 members could not access VLAN1, VLAN2 and VLAN4.

4. VLAN4 members could not access VLAN1 and VLAN3 members, but they could
access VLAN2 members.

Case3a: The same VLAN members can be at different switches with the same VID
(See Fig. 2-6).

Fig. 2-5 Port-based VLAN Diagram

Fig. 2-6 Attribute-based VLAN Diagram

Rev.A1

18-May-11

17

2-1-4. Configuring the Management Agent of MIL-SM8DPA

We offer you three ways to startup the switch management function. They
are RJ-45 console, CLI, and Web. Users can use any one of them to monitor and
configure the switch. You can touch them through the following procedures.

Section 2-1-4-1: Configuring the Management Agent of MIL-SM8DPA through the

Console RJ-45 Port

Section 2-1-4-2: Configuring the Management Agent of MIL-SM8DPA through the

Ethernet Port

Note: Please first modify the IP address, Subnet mask, Default gateway and DNS

through RJ-45 console, and then do the next.

2-1-4-1. Configuring the Management Agent of MIL-SM8DPA through the

Console RJ-45 Port

To perform the configuration through RJ-45 console port, the switch’s
console port must be directly connected to a DCE device, for example, a PC,
through RJ-45 transform RS-232 cable with RJ-45 connec tor. Next, run a terminal
emulator with the default setting of the switch’s serial port. With this, you can
communicate with the switch.

In the switch, RJ-45 interface only supports baud rate 115200 bps with 8 data
bits, 1 stop bit, no parity check and no flow control.

To configure the switch, please follow the procedures below:

1. Find the RJ-45 transform RS-232 cable with RJ-45 connector bundled.

Normally, it just uses pins 2, 3 and 7. See also Appendix B for more
details on Null Modem Cable Specifications.

2. Attaches the RJ-45 transform RS-232 cable connector to the RJ-45

Console connector on the switch.

3. Attaches the other end of the RJ-45 transform RS-232 cable to PC’s

serial port, running a terminal emulator supporting VT100/ANSI terminal
with The switch’s serial port default settings. For example,
Windows98/2000/XP HyperTerminal utility.

MIL-SM8DPA L2 Man ag ed Switch
Default IP Setting:
IP address = 192.168.1.77
Subnet Mask = 255.255.255.0
Default Gateway = 192.168.1. 254

Terminal or Terminal Emulato

r

Fig. 2-7

RJ-45 transform
RS-232 cable
with RJ-45
connector at
both ends

RJ-45 Console Connector

Rev.A1
18-May-11

18

Note: The switch’s serial port default settings are listed as follows:

Baud rate 115200
Stop bits 1
Data bits 8
Parity N
Flow control none

4. When you complete the connection, then press <Enter> key. The login

prompt will be shown on the screen. The default username and
password are shown as below:

Username = admin Password = root

• Set IP Address, Subnet Mask and Default Gateway IP Address

Please refer to Fig. 2-7 CLI Management for details about ex-factory IP
setting. They are default setting of IP address. You can first either configure your PC
IP address or change IP address of the switch, next to change the IP address of
default gateway and subnet mask.

For example, your network address is 10.1.1.0, and subnet mask is

255.255.255.0. You can change the switch’s default IP address 192.168.1.77 to

10.1.1.1 and set the subnet mask to be 255. 255.255.0. Then, choose your default
gateway, may be it is 10.1.1.254.

Default Value MIL-SM8DPA Your Network Setting
IP Address

192.168.1.77 10.1.1.1

Subnet

255.255.255.0 255.255.255.0

Default Gateway

192.168.1.254 10.1.1.254

Table 2-3

After completing these settings in the switch, it will reboot to have the
configuration taken effect. After this step, you can operate the management through
the network, no matter it is from a web browser or Network Management System
(NMS).

Fig. 2-8 the Login Screen for CLI

MIL-SM8DPA

MIL-SM8DPA

Rev.A1

18-May-11

19

2-1-4-2. Configuring the Management Agent of MIL-SM8DPA through the

Ethernet Port

There are three ways to configure and monitor the switch through the
switch’s Ethernet port. They are CLI, Web browser and SNMP manager. The user
interface for the last one is NMS dependent and does not cover here. We just
introduce the first two types of management interface.

• Managing MIL-SM8DPA through Ethernet Port

Before you communicate with the switch, you have to finish first the
configuration of the IP address or to know the IP address of the switch. Then,
follow the procedures listed below.

1. Set up a physical path between the configured the switch and a PC by a
qualified UTP Cat. 5 cable with RJ-45 connector.

Note: If PC directly connects to the switch, you have to setup the same
subnet mask between them. But, subnet mask ma y be different for the PC
in the remote site. Please refer to Fig. 2-9 about the switch’s default IP
address information.

2. Run CLI or web browser and follow the menu. Please refer to Chapter 3
and Chapter 4.

Fig. 2-10 the Login Screen for Web

MIL-SM8DPA L 2 Manag ed Swi t ch
Default IP Setting:
IP = 192.168.1.77
Subnet Mask = 255.255.255.0
Default Gateway = 192.168.1.254

Assign a reasonable IP address,
For example:
IP = 192.168.1.100
Subnet Mask = 255.255.255.0
Default Gateway = 192.168.1. 254

Fig. 2-9

Ethernet LAN

Rev.A1
18-May-11

20

2-1-5. IP Address Assignment

For IP address configuration, there are three parameters needed to be filled

in. They are IP address, Subnet Mask, Default Gateway and DNS.

IP address:

The address of the network device in th e network is us ed for internetworkin g
communication. Its address structure looks is shown in the Fig. 2-11. It is “classful”
because it is split into predefined address classes or categories.

Each class has its own network range between the network identifier and
host identifier in the 32 bits address. Each IP address comprises two parts: network
identifier (address) and host identifier (address). The form er indicates the network
where the addressed host resides, and t he latter indicates the individual host in t he
network which the address of host refers to. And the host id entifier must be unique
in the same LAN. Here the term of IP address we used is version 4, known as IPv4.

Network identifier Host identifier

Fig. 2-11 IP address structure

With the classful addressing, it divides IP address into three classes, class A,
class B and class C. The rest of IP addresses are for multic ast and broadcast. The
bit length of the network prefix is the same as that of the subnet mask and is
denoted as IP address/X, for example, 192.16 8.1.0/24. Each class has its address
range described below.

Class A:

Address is less than 126.255.255.25 5. There ar e a total of 126 net works c an
be defined because the address 0.0.0.0 is reserved for default route and

127.0.0.0/8 is reserved for loopback function.

0

Class B:

IP address range between 128.0.0.0 and 191.255.255.255. Each class B
network has a 16-bit network prefix followed 16-bit host address. There are 16,384
(2^14)/16 networks able to be defined with a maximum of 65534 (2^16 –2) hosts
per network.

32 bits

Bit # 0 1 7 8 31

Network address Host address

Rev.A1

18-May-11

21

10

Class C:

IP address range between 192.0.0.0 and 223.255.255.255. Each class C
network has a 24-bit network prefix followed 8-bit host address. There are
2,097,152 (2^21)/24 networks able to be defined with a maximum of 254 (2^8 –2)
hosts per network.

110

Class D and E:

Class D is a class with first 4 MSB (Most significance bit) set to 1-1-1-0 and
is used for IP Multicast. See also RFC 1112. Class E is a class with first 4 MSB set
to 1-1-1-1 and is used for IP broadcast.

According to IANA (Internet Assigned Numbers Authority), there are three
specific IP address blocks reserved and able to be used for extending internal
network. We call it Private IP address and list below:

Class A 10.0.0.0 --- 10.255.255.255
Class B 172.16.0.0 --- 172.31.255.255
Class C 192.168.0.0 --- 192.168.255.255

Please refer to RFC 1597 and RFC 1466 for more information.

Subnet mask:

It means the sub-division of a class-based network or a CIDR block. The
subnet is used to determine how to split an IP address to the network prefix and the
host address in bitwise basis. It is desi gned to utilize IP address more efficiently and
ease to manage IP network.

For a class B network, 128.1.2. 3, it may have a sub net mask 255.255.0.0 in
default, in which the first two bytes is with all 1s. This means more than 60
thousands of nodes in flat IP address will be at the same network. It’s too large to
manage practically. Now if we divide it into smaller network by extending net work
prefix from 16 bits to, say 24 bits, that’s using its third byte to subnet this class B
network. Now it has a subnet mask 255.255.255.0, in which each bit of the first
three bytes is 1. It’s now clear that the first two bytes is used to identify the class B
network, the third byte is used to ide ntify the s ubnet within this clas s B net work and,
of course, the last byte is the host number.

Bit # 01 2 15 16 31

Network address Host address

Bit # 0 1 2 3 23 24 31

Network address Host address

Rev.A1
18-May-11

22

Not all IP address is available in the sub-netted network. Two special
addresses are reserved. They are the addresses with all zero’s and all one’s host
number. For example, an IP address 128.1.2.128, what IP address reserved will be
looked like? All 0s mean the network itself, and all 1s mean IP broadcast.

In this diagram, you can see the subnet mask with 25-bit long,

255.255.255.128, contains 126 members in the sub-netted net work. Another is that
the length of network prefix equals the number of the bit with 1s in that su bnet mask .
With this, you can easily count the number of IP addres ses matched. The following
table shows the result.

Prefix Length No. of IP matched No. of Addressable IP

/32 1 ­/31 2 ­/30 4 2
/29 8 6
/28 16 14
/27 32 30
/26 64 62
/25 128 126
/24 256 254
/23 512 510
/22 1024 1022
/21 2048 2046
/20 4096 4094
/19 8192 8190
/18 16384 16382
/17 32768 32766
/16 65536 65534

Table 2-4

10000000.00000001.00000010.1 0000000

25 bits

1 0000000
1 1111111

All 0s = 128.1.2.128

All 1s= 128.1.2.255

SubnetNetwork