advertisement
EKI-4654R
Industrial 24+2G SFP Ports
Managed Redundant Gigabit
Ethernet Switch
User Manual
Copyright
The documentation and the software included with this product are copyrighted 2007 by Advantech Co., Ltd.
All rights are reserved. Advantech Co., Ltd. reserves the right to make improvements in the products described in this manual at any time without notice. No part of this manual may be reproduced, copied, translated or transmitted in any form or by any means without the prior written permission of Advantech Co.,
Ltd. Information provided in this manual is intended to be accurate and reliable. However, Advantech Co.,
Ltd. assumes no responsibility for its use, nor for any infringements of the rights of third parties, which may result from its use.
Acknowledgements
Intel and Pentium are trademarks of Intel Corporation.
Microsoft Windows and MS-DOS are registered trademarks of Microsoft Corp.
All other product names or trademarks are properties of their respective owners.
Part No.
Printed in China
1st Edition
December 2008
Product Warranty (2 years)
Advantech warrants to you, the original purchaser, that each of its products will be free from defects in materials and workmanship for two years from the date of purchase.
This warranty does not apply to any products which have been repaired or altered by persons other than repair personnel authorized by Advantech, or which have been subject to misuse, abuse, accident or improper installation. Advantech assumes no liability under the terms of this warranty as a consequence of such events.
Because of Advantech′s high quality-control standards and rigorous testing, most of our customers never need to use our repair service. If an Advantech product is defective, it will be repaired or replaced at no charge during the warranty period. For out-of-warranty repairs, you will be billed according to the cost of replacement materials, service time and freight. Please consult your dealer for more details.
If you think you have a defective product, follow these steps:
1. Collect all the information about the problem encountered. (For example, CPU speed, Advantech products used, other hardware and software used, etc.) Note anything abnormal and list any onscreen messages you get when the problem occurs.
2. Call your dealer and describe the problem. Please have your manual, product, and any helpful information readily available.
3. If your product is diagnosed as defective, obtain an RMA (return merchandize authorization) number from your dealer. This allows us to process your return more quickly.
4. Carefully pack the defective product, a fully-completed Repair and Replacement Order Card and a photocopy proof of purchase date (such as your sales receipt) in a shippable container. A product returned without proof of the purchase date is not eligible for warranty service.
5. Write the RMA number visibly on the outside of the package and ship it prepaid to your dealer.
Declaration of Conformity
CE
This product has passed the CE test for environmental specifications. Test conditions for passing included the equipment being operated within an industrial enclosure. In order to protect the product from being damaged by ESD (Electrostatic Discharge) and EMI leakage, we strongly recommend the use of CEcompliant industrial enclosure products.
FCC Class A
This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense.
Technical Support and Assistance
Step 1. Visit the Advantech web site at
www.advantech.com/support
where you can find the latest information about the product.
Step 2. Contact your distributor, sales representative, or Advantech’s customer service
center for technical support if you need additional assistance. Please have the
following information ready before you call:
- Product name and serial number
- Description of your peripheral attachments
- Description of your software (operating system, version, application software,
etc.)
- A complete description of the problem
- The exact wording of any error messages
Safety Instructions
1. Read these safety instructions carefully.
2. Keep this User's Manual for later reference.
3. Disconnect this equipment from any AC outlet before cleaning. Use a damp cloth. Do not use liquid or spray detergents for cleaning.
4. For plug-in equipment, the power outlet socket must be located near the equipment and must be easily accessible.
5. Keep this equipment away from humidity.
6. Put this equipment on a reliable surface during installation. Dropping it or letting it fall may cause damage.
7. The openings on the enclosure are for air convection. Protect the equipment from overheating. DO NOT
COVER THE OPENINGS.
8. Make sure the voltage of the power source is correct before connecting the equipment to the power outlet.
9. Position the power cord so that people cannot step on it. Do not place anything over the power cord.
10. All cautions and warnings on the equipment should be noted.
11. If the equipment is not used for a long time, disconnect it from the power source to avoid damage by transient overvoltage.
12. Never pour any liquid into an opening. This may cause fire or electrical shock.
13. Never open the equipment. For safety reasons, the equipment should be opened only by qualified service personnel.
14. If one of the following situations arises, get the equipment checked by service personnel: a. The power cord or plug is damaged. b. Liquid has penetrated into the equipment. c. The equipment has been exposed to moisture. d. The equipment does not work well, or you cannot get it to work according to the user's manual. e. The equipment has been dropped and damaged. f. The equipment has obvious signs of breakage.
15. DO NOT LEAVE THIS EQUIPMENT IN AN ENVIRONMENT WHERE THE STORAGE TEMPERATURE
MAY GO BELOW -40℃ (-40℉) OR ABOVE 85℃ (185℉). THIS COULD DAMAGE THE EQUIPMENT.
THE EQUIPMENT SHOULD BE IN A CONTROLLED ENVIRONMENT.
Safety Precaution - Static Electricity
Follow these simple precautions to protect yourself from harm and the products from damage.
1. To avoid electrical shock, always disconnect the power from your PC chassis before you work on it.
Don't touch any components on the CPU card or other cards while the PC is on.
2. Disconnect power before making any configuration changes. The sudden rush of power as you connect a jumper or install a card may damage sensitive electquate measures.
Content
Chapter 1
Introduction .........................................................1
1.1
Hardware Features ...................................................1
1.2
Software Features.....................................................4
1.3
Package Contents.....................................................7
Chapter 2
Hardware Description.........................................8
2.1
Physical Dimension...................................................8
2.2
Front (LED) Panel .....................................................8
2.3
LED Indicators...........................................................9
Chapter 3
Hardware Installation........................................11
3.1
Desktop Installation.................................................11
3.2
Rack-mounted Installation.......................................11
3.3
Cabling ....................................................................13
3.4
Wiring the Power Inputs ..........................................16
3.5
Wiring the Fault Alarm Contact ...............................17
Chapter 4
Network Application .........................................18
4.1
X-Ring Application...................................................19
4.2
Coupling Ring Application .......................................20
4.3
Dual Homing Application.........................................21
4.4
Central Ring Application..........................................22
4.5
X-RSTP Application ................................................23
Chapter 5
Console Management.......................................24
5.1
Connecting to the Console Port ..............................24
5.2
Pin Assignment .......................................................24
5.3
Login in the Console Interface ................................25
5.4
CLI Management.....................................................26
5.5
Commands Level ....................................................26
Chapter 6
Web-Based Management .................................28
6.1
About Web-based Management .............................28
6.2
Preparing for Web Management .............................28
6.3
System Login...........................................................29
6.4
System Information .................................................30
6.5
IP Configuration ......................................................31
6.6
DHCP Server ..........................................................33
6.6.1
System configuration ..............................................34
6.6.2
Client Entries...........................................................35
6.6.3
Port and IP Bindings ...............................................36
6.7
TFTP .......................................................................37
6.7.1
Update Firmware ....................................................37
6.7.2
Restore Configuration .............................................38
6.7.3
Backup Configuration..............................................39
6.8
System Event Log ...................................................40
6.8.1
Syslog Configuration...............................................40
6.8.2
System Event Log—SMTP Configuration ...............42
6.8.3
System Event Log—Event Configuration................44
6.9
Fault Relay Alarm....................................................46
6.10
SNTP Configuration ................................................47
6.11
IP Security...............................................................51
6.12
User Authentication.................................................53
6.13
Advanced Configuration..........................................54
6.17.1
Broadcast Storm Filter............................................54
6.17.2
Aging Time .............................................................56
6.17.3
Jumbo Frame .........................................................57
6.14
Port Statistics ..........................................................58
6.15
Port Counters ..........................................................60
6.16
Port Control .............................................................63
6.17
Port Trunk................................................................65
6.20.1
Aggregator setting ..................................................65
6.20.2
Aggregator Information...........................................67
6.20.3
State Activity...........................................................71
6.18
Port Mirroring...........................................................73
6.19
Rate Limiting ...........................................................74
6.20
VLAN configuration .................................................75
6.20.1
Port-based VLAN ...................................................76
6.20.2
802.1Q VLAN .........................................................79
6.21
Rapid Spanning Tree ..............................................84
6.21.1
System Configuration .............................................84
6.21.2
Port Configuration ..................................................86
6.22
SNMP Configuration ...............................................88
6.22.1
System Configuration .............................................88
6.22.2
Trap Configuration..................................................90
6.22.3
SNMPV3 Configuration ..........................................91
6.23
QoS Configuration...................................................94
6.24
IGMP Configuration.................................................96
6.25
LLDP Configuration.................................................98
6.26
X-Ring .....................................................................99
6.27
X-RSTP .................................................................102
6.28
Security—802.1X/Radius Configuration................104
6.28.1
System Configuration ...........................................104
6.28.2
Port Configuration ................................................105
6.28.3
Misc Configuration................................................106
6.29
MAC Address Table ..............................................107
6.29.1
Static MAC Address .............................................107
6.29.2
MAC Filtering........................................................109
6.29.3
All MAC Addresses ..............................................110
6.29.4
MAC Address Table—Multicast Filtering..............111
6.30
Factory Default ......................................................113
6.31
Save Configuration................................................114
6.32
System Reboot......................................................115
Troubles shooting ................................................................116
Appendix A — RJ-45 Pin Assignment ................................117
Appendix B — Command Sets ............................................120
Commands Set List ...........................................................120
System Commands Set.....................................................120
Port Commands Set ..........................................................124
Trunk Commands Set .......................................................127
VLAN Commands Set .......................................................129
Spanning Tree Commands Set .........................................131
QOS Commands Set.........................................................134
IGMP Commands Set .......................................................135
Mac / Filter Table Commands Set.....................................136
SNMP Commands Set ......................................................138
Port Mirroring Commands Set...........................................141
802.1x Commands Set......................................................142
TFTP Commands Set........................................................145
SystemLog, SMTP and Event Commands Set .................146
SNTP Commands Set .......................................................148
X-Ring Commands Set......................................................150
LLDP Command Set .........................................................151
Access Control List Command Set....................................152
X-RSTP Command Set .....................................................154
Chapter 1 Introduction
The EKI-4654R Managed Industrial Switch is a cost-effective solution and meets the high reliability requirements demanded by industrial applications. Using fiber port can extend the connection distance that increases the network elasticity and performance.
1.1 Hardware Features
Standard
Protocol
Switch
Architecture
Transfer Rate
IEEE 802.3 10Base-T Ethernet
IEEE 802.3u 100Base-TX / 100Base-FX
IEEE802.3z Gigabit fiber
IEEE802.3ab 1000Base-T
IEEE802.3x Flow Control and Back Pressure
IEEE802.3ad Port trunk with LACP
IEEE802.1d Spanning Tree/IEEE802.1w Rapid Spanning
Tree
IEEE802.1p Class of Service
IEEE802.1Q VLAN Tag
IEEE 802.1x User Authentication (Radius)
IEEE802.1ab LLDP
CSMA/CD
Back-plane (Switching Fabric): 8.8Gbps
Packet throughput ability (Full-Duplex):
5.9Mpps@64bytes
14,880pps for 10Base-T Ethernet port
148,800pps for 100Base-TX/FX Fast Ethernet port
1,488,000pps for Gigabit Fiber Ethernet port
MAC address
8K MAC address table
Packet Buffer
4Mbits
1
Flash ROM
DRAM
Jumbo Frame
LED
Network Cable
Optical cable
Power Supply
Power
Consumption
Installation
Operating
Temperature
Operating
Humidity
4Mbytes
32Mbytes
9K (for Gigabit ports)
Per unit:
Power 1 (Green), Power 2 (Green), Fault (Red),
Master (Green)
10/100TX:
Link/Activity (Green), Full duplex/Collision
(Amber)
SFP:
Link/Activity (Green)
Speed:
1000M (Green) for TX ports
100M (Green) for SFP ports
10Base-T: 2-pair UTP/STP Cat. 3, 4, 5 cable
EIA/TIA-568 100-ohm (100m)
100Base-TX: 2-pair UTP/STP Cat. 5 cable
EIA/TIA-568 100-ohm (100m)
1000Base-T: 2-pair UTP/STP Cat. 5e or 6 cable
EIA/TIA-568 100-ohm (100m)
Multi mode: 50/125um ~ 62.5/125um
Single mode: 9/125um
Wavelength: 1310nm (Multi mode/Single mode)
2 X VAC 100V~240V Redundancy, 60w/max
17.5Watts/240V 50Hz (Open issue)
19” Rack mount
-40 o
C to 85 o
C
5% to 95% (Non-condensing)
2
Storage
Temperature
Case Dimension
EMI
Safety
Stability testing
-40 o
C to 85 o
C
440 mm (W) x 280 mm (D) x 44mm (H)
FCC Class A
CE EN61000-4-2 (ESD)
CE EN61000-4-3 (RS)
CE EN61000-4-4 (EFT)
CE EN61000-4-5 (Surge)
CE EN61000-4-6 (CS)
CE EN61000-4-8
CE EN61000-4-11
CE EN61000-4-12
CE EN61000-6-2
CE EN61000-6-4
UL cUL
CE/EN60950-1
IEC60068-2-6 (Vibration)
IEC60068-2-27 (Shock)
IEC60068-2-32 (Free fall)
IEC60068-2-30
IEC60870-2-2
IEC61850-3, Zero packet loss (240 ~ 480V)
IEEE1613 Class 2
3
1.2 Software Features
Management
SNMP MIB
VLAN
Port Trunk with
LACP
LLDP
Spanning tree
X-Ring
SNMP v1, v2c and v3 management
Web interface management
Telnet interface management
Command Line Interface (CLI) management
RFC 3418 SNMP MIB
RFC 1213 MIBII
RFC 2011 MIB
RFC 1493 Bridge MIB
RFC 2674 VLAN MIB
RFC 1215 Trap MIB
RFC 1643 Ethernet like
RFC 1757, RSTP MIB
RMON1(1,2,3,9)
LLDP MIB,
Private MIB
Port based VLAN, up to 24 groups
IEEE802.1Q Tag VLAN
Static VLAN groups up to 256, Dynamic VLAN group up to 2048, VLAN ID from 1 to 4096.
GVRP up to 256 groups.
LACP Port Trunk: 13 Trunk groups/Maximum 4 trunk members
Supports LLDP to advertise the switch’s identification and capability on the LAN
IEEE802.1d spanning tree
IEEE802.1w rapid spanning tree
Supports X-Ring, Dual Homing, and Couple Ring
Provides redundant backup feature and the recovery time below 20ms
Quality of service
The quality of service determined by port, Tag and IPv4
4
Class of service
Port Security
Port mirror
IGMP
IP Security
Type of Service, IPv4 Different Service
Supports IEEE 802.1p class of service, per port provides
4 priority queues
Supports 50 entries of MAC address for static MAC and another 50 for MAC filter
TX packet only
RX packet only
Both of TX and RX packets
Supports IGMP snooping v1, v2
Up to 256 multicast groups and IGMP query
Supports 10 IP addresses that have permission to access the switch management and to prevent unauthorized intruder
Supports IEEE802.1X Authentication/RADIUS
Login Security
Access Control
List (ACL)
Supports up to 256 policies
Bandwidth control
Flow Control
System Log
SMTP
SNMP Trap
Supports ingress packet filter and egress packet limit
The egress rate control supports all of packet types and the limit rates are 0 ~ 100Mbps
Ingress filter packet type combination rules are
Broadcast/Multicast/Unknown Unicast packet,
Broadcast/Multicast packet, Broadcast packet only and all of packets
The packet filter rate can be set from 0 to 100Mbps
Supports Flow Control for Full-duplex and Back Pressure for Half-duplex
Supports System log record and remote system log server
Supports 1 SMTP Server and 6 e-mail accounts for receiving event alert
Up to 3 Trap stations
5
DHCP
DNS
SNTP
Firmware update
Cold start, Port link up, Port link down, Authentication
Failure, and Private Trap for power status
Provides DHCP Client/DHCP Server/IP Relay functions
Provides DNS client feature
Supports Primary and Secondary DNS Server
Supports SNTP to synchronize system clock on the
Internet
TFTP firmware update, system configuration backup and restore
Supports binary configuration file for system quick installation
Configuration backup/restore
Supports TFTP backup and restore
6
1.3 Package Contents
Please refer to the package content list below to verify them against the checklist.
EKI-4654R Managed Industrial Switch x 1
Pluggable Terminal Block x 1
User manual x 1
Mounting plate x 2
RJ-45 to DB9-Female cable x 1
Compare the contents of the industrial switch with the standard checklist above. If any item is damaged or missing, please contact the local dealer for service.
7
Chapter 2 Hardware Description
In this paragraph, we will describe the Industrial switch’s hardware spec, port, cabling information, and wiring installation.
2.1 Physical Dimension
EKI-4654R Managed Industrial Switch dimensions (W x D x H) are 440mm x 280mm
x 44mm
.
2.2 Front (LED) Panel
The LED panel of the EKI-4654R Managed Industrial Switch consists of LEDs which indicate the status of the switch.
Top Panel of the industrial switch
8
2.3 LED Indicators
The diagnostic LEDs located on the connector panel & model name panel of the industrial switch provide real-time information of the system and optional status. The following table provides description of the LED status and their meanings for the switch.
Front Panel
LED
R-Master
Green
P-Fail
PWR1
PWR2
SPD
Color
Red
Green
Green
Green
On
Off
On
Off
On
Off
On
Status
On
Off
Off
On
Meaning
The switch is the MASTER device of the X-Ring group
The switch is not the MASTER device of the X-Ring group z Power1 is inactive z Power2 is inactive z Port z
Port
No failure
Power 1 is active
Power 1 is inactive
Power 2 is active
Power 2 is inactive
1000M (25, 26)
100M (1 ~ 24)
10/100M (25, 26)
10M (1 ~ 24)
SFP port is connected to network
LNK/ACT
Green
Off Not connected to network
9
Rear Panel
LED
R-Master
P-Fail
PWR1
PWR2
LNK/ACT
(25, 26)
1 ~ 24
Color
Green
Red
Status
On
Off
On
Green
Green
Green
Green
Amber
Off
On
Blinking
Off
On
Off
Off
On
Off
On
Off
On
Meaning
The switch is the MASTER device of the X-Ring group
The switch is not the MASTER device of the X-Ring group z Power1 is inactive z Power2 is inactive z Port z Port
No failure
Power 1 is active
Power 1 is inactive
Power 2 is active
Power 2 is inactive
SFP port is connected to network
Not connected to network
Connected to network
Packet transmitting/receiving
Not connected to network
Full duplex
Half duplex or not connected to network
10
Chapter 3 Hardware Installation
3.1 Desktop Installation
Set the Switch on a sufficiently large flat space with a power outlet nearby. The surface where you put your Switch should be clean, smooth, level and sturdy. Make sure there is enough clearance around the Switch to allow attachment of cables, power cord and allow air circulation.
Attaching Rubber Feet
A. Make sure mounting surface on the bottom of the Switch is grease and dust free.
B. Remove adhesive backing from your Rubber Feet.
C. Apply the Rubber Feet to each corner on the bottom of the Switch. These footpads can prevent the Switch from shock/vibration.
Figure 2-4. Attaching Rubber Feet to each corner on the bottom of the Switch
3.2 Rack-mounted Installation
The 24 10/100TX plus 2-Gigabit copper/Mini GBIC Combo Managed Switch comes with a rack-mounted kid and can be mounted in an EIA standard size, 19-inch Rack.
The Switch can be placed in a wiring closet with other equipment.
11
Perform the following steps to rack mount the switch:
A. Position one bracket to align with the holes on one side of the switch and secure it with the smaller bracket screws. Then attach the remaining bracket to the other side of the Switch.
Figure 2-4. Attach mounting brackets with screws
B. After attaching the mounting brackets, position the 24 10/100TX plus 2-Gigabit copper/Mini GBIC Combo Managed Switch in the rack by lining up the holes in the brackets with the appropriate holes on the rack. Secure the Switch to the rack by a screwdriver with the rack-mounting screws.
Figure 2-5. Mount the Switch in 19” Rack
Note:
For proper ventilation, allows about at least 4 inches (10 cm) of clearance on the front and 3.4 inches (8 cm) on the back of the Switch. This is especially important for enclosed rack installation.
12
3.3 Cabling
Twisted-pair segment can be established by using unshielded twisted pair (UTP) or shielded twisted pair (STP) cabling. The cable between the link partner (switch, hub, workstation, etc.) and the switch must be less than 100 meters (328 ft.) long and comply with the IEEE 802.3ab 1000Base-T standard for Category 5e or above.
The small form-factor pluggable (SFP) is a compact optical transceiver used in optical communications for both telecommunication and data communication applications.
Please note that you must use the class I optical transceivers which conform to U.S. code of federal regulation, 21 CFR 1040.
To connect the transceiver and LC cable, please follow the steps shown as below:
First, insert the transceiver into the SFP slot. Notice that the triangle mark is the bottom of the module.
Transceiver to the SFP module
Make sure the module is aligned correctly and then slide the module into the SFP slot until a click is heard.
13
Transceiver Inserted
Second, insert the fiber cable of LC connector into the transceiver.
LC connector to the transceiver
14
To remove the LC connector from the transceiver, please follow the steps shown below:
First, press the upper side of the LC connector from the transceiver and pull it out to release.
Remove LC connector
Second, push down the metal loop and pull the transceiver out by the plastic part.
Pull out from the SFP module
15
3.4 Wiring the Power Inputs
Please follow the steps below to insert the power wire.
1. Insert AC or DC power wires into the contacts.
Power 1: Pin 1 (-), 3 (+)
Power 2: Pin 5 (-), 7 (+)
Ground: Pin 2, 4, 6 and 8
2. To tighten the wire-clamp screws for preventing the wires from loosing.
Note
The wire gauge for the terminal block should be in the range between 12~
24 AWG.
16
3.5 Wiring the Fault Alarm Contact
The fault alarm contacts are in the middle of the terminal block connector as the picture shows below. Inserting the wires, the switch will detect the fault status of the power failure, or port link failure (available for managed model) and then forms an open circuit. The following illustration shows an application example for wiring the fault alarm contacts.
Insert the wires into the fault alarm contacts (No. 9 & 10)
17
Chapter 4 Network Application
This chapter provides some sample applications to help the user to have more actual idea of industrial switch function application. A sample application of the industrial switch is shown as below:
18
4.1 X-Ring Application
The industrial switch supports the X-Ring protocol that can help the network system to recover from network connection failure within 20ms or less, and make the network system more reliable. The X-Ring algorithm is similar to Spanning Tree Protocol (STP) and Rapid STP (RSTP) algorithm but its recovery time is less than STP/RSTP. The figure below is a sample of X-Ring application.
19
4.2 Coupling Ring Application
In the network, it may have more than one X-Ring group. Using the coupling ring function can connect each X-Ring for the redundant backup. It can ensure the transmissions between two ring groups not to fail. The following figure is a sample of coupling ring application.
20
4.3 Dual Homing Application
Dual Homing function is to prevent the connection loss from between X-Ring group and upper level/core switch. Assign two ports to be the Dual Homing port that is backup port in the X-Ring group. The Dual Homing function only works when the X-
Ring function is active. Each X-Ring group only has one Dual Homing port.
[NOTE] In Dual Homing application architecture, the upper level switches need to enable the Rapid Spanning Tree protocol.
21
4.4 Central Ring Application
Central ring is the advanced function that supports backup connection for transmission redundant purpose. While the connection fails, the system will recover from failure within 20 milliseconds. Apart from that, Central Ring also can handle up to
4 rings by configuring only a single switch as the Ring Master switch.
22
4.5 X-RSTP Application
X-RSTP is an advanced technique, allowing users to deploy a redundant ring-based network providing faster recovery time than RSTP, and preventing the links from looping. Due to the multi-linking paths, X-RSTP can provide a reliable network to maintain the system in normal condition when some of the links broken.
23
Chapter 5 Console Management
5.1 Connecting to the Console Port
The supplied cable which one end is RS-232 connector and the other end is RJ-45 connector. Attach the end of RS-232 connector to PC or terminal and the other end of
RJ-45 connector to the console port of the switch. The connected terminal or PC must support the terminal emulation program.
5.2 Pin Assignment
DB9 Connector RJ-45 Connector
NC 1 Orange/White
2
3
NC
5
2 Orange
3 Green/White
4 Blue
5 Blue/White
NC
NC
NC
6 Green
7 Brown/White
8 Brown
24
5.3 Login in the Console Interface
When the connection between Switch and PC is ready, turn on the PC and run a terminal emulation program or Hyper Terminal and configure its communication
parameters
to match the following default characteristics of the console port:
Baud Rate: 9600 bps
Data Bits: 8
Parity: none
Stop Bit: 1
Flow control: None
The settings of communication parameters
After finishing the parameter settings, click ‘OK’. When the blank screen shows up, press Enter key to have the login prompt appears. Key in ‘root’ (default value) for both User name and Password (use Enter key to switch), then press Enter key and the Main Menu of console management appears.
25
Console login interface
5.4 CLI Management
The system supports the console management—CLI command. After you log in on to the system, you will see a command prompt. To enter CLI management interface, type in “enable” command.
CLI command interface
The following table lists the CLI commands and description.
5.5 Commands Level
Modes
Access
Method
Prompt
Exit
Method
About This Mode
User EXEC
Begin a session with your switch. switch>
Enter
logout
or
quit
.
The user commands available at the user level are a subset of those available at the privileged level.
Use this mode to
• Perform basic tests.
• Display system
26
Privileged
EXEC
Enter the
enable
command while in User
EXEC mode. switch#
Global
Configuration
VLAN database
Interface configuration
Enter the
configure
command while in privileged
EXEC mode.
Enter the
vlan database
command while in privileged
EXEC mode.
Enter the interface of fast Ethernet command
(with a specific interface) while in global configuration mode switch
(config)# switch
(vlan)#
Enter
disable
exit.
exit
.
to
To exit to privileged
EXEC mode, enter
exit
or end
To exit to user EXEC mode, enter information.
The privileged command is the advanced mode.
Use this mode to
• Display advanced function status
• Save configuration
Use this mode to configure those parameters that are going to be applied to your switch.
Use this mode to configure VLANspecific parameters. switch
(config-if)#
To exit to global configuratio n mode, enter exit.
To exit to privileged
EXEC mode, enter
exit
or end.
Use this mode to configure parameters for the switch and
Ethernet ports.
27
Chapter 6 Web-Based Management
This section introduces the configuration and functions of the Web-Based management.
6.1 About Web-based Management
There is an embedded HTML web site residing in flash memory on CPU board of the switch, which offers advanced management features and allows users to manage the switch from anywhere on the network through a standard browser such as Microsoft
Internet Explorer.
The Web-Based Management supports Internet Explorer 6.0 or later version. And, it is applied for Java Applets for reducing network bandwidth consumption, enhance access speed and present an easy viewing screen.
6.2 Preparing for Web Management
Before using the web management, install the industrial switch on the network and make sure that any one of the PCs on the network can connect with the industrial switch through the web browser. The industrial switch default value of IP, subnet mask, username and password are listed as below:
IP
192.168.16.1
Subnet
255.255.255.0
Default
192.168.16.254
User
Password:
28
6.3 System Login
1. Launch the Internet Explorer on the PC
2. Key in “http:// “+” the IP address of the switch”, and then Press “Enter”.
3. The login screen will appear right after
4. Key in the user name and password. The default user name and password are the same as ‘root’.
5. Press or click the OK button, and then the home screen of the Web-based management appears.
29
6.4 System Information
User can assign the system name, description, location and contact personnel to identify the switch. The version table below is a read-only field to show the basic information of the switch.
System Name: Assign the system name of the switch (The maximum length is
64 bytes)
System Description: Describes the switch.
System Location: Assign the switch physical location (The maximum length is
64 bytes).
System Contact: Enter the name of contact person or organization.
Firmware Version: Displays the switch’s firmware version
Kernel Version: Displays the kernel software version
MAC Address: Displays the unique hardware address assigned by manufacturer
(default)
And then, click Apply
.
System information interface
30
6.5 IP Configuration
The switch is a network device which needs to be assigned an IP address for being identified on the network. Users have to decide a means of assigning IP address to the switch.
DHCP Client: Enable or disable the DHCP client function. When DHCP client function is enabled, the switch will be assigned an IP address from the network
DHCP server. The default IP address will be replaced by the assigned IP address on DHCP server. After the user clicks Apply, a popup dialog shows up to inform the user that when the DHCP client is enabled, the current IP will lose and user should find the new IP on the DHCP server.
IP Address: Assign the IP address that the network is using. If DHCP client function is enabled, this switch is configured as a DHCP client. The network
DHCP server will assign the IP address to the switch and display it in this column.
The default IP is 192.168.16.1 or the user has to assign an IP address manually when DHCP Client is disabled.
Subnet Mask: Assign the subnet mask to the IP address. If DHCP client function is disabled, the user has to assign the subnet mask in this column field.
Gateway: Assign the network gateway for the switch. If DHCP client function is disabled, the user has to assign the gateway in this column field. The default gateway is 192.168.16.254.
DNS1: Assign the primary DNS IP address.
DNS2: Assign the secondary DNS IP address.
And then, click
Apply
.
31
IP configuration interface
32
6.6 DHCP Server
DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses. Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address.
The system provides the DHCP server function. Having enabled the DHCP server function, the switch system will be configured as a DHCP server.
33
DHCP Server: Enable or Disable the DHCP Server function. Enable—the switch will be the DHCP server on your local network.
Low IP Address: Type in an IP address. Low IP address is the beginning of the dynamic IP range. For example, dynamic IP is in the range between
192.168.1.100 ~ 192.168.1.200. In contrast, 192.168.1.100 is the Low IP address.
High IP Address: Type in an IP address. High IP address is the end of the dynamic IP range. For example, dynamic IP is in the range between
192.168.1.100 ~ 192.168.1.200. In contrast, 192.168.1.200 is the High IP address.
Subnet Mask: Type in the subnet mask of the IP configuration.
Gateway: Type in the IP address of the gateway in your network.
DNS: Type in the Domain Name Server IP Address in your network.
Lease Time (sec): It is the time period that system will reset the dynamic IP assignment to ensure the dynamic IP will not been occupied for a long time or the server doesn’t know that the dynamic IP is idle.
And then, click
Apply
.
DHCP Server Configuration interface
34
When the DHCP server function is enabled, the system will collect the DHCP client information including the assigned IP address, the MAC address of the client device, the IP assigning type, status and lease time.
DHCP Client Entries interface
35
6.6.3 Port and IP Bindings
Assign the dynamic IP address bound with the port to the connected client. The user is allowed to fill each port column with one particular IP address. When the device is connecting to the port and asks for IP assigning, the system will assign the IP address bound with the port.
Port and IP Bindings interface
36
6.7 TFTP
It provides the functions allowing the user to update the switch firmware via the Trivial
File Transfer Protocol (TFTP) server. Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server.
TFTP Server IP Address: Type in your TFTP server IP.
Firmware File Name: Type in the name of the firmware image file to be updated.
Click
Apply
.
Update Firmware interface
37
You can restore a previous backup configuration from the TFTP server to recover the settings. Before doing that, you must locate the image file on the TFTP server first and the switch will download back the flash image.
TFTP Server IP Address: Type in the TFTP server IP.
Restore File Name: Type in the correct file name for restoring.
Click
Apply
.
Restore Configuration interface
38
You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the configuration later. It helps you to avoid wasting time on configuring the settings by backing up the configuration.
TFTP Server IP Address: Type in the TFTP server IP.
Backup File Name: Type in the file name.
Click
Apply
.
Backup Configuration interface
39
6.8 System Event Log
This page allows the user to decide whether to send the system event log, and select the mode which the system event log will be sent to client only, server only, or both client and server. What kind of event log will be issued to the client/server depends on the selection on the Event Configuration tab. There are five types of event—Device Cold
Start, Device Warm Start, Authentication Failure, X-Ring Topology Change, and Port
Event—available to be issued as the event log.
Syslog Client Mode: Select the system log mode—Client Only, Server Only, or
Both
. ‘Client Only’ means the system event log will only be sent to this interface of the switch, but on the other hand ‘Server Only’ means the system log will only be sent to the remote system log server with its IP assigned. If the mode is set in ‘Both’, the system event log will be sent to the remote server and this interface.
System Log Server IP Address: When the ‘Syslog Mode’ item is set as Server
Only/Both, the user has to assign the system log server IP address to which the log will be sent.
Click Reload to refresh the event log displaying area.
Click Clear to clear all the current event logs.
Make sure the selected mode is correct, and click
Apply
to have the setting take effect.
40
Syslog Configuration interface
41
6.8.2 System Event Log—SMTP Configuration
Simple Mail Transfer Protocol (SMTP) is the standard for email transmissions across the network. You can configure the SMTP server IP, mail subject, sender, mail account, password, and the recipient email addresses which the e-mail alert will send to. There are also five types of event—Device Cold Start, Device Warm Start,
Authentication Failure, X-Ring Topology Change, and Port Event—available to be issued as the e-mail alert. Besides, this function provides the authentication mechanism including an authentication step through which the client effectively logs in to the SMTP server during the process of sending e-mail alert.
Email Alert: With this function being enabled, the user is allowed to configure the detail settings for sending the e-mail alert to the SMTP server when the events occur.
SMTP Server IP: Assign the mail server IP address (when Email Alert is enabled, this function will then be available).
Mail Subject: The subject of the mail. Users can modify the string.
Sender: Type in an alias of the switch in complete email address format, e.g. [email protected]
, to identify where the e-mail alert comes from.
Authentication: Having ticked this checkbox, the mail account, password and confirm password column fields will then show up. Configure the email account and password for authentication when this switch logs in to the SMTP server.
Mail Account: Set up the email account, e.g. johnadmin , to receive the email alert. It must be an existing email account on the mail server.
Password: Type in the password for the email account.
Confirm Password: Reconfirm the password.
Rcpt e-mail Address 1 ~ 6: You can also fill each of the column fields with up to
6 e-mail accounts to receive the email alert.
Click
Apply
to have the configuration take effect.
42
SMTP Configuration interface
43
6.8.3 System Event Log—Event Configuration
Having ticked the Syslog/SMTP checkboxes, the event log/email alert will be sent to the system log server and the SMTP server respectively. Also, Port event log/alert
(link up, link down, and both) can be sent to the system log server/SMTP server respectively by setting the trigger condition.
System event selection: There are 4 event types—Device Cold Start, Device
Warm Start, Authentication Failure, and X-ring Topology Change. The checkboxes are not available for ticking unless the Syslog Client Mode on the
Syslog Configuration tab and the E-mail Alert on the SMTP Configuration tab are enabled first.
¾ Device cold start: When the device executes cold start action, the system will issue the event log/email alert to the system log/SMTP server respectively.
¾ Device warm start: When the device executes warm start, the system will issue the event log/email alert to the system log/SMTP server respectively.
¾ Authentication Failure: When the SNMP authentication fails, the system will issue the event log/email alert to the system log/SMTP server respectively.
¾
X-ring topology change: When the X-ring topology has changed, the system will issue the event log/email alert to the system log/SMTP server respectively.
Port event selection: Also, before the drop-down menu items are available, the
Syslog Client Mode
selection item on the Syslog Configuration tab and the E-
mail Alert
selection item on the SMTP Configuration tab must be enabled first.
Those drop-down menu items have 3 selections—Link UP, Link Down, and Link
UP & Link Down
. Disable means no event will be sent to the system log/SMTP server.
¾ Link UP: The system will only issue a log message when the link-up event of the port occurs.
¾ Link Down: The system will only issue a log message when the link-down
44
event of port occurs.
¾
Link UP & Link Down: The system will issue a log message at the time when port connection is link-up and link-down.
Event Configuration interface
45
6.9 Fault Relay Alarm
The Fault Relay Alarm function provides the Power Failure and Port Link
Down/Broken detection. With both power input 1 and power input 2 installed and the checkboxes of power 1/power 2 ticked, the P-Fail LED indicator will then be possible to light up when any one of the power failures occurs. As for the Port Link
Down/Broken detection, the P-FAIL LED indicator will light up when the port failure occurs; certainly the check box beside the port must be ticked first. Please refer to the segment of ‘Wiring the P-Fail Alarm Contact’ for the failure detection.
Power Failure: Tick the check box to enable the function of lighting up the P-
FAIL
LED on the panel when power fails.
Port Link Down/Broken: Tick the check box to enable the function of lighting up
P-FAIL
LED on the panel when Ports’ states are link down or broken.
P-Fail Relay Alarm interface
46
6.10 SNTP Configuration
SNTP (Simple Network Time Protocol) is a simplified version of NTP which is an
Internet protocol used to synchronize the clocks of computers to some time reference.
Because time usually just advances, the time on different node stations will be different. With the communicating programs running on those devices, it would cause time to jump forward and back, a non-desirable effect. Therefore, the switch provides comprehensive mechanisms to access national time and frequency dissemination services, organize the time-synchronization subnet and the local clock in each participating subnet peer.
Daylight saving time (DST) is the convention of advancing clocks so that afternoons have more daylight and mornings have less. Typically clocks are adjusted forward one hour near the start of spring and are adjusted backward in autumn.
SNTP Client: Enable/disable SNTP function to get the time from the SNTP server.
Daylight Saving Time: This is used as a control switch to enable/disable daylight saving period and daylight saving offset. Users can configure Daylight Saving
Period and Daylight Saving Offset in a certain period time and offset time while there is no need to enable daylight saving function. Afterwards, users can just set this item as enable without assign Daylight Saving Period and Daylight Saving
Offset again.
UTC Timezone: Universal Time, Coordinated. Set the switch location time zone.
The following table lists the different location time zone for your reference.
Local Time Zone Conversion from UTC Time at 12:00 UTC
November Time Zone - 1 hour 11am
Oscar Time Zone
ADT - Atlantic Daylight
-2 hours
-3 hours
10 am
9 am
47
AST - Atlantic Standard
EDT - Eastern Daylight
EST - Eastern Standard
CDT - Central Daylight
CST - Central Standard
MDT - Mountain Daylight
MST - Mountain
Standard
PDT - Pacific Daylight
PST - Pacific Standard
ADT - Alaskan Daylight
ALA - Alaskan Standard
HAW - Hawaiian
Standard
Nome, Alaska
CET - Central European
FWT - French Winter
MET - Middle European
MEWT - Middle
European Winter
SWT - Swedish Winter
EET - Eastern
European, USSR Zone 1
BT - Baghdad, USSR
Zone 2
ZP4 - USSR Zone 3
ZP5 - USSR Zone 4
ZP6 - USSR Zone 5
+1 hour
+2 hours
+3 hours
+4 hours
+5 hours
+6 hours
48
-4 hours
-5 hours
-6 hours
-7 hours
-8 hours
-9 hours
-10 hours
-11 hours
8 am
7 am
6 am
5 am
4 am
3 am
2 am
1 am
1 pm
2 pm
3 pm
4 pm
5 pm
6 pm
WAST - West Australian
Standard
CCT - China Coast,
USSR Zone 7
JST - Japan Standard,
USSR Zone 8
EAST - East Australian
Standard GST
Guam Standard, USSR
Zone 9
IDLE - International Date
Line
NZST - New Zealand
Standard
NZT - New Zealand
+7 hours
+8 hours
+9 hours
+10 hours
+12 hours
7 pm
8 pm
9 pm
10 pm
Midnight
SNTP Sever URL: Set the SNTP server IP address. You can assign a local network time server IP address or an internet time server IP address.
Switch Timer: When the switch has successfully connected to the SNTP server whose IP address was assigned in the column field of SNTP Server URL, the current coordinated time is displayed here.
Daylight Saving Period: Set up the Daylight Saving beginning date/time and
Daylight Saving ending date/time. Please key in the value in the format of
‘YYYYMMDD’ and ‘HH:MM’ (leave a space between ‘YYYYMMDD’ and ‘HH:MM’).
¾ YYYYMMDD: an eight-digit year/month/day specification.
¾ HH:MM: a five-digit (including a colon mark) hour/minute specification.
For example, key in ‘20070701 02:00’ and ‘20071104 02:04’ in the two column fields respectively to represent that DST begins at 2:00 a.m. on March 11, 2007 and ends at 2:00 a.m. on November 4, 2007.
Daylight Saving Offset (mins): For non-US and European countries, specify the amount of time for day light savings. Please key in the valid figure in the range of minute between 0 and 720, which means you can set the offset up to 12 hours.
49
Click
Apply
to have the configuration take effect.
SNTP Configuration interface
50
6.11 IP Security
IP security function allows the user to assign 10 specific IP addresses that have permission to manage the switch through the http and telnet services for the securing switch management. The purpose of giving the limited IP addresses permission is to allow only the authorized personnel/device can do the management task on the switch.
IP Security Mode: Having set this selection item in the Enable mode, the
Enable HTTP Server
, Enable Telnet Server checkboxes and the ten security IP column fields will then be available. If not, those items will appear in grey.
Enable HTTP Server: Having ticked this checkbox, the devices whose IP addresses match any one of the ten IP addresses in the Security IP1 ~ IP10 table will be given the permission to access this switch via HTTP service.
Enable Telnet Server: Having ticked this checkbox, the devices whose IP addresses match any one of the ten IP addresses in the Security IP1 ~ IP10 table will be given the permission to access this switch via telnet service.
Security IP 1 ~ 10: The system allows the user to assign up to 10 specific IP addresses for access security. Only these 10 IP addresses can access and manage the switch through the HTTP/Telnet service once IP Security Mode is enabled.
And then, click Apply
to have the configuration take effect.
[NOTE]
Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when the switch powers off.
51
IP Security interface
52
6.12 User Authentication
Change web management login user name and password for the management security issue.
User name: Type in the new user name (The default is ‘root’)
Password: Type in the new password (The default is ‘root’)
Confirm password: Re-type the new password
And then, click
Apply
User Authentication interface
53
6.13 Advanced Configuration
This page enables the user to select the filter packet type including Flooded
Unicast/Multicast Packets
, Control Packets, IP Multicast Packets, and Broadcast
Packets
for the purpose of limiting the network bandwidth not being occupied by those storm-like packets. All the packet type filtering conditions can be active at the same time. Besides, the user can configure Broadcast Storm Rate of this switch to limit the ingress broadcast storm rate.
Flooded Unicast:
LAN switches use forwarding tables to direct traffic to specific ports based on the VLAN number and the destination MAC address of the frame. When there is no entry corresponding to the frame’s destination MAC address in the incoming VLAN, the unicast frame will be sent to all forwarding ports within the respective VLAN, which causes flooding.
Multicast:
Multicast is the delivery of information to a group of destinations simultaneously using the most efficient strategy to deliver the messages over each link of the network only once, creating copies only when the links to the destinations split.
IP Multicast Packets:
An IP Multicast group address is used by sources and the receivers to send and receive packets. Sources use the group address as the IP destination address in their data packets. Receivers use this group address to inform the network that they are interested in receiving packets sent to that group.
6.17.1 Broadcast Storm Filter
Flooded Unicast/Multicast Packets: When this checkbox is ticked, the switch will filter the flooded Unicast/Multicast packets in accordance with the filter rate set in the Broadcast Storm Rate selection item.
Control Packets: Having ticked this checkbox, the switch will enable the filter of control packets including BPDU (RSTP/LACP/GVRP), ARP, EAPOL etc. in accordance with the filter rate set in the Broadcast Storm Rate selection item.
IP multicast Packets: Having ticked this checkbox, the switch will filter the IP multicast packets in accordance with the filter rate set in the Broadcast Storm
Rate
selection item.
54
Broadcast Packets: Having ticked this checkbox, the switch will filter the broadcast packets in accordance with the filter rate set in the Broadcast Storm
Rate
selection item.
Broadcast Storm Filter interface
55
When the MAC address table is full, it won’t learn the MAC address any more.
Therefore, the aging time function allows users to set aging time in seconds for each record. Once the aging time of the record matches the setting, the record (dynamic
MAC address) will be removed from the MAC table. Also, the records will be removed from the MAC table when the particular port links down, which means that every record will be removed if it was learned from that port.
Aging Time interface
Aging Time of MAC Table: Set the aging time as OFF, 150 sec, 300 sec, or 600 sec to remove the record (s) whose property of aging time match this setting.
Auto Flush MAC Table When Link Down: Having enabled this function, the switch will remove the records learned from a particular port when the port links down.
Click Apply to have the configuration take effect.
56
Jumbo Frames are Ethernet frames with more than 1522 bytes of payload.
Conventionally, jumbo frames can carry up to 9022 bytes of payload. Many, but not all, gigabit Ethernet switches and gigabit Ethernet network interface cards support jumbo frames, but all fast Ethernet switches/network interface cards support only standardsized frames. It requires hardware and software process for each frame. With the frame size being increased, the same amount of data can be transferred with less effort.
Jumbo Frame interface
Enable Jumbo Frame: Having ticked this checkbox, the switch will allow the jumbo packets (up to 9022 bytes) pass the gigabit port.
Click Apply to have the configuration take effect.
57
6.14 Port Statistics
The following chart provides the current statistic information which displays the realtime packet transfer status for each port. The user might use the information to plan and implement the network, or check and find the problem when the collision or heavy traffic occurs.
Port: The index column of the ports.
Type: Displays the connection media type of the port.
Link: The status of linking—‘Up’ or ‘Down’.
State: The user can set the state of the port as ‘Enable’ or ‘Disable’ via the Port
Control
interface the next function. When the state is disabled, the port will not transmit or receive any packet.
Tx Good Packet: The counts of the transmitted good packets via this port.
Tx Bad Packet: The counts of the transmitted bad packets (including undersize
[less than 64 bytes], oversize, CRC Align errors, fragments and jabber packets) via this port.
Rx Good Packet: The counts of the received good packets via this port.
Rx Bad Packet: The counts of the received bad packets (including undersize
[less than 64 bytes], oversize, CRC Align error, fragments and jabber packets) via this port.
Tx Abort Packet: The aborted packet while transmitting.
Packet Collision: The counts of collision packet.
Packet Dropped: The counts of dropped packet.
Rx Bcast Packet: The counts of broadcast packet.
Rx Mcast Packet: The counts of multicast packet.
Click Clear to clean all counts.
58
Port Statistics interface
59
6.15 Port Counters
This chart displays the transmitted and received traffic of single port.
Select Port: Pull down the menu bar to select a particular port, and then the counters for the port will be displayed.
RxBcastPkt: The number of good broadcast packets received.
RxOctel: The number of octels of data received (including those in bad packet, excluding framing bits but including FCS octels, excluding RxPausePkt).
RxMcastPkt: The number of good multicast packets received except broadcast packets).
RxFCSErr: The number of packets received that had a bad FCS or RX ER asserted with the proper and integral octels.
RxOverSizePkt: The number of packets received that were longer than
Max_Pkt_Len (=1522 bytes) and were otherwise well formed.
RxAlignErr: The number of packets received that had a bad FCS or RX_ER asserted with the proper and non-integral octels.
RxJabber: The number of packets received that were longer than Max_Pkt_Len
(=1522 bytes) and had a bad FCS or RX_ER asserted.
60
RxFragment: The number of packets received that were less than 64 octels long and had a bad FCS or RX_ER asserted.
RxUndersizePkt: The number of packets received that were less than 64 octels long and were otherwise well formed.
RxPkt64: The number of packets received that were 64 octels in length including bad packets but excluding RxPausePkt.
RxPkt65to127: The number of packets received that were between 65 and 127 octels in length (including error packets).
RxPkt128to255: The number of packets received that were between 128 and
255 octels in length (including error packets).
RxPkt256to511: The number of packets received that were between 256 and
511 octels in length (including error packets).
RxPkt512to1023: The number of packets received that were between 511 and
1023 octels in length (including error packets).
RxPkt1024to1522: The number of packets received that were between 1024 and the Max_Pkt_Len (=1522 bytes) octels in length (including error packets).
TxUcastPkt: The number of unicast packet transmitted.
TxBcastPkt: The number of broadcast packet transmitted.
TxOctel: The number of octels transmitted (only for good packets excluding
TxPausePkt).
TxSingleCollisn: The number of successfully transmitted packets which transmission is inhibited by exactly one collision.
TxMultiCollisn: The number of successfully transmitted packets which transmission is inhibited by more than one collision.
TxCollisn: The number of collisions on this Ethernet segment.
TxDefferTrans: The number of packets for which the first transmission attempt is delayed because medium is busy.
DropFwdLkup: The number of unicast packets dropped after forwarding table lookup.
DropIn: The number of packets dropped because the input FIFO overrun and the
FC violation.
TxMcst: The number of multicast packet transmitted.
TxPause: The number of Pause Packet transmitted.
RxPause: The number of Pause Packet received.
61
TxUnderrun: The number of packets dropped because the output FIFO underrun.
Click Clear to reset the figures.
62
6.16 Port Control
In Port control you can configure the settings of each port to control the connection parameters, and the status of each port is listed beneath.
Port: Use the scroll bar and click on the port number to choose the port to be configured.
State: Current port state. The port can be set to disable or enable mode. If the port state is set as ‘Disable’, it will not receive or transmit any packet.
Negotiation: Auto and Force. Being set as Auto, the speed and duplex mode are negotiated automatically. When you set it as Force, you have to set the speed and duplex mode manually.
Speed: It is available for selecting when the Negotiation column is set as Force.
When the Negotiation column is set as Auto, this column is read-only.
Duplex: It is available for selecting when the Negotiation column is set as Force.
When the Negotiation column is set as Auto, this column is read-only.
Flow Control: Whether or not the receiving node sends feedback to the sending node is determined by this item. When enabled, once the device exceeds the input data rate of another device, the receiving device will send a PAUSE frame which halts the transmission of the sender for a specified period of time. When disabled, the receiving device will drop the packet if too much to process.
Security: When the Security selection is set as ‘On’, any access from the device which connects to this port will be blocked unless the MAC address of the device is included in the static MAC address table. See the segment of MAC Address
Table—Static MAC Addresses
.
Click
Apply
to have the configuration take effect.
63
Port Control interface
64
6.17 Port Trunk
Port trunking is the combination of several ports or network cables to expand the connection speed beyond the limits of any one single port or network cable. Link
Aggregation Control Protocol (LACP), which is a protocol running on layer 2, provides a standardized means in accordance with IEEE 802.3ad to bundle several physical ports together to form a single logical channel. All the ports within the logical channel or so-called logical aggregator work at the same connection speed and LACP operation requires full-duplex mode.
System Priority: A value which is used to identify the active LACP. The switch with the lowest value has the highest priority and is selected as the active LACP peer of the trunk group.
Group ID: There are 13 trunk groups to be selected. Assign the "Group ID" to the trunk group.
LACP: When enabled, the trunk group is using LACP. A port which joins an
LACP trunk group has to make an agreement with its member ports first. Please notice that a trunk group, including member ports split between two switches, has to enable the LACP function of the two switches. When disabled, the trunk group is a static trunk group. The advantage of having the LACP disabled is that a port joins the trunk group without any handshaking with its member ports; but member ports won’t know that they should be aggregated together to form a logic trunk group.
Work ports: This column field allows the user to type in the total number of active port up to four. With LACP static trunk group, e.g. you assign four ports to be the members of a trunk group whose work ports column field is set as two; the exceed ports are standby/redundant ports and can be aggregated if working ports fail. If it is a static trunk group (non-LACP), the number of work ports must equal the total number of group member ports.
Select the ports to join the trunk group. The system allows a maximum of four ports to be aggregated in a trunk group. Click
Add
and the ports focused in
65
the right side will be shifted to the left side. To remove unwanted ports, select the ports and click
Remove
.
When LACP enabled, you can configure LACP Active/Passive status for each port on the State Activity tab.
Click
Apply
.
Use
Delete
to delete Trunk Group. Select the Group ID and click
Delete
.
Port Trunk—Aggregator Setting interface (four ports are added to the left field with LACP enabled)
66
LACP disabled
Having set up the aggregator setting with LACP disabled, you will see the local static trunk group information on the tab of Aggregator Information.
Assigning 2 ports to a trunk group with LACP disabled
Group Key: This is a read-only column field that displays the trunk group ID.
Port Member: This is a read-only column field that displays the members of this static trunk group.
Static Trunking Group information
67
LACP enabled
Having set up the aggregator setting with LACP enabled, you will see the trunking group information between two switches on the tab of Aggregator Information.
Switch 1 configuration
1. Set of the trunk group. The default is 1.
2. Select
trunk group ID
by pull down the drop-down menu bar.
4. Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically.
Switch 1 configuration interface
68
Aggregation Information of Switch 1
5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured.
69
Switch 2 configuration
Switch 2 configuration interface
1. Set of the trunk group. The default is 1.
2. Select
trunk group ID
by pull down the drop-down menu bar.
4. Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically.
Aggregation Information of Switch 2
5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured.
70
Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the state activity for the members of the LACP trunk group. You can tick or cancel the checkbox beside the state label. When you remove the tick mark of the port and click
Apply
, the port state activity will change to Passive.
Active: The port automatically sends LACP protocol packets.
Passive: The port does not automatically send LACP protocol packets, and responds only if it receives LACP protocol packets from the opposite device.
[NOTE] A link
having two passive LACP nodes will not perform dynamic LACP trunk because both ports are waiting for an LACP protocol packet from the opposite device.
State Activity of Switch 1
71
State Activity of Switch 2
72
6.18 Port Mirroring
The Port mirroring is a method for monitoring traffic in switched networks. Traffic through ports can be monitored by one specific port, which means traffic goes in or out Monitored (source) port will be duplicated into Analysis (destination) port.
Port Trunk – Port Mirroring interface
Mode: Choose the type of being monitored packets. RX means only the received packets of the monitored port will be copied and sent to the analysis port. TX means only the transmitted packets of the monitored port will be copied and sent to the analysis port. Both RX/TX means both received & transmitted packets of the monitored port will be copied and sent to the analysis port.
Analysis Port: There is only one port can be selected to be the analysis
(destination) port for monitoring both RX and TX traffic which come from the source port. Users can connect the analysis port to LAN analyzer or Netxray.
Monitored Port: Choose a port number to be monitored. Only one port can be monitored during the monitoring process.
And then, click
Apply
.
73
6.19 Rate Limiting
All the ports support port ingress and egress rate control. The switch performs the ingress/egress rate by packet counter to meet the specified rate. When the traffic exceeds the limited transfer rate, the packets will be delayed or dropped.
Rate Limiting interface
Ingress: Assign the port effective ingress rate (The default value is “0”).
Egress: Assign the port effective egress rate (The default value is “0”).
And then, click
Apply
to have the configuration take effect.
74
6.20 VLAN configuration
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the same
VLAN will receive traffic from the ones of the same VLAN. Basically, creating a VLAN on a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still plugged into the same switch physically.
This switch supports Port-based and 802.1Q (tagged-based) VLAN. The default configuration of VLAN operation mode is “Disable”.
VLAN Configuration interface
75
A port-based VLAN basically consists of its members—ports, which means the VLAN is created by grouping the selected ports. This method provides the convenience for users to configure a simple VLAN easily without complicated steps. Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN enabled, the VLANtagging is ignored. The port-based VLAN function allows the user to create separate
VLANs to limit the unnecessary packet flooding; however, for the purpose of sharing resource, a single port called a common port can belongs to different VLANs, which all the member devices (ports) in different VLANs have the permission to access the common port while they still cannot communicate with each other in different VLANs.
VLAN – Port Based interface
Pull down the selection item and focus on Port Based then press
Apply
to set the VLAN Operation Mode in Port Based mode.
Click
Add
to add a new VLAN group (The maximum VLAN groups are up to
64).
76
VLAN—Port Based Add interface
Enter the group name and VLAN ID. Add the selected port number into the right field to group these members to be a VLAN group, or remove any of them listed in the right field from the VLAN.
And then, click
Apply
to have the configuration take effect.
You will see the VLAN list displays.
77
VLAN—Port Based Edit/Delete interface
Use
Delete
to delete the VLAN.
Use
Edit
to modify group name, VLAN ID, or add/remove the members of the existing VLAN group.
[NOTE]
Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off.
78
Virtual Local Area Network (VLAN) can be implemented on the switch to logically create different broadcast domain.
When the 802.1Q VLAN function is enabled, all ports on the switch belong to default
VLAN of VID 1, which means they logically are regarded as members of the same broadcast domain. The valid VLAN ID is in the range of number between 1 and 4094.
The amount of VLAN groups is up to 256 including default VLAN that cannot be deleted.
Each member port of 802.1Q is on either an Access Link (VLAN-tagged) or a Trunk
Link (no VLAN-tagged). All frames on an Access Link carry no VLAN identification.
Conversely, all frames on a Trunk Link are VLAN-tagged. Besides, there is the third mode—Hybrid. A Hybrid Link can carry both VLAN-tagged frames and untagged frames. A single port is supposed to belong to one VLAN group, except it is on a
Trunk/Hybrid Link.
The technique of 802.1Q tagging inserts a 4-byte tag, including VLAN ID of the destination port—PVID, in the frame. With the combination of Access/Trunk/Hybrid
Links, the communication across switches also can make the packet sent through tagged and untagged ports.
79
802.1Q Configuration
Pull down the selection item and focus on 802.1Q then press
Apply
to set the
VLAN Operation Mode in 802.1Q mode.
Enable GVRP Protocol: GVRP (GARP VLAN Registration Protocol) is a protocol that facilitates control of virtual local area networks (VLANs) within a larger network. GVRP conforms to the IEEE 802.1Q specification, which defines a method of tagging frames with VLAN configuration data. This allows network devices to dynamically exchange VLAN configuration information with other devices. For example, having enabled GVRP on two switches, they are able to automatically exchange the information of their VLAN database. Therefore, the user doesn’t need to manually configure whether the link is trunk or hybrid, the packets belonging to the same VLAN can communicate across switches. Tick this checkbox to enable GVRP protocol. This checkbox is available while the VLAN
Operation Mode is in 802.1Q mode.
Management VLAN ID: Only when the VLAN members, whose Untagged VID
(PVID) equals to the value in this column, will have the permission to access the switch. The default value is ‘0’ that means this limit is not enabled (all members in different VLANs can access this switch).
Select the port you want to configure.
Link Type: There are 3 types of link type.
¾ Access Link: A segment which provides the link path for one or more stations to the VLAN-aware device. An Access Port (untagged port), connected to the access link, has an untagged VID (also called PVID). After an untagged frame gets into the access port, the switch will insert a four-byte tag in the frame. The contents of the last 12-bit of the tag is untagged VID.
When this frame is sent out through any of the access port of the same PVID, the switch will remove the tag from the frame to recover it to what it was.
Those ports of the same untagged VID are regarded as the same VLAN group members.
Note: Because the access port doesn’t have an understanding of tagged frame, the column field of Tagged VID is not available.
80
¾ Trunk Link: A segment which provides the link path for one or more VLANaware devices (switches). A Trunk Port, connected to the trunk link, has an understanding of tagged frame, which is used for the communication among
VLANs across switches. Which frames of the specified VIDs will be forwarded depends on the values filled in the Tagged VID column field.
Please insert a comma between two VIDs.
Note:
1. A trunk port doesn’t insert tag into an untagged frame, and therefore the untagged
VID column field is not available.
2. It’s not necessary to type ‘1’ in the tagged VID. The trunk port will forward the frames of VLAN 1.
3. The trunk port has to be connected to a trunk/hybrid port of the other switch. Both the tagged VID of the two ports have to be the same.
¾ Hybrid Link: A segment which consists of Access and Trunk links. The hybrid port has both the features of access and trunk ports. A hybrid port has a PVID belonging to a particular VLAN, and it also forwards the specified tagged-frames for the purpose of VLAN communication across switches.
Note:
1. It’s not necessary to type ‘1’ in the tagged VID. The hybrid port will forward the frames of VLAN 1.
2. The trunk port has to be connected to a trunk/hybrid port of the other switch. Both the tagged VID of the two ports have to be the same.
Untagged VID: This column field is available when Link Type is set as Access
Link and Hybrid Link. Assign a number in the range between 1 an 4094.
Tagged VID: This column field is available when Link Type is set as Trunk Link and Hybrid Link. Assign a number in the range between 1 an 4094.
Click Apply
to have the configuration take effect.
You can see the link type, untagged VID, and tagged VID information of each port in the table below on the screen.
81
802.1Q VLAN interface
Group Configuration
Edit the existing VLAN Group.
Select the VLAN group in the table list.
Click
Edit
.
82
Group Configuration interface
You can modify the VLAN group name and VLAN ID.
Click
Apply
.
Group Configuration interface
83
6.21 Rapid Spanning Tree
The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree
Protocol and provides for faster spanning tree convergence after a topology change.
The system also supports STP and the system will auto-detect the connected device that is running STP or RSTP protocol.
The user can view spanning tree information of Root Bridge.
The user can modify RSTP state. After modification, click
Apply
.
¾ RSTP mode: The user must enable the RSTP function first before configuring the related parameters.
¾ Priority (0-61440): The switch with the lowest value has the highest priority and is selected as the root. If the value is changed, the user must reboot the switch. The value must be a multiple of 4096 according to the protocol standard rule.
¾ Max Age (6-40): The number of seconds a switch waits without receiving
Spanning-tree Protocol configuration messages before attempting a reconfiguration. Enter a value between 6 through 40.
¾ Hello Time (1-10): The time that controls the switch to send out the BPDU packet to check RSTP current status. Enter a value between 1 through 10.
¾ Forward Delay Time (4-30): The number of seconds a port waits before changing from its Rapid Spanning-Tree Protocol learning and listening states to the forwarding state. Enter a value between 4 through 30.
[NOTE]
Follow the rule as below to configure the MAX Age, Hello Time, and
Forward Delay Time.
2 x (Forward Delay Time value –1) > = Max Age value >= 2 x (Hello
Time value +1)
84
RSTP System Configuration interface
85
This web page provides the port configuration interface for RSTP. You can assign higher or lower priority to each port. Rapid spanning tree will have the port with the higher priority in forwarding state and block other ports to make certain that there is no loop in the LAN.
Select the port in the port column field.
Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200,000,000.
Priority: Decide which port should be blocked by setting its priority as the lowest.
Enter a number between 0 and 240. The value of priority must be the multiple of
16.
Admin P2P: The rapid state transitions possible within RSTP are dependent upon whether the port concerned can only be connected to exactly another bridge (i.e. it is served by a point-to-point LAN segment), or can be connected to two or more bridges (i.e. it is served by a shared medium LAN segment). This function allows the P2P status of the link to be manipulated administratively. True means the port is regarded as a point-to-point link. False means the port is regarded as a shared link. Auto means the link type is determined by the autonegotiation between the two peers.
Admin Edge: The port directly connected to end stations won’t create bridging loop in the network. To configure the port as an edge port, set the port to “True” status.
Admin Non Stp: The port includes the STP mathematic calculation. True is not including STP mathematic calculation. False is including the STP mathematic calculation.
Click
Apply
.
86
RSTP Port Configuration interface
87
6.22 SNMP Configuration
Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network.
SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP.
Agent Mode: Select the SNMP version that you want to use and then click
Change
to have the selected SNMP version mode take effect. The default value is ‘SNMP v1/v2c only’.
Community Strings
Here you can define the new community string set and remove the unwanted community string.
¾ String: Fill the name string.
¾ RO: Read only. Enables requests accompanied by this community string to display MIB-object information.
¾ RW: Read/write. Enables requests accompanied by this community string to display MIB-object information and to set MIB objects.
¾ Click Add
.
¾ To remove the community string, select the community string that you defined before and click
Remove
. The strings of Public_RO and Private_RW are default strings. You can remove them but after resetting the switch to default, the two strings show up again.
88
SNMP System Configuration interface
89
A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is defined, no traps will be issued. To define a management station as a trap manager, assign an IP address, enter the SNMP community strings, and select the SNMP trap version.
IP Address: Enter the IP address of the trap manager.
Community: Enter the community string for the trap station.
Trap Version: Select the SNMP trap version type—v1 or v2c.
.
To remove the community string, select the community string listed in the current managers field and click
Remove
.
Trap Managers interface
90
Configure the SNMP V3 function.
Context Table
Configure SNMP v3 context table. Assign the context name of context table. Click
Add
to add context name. Click
Remove
to remove the unwanted context name.
User Profile
Configure SNMP v3 user table..
User ID: Set up the user name.
Authentication Password: Set up the authentication password.
Privacy Password: Set up the private password.
Click
Add
to add the context name.
Click Remove
to remove the unwanted context name.
91
SNMP V3 configuration interface
Group Table
Configure SNMP v3 group table.
Security Name (User ID): Assign the user name that you have set up in user table.
Group Name: Set up the group name.
Click
Add
to add the context name.
Click
Remove
to remove the unwanted context name.
Access Table
92
Configure SNMP v3 access table.
Context Prefix: Set up the context name.
Group Name: Set up the group.
Security Level: Set up the access level.
Context Match Rule: Select the context match rule.
Read View Name: Set up the read view.
Write View Name: Set up the write view.
Notify View Name: Set up the notify view.
Click
Add
to add the context name.
Click
Remove
to remove the unwanted context name.
MIBview Table
Configure MIB view table.
ViewName: Set up the name.
Sub-Oid Tree: Fill the Sub OID.
Type: Select the type—excluded or included.
Click
Add
to add the context name.
Click
Remove
to remove the unwanted context name.
93
6.23 QoS Configuration
Quality of Service (QoS) is the ability to provide different priority to different applications, users or data flows, or to guarantee a certain level of performance to a data flow. QoS guarantees are important if the network capacity is insufficient, especially for real-time streaming multimedia applications such as voice over IP or
Video Teleconferencing, since these often require fixed bit rate and are delay sensitive, and in networks where the capacity is a limited resource, for example in cellular data communication. In the absence of network congestion, QoS mechanisms are not required.
QoS Mode: Select the QoS policy rule.
¾ Disable Qos Priority: The default status of QoS Priority is disabled.
¾ High Empty Then Low: When all the high priority packets are empty in queue, low priority packets will be processed then.
¾
Highest:SecHigh:SecLow:Lowest=8:4:2:1: The switch will follow 8:4:2:1 rate to process priority queue from High to lowest queue. For example, while the system processing, 1 frame of the lowest queue, 2 frames of the low queue, 4 frames of the middle queue, and 8 frames of the high queue will be processed at the same time in accordance with the 8,4,2,1 policy rule.
¾ Highest:SecHigh:SecLow:Lowest=15:7:3:1: Having set this QoS mode, the process order is in compliance with the transfer rate of 15:7:3:1.
¾ Highest:SecHigh:SecLow:Lowest=15:10:5:1: Having set this QoS mode, the process order is in compliance with the transfer rate of 15:10:5:1.
¾ Click
Apply
to have the configuration take effect.
802.1p priority [7-0]: Configure per priority level. Priority 0 ~ 7: each priority has four priority levels—Highest, SecHigh, SecLow, and Lowest.
Default Ingress Port Priority Mapping: Configure the priority level for each port. The port ingress level is between 0 and 7.
TOS/DSCP Priority Mapping: The system provides 0 ~ 63 TOS priority level. Each level has 8 priorities—0 ~ 7. The default priority for each port is 0. When the IP packet is received, the system will check the TOS level value in the IP packet. For example,
94
TOS level 25 is set as 0 and each port only follows the TOS priority policy. When the packet received through all the ports on the switch, the system will check the TOS value of the received IP packet. If the TOS value of received IP packet is 25 (priority =
0), the packet priority has the highest priority.
QoS Configuration interface
95
6.24 IGMP Configuration
The Internet Group Management Protocol (IGMP) is an internal protocol of the
Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts that support IGMP. Enabling IGMP allows the ports to detect IGMP queries, report packets, and manage IP multicast traffic through the switch. IGMP have three fundamental types of message shown as follows:
Message
Query
Report
Description
A message sent from the querier (IGMP router or switch) asking for a response from each host belonging to the multicast group.
A message sent by a host to the querier to indicate that the host wants to be or is a member of a given group indicated in the report message.
Leave
Group
A message sent by a host to the querier to indicate that the host has quit being a member of a specific multicast group.
The switch supports IP multicast. You can enable IGMP protocol via setting the IGMP
Configuration page to see the IGMP snooping information. IP multicast addresses are in the range of 224.0.0.0 through 239.255.255.255.
IGMP Protocol: Enable or disable the IGMP protocol.
IGMP Query: Select the IGMP query function as Enable or Auto to set the switch as a querier for IGMP version 2 multicast networks.
Last Member Query Count: This item allows the user to specify the query counts—1 or 2. If query count is set as 1, the switch will query whether any member is still in the IGMP group for sending one query after the query interval.
With query count being set as 2, the switch will send two queries after the query interval.
Last Member Query Interval: Fill in the number in seconds as the query interval
96
time.
Click
Apply
.
IGMP Configuration interface
97
6.25 LLDP Configuration
Link Layer Discovery Protocol (LLDP) is defined in the IEEE 802.1AB, it is an emerging standard which provides a solution for the configuration issues caused by expanding LANs. LLDP specifically defines a standard method for Ethernet network devices such as switches, routers and wireless LAN access points to advertise information about themselves to other nodes on the network and store the information they discover. LLDP runs on all 802 media. The protocol runs over the data-link layer only, allowing two systems running different network layer protocols to learn about each other.
LLDP Protocol: Pull down the selection menu to disable or enable LLDP function.
LLDP Interval: Set the interval of advertising the switch’s information to other nodes.
Click
Apply
.
LLDP Interface
98
6.26 X-Ring
X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms between them are not the same. In the
X-Ring topology, every switch should be enabled with X-Ring function and two ports should be assigned as the member ports in the ring. Only one switch in the X-Ring group would be set as the master switch that one of its two member ports would be blocked, called backup port, and another port is called working port. Other switches in the X-Ring group are called working switches and their two member ports are called working ports. When the failure of network connection occurs, the backup port of the master switch (Ring Master) will automatically become a working port to recover from the failure.
The switch supports the function and interface for setting the switch as the ring master or not. The ring master can negotiate and place command to other switches in the X-
Ring group. If there are 2 or more switches in master mode, the software will select the switch with lowest MAC address number as the ring master. The X-Ring master ring mode can be enabled by setting the X-Ring configuration interface. Also, the user can identify whether the switch is the ring master by checking the R.M. LED indicator on the panel of the switch.
The system also supports the Couple Ring that can connect 2 or more X-Ring group for the redundant backup function; Dual Homing function that can prevent connection lose between X-Ring group and upper level/core switch. Apart from the advantages,
Central Ring
can handle up to 4 rings in the system and has the ability to recover from failure within 20 milliseconds.
Enable Ring: To enable the X-Ring function, tick the checkbox beside the Enable
Ring string label. If this checkbox is not ticked, all the ring functions are unavailable.
¾ Enable Ring Master: Tick the checkbox to enable this switch to be the ring master.
¾ 1
st
& 2 nd
Ring Ports:
Pull down the selection menu to assign the ports as
99
the member ports. 1
st
Ring Port is the working port and 2
nd
Ring Port
is the backup port. When 1
st
Ring Port fails, the system will automatically upgrade the 2
nd
Ring Port
to be the working port.
Enable Couple Ring: To enable the coupe ring function, tick the checkbox beside the Enable Couple Ring string label.
¾ Couple Port: Assign the member port which is connected to the other ring group.
¾ Control Port: When the Enable Couple Ring checkbox is ticked, you have to assign the control port to form a couple-ring group between the two Xrings.
Enable Dual Homing: Set up one of the ports on the switch to be the Dual
Homing port. For a switch, there is only one Dual Homing port. Dual Homing function only works when the X-Ring function enabled.
Enable Central Ring X: Tick the checkbox beside the string label of Enable
Central Ring
‘x’ to assign two ports as the blocking & forwarding ports of the ring.
¾ 1
st
Ring Port:
Assign a port which is used to be the forwarding port to the ring.
¾ 2
nd
Ring Port:
Assign a port which is used to be the blocking port to the ring.
And then, click Apply
to have the configuration take effect.
100
X-ring Interface
[NOTE]
1. When the X-Ring function enabled, the user must disable the RSTP.
The X-Ring function and RSTP function cannot exist on a switch at the same time.
2. Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch powers off.
101
6.27 X-RSTP
X-RSTP is a multi-ring RSTP network supporting one root switch and up to two backup root switches for the system. It allows users to establish the multi-linking-path network with up to 20 switches. In addition, the recovery time could be less than
100ms to prevent the losses of data caused by unexpected link-broken.
Root: This drop-down menu item allows the user to designate the switch to be the root switch by selecting Enable or the backup root switch by selecting
Backup
.
Port: Tick the checkbox of the port to include it into the group for spanning tree algorithm.
State: This column field shows the state of the port.
¾ INACTIVE: This port is not ticked to join the spanning tree.
¾
BLOCKING: The port is a backup/redundant port that would cause a switching loop. When the port state is blocking, no user data will be transferred via this port. However, it will change to forwarding state when other links fail.
¾ FORWARDING: The port receiving and transmitting data is a normal operating port. Spanning Tree Protocol still monitors incoming BPDUs that would indicate it should return to the blocking state to prevent a loop.
¾ LINKDOWN: The port linking is disconnected or broken.
102
X-RSTP Interface
103
6.28 Security—802.1X/Radius Configuration
802.1x is an IEEE authentication specification which prevents the client from accessing a wireless access point or wired switch until it provides authority, like the user name and password that are verified by an authentication server (such as
RADIUS server).
IEEE 802.1x Protocol: Enable or disable 802.1x protocol.
Radius Server IP: Assign the RADIUS Server IP address.
Server Port: Set the UDP destination port for authentication requests to the specified RADIUS Server.
Accounting Port: Set the UDP destination port for accounting requests to the specified RADIUS Server.
Shared Key: Set an encryption key for using during authentication sessions with the specified RADIUS server. This key must match the encryption key used on the RADIUS Server.
NAS, Identifier: Set the identifier for the RADIUS client.
Click
Apply
.
802.1x System Configuration interface
104
You can configure the 802.1x authentication state for each port. The state provides
Disable, Accept, Reject, and Authorize.
Reject: The specified port is required to be held in the unauthorized state.
Accept: The specified port is required to be held in the authorized state.
Authorize: The specified port is set to the Authorized or Unauthorized state in accordance with the outcome of an authentication exchange between the
Supplicant and the authentication server.
Disable: When disabled, the specified port works without complying with 802.1x protocol.
Click
Apply
.
802.1x Per Port Setting interface
105
Quiet Period: Set the period which the port doesn’t try to acquire a supplicant.
TX Period: Set the period the port waits for retransmit next EAPOL PDU during an authentication session.
Supplicant Timeout: Set the period of time the switch waits for a supplicant response to an EAP request.
Server Timeout: Set the period of time the switch waits for a server response to an authentication request.
Max Requests: Set the number of authentication that must time-out before authentication fails and the authentication session ends.
Reauth period: Set the period of time which clients connected must be reauthenticated.
Click Apply
.
802.1x Misc Configuration interface
106
6.29 MAC Address Table
Use the MAC address table to ensure the port security.
6.29.1 Static MAC Address
You can add a static MAC address that remains in the switch's address table regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. Via this interface, you can add / modify / delete a static MAC address.
Add the Static MAC Address
You can add static MAC address in the switch’s MAC table here. If the destination address and the VLAN ID of the packet meet the conditions set in the Static MAC
Addresses
table, the packet will be forwarded to the port only.
MAC Address: Enter the MAC address of the port that should permanently forward traffic, regardless of the device network activity.
Port No.: Pull down the selection menu to select the port number to which the traffic will be forwarded.
VLAN ID: Key in the VLAN ID to be the forwarding condition.
.
If you want to delete the MAC address from filtering table, select the MAC address and click
Delete
.
107
Static MAC Addresses interface
108
By filtering MAC address with VLAN ID, the switch will drop the packet when both its destination MAC address and VLAN ID meet the condition configured in the MAC
Filtering
table. You can add and delete the MAC filters.
MAC Filtering interface
MAC Address: Enter the MAC address that you want to filter.
VLAN ID: Enter the VLAN ID that you want to filter.
.
If you want to delete the MAC address from the filtering table, select the MAC address and click
Delete
.
109
You can view all of the MAC addresses learned by the selected port. This interface shows the MAC addresses information group by port.
Port No.: Select the port number to view its MAC address.
Current MAC Address: The static & dynamic MAC address information of the selected port will be displayed in here.
Click Clear MAC Table
to clear the dynamic MAC addresses information of the current port.
All MAC Address interface
110
6.29.4 MAC Address Table—Multicast Filtering
Multicasts are similar to broadcasts, they are sent to all end stations on a LAN or
VLAN. Multicast filtering is the function, which end stations can receive the multicast traffic if the connected ports had been included in the specific multicast groups. With multicast filtering, network devices only forward multicast traffic to the ports that are connected to the registered end stations.
IP Address: Assign a multicast group IP address in the range of 224.0.0.0 ~
239.255.255.255.
VLAN ID: Assign a VLAN ID that limit the source and destination ports must belong to the same VLAN. Therefore, the packet meets the conditions will then be forwarded to the destination port.
Member Ports: Tick the check box beside the port number to include them as the member ports in the specific multicast group IP address.
Click
Add
to append a new filter of multicast to the field, or select the filter in the field and click
Delete
to remove it.
111
Multicast Filtering interface
112
6.30 Factory Default
Reset switch to default configuration. Click Reset to reset all configurations to the default value.
Factory Default interface
113
6.31 Save Configuration
Save all configurations that you have made in the system. To ensure the all configuration will be saved. Click
Save
to save the all configuration to the flash memory.
Save Configuration interface
114
6.32 System Reboot
Reboot the switch in software reset. Click Reboot to reboot the system.
System Reboot interface
115
Troubles shooting
Verify that you are using the right power cord/adapter (AC/DC 100 ~ 240V).
Please don’t use the power output higher than 240V, or this switch will be burned down.
Select the proper UTP/STP cable to construct the user network. Use unshielded twisted-pair (UTP) or shield twisted-pair (STP) cable for RJ-45 connections that depend on the connector type the switch equipped: 100Ω Category 3, 4 or 5 cable for 10Mbps connections, 100Ω Category 5 cable for 100Mbps connections, or 100Ω Category 5e/above cable for 1000Mbps connections. Also be sure that the length of any twisted-pair connection does not exceed 100 meters (328 feet).
Diagnosing LED Indicators: To assist in identifying problems, the switch can be easily monitored through panel indicators, which describe common problems the user may encounter and where the user can find possible solutions.
If the power indicator does not light on when the power cord is plugged in, you may have a problem with power cord. Then check for loose power connections, power losses or surges at power outlet. If you still cannot resolve the problem, contact the local dealer for assistance.
If the LED indicators are normal and the connected cables are correct but the packets still cannot be transmitted. Please check the user system’s Ethernet devices’ configuration or status.
116
Appendix A — RJ-45 Pin Assignment
RJ-45 ports
The UTP/STP ports will automatically sense for Fast Ethernet (10Base-T/100Base-TX connections), or Gigabit Ethernet (10Base-T/100Base-TX/1000Base-T connections).
Auto MDI/MDIX means that the switch can connect to another switch or workstation without changing straight through or crossover cabling. See the figures below for straight through and crossover cable schematic.
10 /100BASE-TX Pin outs
With10/100BASE-TX cable, pins 1 and 2 are used for transmitting data, and pins 3 and 6 for receiving data.
RJ-45 Pin Assignments
Pin Number Assignment
1 Tx+
2 Tx-
3 Rx+
6 Rx-
[NOTE]
“+” and “-” signs represent the polarity of the wires that make up each wire pair.
The table below shows the 10/100BASE-TX MDI and MDI-X port pin outs.
Pin Number
3
6
1
2
MDI-X Signal Name MDI Signal Name
Receive Data plus (RD+) Transmit Data plus (TD+)
Receive Data minus (RD-) Transmit Data minus (TD-)
Transmit Data plus (TD+) Receive Data plus (RD+)
Transmit Data minus (TD-) Receive Data minus (RD-)
117
10/100Base-TX Cable Schematic
The following two figures show the 10/100Base-TX cable schematic.
Straight-through cable schematic
Cross over cable schematic
10/100/1000Base-TX Pin outs
The following figure shows the 10/100/1000 Ethernet RJ-45 pin outs.
118
10/100/1000Base-TX Cable Schematic
Straight through cables schematic
Cross over cables schematic
119
Appendix B — Command Sets
Commands Set List
User EXEC E
Privileged EXEC P
Global configuration G
VLAN database V
Interface configuration I
System Commands Set
Netstar Commands Level show config show terminal write memory system name
[System Name] system location
[System Location] system description
[System Description] system contact
[System Contact] show system-info ip address
E
P
G
G
G
G
G
E
G
Description
Show switch configuration
Show console information
Save user configuration into permanent memory
(flash rom)
Configure system name
Set switch system location string
Set switch system description string
Set switch system contact window string
Show system information
Configure the IP
Example
switch>show config switch#show terminal switch#write memory switch(config)#system name xxx switch(config)#system location
xxx
switch(config)#system
description xxx
switch(config)#system contact
xxx
switch>show system-info switch(config)#ip address
120
[Ip-address] [Subnetmask] [Gateway] ip dhcp show ip no ip dhcp reload default admin username
[Username] admin password
[Password] show admin dhcpserver enable dhcpserver lowip
[Low IP] dhcpserver highip
[High IP] dhcpserver subnetmask
[Subnet mask] dhcpserver gateway
[Gateway] dhcpserver dnsip
[DNS IP] dhcpserver leasetime
[Hours]
G
P
G
G
G
G
address of switch
Enable DHCP client function of switch
192.168.1.1 255.255.255.0
192.168.1.254
switch(config)#ip dhcp
Show IP information of switch#show ip switch
Disable DHCP client function of switch switch(config)#no ip dhcp
Halt and perform a cold switch(config)#reload restart
Restore to default
Changes a login username.
(maximum 10 words)
Switch(config)#default switch(config)#admin username
xxxxxx
G
Specifies a password
(maximum 10 words)
P
Show administrator information switch(config)#admin password
xxxxxx
switch#show admin
G
Enable DHCP Server switch(config)#dhcpserver enable
G
Configure low IP address for IP pool switch(config)#dhcpserver lowip
192.168.1.1
G
Configure high IP address for IP pool switch(config)#dhcpserver highip
192.168.1.50
G
Configure subnet mask switch(config)#dhcpserver for DHCP clients
subnetmask 255.255.255.0
G
Configure gateway for
DHCP clients
G
Configure DNS IP for
DHCP clients
G
Configure lease time
(in hour)
121 switch(config)#dhcpserver
gateway 192.168.1.254
switch(config)#dhcpserver dnsip
192.168.1.1
switch(config)#dhcpserver
leasetime 1
dhcpserver ipbinding
[IP address] show dhcpserver configuration show dhcpserver clients show dhcpserver ipbinding no dhcpserver security enable security http security telnet security ip
[Index(1..10)] [IP
Address] show security
I
P
P
Set static IP for DHCP switch(config)#interface clients by port
fastEthernet 2
switch(config-if)#dhcpserver
Show configuration of
DHCP server
Show client entries of
DHCP server
ipbinding 192.168.1.1
switch#show dhcpserver
configuration
switch#show dhcpserver clinets switch#show dhcpserver ip-
binding
P
Show IP-Binding information of DHCP server
G
Disable DHCP server function
G
Enable IP security function switch(config)#no dhcpserver switch(config)#security enable
G
Enable IP security of
HTTP server
G
Enable IP security of telnet server switch(config)#security http switch(config)#security telnet
G
Set the IP security list switch(config)#security ip 1
192.168.1.55
no security no security http no security telnet bsf rate bsf flooded-unicast-
P
Show the information of IP security
G
Disable IP security function
G
Disable IP security of
HTTP server
G
Disable IP security of telnet server
G
Configure Broadcast
Storm Filter selection
G
Enable Flooded switch#show security switch(config)#no security switch(config)#no security http switch(config)#no security telnet switch(config)#bsf rate 1/2 switch(config)#bsf flooded-
122
multicast bsf control bsf ip-multicast bsf broadcast no bsf flooded-unicastmulticast no bsf control no bsf ip-multicast no bsf broadcast jumbo-frame no jumbo-frame show jumbo-frame
Unicast/Multicast
Packets BSF
G
Enable Control
Packets BSF
G
Enable IP Multicast
Packets BSF
G
Packets BSF
unicast-multicast
switch(config)#bsf control switch(config)#bsf ip-multicast switch(config)#bsf broadcast
G
Disable Flooded
Unicast/Multicast
Packets BSF
G
Disable Control
Packets BSF
G
Disable IP Multicast
Packets BSF switch(config)#no bsf flooded-
unicast-multicast
switch(config)#no bsf control switch(config)#no bsf ip-multicast
G
Disable Broadcast
Packets BSF switch(config)#no bsf broadcast
G
Enable jumbo frame switch(config)#jumbo-frame
G
Disable jumbo frame switch(config)#no jumbo-frame
G
Show jumbo frame enable/disable switch#show jumbo-frame
123
Port Commands Set
Netstar Commands Level interface fastEthernet
[Portid]
G
Description
Choose the port for modification.
duplex
[full | half]
Example
switch(config)#interface
I
Use the duplex
fastEthernet 2
switch(config)#interface configuration command
fastEthernet 2
to specify the duplex mode of operation for switch(config-if)#duplex full
Fast Ethernet.
speed
[10|100|1000|auto] flowcontrol
[Enable|Disable]
I
Use the speed to specify the speed mode of operation for switch(config)#interface configuration command
fastEthernet 2
switch(config-if)#speed 100
Fast Ethernet, the speed can’t be set to
1000 if the port isn’t a giga port.
I Use the flowcontrol control traffic rates during congestion. switch(config)#interface configuration command
fastEthernet 2
on Ethernet ports to switch(config-if)#flowcontrol
enable no flowcontrol I
Disable flow control of interface switch(config-if)#no flowcontrol
security enable I
interface switch(config)#interface
fastEthernet 2
switch(config-if)#security enable
no security ratelimit in
[Value]
I
Disable security of interface switch(config)#interface
fastEthernet 2
switch(config-if)#no security
I
Set interface input rate switch(config)#interface limiting
fastEthernet 2
switch(config-if)#ratelimit in 100
124
ratelimit out
[Value] show ratelimit show interface accounting2 no accounting
I
Set interface output rate limiting
Show interfaces rate limiting switch(config)#interface
fastEthernet 2
switch(config-if)#ratelimit out 100 switch(config)#interface
fastEthernet 2
switch(config-if)#show ratelimit
state
[Enable | Disable]
I
Use the state interface switch(config)#interface configuration command
fastEthernet 2
to specify the state mode of operation for switch(config-if)#state Disable
Ethernet ports. Use the disable form of this command to disable the port.
show interface configuration show interface status show interface accounting1
I
I
show interface configuration status show interface actual status switch(config)#interface
fastEthernet 2
switch(config-if)#show interface
configuration
switch(config)#interface
fastEthernet 2
switch(config-if)#show interface counter1
status
I
show interface statistic switch(config)#interface
fastEthernet 2
switch(config-if)#show interface
accounting1
I
show interface statistic switch(config)#interface counter2
fastEthernet 2
switch(config-if)#show interface
accounting2
I
Clear interface switch(config)#interface accounting information
fastEthernet 2
switch(config-if)#no accounting
125
alias [name] I
Configure alias name of port switch(config)#interface
fastEthernet 2
switch(config-if)#alias PORT002
126
Trunk Commands Set
Netstar Commands Level aggregator priority
[1~65535] aggregator activityport
[Group ID][Port
Description
G
Set activity port
Example
G
Set port group system priority switch(config)#aggregator priority
22
switch(config)#aggregator
activityport 2 2
Numbers] aggregator group
[GroupID] [Port-list] lacp workp
[Workport] aggregator group
[GroupID] [Port-list] nolacp
G
Assign a trunk group with LACP active. switch(config)#aggregator group
1 1-4 lacp workp 2
[GroupID] :1~3 list, This parameter could be a port or
[Port-list]:Member port switch(config)#aggregator group
2 1,4,3 lacp workp 3
range(ex.1-4) or a port list separate by a comma(ex.2, 3, 6)
[Workport]: The amount of work ports, this value could not be less than zero or be large than the amount of member ports.
G
Assign a static trunk group.
[GroupID] :1~3 switch(config)#aggregator group
1 2-4 nolacp
or
[Port-list]:Member port switch(config)#aggreator group 1 list, This parameter
3,1,2 nolacp
could be a port range(ex.1-4) or a port list separate by a comma(ex.2, 3, 6)
127
show aggregator
[Group-number]
P
Show the information of trunk group switch#show aggregator 1
no aggregator lacp
[GroupID]
G
Disable the LACP function of trunk group switch(config)#no aggreator lacp
1 no aggregator group
[GroupID]
G
Remove a trunk group switch(config)#no aggreator
group 2
128
VLAN Commands Set
Netstar Commands Level vlan database
Description
P
Enter VLAN configure mode
vlanmode
[portbase| 802.1q | gvrp]
V
To set switch VLAN mode.
Example
switch#vlan database switch(vlan)#vlanmode portbase or switch(vlan)#vlanmode 802.1q or switch(vlan)#vlanmode gvrp
no vlan V
Disable VLAN Switch(vlan)#no vlan
Ported based VLAN configuration vlan port-based grpname
V
Add new port based
VALN
[Group Name] grpid
[GroupID] port
[PortNumbers] show vlan [GroupID]
or
show vlan no vlan group
[GroupID]
switch(vlan)#vlan port-based
grpname test grpid 2 port 2-4
V
Show VLAN information
V switch(vlan)#show vlan 23
Delete port base group switch(vlan)#no vlan group 2
ID
IEEE 802.1Q VLAN vlan 8021q name
[GroupName] vid
[VID] vlan 8021q port
[PortNumber] access-link untag
[UntaggedVID]
V
Change the name of
VLAN group, if the group didn’t exist, this command can’t be applied. switch(vlan)#vlan 8021q test vid
22
V
Assign a access link switch(vlan)#vlan 8021q port 3 for VLAN by port, if the
access-link untag 33
port belong to a trunk group, this command can’t be applied.
129
vlan 8021q port
[PortNumber] trunk-link tag
[TaggedVID List] vlan 8021q port
[PortNumber] hybrid-link untag
[UntaggedVID] tag
[TaggedVID List] vlan 8021q trunk
[PortNumber] access-link untag
[UntaggedVID] vlan 8021q trunk
[PortNumber] trunk-link tag
[TaggedVID List] vlan 8021q trunk
[PortNumber] hybrid-link untag
[UntaggedVID] tag
[TaggedVID List] show vlan [GroupID]
or
show vlan no vlan group
[GroupID]
V
Assign a trunk link for
VLAN by port. If the switch(vlan)#vlan 8021q port 3
trunk-link tag 2,3,6,99
port belongs to a trunk or group, this command can’t be applied. switch(vlan)#vlan 8021q port 3
trunk-link tag 3-20
V
Assign a hybrid link for switch(vlan)#vlan 8021q port 3
VLAN by port, if the port belong to a trunk
hybrid-link untag 4 tag 3,6,8
or group, this command can’t be applied. switch(vlan)#vlan 8021q port 3
hybrid-link untag 5 tag 6-8
V
Assign a access link for VLAN by trunk group switch(vlan)#vlan 8021q trunk 3
access-link untag 33
V
Assign a trunk link for
VLAN by trunk group switch(vlan)#vlan 8021q trunk 3
trunk-link tag 2,3,6,99
or switch(vlan)#vlan 8021q trunk 3
trunk-link tag 3-20
V
Assign a hybrid link for switch(vlan)#vlan 8021q trunk 3
VLAN by trunk group
hybrid-link untag 4 tag 3,6,8
or switch(vlan)#vlan 8021q trunk 3
V
Show VLAN information
V
hybrid-link untag 5 tag 6-8
switch(vlan)#show vlan 23
Delete port base group switch(vlan)#no vlan group 2
ID
130
Spanning Tree Commands Set
Netstar Commands Level spanning-tree enable G
Description enable
Example
Enable spanning tree switch(config)#spanning-tree
spanning-tree priority
[0~61440]
G
Configure spanning tree priority parameter switch(config)#spanning-tree
priority 32768 spanning-tree max-age
[seconds]
G
Use the spanning-tree switch(config)#spanning-tree max-age global configuration command
max-age 15
to change the interval between messages the spanning tree receives from the root switch. If a switch does not receive a bridge protocol data unit
(BPDU) message from the root switch within this interval, it recomputed the
Spanning Tree
spanning-tree hellotime [seconds] spanning-tree forward-time [seconds]
Protocol (STP) topology.
G
Use the spanning-tree switch(config)#spanning-tree hello-time global configuration command
hello-time 3
to specify the interval between hello bridge protocol data units
(BPDUs).
G
Use the spanning-tree switch(config)#spanning-tree forward-time global configuration command
forward-time 20
131
stp-path-cost
[1~200000000] stp-path-priority
[Port Priority] stp-admin-p2p
to set the forwardingtime for the specified spanning-tree instances. The forwarding time determines how long each of the listening and learning states last before the port begins forwarding.
I
Use the spanning-tree switch(config)#interface cost interface
fastEthernet 2
configuration command switch(config-if)#stp-path-cost 20 to set the path cost for
Spanning Tree
Protocol (STP) calculations. In the event of a loop, spanning tree considers the path cost when selecting an interface to place into the forwarding state.
I
Use the spanning-tree switch(config)#interface port-priority interface to configure a port priority that is used
fastEthernet 2
configuration command switch(config-if)#stp-path-priority
127
when two switches tie for position as the root switch.
I
Admin P2P of STP switch(config)#interface
132
[Auto|True|False] stp-admin-edge
[True|False] stp-admin-non-stp
[True|False] no spanning-tree show spanning-tree
priority on this interface.
I
Admin Edge of STP priority on this interface. priority on this interface.
fastEthernet 2
switch(config-if)#stp-admin-p2p
Auto
switch(config)#interface
fastEthernet 2
switch(config-if)#stp-admin-edge
True
I
Admin NonSTP of STP switch(config)#interface
fastEthernet 2 stp False
switch(config-if)#stp-admin-non- switch>show spanning-tree
E Display a summary of the spanning-tree states.
G Disable spanning-tree. switch(config)#no spanning-tree
133
QOS Commands Set
Netstar Commands Level qos priority-tos
[TosNum][Priority] qos mode
Description Example
G
Configure TOS Priority switch(config)#qos priority-tos 9
7
G
Configure QOS mode switch(config)#qos mode sp
[SP|WRR|WRR1|WRR2] qos 8021p-priority
[Index][Lowest|SecLow
G
Configure 8021p
Priority switch(config)#qos 8021p-Priority
1 lowest
|SecHigh|Highest] qos priority-portbased
[Priority]
I
Configure COS Priority switch(config)#interface
fastEthernet 2
switch(config-if)#qos priority-
portbased 1
134
IGMP Commands Set
Netstar Commands Level igmp enable
G
Description Example
Enable IGMP snooping switch(config)#igmp enable function
Igmp query auto G
switch(config)#igmp query auto
Igmp query force G
Set IGMP query to auto mode
Set IGMP query to force mode switch(config)#igmp query force
igmp query-interval sec.] interval
[1~250 igmp query-response-
G
G
Configure query interval
Configure query response interval switch(config)#igmp query-
interval 10
switch(config)#igmp query-
response-interval 60
[1~250 tenths of a sec.] igmp last-query-count G
[1~2] igmp last-queryinterval [1~250 tenths of a sec.]
G
Configure last member switch(config)#igmp last-query- query count
count 1
Configure last member switch(config)#igmp last-query- query interval
interval 60 show igmp configuration show igmp table no igmp no igmp-query
P
P
G
G
Show IGMP configuration
Show IGMP snooping table
Disable IGMP snooping function switch#show igmp configuration switch#show igmp multi switch(config)#no igmp
Disable IGMP query switch#no igmp-query
135
Mac / Filter Table Commands Set
Netstar Commands Level mac-address-table static hwaddr
[HW-Addr][VID]
Description
I
Configure MAC address table of interface (static).
mac-address-table filter hwaddr
[HW-Addr][VID] show mac-addresstable
G
Configure MAC address table(filter)
Example
switch(config)#interface
fastEthernet 2
switch(config-if)#mac-address-
table static hwaddr
000012345678 1
switch(config)#mac-address-table
filter hwaddr 000012348678 1 show mac-addresstable static show mac-addresstable filter no mac-address-table static hwaddr
[HW-Addr][VID] no mac-address-table filter hwaddr
[HW-Addr][VID] no mac-address-table auto-age
[150|300|600] no auto-age show auto-age
I
Show all MAC address switch(config)#interface table
fastEthernet 2
switch(config-if)#show mac-
P
Show static MAC address table
address-table
switch#show mac-address-table
static
P
Show filter MAC address table.
I
Remove an entry of
MAC address table of interface (static) switch#show mac-address-table
filter
switch(config)#interface
fastEthernet 2
switch(config-if)#no mac-address-
table static hwaddr
000012345678 1
G
G
G
Remove an entry of
MAC address table
(filter) of MAC address table
Configure auto age time of MAC table switch(config)#no mac-address-
table filter hwaddr 000012348678
1
Remove dynamic entry switch(config)#no mac-address-
table
switch(config)#auto-age 150
G
Disable auto age time of MAC table switch(config)#no auto-age
P
Display auto age time switch#show auto-age
136
auto-flush no auto-flush show auto-flush multicast-filtering
[IP-Addr][VID] no multicast-filtering
[IP-Addr][VID] show multicastfiltering no multicast-filtering
[IP-Addr][VID]
G
G
of MAC table
Enable auto flush MAC switch(config)#auto-flush
Table when link down switch(config)#no auto-flush Disable auto flush
MAC Table when link down
P
Disable auto flush function of MAC table
I
Configure multicast filtering entry of
I
G
I
switch#show auto-flush switch(config)#interface interface
fastEthernet 2
switch(config-if)#multicast-
filtering 239.0.0.1 1
switch(config)#interface Remove multicast filtering entry of interface
fastEthernet 2
switch(config-if)#no multicast-
Remove multicast filtering entry
filtering 239.0.0.1 1
switch(config)#no multicast-
filtering 239.0.0.1 1
Show multicast filtering switch#show multicast-filtering table
137
SNMP Commands Set
Netstar Commands Level snmp system-name
[System Name] snmp system-location
[System Location] snmp system-contact
[System Contact] snmp agent-mode
[v1v2c|v3|v1v2cv3] snmp communitystrings [Community]
Description
G
Set SNMP agent
G
system name
Set SNMP agent system location
Example
switch(config)#snmp system-
name l2switch
switch(config)#snmp system-
location lab
switch(config)#snmp system-
contact where
G
Set SNMP agent system contact
G
Select the agent mode switch(config)#snmp agent-mode of SNMP
v1v2cv3
G
Add SNMP community switch(config)#snmp community- string.
strings public right rw right
[RO/RW] snmp-server host
[IP address] community
[Community-string] trap-version
[v1|v2c] snmpv3 context-name
[Context Name ] snmpv3 user
[User Name] group
[Group Name] password
[Authentication
G
Configure SNMP switch(config)#snmp-server host server host information
192.168.1.50 community public
and community string
trap-version v1
(remove)
G
Configure the context name
Switch(config)#no snmp-server
host 192.168.1.50
switch(config)#snmpv3 context-
name Test
switch(config)#snmpv3 user
G
Configure the user profile for SNMPV3 agent. Privacy password could be empty.
test01 group G1 password
AuthPW PrivPW
Password] [Privacy
Password] snmpv3 access context-name
Name ]
[Context
G
Configure the access table of SNMPV3 agent switch(config)#snmpv3 access
context-name Test group G1 security-level AuthPriv
138
group
[Group Name ] security-level
[NoAuthNoPriv|AuthNo
Priv|AuthPriv] match-rule
[Exact|Prifix] views
[Read View Name]
[Write View Name]
[Notify View Name] snmpv3 mibview view
[View Name] type
[Excluded|Included] sub-oid
[OID] show snmp no snmp communitystrings [Community]
[Group Name ] security-level
[NoAuthNoPriv|AuthNo
Priv|AuthPriv] no snmp-server host
[Host-address] no snmpv3 user
[User Name] no snmpv3 access context-name [Context
Name ] group match-rule Exact views V1 V1 V1
G
Configure the mibview switch(config)#snmpv3 mibview table of SNMPV3
view V1 type Excluded sub-oid
agent
1.3.6.1
P
Show SNMP configuration
G
G
Remove the specified community.
Remove the SNMP server host. switch(config)#no snmp
community-strings public
switch(config)#no snmp-server
host 192.168.1.50
G
Remove specified user switch(config)#no snmpv3 user of SNMPv3 agent.
Test
G
Remove specified access table of
SNMPv3 agent. switch#show snmp switch(config)#no snmpv3 access
context-name Test group G1 security-level AuthPr iv match-rule Exact views V1 V1
V1
139
match-rule
[Exact|Prifix] views
[Read View Name]
[Write View Name]
[Notify View Name] no snmpv3 mibview view
[View Name] type
[Excluded|Included] sub-oid
[OID]
G
Remove specified mibview table of
SNMPV3 agent. switch(config)#no snmpv3
mibview view V1 type Excluded sub-oid 1.3.6.1
140
Port Mirroring Commands Set
Netstar Commands Level monitor destination
[Port ID] monitor source
Description Example
G
Set destination port switch(config)#monitor
destination 1
G
Set source port switch(config)#monitor source 2
[Port ID] monitor mode
[RX|TX|Both|Disabled] show monitor
G
Configure mode of monitor function
P
Show port monitor information switch(config)#monitor mode rx switch#show monitor
141
802.1x Commands Set
Netstar Commands Level
8021x enable G
Description
Use the 802.1x global configuration command
Example
switch(config)#8021x enable to enable 802.1x protocols.
8021x system radiousip [IP address]
G
Use the 802.1x system switch(config)#8021x system radious IP global configuration command
radiousip 192.168.1.1
to change the radious server IP.
8021x system serverport [port ID]
8021x system accountport
8021x system sharedkey
[words]
[ID]
[port ID]
8021x system nasid
G
Use the 802.1x system switch(config)#8021x system server port global configuration command
serverport 1812
to change the radious server port
G
Use the 802.1x system switch(config)#8021x system account port global configuration command
accountport 1813
to change the accounting port
G
Use the 802.1x system switch(config)#8021x system share key global configuration command
sharedkey 123456
to change the shared key value.
G
Use the 802.1x system switch(config)#8021x system nasid global configuration command
nasid test1
to change the NAS ID
142
8021x misc quietperiod
[sec.]
8021x misc txperiod
[sec.]
8021x misc supptimeout
8021x misc
8021x misc maxrequest
8021x misc reauthperiod
[sec.] servertimeout [sec.]
[sec.]
[number]
G
Use the 802.1x misc quiet period global configuration command switch(config)#8021x misc
quietperiod 10
to specify the quiet period value of the switch.
G
Use the 802.1x misc
TX period global configuration command switch(config)#8021x misc
txperiod 5
to set the TX period.
G
Use the 802.1x misc switch(config)#8021x misc supp timeout global configuration command
supptimeout 20
to set the supplicant timeout.
G
Use the 802.1x misc server timeout global configuration command switch(config)#8021x misc
servertimeout 20
to set the server timeout.
G
Use the 802.1x misc max request global configuration command switch(config)#8021x misc
maxrequest 3
to set the MAX requests.
G
Use the 802.1x misc reauth period global configuration command switch(config)#8021x misc
reauthperiod 3000
to set the reauth period.
143
8021x portstate
[disable | reject | accept | authorize] show 8021x no 8021x
I
Use the 802.1x port state interface switch(config)#interface
fastethernet 2
configuration command switch(config-if)#8021x portstate to set the state of the selected port.
accept
E Display a summary of the 802.1x properties and also the port sates.
switch>show 8021x
G Disable 802.1x function switch(config)#no 8021x
144
TFTP Commands Set
Netstar Commands Level backup flash:backup_cfg
Description
G
Save configuration to
TFTP and need to specify the IP of TFTP server and the file
Example
switch(config)#backup
flash:backup_cfg
name of image.
restore flash:restore_cfg upgrade flash:upgrade_fw
G
Get configuration from switch(config)#restore
TFTP server and need
flash:restore_cfg
to specify the IP of
TFTP server and the file name of image.
G
Upgrade firmware by
TFTP and need to specify the IP of TFTP server and the file name of image. switch(config)#upgrade
flash:upgrade_fw
145
SystemLog, SMTP and Event Commands Set
Netstar Commands Level systemlog ip
[IP address]
Description Example
G
Set System log server
IP address. switch(config)#systemlog ip
192.168.1.100
systemlog mode
[client|server|both]
G
Specified the log mode switch(config)#systemlog mode
both show systemlog show systemlog no systemlog
E
Display system log. Switch>show systemlog
P
Show system log client switch#show systemlog
& server information
G
Disable systemlog functon switch(config)#no systemlog
smtp enable smtp serverip
[IP address] smtp subject
[subject]
[sender] smtp sender
G
Enable SMTP function switch(config)#smtp enable
G
Configure SMTP switch(config)#smtp serverip
G
server IP
Configure subject of mail
192.168.1.5
switch(config)#smtp subject test
G
Configure sender of mail switch(config)#smtp sender
tester smtp authentication smtp account
[account] smtp password
[password] smtp rcptemail
[Index] [Email address] show smtp no smtp event device-cold-start
[Systemlog|SMTP|Both
G
Enable SMTP authentication
G
Configure authentication account
G
Configure authentication password switch(config)#smtp
authentication
switch(config)#smtp account
User
switch(config)#smtp password
G
Configure Rcpt e-mail
Address
P
Show the information of SMTP switch(config)#smtp rcptemail 1
switch#show smtp
G
Disable SMTP function switch(config)#no smtp
G
Set cold start event type switch(config)#event device-cold-
start both
]
146
event authenticationfailure
[Systemlog|SMTP|Both
] event ring-topologychange
[Systemlog|SMTP|Both
] event systemlog
[Link-UP|Link-
Down|Both] event smtp
[Link-UP|Link-
Down|Both] show event no event device-coldstart no event authentication-failure no event ringtopology-change no event systemlog no event smpt show systemlog
G
Set Authentication failure event type
G
Set X-ring topology changed event type switch(config)#event
authentication-failure both
switch(config)#event ring-
topology-change both
I
I
Set port event for system log
Set port event for
SMTP switch(config)#interface
fastethernet 2
switch(config-if)#event systemlog
both
switch(config)#interface
fastethernet 2
switch(config-if)#event smtp both
P
Show event selection switch#show event
G
Disable cold start event switch(config)#no event device- type
cold-start
G
Disable Authentication switch(config)#no event failure event type
authentication-failure
G
Disable super ring topology changed event type switch(config)#no event ring-
topology-change
I
Disable port event for system log
I
Disable port event for
SMTP switch(config)#interface
fastethernet 2
switch(config-if)#no event
systemlog
switch(config)#interface
fastethernet 2
switch(config-if)#no event smtp
P
Show system log client switch#show systemlog
& server information
147
SNTP Commands Set
Netstar Commands Level sntp enable
Description Example
G
Enable SNTP function switch(config)#sntp enable
sntp daylight sntp daylight-period
[Start time] [End time] sntp daylight-offset
[Minute] sntp ip [IP] sntp timezone
[Timezone] show sntp show sntp timezone
G
Enable daylight saving switch(config)#sntp daylight time, if SNTP function is inactive, this command can’t be applied.
G
Set period of daylight saving time, if SNTP switch(config)#sntp daylight- function is inactive, this
20060202-01-01
command can’t be
period 20060101-01:01
applied.
Parameter format:
[yyyymmdd-hh:mm]
G
Set offset of daylight saving time, if SNTP switch(config)#sntp daylight-
offset 3
function is inactive, this command can’t be applied.
G
Set SNTP server IP, if
SNTP function is switch(config)#sntp ip 192.169.1.1 inactive, this command
G
can’t be applied.
Set timezone index, use “show sntp timzezone” command to get more information of index number switch(config)#sntp timezone 22
P
Show SNTP information switch#show sntp
P
Show index number of switch#show sntp timezone
148
no sntp no sntp daylight
time zone list
G
Disable SNTP function switch(config)#no sntp
G
Disable daylight saving switch(config)#no sntp daylight time
149
X-Ring Commands Set
Netstar Commands Level ring enable
Description
G
Enable X-ring
ring master
Example
switch(config)#ring enable
G
Enable ring master switch(config)#ring master
ring ringport
[1st Ring Port] [2nd
G
Configure 1st/2nd Ring switch(config)#ring ringport 7 8
Port
Ring Port] ring couplering ring couplering couplingport
G
Enable couple ring
G
Configure Coupling
Port switch(config)#ring couplering switch(config)#ring couplering
couplingport 1
[Coupling Port] ring couplering controlport
[Control Port]
G
Configure Control Port switch(config)#ring couplering
controlport 2 ring dualhoming ring dualhoming homingport
G
Enable dual homing switch(config)#ring dualhoming
G
Configure Dual Homing switch(config)#ring dualhoming
Port
homingport 3
[Dual Homing Port] show ring no ring no ring master no ring couplering no ring dualhoming
P
Show the information of X-Ring
G
Disable X-ring switch#show ring switch(config)#no ring
G
Disable ring master switch(config)#no ring master
G
Disable couple ring switch(config)#no ring couplering
G
Disable dual homing switch(config)#no ring
dualhoming
G
Enable and configure central ring port switch(config)#ring centralring 1
7 8 ring centralring
[ring ID (1~4)] [1st Ring
Port] [2nd Ring Port] no ring centralring
[ring ID (1~4)]
G
Disable central ring switch(config)#no ring centralring
1
150
LLDP Command Set
Netstar Commands Level lldp enable
Description Example
G
Enable LLDP function switch(config)#lldp enable
lldp interval [TIME sec] G
Configure LLDP interval switch(config)#lldp interval 10
no lldp show lldp
G
Disable LLDP function switch(config)#no lldp
P
Show LLDP function switch#show lldp
151
Access Control List Command Set
Netstar Commands Level acl gid
[Group ID]
Description
G
Configure ACL group id
acl action
Example
switch(config)#acl gid 1
G
Configure ACL action switch(config)#acl action permit
[Permit|Deny] acl vid
[Any|VLAN ID] acl pktype
[IPv4|Non-IPv4] acl ethtype
[Any|ARP|IPX|Type
G
Configure ACL VLAN
ID switch(config)#acl vid any
G
Configure ACL packet switch(config)#acl pktype ipv4 type
G
Configure ACL ether type switch(config)#acl ethtype arp
value] acl sip any acl sip ip
[IP address][Mask] acl dip any acl dip ip
[IP address][Mask] acl frg
[Check|Uncheck] acl l4 other
[Any|ICMP|IGMP|Proto col value]
G
Any Src IP
G
Specify Src IP and
Mask
G
Any Des IP
G
Specify Des IP and
Mask
G
Configure ACL IP fragment
G
Configure ACL L4 protocol other type switch(config)#acl sip any switch(config)#acl sip ip
192.168.1.1 255.255.255.0
switch(config)#acl dip any switch(config)#acl dip ip
192.168.1.1 255.255.255.0
switch(config)#acl frg check switch(config)#acl l4 other any
acl l4 tcp
[Any|FTP|HTTP|Port
Number]
G
Configure ACL L4 protocol TCP switch(config)#acl l4 tcp ftp
acl l4 udp
[Any|TFTP|Port
Number]
G
Configure ACL L4 protocol UDP switch(config)#acl l4 udp tftp
acl add acl show
G
Add new group structure
G
Show content of switch(config)#acl add switch(config)#acl show
152
acl test no acl show acl
current configured
ACL group.
G
Debug command for
ACL.
G
Delete ACL group.
P
Show ACL list. switch(config)#acl test 0 switch(config)#no acl 1 switch#show acl
153
X-RSTP Command Set
Netstar Commands Level xrstp-root
[disable|enable|backup
Description
G
Configure X-RSTP
ROOT
] xrstp enable no xrstp no xrstp show xrstp
Example
switch(config)#xrstp-root
I
Enable X-RSTP for this switch(config)#interface interface
fastethernet 2
switch(config-if)#xrstp enable
I
Disable X-RSTP for this interface switch(config)#interface
fastethernet 2
switch(config-if)#no xrstp
G
Disable X-RSTP for all switch(config)#no xrstp interfaces
P
Show X-RSTP configuration switch#show xrstp
154
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Related manuals
advertisement