DFB48M24MX 24 Port Fiber Switch Model Number: DFB48M24MX

DFB48M24MX 24 Port Fiber Switch  Model Number: DFB48M24MX
DFB48M24MX
24 Port Fiber Switch
Installation and Operations Manual
Model Number: DFB48M24MX
Description: Managed 24 port Ethernet Fiber Switch
22x100Mbps Copper, 2x Fiber Ports
Content
CHAPTER 1 SUMMARIZE .................................................................................................................................. 1
1.1 INTRODUCTION ..................................................................................................................................... 1
1.2 PRODUCTS FEATURES ........................................................................................................................... 1
CHAPTER 2 HARDWARE DESCRIPTION .......................................................................................................... 2
2.1 PANEL DESIGN ...................................................................................................................................... 2
2.2 POWER INPUT ....................................................................................................................................... 3
2.3 DOWNLOAD PROGRAM PORT ............................................................................................................... 3
2.4 COMMUNICATION CONNECTOR ............................................................................................................ 3
2.5 LED INDICATOR ................................................................................................................................... 5
2.6 INSTALLATION ...................................................................................................................................... 6
CHAPTER 3 APPEARANCE AND DIMENSION ................................................................................................. 7
CHAPTER 4 PERFORMANCE AND SPECIFICATION ...................................................................................... 8
CHAPTER 5 INFORMATION CONFIGURATION ............................................................................................. 10
5.1 CONFIGURATION OF HYPER TERMINAL .............................................................................................. 10
5.2 MODIFICATION OF IP ADDRESS .......................................................................................................... 11
CHAPTER 6 WEB MANAGEMENT ..................................................................................................................... 12
6.1 NETWORK SETTING ............................................................................................................................ 12
6.2 STARTUP AND LOG IN.......................................................................................................................... 13
6.3 SYSTEM STATUS.................................................................................................................................. 14
6.4 PORT CONFIGURATION........................................................................................................................ 17
6.5 L2 FEATURES ...................................................................................................................................... 21
6.6 REDUNDANCY .................................................................................................................................... 29
6.7 ACCESS CONTROL .............................................................................................................................. 39
6.8 REMOTE MONITORING....................................................................................................................... 46
6.9 PORT STATISTICS................................................................................................................................. 49
6.10 DIAGNOSIS ........................................................................................................................................ 54
6.11 SYSTEM MANAGEMENT .................................................................................................................... 56
Chapter 1 Summarize
1.1 Introduction
DFB48M24MX series is a type of managed industrial Ethernet switch. It supports SW-Ring patented
technology (self-recovery time <20ms) to enhance the reliability of the network. What's more, DFB48M24MX
supports several network managements, such as 802.1QVLAN, QoS, IGMP, port trunking and port mirroring. It
has got the certification of CE, FCC and Industrial grade 4 standard. It can meet the requirements of any
industrial environment with the temperature range of -40~75℃.
1.2 Products Feature
SW-Ring patented technology(self-recovery time <20ms)
Web interface configuration
IEEE802.1Q VLAN to effectively restrain broadcast storm
IEEE802.1P QoS, WRR and DSCP
IGMP snooping for filter multicast
SNMP management
IEEE 802.1x port certification and static address latch
Port Trunking, IEEE802.3ad and 3 groups of trunking links
port mirroring for online debugging and monitoring network status
Speed control
Industrial grade 4 design
No fan design
Rugged with high strength shell with IP30 protection
DC100~300V or AC 85~264V power input
-40~75℃ operating temperature
1
Chapter 2 Hardware Description
2.1 Panel Design
DFB48M24UX series
Front panel
Back panel
1.
2.
3.
4.
5.
6.
7.
Product information
Console port
Power indicator
Link/ACT indicator
10/100BaseT(X) Ethernet port or 100Base-FX fiber port
Power ON/OFF
Power input terminal block
2
2.2 Power Input
DFB48M24UX series provides 3 bits terminal blocks on back panel which is used for AC power
input(85~264 V) and DC power input(100~300 V). Please check the following pictures:
2.3 Download Program Port
DFB48M24UX series provides 1 download program port (RJ45 type) on top panel, It manages the system
with PC through RJ45-DB9F adapter.
2.4 Communication Connector
DFB48M24UX provides 24 10/100BaseT(X) Ethernet ports.
10Base-T /100Base-TX Ethernet port
10Base-T/100Base-TX Ethernet port is located on front panel and the type is RJ45. The pinout of RJ45
port connects to UTP or STP. The distance is not more than 100m. 100Mbps Ethernet connector takes 100Ωof
UTP 5, 10Mbps Ethernet connector takes 100Ωof UTP 3, 4, 5.
3
RJ 45 port supports automatically MDI/MDI-X connection. It can connect PC, Server, Converter and
HUB .Corresponding connection of Pin 1,2,3,6 is like this: 1→3, 2→6, 3→1, 6→2. The definition of Pin is
displayed as below.
1
8
PIN
MDI
MDI-X
1
TX+
RX+
2
TX-
RX-
3
RX+
TX+
6
RX-
TX-
4, 5, 7, 8
—
—
Information necessary to explain:
Note: “TX±”Transmitting data±, “RX±”receiving data±, “—”no use
MDI (straight-through cable):
MDI-X (Cross over cable):
4
100Base-FX fiber port
100Base-FX port works with full-duplex, SM or MM SC optional. The fiber port must be used in pair, TX
(transmitting) port connects remote switch’s RX (receive) port; RX (receiving) port connect remote switch’s TX
(transmitting) port.
Suppose: If you make your own cable, we advise to label the two sides of the cable with the same letter
(A-to-A and B-to-B, shown as below, or A1-to-A2 and B1-to-B2).
2.5 LED Indicator
LED indictor is on the front panel of DFB48M24UX series, the function of each LED is described in the
table as below.
System indication LED
LED
State
Description
PWR
(GREEN)
ON
Power is working normally.
OFF
Power is not connected or not running normally.
SYS
(GREEN)
ON
System is working normally.
OFF
System is not connected or not working normally.
ON
Network connection of the port is valid.
Blinking
Data is being transmitted.
OFF
Network connection of the port is not valid.
Link/ACT
(GREEN)
5
2.6 Installation
Before installation, please confirm that the work environment meet the installation requirement, including
the power needs and abundant space, whether it is close to the connection equipment and other equipments are
prepared or not.
Examine whether required cables and plugs are installed.
Examine whether the cables is suitable (less than 100m) according to reasonable configuration
requirement
Screw, nut, tool are provided by yourself.
Power need: DC100~300V or AC 85~264V
Environment: Operating temperature: -40~75℃
Relative humidity: 5%~95%
Wiring Requirements
Wiring need to meet the following requirements:
It is needed to check whether the type, quantity and specification of cable match the requirement
before cable laying;
It is needed to check the cable is damaged or not, factory records and quality assurance booklet before
cable laying;
The required cable specification, quantity, direction and laying position need to match construction
requirements, and cable length depends on actual position;
All the cable cannot have break-down and terminal in the middle;
Cables should be straight in the hallways and turning;
Cable should be straight in the groove, and cannot beyond the groove in case of holding back the inlet
and outlet holes. Cables should be banded and fixed when they are out of the groove;
User cable should be separated from the power lines. Cables, power lines and grounding lines cannot
be overlapped and mixed when they are in the same groove road. When cable is too long, it cannot
hold down other cable, but structure in the middle of alignment rack;
Pigtail cannot be tied and swerved as less as possible. Swerving radius cannot be too small (small
swerving causes terrible loss of link). Its banding should be moderate, not too tight, and should be
separated from other cables;
It should have corresponding simple signal at both sides of the cable for maintaining.
6
Chapter 3 Appearance and Dimension
Unit (mm)
DFB48M24UX:
7
Chapter 4 Performance and Specification
Technology
Standard: IEEE802.3, IEEE802.3u, IEEE802.3x, IEEE802.3ad, IEEE802.1D, IEEE802.1w,
IEEE802.1Q, IEEE802.1p, IEEE802.1x
Protocol: SW-Ring, STP/RSTP, QoS, VLAN, PVLAN, IGMP v1/v2/v3, Telnet
Flow Control: IEEE802.3x and back pressure control
Interface
Fiber Port: 100Base-FX
Ethernet Port: 10Base-T/100Base-TX, RJ45, auto flow control
Full/half duplex mode and MDI/MDI-X auto-connection
Console Port: Based serial network management (RS-232), RJ45
Switch properties
Processing type: Store and Forward
Backboard bandwidth: 8.8G
Cache: 3Mbits
MAC address: 8K
Priority queue: 4
Max. Number of Available VLAN: 256
VLAN ID: 1~4094
IGMP Groups: 256
Indicator
Interface indicator: Link/ACT
System indicator: SYS
Power indicator: PWR
Transmission Distance
Twisted Pair Cable: 100M (standard CAT5/CAT5e)
Multi-mode Fiber:850nm, 2Km
1310nm, 5Km
Single mode Fiber:1310nm, 20Km
1310nm, 40Km
1310nm, 60Km
1550nm, 80Km
Power
Voltage Input: 110~220VDC (100~300VDC) or 100~240VAC (85~264VAC)
Current Input: 0.25A(@110VAC/VDC)
Terminal block: 3 core 5.08mm terminal block
Support overload current protection
8
Environment
Operating Temperature: -40~75℃
Storage Temperature: -40~85℃
Relative Humidity: 5%~95% (non-condensing)
Physical characteristics
Shell: black metal case
Installation:19 inches rack mounting
Weight: 2550g
Dimension (H×W×D): 441.6mm×44.6mm×206.9mm
Standards
EMI: FCC Part 15, CISPR (EN55022) class A
EMS: EN61000-4-2 (ESD), Level 4
EN61000-4-3 (RS), Level 3
EN61000-4-4 (EFT), Level 4
EN61000-4-5 (Surge), Level 4
EN61000-4-6 (CS), Level 3
EN61000-4-8, Level 5
Shock: IEC60068-2-27
Free fall: IEC 60068-2-32
Vibration: IEC60068-2-6
Warranty
Warranty: 5 years
Approvals
CE, FCC, ROHS, PAL
9
Chapter 5 Information Configuration
5.1 Configuration of Hyper Terminal
Firstly, pleased confirm DFB48M24UX series switch is connected to PC. Then open Hyper Terminal:
Start->Program->Attachment-> Communication.
Secondly, please make a new connection when opening Hyper Terminal. The communication port needs to
connect PC to the switch. It must use the following configuration parameters: Bits per second: 115200, Data bits:
8, Parity: None, Stop bits: 1, Flow control: None.
(Figure 5-1)
Information necessary to explain:
1, If the computer don't have a serial port, you can use an USB to serial converter and the settings is the
same.
2, Name of serial device can be chosen according to properties of hardware device.
3, After Hyper Terminal is connecting, if there is no response with pressing "Enter" continuously, please
make sure the cable is completed. Status indicator of CPU is blinking means the device can work normally.
Please PING managed address in Hyper Terminal, if the switch is not connected to PC, please contact our
engineers.
10
5.2 Modification of IP Address
When Hyper Terminal is finished, you can see the following picture:
(Figure 5-2)
$$ means user enters into restricted privileges mode;
# means user enters into manager mode;
The two modes use command root and command exit to switch mode. The default password of the switch
is "admin: admin". Command root uses "root user [password]". Command "exit" is to exit manager mode.
If you don't know IP address of the device, please input "ip_address" to show the IP address of the device.
Command of "ip_address" without parameter don't need manager privilege. Command of "ip_address"
with parameter need manager privilege to configure IP address, subnet mask, default gateway and DNS server.
The format of the command is as follows:
ip_address [-l ip_address] [-m net mask_address] [-g gateway_address] [-d dns]
Input the command "ip_address –l 192.168.1.10" in manager mode to modify the IP address to
192.168.1.10. The default subnet mask is "225.255.255.0".
11
Chapter 6 Web Management
DFB48M24UX series switch supports Web management.
It is very intuitive to manage and maintain the equipment through Web interface. Before configuring
DFB48M24UX series, please ensure necessary software installed your computer and reasonable configuration
of the network.
The lowest requirement for user's computer is as below:
Install operating system (Windows 7, 8, 8.1)
Install Ethernet card
Install Web explorer (IE6.0 or higher version)
Install and start TCP/IP protocol
6.1 Network Setting
DFB48M24UX's default address is: 192.168.1.254, subnet mask is: 255.255.255.0. When entering into
DFB48M24UX Web interface through internet explorer, the IP address of DFB48M24UX and PC must be in
the same Local Area Network.
You can modify PC's or DFB48M24UX's IP address to make sure that they are in the same Local Area
Network. Operating process can follow method 1 or method 2 as below,
Method 1: Modify PC's IP address
Click Start->Control panel->network connections->Local area Connection->Properties->Internet protocol
(TCP/IP)Setting PC’s IP address: 192.168.1.X (X is less than 254, from 2 to 253).
Click “OK”, IP address modifies successfully
The Windows operation interface is as figure 6-1:
(Figure 6-1)
12
Method 2: Modify DFB48M24UX's IP address through Blue_eyes manager software.
Install Blue_eyes manager software on the PC.
Enter into Blue_eyes management interface, click "Search" to search the device.
After searching the device, move mouse to the device, click right key, modify the device's IP address,
Please make sure the device and PC in the same Local Area Network.
6.2 Startup and Log in
Open IE, input http://192.168.1.254 in the address field, click “Enter”, As figure6-2:
(Figure 6-2)
Input correct user name and password, then enter successfully(default user name is “admin”, password is
“admin”. If user name or password input incorrectly in 3 times continuously, you must login again.
Special attention:
User name and password are case-sensitive. If you are not clear about IP address, you can find it by searching
Blue_eyes manager software.
13
6.3 System Status
Menu Introduction
Menu Bar consists of 8 parts: system status, port configuration, L2 Feature, Redundancy, Monitor, Port
Statistics, Diagnosis and basic settings.
Main Menu
System Status
Tag
System
information
Port settings
Port
Configuration
Bandwidth
management
Storm
suppression
QoS
VLAN
L2 Feature
Redundancy
Access Control
Remote
Monitoring
Port statistics
Diagnosis
System
Management
IGMP Snooping
Static Multicast
FWD
Port Trunking
Rapid Ring
RSTP
Login Settings
Access profile
IEEE802.1x
802.1x user
MAC
address
binding
SNMP
configuration
Email warning
Rx
frame
statistics
Tx
frame
statistics
Traffic statistics
MAC
address
table
Mirror
Diagnosis
SNTP
Device address
System
information
System log
Function
Show device information and port information such as software
version, IP address, etc.
Display and configure each port’s basic information of switch, like
link status, speed mode, flow control status, etc.
Set up the maximum speed rate of data
Set up type of flow of the port storm suppression
Set up 802.1p, port priority and DSCP priority, etc.
Display the list of 802.1Q VLAN, and configure and manage 802.1Q
VLAN.
Display the list of based on port VLAN, configure and manage based
on port VLAN.
Set up MAC address of static multicast and corresponding port.
Setup trunking group of the port
Setup rapid ring port and type.
Setup RSTP parameters
Setup user names and passwords with different privilege
Set up login mode and accessible IP
Set up 802.1x authentication
Display user names of different privilege
Set up static unicast address and its corresponding port
Set up SNMP and related parameter
Set up mail server and receiver, etc.
Show total number of the transmitted and received messages
Setup mirror port and monitored port
Setup PING some host address
Setup NTP, time zone, etc.
Device IP, gateway and DNS, etc.
Configure or check Device type, CPU information
Display log information
14
Main Menu
Tag
System
update
Function
file
Software update, achieve, save or restore the configuration of switch.
Web Overtime Handling
If user doesn't operate the Web interface for a long time, The system will cancel this login.(but
configuration change made in this login will be saved in Web configuration interface.). If the user wants to do
any operating on Web configuration interface again, the system will reminds user and returns to the login dialog
box. Users need to log in again if operating is needed.
System Status
Device Information mainly display the basic information of DFB48M24UX series switch including: Name,
Serial No., Description, Contact Information, MAC address, Hardware Version and Firmware Version, as
shown in figure 6-3,
(Figure 6-3)
Configuration
Items
Description
Name
Network mark of the device. It is convenient for management tools to judge.
Serial No.
Serial number of the device. It is convenient for device management.
Description
Contact
Information
Description of the product features.
MAC address
Hardware
Version
Firmware
Version
Current Time
Run Time
Contact information of the operator for device maintenance.
Hardware address of the device. It is an unique address which is made up of hexadecimal
number with 48 bits (6 bytes) in length.
Current hardware version.
Current firmware version.
Current time of the device.
Run time after the device is powered on. When the device reboots, the time need to
recalculate.
Among them, Model, Hardware Version, Firmware Version and MAC address can’t be changed. Name,
Description, Serial No. and Contact Information can be changed or customized if necessary. Please refer to
chapter about Device Information if change is necessary.
15
Current time and run time can be seen in the following figure 6-4:
(Figure 6-4)
We can also see each port status of DFB48M24UX series in Port Information area.
(Figure 6-5)
Connection: LINK or LOS
Port Status: FULL (Full duplex) or HALF (Half duplex)
Speed: 10M or 100M
Port Type: Tx or Fx
16
6.4 Port Configuration
Port Settings
Main function of port settings:
Forcibly set up speed mode and duplex mode of each port;
Enable or disable each port;
Each port is allowed flow control or not.
(Figure 6-6)
17
This interface displays basic information of each port. The meaning of information is shown as below:
Configuration
Items
Meaning
Port
Port name, corresponding to mark in panel.
Type
Display port type (TX or FX).
Speed
Display configurable speed of port or auto-negotiation mode.
Duplex
Auto-negotiation(AUTO),full duplex(FULL), half duplex(HALF)optional, default
mode is auto-negotiation mode.
Enable
Configurable port enable or disable. Selecting square frame is for enable the
corresponding port. It cannot transmit data if any port disable. The default is “Enable”.
Flow Control
Whether selecting flow control to the port. Only can selecting flow control when the
port enable. The default is off.
Special attention:
1. The speed mode, duplex mode and flow control of the fiber port cannot be setting. The default is full
duplex and flow control is off. This function is corresponding to the port status of port information.
2. When one side is auto-negotiation, the other side is forcible speed, according to Ethernet standard, the
negotiation speed is the forcible speed in half duplex mode.
Port Speed
Port speed shows the connecting speed of the port. It includes 3 kinds of speed: 10M, 100M and
auto-negotiation.
10M uses 10base-T standard and UTP cable for connection. When the port is in 10M speed, Link/Act
indicator will blink continuously while data transmitting and status indicator of 10M/100Mbps will stay OFF.
100M uses 100Base-TX standard and UTP/STP cable for connection. When the port is in 100M speed,
Link/Act indicator will blink continuously while data transmitting. 100M fiber port uses 100Base-FX standard
and single/multi-mode fiber for connection. Main fiber of 100Base-FX standard includes: 62.5nm multi-mode
fiber and 50nm multi-mode fiber.
Auto-negotiation includes 2 kinds of speed according the capability of the other end: 10M and 100M.
Port Enable
This item provides a device to enable/disable the port. When choosing disable, the device would cut off
power supply of this port. Even if other device is connected to this port, all status indicators of this port are OFF.
Only enable this port, all settings about this port will be valid. This item provides a kind of safety mechanism to
protect the port from illegal use. It is not allowed to disable all the ports.
Duplex Mode
Full duplex of the switch means switch can transmit and receive data at the same time. Half duplex of the
switch means switch can transmit or receive data in a certain time. Generally the speed will choose
auto-negotiation so that the port can automatically judge the connection type of the device connected to it and
18
automatically adjust the connection type to ensure the maximum compatibility.
Flow Control
Flow control is used to prevent the frames from discard while port is blocked. This method is to send back
the blocking signal to its original address while sending or receiving buffer area start to overflow. It limits the
abnormal flows into a certain range. Flow control can be effective in preventing large amounts of data in the
network instant impact on the network to ensure the efficient and stable user network running.
Two types of flow control:
1. In the half duplex mode, flow control is through back pressure. It is to send a jamming signal to the
transmission source to reduce transmission speed.
2. In the full duplex mode, flow control generally follow IEEE 802.3x standard. Switch sends "pause" to
information source to pause its sending information.
Polarity ( MDI/MDIX auto-negotiation)
MDI-II (Medium Dependent Interface- II mode), is a kind of standard built by IEEE for RJ-45 UTP cable
of fast Ethernet 100BASE-T. II stands for parallel configuration. MDI-X(Media Dependent Interface-x mode)
与 MDI- II is a kind of standard built by IEEE for RJ-45 UTP cable of fast Ethernet 100BASE-T. X stands for
crossover configuration.
Bandwidth Management
The device provides port based speed limitation, including ingress and egress limitation. User can limits
communication flow of each port and quits the flow limitation of the port. User can choose a settled speed, the
range is: 64Kbps ~ 100Mbps. The type of port limitation includes all unicast, multicast and broadcast. When the
port speed reaches the appointed speed, the device will enable or disable flow to limit the transmitting speed or
receiving speed by flow control or discard the message.
(Figure 6-7)
The device provides both ingress and egress speed limitation. The ingress speed refers to the actual speed
19
from PC and other devices to the switch. The egress speed refers to the actual speed from the switch to other
devices. If ingress and egress speed of the connecting port between two devices are limited at the same time, the
actual speed will be the smaller value.
For example, the picture above shows Port 1 limits the ingress speed only, the maximum speed of this port
is 9M. Port 2 limits egress speed only, and the maximum speed of this port is 9M.
Information necessary to explain:
1. Please enable flow control when using port speed limitation.
2. When using speed limitation, it will not discard the packet unless the flow control disable.
3. Port speed limitation need cables with high quality, otherwise it will cause a lot of conflict packets and
incomplete packets.
Broadcast Storm Suppression
Broadcast Storm
Broadcast storm is the accumulation of broadcast and multicast traffic on a computer network. Extreme
amounts of broadcast traffic constitute a broadcast storm. A broadcast storm can consume sufficient network
resources so as to render the network unable to transport normal traffic.
(Figure 6-8)
There are many reasons to cause broadcast storm. For example: a redundant or incorrect connect among
switches.
If enable storm suppression, it can stop the attack. Our device can detects 2 kind of broadcast messages
according to the type of broadcast storm.
Broadcast packets: data frame of the destination address of FF-FF-FF-FF-FF-FF
Destination lookup failure frame: the MAC address of this data frame doesn't exist in inside index. It needs
to transmit to all the ports, including unicast and multicast flow.
Maximum Speed
There are 5 levels: 3%, 5%, 10%, 20%, 30%. The base is 100Mbps.
Alarm Type
Email alarm: when the switch enable Email settings, the switch will send an email to the customer
immediately when broadcast happens.
20
Information necessary to explain:
1. The maximum length of Ethernet data frames is 1518 bytes, and each 64Kb of data communication
includes about 6 Ethernet data frames with 1518-byte.
2. The minimum length of Ethernet data frames is 64 bytes. Each 64 Kb of data communication includes
about 128 Ethernet data frames with 64-byte.
3. In the network the broadcast packets are more than 800packet/s, the network delay is obvious.
4. The recommended setting is 3% based on the above theory.
5. Please be caution to use MAC control frame and destination lookup failure frame, disabling IGMP
SNOOPING will have impact on the transmission of the multicast.
6.5 L2 Features
QoS
QoS(Quality of Service)is a kind of network safety mechanism to avoid network delay and block. It
evaluates service provider’s capability of meeting customer’s need. Generally speaking, if network is only used
in specialized application system without time limitation, it does not need Qos. For example Web application or
E-mail setting, etc. But it is necessary for key application and multimedia. Qos can ensure important business
cannot be delayed and given up when network is overload or heavy. At the same time the network can also run
efficiently.
QoS we usually say includes transmission bandwidth, transmission time delay and packet loss rate of data.
It refers to improve QoS by ensuring transmission bandwidth, reducing transmission time delay,
decreasing packets loss rate of data and time delay vibration.
DFB48M24UX series supports queuing mechanism including: Weighted Fair and Strict Priority
Dispatching.
Weighted Fair refers to this port sends message according to queue priority High, Medium, Normal and
low in proportion of 8:4:2:1 when some ports traffic is heavy. If sending speed is less than bandwidth, the
message of each priority queues can send normally; if the port keeps sending in full speed, then the rest of the
message of each priority queues will be discarded.
Strict Priority Dispatching: it refers to QoS deals with the message from high priority to low priority. If the
low priority queues is full but the message of high priority queues don’t finish, the message of low priority
queues will be discarded; but if the speed of high priority queue does not reach the port’s wire speed, then
message of lower priority can send one by one, and the data may be lost because of shortage of bandwidth. The
ports always finish all messages of high priority queues first then allow the message of lower priority queues.
Detailed operating as shown in figure 5-19:
(Figure 5-19)
21
QoS of DFB48M24UX series includes 3 kinds: Port Priority, CoS Priority and ToS priority.
Port Priority
Port Priority mainly supports 2 priority queues: Low and High. Generally default port priority is Low as
shown in figure 5-20:
(Figure 5-20)
During using port priority, the port would confirm its priority by tag of data packet. If its priority is high,
then transfer earlier; if its priority is low, then transfer later. For example, Data A and Data B from 2 lines must
be transferred in 1 line, but the bandwidth is not enough. To solve this problem, we can set the port priority
when these 2 lines need to pass by it. If you want Data A to pass earlier, you can set the port priority of
transferring Data A higher than that of Data B.
22
CoS Priority:
<CoS-TAG> is priority tag of 802.1Q VLAN, so Cos priority is related to VLAN tag. If there are data
packets in the port, then they need CoS or VLAN tag. Cos Priority distributes 8 priority tags. They are 0, 1, 2, 3,
4, 5, 6, 7. Each priority tag has 4 kinds of priority queues to choose: Low, Normal, Medium, High。After data
entering into the port, the port needs check its Cos value, and make a queue for corresponding data. Data will be
put into 4 queues with different priority and transferred by their priority. (Default Port Priority is always Low).
When data packet with Tag entering into port, at the same time enabling VLAN and priority Tag
replacement based on VLAN, the data packet need to pass priority tag replacement based on VLAN first, then
pass CoS priority mapping, and transfer at last.
When data packet with Tag entering into port, but not enabling priority tag replacement based on VLAN,
the data packet need to pass CoS priority mapping and transfer at last.
Method of CoS Priority setting:
For example: enable CoS function and set up queue mapping. The priority of Port 1 is Normal, priority of
Port 2 is High, detailed operating as shown in figure 5-21,5-22:
(Figure 5-21) (Enable CoS function)
(Figure 5-22) (Set up CoS mapping)
ToS priority
When ToS priority classify data stream, its priority is confirmed by ToS field with IP header in Layer 3.
DSCP uses former 6 bit of ToS (Type of Service) in IP header to carry the classification information of message.
It is a number not more than 63 and defines only former 6 bit is valid. This definition also supports IPv4(ToS
23
field)and IPv6 (Traffic Class field). Priority Value of DSCP owns 64 (0-63), priority of 0 is lowest, priority of
63 is highest.
Method of ToS priority setting:
For example: enable ToS, and set up priority queue mapping. Detailed operating as shown
In 5-23, 5-24:
(Figure 5-23) (Enable ToS)
(Figure 5-24) (Set up ToS mapping)
24
VLAN
VLAN(Virtual Local Area Network)is a kind of new data exchange technology for logically dividing
LAN into many segments and making many virtual work groups. This technology mainly allows that switch can
limit broadcast when LAN interconnects. This technology can divide a LAN into several logical
LAN——VLAN. Each VLAN is a broadcast domain and hosts in VLAN can communicate just like in
the same LAN. But it cannot interconnect between VLAN. Then broadcast message is limited in the
VLAN.
Port based VLAN
A port based VLAN determines the membership of a data frame by examining the configuration of the port
that receive the transmission or reading a portion of the data frame's tag header. A four--byte field in the header
is used to identify the VLAN. This VLAN identification indicates what VLAN the frame belongs to. If the
frame has no tag header, the switch checks the VLAN setting of the port that receive the frame. If the switch has
been configured for port based VLAN support, it assigns the port's VLAN identification to the new frame.
1. Add Item
Group name can be any valid characteristic in port based VLAN. The same group name means you need to
modify the members of the group. A new group name means the new transmission rule is built. The
transmission item is not more than 32 in port based VLAN.
(Figure 6-13)
2. Delete Item
It refers to delete the existing transmission items. The example above shows that all ports are in the same
VLAN. Each port can intercommunicate with others. We can modify the default configuration to add VLAN
item. The ports in the group can intercommunicate with each other, but the port outside the group cannot
intercommunication with the port inside.
25
IEEE 802.1Q VLAN
Main function of IEEE 802.1Q VLAN is the VLAN tag. The tag including VLAN information can insert in
the Ethernet frame. The device transmits the data according its transmission rules. VLAN tag protocol in the
data frame is 2 byte, the number is 0x8100.
(Figure 6-14)
1. Add Item
Group name can be number only in IEEE 802.1Q VLAN. It is TPID in VLAN ID. The same group name
means you need to modify the members of the group. A new group name means the new transmission rule is
built. The transmission item is not more than 64 in IEEE 802.1Q VLAN.
2. Delete Item
It refers to delete the existing transmission items. The example above shows that all ports are in the same
VLAN. Each port can intercommunicate with others. We can delete the default configuration and use the
different VID to add some items (VID value range is: 1~4094). The ports in the group can intercommunicate
with each other, but the port outside the group cannot intercommunication with the port inside.
3. VLAN Configuration
VLAN Tag Replace Configuration:
(Figure 6-15)
Port VID: Default VID Configuration
(Figure 6-16)
Priority: Default Priority Setting
(Figure 6-17)
26
Keep the same VID and priority
If the data has no VLAN ID, please use the default priority and port VID to create a VLAN ID and insert it
into the data frame, otherwise the data frame keeps the same.
Default VID replace the VID of the ingress packets
If the data has no VLAN tag, pleased use the default priority and port VID to create a VLAN tag and insert
it into the data frame, otherwise the default VID will replace the VID of the ingress packets.
Use the default VID and priority to create a new VID
IGMP Snooping
IP host applies to join (or leave) multicast group to the neighboring router through IGMP (Internet Group
Management Protocol) protocol. IGMP Snooping is multicast constraining mechanism. It manages and controls
multicast group by snooping and analysis of the IGMP messages between the host and the multicast device.
Work process of IGMP Snooping: the switch snoops messages between the host computer and the router
and tracks multicast information and the port applied for. When the switch snoops IGMP Report message sent
from the host computer to the router, the switch would add this port to multicast forwarding list; when the
switch snoops IGMP Leave message sent by the host computer, the router will send Group-Specific Query
message of this port. If other hosts need this multicast, then the rely IGMP Report message. If the router doesn't
get any reply from the hosts, the switch would delete this port from the multicast forwarding list. The router will
send IGMP Query message regularly, the switch will deletes the port from the multicast forwarding list if it
doesn't get the IGMP Report message from the host.
IGMP Snooping: Enable or disable IGMP snooping function
IGMP Query: Enable or disable IGMP query function
IGMP Query Interval: after enabling IGMP Query, the interval to check existing multicast members.
MAX Age: the maximum existing time of the members
(Figure 6-19)
Information necessary to explain:
1. It must set up 802.1Q VLAN first before enabling IGMP Snooping.
2. It had better not to have many IGMP query to save the resources. If you are not sure of the forwarding
relationship of the unknown multicast group, please choose all the ports.
27
Static Multicast FWD
The device provides the function of static MAC address forwarding. The destination address includes the
data packets with static MAC address which will be transferred to the appointed port. Embedded forwarding
address list in the switch chip can learn and support 4,000 MAC addresses and 256 multicast forwarding ports
list.
(Figure 6-20)
Bottoms [Add] and [Delete] are used to add and delete static MAC address. Static MAC Address asks the
user to input a valid address. If it is not valid, a warning ejects. Join port is used to choose MAC address
forwarding port. You can appoint one or more forwarding ports. Click [Add] and [Delete] to update static MAC
address forwarding.
Information necessary to explain:
1. This function has great impact on forwarding multicast, unless you can make sure the address is no
problem, otherwise, please use it with caution.
2. The following multicast addresses are reserved for the device or protocol, please don't use
them: 0180C20000xx, 01005E0000xx.
3. IGMP dynamic learning will not update the multicast address, static multicast forwarding is a kind of
safety mechanism.
28
6.6 Redundancy
Port Trunking
Main features of TRUNK is to bind several physical ports (general number is 2-4) to make a logical
channel. After binding several physical links, bandwidth of entire network improves a lot so that data can be
transmitted through several physical links, which also make many redundant links. When one or more links are
cut off by failure or other reason, the rest of them can continue to work well.
(Figure 6-21)
The device supports 2 Trunking groups. Each group support 2-4 port trunking.
Information necessary to explain:
1. The action of Trunking member is the same, so configuration sub-items of each member (port
properties, VLAN properties) are the same in a group.
2. If you don't confirm RSTP status, please disable RSTP, or close the others, leaving one RSTP channel.
3. Port 1 as a system reservation cannot be used as Trunking port.
4. Trunking port cannot be Ring port any more.
29
Rapid Ring
It is very important to possess redundant communication in industrial network. Redundancy can protect
important link from failure. With it network will auto-recover and runs normally when it is broken.
Redundant communication allows redundant ring enable backup data link when the wire is broken up or
destroyed. It is very important feature for industrial application for it will take great loss maybe if it takes a long
time to locate the broken or destroyed wires.
DFB48M24UX series switch supports redundant communication with SW-Ring technology. SW-Ring
technology provides auto-recovery and reconnection mechanism for broken network. When network is broken,
it has link redundancy and self-recovery capability and self-recovery time is less than 20ms. SW-Ring is the
patented technology of Dante Security designed for industrial control network requiring high reliability.
DFB48M24UX series supports maximum 2 ring groups. Each group set up 2 ports as Ring Port and a port
cannot belong to several rings.
Hello_time setting is time interval of sending detecting packet to network at regular time. The unit is ms.
Its main purpose is to detect network connection. It sends a detecting packet to next door devices by CPU. If
they receive it, then reply a confirm packet to ensure network connection is active. If this setting will influence
self-recovery time, we suggest advanced users can use it.
Basic interface of Rapid Ring as shown in figure 6-22,
(Figure 6-22)
Basic interface shows Protocol of Redundancy is None. Ring can be set by Protocol of Redundancy
configuration if it is needed. As shown in Figure 5-26, in [Settings] area there are 2 kinds in corresponding
drop-down menu of Protocol of Redundancy (Ring V2 and Ring V3).
1. Method to enable Ring V2:
Configuration interface of Ring V2 is shown in following figure.
(Figure 6-23)
30
2. Ring V2 supports 4 Ring groups available for sing ring and coupling ring. As shown in figure 6-24.
(Figure 6-24)
3. Click Apply and it will take effect after system reboot.
Single Ring Configuration of Ring V2
1. Enable Ring V2. Choose Ring V2 in [Settings] area, as shown in figure 6-25.
(Figure 6-25)
2. Enable Group 1 (or Group 2), input ID (0-255 numbers only) choose Port 1 and 2 to be Ring Ports, as
shown in figure 6-26.
(Figure 6-26)
31
Coupling Ring Configuration of Ring V2
Basic structure of coupling ring is shown in figure6-27.
Coupling Ring (Figure 6-27)
Operating Method
1. Select Ring V2 in Settings area and enable Ring Group 1 and 2;(Hello_time can be disable too, if it
enable, time of sending Hello packet could not be very fast, or it will influence CPU dealing speed.);
2. Set up Port 7 and 8 of Device 105, 106 to be Ring Ports in Ring Group 1, Network ID is 1, Ring Type is
Single; Set up Port 6 of device to be Ring Port in Ring Group 2, Network ID is 3, Ring Type is Couple, as
shown in figure6-28.
(Figure 6-28)
3. Set up Port 7 and 8 of Device 100, 101 to be Ring Ports in Ring Group 1, Network ID is 2, Ring Type is
Single; Set up Port 6 of device to be Ring Port in Ring Group 2, Network ID is 3, Ring Type is Couple, as
shown in figure6-29.
(Figure 6-29)
32
4. Set up Port 7 and 8 of Device 107, 108, 109 to be Ring Ports in Ring Group 1 , Network ID is 1, Ring
Type is Single; Set up Port 7 and 8 of Device 102, 103, 104 to be Ring Ports in Ring Group 1, Network ID is 2,
Ring Type is Single.
5. Use wire to connect Port 7 and 8 of Device100-104 in turn to make a Single Ring. Use a wire to connect
Port 7 and 8 of Device 105-109in turn to make another Single Ring. Then use a wire to connect Port 6 of
Device 106 and Port 6 of Device 101, Port 6 of Device 105 and Port 6 of Device 100. The coupling Ring is
completed as shown in figure 6-27.
Method to enable Ring V3
1. Enable Ring V3. Choose Ring V3 in [settings] area as shown in figure 6-32.
(Figure 6-32)
2. As shown in figure 6-33, Ring V3 supports 2 ring groups. As shown in the figure, Ring V3 supports 4
Ring groups. It supports single ring, coupling ring, chain and Dual_homing.
(Figure 6-33)
3. Enable Ring 1 (or other Groups), input network ID(0-255 numbers only), choose ring port in Group
1.Single Ring configuration of Ring V3 is similar to that of Ring V2, so the following page mainly talks
33
about Couple, Chain and Dual_homing.
“Chain” refers to strengthen user’s capability of making any type of redundant topological structure with
flexibility by taking an advanced software technology. In fact, Chain is to cascade several switches already
set up to Ring and both sides of chain access to network.
“Dual Homing” refers to a fact that two Rings connect the same switch. This type of configuration is ideal
choice for centralized management of several Rings.
Method to enable Chain and Dual Homing is similar to that to enable Single Ring and Coupling Ring. It only
needs to select corresponding items in [Type].
Ring V3 Coupling Ring Configuration
Basic structure of Coupling Ring is shown in Figure 6-34. 2 ports connecting Device105 and 106 are
called Control Ports. The control ports of Device 101 and 100 is the same as Device105 and 106.
Coupling (Figure 6-34)
Operating Method:
1. Enable Ring Group 1 and Ring Group 2; (Hello_time can be disable too, if it enable, time of sending
Hello packet could not be very fast, or it will influence CPU dealing speed.);
2. Set up Port 1 and 2 of Device 105, 106 to be Ring Ports in Ring Group 1, Network ID is 1, Ring Type
Single; Set up Port 4 of device to be Coupling Port in Ring Group 2, Coupling Control Port is 2, Network ID
is 3, Ring Type is Couple. As shown in figure 6-35.
(Figure 6-35)
3. Set up Port 4 and 5 of Device 100, 101 to be Ring Ports in Ring Group 1, Network ID is 2, Ring Type
is Single; Set up Port 1 of device to be Coupling Port in Ring Group 2 , Coupling Control Port is Port 4,
Network ID is 3, Ring type is Couple, as shown in figure 6-36.
34
(Figure 6-36)
4. Set up Port 1 and 2 of Device 107, 108, 109 to be Ring Ports in Ring Group 1, Network ID is 1, Ring
Type is Single; Set up Port 4 and 5 of Device 102, 103, 104 to be Ring Port in Ring Group 1, Network ID is 2,
Ring Type is Single.
5. Use a wire to connect Port 4 and 5 of Device 100-104 in turn to make a Single Ring. Use a wire to
connect Port 1 and 2 of Device 105-109 in turn to make a Single Ring. Then use a wire to connect Port 4 of
Device 106 to Port 1 of Device 101, Port 4 of Device 105 to Port 1 of Device 100. The Coupling Ring is
completed.
Ring V3 Chain Configuration
Basic structure of Chain is shown in figure6-37.
Chain (Figure 6-37)
Operating method:
1. Enable Ring Group 1: (Hello time can be disable too, if it enable, time of sending Hello packet could not
be very fast, or it will influence CPU dealing speed.);
2. Set up Port 7 and 8 of Device 100, 101, 102 and 103 to be Ring Port in Ring Group 1, Network ID is1,
Ring Type is Single; as shown in figure 5-47. Set up Port 7 and 8 of Device 107, 108 and 109 to be Ring
Ports in Ring Group 2, Network ID is 2. Ring Type is Chain; as shown in figure 6-38.
(Figure 6-38)
35
(Figure 6-39)
3. Use a wire to connect Port 7 and 8 of Device 107-109 in turn to make a chain. Use a wire to connect
Port 7 and 8 of Device 100-103 in turn to make a Single Ring, Then use a wire to connect Port 8 of Device
107 and Port 7 of Device 109 to normal port of Device 102 and 103. Chain is finished.
Special attention:
1. The trunking port cannot be set into Rapid Ring Port. And one port can not belong to several rings.
2. Network ID must be same in the single ring.
3. All ring ports must be tagged VLAN member in VLAN setting, otherwise they will not work properly.
36
RSTP
RSTP (Rapid Spanning Tree Protocol) is a network protocol that can ensure loop-free topology for any
Bridged Ethernet Local Area network. The basic function is to prevent bridge loops and the broadcast radiation
that result from them.
(Figure 6-40)
Concepts of RSTP:
Bridge Priority: Bridge priority combines with bridge MAC address to create a bridge ID. The minimum
bridge is called root bridge.
Hello Time: interval to send data packet of BPDU.
FWD (forwarding) Delay: port status of the switch can keep a "forward delay" time in transition status
(listening and learning)
MAX Age: how much time the data packets of BPDU sent by other switches lasts.
STP Switch port state:
Blocking: A port that would cause a switching loop, no user data is sent or received but it may go into
forwarding mode if the other links in use were to fail and the spanning tree algorithm determines the port may
transition to the forwarding state. BPDU data is still received in blocking state. Prevents the use of looped paths.
Listening: The switch processes BPDUs (Bridge Protocol Data Units) and awaits possible new
information that would cause it to return to the blocking state. It does not populate the MAC address table and it
does not forward frames.
Learning: While the port does not yet forward frames it does learn source addresses from frames received
and adds them to the filtering database (switching database). It populates the MAC Address table, but does not
37
forward frames.
Forwarding: A port receiving and sending data, normal operation.
As shown in the figure above, the bridge priority is "32768". It creates a bridge ID with the help of its
MAC address. If there is no other ID without bridge less than this bridge ID, then this bridge ID becomes the
boot bridge. This bridge sends BPDU message to all appointed ports every 2 seconds.
38
6.7 Access Control
Password
The company needs the manager to monitor the device and the manager to manage the system or network
both. Their privilege must be different. The former manager is in charge of monitoring the device only. The
latter one is in charge of system or network. This type of switch provides managements with different privileges:
observer privilege and administrator privilege. Observer can check the switch status only, and the administrator
can configure the parameter of the switch.
Index
It refers to which groups of users.
Access Level
Administrator: privilege to check and configure the switch.
Observer: privilege to check the settings only.
Login Name
It allowed the combination of letters which is less than 16 bytes.
Password
It allowed the combination of letters which is less than 16 bytes.
Confirm Password
Confirm the password is right.
(Figure 6-41)
39
(Figure 6-42)
Information necessary to explain:
If you forget the login name and password, please contact our technical support to get assistance.
40
Access Profile
Web Server Transfer Protocol
HTTP
HTTP (Hyper Text Transfer Protocol) is an application protocol for distributed, collaborative, hypermedia
information systems. HTTP is the foundation of data communication for the World Wide Web.
HTTPS
HTTPS (Hyper Text Transfer protocol Secure) is a combination of HTTP with SSL/TLS protocol. It
provides encrypted communication and secure identification of a network web server.
(Figure 6-43)
Information necessary to explain:
1. It must enable at least one protocol in HTTP and HTTPS.
2. Some explorer cannot display normally when it use HTTPS at the first time. It will display normally after
afresh.
3. The IP address must be valid. At least one address and the IP address are in the same network segment.
Otherwise the device is invalid.
IEEE 802.1X
IEEE 802.1x is an IEEE standard for port based network access control. It is a part of IEEE802.1 group of
networking protocols. It provides an authentication mechanism to device wishing to attach a LAN or VLAN.
41
802.1x mainly includes 3 parts:
Supplicant: the user or client who want to get authentication.
Authentication server: RADIUS server
Authenticator: the device at the other side, like switch, etc.
Our device can play two roles of Supplicant and Authentication server. You can also use the extra authentication
server. The device also supports charging system.
(Figure 6-44)
Re-authentication Period
Re-authentication period of 802.1x to strengthen the safety.
Radius server Local/Remote
There is an embedded Radius server in the device, if you choose the inside Radius server, the applicant is only
allowed to use the inside login name and password. If you choose outside Radius server, you need to input IP
address and port No. Of the server. If you need to use AAA charging system, please input IP address and port
No. of the server, otherwise the IP address of the server will be blank.
Authentication server
The default authentic port of Radius server is 1812.
42
Share Key
It is used to share the password character strings of visiting authentication server.
AAA Server
The main function of AAA server is charging. The IP address/domain is available. The default port is 1813.
As shown in the figure above, IEEE 802.1X server will re-authenticate the client every 3600seconds. It
uses the local data base.
Information necessary to explain:
1. It only uses MD5-query between Supplicant and Authentication System, others don't support.
2. If there is no "authentication" in the properties of the network connection, please choose
"attachment->management of tools ->assembly->serve", set up "auto" in "Wired Auto Config";
3. Incorrect configuration of AAA server will also lead to pass failure of the supplicant.
4. Port G1 and G2 are uplink ports. The default state is authenticated. The user cannot configure it. All
uplink ports are forced to pass the authentication.
43
802.1X User
RADIUS: Remote Authentication Dial In User Service
RADIUS is a network protocol that provides centralized authentication, authorization and accounting
management for computers to connect and use a network service.
The database here is also a part of authentication and authorization. Any supplicant's login name and
password can match the rules of the database, the authentication system of the device would authorize this
supplicant.
(Figure 6-46)
Button [add] and [delete] are used to add, modify and delete the user groups. The account must be a
combination of number, and letter which is less than 16 bytes. The password is also a combination of number
and letter which is less than 16 bytes. Click [apply] to restart the database and the entire authentication.
Information necessary to explain:
1. Please use the standard 802.1x login tools like the tools brought by windows;
2. The total number of the groups is less than 128.
44
Static MAC Address Port Binding
Static MAC Address
Static MAC address is different from general dynamic MAC address got by learning. Once the static MAC
address is joint in, the address is valid until it is deleted and beyond the maximum age. Static address list
records the static address of the ports. Each MAC address corresponds to one port.
Static MAC address aims to limit the moving of the computer. Once the MAC address of the computer is
bound with one port, this computer cannot communicate with others when it connects the other port. But other
computers can communicate with others when they connect this port. It is used to keep the port safe.
Button [add] and [delete] are used to add and delete MAC address. Static MAC Address asks the user to
input a valid address, if the MAC address is invalid, the warning information ejects. Static Unicast Address is
used to choose transfer port of static MAC address. It can appoint one or more transfer ports. Click [add] and
[delete] to update the static MAC address.
(Figure 6-47)
Information necessary to explain:
1. This is a kind of safety mechanism, please use it with caution.
2. Please don't use multicast address as input address;
3. Please don't input the reserved MAC address, like the MAC address of the computer.
45
6.8 Remote Monitoring
SNMP management
Introduction of SNMP
SNMP (Simple Network Management Protocol) is an internet-standard protocol for managing devices on
IP networks. It is used mostly in network management systems to monitor network-attached devices for
conditions that warrant administrative attention.
Work Mechanism of SNMP
SNMP includes 2 parts: NMS and Agent:
NMS: Network Management Station. Software runs on the manager. The common management platforms
are "Quid View", "Sun Net Manager" and "IBM Net View". Agent is the software of the server running in the
network device.
NMS can send "Get Request", "Get Next Request" and "Set Request" message to Agent. After Agent gets
those messages, it will read or write according to the message type to create Response message and send the
Response message back to NMS. Agent will also send Trap message to NMS when the device is abnormal.
SNMP Version
Currently SNMP Agent of the device supports SNMP V3 and it is also compatible with SNMP V1and
SNMP V2C. It is authenticated by user name and password in SNMP V3.
SNMP V1 and SNMP V2C adopt authentication of Community Name. The SNMP message of the
community name which is not authenticated will be discarded. SNMP community name defines the relationship
of SNMP NMS and SNMP Agent. User can choose the following one or more features related to community
name.
1. Defines MIB view of community name.
2. Setup visit privilege of MIB objective is Write or Read. Community name with Read privilege can
check the device information only. Community name with Write privilege can configure the device.
3. Setup appointed basic visit control list of the community name.
DFB48M24UX series supports SNMP V1/V2c. Both SNMP V1 and V2c use public character strings for
match authentication.
SNMP usually uses UDP Port 161(SNMP) and 162 (SNMP-traps) based on TCP/IP protocol. SNMP
protocol agent is existed in network device. MIB (information specific to the device) is uses as device connector.
These network devices can be monitored or controlled through the agent. When trap event happens, a message
is transmitted by SNMP Trap, an available trap receiver can get this trap information.
SNMP supports 3 kinds of basic operating in total:
Get: Manager can use this to get some variable value of Agent.
Set: Manager can use this to set up some variable value of Agent.
Trap: Agent uses this to send an alarm to manager.
46
(Figure 6-48)
Read Community
Use a character string to name a SNMP community. This community only has Get privilege.
Read/Write Community
Use a character string to name a SNMP community. This community has Get and Set privilege.
SNMP TRAP Gateway
IP address of the receiver of the alarm information sent Agent
Information necessary to explain:
The device supports warm start of Trap. If existed IP address in Trap gateway, click "Apply", the Trap
receiver can get the trap information. If the trap receiver cannot get trap information, please check network
setting and connecting. Please pay attention to the privilege of Read and Write in SNMP Explorer.
47
Email Alarm
When the following events happen, the email alarm will send the alarm information through email: the
connection is failed; the broadcast storm happens.
The following information will be sent through Email every 12 hours: NTP time synchronization
information, connecting status, login information, broadcast storm information, operating records and other
system log.
(Figure 6-49)
Mail Server
Host IP address or used host name providing POP3 mail post service for us
Sender
The account used to login mail server.
Password
Corresponding password used to login email server
Receiver
The mail address of the receiver when abnormal events happen
Mail Interval
Interval to send log regularly
Information necessary to explain:
Some strict mail service system requires "reply address of the mail" must match the "mail account".
48
6.9 Port Statistics
Rx Frame Statistics
(Figure 6-50)
Unicast
Numbers of the unicast data packets received by the port
Multicast
Numbers of the multicast data packets received by the port
Broadcast
Numbers of the broadcast data packets received by the port
Drop
Number of discarded normal data packets because of safety control
Pause
Ethernet control frames of protocol 0x8808 received by the port, in full duplex mode, this data packet is
used to control frequency of data sending.
Undersize
Number of data packets (including FCS) less than 64 bytes
Oversize
Number of data packets (including FCS) more than 1518 or 1522 bytes(Enable VLAN)
Fragments
Number of incorrect or incomplete FCS data packets(including FCS) less than 64 bytes
Jabber
Number of incorrect or incomplete FCS data packets (including FCS) more than 1522 bytes
Sysbol Err
Number of data packets which is incorrect, incomplete or including invalid characters(including FCS)
between 64 bytes and 1518/1522 bytes(Enable VLAN)
49
Tx Frame Statistics
(Figure 6-51)
Unicast
Numbers of the unicast data packets sent by the port
Multicast
Numbers of the multicast data packets sent by the port
Broadcast
Numbers of the broadcast data packets sent by the port
Drop
Number of discarded normal packets because of lack of resources or not meeting analytic conditions
(excluding discarded packets because of conflict)
Pause
Ethernet control frames of protocol 0x8808 sent by the port, in full duplex mode, this data packet is used to
control frequency of data sending
Collision
Number of conflicts encountered in the port while sending data
Multiple Collision
Number of successful output packets (collision more than 1 time)
Late Collision
Number of packets less than 64 bytes when a conflict is detected.
Conflict Discard
Number of discarded packets caused by conflict happening more than 16 times.
Res Busy Discarded
Number of discarded packets out of stack queue because of lack of resources (large amounts of low
priority data after enabling QoS)
50
Traffic Statistics
(Figure 6-52)
Tx
Number of bytes of all data packets sent by the port
Rx
Number of bytes of all data packets received by the port
Unicast
Number of unicast data packets sent and received by the port
Multicast
Number of multicast data packets sent and received by the port
Broadcast
Number of broadcast data packets sent and received by the port
Error
Number of error packets because of some reasons sent and received by the port
51
MAC Address
MAC (Media Access Control) is a unique identifier assigned to network interfaces for communications on
physical network segment. The switch transmits the messages according to MAC address. Each switch
maintains a MAC address list. In this list, each MAC address corresponds to one port of the switch. When
switch receives some data frames, it is decided by MAC address to filter these frames or transmit to the
corresponding ports of the switch.
(Figure 6-53)
MAC address includes 3 kinds:
1. Dynamic MAC address
Dynamic MAC address is created by data frames learning in the network. It will be deleted when it is
beyond maximum age. When the port of the switch connected to the device has changed, the corresponding
MAC address in the MAC address table also change. Dynamic MAC address will disappear when the switch
restarts.
2. Static MAC address (Solidified)
Static MAC address is generated by configuration of IEEE 802.1x. It is beyond maximum age. Whatever
changes the ports of the switch make, the relationship of the MAC address and corresponding port will never
change. The relationship is controlled by IEEE 802.1X authentication server. Static MAC address will disappear
when the switch re-start.
52
3. Permanent Static MAC address
Permanent MAC address is generated by configuration. It is beyond maximum age. Whatever changes the
ports of the switch make, the relationship of the MAC address and corresponding port will never change.
Permanent MAC address will disappear when the switch re-start.
MAC address table can appoint type of the order. You can choose "auto" and "MAC". In this table, MAC
address and its corresponding port will be displayed. If the status shows "Authentication", it means the MAC
address is static authentication and the MAC address is beyond maximum age. If the status shows "static", it
means the MAC address is permanent static MAC address and it is beyond the maximum age.
Information necessary to explain:
1. Permanent static address can be configurable in the former static MAC address table.
2. Multicast addresses are displayed in IGMP Snooping list, here are unicast addresses.
3. Maximum age of MAC address is 300s.
53
6.10 Diagnosis
Port Mirroring
Port mirroring refers to copy data from the port which need to be monitored to appointed monitoring port
for analysis and monitoring. Ethernet switch supports many-for-one mirror which means messages from several
ports can be copied to a monitored port. User can appoint the direction of monitored message, such as only
monitoring of transmitted messages of appointed port. The device configures port mirroring function through
port mirroring group. Each group includes a monitored port and a group of mirror ports. Total bandwidth of
mirroring is not more than that of monitored port. It is good to monitor and manage its internal network data
when using port mirroring in a company. It is also good to locate the failure when network is cut up.
(Figure 6-54)
Mirror Port
It defines a group of ports which are needed to be monitored. The device collects data from these ports.
Monitored Port
It defines a group of ports which are used to monitor other ports. The device outputs the data through these
ports.
Watch direction
This parameter indicates the direction of the data. It includes 3 kinds of choices: "All", "Ingress" and
"Egress".
Information necessary to explain:
This function is not often used. Otherwise other port-based higher management function like RSTP,IGMP SNOOPING
Port mirroring function can only deal with the normal FCS packets. It cannot deal with error data frames.
54
Diagnosis
PING (Packet Internet Grope), is a computer network administration utility used to test the reach ability of
a host on an Internet Protocol network and to measure the round-trip time for messages sent from the
originating host to a destination computer. Ping operates by sending Internet Control Message Protocol echo
request packets to the target host and waiting for an ICMP response. In the process it measures the time from
transmission to reception and records any packet loss.
(Figure 6-55)
Host Address
Appointed computer need to ping, it can be an IP address or a domain.
Message Size
Echo data packet including data in "message length"
Message Number
Number of appointed echo data packet
Message Interval
Appointed message sending interval, the unit is ms.
Response Timeout
Timeout interval, the unit is ms.
Diagnosis
Start to send ping message.
Information necessary to explain:
1. "Diagnosis" is only to collect information of the device, not solving the faults.
2. The domain of "Host Address" doesn't support unlimited expansion, only not more than 3 levels domain
like "mail.sina.com"
3. "Request timeout" indicates the other network card is not working properly or some problems of lines.
4. If the message "unknown host name" appears when Ping the domain, it means DNS configuration is
wrong.
5. If the message "Request timeout" appears when Ping domain, it means the gateway setting is wrong.
55
6.11 System Management
NTP Configuration
NTP (Network Time Protocol), is a protocol and software implementation for synchronizing the clocks of
computer systems over packet-switched data network. It provides coordinated universal time including
scheduled adjustments. No information about time zones or daylight saving time is transmitted; this information
is outside its scope and it must be obtained separately.
(Figure 6-56)
Local Time
To configure the time manually to set or update the time of the device
Enable NTP
To update the time of the device by using NTP protocol
Time Zone
Standard time zones could be defined by geometrically subdividing the Earth's spheroid into 24 lines. The
local time in neighboring zones would differ by one hour. And the variation in the position of the sun from one
end of the zone to the other (east vs. west) would be at most 1/24 of the sky. Most of the 25 nautical time zones
(specifically UTC−11 to UTC+11) are indeed defined this way, and are 15° of longitude wide. An hourly zone
in the central Pacific Ocean is split into two 7.5°-wide zones (UTC±12) by the 180th meridian, part of which
coincides with the International Date Line.
NTP Server
It provides host name or IP address of NTP timing.
System Time
Device time
PC Time
The time of the visitor's PC.
56
Information necessary to explain:
1. The device uses its built-in server to update, the DNS and gateway configuration must be correct.
2. NTP server cannot be blank. It must be valid host name or IP address.
3. Only "manager" can configure the time of the device by hand.
Device Address
Device address supports 2 modes, DHCP and static IP address. When enabling DHCP, you can get the IP
address of the device by Hyper Terminal. If you need to use NTP, please input valid gateway and DNS address.
IP Address
IP address is a dispatched 32 bites address of the device in Internet. IP address includes 2 parts: Net-ID and
Host-ID. The default IP address of the device is 192.168.1.254.
Subnet Mask
Mask is corresponding 32 bits number of IP address. Some are 1, the others are 0. These 1 and 0 can be
combined arbitrary in principle, but the first continuous bits are 1 when designing subnet mask. IP address
can be divided into 2 parts by subnet mask: subnet address and host address. 1 in IP address and subnet
corresponds to subnet address, other bits are host address. A type of address corresponding mask is 255.0.0.0;
mask of B type address is 255.255.0.0; mask of C type address is 255.255.255.0.
Default Gateway
Default gateway in the host PC is generally called default route. Default route refer to a kind of router
that destination address of IP data packet will choose when it don’t find other existing route. All data packets
of destination address which don’t exist in the list of router will choose default route.
DNS Address
DNS is a hierarchical distributed naming system for computers, services, or any resource connected to the
Internet or a private network. It associates various information with domain names assigned to each of the
participating entities.
(Figure 6-57)
Information necessary to explain:
The IP address range is 92.168.x.x, 162.[16-31].x.x, or 10.x.x.x
NTP and EMAIL will use DNS service. If you need to use these two functions, please input the right DNS
address.
57
System Log
The device provides system log for user's reference of troubles. When enabling this function, the following
events will be recorded:
The system reboot, Port Link Down/UP, Power status changes, Login information, Broadcast Storm
happening, System operation and its records, NTP information and other system information.
(Figure 6-59)
1. Enable Log Status
If you know the IP address of the device, user name and password:
Click "System Management"
Click "system Log"
Choose "Log Status"
Click "Enable" and save the configuration.
2. Disable Log Status
If you know the IP address of the device, user name and password:
Click "System Management"
Click "system Log"
Choose "Log Status"
Click "Disable" and save the configuration.
3. Browse the Log
If you know the IP address of the device, user name and password:
Click "System Management"
Click "system Log"
Choose "Display Mode"
It shows required logs in chronological order
4. Delete/Download the Log
If you know the IP address of the device, user name and password:
Click "System Management"
Click "system Log"
Choose "Operation"
58
Click "Clear All" to delete all information, click "Download All" to download all the information.
System File Update
This function includes 5 kinds: Factory Defaults, Reboot, Download Configuration, Upload Configuration
and upgrade Firmware.
(Figure 6-60)
(Figure 6-61)
(Figure 6-62)
(Figure 6-63)
1. Factory Default
If you know the IP address of the device, user name and password:
Use IE to login Web interface.
Click "System Management"
Click "System File Update"
Choose "Factory Default"
Click "OK"
Notice: the IP address will be "192.168.1.254".
Open a new interface, input "192.168.1.254" to make a new configuration.
59
2. Reboot
Click "OK", the device reboot. Before reboot, please save all configuration, otherwise the unsaved
configuration would be lost after reboot.
3. Download Configuration
If you know the IP address of the device, user name and password:
Use IE to login Web interface.
Click "System Management"
Click "System File Update"
Choose "Download Configuration"
Click "Download"
Choose the name of the file and the place to save.
4. Upload Configuration
If you know the IP address of the device, user name and password:
Use IE to login Web interface.
Click "System Management"
Click "System File Update"
Choose "Upload Configuration"
Click "Upload"
5. Upgrade Firmware
If you know the IP address of the device, user name and password:
Use IE to login Web interface.
Click "System Management"
Click "System File Update"
Choose "Upgrade Firmware"
Click "Browse" and find the place of uploading the file.
Click "Upgrade"
A suggestion” interruption of power is not allowed during uploading” , confirm it.
Information necessary to explain:
Factory Default setting restores all status to default status, the default IP address is "192.168.1.254".
60
Default Settings
Main Menu
System Status
Sub item
System
Information
Port Settings
Port
Configuration
Bandwidth
Management
Storm
Suppression
QoS
L2 Features
VLAN
Rules of Web Interface
Name
DFB48M24UX
Type
DFB48M24UX
Description
Dante Security
Serial No.
2009122800001
Contact Information
support@dantesecurity.net
Port enable
Enable
Speed
Auto-negotiation
Flow control
Egress bandwidth
Ingress bandwidth
Enable
Disable
Disable
Disable
802.1p priority
Disable
Port priority
Disable
DSCP priority
Disable
802.1Q VLAN
Disable
Port-based VLAN
Enable
IGMP Snooping
Static Multicast
FWD
Port Trunking
Redundancy
Access Control
Port statistics
Diagnosis
Remote
Management
System
Management
Rapid Ring
Default Settings
Disable
Disable
Disable
SWRING Ⅱ
Disable
SWRING Ⅲ
Disable
RSTP
Disable
Login Settings
Disable
Access Profile
MAC
address
Binding
Rx
frame
statistics
Tx
frame
statistics
Port Mirroring
Disable
Disable
Disable
Diagnosis
SNMP
configuration
Email Warning
System
Management
Disable
IP
192.168.1.254
Subnet mask
255.255.255.0
Default gateway
192.168.1.1
61
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising