CTS_ESH-PSH-SWH_2108-2109_RF_SERIES_NMS_V1.2_20101112.pdf
Short Description
Download CTS_ESH-PSH-SWH_2108-2109_RF_SERIES_NMS_V1.2_20101112.pdf...
Description
ESH/PSH/SWH-2108 8 ports 10/100Mbps RJ-45 Managed Ethernet CPE Switch
ESH/PSH/SWH-2109 8 ports 10/100Mbps RJ-45 + 1 port 100Mbps fiber optics uplink Managed Ethernet CPE Switch
ESH-2109-RF 8 ports 10/100Mbps RJ-45 + 1 port 100Mbps fiber optics uplink Managed Ethernet CPE Switch with CATV CATV RF receiver
Network Management
User ’s Manual Version 1.2 1
Trademarks CTS is a registered trademark of Connection Technology Technology Systems Inc. Contents subject to revise without prior notice. All other trademarks remain remain the property of their owners. owners.
Copyright Statement Copyright Connection Technology Systems Inc. This publication may not be reproduced as a whole or in part, in any way whatsoever unless prior consent has been obtained from Connection Technology Technology Systems Inc.
FCC Warning This equipment has been tested and found to comply with the limits l imits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limitations are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates uses and can radiate radio frequency energy and, if no installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and receiver.
Connect the equipment into a different outlet from that the receiver is connected.
Consult your local distributors or an experienced radio/TV technician for help.
Shielded interface cables must be used in order to comply with emission limits.
Changes or modifications to the equipment, which are not approved by the party responsible for compliance, could affect the user’s authority to operate the equipment. Copyright © 2008 All Rights Reserved. Company has an on-going policy of upgrading its products and it may be possible that information in this document is not up-to-date. Please check with your local distributors for the latest information. No part of this document can be copied or reproduced in any form without written consent from the company. Trademarks: All trade names and trademarks are the properties of their respective companies.
2
Table of Content 1. INTRODUCTION ............................................................................................................... 6 1.1 Management Software & Interfaces ............................................................................. 6 1.2 Management Preparations ........................................................................................... 7 1.2.1 Connecting the Managed Switch ........................................................................... 7 1.2.2 IP Addresses ......................................................................................................... 8 1.2.3 MIB for Network Management Systems ................................................................ 8 1.3 RF over Fiber (With RF Receiver Only) .......................... ............. .......................... .......................... .......................... .................... ....... 9 2. CONSOLE PROGRAM ................................................................................................... 10 2.1 Local Console Management ....................................................................................... 10 2.2 Remote Console Management - Telnet Telnet .......................... ............. .......................... .......................... .......................... .................. ..... 11 2.3 Console Program Overview ....................................................................................... 11 2.4 Navigating the Console Program................................................................................ 12 2.4.1 Quick Keys........................................................................................................... 12 2.4.2 Field Types .......................................................................................................... 13 2.5 Configuring the System .............................................................................................. 14 2.5.1 System Information .............................................................................................. 15 2.5.2 User Authentication .............................................................................................. 17 2.5.2.1 RADIUS Configuration .................................................................................. 19 2.5.3 Network Management .......................................................................................... 20 2.5.3.1 Network Configuration ................................................................................... 21 2.5.3.2 System Service Management ....................................................................... 21 2.5.3.3 RS232/Telnet/Console Configuration ........................... .............. .......................... .......................... .................... ....... 22 2.5.3.4 Timer Server Configuration ........................................................................... 23 2.5.3.5 Device Community ........................................................................................ 24 2.5.3.6 Trap Destination ............................................................................................ 25 2.5.3.7 Trap Configuration ........................................................................................ 26 2.5.4 Switch Management ............................................................................................ 27 2.5.4.1 Switch Configuration ..................................................................................... 28 2.5.4.2 Priority and Rate Limit Configuration .......................... ............ ........................... .......................... ...................... ......... 29 2.5.4.3 Port Configuration ......................................................................................... 30 2.5.4.4 VLAN Configuration ...................................................................................... 31 2.5.4.4.1 Port Based VLAN Configuration ............................................................. 32 2.5.4.4.2 802.1Q VLAN Concept ........................................................................... 33 2.5.4.4.3 IEEE 802.1Q VLAN configuration .......................... ............. .......................... .......................... .................... ....... 36 2.5.4.4.4 Configure Default Port VLAN ID ............................................................. 37 2.5.4.5 Spanning Tree Protocol................................................................................. 38 2.5.4.5.1 STP Switch Settings ............................................................................... 39 2.5.4.5.2 STP Port Settings ................................................................................... 40 2.5.4.6 MAC Address Management .......................................................................... 41 2.5.4.7 L2 Protocol Converting .................................................................................. 42 2.5.4.8 Loop Detection Configuration ........................................................................ 44 2.5.4.9 LLDP Configuration ....................................................................................... 45 2.5.5 Switch Monitor ..................................................................................................... 46 2.5.5.1 Switch Port State ........................................................................................... 47 2.5.5.2 Port Traffic Statistics ..................................................................................... 48 2.5.5.3 Port Packet Error Statistics ........................................................................... 49 2.5.5.4 Port Packet Analysis Statistics ...................................................................... 50 2.5.5.5 MAC Address Table ...................................................................................... 51 3
2.5.5.6 IGMP Snooping ............................................................................................. 52 2.5.5.7 Loop Status ................................................................................................... 53 2.5.5.8 LLDP Status .................................................................................................. 53 2.5.6 System Utility ....................................................................................................... 54 2.5.6.1 Ping ............................................................................................................... 55 2.5.6.2 Event Log ...................................................................................................... 55 2.5.6.3 Update Firmware ........................................................................................... 56 2.5.6.4 Load Factory Settings ................................................................................... 57 2.5.6.5 Load Factory Setting Except Network Configuration .......................... ............. ........................ ........... 57 2.5.6.6 Backup Configuration .................................................................................... 58 2.5.7 Save Configuration .............................................................................................. 59 2.5.8 Reset System ...................................................................................................... 59 2.5.9 Logout .................................................................................................................. 60 3. SNMP NETWORK MANAGEMENT ................................................................................ 61 4. WEB MANAGEMENT ..................................................................................................... 62 4.1 System Information .................................................................................................... 64 4.2 User Authentication .................................................................................................... 65 4.3 Network Management ................................................................................................ 67 4.3.1 Network Configuration ......................................................................................... 68 4.3.2 System Service Configuration.............................................................................. 69 4.3.3 RS232/Telnet/Console RS232/Telnet/Console Configuration ......................... ............ .......................... .......................... .......................... ................ ... 69 4.3.4 Time Server Configuration ................................................................................... 70 4.3.5 Device Community ............................................................................................... 71 4.3.6 Trap Destination ................................................................................................... 73 4.3.7 Trap Configuration ............................................................................................... 73 4.4 Switch Management ................................................................................................... 74 4.4.1 Switch Configuration ............................................................................................ 75 4.4.2 Priority and Rate Limit Configuration ................................................................... 76 4.4.3 Port Configuration ................................................................................................ 77 4.4.4 VLAN Configuration ............................................................................................. 78 4.4.4.1 Port-Based VLAN .......................................................................................... 78 4.4.4.2 802.1Q VLAN Concepts ................................................................................ 79 4.4.4.3 IEEE 802.1q Tag VLAN................................................................................. 82 4.4.4.3.1 Configure VLAN ...................................................................................... 83 4.4.4.3.2 Configure Default Port VLAN ID ............................................................. 84 4.4.5 Spanning Tree Protocol ....................................................................................... 85 4.4.5.1 STP Switch Settings ...................................................................................... 86 4.4.5.2 STP Port Settings .......................................................................................... 87 4.4.6 MAC Address Management ................................................................................. 88 4.4.7 L2 Protocol Converting ........................................................................................ 89 4.4.8 Loop Detection Configuration .............................................................................. 91 4.4.9 LLDP Configuration ............................................................................................. 92 4.5 Switch Monitor ............................................................................................................ 93 4.5.1 Switch Port State ................................................................................................. 94 4.5.2 Port Counters Rates ............................................................................................ 95 4.5.2.1 Port Traffic Statistics (Rates) ........................... .............. .......................... .......................... .......................... .................... ....... 95 4.5.2.2 Port Packet Error Statistics (Rates) ......................... ............ ........................... ........................... ........................ ........... 96 4.5.2.3 Port Packet Analysis Statistics (Rates) ......................................................... 97 4.5.3 Port Counters Events ........................................................................................... 98 4.5.3.1 Port Traffic Statistics (Events) ....................................................................... 98
4
4.5.3.2 Port Packet Error Statistics (Events) ............................................................. 99 4.5.3.3 Port Packet Analysis Statistics (Events) ......................... ............ .......................... .......................... ................ ... 100 4.5.4 MAC Address Table ........................................................................................... 101 4.5.5 IGMP Snooping ................................................................................................. 101 4.5.6 Loop Status ........................................................................................................ 103 4.5.7 LLDP Status ....................................................................................................... 103 4.6 System Utility............................................................................................................ 104 4.6.1 Event Log .......................................................................................................... 105 4.6.2 Load Factory Settings ........................................................................................ 105 4.6.3 Load Factory Settings Except Network Configuration .......................... ............. .......................... ............... 105 4.6.4 Backup Configuration ........................................................................................ 106 4.7 Save Configuration ................................................................................................... 107 4.8 Reset System ........................................................................................................... 107 APPENDIX A: A: Free RADIUS Readme ......................... ............ .......................... .......................... .......................... .......................... ............... 108 APPENDIX B: DHCP Readme .......................................................................................... 109
5
1. INTRODUCTION Thank you for using ESH/PSH/SWH 2108-2109 Series and ESH-2109-RF Managed Switch. This user ‟s manual will introduce you how to configure ESH/PSH/SWH 2108-2109 Series and ESH-2109-RF Managed Switch via different built-in management modules that allows you to monitor the operation status locally or through network remotely.
1.1 Management Software & Interfaces Following is a list of choices for management software and interfaces:
Managed Switch Console Program SNMP-based management software Web Browser Application
Console Program The Managed Switch has a built-in, menu-driven interface called the Console Program that you can use to:
Configure the system Monitor the status Reset the system
This Console Program can be used as your primary management system. However, the other network management option, SNMP based management system, is also available. You can access the text-mode Console Program locally by connecting a VT100 terminal or a workstation running VT100 emulation software to the Managed switch RS-232 DB-9 console port directly. Or, you can use Telnet to login and access the Console Program through network connection remotely.
SNMP Management System When you use a SNMP based network management system, the Managed Switch S witch becomes one of the managed devices (network elements) in that system. The Managed Switch management module contains an SNMP agent that will respond to the requests from the SNMP based network management system. These requests, which you can control, can vary from getting system information to setting the device attribute values. The Managed Switch‟s Switch‟s private MIB is provided with the product for installation into your SNMP based network management system.
6
Web Browser Application A web browser can also be used to manage the Managed Switch, such as Internet Explorer or Netscape, etc. (The default IP address for the Managed Switch port is “http://192.168.0.1”.) For convenience, you can use either this Web-based Management Browser Application program or other network management options – – e.g. SNMP-based management system as your management system.
1.2 Management Preparations Preparations After you have decided how to manage your Managed Switch, you need to connect cables properly, determine the Managed Switch IP address and, in some cases, install MIB shipped with your Managed Switch.
1.2.1 Connecting the Managed Switch It is extremely important that proper cables are used with correct pin arrangements when connecting Managed Switch to other switches, hubs, workstations, etc.
100Base-FX Fiber Port
100Base-FX Fiber port is primarily used for up-link connection and will always operate at 100M/Full Duplex mode. Duplex SC or WDM Simplex SC types of connectors are available. Use proper multimode or single-mode optical fiber to connect this port with other Fast Ethernet Fiber port.
10/100Base-TX RJ-45 Ports
8x10/100Base-TX RJ-45 ports are located on the front panel of the Managed Switch. These RJ-45 ports allow users to connect their traditional copper based Ethernet/Fast Ethernet devices into network. All these ports support auto-negotiation and MDI/MDIX auto-crossover, i.e. either crossover or straight through CAT-5 cable may be used.
Management Console Port
RS-232 DB-9: The RS-232 DB-9 port is located on the rear r ear panel of the Managed Switch. Switch. This DB-9 port is used for local, out-of-band management. Since this DB-9 port of the Managed Switch is DTE (Data Terminal Equipment), a null modem is also required to connect the Managed Switch and the PC. By connecting this DB-9 port, users can configure and check the Managed Switch even when the network is down. RJ-45: The 8-pin RJ-45 Management Console Port is located on the rear panel of the Managed Switch. This RJ-45 Management Console Port is used for local, out-of-band management. A RJ-45-to-DB9 adapter console cable is required to connect the Managed Switch to the PC. Through this connection, users then can configure and check the Managed Switch even when the network is down.
7
1.2.2 IP Addresses IP addresses have the format n.n.n.n, for example 168.168.8.100. IP addresses are made up of two parts:
The first part (168.168.XXX.XXX in the example) refers as network address identifies the network on which the device resides. Network addresses are assigned by three allocation organizations. Depending on your location, each allocation organization assigns a globally unique network number to each network that wishes to connect to the Internet.
The second second part (XXX.XXX.8.100 in the example) example) identifies the device within the network. Assigning unique unique device numbers is your your responsibility. If you are unsure of the IP addresses allocated to you, consult the allocation organization from which your IP addresses were obtained.
Remember that no two devices devices on a network can can have the same address. address. If you connect to the outside, you must change all the arbitrary IP addresses to comply with those you have been allocated by the allocation organization. If you do not do this, your outside communications will not operate. A subnet mask is a filtering system for IP addresses. It allows you to further subdivide your network. You must use the proper subnet mask for proper operation of a network with subnets defined.
1.2.3 MIB for Network Management Systems Private MIB (Management Information Bases) is provided for managing the Managed Switch through the SNMP based network management system. You must install the private MIB into your SNMP based network management system first. The MIB file is shipped together with the Managed switch. The file name extension is “.mib” .mib” that allows SNMP based compiler to read.
8
1.3 RF over Fiber (With RF Receiver Only) When it comes to deploying the video service over fiber, video is transmitted to radio frequencies (RF) and signals are then carried across the fiber network as RF over fiber. The least expensive solution is to broadcast analog video over the fiber infrastructure in the same manner as an analog cable system. One advantage is the cost: a wealth of analog cable products are available at a low price to build out the head-end. Also, no set-top boxes are required to decode the video inside the customer‟s home, further reducing the cost of implementation. RF can be transported directly over fiber. Fiber has technical and economic benefits over coaxial cable. Its advantages include: • • • • • • • • •
Range, bandwidth bandwidth and RF performance Low noise figure, high dynamic dynamic range No signal signal egress egress (security) (security) EMI/RFI Immunity (interference) Isolation from lightening strikes Transports signals in native native RF format, complex circuitry at remote location location Thin cable size, very low cable weight weight High frequency, frequency, low signal loss Flexible system configurations
RF over fiber makes most cost effective way of Triple Play: • • • • •
Cost effective Ethernet network architecture High quality RF TV signal to the building building Reliable and low technical staff training and investment Easy to maintenance maintenance No need to t o invest on set-top box, cable modem and CMTS(Cable Modem Termination System)
The RF specification of this of this Fiber Switch: • Fiber connector: SC/APC • Forward Path Frequency Range: 54-870MHz • Output Level: min 24dBmV@-5dBm 24dBmV@-5dBm optical input 80 NTSC channels channels loading • CNR: 48@-4dBm 48@-4dBm optical optical input • CSO: max-65@-4dBm max-65@-4dBm optical input • CTB: max -67@-4dBm optical input • Output Return Loss: max -16 dB • Flatness: ±1 dB • Wavelength: 1200 to 1620 nm • Input Power: Power: -8 to -2 dBm
9
2. CONSOLE PROGRAM This chapter describes how to use your Managed Switch Console Program, specifically in:
Local Console Management (out-of-band) Telnet Management (in-band) Configuring the system Resetting the system
The interface and options of Local Console and Telnet Management are the same. The difference is the type of connection and the port that is used to manage the Managed Switch.
2.1 Local Console Management Local Console Management is always done through the RS-232 DB-9 port or RJ-45 Management port and requires a direct connection between the Managed Switch and a PC. This type of management is very useful especially when the network is down and when the Managed Switch cannot be reached by other means. The Local Console Management is used to setup the Managed Switch network configuration for the first time or when the Managed Switch returns back to the default setting. You can setup the IP address or change the default configuration to the desired setting so as to enable Telnet or SNMP services. Follow these steps to begin a management session using Local Console Management: Management: 1. Attach the serial cable cable the RS-232 DB-9 or RJ-45 port located located at the back of the Managed Switch with a null modem. m odem. 2. Attach the other end to the serial port of a PC or workstation. workstation. 3. Run a terminal emulation emulation program using the following settings: settings:
Emulation BPS Data bits Parity Stop bits Flow Control Enable
VT-100/ANSI compatible 9600 8 None 1 None Terminal keys
4. Press Enter Enter to reach the Main Menu.
10
2.2 Remote Console Management - Telnet You can manage manage the Managed Switch via Telnet. However, you you must first assign a unique unique IP address to the Managed Switch before doing so. Use the Local Console to log into the Managed Switch and set up the IP address for the first time. Follow these steps to manage the Managed Switch through Telnet session: 1. Use Local Console Console to set up up the assigned assigned IP parameters of the Managed Managed Switch,
IP address Subnet Mask Default gateway IP address, if required
2. Run Telnet. 3. Log into the Managed Switch to reach the Main menu. menu.
Limitations: When using Telnet, keep the following in mind: Only two active Telnet sessions can access the Managed Switch at the same time.
2.3 Console Program Overview Once you gain access, a Login Console appears as below.
Enter the username and password then press ENTER to login to the Console Program Main Menu. By default, the the username username is “admin” and without a password. Users can change, add, or edit the username and password in User Authentication. Authentication.
11
2.4 Navigating the Console Program Before starting to configure your Managed Switch, you have to get yourself familiar with this Console Program including what each field means and some quick keys that you can use to make your job as network operators or administrators more easily and effectively. This section will start by giving you a list of quick keys and then introduce what each field represents.
2.4.1 Quick Keys To do this…
Use this key…
Highlight an option in menu.
Tab and Arrow keys ( or )
Select a highlighted option.
Enter
Drop-down Menu in a chosen field.
Spacebar
Select within the drop-down menu in a chosen field. Arrow keys ( or ) Select an option in a chosen field.
Spacebar
Move to the next entry field or command.
Tab
Move one line up to the previous field.
Arrow key ()
Move one line down to the next field.
Arrow key ()
Exit from the current screen
ESC
12
2.4.2 Field Types A typical Console Program screen screen contains several several types of fields as shown below. below. 1-
-5 432-
6-
7-
8-
1. Timer: Timer: X day XX:XX:XX This is a view-only field that shows how long the switch has been up since it is turned on or reset. 2. Drop-Down Drop-Down Menu: Menu: [ XXXX |] The drop-down menu is used when there are more than two options, for example: Port Number . Press Spacebar to display the options in the drop-down menu as shown below.
Use or to move to the desired option and then press Spacebar to select.
3. Select an Option: This field contains two options, for example: Account State. Press Spacebar to select between & 4. Editing Field: [ XXXX ]
13
Options can be edited directly, for example: Community. Use Backspace to delete the default setting and enter new content directly.
5. View View Only Field: XXXX No options are available and this is for view only, for example: Current number of each registered user . 6. OK Press OK to accept changes and leave l eave the current menu. 7. Cancel Press Cancel to skip changes and leave the current menu. 8. Help Press Help to view On-Line help as shown below.
2.5 Configuring the System When you reach the Main Menu, press Tab or use up and down arrow key ( or ) to the item you want to select then press Enter. Or, press the number key directly to select.
1. System Information: Specify the name, location of the Managed Switch and check the current version information.
14
2. User Authentication: View the registered user list. Add a new user or remove an existing user. 3. Network Management: Set up or view the IP address and related information of the Managed Switch required for network management application. 4. Switch Management: Setup switch or port configuration, VLAN configuration and other functions. 5. Switch Monitor: View the operation status and traffic statistics of the ports. 6. System Utility: Ping, Firmware Upgrade, Load Factory Setting, etc. 7. Save Configuration: Save all changes to the system. 8. Reset System: Reset the Managed Switch. 9. Logout: Logout from the console program. 0. Help: List the console operation keys.
2.5.1 System Information Select System Information in the Console Program main menu, then the following screen page appears. Please note that system information displayed will change depending on the model of the device, the slide-in fiber and RF module installed. The following two screen pages show ESH/PSH/SWH-2108 & 2109 Series and ESH-2109-RF system information respectively. System Information for ESH/PSH/SWH-2108 & 2109 Series:
System Information for ESH-2109-RF
15
Company Name: Enter a company name for this Managed Switch, up to 55 alphanumeric characters. System Object ID: This view-only field shows the predefined System OID. System Contact: Enter contact information for this Managed Switch, up to 55 alphanumeric characters. System Name: Enter a unique name for this Managed Switch, up to 55 alphanumeric characters. Use a descriptive name to identify the Managed Switch in relation to your network, for example “Backbone “Backbone 1”. This name is mainly used used for reference only. System Location: Enter a brief description of the Managed Switch location, up to 55 alphanumeric characters. The The location is for reference only, for example “13th Floor”. Model Name: View-only field that shows the model name of this Managed Switch. Firmware Version: View-only field that shows the current Firmware version of this Managed Switch. 100M Port Number: View-only field that shows the total number of ports that operate in 100M. 1000M Port Number: View-only field that shows the total number of ports that operate in 1000M. Fiber 2 Type: View-only field that shows the information about fiber connector, fiber speed, and maximum distance that fiber can reach. (This field will be displayed only when the fiber is available on the device.) Fiber 2 Wavelength: View-only field that shows the slide-in SFP transmitting and receiving wavelength. (This field will be displayed only when the fiber is available on the device.) M/B Version: View-only field that shows the Main board version of this Managed Switch. Serial Number: View-only field that shows the Serial number of this Managed Switch.
16
CATV Module: Optic Level: View-only field that shows the operational optical level. RF TV Output: To turn on or off CATV RF module.
2.5.2 User Authentication To prevent any un-authorized operations, only registered users are allowed to operate the Managed Switch. Any users who want to operate the Managed Switch need to register into the user list first. To view or change current registered users, select User Authentication from the Main Menu, then the following screen page appears.
Up to 10 users can be registered. Press New to add a new user, then the following screen page appears. Use Delete to remove a current registered user setting. Press Edit to view and edit a registered user ‟s settings. ‟s settings.
Current/Total/Max Users: View-only field.
17
Current: The number of current registered users. Total: The number of total registered users. Max Users: The maximum number available for registration. The default number is 10. Account State: Press Spacebar to enable or disable this User Account. User Name: Specify the authorized user login name of up to 20 alphanumeric characters. Password: Enter the desired user password of up to 20 alphanumeric characters. Retype Password: Enter the password again to confirm. NOTE: When you create a new account and password for a user, please remember this
account and password by heart or keep them in a safe place. If you forget the account and password, please note that there is no way to recover your password for models that have no reset (Diag) button on the rear panel. For models that have a reset (Diag) button on the real panel, press reset (Diag) button for 10 seconds and then release to set the Managed Switch back to factory default settings. Once factory default settings are restored, you can use the default account and password to login in to Console Program or Web Management.
Description: Enter a unique description for the user of up to 35 alphanumeric characters. This is mainly used for reference. IP Security: Press Spacebar to enable or disable the IP security function. If enabled, the user may access the Managed Switch only through the management workstation which has exact IP address specified in below IP address field. If disabled, the user may access the Managed Switch through any workstations. IP Address: Specify the IP address used for IP Security function. Console Level: Use up or down arrow keys ( or ) to select the desired privilege for the console operation or press Spacebar to view all options. Administrator: Full access right includes maintaining user account & system information, load factory settings, etc. Read & Write: Full access right but cannot modify user account & system information, information, cannot load factory settings Read Only: Allow to retrieve information only. Access Denied: Completely forbidden for access. NOTE: To prevent incautious operations, a user cannot delete and disable the default
account or modify the console level.
18
2.5.2.1 RADIUS Configuration Press RADIUS Configuration in User Authentication, then the following screen page shows up.
When RADIUS Authentication is enabled, User login will be according to those settings on the RADIUS server(s). NOTE: For advanced RADIUS Server setup, please refer to Appendix A or the “free RADIUS readme.txt” file on the disc shipped with this product.
Secret Key: The word to encrypt data of being sent to RADIUS server. RADIUS Port: The RADIUS service port on RADIUS server. Retry Time: The maximum number of attempts that a client tries to authenticate with the RADISU server. RADIUS Server Address: IP address of the first RADIUS server. 2nd RADIUS Server Address: IP address of the second RADIUS server.
19
2.5.3 Network Management Select the option Network Management from the Console Main Menu, then the following screen appears.
1. Network Configuration: Set up the required IP configuration of the Managed Switch. 2. System Service Management: Enable or disable the specified network services. 3. RS232/Telnet/Console Configuration: View the RS-232 serial port setting, specific Telnet and Console services. 4. Timer Server Configuration: Set up the time server‟s configuration 5. Device Community: View the registered SNMP community name list. Add a new community name or remove an existing community name. 6. Trap Destination: View the registered SNMP trap destination list. Add a new trap destination or remove an existing trap destination. 7. Trap Configuration: View the Managed Switch trap configuration. Enable or disable a specific trap.
20
2.5.3.1 Network Configuration Select the option Network Configuration from the Network Management menu, then the following screen appears.
MAC Address: This view-only field shows the unique and permanent MAC address assigned to the Managed switch. You cannot change the Managed Switch‟s Switch‟s MAC MAC address. Configuration Type: Press Spacebar to select “DHCP” or “Manual”. When “DHCP” is selected and a DHCP server is also available on the network, the Managed Switch will automatically get the IP address from the DHCP server. If “Manual” is selected, users need to specify the IP address, Subnet Mask and Gateway. IP Address: Enter the unique IP address of this Managed Switch. You can use the default IP address or specify a new one when the situation of address duplication occurs or the address does not match up with your network. (The default factory setting is 192.168.0.1.) Subnet Mask: Specify the subnet mask. The default subnet mask values for the three Internet address classes are as follows: Class A: 255.0.0.0 Class B: 255.255.0.0 Class C: 255.255.255.0 Gateway: Specify the IP address of a gateway or a router, which is responsible for the delivery of the IP packets sent by the Managed Switch. This address is required when the Managed Switch and the network management station are on different networks or subnets. The default value of this parameter is 0.0.0.0, which means no gateway exists and the network management station and Managed Switch are on the same network. Current State: This View-only field shows currently-assigned IP address (by DHCP or manual), Subnet Mask and Gateway of the Managed Switch.
2.5.3.2 System Service Management Select the option System Service Management from the Network Management menu, then the following screen appears.
21
Telnet Service: Press Spacebar to enable or disable the Telnet Management service. SNMP Service: Press Spacebar to enable or disable the SNMP Management service. Web Service: Press Spacebar to enable or disable the W eb Management service.
2.5.3.3 RS232/Telnet/Console RS232/Telnet/Console Configuration Select the option RS232/Telnet/Console Configuration from the Network Management menu, then the following screen appears.
Baud Rate: RS-232 setting, 9600 bps, view-only field. Stop Bits: RS-232 setting, 1, view-only field. Parity Check: RS-232 setting, None, view-only field. Word Length: RS-232 setting, 8, view-only field. Flow Control: RS-232 setting, None, view-only field. Telnet Port: Specify the desired desired TCP port number number for the Telnet console. The default TCP port number of the Telnet is 23.
22
System Time Out: Specify the desired time that the Managed Switch will wait before disconnecting an inactive console/telnet. “0” means an inactive connection will never be disconnected.
2.5.3.4 Timer Server Configuration Select the option Timer Server Configuration from the Network Management, then the following screen page shows up.
Time Synchroniz S ynchronization: ation: Press Spacebar to enable or disable synchronization with NTP time server. Time Server Address: Enter the NTP timer server IP address. Press Test to test whether the NTP time server is available or not. 2nd Time Server Address: When the default Time Server is down, the Managed Switch will automatically contact the second time server. Press Test to test whether the NTP time server is available or not. Synchronization Synchronization Interval: The time interval to synchronize from the NTP time server. Time Zone: Using up or down arrow key ( or ) to select the appropriate time zone. Daylight Saving Time: Press Spacebar to enable or disable the daylight saving time function. It‟s a way of getting more daytime hour(s) by setting the time to be hour(s) ahead in the morning. Daylight Saving Time Offset: Using up or down arrow key ( or ) to select the time offset of daylight saving time. NOTE: SNTP is used to get the time from those NTP servers. It is recommended that the
time server is in the same LAN with the Managed Switch or at least least not too far away. In this way, the time will be more accurate.
23
2.5.3.5 Device Community Select the option Device Community from the Network Management, then the following screen page appears.
Up to 10 device communities can be set up. Press New to add a new community, then the following screen page shows up. Press Edit to view the current community settings. Use Delete to remove a registered community.
Current/Total/Max Agents: View-only field. Current: This shows the number of current registered communities. Total: This shows the number of total registered registered community users. Max Agents: This shows the number of maximum maximum number available for registration. The default maximum number is 10. Account State: Press Spacebar to enable or disable this community Account.
24
Community: Specify the authorized SNMP community name of up to 20 alphanumeric characters. Description: Enter a unique description for this community name of up to 35 alphanumeric characters. This is mainly used for reference. IP Security: Press Spacebar to enable or disable the IP security function. If enabled, the Community may access the Managed Switch only through the management station that has the exact IP address specified in IP address field. If disabled, the Community can access the Managed Switch through any management stations. IP Address: Specify the IP address used for IP Security function. SNMP Level: Use up or down arrow key ( or ) to select the desired privilege for the SNMP operation Administrator: Full access right including maintaining user account & system information, loading factory settings, etc. Read & Write: Full access right but cannot modify user account & system information and load factory settings. Read Only: Allow to retrieve information only. Access Denied: Completely forbidden for access. NOTE: When the community browses the Managed Switch without proper access right,
the Managed Switch will respond nothing. For example, if a community only has Read & Write privilege, then it cannot browse the Managed Switch’s user table.
2.5.3.6 Trap Destination Select the option Trap Destination from the Network Management, then the following screen page appears.
Index: 10 trap destination rules can be set in this Managed Switch.
25
State: Enable or disable each trap destination rule. Destination: Enter the specific IP address of the network management system that will receive traps. Community: Enter the community name of the network management system.
2.5.3.7 Trap Configuration Select the option Trap Configuration from the Network Management, then the following screen page appears.
Cold Start Trap: Enable or disable the Managed Switch to send a trap when the Managed Switch powers up. Warm Start Trap: Enable or disable the Managed Switch to send a trap when the Managed Switch restarts. Authentication Failure Trap: Enable or disable the Managed Switch to t o send authentication failure trap after any unauthorized users attempt to login. Port Link Up/Down Trap: Enable or disable the Managed Switch to send a trap when a certain port is link up or link down. (Change the status of the port to “V” to send a trap. “-” will not send a trap.) Broadcast Storm Trap: Enable or disable broadcast storm trap sending from the Managed Switch when broadcast packets reach the upper limit. Upper Limit: Specify the maximum broadcast packets number per second. The broadcast storm trap will be sent when the Managed Switch exceeds the specified limit. System Power Down Trap: Send a trap notice while the Managed Switch is power down.
26
2.5.4 Switch Management In order to manage the Managed switch and set up required switching functions, click the folder Switch Management from the Main Menu and then several options will be displayed for your selection.
1.
Switch Configuration: Setup acceptable frame size and address learning, etc.
2.
Priority and Rate Limit Configuration: Enable or disable Port priority and setup Port Rate limit, etc.
3.
Port Configuration: Enable or disable port speed, flow control, etc.
4.
VLAN Configuration: Set up VLAN mode and VLAN configuration
5.
Spanning Tree Protocol: Set up STP switch settings, physical port settings, etc.
6.
MAC Address Management: Management : Set up MAC address, enable or disable MAC security, etc.
7.
L2 Protocol Converting: Convert protocols into a vendor-specific protocol.
8.
Loop Detection Configuration: Enable or disable ports port s to send loop detection packets and lock the ports to prevent loops.
9.
LLDP Configuration: Send or receive TLV information to or from neighboring devices.
27
2.5.4.1 Switch Configuration Select the option Switch Configuration from the Switch Management, then the following screen appears.
Maximum Frame Size: Press Spacebar to select between 1522 and 1632 for maximum transmitting and receiving frame size. Address Learning: Enable or disable MAC address learning. MAC Address Aging Time: Enter MAC Address aging time between 0 and 4080 seconds. When MAC addresses are not used within the specified time, the MAC addresses learned will be removed from the MAC address table. Fiber Port Redundancy: This field is view-only or selectable depending on the specification of your Managed Switch. If your Managed Switch is equipped with TP ports only, you are not allowed to activate redundancy function. If the Managed Switch is with dual fibers, this field becomes selectable and you can disable or enable redundancy function. When enabled, the redundancy function is active. In other words, when one fiber port is link down, the other fiber port will link up to ensure the network connectivity. Port 8 Media Type: This field is view-only or selectable depending on the specification of your Managed Switch. If your Managed Switch is equipped with TP ports only, information shown in this field is “Copper ”. If your Managed Switch supports TP ports and fibers, you can select port 8‟ 8‟s media type, either copper or fiber. IGMP Snooping: Enable or disable IGMP Snooping function. 0180C2000000-0F: Select either “Not Filter ” or “Filter ”. When “Filter ” is selected, packets from the address ranging from 0180C2000000 to 0180C200000F will be filtered or dropped. 0180C2000020-2F: Select either “Not Filter ” or “Filter ”. When “Filter ” is selected, packets from the address ranging from fr om 0180C2000020 to 0180C200002F will be filtered or dropped. 0180C2000010: Select either “Not Filter ” or “Filter ”. When “Filter ” is selected, packets from the address 0180C2000010 will be filtered or dropped.
28
2.5.4.2 Priority and Rate Limit Configuration Select the option Priority and Rate Limit Configuration from the Switch Management menu, then the following screen appears.
Priority Mode: There are five priority modes available from the drop-down menu. Default mode: The default mode will follow the setting in Port Priority and Tag Priority Map. IP: The configuration will follow the setting in IP TOS Priority Map. TAG: The configuration will follow the setting of Tag Priority Map. IP+Tag: The configuration will follow the setting of IP TOS Priority Map and then Tag Priority Map. IP TOS Priority Map setting has higher priority over Tag Priority Map. Tag+IP: The configuration will follow the setting of Tag Priority Map and IP TOS Priority Map. Tag Priority Map setting has higher priority over IP T OS Priority Map. Schedule Mode: Two schedule modes are available from the drop-down menu, these are Strict and Weight (8:4:2:1). Strict: This indicates that services to the egress queues are offered in the sequential order and all traffic with higher priority queues are transmitted first before lower priority queues are serviced. Weight: Weighted Round-Robin shares bandwidth at the egress ports by using scheduling weights 1, 2, 4, 8 for queues 1 through 4 respectively. Port Priority: Select one of the listed priorities from the drop-down menu. The tag priority will be changed accordingly. Tag Priority: When you select a port priority, the corresponding tag priority value will appears automatically. The table below shows the corresponding tag priority value for each port priority option.
29
Port Priority Tag Priority Prior ity
Q1 0
Q2 2
Q3 4
Q4 6
Q1+ 1
Q2+ 3
Q3+ 5
Q4+ 7
IP TOS Priority Map: Map IP TOS to priority queue. The TOS includes TOS (0) to TOS (63) and the priority queue includes Q0, Q1, Q2 and Q3. Tag Priority Map: Assign a tag priority to the specific priority queue. The queue priority value in the second field will change automatically depending on the tag priority value selected in the first field. Ingress Rate Limit Mode: All Frames: All frames are allowed to pass. Broadcast Only: Only broadcast frames are allowed to pass. Rate Limit Count Mode: FrameBits: A frame without packet preamble byte. TotalBits: A complete frame which is longer than Framebits. TotalBits+IFG: TotalBits adds Inter Frame Gap. Port Ingress: Select each port‟s ingress rate limit range. range. Port Egress: Select each port‟s egress rate limit range.
2.5.4.3 Port Configuration Select the option Port Configuration from the Switch Management menu, then the following screen appears.
Port Number: Using spacebar to select “All” or “All” or select from port 1 to port 9. Port State: Enable or disable current port state. 30
Port Type: Press Spacebar to choose either Auto-Negotiation or Manual. Port Speed: When “Manual” Manual” is selected, you need to further select the port speed either 10Mbps or 100Mbps. Duplex: Press spacebar to select Full or Half Duplex mode. Flow Control: Press spacebar to enable or disable flow f low control. Description: When you configure the settings of a certain port, you can enter a unique description for this port.
2.5.4.4 VLAN Configuration A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collections of LAN segments into a group that appears as a single LAN. VLAN also logically segments the network into different broadcast domains. All broadcast, multicast, and unknown packets entering the Switch on a particular VLAN will only be forwarded to the stations or ports that are members of that VLAN. VLAN can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains. A VLAN is a collection of end end nodes grouped by logics instead of physical locations. End nodes that frequently communicate with each other are assigned to the same VLAN, no matter where they are physically located on the network. Another benefit of VLAN is that you can change the network topology without physically moving stations or changing cable ca ble connections. Stations can be „moved‟ to another VLAN and thus communicate with its members and share its resources, simply by changing the port VLAN settings from one VLAN to another. This allows VLAN to accommodate network moves, changes and additions with the greatest flexibility. f lexibility. The Managed Switch supports two types of VLAN, these are: Port-Based VLAN and 802.1Q Tag VLAN. Select the option VLAN Configuration from the Switch Management menu, then the following screen appears.
31
VLAN Mode: Using spacebar to select Port Based VLAN or IEEE IEEE 802.1Q Tag VLAN mode. Configure VLAN: Set up VLAN name, ports, etc.
2.5.4.4.1 Port Based VLAN Configuration Port-based VLAN can effectively segment one network into several broadcast domains, and broadcast, multicast and unknown unknown packets will be limited to within the VLAN. Port-Based VLAN is uncomplicated and fairly rigid in implementation, it is best used by network administrators who wish to quickly and easily set up VLAN in order to isolate the effect of broadcast packets on their network The following screen page shows up if you choose Port-Based VLAN mode and then Configure VLAN.
When the Managed Switch is initially powered up or restored to the factory default setting, all switch ports are a member of the Default VLAN and participate in the same broadcast domain. This allows devices connected to the switch port to communicate with other devices on the switch port. Use New to add a new VLAN entity, then the following screen page shows up. Use Edit to view and edit the current VLAN setting. Use Delete to remove a VLAN entity.
32
VLAN Name: Specify a VLAN name. VLAN Members: Associate ports to this VLAN entry. entry. Move the cursor to VLAN member and mark the port with “V” which means that the port belongs to this VLAN.
2.5.4.4.2 802.1Q VLAN Concept Port-Based VLAN is simple to implement and use, but it cannot deploy cross switches VLAN. Therefore, the 802.1Q protocol was developed in order to provide the solution. By tagging VLAN membership information to Ethernet frames, the IEEE 802.1Q can help network administrators break large switched networks into smaller segments so that broadcast and multicast traffic will not occupy too much available bandwidth as well as provide a higher level security between segments of internal networks. The 802.1Q frame format is shown below. PRE PRE SFD DA SA TCI P C
SFD
DA
SA
TCI
P
C
VID
T/L
Payload
FCS
Preamble Start Frame Delimiter Destination Address Source Address Tag Control Info Priority Canonical Indicator
62 bits Used to synchronize traffic 2 bits Marks the beginning of the header 6 bytes The MAC address of the destination 6 bytes The MAC address of the source 2 bytes set to 8100 for 802.1p and Q tags 3 bits Indicates 802.1p priority level 0-7 1 bit Indicates if the MAC addresses are in Canonical format - Ethernet set to "0" VID VLAN Identifier 12 bits Indicates the VLAN (0-4095) T/L Type/Length Field 2 bytes Ethernet II "type" or 802.3 "length" Payload < or = 1500 bytes User User data FCS Frame Check Sequence 4 bytes Cyclical Redundancy Check
Important VLAN Concepts for Configuration There are two key concepts to understand. -
The Default Port VLAN ID (PVID) specifies the VID to the switch port that will assign the VID to untagged traffic from that port.
33
-
The VLAN ID (VID) specifies the set of VLAN that a given port is allowed to receive and send labeled packets.
Both variables can be assigned to a switch port, but there are significant differences between them. An administrator can only assign one one PVID to each switch port port (since the 802.1Q protocol assigns any single packet to just one VLAN). The PVID defines the default VLAN ID tag that will be added to un-tagged frames receiving from that port (ingress traffic). On the other hand, a port can be defined as a member of multiple VLAN (multiple VID). These VIDs constitute an access list for the port. The access list can be used to filter tagged ingress traffic (the switch will drop a tagged packet if the port is not one of the members of that VLAN). The switch also consults the access list to filter packets it sends to that port (egress traffic). Packets will not be forwarded unless they belong to the VLANs that the port is one of the members. The differences between Ingress and Egress configurations can provide network segmentation. Moreover, they allow resources resources to be shared across more than one VLAN.
Important VLAN Definitions Ingress The point at which a frame is received on a switch and the switching decisions must be made. The switch examines the VID (if present) in the received received frames header and decides decides whether or not and where to forward the frame. If the received frame is untagged, the switch will tag the frame with with the PVID for the port on which it was was received. It will then use traditional Ethernet bridging algorithms to determine the port to which the packet should be forwarded. Next, it checks to see if each destination port is on the same VLAN as the PVID and thus can transmit the frame. If the destination port is a member of the VLAN used by the ingress port, the frame will be forwarded. If the received frame is tagged with VLAN information, the switch checks its address table to see whether the destination port is a member of the same VLAN. Assuming both ports are members members of the tagged VLAN, the frame will be forwarded. forwarded.
Ingress Filtering The process of checking an incoming frame and comparing its VID with the ingress port VLAN membership is known as Ingress Filtering. On the Managed Switch, it can be either enabled or disabled. disabled. 1. When an untagged frame is received, the ingress port PVID will be applied to the frame. 2. When a tagged frame is received, the VID in the frame tag is used. When Ingress Filtering is “Enabled” Enabled”,, the Managed Switch will first determine, 1. If the ingress port itself is a member of the frame f rame VLAN, it will receive the frame. 2. If the ingress port is not a member of the frame VLAN, the frame will be dropped.
34
3. If it is a member of of that VLAN, the Managed Managed Switch then checks checks its address table to see whether the destination port is a member of the same VLAN. Assuming both ports are members of that VLAN, the frame will be forwarded. Administrators should make sure that each port‟s port‟s PVID is set up; otherwise, incoming frames may be dropped if Ingress Filtering is enabled. On the other hand, when Ingress Filtering is disabled, the Managed Switch will not compare the incoming frame VID with the ingress port VLAN membership. It will only check its address table to see whether the destination VLAN exists. 1. If the VLAN is unknown, it will be broadcasted. 2. If the VLAN and the destination destination MAC address address are known, the frame will be forwarded. 3. If the VLAN is known known and the destination MAC MAC address is unknown, unknown, the frame will be flooded to all ports in the VLAN.
Tagging Every port on an 802.1Q compliant switch can be configured as tagging t agging or un-tagging. un-tagging. Ports with taggings Enable will put the VID number, priority and other VLAN information into the header of all packets packets that flow into and out out of it. If a packet has been been tagged previously, the port will not alter the packet and keep the VLAN information intact. The VLAN information in the tag can then be used by other 802.1Q compliant devices on the network to make packet forwarding decisions.
Un-tagging Ports with un-taggings Enable will strip the 802.1Q tag f rom all packets that flow into and out of those ports. If the packet does does not have an 802.1Q 802.1Q VLAN tag, the port will not alter the packet. Thus, all packets received by and forwarded by an un-tagging port will have no 802.1Q VLAN information. (Remember that the PVID is only used internally within the switch). Un-tagging is used to send packets from an 802.1Q-compliant network device to a non-compliant network device. Simply put, un-tagging means that once you set up the port as “U” (untagged), all egress packets (in the same VLAN group) from the port will have no tags.
35
2.5.4.4.3 IEEE 802.1Q VLAN configuration The following screen page shows up if you choose IEEE 802.1q Tag VLAN mode and then select Configure VLAN.
Press New to add a new VLAN entity, then they following screen page appears. Press Edit to view the current VLAN setting. Use Delete to remove a VLAN entity.
VLAN ID: Specify a VLAN ID between 1 and 4094 VLAN Name: Specify a VLAN name. VLAN Members: Moving the cursor to VLAN member and mark the port with F (Forward), (Blocked), U (Untagged) or T (Tagged). F (Forward): The ingress packet will be forwarded intact. - (Blocked): The port does not belong to this VLAN. U (Untagged): The ingress packet will be forwarded without a tag. (If the ingress packet has a tag, the tag will be removed.) T (Tagged): The ingress packets will be forwarded with a tag. (If the ingress packet 36
has no a tag, then it will be attached a tag.)
2.5.4.4.4 Configure Default Port VLAN ID The following screen page shows up if you choose IEEE 802.1q Tag VLAN mode and then select Configure Default Port VLAN ID.
802.1q Tag VLAN Mode: There are four modes available for selection. Disabled: When “Disabled”, all settings here will be be ignored. The setting configured in Port-Based VLAN will be used. Fallback: If a packet received is untagged, it will follow the setting of Tagging. If a packet received is tagged, it will follow the setting of existing VLAN table. When VLAN table does not exist, the packet will be broadcasted and follow PortBased VLAN settings. Check: If a packet received is untagged, it will follow the setting of Tagging. If a packet received is tagged, it will follow the setting of existing VLAN table. When VLAN table exists, the packet will follow the setting of VLAN table. If not, the packet will be dropped. Secure: The function is same as Check. However, if the packet from Ingress port does not belong to one of the VLAN table, the packet will be dropped. Per Port Settings: Enable or disable per port settings. When enabled, you can set each port‟ port‟s 802.1q tag VLAN mode. Default Port VLAN ID (PVID): Specify the default port VLAN ID for each port (1 ~ 4094). Default Egress Mode: F: When VLAN table dose not exist or VLAN mode is i s disabled, the Egress packet will be forwarded unmodified. U: When VLAN table dose not exist or VLAN mode is disabled, the Egress packet will be unmodified.
37
T: When VLAN table dose not exist or VLAN mode is disabled, the Egress packet will be tagged with Ingress PVID. D: Force to add one tag with Ingress PVID on Egress packet. Default Ingress Mode: F: The packet from Ingress will be forwarded unmodified. U: The packet from Ingress will be untagged.
2.5.4.5 Spanning Tree Protocol The Spanning Tree Protocol (STP), defined in the IEEE Standard 802.1D, creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches) and disables the links which are not part of that tree, leaving a single active path between any two network nodes. Multiple active paths between network nodes cause a bridge loop. Bridge loops create several problems. First, the MAC address table used by the switch or bridge can fail, since the same MAC addresses (and hence the same network hosts) are seen on multiple ports. Second, a broadcast storm occurs. This is caused by broadcast packets being forwarded in an endless loop between switches. A broadcast storm can consume all available CPU resources and bandwidth. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manually enabling/disabling these backup links. To provide faster spanning tree convergence after a topology change, an evolution of the Spanning Tree Protocol: Rapid Spanning Tree Protocol (RSTP), introduced by IEEE with document 802.1w. RSTP, is a refinement of STP; therefore, it shares most of its basic operation characteristics. This essentially creates a cascading effect away from the root bridge where each designated bridge proposes to its neighbors to determine if it can make a rapid transition. This is one of the major elements allowing RSTP to achieve faster convergence times than STP. Select Spanning Tree Protocol from the Switch Management menu and then two options will be displayed as follows.
38
1. STP Switch Settings: To set up system priority, MAX Age, Hello Time, etc. 2. STP Port Settings: To set up port cost and priority.
2.5.4.5.1 STP Switch Settings Select the option STP Switch Settings from Spanning Tree Protocol menu, then the following screen appears.
Spanning Tree Protocol: Enable or disable Spanning Tree Protocol. Designated Root: View-only field that shows the MAC address of the designated root. Root Path Cost: View-only field that shows the path cost of the designated root. Root Port: View-only field that shows the root port. Root Max Age: View-only field that shows the max age of the designated root. Root Hello Time: View-only field that shows the hello time of the designated root. Root Forward Delay: View-only field that shows the forward delay time of the designated root.
39
Root Bridge Priority: View-only field that shows the bridge priority value of the designated root. Max Age: If another switch in the spanning tree does not send out a hello packet for a long period of time, it is assumed to be disconnected. This default timeout is 20 seconds. Hello Time: Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridge that are used to communicate information about the topology throughout the entire Bridged Local Area Network. Forward Delay: It is the time spent in each Listening and Learning state before the Forwarding state is entered. This delay occurs when a new bridge comes onto a busy network. Bridge Priority: Each interface is associated with with a port (number) in the STP code. code. And, each switch has a relative priority and cost that is used to decide what the shortest path is to forward a packet. The lowest cost path is always used unless the other path is down. If you have multiple bridges and interfaces then you may need to adjust the priorities to achieve optimized performance. The switch with the lowest priority will be selected as the root bridge. The root bridge is the “central” bridge in the spanning tree.
2.5.4.5.2 STP Port Settings Select the option STP Port Settings from Spanning Tree Protocol menu, then the following screen appears.
STP Port State (Off/On): Use the spacebar to turn on or off STP mode. STP Port Cost (0-65535): This parameter is used by the STP to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. 0 means auto-generated path cost. STP Port Priority (0-255): Choose a value between 0 and 255 to set the priority for the port interface. A higher priority will designate the interface to forward packets first. A lower number denotes a higher priority.
40
2.5.4.6 MAC Address Management Select the option MAC Address Management from the Switch Management menu, then the following screen page appears.
Note: The switch only supports switch-based MAC security and does not support port-
based MAC security. The switch can support up to 128 entries of MAC addresses.
MAC Security: Enable or disable MAC security. When enabled, only the packets have the same MAC address defined in the table with the specified VLAN will be forwarded to the forwarding port. For other packets that do not match the MAC addresses in the table, they will be dropped. Use New to add a new MAC address entity, then the following screen page shows up. Use Delete to remove a MAC address entity. Use Edit to view and edit the selected MAC address entity.
Current/Total/Max: The number of current, total and maximum MAC address entry or entries. Destination MAC Address: Specify a destination MAC address in the packet.
41
Forwarding Port: If the incoming packet has the same destination MAC address as the one specified, it will be forwarded to this port directly. directly.
2.5.4.7 L2 Protocol Converting The L2 Protocol Converting function is provided with this Managed Switch and can be enabled and performed on ports of the edge switch resided in the service-provider ‟s network. The transmitting edge-switch‟ edge-switch‟s (e.g. this Managed Switch‟ Switch ‟s) “convert” convert” ports (in terms of converting from the transmitting customer switches) that are connected to the transmitting customer switches‟ switches‟ IEEE 802.1Q trunk ports defined. The receiving edge switch‟ switch‟s (e.g. the other Managed Switch‟ Switch‟s) “access” access” ports (in terms of converting to the receiving customer switches) are connected to the receiving customer switches‟ switches ‟ access ports logically defined. Both transmitting and receiving edge switches being connected to the transmitting/receiving customer switches shall perform the L2 protocol converting process respectively and accordingly.
The Managed Switch enables CDP (Cisco Discovery Protocol), STP (Spanning Tree Protocol), and VTP (VLAN Trunk Protocol) to be converted. For emulated point-to-point network topologies, the Managed Switch also supports other L2 control protocols. However, users must know which MAC address and its corresponding LLC code are for the L2 control protocol that they would like to convert. Obtaining above information allows users to fill in MAC and LLC code information in the converting table provided for the L2 conversion of the control protocol. The LLC code is extremely important for protocol conversion. Before performing protocol conversion, you should pay closer attention to L2 control protocols since some could share the same MAC address but with different LLC codes for enabling different control functions. For instance, VTP and CDP both use the same MAC address “01-00-0C-CC-CC-CC 01-00-0C-CC-CC-CC””;
42
however, however, they can have different VTP and CDP LLC code. MAC or LLC code information can be obtained by using software and/or hardware of protocol analyzers. Further information about protocol conversion is available in IEEE standard books. The format of L2 control protocol frame is shown below. PRE PRE SFD DA SA L LLC Payload FCS
SFD DA SA
L LLC
Preamble Start Frame Delimiter Destination Address Source Address Frame Length Logical-Link Control
Payload and other information 62bits 2bits 6bytes 6bytes 2bytes 8bytes < or = 1500
FCS
Used to synchronize traffic Mark the beginning of the header The destination MAC address The source MAC address
User data Frame Check Sequence
Select the option L2 Protocol Converting from the Switch Management menu, then the following screen page appears.
Converting State: Set On or Off on each port to encapsulate or decapsulate the control protocols. Converting Protocols: Enable or disable CDP, VTP, and STP to be converted. Up to 16 entries of protocol conversion can be set up. If L2 control protocols other than CDP, VTP and STP will be used, the following four parameters need to be set up manually:
Invalid/Valid: Use Spacebar Spacebar to switch between between options to enable the the L2 protocol converting on the entry. Decapsulated DA: Specify the MAC address of the specific L2 control protocol. Logical-Link Control: Specify the specific LLC code for the specific MAC address.
43
Encapsulated DA: Specify a multicast MAC address to encapsulate the MAC address of L2 control protocol. There are no specific MAC addresses except the ones defined by standard. (Note: If the first byte of MAC address is an odd number, the MAC address belongs to a multicast MAC address.) NOTE: L2 Protocol Converting is supported (available) only at the 802.1q Tag VLAN Mode of “ Secure Secure” .
2.5.4.8 Loop Detection Configuration Select the option Loop Detection Configuration from the Switch Management menu, then the following screen page appears.
Port: Enable or disable each port‟ port ‟s loop detection function. When a certain port is enabled (mark with “V”), the port will send out loop detection packets to detect whether loops occur or not. Lock: When loops occur, occur, the ports which are marked with “V” will be locked. In other words, those locked ports will not receive r eceive packets from other ports. Sending Detected Frame Interval: Enter the time interval (1-180 seconds) for sending a loop detection frame. Sending Frames Per Query: Enter the amount of frames sent per query (1-16). NOTE: The rate-limit will be automatically enabled when you turn on the loop -detection for
a port.
44
2.5.4.9 LLDP Configuration LLDP stands for Link Layer Discovery Protocol and runs over data link layer which is used for network devices to send information about themselves to other directly connected devices on the network. By using LLDP, two devices running different network layer protocols can learn information about each other. A set of attributes are used to discover neighbor devices. These attributes contains type, length, and value descriptions and are referred to TLVs. Details such as port description, system name, system description, system capabilities, management management address can be sent sent and received on this Managed Switch. Use Spacebar to select “ON” ON” if you want to receive and send the TLV. Select the option LLDP Configuration from the Switch Management menu, then the following screen page appears.
Port: Enable or disable each port‟ port ‟s LLDP. Use the spacebar to mark the port as “V” (Enabled). Receiver Hold-Time (TTL): Enter the amount of time for receiver hold-time in seconds. A receiving device will keep the information sent by your device for a period of time you specify here before discarding it. Sending LLDP Packet Interval: Enter the time interval for updated LLDP packets to be sent. Sending Packets Per Discovery: Enter the amount of packets that are sent in each discovery. Delay LLDP Initialization: A period of time the Managed Switch will wait before the initial LLDP packet is sent. Selection of LLDP TLVs to send: LLDP uses a set of attributes to discover neighbor devices. These attributes contains type, length, and value descriptions and are referred to TLVs. Details such as port description, system name, system description, system capabilities, management management address can be sent sent and received on this Managed Managed Switch. Use Spacebar to select “ON” ON” if you want to receive and send the corresponding TLV.
45
2.5.5 Switch Monitor Switch Monitor allows users to monitor the real-time operation status of the Managed Switch. Users may monitor the port link-up status or traffic counters for maintenance or diagnostic purposes. Select the the option option Switch Monitor from the Console main menu, then the following screen appears.
1. Switch Port State: View current port media type, port state, etc. 2. Port Traffic Statistics: View port Receive/Send Byte Frames, utilization , etc. 3. Port Packet Error Statistics: View the traffic condition of ports, CRC, fragment, Jabber, etc. 4. Port Packet Analysis Statistics: Count ports RX/TX Frames in different length, unicast number, etc. 5. Mac Address Table: List current MAC addresses learned. 6. IGMP Snooping: View a list of IGMP queries‟ information in VLAN(s) such as VLAN ID, Querier and reports. 7. Loop Status: View the locked ports and know whether the port has loops. 8. LLDP Status: View neighboring devices‟ TLV information.
46
2.5.5.1 Switch Port State To view the real-time port status of the switch, select Switch Port State from the Switch Monitor menu, menu, then the following screen appears.
Port Number: The number of the port. Media Type: The media type of the port, either TX or Fiber. Port Sate: This shows each port‟s state which can be D (Disabled), B/L (Blocking/Listening), L (Learning) or F (Forwarding). Disabled: A Port in this state does not participate in frame relay or the operation of the Spanning Tree Algorithm and Protocol if any. Blocking: A Port in this state does not participate in frame f rame relay; thus, it prevents frame f rame duplication arising from multiple paths existing in the active topology of Bridged LAN. Learning: A port in this state prepares to participate in frame relay. Frame relay is temporarily disabled in order to prevent temporary loops, which may occur in a Bridged LAN during the lifetime of this state as the active topology of the Bridged LAN changes. Learning is enabled to allow information to be acquired prior to frame relay in order to reduce the number of frames that are unnecessarily relayed. Forwarding: A port in this state participates in frame rela y. Packets can be forwarded only when port state is forwarding. Link State: The current link status of the port, either up or down. Speed (Mbps): The current operation speed of each port. Duplex: The current operation Duplex mode of each port, either Full or Half. Flow Control: The current state of Flow Control, either on or off
47
2.5.5.2 Port Traffic Statistics In order to view the real-time port traffic statistics status of the switch, select Port Traffic Statistics from the Switch Monitor menu, menu, then the following screen appears.
Bytes Received: Total bytes received from each port. Frames Received: Total frames received from each port. Utilization: The ratio of each port receiving traffic and current port‟s port‟s total bandwidth. Bytes Sent: The total bytes sent from current port. Frames Sent: The total frames sent from current port. Utilization: The ratio of each port sending traffic and current port‟s port‟s total total bandwidth. Total Bytes: Total bytes of receiving and send from current port. Total Utilization: Real traffic of received and sent to current port of total bandwidth.
48
2.5.5.3 Port Packet Error Statistics Port Packet Error Statistics Mode Counters enable users to view the port error history of the Managed Switch, Event Mode counters are calculated since the last time that counter was reset or cleared. Select Port packet Error Statistics from the Switch Monitor menu, menu, then the following screen appears.
Use left and right arrow key ( & ) to select the port that you want to view.
Ctrl-A: Press Ctrl-A to clear all port‟ port‟s counter values back to zero. RX CRC Errors: The number of packets received by a port that are between 64 and 1522 bytes long in length (excluding framing bits but including FCS) and have a bad FCS with an integral number of bytes. RX Fragments: Total frames received which are less than 64 bytes or frames without SFD and are less than 64 bytes in length. RX Filtered Frames: Total frames received that are filtered. RX Alignment Errors: The number of packets received by a port that have are between 64 and 1522 bytes in length (excluding ( excluding framing bits but including FCS) and have a bad FCS with a non-integral number of bytes. RX Undersized Frames: Total frames received shorter than 64 bytes. RX Oversized Frames: Total frames received longer than maximum frame size. RX Jabbers: Total frames received that have both Oversize and CRC error. RX Dropped frames: Total received frames dropped due to resources shortage. TX Dropped frames: Total frames that are not transmitted due to resources shortage. TX Late Collisions: Total late collision detected.
49
TX Deferred: Deferred frames occurred after 512 bits time. TX Total Collisions: Total frames collision detected.
2.5.5.4 Port Packet Analysis Statistics Port Packet Analysis Statistics Mode Counters enable users to view the port analysis history of the Managed Managed Switch. Event mode counters counters are calculated since the the last time that counter was reset or cleared. Select Port Packet Analysis Statistics from the Switch Monitor menu and then the following screen page appears.
RX Frames 64 Bytes: 64 bytes frames received. received. RX Frames 65-127 Bytes: 65-127 bytes frames received. RX Frames 128-255 Bytes: 128-255 bytes frames received. RX Frames 256-511 Bytes: 256-511 bytes frames received. RX Frames 512-1023 Bytes: 512-1023 bytes frames received. RX Frames 1024-MAX Bytes: Over 1024 Over 1024 bytes frames received. RX Unicast Frames: Good unicast frames received. RX Multicast Frames: Good multicast frames received. RX Broadcast Frames: Good broadcast frames received. TX Unicast Frames: Good unicast packets sent. TX Multicast Frames: Good multicast packets sent. TX Broadcast Frames: Good broadcast packets sent.
50
2.5.5.5 MAC Address Table MAC Address Table displays MAC addresses learned since the Managed Switch is reset and MAC Address Learning are enabled.
The table above displays MAC addresses learn from each port of the Managed Switch. Press “U” to update the MAC address table. Press “C” to clear the MAC address table.
Page: Use spacebar to select the MAC address page number. Port: Use spacebar to select whether you want to view all MAC addresses learned from all ports or just MAC addresses learned from a certain port.
51
2.5.5.6 IGMP Snooping The Internet Group Management Protocol (IGMP) is a communications protocol used to manage the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships. It can be used for online streaming video and gaming, and allows more efficient use of resources when supporting these applications. IGMP Snooping is the process of listening to IGMP I GMP traffic. IGMP snooping, as implied by the name, is a feature that allows the switch to “listen in” in” on the IGMP conversation between hosts and routers by processing the layer-3 IGMP packets sent in a multicast network. When IGMP snooping is enabled in a switch it analyses all IGMP packets between hosts connected to the switch and multicast routers in the network. When a switch hears an IGMP report from a host for a given multicast group, the switch adds the host ‟s port number to the multicast list for that group. Furthermore, when the switch hears an IGMP Leave, it removes the host‟ host‟s port from the table entry. IGMP snooping can effectively reduce multicast traffic from streaming and other bandwidth intensive IP applications. A switch using IGMP snooping will only forward multicast traffic to the hosts interested in that traffic. This reduction of multicast traffic reduces the packet processing at the switch (at the cost of needing additional memory to handle the multicast tables) and also reduces the workload at the end hosts since their network cards (or operating system) will not have to receive and filter all the multicast traffic generated in the network.
Multicast Group: The multicast IP address of IGMP querier. 1 ~ 9: The port number. Queries: The state of IGMP querier in the VLAN. Reports: The total IGMP report packets received. Aging Out: The countdown timer shows the remaining time (the default countdown time is 300 seconds) that this entry‟ entry‟s statistics is cleared. When the report comes in, the counter
52
will be refreshed (counting down from 300 seconds). When time is up and there are no new reports, each row‟s statistics statistics will be cleared.
2.5.5.7 Loop Status Select Loop Status from the Switch Monitor menu and then the following screen page appears.
Local Port: The port number on the Managed Switch. Loop: If the port detects a loop, it will show “yes” yes”. Otherwise, “no” no” will be displayed. Loopback-port: The port number that receives loop detection packets. Lock: This shows whether the local port is locked or not.
2.5.5.8 LLDP Status Select LLDP Status from the Switch Monitor menu and then the following screen page appears.
Local Port: This shows the port number on which LLDP frames are received. Chassis ID: This shows the MAC address of the LLDP frames received.
53
Remote Port: This shows the port number of the neighboring device. System Name: This shows the system name advertised by the neighboring device. Press U to refresh the table.
2.5.6 System Utility System Utility allows users to easily operate and maintain the system. Select the option System Utility from the Console main menu, then the following screen appears.
1.
Ping: Ping allows users to ping a specified network device.
2.
Event Log: Event log can keep a record of system‟s log events such as system warm start, cold start, link up/down, user login/logout, etc.
3.
Update Firmware: This allows users to update the latest firmware, save current configuration or restore previous configuration to the Managed Switch.
4.
Load Factory Setting: Load Factory Setting will set the configuration of the Managed Switch back to the factory default settings. The IP and Gateway addresses will be set to the factory default as well.
5.
Load Factory Setting Except Network Configuration: Selecting this function will also restore the configuration of the Managed Switch to its original factory default settings. However, this will not reset the IP and Gateway addresses to the factory default.
6.
Backup Configuration: Set up the configuration for backup.
54
2.5.6.1 Ping Ping is a network utility that is generally used to test the remote host is reachable or not by sending ICMP Echo Request. When a remote host is reachable, it will respond with an ICMP Echo Reply. This function can help network administrators identify the network connection status easily. Select the option Ping from the System Utility menu, then the following screen page appears.
IP Address: Enter the desired IP address that the Managed Switch would like to Ping. Size: Enter the desired length of the Ping packets. Repeat: Enter the total number of times which Ping will be initiated . Time Out: Enter the desired time-out value of Ping. After finishing configuration, move the cursor cursor to Ping then press Enter to to start the Ping process. The statistical summary of packets received will be shown on the screen.
2.5.6.2 Event Log Event log keeps a record of user login, logout timestamp information. Select Event Log from the System Utility menu, then the following screen page shows up.
55
Select Page_Up or Page_Down to view the previous or next page information. Press M for more properties such as Description, Source, Event, Name/Community and Address.
2.5.6.3 Update Firmware The Managed Switch has both built-in TFTP and FTP clients that can be used to connect to TFTP or FTP server for restoring previously-created configurations and upgrading Firmware. Select Update Firmware from the System Utility menu, then the following screen page shows up.
Protocol: Press Spacebar to select the preferred protocol - FTP or TFTP. File Type: Press Spacebar to select the file that you want to process either Firmware or Configuration. Server Address: Enter the specific IP address of the FTP or TFTP Server. User Name: Enter the specific User Name for login to the FTP Server. Password: Enter the specific Password for login to the FTP Server. File Location: Enter the specific path and filename within the TFTP or FTP Server. Select Get then press Enter to to receive the file from the server. A Transmitting Progress will be displayed during transfer. Once the transfer process is complete, a message will pop up to remind the user. Select Put then press Enter to to transmit the file to the server. A Transmitting Progress will display during transfer. Once the transfer process is complete, a message will pop up to remind the user. Select Stop then press Enter to to abort the current operation. Select Update then press Enter to instruct the Managed Switch to update the current firmware/configuration to the latest firmware/configuration. When the update is successful, the switch will need a reset to make changes effective. 56
2.5.6.4 Load Factory Settings Load Factory Setting will set all configurations of the Managed Switch back to the factory default settings, including the IP and Gateway address. Load Factory Setting is useful when network administrators would like to re-configure the system. A system reset is required to make all changes effective after Load Factory Setting. Select Load Factory Setting from the System Utility menu, the following screen page shows up.
To load Factory Settings, select OK then press Enter .
2.5.6.5 Load Factory Setting Except Network Configuration Load Factory Setting Except Network Configuration will set configurations of the Managed Switch back to the factory default settings except IP and Gateway address. Load Factory Setting Except Network Configuration is very useful when a network administrators needs to re-configure the system “REMOTELY” REMOTELY” because because conventional Factory Reset will bring network setting back to default and lose all network connections. Select Load Factory Setting Except Network Configuration from the System Utility menu, then the following screen page shows up. up .
57
To load factory default settings except IP and Gateway address, select OK then press Enter .
2.5.6.6 Backup Configuration Select Backup Configuration from the System Utility menu, then the following screen appears.
Auto Backup: Use spacebar to disable (default) or enable “ Auto Auto Backup”. Backup”. Backup Time: Set up the time (by o‟clock) to automatically back up a configuration file once a day. If the remote server fails or does not exist, this function allows the system to retry every minute until backup is successfully completed or the system times out. Protocol: Select FTP or TFTP server to backup a configuration file. Server Address: Specify the FTP or TFTP server IP address. User Name: Specify the username for FTP server. Password: Specify the password for FTP server. 58
File Directory: The file directory where the backup file will be saved to. File Name: The name of the backup file which will be saved by date.
2.5.7 Save Configuration In order to save configuration setting permanently, users need to save configurations first before resetting resetting the Managed Switch. Select Save Configuration from the Console main menu, then the following screen appears.
To save the Configuration, select OK then press Enter .
2.5.8 Reset System After making some configuration changes, users need to reset the system so as to make changes effective. Select Reset System from the Console main menu, then the following screen appears.
59
To perform System Reset, Select OK then press Enter .
2.5.9 Logout Console Logout will stop current RS-232 or Telnet connection between the system and the PC. To perform Logout, select the option Logout from the Console main menu, then the following screen appears.
To logout, select OK then press ENTER.
60
3. SNMP NETWORK MANAGEMENT The Simple Network Management Protocol (SNMP) is an application-layer protocol that facilitates the exchange of management information between network devices. It is part of the TCP/IP protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. SNMP consists following key components,
Managed device is a network node that contains SNMP agent. Managed devices collect and store management information and make this information available to NMS using SNMP. Managed device device can be switches/Hub, etc. MIB (Management Information Base) define the complete manageable entries of the managed device. These MIB entries can be be either either read-only or read-write. read-write. For example, example, the System Version is read-only variables. The Port State Enable or Disable Disable is a read-write variable and a network administrator can not only read but also set its value remotely. SNMP Agent is a management module resides in the managed device that responds to the SNMP Manager request. SNMP Manager/NMS executes applications that monitor and control managed devices. NMS provide the bulk of the processing and memory resources required for the complete network management. management. SNMP Manager often composed by desktop desktop computer/work station and software program such like HP OpenView. Totally 4 types of operations are used between SNMP Agent & Manager to change the MIB information. These 4 operations all use the UDP/IP UDP/IP protocol to exchange packets. packets.
GET: This command is used by an SNMP Manager to monitor managed devices. The SNMP Manager examines different variables that are maintained by managed devices. GET Next: This command provides traversal operation and is used by the SNMP Manager to sequentially gather information in variable tables, such as a routing table. SET: This command is used by an SNMP Manager to control managed devices. The NMS changes the values of variables stored within managed m anaged devices. Trap: Trap is used by the managed device to asynchronously report a specified event to the SNMP Manager. When certain types of events events occur, a managed device device will send a trap to alert the SNMP Manager. The system system built-in management management module also supports supports SNMP management. User must install the MIB file before using using the SNMP based based network management management system. The MIB file is on a diskette that accompanies the system. The file name extension is .mib, which SNMP based compiler can read. Please refer to the appropriate documentation for instructions on installing the system private MIB.
61
4. WEB MANAGEMENT The Managed Switch Switch can be accessed accessed and managed via a Web browser. However, you must first assign a unique unique IP address to it before doing so. Use a RJ45 LAN cable cable and one of the 10/100Base-TX RJ-45 ports of the Managed Switch (as the temporary RJ-45 Management console port) to login to the Managed Switch and set up the IP address for the first time. (The default IP of the Managed Switch can be reached at “http://192.168.0.1”. You can change the Managed Switch‟s IP address to the needed one in its Network Management menu.) Follow these steps to manage the Managed Switch through a Web browser: 1. Use one of the 10/100Base-TX 10/100Base-TX RJ-45 ports (as the temporary RJ-45 Management Management console port) to set up the following IP parameters for the Managed Switch:
IP address Subnet Mask Default Fiber Switch IP address, if required
2. Run a Web browser and specify specify the Managed Switch‟s IP address to reach it. (The (The default IP address is “http://192.168.0.1”) 3. Login to reach reach the Main Main menu. menu. Once you gain the access, a Login windows shows up like the one shown below.
Enter the user name and password then select “OK” to login to the main screen page. By default, the username is “admin” and without a password (leave the password field blank).
62
After a successful login, the Main Menu screen shows up. The menu functions in the Web W eb Management are similar to those described at the Console Management and are also described below.
1. System Information: Name the Managed Switch, specify the location and check the current version of information. 2. User Authentication: View the registered user user list. Add a new user or remove an existing user. 3. Network Management: Set up or view the IP address and related information of the Managed Switch required for network management applications. 4. Switch Management: Set up switch/port configuration, VLAN configuration and other functions. 5. Switch Monitor: View the operation status and traffic statistics of the ports. 6. System Utility: Event log, Firmware Upgrade, Load Factory Settings, etc. 7. Save Configuration: Save all changes to the system. 8. Reset System: Reset the Managed Switch.
63
4.1 System Information Select System Information in the Main Menu and then the following screen page shows up. Please note that system information displayed will depend on the device model, the slide-in fiber and installed RF module. The following two screen pages show ESH/PSH/SWH-2108 & 2109 Series and ESH-2109-RF system information respectively. respectively. System Information for ESH/PSH/SWH-2108 & 2109 Series:
System Information for ESH-2109-RF:
Company Name: Enter a company name for this Managed Switch of up to 55 alphanumeric characters. System Object ID: View-only field that shows the predefined System OID. System Contact: Enter contact information for this Managed Switch of up to 55 alphanumeric characters. System Name: Enter a unique name for this Managed Switch of up to 55 alphanumeric characters. Use a descriptive name to identify the Managed Switch in relation to your network, for example, “Backbone 1”. This name is used for reference only. reference only.
64
System Location: Enter a brief location description for the Managed Switch of up to 55 alphanumeric characters. The location description is used for reference only. Model Name: View-only field that shows the product‟s product ‟s model model name. Firmware Version: View-only field that shows the product‟s product‟s Firmware Firmware version. 1000M Port Number: View-only field that shows the number of port(s) that operates in 1000M. 100M Port Number: View-only field that shows the number of port(s) that operates in 100M. M/B Version: View-only field that shows the main board version. Fiber 2 Type: View-only field that shows the information about fiber connector, fiber speed, and maximum distance that fiber can reach. (This field will be displayed only when the fiber is available on the device.) Fiber 2 Wavelength: View-only field that shows the slide-in SFP transmitting and receiving wavelength. (This field will be displayed only when the fiber is available on the device.) Serial Number: View-only field that shows the serial number of this switch. Date Code: View-only field that shows the Managed Switch Firmware date code. Up Time: View-only field that shows how long the system has been turned on . Local Time: View-only field that shows the local time of the device. CATV Module: Optic Level: View-only field that shows the operational optical level. RF TV Output: To turn on or off CATV RF module.
4.2 User Authentication To prevent any un-authorized operations, only registered users are allowed t o operate the Managed Switch. Any users who want to operate the Managed Switch need to register into the user ‟s list ‟s list first. To view or change current registered users, select User Authentication from the Main Menu and then the following screen page shows up.
65
Up to 10 Users can be registered. Click View to view a registered user setting. Click RADIUS Configuration for authentication setting via RADIUS.
When RADIUS Authentication is enabled, User login will follow settings on the RADIUS server(s). NOTE: For advanced RADIUS Server set up, please refer to Appendix A or the “free RADIUS readme.txt” file on the disc provided with this product.
Secret Key: The word to encrypt data that will be sent to t o RADIUS server. server. RADIUS Port: The RADIUS service port on RADIUS server. Retry Time: The number of trying to reconnect if the RADISU server is not reachable. RADIUS Server Address: IP address of the first RADIUS server. 2nd RADIUS Server Address: IP address of the second RADIUS server.
66
4.3 Network Management Proper network configurations are required to manage and maintain the Managed Switch. To do this, click the folder Network Management from the Main Menu and then the following screen page appears.
1. Network Configuration: Set up the required IP configuration of the Managed Switch. 2. System Service Management: Enable or disable the specified network services. 3. RS232/Telnet/Console Configuration: View the RS-232 serial port setting, specific Telnet and Console services. 4. Time Server Configuration: Set up the time server‟s server ‟s configuration. 5. Device Community: View the registered SNMP community name list. Add a new community name or remove an existing community name. 6. Trap Destination: View the registered SNMP trap destination list. destination or remove an existing trap destination.
Add a new trap
7. Trap Configuration: View the Managed Switch trap configuration. Enable or disable disable a specific trap.
67
4.3.1 Network Configuration Click the option Network Configuration from the Network Management menu and then the following screen page appears.
MAC Address: This view-only field shows the unique and permanent MAC address assigned to the Managed switch. You cannot change the Managed Switch‟s Switch‟s MAC MAC address. Configuration Type: There are two configuration types that users can select from the dropdown menu; these are “DHCP” and “Manual”. When “DHCP” is selected and a DHCP server is also available on the network, the Managed Switch will automatically get the IP address from the DHCP server. If " Manual" is selected, users need to specify the IP address, Subnet Mask and Gateway. IP Address: Enter the unique IP address address of this Managed Managed Switch. You can use the default default IP address or specify a new one when the situation of address duplication occurs or the address does not match up with your network. (The default factory setting is 192.168.0.1.) Subnet Mask: Specify the subnet mask. mask. The default subnet subnet mask values values for the three Internet address classes are as follows: Class A: 255.0.0.0 Class B: 255.255.0.0 Class C: 255.255.255.0 Gateway: Specify the IP address of a gateway or a router, which is responsible for the delivery of the IP packets sent by the Managed Switch. This address is required when the Managed Switch and the network management station are on different networks or subnets. The default value of this parameter is 0.0.0.0, which means no gateway exists and the network management station and Managed Switch are on the same network. Current State: This View-only field shows currently assigned IP address (by DHCP or manual), Subnet Mask and Gateway of the Managed Switch.
68
4.3.2 System Service Configuration Click the option System Service Configuration from the Network Management menu and then the following screen page appears.
Telnet Service: To enable or disable the Telnet Management service. SNMP Service: To enable or Disable the SNMP Management service. Web Service: To enable or Disable the Web W eb Management service.
4.3.3 RS232/Telnet/Console RS232/Telnet/Console Configuration Click the option RS232/Telnet/Console Configuration from the Network Management menu and then the following screen page appears.
Baud Rate: 9600 bps, RS-232 setting, view-only field. Stop Bits: 1, RS-232 setting, view-only field.
69
Parity Check: None, RS-232 setting, view-only field. Word Length: 8, RS-232 setting, view-only field. Flow Control: None, RS-232 setting, view-only field. Telnet Port: Specify the desired desired TCP port number for the Telnet console. console. The default TCP port number of the Telnet is 23. System Time Out: Specify the desired time that the Managed Switch will wait before disconnecting an inactive console/telnet. “0” means an inactive connection will never be disconnected.
4.3.4 Time Server Configuration Click the option Time Server Configuration from the Network Management menu and then the following screen page appears.
Time Synchronization: Synchronization: To enable or disable synchronization with the NTP server. Time Server Address: Enter the NTP time server IP address. 2nd Time Server Address: Enter the second NTP time server IP address. When the default time server is down, the Managed Switch will automatically connect to the second time server. Synchronization Synchronization Interval: Enter the time interval to synchronize from NTP time server. Time Zone: Select the appropriate time zone from the drop-down menu. Daylight Saving Time: To enable or disable the daylight saving time function. It is a way of getting more daytime hour(s) by setting the time to be hour(s) ahead in the morning. Daylight Saving Time Offset: Click the drop-down menu to select the time offset of daylight saving time.
70
NOTE: SNTP is used to get the time from those NTP servers. It is recommended that the
time server is in the same LAN with the Managed Switch or at least least not too far away. In this way, the time will be more accurate.
4.3.5 Device Community Click the option Device Community from the Network Management menu and then the following screen page appears.
Up to 10 Device Communities can be set up. Click New to add a new community and then the following f ollowing screen page appears. Click Edit to view the current community settings. Click Delete to remove a registered community.
Current/Total/Max Agents: View-only field. Current: This shows the number of current registered communities. Total: This shows the number of total registered registered community users.
71
Max Agents: This shows the number of maximum maximum number available for registration. The default maximum number is 10. Account State: Click the drop-down menu to enable or disable this t his community account. Community: Specify the authorized SNMP community name, up to 20 alphanumeric characters. Description: Enter a unique description for this community name, up to 35 alphanumeric characters. This is used for reference only. IP Security: Click the drop-down menu to enable or disable the IP security function. If enabled, Community may access the Managed Switch only through the management station that has the exact IP address specified in IP address field. If disabled, Community can access the Managed Switch through any management stations. IP Address: Specify the IP address used for IP Security function. SNMP Level: Click the drop-down menu to select the desired privilege for the SNMP operation Administrator: Full access right including maintaining user account & system information, loading factory settings, etc. Read & Write: Full access right but cannot modify user account & system information and load factory settings. Read Only: Allow to view only. Access Denied: Completely forbidden for access. NOTE: When the community browses the Managed Switch without proper access right,
the Managed Switch will respond nothing. For example, if a community community only has Read Read & Write privilege, then it cannot browse the Managed Switch’s user table.
72
4.3.6 Trap Destination Click the option Trap Destination from the Network Management menu and then the following screen page appears.
Index: 10 trap destination rules can be entered. State: Enable or disable the function of sending traps to the specified destination. Destination: Enter the specific IP address of the network management system that will receive traps. Community: Enter the community name of the network management system.
4.3.7 Trap Configuration Click the option Trap Configuration from the Network Management menu and then the following screen page appears.
Cold Start Trap: Enable or disable the Managed Switch to send a trap when the Managed Switch powers up. 73
Warm Start Trap: Enable or disable the Managed Switch to send a trap when the Managed Switch restarts. Authentication Failure Trap: Enable or disable the Managed Switch to t o send authentication failure trap after any unauthorized users attempt to login. Port Link Up/Down Trap: Enable or disable the Managed Switch to send a trap when a certain port is link up or link down. Broadcast Storm Trap: Enable or disable broadcast storm trap sending from the Managed Switch when broadcast packets reach the upper limit. Upper Limit: Maximum broadcast packets number per second. The broadcast storm trap will be sent when the Managed Switch exceeds the specified limit. System Power Down Trap: Send a trap notice while the Managed Switch is power down.
4.4 Switch Management In order to manage the Managed switch and set up required switching functions, click the folder Switch Management from the Main Menu and then several options and folders will be displayed for your selection.
1. Switch Configuration: Set up frame size, address learning, etc. 2. Priority and Rate Rate Limit Configuration: Enable or disable Port priority and setup Port Rate limit, etc. 3. Port Configuration: Enable or disable port speed, flow control, etc. 4. VLAN Configuration: Set up VLAN mode and VLAN configuration. 5. Spanning Tree Protocol: Set up STP switch settings, physical port settings, etc.
74
6. MAC Address Management: Set up MAC address, enable or disable MAC security security,, etc. 7. L2 Protocol Converting: Convert protocols into a vendor-specific protocol. 8. Loop Detection Configuration: Enable or disable ports to send loop detection packets and lock the ports to prevent loops. 9. LLDP Configuration: Send or receive TLV information to or from neighboring devices.
4.4.1 Switch Configuration Click the option Switch Configuration from the Switch Management menu and then the following screen page appears.
Maximum Frame Size: Select between 1522 and 1632 for maximum transmitting and receiving frame size. Address Learning: Enable or disable MAC address learning function. MAC Address Aging Time: Enter MAC Address aging time between 0 and 4080 seconds. When MAC addresses are not used within the specified time, the MAC addresses learned will be removed from the MAC address table. Fiber Port Redundancy: This field is view-only or selectable according to the specification of your Managed Switch. If your Managed Switch is equipped with TP ports only, you are not allowed to activate redundancy function. If the Managed Switch is with dual fibers, this field becomes selectable and you can disable or enable redundancy function. When enabled, the redundancy function is active. In other words, when one fiber port is link down, the other fiber port will link l ink up to ensure the network connectivity. Port 8 Media Type: This field is view-only or selectable according to the specification of your Managed Switch. If your Managed Switch is equipped with TP ports only, information shown in this field is “Copper ”. If your Managed Switch supports TP ports and fibers, you can select port 8‟ 8‟s media type, either copper or fiber.
75
IGMP Snooping: Enable or disable IGMP Snooping function. 0180C2000000-0F: Select either “Not Filter ” or “Filter ”. When “Filter ” is selected, packets from the address ranging from 0180C2000000 to 0180C200000F will be filtered or dropped. 0180C2000020-2F: Select either “Not Filter ” or “Filter ”. When “Filter ” is selected, packets from the address ranging from 0180C2000020 0180C2000020 to 0180C200002F will be filtered f iltered or dropped. 0180C2000010: Select either “Not Filter ” or “Filter ”. When “Filter ” is selected, packets from the address 0180C2000010 will be filtered or dropped.
4.4.2 Priority and Rate Limit Configuration Click the option Priority and Rate Limit Configuration from the Switch Management menu and then the following screen page appears.
Priority Mode: There are five priority modes available from the drop-down menu. Default mode: The default mode will follow the setting in Port Priority and Tag Priority Map. IP: The configuration will follow the setting in IP TOS Priority Map. TAG: The configuration will follow the setting of Tag Priority Map. IP+Tag: The configuration will follow the setting of IP TOS Priority Map and then Tag Priority Map. IP TOS Priority Map setting has higher priority over Tag Priority Map. Tag+IP: The configuration will follow the setting of Tag Priority Map and IP TOS Priority Map. Tag Priority Map setting has higher priority over IP TOS Priority Map. Schedule Mode: Two schedule modes are available from the drop-down menu, these are 76
Strict and Weight (8:4:2:1).
Strict: This indicates that services to the egress queues are offered in the sequential order and all traffic with higher priority queues are transmitted first before lower priority queues are serviced. Weight: Weighted Round-Robin shares bandwidth at the egress ports by using scheduling weights 1, 2, 4, 8 for queues 1 through 4 respectively. Port Priority: Select one of the listed priorities from the drop-down menu. The tag priority will be changed accordingly. Tag Priority: When you select a port priority, the corresponding tag priority value will appears automatically. The table below shows the corresponding tag priority value for each port priority option. Port Priority Tag Priority Priorit y
Q1 0
Q2 2
Q3 4
Q4 6
Q1+ 1
Q2+ 3
Q3+ 5
Q4+ 7
IP TOS Priority Map: Map IP TOS to priority queue. The TOS includes TOS (0) to TOS (63) and the priority queue includes Q0, Q1, Q2 and Q3. Tag Priority Map: Assign a tag priority to the specific priority queue. The queue priority value in the second field will change automatically depending on the tag priority value selected in the first field. Port Ingress: Select each port‟s ingress rate limit range. range. Port Egress: Select each port‟s egress rate limit range.
4.4.3 Port Configuration Click the option Port Configuration from the Switch Management menu and then the following screen page appears.
77
Port Number: Click the drop-down menu to select the port number for configuration. Port State: Enable or disable the current port state. Port Type: Select Auto-Negotiation or Manual mode as the port type. Port Speed: When you select Manual port type, you need to further specify the transmission speed (10Mbps/100Mbps) of the port(s). Duplex: When you select Manual port type, you can further specify the current operation Duplex mode (full or half duplex) of the port(s). Flow Control: Enable or disable the flow control function. Description: Enter the unique description for this port.
4.4.4 VLAN Configuration A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collections of LAN segments into a group that appears as a single LAN. VLAN also logically segments the network into different broadcast domains. All broadcast, multicast, and unknown packets entering the Switch on a particular VLAN will only be forwarded to the stations or ports that are members of that VLAN. VLAN can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains. A VLAN is a collection of end end nodes grouped by logics instead of physical locations. End nodes that frequently communicate with each other are assigned to the same VLAN, no matter where they are physically located on the network. Another benefit of VLAN is that you can change the network topology without physically moving stations or changing cable connections. Stations can be „moved‟ to another VLAN and thus communicate with its members and share its resources, simply by changing the port VLAN settings from one VLAN to another. This allows VLAN to accommodate network moves, changes and additions with the greatest flexibility. f lexibility. The Managed Switch supports two types of VLAN, these are: Port-Based VLAN and 802.1Q Tag VLAN.
4.4.4.1 Port-Based VLAN Port-based VLAN can effectively segment one network into several broadcast domains and limit broadcast, multicast and unknown packets packets to be traversed in the specified VLAN. PortBased VLAN is uncomplicated, fairly rigid in implementation and useful for network administrators who wish to quickly and easily set up VLANs so as to isolate the effect of broadcast packets on their network. The following screen page appears when you choose Port-Based VLAN mode and then select Configure VLAN.
78
Click New to add a new VLAN entity and then the following screen page appears. Use Edit to view and edit the current VLAN setting. Click Delete to remove a VLAN entity.
VLAN Name: Use the default name or specify a VLAN name. VLAN Members: Tick off the checkbox if you would like a port to belong to the VLAN specified above.
4.4.4.2 802.1Q VLAN Concepts Port-Based VLAN is simple to use and implement, but it cannot deploy cross switches VLAN. The 802.1Q protocol was developed in order to provide the solution. By tagging VLAN membership information to Ethernet frames, the IEEE 802.1Q can help network administrators break large switched networks into smaller segments so that broadcast and
79
multicast traffic will not occupy too much available bandwidth as well as provide a higher level security between segments of internal networks. The 802.1Q frame format is shown below. PRE PRE SFD DA SA TCI P C
SFD
DA
SA
TCI
P
C
VID
T/L
Payload
FCS
Preamble Start Frame Delimiter Destination Address Source Address Tag Control Info Priority Canonical Indicator
62 bits Used to synchronize traffic 2 bits Marks the beginning of the header 6 bytes The MAC address of the destination 6 bytes The MAC address of the source 2 bytes set to 8100 for 802.1p and Q tags 3 bits Indicates 802.1p priority level 0-7 1 bit Indicates if the MAC addresses are in Canonical format - Ethernet set to "0" VID VLAN Identifier 12 bits Indicates the VLAN (0-4095) T/L Type/Length Field 2 bytes Ethernet II "type" or 802.3 "length" Payload < or = 1500 bytes User User data FCS Frame Check Sequence 4 bytes Cyclical Redundancy Check
Important VLAN Concepts for Configuration There are two key concepts to understand. -
The Default Port VLAN ID (PVID) specifies the VID to the switch port that will assign the VID to untagged traffic from that port. The VLAN ID (VID) specifies the set of VLAN that a given port is allowed to receive and send labeled packets.
Both variables can be assigned to a switch port, but there are significant differences between them. An administrator can only assign one one PVID to each switch port (since the the 802.1Q protocol assigns any single packet to just one VLAN). The PVID defines the default VLAN ID tag that will be added to un-tagged frames receiving from that port (ingress traffic). On the other hand, a port can be defined as a member of multiple VLAN (multiple VID). These VIDs constitute an access list for the port. The access list can be used to filter tagged ingress traffic (the switch will drop a tagged packet tagged as belonging in one VLAN if the port on which it was received is not a member of that VLAN). The switch also consults the access list to filter packets it sends to that port (egress traffic). Packets will not be forwarded unless they belong to the VLANs that the port is one of the members. The differences between Ingress and Egress configurations can provide network segmentation. Moreover, they allow resources resources to be shared across more than one VLAN.
Important VLAN Definitions Ingress The point at which a frame is received on a switch and the switching decisions must be made. The switch examines the VID (if present) present) in the received frames header header and decides
80
whether or not and where to forward the frame. If the received frame is untagged, the switch will tag the frame with with the PVID for the port on which it was was received. It will then use traditional Ethernet bridging algorithms to determine the port to which the packet should be forwarded. Next, it checks to see if each destination port is on the same VLAN as the PVID and thus can transmit the frame. If the destination port is a member of the VLAN used by the ingress port, the frame will be forwarded. If the received frame is tagged with VLAN information, the switch checks its address table to see whether the destination port is a member of the same VLAN. Assuming both ports are members members of the tagged VLAN, the frame will be forwarded.
Ingress Filtering The process of checking an incoming frame and comparing its VID with the ingress port VLAN membership is known as Ingress Filtering. On the Managed Switch, it can be either enabled or disabled. disabled. 1. When an untagged frame is received, the ingress port PVID will be applied to the frame. 2. When a tagged frame is received, the VID in the frame tag is used. When Ingress Filtering is “Enabled” Enabled”,, the Managed Switch will first determine, 1. If the ingress port itself is a member of the frame f rame VLAN, it will receive the frame. 2. If the ingress port is not a member of the frame VLAN, the frame fra me will be dropped. 3. If it is a member of of that VLAN, the Managed Managed Switch then checks checks its address table to see whether the destination port is a member of the same VLAN. Assuming both ports are members of that VLAN, the frame will be forwarded. Administrators should make sure that each port‟s port‟s PVID is set up; otherwise, incoming frames may be dropped if Ingress Filtering is enabled. On the other hand, when Ingress Filtering is disabled, the Managed Switch will not compare the incoming frame VID with the ingress port VLAN membership. It will only check its address table to see whether the destination VLAN exists. 1. If the VLAN is unknown, it will be broadcasted. broadcasted. 2. If the VLAN and the destination destination MAC address address are known, the frame will be forwarded. 3. If the VLAN is known known and the destination MAC MAC address is unknown, unknown, the frame will will be flooded to all ports in the VLAN.
Tagging Every port on an 802.1Q compliant switch can be configured as tagging or un-tagging. un-tagging. Ports with taggings Enable will put the VID number, priority and other VLAN information into the header of all packets packets that flow into and out out of it. If a packet has been been tagged previously, the port will not alter the packet and keep the VLAN information intact. The VLAN information in the tag can then be used by other 802.1Q compliant devices on the network to make packet forwarding decisions.
81
Un-tagging Ports with un-taggings Enable will strip the 802.1Q tag fr om all packets that flow into and out of those ports. If the packet does does not have an 802.1Q 802.1Q VLAN tag, the port port will not alter the packet. Thus, all packets received by and forwarded by an un-tagging port will have no 802.1Q VLAN information. (Remember that the PVID is only used internally within the switch). Un-tagging is used to send packets from an 802.1Q-compliant network device to a non-compliant network device. Simply put, un-tagging means that once you set up the port as “U” (untagged), all egress packets (in the same VLAN group) from the port will have no tags.
4.4.4.3 IEEE 802.1q Tag VLAN The following screen page appears when you choose IEEE 802.1q Tag VLAN .
1. Configure VLAN: To create, edit or delete 802.1Q Tag VLAN settings. 2. Configure Default Port VLAN: To set up 802.1q VLAN Tag mode, Port VLAN ID, Port Egress and Ingress Mode.
82
4.4.4.3.1 Configure VLAN The following screen page appears when you choose IEEE 802.1q Tag VLAN mode and then select Configure VLAN.
Click New to add a new VLAN entity and then the following f ollowing screen page appears. Click Edit to view and edit current IEEE 802.1Q Tag VLAN setting. Click Delete to remove a VLAN entity.
VLAN ID: Specify a VLAN ID between 1 and 4094. VLAN Name: Specify a VLAN name. VLAN Members: Select from the drop-down menu to determine the status of each port. F (Forward): The ingress packet will be forwarded intact. - (Blocked): The port does not belong to this VLAN. U (Untagged): The ingress packet will be forwarded without a tag. (When the ingress packet has a tag, then it will be removed.)
83
T (Tagged): The ingress packets will be forwarded with a tag. (When the ingress packet has no a tag, then it will be attached a tag.)
4.4.4.3.2 Configure Default Port VLAN ID The following screen page appears if you choose IEEE 802.1q Tag VLAN and then select Configure Default Port VLAN ID.
802.1q Tag VLAN Mode: Disabled: When disabled, all settings here will be ignored and settings configured in Port-Based VLAN will be used. Fallback: If a packet received is untagged, it will follow the setting of Tagging. If a packet received is tagged, it will follow the setting of existing VLAN table. When VLAN table does not exist, the packet will be broadcasted and follow PortBased VLAN settings. Check: If a packet received is untagged, it will follow the setting of Tagging. If a packet received is tagged, it will follow the setting of existing VLAN table. When VLAN table exists, the packet will follow the setting of VLAN table. If not, the packet drops. Secure: The function is same as Check. However, if the packet from Ingress port does not belong to one of the VLAN table, the packet drops. Per Port Settings: Enable or disable per port settings. When enabled, you can set each port‟ port‟s 802.1q tag VLAN mode. Default Port VLAN ID: Specify the default port VLAN ID for each port. Default Egress Mode: F: When VLAN table dose not exist or VLAN mode is disabled, the Egress packet will be forwarded intact. U: When VLAN table dose not exist or VLAN mode is disabled, the Egress packet will be untagged. 84
T: When VLAN table dose not exist or VLAN mode is disabled, the Egress packet will be tagged with Ingress PVID. D: Force to add one tag with Ingress PVID on Egress packet. Default Ingress Mode: F: The packet from Ingress will be forwarded intact. U: The packet from Ingress will be untagged.
4.4.5 Spanning Tree Protocol The Spanning Tree Protocol (STP), defined in the IEEE Standard 802.1D, creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches) and disables the links which are not part of that tree, leaving a single active path between any two network nodes. Multiple active paths between network nodes cause a bridge loop. Bridge loops create several problems. First, the MAC address table used by the switch or bridge can fail, since the same MAC addresses (and hence the same network hosts) are seen on multiple ports. Second, a broadcast storm occurs. This is caused by broadcast packets being forwarded in an endless loop between switches. A broadcast storm can consume all available CPU resources and bandwidth. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manually enabling/disabling these backup links. To provide faster spanning tree convergence after a topology change, an evolution of the Spanning Tree Protocol: Rapid Spanning Tree Protocol (RSTP), introduced by IEEE with document 802.1w. RSTP, is a refinement of STP; therefore, it shares most of its basic operation characteristics. This essentially creates a cascading effect away from the root bridge where each designated bridge proposes to its neighbors to determine if it can make a rapid transition. This is one of the major elements allowing RSTP to achieve faster convergence times than STP. Click the folder Spanning Tree Protocol from the Switch Management menu and then two options within this folder will be displayed as follows.
85
1. STP Switch Settings: To set up system priority, MAX Age, Hello Time, etc. 2. STP Port Settings: To set up port cost and priority.
4.4.5.1 STP Switch Settings The following screen page appears if you choose Spanning Tree Protocol and then select STP Switch Settings.
Spanning Tree Protocol: Enable or disable Spanning Tree Protocol. Designated Root: View-only field that shows the MAC address of the designated root. Root Path Cost: View-only field that shows the path cost of the designated root. 86
Root Port: View-only field that shows the root port. Root Max Age: View-only field that shows the max age of the designated root. Root Hello Time: View-only field that shows the hello time of the designated root. Root Forward Delay: View-only field that shows the forward delay time of the designated root. Root Bridge Priority: View-only field that shows the bridge priority time of the designated root. Max Age: If another switch in the spanning tree does not send out a hello packet for a long period of time, it is assumed to be disconnected. This default timeout is 20 seconds. Hello Time: Periodically, a hello packet is sent out by the Root Bridge and the Designated Bridge that are used to communicate information about the topology throughout the entire Bridged Local Area Network. Forward Delay: It is the time spent in each Listening and Learning state before the Forwarding state is entered. This delay occurs when a new bridge comes onto a busy network. Bridge Priority: Each interface is associated with with a port (number) in the STP code. code. And, each switch has a relative priority and cost that is used to decide what the shortest path is to forward a packet. The lowest cost path is always used unless the other path is down. If you have multiple bridges and interfaces then you may need to adjust the priorities to achieve optimized performance. The Managed Switch with the lowest priority will be selected as the root bridge. The root bridge is the “central” bridge in the spanning tree.
4.4.5.2 STP Port Settings Click the option STP Port Settings from the Spanning Tree Protocol menu and then the following screen page appears.
STP Port State (Off/On): Turn on or off STP port. 87
STP Port Cost (0-65535): This parameter is used by the STP to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. 0 means auto-generated path cost. STP Port Priority (0-255): Choose a value between 0 and 255 to set the priority for the port interface. A higher priority will designate the interface to forward packets first. A lower number denotes a higher priority.
4.4.6 MAC Address Management Click MAC Address Management from the Switch Management menu and then the following screen page appears.
NOTE: The switch only supports switch-based MAC security and does not support port-
based MAC security. The switch can support up to 128 entries of MAC security list.
MAC Security: Enable or disable MAC security. When enabled, only the packets have the same MAC address defined in the table with the specified VLAN will be forwarded by the forwarding port. For other packets that do not match the MAC addresses in the table, they will be dropped. Click New to add a new MAC address entity entit y and then the following f ollowing screen page appears. Click Edit to view and edit the selected MAC address entity. Click Delete to remove a MAC address entity.
88
Current/Total/Max: The number of current, total and maximum MAC address entry or entries. Destination MAC Address: Specify a destination MAC address in the packet. Forwarding Port: If the incoming packet has the same destination MAC address as the one specified in VID, it will be forwarded to the selected port directly. directly.
4.4.7 L2 Protocol Converting The L2 Protocol Converting function is provided with this Managed Switch and can be enabled and performed on ports of the edge switch resided in the service-provider ‟s network. The transmitting edge-switch‟ edge-switch‟s (e.g. this Managed Switch‟ Switch ‟s) “convert” convert” ports (in terms of converting from the transmitting customer switches) that are connected to the transmitting customer switches‟ switches‟ IEEE 802.1Q trunk ports defined. The receiving edge switch‟ switch‟s (e.g. the other Managed Switch‟ Switch‟s) “access” access” ports (in terms of converting to the receiving customer switches) are connected to the receiving customer switches‟ switches ‟ access ports logically defined. Both transmitting and receiving edge switches being connected to the transmitting/receiving customer switches shall perform the L2 protocol converting process respectively and accordingly.
89
The Managed Switch enables CDP (Cisco Discovery Protocol), STP (Spanning Tree Protocol), and VTP (VLAN Trunk Protocol) to be converted. For emulated point-to-point network topologies, the Managed Switch also supports other L2 control protocols. However, users must know which MAC address and its corresponding LLC code are for the L2 control protocol that they would like to convert. Obtaining above information allows users to fill in MAC and LLC code information in the converting table provided for the L2 conversion of the control protocol. The LLC code is extremely important for protocol conversion. Before performing protocol conversion, you should pay closer attention to L2 control protocols since some could share the same MAC address but with different LLC codes for enabling different control functions. For instance, if VTP and CDP both use the same MAC address “01-00-0C-CC-CC-CC 01-00-0C-CC-CC-CC””, they can have different VTP and CDP LLC code. MAC or LLC code information can be obtained by using software and/or hardware of protocol analyzers. Further information about protocol conversion is available in IEEE standard books. The format of L2 control protocol frame is shown below. PRE PRE SFD DA SA L LLC Payload FCS
SFD DA SA
L LLC
Preamble Start Frame Delimiter Destination Address Source Address Frame Length Logical-Link Control
Payload and other information 62bits 2bits 6bytes 6bytes 2bytes 8bytes < or = 1500
FCS
Used to synchronize traffic Mark the beginning of the header The destination MAC address The source MAC address
User data Frame Check Sequence
Select the option L2 Protocol Converting from the Switch Management menu, then the following screen page appears.
Converting State: Set On or Off on each port to encapsulate or decapsulate the control protocols. 90
Converting Protocols: Enable or disable CDP, VTP, and STP to be converted. Up to 16 entries of protocol conversion can be set up. Note: Set up Enabled or Disabled for all or some of CDP, VTP and STP at the same time and let them be the first four entries of Converting Protocols table. Of course, 16 entries can also be used up for other protocols. If L2 control protocols other than CDP, VTP and STP will be used, the following four parameters need to be set up manually:
Invalid/Valid: Use Spacebar Spacebar to switch between between options to enable the L2 protocol converting on the entry. Decapsulated DA: Specify the MAC address of the specific L2 control protocol. Logical-Link Control: Specify the specific LLC code for the specific MAC address. Encapsulated DA: Specify a multicast MAC address to encapsulate the MAC address of L2 control protocol. There are no specific MAC addresses except the ones defined by standard. (Note: If the first byte of MAC address is an odd number, the MAC address is called a multicast MAC address.) NOTE: L2 Protocol Converting is supported (available) only at the 802.1q Tag VLAN Mode of “ Secure Secure ”.
4.4.8 Loop Detection Configuration Select Loop Detection Configuration from the Switch Management menu and then the following screen page appears.
Port: Enable or disable each port‟s loop detection function. When the certain port is checked, the port will send out loop detection packets to detect whether loops occur or not. Lock: When loops occur, occur, the ports which are marked with “V” will be locked. In other In other words, those locked ports will not receive packets from other ports. Sending Detected Frame Interval: Enter the time interval (1-180 seconds) for sending a loop detection frame.
91
Sending Frames Per Query: Enter the amount of frames sent per query (1-16). NOTE: The rate-limit will be automatically enabled when you turn on the loop-detection for
a port.
4.4.9 LLDP Configuration LLDP stands for Link Layer Discovery Protocol and runs over data link layer which is used for network devices to send information about themselves to other devices on the network. By using LLDP, two devices running different network layer protocols can learn information about each other. A set of attributes are used to discover neighbor devices. These attributes contains type, length, and value descriptions and are referred to TLVs. Details such as port description, system name, system description, system capabilities, management address can be sent and received received on this Managed Switch. Switch. Use Spacebar Spacebar to select “ON” ON” if you want to receive and send the corresponding TLV. Select LLDP Configuration from the Switch Management menu and then the following screen page appears.
Port Enable: Enable or disable each port‟ port ‟s LLDP function. Receiver Hold-Time (TTL): Enter the amount of time in seconds. A receiving device will keep the information sent by your device for a period of time you specify here before discarding it. Sending LLDP Packet Interval: Enter the time interval for updated LLDP packets to be sent. Sending LLDP Packets Per Discovery: Enter the amount of packets that are sent in each discovery. Delay LLDP Initialization: A period of time the Managed Switch will wait before the initial LLDP packet is sent.
92
Selection of LLDP TLVs to send: LLDP uses a set of attributes to discover neighbor devices. These attributes contains type, length, and value descriptions and are referred to TLVs. Details such as port description, system name, system description, system capabilities, management address can be sent and received on thi s Managed Switch. Select “ON” ON” if you want to receive and send the corresponding TLV.
4.5 Switch Monitor Switch Monitor allows users to monitor the real-time operation status of the Managed Switch. Users may monitor the port link-up status or traffic counters for maintenance or diagnostic purposes. Select the folder Switch Monitor from the Main menu and then the following screen page appears.
1. Switch Port State: View current port media type, port state, etc. 2. Port Counters Rates: This folder includes port traffic statistics (rates), port packet error statistics (rates), and port packet analysis statistics (rates). 3. Port Counters Events This folder includes port traffic statistics (events), port packet error statistics (events), and port packet analysis statistics (events). 4. MAC Address Table: List current MAC address learned by the Managed Switch. 5. IGMP Snooping: View a list of IGMP queries‟ information in VLAN(s) such as VLAN ID, Querier and reports. 6. Loop Status: View the locked ports and know whether the port has loops. 7. LLDP Status: View neighboring devices‟ devices ‟ TLV information.
93
4.5.1 Switch Port State The following screen page appears if you choose Switch Monitor menu and then select Switch Port State.
Port Number: The number of the port. Media Type: The media type of the port, either TX or Fiber. Port Sate: This shows each port‟s state which can be D (Disabled), B/L (Blocking/Listening), L (Learning) or F (Forwarding). Disabled: A Port in this state does not participate in frame relay or the operation of the Spanning Tree Algorithm and Protocol if any. Blocking: A Port in this state does not participate in frame f rame relay; thus, it prevents frame f rame duplication arising from multiple paths existing in the active topology of Bridged LAN. Learning: A port in this state prepares to participate in frame relay. Frame relay is temporarily disabled in order to prevent temporary loops, which may occur in a Bridged LAN during the lifetime of this state as the active topology of the Bridged LAN changes. Learning is enabled to allow information to be acquired prior to frame relay in order to reduce the number of frames that are unnecessarily relayed. Forwarding: A port in this state participates in frame relay. Packets can be forwarded only when port state is forwarding. Link State: The current link status of the port, either up or down. Speed (Mbps): The current operation speed of each port. Duplex: The current operation Duplex mode of each port, either Full or Half. Flow Control: The current state of Flow Control, either on or off
94
4.5.2 Port Counters Rates Click the Port Counters Rates from the Switch Monitor menu and then the following screen page appears.
1. Port Traffic Statistics (Rates): View each port‟s port‟s frames and bytes received or sent, utilization, etc. 2. Port Packet Packet Error Error Statistics Statistics (Rates): View each port‟s traffic condition of error packets, e.g. CRC, fragment, Jabber, etc. 3. Port Packet Analysis Statistics (Rates): (Rates): View each port‟s analysis history.
4.5.2.1 Port Traffic Statistics (Rates) The following screen page appears if you choose Port Counters Rates and then select Port Traffic Statistics (Rates).
Bytes Received: Total bytes received from each port. Frames Received: Total frames received from each port. Received Utilization: The ratio of each port receiving traffic and current port‟s port‟s total bandwidth. Bytes Sent: The total bytes sent from current port. Frames Sent: The total frames sent from current port. Sent Utilization: The ratio of real port sending traffic ratio to current port of total bandwidth. Total Bytes: Total bytes of receiving and send from current port. 95
Total Utilization: Real traffic of received and sent to current port of total bandwidth.
4.5.2.2 Port Packet Error Statistics (Rates) Port Packet Error Statistics mode counters allow users to view the port error of the Managed Switch. The event mode counter is calculated calculated since the last last time that counter was reset or cleared. Select Port Packet Error Statistics from the Switch Monitor menu and then the following screen page appears.
RX CRC Errors: The number of packets received by a port that are between 64 and 1522 bytes long in length (excluding framing bits but including FCS) and have a bad FCS with an integral number of bytes. RX Fragments: Total frames received which are less than 64 bytes or frames without SFD and are less than 64 bytes in length. RX Filtered Error: Total Total frames received that are filtered. RX Alignment Errors: The number of packets received by a port that have are between 64 and 1522 bytes in length (excluding framing bits but including FCS) and have a bad FCS with a non-integral number of bytes. RX Undersized Frames: Total frames received shorter than 64 bytes. RX Oversized Frames: Total frames received longer than maximum frame size. RX Jabbers: Total frames received that have both Oversize and CRC error. RX MACRcvErr: Total MAC errors received. RX Dropped frames: Total received frames dropped due to resources shortage. TX Dropped frames: Total frames that are not transmitted due to resources shortage. TX Late Collisions: Total late collision detected. TX Deferred: Deferred frames occurred after 512 bits time. 96
TX Total Collisions: Total frames collision detected.
4.5.2.3 Port Packet Analysis Statistics (Rates) Port Packet Analysis Statistics Mode Counters allow users to view the port analysis history of the Managed Managed Switch. Event mode counters counters are calculated since the the last time that counter was reset or cleared. Select Port Packet Analysis Statistics from the Switch Monitor menu and then the following screen page appears.
RX Frames 64 Bytes: 64 bytes frames received. received. RX Frames 65-127 Bytes: 65-127 bytes frames received. RX Frames 128-255 Bytes: 128-255 bytes frames received. RX Frames 256-511 Bytes: 256-511 bytes frames received. RX Frames 512-1023 Bytes: 512-1023 bytes frames received. RX Frames 1024-MAX Bytes: Over 1024 Over 1024 bytes frames received. RX Unicast Frames: Good unicast frames received. RX Multicast Frames: Good multicast frames received. RX Broadcast Frames: Good broadcast frames received. TX Unicast Frames: Good unicast packets sent. TX Multicast Frames: Good multicast packets sent. TX Broadcast Frames: Good broadcast packets sent.
97
4.5.3 Port Counters Events The event mode of port counters will be re-calculated when that counter is reset or cleared. Click Port counters Events folder and then three options appear.
1. Port Traffic Statistics (Events): View the number of bytes received, frames f rames received, bytes sent, frames sent, and total bytes and clear clear each row‟s statistics. 2. Port Packet Packet Error Error Statistics Statistics (Events): View the number of CRC errors, undersize frames, oversize frames, etc and clear each row‟s statistics. 3. Port Packet analysis analysis Statistics Statistics (Events): (Events): View each port‟s analysis history and clear each row‟s statistics.
4.5.3.1 Port Traffic Statistics (Events) The following screen page appears if you choose Port Counters Rates and then select Port Traffic Statistics (Events).
Bytes Received : Total bytes received from each port. Frames Received: Total frames received from each port. Bytes Sent: The total bytes sent from current port. Frames Sent: The total frames sent from current port. 98
Total Bytes: Total bytes of receiving and send from current port. Clear All & Clear: Click “Clear “Clear All” to remove all ports‟ statistics statistics from the table or click “Clear” in each row to clear the corresponding port‟s statistics.
4.5.3.2 Port Packet Error Statistics (Events) The following screen page appears if you choose Port Counters Rates and then select Port Packet Error Statistics (Events).
RX CRC Error: CRC error frames received. RX Fragments: Fragment frames received. RX Undersize Frames: Undersize frames received. RX Oversize Frames: Oversize frames received. RX Jabbers: Jabber frames received. RX MACRcvErr: Total MAC errors received. TX Late Collision: Total late collision detected. TX Deferred: Deferred frames occurred after 512 bits time. TX Total Collision: Total frames collision detected. Clear All & Clear: Click “Clear “Clear All” All” to clear all ports‟ statistics or click “Clear” in each row to clear the corresponding port‟s statistics.
99
4.5.3.3 Port Packet Analysis Statistics (Events) The following screen page appears if you choose Port Counters Rates and then select Port Packet Analysis Statistics (Events).
RX Frames 64 Bytes: 64 bytes frames received. received. RX Frames 65-127 Bytes: 65-127 bytes frames received. RX Frames 128-255 Bytes: 128-255 bytes frames received. RX Frames 256-511 Bytes: 256-511 bytes frames received. RX Frames 512-1023 Bytes: 512-1023 bytes frames received. RX Frames 1024-MAX Bytes: Over 1024 Over 1024 bytes frames received. RX Unicast Frames: Good unicast frames received. RX Multicast Frames: Good multicast frames received. RX Broadcast Frames: Good broadcast frames received. TX Unicast Frames: Good unicast packets sent. TX Multicast Frames: Good multicast packets sent. TX Broadcast Frames: Good broadcast packets sent. Clear All & Clear: Click “Clear “Clear All” All” to clear all ports‟ statistics or click “Clear” in each row to clear clear the corresponding port‟s statistics.
100
4.5.4 MAC Address Table MAC Address Table displays MAC addresses learned when System Reset and MAC Address Learning are enabled.
The table above shows the MAC addresses learned from each port of the Managed Switch. Swi tch. Click Update to update the MAC Address Table. Click Clear to to clear the MAC Address table.
4.5.5 IGMP Snooping The Internet Group Management Protocol (IGMP) is a communications protocol used to manage the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships. It can be used for online streaming video and gaming, and allows more efficient use of resources when supporting these uses. IGMP Snooping is the process of listening l istening to IGMP traffic. IGMP snooping, as implied by the name, is a feature that allows the switch to "listen in" on the IGMP conversation between hosts and routers by processing the layer 3 IGMP packets sent in a multicast network. When IGMP snooping is enabled in a switch it analyses all the IGMP packets between hosts connected to the switch and multicast routers in the network. When a switch hears an IGMP report from a host for a given multicast group, the switch adds the host's port number to the multicast list for that group. And, when the switch hears an IGMP Leave, it removes the host's port from the table entry. IGMP snooping can very effectively reduce multicast traffic from streaming and other bandwidth intensive IP applications. A switch using IGMP snooping will only forward multicast traffic to the hosts interested in that traffic. This reduction of multicast traffic reduces the packet processing at the switch (at the cost of needing additional memory to
101
handle the multicast tables) and also reduces the workload at the end hosts since their network cards (or operating system) will not have to receive and filter all the multicast traffic generated in the network. Select the option IGMP Snooping from the Switch Monitor menu, then the following screen page shows up.
The IGMP querier periodically sends IGMP general queries to all hosts and routers (224.0.0.1) on the local subnet to find out whether active multicast group members exist on the subnet. Upon receiving an IGMP general query, the Managed Switch forwards it through all ports in the VLAN except the receiving port.
Index: The index of the multicast group. Multicast Group: The multicast IP address of IGMP querier. 1 ~ 9: The port number. Queries: The state of IGMP querier in the VLAN. Reports: The total IGMP report packets received. r eceived. Aging Out: The countdown timer shows the remaining time (the default countdown time is 300 seconds) left before each entry‟ entry ‟s statistics is cleared. When the report comes in, the counter will be refreshed (counting down from 300 seconds). When there are no new reports and time is up, each row‟s statistics will be cleared.
102
4.5.6 Loop Status Select the option Loop Status from the Switch Monitor menu, then the following screen page shows up.
Local Port: This shows the port number on the Managed Switch. Loop: If the port detects a loop, it will show “yes” yes”. Otherwise, “no” no” will be displayed. Loopback-port: The port number that receives loop detection packets. Lock: This shows whether the local port is locked or not.
4.5.7 LLDP Status Select the option LLDP Status from the Switch Monitor menu, then the following screen page shows up.
Local Port: This shows the port number on which LLDP frames are received. Chassis ID: This shows the MAC address of the LLDP frames received. Remote Port: This shows the neighbor port number. System Name: This shows the system name advertised by the neighbor device. Port Description: This shows the port description advertised by the neighbor device.
103
System Capabilities: This show the system capability (bridge or router). Management Address: This show the IP address of the neighbor device. Press Update to refresh the table.
4.6 System Utility System Utility allows users to easily operate and maintain the system. system. Select the folder folder System Utility from the main menu and then the following screen page appears.
1. Event Log: Event log can keep a record of system‟s log events such as system warm start, cold start, link up/down, up/down, user login/logout, login/logout, etc. They will be kept only when your CPU version is A06 with Boot ROM version A08 or later version. If your CPU or Boot ROM version is earlier than the one mentioned above, all events will lose when the system is shut down or rebooted. r ebooted. 2. Load Factory Setting: Load Factory Setting will set the configuration of the Managed Switch back to the factory default settings. The IP and Gateway addresses will be set to the factory default as well. 3. Load Factory Setting Except Network Configuration: Configuration: Selecting this function will also restore the configuration of the Managed Switch to its original factory default settings. However, this will not reset the IP and Gateway addresses to the factory default. 4. Backup Configuration: Set up the configuration for backup.
104
4.6.1 Event Log Event log keep a record of user login, logout timestamp information. Select Event Log from the System Utility menu and then the following screen page appears.
Click Clear at at the bottom to clear all Event log records.
4.6.2 Load Factory Settings Load Factory Setting will set all configurations back to the defaults, including the IP and Gateway address. Load Factory Setting is useful when network administrators would like to re-configure the system. A system reset is required to make all changes effective after Load Factory Setting. Select Load Factory Setting from the System Utility menu and then the following screen page appears.
Click OK to start loading factory settings.
4.6.3 Load Factory Settings Except Network Configuration Load Factory Settings Except Network Configuration will set all configurations back to the defaults, excluding the IP and Gateway address. Load Factory Settings Except Network Configuration is very useful especially when network administrators need to reconfigure the the system “REMOTELY” because conventional Factory Reset will set network
105
settings back to the defaults and lose all network connections. Select Load Factory Setting Except Network Configuration from the System Utility menu, the following screen page shows up.
Click OK to start loading factory settings except network configuration.
4.6.4 Backup Configuration Select Backup Configuration from the System Utility menu and then the following screen page appears.
Auto Backup: To enable or disable auto backup. The default setting is disabled. Backup Time: Set up the time (24-hr clock) to automatically backup once a day. If the remote server fails or does not exist, this function allows the system to retry around once per minute until the system completes a successful backup or the system times out (next hour). Protocol: Select FTP or TFTP server to backup a configuration file. Server Address: Specify the IP address for FTP or TFTP server. User Name: Specify the username for FTP server. (Leave the field blank if you use TFTP sever.)
106
Password: Specify the password for FTP server. (Leave the field blank if you use TFTP sever.) File Directory: The file directory where configuration files will be saved to. File Name: The name of the backup configuration file which will be saved by date.
4.7 Save Configuration It is imperative that users save configurations before resetting the Managed Switch. If configurations are not saved, all configurations will be lost when you reset the Managed Switch or power failure occurs. Select Save Configuration from the Console main menu and then the following screen page appears.
Click OK to save the configuration.
4.8 Reset System After any configuration changes, Reset System can make changes effective. Select Reset System from the Console main menu and then the following screen page appears.
Click OK to perform System Reset.
107
APPENDIX A: Free RADIUS Readme The advanced RADIUS Server Set up for RADIUS Authentication is as below to follow.
When free RADIUS client is enabled on the device, On the server side, it needs to put this file f ile "dictionary.cts" under the directory /raddb, and modify as following these three files - "users", "clients.conf " and "dictionary", which are on the disc shipped with this product. * Please use any text editing software (e.g. Notepad) to do the following file editing works. In the file "users", Set up user name, password, and other attributes.
In the file "clients.conf ", ", Set the valid range of RADIUS client IP address.
In the file "dictionary", Add this following line -
$INCLUDE dictionary.cts
108
APPENDIX B: DHCP Readme The advanced DHCP Server Set up for auto-upgrade of firmware and configuration is as below to follow. Managed Switch Auto-upgrade Proposal Version 0.3 The Managed Switch supports the DHCP option 60 to work as a DHCP client. The system includes ISC DHCP server, FTP file server, and the Managed Switch. DHCP server includes the following vender specification options (by 43) to respond to the Managed Switch. 1. Option 43: Protocol (0: TFTP or 1: FTP) 2. Option 43: IP (TFTP or FTP server) 3. Option 43: User (Server login name) 4. Option 43: Password (Server login password) 5. Option 43: Filename (Firmware image) 6. Option 43: MD5 Code (Firmware image MD5 code) 7. Option 43: Filename (Configuration image) 8. Option 43: MD5 Code (Configuration image MD5 code) 9. Option 43: 16 Bits Option (Bit 0: Urgency Bit 1-15: Reserve) File server includes the following items: 1. Firmware image 2. Configuration image 3. User account for the Managed Switch The Managed Switch is setting-free (through auto-upgrade and configuration) and its upgrade procedure is as following: 1. Add the content of dhcpd.txt into dhcpd.conf. Then the ISC DHCP server will recognize the Managed Switch whenever the Managed Switch sends an IP address request to it. And ISC DHCP server will tell the Managed Switch how to get a new firmware or configuration. 2. The Managed Switch will compare the firmware and configuration MD5 code form of DHCP option every time when it communicates with DHCP server. 3. If MD5 code is different, Managed Switch will then upgrade the firmware or configuration. However, it will not be activated right after. . 4. If the Urgency Bit is set, Managed Switch will be reset to activate the new firmware or configuration immediately.
5. The Managed Switch will retry for 3 times if the file is incorrect, then it gives up until getting another DHCP ACK packet again.
109
This page is intentionally left blank.
Revision History Manual Version 1.2 1.1
1.0
Modificat ion Modification Modify LOGO image and product description. Add 1.3 RF over Fiber Fiber section. Revise System Information section (Add CATV Module). ESH/PSH/SWH 2108-2109 shared user ‟s manual. Add L2 Protocol Converting Converting section. section. Add Loop detection detection section. Add LLDP section. section.
Firmware Version
Date
1.10.00
2010/11
1.10.00
2010/09
1.10.00
2010/01
Note: This User ’ ’s Manual is written or revised according to the officially-released Firmware version.
The content of this Manual is subject to change without prior notice.
110
View more...
Comments
