G408M User manual - Ultra Electronics Nuclear Sensors & Process
Contents
1. Learning STP A port in this state is about to participate in frame relay but it is not involved in any relay of frames Frame relays are not performed to prevent the creation of temporary loops during the active topology of a changing bridged LAN In addition the forwarding process will discard all frames and not submit any frames for transmission The reason for enabling learning is to acquire information prior to any frame relay activities Information gathered will be used and placed in the filtering database MAC table to reduce the number of frames being unnecessarily reduced Forwarding STP A port in the forwarding state is currently participating in frame relay BPDUs will include the forwarding port in the computation of the active topology BPDUs received are processed according to the Spanning Tree algorithm and transmitted based on the hello time or BPDU information received Port Participates in Port Participates in SE e Topology Learning MAC Addresses Disabled No No Blocking No No Listening Yes No Learning Yes Yes Forwarding Yes Yes Table 1 1 802 1D STP Port States Port States for the RSTP Algorithm To optimize the efficiency of 802 1D spanning tree protocol certain states were condensed or eliminated to produce faster convergence times Specifically the disabled blocking and listening states in STP have been reduced down to a single discarding state in RSTP Discarding State RSTP In this state statio2. 1 SN BH 84393 Tepology changes 2 Fort Name Status State Cost 1 Managed Switch Menu t 1 Monitoring 1 port_1 included Unlinked 20 000 System Information 4 4 e e gt Port and Power Status 2 _ port 2 Inchoded Unlinked 20 000 Network Statistics GBR ron 3 inctudea Forwarding 200 000 Redundancy Status a a Multicast Filtering Status 4 port_4 Included Unlinked 20 000 Configuration Summary 5 port Included Unlinked 20 000 1 Setup I Maln Settings 6 port_6 Included Untinked 20 000 Redundancy Settings x P Trallic Priority pon Included Untinked 20 000 Multicast Filtering IGMP Her port included Forwarding 20 000 Virtual LANs VLANs le mity Settings a port_9 Included Blocking 20 000 i Advanced Operations Status is updated every 5 seconds Port The number of the port This corresponds to the labels on the switch Name The user configured name of the port Status The configured state of the port in the STP protocol included or excluded An included port is part of the managed network and may carry traffic to other managed switches for other devices An excluded port will not be used as part of the managed network For example a single uplink from a managed network of factory devices to a business network would be configured to be excluded from STP use State The STP RSTP state of the port see below Cost The cost of using this port to reach other parts of the managed network STP
3. Checked Tag Add Tag Where the data originates the camera or control system configure the QoS CoS settings for the video camera ports as follows Use 802 1p Tag Priority Use IP ToS DiffServ Default Priority Output Tag Unchecked Unchecked Expedited Remove Tag Also configure the control system ports as follows Use 802 1p Tag Priority Use IP ToS DiffServ Default Priority Output Tag Unchecked Unchecked Urgent Remove Tag In this way the switches will handle the packets appropriately and tag them for handling elsewhere in the network At the destination configure the control system port as follows Use 802 1p Tag Priority Output Tag Checked Remove Tag Also configure the video concentrator port as follows Output Tag Result Remove Tag Result Configuring the video data to have a lower priority than control data results in the QoS required for the control data UE 15 13 switch user manual 1 indd 51 51 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual In the diagram below we have an IPm controlling a turbine and some torque converters In addition we have a video concentrator device that is collecting video data Since the switch was configured such that video data Triangles has lower priority than control data circles we see that the control data gets sent out more often than the video data For clarity the diagram notes that untagged data in the network cons
4. UE 15 13 switch user manual 1 indd 36 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual See the RSTP Examples topic in this section for an example of how the path cost can be utilized to establish the primary and backup connections Port Type A port that connects to other switches in the network may be part of a loop To ensure such loops do not occur the switch will not put a port in the Forwarding state until enough time has passed for the spanning tree to stabilize twice the forwarding delay 30 seconds by default However if a port connects directly to a single device at the edge of the network it may safely be put in Forwarding state almost immediately The port Type controls the switch s assumptions about what is connected to the port Auto The port will initially be assumed to be an Edge port and go to Forwarding quickly It will automatically adjust to being a Network port if BPDUs are received and revert to being an Edge port any time no BPDUs are received for 3 seconds Network The port will always wait a safe time before going to the Forwarding state Edge The port will initially be assumed to be a direct connection to a single device but will change to being a Network port if any BPDUs are received Thereafter it will always wait a safe time before going to Forwarding whenever a link is reestablished on the port Point To Point MAC A port is part of a point to point network segment when there
5. be sure to have your original purchase order number and date purchased available We suggest that you give us a repair purchase order number in case the repair is not covered under our warranty You will not be billed if the repair is covered under warranty Please supply us with as many details about the problem as you can The information you supply will be written on the RMA form and supplied to the repair department before your unit arrives This helps us to provide you with the best service in the fastest manner Normally repairs are completed in two days Sometimes difficult problems take a little longer to solve If you need a quicker turnaround ship the unit to us by air freight We give priority service to equipment that arrives by overnight delivery Many repairs received by mid morning typical overnight delivery can be finished the same day and returned immediately We apologize for any inconvenience that the need for repair may cause you We hope that our rapid service meets your needs If you have any suggestions to help us improve our service please give us a call We appreciate your ideas and will respond to them For Your Convenience Please fill in the following and keep this manual with your NSPI system for future reference P O Date Purchased Purchased From 86 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Product Support To obtain support for Ultra Electronics
6. 34 UE 15 13 switch user manual 1 indd 34 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual root should be central in the network If most messages are between one central server and several clients the root should probably be a switch near the server so messages do not take a long path to the root and another long path back to the server Once you decide which switch should be the root it should be given the best numerically lowest bridge priority number in the network Max Age For STP RSTP the max age indicates the maximum time in seconds that the switch can wait for configuration messages from other managed switches max age can range from 6 to 40 seconds 20 seconds default If that time expires the switch assumes that it is no longer connected to the root of the network If a link goes down in a way that the switch can detect as loss of link it does not wait before reconfiguring the network RSTP uses 3 times the Hello Time instead of Max Age Note Assign all switches in a RSTP STP network the same max age Hello Time Configuration messages BPDUs are either sent periodically to other bridges based on a time period labeled hello time Hello time can be set from a range of 1 to 10 seconds 6 seconds default Decreasing the hello time gives faster recovery times while increasing the hello time interval decreases the overhead involved Note Assign all switches in the RSTP STP network the same hel
7. Ethernet Set IP per Port m Saith mu uenee ALR By BINN IP OrEIIeS BD GECESI DINEI OM the sateh Hart Nat hey consect meagh O Do mk provide IP 0GFoss to any dorice ee Provide adressas to dewices on ports enatied below nT Enabled When this box is checked the switch will handle DHCP requests for the port Address This field specifies the address to provide in response to DHCP requests CLI The Command Line Interface CLI allows you to manage the switch through text based commands Refer to the separate Managed Switch CLI Manual for complete details 64 UE 15 13 switch user manual 1 indd 64 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 12 Security Settings Security Overview The managed switch offers several ways to secure access to its management functions It can be remotely managed monitored and configured via the following methods Telnet This accesses the terminal or CLI interface same as you would get through the console serial port but over the Ethernet network This type of access offers only password protection authentication but no encryption SSH Secure Shell like Telnet accesses the terminal or CLI interface over the Ethernet network It offers both password protection and encryption SNMP SNMPv3 This method access the Management Information Bases MIBs using an SNMP server or master utility Standard SNMPv1 or SNMPv2 has password security SNMP
8. Got vew Pawaka Tos Adverced Hep Qu Q A Pah Erim M Unplug your computer from your Local Area Network LAN Repar Cime Sarira yr settings of ths ection Rename Access the Properties for your Internet Protocol TCP IP Select Use the following IP address and enter an IP of 10 2 0 100 and a subnet of 255 0 0 0 Internet Protocol TCP IP Properties General You can get IP saling aseayned aulunabcaly you nalmak supports this capabdity Cithenier pou need to ask pour network administrates for the accecedate IP settings O Otten an IP akiert sdomatcaly Uze the loborerg IP adders IP oddress Subnet mack Qeta yaterray Obie ONS et adhe etorshe th C Uag the tolleweng DNS server adresses Panienod DNS seever Meinate DNS server UE 15 13 switch user manual 1 indd 9 Bridge Connections 4 2 13 12 45 AM 10 11 10 EOTec G408M Managed Ethernet Switch Software User Manual g Select OK to activate the change Reboot your PC if prompted Connect an Ethernet patch cable between your PC and any of the RJ45 Ethernet ports on the switch To access the switch use a web browser program such as Internet Explorer Mozilla Firefox or other Type the switches default IP address 10 2 0 1 in the web browser s address bar and hit enter on your keyboard 2h SIXNET Industrial Automation Q Connectivity Products Micros E 6 x bile EA o MiRWw oo Raverites Lana Help ae G35 b
9. IGMP version that the switch will use All IGMP routers and snooping switches on a network should be configured for the same IGMP version Select 1 or 2 as appropriate for your installation Robustness This setting specifies how many queries may be lost without impacting forwarding as the switch tries to find IGMP hosts 54 UE 15 13 switch user manual 1 indd 54 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Query Interval This setting specifies how often the switch will send IGMP queries Query Response Interval This setting specifies the maximum time for hosts to respond to IGMP queries For IGMPv1 this is fixed at 10 seconds IGMP Port Settings bme gees a Hein ELECTRONICS Optimize your IP multicast trafic by specitying IGMP for each port Port Name Exclude Router Nuclear Sensors amp 1 ponti O Auto detect Static Process Instrumentation a an on weww Ultra NSP Lecom 2 port_2 LJ Auto detect Static 1 800 880 3333 aa 3 port_3 Auto detect Static 4 porta D Auto detect O Static Managed Switch Menu 5 pots Auto detect Static Monitoring Setup 6 pots Lj Auto detect Static 1 Advanced Operations a a n 7 pot7 0 Anto delect Static 8 pote Auto detect static Commit Changes IGMP Port Settings Generally the switch will dynamically learn which ports have IGMP routers attached to them by listening for IGMP Query messages Under some circum
10. Lasin Cat cation of bateta Coen ict Aa ara ban ie camet Dapa IGMP Switch Settings IGMP Mode This setting controls how the switch handles IGMP messages to determine how to forward multicast traffic IGMP Disabled causes the switch to ignore IGMP messages All multicast traffic will be sent to all ports Passive IGMP handling causes the switch to listen to IGMP messages and configure forwarding of multicast traffic accordingly Active IGMP handling causes the switch to act as an IGMP router sending queries when needed and configuring multicast forwarding according to IGMP membership reports Multicast Suppression This enhanced feature can intelligently suppress multicast packets that no host has requested with IGMP None Multicast packets will be sent to all ports unless IGMP is enabled and one or more clients have sent IGMP Report requests IP multicast groups Multicast packets corresponding to IP multicast groups with MAC addresses starting 01 00 5e will be suppressed unless one or more clients have sent IGMP Report messages Multicast packets with other addresses any other packet with a MAC address starting 01 will be sent to all ports All unreserved multicast Multicast packets with reserved multicast addresses 01 80 c2 00 00 0x where x is 0 f will be sent to all ports All other multicast packets will be suppressed unless one or more clients have sent IGMP Report messages IGMP Version This setting controls the highest
11. Menu Monitoring Setup M Main Settings Redundancy Settings Traffic Priority Muras Fi Virtual LAN Security Settings Remote Access Security Port Security Enables Port Security MAC Enties Advanced Operations Mex 68 UE 15 13 switch user manual 1 indd 68 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 69 EOTec G408M Managed Ethernet Switch Software User Manual Appendix A Basic Troubleshooting Symptom No power to the switch Answer Check connections to ensure the power and ground are attached to the correct terminals Check Voltage of power coming into P1 or P2 to ensure it is within 10V 30V Ensure there are no shorts between power and ground If the above fails contact support Symptom No link light on a switch port Answer Check to ensure correct connection of Ethernet cable both ends Check the CAT 5 RJ45 cable itself Check the other device to see if it is powered up and operating correctly Try moving the Ethernet cable that has the possible faulty connection to another port in the switch and check for link light Symptom Slow connection on the switch Answer Possible negotiation problem Check to ensure the devices connected to the switch supports the appropriate duplex settings full or half duplex that are currently stored in the switch configuration Symptom Forgot the password to access the switch Answer To recover from this full firmware must be reloaded i
12. Overview The Industrial Ethernet Managed Switch is a configurable device that facilitates the interconnection of Ethernet devices on an Ethernet network This includes computers operator interfaces I O controllers RTUs PLCs other switches hubs or any device that supports the standard IEEE 802 3 protocol This switch has all the capabilities of a store and forward Ethernet switch plus advanced management features such as SNMP RSTP and port mirroring This manual details how to configure the various management parameters in this easy to use switch Introduction To take full advantage of all the features and resources available from the switch it must be configured for your network The switch implements Rapid Spanning Tree Protocol RSTP and Simple Network Management Protocol SNMP to provide most of the services offered by the switch Rapid Spanning Tree Protocol allows managed switches to communicate with each other to ensure that there exists only one active route between each pair of network nodes and provides automatic failover to the next available redundant route A brief explanation of how RSTP works is given in the Spanning Tree section The switch is capable of communicating with other SNMP capable devices on the network to exchange management information This statistical derived information from the network is saved in the Management Information Base MIB of the switch The MIB is divided into several different information storage
13. RSTP Port States In Spanning Tree Protocol there are five port states Rapid Spanning Tree Protocol uses just three Table 1 1 and Table 1 2 show port states port participation in the active Spanning Tree Topology and port participation in learning MAC addresses for STP and RSTP respectively All ports that are not physically connected to an Ethernet device or have a faulty connection will be labeled as unlinked in the port state section 39 UE 15 13 switch user manual 1 indd 39 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Port States for the STP Algorithm Blocking STP A port in this state does not participate in frame relay pass frames received to other locations Once a port is in this state it is prevented from the possibility of frame duplication caused by multiple paths in an active topology Listening STP A port in this state is about to participate in frame relay but is not involved in any relay of frames no frames will be forwarded The reason for not entering frame relay immediately is to ensure that there are no temporary loops introduced when the network topology is changing During this state the bridge will disable all learning states on its ports to prevent the race conditions when ports are changing roles and the forwarding process will discard all frames and not submit any frames for transmission Meanwhile BPDUs can still be received and forwarded to keep the algorithm running
14. ULTRA ELECTRONICS NSPI will be free from defects in material and workmanship ULTRA ELECTRONICS NSPI s obligation under this warranty will be limited to repairing or replacing at ULTRA ELECTRONICS NSPI s option the defective parts within one year of the date of installation or within 18 months of the date of shipment from the point of manufacture whichever is sooner Products may be returned by Buyer only after permission has been obtained from ULTRA ELECTRONICS NSPI Buyer will prepay all freight charges to return any products to the repair facility designated by ULTRA ELECTRONICS NSPI This limited warranty does not cover losses or damages which occur in shipment to or from Buyer or due to improper installation maintenance misuse neglect or any cause other than ordinary commercial or industrial applications In particular ULTRA ELECTRONICS NSPI makes no warranties whatsoever with respect to implied warranties of merchantability or fitness for any particular purpose All such warranties are hereby expressly disclaimed No oral or written information or advice given by ULTRA ELECTRONICS NSPI or ULTRA ELECTRONICS NSPI s representative shall create a warranty or in any way increase the scope of this warranty This limited warranty is in lieu of all other warranties whether oral or written expressed or implied ULTRA ELECTRONICS NSPI s liability shall not exceed the price of the individual units which are the basis of the claim In no event
15. available network bandwidth 35 UE 15 13 switch user manual 1 indd 35 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Port Settings Menu In this menu each available port in the managed switch can be configured for optimizing the STP RSTP behavior of the switch To access this menu select the Setup option from the Main Menu and then select Redundancy Settings Spanning Tree Port Settings ELECTRONICS Optimize your network redundancy and maximize reliability by specifying spanning tree protocol parameters for each port Nuclear Sensors amp Process Instrumentation www Ultra NSPLcom RSTP Port Settings Port Name Exclude Priority Path Cost Type Point to Point port_1 o 128 Auto 20000 Auto Auto v it 1 Managed Switch Menu p es z a n Monitoring 2 por_2 go 128 O Auto 20000 Auto Aulo v Setup Main Settings 3 porns a 1 Auto 20000 Ato Auto v t Redundancy Settings Spanning Tree Settings 4 port_4 128 Auto 20000 Auto v Auto v Spanning Iree Port Settings 5 por_s oO 128 O Auto 20000 Auto Auto v Self Healing Ring Settings Tratfic Priority 6 pon 6 oO 128 Auto 20000 Auto Auto v t Multicast Filtering IGMP Virtual LANs VLANs 7 port_7 128 auto 20000 Auto Auto v Security Settings a Advanced Operations 6 pone OF 128 Auto 20000 Auto Auto x Comma Changes
16. can be no more than one other network port connected to it RSTP can decide whether it is safe to forward network traffic very quickly on point to point links to other managed switches otherwise the port must wait many seconds 30 seconds by default twice the forward delay before forwarding network traffic When set to Auto full duplex links are assumed to be point to point half duplex ports are not This setting can be forced true or false if the automatic determination would be wrong RSTP Setup Guidelines A Rapid Spanning Tree network is simple to setup and use In most cases where all you want is a simple ring of switches all you have to do is enable RSTP Just leave all the RSTP parameters at their factory defaults and the switches in the ring will automatically determine the best primary and backup pathways For the best RSTP performance here are some basic guidelines to follow Redundancy Protocol Choose the Rapid Spanning Tree Protocol RSTP for most applications because it offers the fastest recovery times and is fully compatible with the original Spanning Tree Protocol STP Typical Recovery Time The Managed Switches firmware v3 1 or higher with RSTP enabled typically provide less than 50 mS per hop recovery times when there is a link loss failure in the network A typical ring network of ten managed switches will provide a recovery time of lt 500 mS Number of hops and Switches in a Ring Network The Max Age setting
17. concern use the Secure Shell protocol instead SSH Secure access can be achieved through the use of the Secure Shell protocol SSH which implements strong authentication and secure communications using encryption Using this protocol will ensure that your login information never gets sent as clear text keeping the switch protected against possible attacks coming from the network Both The switch can be accessed through secure SSH and non secure telnet terminal access The switch supports these encryption algorithms for SSH 1 3DES 2 Blowfish 3 AES 4 Arcfour To take advantage of the SSH capability in the switch you will need to use a SSH client program There are many SSH client programs available for you to log onto the host the switch Two open source SSH client programs are available on the Internet Program Name OpenSSH for Windows http sshwindows sourceforge net Program Name PuTTY http www chiark greenend org uk sgtatham putty The SSH protocol requires some way for clients to be sure they are communicating with the intended host The host computes a fingerprint based on its key and provides that to the client for verification The first time a client program sees a fingerprint it typically displays it and asks something like The host is offering me these credentials should trust it If you agree the fingerprint is stored for later reuse For the system to be secure the fingerprint
18. credentials such as an unrecognized community string are presented to the SNMP agent Enable this setting to generate authentication traps Topology change Traps can be sent when the topology of the spanning tree changes Enable this setting to generate topology change traps Link 1 up down Link 8 up down Traps can be sent when a link goes up or down the same state reflected in the LED for each port Enable these settings to generate link up down traps Trap Managers Use the Trap Managers Menu to specify where traps will be sent The Trap Managers Menu can be accessed by selecting Setup from the Main Menu and then selecting Main Settings Up to five trap managers may be configured For each one the following values may be specified Host The IP address of the host where the trap manager is located Community String The community string to use when contacting the trap manager on the host Version The SNMP trap version to send Note There are two system traps that cannot be disabled and will be sent to any configured trap managers A coldStart trap will be sent whenever the SNMP agent starts up usually this is only when the switch is reset A NotifyRestart trap will be sent whenever the SNMP agent s configuration changes and is reloaded This will happen for example when you commit changes on a configuration menu that includes SNMP settings 26 UE 15 13 switch user manual 1 indd 26 4 2 13 12 45 AM EOTec G408M Managed Eth
19. device B The same applies for devices connected to switch 2 B talking to A and switch 3 C talking to A As a result of this money saving configuration the network redundancy performance is traded off and left at the mercy of the time it takes to age out MAC table entries in switches 1 2 and 3 Depending on the model of unmanaged Ethernet switch entries in the MAC table are usually aged out in a time period of 5 minutes or more This introduces at least 5 minutes of downtime for the plant which could have a very detrimental cost with respect to the operation of the plant By replacing switches 1 2 and 3 with managed switches the network convergence time is brought down to a less than a second An additional benefit is that the network is not limited to only one redundant loop and can have a mesh of connections for a truly redundant network scheme at all points in the network 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 45 EOTec G408M Managed Ethernet Switch Software User Manual Section 7 Self Healing Ring SHR RSTP STP allows network media redundancy that is compatible with other manufactures managed switches but recovery times in this mode may not be fast enough in some time critical applications Ultra Electronics offers a Self Healing Ring SHR solution with fast predictable recovery times without all the setup required for RSTP At 60ms Sms per hop the SHR is much faster than RSTP s 50ms per
20. manual 1 indd 20 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual System Up Time is available via SNMP as system sysUpTime 0 This is the amount of time since the switch was last powered up Port Status The Port Status page displays the current status of each port The display will be updated every 5 seconds The following information for each port is displayed Port The number of the port This corresponds to the labels on the switch Name The user configured name of the port Admin The configured state of the port enabled or disabled Link The current state of the Ethernet link at a port If there is a proper connection link status will show Up If the port is disabled not connected or has a faulty connection the link status will show Down Negotiation Shows whether auto negotiation is enabled Auto or disabled Fixed Speed Duplex Shows the speed of the connection 10 100 or 1000 Mbps and the duplex status h half duplex f full duplex Power and OK Status A separate area below the Port Status grid mimics the P1 P2 and OK status LEDs on the switch When P1 is highlighted power is detected on the first terminal input P2 is highlighted when power is detected on the second terminal input OK is highlighted when power is detected on the first and second terminal inputs and the switch software is running industrial Fihernet Port and Power Status ktanaged Ewhch ive Geit Bee tinis in
21. reve 2 6 90 oot Ersted H batatan Sat kiiai amp pers Esatea wee upee EPR ap MELI 9 pos Essie Locman tet eaten st ratito ae Cornet Gat rare are eat at sorter Comment rges te meee eye vee te harmer ewes armen QoS Example QoS Ensures Real time Delivery of Important Messages Let us investigate a detailed example of how to manage a network such that critical real time data will not be interrupted by data that is not as urgent relatively speaking Consider the following Hypothetical Scenario Scenario There is a power plant that is controlled by a central control system In addition because of security concerns cameras have been mounted and installed at each location of mechanical control The mechanical control devices and video cameras at each site communicate via Ethernet to their own switch For reasons of simplicity and clarity we will assume that only video and control data reside on the network Problem Should any of the mechanical control devices receive delayed control data from the central control system the power plant can t generate the maximum energy that it is capable of Customers will experience brown outs and the plant will be looked upon with negative scrutiny It is therefore very important that the video traffic created by the cameras not delay critical data Goal To optimize the forwarding of critical real time control data and minimize or eliminate the impact of video data traversing the
22. shall ULTRA ELECTRONICS NSPI be liable for any loss of profits loss of use of facilities or equipment or other indirect incidental or consequential damages INSTALLATION AND HAZARDOUS AREA WARNINGS These products should not be used to replace proper safety interlocking No software based device or any other solid state device should ever be designed to be responsible for the maintenance of consequential equipment or personnel safety In particular ULTRA ELECTRONICS NSPI disclaims any responsibility for damages either direct or consequential that result from the use of this equipment in any application All power input and output I O wiring must be in accordance with Class Division 2 wiring methods and in accordance with the authority having jurisdiction WARNING EXPLOSION HAZARD SUBSTITUTION OF COMPONENTS MAY IMPAIR SUITABILITY FOR CLASS 1 DIVISION 2 ZONE 2 WARNING EXPLOSION HAZARD WHEN IN HAZARDOUS LOCATIONS DISCONNECT POWER BEFORE REPLACING OR WIRING UNITS WARNING EXPLOSION HAZARD DO NOT DISCONNECT EQUIPMENT UNLESS POWER HAS BEEN SWITCHED OFF OR THE AREA IS KNOWN TO BE NONHAZARDOUS UE 15 13 switch user manual 1 indd 5 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual FCC Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against har
23. specified in the range from 2 to 4094 For example in the screen shot above the Engineering VLAN ID is 56 FID This filtering ID allows multiple VLANs to be grouped for easy filtering in the MAC address monitoring page There are three reserved VLAN IDs that should not be used VLAN ID of 0 is used to identify frames whose tags carry only priority information VLAN ID of 1 is normally used for switch configuration and management Note On the G408M the management VLAN ID is configurable by changing the Management VLAN ID from 1 to the number of your choice VLAN ID of 4095 is not allowed by the 802 1Q standard Ports To select the ports to include in this VLAN check the box for each port you wish to include Remember that if the CPU box is not checked you will be unable to communicate with the switch from within this VLAN Note When working with tag based VLANs ports included in a VLAN may lead to other network devices which require tags to properly route data or to end devices which cannot process VLAN tags Use the VLAN Port Settings page to configure the appropriate type for each port Delete When selected this VLAN will be deleted when changes are committed VLAN Port Settings Each switch port can be configured to control how VLAN tags are handled for frames coming in and going out of the port Aeteutrial Ethernet VLAN Port Settin heen aped Switch wil ETI Ohipa biie Specty purt spect VLAN sefnys 60 UE
24. to the root the non root switches must decide which port to use They check all of their ports to select the port that is receiving messages indicating the best path to the root The selected port for each bridge is called the root port It provides the best path to communicate with the root The best path is determined first by the lowest total path cost to the root root path cost Each port is assigned a cost usually based on the speed for messages received on that port The root path cost for a given path is just sum of the individual port costs for that path The lowest path cost indicates the shortest fastest path to the root If more than one path has the same cost the port priority assigned to each port and its tie breaker the port number pick the best path Let the Network Traffic Through Here we see that the spanning tree is almost complete as we have a root bridge selected and root ports selected for all other bridges A hierarchy of bridges has been established but no traffic is flowing on this network yet All of the ports are blocking network traffic except for the configuration messages Active links are now set to forward network traffic the backup links continue to block network traffic and the network is working Bridges participating in the Spanning Tree Network will constantly check to see if there is a better configuration Communication Loss Should a communications link become severed the network will change the active
25. to wait before determining it is safe for a port to make transitions leading to forwarding network traffic Full Duplex Simultaneous transmission of data in both directions across one link Gateway IP IP address of the device used to bring two networks together GDA Group Destination Address A class D IP address used as the destination address for multicast data Class D IP addresses have high order bits 1110 and fall in the range 224 0 0 0 to 239 255 255 255 Half Duplex Only one device is transmitting data at any point in time Hello Timer Timer value to indicate the interval that STP configuration messages are sent out from the root bridge IEEE 802 3 This is the primary standard for Ethernet This switch complies with this primary standard and various related sub standards such as 802 3u 100BASE TX 802 3x full duplex with flow control 802 1D 2004 STP RSTP IEEE 802 1Q This switch complies with this standard for the operation of Virtual LANs IGMP Internet Group Management Protocol used for IP multicast filtering IP Address Address used to indicate the destination of where IP packets should go IPv4 Internet Protocol version 4 76 UE 15 13 switch user manual 1 indd 76 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual IPv6 Internet Protocol version 6 Latency This is the time it takes a message to be routed internal to a switch from one port to another The typical latency o
26. total of 63 possible VLAN configurations the VLAN settings menu could show up to 9 available options for you to choose from the last option will always end with New for the creation of a new VLAN Upon selection of an option 2 9 will yield a screen such as the one shown below VLAN Settings A Help ELECTRONICS Manage statically configured VLANs VLAN mode Disabled Nuclear Sensors amp Coretype ox6100 Process Instrumentation wow Ultra NSPI com Learning Shared X 1800 000 9333 L H Name Type 1D FID Ports Delete I Managed Switch Menu mo ot rw oe Ti j j i Monitoring Management par f 0 po o ew m z J g Setup gt 223465 6 8 Main Settings Y Redunde Settings _ _ Traffic Priority me Add VAN Comrnut Changes Multicast Filtering IGMP Virtual LANs VLANs VLAN Settings VLAN Port Settings Y Security Settings Advanced Operations 59 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Choose an entry in the list that has the word lt new gt as the descriptor and you will be presented with five options to choose from noon Name A mnemonic name for a VLAN such as Engineering Manufacturing Building 58 This is used for display only Type The VLAN s type port based or tag based make sure to define the VLAN ID before selecting tag based ID This ID identifies the individual VLANs you create on your network The VLAN ID must be
27. used for comparison must be transmitted out of band by a means other than the channel that is being secured by the fingerprint In this case via documentation The RSA fingerprint for the managed switch s encryption key is 1e 0f 31 39 26 3f 23 8 ba 7e e9 d1 56 fF 98 76 66 UE 15 13 switch user manual 1 indd 66 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Web Access Choose the level of web access to allow None No web access allowed HTTP Basic HTTP access allowed HTTPS Secure HTTP HTTPS required Attempts to access the switch via http will be redirected to the secure protocol Both Basic and secure HTTP access allowed CLI Access Choose the level of web access to allow Enabled CLI access enabled Disabled CLI access disabled Automatic Logout Specify the number of minutes of inactivity before terminal sessions automatically logout to prevent unauthorized access The default is 5 minutes SNMP Read Only Name This parameter sets the SNMPv2 community string and SNMPv3 user name that may be used by SNMP clients for read only access of settings Enter your own value if you wish to secure read only access Default is public SNMP Read Only Password This parameters sets the password for secure SNMPv3 access by the read only user SNMP passwords must be at least eight characters long The default read only password is publicowd w out quotes SNMP Read Wri
28. 0 ports Download the latest firmware and user manual from the web site at www ultra nspi com UE 15 13 switch user manual 1 indd 4 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Ultra Electronics Protected Technology Policy ULTRA ELECTRONICS NSPI protects your investment in with long term planned technology and our unique Protected Technology Policy We will continue to support the specified capabilities of standard ULTRA ELECTRONICS products for at least five years twenty years for Industrial Managed Switches We plan each product improvement and new feature to be upward compatible with existing designs and installations Our goals are to make each new software release bring new power to your ULTRA ELECTRONICS systems and have every existing feature applications program and data file continue to work We protect your investment even further with a liberal five year trade in policy Exchange standard products for upgraded versions of the same product to take advantage of new features and performance improvements at any time for five years A prorated trade in allowance will be given for your existing equipment ULTRA ELECTRONICS protects your long term productivity with state of the art planned technology and continued support ULTRA ELECTRONICS Statement of Limited Warranty ULTRA ELECTRONICS NSPI manufacturer of ULTRA ELECTRONICS NSPI products warrants to Buyer that products except software manufactured by
29. 08M Managed Ethernet Switch Software User Manual case anymore Due to the increased demand for better convergence times Rapid Spanning Tree Protocol was developed bringing the normal convergence time for a properly configured network down to a few seconds The RSTP takes advantage of the fact that most modern Ethernet links between switches are point to point connections With a point to point link the switches can quickly decide if the link should be active or not Protocol Settings Menu The Protocol Settings menu allows for you to configure general Spanning Tree Protocol settings for the switch The menu is reached by selecting Setup option from the Main menu and then Redundancy Settings tadustrial Fthoenet Redundancy Protocol Settings Dikine teres LAULE Ine OLINAR Of your network Dy PAMEN NODAL OONAN Y Me Sri tar 216 Fremre rev 35 9008 MAC sament CONTE sico me 10201 sores Location Sat beston ot witch Comt Gat name iene oaan of Cortect fer id Redundancy Protocol Select none if you do not require the switch to manage redundant network connections All ports will forward network traffic just as an unmanaged switch would Otherwise RSTP Rapid Spanning Tree Protocol should usually be selected A selection of STP or RSTP will allow redundant links between switches so those links can keep the network connected even when a primary link fails RSTP is compatible with switches that only implement plain STP an older vers
30. 0h 10f 100h 100f 10h 10f 100h 100f 10h 10f 100h 100f 10h 10f 100h 100f 10h 10f 100h 100f 1000f 10h 10f 100h 100f 1000f 10h 10f 100h 100f 1000f Flow Control Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled 71 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual RSTP STP Port Configuration Port Name R STP Priority Cost Type PtpMAC 1 Port_1 Included 128 200000 Auto Auto 2 Port_2 Included 128 200000 Auto Auto 3 Ront Included 128 200000 Auto Auto 4 Port_4 Included 128 200000 Auto Auto 5 Port_5 Included 128 200000 Auto Auto 6 Port_6 Included 128 200000 Auto Auto 7 Port_7 Included 128 200000 Auto Auto 8 Port_8 Included 128 200000 Auto Auto 9 Port_9 Included 128 200000 Auto Auto SNMP Notifications All traps disabled 72 UE 15 13 switch user manual 1 indd 72 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Appendix C SNMP SUPPORT Groups General Description Location and RFC Support Information about the switch as a system name description physical 1 3345 11 2 lel SU location uptime contact and a list of RFC 1213 ints WE ts aully supported other groups in the MIB ifTable Basic interface info Per port information at the interface 13 11 2112 iseler Brene Interfaces ee RFC 1229 interface info y ifStackTable Interface layering for VLANs Address translation information to ese Owle Zales A map IP
31. 11 Other Special Features Network Time Protocol You can define an IP address for a time server on your network On startup the switch will contact the server you specify to acquire the current time Then any time stamped information will use this time You can also define the time zone in which the managed switch resides Meduarial Cihernet System Settings Quick Setup Lhe vers fren Set nase parameters in GATA contguee and ETATY he WEN P many cases Pese wee mi Fe vetirrgs Pint we revewary pre Network Settings ee Mamet Satin i antea y freewe rey stno addons prozm mask fits 000 ig et amey oon Laaa Deen Paret ONG eee OH fn I server Juve rmesone Arorcaliee Vow v Reduneancy preteset Epit perry Tee Eroso System identi icatien NTP server default none The IP Address of an NTP server from which the switch may retrieve the current time at startup Timezone default Unset The local time zone such as America New_York for the East coast of North America Set IP Per Port The switch may provide an IP address to one device on each network port This feature may be turned on and off for the whole switch and individually controlled for each port The switch responds to DHCP requests by providing a statically configured IP address to the first device to request one The DHCP lease does not expire 63 UE 15 13 switch user manual 1 indd 63 4 2 13 12 45 AM EOTec G408M Managed Ethern I r Manual
32. 15 13 switch user manual 1 indd 60 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual PVID This is the port s default VLAN ID It is applied to frames which arrive at the port without a VLAN tag or with a priority only VLAN tag one which contains the special VLAN ID 0 Set the desired PVID to make sure your untagged packets for the port get forwarded to other ports in the desired VLAN Note Switch management and configuration is only possible through the port if the PVID is set to 1 the default Setting the PVID to another value prevents the switch from being managed configured via that port unless the system you are using to configure the switch can explicitly tag frames for VLAN 1 the management VLAN Force When this is checked the PVID is forced on all frames coming in this port regardless of any existing tag Type The port type controls how tags are handled on frames exiting this port Network All frames exiting this port will be tagged If no tag was present when the frame entered the switch the source port s PVID will be used Typically a Network port will be a member of many or all tag based LANs on a switch and is used to forward VLAN traffic to another switch which then distributes it to other network segments based on the tags A Network port can only send packets for VLANs in which it is a member Edge No frames exiting this port will be tagged Use this setting for ports leading to legacy or e
33. Femware rev 4 Including or Excluding a Port Normally all ports should be included in determining the Spanning Tree network topology either as a normal port or an edge port It is possible to completely exclude a port so that it will always forward network traffic and will never generate or respond to network messages for RSTP or STP Excluding a port is an advanced option that should be used only if absolutely necessary Port Priority If the switch has more than one port that provides a path to the root bridge and they have the same root path cost the selection of which port to use is based on the port priority The port with the best numerically lowest priority will be used If the port priority is the same the switch will use lowest numbered port The port priority can range from 0 to 240 seconds 128 second default Path Cost As with any network there is an associated cost to go from a source location to a destination location For RSTP the root path cost is calculated based on the bandwidth available for that particular connection to the root bridge The port with the lowest cost for delivering messages to the root is used to pass traffic toward the root The path cost can be assigned automatically based on the port speed using the IEEE standard values of 200 000 for 100Mbps links and 2 000 000 for 10Mbps links or the value can be specified in the range 1 to 200 000 000 Path costs are set to a fixed value by default 36
34. Free TFTP servers for Windows and Linux are available on the web They are generally easy to install and setup For more details and links to available TFTP servers see www ultra nspi com Configuration Management One checkpoint backup version of the switch s configuration can be stored in a local file on the switch Unlimited backups can also be saved to your local system web interface only or to a TFTP server elsewhere on the network tanayed Switch Sra iire neve The contgurater may Or saved and nuured fom a unge cheoponi Me That fe may be Cogeed to Or fom your local Comouter o a TFTP server to stow multicle checkpoints or secure K Senegas atom mows Storage When ERNA D NEPON VOU My Chote 1O ORAE PAWON MGI DNCP img eraterd anerest NENAS ANA gateway OF tn preserve Cutest network seme TT Netup Advanced o Cont yer pian Management Sees Chectpont ese Grecipers Restore Factory Oetaulte eee eee Reset Swich Frevene nates penegi lipdete Firmware maga eer Save of remeve a t trom your otai remem aor reenter zsa Prnmet ree 25 1008 peasy it Bees ort eee Emone Upload edam we et Bett inpar Location Bahh Pwi 7 Save ar reeve a fee from n TFTP server EN Rae ne VETTE TETP server acos gt o Leeg naes ta amame amat Remote f enane aruna Savew TTP Aumua tam TFTP Save Checkpoint Saves a checkpoint configuration in the switch which may be used later to revert back to the curren
35. IP address 10 204 Subnet mask 296 000 nnn pees j e wrt Seri mmeer 2 at Firmware revisten 5 1000 be ee ne E MAC agaress onan 12 07 a ea wooar ms ee Laeda Tath rwar Cadet smdiipebentrcrgery n Synstirs updatnd every 15 sconti Laag mewet t hotet Leanas aarme Model number of the switch Description is available via SNMP as system sysDescr 0 This is the basic description of the switch System Name The hostname of the switch It must contain only letters digits and dashes This may be read or written via SNMP as system sysName 0 Switch Location The physical location of the switch the cabinet closet rack etc it is in This may be read or written via SNMP as system sysLocation 0 Contact Typically this parameter includes the contact s name and e mail address This may be read or written via SNMP as system sysContact 0 IP Address IP address of the switch Subnet Mask Subnet Mask of the switch Readable via SNMP as RFC1213 MIB ipAdEntNetMask lt ipaddress gt where lt ipaddress gt is the IP address of the switch e g 10 2 0 1 Gateway Gateway IP configured for the switch Readable via SNMP as RFC1213 MIB ipRouteNextHop Serial Number is a unique serial number assigned to the switch at the factory This number is not settable Firmware Revision is the version of the firmware currently in the switch MAC Address Media Access Control number of the switch not settable 20 UE 15 13 switch user
36. Message Rate Limiting Poorly configured applications and devices or malicious users can flood your network with broadcast packets that are forwarded to all ports and can quickly consume most of a network s bandwidth The managed switch provides some protection from such broadcast storms by allowing you to limit the rate at which these messages are accepted by the switch For each port you may choose to limit the rate of broadcast and multicast messages accepted Messages over the preset limit will be discarded The limits are applied based on priority according to the following table Priority Background 10 of link capacity Normal 20 of link capacity Expedited 40 of link capacity Urgent 80 of link capacity 49 UE 15 13 switch user manual 1 indd 49 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual The exact limit depends on link speed industrial Fiternet Message Rate Managed Swich Gs Hate Limneng ie Setite waren Pretec yur PEDE PAN SEEEN PENITA due tn OSAERA A UR a EENS ty 3 erating message rar bearg Sarih teow Led Fort Mame Limit Broadcast and Mumcast 1Semp umes emen a a m i Main Sutinga 1 po ssbod 0 Redundancy Sethege n E D Teattic Preerity 2 pe tastos w aS CaS Seomngs or amen lt 2 19 Tea 3 po Erates t 2 z 2 pona Esatied fat Viena LANS 1U Advancad Operations 5 pes Emsi N ce me meree Myagi trt t G pps Castes S vie ae ME Femewewre
37. Nuclear Sensors amp Process Instrumentation EOTe 5 G408M Ultra ELECTRONICS EOTec G408M Managed Ethernet Switch Software User Manual For the latest version of this user manual please go to www ultra nspi com Ultra ELECTRONICS Revised 4 02 13 UE 15 13 switch user manual 1 indd 1 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Contents at a Glance Section T wcice aie aed aedtiaaodas Quick Start Guide Section 2 iscsi caren aes Overview 0005 Introduction Administrative Access Web User Interface Gaining Network Access Configuring the Ports Section S irori Advanced Operations Configuration Management Factory Defaults Resetting the Switch Update Firmware via Web Update Firmware via TFTP Update Firmware via Utility Section 4 0 cece eee System Information Port Status Power and OK Status Network Status Redundancy Status Multicast Filtering Status Configuration Summary MAC Address Table Section 5 0c ee eee eee SNMP MIB and RMON SNMP Notifications Trap Managers Network Statistics Port Mirroring Section6 What is RSTP RSTP General Settings RSTP Port Settings RSTP Setup Guidelines Redundancy Status RSTP Exa
38. Software and associated documentation Licensee agrees to prevent any unauthorized copying of the Software Except as expressly provided herein Licensor does not grant any express or implied right to Licensee under Licensor s patents copyrights trademarks or trade secret information This software runs in coordination with firmware embedded into the Licensor s hardware products This firmware is agreed to be part of this Licensed Software It is further agreed that the designs of the Licensor s hardware products are the proprietary property of the Licensor 2 License The author grants you the Licensee a license to use this software only after you have completed the required registration and if you agree to the terms of this agreement and any restrictions of the registration you have obtained No ownership in or title to the software is transferred to Licensee This license is non exclusive This license is non transferable except if in accordance with an OEM agreement with the Licensor Licensee is authorized to make only those copies of this software that are required to use it in accordance with license granted and those copies required for backup or archival purposes Licensee agrees to prevent any unauthorized copying of the software or any registration number provided 3 Restrictions Except as set forth herein the Licensee may not copy sell transfer loan rent lease modify create derivative works or alter the Products witho
39. TFTP server can be used to Save or Retrieve configuration files or Update Firmware in the switch Available on the Internet are many TFTP Trivial File Transfer Protocol servers Most TFTP servers look and perform very similarly with respect to each other Since the TFTP servers are so similar to each other we will only need to explain how to use one of them to effectively show how to use TFTP with the switch Using TFTPD32 Let s take a look at a simple and effective TFTP server called TFTPD32 created by Philippe Jounine This TFTP server is freeware free non commercial product and available on the Internet at this address http tftpd32 jounin net Please read the conditions for using this freeware product At the site choose to download the latest version of the TFTPD32 server The file downloaded is a zip file which contains the TFTPD32 executable the server itself an uninstall program and an online help file Extract these files to your desired directory on your computer and run the tftpd32 exe executable Choosing the Ethernet Interface The first step is to find out the IP address and subnet that the switch uses Knowing this make sure there is at least one Ethernet interface Ethernet card in your computer that resides on the same network as the switch Next in the TFTPD32 server choose the interface that is being used to communicate with the switch from the Server Interface Selection drop down box Choosing Your Restore Direc
40. TP network is controlled by Max Age Since the largest value allowed for Max Age is 40 the largest RSTP network hop diameter is also 40 Number of Hops vs Recovery Time The diagram below shows a typical redundant ring network with 6 managed switches and 5 hops between stations The overall recovery time when there is a network segment failure is dependent on the number of hops The recovery time is typically less than 50 mS per hop Therefore in the diagram below of a typical ring with 6 managed switches the overall recovery time would be less than 250 mS 5 hops x lt 50 mS Typical Redundant Ring with 5 hops between A amp B Example 2 Using Path Costs to Establish Primary amp Backup Connections The path cost can be used to distinguish the best connections to use You can assign a higher cost to pathways that are more expensive slower or less desirable in any way The managed switches will then add up the path costs to determine the best route back to the root switch See the example below Note In most networks you can simply leave the path cost at Auto and let the switches automatically determine the best paths 41 UE 15 13 switch user manual 1 indd 41 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Cc m Ca Supe Isory This is the Root Bridge Computer jer is either has the priority or lowest bridge ID This is a Designated Bridgewithroot 2 oenmmonin amama path c
41. a method to prioritize the network traffic based on the traffic type See also QoS ToS Traffic class Designated Bridge Each managed bridge is designated to the LANs for which it is connected to via its designated ports For the root bridge it is designated to all the LANs in the managed network Designated Port The port that sends the best configuration BPDU is assigned as designated This port is the one used to forward frames between the LAN for which it is connected to and the Root Bridge DHCP Dynamic Host Configuration Protocol This is a protocol used to assign IP addresses in a network The device that uses this protocol to gain access to the network obtains a dynamically changing IP address such that it could have a different IP address every time 75 UE 15 13 switch user manual 1 indd 75 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual DNS Domain Name Server This server translates domain names into IP addresses Duplex full or half Half duplex means that messages flow in only one direction at a time Full duplex means that messages flow in both directions at the same time The RJ45 ports of the switch automatically support auto sense both full and half duplex flow control The fiber optic port is software configurable for full or half duplex flow control Edge Port A port that is only linked to an end station and cannot create a loop in the network Forward Delay Time used in STP
42. addresses to MAC addresses RFC 1213 Tinis ULE fs tuilly supportecl Information used to keep track of the Bem 5 IF IP layer on the managed node RFC 2011 Ths MIB enuy u pporied This MIB is supported but keep in mind that this is a re a Se host oriented MIB so it mey RE 9 not be particularly helpful to the you This MIB is supported but Information to keep track of 1 3 6 12 1 7 keep in mind that this is a UDP application entities using User RFC 2013 host oriented MIB so it may Datagram Protocol not be particularly helpful to the you Performance statistics for Ether like 1 3 6 1 2 1 10 7 4 s Dot3 deveas RFC 2665 This MIB is fully supported Statistical information about the SNMP protocol entity and tracks the onez gt gumin amount of management traffic that a RFC 1213 Tinis MIB is ullly supporte device responds to Group 1 Ethernet statistics 1 3 6 1 2 1 16 Group 2 Ethernet history 8 RMON Remote Monitoring 2 ODE AIEJ samples each at 30 second RFC 1757 x and 30 minute intervals for each port dot1dStpPortTable Spanning Tree protocol info NSB 1 2 Ale 117 dot1dTpFdbTable be eis SES RE RFC 1493 Learned MAC addresses UE 15 13 switch user manual 1 indd 73 and port associations dot1dTpPortTable Port info similar to RMON 73 4 2 13 12 45 AM For the latest ULTRA MIB text file please go to www ultra nspi com UE 15 13 switch user manual 1 indd 74 4 2 13 12 45 AM EOTec G408M Managed Ethernet Swi
43. ain A single message circulating forever around a loop at high speed is clearly not a good thing so no loops are allowed The limitations of having only one path are even simpler to see If the one and only path fails for any reason such as a broken cable or power failure at one of the switches there are no paths left and no network traffic can get through We need a way to add alternate paths without creating loops Thus the use of Rapid Spanning Tree Protocol a loop prevention protocol is used such that switches can communicate with each other to discover and prevent loops In this diagram the root ports are those connected directly to the root bridge because they have the lowest port cost only one hop The paths that must go through another bridge switch have a higher port cost two hops and are designated as backup ports The ports connected directly to end stations are assigned as edge ports so that RSTP doesn t waste time considering them 31 UE 15 13 switch user manual 1 indd 31 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual The Rapid Spanning Tree Protocol provides a standardized means for intelligent switches also called bridges to enable or disable network paths so there are no loops but there is an alternative path if it is possible Why is it called Rapid Spanning Tree Protocol Rapid it is faster than the previous and completely compatible version called Spanning Tree Proto
44. al Using the Graphical Web Interface The graphical interface is provided via a web server in the switch and can be accessed via a web browser such as Opera Mozilla or Internet Explorer Important Note JavaScript must be supported and enabled in your browser for the graphical interface to work correctly HTTP and HTTPS secure HTTP are supported for access to the web server By default both protocols are enabled Either or both may be disabled to secure the switch See the Remote Access Security topic in this section To access the graphical interface enter a URL like http 10 2 0 1 in your browser s address bar Replace http with https to use secure http and replace 10 2 0 1 with your switch s IP address if you ve changed it from the factory default The web server in the switch uses a signed security certificate When you access the server via https you may see a warning dialog indicating that the certificate was signed by an unknown authority This is expected and to avoid this message in the future you can choose to install the certificate on your computer Note This manual describes and depicts the web user interface in detail The terminal interface is not specifically shown but is basically the same Configuring the Switch for Network Access To control and monitor the switch via the network it must be configured with basic network settings including an IP address and subnet mask Refer to the quick star
45. also be updated using the Managed Switch Firmware Loader utility This operation will completely restore the switch firmware and factory defaults This type of firmware update is recommended if you are jumping many version releases such as v2 9 to v3 7 or you need to completely recover the switch Steps for using the utility to load firmware 1 Download and install the managed switch firmware loader utility The default and recommended path is c program files switch tools 2 Download the Firmware Bundle to a folder on your computer The default and recommended path is c program files switch tools firmware 3 Make an Ethernet connection to the switch and make sure you can communicate to it such as ping it If the switch is unresponsive for any reason then you will need to also make a serial or USB connection to the switch Refer to the hardware manual for serial port wiring details Important Note If you are running RSTP disconnect any redundant Ethernet links to the switch During the update make sure to re enable RSTP before reconnecting your redundant links Important Note Set one of the ports to 10 100 and use that port Gigabit ports may not be used for this operation 4 Run the Managed Switch Firmware Loader utility 5 Click Next for the firmware selection window Then Browse and select the new firmware image that you downloaded from the web 6 Click Next to pick Ethernet Only or Ethernet with Serial plus the appropriate
46. and backup links to establish communications If that is not possible the network is split into two networks each with its own root When a working path becomes available the two networks will merge to create a single network with one root Recovery Time and Hops The typical RSTP recovery time time to start forwarding messages on the backup port on a link loss failure is lt 50 mS per hop firmware version 3 1 or higher A hop is defined as a link between two switches A link to an end station is not considered a hop The Max Age setting controls how long RSTP messages may circulate in the network Since the largest value allowed for Max Age is 40 the largest RSTP network hop diameter is also 40 Note Managed switch firmware v2 5 or lower implements the 2001 version of RSTP STP Switch firmware v2 6 or higher implements the 2004 version of RSTP STP IEEE 802 1D 2004 These versions are compatible but all switches should be running the newer firmware in order to achieve the hop count of 40 See the RSTP Examples topic in this section for a more detailed explanation about hops and recovery time Convergence Time and RSTP The time it takes for all of the switches to have a stable configuration and send network traffic is called the convergence time STP was developed when it was acceptable to have a convergence time of maybe a minute or more but that is not the 33 UE 15 13 switch user manual 1 indd 33 4 2 13 12 45 AM EOTec G4
47. ansmission to see if the collision detection circuitry is working For whatever reason that the network device does not detect the SQE transmission the SQE test error counter is incremented Deferred Transmissions A transmission is Deferred when the device is trying to access the network but another device is already transmitting by detecting a carrier signal not a collision on the network Late Collisions When an Ethernet Device starts transmitting a frame on the network medium it believes that it can transmit because it didn t detect a collision If for some reason the Ethernet device is transmitting but after a given time period during the frame transfer it realizes that it really wasn t clear to transmit because it detected a collision that is called a late collision For a 1OBASE T network a collision is detected by the device that is transmitting that frame after 51 2 microseconds into a frame transfer is considered a late collision For a 1OOBASE T network a collision is detected by the device that is transmitting that frame after 5 12 microseconds into a frame transfer is considered a late collision Causes Late collisions usually come from a problem on the network such as improper configuration compliance issues between network devices incorrect cabling and faulty Network Interface Cards Excessive Collisions When an Ethernet Device attempts to transmit a frame but detects a collision it attempts to retry to send the
48. be forwarded 58 UE 15 13 switch user manual 1 indd 58 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 59 EOTec G408M Managed Ethernet Switch Software User Manual Secure All routing is done by VLAN ID however if the source port of a frame is not a member of the target VLAN then the frame is dropped For example if a tag based VLAN for ID 1024 was configured to include ports 1 5 and a frame with VLAN ID 1024 in its tag arrived at port 6 the frame would not be forwarded VLAN Core Type Specify the Ethertype for double tagged Q in Q frames exiting ports of type Core The value may be specified in hexadecimal with a Ox prefix VLAN Learning Beginning with firmware version 4 3 you can choose between Shared and Independent MAC address learning For implementations where the same MAC address exists on multiple ports Independent learning is needed The default setting is Shared which is acceptable for most installations Adding editing or deleting a VLAN The switch can handle up to 63 configurable VLANs and in this menu each option starting at option 2 can handle up to 8 VLAN configurations For example there are 16 VLANs defined in the switch The VLAN settings menu should therefore show a total of 3 options available The first option is for VLAN mode selection this option is always there The second option allows you to edit VLANs 1 8 and the third option will allow you to edit VLANs 9 16 Since there are a
49. ble a port by selecting Enabled or Disabled respectively Negotiation All copper ports and gigabit fiber ports in the managed switch are capable of auto negotiation such that the fastest bandwidth is selected Choose to enable auto negotiation or use fixed settings 100Mbps Fiber ports are Fixed speed only 14 UE 15 13 switch user manual 1 indd 14 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Speed Duplex Flow Control The managed switch accepts three local area network Ethernet Standards The first standard 10BASE T runs 10Mbps with twisted pair Ethernet cable between network interfaces The second local area network standard is 100BASE T which runs at 100Mbps over the same twisted pair Ethernet cable 1OOOBASE T runs at 1000Mbps over twisted pair Ethernet cable and there is 100BASE F which enables fast Ethernet 100Mbps over fiber 1000BASE F enables 1000Mbps over fiber These options are available 10h 10 Mbps Half Duplex 10f 10 Mbps Full Duplex 100h 100 Mbps Half Duplex 100f 100 Mbps Full Duplex 1000f 1000 Mbps Full Duplex Flow control can also be enabled or disabled and is indicated by FC when enabled Devices use flow control to ensure that the receiving devices takes in all the data without error If the transmitting device sends at a faster rate than the receiving device than the receiving device will eventually have its buffer full No further information can b
50. cast streams 02 000 cece eee 53 IGMP Configuration Configure IGMP general and port settings 0 0c cece eee eee teens 53 IGMP Status oasa ck tepine View the IGMP querier and the IGMP groups being forwarded 2 55 IGMP Example A visual example showing the benefits of enabling IGMP 0 0 0 000 57 Section 10 000 eee eee Virtual Local Area Networks VLANS 00000 eee eee ee ee eee e cette eee enna 58 Introduction to VLANs Learn what Virtual LANs VLANs can do for you 0000 cece eee eee ees 58 VLAN Settings Create delete and modify VLANs 1 0 0 0c cece cece eee teen teens 58 VLAN Port Settings Define how each port will handle VLAN tags 0 000 cece eee eee eee eee 60 VLAN with RSTP Important information about enabling both VLANs and RSTP 2 0 0005 61 Section 11 casei is vec nowwnes vend Other Special Features 0c0c00000 cecee Hace esawia eed tain macaw ae teem te D 63 Network Time Protocol Use a time server to automatically sync your clock 0 0 cee eee 63 Set IP Per Port 545 Define a fixed IP address to be given out per port 000 00 ee eee eee eee 63 CL E badadaaietaae baa a Command Line Interface CLI 0 eee eee eee eee eas 64 Section 12 sgaicde veined vents Security Settings 22 0 4 4sccincgensteieeas tedden diaeals eee phen tee
51. changed from the Remote Access Security menu b The individual ports on the switch are configured to a set of defaults and auto selects that should get you started quickly with no necessary configuration Customizing the port settings by enabling disabling a port choosing the speed duplex or flow control is accessed from the Port Configuration menu c The Rapid Spanning Tree Protocol RSTP is disabled by default in the switch The RSTP settings can be changed from the from Redundancy Settings screens d Check the operational status of the switch by accessing the Monitoring menu 84 UE 15 13 switch user manual 1 indd 84 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Using Microsoft HyperTerminal Configure Microsoft Windows HyperTerminal for use with the switch as follows Create a new connection by choosing New Connection from the File menu In the Connection Description dialog give the connection a name such as Managed Switch and click OK In the Connect To dialog choose the correct COM port In the COM Properties dialog choose the following settings o 9600 bits per second Bps or Baud o 8 data bits no parity 1 stop bit o no flow control Click OK Open the Connection Properties dialog by choosing Properties from the File menu Click on Settings to raise the setting tab Select VT100 from the Emulation list Click Terminal Setup In Terminal Settings check Cursor keypad mode amp hit OK Cl
52. col STP Spanning it spans connects all of the stations amp switches of the network Tree its branches provide only one connection between two points The Root Bridge In a Spanning Tree network only one bridge managed switch is responsible for forwarding packets between two adjacent LAN segments to ensure that no loops exist in a LAN To ensure that only one bridge is responsible all other bridges on the network must cooperate with each other to form a logical spanning tree that defines the pathways that packets should take from bridge to bridge The logical spanning tree has exactly one bridge that is assigned the role of root All of the other bridges need to have exactly one active path to the root The job of the root bridge is to notify all bridges connected in the tree that there has been a topology change and restructuring of the tree is in progress due to a communications link failure somewhere in the network The root bridge is determined by the bridge priority assigned to it and the MAC address By default it is the bridge with the lowest MAC address that gets assigned the role as root but a specific bridge can be forced to be the root bridge by changing its bridge priority setting a lower number with respect to other bridges means higher priority Path Cost Every communication path between each bridge managed switch on the network has an associated cost This path cost may be determined by th
53. com port that is to be used to communicate with the switch 7 Click Next and enter your computer s IP address if it is not automatically detected Also enter the appropriate IP address and subnet mask for the switch For Ethernet Only you also need to enter your username and password 8 Click Next and then click Load Now If prompted to cycle power then turn the switches power off and then back on to start the firmware update process Make sure to check that all the update steps listed in the overall status window are successful If not try updating the firmware again You will then need to interface the switch through a terminal program and re configure your network settings or reload your saved checkpoint configuration 19 UE 15 13 switch user manual 1 indd 19 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 4 Monitoring the Current State of the Switch System Information The System Information page displays identifying information about the switch and current network settings industrii Ethernet System information Managot Switch a Qakivee tenate the Imesh OPINN cerns ine warn DONG EAEN ci oroe mates Model Managrd Sect Nyptem talremation Description Managed Sech Narna treet Managed Seth e A bn ave bao Syitem name Managed Jeth aatem nam J Breer Dae Switch location Seth Panyi 7 O Multicast Fitoriag ee e ame r Canfiguration Summary Contact Mer nAn aK oTwatTy Lom Hh rd ak
54. controls how long RSTP messages may circulate in the network Since the largest value allowed for Max Age is 40 the largest RSTP network hop diameter is also 40 See the RSTP Examples topic in this section for a more detailed explanation about hops 37 UE 15 13 switch user manual 1 indd 37 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Bridge Priority This along with the MAC address determines which managed switch is considered the root bridge For simple ring networks which are most common you can leave all the switches with the default bridge priority and they will automatically decide which should be the root based on the MAC address You only need to change this value in advanced topologies where you want to force a switch to be the root bridge Port Priority If a switch has redundant direct connections to the root bridge then the port priority determines which will be the primary and backup connections In most cases you should use the default setting which is the same for all ports and let the switch automatically determine which port to make active port with lowest port number and which to block Maximum age Hello Time and Forward Delay These parameters define various aspects of how the RSTP operates It is recommended that you leave these parameters at the default values for all the managed switches in your network Path Cost This parameter helps the switch decide which port offers t
55. des MAE Ine TENE CEerannnin IAA of me IN AE T ELAS Sariich toau te Port Status R Port Name Asmin Link Negutaten SpeeeOupiex Muhieas States port Emotes Oom Aus 0 2 Canfiguration Summary WR ot Enmen uo Ato 100 Li A vanced Upetations 3 pot 3 Enmig Dun Au Bi ons Enmen up Ama toit Omena 218 5 pon 5 Ensen Dan Ars 0 Higbee 15 9000 pon 6 Enamen Down ard 6 SGM ASIN eee CoS name up Aun te war 0 pono themed Oren ans 9 as Pan 9 POL Unser Doe Auto p Dakas rm Maap eed M LERENI LEET z O Sutas ts updated every 5 seconds 21 UE 15 13 switch user manual 1 indd 21 4 2 13 12 45 AM Network Statistics EOTec G408M Managed Ethernet Switch Software User Manual The Network Statistics displays network statistics for the selected port Choose between RMON and Ether like statistics The display will be updated every 5 seconds and the change since the last refresh will be displayed in the change column ELECTRONICS Nuclear Sensors amp Process Instrumentation weew Ultra NSPI com 1 800 880 9333 Managed Switch Menu t Monitoring System Information Port and Power Status Network Statistics Spanning Tree Status Self Healing Ring Status Multicast Filtering Status MAC lable Configuration Summary w Setup t9 Advanced Operations Redundancy Status See the RSTP section of this manual Multicast Filtering Status See the IGMP section of this manual 22 UE 15 13 switch user manual 1 indd 22 Moni
56. e Ring Name Port Port www Ultra NSPLcom 1 200 580 9333 t Managed Switch Menu 1 Monitoring Setup Main Settings Redundancy Settings Spanning Tree Settings Spanning Tree Port Settings Ring Master Automatic Master Self Healing Ring Settings t Tralfic Priority t Multicast Filtering IGMP t t Warning Only one switch may be selected as master Comme Changes Virtual LANs VLANs Security Settings i Advanced Operations 45 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Enable Enables the Self Healing Ring function Ring Name A mnemonic name for the ring can be entered This is used for display only Primary Port and Backup Port Select the primary and backup ring ports If this switch is selected as the master switch communications will be primarily through the Primary port the Backup port will be blocked If this is a slave switch both ports will be functional but only as ring ports NOTE When a port is configured as a ring port that port cannot be used for communication to or through the switch It can ONLY be connected to another Ring port on a managed switch or SHR switch Ring Master Selects either automatic or This is Master 46 UE 15 13 switch user manual 1 indd 46 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 8 Priority Queuing QoS CoS ToS DS Traffic Priority Without enabling specia
57. e speed of each segment because it costs more time to move data at a slower speed The path cost can be configured to encourage or discourage the use of particular network For example you may not want to use a particular high speed link except when absolutely necessary because there is a charge money for data using that path while another path is free no monetary cost The root path cost is the cumulative cost of all the network paths from the root bridge to a particular port on the network A Spanning Tree network always uses the lowest cost path available between a port and the root bridge When the available network connections change it reconfigures itself as necessary See the RSTP Examples topic in this section for an example of how the path cost can be utilized to establish the primary and backup connections Initial Startup of a Spanning Tree Network For the bridges to cooperate with each other to prevent loops in a LAN upon startup of each bridge configuration messages are sent to other bridges These messages are called Bridge Protocol Data Units BPDUs which contain information about ports addresses priorities and costs so data can flow through an optimal loop free network topology Depending on the choice of protocol these messages are either sent out periodically to other bridges designated by a time period called the hello time or are sent when a BPDU is received on a port Any other network traffic received by the sw
58. e taken when the buffer is full so a flow control signal is sent to the transmitting device to temporarily stop the flow of incoming data Note Flow control is discouraged in a TCP network as enabling flow control will unnecessarily congest the network Port Mirroring See section 5 on SNMP and Remote Monitoring SNMP Traps Notifications See section 5 on SNMP and Remote Monitoring Set IP Per Port See section 10 on other special features 15 UE 15 13 switch user manual 1 indd 15 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 3 Configuration Management and Firmware Updates Advanced Operations Use the Advanced Operations Menu for saving and restoring configurations reloading factory defaults resetting the switch updating the firmware and setting up remote access Note The web interface supports direct transfers to and from the system where your browser is running Alternatively you can use TFTP Trivial File Transfer Protocol for file transfers Access to the Advanced Operations menu is available by selecting the option in the Main menu Saving and Retrieving Files The Configuration Management and Update Firmware features allow you to Browse to save and retrieve files directly from your local system This is the easiest and recommended method Alternatively you can use a TFTP Trivial File Transfer Protocol server to centralize the storage of your configuration and firmware files
59. ec E EA E y OY Search oye revorites Tar Address MEMI x Je ue A log in window will open prompting you for a login name and password Enter admin for the login and admin for the password ETLER fo 10 7 0 1 Read the Software License Agreement and Click the I accept the License button Navigate through the configuration screens using the tree on the left hand side Selecting Quick Setup brings up the System Settings menu This menu is used to configure the IP address DHCP or static subnet mask redundancy protocol system name contact and location information See the image below mainaa Ferret System Settings Quick Sctup ee Salus Mantu MBE ADE Parameters AS MICH EANA rA BAe NER the trh N manny eA then are tet aar Me comming tat are nec AAAry crisaamnaseg tv erwark Sectings Ehad Opeioden N 8 wepe sets are namra Pemiwe rey 399800 sddrers KEY MAC abh tae 6008 AIP aoe Guemetmesn 5009 v dzat gatawsy are Shae baasen panen rani 7 One nse eted te eben en ee se baye Sinemet a i ake j a penae sa server server J nimesse amarant ion fe Redundarey mvtvcell Pian Svam tive Prowl Gyatem identificetian Set the desired IP address and subnet that are compatible with the network for which this switch will reside or you can enable DHCP Select Commit to activate your new settings Restore your PC back to its normal network settings IP and subnet and reco
60. entially infringe any intellectual property right including a patent right of any third party said item or items including but not limited to application specific software configuration files data or document files application programs web pages GPL General Public License software third party applications software and the like Licensee agrees that the Licensor does not supply and is not responsible or liable to Licensee under this agreement for any infringement or potential infringement that may result from the addition of application specific software configuration files data or documentation files application programs web pages or the like that are added to the Licensor s products by or on the behalf of the Licensee This limitation of liability includes any or all GPL General Public License and third party applications software that may be loaded into any product as an accommodation to the Licensee 9 Termination This Agreement is effective until terminated This License will terminate immediately without notice by the Licensor if Licensee fails to comply with any provision of this License or any other Agreement that exists between the parties Upon termination of this Agreement any and all use sale or distribution of the software by Licensee must cease immediately and the Licensee must destroy all copies of this software and all associated documentation If the licensed software is purchased through an intermediary the Licenso
61. erface etc will no longer be available Default Gateway Selection A Gateway Address is chosen to be the address of a router that connects two different networks This can be an IP address or a Fully Qualified Domain Name FQDN such as domainname org NTP Server The IP address or domain name of an NTP Network Time Protocol server from which the switch may retrieve the current time at startup Please note that using a domain name requires that at least one domain name server be configured See section 10 for more details Remote Access Security See section 11 on Security Settings Configuring the Ethernet Ports The switch comes with default port settings that should allow you to connect to the Ethernet Ports with out any necessary configuration Should there be a need to change the name of the ports negotiation settings or flow control settings you can do this in the Port Configuration menu Access this menu by selecting Setup from the Main Menu and then selecting Main Settings tnduweial Fitersat Port Settings Suihiete ise eer pecty hie each pert wee OPET NAS coer aware oe nee itaas Port Name Each port in the managed switch can be identified with a custom name Specify a name for each port here Admin Ports can be enabled or disabled in the managed switch For ports that are disabled they are virtually non existent not visible in terms of switch operation or spanning tree algorithm Choose to enable or disa
62. ernet Switch Software User Manual tatesutet Chernet SNMP Notifications Menager Sewite by Cie DALO tees SAA PERRIER REFINE ABAD OF AEDES OR ENAA My UNG SIMD EREA In Fen wher AF TAn apeciied events occu oMentonion 1 Seup Notifications to seni i Mam Semegs Wi Autrentration E Topology change i SMI Ratificotons Sat IP per Port Unk upuuwN nt pade Seringe O 1 203840s068708e09 5 Maiticeat I Cob Virtaal LANS pa Trap managers te notify Mat Maantien gt 2 p la rre 192 0 34 no 1920 49 eee Pumm a4 Sant Community sing pii siapio syi ITE Upper me verven nm Conr wees dient i Lamai Shek bain a aah Genera Caangos Contact Set rene fered eet of contact Ao vette Monitoring Menu The Monitoring menu which is accessed right off of the Main Menu provides five status options that may be used to monitor the performance of your switch in real time System Information shows the network settings and system identity Port and Power Status shows the current status of each port and the power inputs Network Statistics shows RMON or Ether like statistics for one port at a time and may be switched from port to port as needed Redundancy Status shows the status related to the spanning tree protocol See Section 6 for more details SHR Status shows current status of all configured rings Network Statistics The Network Statistics page shows a subset of the performance data from SNMP and RMON Select RMON Remote Monitoring statis
63. erver elsewhere on the network Simply specify the IP address of the remote TFTP server and the filename of the update If necessary the switch will automatically reboot after installing the new firmware files After the reboot you may see an Internal Server Error message Simply click refresh on your browser to reestablish communications with the switch Refer to Appendix E for information on setting up a TFTP server Aedusteial Ethernet Update Firmware bhanaged Swich Quitiees tutae nu Ata nn a trma fee Ihe te mary BE UPEAA MON your DEM 9ystes er iransiened fom a TET server Refer tu the weer manua tor heip quey setting up a TFTP a cd Ti Setup Atvanced Operations WIAA A trmeare update Sam your meal system Restore Factory Bates Raset Swich CHF eerewrerwngcdote 791 000 331 001 bys Ties Updane Firmware ao Morega Heh Farhad nia HA m Pemewe rer 389000 stad p Tripware wodate from a TFTP server MAC eamenn O E eI tee TETP server rara Ll r m 10308 enone Remote en no Loome peente t Cwta iman ah mireg lime Lipas tam TFTP LNAP nemet i ier Lise 18 UE 15 13 switch user manual 1 indd 18 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual This method of updating the firmware will retain all your settings However it is still recommended that you save a checkpoint configuration as a backup Updating Firmware using the Firmware Loader Utility The switch s firmware can
64. es take that long to boot up Symptom Switch seems to be resetting itself Answer Check the input voltage to ensure you have at least the minimum required voltage 10V Symptom Can t communicate successfully over fiber Answer Check the duplex settings and also make sure the connected device is operating at 100BASE FX 70 UE 15 13 switch user manual 1 indd 70 4 2 13 12 45 AM Appendix B Default Software Configuration Settings About Default Settings The settings below are the factory defaults when the switch comes out of the box Use this page as a reference for tailoring the switch to your needs Management Port DHCP disabled IP Address 10 2 0 1 Subnet Mask 255 2 Default Gateway n NTP Disabled Timezone GMT 55 0 0 one Port Configuration for Ports 1 9 Port s Ea E E NE a E S a E E E NS Port Mirroring Mirroring Disabled Name Port_1 Port_2 Port_3 Port_4 Port_5 Port_6 Port_7 Port_8 Port_9 RSTP STP Configuration Redundancy Protocol none spanning tree protocol is disabled Bridge Priority 32768 Max Age 20 Hello Time 2 Forward Delay 15 Transmission Limit UE 15 13 switch user manual 1 indd 71 6 Admin Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled EOTec G408M Managed Ethernet Switch Software User Manual Mode Auto Auto Auto Auto Auto Auto Auto Auto Auto Speed amp Duplex 10h 10f 100h 100f 10h 10f 100h 100f 1
65. estore all tactory defauts and reset sikh tr Setap Restore factory defeats arep neowork sang and newt atch o Configuration Manegernent Restore Driu See a list of the factory default settings in the Default Software Configuration Settings section in Appendix B of this manual 17 UE 15 13 switch user manual 1 indd 17 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Reset Switch This feature will cause the switch to perform a soft restart software reset A software reset may take 30 seconds or more depending on what features are enabled in the switch beeduretei ol Ethernet Reset Confirmation Heip Serie epee Do you raay ward fe reset the saich ssi Veo recet tho sveach 1 lAdvenced Operstions fan Swaen Coet Arroyo Update Firmware using the Web Interface Firmware updates are released periodically to add features and fix problems The recommended and easiest way to update firmware is from the web interface It allows you to Browse and select the firmware update package from your local computer or a computer on your local network Then just click the Update from File button to load and install the latest firmware files This method of updating the firmware will retain all your settings However it is still recommended that you save a checkpoint configuration as a backup Update Firmware using a TFTP Server Another option for updating firmware is via a TFTP s
66. f a message is 5 microseconds 100 Mbps or faster MAC Address Each Ethernet device inserts its unique MAC address into each message it sends out The port on the switch used for a given MAC address is automatically learned when a frame is received from that address Once an address is learned the switch will route messages to only the appropriate port instead of broadcasting messages out all ports like a hub A time stamp is also placed in memory when a new address is learned This time stamp is used with the aging feature which will remove unused MAC addresses from the table after 300 seconds If a device moves the associated port on the switch will be changed migrated as needed Up to 2 048 MAC addresses can be stored and monitored at any time Managed Switch A device that forwards packets between LANs This device also has to capability to support loop configurations using Spanning Tree Protocol Loop configurations are used to prevent a single point of hardware failure in a network Management Information about the network is also obtained through the switch by querying the MIB Multicast A means of sending messages to multiple hosts without broadcasting the data to all hosts or sending it individually to each interested host IGMP may be used to optimize routing of multicast messages so only network segments with interested hosts need carry multicast traffic Max Message Age Length of time the STP Algorithm waits before reconfi
67. f the Switch 0200 e eee eee eee 20 Display identifying information about the switch 2 02000 cece eee ees 20 Display information about the port and power status 0000 cece eee eens 21 Display the status of the power inputs and OK output 0 00 00 eee eee 21 Display various counters and indicators maintained by the switch 22 Display the status of the STP or RSTP redundancy if enabled 0 5 22 Display the status if the IGMP multicast filtering if enabled 0 5 22 This page provides an overview of how the switch is configured 23 Display the current MAC address table of the switch 0000c eee eee eee es 24 Network Management amp Remote Monitoring SNMP and RMON 5 25 Using Simple Network Management Protocol and more 00e cece eee eee 25 Configure the switch to enable unsolicited SNMP responses 2 0 0020e ees 26 Specify where the unsolicited SNMP responses should gO 0 020eeeeeeees 26 View performance data from SNMP RMON and Dot3 00 0 cece eee eens 27 Monitor network traffic from to specific ports 2 2 02 cee es 30 Rapid of Spanning Tree Protocol RSTP 2 00 cece eee eee eee ee eee 31 An introduction of Rapid Spanning Tree Protocol RSTP 2 00000ece eee eeees 31 Configure general
68. ffic from ports 6 8 could go to ports 5 8 and traffic from port 5 could go to all ports A tag based VLAN limits traffic based on the VLAN ID in a tag associated with the frame VLAN tags may be explicitly placed in frames by applications or switching equipment or implicitly assigned to frames based on the switch port where they arrive VLAN IDs are 12 bits long providing 4096 possible IDs but several values are reserved Indicates that the tag is not being used for VLAN routing but only to carry priority information See QoS CoS topic in Section 7 of this manual Used for switch configuration and management Not allowed by the 802 1Q standard VLAN Settings The VLAN Settings Menu can be accessed by selecting Setup from the Main Menu and then selecting Virtual LANs VLANs This menu is used to set the VLAN mode of operation and also creating editing and removing VLAN definitions Choosing VLAN Mode of Operation There are several VLAN modes which will provide varying levels of flexibility and security To choose the VLAN mode of operation select option 1 labeled VLAN Mode You will be asked to choose one of four VLAN modes Disabled No VLAN processing is done VLAN IDs and port based VLANs are ignored Port Based Only port based VLANs are used to route frames VLAN IDs are ignored Standard Port based VLANs are ignored all routing is done by VLAN ID The source port of a frame need not be part of a VLAN for the frame to
69. ged switch detects the loop by seeing its own configuration messages and based on STP parameters chooses one port to be in the forwarding state and the other port to be in the blocking state No loop is formed and device A can talk to device B Somewhere in the plant a construction vehicle accidentally cuts the connection between unmanaged switch 1 and unmanaged switch 2 The managed switch in the network notices typically around 6 seconds when connected to an unmanaged switch that the port in blocking mode is not receiving configuration messages and transitions through the listening learning and forwarding states Figure 2 arma Port is forwarding _ are a q Meaga LE E b w R port is forwarding Figure 2 43 UE 15 13 switch user manual 1 indd 43 4 2 13 12 45 AM 44 UE 15 13 switch user manual 1 indd 44 EOTec G408M Managed Ethernet Switch Software User Manual This would seem to have solved the problem as both ports in the managed switch are in forwarding mode but it is not the case Due to the fact that the other three switches are unmanaged they do not have the intelligence to know that there has been a change in the network topology Switch 1 still points to switch 2 when device A is trying to talk to device B for which it cannot due to the broken Ethernet link The bottleneck has been discovered as we have to wait until the MAC table in switch 1 ages out its entries of device A and
70. groups These groups will be elaborated in detail in the Management and SNMP information section of this document The switch implements Internet Group Management Protocol IGMP to optimize the flow of multicast traffic on your network The switch supports both port based and tag based Virtual LANs for flexible integration with VLAN aware networks with support for VLAN unaware devices Additional technical documentation is available in the appendices of this manual These appendices provide important terminology definitions an administrative menu map example of an RSTP network topology and factory default information extracted from the switch Administrative Interface Access There are several administrative interfaces to the switch 1 A graphical web interface accessible via the switch s built in web server Both http and secure https with SSL are supported Note This is the recommended method for managing the switch A terminal interface via the RS232 USB port or over the network using telnet or Secure Shell SSH SNMP interface can be used to read write many settings 4 CLI Command Line Interface can be used to read write most settings See the separate CLI User Manual for details Initial setup must be done using an Ethernet connection recommended or the serial port See Section 1 for quick start guides 12 UE 15 13 switch user manual 1 indd 12 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manu
71. gs Access to the switch s traffic priority menus can be done by selecting Setup from the Main Menu and then Traffic Priority tabsshiial Lihesmet QoS CoS Settings ETY Setene namne ent Getertnte OPONY Of ONI BERAYA WN POOE GN creme PECETE usng Quatty of Service Cims of Servee and Type of Service seangs 1e D Send si Ng pionty frames betore ary others 11S e0up Allow fovea poonty hanes throug a few af a lire Cmon 28 name lane a man ot meee enn Laage nests iunews LLEIS Aare For each port the following settings may be configured Use 802 1p Tag Priority This setting controls whether the switch will honor IEEE tags if present in frames When enabled tagged data will be routed to an outbound priority queue based on the configure tag mapping See below Disable this setting to ignore IEEE tags on all in coming frames Use IP ToS DiffServ This setting controls whether the switch will honor priority fields in the IP header When enabled and not overridden by an IEEE tag data will be routed to an outbound priority queue based on IPv4 Type of Service or IPv6 Traffic Class The priority queue will be the IP priority field value divided by 64 Disable this setting to ignore IP priority fields Priority Precedence This setting controls which priority mark IEEE tag or IP header takes precedence if both are present and enabled It has no effect if either Use Tags or Use IP is disabled Default Priority Thi
72. guration is necessary MIB Management Information Base This is a database of objects that is used by some form of network management system like the managed switch SNMP and RMON are popular tools to obtain the information from the MIB Mirroring This diagnostic capability allows messages from one or more source ports to be copied to one or more target monitor ports Then a port analyzer or sniffer program can be used to monitor the traffic without affecting the operation of the switch Notification See Trap Path Cost For each pathway a packet of information must pass there is an associated cost A number is used to indicate the cost from a source port to a destination port The lowest number least cost among a set of paths from a specific source and destination will be chosen as the optimal path of choice Point to Point MAC This indicator is used to optimize the convergence time in the STP algorithm 77 UE 15 13 switch user manual 1 indd 77 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Port Priority A numeric value placed upon a port to indicate its hierarchical standing to become a designated port Qos Quality of Service Generic description of network service parameters such as latency frame loss user priority etc See also CoS ToS RMON Remote Monitoring This network management protocol allows access to a richer MIB to provide more extensive and detailed informa
73. happens when packets have a bad Frame Check Sequence Single Collision Frames This happens when an Ethernet device tries to send a frame but discovers that there is at least one other device on the network trying to send at the same time collision detected When a collision is detected the network devices prepare to access the network medium again but only after waiting for a random amount of time Collisions are common in an Ethernet network and collision detection allows the devices on an Ethernet network to work When the Ethernet device tries to transmit that same frame again and is successful it is called a single collision Important Collisions don t provide for a very useful statistic as to the current performance of the network since this is the principle behind how devices on the network communicate Multiple Collision Frames Multiple collisions happen when the Ethernet device tries to transmit a frame through the network medium but detects a collision The Ethernet device tries again to transmit the same frame through the network but again encounters another collision The error count is incremented each time a particular frame fails after the first attempt of transmission Important Collisions don t provide for a very useful statistic as to the current performance of the network since this is the principle behind how devices on the network communicate SQE Test Errors A network device checks for the Signal Quality Error Tr
74. he best path to the root bridge It is recommended that you leave each port at its default value Point to point MAC This parameter tells the switch that a port has a direct one one one connection to another switch which allows it to start forwarding traffic immediately It is recommended that you leave it at the default setting of Auto which will let the switch automatically make the determination Port Type If you don t know whether a port is directly connected to an end device or not then set it at auto In the auto setting the switch will treat the port like an Edge until a BPDU is received 38 UE 15 13 switch user manual 1 indd 38 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Redundancy Status The Redundancy Status page accessed through the Monitoring Menu from the Main Menu provides a snapshot of the switch and its role in the managed network At the top of the page the protocol in use is displayed along with the MAC address of the current root of the spanning tree The topology change counter will track the number of changes to the network layout Also the current redundancy status of each port on the switch is displayed Redundancy Status ELECTRONICS Hete Monitor the stalus of Rapid Spanning Tree Protocol or Spanning Tree Protocol if enabled Nuclear Senses amp Process Instrumentation Redundancy protocol RSTP wvew Ultra NSPI com Designated root 32 768 00 20 10 28 a3 8a this switch
75. his field is sometimes referred to as the Type of Service ToS field or the Differentiated Services DS or DiffServ field Applications may add IEEE 802 1p tags which contain a priority field that may be set from 0 to 7 Each value has a traffic type associated with it For example a tag of 5 is prescribed for video data The switch provides four priority queues for expediting outbound data The 256 IP priorities and the 7 IEEE priorities are mapped into these ports in a way that optimizes throughput of high priority data Scheduling When choosing how to handle lower priority data the switch can use strict or fair scheduling This choice affects all queues on all ports With strict scheduling all data in the highest priority queue will be sent before any lower priority data then all data from the second highest priority and so on This assures that high priority data always gets through as quickly as possible With fair scheduling a round robin algorithm is used weighted so that more high priority than low priority data gets through Specifically the switch will send eight frames from the urgent queue then four from the expedited queue two from the normal queue and one from the background queue then start over with the urgent queue This assures that the lower priority queues will not be starved 47 UE 15 13 switch user manual 1 indd 47 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual QoS CoS Settin
76. hop In this configuration switches are set up in a ring topology only making network reconfiguration easier and faster for our proprietary algorithm to handle without all the overhead RSTP must do to reconfigure the network When a media break occurs Ultra s proprietary algorithm assures very fast recovery times Under normal ring operation a master switch is automatically selected to be the keeper of a backup link This link is not used in normal operation and the switches operate as in a daisy chain topology When a break is detected the master turns on the backup link and network traffic is rerouted accordingly For more flexibility a switch can be a member of up to four rings and master selection can be automatic or user selectable By default the switch with the lowest MAC address is selected to be the master The SHR is also compatible with Ultra Electronics 2104 series Ring Switch The 2104 series is a lightly managed DIN rail mountable 10 100Mbps switch with two RJ45 ports two fiber ports and an expansion port making a very expandable system when combined with the G408M The 2104 series is configured through a Switchtool application Setup for the G408M is done through the Redundancy Self Healing Ring Settings menu Self Healing Ring Settings Help Configure the fing parameters to aptimee your network redundancy and maximize reliabitty Nuclear Sensors amp Primary Backup Process I entati rocess Instrumentation Enabl
77. ick OK to close the Connection Properties dialog Once the terminal screen comes up the switch prompts for a login name It may be necessary to press Enter once or twice to see the login prompt The default login user and password are both admin After the login and password prompts select VT100 by pressing 4 and then Enter The main administrative menu will now appear and the managed switch is now ready for full configuration 85 UE 15 13 switch user manual 1 indd 85 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 86 EOTec G408M Managed Ethernet Switch Software User Manual Appendix H Service Information Service Information We sincerely hope that you never experience a problem with any Ultra Electronics NSPI product If you do need service call NSPI at 512 434 2850 and ask for Applications Engineering A trained specialist will help you to quickly determine the source of the problem Many problems are easily resolved with a single phone call If it is necessary to return a unit to us an RMA Return Material Authorization number will be given to you NSPI tracks the flow of returned material with our RMA system to ensure speedy service You must include this RMA number on the outside of the box so that your return can be processed immediately The applications engineer you are speaking with will fill out an RMA request for you If the unit has a serial number we will not need detailed financial information Otherwise
78. ion of the protocol If STP is selected only the original STP format messages will be generated Selecting STP reduces the chances of network packets being duplicated or delivered out of order but at the expense of much longer reconfiguration time Important Note Should you intend to use RSTP and VLANs at the same time please read the VLANs and RSTP topic in Section 9 of this manual for important information concerning the setup of your network Otherwise communication failures may occur Bridge Priority Bridge priority is important since it is used to determine the root bridge The priority ranges from 0 to 61440 default 32768 and must be a multiple of 4096 Lower numbers indicate a better priority the switch with the lowest priority number will be selected as the root bridge There are two ways to select a root bridge switch The first is by default leaving all the bridge priority settings the same at the default of 32768 The second way is to customize priority settings of each bridge When leaving the bridge priority setting at the default on all of the switches the switches select the managed switch with the lowest MAC address This may be adequate for networks with light or evenly distributed traffic Customizing the bridge priority settings allows the network to select a root bridge that gives the best network performance The goal is generally to have the network traffic pass through the network as directly as possible so the
79. ists of open triangles and circles while tagged data in the network consists of filled triangles and circles This achieves the QoS needed for the control application Control Data Tagged Camera Data Tagged Control Data 52 UE 15 13 switch user manual 1 indd 52 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 53 EOTec G408M Managed Ethernet Switch Software User Manual Section 9 Multicast Filtering IGMP About IGMP IGMP Internet Group Management Protocol allows hosts and routers to work together to optimize forwarding of multicast traffic on a network Without IGMP all multicast packets must be forwarded to all network segments With IGMP multicast traffic is only forwarded to network segments which connect interested hosts IGMPv1 provides a basic mechanism for hosts and routers to communicate about multicast groups Routers send Query messages and hosts respond with group membership Report messages IGMPv2 adds a maximum response time to the Query and adds a Leave message to the protocol IGMPv1 and IGMPv2 should not coexist on the same network Also IGMPv2 routers are expected to perform IGMPv1 on segments where IGMPv1 hosts are found An IGMP snooping switch performs many of the functions of an IGMP router In passive mode such a switch processes IGMP protocol messages sent by hosts and routers to configure efficient forwarding of multicast traffic In active mode a switch will also send its own queries t
80. itch is discarded since initially it is unknown which ports to use to avoid loops Establish the Root Bridge During the start up of a Spanning Tree Network all bridges managed switches are transmitting configuration messages BPDUs claiming to be the root If a switch receives a BPDU that is better than the one it is sending it will immediately stop claiming itself as the root and send the better root information instead Assuming the working network segments actually connect all of the switches after a certain period of time there will be only one switch that is sending its own root information and this bridge is the root All other switches transmit the root bridge s information 32 UE 15 13 switch user manual 1 indd 32 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual at the rate of the root bridge s hello time or when the root bridge s BPDU is received on one of their ports The only factor for determining which switch is the root has the best root information is the bridge priority and its tie breaker the switch MAC address If a switch has more than one path to get messages from the root other information in the configuration message determines which path is the best Assign the Active and Backup Links Once the root bridge is determined all other switches see the root bridge s information and information about path or paths to the root If more than one port provides a path
81. itch user manual 1 indd 56 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 57 EOTec G408M Managed Ethernet Switch Software User Manual IGMP Example The benefits of enabling IGMP Take an already established control network that has an Ethernet device sending multicast data to several other Ethernet devices Between the source of the multicast data and the destination Ethernet devices that are interested in the multicast data multicast packets might pass through a number of switches or routers To make this control network more efficient the switches or routers should know how to handle the flow of multicast data by means of IGMP Internet Group Management Protocol Switches or routers that are not capable of supporting IGMP will not know what to do with the multicast data and forward multicast data out all ports This will slow down the network Take a look at the diagram below where the IGMP server is the source of the multicast data and the IGMP hosts are the devices interested in receiving multicast data On the network are two switches where one has IGMP enabled and the other has IGMP disabled We can clearly see that the switch with IGMP enabled only forwards multicast data to the interested host Ethernet Station 2 The switch with IGMP disabled will not know where to send the multicast data thus Ethernet Stations 4 and 6 unnecessarily receive multicast data even though only Station 5 is the interested host Ethernet Statio
82. kets of 65 to 127 bytes received 128 255 octet Packets of packets of 128 to 255 bytes received 256 511 octet Packets of packets of 256 to 511 bytes received 512 1023 octet Packets of packets of 512 to 1023 bytes received 1024 1518 octet Packets of packets of 1024 1518 bytes received Port Mirroring The mirroring option is ideal for performing diagnostics by allowing traffic that is being sent to and received from one or more source ports to be replicated out a monitoring target port The Port Mirroring menu is accessed by selecting Setup from the Main menu and then selecting Main Settings beduetr ial Ethernet Port Btanagod Switch Mirroring ib tiap ratai Hous a e Patam advanced Qagnodks Uy UENIG PAT MATONING to Copy meriayes from ore OF more M gt 7 pe o 1 1 Maneged Switch Moru ource DOM th a montor p rt connected to 3 network anairt softwere a Montor port lt Main System Ramma Accom Leceety Port Name Cata te Monitor Les 1 tt Noe e Part Mir F id m a Set il pee Peet pot m ee rte pns ime ta teame Pay nt 4 ood New Eal Virtual Ae amp pos ta pote Mowe imuneee nb roe 8 100 7 pon Nom MAL mibeoa D fo TP thew ee ene no Manag betel ae a pote Noe M nep e ee vied yaa 3 pots toe e Leet tarbima x Comat Changes Uom napet te Qetewes harge When enabling the port mirroring feature choose the source ports to be mirrored monitored and the sink port to
83. l handling a network provides a best effort service to all applications This means that there are no assurances regarding the Quality of Service QoS for any particular application because all packets are treated equally at each switch or router However certain applications require deterministic response from the network to assure proper operation Consider a drilling machine in a plant that is controlled by a computer elsewhere on a local network The depth of the machine s drill is critical such that if the hole is drilled is too deep the material will have to be thrown out Under nominal conditions the drill process is running smoothly controller and computer are communicating efficiently over the network but when another user on the network decides to access records from an online database the large volume of traffic can interfere with timely communication with the drill A delay in communications between the drill and controller causes the drill to go too far and the material has to be thrown away To prevent this from happening we need to provide a certain QoS for all drill controller communications so delay is avoided Numerous mechanisms exist to help assure reliable and timely network communication The managed switch supports two common means of prioritizing messages IP header and 802 1p user priorities The IP header is present in all frames and contains a priority field which defaults to 0 and may be set as high as 255 T
84. les Process instrumentation www Ultra NSPI com 1990 980 9333 Port Name Enabled part_t Managed Switch Menu 2 pat C Monhoring 1 sort Setup J por Main Seninags pata C Redundancy Settings H Tratiie Priority 5 porns Multicast Filtering IGMP Vi L Ans 6 prs O 7 pot a ports O Advanced Operations Port Security MAC Entries To add a new MAC address to a port first enter the address The address must be in a 00 11 22 33 44 55 format Next select the port the address will be assigned to Then press the ADD button The address and port assignment will now be in the table but will not be committed to the switch until the commit button is pressed To change an existing port assignment for a MAC address or to delete the MAC address use the port select drop down box next to the MAC address This allows you to change the port or to select delete The changes will not be committed to the switch until the commit button is pressed NOTE Once a MAC address is added to a port it can only communicate to the switch through its assigned port s Ex If MAC 00 a0 1d 38 a2 8a is added to port 1 and is connected to port 2 it will be unable to communicate with the switch Port Security f Hain ELECTRONICS pot t ADO Nactuas Sensors amp Entry Address Port Process Instrumentation www Ultra HSPLoom 1 200 880 9333 00 al 10794334 pont 001217 Mbt pont Managed Switch
85. lo time Forward Delay The forward delay is a time in seconds used by all switches in the network The forward delay can be set from a range of 4 to 30 seconds 15 seconds default This value is controlled by the root bridge and is used as a timeout value to allow ports to begin forwarding traffic after network topology changes If a port is not configured as an edge port and RSTP cannot negotiate the link status a port must wait twice the forward delay before forwarding network traffic In a properly configured network using RSTP not STP this setting has very little effect For STP networks setting the time too short may allow temporary loops when the network structure changes switches turn on or off or links are added or broken A longer time will prevent temporary loops but network traffic will be disrupted for a longer time The default value for the forward delay is 15 seconds If you change this setting the switch will not allow a value unless it satisfies the following formula 2 x forward delay 1 0 seconds max message age Note Assign all switches in the RSTP STP network the same forward delay Transmission Limit The transmission limit controls the maximum number of BPDUs which may be sent in one second The transmission limit can range from 1 to 10 messages second 6 messages second default Increasing Transmission limit can speed convergence of the network but at the cost of configuration messages using a larger share of the
86. m eas a ee Part and Power Stan Crop Evenn a Cntet mye itedusdanry States Oeti tuhicas Fiherisg Siats Piets 2 ta Semmary fenas at Parures 19 a aa o Maum Pabat 12 a CRD Aagn Errors c or wager ren Uneerurr Pann a Smia mtr HA Overnge Packets Prasws ror 13 700 Fragments MaG sarees Cate sl stss Juen o we nesi Comoe e LELLI LaO Parara mn 65 127 cxitet Packets x Contact lt a haan ark ma ot contact 120 235 cctet Pachets n 2 whee 286 91 3 cenet Packers 1 12 1023 octet Pets ts Lampe neat n Poors cess 1024 153B octet Packets 19 sammi n UE 15 13 switch user manual 1 indd 29 Stabsics updated every 5 LCoS Drop Events A packet has been dropped due to insufficient switch resources Octets of data octets received Packets of packets received Broadcast Packets of broadcast packets received Multicast Packets of multicast packets received CRC Align Errors of packets received with an invalid CRC Undersize Packets of packets received less than 64 bytes with a valid CRC Oversize Packets of packets received more than 1536 bytes with valid CRC 29 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Fragments of packets received that are less than 64 bytes Jabbers of packets received more than 1536 bytes with invalid CRC Collisions of collisions detected 64 octet Packets of packet of size 64 bytes received 65 127 octet Packets of pac
87. mful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this equipment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one or more of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help Copyright amp Trademarks Copyright 2009 ULTRA ELECTRONICS NSPI All Rights Reserved UE 15 13 switch user manual 1 indd 6 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Software License Agreement 1 Ownership The managed switch Software is the property of the Licensor as declared on the main menu of the software and protected by U S Copyright Law Trademark Law and International Treaty Provisions No ownership in or title to the Software is transferred to Licensee Licensee will not remove or obscure the Licensor s copyright trademark or proprietary notice from the
88. monitor their traffic For each source port choose to monitor messages being sent select Egress messages being received select Ingress or messages being sent and received select Both In the sample image above port 4 is monitoring messages from port 2 30 UE 15 13 switch user manual 1 indd 30 4 2 13 12 45 AM Section 6 Rapid Spanning Tree Protocol RSTP What RSTP Is and Why You Want to Use It The Rapid Spanning Tree Protocol RSTP allows you to have an Ethernet network with extra connections so if one path between two points on the network fails another path can be used to deliver messages If one link or switch fails another link or switch can take over transparently to prevent unnecessary down time So why not just physically connect each of the switches in your network in various loop configurations such that there are always at least two paths going to and from each switch A good idea but it creates broadcast loops that will bring a network to its knees very quickly In an unmanaged Ethernet network there can be only one path between any two ports on the network If there is more than one path from one switch to another a broadcast message and in some cases other messages sent by the network will be forwarded until it completes a loop by returning on the second path Since the switches forward all broadcasts and do not keep track of the messages they have sent the returning message will be sent around the loop again and ag
89. mples UE 15 13 switch user manual 1 indd 2 Access the Web User Interface 000 eee 9 Quickly gain access to the switch s web interface 60 0 ccc eee eee eee 9 Initial Setup and Configuration 0 0c 12 sae About the switch andimanuall ssassn e a PW Gabe ae Spaced EAN 12 General description of key managed switch features 2 000 cece eee eee es 12 Gain administrative access to configure the switch 0 0200 eee e eee eee es 12 Learn how to navigate the web interface screens 0000 00 e eee eee ees 13 Specify initial configuration parameters IP subnet etc 6 2 2 c eee 13 Define speed flow control and negotiation sasae asane ranne 14 Configuration Management and Firmware Updates 2000e eee ee eens 16 Access advanced features for maintaining the switch 00000 eee e eee ees 16 Save and restore the switch s configuration 00 0c e eee ete eee 16 Set the switch back to its original settings 0 0 eee 17 Reset reboot the switch 0 0 cc eee eee eee eens 18 Use the web browser to update the firmware in the switch 0 0005 18 Use a Trivial File Transfer Protocol server to update firmware 00 5 18 Use a Windows utility to update the firmware in the switch 000 eee ee 19 Monitoring the Current State o
90. n 1 ODNESEN a er Managed pe Ethernet Station 2 Switch __ i IGMP Enabled Ethernet Station 3 amp KEY G Multicast Traffic D e 1 Ethernet Station 4 E lt Unmanaged pve Station 5 lt Switch p Ethernet Station 6 IGMP Multicast Filtering Example 57 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 10 Virtual Local Area Networks VLANs Introduction to VLANs VLANs can segregate traffic flowing through a switch to improve bandwidth utilization or security Segregation is done based on membership in a group of ports port based VLANs or on IEEE 802 1Q tags which include a VLAN ID tag based VLANs A port based VLAN limits traffic coming in a port to the group of ports to which that port belongs For example if ports 1 3 5 and 7 were placed in a port based VLAN broadcast frames coming in port 3 would be sent to ports 1 5 and 7 which are members of port 3 s VLAN but not to ports 2 4 6 and 8 which are not members A port may be a member of two port based VLANs though results of this configuration are not always desirable or easily predictable When initializing port based VLANs the switch configures each port to be able to send data to all ports in all the port based VLANs in which it is a member For example if one VLAN had ports 1 5 and another had ports 5 8 traffic from port 1 4 could go to ports 1 5 tra
91. n location information is not added to the Filtering Database MAC table because any changes in port role will make the Filtering Database information inaccurate Learning State RSTP In this state information is being added to the Filtering Database under the assumption that the port role is not changing Gathering information before frame relay forwarding state will reduce the number of frames sent out when entering the forwarding state 40 UE 15 13 switch user manual 1 indd 40 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Forwarding State RSTP Frames will be forwarded to and from the particular port that is in the forwarding state In addition during the forwarding state the learning process is still incorporating station information into the filtering database Port Participates in Port Participates in kort tates Active Topology Learning MAC Addresses Discarding No No Learning No No Forwarding Yes Yes Table 1 2 802 1D RSTP Port States RSTP Examples Example 1 Maximum hops and Switches in a Redundant Ring The Max Age setting controls how long RSTP messages may circulate in the network When a switch receives a message it compares the age of the message with the Max Age also carried in the message and if the age has reached the Max Age the message is discarded Otherwise the message age is incremented before the message is forwarded Therefore the maximum diameter of a RS
92. nd devices without VLAN support Transparent Frames will be forwarded unchanged VLAN with RSTP Extra care must be taken when enabling both VLANs and redundancy or communications failures may occur The example diagram below depicts the problem with running the Rapid Spanning Tree Protocol RSTP and VLANs at the same time The IEEE 802 1D based RSTP is not aware of the VLAN configuration Therefore in the example one of the Network Ports for VLAN 3 is being blocked see VLAN Port Settings topic in this section about Network type ports This prevents VLAN 3 from being able to forward data to all its members Problem RSTP blocks VLAN connection Lay joe Kod ae 8 ast a I 2 py S Ler X for VLAN 3 Switch Frasset t Lan ere Z p e 61 UE 15 13 switch user manual 1 indd 61 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual The solution to the problem above is to configure all Network type ports to carry all VLANs in the network In other words the Network Port should be a member of all VLANs defined in the switch As seen from the example diagram below VLAN 3 can forward to all its members through the other Network Port connections and is not affected by the block RSTP connection Solution Make all switch to switch connections 62 UE 15 13 switch user manual 1 indd 62 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section
93. network at the same time Solution Configure the switch such that video data has lower priority than control data by adjusting the priority queuing settings in the switch Configuring the Switch for Traffic Prioritization As mentioned earlier in this manual some applications require a certain Quality of Service QoS from the network to achieve a desired level of service In this example it is important that we achieve timeliness for control data Without taking advantage of the switch s priority queuing abilities we are using the best effort network model This means that the network will try to deliver all packets of information but will not make any sort of promise or guarantees with respect to the timeliness of data for specific applications Considering our control video example there is no guarantee that we can get the response time needed for control data if the video cameras are sending data at the same time 50 UE 15 13 switch user manual 1 indd 50 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual A way to achieve the QoS desired is to prioritize network traffic Prioritization of network traffic can be achieved even if the devices video cameras and control systems do not support selection or configuration of Quality of Service parameters Configure all the ports used to interconnect the switches as follows Use 802 1p Tag Priority Use IP ToS DiffServ Priority Precedence Output Tag Checked
94. nnect it to your LAN Connect the switch to your LAN or the network it will reside and now you can use the IP address you just assigned to access your switch If you enabled DHCP then you will need to contact your LAN administrator to determine the IP address that was assigned UE 15 13 switch user manual 1 indd 10 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual 12 Once you regain access to your switch then you can do the following a The default administrative password can be changed from the Remote Access Security menu b The individual ports on the switch are configured to a set of defaults and auto selects that should get you started quickly with no necessary configuration Customizing the port settings by enabling disabling a port choosing the speed duplex or flow control is accessed from the Port Configuration menu c The Rapid Spanning Tree Protocol RSTP is disabled by default in the switch The RSTP settings can be changed from the Redundancy Settings screens d Check the operational status of the switch by accessing the Monitoring menu Note The switch can also be initially configured using the serial port However the Ethernet method described above is recommended Refer to Appendix G if you wish to use the serial port method 11 UE 15 13 switch user manual 1 indd 11 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 2 Initial Setup and Configuration
95. nto the switch to restore the factory default password and thus to gain access again Symptom Can t access the web page on the switch Answer Check to make sure that the IP address being used matches what is in the managed switch Ensure that the subnet masks for the client and server side are on compatible subnets Make sure web access http and or https is enabled in the switch Symptom Can t Telnet into the switch Answer Check to ensure that telnet is enabled in the managed switch configuration Check to make sure that the IP address being used matches what is in the switch Ensure that the subnet masks for the client and server side are on compatible subnets 69 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Symptom Not able to communicate via Ethernet Answer Check subnet mask to ensure network communication compatibility Check to make sure the IP address is correct Check to ensure there is a link light Check switch management to ensure the right settings are used for what you are trying to do Symptom Can t access command line configuration through terminal window for serial management port Answer Make sure flow control is turned off and the correct baud rate parity and stop bits are selected Should there be a blank terminal screen press enter to have the switch ask for login information again Symptom No management access to switch for first minute Answer Switch can sometim
96. o speed network convergence Periodically routers and IGMP snooping switches in active mode send an IGMP Query on each attached network The query interval is generally around 1 2 minutes A host that wishes to be a member of a group sets a timer for a short random delay when it sees the Query If it sees a Report from another host before its timer expires it cancels the timer and takes no further action until another Query is seen If no other Report is seen a Report is sent when the timer expires The router or switch uses the Report to configure multicast forwarding The router or switch keeps track of how long it has been since the last Report on each port for each group When the group expires the router or switch stops forwarding multicast data to that port Since the query interval is less than the expiration time data for active groups continues to be forwarded without interruption Multicast Filtering Configuration IGMP can be configured through two menus IGMP Switch Settings IGMP Port Settings 53 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Selecting Setup from the Main Menu and then selecting Multicast Filtering will get you to these menus Aedusteiat Ethernet IGMP Protocol Settings EoI Gehie tuner REEE ANNEE BANAD SAG A A EPN MR AS E PLE a tame My PAET GME Settbngy Divinoa LAM LANG o meag seen Serene 216 Femme rer 359000 MAC sapea ODII aoe m 30 amre
97. om various vendors Key information from the MIBs is also available via the switch s terminal and web interfaces The MIBs are divided into groups of related objects Objects may be scalar having on only a single value or tabular having a list of values varying over time by port number etc See Appendix C for a list of the supported MIB and RMON groups SNMP Security SNMP provides several options for securing access to MIBs SNMPv1 and SNMPv2 provide only weak authentication SNMPv3 uses encryption to add stronger authentication as well as privacy In all versions you may configure read only and read write users SNMPv1 and SNMPv2 authenticate users with a community string which is sent in clear text unencrypted and no password is required Some measure of security can be achieved by setting long obscure community strings SNMPv3 provides three levels of security and encryption None No password is required to read or write values in the MIB Authentication A password is required and is used to encrypt the user credentials so that security information is not sent in clear text A variation of MD5 is used for encryption Privacy A password is required and is used to encrypt the user credentials A second password is used to encrypt the details of the SNMP request using DES encryption For SNMPv3 access the managed switch requires authentication and allows privacy Only one password is configurable and it is used fo
98. ore wan J a feon a Tres sn j Ls Avon afcro rouer Jeon aftes wen foon of tres san r Aeon ri tees wan E Eo se meen KE EO ire sen Rots 13 updated every recond i Use the group status screen to find out the IGMP groups being forwarded by a switch There is one line for each group port combination That is if a group is active on more than one port each port will have a separate line in the table T2401 739 90 e 0I 4 10 1280 7 12 79 299 255 255 250 4 101204 1 19 05 a Ge 239 799 239 230 7 10 10 190 805 86 ae a SN 200 266 266 254 4 1012801 13 62 IGMP Group Status View IGMP routing status Trae UNM Loup Sinks V Status is updated every seconds The displayed data is separated by several fields Atte Our nanang P mo yor Tu 01s 4 10993179 sa 11 23401 39 4 10131417 13 66 eS aliie Imaal 4 UISU 15852 Group Displays the IP address of a particular multicast group Port Displays the port number for which the particular multicast group is active on Reporter Displays the IP address of the last host to report membership in this group on this port Hosts send IGMP Reports to a switch or router for the purpose of having the switch or router include them into a particular multicast group Age The number of seconds since this group was last reported on this port Expiration The number of seconds until this group will be dropped unless a new report is received 56 UE 15 13 sw
99. ort COMI Communications Poet COM The COM number following the name can now be used to access the switch using the terminal interface NOTE The USB and RS232 ports cannot be connected simultaneously Please connect only the cable type you wish to use to communicate with the switch 83 UE 15 13 switch user manual 1 indd 83 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Appendix G Quick Start Setup for Terminal User Interface Quick Start Guide to Terminal User Interface As an alternative to the web interface you can use this guide to quickly configure the switch through the RS232 Port or the USB Port Note This interface is for more advanced users Using the Web interface described in the beginning of this manual is the recommended method 1 Connect the serial port of your PC typically a female DB9 connector to the serial port of the switch female RJ45 connector or on units with a USB port connect a USB cable from a USB port on your PC to the USB port on the Switch Refer to the hardware user manual for details on how to make this connection Contact Ultra Electronics to purchase a pre wired interface cable or USB cable if necessary 2 Configure a terminal program such as HyperTerminal for 9600 8N1 and no flow control See Section further below for more details 3 Type admin for the login name and admin for the password Choose the appropriate terminal emulation setting tha
100. ost of 10 a f This is a Designated Bridge with root path cost of 15 Pathicost 15 aS 3 J 2 e T Pathicost 10 i mone Pathicost 10 This is a a Bien Ye 1 J path pst ie Switch _ Backup path 10 10 t since it will cost 25 10 15 to reach the root J Ethernet Device Ethernet Device Example of Using Path Costs Example 3 Ring Topology with only one Managed Switch Do not do this Implementing a ring topology with a single managed switch and several unmanaged switches is a common question because of the thought of saving money The topology is legal only if that single managed switch is a member of each ring Although it is legal it is not recommended as the hypothetical scenario indicated below will explain why Hypothetical Scenario An integrator wishes to use implement a single Ethernet ring topology for the proposed network Only one managed switch is used to connect to three or more unmanaged switches in the loop Figure 1 42 UE 15 13 switch user manual 1 indd 42 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual because of blocked port eee ci eee O 1 l lt 1 a Switch 3 B r Switch 2 a e a Lo Note The between switches represents either one port to port Ethernet cable connection or one port to port fiber connection Switches 1 2 3 are unmanaged Figure 1 Initially everything is working fine in the network The mana
101. print a nard copy of these settings Sarat these settings Switch clock not set report time unknown Conhgure an NTP server lo get report Nuclear Sensors amp timestamps Process Instrumentation www Ultra NSPLeom 5 1800 880 9333 General Switch Info Model G408M Serial Number 5011359 Managed Switch Menu Monitoring Firmware Revision 47 1000 system information MAC Address 00 a0 10 09 33 4a Port and Power Status Network Statistics Uptime 07 Gays 07 06 17 Spanning Tree Status Self ltealing Ring Status Multicast Filtering Status Main Configuration MAC Table A Configuration Summary Name G408M v0 I Advanced Operations Location lt Set location of switch gt Contact lt Set name and e mail of contact for switeh gt Model 5 Timezone none ere muir Firmware rev 47 DHCP Dsaniead 23 UE 15 13 switch user manual 1 indd 23 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual MAC Address Table The MAC address table page displays the current MAC address table of the switch This data can be filtered by the Filter Database ID FID the port s of discovery or by all or part of the MAC address Please note that Port 65 is the internal CPU port MAC Table Help ELECTRONICS Thes i5 a list Of each MAC address mown to the device along with the Filtenng Database ID that R belongs to the reason that the device knows it and the port on which it was Ciscoversc Nuclear Sensors amp Filter by Proces
102. products On line support www ultra nspi com Phone 1 512 434 2850 Fax 1 512 434 2851 E mail mailto fiberop ultra nspi com Mailing address Ultra Electronics Nuclear Sensors amp Process Instrumentation 707 Jeffrey Way Round Rock TX 78665 2408 USA 87 UE 15 13 switch user manual 1 indd 87 4 2 13 12 45 AM Nuclear Sensors amp Process Instrumentation ELECTRONICS Ultra Electronics NUCLEAR SENSORS amp PROCESS INSTRUMENTATION 707 Jeffrey Way PO Box 300 Round Rock TX 78680 0300 USA Tel 1512 434 2850 Ultra Electronics reserve the right Fax 1512 434 2901 to vary these specifications e mail fiberop ultra nspi com without notice www ultra nspi com Ultra Electronics 2009 UE 15 13 switch user manual 1 indd 88 4 2 13 12 45 AM
103. quipment in hazardous dangerous to life or potentially life threatening environments requiring fail safe performance such as in the operation of nuclear facilities aircraft navigation or communication systems air traffic control direct life support machines or weapons systems Licensor specifically disclaims any express or implied warranty of fitness for High Risk Activities Licensee specifically represents and warrants that this Software or Derivative Work will not be used for High Risk Activities UE 15 13 switch user manual 1 indd 7 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 8 EOTec G408M Managed Ethernet Switch Software User Manual 7 Indemnification Licensee agrees to indemnify defend and hold harmless the Licensor from any and all liability penalties losses damages costs expenses attorneys fees causes of action or claims caused by or resulting directly or indirectly from Licensee s use sale or distribution of the Software which damages either Licensee the Licensor or any other party or parties without limitation or exception This indemnification and hold harmless agreement extends to all issues associated with the Software or this License 8 Intellectual Property Infringement Licensee shall not add or cause to be added any item or items to any product of Licensor for which Licensee is granted a license under this Agreement if said added item or items would cause said product of Licensor to infringe or pot
104. r both authentication and privacy The following examples use snmpget from the Net SNMP tools to illustrate the use of authentication and privacy when accessing the managed switch If SNMPv2 access is enabled values may be read without a password with a command like snmpget v 2c c public 10 2 0 1 system sysDescr 0 If SNMPv3 access is enabled values may be read with a command like the following entered all on one line snmpget v 3 u public I authNopriv a MD5 A publicpwd 10 2 0 1 system sysDescr 0 25 UE 15 13 switch user manual 1 indd 25 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Finally if SNMPv3 access is enabled an authenticated private request could be made with a command like the following snmpget v 3 u public I authpriv a MD5 A publicowd x DES X publicopwd 10 2 0 1 system sysDescr 0 The switch supports SNMPv1 v2 and v3 SNMPv1 and v2 access are essentially the same from a security standpoint and are enabled and disabled together SNMPv3 security may be separately controlled Thus you may prevent unauthenticated access to your switch by disabling SNMPv1 v2 access entirely while retaining password secured access via SNMPv3 SNMP Notifications Use the SNMP Notifications Menu to enable traps to be sent when the state of the switch changes Access this menu by selecting Setup from the Main Menu and then selecting Main Settings Authentication Traps can be sent when invalid
105. r of this software is an intended third party beneficiary of that transaction and is entitled to enforce it in its own name directly against the Licensee 10 Governing Law This License shall be governed in all respects by the courts jurisdiction and laws of the State of New York Licensee may not export the Software or materials in violation of applicable export laws and regulations If for any reason a court of competent jurisdiction finds any provision of this License or portion thereof to be unenforceable the provision shall be enforced to the maximum extent possible so as to effect the intent of the parties and the remainder of this Certificate shall continue in full force and effect Note All information in this document is subject to change without notice 4 2 13 12 45 AM Section 1 Accessing the Setup Interfaces Quick Start Guide to Web User Interface Note This is the recommended method for initially accessing the switch Use this guide to quickly configure the switch over an Ethernet connection 1 Van Elalerel The default IP address and subnet mask of the switch is 10 2 0 1 and 255 0 0 0 This means your PC must be temporarily set to a compatible IP address example 10 2 0 2 Follow these directions to do so a b Goto the Control Panel on your computer C d Access the Properties window for your LAN e f Agyess metrar Connectors Go to Network Connections Network Connactions Tie
106. rent directory path setting Path example Current Directory path setting is set to c switch There is a directory under the switch directory named CurDir Therefore to access the c switch CurDir directory from the switch you would need to type in CurDirvestorefile sv restorefile sv is the arbitrary file name that you chose to save into the remote machine Hint Should you have trouble saving some machines might need you to create an empty file for the particular name that you have chosen before the save process Retrieving a configuration To restore a configuration that has been previously saved choose Retrieve from TFTP and type in the name of the backup file that you specified when you performed your save To use path information refer to the Path example above Updating Firmware To update firmware select the Advanced Operations option from the Main Menu and then select Update Firmware Ensure that the IP address is set for the TFTP server by selecting TFTP Configuration and load the firmware file by selecting the Update Firmware with the firmware file name 81 UE 15 13 switch user manual 1 indd 81 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Appendix F USB Port Configuration Driver Installation Select newer models of Ultra managed switches are equipped with both a USB port and an RS232 port for terminal access In order to take advantage of the USB port please visit w
107. s Instrumentation veww Ultra ASPLoom 1D 1 800 880 3333 Port tuo iaig inde MAC Managed Switch Menu Refresh Table 7 FDB Size 12 Filter Matches 12 Truncated 0 1 Advanced Operations io Port Status MAC Address 0 i Learned 00 90 27 74 e2 64 65 Self OO aft Ld 09 33 4A v 65 Selt OU a0 14 09 33 47 v 65 Selt 00 a0 1d 09 39 45 0 65 Sell 00 00 1d 09 33 4a 0 65 Self OO a0 Ld 09 33 46 v 4 Leerned OU Of feree 3 71 v 6 gt Selt O00 e0 Ld 092 93 41 0 65 Self 00 60 id 09 33 43 0 65 Self OO es Leds O92 33244 ty 65 elf 00 a0 Ld 09 33 42 v 6s Menagement 1 e0 1d 00 00 00 24 UE 15 13 switch user manual 1 indd 24 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Section 5 Network Management SNMP and RMON SNMP MIB and RMON Groups SNMP Simple Network Management Protocol and RMON Remote Monitoring provide a means to monitor and manage your network Each SNMP device maintains Management Information Bases MIBs containing information about the operation and configuration of the device Note This product uses Net SNMP available from www net snmp org which is subject to the copyrights amp license found at www net snmp org COPYING txt The MIBs can be accessed with SNMP tools ranging from simple command line tools like snmpwalk and snmpget part of the open source Net SNMP package available at http www net snmp org to commercial network management products fr
108. s eae eee 65 Remote Access Security Define how you can remotely access the switch n naaar cece eee eee eee ees 65 Port Security sroct iii cedek eee MAC address based port security 0 0 0 cee ttt 67 Appendices ssri soc nsareee a oa eee eee ne eae saben wes eee eas 1aGelaawere ea ka ea caws we 69 Appendix A 005 Basic TrOUDIESNOOUIAG riimien E hie RS Maree BP eh E a ave ee ar ar 69 Appendix B 5 Default Software Configuration Settings 000 eee eee ete eee 71 Appendix Cronies ui orean SNMP Support MIBs and RMON sisse a E O 73 AppendixD 05 Concepts and Definitions 0 0 e A a e E ett tne eee 75 Appendik E os cee ace ee cue bes TRIP Tutorial sisi ooce oi nr ates eoewid bore at ew deiadahees abe bby tee doen 80 Appendix Fs deste ok date noes USB Port Configurations ic c0 06 ewe a ea ORE hte Chee ee heed 82 Appendix G 008 Setup for Terminal User Interface 0000 cece eee 84 Appendix H 5 Service Information 2 i i 452ouse sean ghee heen eee teen de ees oie i eoereodicae 86 3 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Applicable standards and certifications O se Wu A CE Fe LISTED Total Hazardous Standard European Quality Locations Locations Directives Emesons This manual applies to firmware v4 3 1000 in the following products e G408M Managed Ethernet switch with 8 10 100 100
109. s setting controls the default priority to be assigned to frames when it cannot otherwise be determined For example if a frame without an IEEE tag arrived at a port where Use IP was disabled Select an out bound priority queue from the list Port Type This setting controls how IEEE tags are handled in out going data Transparent maintains any tag that may have been present in a frame when it entered the switch Edge removes tags from all out going frames Network adds a tag if none is present The value of the tag is the queue number times two six for queue 3 etc 802 1p Tag Settings Each of the 8 IEEE tag priority values can be assigned to one of the four output priority queues Background 0 Normal 1 Expedited 2 Urgent 3 48 UE 15 13 switch user manual 1 indd 48 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual The default assignment follows the IEEE 802 1p recommendation as follows Priority Traffic Type Queue 0 Best Effort 1 1 Background 0 2 Spare 0 3 Excellent Effort 1 4 Controlled Load 2 5 Video 2 6 Voice 3 7 Network Control 3 Intense there 202 1p Tag Settings Gee aeng tegne Cebmae your network detimintnm by using IEEE BOF IN DYI to PORIE your network tric 1 1Rtaneqed Switch Hone ig lt 2 iti Manitarisg Tn Mle Soley 1t Reduntency Seaings Touts eas Be pipe tiny Sap hy BA ay inavincad Dpacotons Bidania THE eeearerer 34108 MA sapen 0010 te SP ates 0301
110. same frame at another random time Should the Ethernet device fail to transmit that particular frame after 16 tries the Ethernet device gives up and the frame will not be transmitted UE 15 13 switch user manual 1 indd 28 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Internal MAC Transmit Errors When frames fail to be transmitted correctly due to an internal MAC sub layer transmit error Carrier Sense Errors When an Ethernet device loses the carrier sense condition whenever a frame is being transmitted The error is incremented a maximum of one time per transmission attempt no matter how many times the carrier sense condition fluctuates during a single transmission attempt Frame Too Longs Every time there is a frame that is encountered to exceed the maximum frame size Internal MAC Receive Errors When frames fail to be received correctly due to an internal MAC sub layer receive error Symbol Errors This happens when the system could not correctly decode a symbol that it has received Selecting RMON Statistics will display Remote Monitoring statistics for the selected port that can be used to determine how your network is performing These statistics come from the RMON MIB RFC 1757 Jairo Eiaa Network Statistics Managed Switch rn Dive Ste tele eee Morao et vanna Carter afd probe nacatar mantaned Sy the smth Se O O Hi Maneqed Sertich Meme 7a o 1 iieattocieg Fort por Statisties AMON uence Sya
111. spanning tree protocol settings 200 cece eee eee 34 Configure per port spanning tree protocol settings 6 00c eee eee ee ees 36 Basic guidelines when using RSTP or STP protocol 00 eee eee tees 37 Monitor the status of the redundancy operation 0000 0 cece eee eee es 39 Examples with switch over time RSTP Path costs and more 00000e ee eee 41 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 3 EOTec G408M Managed Ethernet Switch Software User Manual SCHON T soriana min eE E Self Healing Ring SHR cctuacc eine v teed ke ctw eden eie ee eae dea eka 45 Section 8 sick sic eee aa aca dcameans Priority Queuing QoS CoS ToS DS 20 eee 47 Traffic Priority 04 Utilize prioritized traffic to achieve Quality of Service QOS 0 cece ee ees 47 QoS CoS Settings Customize network traffic priority through these settings 0 0e0ee0ee 48 802 1p Tag Settings Classify the assignments of 802 1p tags to output QUEUES 6 eee 48 Message Rate Limiting Have the switch quench the affects of a broadcast storm 1 ees 49 QOS Example rnia a QoS Ensures Real time Delivery of Important Messages 0200 0 eee eeeeee 50 SECTION 9 sceni Gdienar ae eae Multicast Filtering IGMP cmi tees Site oan nama eo a eins megan ean es Saree awe 53 About IGMP aes da qarcae gees pe Reduce unnecessary traffic caused by multi
112. ss a telnet server Once connected and logged in to the telnet server commands can be remotely executed as if the user were at the server him herself 78 UE 15 13 switch user manual 1 indd 78 4 2 13 12 45 AM UE 15 13 switch user manual 1 indd 79 EOTec G408M Managed Ethernet Switch Software User Manual ToS Type of Service A field in the IPv4 header which specifies the type of service requested in handling the packet The value may be from 0 to 255 See also CoS QoS Traffic Class A field in the IPv6 header which specifies the relative priority of the frame The value may be from 0 to 255 Trap A message sent by an SNMP agent to an SNMP trap manager to notify the manager of a change in the state of the device monitored by the agent Examples of traps include cold start the device is turned on authentication failure a user supplied invalid credentials when attempting to connect to the agent and link up down a connection to a port was made or broken VLAN VLANs segregate traffic flowing through a switch to improve bandwidth utilization or security Segregation is done based on membership in a group of ports port based VLANs or on IEEE 802 1Q tags which include a VLAN ID tag based VLANs Devices on one VLAN can not talk to devices on another VLAN unless a router is involved to join them 79 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Appendix E TFTP Tutorial TFTP Servers A
113. stances it is necessary to statically configure ports as leading to IGMP routers Force the switch to forward IGMP messages to a specific port by choosing Static as the router type Exclude Port A port may be excluded from IGMP processing IGMP queries and reports received on an excluded port are ignored so devices reached via the excluded port cannot join multicast groups filtered by the switch IGMP queries and reports will not be forwarded to the excluded port so IGMP routers reached via the excluded port will not know of memberships for devices reached by other ports Static Router Specifies whether the switch should assume there is an IGMP router on this port even if no IGMP Query messages are received IGMP Status IGMP status can be monitored via two menus IGMP Port Status IGMP Group Status Selecting Monitoring from the Main Menu will get you to these menus 55 UE 15 13 switch user manual 1 indd 55 4 2 13 12 45 AM IGMP Port Status Each network segment can have only one active IGMP querier the active switch or the IGMP router with the lowest IP address This screen shows the IP address of the querier on the network segment attached to each switch port By p ordid Mbere Ka SETH EEE IGMP Group Status EOTec G408M Managed Ethernet Switch Software User Manual IGMP Group Status Whee IOMP pouting tates Pees IGA Md Dre AREEN P MAN PUEI pe a Tome version Partinamel Queries 2 Joo 2 t
114. t guide in Section 1 for how to initially access your switch To configure the switch for network access select Quick Setup from the Main Settings Menu to reach the System Settings menu The settings in this menu control the switch s general network configuration Veduariel Uibernet I System Settings Quick Setup Pot Varese Crees Set nase parareters in qutity CANARE ana Wieraty ime N P many cases Pese wr mi Fe eling Fut we reveuary i ry or Munu anal Opein Network Settings ne Gerke rape ME Prawe rev are addons MAC miaon ONE 187 staa Caantiet Y e fissi faase praean as ne ana S rmasone Armarcalige Vow _Redunsancy prevecei Papis Spaerne y Tree Frooro System identi icatien DHCP Enabled Disabled The switch can automatically obtain an IP address from a server using the Dynamic Host Configuration Protocol DHCP This can speed up initial set up as the network administrator does not have to find an open IP address IP Address and Subnet Mask Configuration The IP address for the switch can be changed to a user defined address along with a customized subnet mask to separate subnets 13 UE 15 13 switch user manual 1 indd 13 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Note to Advanced Users As additional security you can set the IP address to 0 0 0 0 to disable the use of an IP address However any features requiring an IP address i e web int
115. t is supported by your terminal program 5 Navigation of the character interface is done by using the arrow keys to highlight the option the Enter key to select and the Escape key to go back to the previous menu Pressing c will commit the changes Press x from the main menu to logout 6 Selecting Quick Setup brings up the System Settings menu This menu is used to configure the IP address DHCP or static subnet mask redundancy protocol system name contact and location information Managed Switch HyperTerminal Be Edt wew Col Iransfer tep Systen Settings gt DHCP Disabled IP address 109 1 9 2 Subnet nask 255 128 9 9 Default gateway none NIP server 18 128 4 108 Tinezone Anerica Mew York Redundancy protocol RSTP Contact vesnithPabccontrelconpany com Systen name aged Switch Switch location control panel 7 Press lt Enter gt to set the option selected Press lt Escape gt to return to the previous nenu without saving Press lt c gt commit these values and return to previous nenu Connected 17 28 34 7 Set the desired IP address and subnet that are compatible with the network for which this switch will reside or you can enable DHCP Select c to activate your new settings 8 Now you can access the switch via the web interface or you can continue to make configuration changes using this text interface 9 Using the text interface you can do the following a The default administrative password can be
116. t state if changes lead to an undesirable configuration Restore Checkpoint Reverts to the settings in the saved checkpoint You can optionally choose to keep your current network settings or use the ones in the checkpoint file 16 UE 15 13 switch user manual 1 indd 16 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Note The current administrator s password will remain in effect after the restoration SNMP passwords will be restored to the values in the checkpoint TFTP Configuration Specifies the name or IP address of the TFTP Trivial File Transfer Protocol server where configuration checkpoints may be stored Save to TFTP Saves the current configuration checkpoint file to the defined TFTP server You must specify the name of a file on the server Retrieve from TFTP Retrieves a previously saved configuration checkpoint file from the defined TFTP server After retrieval the configuration still must be restored to be made active Note The web interface also allows you to download save and upload retrieve files directly from your local system No TFTP server is needed Factory Defaults This option sets the switch back to factory default settings The switch will automatically restart reset to put the default settings into effect Aaduvarial Ethernet Restore Factory Defaults nima site meos Do you Mealy mant to restore tactory dataults and reset the Dih i Aanaged Seite tens ran the R
117. tch Software User Manual Appendix D Concepts amp Definitions 10 100BASE Tx 100BASE FX 1000BaseT F This describes the type of port 10BASE T is a 10 Mbps copper RJ45 port 100BASE TX is a 100 Mbps copper port 100BASE FX is a 100 Mbps fiber optic port and 1000BaseT F is 1000 Mbps copper or fiber port Active Communication Communication is enabled between two devices with no hindrances such as a port in a blocked state As long as there is only ONE active communications path from a root to any end node there will be no loops in the active topology Auto MDI MDIX Crossover The RJ45 copper ports on the switch will automatically detect the cable type straight thru vs cross wired and re configure themselves accordingly Auto Polarity The RJ45 copper ports on the switch will intelligently correct for reverse polarity on the TD and RD pair Auto Sensing or Auto Negotiation The RJ45 copper ports on the switch will intelligently detect the speed 10BASE T 10 Mbps or 100BASE TX 100 Mbps and duplex half or full The fiber ports are fixed at 100BASE FX and the duplex is settable BPDU Bridge Protocol Data Unit These data units are used to keep bridges informed of the network status Bridge Priority A setting that helps create the hierarchical levels as to which switch will become root Bridge Device used as a means to connect communicate between two networks Also called a switch CoS Class of Service is
118. te Name This parameter sets the SNMPv2 community string and SNMPv3 user name that may be used by SNMP clients for read write access to settings Enter your own value if you wish to secure read write access Default is private SNMP Read Write Password This parameters sets the password for secure SNMPv3 access by the read write user SNMP passwords must be at least eight characters long The default read only password is privatepwd without the quotes New Admin Password Password set here is used for Telnet and Web Access To change the administrative password select this option Default password is admin Port Security Port Security can be enabled on the MAC address level for additional security To turn on port security check Global Port Security Enable Then choose which ports individual ports should have MAC address security When the desired ports are enabled click the Commit button to commit the changes NOTE If a port has port security enabled but no MAC addresses are in the MAC entries table any device connected to that port will be unable to communicate with the switch Ensure that before security is enabled on all ports there is at least one MAC address in the table 67 UE 15 13 switch user manual 1 indd 67 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Port Security Enables ELECTRONICS acd sobai Port Securty Enabe C Nuclear Sunsore amp Port Security Enab
119. tics or Ether like statistics and the desired port number The display will be updated every 5 seconds Selecting Ether like statistics will display various Ethernet statistics for the selected port for which can be used to determine how your network is performing These statistics come from the Dot3 MIB RFC 2665 tadaskial Tihocnet Network Statistics Managed Sewite ty Drath Bonen tinie Woden Manne Ine VANCEN EPEA ann AO nei stars minted ty te omen Pet uut Shetistks Cosmriiy siiis 8 Andarmatian and Power Stems Abgnecre Crocs n PEUN heres Sosius J Meet Piai Steis Enpe Common Frames 0 2S Contes odun Sumon org maue Coms Frames SOE Test Errors ra nS Octened Transmissions er umag wan LMS Commens pa snar 718 Pucessive Consina o Frmware rev 35 1000 konts Me Tenet Pires 0 me arenes Camer Gense Errors 0 RET Frame Too Lonas 0 P waas interrail Mac Receive Errore 0 Oymtet Errors 0 UE 15 13 switch user manual 1 indd 27 Stavchcs upGmed every d Seconds 27 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual The following statistics are provided Alignment Errors Happens when the Ethernet Interface cannot synchronize with the incoming packet because it is not of expected length packet received has invalid CRC Causes This is possibly caused by interference and attenuation Check for faulty wiring NICs or possible causes of interference line noise FCS Errors This error
120. tion about the network Root bridge The bridge that controls the Spanning Tree Topology Root port This port that provides the connection directly or indirectly to the root bridge RSTP Rapid Spanning Tree Protocol This protocol is an improvement over the original STP technology providing for faster convergence times SNMP Simple Network Management Protocol Protocol used to manage complex networks A computer device requests data from SNMP agents through protocol data units The agents return the data that is stored in their MIBs Management Information Bases SNMP Agent The software which monitors the status of a device such as the managed switch and provides information about that status to clients by replying to requests or sending notifications Store amp Forward This is the standard operating mode for the switch STP Spanning Tree Protocol This protocol is used to prevent loops in a bridged network but still allowing for redundant connections as a safe guard against single points of hardware failure Subnet A subnet is the part of the network that shares the same part of an IP address For security reasons a network can be divided into many subnets by using a subnet mask The subnet mask setting in devices is combined with the binary IP address to extract the subnet ID On an IP network only devices with the same subnet ID can communicate with each other Telnet This is a terminal emulation program used to acce
121. tor the vanous Counters and problem indicators maintained by the switch Network Statistics Port sot 2 Statistics RNMONststisics Stat Current Change 1 Drop Events 0 0 Octets 2 357 129 482 419 291 665 3 Packets 7 367 965 0 4 Broadcast Packets 8 0 5 Multicast Packets 0 0 6 CRC Align Errors 0 0 7 Undersize Packets 0 0 amp Oversize Packets 0 0 9 Fragments 0 0 10 Jabbers 0 0 11 Collisions 0 0 12 64 octet Packets 792 0 13 65 127 octet Packets 3 269 0 141 S octet Packets 5 736 0 15 256 51 1 octet Packets 40 679 0 16 512 1023 octet Packets 135 957 0 af 1024 151 6 octet Packets 7 178 100 Status is updated every 5 seconds Last updated Tuesday November 03 2009 2 27 36 PM Help 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Configuration Summary The Configuration Summary Page provides a complete overview of the configuration settings of the switch The summary is generated in a print friendly format If an NTP server is configured the report will also report a timestamp To save these settings to a configuration file click the Save these settings button to be redirected to the Configuration Management screen Note This page is for viewing settings only To change settings please browse to the individual configuration screens Configuration Summary This page provides an overview of configuration settings Use the Print function ELECTRONICS ot your Drowser to
122. tory Create a directory on your computer for which you would like to store and retrieve the switch s configuration files Once the restore directory has been created the current directory path setting needs to be configured in the TFTPD32 server For example a directory is created and named storecfg with a full path of c switch storecfg Continuing with this example click the browse button from TFTPD32 and navigate to c switch storecfg We now have the TFTP32 server s path directory correctly set to read and write your switch s configuration files Configure the Switch for TFTP The only thing to configure in the switch for TFTP is the name or IP address of your TFTP server This is done by selecting the Configuration Management Menu from the Advanced Operations Menu and then selecting TFTP Configuration Set the IP address or name of your TFTP server here 80 UE 15 13 switch user manual 1 indd 80 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual Saving a Configuration via TFTP To save the current switch configuration simply select Save to TFTP and specify the desired filename for what you want the backup file to be called Using path settings It is also possible to access directories that are located deeper than the current directory path setting that you have configured in the TFTP32 However it is not possible to navigate directories that are above the cur
123. ut the express written consent of the Licensor Licensee may not reverse engineer decompile or disassemble the products or otherwise attempt to derive source code from the Licensed Software 4 NO WARRANTY LICENSOR MAKES NO WARRANTIES WHATSOEVER WITH RESPECT TO THE SOFTWARE INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTIBILITY OR FITNESS FOR PARTICULAR PURPOSE ALL SUCH WARRANTIES ARE HEREBY EXPRESSLY DISCLAIMED NO ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY THE LICENSOR OR THE LICENSOR S REPRESENTATIVE SHALL CREATE A WARRANTY OR IN ANY WAY INCREASE THE SCOPE OF THIS WARRANTY 5 Limitation of Liability Under no circumstances including negligence shall Licensor be liable for any incidental special or consequential damages that result from the use or inability to use the Products even if the Licensor is advised of the possibility of such damages Licensor shall make a reasonable effort to resolve any problems the Licensee may have in its use of the products In no event shall Licensor s total liability to Licensee for any and all damages losses or causes of action in contract tort or otherwise exceed the amount paid by Licensee for the Software or Hardware Products that are the basis of the claim 6 High Risk Activities Licensee acknowledges that the Licensed Software is not fault tolerant and is not designed manufactured or intended by Licensor for incorporation into products intended for use or resale in on line control e
124. v3 adds encryption HTTP HTTPs This method access the web interface Standard HTTP has password security The more secure HTTPS adds encryption through SSL Secure Socket Layers or TLS Transport Layer Security Important Note The best security method is to turn off or disable any access methods that you are not using Remote Access Security This screen allows you to set your remote access security settings To access the Remote Access Security select Setup from the Main Menu and then select Main Settings tedustiial Ethernet Remote Access Security fetp_ perty Lopan Prevert naureorced access Dy IOELPANG Now the fateh Can De remotely Managed For best Security Gia access methods you G5 not rend to use SNMP Access Choose the level of SNMP access to allow None No SNMP access allowed SNMPv2 SNMPv2 access with community string sent in clear text and no password required 65 UE 15 13 switch user manual 1 indd 65 4 2 13 12 45 AM EOTec G408M Managed Ethernet Switch Software User Manual SNMPv3 SNMPv3 access with encrypted password Both SNMPv2 and v3 access allowed Terminal Access Choose the type of terminal access to allow None No terminal access to the switch will be allowed Telnet Non secure access via telnet protocol Remote access is possible through this protocol although all information being transacted between server and client will be sent as clear text Should security be of
125. ww ultra nspi com to install the USB driver After completing the installation you may then connect the switch via USB The New Hardware Wizard will appear Found New Hardwere Wizard Welcome to the Found New Hardware Wizard Windows wil search fee curert ard updoied soltware by looking on pour computer on the haedvrare instataton CO of on lhe Windows Update Web ate wi you pamsoon Can Windows connect to Windows Updiste to seaech tot siwan O Yes thes ime oriy Yes now aed every time connect 3 devier O No ret this tine Click Newt to continue Select No not this time and click Next On the next screen select Install the software automatically and click Next The computer will locate the driver and confirm that you would like to install the unverified driver Select Continue Anyway and click finish to complete the installation Hardware Installation Note USB Driver installation is for Windows XP only Please contact Ultra for assistance with Windows Vista 82 UE 15 13 switch user manual 1 indd 82 4 2 13 12 45 AM er Manual View the USB COM Port To view the COM port the USB device has been assigned to open the Windows Device Manager Expand the section for Ports COM amp LPT and locate the port labeled USB Serial Device E Computer Management mG WE ATALAT APL controlers D Keyboards E T Mer and other pointing devices Ports COM GLET Communications P
Download Pdf Manuals
Related Search