User`s Manual - PLANET Technology Corporation.
Contents
1. Protocol Pont Port Figure 4 10 1 Access Control List ACL Web Page screen The page includes the following fields E IPv4 ACL Object Description Default Vaule Group ID 1 247 max 247 ACL group Action Permit Deny Permit E Permit Permit packet cross switch 109 VLAN Packet Type Src IP Address Dst IP Address IP Fragment L4 Protocol Protocol TCP Port UDP User s Manual of FGSW Series Deny Drop packet Any VID m Any Any VLAN id m VID 1 4094 A certain VLAN id IPv4 Non IPv4 Binding E Pv4 Set Ipv4 packet field E Non IPv4 Set non lpv4 packet field E Binding Set binding entry Set this field if Packet Type is IPv4 else ignore Any IP and Mask EH Any Any IP address m IP A certain IP address Mask 44 eee es is represent a digit from 0 9 is range from 0 to 255 Notice This is not subnet mask Set this field if Packet Type is IPv4 else ignore Any IP and Mask EH Any Any IP address m IP A certain IP address Mask 44 xik ee is represent a digit from 0 9 is range from 0 to 255 Set this field if Packet Type is IPv4 else ignore Uncheck Check mM Uncheck Not check IP fragment field Check Check IP fragment field Set this field if Packet Type is IPv4 else ignore Any ICMP 1 IGMP 2 TCP 6 UDP 17 Set this field if Packet Type is IPv4 else ignore 0 255 If protocol not find in L4 Proto2. Figure 4 2 11 Configuration Backup interface The page includes the following fields Object Description TFTP Server IP Address Type in the TFTP server IP Backup File Name Type in the file name 53 User s Manual of FGSW Series 4 2 6 Factory Default Reset switch to default configuration Click Default to reset all configurations to the default value FGSW 2620VM sas d PLANET Saeco eee ee al it LLAN ORO do Ar Hotworking amp Communication gt Home A System System Information IP Configuration SNMP Configuration Syslog Setting Firmware Upgrade Configuration Backup Factory Default System Reboot Port Configuration Layer 2 Features Factory Default Reset Switch to Default Configuration Security QoS Figure 4 2 12 Factory Default interface 4 2 7 System Reboot Reboot the switch in software reset Click Reboot to reboot the system i FGSW 2620VM E a E 10 i id 16 18 20 2 2d NAE Ltt AA AA Q PLANET oe A p a Hetworking amp Communication Home EB System System Information IP Configuration SNMP Configuration Syslog Setting Firmware Upgrade Configuration Backup Factory Default System Reboot E Port Configuration O Layer 2 Features System Reboot A Security a Qos Figure 4 2 13 System Reboot interface 94 User s Manual of FGSW Series 4 3 Port Configuration 4 3 1 Port Control In Port control you can configure the settings of each port to control the conne
3. Enable or disable 802 1x Syntax no dot1x radius server host Description Set radius server IP port number and accounting port number Syntax radius server host lt p addr gt lt 1024 65535 gt lt 1024 65535 gt Parameters lt ip addr gt specifies server s IP address The first lt 1024 65535 gt specifies the server port number The second lt 1024 65535 gt specifies the accounting port number radius server key Description Set 802 1x shared key Syntax radius server key lt key str gt Parameters lt key str gt specifies shared key string radius server nas Description Set 802 1x NAS identifier Syntax radius server nas lt id str gt Parameters lt id str gt specifies NAS identifier string show radius server Description Show radius server information including radius server IP port number accounting port number shared key NAS identifier 165 dot1x timeout quiet period Description Set 802 1x quiet period default 60 seconds Syntax dot1x timeout quiet period lt 0 65535 gt Parameters lt 0 65535 gt specifies the quiet period in seconds dot1x timeout tx period Description Set 802 1x Tx period default 15 seconds Syntax dot1x timeout tx period lt 0 65535 gt Parameters lt 0 65535 gt specifies the Tx period in seconds dot1x timeout supplicant Description Set 802 1x supplicant timeout default 30 seconds Syntax dot1x timeout s
4. 110 Watts FGSW 2620PVM Max number of Class2 PD FGSW 2612PVM FGSW 2620PVM Max number of Class 3 PD FGSW 2612PVM Standards Conformance Safety FCC Part 15 Class A CE IEEE 802 3 10Base T IEEE 802 3u 100Base TX 100BASE FX IEEE 802 3z Gigabit SX LX IEEE 802 3ab Gigabit 1000Base T IEEE 802 3x Flow Control and Back pressure Standards Compliance IEEE 802 1d Spanning tree protocol IEEE 802 1w Rapid spanning tree protocol IEEE 802 1p Class of service IEEE 802 1Q VLAN Tagging IEEE 802 1x Port Authentication Network Control IEEE 802 3af Power over Ethernet FGSW 2620PVM FGSW 2316PVM only e 50 125um or 62 5 125um multi mode fiber cable 100Base FX up to 2km 1000Base SX up to 220 550m Cable Fiber optic cable e 9 125um single mode cable provides long distance for 100Base FX up to 10 40 60km very on fiber transceiver or SFP module 1000Base LX ZX 10 15 20 30 40 50 60 70 120km very on fiber transceiver or SFP module 19 User s Manual of FGSW Series 2 INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount For easier management and control of the Managed Switch familiarize yourself with its display indicators and ports Front panel illustrations in this chapter display the unit LED indicators Before connecting any network device to the Managed Switch please read this chapter comp
5. Change VLAN mode Syntax vlan mode disabled port based dot1 q Parameters disabled port based dot1q specifies the VLAN mode Change the VLAN mode for every time user have to restart the switch for valid value vlan add Description Add or edit VLAN entry Syntax vlan add lt 1 4094 gt NAME cpu port no cpu port LIST LIST Parameters lt 1 4094 gt specifies the VLAN id or Group id if port based VLAN mode NAME specifies the VLAN group name cpu port no cpu port specifies the CPU port belong this VLAN group LIST specifies the ports to be set to VLAN members LIST specifies the ports to be set to tagged members If not entered all members set to untagged e g switch config vlan add 1 vlan1 cpu port 1 4 This VLAN entry has four members from port1 to port4 and all members are untagged 142 no vlan Description Delete VLAN entry Syntax no vian lt 1 4094 gt Parameters lt 1 4094 gt specifies the VLAN id or group id if port based VLAN e g no vian 1 show vlan Description Show VLAN entry information Syntax show vlan lt 1 4094 gt Parameters lt 1 4094 gt specifies the VLAN id null means all valid entries e g 143 User s Manual of FGSW Series User s Manual of FGSW Series show vlan static Description Show static VLAN entry information show vlan pvid Description Show port default VLAN id Syntax show vlan pvid LIST Parameters
6. Information in this User s Manual is subject to change without notice and does not represent a commitment on the part of PLANET PLANET assumes no responsibility for any inaccuracies that may be contained in this User s Manual PLANET makes no commitment to update or keep current the information in this User s Manual and reserves the right to make improvements to this User s Manual and or to the products described in this User s Manual at any time without notice If you find information in this manual that is incorrect misleading or incomplete we would appreciate your comments and suggestions FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the Instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at whose own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures WEEE
7. LIST specifies the ports to be showed If not entered all port s PVID will be showed 144 User s Manual of FGSW Series vlan filter Description Set ingress filter rules Syntax vlan filter enable disable enable disable LIST Parameters enable disable specifies the non members packet will be forwarded or not If set enable forward only packets with VID matching this port s configured VID enable disable specifies the untagged frame will be dropped or not If set enable drop untagged frame show vlan filter Description Show VLAN filter setting Syntax show vlan filter LIST 145 User s Manual of FGSW Series Parameters LIST specifies the ports to be showed If not entered all ports filter rules will be showed 146 User s Manual of FGSW Series 6 6 Misc Configuration no mac age time Description Set MAC address age out time Syntax no mac age time Enable or disable MAC address age out mac age time lt 6 1572858 gt Parameters lt 6 1572858 gt specifies the MAC address age out time Must be divisible by 6 Type the number of seconds that an inactive MAC address remains in the switch s address table show mac age time Description Show MAC address age out time broadcast Description Set broadcast storm filter mode to off 1 2 1 4 1 8 1 16 Syntax broadcast mode lt off 1 2 1 4 1 8 1 16 gt broadcast select Description Select the Broadcast storm f
8. RW Read write Enables requests accompanied by this community string to display MIB object information and to set MIB objects Press the button to add the management SNMP community strings on the Add button Managed Switch Press the button to remove the management SNMP community strings that you Remove button defined before on the Managed Switch 48 User s Manual of FGSW Series 4 2 3 4 Trap Managers A trap manager is a management station that receives the trap messages generated by the switch If no trap manager is defined no traps will be issued To define a management station as a trap manager assign an IP address enter the SNMP community strings and select the SNMP trap version Current Managers 1192 168 0 52 IP Address Community Figure 4 2 7 Trap Managers interface The page includes the following fields Object Description IP Address Enter the IP address of the trap manager Community Enter the community string for the trap station 49 User s Manual of FGSW Series 4 2 4 Firmware Upgrade It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol TFTP server Before updating make sure the TFTP server is ready and the firmware image is located on the TFTP server 4 2 4 1 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server i
9. Voltage Disp EN 61000 4 11 2001 Responsible for marking this declaration if the Manufacturer Q Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Person responsible for making this declaration Name Surname Kent Kang Position Title Product Manager Taiwan git July 2009 l en a fon Place Date Legal Signature PLANET TECHNOLOGY CORPORATION e mail sales planet com tw http www planet com tw 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528 EC Declaration of Conformity For the following equipment Type of Product 24 Port 100Mbps SFP 2 Gigabit TP SFP Combo Web Smart Ethernet Switch Model Number FGSW 2624SF Produced by Manufacturer s Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility Directive on 89 336 EEC For the evaluation regarding the EMC the following standards were applied Emission EN 50081 1 1992 Conducted Radiated EN 55022 1998 Harmonic EN 61000 3 2 1995 A1 A2 1998 14 2000 Flicker EN 6100
10. Shared Key NAS Identifier Figure 4 12 4 802 1x System Configuration interface 118 The page includes the following fields Object IEEE 802 1x Protocol Radius Server IP Server Port Accounting Port Shared Key NAS Identifier User s Manual of FGSW Series Description Enable or disable 802 1x protocol Assign the RADIUS Server IP address Set the UDP destination port for authentication requests to the specified RADIUS Server Set the UDP destination port for accounting requests to the specified RADIUS Server Set an encryption key for using during authentication sessions with the specified RADIUS server This key must match the encryption key used on the RADIUS Server Set the identifier for the RADIUS client 119 User s Manual of FGSW Series 4 12 3 802 1x Port Configuration In this page you can select the specific port and configure the authorization state The state provides No Authorization Force Authorized Force unauthorized and Authorize 802 1x Configuration Port Configuration Configure 802 1x Per Port State Port State Figure 4 12 5 802 1x Per Port Setting interface The page includes the following fields Object Description FU Force Unauthorized The specified port is required to be held in the unauthorized state FA Force Authorized The specified port is required to be held in the authorized state The
11. Taipei Taiwan R O C Person responsible for making this declaration Name Surname Kent Kang Position Title Product Manager Taiwan 20 Apr 2009 Koerd Ed Place Date Legal Signature PLANET TECHNOLOGY CORPORATION e mail sales planet com tw http www planet com tw 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528 Y PLANET Networking amp Communication EC Declaration of Confommi For the following equipment Type of Product 24 Port 10 100Mbps 2 Gigabit TP SFP Managed Switch with 12 Port PoE Model Number FGSW 2612PVM Produced by Manufacturer s Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility 89 336 EEC 92 3 1 EEC 93 68 EEC For the evaluation regarding the Electromagnetic Compatibility the following standards were applied Emission EN 55022 1994 A1 1995 A2 1997 Class A Harmonic EN 61000 3 2 2000 Class A Flicker EN 61000 3 3 1995 A1 2001 Immunity EN 55024 1998 A1 2001 A2 2003 ESD EN 61000 4 2 2001 RS EN 61000 4 3 2002 A1 2002 EFT Burst EN 61000 4 4 1995 A1 2000 A2 2001 Surge EN 61000 4 5 2001 CS EN 61000 4 6 2001 Magnetic Field EN 61000 4 8 2001
12. 2 4094 From the Available ports box select ports to add to the Managed Switch and click Add Click Apply You will see the VLAN Group displays If the port based VLAN groups list over one page please click Next Page to view other VLAN groups on other page O Fo ee E ww P a Use Delete button to delete unwanted port based VLAN groups Use Edit button to modify existing port based VLAN groups By adding ports to the VLAN you have created one port based VLAN group completely 65 User s Manual of FGSW Series Static VLAN VLAN Operation Mode Fort Based VLAN lt lt Remove _JCPU Port Figure 4 4 3 Static VLAN interface The page includes the following fields Object Description Use this optional field to specify a name for the VLAN It can be up to 16 VLAN Name l l l alphanumeric characters long including blanks Group ID You can configure the ID number of the VLAN by this item This field is used to add VLANs one at a time The VLAN group ID and available range is 2 4094 Port Indicate port 1 to port 26 Add Defines the interface as a Port Based member of a VLAN Member Remove Forbidden ports are not included in the VLAN En All unselected ports are treated as belonging to another single VLAN If the port based VLAN enabled the VLAN tagging is ignored Note 66 User s Manual of FGSW Series 4 4 4 802 1Q VLAN Tagged based VLAN is a
13. 5 Administration Console FGSW 2620PVM FGSW 2612PVM to get more information about how to connect to the console interface of FGSW 2620PVM with HyperTerminal on Microsoft Windows platform Once the terminal has connected to the device power on the FGSW 2620PVM FGSW 2612PVM the terminal will display that it is running testing procedures Then the following message asks the login password The factory default password as following and the login screen in Figure 5 1 appears Username admin Password admin COM1_57600 HyperTerminal Seles File Edit View Call Transfer Help D Port interval TOS DSCP Completed Username admin Password Switch _ Connected 00 50 08 ANSI vy 2 600 5 M 1 Figure 5 1 FGSW 2620PVM FGSW2612PVM Console Login screen 127 User s Manual of FGSW Series 1 For security reason please change and memorize the new username and password after this first setup Username Max 6 Min 1 characters Password Max 6 Min 1 characters 2 Only accept command in lowercase letter under console interface 5 2 Configure IP address The FGSW 2620PVM FGSW2612PVM Managed Switch is shipped with default IP address as following IP Address 192 168 0 100 Subnet Mask 255 255 255 0 To check the current IP address or modify a new IP address for the Switch please use the procedures as follow a Show the current IP address 1 On Switch prompt enter configure 2 O
14. ACL rules include lpv4 or non lpv4 The Managed Switch can be used to block packets by maintaining a table of packet fragments indexed by source and destination IP address protocol and so on 6 16 1 Ipv4 ACL commands no acl Description Delete ACL group Syntax no acl lt 1 220 gt Parameters lt 1 220 gt specifies the group id e g no acl 1 no acl count Description Reset the Acl group count Syntax no acl count lt Groupld gt Parameters Groupld lt 1 220 gt specifies the group id show acl Description Show ACL group information Syntax show acl lt 1 220 gt Parameters lt 1 220 gt specifies the group id null means all valid groups e g Switch config show acl 1 IP Fragement Uncheck Src IP Address Any Dst IP Address Any L4 Protocol Any 168 User s Manual of FGSW Series Port ID Any Hit Octet Count 165074 Hit Packet count 472 acl addljedit lt 1 220 gt permit deny lt 0 4094 gt ipv4 lt 0 255 gt Description Add or edit ACL group for Ipv4 Syntax acl add edit lt 1 220 gt permit deny lt 0 4094 gt ipv4 lt 0 255 gt A B C D A B C D A B C D A B C D check unCheck lt 0 65535 gt lt 0 26 gt Parameters addledit specifies the operation lt 1 220 gt specifies the group id permit deny specifies the action permit permit packet cross switch deny drop packet lt 0 4094 gt specifies the VLAN id O means don t care lt 0 255 gt speci
15. Description Show Binding group information Syntax show bind lt 1 220 gt Parameters lt 1 220 gt specifies the group id null means all valid groups e g show bind 1 bind add Description Add Binding group Syntax bind add lt 1 220 gt A B C D E F lt 0 4094 gt A B C D lt 1 26 gt Parameters 171 User s Manual of FGSW Series lt 1 220 gt specifies the group id A B C D specifies the MAC address lt 0 4094 gt specifies the VLAN id O means don t care A B C D specifies the Source IP address 0 0 0 0 means don t care A B C D specifies the IP Address lt 1 26 gt specifies the Port id e g Switch config bind add 1 00 11 22 33 44 55 0 192 168 1 1 1 This Binding rule will permit all packet cross switch from device s IP is 192 168 1 1 and MAC is 00 11 22 33 44 55 and this device connect to switch port id 1 172 User s Manual of FGSW Series 6 18 Power over Ethernet Commands PLANET FGSwW 2620PVM FGSW 2612PVM show poe Show System Power over Ethernet information show poe status Show PoE port information poe temperature protection Enabling or disabling the PoE power supply over temperature protection poe limit mode Configure System PoE power limit mode information Enabling or disabling the port POE injects function poe priority Set port priority for the power supply management Enabling or disabling per port power output limit FGSW 2620PVM PoE power budget is 190W and s
16. Extensible Authentication Protocol EAP frames and interacting with the authentication server When the switch receives EAPOL frames and relays them to the authentication server the Ethernet header is stripped and the remaining EAP frame is re encapsulated in the RADIUS format The EAP frames are not modified or examined during encapsulation and the authentication server must support EAP within the native frame format When the switch receives frames from the authentication server the server s frame header is removed leaving the EAP frame which is then encapsulated for Ethernet and sent to the client a Authentication Initiation and Message Exchange The switch or the client can initiate authentication If you enable authentication on a port by using the dot1x port control auto interface configuration command the switch must initiate authentication when it determines that the port link state transitions from down to up It then sends an EAP request identity frame to the client to request its identity typically the switch sends an initial identity request frame followed by one or more requests for authentication information Upon receipt of the frame the client responds with an EAP response identity frame However if during bootup the client does not receive an EAP request identity frame from the switch the client can initiate authentication by sending an EAPOL start frame which prompts the switch to request the client s identity If 802
17. FGSW2620VM 2 v2 03b0901 07 img Files of type All Files 7 Cancel 4 Select on the firmware then click Upload the Software Upload Progress would show the file upload status Firmware upgrade needs several minutes Please wait a while and then manually refresh the webpage 91 User s Manual of FGSW Series 4 2 5 Configuration Backup 4 2 5 1 TFTP Restore Configuration You can restore a previous backup configuration from the TFTP server to recover the settings Before doing that you must locate the image file on the TFTP server first and the Managed Switch will download back the flash image Configuration Restore TFTP Restore Configuration TFTP Backup Configuration TFTP Server IP Address Restore File Name HTTP Config File Restore Figure 4 2 10 Configuration Restore interface The page includes the following fields Object Description TFTP Server IP Address Type in the TFTP server IP Restore File Name Type in the correct file name for restoring 92 User s Manual of FGSW Series 4 2 5 2 TFTP Backup Configuration You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the configuration later It helps you to avoid wasting time on configuring the settings by backing up the configuration Configuration Backup TFTP Server IP Address Backup File Name HTTP Config File Backup Click here to download configuation file
18. For example 8 Highest 4 SecHigh 2 SecLow 1 Lowest means that the switch sends 8 highest priority packets before sending 4 second high priority packet before sending 2 second low priority packet before sending 1 lowest priority packet 802 1p priority 0 7 Set up the COS priority level O 7 High Middle Low Lowest 802 1p Priority Priority classifiers of the Switch forward packet COS range is from 0 to 7 Seven is the high class Zero is the less class The user may configure the mapping between COS and Traffic classifiers 104 User s Manual of FGSW Series 4 9 2 2 QoS PerPort Configuration Configure the priority level for each port With the drop down selection item of Priority Type above being selected as Port based this control item will then be available to set the queuing policy for each port QoS Configuration PerPort Configuration b WN a Ol I in ed pe mh Disable Figure 4 9 3 QoS Configuration Port Based Priority The table includes the following fields Object Description Port Number Indicate port 1 to port 26 Each port has 8 priority levels O 7 or Disable to be chosen Port Priority 7 is the highest priority 105 User s Manual of FGSW Series 4 9 3 TOS DSCP TOS DSCP priority is obtained through a 6 bit Type of Service TOS or Differentiated Service Code Point DSCP to 3 bit priority mapping The Type of Service TOS octet in the IPv4 header is
19. Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528 Y PLANET Networking amp Communication EC Declaration of Confommi For the following equipment Type of Product 24 Port 10 100Mbps 2 Gigabit TP SFP Managed PoE Switch 190W Model Number FGSW 2620PVM Produced by Manufacturer s Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility 89 336 EEC 92 3 1 EEC 93 68 EEC For the evaluation regarding the Electromagnetic Compatibility the following standards were applied Emission EN 55022 1994 A1 1995 A2 1997 Class A Harmonic EN 61000 3 2 2000 Class A Flicker EN 61000 3 3 1995 A1 2001 Immunity EN 55024 1998 A1 2001 A2 2003 ESD EN 61000 4 2 2001 RS EN 61000 4 3 2002 A1 2002 EFT Burst EN 61000 4 4 1995 A1 2000 A2 2001 Surge EN 61000 4 5 2001 CS EN 61000 4 6 2001 Magnetic Field EN 61000 4 8 2001 Voltage Disp EN 61000 4 11 2001 Responsible for marking this declaration if the Manufacturer Q Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien
20. Jumbo Frame Note User s Manual of FGSW Series Port 1 Port 24 supports by port ingress and egress rate control For example assume port 1 is 10Mbps users can set its effective egress rate at 1Mbps and ingress rate at 500Kbps Device will perform flow control or backpressure to confine the ingress rate to meet the specified rate Ingress Type the port effective ingress rate The valid range is 0 8000 The unit is 128K 0 disable rate control 1 8000 valid rate value a Egress Type the port effective egress rate The valid range is 0 8000 The unit is 128K 0 disable rate control 1 8000 valid rate value A port in security mode will be locked without permission of address learning Only the incoming packets with SMAC already existing in the address table can be forwarded normally User can disable the port from learning any new MAC addresses then use the static MAC addresses screen to define a list of MAC addresses that can use the secure port Enter the settings then click Apply button to change on this page User can disable Enable port broadcast storm filtering option by port The filter mode and filter packets type can be select in Switch Setting gt Misc Config page User can disable Enable port jumbo frame option by port When port jumbo frame is enable the port forward jumbo frame packet The model FGSW 2624SF supports Egress Rate Control only it doesn t support Ingress Rate Control fu
21. LAN 2 LAN 3 Figure 4 5 2 Before Applying the STA Rules In this example only the default STP values are used LAN IL A Port 3 SS o Root Bridge SN Port 1 Port 2 A SS A Designated Port Designated Port Root Port Root Port gt B C Pot Designated Bridge G gt Port 2 Port 3 e Blocked gt Port 2 Port 3 Y lt A 4 a ano LAN 3 Figure 4 5 3 After Applying the STA Rules The switch with the lowest Bridge ID switch C was elected the root bridge and the ports were selected to give a high port cost between switches B and C The two optional Gigabit ports default port cost 4 on switch A are connected to one optional Gigabit port on both switch B and C The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link default port cost 19 Gigabit ports could be used but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link 81 User s Manual of FGSW Series 4 5 4 RSTP System Configuration This section provides RSTP System Configuration from the Switch the screen in Figure 4 5 4 appears The user can view spanning tree information of Root Bridge E The user can modify RSTP state After modification click Apply Spanning Tree System Configuration PerPort Configuration Configure Spanning Tree Parameters STP State
22. Limit W Consumption W Current D Current mA a Current Device Current mA Consumption W User s Manual of FGSW Series poe priority Description Set port priority for the power supply management The command is configurable while poe limit mode is set to Port Priority Command Level Global Configuration Syntax poe priority Critical High Low lt port list gt Parameters Critical High Low e Critical Indicates that operating the powered device is high e High Indicates that operating the powered device has medium priority e Low Indicates that operating the powered device has low priority lt port list gt specifies the ports to be set If not entered all ports are set Example Switch config poe priority low 1 Switch config show poe status 1 Current D Oper Priority Power Limit W Current mA Consumption W C poe maximum power Description Enabling or disabling per port power output limit The command is configurable while poe limit mode is set to Total Limit Command Level Global Configuration Syntax poe maximum power lt 1 15 4 gt lt port list gt no poe mximum power lt port ist gt Parameters lt 1 15 4 gt lt port list gt specifies the ports to be set If not entered all ports are set Example Switch config poe maximum power 10 1 177 User s Manual of FGSW Series 178 User s Manual of FGSW Series 7 SWITCH OPERA
23. Managed Switch 40 User s Manual of FGSW Series 4 2 1 System Information In System information it has two parts of setting Basic and Misc Config We will describe the configure detail in following 4 2 1 1 Basic The Basic System Info page provides information for the current device information Basic System Info page helps a switch administrator to identify the model name firmware hardware version and MAC address The screen in Figure 4 2 1 appears System Information isc conto Model Name FGSW 2620VM 24 Port 10 100Mbps 2G TP SFP Combo Managed Switch MAC Address 00 30 4F 26 20 2A Firmware Version 200 Figure 4 2 1 Basic System Information screenshot The page includes the following fields Object Model Name Description MAC Address Firmware Version Hardware Version Description Display the system name of the Managed Switch Describes the Managed Switch Displays the unique hardware address assigned by manufacturer default Displays the Managed Switch s firmware version Displays the current hardware version 41 User s Manual of FGSW Series 4 2 1 2 Misc Config Choose Misc Config from System Information of Managed Switch the screen in Figure 4 2 2 appears System Information Basic Misc Config C MAC Table Address Entry Age Out Time seconds 6 1572858 must multiple of 6 default is 300s Turn On Port Interval seconds 0 3600 seconds interval time b
24. Managed Switch means the Switches mentioned titled in the cover page of this User s manual i e FGSW 2620VM and FGSW 2620PVM 1 1 Package Contents Open the box of the Managed Switch and carefully unpack it The box should contain the following items Check the contents of your package for following parts M The Managed Switch x1 M User s manual CD x1 M Quick installation guide x1 M 19 Rack mount accessory kit x1 M Power cord x1 M Rubber feet X4 M RS 232 DB9 male Console cable x1 FGSW 2620PVM and FGSW 2612PVM only If any of these are missing or damaged please contact your dealer immediately if possible retain the carton including the original packing material and use them against to repack the product in case there is a need to return it to us for repair This user manual applies only to hardware FGSW 2620VM version 2 and FGSW 2624SF hardware version 3 About how to identify the hardware version Please refer to Appendix B 12 User s Manual of FGSW Series 1 2 Product Description High Performance Wire Speed Switching The PLANET FGSW 2620VM FGSW 2620PVM FGSW 2612PVM FGSW 2624SF Managed Switch offer 24 Ethernet ports with 2 Gigabit TP SFP combo ports Port 25 26 The type 24 Fast Ethernet ports of FGSW 2620VM and FGSW 2620PVM FGSW 2612PVM are 10 100Base TX copper RJ 45 and FGSW 2624SF is equipped with 24 100Base FX complied SFP slots These two Gigabit TP SFP combo ports of all models can
25. RS 232 male serial port connector It is an interface for connecting a terminal directly Through the console port it provides rich diagnostic information includes IP Address setting factory reset port management link status and system setting Users can use the attached RS 232 cable in the package and connect to the console port on the device After the connection users an run any terminal emulation program Hyper Terminal ProComm Plus Telix Winterm and so on to enter the startup screen of the device Mi Reset button At the left of front panel the reset button is designed for reboot the Managed Switch without turn off and on the power The following is the summary table of Reset button functions Reset Button Pressed and Released Function About 1 3 second Reboot the Managed Switch Reset the Managed Switch to Factory Default configuration The Managed Switch will then reboot and load the default settings as below Until the PWR LED lit off Default Password admin Default IP address 192 168 0 100 Subnet mask 255 255 255 0 Default Gateway 192 168 0 254 2 1 2 LED Indications The front panel LEDs indicates instant status of port links data activity and system power helps monitor and troubleshoot when needed 2 4 83a A E E E E o i r i LA Li i Le da 5 E FOSW 2620VM Figure 2 5 FGSW 2620VM LED panel 21 User s Manual of FGSW Series LED Color Function PWR Green Lights to indicate tha
26. STP Spanning Tree Protocol IEEE 802 1D a RSTP Rapid Spanning Tree Protocol IEEE 802 1w The IEEE 802 1D Spanning Tree Protocol and IEEE 802 1W Rapid Spanning Tree Protocol allow for the blocking of links between switches that form loops within the network When multiple links between switches are detected a primary link is established Duplicated links are blocked from use and become standby links The protocol allows for the duplicate links to be used in the event of a failure of the primary link Once the Spanning Tree Protocol is configured and enabled primary links are established and duplicated links are blocked automatically The reactivation of the blocked links at the time of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured Please read the following before making any changes from the default values The Switch STP performs the following functions El Creates a single spanning tree from any combination of switching or bridging elements E Creates multiple spanning trees from any combination of ports contained within a single switch in user sp
27. Set agent system contact string Syntax snmp system contact lt contact str gt Parameters lt contact str gt specifies the contact string 161 e g snmp system contact abc sina com show snmp system Description Show SNMP system information 6 13 2 Community Strings snmp community Description Set SNMP community string Syntax User s Manual of FGSW Series snmp community lt read sysinfo only read all only read write all gt lt community str gt Parameters lt community str gt specifies the community string e g snmp community read all only public no snmp community Description Delete SNMP community string Syntax no snmp community lt community str gt Parameters lt community str gt specifies the community string e g no snmp community public show snmp community Description Show SNMP community strings 6 13 3 Trap Managers snmp trap Description Set SNMP trap receiver IP address community string and port number Syntax snmp trap lt ip addr gt lt community str gt lt 1 65535 gt 162 Parameters lt ip addr gt specifies the IP address lt community str gt specifies the community string lt 1 65535 gt specifies the trap receiver port number e g snmp trap 192 168 200 1 public no snmp trap Description Remove trap receiver IP address and port number Syntax no snmp trap lt ip addr gt lt 1 65535 gt Parameters lt ip addr gt s
28. Station only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The default gets and sets community strings for the Managed Switch are public FGSW Managed Switch ASETET ice SNMP Agent Status Enabled totaal JE cc PC Workstation ES Ra with A AAA SNMP application E a Ly Intrane 192 168 0 100 LER IP Address 192 168 0 x Figure 3 3 SNMP management 3 5 Administration Console FGSW 2620PVM FGSW 2612PVM The administration console is an internal character oriented and command line user interface for performing system administration such as displaying statistics or changing option settings Using this method you can view the administration console from a terminal personal computer Apple Macintosh or workstation connected to the switch s console serial port There are two ways to use this management method via direct access or modem port access The following sections describe these methods For more information about using the console refer to Chapter 5 Console Management FGSW 2620PVM Managed Switch PC Workstation with Terminal emulation software NA Aha ans im RS 232 ES Serial Port Serial Port 57600 8 n 1 Figure 3 4 Console management 33 Direct Access User s Manual of FGSW Series Direct access to the administration console is achieved by directly connecting a terminal or a PC
29. User s Manual of FGSW Series The PoE Ports panel display is only for FGSW 2620PVM and FGSW 2612PVM Using the onboard web agent you can define system parameters manage and control the Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can setup the Managed Switch by select the functions those listed in the Main Function The screen in Figure 4 1 4 appears Home System S Port Configuration Port Control Port Status Port Statistics Port Sniffer Layer 2 Features 1 VLAN Trunking Forwarding amp Filtering IGMP Snooping Spanning Tree Security 2 QoS Figure 4 1 4 FGSW Managed Switch Main Functions Menu 4 2 System Use the System menu items to display and configure basic administrative details of the Managed Switch Under System the following topics are provided to configure and view the system information This section has the following items System Information IP Configuration SNMP Configuration Firmware Upgrade Configuration Backup Factory Default System Reboot Provides basic system description including contact information Sets the IP address for management access Configure SNMP agent and SNMP Trap Upgrade the firmware via TFTP server or Web Brower file transfer Save view the Managed Switch configuration to remote host Upload the switch configuration from remote host Reset the configuration of the Managed Switch Restarts the
30. Warning To avoid the potential effects on the environment and human health as a result of the presence of hazardous substances in electrical and electronic equipment end users of electrical and electronic equipment should understand the meaning of the crossed out wheeled bin symbol Do not dispose of as WEEE as unsorted municipal waste and have to collect such WEEE separately Revision PLANET 24 Port 10 100Mbps 2 Gigabit TP SFP Managed Switch User s manual FOR MODELS FGSW 2620VM v2 FGSW 2620PVM FGSW 2612PVM FGSW 2624SF v3 REVISION 2 2 JUL 2009 Part No EM FGSW 2620VM_2620PVM_2612PVM_2624SF_v2 2 2080 A92350 004 User s Manual of FGSW Series TABLE OF CONTENTS INTRODUCTION cos ttttartitacle bici ooo 12 1i Package Contenido ca 12 12 Product Descritor dira ct o dara 13 1 3 OW to Use This Mana leonado 13 TA Product Feature PP OO E zan A AE 15 LS Product Specificati M cisco orita 17 2 INSTALEA HON A AA meee ee nee ere meer eee ers ener aor 20 2 1 Hardware Descriptor 20 ZAS WICA EOL Fane ani 20 2 AAA acme guceyratnc a tamu appenebcioa a aatel e aneedice dal uremia aaandca esate 21 Zl HOWL Rear ral 25 22 rn a E ace eda aE 26 AA SKIOD MISTI OM mei a a a a a a tnt 26 LL RACK MOUNINO ia oia 21 2 2 3 Installing the SFP transcelVer ooonccccconnnccccononcccononcocononononcnnnnnnnnonononnnnnnnnnnnnnnnnnnnrnnnnnennnnnnnnnnaness 28 3 SWI CH MANAGEMEN Tocsiananinaananar cd 30 Se 1 Fe O a O E E aea E a R a 30 3 2 Ma
31. When a client logs off it sends an EAPOL logoff message causing the switch port to transition to the unauthorized state If the link state of a port transitions from up to down or if an EAPOL logoff frame is received the port returns to the unauthorized state 117 User s Manual of FGSW Series 4 12 2 System Configuration 802 1x makes use of the physical access characteristics of IEEE802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and of preventing access to that port in cases in which the authentication and authorization process fails To enable 802 1x from System System Information Misc Config then you still to fill in the authentication server information Broadcast Storm Filter Packet select C Broadcast Packets CIP Multicast O control Packets Flooded Unicast Multicast Packets Collisions Retry Forever 15 b Hash Algorithm CRC Hash v IP MAC Binding Disable v 802 1x Protocol E a erra rra E Figure 4 12 3 System information Misc Configuration 802 1x Protocol After enabling the IEEE 802 1X function you can configure the parameters of this function 802 1x Configuration System Configuration Misc Configuration Configure 802 1x Parameters Radius Server IP 192158099 Accounting Port
32. _ i i Default DISABLE STP protocol version Default RSTP 0 61440 Default 32768 Maximum Age 6 40 Default 20 Hello Time 1 10 Default 2 Forward Delay 4 30 Default 15 Figure 4 5 4 RSTP System Configuration interface The page includes the following fields Object RSTP mode Protocol Version Priority 0 61440 Max Age 6 40 Hello Time 1 10 Description The user must enable the RSTP function first before configuring the related parameters A value used to specify the spanning tree protocol the original spanning tree protocol STP 802 1d or the rapid spanning tree protocol RSTP 802 1w The switch with the lowest value has the highest priority and is selected as the root If the value is changed the user must reboot the switch The value must be a multiple of 4096 according to the protocol standard rule The number of seconds a switch waits without receiving Spanning tree Protocol configuration messages before attempting a reconfiguration Enter a value between 6 through 40 The time that controls the switch to send out the BPDU packet to check RSTP current status Enter a value between 1 through 10 82 User s Manual of FGSW Series The number of seconds a port waits before changing from its Rapid Forward Delay Time 4 30 Spanning Tree Protocol learning and listening states to the forwarding state Enter a value bet
33. about port connection options This chapter covers the following topics Requirements Management Access Overview Administration Console Access Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements m Workstations of subscribers running Windows 98 ME NT4 0 2000 XP MAC OS9 or later Linux UNIX or other platform compatible with TCP IP protocols E Workstation installed with Ethernet NIC Network Interface Card a Ethernet Port connect e Network cables Use standard network UTP cables with RJ45 connectors A Above Workstation installed with WEB Browser and JAVA runtime environment Plug in a Serial Port connect FGSW 2620PVM FGSW 2316PVM only e Above PC with COM Port DB 9 RS 232 or USB to RS 232 converter It is recommended to use Internet Explore 6 0 or above to access Managed Switch 30 User s Manual of FGSW Series 3 2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods a Web browser interface a An external SNMP based network management application E An administration console The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use Each of these management methods has their own advantages Table 3 1 compares the three management methods Method Advantages Disadvantages Web Browser e Ideal for
34. as above picture before deploying the cables into your network User s Manual of FGSW Series Appendix B How to identify the hardware version There are multiple revisions of FGSW 2620VM and FGSW 2624SF To download the user s manual firmware or datasheet please make sure the hardware version that you have Else once download the firmware to wrong model would cause the device boot failed Through the following ways you can identify the hardware version 1 From Web Interface Click System System Information Basic web page check the hardware version r FGSW 2620WM TIEA _ A o A Home amp System System Information IP Configuration SNMP Configuration Syslog Setting Firmware Upgrade ee e 124 Port 10 100Mbps 2G TP SFP Configuration Backup ETATY Combo Managed Switch Factory Default System Reboot Port Configuration i Layer 2 Features Hardware Version Security QoS 2 From appearance to identify the hardware version Please check the Model Number label on the FCC label at the bottom of the device 189 User s Manual of FGSW Series The Label is described as below FGSW 2620VM v2 A9203509XXXXXXX FGSW 2624SF v3 A81014XXXXXXXxx 190 Y PLANET Networking amp Communication EC Declaration of Confommi For the following equipment Type of Product 24 Port 10 100Mbps 2 Gigabit TP SFP Combo Managed Switch Model Number FGSW 2620VM Produced by
35. at 192 168 1 x where x is a number between 2 and 254 to do the relative configuration on manager PC FGSW Managed Switch PC Workstation with Web Browser MITA IP Address y RN UTP Cable 192 168 0 100 kt py IP Address 192 168 0 x 36 User s Manual of FGSW Series 4 1 1 Requirements e Workstations of subscribers running Windows 98 ME NT4 0 2000 2003 XP MAC OS9 or later Linux UNIX or other platform compatible with TCP IP protocols e Workstation installed with Ethernet NIC Network Card e Ethernet Port connect gt Network cables Use standard network UTP cables with RJ45 connectors gt Above PC installed with WEB Browser and JAVA runtime environment Plug in It is recommended to use Internet Explore 6 0 or above to access FGSW 2620VM Managed Switch 4 1 2 Logging on the switch 1 Use Internet Explorer 6 0 or above Web browser Enter the factory default IP address to access the Web interface The factory default IP Address as following http 192 168 0 100 2 When the following login screen appears please enter the default username admin with password admin or the username password you have changed via console to login the main screen of Managed Switch The login screen in Figure 4 1 1 appears The server 192 168 0 100 at Web Management requires a username and password Warning This server is requesting that your username and password be sent in an insecure manner basi
36. configured VID Disable w Figure 4 4 7 802 1Q Ingress filter interface The page includes the following fields Object Description NO Indicate port 1 to port 26 PVID Set the port VLAN ID that will be assigned to untagged traffic on a given port This feature is useful for accommodating devices that you want to participate in the VLAN but that don t support tagging The switch each port allows user to set one VLAN ID the range is 1 255 default 71 Ingress Filtering 1 Ingress Filtering 2 Apply button User s Manual of FGSW Series VLAN ID is 1 The VLAN ID must as same as the VLAN ID that the port belong to VLAN group or the untagged traffic will be dropped Ingress filtering lets frames belonging to a specific VLAN to be forwarded if the port belongs to that VLAN Enable Forward only packets with VID matching this port s configured VID Disable Disable Ingress filter function Drop untagged frame Disable Acceptable all Packet Enable Only packet with match VLAN ID can be permission to go through the port Press the button to save configurations 12 User s Manual of FGSW Series 4 4 5 Q in Q VLAN E IEEE 802 1Q Tunneling Q in Q IEEE 802 1Q Tunneling QinQ is designed for service providers carrying traffic for multiple customers across their networks QinQ tunneling is used to maintain customer specific VLAN and Layer 2 protocol configurations even when different c
37. configuring the switch remotely e Security can be compromised hackers need e Compatible with all popular browsers only know the IP address and subnet mask e Can be accessed from any location e May encounter lag times on poor connections e Most visually appealing SNMP Agent e Communicates with switch functions at e Requires SNMP manager software the MIB level e Least visually appealing of all three methods e Based on open standards e Some settings require calculations e Security can be compromised hackers need only know the community name Console e No IP address or subnet needed e Must be near switch or use dial up connection FGSW 2620PVM e Text based e Not convenient for remote users FGSW 2612PVM e Telnet functionality and HyperTerminal e Modem connection may prove to be unreliable built into Windows or slow 95 98 NT 2000 ME XP operating systems e Secure Table 3 1 Management Methods Comparison 31 User s Manual of FGSW Series 3 3 Web Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer After you set up your IP address for the switch you can access the Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Managed Switch FGSW Managed Switch PC Workstation with Web Browser COV IP Address _ y ES U
38. directly connected to a switch or an entire department On port based VLAN NIC do not need to be able to identify 802 1Q tags in packet headers NIC send and receive normal Ethernet packets If the packet s destination lies on the same segment communications take place using normal Ethernet protocols Even though this is always the case when the destination for a packet lies on another switch port VLAN considerations come into play to decide if the packet is dropped by the Switch or delivered mE IEEE 802 1Q VLANs IEEE 802 1Q tagged VLAN are implemented on the Switch 802 1Q VLAN require tagging which enables them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLAN allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN will only be forwarded to the stations over IEEE 802 1Q enabled switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLAN can also provide a level of security to your network IEEE 802 1Q VLAN will only deliver packets between stations 61 User s Manual of FGSW Series that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant sw
39. equipped with a terminal emulation program such as HyperTerminal to the Managed Switch console serial port When using this management method a straight DB9 RS 232 cable is required to connect the switch to the PC After making this connection configure the terminal emulation program to use the following parameters The default parameters are 57600 bps 8 data bits No parity 1 stop bit COM3 Properties Port Settings Bits per second LN Data bits Parity Stop bits E Flow control Restore Defaults Figure 3 5 Terminal parameter settings You can change these settings if desired after you log on This management method is often preferred because you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP 34 User s Manual of FGSW Series 3 6 Protocols The Managed Switch supports the following protocols E Virtual terminal protocols such as Telnet Simple Network Management Protocol SNMP 3 6 1 Virtual Terminal Protocols A virtual terminal protocol is a software program such as Telnet that allows you to establish a management session from a Macintosh a PC or a
40. independent customer LANs into the MAN Metro Access Network space One of the purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used independent of the customers VLANs This is accomplished by adding a VLAN tag with a MAN related VID for frames entering the MAN When leaving the MAN the tag is stripped and the original VLAN tag with the customer related VID is again available This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering with the VLAN tags All tags use EtherType 0x8100 or 0x88A8 where 0x8100 is used for customer tags and Ox88A8 are used for service provider tags In cases where a given service VLAN only has two member ports on the switch the learning can be disabled for the particular VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports This way the MAC table requirements is reduced 73 User s Manual of FGSW Series 4 4 5 1 Q in Q Port Setting The QinQ VLAN 1 QinQ Port Setting screen in Figure 4 4 8 appears QinQ VLAN QinQ Port Setting Figure 4 4 8 Q in Q Port Setting interface The page includes the following fields Object QinQ QinQ TPID Port QinQ QinQ Uplink Description Enable Sets the Managed Switch to QinQ mode and allows the QinQ tunnel port to be configured Disable The Managed Switch operates in its normal VLAN mod
41. is aged out When an opening is available the switch stored the first new MAC address it sees in that opening All packets from MAC addresses not in the MAC address table should be blocked 4 11 1 MAC Limit Configuration The Layer 2 MAC Limit function can be per port configured for security management purposes When the port is in MAC Limit mode the port will be locked without permission of address learning Only the incoming packets with Source MAC already existing in the address table can be forwarded normally User can disable the port from learning any new MAC addresses MAC Limit Configure MAC Limit IMAC Limit Limit 1 64 0 to turn off MAC limit Figure 4 11 1 MAC Limit Configure MAC Limit The page includes the following fields Object Description MAC Limit Enable or disable MAC limit function for the Managed Switch Port Number Indicate port 1 to port 26 The maximum number of per port MAC addresses to be learned 1 64 O to Limit disable this port s MAC limit function 113 User s Manual of FGSW Series 4 11 2 MAC Limit Port Status This table displays current MAC Limit status of each port MAC Limit Port Status Figure 4 11 2 MAC Limit MAC Limit Port Status The page includes the following fields Object Description Port Number Indicate port 1 to port 26 Limit Display the current MAC Limit configuration and status of each port 114 User s Manual of FGSW Series 4 12 802
42. no trunk lt trunk id gt Parameters lt trunk id gt specifies the trunk group to be deleted 6 4 2 LACP Command no lacp Description Enable disable LACP lacp system priority Description Set LACP system priority Syntax lacp system priority lt 1 65535 gt Parameters lt 1 65535 gt specifies the LACP system priority no lacp system priority Description Set LACP system priority to the default value 32768 show lacp status Description Show LACP enable disable status and system priority show lacp Description Show LACP information Switch config show lacp status LACP is enabled LACP system priority 32768 User s Manual of FGSW Series 138 show lacp agg Description Show LACP aggregator information Syntax show lacp agg lt trunk id gt Parameters lt trunk id gt specifies the trunk group to be shown show lacp port Description Show LACP information by port Syntax show lacp port lt port id gt Parameters lt port id gt specifies the port to be shown VLAN group 139 User s Manual of FGSW Series If VLAN group exist all of the members of static trunk group must be in same User s Manual of FGSW Series 6 5 VLAN Configuration 6 5 1 Virtual LANs A Virtual LAN VLAN is a logical network group that limits the broadcast domain It allows you to isolate network traffic so only members of the VLAN receive traffic from the same VLAN members B
43. open standard This compliance assures customers that the Managed Switch is compatible with and will interoperate with other solutions that adhere to the same open standard 35 User s Manual of FGSW Series 4 Web Based Management This section introduces the configuration and functions of the Web Based management 4 1 About Web based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer The Web Based Management supports Internet Explorer 6 0 It is based on Java Applets with an aim to reduce network bandwidth consumption enhance access speed and present an easy viewing screen By default IE6 0 or later version does not allow Java Applets to open sockets The user has to explicitly modify the browser setting to enable Java Applets to use network ports The Managed Switch can be configured through an Ethernet connection make sure the manager PC must be set on same the IP subnet address with the Managed Switch For example the default IP address of the Managed Switch is 192 168 0 100 then the manager PC should be set at 192 168 0 x where x is a number between 1 and 254 except 100 and the default subnet mask is 255 255 255 0 If you have changed the default IP address of the Managed Switch to 192 168 1 1 with subnet mask 255 255 255 0 via console then the manager PC should be set
44. ports are removed from the default m VLAN and Link aggregation Groups In order to use VLAN segmentation in conjunction with port link aggregation groups you can first set the port link aggregation group s and then you may configure VLAN settings If you wish to change the port link aggregation grouping with VLAN already in place you will not need to reconfigure the VLAN settings after changing the port link aggregation 63 User s Manual of FGSW Series group settings VLAN settings will automatically change in conjunction with the change of the port link aggregation group settings 4 4 2 Static VLAN Configuration A Virtual LAN VLAN is a logical network grouping that limits the broadcast domain It allows you to isolate network traffic so only members of the VLAN receive traffic from the same VLAN members Basically creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch However all the network devices are still plug into the same switch physically The Managed Switch supports Port based and 802 1Q Tagged based VLAN in web management page In the default configuration VLAN support is 802 1Q static VLAN VLAN Operation Mode 802 10 No VLAN Port Based VLAN 302 10 VLAN filter VLAN Information DEFAULT__ 1 Figure 4 4 1 Static VLAN interface 1 No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN mem
45. queue Commands qos priority Description Set 802 1p priority Syntax qos priority lt first come first service all high before low weighted round robin gt Parameters 153 User s Manual of FGSW Series lt highest weight gt lt sechighweight gt lt sec low weight gt lt lowest weight gt e g gos priority weighted round robin 8 4 2 1 qos level Description Set priority levels to highest second high second low and lowest Syntax qos level lt highest second high second low lowest gt lt evel list gt Parameters lt evel list gt specifies the priority levels to be high or low Level must be between 1 and 7 e g gos level highest 7 e g qos level lowest 4 show qos Description Show QoS configurations including802 1p priority priority level e g Switch config show qos QoS configurations QoS mode weighted round robin Highest weight 8 Second High weight 4 Second Low weight 2 Lowest weight 1 802 1p priority 0 7 Lowest Lowest SecLow SecLow SecHigh 6 10 2 Per Port Priority port priority Description Set port priority Syntax port priority lt disable 0 7 gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set e g port priority disable 1 5 SecHigh 154 Highest Highest 6 11 MAC Address Configuration clear mac address table Description
46. selecting the port number and the column field of Work Ports changes automatically 89 5 User s Manual of FGSW Series Trunking Aggregator Setting Figure 4 6 4 Aggregation Information of Switch 1 Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured Switch 2 configuration oe a E a Set System Priority of the trunk group For example 32768 Select a trunk group ID by pull down the drop down menu bar Enable LACP Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically 90 User s Manual of FGSW Series Trunking Aggregator Setting rite iy Apply Figure 4 6 5 Switch 2 configuration interface 10 Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured Trunking Aggregator Information Priority 32768 7 MAC 00304f44557c Key hae rn 1 7 7 P L MW F a L F A ha e a riority Active PortNo Key Priority porrz4 2s6 32768 seectedportza 258 32788 Figure 4 6 6 Switch 1 Aggregator Information i 91 User s Manual of FGSW Series 4 6 3 State Activity Having set up the LACP aggregator on the tab
47. the Internet community s de facto standard management protocol SNMP Operations SNMP itself is a simple request response protocol NMSs can send multiple requests without receiving a response Get Allows the NMS to retrieve an object instance from the agent Set Allows the NMS to set values for object instances within an agent Trap Used by the agent to asynchronously inform the NMS of some event The SNMPv2 trap message is designed to replace the SNMPv1 trap message SNMP community An SNMP community is the group that devices and management stations running SNMP belong to It helps define where information is sent The community name is used to identify the group A SNMP device or agent may belong to more than one SNMP community It will not respond to requests from management stations that do not belong to one of its communities SNMP default communities are Write private Read public 4 2 3 2 System Options Use this page to define management stations You can also define a name location and contact person for the Managed Switch SNMP Configuration System Options FGSW 2620VM No Location SNMP Status Enable vw Figure 4 2 5 SNMP configuration interface The page includes the following fields Object Description e System Name An administratively assigned name for this managed node By convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za
48. the switch are listed below Click Add to add anew static entry to the address table MAC Address PORT VID 00 30 4F 11 22 33 MAC Address 00 30 4F 22 33 44 Port num Port20 Y VLAN ID Al Figure 4 7 2 Static MAC Addresses interface The page includes the following fields Object Description Enter the MAC address of the port that should permanently forward traffic MAC Address regardless of the device network activity Port num Pull down the selection menu to select the port number VLAN ID The VLAN ID for the entry 95 User s Manual of FGSW Series 4 7 3 MAC Filtering By filtering MAC address the switch can easily filter the pre configured MAC address and reduce the un safety You can add and delete filtering MAC address Forwarding and Filtering Dynamic MAC Table Static MAC Table Specify a MAC address to filter 00 30 4F 55 66 77 00 30 4F77 2B FC MAC Address 100 00 34 11 22 33 VLAN ID 2 00 30 4F 55 66 77 Filter 1 00 30 4F 77 2B FC Filter 1 Figure 4 7 3 MAC Filtering interface The page includes the following fields Object Description MAC Address Enter the MAC address that you want to filter VLAN ID The VLAN ID for the entry 96 Static Static User s Manual of FGSW Series 4 8 IGMP Snooping 4 8 1 Theory The Internet Group Management Protocol IGMP lets host and routers share information about multicast groups memberships IGMP snooping is a switch feature tha
49. 0 User s Manual of FGSW Series 802 1Q VLAN modes The default configuration is tag based 802 1Q VLAN In the 802 1Q VLAN initially all ports on the switch belong to default VLAN VID is 1 You cannot delete the default VLAN group in 802 1Q VLAN mode 6 5 2 VLAN Mode Port based Packets can go among only members of the same VLAN group Note all unselected ports are treated as belonging to another single VLAN If the port based VLAN enabled the VLAN tagging is ignored show vlan mode Description Display the current VLAN mode vlan mode Description Change VLAN mode Syntax vlan mode disabled port based dot1q Parameters disabled port based dot1q specifies the VLAN mode Es Change the VLAN mode for every time user have to restart the switch for valid value Note 141 User s Manual of FGSW Series 6 5 3 Advanced 802 1Q VLAN Configuration Ingress filters configuration When a packet was received on a port you can govern the switch to drop it or not if it is an untagged packet Furthermore if the received packet is tagged but not belonging to the same VALN group of the receiving port you can also control the switch to forward or drop the packet The example below configures the switch to drop the packets not belonging to the same VLAN group and forward the packets not containing VLAN tags VLAN Commands show vlan mode Description Display the current VLAN mode vlan mode Description
50. 0 Az TFP Firmware UBOrade ricas idad 50 ALAZ ATIP FMW DON AGG aria 51 AZ 5 Configuration Back sd is 52 A251 TFTP Restore Config ralo iia dal 52 25 2 TETP BACKUP COnuGUI all ON aii isa id a 53 4 2 6 Factory DE UE i cr each ee aera ne cs Seiad 54 ADT OVS EM Re DOOE scxch sencsecassense O A 54 43 Port CONMGUIATION soria a a a T i 55 Ea RRO CONTO eran E E E A A N 55 A ee te OLS irae ene ar ere e ea ee Ae ee een ee ee ee 57 A POTS a USOS AAA 58 Ue ad a 0 tee e O re ren Dee Meee er err er eee see mere A ren epee ne ene Ren reer eee ee 59 AA VIAN COntguUralO Munar dadas 61 AAN LAN OW CIVIC Wes cea a id 61 AA 2 Sialic VEAN CONMIGO oi a io 64 AA O AN is 65 A nn A e area dashes tases 67 AAA VEAN Group CONTIQUFA MON esia da 68 A A A AE RCS 71 AA NO AN areata ah eet a SS a aces dana Soi Sa acess aac oa kana 73 A4 S TOMO PON SENNO AA o PP A 74 AAS QM Tunnel Senda a a cimac doy oaves aaa 75 4 5 Rapid Spanning Tree aiii a ae eee eee 76 AST INC ONY CNO PONE A A aa E Siauaaasdacateencnats 76 ES Paame UCTS ao cps ascidian ane dls nels Ge eaten sus wan ale a Sedna cana es enema eae Pedant ORS 79 A ATI FO ascents eer i eateainen es aeaacn T gen eeee eee acme sae 80 ADA RSIP System ConnguratliN ssp seeen Ne cio 82 E OFLC ORM G UPA OM eanna a EE E E E a 84 User s Manual of FGSW Series AS APIO a 86 40 1 AGUregator Seng aia A a eaaa 87 02 AG Ore ator IMON Malo eto e o E a sde 88 AO S State ACUN onpa a a a a S 92 A T Forwarding and FIt
51. 0 100Mbps full and half duplex mode selection Port Configuration Flow Control disable enable Bandwidth control and broadcast storm filter on each port Display each port s speed duplex mode link status Flow control status Auto Port Status negotiation status Port Based VLAN up to 26 VLAN groups VLAN IEEE 802 1q Tagged Based VLAN 4K VLAN ID up to 256 VLAN groups IEEE 802 1d Spanning Tree Spanning Tree IEEE 802 1w Rapid Spanning Tree Static Port Trunk Link Aggregation IEEE 802 3ad LACP Link Aggregation Control Protocol Supports 13 groups of 8 Port trunk support Traffic classification based on e Port Based priority Quality of Service e 802 1p priority e IP DSCP TOS field in IP Packet v1 and v2 IGMP Snooping 256 multicast groups and IGMP query Bandwidth Control Per port Ingress Egress bandwidth control in steps of128Kbps Port Mirror RX TX Both 802 1x Port Based Network access control Security MAC Limit Static MAC MAC Filtering Access Control List Supports up to 220 rule entries RFC 1157 SNMP MIB RFC 1213 MIB II RFC 1215 Trap RFC 2863 Interface MIB RFC 1493 Bridge MIB RFC 2674 Extended Bridge MIB Q Bridge RFC 1643 Power over Ethernet IEEE 802 3af Power over PoE Standard Ethernet PSE 18 PoE Power output Per Port 48V DC 350mA User s Manual of FGSW Series oouo BME FGSW 2620PVM 190 Watts PoE Power Budget FGSW 2612PVM
52. 0 3 3 1995 Immunity EN 55024 1998 ESD EN 61000 4 2 RS EN 61000 4 3 EFT Burst EN 61000 4 4 Surge EN 61000 4 5 CS EN 61000 4 6 Voltage Disp EN 61000 4 11 Responsible for marking this declaration if the Manufacturer C Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Person responsible for making this declaration Name Surname Kent Kang Position Title Product Manager Taiwan 26th Nov 2006 ic Place Date Legal Singnature
53. 1 to check if the IP address is changed If the IP is successfully configured the Managed Switch will apply the new IP address setting immediately You can access the Web interface of FGSW Managed Switch through the new IP address If you do not familiar with console command or the related parameter enter help anytime in console to get the help description You can change these settings if desired after you log on This management method is often preferred because you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP 129 User s Manual of FGSW Series 5 3 Commands Level The following table lists the CLl commands and description The user commands available at the user level are a subset of those available at the Begin a session Enter logout or switch gt privileged level with your switch quit Use this mode to e Perform basic tests e Display system information The privileged command is the advanced mode Enter the enable Enter disable to Use this mode to command while in exit e Display advanced function User EXEC mode status e Save configuration Enter the configure To ex
54. 1X Configuration 802 1x is an IEEE authentication specification which prevents the client from accessing a wireless access point or wired switch until it provides authority like the user name and password that are verified by an authentication server such as RADIUS server 4 12 1 Understanding IEEE 802 1X Port Based Authentication The IEEE 802 1X standard defines a client server based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN Until the client is authenticated 802 1X access control allows only Extensible Authentication Protocol over LAN EAPOL traffic through the port to which the client is connected After authentication is successful normal traffic can pass through the port This section includes this conceptual information e Device Roles e Authentication Initiation and Message Exchange e Ports in Authorized and Unauthorized States E Device Roles With 802 1X port based authentication the devices in the network have specific roles as shown below f Authentication d server switch RADIUS w OO Workstations k lt 4 E clients _ E Figure 4 12 1 802 1x device role Client the device workstation that requests access to the LAN and switch services and responds t
55. 1X is not enabled or supported on the network access device any EAPOL frames from the client are dropped If the client does not receive an EAP request identity frame after three attempts to start authentication the client transmits frames as if the port is in the authorized state A port in the authorized state effectively means that the client has been successfully authenticated When the client supplies its identity the switch begins its role as the intermediary passing EAP frames between the client and the authentication server until authentication succeeds or fails If the authentication succeeds the switch port becomes authorized The specific exchange of EAP frames depends on the authentication method being used Figure 4 12 2 shows a message exchange initiated by the client using the One Time Password OTP authentication method with a RADIUS server 116 User s Manual of FGSW Series Authentication server 802 1X Switch RADIUS Client FAPOL Siart FAP Request Identity EAP Response Identity RADIUS Access Request EAP Reguest OTP RADIUS Access Challenge EAP Response OTP RADIUS Access Request FAP Success RADIUS Access Accept Port Authorized EAPOL Logoft Port Unauthorized Figure 4 12 2 EAP message exchange a Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network The port starts in the unauthorized state W
56. 21 User s Manual of FGSW Series 4 13 Power Over Ethernet FGSW 2620PVM FGSW 2612PVM Providing up to 24 12 PoE in line power interface the FGSW 2620PVM FGSW 2612PVM PoE Switch can easily build a power central controlled IP phone system IP Camera system AP group for the enterprise For instance 24 12 camera AP can be easily installed around the corner in the company for surveillance demands or build a wireless roaming environment in the office Without the power socket limitation the PoE Switch makes the installation of cameras or WLAN AP more easily and efficiently 4 13 1 Power over Ethernet Powered Device Voice over IP phones Enterprise can install POE VoIP Phone ATA and other Ethernet non Ethernet end devices to the central where UPS is installed MM 3 5 w a for un interrupt power system and power control system Wireless LAN Access Points Museum Sightseeing Airport Hotel Campus Factory Warehouse can install the Access Point any where with no hesitation 6 12 watts IP Surveillance aot Enterprise Museum Campus Hospital Bank can install IP Camera p z without limits of install location no need electrician to install AC 10 12 watts sockets PoE Splitter PoE Splitter split the PoE 48V DC over the Ethernet cable into 5 12V DC j power output It frees the device deployment from restrictions due to i power outlet locations which eliminate the costs for additional AC wiring 3 12 watts and red
57. 4 shows how to attach brackets to one side of the Managed Switch Metas A Corm ica y 20 i 24 Port 10 100 wae A Ty wa aO 2 SL uyo Figure 2 14 Attach brackets to the Managed Switch You must use the screws supplied with the mounting brackets Damage caused to the parts by using incorrect screws would invalidate the warranty Step3 Secure the brackets tightly Step4 Follow the same steps to attach the second bracket to the opposite side Step5 After the brackets are attached to the Managed Switch use suitable screws to securely attach the brackets to the rack as shown in Figure 2 15 Ac DOBBODO A ta e tia Tar O 535638 Pas a k ri yr a ooo 90038 Ba e mo A A a ae gt ABRAS gimna AS y e dl in so A TE Se a AR Line _1 AAA A y A Fe SS e Se i Mn s saa n nm L a Se l A gt Managed a TAS mo r Witel TARA tono ES RA W 3 Figure 2 15 Mounting the Switch in a Rack Step6 Proceeds with the steps 4 and steps 5 of session 2 2 1 Desktop Installation to connect the network cabling and supply power to the Managed Switch 217 User s Manual of FGSW Series 2 2 3 Installing the SFP transceiver The sections describe how to insert an SFP transceiver into an SFP slot The SFP transceivers are hot pluggable and hot swappable You can plug in and out the transceiver to from any SFP port without having to p
58. 7 User s Manual of FGSW Series B Multicast E Receiver idon twant Multicast ldon twan L Switch Transmitter A IPTV Server Router Switch Switch C lt A l Multicast Switch Receiver Idon twant the stream na Sy Multicast Receiver D Figure 4 8 2 Multicast flooding B Multicast Receiver Multicast 54 GMP Snooping Transmitter Switch A IPTV Server Router IGMP Snooping IGMP Snooping Switch Switch i f IGMP Snooping Multicast Switch Receiver Figure 4 8 3 IGMP Snooping multicast stream control Multicast Receiver D 98 User s Manual of FGSW Series IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group IGMP version 1 is defined in RFC 1112 It has a fixed packet size and no optional data The format of an IGMP packet is shown below IGMP Message Format Octets 0 8 16 31 Group Address all zeros if this is a query The IGMP Type codes are shown below Me MS Membership Query if Group Address is 0 0 0 0 Specific Group Membership Query if Group Address is Present MS Membership Report version 2 Leave a Group version 2 HN Membership Report version 1 IGMP packets enable multicast routers to keep track of the membership of multicast groups on their respect
59. Clear all dynamic MAC address table entries mac address table static Description User s Manual of FGSW Series Set static unicast or multicast MAC address If multicast MAC address address beginning with 01 00 5E is supplied the last parameter must be port list Otherwise it must be port id Syntax mac address table static lt mac addr gt lt vlan id gt lt port id port list gt no mac address table static mac addr Description Delete static unicast or multicast MAC address table entries Syntax no mac address table static mac addr lt vlan id gt show mac address table Description Display MAC address table entries Switch config show mac address table MAC Address VLAN Type Source 00 08 B6 00 06 90 1 Dynamic 25 00 40 63 00 65 30 1 Dynamic Trk1 00 03 63 F7 80 7F 1 Dynamic 25 show mac address table static Description Display static MAC address table entries show mac address table multicast Description Display multicast related MAC address table 155 User s Manual of FGSW Series smac address table static Description Set static unicast or multicast MAC address in secondary MAC address table If multicast MAC address address beginning with 01 00 5E is supplied the last parameter must be port list Otherwise it must be port id Syntax smac address table static lt mac
60. DSCP Port Configuration Configure Port TOS DSCP Status Port Number Disable Y TOSIDSCP Port Status TOS DSCP Port Status zp Porte Disable Figure 4 9 6 QoS Configuration TOS DSCP Port Status The table includes the following fields Object Description Port Number Indicate port 1 to port 26 TOS DSCP Status Enable Disable TOS DSCP map to 802 1p priority on specify port 108 User s Manual of FGSW Series 4 10 Access Control List The Access Control List ACL is a concept in computer security used to enforce privilege separation It is a means of determining the appropriate access rights to a given object depending on certain aspects of the process that is making the request principally the process s user identifier Access Control List ACL is a mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted or denied to access the resource The screen in following screen appears Packets can be forwarded or dropped by ACL rules include Ipv4 or non lpv4 The Managed Switch can be used to block packets by maintaining a table of packet fragments indexed by source and destination IP address protocol and so on Packet Type Binding can be selected to ACL for lpv4 or Non Ipv4 Access Control List Any O 1p 0 0 0 0 Mask 205 255 255 255 any O IP 0 0 0 0 Mask 205 255 255 255
61. HIMP COMMUN Viera a a a a il 162 ASA EE AA A A EE 162 SIMP A A dt 162 NOS AMP sra ill 163 SNOW INDIA a 163 CIAIEMP aaa dada 163 VAIN o CHOCO Em A A A E 163 OMD a lc VO a o a a 163 OMO e nie eeenarte curr IES te anya Tonia em eens nie ene een ee eres ie 164 IGMP ross LAN Ne eet 164 IG IMO OG DUG airna samc A A A ca ian iaaunaapeouns 164 User s Manual of FGSW Series SHOW IMD repicar tral ide 164 aMpCle ar Staus UCS aaa 164 0 13802 DEPTO ia 165 A Sica cal ott dias incite a boel au batudot dilate teeta 165 radius Server NOS taa 165 EN nivesan austin bed rtaunelessan buss E E iawn tastes 165 FAGIUS SECVSE NaS nio 165 SHOW FAGIUS SCIVEN AAA sig el ete eee ee aa et nee Meena 165 dotix TIMEOUT gulet period cio cid 166 dotixtImecutbeDenod an a aida 166 AMANECE SUP A o e id 166 dot1x timeout FACIUS S CIV CM cc scsiice sacaanccesseceseas coatastesncsentens iaa 166 oF 0d Bla k bc lt 6 emer amen eee el a eer ne eee eee eee 166 GOUTX TIMEOUT Te aUINDeNlOd 4542 ok eee i BE eee oe ee et ee Bed 167 SOW CO Ga S OE A ES 167 A nee a ere We ee ore ne een eee nr oe Eee pe nee ee eee 167 SNOW DO sia eii en tat me ene Mee ee ee eee en nee 167 G16 ACCESS CONTO Er a 168 6211621 PA ACE COMMAN IS A id daa hel aan 168 o A o A OS 168 nO ac COM rated 168 SNOW GGl eae a a a 168 acl addledit lt 1 220 gt permit deny lt 0 4094 gt ipv4 lt 0 255 gt 0occcccoccnccoccnococnnconcnconnnononnnononenononos 169 acl add ed
62. IE nai debil tios 150 copy running contig flash MD arnan iaa E T A 150 6 8 MAC IMI anna ee oR eS en o 151 A T EE E A AT 151 POMACI a da 151 Mac IMi ay E E E AEA 151 SNOW MACIN a a ida 151 6 9 Port Mirroring ConftigUra lion 152 MIOL DO arsa ia lotto tados 152 SNOW MITO PO did 152 6 TO QUAlIy Of Ser VICO ino a E a E 153 6 10 FOGS CONIU ANON aea aaa atada 153 GOS PON Yoe a a tae oe a E A eae 153 GO 1 oA 5 lerer A ee ee E ate 154 o A 154 610 2 Per POP A AA 154 8 0 191 8 lO a anette meet mn a e A eee ee ene eee 154 6 171 MAC Address ConfiQuration ariadna aca 155 clear mac adaress tale innata A A 155 mac adaress table stalCn anna e cra 155 no mac address table static Mac adOF ooooccconiciconcnncccnncnncnnoncnnnnnnnnnnncnnnnnrnnnnnnnnnnrnnnnnnnnnnnrnronrnnnnoos 155 show mac adaress table E 155 Snow maec adaress table sta O tica ad Do its 155 show mac address table MultiCaSt oooonccconnccconnnconcncnonnnnnnnnononnnnnnnnnnnnnnnnonnnnnnnrnconnrnconarnnonoos 155 smac address table Stalin a 156 SNOW smac address table oocccocnniccoconccoonocononccnannccnannnnnnnnnononononnnnonannnnnnnnnnnnnnnnnnnnnnnnnenananinanos 156 show smac address table multiCast ccoonnncconnnccconncconnconononcnnnconannnnnannnnnnnnnnnnnnnnnnnnnnncinanos 156 o A eieace exeeiee sees 156 SNOW TG ri aida 156 6 12 5TP RSTP COmmanS ssiri aa aiaa 157 AE A E are ie eer eee ean tee eee 157 Spanning tree Torward d Clay sacicriess tice caciul
63. LAN 2 The computer C and D can communicate with each other However the computers in VLAN 1 can not see the computers in VLAN 2 since they belonged to different VLANs IEEE 802 1Q tag based VLANs enable the Ethernet functionality to propagate tagged packets across the bridges and provides a uniform way for creating VLAN within a network then span across the network For egress packet you can choose to tag it or not with the associated VLAN ID of this port For ingress packet you can forward this packet to a specific port as long as it is also in the same VLAN group The 802 1Q VLAN works by using a tag added to the Ethernet packets The tag contains a VLAN Identifier VID which belongs to a specific VLAN group And ports can belong to more than one VLAN The difference between a port based VLAN and a tag based VLAN is that the tag based VLAN truly divided the network into several logically connected LANs Packets rambling around the switches can be forwarded more intelligently In the figure shown below by identifying the tag broadcast packets coming from computer A in VLAN1 at sw1 can be forwarded directly to VLAN1 However the switch could not be so smart in the port based VLAN mechanism Broadcast packets will also be forwarded to port 4 of sw2 It means the port based VLAN can not operate a logical VLAN group among switches The FGSW 2620VM FGSW 2620PVM FGSW 2612PVM FGSW 2624SF support both Port based VLAN and Tag based 14
64. Manufacturer s Name Planet Technology Corp Manufacturer s Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C is herewith confirmed to comply with the requirements set out in the Council Directive on the Approximation of the Laws of the Member States relating to Electromagnetic Compatibility 89 336 EEC 92 3 1 EEC 93 68 EEC For the evaluation regarding the Electromagnetic Compatibility the following standards were applied Emission EN 55022 1994 A1 1995 A2 1997 Class A Harmonic EN 61000 3 2 2000 Class A Flicker EN 61000 3 3 1995 A1 2001 Immunity EN 55024 1998 A1 2001 A2 2003 ESD EN 61000 4 2 2001 RS EN 61000 4 3 2002 A1 2002 EFT Burst EN 61000 4 4 1995 A1 2000 A2 2001 Surge EN 61000 4 5 2001 CS EN 61000 4 6 2001 Magnetic Field EN 61000 4 8 2001 Voltage Disp EN 61000 4 11 2001 Responsible for marking this declaration if the Manufacturer Q Authorized representative established within the EU Authorized representative established within the EU if applicable Company Name Planet Technology Corp Company Address 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Person responsible for making this declaration Name Surname Kent Kang Position Title Product Manager Taiwan 23 Feb 2009 Koerd Ed Place Date Legal Signature PLANET TECHNOLOGY CORPORATION e mail sales planet com tw http www planet com tw 11F No 96 Min Chuan Road
65. Networking 4 Communication a _ Ea PL we de E ra a h p a y gt 2 g ee e mA z as 4 gt el oe A gt 3 P r gt b gt E e N 5 E ee N 7 a a k 4 f f a eee a T a MA D Ni MN a AT gt 2d 4 El f J e A a A lt s gt P fg k d G 4 5 gt P e A 74 up tot gt m J FGSWs2620VM m 24 Port 10 100Mbps 2 Gigabit TP SEP coma Layer 2 Managed Switch y FGSW 2620PVWM X D 24 Port 10 100Mbps 2 Gigabit TP SFP ca ce rs Managed PoE Switch pe i FGSW 2612PVM NN we Ju e i 24 Port 10 100Mbps 2 Gigabit ES 1 eee With 12 Port POE Managed Swi ich vu UA FGSW 2624SF 24 100Base FX SFP Slots 2 Gigabit TRISFP Managed Ethernet Switch User s Manual of FGSW Series Trademarks Copyright PLANET Technology Corp 2009 Contents subject to which revision without prior notice PLANET is a registered trademark of PLANET Technology Corp All other trademarks belong to their respective owners Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications and makes no warranty and representation either implied or expressed with respect to the quality performance merchantability or fitness for a particular purpose PLANET has made every effort to ensure that this User s Manual is accurate PLANET disclaims liability for any inaccuracies or omissions that may have occurred
66. P assistance is not applied If switch A broadcasts a packet to switch B switch B will broadcast it to switch C and switch C will broadcast it to back to switch A and so on The broadcast packet will be passed indefinitely in a loop potentially causing a network failure In this example STP breaks the loop by blocking the connection between switch B and C The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings Now if switch A broadcasts a packet to switch C then switch C will drop the packet at port 2 and the broadcast will end there Setting up STP using values other than the defaults can be complex Therefore you are advised to keep the default factory settings and STP will automatically assign root bridges ports and block loop connections Influencing STP to choose a particular switch as the root bridge using the Priority setting or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is however relatively straight forward 80 User s Manual of FGSW Series LAN IL Portcast 19 oy A Port 3 E Bridge ID 15 gt Port 1 Port 2 4 El gt Portcast 4 Portcast 4 Portcast 4 Portcast 4 4 gt B Cor Bridge ID 30 Bridge ID 20 EA N Port 2 Pot3 lt Portcast 19 gt gt Port 2 Port 3 w E A Y A Portcast 19 Portcast 19 A
67. Parameters lt port list gt specifies the port to be shown Null means all ports The remaining commands in this section are only for system with RSTP rapid spanning tree 802 1w capability no spanning tree debug Description Enable or disable spanning tree debugging information spanning tree protocol version Description Change spanning tree protocol version Syntax spanning tree protocol version lt stp rstp gt Parameters stp specifies the original spanning tree protocol STP 802 1d rstp specifies rapid spanning tree protocol RSTP 802 1w no spanning tree port mcheck Description Force the port to transmit RST BPDUs No format means not force the port to transmit RST BPDUs Syntax no spanning tree port mcheck lt port list gt Parameters lt port list gt specifies the ports to be set Null means all ports no spanning tree port edge port Description Set the port to be edge connection No format means set the port to be non edge connection Syntax no spanning tree port edge port lt port lisi gt Parameters lt port list gt specifies the ports to be set Null means all ports no spanning tree port non stp Description Disable or enable spanning tree protocol on this port 159 Syntax no spanning tree port non stp lt port list gt Parameters lt port list gt specifies the ports to be set Null means all ports spanning tree port point to point mac Description Set
68. PoE support to networked devices is relatively painless it should be realized that power cannot simply be transferred over existing CAT 5 cables Without proper preparation doing so may result in damage to devices that are not designed to support provision of power over their network interfaces The PSE is the manager of the PoE process In the beginning only small voltage level is induced on the port s output till a valid PD is detected during the Detection period The PSE may choose to perform classification to estimate the amount of power to be consumed by this PD After a time controlled start up the PSE begins supplying the 48 VDC level to the PD till it is physically or electrically disconnected Upon disconnection voltage and power shut down Since the PSE is responsible for the PoE process timing it is the one generating the probing signals prior to operating the PD and monitoring the various scenarios that may occur during operation All probing is done using voltage induction and current measurement in return Stages of powering up a PoE link Volts specified Volts managed per 802 3af by chipset Measure whether powered device has the correct signature Detection resistance of 15 33 kO Classification Measure which power level class the resistor indicates 14 5 20 5 12 5 25 0 Startup Where the powered device will startup Normal operation Supply power to device 36 57 25 0 60 0 Line Detection Before power is applied safe
69. TION 7 1 Address Table The Switch is implemented with an address table This address table composed of many entries Each entry is used to store the address information of some node in network including MAC address port no etc This in formation comes from the learning process of Ethernet Switch 7 2 Learning When one packet comes in from any port the Switch will record the source address port no And the other related information in address table This information will be used to decide either forwarding or filtering for future packets 7 3 Forwarding amp Filtering When one packet comes from some port of the Ethernet Switching it will also check the destination address besides the source address learning The Ethernet Switching will lookup the address table for the destination address If not found this packet will be forwarded to all the other ports except the port which this packet comes in And these ports will transmit this packet to the network it connected If found and the destination address is located at different port from this packet comes in the Ethernet Switching will forward this packet to the port where this destination address is located according to the information from address table But if the destination address is located at the same port with this packet comes in then this packet will be filtered Thereby increasing the network throughput and availability 7 4 Store and Forward Store and Forward is one t
70. TP Cable 192 168 0 100 IP Address 192 168 0 x Figure 3 1 Web management You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location just as if you were directly connected to the Managed Switch s console port Web Management requires either Microsoft Internet Explorer 6 0 or later Safari or Mozilla Firefox 2 0 or later FGSW 2620VM 2 4 6 J 10 12 id 16 18 20 22 24 e PLA NET RE LJ LJ Aw E Welcome to PLANET Port Configuration Layer 2 Features FGSW 2620VM Secunty Qos O 24 Port 10 100Mbps 2G TP SFP Combo Managed Switch PLANET Technology Corporation 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528 Email support planet com tw Copyrght 2009 PLANET Technology Corporation All nghts reserved Figure 3 2 Web main screen of Managed Switch 32 User s Manual of FGSW Series 3 4 SNMP Based Network Management You can use an external SNMP based application to configure and manage the Managed Switch such as SNMPc Network Manager HP Openview Network Node Management NNM or What sup Gold This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string This management method in fact uses two community strings the get community string and the set community string If the SNMP Net work management
71. UNIX workstation Because Telnet runs over TCP IP you must have at least one IP address configured on the Managed Switch before you can establish access to it with a virtual terminal protocol Terminal emulation differs from a virtual terminal protocol in that you must connect a terminal directly to the console serial port To access the Managed Switch through a Telnet session l Be Sure of the Managed Switch is configured with an IP address and the Managed Switch is reachable from a PC 2 Start the Telnet program on a PC and connect to the Managed Switch The management interface is exactly the same with RS 232 console management 3 6 2 SNMP Protocol Simple Network Management Protocol SNMP is the standard management protocol for multi vendor IP networks SNMP supports transaction based queries that allow the protocol to format messages and to transmit information between reporting devices and data collection programs SNMP runs on top of the User Datagram Protocol UDP offering a connectionless mode service 3 6 3 Management Architecture All of the management application modules use the same Messaging Application Programming Interface MAPI By unifying management methods with a single MAPI configuration parameters set using one method console port for example are immediately displayable by the other management methods for example SNMP agent of Web browser The management architecture of the switch adheres to the IEEE
72. User s Manual of FGSW Series ip default gateway Description Set the default gateway IP address Syntax ip default gateway lt p addr gt show ip Description Show IP address subnet mask and the default gateway show info Description Show basic information including system info MAC address and versions Switch config show info Model name FGSW 2620VM Description 24 Port 10 100Mbps 2G TP SFP Combo Managed Switch MAC address 00 30 4F 44 55 66 Firmware version 2 08 CLI version 1 07 802 1x disabled IGMP enabled LACP enabled dhcp Description Set switch as dhcp client it can get ip from dhcp server If you set this command the switch will reboot show dhcp Description show dhcp enable disable 149 User s Manual of FGSW Series 6 7 3 Reboot switch boot Description Reboot warm start the switch 6 7 4 Reset to Default erase startup config Description Reset configurations to default factory settings at next boot time 6 7 5 TFTP Update Firmware copy tftp firmware Description Download firmware from TFTP server Syntax copy tftp firmware lt p addr gt lt remote file gt Parameters lt ip addr gt specifies the IP address of the TFTP server lt remote file gt specifies the file to be downloaded from the TFTP server 6 7 6 Restore Configure File copy tftp lt running config flash gt Description Retrieve configuration from the TFTP server I
73. adcast Packets e IP Multicast e Control Packets e Flooded Unicast Multicast Packets Provide Collision Retry Forever function Disable or 16 32 48 collision numbers on Managed Switch If this function is disabled when a packet meet a collision the Managed Switch will retry 6 times before discard the packets Otherwise the Managed Switch will retry until the packet is successfully sent Default value is 16 Provide MAC address table Hashing setting on Managed Switch available options are CRC Hash and Direct Map Default mode is CRC Hash Enable disable 802 1x protocol Press the button to complete the configuration 43 User s Manual of FGSW Series 4 2 2 IP Configuration The Managed Switch is a network device which needs to be assigned an IP address for being identified on the network Users have to decide a means of assigning IP address to the Managed Switch IP address overview What is an IP address Each device such as a computer which participates in an IP network needs a unique address on the network It s similar to having a US mail address so other people have a know way to send you messages An IP address is a four byte number which is usually written in dot notation each of the bytes decimal value is written as a number and the numbers are separated by dots aka periods An example 199 25 123 1 How do get one for this box The IP addresses on most modern corporate nets are assigned b
74. addr gt lt vlan id gt lt port id port list gt show smac address table Description Display secondary MAC address table entries show smac address table multicast Description Display multicast related secondary MAC address table no filter Description Set MAC address filter The packets will be filtered if both of the destination MAC address and the VLAN tag matches the filter entry If the packet does not have a VLAN tag then it matches an entry with VLAN ID 1 Syntax no filter lt mac addr gt lt vlan id gt show filter Description Display filter MAC address table 156 6 12 STP RSTP Commands no spanning tree Description Enable or disable spanning tree spanning tree forward delay Description Set spanning tree forward delay used in seconds Syntax spanning tree forward delay lt 4 30 gt Parameters lt 4 30 gt specifies the forward delay in seconds Default value is 15 a The parameters must enforce the following relationships 2 hello time 1 lt maximum age lt 2 forward delay 1 Note spanning tree hello time Description Set spanning tree hello time in seconds Syntax spanning tree hello time lt 7 10 gt Parameters lt 1 10 gt specifies the hello time in seconds Default value is 2 Es The parameters must enforce the following relationships 2 hello time 1 lt maximum age lt 2 forward delay 1 Note spanning tree maximum ag
75. ant to receive multicast traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service Es Multicast routers use this information along with a multicast routing protocol such as Not DVMRP or PIM to support IP multicasting across the Internet ote 100 User s Manual of FGSW Series 4 8 2 IGMP Configuration The Switch support IP multicast you can enable IGMP protocol on web management s switch setting advanced page then the IGMP snooping information displays IP multicast addresses range are from 224 0 0 0 through 239 255 255 255 IGMP Snooping 239 255 255 250 ECPARRRAR AREA ARA AREA AAA 994 001 004 010 b ddododd 239 004 001 001 ANNA RARA 239 001 001 002 b dododo IGMP Protocol Enable w IGMP fastleave Enable vw IGMP Querier Enable v Figure 4 8 5 IGMP Configuration interface The page includes the following fields Object Description IGMP Protocol Enable or disable the IGMP protocol IGMP Fastleave Enable or disable Fast Leave on the port Enable or disable the IGMP query function The IGMP query information will be IGMP Querier displayed in IGMP status section Fast Leave The Managed Switch can be co
76. asically creating a VLAN within a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch However all the network devices are still plugged into the same switch physically A station can belong to more than one VLAN group VLAN prevents users from accessing network resources of another on the same LAN thus the users can not see the hard disks and printers of another user in the same building VLAN can also increase the network performance by reducing the broadcast traffic and enhance the security of the network by isolating groups The FGSW 2620VM FGSW 2620PVM FGSW 2612PVM FGSW 2624SF support two types of VLANs E Port based a IEEE 802 1Q tag based Only one of the two VLAN types can be enabled at one time Port based VLANs are VLANs where the packet forwarding decision is made based on the destination MAC address and its associated port You must define the outgoing ports allowed for each port when you use port based VLANs In port based VLANs the packets received from one port can only be sent to the ports which are configured to the same VLAN As shown in the following figure the switch administrator configured port 1 2 as VLAN 1 and port 3 4 as VLAN 2 The packets received from port 1 can only be forwarded to port 2 The packets received from port 2 can only be forwarded to port 1 That means the computer A can send packets to computer B and vice versa The same situation also occurred in V
77. at the port is operating at 1000Mbps LNK ACT 1000 Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the Switch is actively sending or receiving data over that port Lit indicate that the port is operating at 100Mbps LNK ACT 100 Off indicate that the port is operating at 10Mbps or 1000Mbps Blink indicate that the Switch is actively sending or receiving data over that port FGSW 2612PVM LED indication 3 PLANET FGSW 2612PVM Figure 2 7 FGSW 2612PVM LED panel m System LED Color Function PWR Green Lights to indicate that the Switch has power Per 10 100Base TX POE interfaces Port 1 to Por 24 Color Function Lights To indicate the link through that port is successfully established LNK ACT Blink To indicate that the Switch is actively sending or receiving data over that port Lights To indicate the port is providing 48VDC in line power Orange Off To indicate the connected device is not a PoE Powered Device PD m Per 10 100 1000Base T port SFP interfaces Color Function Lit indicate that the port is operating at 1000Mbps LNK ACT 1000 Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the Switch is actively sending or receiving data over that port Lit indicate that the port is operating at 100Mbps LNK ACT 100 Off indicate that the port is operating at 10Mbps or 1000Mbps Blink indicate that the Switch is actively sendi
78. be either 1000Base T for 10 100 1000Mbps or 1000Base SX LX through SFP Small Factor Pluggable interface The distance can be extended from 100 meters TP 550 meters Multi mode fiber up to above 10 50 70 120 kilometers Single mode fiber The series Managed Switch boast a high performance switch s architecture that is capable of providing non blocking switch fabric and wire speed throughput as high as 8 8Gbps Its two built in GbE uplink ports also offer incredible extensibility flexibility and connectivity to the Core switches or Servers Power over Ethernet The PoE in line power following the standard IEEE 802 3af makes the FGSW 2620PVM able to power on 24 PoE devices and FGSW 2612PVM ablt to power on 12 POE at the distance up to 100 meters through the 4 pair Cat 5 5e UTP wire Cost effective solution with SNMP monitor for Network deployment Not only for catering to the need of easy WEB based management but also the centralized SNMP application to monitor the status of Switch and traffic per port PLANET releases the cost effective Managed Switch The key features are as below E WEB SSL Telnet 802 1Q Q in Q VLAN Rapid Spanning Tree IGMP Snooping 802 1X Authentication RADIUS Access Control List SNMP and 4 RMON groups 1 3 How to Use This Manual This User Manual is structured as follows Section 2 INSTALLATION The section explains the functions of the Switch and how to physically install the Managed Switch Sec
79. bership packets cannot cross VLAN without a network device performing a routing function between the VLAN The Switch supports Port based VLAN and IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware 64 User s Manual of FGSW Series 4 4 3 Port based VLAN Packets can go among only members of the same VLAN group Note all unselected ports are treated as belonging to another single VLAN If the port based VLAN enabled the VLAN tagging is ignored In order for an end station to send packets to different VLANSs it itself has to be either capable of tagging packets it sends with VLAN tags or attached to a VLAN aware bridge that is capable of classifying and tagging the packet with different VLAN ID based on not only default PVID but also other information about the packet such as the protocol Static VLAN VLAN Operation Mode Port Based VLAN v VLAN Information Figure 4 4 2 Port based VLAN interface m Create a VLAN and add member ports to it Click the hyperlink VLAN Static VLAN to enter the VLAN configuration interface Select Port Based VLAN at the VLAN Operation Mode to enable the port based VLAN function Click Add to create a new VLAN group Then the following Figure 4 4 3 appears Type a name and Group ID for the new VLAN the available range is
80. by the PD during operation Class 0 is the default for PDs However to improve power management at the PSE the PD may opt to provide a signature for Class 1 to 3 The PD is classified based on power The classification of the PD is the maximum power that the PD will draw across all input voltages and operational modes APD shall return Class 0 to 3 in accordance with the maximum power draw as specified by Table 4 13 1 Class Usage Range of maximum power used by the PD o Default 0 44 to 12 95 Watts E Optional 0 44 to 3 84 Watts En Optional 3 84 to 6 49 Watts Optional 6 49 to 12 95 Watts ra Not Allowed Reserved for Future Use Table 4 13 1 Device class Class 4 is defined but is reserved for future use A Class 4 signature cannot be provided by a compliant PD 126 User s Manual of FGSW Series 9 CONSOLE MANAGEMENT The chapter is for model FGSW 2620PVM FGSW 2612PVM only The PLANET FGSW 2620PVM is equipped with a RS 232 DB9 connector as default however the FGSW 2620VM doesn t But both of the two models support telnet management 5 1 Login in the Console Interface To configure the system via console mode connect a serial cable to a COM port on a PC or notebook computer and to RJ 45 type serial console port of the Managed Switch The console port of the Managed Switch is DCE already so that you can connect the console port directly through PC without the need of Null Modem Please refer to chapter 3
81. c authentication Without a secure connection User name f admin e Remember my password Figure 4 1 1 Login screen Default User name admin Default Password admin 3 User s Manual of FGSW Series 1 After entering the username and password the main screen appears as Figure 4 1 2 FGSW 2620VM Q PLANET Networking amp Commenication Home System Welcome to PLANET Port Configuration Layer 2 Features FGSW 2620VM Security 24 Port 10 100Mbps 2G TP SFP Combo QoS Managed Switch PLANET Technology Corporation 11F No 96 Min Chuan Road Hsin Tien Taipei Taiwan R O C Tel 886 2 2219 9518 Fax 886 2 2219 9528 Email support planet com tw Copyright 2009 PLANET Technology Corporation All rights reserved Figure 4 1 2 Web main page 2 The Switch Menu on the left of the Web page let you access all the commands and statistics the Switch provides Now you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides 1 It is recommended to use Internet Explore 6 0 or above to access Managed Switch 2 The changed IP address take effect immediately after click on the Save button you need to use the new IP address to access the Web interface For security reason please change and memorize the new password after this first set
82. cate PD disconnection 184 User s Manual of FGSW Series 9 TROUBLE SHOOTING This chapter contains information to help you solve problems If the Ethernet Switch is not functioning properly make sure the Ethernet Switch was set up according to instructions in this manual MM The Link LED is not lit Solution Check the cable connection and remove duplex mode of the Ethernet Switch Hi Some stations cannot talk to other stations located on the other port Solution Please check the VLAN settings trunk settings or port enabled disabled status Mi Performance is bad Solution Check the full duplex status of the Ethernet Switch If the Ethernet Switch is set to full duplex and the partner is set to half duplex then the performance will be poor Please also check the in out rate of the port E Why the Switch doesn t connect to the network Solution 1 Check the LNK ACT LED on the switch 2 Try another port on the Switch 3 Make sure the cable is installed properly 4 Make sure the cable is the right type 5 Turn off the power After a while turn on power again HM 100Base TX port link LED is lit but the traffic is irregular Solution Check that the attached device is not set to dedicate full duplex Some devices use a physical or software switch to change duplex modes Auto negotiation may not recognize this type of full duplex setting Hi Switch does not power up Solution 1 AC power cord not inserted or faulty 2 Ch
83. cation Configuring the port mirroring by assigning a source port from which to copy all packets and a destination port where those packets will be sent 99 User s Manual of FGSW Series Port Sniffer Figure 4 3 5 Port Sniffer interface The page includes the following fields Object Description Select a sniffer mode e Disable Sniffer Type e Rx e Tx e Both It means Analysis port can be used to see the traffic on another port you want to Analysis Monitoring Port l l monitor You can connect Analysis port to LAN analyzer or netxray The port you want to monitor The monitor port traffic will be copied to Analysis Monitored Port port You can select one monitor ports in the switch User can choose which port that they want to monitor in only one sniffer type When the Mirror Mode set to RX or TX and the Analysis Port be selected the packets to and from the Analysis Port will not be transmitted The Analysis Port will accept only COPPIED packets from the Monitored Port If you want to disable the function you must select monitor port to none 60 User s Manual of FGSW Series 4 4 VLAN configuration 4 4 1 VLAN Overview A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLAN also logically segment the
84. ch Rear Panel The rear panel of the Managed Switch indicates an AC inlet power socket which accepts input power from 100 to 240V AC 50 60Hz Figure 2 9 to Figure 2 12 shows the rear panel of the Switch FGSW 2620VM Rear Panel Figure 2 9 FGSW 2620VM rear panel FGSW 2620PVM Rear Panel POWER ON Figure 2 10 FGSW 2620PVM Switch rear panel FGSW 2612PVM Rear Panel POWER ON Figure 2 11 FGSW 2612PVM Switch rear panel FGSW 2624SF Rear Panel Figure 2 12 FGSW 2624SF Switch rear panel 1 The device is a power required device it means it will not work till it is powered If your networks should active all the time please consider using UPS Uninterrupted Power Supply for your Power Notice device lt will prevent you from network data loss or network downtime 2 In some area installing a surge suppression device may also help to protect your Managed Switch from being damaged by unregulated surge or current to the Switch or the power adapter 25 User s Manual of FGSW Series 2 2 Install the Switch This section describes how to install the Managed Switch and make connections to it Please read the following topics and perform the procedures in the order being presented 2 2 1 Desktop Installation To install the Managed Switch on desktop or shelf please follows these steps Step1 Attach the rubber feet to the recessed areas on the bottom of the Managed Switch Step2 Place the Managed Switch
85. col field you can direct assign number Set this field if Packet Type is IPv4 else ignore Any FTP 21 HTTP 80 Set this field if Packet Type is IPv4 else ignore 0 65535 If TCP port not find in TCP field you can direct assign number Set this field if Packet Type is IPv4 else ignore Any DHCP 67 TFTP 69 NetBios 137 110 Any IPv4 Any Any Uncheck Any Any Any Port Port Id Current List E Non IPv4 ACL User s Manual of FGSW Series Set this field if Packet Type is IPv4 else ignore 0 65535 If UDP port not find in UDP field you can direct assign number Source port id from 1 26 0 means don t care 0 You create ACL and Binding groups In Packet Type Binding box should select lt Non IPv4 Object Group ID Action VLAN Packet Type Ether Type Type Current List E Binding Description Default Vaule 1 247 max 247 ACL group Permit Deny Permit E Permit Permit packet cross switch Deny Drop packet Any VID Any E Any Any VLAN ID m VID 1 4094 A certain VLAN ID IPv4 Non IPv4 Binding IPv4 NH Pv4 Set Ipv4 packet field E Non IPv4 Set non lpv4 packet field E Binding Set binding entry Set this field if Packet Type is Non IPv4 else ignore Any Any ARP 0x0806 IPX 0x8137 Set this field if Packet Type is Non IPv4 else ignore 0 0xFFFF If ether type not find in Ether Type field you can direct assign number Y
86. ction parameters and the status of each port is listed beneath Port Control Rate Control Jumbo Frame 100 Full e Enable vw eee Figure 4 3 1 Port Control interface The page includes the following fields Object Description Use the scroll bar and click on the port number to choose the port to be Port configured s n Current port state The port can be set to disable or enable mode lf the port state ate is set as Disable it will not receive or transmit any packet Auto and Force Being set as Auto the speed and duplex mode are negotiated Negotiation automatically When you set it as Force you have to set the speed and duplex mode manually Snead It is available for selecting when the Negotiation column is set as Force When peed the Negotiation column is set as Auto this column is read only eel It is available for selecting when the Negotiation column is set as Force When uplex the Negotiation column is set as Auto this column is read only Whether or not the receiving node sends feedback to the sending node is determined by this item When enabled once the device exceeds the input data Flow Control rate of another device the receiving device will send a PAUSE frame which halts the transmission of the sender for a specified period of time When disabled the receiving device will drop the packet if too much to process 55 Rate Control Unit 128KBbps Security BSF
87. d fill in the new value mac limit Description Enable MAC limit no mac limit Description Disable MAC limit Mac limit Description Set port MAC limit value O to turn off MAC limit of port Syntax Mac limit lt port list gt lt 1 64 gt show mac limit Description Show MAC limit information including MAC limit enable disable per port MAC limit setting 151 User s Manual of FGSW Series 6 9 Port Mirroring Configuration Port monitoring is a feature to redirect the traffic occurred on every port to a designated monitoring port on the switch With this feature the network administrator can monitor and analyze the traffic on the entire LAN segment In the Managed Switch you can specify one port to be the monitored ports and any single port to be the monitoring port You also can specify the direction of the traffic that you want to monitor After properly configured packets with the specified direction from the monitored ports are forwarded to the monitoring port The default Port Monitoring setting is disabled mirror port Description Set port monitoring information RX only TX only both RX and TX Syntax mirror port lt rx tx both gt lt port id gt lt port list gt Parameters rx specifies monitoring rx only tx specifies monitoring tx only both specifies monitoring both rx and tx lt port id gt specifies the analysis port ID This port receives traffic from all monitored ports lt port
88. der making the entire packet longer by 4 octets All of the information originally contained in the packet is retained 802 1Q Tag VLAN ID VID User Priority 3 bits 1 bits 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Destination Source Ethernet Preamble Address Address Type 6 bytes 6 bytes 4 bytes 2 bytes 46 1517 bytes 4 bytes The Ether Type and VLAN ID are inserted after the MAC source address but before the original Ether Type Length or Logical Link Control Because the packet is now a bit longer than it was originally the Cyclic Redundancy Check CRC must be recalculated 62 User s Manual of FGSW Series Adding an IEEE802 1Q Tag Original Ethernet Dest Addr Src Addr Length E type Old CRC Dest Addr Src Addr E type Tag Length E type Data New CRC New Tagged Packet E Port VLAN ID Packets that are tagged are carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLAN to span network devices and indeed the entire network if all network devices are 802 1Q compliant Every physical port on a switch has a PVID 802 1Q ports are also assigned a PVID for use within the switch If no VLAN are defined on the switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on w
89. divided into three parts Precedence 3 bits TOS 4 bits and MBZ 1 bit The Precedence bits indicate the importance of a packet whereas the TOS bits indicate how the network should make tradeoffs between throughput delay reliability and cost as defined in RFC 1394 The MBZ bit for must be zero is currently unused and is either set to zero or just ignored 0 1 2 3 4 5 6 T co ue Pv4 Packet Header Type of Service Octet The four TOS bits provide 15 different priority values however only five values have a defined meaning DiffServ Code Point DSCP is the traffic prioritization bits within an IP header that are encoded by certain applications and or devices to indicate the level of service required by the packet across a network DSCP are defined in RFC2597 for classifying traffic into different service classes The Managed Switch extracts the codepoint value of the DS field from IPv4 packets and identifies the priority of the incoming IP packets based on the configured priority 4 bit 4 bit 6 bit 2 bit VER 0100 DiffServ VLAN Destination Source Ethernet Type Preamble TAG Address Address 0800 Optional 6 bytes 6 bytes 4 bytes 2 bytes 2 bytes 46 1517 bytes 4 bytes Figure 4 9 4 IPv4 frame format The DSCP is six bits wide allowing coding for up to 64 different forwarding behaviors The DSCP retains backward compatibility with the three precedence bits so that non DSCP compliant TOS enabled devices w
90. e The default is for the Managed Switch to function in Disable mode The Tag Protocol Identifier TPID specifies the ethertype of incoming packets on a tunnel access port e 802 1Q Tag 8100 e vMAN Tag 88A8 Default 802 1Q Tag Check Sets the Port to QinQ mode Or the port operates in its normal VLAN mode Default Un check Check Configures IEEE 802 1Q tunneling QinQ for an uplink port to another device within the service provider network 74 User s Manual of FGSW Series Cancel Configures IEEE 802 1Q tunneling QinQ for a client access port to segregate and preserve customer VLAN IDs for traffic crossing the service provider network 4 4 5 2 Q in Q Tunnel Setting Business customers of service providers often have specific requirements for VLAN IDs and the number of VLANs to be supported The VLAN ranges required by different customers in the same service provider network might overlap and traffic of customers through the infrastructure might be mixed Assigning a unique range of VLAN IDs to each customer would restrict customer configurations and could easily exceed the VLAN limit 4096 of the IEEE 802 1Q specification Using the QinQ feature service providers can use a single VLAN to support customers who have multiple VLANs Customer VLAN IDs are preserved and traffic from different customers is segregated within the service provider network even when they appear to be in the same VLAN Using QinQ expa
91. e Description Set spanning tree maximum age in seconds Syntax spanning tree maximum age lt 6 40 gt Parameters lt 6 40 gt specifies the maximum age in seconds Default value is 20 157 User s Manual of FGSW Series The parameters must enforce the following relationships 2 hello time 1 lt maximum age lt 2 forward delay 1 Note spanning tree priority Description Set spanning tree bridge priority Syntax spanning tree priority lt 0 61440 gt Parameters lt 0 61440 gt specifies the bridge priority The value must be in steps of 4096 spanning tree port path cost Description Set spanning tree port path cost Syntax spanning tree port path cost lt 7 200000000 gt lt port list gt Parameters lt 1 200000000 gt specifies port path cost lt port list gt specifies the ports to be set Null means all ports spanning tree port priority Description Set spanning tree port priority Syntax spanning tree port priority lt 0 240 gt lt port list gt Parameters lt 0 240 gt specifies the port priority The value must be in steps of 16 lt port list gt specifies the ports to be set Null means all ports show spanning tree Description Show spanning tree information show spanning tree port Description Show spanning tree per port information Syntax 158 User s Manual of FGSW Series User s Manual of FGSW Series show spanning tree port lt port list gt
92. e Spare Pins 181 User s Manual of FGSW Series The data pairs are used Since Ethernet pairs are transformer coupled at each end it is possible to apply DC power to the center tap of the isolation transformer without upsetting the data transfer In this mode of operation the pair on pins 3 and 6 and the pair on pins 1 and 2 can be of either polarity POWER SOURCING POWERED DEVICE EQUIPMENT PSE Figure 2 Power Supplied over the Data Pins When to install PoE Consider the following scenarios e You re planning to install the latest VoIP Phone system to minimize cabling building costs when your company moves into new offices next month e The company staff has been clamoring for a wireless access point in the picnic area behind the building so they can work on their laptops through lunch but the cost of electrical power to the outside is not affordable e Management asks for IP Surveillance Cameras and business access systems throughout the facility but they would rather avoid another electrician s payment References IEEE Std 802 3af 2003 Amendment to IEEE Std 802 3 2002 including IEEE Std 802 3ae 2002 2003 Page s 0_1 121 White Paper on Power over Ethernet IEEE802 3af http www poweroverethernet com articles php article_id 52 Microsemi PowerDsine http www microsemi com PowerDsine Linear Tech http www linear com 182 User s Manual of FGSW Series The PoE Provision Process While adding
93. e high speed link lt can be used to increase the bandwidth to some devices to provide a high speed link For example trunk is useful when making connections between switches or connecting servers to the switch Trunk can also provide a redundant link for fault tolerance If one link in the trunk failed the switch can balance the traffic among the remaining links The 10 100 Mbps port cannot be trunked with gigabit port port 25 26 All ports in the same trunk group will be treated as a single port If a trunk group exists the ports belonging to that trunk will be replaced by TRUNK in the VLAN configuration screen The following example configures port 25 26 as TRUNK 1 6 4 1 Trunking Commands show trunks Description Show trunking information Switch config show trunk Group ID LACP Ports LACP Active cra Penn torno ocn 23 24 23 24 trunk add Description Add a new trunk group Syntax trunk add lt trunk id gt lt lacp no lacp gt lt port list gt lt active port list gt Parameters lt trunk id gt specifies the trunk group to be added lacp Description Specifies the added trunk group to be LACP enabled Syntax lacp no lacp specifies the added trunk group to be LACP disabled Parameters lt port list gt specifies the ports to be set lt active port list gt specifies the ports to be set to LACP active 137 no trunk Description Delete an existing trunk group Syntax
94. e is 2 4094 Port Indicate port 1 to port 26 Untag Packets forwarded by the interface are untagged UnTag Member Defines the interface as a tagged member of a VLAN All packets Tag forwarded by the interface are tagged The packets contain VLAN information 6 After setup completed please press Apply button to take effect T Please press Back for return to VLAN configuration screen to add other VLAN group the screen in Figure 4 33 appears 8 If there are many groups that over the limit of one page you can click Next to view other VLAN groups 9 Use Delete button to delete unwanted VLAN 10 Use Edit button to modify existing VLAN group Es Enable 802 1Q VLAN the all ports on the switch belong to default VLAN VID is 1 The default VLAN can t be deleting Note 70 User s Manual of FGSW Series 4 4 4 2 VLAN Filter m 802 1Q VLAN Port Configuration This page is used for configuring the Switch port VLAN The VLAN per Port Configuration page contains fields for managing ports that are part of a VLAN The port default VLAN ID PVID is configured on the VLAN Port Configuration page All untagged packets arriving to the device are tagged by the ports PVID This section provides 802 1Q Ingress Filter of each port from the Switch the screen in Figure 4 4 7 appears static VLAN VLAN Operation Mode 802 70 Tanti Ingress Filtering Rule 1 Forward only packets with VID matching this port s
95. e tidad ais 94 ATT Dynamic MAC Table cidad 94 EZ S Ae MAS Talend a a tain icaiob adie 95 ASMA AMEN a o 96 4 8 IGMP SNOOPINO yaa 97 A a a a a a a e E auteGddan tetas 97 4 8 2 IGMP Configuratio asaue ds 101 4 9 QOS CONTIGUA ION iia 102 AT Understand DOS aia a a a 102 492 OOS GOMNGUIALION di os 103 4 9 2 1 Priority Queue Service SettidgS cccoconnococonnonococonccconnncoconnnnnnnncnnnonannnononcnnnnnnnannnnanons 103 49 22 Q09 Perro COMNGUM AE OM spunii id a a 105 REO SD O ete en eee Re y TO ene ee eee eee eee eee 106 49 31 TOS DSGP Configura ON tdt da bi 107 4 09 32 TOSIDSGP POR Connguratl OM ins di 108 AAG ACCESS CONTO LL SE oia cda 109 AAAMAS Elia camada calada niaa dci S 113 4141 MAC Limit Contigua lOs sata SA ad 113 AEZ MACUL POT Stats a a iii 114 412 802 1X CoOnTguratoON casaca dla bid ca douse tundwassiansdadweuatuneiuaadannetuace 115 4 12 1 Understanding IEEE 802 1X Port Based Authentication oonccconcccconcncconcncnnacononcncnnncnonos 115 AZ 2 SV Stem COMMOUPATION msi las 118 A 12 3802 1x Porn COMMON ATO lado 120 AZ A MISC CONTIG URAL O O aii eG ceases 121 4 13 Power Over Ethernet FGSW 2620PVM FGSW 2612PVM ceeeeeeeeeeeesesseeneseeeeeeeeeeeees 122 4 13 1 Power over Ethernet Powered Device ccccsssccesseserenaseerenssserescaserensanerseteuserenssseressasenens 122 A322 POWGT ian AG CINNOM NE dais E a 123 5 CONSOLE MANAGEMEN Posa 127 5 1 Login in the Console Interface inic
96. ecified groups El Automatically reconfigures the spanning tree to compensate for the failure addition or removal of any element in the tree m Reconfigures the spanning tree without operator intervention Bridge Protocol Data Units For STP to arrive at a stable network topology the following information is used mE The unique switch identifier a The path cost to the root associated with each switch port E The port identifier STP communicates between switches on the network using Bridge Protocol Data Units BPDUs Each BPDU contains the following information a The unique identifier of the switch that the transmitting switch currently believes is the root switch a The path cost to the root from the transmitting port 76 User s Manual of FGSW Series E The port identifier of the transmitting port The switch sends BPDUs to communicate and construct the spanning tree topology All switches connected to the LAN on which the packet is transmitted will receive the BPDU BPDUs are not directly forwarded by the switch but the receiving switch uses the information in the frame to calculate a BPDU and if the topology changes initiates a BPDU transmission The communication between switches via BPDUs results in the following o One switch is elected as the root switch a The shortest distance to the root switch is calculated for each switch E A designated switch is selected This is the switch closest to the root switch through wh
97. eck that the AC power cord is inserted correctly 3 Replace the power cord If the cord is inserted correctly check that the AC power source is working by connecting a different device in place of the switch 4 If that device works refer to the next step 5 If that device does not work check the AC power 185 User s Manual of FGSW Series NW While IP Address be changed or forgotten admin password To reset the IP address to the default IP Address 192 168 0 100 or reset the password to default value Press the hardware reset button at the front panel about 10 seconds After the device is rebooted you can login the management WEB interface within the same subnet of 192 168 0 xx i i 1 i s a ul EAL i 1 4 wr Aj FUSW 2620VM RI 3 Reset 186 User s Manual of FGSW Series Appendix A RJ 45 Pin Assignment A 1 Switch s RJ 45 Pin Assignments 1000Mbps 1000Base T Contact 1 2 MDI Bl_DA BI_DA Bl_DB Bl_DC BI_DC BI_DB Bl_DD BI_DD MDI X Bl_DB BI_DB Bl_DA BI_DD BI_DD BI_DA BI_DC BI_DC Implicit implementation of the crossover function within a twisted pair cable or at a wiring panel while not expressly forbidden is beyond the scope of this standard A 2 10 100Mbps 10 100Base TX When connecting your 10 100Mbps Ethernet Switch to another switch a bridge or a hub a straight or crossover cable is necessary Each port of the Switch supports a
98. er Improve performance for specific types of traffic and preserve performance as the amount of traffic grows Reduce the need to constantly add bandwidth to the network Manage network congestion The QoS page of the Switch contains three types of QOS mode the CoS mode TOS mode or Port based mode can be selected Both the three mode rely on predefined fields within the packet to determine the output queue CoS 802 1p Tag Priority Mode The output queue assignment is determined by the IEEE 802 1p VLAN priority tag TOS DSCP Mode The output queue assignment is determined by the TOS or DSCP field in the IP packets Port Based Priority Mode Any packet received from the specify high priority port will treated as a high priority packet 102 User s Manual of FGSW Series 4 9 2 QoS Configuration QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems When CoS 802 1p Tag Priority is applied the Switch recognizes 802 10 VLAN tag packets and extracts the VLAN tagged packets with User Priority value 802 1Q Tag and 802 1p priority VLAN ID VID 3 bits 12 bits 1 bits TPID Tag Protocol TCI Tag Control Identifier Information Destination Source Ethernet Preamble Heke Data FCS Address Address Type 6 bytes 6 bytes 4 bytes 2 bytes 46 1517 bytes 4 bytes Figure 4 9 1 802 1p Tag Priority Set up the COS pri
99. er s Manual of FGSW Series 609 2 VLAN MOde POr DASE urease riada llo cial 141 SnowVan Mode still 141 O 141 6 5 3 Advanced 802 10 VLAN Configuration visit 142 SHOW Wall Mode scan 142 van MOOS narra DSi 142 ci EEE EET BE EE E E A E EE EE E E ETE Usui 142 NOM das 143 SNOW Manara iO 143 SHOW WIA Stalin a e 144 showvlan A e e e 144 Els Mii E eo E O nausea ca uscedacee 145 SOW Wan IET mieia a ad 145 0 6 MiSc Gontigura ON asno eMes 147 NO Mac age ic cando 147 show MACs AGS IME ais nied Siva anda ab 147 ACS AA Po o E esate aa sae sae TL 147 Droaacas Selena laa 147 OMNIS IO TSE GUY oe siecle ew a lps ad ras a a a a a a a a 147 6 7 Administration CoOntigUra OM iaa an tudegsd tease danceceneammecaiaaesauamadeasesadeewunines 148 6 7 1 Change Username PassWord sonda dad ii 148 NOS MAME A AS ane aanie 148 NO MOS INAMNG ta e A AI idea 148 AS A A cma E 148 NAAA indie tees inns eae oR easels 148 NO AC ONC SS naa acai cutest cia ee e gts as ence eee 148 ip A O 149 nn Ss acetate Oh RR areca Uh ae oh ares 149 SNOW IO la 149 EAE e PAE ne EE Set NPS ere eee PIC se ee E A ee A ee ee eee See 149 SNOW ONOI minas O ee 149 6 7 3 REDOOL SWC ascii 150 DOOL cann a a a hacen TeA 150 A o A a a a eee re eee reer eer een 150 grase Samu COMMG eee aii 150 6 9 TFIIF Update FIA AS O ente 150 User s Manual of FGSW Series COPY MOMIA e a el a e ee ELO 150 0 10 Restore Configure Fl ais 150 copy tp TUMniINg contIg ash oi 150 6 7 7 Backup Configure F
100. et port priority for the POE power management It can choose the port priority value is E Critical m High E Low High priority is Critical Device class Class 0 is the default for PDs However to improve power management at the PSE the PD may opt to provide a signature for Class 1 to 3 The PD is classified based on power The classification of the PD is the maximum power that the PD will draw across all input voltages and operational modes APD shall return Class 0 to 3 in accordance with the maximum power draw as specified by Table 4 1 Current mA It shows the PoE device current Amp Consumption W It shows the PoE device current watt Power Limit It can limit the port PoE supply watts Per port maximum value must less 15 4 total ports values must less than the Power Reservation value Once power overload detected the port will auto shut down and keep on detection mode until PD s power consumption lower than the power limit value 124 User s Manual of FGSW Series aA For FGSW 2620PVM the total POE power reservation from Port 1 24 is up to 190W ZA For FGSW 2612PVM the total PoE power reservation from Port 1 12 is up to 110W Note 125 User s Manual of FGSW Series a PD Classifications APD may be classified by the PSE based on the classification information provided by the PD The intent of PD classification is to provide information about the maximum power required
101. etween turning off and turning on port for flooding CPU port O disable Broadcast Storm Filter Mode OFF v Broadcast Storm Filter Packet select _ Broadcast Packets IP Multicast O Control Packets Flooded Unicast Multicast Packets Collisions Retry Forever Disable Hash Algorithm CRC Hash w IP MAC Binding Disable v 802 1x Protocol Disable v J oetaur Het Figure 4 2 2 Switch Misc Config screenshot The page includes the following fields Object Description Type the number of seconds that an inactive MAC address remains in the MAC Address Age out switch s address table The value is a multiple of 6 Time Default is 300 seconds Broadcast Storm Filter To configure broadcast storm control enable it and set the upper threshold for 42 Mode Broadcast Storm Filter Packets Select Collision Retry Forever Hash Algorithm 802 1x protocol Apply button User s Manual of FGSW Series individual ports The threshold is the percentage of the port s total bandwidth used by broadcast traffic When broadcast traffic for a port rises above the threshold you set broadcast storm control becomes active The valid threshold values are 1 2 1 4 1 8 1 16 and OFF Default is OFF To select broadcast storm Filter Packets type If no packets type by selected mean can not filter any packets The Broadcast Storm Filter Mode will show OFF The selectable items as below e Bro
102. f the remote file is the text file of CLI commands use the keyword running config If the remote file is the configuration flash image of the switch instead use the keyword flash Syntax copy tftp lt running config flash gt lt p addr gt lt remote file gt Parameters lt ip addr gt specifies the IP address of the TFTP server lt remote file gt specifies the file to be downloaded from the TFTP server 6 7 Backup Configure File copy lt running config flash gt tftp Description Send configuration to the TFTP server If you want to save the configuration in a text file of CLI commands use the 150 User s Manual of FGSW Series keywordrunning config If you want to save the configuration flash image instead use the keyword flash Syntax copy lt running config flash gt tftp lt ip addr gt lt remote file gt Parameters lt ip addr gt specifies the IP address of the TFTP server 6 8 MAC limit MAC limit allows users to set a maximum number of MAC addresses to be stored in the MAC address table The MAC addresses chosen to be stored in MAC address table is the result of first come first save policy Once a MAC address is stored in the MAC address table it stays in until it is aged out When an opening is available the switch stored the first new MAC address it sees in that opening All packets from MAC addresses not in the MAC address table should be blocked User can configure the MAC limit setting an
103. fies the IP protocol O means don t care A B C D specifies the Source IP address 0 0 0 0 means don t care A B C D specifies the Mask 0 0 0 0 means don t care 255 255 255 255 means compare all A B C D specifies the Destination IP Address 0 0 0 0 means don t care A B C D specifies the Mask 0 0 0 0 means don t care 255 255 255 255 means compare all check unCheck specifies the IP Fragment check Check IP fragment field unCheck Not check IP fragment field lt 0 65535 gt specifies the Destination port number if TCP or UDP 0 means don t care lt 0 26 gt specifies the Port id O means don t care This ACL rule will drop all packet from IP is 192 168 1 1 with VLAN id 1 and IPv4 acl addledit lt 1 220 gt qosvoip lt 0 4094 gt Description Add or edit ACL group for Ipv4 Syntax acl add edit lt 1 220 gt qosvoip lt 0 4094 gt lt 0 7 gt lt 0 1F gt lt 0 1F gt lt 0 FF gt lt 0 FF gt lt 0 FFFF gt lt 0 FFFF gt lt 0 FFFF gt lt 0 FFFF gt Parameters add edit specifies the operation lt 1 220 gt specifies the group id qosvoip specifies the action do qos voip packet adjustment lt 0 4094 gt specifies the VLAN id O means don t care lt 0 1F gt specifies the port ID value lt 0 1F gt specifies the port ID mask 169 User s Manual of FGSW Series lt 0 FF gt specifies the protocol value lt 0 FF gt specifies the protocol mask lt 0 FFFF gt specifies the source port value lt 0 FFFF gt s
104. he Switch have built in Auto negotiation This technology automatically sets the best possible bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of both 10Base T and 100Base TX devices can connect with the port in either Half or Full Duplex mode 179 User s Manual of FGSW Series If attached device is 100Base TX port will set to 10Mbps no auto negotiation 10Mbps 100Mbps no auto negotiation 100Mbps 10Mbps with auto negotiation 10 20Mbps 10Base T Full Duplex 100Mbps with auto negotiation 100 200Mbps 100Base TX Full Duplex 180 User s Manual of FGSW Series 8 POWER OVER ETHERNET OVERVIEW What is PoE Based on the global standard IEEE 802 3af PoE is a technology for wired Ethernet the most widely installed local area network technology adopted today PoE allows the electrical power necessary for the operation of each end device to be carried by data cables rather than by separate power cords New network applications such as IP Cameras VoIP Phones and Wireless Networking can help enterprises improve productivity It minimizes wires that must be used to install the network for offering lower cost and less power failures IEEE802 3af also called Data Terminal equipment DTE power via Media dependent interface MDI is an international standard to define the transm
105. hich they were received Forwarding decisions are based upon this PVID in so far as VLAN are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets are also assigned a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVID within the switch to VID on the network The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VID are different the switch will drop the packet Because of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can have only one PVID but can have as many VID as the switch has memory in its VLAN table to store them Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged E Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the default As new VLAN are configured in Port based mode their respective member
106. hile in this state the port disallows all ingress and egress traffic except for 802 1X protocol packets When a client is successfully authenticated the port transitions to the authorized state allowing all traffic for the client to flow normally If a client that does not support 802 1X is connected to an unauthorized 802 1X port the switch requests the client s identity In this situation the client does not respond to the request the port remains in the unauthorized state and the client is not granted access to the network In contrast when an 802 1X enabled client connects to a port that is not running the 802 1X protocol the client initiates the authentication process by sending the EAPOL start frame When no response is received the client sends the request for a fixed number of times Because no response is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes to authorized and all frames from the authenticated client are allowed through the port If the authentication fails the port remains in the unauthorized state but authentication can be retried If the authentication server cannot be reached the switch can retransmit the request If no response is received from the server after the specified number of attempts authentication fails and network access is not granted
107. ich packets will be forwarded to the root E A port for each switch is selected This is the port providing the best path from the switch to the root switch E Ports included in the STP are selected Creating a Stable STP Topology It is to make the root port a fastest link If all switches have STP enabled with default settings the switch with the lowest MAC address in the network will become the root switch By increasing the priority lowering the priority number of the best switch STP can be forced to select the best switch as the root switch When STP is enabled using the default parameters the path between source and destination stations in a switched network might not be ideal For instance connecting higher speed links to a port that has a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pass through a network This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops Ports must wait for new network topology information to propagate throughout the network before starting to forward packets They must also wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology The forward delay timer is used to allow the network topology to stabilize after a topology change In addition STP specifies a series of states a po
108. igure PoE System poe limit mode Description Configure System PoE power limit mode information Command Level Global Configuration Syntax poe limit mode Port Priority Total Limit no poe limit mode Parameters lt Port Priority gt Deliver PoE power by port priority setting lt Total Limit gt Set limit value of the total POE port provided power to the PDs no poe limit mode No Limit Example Switch config poe limit mode port priority Switch config show poe Maximum Available Power 190Watts System Operation Status on PoE Power Consumption 55 watts Usage Threshold 21 PoE Power limit mode Port Priority Switch config no poe limit mode Switch config show poe 175 Maximum Available Power 190Watts System Operation Status On PoE Power Consumption 55 watts Usage Threshold 21 PoE Power limit mode No Limit User s Manual of FGSW Series 6 18 4 Configure PoE Port poe enable Description Enabling or disabling the port POE injects function Command Level Global Configuration Syntax poe enable lt port list gt no poe enable lt porft list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set Example Switch config poe enable 1 Switch config show poe status 1 Oper Priority Power Limit W Switch config no poe enable 1 Switch config show poe status 1 Admin Oper Priority Power
109. ill not conflict with the DSCP mapping Based on network policies different kinds of traffic can be marked for different kinds of forwarding 106 User s Manual of FGSW Series 4 9 3 1 TOS DSCP Configuration The TOS DSCP page provides fields for defining output queue to specific DSCP fields When TCP IP s TOS DSCP mode is applied the Managed Switch recognizes TCP IP Differentiated Service Codepoint DSCP priority information from the DS field defined in RFC2474 Enable TOS DSCP for traffic classification and then the DSCP to priority mapping column is configurable as the Figure 4 9 5 shows TOS DSCP 4 F apely Help EC 0 dee Ls Figure 4 9 5 QoS Configuration TOS Priority The page includes the following fields Object Description Enable Disable internal traffic class 0 7 to map the corresponding IP DSCP TOS DSCP value The values of the IP DSCP header field within the incoming packet DSCP 0 63 Specify which 802 1p priority to map the corresponding IP DSCP Priority The value is 0 7 107 User s Manual of FGSW Series 4 9 3 2 TOS DSCP Port Configuration Set up IP TOS DSCP mapping to 802 1p priority when receiving IPv4 IPv6 packets the Managed Switch allow to by port configuring the QoS Status This TOS DSCP Port Configuration page is to configure the IP TOS DSCP mapping on the port and display the current port status The screen in Figure 4 9 6 appears TOS DSCP TOS
110. ilter packet type El Unicast Multicast Flood unicast multicast filter E Control Packets Control packets filter IP multicast P multicast packets filter a Broadcast Packets Broadcast Packets filter Syntax broadcast select lt unicast multicast control packet ip multicast broadcast gt Collision Retry Description Collision Retry setting Syntax Collision Retry lt off 16 32 48 gt Parameters 147 User s Manual of FGSW Series 16132148 In Half Duplex collision retry maximum is 16132148 times and packet will be dropped if collisions still happen Disable In Half Duplex if happen collision will retry forever Default 6 7 Administration Configuration 6 7 1 Change Username Password hostname Description Set switch name Syntax hostname lt name str gt Parameters lt name str gt specifies the switch name If you would like to have spaces within the name use quotes around the name no hostname Reset the switch name to factory default setting no password Description Set or remove username and password for manager or operator Syntax no password lt manager operator all gt Parameters The manager username and password is also used by the web UI 6 7 2 IP Configuration User can configure the IP setting and fill in the new value ip address Description Set IP address and subnet mask Syntax ip address lt ip addr gt lt ip mask gt 148
111. in the learning and listening states waiting for a BPDU that may return the port to the blocking state The following are the user configurable STP parameters for the port or port group level Variable Description On the switch level STP calculates the Bridge Identifier for each switch and then sets the Root Default Value 32768 MAC 32768 2 seconds 20 seconds 15 seconds Default Value Port Priority A relative priority for each 128 port lower numbers give a higher priority and a greater chance of a given port being elected as the root port 79 User s Manual of FGSW Series Port Cost A value used by STP to evaluate paths 200 000 100Mbps Fast Ethernet ports STP calculates path costs and selects the 20 000 1000Mbps Gigabit Ethernet path with the minimum cost as the active ports path O Auto Default Spanning Tree Configuration Feature Default Value Enable state STP disabled for all ports Port priority 128 Port cost 0 Bridge Priority 32 768 The Hello Time cannot be longer than the Max Age Otherwise a configuration error will occur Note Observe the following formulas when setting the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second 4 5 3 Illustration of STP A simple illustration of three switches connected in a loop is depicted in the below diagram In this example you can anticipate some major network problems if the ST
112. io aiii 127 5 2 COntigure IP addres Serna NA o do 128 99 COMMANGS Level odias 130 6 COMMAND EINEINTERFAC Escrita 131 User s Manual of FGSW Series 0 1Operatloni Noe uta 131 6 2 System COMMANGS miracle 132 STG WaT e Ola lezen etat eee actrees aricende aruety a a A ees 132 copy FUAMING CONfG startup COn scsi dolida 132 erase stantUb coOnTd Aaa 132 A bectecaal a ae acaanaees sabes A 132 A a teats cia dain icene E eaaent tate een eo tent nad amen Geena et 132 O aaa iain 132 6 3 Switch Static Configuration 133 6 3 1 Port Configuration and SNOW status si i a in doi 133 DOM Staten O Gina 133 OMG 6 0 0 SOPRANO 133 DOr PL a oa 133 POUM a O o 133 DOT atentar tot NE aid 134 ORE MOP WY iii 134 DON IIA a NS acetates secrets a sweeter eat dane ches acetete tea E suena 134 SNOW OM SIA lUS seein ech es pete vase te ied dl ll ol Nemes 134 SNOW DOM SlALISUICS casks ei desu eae e dd 135 SNOW PON Dr Ole cion tesoro de aa eee ias 136 6 4 TrUnKCONTIquratO Nacida daa ad 137 6 41 Trunking Comman ds aiii 137 SNOW TUNK Sassi A a aa a a a aa a dado 137 A E EEE E E A SE E E E E E 137 A a e eee nee eee 137 A A ha tetiv Qaida a nitive taaaia a E Maen 138 FEZ EAPC On ANG aaa 138 Feo laca a o Re en ee eee re eee 138 lacp system priority cria A A i 138 no ac Ste MONO tr E A AA AAA 138 A A 138 NA o o A A eee eeeceeemeet 138 SNOW lacada A AS 139 A iee ee 139 6 5 VEAN CONTIQUA MOM a 140 601 Mita LANSs pa 140 Us
113. ission for power over Ethernet The 802 3af is delivering 48V power over RJ 45 wiring Besides 802 3af also define two types of source equipment Mid Span and End Span a Mid Span Mid Span device is placed between legacy switch and the powered device Mid Span is tap the unused wire pairs 4 5 and 7 8 to carry power the other four is for data transmit a End Span End Span device is direct connecting with power device End Span could also tap the wire 1 2 and 3 6 PoE System Architecture The specification of PoE typically requires two devices the Powered Source Equipment PSE and the Powered Device PD The PSE is either an End Span or a Mid Span while the PD is a PoE enabled terminal such as IP Phones Wireless LAN etc Power can be delivered over data pairs or spare pairs of standard CAT 5 cabling How Power is Transferred Through the Cable A standard CAT5 Ethernet cable has four twisted pairs but only two of these are used for 1OBASE T and 100BASE T The specification allows two options for using these cables for power shown in Figure 2 and Figure 3 The spare pairs are used Figure 2 shows the pair on pins 4 and 5 connected together and forming the positive supply and the pair on pins 7 and 8 connected and forming the negative supply In fact a late change to the spec allows either polarity to be used POWER SOURCING POWERED DEVICE EQUIPMENT PSE PD a SIGNAL PAIR SPARE PAIA Figure 1 Power Supplied over th
114. it lt 1 220 gt qosvoip DADA gt ccooocccccccononnncccnononoonnncnncnnnnnnnnnnncnononnnnnnnnannnnnnnnnnnnnnnnnns 169 6 16 2 Non lpv4 AGL COM MS o e ee 170 acl addledit lt 1 220 gt permit deny lt 0 4094 gt nonipv4 lt 0 65535 gt ccooccccnccnccoccncconnnoconcncononononos 170 617 acl ale tia da 171 6 17 1 SIPISMACG Binding COMMaNGS vccsitete aes eatin Ae O haat 171 Aro Pen Pue tam EAE E E A SE E NEE EEE 171 VOI A a a A a maaan eeceeneaa 171 RO DINO PA E E a ee ccnaee na one aerenecitemianeee erate 171 SNOW DING AAA a a nee err ee rene remem ener erry 171 o Peete mete teeters Ny ee ee Ne gen treme re ree mre nC re oe ee eee ee eee 171 6 18 Power over Ethernet Commands PLANET FGSW 2620PVM FGSW 2612PVM 173 6 16 1 Disblay System POE Status nia adds 173 SNOW POE oo 173 User s Manual of FGSW Series SNOW POS SAUS e e e ed 173 6 18 2 Configure PoE Over Temperature Protection cccoooccococonoccconcnnnononnncononcononnnnonnnnannnnnnnns 174 poe temperature protection enable ooocccoccccocnoconnoconocononoonnonononononnnnnonannonannnnnnonanennnnenanoss 174 6 16 3 Configure POE SM leed e 175 DOS IM MOI 175 6 16 4 Configure POE Po uta 176 DOC ENADE APRA PO OO o nn A comet data 176 DOS PIN dl e O o eee 177 POS MAMA Ii 177 TsO VUE GH OPERATION ope 179 FA PAGONESS Tabler i iii a a a calado ciedad 179 DZ CALI Dt a 179 TS F orwardihg amp Fiering saeni E iaoiaia 179 FA StO
115. it to Use this mode to configure command while in privileged EXEC those parameters that are switch config privileged EXEC mode enter exit going to be applied to your mode or end switch 130 User s Manual of FGSW Series 6 COMMAND LINE INTERFACE 6 1 Operation Notice To enter the configuration mode you need to be in the privileged mode and then types in the command configure Switch configure Switch config 6 1 1 Command Line Editing Keys Function ME ME ME Ooo The following generic function keys provide functions in all of the menus 131 User s Manual of FGSW Series 6 1 2 Command Help You may enter at any command mode and the CLI will return possible commands at that point along with some description of 6 2 System Commands show running config Description Display the running configuration of the switch copy running config startup config Description Backup the switch configurations erase startup config Description Reset to default factory settings at next boot time clear arp Description lt ip addr gt specifies the IP address to be cleared If no IP address is entered the entire ARP cache is cleared show arp Description Show the IP ARP translation table ping Description Send ICMP ECHO REQUEST to network hosts Parameters lt 1 999 gt specifies the number of repetitions If not entered it will continue to ping until you pre
116. itches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Some relevant terms Tagging The act of putting 802 1Q VLAN information into the header of a packet Untagging The act of stripping 802 1Q VLAN information out of the packet header m 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in the Ether Type field When a packet s Ether Type field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLAN can be identified The tag is inserted into the packet hea
117. ive sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sends an IGMP report to join a group A host will never send a report when it wants to leave a group for version 1 A host will send a leave report when it wants to leave a group for version 2 Multicast routers send IGMP queries to the all hosts group address 224 0 0 1 periodically to see whether any group members exist on their sub networks If there is no response from a particular group the router assumes that there are no group members on the network The Time to Live TTL field of query messages is set to 1 so that the queries will not be forwarded to other sub networks IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN an explicit leave message and query messages that are specific to a given group 99 User s Manual of FGSW Series The states a computer will go through to join or to leave a multicast group are shown below Non Member Leave Group Leave Grou Stop Timer Join Group Send Report Start Timer a D c Sern Timer J Delaying Member Idle Member Report Received Stop Timer C y Timer Expried S p Send report Figure 4 8 4 IGMP State Transitions E IGMP Querier A router or multicast enabled switch can periodically ask their hosts if they w
118. le aliG F OFW al G inaani aE DOAA ERARA RAE SE ai dra 179 7295 AUtO NCg Ola lO Nc A aT 179 8 POWER OVER ETHERNET OVERVIEW c ssscsscsessssessssesesesssessssssstsssensteseeeseenees 181 Whats POE nta nl 181 TNE POE ProVISION POCOS S cirios AO IO ARRE 183 Stages Of Powering Upa POE Ink as 183 ENS Detection 183 CLAS SIMIC ato Desolaia 183 AM iii DiaA 184 OPEN e ed DA O AA A Le 184 Power Disconnection SCOMANOS cia dci 184 9 TROUBLE SHOOT N Gossciorsna sa 185 APPENDIX A RJ 45 PIN ASSIGNMENT cccscccceseesneeeeeceeseneseeeseeeeeeneseneseeeenes 187 A 1 Switch s RJ 45 Pin Assignments csccccsessececseneeecessesecenseeeceesseesoenseeenenseesooesssesoensessoaneseesoanes 187 AZ 10OMOOMBGS 10 100 Bas Osi iii a 187 APPENDIX B HOW TO IDENTIFY THE HARDWARE VERSION 00 189 11 User s Manual of FGSW Series 1 Introduction The PLANET Layer 2 Managed Switch series FGSW 2620VM FGSW 2620PVM FGSW 2612PVM and FGSW 2624SF are multiple 10 100Mbps ports Ethernet Switched with Gigabit TP SFP fiber optical combo connective ability and robust layer 2 features the description of these models as below 24 Port 10 100Base TX 2 Port Gigabit TP SFP Combo Managed Switch 24 Port 10 100Base TX 2 Port Gigabit TP SFP Managed PoE Switch 24 Port 10 100Base TX 2 Port Gigabit TP SFP Witch 12 Port PoE Managed Switch ESPE 24 100Base FX SFP Slots 2 Port Gigabit TP SFP Managed Switch Terms of
119. le into the SFP transceiver Connect the other end of the cable to a device switches with SFP installed fiber NIC on a workstation or a Media Converter Check the LNK ACT LED of the SFP slot on the front of the Switch Ensure that the SFP transceiver is operating correctly Check the Link mode of the SFP port if the link failed Co works with some fiber NICs or Media Converters set the Link mode to 1000 Force is needed Remove the transceiver module ls Make sure there is no network activity by consult or check with the network administrator Or through the management interface of the switch converter if available to disable the port in advance Remove the Fiber Optic Cable gently Turn the handle of the MGB module to horizontal Pull out the module gently through the handle 4 ey MGB SX LX Figure 2 17 Pull out the SFP transceiver Never pull out the module without pull the handle or the push bolts on the module Direct pull out the module with violent could damage the module and SFP module slot of the Managed Switch 29 User s Manual of FGSW Series 3 SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch It describes the types of management applications and the communication and management protocols that deliver data between your management device work station or personal computer and the system It also contains information
120. letely 2 1 Hardware Description 2 1 1 Switch Front Panel The unit front panel provides a simple interface monitoring the switch Figure 2 1 to 2 4 shows the front panel of the Managed Switches FGSW 2620VM Front Panel p PLANET 24 Port 10 100Mbps 2 Gigabit Managed Ethernet Switch FE HT FGSW 2620VN Figure 2 1 FGSW 2620VM front panel FGSW 2620PVM Front Panel 3 PLANET rial cnet 24 2G Managed POE Switch ee EHH EEE HEH rE HTE Figure 2 2 FGSW 2620PVM Switch front panel FGSW 2612PVM Front Panel VEEP eRT UAT 2 Port PoE NENE ce ed O wG mf Figure 2 3 FGSW 2612PVM Switch front panel FGSW 2624SF Front Panel CD PLANET s z uo Le da a A re 24 Port 100Base SFP 2 Gigabit Managed Switch MIUI A O den 26 Ed o M Figure 2 4 FGSW 2624SF Switch front panel 10 100Mbps TP Interface FGSW 2620VM FGSW 2620PVM FGSW 2612PVM Port 1 Port 24 10 100Base TX Copper RJ 45 Twist Pair Up to 100 meters 20 User s Manual of FGSW Series Mi Gigabit TP Interface Port 25 Port 26 10 100 1000Base T Copper RJ 45 Twist Pair Up to 100 meters M Gigabit SFP Slots Port 25 Port 26 1000Base SX LX mini GBIC slot SFP Small Factor Pluggable transceiver module From 550 meters Multi mode fiber up to 10 30 50 70 120 kilometers Single mode fiber Mi Console Port FGSW 2620PVM FGSW 2612PVM Only The console port is a DB9
121. lient is enabled the current IP will lose and user should find the new IP on the DHCP server Assign the IP address that the network is using If DHCP client function is enabled this switch is configured as a DHCP client The network DHCP server will assign the IP address to the switch and display it in this column The default IP is 192 168 0 100 or the user has to assign an IP address manually when DHCP Client is disabled Assign the subnet mask to the IP address If DHCP client function is disabled the user has to assign the subnet mask in this column field Assign the network gateway for the switch If DHCP client function is disabled the user has to assign the gateway in this column field The default gateway is 192 168 0 254 45 User s Manual of FGSW Series 4 2 3 SNMP Configuration 4 2 3 1 SNMP Overview The Simple Network Management Protocol SNMP is an application layer protocol that facilitates the exchange of management information between network devices It is part of the Transmission Control Protocol Internet Protocol TCP IP protocol suite SNMP enables network administrators to manage network performance find and solve network problems and plan for network growth FGSW 2620WM ons NET Home System System Information Hotworking amp Communication SNMP Configuration stem Options Name FGSW 2620VM IP Configuration SNMP Configuration Location No Location Sys
122. list gt specifies the monitored port list show mirror port Description Show port monitoring information 152 User s Manual of FGSW Series 6 10 Quality of Service There are four transmission queues with different priorities in the Managed Switch Highest SecHigh SecLow and Lowest The Managed Switch will take packets from the four queues according to its QoS mode setting If the QoS mode was set to Disable the Managed Switch will not perform QoS on its switched network If the QoS mode was set to High Empty Then Low the Managed Switch will never exhaust packets from a queue until the queues with higher priorities are empty If the QoS mode was set to weight ratio the Managed Switch will exhaust packets from the queues according to the ratio The default value of QoS mode is weight 8 4 2 1 That means the switch will first exhaust 8 packets from the queue with highest priority and then exhaust 4 packets from the queue with second high priority and so on When the switch received a packet the switch has to decide which queue to put the received packet into In the Managed Switch it will put received packets into queues according to the settings of 802 1p Priority and Static Port Ingress Priority When the received packet is an 802 1p tagged packet the switch will put the packet into a queue according to the 802 1p Priority setting Otherwise the switch will put the packet into a queue according
123. log Setting Contact Fi rmware Upgrade SNMP Status Disable Configuration Backup rrereg Apply Factory Default System Reboot Communit a La yer 2 Features Hear 5 R 1 QoS remove ORO ORW s e Trap Managers Current Managers New Manager IP Address I Remove Community Figure 4 2 4 SNMP configuration interface An SNMP managed network consists of three key components Network management stations NMSs SNMP agents Management information base MIB and network management protocol Network management stations NMSs Sometimes called consoles these devices execute management applications that monitor and control network elements Physically NMSs are usually engineering workstation caliber computers with fast CPUs megapixel color displays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and store management information such as the number of error packets received by a network element Management information base MIB A MIB is a collection of managed objects residing in a virtual information store Collections of related managed objects are defined in specific MIB modules network management protocol A management protocol is used to convey management information between 46 User s Manual of FGSW Series agents and NMSs SNMP is
124. mation System Priority v ew Remove gt gt Figure 4 6 1 Port Trunk Aggregator setting interface two ports are added to the left field with LACP enabled The page includes the following fields Object Description A value which is used to identify the active LACP The Managed Switch with the System Priority lowest value has the highest priority and is selected as the active LACP peer of the trunk group roupib There are 13 trunk groups to be selected Assign the Group ID to the trunk group Enabled the trunk group is using LACP A port which joins an LACP trunk group has to make an agreement with its member ports first cp Disabled the trunk group is a static trunk group The advantage of having the LACP disabled is that a port joins the trunk group without any handshaking with its member ports but member ports won t know that they should be aggregated together to form a logic trunk group 87 User s Manual of FGSW Series This column field allows the user to type in the total number of active port up to four With LACP static trunk group e g you assign four ports to be the members of a trunk group whose work ports column field is set as two the Work ports l l exceed ports are standby redundant ports and can be aggregated if working ports fail If it is a static trunk group non LACP the number of work ports must equal the total number of group member ports Please notice that a trunk grou
125. mbination of several ports or network cables to expand the connection speed beyond the limits of any one single port or network cable The Managed Switch supports two types of port trunk technology a Static Trunk E LACP The Link Aggregation Control Protocol LACP provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs move the link to that Link Aggregation Group and enable its transmission and reception functions in an orderly manner Link aggregation lets you group up to eight consecutive ports into a single dedicated connection This feature can expand bandwidth to a device on the network LACP operation requires full duplex mode more detail information refers to IEEE 802 3ad Link Aggregation LACP Port 1 Port 4 Dynamitic enabled Switch A LACP Enable 4GbE Active Link Backup Link Switch B LACP Enable Port 1 Port 5 Configured Members Link Aggregation LACP Port 2 Port 5 m a Dynamitic enabled Switch A LACP Enable Keep Link broken 4GbE Active Link Switch B LACP Enable Port 1 Port 5 Configured Members 86 User s Manual of FGSW Series 4 6 1 Aggregator setting This section provides Port Trunk Aggregator Setting of each port from the Managed Switch the screen in Figure 4 6 1 Trunking Aggregator Setting Aggregator Infor
126. mum time between transmissions of Configuration BPDUs e Forward Delay Derived value of the Root Port Bridge Forward Delay parameter 4 5 5 Port Configuration This web page provides the port configuration interface for RSTP You can assign higher or lower priority to each port Rapid spanning tree will have the port with the higher priority in forwarding state and block other ports to make certain that there is no loop in the LAN Spanning Tree PerPort Configuration Configure Spanning Tree Port Parameters Port Number Path Cost cea Admin Edge Admin Non STP Admin P2P Number 1 2900000000 0 44 g Default NO Default NO Default AUTO 200000 STP Port Status PortNum Priority Porti 12 128 Disabled N Figure 4 5 6 RSTP Port Configuration interface The page includes the following fields Object Description The cost of the path to the other bridge from this transmitting bridge at the Path Cost specified port Enter a number 1 through 200 000 000 84 User s Manual of FGSW Series Decide which port should be blocked by setting its priority as the lowest Enter a Priority number between 0 and 240 The value of priority must be the multiple of 16 The rapid state transitions possible within RSTP are dependent upon whether the port concerned can only be connected to exactly another bridge i e it is served by a point to point LAN segment or can be connected t
127. n Switch config prompt enter show ip 3 The screen displays the current IP address Subnet Mask and Gateway As show in Figure 5 2 1 COM1_57600 HyperTerminal File Edit View Call Transfer Help D gt Completed Username admin Password Switch conf Switch config show ip JIP address 192 168 100 103 Subnet mask 299 299 209 0 Connected 00 56 35 AMSIW 2 600 6 M 1 Figure 5 2 1 Show IP information screen 128 User s Manual of FGSW Series a Configure IP address iy On Switch config prompt enter the following command and press lt Enter gt As show in Figure 5 2 2 Switch config ip address 192 168 1 100 255 255 255 0 Switch config ip default gateway 192 168 1 1 The previous command would apply the follow settings for the Switch IP 192 168 1 100 Subnet Mask 255 255 255 0 Gateway 192 168 1 1 COM1_57600 HyperTerminal File Edit View Call Transfer Help Completed Username admin Password Switch conf ISwitch config show ip IP address 192 168 100 103 Subnet mask 290 299 299 0 Gateway 192 168 100 1 Switch config H ip address 192 168 1 100 255 255 255 0 Switch config H ip default gateway 192 168 1 1 Switch config Connected 00 58 03 AMS Tv 2 600 6 M 1 Figure 5 2 2 Set IP address screen 2 Repeat Step
128. n WRR CoS policies E Ingress Egress Bandwidth control on each port Multicast E IGMP Snooping v1 and v2 E IGMP Query mode for Multicast Media application mM 256 multicast groups Security Layer 2 3 4 Access Control List ACL IEEE 802 1x Port Based Authentication MAC address Filtering and MAC address Binding IP address security management to prevent unauthorized intruder Port Mirroring to monitor the incoming or outgoing traffic on a particular port Management EH Switch Management Interface e Web switch management e Telnet Command Line Interface e SNMP v1 v2c switch management e Console local management FGSW 2620PVM only SNMP Trap for alarm notification of events Four RMON groups 1 2 3 9 history statistics alarms and events Built in Trivial File Transfer Protocol TFTP client Firmware upload download via TFTP or HTTP Configuration upload download via TFTP or HTTP Supports Ping function Power over Ethernet FGSW 2620PVM FGSW 2612PVM Only Complies with IEEE 802 3af Power over Ethernet End Span PSE Up to 24 IEEE 802 3af devices powered FGSW 26202PVM only Up to 12 IEEE 802 3af devices powered FGSW 2612PVM only Support PoE Power up to 15 4 watts for each PoE ports Auto detect powered device PD Circuit protection prevent power interference between ports Remote power feeding up to 100m PoE Management e Total PoE power budget control e Per port PoE function enable disable e PoE Port Powe
129. n IEEE 802 10 specification standard Therefore it is possible to create a VLAN across devices from different switch venders IEEE 802 10 VLAN uses a technique to insert a tag into the Ethernet frames Tag contains a VLAN Identifier VID that indicates the VLAN numbers You can create and delete Tag based VLAN There are 256 VLAN groups to provide configure Enable 802 1Q VLAN the all ports on the switch belong to default VLAN VID is 1 The default VLAN can t be deleting Understand nomenclature of the Switch M IEEE 802 1Q Tagged and Untagged Every port on an 802 1Q compliant switch can be configured as tagged or untagged e Tagged e Untgged Frame Leave Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that flow into those ports If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet forwarding decisions Ports with untagging enabled will strip the 802 1Q tag from all packets that flow into those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 1Q VLAN information Remember that the PVID is only used internally within the Switch Untagging is used to send packets f
130. n the network Before updating make sure you have your TFTP server ready and the firmware image is on the TFTP server The screen in Figure 4 2 8 appears Use this menu to download a file from specified TFTP server to the Managed Switch Firmware Upgrade TF TP Firmware Upgrade TFTP Server IP Address 1192 168 0 52 Firmware File Name FW2620viMv2 0 img Figure 4 2 8 Firmware Upgrade interface The page includes the following fields Object Description TFTP Server IP Address Type in your TFTP server IP Firmware File Name Type in the name of the firmware image file to be updated 50 User s Manual of FGSW Series 4 2 4 2 HTTP Firmware Upgrade The HTTP Firmware Upgrade page contains fields for downloading system image files from the Local File browser to the device The Web Firmware Upgrade screen in Figure 4 2 9 appears HTTP Firmware Upgrade Note Firmware upgrade needs several minutes Please wait a while then manually refresh the webpage Figure 4 2 9 HTTP Firmware Upgrade interface To open Firmware Upgrade screen perform the folling 1 Click System gt Web Firmware Upgrade 2 The Firmware Upgrade screen is displayed as in Figure 4 2 9 3 Click the Browse button of the main page the system would pop up the file selection menu to choose firmware Choose file Look irr E Firmware Y e c Eg A mA FSW 2620 MW2 42 03b09010 7 ing My Recent Documents Places My N File name
131. nagement Access Overview cccccesseeceeeeeeeeeneneeneeneeeeeesneeseneneessneseeeeoasseeseaseeeenesessoasaessonsneessenanes 31 33 AAA on A 32 3 4 SNMP Based Network Management cccococccconccccccononccnoncnconnnnanonnnnnnrrnnnnrrrnnnnnrrrnnnnrrrnnnnrrrrnannrernanarennnas 33 3 5 Administration Console FGSW 2620PVM FGSW 2612PVM ooccccccccoooccccccononononnnnnnononnnannnnnnnnnnos 33 cs A E eaueioacateauianasiiecebisaeie usuecne daummevnamelunecsuase 35 3 6 1 VIFtUal Terminal PROTOCOIS alta a a lbeduasnolinog sc a a a 35 310 2 SNMP Protocol eines 35 3 6 3 Management Architecture cccccsescccseseecsescecesececeseeeseseeseeessseeseeeesegeeesaneessageeteeessasesenees 35 4 WEB BASED MANAGEMENT ccccccsecceeceeeeeeeeeeeeeeeeeceeseneeeneeenseesenesenesenesenes 36 4 1 About Web based Management ccooocccocncccnccccnnncccnononcnnncnnnnononanrrnnnnrrnnnn rra r rra rrrnnn nena rrrnnnrrnannrrnanarenans 36 AN EQU e ie aiid 37 A Ned Logging On Me Wilson 37 ARES MaN WEB PAGE tii iia 39 A ZVS ENa a AS 40 AZ 1 3 YSiCm INO malo ras 41 e E A O E CO E A eT eer ew ren ran eee ers 41 User s Manual of FGSW Series A2 2 MISC COMO si ii iii 42 4 2 2 IPC ONNg ratiON sonsir ena E tamu a aT antieeradeqlag udu teos E a 44 ALSO MEE oN e E ooo 46 ASA 46 4 232 O SEM ODUONS li do 47 422 3 3 COMMUNI SINS E ice 48 A259 a Mapa Managers ln lie idas 49 A 2A Firmware UPM neh tien nce eas vent leita ieee ee eee eee rane ar eavew tas 5
132. nction The three models support up to 9Kbytes jumbo frame forwarding 96 User s Manual of FGSW Series summary table you can know status of each port clear at a glance like Port Link Up Link Down status negotiation Link This page displays current port configurations and operating status it is a ports configurations summary table Via the Speed Rate Control Duplex mode and Flow Control 4 3 2 Port Status El Jelclelclelclelicielcic 3 BI BEBBE lalalelolalalalalelolalalalale Oo i wo 2 5 0 5 e Lol Si a 5 H E E 2 E FGSW 2620VWM atures Fe Hotworking amp Communicallon Security Z Statistics Port Control Port S Layer 2 E Port Configuration System Figure 4 3 2 Port Status interface 57 User s Manual of FGSW Series 4 3 3 Port Statistics The following chart provides the current statistic information which displays the real time packet transfer status for each port The user might use the information to plan and implement the network or check and find the problem when the collision or heavy traffic occurs Port Statistics The following information provides a view of the current status of the unit hJ dh G 6IO 16 pes Ololojolo ojol lo 3131313 3 5 a a H ER A ort15 On _ Down O os i o 2 i BJ DIES Figure 4 3 3 Port Statistics i
133. nds VLAN space by using a VLAN in VLAN hierarchy and retagging the tagged packets A port configured to support QinQ is called a QinQ user port A port configured to support QinQ Uplink is called a QinQ uplink port Qina VLAN Tunnel 1D Tunneli w Remove gt gt Porto Figure 4 4 9 Q in Q Tunnel Setting interface NW To configure QinQ Port 1 2 3 4 Enable global QinQ function select QinQ enable Enable Fill QinQ Tpid Enable port QinQ function select QinQ checkbox for special port Enable port QinQ Uplink function select QinQ Uplink checkbox for special port 19 User s Manual of FGSW Series 4 5 Rapid Spanning Tree The Rapid Spanning Tree Protocol RSTP is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change The system also supports STP and the system will auto detect the connected device that is running STP or RSTP protocol 4 5 1 Theory The Spanning Tree protocol can be used to detect and disable network loops and to provide backup links between switches bridges or routers This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network and provide backup links which automatically take over when a primary link goes down The spanning tree algorithms supported by this switch include these versions a
134. network into different broadcast domains so that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily VLAN can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated 1 No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN 2 The Managed Switch supports IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware The Managed Switch supports IEEE 802 1Q tagged based and Port Base VLAN setting in web management page In the default configuration VLAN support is 802 1Q E Port based VLAN Port based VLAN limit traffic that flows into and out of switch ports Thus all devices connected to a port are members of the VLAN s the port belongs to whether there is a single computer
135. nfigured to immediately delete a member port of a multicast service if a leave packet is received at that port and the fastleave function is enabled for the parent VLAN This allows the Managed witch to remove a port from the multicast forwarding table without first having to send an IGMP group specific query to that interface 101 User s Manual of FGSW Series 4 9 QoS Configuration 4 9 1 Understand QOS Quality of Service QoS is an advanced traffic prioritization feature that allows you to establish control over network traffic QoS enables you to assign various grades of network service to different types of traffic such as multi media video protocol specific time critical and file backup traffic QoS reduces bandwidth limitations delay loss and jitter It also provides increased reliability for delivery of your data and allows you to prioritize certain applications across your network You can define exactly how you want the switch to treat selected applications and types of traffic You can use QoS on your system to Control a wide variety of network traffic by Classifying traffic based on packet attributes Assigning priorities to traffic for example to set higher priorities to time critical or business critical applications Applying security policy through traffic filtering Provide predictable throughput for multimedia applications such as video conferencing or voice over IP by minimizing delay and jitt
136. ng or receiving data over that port 23 User s Manual of FGSW Series FGSW 2624SF LED indication Y PLANE Hobbs amp Comino FGSW 262451 Figure 2 8 FGSW 2624SF LED panel E System LED Color Function PWR Green Lights to indicate that the Switch has power E Per 100Base FX SFP slot LED Color Function LNK ACT Green Lights to indicate the link through that port is successfully established m Per 10 100 1000Base T port SFP interfaces Function Lit indicate that the port is operating at 1000Mbps Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the switch is actively sending or receiving data over that port Lit indicate that the port is operating at 100Mbps Off indicate that the port is operating at 10Mbps or 1000Mbps Blink indicate that the switch is actively sending or receiving data over that port Lit indicate that the port is operating at full duplex mode Off indicate that the port is operating at half duplex mode 1 Press the RESET button once The t Switch will reboot automatically 2 Press the RESET button for about 10 seconds The Switch will back to the factory default mode the entire configuration will be erased 3 The 2 Gigabit TP SFP combo ports are shared with port 25 26 of FGSW 2620VM FGSW 2620PVM FGSW 2612PVM FGSW 2624SF Either of them can operate at the same time 24 User s Manual of FGSW Series 2 1 3 Swit
137. nterface The page includes the following fields Object Description Port The port number Type Displays the current speed of connection to the port Link The status of linking Up or Down It s set by Port Control When the state is disabled the port will not transmit or State receive any packet Tx Good Packet The counts of transmitting good packets via this port The counts of transmitting bad packets including undersize less than 64 octets Tx Bad Packet oversize CRC Align errors fragments and jabbers packets via this port Rx Good Packet The counts of receiving good packets via this port 58 User s Manual of FGSW Series The counts of receiving good packets including undersize less than 64 octets Rx Bad Packet oversize CRC error fragments and jabbers via this port Tx Abort Packet The aborted packet while transmitting Packet Collision The counts of collision packet Packet Dropped The counts of dropped packet Rx Bcast Packet The counts of broadcast packet Rx Mcast Packet The counts of multicast packet 4 3 4 Port Sniffer The Port Sniffer mirroring is a method for monitor traffic in switched networks Traffic through a port can be monitored by one specific port That is traffic goes in or out a monitored port will be duplicated into sniffer port Port Mirroring UP Link source Port Monitor Client With Ethereal or Sniffer Pro Figure 4 3 4 Port Mirror appli
138. o requests from the switch The workstation must be running 802 1X compliant client software such as that offered in the Microsoft Windows XP operating system The client is the supplicant in the IEEE 802 1X specification Authentication server performs the actual authentication of the client The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services Because the switch acts as the proxy the authentication service is transparent to the client In this release the Remote Authentication Dial ln User Service RADIUS security system with Extensible Authentication Protocol EAP extensions is the only supported authentication server it is available in Cisco Secure Access Control Server version 3 0 RADIUS operates in a client server model in which secure authentication information is 115 User s Manual of FGSW Series exchanged between the RADIUS server and one or more RADIUS clients Oo Switch 802 1X device controls the physical access to the network based on the authentication status of the client The switch acts as an intermediary proxy between the client and the authentication server requesting identity information from the client verifying that information with the authentication server and relaying a response to the client The switch includes the RADIUS client which is responsible for encapsulating and decapsulating the
139. o two or more bridges i e it is served by a shared medium LAN segment This function allows the P2P Admin P2P status of the link to be manipulated administratively e YES means the port is regarded as a point to point link e NO means the port is regarded as a shared link e AUTO means the link type is determined by the auto negotiation between the two peers i The port directly connected to end stations won t create bridging loop in the Admin Edge network To configure the port as an edge port set the port to YES status The port includes the STP mathematic calculation Admin Non STP e YES is not including STP mathematic calculation e NOis including the STP mathematic calculation Path cost 0 is used to indicate auto configuration mode When the short path cost method is selected and the default path cost recommended by the IEEE 8021w standard exceeds 65 535 the default is set to 65 535 By default the system automatically detects the speed and duplex mode used on each port and configures the path cost according to the values shown below Table 4 5 1 Recommended STP Path Cost Range eae Type Link Type IEEE 802 1D 1998 IEEE 802 1w 2001 Half Duplex 2 000 000 Full Duplex 1 999 999 Trunk 1 000 000 Half Duplex 200 000 Full Duplex 100 000 Trunk 50 000 Full Duplex Trunk Table 4 5 2 Recommended STP Path Costs 85 User s Manual of FGSW Series 4 6 Trunking Port trunking is the co
140. oassecouisles is 157 spaniimgstiee Alo IM as 157 User s Manual of FGSW Series spanning tree MaxiIMuUM age sisi il a a a sides abicie 157 spann ree PONY caia 158 spannihog tee POr DAU COS isinai a scnwace E acetate evenceeer E 158 spanningtree DONE POY yisi a e weer LEA 158 SHOW Spanning Teen cia 158 SHOM spanning tree DO is 158 NO SDaMMIMAG WCC Cel dl aora 159 spanning tree protocol VersiON cccccccsscccsecceeeccseeceucecaueecaeeceueeceucecsueceueesueesseeseueessueesseeeneesssas 159 no spanning tree port MCNE CK c oocccocccccnccccnccocnococnononccnnnnonnnonnnnonnnonnnonnnonnnnnnnnnnnnnonanenannananos 159 No spanning tree port edge port coocccccnccccnnoccnccocnoconnononoconconononnnnnonnnonnnnonnnnnnnnnannnnnnnonanenannnnonos 159 no spanning tree port NON SID ieee eee a de 159 Spanning tree port point to pOIN MAC ccooccccccnconcncconnconncnnnononnnonononnrnnnnnnnnnnnonnnnonnnnnnrnnnnnnnnnnnnaninns 160 SnOW Spannind een 160 snow spaniiig lree Pot o ad ad LE 160 A ianabecevadestenssauanneate a A 161 oS SyS eM ODON Sic 161 MPNO SIN A 2 a ene et ee en eee ee ee eee eee eee cee eater 161 SNOW SAMP AS a ls ed Matas 161 SAMP yStem aMSN 161 SIMD SV Stet locals 161 SHIM SV SCM COMLAC Lust dada ol 161 SNOW SMM PSY SMA AA RAR 162 6 13 2 COMMUNITY SUNGS risana teenies ia Alene bens rena idle arden aes 162 SIME COMMUN IY teers A A tamara met spo sateatenetanatduaeanade 162 TIO SIN COMMUNI a ade 162 SHOW FS
141. of Aggregator Setting you can configure the state activity for the members of the LACP trunk group You can tick or cancel the checkbox beside the state label When you remove the tick mark of the port and click Apply the port state activity will change to Passive Trunking State Activity pa a wa po e pa T C Figure 4 6 7 State Activity of Switch 1 The page includes the following fields Object Description Active The port automatically sends LACP protocol packets P The port does not automatically send LACP protocol packets and responds only assive if it receives LACP protocol packets from the opposite device 92 User s Manual of FGSW Series Trunking State Activity Figure 4 6 8 State Activity of Switch 2 ES A link having two passive LACP nodes will not perform dynamic LACP trunk because both ports are waiting for an LACP protocol packet from the opposite device 93 User s Manual of FGSW Series 4 7 Forwarding and Filtering The frames of Ethernet Packets contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frames with the corresponding SMAC address have been seen after a configurable age time 4 7 1 Dynamic MAC Table Entries in the MAC Table are sh
142. on and optional classification stages are completed the PSE must switch from low voltage to its full voltage capacity 44 57 Volts over a minimal amount of time above 15 microseconds A gradual startup is required as a sudden rise in voltage reaching high frequencies would introduce noise on the data lines Once provision of power is initiated it is common for inrush current to be experienced at the PSE port due to the PD s input capacitance A PD must be designed to cease inrush current consumption of over 350 mA within 50 ms of power provision startup Operation During normal operation the PSE provides 44 57 VDC able to support a minimum of 15 4 watts power Power Overloads The IEEE 802 3af standard defines handling of overload conditions In the event of an overload a PD drawing a higher power level than the allowed 12 95 Watts or an outright short circuit caused by a failure in cabling or in the PD the PSE must shut down power within 50 to 75 milliseconds while limiting current drain during this period to protect the cabling infrastructure Immediate voltage drop is avoided to prevent shutdown due to random fluctuations Power Disconnection Scenarios The IEEE 802 3af standard requires that devices powered over Ethernet be disconnected safely i e power needs be shut down within a short period of time following disconnection of a PD from an active port When a PD is disconnected there is a danger that it will be re
143. on the desktop or the shelf near an AC power source Figure 2 13 Place the Managed Switch on the desktop Step3 Keep enough ventilation space between the Managed Switch and the surrounding objects When choosing a location please keep in mind the environmental restrictions discussed in Chapter 1 Section 4 in Specification Step4 Connect the Managed Switch to network devices A Connect one end of a standard network cable to the 10 100 1000 RJ 45 ports on the front of the Managed Switch B Connect the other end of the cable to the network devices such as printer servers workstations or routers etc Connection to the Managed Switch requires UTP Category 5 network cabling with RJ 45 tips For more information please see the Cabling Specification in Appendix A Note Step5 Supply power to the Managed Switch A Connect one end of the power cable to the Managed Switch B Connect the power plug of the power cable to a standard wall outlet When the Managed Switch receives power the Power LED should remain solid Green 26 User s Manual of FGSW Series 2 2 2 Rack Mounting To install the Managed Switch in a 19 inch standard rack please follows the instructions described below Step1 Place the Managed Switch on a hard flat surface with the front panel positioned towards the front side Step2 Attach the rack mount bracket to each side of the Managed Switch with supplied screws attached to the package Figure 2 1
144. ority level With the drop down selection item of Priority Type above being selected as COS only COS first this control item will then be available to set the queuing policy for each port 4 9 2 1 Priority Queue Service settings QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems The IEEE 802 1p Priority specification uses 8 priority levels to classify data packets In 802 1p compliant devices a tag inserted into the packet header is used to identify the priority level of data packets The Switch supports Static Port Ingress priority and four queues The screen in Figure 4 9 2 appears QoS Configuration QoS Configuration PerPort Configuration Priority Queue Service CO First Come First Service CAll High before Low WRR 802 1p priority 0 7 Lowest w Lowest SecLow SecHigh v Sec Hic s Highest v Figure 4 9 2 QoS Configuration 802 1Priority 103 User s Manual of FGSW Series The table includes the following fields Object Description First Come First Service The sequence of packets sent is depend on arrival order All High before Low The high priority packets sent before low priority packets Select the preference given to packets in the switch s higher priority queue These options represent the number of higher priority packets sent before one lower priority packet is sent Weighted Round Robin
145. ou create ACL and Binding groups Let device that has specific IP address and MAC address can use network We can set specific IP address MAC address VLAN id and port id to bind and device can cross switch if all conditions match Use binding function we should enable it first in following page In XPacket Type Binding box should select gt Binding Object Group ID Description Default Vaule 1 247 max 247 ACL group 111 Action VLAN Packet Type MAC Address IP Address Port Id Current List Permit Deny E Permit Permit packet cross switch m Deny Drop packet Any VID EH Any Any Vlan id m VID 1 4094 A certain vlan id IPv4 Non IPv4 Binding E Pv4 Set lpv4 packet field E Non IPv4 Set non lpv4 packet field E Binding Set binding entry is represent a digit from 0 9 and A F is range from 0 to FF kkk kkk kkk kkk is represent a digit from 0 9 is range from O to 255 Source port id from 1 26 You create ACL and Binding groups 112 User s Manual of FGSW Series Permit Any IPv4 00 11 22 33 44 55 0 0 0 0 User s Manual of FGSW Series 4 11 MAC Limit MAC limit allows users to set a maximum number of MAC addresses to be stored in the MAC address table The MAC addresses chosen to be stored in MAC address table is the result of first come first save policy Once a MAC address is stored in the MAC address table it stays in until it
146. ower down the Managed Switch As the Figure 2 16 appears 1000Base SXILX LC Fiber Figure 2 16 Plug in the SFP transceiver Approved PLANET SFP Transceivers PLANET Managed switches supports both single mode and multi mode SFP transceiver The following list of approved PLANET SFP transceivers is correct at the time of publication 1000Base SX LX SFP transceiver MGB SX SFP 1000BASE SX SFP transceiver Multi mode 220m a E MGB LX SFP 1000BASE LX SFP transceiver Single Mode 10km E MGB L30 SFP 1000Base LX SFP transceiver Single Mode 30Km a MGB L50 SFP 1000Base LX SFP transceiver Single Mode 50Km It recommends using PLANET SFPs on the Switch If you insert a SFP transceiver that is not supported the Managed Switch will not recognize it Before connect the other switches workstation or Media Converter 1 Make sure both side of the SFP transceiver are with the same media type for example 1000Base SX to 1000Base SX 1000Bas LX to 1000Base LX 2 Check the fiber optic cable type match the SFP transceiver model gt Toconnect to 1000Base SX SFP transceiver use the multi mode fiber cable with one side must be male duplex LC connector type 28 User s Manual of FGSW Series gt To connect to 1000Base LX SFP transceiver use the single mode fiber cable with one side must be male duplex LC connector type Connect the fiber cable 1 Attach the duplex LC connector on the network cab
147. own on this page The Dynamic MAC Table contains up to 8192 entries and is sorted first by VLAN ID then by MAC address You can view all of the dynamic MAC addresses learned by the listed port Forwarding and Filtering Dynamic MAC Table Static MAC Table Click Clear will clear Dynamic addresses from the switch Dynamic addresses currently learned on the switch are listed below There are total 2 Mac Adresses Figure 4 7 1 Dynamic MAC Address interface MAC Table Columns Object Description e NO The index of the MAC address entry e MAC The MAC address of the entry e PORT The ports that are members of the entry e VID The VLAN ID of the entry e Type Indicates whether the entry is a static or dynamic entry a Click Clear to clear the dynamic MAC addresses information of the current port shown on the screen 94 User s Manual of FGSW Series 4 7 2 Static MAC Table You can add a static MAC address that remains in the switch s address table regardless of whether the device is physically connected to the switch This saves the switch from having to re learn a device s MAC address when the disconnected or powered off device is active on the network again Via this interface you can add modify delete a static MAC address E Add the Static MAC Address You can add static MAC address in the switch MAC table here Forwarding and Filtering Doses NACA MAC Filtering Dynamic addresses currently defined on
148. p including member ports split between two switches has to enable the LACP function of the two switches Note 4 6 2 Aggregator Information When you had setup the LACP aggregator you will see relation information in here E LACP disabled Having set up the aggregator setting with LACP disabled you will see the local static trunk group information on the tab of Aggregator Information Trunking Aggregator Setting Toisavie Y Figure 4 6 2 Assigning 2 ports to a trunk group with LACP disabled 88 User s Manual of FGSW Series Trunking Aggregator Setting Aggregator Information state The following information provides a wew of LACP current status Static Trunking Group Group Key Figure 4 6 3 Static Trunking Group information The page includes the following fields Object Description Group Key This is a read only column field that displays the trunk group ID This is a read only column field that displays the members of this static trunk Port Member group E LACP enabled Having set up the aggregator setting with LACP enabled you will see the trunking group information between two switches on the tab of Aggregator Information Switch 1 configuration 1 Set System Priority of the trunk group The default is 1 2 Select a trunk group ID by pull down the drop down menu bar 3 Enable LACP 4 Include the member ports by clicking the Add button after
149. pecifies the IP address lt 1 65535 gt specifies the trap receiver port number e g no snmp trap 192 168 200 1 show snmp trap Description Show all trap receivers 6 14 IGMP User s Manual of FGSW Series The Internet Group Management Protocol IGMP is an internal protocol of the Internet Protocol IP suite igmp Description Enable disable IGMP snooping Syntax no igmp igmp fastleave Description Enable disable IGMP snooping fast leave If enable switch will fast delete member who send leave report else wait one sec Syntax no igmp fastleave 163 igmp querier Description Enable disable IGMP snooping querier Syntax no igmp querier igmp CrossVLAN Description Enable disable IGMP snooping CrossVLAN Syntax no igmp CrossVLAN igmp debug Description Enable disable IGMP snooping debugging output Syntax no igmp debug show igmp Description Show IGMP snooping information Syntax show igmp lt status router groups table gt Parameters status specifies IGMP snooping status and statistics information router specifies IGMP snooping router s IP address groups specifies IGMP snooping multicast group list table specifies IGMP snooping IP multicast table entries igmp clear_statistics Description Clear IGMP snooping statistics counters 164 User s Manual of FGSW Series User s Manual of FGSW Series 6 15 802 1x Protocol dot1x Description
150. pecifies the source port mask lt 0 FFFF gt specifies the destination port value lt 0 FFFF gt specifies the destination mask e g acl add 1 qosvoip 1711000000 6 16 2 Non lpv4 ACL commands no acl lt 1 220 gt and show acl lt 1 220 gt commands are same as Ipv4 ACL commands acl addjedit lt 1 220 gt permit deny lt 0 4094 gt nonipv4 lt 0 65535 gt Description Add or edit ACL group for non Ipv4 Syntax acl addledit lt 1 220 gt permit deny lt 0 4094 gt nonipv4 lt 0 65535 gt Parameters add edit specifies the operation lt 1 220 gt specifies the group id permit deny specifies the action permit permit packet cross switch deny drop packet lt 0 4094 gt specifies the VLAN id O means don t care lt 0 65535 gt specifies the Ether Type 0 means don t care e g acl add 1 deny 0 nonipv4 2054 This ACL rule will drop all packets for ether type is 0x0806 and non IPv4 170 User s Manual of FGSW Series 6 17 Binding Let device that has specific IP address and MAC address can use network We can set specific IP address MAC address VLAN id and port id to bind and device can cross switch if all conditions match 6 17 1 SIP SMAC binding commands bind Description Enable binding function no bind Description Disable binding function no bind Description Delete Binding group Syntax no bind lt 1 220 gt Parameters lt 1 220 gt specifies the group id e g no bind 1 show bind
151. placed by a non PoE ready device while power is still on Imagine disconnecting a powered IP phone utilizing 48 VDC then inadvertently plugging the powered Ethernet cable into a non PoE notebook computer What s sure to follow is not a pretty picture The standard defines two means of disconnection DC Disconnect and AC Disconnect both of which provide the same functionality the PSE shutdowns power to a disconnected port within 300 to 400ms The upper boundary is a physical human limit for disconnecting one PD and reconnecting another DC Disconnect DC Disconnect detection involves measurement of current Naturally a disconnected PD stops consuming current which can be inspected by the PSE The PSE must therefore disconnect power within 300 to 400 ms from the current flow stop The lower time boundary is important to prevent shutdown due to random fluctuations AC Disconnect This method is based on the fact that when a valid PD is connected to a port the AC impedance measured on its terminals is significantly lower than in the case of an open port disconnected PD AC Disconnect detection involves the induction of low AC signal in addition to the 48 VDC operating voltage The returned AC signal amplitude is monitored by the PSE at the port terminals During normal operation the PD s relatively low impedance lowers the returned AC signal while a sudden disconnection of this PD will cause a surge to the full AC signal level and will indi
152. r feeding priority e Per PoE port power limit e PD classification detection e PoE Power Supply Over Temperature Protection 16 User s Manual of FGSW Series 1 5 Product Specification FGSW 2620PVM FGSW 2612PVM FGSW 2620VM Hardware Specification 24 10 100Base TX RJ 45 24 10 100Base TX RJ 45 10 100Mbps Copper Ports Auto MDI MDI X ports Auto MDI MDI X ports C ESO CECI ES CTN TN Back pressure for Half Duplex Flow Control IEEE 802 3x Pause Frame for Full Duplex Power FAN Alarm Power Power Link Activity Green Link Activity Green LED Link Activity Green POE In Use Amber 1000 LNK ACT Green 1000 LNK ACT Green 1000 LNK ACT Green 10 100 LNK ACT Green 10 100 LNK ACT Green 10 100 LNK ACT Green 440 x 120 x 44 mm 440 x 220 x 44 mm 440 x 220 x 44 mm Dimensions W x D x H 1U height 1U height 1U height 1 87kg 2 6kg 2 6kg Power Requirement 100 240V AC 50 60 Hz FGSW 2620PVM 23 1 Watts maximum 73 210 Watts Full PoE Load Power Consumption 25 Watts Full load BTU hr maximum FGSW 2612PVM 27 Watts Full PoE Load Operating Temperature Standard 0 50 Degree C Operating Humidity 10 to 90 Non condensing Storage Temperature 40 Degree C 85 Degree C 17 User s Manual of FGSW Series Layer 2 Functions Console Telnet Web Management Interface Telnet Web Browser SNMP v1 v2c Browser SNMP v1 v2c Port disable enable Auto negotiation 1
153. rheating This section provides PoE Power over Ethernet Configuration and PoE output status of PoE Switch screen in Figure 4 13 1 appears PoE Configuration fe ME Aa E AAA a EG m Meno Aloma dl Se ee a la E A A a Refresh Figure 4 13 1 PoE Configuration 123 The page includes the following fields Object PoE PSU Status User s Manual of FGSW Series Description PoE PSU Status shows status of power supply for PoE output PoE Temperature Unit 1 Display the current operating temperature of PoE chip unit 1 The unit 1 is in charge of PoE Port 1 Port 12 PoE Temperature Unit 2 Display the current operating temperature of PoE chip unit 2 The unit 1 is in charge of PoE Port 13 Port 24 Over Temperature Protection Enable Disable over temperature protection When the PoE temperature unit 1 unit2 over 70 degree C then PoE power budget will be changed by 3 segments as following Over 70 Degree C power budget 180 Watts Over 73 Degree C power budget 170 Watts Over 76 Degree C power budget 160 Watts Power limit mode Allow to configure power limit mode of Web Smart Device It can choose a Port Priority Deliver PoE power by port priority setting EN Total Limit Set limit value of the total POE port provided power to the PDs Power Allocation Show the total watts usage of PoE Switch PoE Function Can enable or disable the PoE function Priority S
154. rom an 802 1Q compliant network device to a non compliant network device Frame Income Income Frame is tagged Income Frame is untagged Leave port is tagged Frame remains tagged Tag is inserted Leave port is untagged Frame remain untagged 67 User s Manual of FGSW Series 4 4 4 1 VLAN Group Configuration m VLAN Group Configuration r atir DEFAULT_1 Figure 4 4 4 VLAN Group Configuration interface 1 Click the hyperlink VLAN Static VLAN to enter the VLAN configuration interface 02 1Q at the VLAN Operation Mode to enable the 802 1Q VLAN function 3 Click Add to create a new VLAN group or Edit to management exist VLAN groups Then the VLAN Group column appears 4 Input a VLAN group ID and available range is 2 4094 68 User s Manual of FGSW Series Static VLAN lt Remove CPU Port spp Her Figure 4 4 5 VLAN Group Configuration interface D Select specific port as member port and the screen in Figure 4 4 6 appears Figure 4 4 6 802 1Q VLAN Setting Web Page screen 69 User s Manual of FGSW Series The page includes the following fields Object Description Use this optional field to specify a name for the VLAN It can be up to 16 VLAN Name alphanumeric characters long including blanks You can configure the ID number of the VLAN by this item This field is used to VLAN ID add VLANs one at a time The VLAN group ID and available rang
155. rt must transition through to further ensure that a stable network topology is created after a topology change Each port on a switch using STP exists is in one of the following five states a Blocking the port is blocked from forwarding or receiving packets Listening the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state _ Learning the port is adding addresses to its forwarding database but not yet forwarding packets Forwarding the port is forwarding packets Disabled the port only responds to network management messages and must return to the blocking state first T User s Manual of FGSW Series A port transitions from one state to another as follows From initialization switch boot to blocking From blocking to listening or to disabled From listening to learning or to disabled From learning to forwarding or to disabled From forwarding to disabled From disabled to blocking Switch Blocking Listening Learning Forwarding Disable L Y Figure 4 5 1 STP Port State Transitions You can modify each port state by using management software When you enable STP every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up If properly configured each port stabilizes to the forwarding or blocking state No packet
156. s except BPDUs are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 4 5 2 STP Parameters STP Operation Levels User s Manual of FGSW Series The Switch allows for two levels of operation the switch level and the port level The switch level forms a spanning tree consisting of links between one or more switches The port level constructs a spanning tree consisting of groups of one or more ports The STP operates in much the same way for both levels Bridge and the Designated Bridges On the port level STP sets the Root Port and the Designated Ports The following are the user configurable STP parameters for the switch level Parameter Bridge Identifier Not user configurable except by setting priority below Priority Hello Time Maximum Age Timer Forward Delay Timer Description A combination of the User set priority and the switch s MAC address The Bridge Identifier consists of two parts a 16 bit priority and a 48 bit Ethernet MAC address 32768 MAC A relative priority for each switch lower numbers give a higher priority and a greater chance of a given switch being elected as the root bridge The length of time between broadcasts of the hello message by the switch Measures the age of a received BPDU for a port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer The amount time spent by a port
157. specified port is set to the Authorized or Unauthorized state in accordance Authorize with the outcome of an authentication exchange between the Supplicant and the authentication server No The specified port works without complying with 802 1x protocol 120 User s Manual of FGSW Series 4 12 4 Misc Configuration In this page you can change the default configuration for the 802 1x standard System Configuration The page includes the following fields Object Quiet Period TX Period Supplicant Timeout Server Timeout Max Requests Reauth period 802 1x Configuration Misc Configuration Configure 802 1x misc configuration Figure 4 12 6 802 1x Misc Configuration interface Description Used to define periods of time during which it will not attempt to acquire a supplicant Default time is 60 seconds Set the period the port waits for retransmit next EAPOL PDU during an authentication session Default value is 30 seconds Set the period of time the switch waits for a supplicant response to an EAP request Default value is 30 seconds Set the period of time the switch waits for a server response to an authentication request Default value is 30 seconds Set the number of authentication that must time out before authentication fails and the authentication session ends Default value is 2 times Set the period of time which clients connected must be re authenticated Default value is 3600 seconds 1
158. ss lt Ctrl gt C to stop 132 User s Manual of FGSW Series 6 3 Switch Static Configuration 6 3 1 Port Configuration and show status port state Turn the port state on or off Syntax port state lt on off gt lt port list gt Parameters lt port list gt specifies the ports to be turn on or off If not entered all ports are turn on or off port nego Description Set port negotiation Syntax port nego lt force auto nway force gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set port speed Description Set port speed in mbps and duplex Syntax port speed lt 10 100 1000 gt lt full half gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set port flow Description Enable or disable port flow control Syntax port flow lt enable disable gt lt enable disable gt lt port list gt Parameters The first lt enable disable gt enables or disables flow control in full duplex mode The second lt enable disable gt enables or disables flow control in half duplex mode lt port list gt specifies the ports to be set If not entered all ports are set 133 User s Manual of FGSW Series port rate Description Set port effective ingress or egress rate Syntax port rate lt ingress egress gt lt 0 8000 gt lt port list gt Parameters lt 0 8000 g
159. t specifies the ingress or egress rate lt 0 8000 gt lt port list gt specifies the ports to be set If not entered all ports are set port priority Description Set port priority Syntax port priority lt disable low high gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set port jumboframe Description Set port jumbo frame When port jumbo frame is enable the port forward jumbo frame packet Syntax port jumboframe lt enable disable gt lt port lisf gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set show port status Description Show port status including port State Link Trunking VLAN Negotiation Speed Duplex Flow control Rate control Priority Security BSF control Switch config show port status State on Link down Trunking none VLAN DEFAULT Priority disable Security off 134 User s Manual of FGSW Series show port statistics Description Show port statistics including TxGoodPkt TxBadPkt RxGoodPkt RxBadPkt TxAbort Collision and DropPkt Parameters lt port id gt specifies the port to be shown 135 User s Manual of FGSW Series show port protection Description Show protected port information 136 User s Manual of FGSW Series 6 4 Trunk Configuration Trunk allows the switch to combine ports so that they function like a singl
160. t monitors the exchange of IGMP messages and copies them to the CPU for feature processing The overall purpose of IGMP Snooping is to limit the forwarding of multicast frames to only ports that are a member of the multicast group About the Internet Group Management Protocol IGMP Snooping Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for members that are no longer active In the case where there is more than one multicast router on a sub network one router is elected as the queried This router then keeps track of the membership of the multicast groups that have active members The information received from IGMP is then used to determine if multicast packets should be forwarded to a given sub network or not The router can check using IGMP to see if there is at least one member of a multicast group on a given subnet work If there are no members on a sub network packets will not be forwarded to that sub network Give me multicast _ stream B Multicast Receiver XI Multicast Switch Transmitter 77 IPTV Server Router Give me multicast Stream O Multicast p eae Receiver D Figure 4 8 1 Multicast Service Switch 9
161. t the Switch has power m Per 10 100Base TX RJ 45 port LED Function Lights to indicate the link through that port is successfully established LNK ACT Blink to indicate that the Switch is actively sending or receiving data over that port m Per 10 100 1000Base T port SFP interfaces Color Function LED Lit indicate that the port is operating at 1000Mbps LNK ACT 1000 Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the Switch is actively sending or receiving data over that port Lit indicate that the port is operating at 100Mbps LNK ACT 100 Off indicate that the port is operating at 10Mbps or 1000Mbps Blink indicate that the Switch is actively sending or receiving data over that port FGSW 2620PVM LED indication 3 PLANET FGSW 2620PVM Figure 2 6 FGSW 2620PVM LED panel m System LED Color Function PWR Green Lights to indicate that the Switch has power Per 10 100Base TX POE interfaces Port 1 to Por 24 Color Function LED Lights To indicate the link through that port is successfully established LNK ACT Blink To indicate that the Switch is actively sending or receiving data over that port Lights To indicate the port is providing 48VDC in line power Orange Off To indicate the connected device is not a PoE Powered Device PD User s Manual of FGSW Series m Per 10 100 1000Base T port SFP interfaces Color Function Lit indicate th
162. the port to be point to point connection Syntax spanning tree port point to point mac lt auto true false gt lt port list gt Parameters auto specifies point to point link auto connection true specifies point to point link true false specifies point to point link false lt port list gt specifies the ports to be set Null means all ports show spanning tree Description Show spanning tree information of CIST show spanning tree port Description Show spanning tree port information of CIST Syntax show spanning tree port lt port list gt Parameters lt port list gt specifies the port to be shown Null means all ports 160 User s Manual of FGSW Series User s Manual of FGSW Series 6 13 SNMP Any Network Management running the simple Network Management Protocol SNMP can be management the switch 6 13 1 System Options Snmp no snmp Description Enable or disable SNMP Show snmp status Description Show the enable or disable status of SNMP snmp system name Description Set agent system name string Syntax snmp system name lt name str gt Parameters lt name str gt specifies the system name string e g snmp system name SWITCH snmp system location Description Set agent location string Syntax snmp system location lt ocation str gt Parameters lt location str gt specifies the location string e g snmp system location office snmp system contact Description
163. the setting of Static Port Ingress Priority 802 1p Priority the 802 1p packet has a priority tag in its packet header The range of the priority is 7 0 The Managed Switch can specify the mapping between 802 1p priority and the four transmission queues In the default setting the packets with 802 1p priority O 1 are put into the queue with lowest priority the packets with 802 1p priority 2 3 are put into queue with second low priority and so on E Static Port Ingress Priority each port is assigned with one priority 7 0 The priority of the packet received from one port is set to the same priority of the receiving port When the priority of the received packet was determined the packet is treated as an 802 1p packet with that priority and will be put into a queue according to the 802 1p Priority setting 6 10 1 QoS Configuration QoS mode E First Come First Service The sequence of packets sent is depending on arrive orders E All High before Low The high priority packets sent before low priority packets m WRR Weighted Round Robin Select the preference given to packets in the switch s high priority queue These options represent the number of higher priority packets sent before one lower priority packet is sent For example 8 Highest 4 second high means that the switch sends 8 highest priority packets before sending 4 second high priority packets Qos level 0 7 priority level can map to highest second high second low lowest
164. tion 3 SWITCH MANAGEMENT The section contains the information about the software function of the Managed Switch Section 4 WEB CONFIGURATION The section explains how to manage the Managed Switch by Web interface Section 5 CONSOLE MANAGEMENT For FGSW 2620PVM and FGSW 2612PVM Only The section describes how to use the Console management interface Section 6 COMMAND LINE INTERFACE The section explains how to manage the Managed Switch by Command Line interface 13 User s Manual of FGSW Series Section 7 SWITCH OPERATION The chapter explains how to does the switch operation of the Managed Switch Section 8 POWER OVER ETHERNET OVERVIEW The chapter introduce the IEEE 802 3af PoE standard and PoE provision of the Managed Switch Section 9 TROUBSHOOTING The chapter explains how to trouble shooting of the Managed Switch Appendix A The section contains cable information of the Managed Switch 14 User s Manual of FGSW Series 1 4 Product Features gt Physical Port m 24 Port 10 100Base TX RJ 45 interfaces m 2 Port Gigabit TP SFP combo interfaces NH Reset button for system management FGSW 2620PVM FGSW 2612PVM 24 Port 10 100Base TX RJ 45 with POE Injector 2 Port Gigabit TP SFP combo interfaces Reset button for system management 1 RS 232 male DB9 console interface for Switch basic management and setup E 24 Port 100Base FX SFP Fast Ethernet slots E 2 Port Gigabit TP SFP combo interfaces NH Reset b
165. ty dictates that it must first be ensured that a valid PD is connected to the PSE s output This process is referred to as line detection and involves the PSE seeking a specific 25 KQ signature resistor Detection of this signature indicates that a valid PD is connected and that provision of power to the device may commence The signature resistor lies in the PD s PoE front end isolated from the rest of the the PD s circuitries till detection is certified Classification Once a PD is detected the PSE may optionally perform classification to determine the maximal power a PD is to consume The PSE induces 15 5 20 5 VDC limited to 100 mA for a period of 10 to 75 ms responded by a certain current consumption by the PD indicating its power class The PD is assigned to one of 5 classes O default class indicates that full 15 4 watts should be provided 1 3 indicate various required power levels and 4 is reserved for future use PDs that do not support classification are assigned to class 0 Special care must be employed in the definition of class thresholds as classification may be affected by cable losses Classifying a PD according to its power consumption may assist a PoE system in optimizing its power distribution Such a system typically suffers from lack of power resources so that efficient power management based on classification results may reduce total system costs 183 User s Manual of FGSW Series Start up Once line detecti
166. uces the installation time 122 User s Manual of FGSW Series 4 13 2 Power Management In a power over Ethernet system operating power is applied from a power source PSU power supply unit over the LAN infrastructure to powered devices PDs which are connected to ports Under some conditions the total output power required by PDs can exceed the maximum available power provided by the PSU The system may a prior be planed with a PSU capable of supplying less power than the total potential power consumption of all the PoE ports in the system In order to maintain the majority of ports active power management is implemented The PSU input power consumption is monitored by measuring voltage and current The input power consumption is equal to the system s aggregated power consumption The power management concept allows all ports to be active and activates additional ports as long as the aggregated power of the system is lower than the power level at which additional PDs cannot be connected When this value is exceeded ports will be deactivated according to user defined priorities The power budget is managed according to the following user definable parameters maximum available power ports priority maximum allowable power per port The Over Temperature Protection of the PoE Switch offers a safety and stable PoE operating by limit the output power according to detected temperature to prevent destructive breakdown due to un expected ove
167. up Only accept command in lowercase letter under web interface The WEB configuration of FGSW 2620PVM FGSW 2612PVM GSW 2624SF is the same with FGSW 2620VM except PoE feature so the FGSW 2620VM will be the example to describe how to configure switch and also will describe PoE configuration in additional 38 User s Manual of FGSW Series 4 1 3 Main WEB PAGE The Managed Switch provides a Web based browser interface for configuring and managing it This interface allows you to access the Managed Switch using the Web browser of your choice This chapter describes how to use the Managed Switch s Web browser interface to configure and manage it Copper Port Link Status SFP Port Link Status FGSW 2620VM HITTITE II PLANET HHHH a o oa Static VLAN System E Port Configuration amp Layer 2 Features VLAN Operation Mode 802 10 E VLAN Static VLAN a asic Trunking Forwarding amp Filtering VLAN Information IGMP Snooping DEFAULT 1 Spanning Tree 4 Main Screen a Security QoS Figure 4 1 3 Main Page Help Button Main Functions Menu Panel Display The web agent displays an image of the Managed Switch s ports The Mode can be set to display different information for the ports including Link up or Link down Clicking on the image of a port opens the Port Statistics page The port states are illustrated as follows State Disabled Down Link RJ 45 Ports SFP Ports _ a a La 39 Main Menu
168. upplicant lt 1 300 gt Parameters lt 1 300 gt specifies the supplicant timeout in seconds dot1x timeout radius server Description Set radius server timeout default 30 seconds Syntax dot1x timeout radius server lt 1 300 gt Parameters lt 1 300 gt specifies the radius server timeout in seconds dot1x max req Description Set 802 1x maximum request retries default 2 times Syntax dot1x max req lt 1 10 gt Parameters 166 User s Manual of FGSW Series User s Manual of FGSW Series lt 1 10 gt specifies the maximum request retries dot1x timeout re authperiod Description Set 802 1x re auth period default 3600 seconds Syntax dot1x timeout re authperiod lt 30 65535 gt Parameters lt 30 65535 gt specifies the re auth period in seconds show dot1x Description Show 802 1x information quiet period Tx period supplicant timeout server timeout maximum requests and re auth period dot1x port Description Set 802 1x per port information Syntax dot1x port lt fu fa au no gt lt port list gt Parameters fu specifies forced unauthorized fa specifies forced authorized au specifies authorization no specifies disable authorization lt port list gt specifies the ports to be set show dot1x port Description Show 802 1x per port information 167 User s Manual of FGSW Series 6 16 Access Control List Packets can be forwarded or dropped by
169. upport 24 ports PoE but FGSW 2612PVM power budget is 110W and support 12 Ports PoE only This chapter will be described how to configure PoE feature by example of FGSW 2620PVM since the operation of FGSW 2612PVM is the same with FGSW 2620PVM 6 18 1 Display System PoE status show poe Description Show System Power over Ethernet information Command Level Global Configuration Example Switch config show poe Maximum Available Power 190Watts System Operation Status on PoE Power Consumption 55 watts Usage Threshold 21 PoE Power limit mode Port Priority show poe status Description Show per PoE port information Command Level Global Configuration Syntax show poe status lt port list gt 173 User s Manual of FGSW Series Parameters lt port list gt specifies the ports to be set If not entered all ports are set Example 1 Example 2 6 18 2 Configure PoE Over Temperature Protection poe temperature protection enable Description Configure PoE over temperature protection to enable or disable Command Level Global Configuration Syntax poe temperature protection enable disable Parameters lt Enable gt Enable PoE power budget change automatically by detected PoE unit temperature lt Disable gt Disable PoE power budget change automatically 174 User s Manual of FGSW Series PoE temperature protection working in Priority mode or Total Limit mode only 6 18 3 Conf
170. ustomers use the same internal VLAN IDs This is accomplished by inserting Service Provider VLAN SPVLAN tags into the customer s frames when they enter the service provider s network and then stripping the tags when the frames leave the network A service provider s customers may have specific requirements for their internal VLAN IDs and number of VLANs supported VLAN ranges required by different customers in the same service provider network might easily overlap and traffic passing through the infrastructure might be mixed Assigning a unique range of VLAN IDs to each customer would restrict customer configurations require intensive processing of VLAN mapping tables and could easily exceed the maximum VLAN limit of 4096 Customer A s LAN Q in Q VLAN Tunnel Customer A s LAN FGSD 2620VM MAN Edge Switch Branch Office Headquarter VLAN Tag gt Y VLAN 1 20 MAN Service Provider Domain a FGSW 2620VM AN Edge Switch 7 a vy wre i T a m BE mi Y VLAN Tag Tag r in 4 VLAN Ta y Q in Q Q in Q g Backbone Core Switch _ 4 VLAN Tag PPPs eee eee VLAN Tag Tag VLAN 1 30 A VLAN 1 30 VLAN Tag FGSD 2620VM MAN Edge Switch Customer B s LAN Customer B s LAN Headquater Q in Q VLAN Tunnel Factory a The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge aggregating traffic from numerous
171. uto MDI MDI X detection That means you can directly connect the Switch to any Ethernet devices without making a crossover cable The following table and diagram show the standard RJ 45 receptacle connector and their pin assignments Media Dependant Interface Tx transmit Tx transmit Tx transmit Tx transmit RJ 45 Connector pin assignment MDI X Media Dependant Interface Cross The standard cable RJ 45 pin assignment User s Manual of FGSW Series The standard RJ 45 receptacle connector There are 8 wires on a standard UTP STP cable and each wire is color coded The following shows the pin allocation and color of straight cable and crossover cable connection Straight Cable 1 2 3 4 5 6 7 8 SIDE 1 SIDE 2 Crossover Cable 1 2 3 4 5 6 7 8 SIDE 1 1 2 3 4 5 6 7 8 SIDE 2 SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown Figure A 1 Straight Through and Crossover Cable SIDE2 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE2 1 White Green 2 Green 3 White Orange 4 Blue 5 White Blue 6 Orange 7 White Brown 8 Brown Please make sure your connected cables are with same pin assignment and color
172. utton for system management gt Layer 2 Features E Complies with the IEEE 802 3 IEEE 802 3u IEEE 802 3ab IEEE 802 3z Gigabit Ethernet standard E Supports Auto negotiation and Half Duplex Full Duplex modes for all 10Base T 100Base TX and Full Duplex mode for 1000Base T ports Auto MDI MDI X detection on each RJ 45 port Prevents packet loss Flow Control e IEEE 802 3x PAUSE frame Flow Control for Full Duplex mode e Back Pressure Flow Control in Half Duplex mode WN High performance Store and Forward architecture broadcast storm control runt CRC filtering eliminates erroneous packets to optimize the network bandwidth 8K MAC Address Table automatic source address learning and ageing Support VLANs e IEEE 802 1Q Tag Based VLAN e Up to 255 VLANs groups out of 4096 VLAN IDs e Port Based VLAN e Q in Q tunneling Double Tag VLAN a Supports Link Aggregation e Up to 13 Trunk groups e Up to 8 ports per trunk group with 1 6Gbps bandwidth Full Duplex mode e IEEE 802 3ad LACP Link Aggregation Control Protocol e Cisco ether Channel Static Trunk Support Spanning Tree Protocol e STP IEEE 802 1D Classic Spanning Tree Protocol e RSTP IEEE 802 1w Rapid Spanning Tree Protocol gt Quality of Service E 4 priority queues on all switch ports E Traffic classification 15 User s Manual of FGSW Series e EEE 802 1p Class of Service e IP TOS DSCP code priority e Port Base priority NH Strict priority and weighted round robi
173. ween 4 through 30 Follow the rule as below to configure the MAX Age Hello Time and Forward Delay Time 2 x Forward Delay Time value 1 gt Max Age value gt 2 x Hello Time value 1 Note Each switch in a spanning tree adopts the Hello Time Forward Delay time and Max Age parameters of the root bridge regardless of how it is configured Note E Root Bridge Information This page provides a status overview for all RSTP bridge instances The displayed table contains a row for each RSTP bridge instance where the column displays the following information The RSTP Bridge Status screen in Figure 4 5 5 appears Root Bridge Information MAC Address 100 30 4F 26 20 D1 Root Path Cost carmona Doy s Figure 4 5 5 RSTP Bridge Status page screenshot The page includes the following fields Object Description e Priority The bridge identifier of the root bridge It is made up from the bridge priority and the base MAC address of the bridge e MAC Address The bridge identifier of the root bridge It is made up from the bridge priority and the base MAC address of the bridge e Root Path Cost For the Root Bridge this is zero For all other Bridges it is the sum of the Port Path Costs on the least cost path to the Root Bridge e Root Port The switch port currently assigned the root port role 83 User s Manual of FGSW Series e Maximum Age Path Cost to the Designated Root for the Root Bridge e Hello Time Mini
174. y an employee called a Network Administrator or Sys Admin This person assigns IP addresses and is responsible for making sure that IP addresses are not duplicated If this happens one or both machines with a duplicate address will stop working Another possibility is getting your address assigned to you automatically over the net via DHCP protocol Enable DHCP function and reset the machine If your network is set up for this service you will get an IP address assigned over the network If you don t get an address in about 30 seconds you probably don t have DHCP E IP Configuration The IP Configuration includes the IP Address Subnet Mask and Gateway The Configured column is used to view or change the IP configuration Fill up the IP Address Subnet Mask and Gateway for the device The screen in Figure 4 2 3 IP Configuration DHCP MERA RF IP Address Subnet Mask Default Gateway 192 168 Figure 4 2 3 IP configuration interface 44 The page includes the following fields Object DHCP IP Address Subnet Mask Gateway User s Manual of FGSW Series Description Enable or disable the DHCP client function When DHCP function is enabled the Managed Switch will be assigned an IP address from the network DHCP server The default IP address will be replaced by the assigned IP address on DHCP server After the user clicks Apply a popup dialog shows up to inform the user that when the DHCP c
175. ype of packet forwarding techniques A Store and Forward Ethernet Switching stores the incoming frame in an internal buffer do the complete error checking before transmission Therefore no error packets occurrence it is the best choice when a network needs efficiency and stability The Ethernet Switch scans the destination address from the packet header searches the routing table pro vided for the incoming port and forwards the packet only if required The fast forwarding makes the switch attractive for connecting servers directly to the network thereby increasing throughput and availability How ever the switch is most commonly used to segment existence hubs which nearly always improves overall performance An Ethernet Switching can be easily configured in any Ethernet network environment to signifi cantly boost bandwidth using conventional cabling and adapters Due to the learning function of the Ethernet switching the source address and corresponding port number of each incoming and outgoing packet are stored in a routing table This information is subsequently used to filter packets whose destination address is on the same segment as the source address This confines network traffic to its respective domain and reduce the overall load on the network The Switch performs Store and forward therefore no error packets occur More reliably it reduces the re transmission rate No packet loss will occur 7 5 Auto Negotiation The STP ports on t
176. z digits 0 9 minus sign No space characters are permitted as part of a name The first character must be an alpha character And the first or last character must not be a minus sign The allowed string length is O to 255 47 User s Manual of FGSW Series e System Location The physical location of this node e g telephone closet 3rd floor The allowed string length is O to 255 and the allowed content is the ASCII characters from 32 to 126 e System Contact The textual identification of the contact person for this managed node together with information on how to contact this person The allowed string length is O to 255 and the allowed content is the ASCII characters from 32 to 126 e SNMP Status Indicates the SNMP mode operation Possible modes are e Enabled Enable SNMP mode operation e Disabled Disable SNMP mode operation 4 2 3 3 Community Strings Community strings serve as passwords and can be entered as one of the following Community Strings Current Strings New Community String private read write all lt lt Add lt lt P Add String Figure 4 2 6 Community strings interface The page includes the following fields Object Description Community Strings Here you can define the new community string set and remove the unwanted community string E String Fill the name string RO Read only Enables requests accompanied by this community string to display MIB object information
Download Pdf Manuals
Related Search