User Manual
Contents
1. Warning i Monitor and Diag O Synchronization t E for port 7 amp port 8 VLAN Access Mode ID Ez VLAN Membership ES vi CT ES EZ ES E 1 ES E B rom 1 C port v Tagged Specific v illTagal Private VLAN 5 S am Se mei mye N SNMP NE B one d s ee fii Traffic Prioritization 3 Unaware NG All Specific t Untag pvid w fii Multicast 4 Unaware d All Specifici 1jjUntag pvid lll Security 5 Unaware v F All v Specific 1 Untag_pvid Waning 6 Unaware v i Untagged W Spedficw 10 Untag pvid v E Monitor HI 7 Unaware v Untagged v Specific v 20 Untag_pvid k G Synchronization cx Se prem gt ees SEN reum PoE 8 Unaware v L Untagged Specific v 30 Untag_pvid gy Factory Default 7 Unaware d E be vi SpecmcM 1 Untag pvid Mi gj System Reboot 10 Unaware wi CI All Specific v 1 Untag pvid 11 Iris au are w 1 All l nacific w l 1 intan nvid KI VLAN 1Q Trunk Mode BEY Switch A Switch B Switch C yan VLAN 10 9000 Series 9000 Series 9000 Series VLAN Trunk VLAN Trunk VLAN 20 VLAN 20 10 20 10 20 Switch B Port 1 VLAN 1Qtrunk mode tagged 10 20 Port 2 VLAN 1Qtrunk mode tagged 10 20 Below are the switch settings ORing Industrial Networking Corp 63 IGS P9812G2. Port port list gt Security Network NAS Configuration lt port list gt Mode enableldisable State lt port list gt Statistics lt port list gt clearleapollradius Security Network ACL Configuration lt port list gt Action lt port list gt permitldeny rate limiter gt lt port redirect gt lt mirror gt lt logging gt lt shutdown gt Policy lt port list gt lt policy gt ORing Industrial Networking Corp 152 Security Network DHCP IGS P9812GP Series User Manual Rate rate limiter list gt lt rate_unit gt lt rate gt Add lt ace_id gt ace 1d next port port list gt policy policy policy bitmask gt lt tagged gt lt vid gt lt tag_prio gt lt dmac_type gt etype lt etype gt lt smac gt lt dmac gt arp lt sip gt lt dip gt lt smac gt lt arp opcode gt arp flags gt ip lt sip gt lt dip gt lt protocol gt ip flags icmp lt sip gt lt dip gt lt icmp_type gt lt icmp_code gt lt ip flags gt udp lt sip gt lt dip gt lt sport gt lt dport gt lt ip_flags gt tcp lt sip gt lt dip gt lt sport gt lt dport gt lt 1p flags gt lt tcp_flags gt permitldeny Late limiter gt lt port_redirect gt lt mirror gt lt logging gt lt shutdown gt Lookup lt ace_id gt Status combi
3. Checkmarks indicate which ports are members of the entry Port Members Check or uncheck to modify the entry Click to add a new entry to the static MAC table You can specify Adding New Static Sen the VLAN ID MAC address and port members for the new entry ntry Click Save to save the changes MAC Table Each page shows up to 999 entries from the MAC table with a default value of 20 selected by the Entries Per Page input field When first visited the web page will show the first 20 entries from the beginning of the MAC Table The first displayed will be the one with the lowest VLAN ID and the lowest MAC address found in the MAC Table The Start from MAC address and VLAN fields allow the user to select the starting point in the MAC table Clicking Refresh will update the displayed table starting from that or the closest next MAC table matches In addition the two input fields will upon clicking Refresh assume the value of the first displayed entry allows for continuous refresh with the same start address The button will use the last entry of the currently displayed VLAN MAC address pairs as a basis for the next lookup When it reaches the end the text no more entries is shown in the displayed table Use the button to start over ORing Industrial Networking Corp 133 ORing IGS P9812GP Series User Manual MAC Address Table Auto refresh C Start from VLAN n D and MAC address 00 00 00 00 00 0
4. EN61000 4 4 EFT EN61000 4 6 EN61000 4 8 EN61000 4 11 Shock IEC60068 2 27 Free Fall IEC60068 2 32 Vibration IEC60068 2 6 Safety EN60950 1 m m lt in Warranty 5 years ORing Industrial Networking Corp 166
5. IGS P9812GP IEC 61850 Industrial Managed Ethernet Switch User Manual Version 1 0 January 2015 www oring networking com ORing Industrial Networking Corp p ORing IGS P9812GP Series User Manual COPYRIGHT NOTICE Copyright 2015 ORing Industrial Networking Corp All rights reserved No part of this publication may be reproduced in any form without the prior written consent of ORing Industrial Networking Corp TRADEMARKS ORing is a registered trademark of ORing Industrial Networking Corp All other trademarks belong to their respective owners REGULATORY COMPLIANCE STATEMENT Product s associated with this publication complies comply with all applicable regulations Please refer to the Technical Specifications section for more details WARRANTY ORing warrants that all ORing products are free from defects in material and workmanship for a specified warranty period from the invoice date 5 years for most products ORing will repair or replace products found by ORing to be defective within this warranty period with shipment expenses apportioned by ORing and the distributor This warranty does not cover product modifications or repairs done by persons other than ORing approved personnel and this warranty does not apply to ORing products that are misused abused improperly installed or damaged by accidents Please refer to the Technical Specifications section for the actual warranty period s of the pr
6. 0000000000 of 1 e O O O O O O O O O O 0000000000 o 000000000 Indicates the ID of each aggregation group Normal means no pore EE a Port Members Lists each switch port for each group ID Select a radio button to include a port in an aggregation or clear the radio button to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an aggregation and the ports must be in the same speed in each group 5 3 3 LACP LACP Link Aggregation Control Protocol trunks are similar to static port trunks but they are more flexible because LACP is compliant with the IEEE 802 3ad standard Hence it is interoperable with equipment from other vendors that also comply with the standard This page allows you to enable LACP functions to group ports together to form single virtual links and change associated settings thereby increasing the bandwidth between the switch and other LACP compatible devices ORing Industrial Networking Corp 22 ORing IGS P9812GP Series User Manual LACP Port Configuration d O Auto iM Active 2 C Auto Active sl 3 O Auto ll Active wj 4 C Auto ell Active wj EZ d aan Em Lucan al Indicates the ID of each aggregation group Normal indicates there is no aggregation Only one group ID is valid per port LACP Enabled Lists each switch
7. 5 4 2 Port Configurations This page allows you to set up VLAN ports individually ORing Industrial Networking Corp 57 ORing IGS P9812GP Series User Manual Auto refresh L Ethertype for Custom S ports Ox ssas VLAN Port Configuration Port VLAN Port Port APS Ingress Filtering Frame Type Mo de Ev Gel e Specific v j 1 Untag pvid CH Specfic 1 Untag pvid v 3 Specific v 1 Untag pvid vi Specific se 1 Untag pvid vi Specfic v 1 Untag pvid v Specfc v 1 Untag pvid Specific ze 3 A Untag pvid v Specific E T Untag pvid v Specific E 1l Untag pvid v Specific 1 Untag pvid Unaware je e EIE EEE Unaware Unaware Unaware Unaware Unaware d Unaware Unaware 1 2 3 4 3 amp 7 8 g Unaware E pue Unaware Specific v E Untag pvid v Specific 1 Untag pvid v 2 LA Unaware d Li 9 4 i 99 C08 i DR E K Unaware ae L eene S Ethertype for This field specifies the Ether type used for custom S ports This is customer S Ports a global setting for all custom S ports The switch port number to which the following settings will b
8. ORing IGS P9812GP Series User Manual which port on each switch to be used as the coupling port and then link them together for example port 1 of switch A to port 2 of switch C and port 1 of switch B to port 2 of switch D Then enable Coupling Ring option by checking the checkbox on the management page and select the coupling ring in correspondence to the connected port For more information on port setting please refer to 4 1 2 Configurations Once the setting is completed one of the connections will act as the main path while the other will act as the backup path Switch B Switch D Main Pathe Backup Pathe Switch A Dual Homing If you want to connect your ring topology to a RSTP network environment you can use dual homing Choose two switches Switch A amp B from the ring for connecting to the switches in the RSTP network Cisco s switches The connection of one of the switches Switch A or B will act as the primary path while the other will act as the backup path that is activated when the primary path connection fails ORing Industrial Networking Corp 18 IGS P9812GP Series User Manual y f f SwitchB y Ey ap y a 7 TE F i ka m HH 5 H zs O Ring gp He HA O Chain When connecting multiple O Rings to meet your expansion demand you can create an O Chain topology through the following steps 1 Select two switches from the chain Switch A amp B that you want to connect
9. Refresh Click to refresh the page immediately Auto refresh Check to enable an automatic refresh of the page at regular intervals Click to clear the counters for all ports 5 3 4 Loop Gourd This feature prevents loop attack When receiving loop packets the port will be disabled automatically preventing the loop attack from affecting other network devices Global Configuration SEO Reif leie Disable Transmission Time seconds Shutdown Time 180 seconds ORing Industrial Networking Corp 55 IGS P9812GP Series User Manual Enable Loop Protection Activate loop protection functions as a whole Transmission Time The interval between each loop protection PDU sent on each port The valid value is 1 to 10 seconds Shutdown Time The period in seconds for which a port will be kept disabled when a loop is detected shutting down the port The valid value is O to 604800 seconds 7 days A value of zero will keep a port disabled permanently until the device is restarted Port Configuration Port Enable ERE m mmo mm Em mm mn ser Shutdown Port Ml Enable SI Port iv Enable v Shutdown Port Enable v Shutdown Pot Enable Shutdown Port v Enable Shutdown Port w Enable IST IS S S S amp s Label Description Enable Activate loop protection functions as a whole
10. The 1 kpps is actually 1002 1 pps ACL Control List An ACE Access Control Entry is an element in an access control list ACL An ACL can have zero or more ACEs Each ACE controls or monitors access to an object based on user defined configurations Each ACE consists of several parameters which vary with the frame type you have selected ACE Configuration Ingress Port DL Action Permit Frame Type pir Rate Limiter Port Copy Logging Shutdown Counter Indicates the ingress port to which the ACE will apply Any the ACE applies to any port Ingress Port Port n the ACE applies to this port number where n is the number of the switch port ORing Industrial Networking Corp 102 IGS P9812GP Series User Manual mE Policy n the ACE applies to this policy number where n can range from 1 to 8 Indicates the frame type of the ACE These frame types are mutually exclusive Any any frame can match the ACE Ethernet Type only Ethernet type frames can match the ACE The IEEE Frame fupe 802 3 descripts the value of length types should be greater than or equal to 1536 decimal equal to 0600 hexadecimal ARP only ARP frames can match the ACE Notice the ARP frames will not match the ACE with Ethernet type IPv4 only IPv4 frames can match the ACE Notice the IPv4 frames will not match the ACE with Ethernet type opecifies the action to take when a frame matches the ACE Permit takes action whe
11. matching the ACE will use this ICMP code value ORing Industrial Networking Corp 109 ORing IGS P9812GP Series User Manual TCP Parameters Source Port Filter Source Port No Dest Port Filter Specific Dest Port No UDP Parameters TCP FIN TCP SYN Source Port Filter TCP RST Source Port No TCP PSH Dest Port Filter TCP ACK Any v v prm Dest Port Range 80 65535 TCP URG i Specifies the TCP UDP source filter for the ACE Any no TCP UDP source filter is specified TCP UDP source filter status is don t care Specific if you want to filter a specific TCP UDP source filter with the TCP UDP ACE you can enter a specific TCP UDP source value A field for entering Source Filter a TCP UDP source value appears Range if you want to filter a specific TCP UDP source range filter with the ACE you can enter a specific TCP UDP source range A field for entering a TCP UDP source value appears When Specific is selected for the TCP UDP source filter you can enter a TCP UDP specific TCP UDP source value The allowed range is 0 to 65535 A frame Source No matching the ACE will use this TCP UDP source value TOBIUDP When Range is selected for the TCP UDP source filter you can enter a Source ange specific TCP UDP source range value The allowed range is 0 to 65535 A frame matching the ACE will use this TCP UDP source value Specifies the TCP UDP destination filter for the ACE Any no TCP UDP des
12. The switch port number to which the following settings will be applied Port Drop down list for selecting a mirror mode Rx only only frames received on this port are mirrored to the mirror port Frames transmitted are not mirrored TX only only frames transmitted from this port are mirrored to the mirror port Frames received are not mirrored Disabled neither transmitted nor received frames are mirrored Enabled both received and transmitted frames are mirrored to the mirror port Note for a given port a frame is only transmitted once Therefore you cannot mirror Tx frames to the mirror port In this case mode for the selected mirror port is limited to Disabled or Rx nly 5 10 4 System Log Information This page provides switch system log information System Log Information Auto refresh L The total number of entries is 1 for the given level Start from ID 1 with 20 entries per page Info 1970 01 01 00 01 09 0000 Port 1 Device 192 168 10 66 Alive Check iD O The ID gt 1 of the system log entry The level of the system log entry The following level types are supported Info provides general information Warning provides warning for abnormal operation Error provides error message All enables all levels The time of the system log entry The MAC address of the switch Check this box to enable an automatic refresh of the page at regular Auto refresh intervals ORing Industrial Networki
13. and is forwarded Will be set to 0x8100 ORing Industrial Networking Corp 59 When the port receives tagged frames 1 If the tagged frame contains a TPID of 0x8100 it will be forwarded 2 If the TPID of tagged frame is not 0x8100 ex 0x88A8 it will be discarded When the port receives untagged frames an untagged frame obtains a tag based on PVID and is forwarded When the port receives tagged frames 1 If the tagged frame contains a TPID of 0x8100 it will be forwarded 2 If the TPID of tagged frame is not 0x88A8 ex 0x8100 it will be discarded S custom port When the port receives untagged frames an untagged frame obtains a tag based on PVID and is forwarded When the port receives tagged frames 1 If the tagged frame contains a TPID of 0x8100 it will be forwarded 2 If the TPID of tagged frame is not 0x88A8 ex 0x8100 it will be discarded VID 5 TPID 8100 VID 5 TPID 88A8 9000 Series IGS P9812GP Series User Manual The TPID of a frame transmitted by S port Will be set to 0x88A8 The TPID of a frame transmitted by S custom port will be set to a self customized value which can be set by the user via Ethertype for Custom S ports QinQ VID 5 TPID 8100 VIDzPVID TPID 8100 Packet Discarded ORing Industrial Networking Corp 60 IGS P9812GP Series User Manual RK VLAN VID TPID 8100 9000 Series VID 8 TPID 88A8 Packet Discarded No VLA
14. file name Load ip server file name check Configuration lt port_list gt Config Firmware T Load ip addr string file name SNMP Engine ID lt engineid gt Community Add community lt ip_addr gt ip mask gt Community Delete index Community Lookup lt index gt ORing Industrial Networking Corp 158 Firmware IGS P9812GP Series User Manual User Add lt engineid gt user name MDSISHA auth password DES priv password User Changekey lt engineid gt user name auth password priv password Group Add security model security name group name Group Delete index Group Lookup lt index gt View Add view name includedlexcluded oid subtree gt View Lookup lt index gt Access Add group name security model security level read view name lt write view name Access Delete index Access Lookup lt index gt Load ip addr string file name PTP Configuration lt clockinst gt PortState lt clockinst gt lt port list ClockCreate lt clockinst gt devtype lt twostep gt lt protocol gt oneway lt clockid gt lt tag_enable gt lt vid gt lt prio gt ClockDelete lt clockinst gt lt devtype gt DefaultDS lt clockinst gt lt priorityl gt lt priority2 gt domain CurrentDS clockinst ParentDS lt c
15. power QoS IDSCP Map lt dscp_list gt lt class gt lt dpl gt DSCP Translation lt dscp_list gt trans dscp DSCP Trust lt dscp_list gt enableldisable DSCP Classification Mode lt dscp_list gt enableldisable DSCP Classification Map lt class_list gt dpl list gt ORing Industrial Networking Corp 155 Mirror Dot1x IGS P9812GP Series User Manual lt dscp gt DSCP EgressRemap lt dscp_list gt lt dpl_list gt lt dscp gt Storm Unicast enableldisable lt packet_rate gt Storm Multicast enableldisable lt packet_rate gt Storm Broadcast enableldisable lt packet_rate gt QCL Add lt qce_id gt lt qce_id_next gt lt port_list gt tag lt vid gt pcp lt dei gt lt smac gt lt dmac_type gt etype lt etype gt LLC lt DSAP gt lt SSAP gt lt control gt SNAP lt PID gt ipv4 protocol lt sip gt dscp lt fragment gt lt sport gt lt dport gt ipv6 lt protocol gt lt sip v6 dscp lt sport gt lt dport gt lt class gt dp lt classified_dscp gt QCL Delete lt qce_id gt QCL Lookup lt qce_id gt QCL Status combinedlstaticlconflicts QCL Refresh Configuration lt port_list gt Port lt port gt Idisable Mode lt port_list gt enableldisablelrxltx State lt port_list gt Period lt reauth_period gt Tim
16. 3 O mto sl Loss Edge sj 4 a n Auto i 4 HO auto sl j 128 w Edge 9 H m o Auto E 5 E ato ML 1284 Edge E asa a Auto x 6 D Mto sit 128i Edge E EL E R Auto m re zum a rasa m La Lal r1 em z Port The switch port number to which the following settings will be applied STP Enabled Check to enable STP for the port Configures the path cost incurred by the port Auto will set the path cost according to the physical link speed by using the 802 1D recommended values Specific allows you to enter a user defined value The path cost Path Cost is used when establishing an active topology for the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports The range of valid values is 1 to 200000000 Configures the priority for ports having identical port costs See above A flag indicating whether the port is connected directly to edge devices OpenEdge or not no bridges attached Transiting to the forwarding state is faster setate flag for edge ports operEdge set to true than other ports ORing Industrial Networking Corp 30 IGS P9812GP Series User Manual AdminEdge Configures the operEdge flag to start as set or cleared the initial operEdge state when a port is initialized Check to enable the bridge to detect edges at the bridge port AutoEdge automatically This allows operEdge to be derived from whether BPDUs are received on the port or not When ena
17. Configures the action to take when a loop is detected Valid values include Shutdown Port Shutdown Port and Log or Log Only Tx Mode Controls whether the port is actively generating loop protection PDUs or only passively look for looped PDUs 5 4 VLAN 5 4 1 VLAN Membership A VLAN Virtual LAN is a logical LAN based on a physical LAN with links that does not consist of a physical wired or wireless connection between two computing devices but is implemented using methods of network virtualization A VLAN can be created by partitioning a physical LAN into multiple logical LANs using a VLAN ID You can assign switch ports to a ORing Industrial Networking Corp 56 ORing IGS P9812GP Series User Manual VLAN and add new VLANs in this page VLAN Membership Configuration Start from VLAN 1 l with 20 j entries per page Port Members Delete VLAN ID VLAN Name 17345 6 7 89 1011 12 default AAAA ll Checkmarks indicate which ports are members of the entry Port Members Check or uncheck as needed to modify the entry Click to add a new VLAN ID An empty row is added to the table and the VLAN can be configured as needed Valid values for a VLAN ID are 1 through 4095 Add NSW VAM After clicking Save the new VLAN will be enabled on the selected switch stack but contains no port members A VLAN without any port members on any stack will be deleted when you click Save Click Delete to undo the addition of new VLANS
18. ID The VLAN ID of the entry IGMP Snooping Check to enable IGMP snooping for individual VLAN Up to 32 Enable VLANs can be selected IGMP Querier Check to enable the IGMP Querier in the VLAN 5 7 3 IGMP Snooping Status This page provides IGMP snooping status Auta refresh L IGMP Snooping Status Statistics WLAN Querier Host Querier Queries Queries V1 Reports V Reports V3 Reports V Leaves ID Version Version Status Transmitted Received Received Received Received Received v3 DISABLE 0 Router Port Port Status 2 3 d 5 D ORing Industrial Networking Corp 93 IGS P9812GP Series User Manual V1 Reports l The number of received V1 reports Receive V2 Reports The number of received V2 reports Receive V3 Reports The number of received V3 reports Receive 5 7 4 Groups Information of IGMP Snooping Information about entries in the IGMP Group Table is shown in this page The IGMP Group Table is sorted first by VLAN ID and then by group IGMP Snooping Group Information Auto refresh Start from VLAN 1 and group address 224 0 0 0 with 20 entries per page Port Members VLAN ID Groups 1234567891011 12 13 14 15 16 17 18 19 20 Mo more entries Groups The qoupaddess ofthe group displayed ORing Industrial Networking Corp 94 ORing IGS P9812GP Series User Manual 5 8 Security 5 8 1 Remote Control Security Configurations Remote Control Security allows you to limit remote a
19. LLDP traffic Two types of counters are shown Global counters will apply settings to the whole switch stack while local counters will apply settings to specified switches ORing Industrial Networking Corp 42 ORing IGS P9812GP Series User Manual Auto refresh Global Counters Neighbor entries were last changed at 1970 01 01 04 03 03 0000 26 sec ago Total Neighbors Entries Added Total Neighbors Entries Deleted Total Neighbors Entries Dropped Total Neighbors Entries Aged Out LLDP Statistics Local Counters Local Port Tx Frames Rx Frames Rx Errors Frames Discarded TLVs Discarded TLVs Unrecognized Org Discarded Age Outs un fork e e e e e oos Ov Ui P CJ NJ oOGOOGOKHOONORSO o00OOGOOGOKOOGO OOOoOOoooooooo OOOoOOoOooooooo OOcooooooooo OOcoooooocoooo om o0000000000 OOcoOoooooooooo Global Counters Neighbor entries l Shows the time when the last entry was deleted or added were last changed at Total Neighbors Entries Added Total Neighbors Shows the number of new entries added since switch reboot l Shows the number of new entries deleted since switch reboot Entries Deleted Total Neighbors Shows the number of LLDP frames dropped due to full entry table Entries Dropped Total Neighbors Shows the number of entries deleted due to expired time to live Entries Aged Out Local Counters If a port receives an LLDP frame and the switch s internal table is full the LLDP frame will
20. Moumtmg 12 3 3 VG ee 13 Soal EJ 0 ee EEE EEE EEE EEE EEE EE EEE EE 14 Do Vc als cs NR um 14 335 Redundant elle 14 3 4 EE 14 341 o 14 EEE 16 3 4 3 OG bmoiC Cham enne enn nnnn nnne nnne nnn sns na sns na anrea nns 17 alle rye 20 4 1 GE M 20 dsl M 20 4 1 2 Configurations essseessssssesesseeee nennen nennen nnne nnne nnne nnne nnns a nana nnn 20 4 2 OG e et EE M 22 GN NNN 22 EEE E e aie EE 22 4 3 MP 23 SC Du We el e EE 23 4 3 2 Configurations rrrarrrnnrerrarerranrrnarernanernanernanennanennanennunennasennsennasennasennasennnsen 23 4 4 SE PPS TP csscacmsoeceesenaeeteneseneescensectseesnobe ese nesenese ese besseesenessee ssosneoosesneeosess 24 LS MESI 24 aA M E 27 ORing Industrial Networking Corp 2 ORing IGS P9812GP Series User Manual AS P e EN 30 4 5 FE EE EG MT TTT 31 MANAGEMENT MEE 33 5 1 BASIC SENGS aa 34 5 1 1 System Information 34 5 1 2 Admin amp Password nennen nne nenne nennen nnn nnns 35 e RE en 11 e A 36 X EMIT CMMEEEEEEEEEEEEEEEEEEEEEEEEEEEMMM 36 SLS PVO SENGS EE 37 5 1 6 Daylight Saving Tme isrsirrssriserassonnissisnssnneinnudsnudscadsnndanudanadusadenndarudunedinuinauian 38 F ATP 40 STAK o Cm 40 e
21. Provides the managed VLAN ID The allowed range is 1 through 4095 DNS Server Enter the IP address of the DNS server in dotted decimal notation Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 5 IPv6 Settings IPv6 is the next generation IP that uses a 128 bit address standard It is developed to supplement and eventually replace the IPv4 protocol You can configure IPv6 information of the switch on the following page IPv6 Configuration Configured Current Auto Configuration 192 0 2 1 Address 192 0 2 1 Link Local Address feg0 21e 94ff fe01 6735 Prefix os 06 Router Save Reset Check to enable IPv6 auto configuration If the system cannot obtain the AU stateless address in time the configured IPv6 settings will be used The uto router may delay responding to a router solicitation for a few seconds Configuration therefore the total time needed to complete auto configuration may be much longer Add opecify an IPv6 address for the switch IPv6 address consists of 128 bits ress represented as eight groups of four hexadecimal digits with a colon ORing Industrial Networking Corp 37 IGS P9812GP Series User Manual separating each field For example in fe80 215 c5ff fe03 4dc7 the symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can
22. Root Port The switch port currently assigned the root port role Root path cost For a root bridge this is zero For other bridges it Root Cost is the sum of port path costs on the least cost path to the Root Bridge The current state of the Topology Change Flag for the bridge Topology Flag Instance Topology Change Last The time since last Topology Change occurred as Click to refresh the page immediately Check this box to enable an automatic refresh of the page at Auto refresh regular intervals ORing Industrial Networking Corp 24 ORing STP Port Status IGS P9812GP Series User Manual This page displays the STP port status for the currently selected switch SIP Port Status Auto refresh CIST Role CIST State Uptime Non STP Non STP Non STP Non STP Non STP Non STP Non STP Mon STP Non STP Non STP Non STP Mon STP Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding The switch port number to which the following settings will be applied The current STP port role of the CIST port The values include CIST Role AlternatePort BackupPort RootPort and DesignatedPort The current STP port state of the CIST port The values include mm Blocking Learning and Forwarding Uptime The time since the bridge port is last initialized Refresh Click to refresh the page immediately Check this bo
23. be counted and discarded This situation is known as too many neighbors in the LLDP standard LLDP Frames Discarded frames require a new entry in the table if Chassis ID or Remote Port ID is not included in the table Entries are removed from the table when a given port links down an LLDP shutdown frame is received ORing Industrial Networking Corp 43 IGS P9812GP Series User Manual MEN or when the entry ages out Each LLDP frame can contain multiple pieces of information known TLVs Discarded as TLVs Type Length Value If a TLV is malformed it will be counted and discarded TLVs Unrecognized The number of well formed TLVs but with an unknown type value Org Discarded The number of organizationally TLVs received Each LLDP frame contains information about how long the LLDP information is valid age out time If no new LLDP frame is Age Outs received during the age out time the LLDP information will be removed and the value of the age out counter will be incremented Refresh Click to refresh the page immediately D Click to clear the local counters All counters including global ear counters are cleared upon reboot Check to enable an automatic refresh of the page at regular Auto refresh intervals 5 1 10 NTP Network Time Protocol NTP is a networking protocol for clock synchronization between computer systems over packet switched variable latency data networks NTP Configuration Disabl
24. communications between the supplicant and the switch If more than one supplicant are connected to a port the one that comes first when the port s link is connected will be the first one considered If that supplicant does not provide valid credentials within a certain amount of time the chance will be given to another supplicant Once a supplicant is successfully authenticated only that supplicant will be allowed access This is the most secure of all the supported modes In this mode the Port Security module is used to secure a supplicant s MAC address once successfully authenticated b Multi 802 1X In port based 802 1X authentication once a supplicant is successfully authenticated on a port the whole port is opened for network traffic This allows other clients connected to the port for instance through a hub to piggy back on the successfully authenticated client and get network access even though they are not authenticated individually To overcome this security breach use the Multi 802 1X variant Multi 802 1X is not yet an IEEE standard but features many of the same characteristics as port based 802 1X In Multi 802 1X one or more supplicants can be authenticated on the same port at the same time Each supplicant is authenticated individually and secured in the MAC table using the Port Security module In Multi 802 1X it is not possible to use the multicast BPDU MAC address as the destination MAC address for EAPOL frames sent from
25. e esses soe sedet e gea pee pEE Repo EPEe Ep ripe anni nni nier 141 5 12 Troublesbootmg 0 cece cece ceeece sees eeceeeeeeeeseeeseeeseueeeeeeseeesaeessueesueesseeseeeseueeaeeeaes 143 5 12 1 FAC IORI cct 143 5 12 2 System Reboot rrrrrnnrrnnnrennnrennnrennnrennnrennrennnrennnrennrnnnrennnsennnsennnsennnee 143 5 13 Command Line Interface Management 144 Technical Specifications SESS MIORGEGSIS ORing Industrial Networking Corp 5 ORing IGS P9812GP Series User Manual Getting Started 1 1 About the IGS P9812GP In conformity with the IEC 61850 3 and IEEE 1613 standards the IGS P9812GP is an industrial managed Ethernet switch designed for power substation applications The device is also ideal for rolling stock applications due to its EN50155 compliance The device features 8x10 100 1000Base T X ports and 12x100 1000Base X SFP ports and provides complete support of Ethernet redundancy protocols such as MSTP RSTP STP compatible as well as O Ring recovery time lt 30ms for over 250 connected devices topologies and hence can protect your mission critical applications from network interruptions or temporary malfunctions With a wide operating temperature from 40 750C the device can be managed centralized via ORing s proprietary Open Vision platform as well as via Web based interfaces Telnet and console CLI 1 2 Software Features B Supports O Ring recovery
26. for all LLDP neighbors The following table contains ORing Industrial Networking Corp 4 ORing IGS P9812GP Series User Manual information for each port on which an LLDP neighbor is detected The columns include the following information Auto refresh L Local Port Chassis ID Remote Port ID System Name Port Description System Capabilities Management Address Port 8 00 1E 94 12 45 78 IGS 9812GP Bridge 192 168 10 14 IPv4 Local Port The port that you use to transmits and receives LLDP frames The identification number of the neighbor sending out the LLDP Chassis ID frames Remote Port ID The identification of the neighbor port System Name The name advertised by the neighbor Port Description The description of the port advertised by the neighbor Description of the neighbor s capabilities The capabilities include 1 Other Repeater Bridge WLAN Access Point System Capabilities Mid Telephone DOCSIS Cable Device Station Only 2 3 4 D 6 7 8 9 Reserved When a capability is enabled a will be displayed If the capability is disabled a will be displayed Management The neighbor s address which can be used to help network Address management This may contain the neighbor s IP address Refresh Click to refresh the page immediately Check to enable an automatic refresh of the page at regular Auto refresh intervals Port Statistics This page provides an overview of all
27. g 800 Mbps 5 6 9 DSCP Based QoS This page allows you to configure DSCP based QoS Ingress Classification settings for all ports DSCP Based QoS Ingress Classification DSCP Bb fee feeb be ii i in ORing Industrial Networking Corp Trust QoS Class DPL IGS P9812GP Series User Manual DSCP Maximum number of supported DSCP values is 64 Check to trust a specific DSCP value Only frames with trusted DSCP values are mapped to a specific QoS class and drop precedence level Frames with untrusted DSCP values are treated as a non IP frame QoS Class QoS class value can be any number from 0 7 Drop Precedence Level 0 1 5 6 10 DSCP Translation This page allows you to configure basic QoS DSCP translation settings for all switches DSCP translation can be done in Ingress or Egress DSCP Translation Ingress Egress Translate Classify Remap DPO Remap DP1 DSCP A Vi T 4 4 4 lt gt BE 0 BE lt gt 4 e gt D m 4 BE e 4 ur 4 u ra KU Kik ik Kik ET EJ KIK aE M lt J E Gn 4 G3 RJ KS 4 cn 4 n ga 4 C51 CSI CS DSCP Maximum number of supported DSCP values is 64 and valid DSCP value ranges from 0 to 63 Ingress DSCP can be first translated to new DSCP before using the DSCP for QoS class and DPL map There are two configuration parameters for DSCP Translation 1 Trans
28. is allowed don t care opecifies whether frames will meet the action according to their ARP RARP protocol address space PRO settings ORing Industrial Networking Corp 108 IGS P9812GP Series User Manual 0 ARP RARP frames where the PRO is equal to IP 0x800 must not match this entry 1 ARP RARP frames where the PRO is equal to IP 0x800 must match this entry Any any value is allowed don t care ICMP Parameters ICMP Type Filter ICMP Type Value ICMP Code Filter ICMP Code Value Specifies the ICMP filter for the ACE Any no ICMP filter is specified ICMP filter status is don t care ICMP Type Filter Specific if you want to filter a specific ICMP filter with the ACE you can enter a specific ICMP value A field for entering an ICMP value appears When Specific is selected for the ICMP filter you can enter a ICMP Type Value specific ICMP value The allowed range is 0 to 255 Aframe matching the ACE will use this ICMP value opecifies the ICMP code filter for the ACE Any no ICMP code filter is specified ICMP code filter status is don t care ICMP Code Filter p Specific if you want to filter a specific ICMP code filter with the ACE you can enter a specific ICMP code value A field for entering an ICMP code value appears When Specific is selected for the ICMP code filter you can enter a ICMP Code Value specific ICMP code value The allowed range is 0 to 255 A frame
29. is used for authentication Check to enable fallback to local authentication If none of the configured authentication servers are active the local user database is used for authentication This is only possible if Authentication Method is set to a value other than none or local Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 4 IP Settings You can configure IP information of the switch in this page IP Configuration Configured Current DHCP Client Renew IP Address 192 168 10 1 192 168 10 1 IP Mask 222 252 255 0 233 233 233 0 IP Router 0 0 0 0 VLAN ID 1 DNS Server 0 0 0 0 ORing Industrial Networking Corp 36 IGS P9812GP Series User Manual Enable the DHCP client by checking this box If DHCP fails or the DHCP Client configured IP address is zero DHCP will retry If DHCP retry fails DHCP will stop trying and the configured IP settings will be used Assigns the IP address of the network in use If DHCP client function is enabled you do not need to assign the IP address The network DHCP IP Address l l l l l server will assign an IP address to the switch and it will be displayed in this column The default IP is 192 168 10 1 Assigns the subnet mask of the IP address If DHCP client function is enabled you do not need to assign the subnet mask Assigns the network gateway for the switch The default gateway is IP Router 192 168 10 254 VLAN ID
30. port for each group ID Check to include a port in an aggregation or clear the box to remove the port from the aggregation By default no ports belong to any aggregation group Only full duplex ports can join an aggregation and the ports must be in the same speed in each group The Key value varies with the port ranging from 1 to 65535 Auto will set the key according to the physical link speed 10Mb 1 100Mb 2 1Gb 3 Specific allows you to enter a user defined value Ports with the same key value can join in the same aggregation group while ports with different keys cannot Indicates LACP activity status Active will transmit LACP packets every second while Passive will wait for a LACP packet from a partner speak if spoken to Click to save changes Click to undo changes made locally and revert to previous values LACP System Status This page provides a status overview for all LACP instances LACP System Status AcariIp Partner Partner Last Local ag System ID Key Changed Ports No ports enabled or no existing partners ORing Industrial Networking Corp 53 IGS P9812GP Series User Manual Aggr ID The aggregation ID is associated with the aggregation instance For LLAG the ID is shown as isid aggr id and for GLAGs as aggr id Partner System ID System ID MAC address of the aggregation partner Partner Key The key assigned by the partner to the aggregation ID Last Changed The time since this aggreg
31. range is 0 to 7 Any means that no tag priority is specified tag priority is don t care IP Parameters IP Protocol Filter IP Protocol Value 6 IP TTL Non zero iM IP Fragment IP Option SIP Filter SIP Address SIP Mask DIP Filter Network ze DIP Address DIP Mask ae eem S opecifies the IP protocol filter for the ACE Any no IP protocol filter is specified don t care Specific if you want to filter a specific IP protocol filter with the ACE choose this value A field for entering an IP protocol filter appears ICMP selects ICMP to filter IPv4 ICMP protocol frames Extra fields for defining ICMP parameters will appear For more details of these IP Protocol Filter fields please refer to the help file UDP selects UDP to filter IPv4 UDP protocol frames Extra fields for defining UDP parameters will appear For more details of these fields please refer to the help file TCP selects TCP to filter IPv4 TCP protocol frames Extra fields for defining TCP parameters will appear For more details of these fields please refer to the help file to 255 Frames matching the ACE will use this IP protocol value Specifies the time to live settings for the ACE Zero IPv4 frames with a time to live value greater than zero must not be able to match this entry ORing Industrial Networking Corp 105 ORing IGS P9812GP Series User Manual Non zero IPv4 frames with a time to live field greater tha
32. successfully authenticated to the backend server Port and MAC based Counts the number of times that the switch receives a failure message This indicates that the supplicant client has not authenticated to the backend server Port based Counts the number of times that the switch attempts to send a supplicant s first response packet to the backend server Indicates the switch attempted communication with the backend server Possible retransmissions are not counted MAC based Counts all the backend server packets sent from the switch towards the backend server for a given port left most table or client right most table Possible retransmissions are not counted Information about the last supplicant client that attempts to Last authenticate This information is available for the following Supplicant Client administrative states Info 802 1X MAC based Auth ORing Industrial Networking Corp 127 Last Supplicant Client Info IEEE Name MAC IGS P9812GP Series User Manual Description Add dotixAuthLastEapolFrameSource The MAC address of the last supplicant client VLAN The VLAN ID on which the last frame from the last ID supplicant client was received 802 1X based The protocol version number carried in the most Version dotixAuthLastEapolFrameVersion recently received EAPOL frame MAC based Not applicable 802 1X based The user name supplicant identity carried in the most recentl
33. switch Combined fM Auto refresh E QoS Control List Status Action User QCE Frame Type Port Class DPL DSCP Conflict No entries User Indicates the QCL user ORing Industrial Networking Corp 90 IGS P9812GP Series User Manual QCE Indicates the index of QCE Indicates the type of frame to look for incoming frames Possible frame types are Any the QCE will match all frame type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are Frame Type allowed LLC Only LLC frames are allowed SNAP Only SNAP frames are allowed IPv4 the QCE will match only IPV4 frames IPv6 the QCE will match only IPV6 frames Indicates the list of ports configured with the QCE Pot 0 Indicates the classification action taken on ingress frame if parameters configured are matched with the frame s content There are three action fields Class DPL and DSCP Class Classified QoS if a frame matches the QCE it will be put in the DPL Drop Precedence Level if a frame matches the QCE then DP level will set to a value displayed under DPL column DSCP if a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column Displays the conflict status of QCL entries As hardware resources are shared by multiple applications resources required to add a QCE may not be available In that case it shows conflict status as Yes otherwise Eo itis always No Please note that conflict c
34. the authentication configuration page and the first server in the list is currently down but not considered dead if the supplicant retransmits EAPOL Start frames at a rate faster than X seconds it will never be authenticated because the switch will cancel on going backend authentication server requests whenever it receives a new EAPOL Start frame from the supplicant Since the server has not failed because the X seconds have not expired the same server will be contacted when the next backend authentication server request from the switch This scenario will loop forever Therefore the server timeout should be smaller than the supplicant s EAPOL Start frame retransmission rate a Single 802 1X In port based 802 1X authentication once a supplicant is successfully authenticated on a port the whole port is opened for network traffic This allows other clients connected to the port for instance through a hub to ORing Industrial Networking Corp 122 ORing Industrial Networking Corp IGS P9812GP Series User Manual piggy back on the successfully authenticated client and get network access even though they are not authenticated individually To overcome this security breach use the Single 802 1X variant oingle 802 1X is not yet an IEEE standard but features many of the same characteristics as port based 802 1X In Single 802 1X at most one supplicant can get authenticated on the port at a time Normal EAPOL frames are used in the
35. the switch to the supplicant since that would cause all supplicants attached to the port to reply to requests sent from the switch Instead the switch uses the supplicant s MAC address which is obtained from the first EAPOL Start or EAPOL Response Identity frame sent by the supplicant An exception to this is when no supplicants are attached In this case the switch sends EAPOL Request Identity frames using the BPDU multicast MAC address as destination to wake up any supplicants that might be on the port 123 IGS P9812GP Series User Manual The maximum number of supplicants that can be attached to a port can be limited using the Port Security Limit Control functionality MAC based Auth Unlike port based 802 1 X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and the switch acts as the supplicant on behalf of clients The initial frame any kind of frame sent by a client is snooped by the switch which in turn uses the client s MAC address as both username and password in the subsequent EAP exchange with the RADIUS server The 6 byte MAC address is converted to a string in the following form xx Xx xx xx xx xx that is a dash is used as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge authentication method so the RADIUS server must be configured accordingly When auth
36. time 30ms over 250 units of connection and MSTP RSTP STP compatible for Ethernet redundancy B X Supports Open Ring to interoperate with other vendors ring technology in open architecture Supports O Chain to allow multiple redundant network rings Supports standard IEC 62439 2 MRP Media Redundancy Protocol function Supports IEEE 1588v2 clock synchronization Supports IPV6 new internet protocol version Supports Modbus TCP protocol Supports IEEE 802 3az Energy Efficient Ethernet technology Provides HT TPS SSH protocols to enhance network security Supports SMTP client and NTP server protocol Supports IP based bandwidth management Supports application based QoS management Supports Device Binding security function Supports DOS DDOS auto prevention Supports IGMP v2 v3 IGMP snooping support to filter multicast traffic Supports SNMP v1 v2c v3 amp RMON amp 802 1Q VLAN network management Supports ACL TACACS and 802 1x user authentication for security Supports 9 6K Bytes Jumbo frame ORing Industrial Networking Corp 6 ORing IGS P9812GP Series User Manual Supports DBU 01 backup unit device to quickly backup restore configuration Supports multiple notifications for incidents Supports management via Web based interfaces Telnet Console CLI and Windows utility Open Vision Supports LLDP Protocol Hardware Specifications 8 x 10 100 1000Base T X Ethernet ports 12 x 100 1000Base X with SFP port
37. to the O Ring and connect them to the switches in the ring Switch C amp D 2 In correspondence to the port connected to the ring configure an edge port for both of the connected switches in the chain by checking the box in the management page see 4 1 2 Configurations 3 Once the setting is completed one of the connections will act as the main path and the other as the backup path Switch C So vg vil nee NON Switch D Switch B ORing Industrial Networking Corp 19 ORing IGS P9812GP Series User Manual Redundancy Redundancy for minimized system downtime is one of the most important concerns for industrial networking devices Hence ORing has developed proprietary redundancy technologies including O Ring O Chain and Open Ring featuring faster recovery time than existing redundancy technologies widely used in commercial applications such as STP RSTP and MSTP ORing s proprietary redundancy technologies not only support different networking topologies but also assure the reliability of the network 4 1 O Ring 4 1 1 Introduction O Ring is ORing s proprietary redundant ring technology with recovery time of less than 10 milliseconds and up to 250 nodes The ring protocols identify one switch as the master of the network and then automatically block packets from traveling through any of the network s redundant loops In the event that one branch of the ring gets disconnected from the rest of the
38. within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled The time interval measured in milliseconds between the most recent Access Round Reply Access Challenge and the Access Request that matched it from the RADIUS Trip radiusAuthClientExtRoundTripTime authentication server The granularity of this measurement is 100 ms A value of Time 0 ms indicates that there hasn t been round trip communication with the server yet RADIUS Accounting Statistics for Server 1 Receive Packets Transmit Packets Responses Requests Malformed Responses Retransmissions Bad Authenticators Pending Requests Unknown Types Timeouts Packets Dropped Other Info IP Address 0 0 0 0 1813 State Disabled Round Trip Time ms ae nenne S RADIUS accounting server packet counters There are five receive and four transmit counters Direction RFC4670 Name Description The number of RADIUS packets valid or invalid received from the server The number of malformed RADIUS packets received BA from the server Malformed packets include packets Responses radiusAccClientExtResponses radiusAccClientExtMalformedResponses with an invalid length Bad authenticators or or unknown types are not included as malformed access responses The number o
39. 1 with 20 entries per page Port Members VL AN MAC Address CPU 1 2 3 4 5 6 7 8 9 10 11 12 Static OO 1E 94 98 89 89 wi Static 00 1E 94 FF FF FF wi Static 01 80 C2 4A 44 06 y wi wi wi v vow wi wi wi wi v wi Static 33 33 FF A8 0A 01 wi Static 33 33 FF FF FF FF v Static FF FF FF FF FE FF wi ww ww ww www ooo 5 10 2 Port Statistics Traffic Overview This page provides an overview of general traffic statistics for all switch ports Port Statistics Overview Auto refresh L Port Packets Bytes Errors Drops Filtered Receive Transmit Receive Transmit Receive Transmit Receive Transmit Receive 117980 86946125 9117790 6259918088 0 0 0 0 0 e e a 08732984 68732987 4957477714 4957477932 24710409 0 0 0 0 0 0 0 0 0 0 66732985 08732987 4957477883 4957477932 25204638 0 COOOOOrxOOOO Du D O G O DG QG O G O G J O D O Q O Q OQ O D eiuouocctudoccduocct l 0 0 g 0 The switch port number to which the following settings will be applied The number of received and transmitted packets per port The number of received and transmitted bytes per port The number of frames received in error and the number of incomplete transmissions per port ORing Industrial Networking Corp 134 IGS P9812GP Series User Manual ops The number frames discarded due tingess regress congestion rent The umber of received ames tered Hiere Detailed Statistics This page provides detailed traffic statistics f
40. 128 wj MST6 128 MST7 v Save Reset Label MSTI The bridge instance CIST is the default instance which is always active Priority Indicates bridge priority The lower the value the higher the priority The bridge ORing Industrial Networking Corp 29 IGS P9812GP Series User Manual priority MSTI instance number and the 6 byte MAC address of the switch forms a bridge identifier Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 4 4 3 CIST With the ability to cross regional boundaries CIST is used by MSTP to communicate with other MSTP regions and with any RSTP and STP single instance spanning trees in the network Any boundary port that is if it is connected to another region will automatically belongs solely to CIST even if it is assigned to an MSTI All VLANs that are not members of particular MSTIs are members of the CIST Port Settings STP CIST Ports Configuration CIST Aggregated Ports Configuration Port Path Cost Priority Admin Edge Auto Edge Restricted Point to Role TCN point Edge vj E F C Forced True BPDU Guard CIST Normal Ports Configuration STP NNI Port Path Cost Priority S Restricted Point to Ad Ed Auto Ed BPDU G d i min ge uto Edge se uar Een 1 Auto SI 1285 Edge E 4 4 a Auto E 2 fate si 1289 Edge Oo B m Auto y
41. 14 15 16 17 18 19 20 Instance Type No Clock Instances Present Add New PTP Clock ORing Industrial Networking Corp 141 ORing Label Delete Clock Instance Device Type Port List 2 Step Flag Clock Identity One Way Protocol VLAN Tag Enable ORing Industrial Networking Corp IGS P9812GP Series User Manual Check this box and click Save to delete the clock instance Indicates the instance of a particular clock instance 0 3 Click on the clock instance number to edit the clock details Indicates the type of the clock instance There are five device types Ord Bound ordinary boundary clock P2p Transp peer to peer transparent clock E2e Transp end to end transparent clock Master Only master only Slave Only slave only Set check mark for each port configured for this Clock Instance Static member defined by the system true if two step Sync events and Pdelay_Resp events are used Shows a unique clock identifier If true one way measurements are used This parameter applies only to a slave In one way mode no delay measurements are performed i e this is applicable only if frequency synchronization is needed The master always responds to delay requests Transport protocol used by the PTP protocol engine Ethernet PTP over Ethernet multicast ip4multi PTP over IPv4 multicast ip4uni PTP over IPv4 unicast Note IPv4 unicast protocol only works in Master Only and Slave Only clocks For m
42. 6 Disabled a 7 Disabled a 3 Disabled CO 9 Disabled O 10 Disabled C 11 Disabled 12 Disabled 13 n el nl Insel nisl nieahlad 1 ORing Industrial Networking Corp 76 ORing IGS P9812GP Series User Manual Pot The port number for which the configuration below applies Controls the default QoS class All frames are classified to a QoS class There is a one to one mapping between QoS class queue and priority A QoS class of 0 zero has the lowest priority If the port is VLAN aware and the frame is tagged then the frame is classified to a QoS class that is based on the PCP value in the tag as shown below Otherwise the frame is classified to the default QoS class PCP value 01234567 QoS class 10234567 If the port is VLAN aware the frame is tagged and Tag Class is QoS Class enabled then the frame is classified to a QoS class that is mapped from the PCP and DEI value in the tag Otherwise the frame is classified to the default QoS class The classified QoS class can be overruled by a QCL entry Note if the default QoS class has been dynamically changed then the actual default QoS class is shown in parentheses after the configured default QoS class Controls the default Drop Precedence Level All frames are classified to a DP level If the port is VLAN aware and the frame is tagged then the frame is classified to a DP level that is equal to the DEI value in the tag Bp evel Otherwise the frame is clas
43. AN Configurations of IGMP Snooping If a VLAN is not IGMP snooping enabled it floods multicast data and control packets to the entire VLAN in hardware When snooping is enabled IGMP packets are trapped to the CPU Data packets are mirrored to the CPU in addition to being VLAN flooded The CPU then installs hardware resources so that subsequent data packets can be switched to desired ports in hardware without going to the CPU Each page shows up to 99 entries from the VLAN table depending on the value in the Entries per Page field By default the page will show the first 20 entries from the beginning of the VLAN table The first displayed will be the one with the lowest VLAN ID found in the VLAN Table ORing Industrial Networking Corp 92 ORing IGS P9812GP Series User Manual The VLAN field allows the user to select the starting point in the VLAN Table Clicking Refresh will update the displayed table starting from that or the next closest VLAN Table match The gt gt button will use the last entry of the currently displayed entry as a basis for the next lookup When the end is reached the text No more entries is shown in the displayed table Use the lt lt button to start over ISMP Snooping VLAN Configuration Start from VLAN I with 20 entries per page Delete VLANID Snooping Enabled IGMP Querier L 1 Delci Check to delete the entry The designated entry will be deleted during elete the next save VLAN
44. D Settings When setting the management VLAN only the same VLAN ID port can be used to control the switch 9000ies VLAN Settings Open al IP Configuration Ey System Information Ey Front Panel E Basic Setting Basic Setting Admin Password Auth Method IP Setting IPv6 Setting HTTPS S9 LLDP Modbus TCP Backup Restore Upgrade Firmware Configured Current DHCP Client TT Renew IP Address mus 168 10 2 192 168 10 2 2 IP Mask 3 3 255 255 235 0 M 2 33 255 235 IP Router 0 0 0 0 0 0 0 0 ES ESI m 5 4 3 Private VLAN A private VLAN contains switch ports that can only communicate with a given uplink The restricted ports are called private ports Each private VLAN typically contains many private ports and a single uplink The switch forwards all frames received on a private port out the uplink port regardless of VLAN ID or destination MAC address A port must be a member of both a VLAN and a private VLAN to be able to forward packets This page allows you to configure private VLAN memberships for the switch By default all ports are VLAN unaware and members of VLAN 1 and private VLAN 1 ORing Industrial Networking Corp 66 ORing IGS P9812GP Series User Manual Private VLAN Membership Configuration Port Members Delete PVLANID 1 2 3 4 5 6 7 8 9 101112 1 fe e be Pe Ded e Ded e Dv Del v v A row of check boxes for each port is displayed for each priva
45. EEE 802 1Q for VLAN Tagging IEEE 802 1w for RSTP Rapid Spanning Tree Protocol IEEE 802 1s for MSTP Multiple Spanning Tree Protocol IEEE 802 1x for Authentication IEEE 802 1AB for LLDP Link Layer Discovery Protocol Switching latency 7 us Switching bandwidth 40Gbps Max Number of Available VLANs 256 IGMP multicast groups 128 for each VLAN Port rate limiting User Define Switch Properties Https SSH enhance network security Device Binding security feature Enable disable ports MAC based port security Port based network access control 802 1x Security Features VLAN 802 1Q to segregate and secure network traffic Radius centralized password management SNMPv3 encrypted authentication and access security Https SSH enhance network security STP RSTP MSTP IEEE 802 1D w s Redundant Ring O Ring with recovery time less than 30ms over 250 units TOS Diffserv supported Quality of Service 802 1p for real time traffic VLAN 802 1Q with VLAN tagging and GVRP supported IGMP Snooping NTP Server Software Features SNMP v1 v2c v3 MIB RMON IP based bandwidth management Application based QoS management DOS DDOS auto prevention Port configuration status statistics monitoring security DHCP Server Client Relay SMTP Client Modbus TCP O Ring Open Ring O Chain MRP Fast Recovery MSTP RSTP STP compatible RS 232 Serial Console Port RS 232 in RJ45 connector with console cable 115200bps 8 N 1 LED indicators ORing In
46. IPv6 Ping IPv6 Ping IPv6 Address Ping Size PING6 server 192 168 10 1 sendto sendto sendto sendto sendto Sent 5 packets received 0 OK 0 bad 5 11 Synchronization 5 11 1 PTP External Clock Mode PTP External Clock Mode is a protocol for synchronizing clocks throughout a computer network On a local area network it achieves clock accuracy in the sub microsecond range making it suitable for measurement and control systems ORing Industrial Networking Corp 140 ORing IGS P9812GP Series User Manual PTP External Clock Mode One PPS Mode External Enable VCXO Enable Clock Frequency One pps mode The box allows you to select One pps mode configurations The following values are possible Output enable the 1 pps clock output Input enable the 1 pps clock input Disable disable the 1 pps clock in out put External Enable The box allows you to configure external clock output The following values are possible True enable external clock output False disable external clock output VCXO Enable The box allows you to configure the external VCXO rate adjustment The following values are possible True enable external VCXO rate adjustment False disable external VCXO rate adjustment Clock Frequency The box allows you to set clock frequency The range of values is 1 25000000 1 25MHz 5 11 2 PTP Clock Configurations PTP Clock Configuration Port List Clock Device Delete 1234567891011 12 13
47. M 2900 VLAN VLAN X TRUNK 200 VLAN EP ds TRUNK 200 Setting VLAN QinQ 200 9000 Series Port 1 VLAN Settings VLAN Membership Configuration Start from VLAN 1 with entries per page Open all Ey System Information Ey Front Panel Basic Setting DHCP ServerRelay Port Setting ER Redundancy S VLAN g VLAN Membership ga Ports ER Private VLAN SNMP E Traffic Prioritization a Multicast sf Security Port Members 12345 67 8 9 1011 12 default MAAA MM ding dd Y JE TE TE IE IL IE JE TET Delete VLAN ID VLAN Name 200 ORing Industrial Networking Corp 65 IGS P9812GP Series User Manual Open all Auto refresh L l System Information gy Front Panel Ethertype for Custom S ports 0x ssas Basic Setting D M DHCP SeverRelay VLAN Port Configuration Port Setting E Redundancy E VLAN Port VLAN Port Type Ingress Filtering Frame Type Mode ID Tx Tag Ey VLAN Membership a wl UE ER ai Specific 200 Untag all Private VLAN 2 moser Tagged None 1 Tag al SNMP fa Traffic Prioritization Mntag ICA e v Specie Specric v Jnaware GM I Multicast 4 Unaware All v Specific hdd a il Untag prid v ZO Security 5 Unaware v All v Specific 3 g Untag pvid ze r ja 208 pr ss aM Warning 6 Unaware v Al sl Specific L ai 1 Untag pvid VLAN I
48. N VID 8 TPID 8100 SH VLAN r VLAN VID TPID 8100 Packet Discarded 9000 Series VID 10 VID 10 TPID 88A8 TPID 88A8 xi ha be RER Unis TST ORing Industrial Networking Corp 61 IGS P9812GP Series User Manual TPID 8100 Packet Discarded Ja 9000 Series VID 5 TPID 88A8 VID 5 TPID 8123 S custom port is used for user defined TPID While Ethertype for Custom S ports is configured to 8123 1 outgoing packet will bring with TPID 8123 tag D wm mm mm mm ioo ke EE 4 Examples of VLAN Settings VLAN Access Mode mE T E SI Switch A Switch B Switch C Ba IP VLAN 10 9000 Series 9000 Series 9000 Series VLAN Trunk VLAN Trunk VLAN 20 10 20 mn ay KI Switch A Port 7 is VLAN Access mode Untagged 20 Port 8 is VLAN Access mode Untagged 10 VLAN 20 Below are the switch settings ORing Industrial Networking Corp 62 IGS P9812GP Series User Manual Open all VLAN Membership Configuration System Information Basic Setting DHCP Server Relay Start fram VLAN with 20 entries per page Port Setting Redundancy VLAN Ey VLAN Membership Ey Ports M Private VLAN m SNMP Traffic Prioritization Add New VLAN Multicast B oon for port 1 VLAN trunk setting Bn HERRENE Port Members Delete VLAN ID VLAN Name 17345 6 7 8 9 1011 12 n H
49. Network is selected for the target IP filter you can enter a Target IP Mask specific target IP mask in dotted decimal notation Specifies whether frames will meet the action according to their sender hardware address field SHA settings ARP SMAC Match 0 ARP frames where SHA is not equal to the SMAC address 1 ARP frames where SHA is equal to the SMAC address Any any value is allowed don t care opecifies whether frames will meet the action according to their target hardware address field THA settings 0 RARP frames where THA is not equal to the SMAC address 1 RARP frames where THA is equal to the SMAC address Any any value is allowed don t care RARP SMAC Match opecifies whether frames will meet the action according to their ARP RARP hardware address length HLN and protocol address length PLN settings IP Ethernet 0 ARP RARP frames where the HLN is equal to Ethernet 0x06 and Length the PLN is equal to IPv4 0x04 must not match this entry 1 ARP RARP frames where the HLN is equal to Ethernet 0x06 and the PLN is equal to IPv4 0x04 must match this entry Any any value is allowed don t care opecifies whether frames will meet the action according to their ARP RARP hardware address space HRD settings 0 ARP RARP frames where the HLD is equal to Ethernet 1 must not match this entry 1 ARP RARP frames where the HLD is equal to Ethernet 1 must match this entry Any any value
50. P Series User Manual Open all VLAN Membership Configuration gj System Information E Basic Setting mS DHCP Server Relay Start from VLAN with 20 entries per page Port Setting Redundancy VLAN Ey VLAN Membership Ey Ports Private VLAN H SNMP Traffic Prioritization E Multicast d Security Open all Auto refresh L gy System Information Ej Front Panel Ethertype for Custom S ports 0Xlssas a Basic Setting DE EN VLAN Port Configuration HE Port Setting fli Redundancy Yn pu is Ingress Filtering Frame Type E SE Ey VLAN Membership e C ES Port Members Delete VLANID VLAN Name 1234567 8 9 1011 12 x bed Tel ll ld KT kl ke 10 vLAN10 KUCH C1 EJ 20 vLAN20 MMII JL IL IL JL LE CJ CJ fin Private VLAN HE SNMP Traffic Prioritization LE Multicast E Security ml Warming Unaware M Monitor and Diag amp Synchronization PoE poco s Ey Factory Default 9 Unaware vi gy System Reboot 10 Unaware 11 Unaware se 12 Unaware vi Specific a Specific 1 an sl Specific m 1 untag_pvid v Specific 1 Untag pvid Specific zl 1 Untag pvid v Specific wi a Untag pvid vi Specific ze 1 Untag pvid v j Specific Untag pvid vi Specific v v POM SA ee fele VLAN Hybrid Mode Port 1 VLAN Hybrid mode untagged 10 Tagged 10 20 Below are the switch settings Open all VLAN Membership Configur
51. P filter for the ACE Any no destination IP filter is specified destination IP filter is don t care Host destination IP filter is set to Host Specify the destination IP address in the DIP Address field that appears Network destination IP filter is set to Network Specify the destination IP address and destination IP mask in the DIP Address and DIP Mask fields that appear DIP Address When Host or Network is selected for the destination IP filter you ORing Industrial Networking Corp 106 IGS P9812GP Series User Manual can enter a specific DIP address in dotted decimal notation When Network is selected for the destination IP filter you can enter a specific DIP mask in dotted decimal notation ARP Parameters ARP RARP Request Reply Sender IP Filter Sender IP Address Sender IP Mask Target IP Filter Target IP Address Target IP Mask 1 B 1 B IP Ethernet Length 192 168 1 1 IP 255 255 255 0 Ethernet 192 168 1 254 255 255 255 0 l yt RARP SMAC Match EN b al 1 w Other ARP SMAC Match ARP RARP Request Reply Sender IP Filter Sender IP Address Sender IP Mask Specifies the available ARP RARP opcode OP flag for the ACE Any no ARP RARP OP flag is specified OP is don t care ARP frame must have ARP RARP opcode set to ARP RARP frame must have ARP RARP opcode set to RARP Other frame has unknown ARP RARP Opcode flag Specifies the available ARP RARP opcode OP flag for th
52. S Filter lt port_list gt sourceldestination Port DDOS Action lt port_list gt do nothinglblock 1 minlblock 10 minslblocklshutdownl only logireboot device Port DDOS Status lt port list gt Port Alive Mode lt port_list gt enableldisable Port Alive Action lt port list gt do nothingllink changelshutdownlonly loglreboot devic e Port Alias lt port_list gt lt ip_addr gt Port DeviceType lt port_list gt unknownlip camlip phonelaplpclplcInvr Port Location lt port list gt device location gt Port Description lt port list gt lt device_description gt MRP Mode enableldisable Manager enableldisable React enableldisable IstRingPort mrp port gt 2ndRingPort mrp port gt ORing Industrial Networking Corp 163 IGS P9812GP Series User Manual Parameter MRP TOPNRmax value Parameter MRP TOPchgT lt value gt Modbus Status Mode enableldisable ORing Industrial Networking Corp 164 ORing IGS P9812GP Series User Manual Technical Specifications SPURL DG PLN SP Sel dG Pa Physical Ports 10 100 1000Base T X Ports in RJ 45 Auto MDI MDIX Technology IEEE 802 3 for 10Base T IEEE 802 3u for 100Base TX and 100Base FX IEEE 802 3ab for 1000Base T IEEE 802 z for 1000Base X IEEE 802 3x for Flow control IEEE 802 3ad for LACP Link Aggregation Control Protocol Ethernet Standards IEEE 802 1p for COS Class of Service I
53. TCP UDP port 0 65535 or Any specific value or port range applicable for IP protocol UDP TCP Dport Destination TCP UDP port 0 65535 or Any specific value or port range applicable for IP protocol UDP TCP Action Parameters Class QoS class 0 7 or Default Valid Drop Precedence Level value can be 0 1 or Default ORing Industrial Networking Corp mm Industrial Networking Corp 89 IGS P9812GP Series User Manual Valid DSCP value can be 0 63 BE CS1 CS7 EF or AF11 AF43 or Default Default means that the default classified value is not modified by this QCE 5 6 13 QoS Counters This page provides the statistics of individual queues for all switch ports Queuing Counters Auto refresh 1 LU g g g g g 0 0 LU g g g g 0 2 0 g g g g g 0 g LU 0 g g g g A 3 g g g g 0 g g g g LU g g g g g 0 4 g g g g g g 0 0 LU g g g g 0 5 0 g 0 g 0 0 0 0 g 0 0 0 g g g 0 o g g 0 0 0 0 A 0 g 0 0 0 g A g A Z Ab g g g g 0 g g g g g g g o 493 5 1307 g 0 g 0 g g g 0 0 LU g 0 g 2326 g LU g g g 0 g LU g LU LU o g g g LU Port Tho switch port number o which the folowing setings wil be applic an Thereare 8 005 queues per porn Q0 is the towestpioriy 5 6 14 QCL Status This page shows the QCL status by different QCL users Each row describes the QCE that is defined It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations The maximum number of QCEs is 256 on each
54. al Networking Corp 148 IGS P9812GP Series User Manual System Timezone offset Log lt log_id gt alllinfolwarninglerror clear DHCP enableldisable Setup lt ip_addr gt lt ip mask gt lt ip_router gt lt vid gt Ping ip addr string lt ping length gt SNTP lt ip_addr_string gt Port Configuration lt port_list gt upldown Mode lt port list gt autollOhdxI10fdxI100hdxI100fdxI1000fdxIsfp auto ams Flow Control lt port_list gt enableldisable State lt port_list gt enableldisable MaxFrame lt port_list gt lt max_frame gt Power lt port_list gt enableldisablelactiphyldynamic Statistics lt port_list gt lt command gt upldown VeriPHY lt port_list gt SFP lt port_list gt Excessive lt port_list gt discardlrestart MAC ORing Industrial Networking Corp 149 IGS P9812GP Series User Manual VLAN Configuration port list tx tag lt port_list gt untag pvidluntag allltag all PortType lt port list unawarelc portls portls custom port Lookup lt vid gt name lt name gt Name Lookup lt name gt Status lt port_list gt combinedilstaticlnasImstplalllconflicts Private VLAN Configuration lt port list gt Add pvlan 1d lt port_list gt Delete pvlan id ORing Industrial Networking Corp 150 IGS P9812GP Series User Manual Lookup lt pvlan_id gt Isola
55. alues Disabled the server is disabled Not Ready the server is enabled but IP communication is not yet up and running Ready the server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts QOhRingindusialNetwokingCop mg Industrial Networking Corp 115 IGS P9812GP Series User Manual Dead X seconds left accounting attempts are made to this server but it does not reply within the configured timeout The server has temporarily been disabled but will be re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled Authentication and Accounting Server Statistics This page shows the access statistics of the authentication and accounting servers Use the server drop down list to switch between the backend servers to show related details RADIUS Authentication Statistics for Server 1 Server 1 Auto refresh CI Receive Packets Transmit Packets Access Accepts Access Requests Access Rejects Access Retransmissions Access Challenges Pending Requests Malformed Access Responses Timeouts Bad Authenticators Unknown Types Packets Dropped Other Info IP Address 0 0 0 0 1812 State Disabled Round Trip Time ms RADIUS authentication server packet counters There are seven receive and four transmit counters Directio
56. an be resolved by releasing the hardware resources required to add the QCL entry by pressing Resolve Conflict button 5 Multicast 5 7 1 IGMP Snooping IGMP Internet Group Management Protocol snooping monitors the IGMP traffic between hosts and multicast routers The switch uses what IGMP snooping learns to forward multicast traffic only to interfaces that are connected to interested receivers This conserves bandwidth by allowing the switch to send multicast traffic to only those interfaces that are connected to hosts that want to receive the traffic instead of flooding the traffic to all interfaces in the VLAN This page allows you to set up IGMP snooping configurations ORing Industrial Networking Corp 91 IGS P9812GP Series User Manual IGMP Snooping Configuration Global Configuration Snooping Enabled C Unregistered IPMCv4 Flooding Enabled Port Related Configuration Port Router Port Fast Leave LLET ET EJ EJ E13 E LET ET ET EJ EJ E Snooping Enabled Check to enable global IGMP snooping Unregistered Check to enable unregistered IPMC traffic flooding IPMCv4Flooding enabled opecifies which ports act as router ports A router port is a port on the Ethernet switch that leads towards the Layer 3 Router Port multicast device or IGMP querier If an aggregation member port is selected as a router port the whole aggregation will act as a router port Check to enable fast leave on the port 5 7 2 VL
57. appear only once It can also represent a legally valid IPv4 address For example 192 1 2 34 Eum opecify an IPv6 address for the switch IPv6 address consists of 128 bits represented as eight groups of four hexadecimal digits with a colon separating each field For example in fe80 215 c5ff fe03 4dc7 the symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it can appear only once It can also represent a legally valid IPv4 address For example 192 1 2 34 Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 6 Daylight Saving Time Time Zone Configuration Time Zone Configuration Time Zone Acronym MEE 0 16 characters Lists various Time Zones world wide Select appropriate Time Time Zone Zone from the drop down and click Save to set User can set the acronym of the time zone This is a User Acronym configurable acronym to identify the time zone Range Up to 16 alpha numeric characters and can contain or Daylight Saving Time Configuration Daylight Saving Time Mode Daylight Saving Time d tecurring Daylight Saving Time This is used to set the clock forward or backward according to the ORing Industrial Networking Corp 38 IGS P9812GP Series User Manual configurations set below for a defined Daylight Saving Time duration Select Disable to di
58. ate of each port shaper The default value is 500 Port Shaper Rate This value is restricted to 100 to 1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Configures the unit of measurement for each port shaper rate as Port Shaper Unit kbps or Mbps The default value is kbps Weighted Weighted scheduling will deliver traffic on a rotating basis It can guarantee each queue s minimum bandwidth based on their bandwidth weight when there is traffic congestion Only when a port has more traffic than it can handle will this mode be activated A queue is given an amount of bandwidth regardless of the incoming traffic on that port Queue with larger weights will have more guaranteed bandwidth than others with smaller weights Poti el QoS Egress Port Scheduler and Shapers Port 1 Port Shaper Enable Rate Unit Q6 A amp 10 069 09 10 10 099 ME gg ORing Industrial Networking Corp 83 IGS P9812GP Series User Manual Scheduler Mode Two scheduling modes are available Strict Priority or Weighted Queue Shaper Enabl Check to enable queue shaper for individual switch ports nable Configures the rate of each queue shaper The default value is Queue Shaper Rate 500 This value is restricted to 100 to 1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Configures the rate of each queue shaper The default value is Queues Shaper Unit 500 Thi
59. ation Ey System Information Basic Setting fl DHCP Serer Relay Start from VLAN 1 1 with 20 20 entries per page a Port Setting Redundancy s Port Members Delete VLAN ID VLAN Name 172 352456067 891011 12 TE mr Mk dd Ports Ee ey Private VLAN an vlan20 kl JE 3E JE JE JE JE od E EJ Ha SNMP Traffic Prioritization Add New VLAN Multicast I Security ORing Industrial Networking Corp 64 Open all System Information Front Panel Basic Setting DHCP Server Relay Port Setting DW Redundancy gy VLAN Membership ga Ports DR Private VLAN w SNMP Traffic Prioritization Multicast Security I Waming B Monitor and Diag Synchronization PoE Factory Default System Reboot VLAN QinQ Mode IGS P9812GP Series User Manual Auto refresh L Ethertype for Custom S ports Oxssas VLAN Port Configuration Untag pvid EE j i mee pvid 3 i oe e Ge A A Untag pvid Leg ess Spedficv 1 Untag pvid WE Specific Si mf Untag pvid v Specie _ Untag_pvid v Specific Unaware Unaware Unaware 9 Unaware wj J 10 Unaware 11 Unaware aa E d d L a d d d 12 Unaware Specific v VLAN QinQ mode is usually adopted when there are unknown VLANs as shown in the figure below VLAN X Unknown VLAN VLAN X tagged X tagged tagged 200 Packet BM 2900 B
60. ation and that the clients do npt need special supplicant software to authenticate The disadvantage is that MAC addresses can be spoofed by malicious users equipment whose MAC address is a valid RADIUS user can be used by anyone and only the MD5 Challenge method is supported 802 1X and MAC Based authentication configurations consist of two sections system and port wide ORing Industrial Networking Corp 119 ORing IGS P9812GP Series User Manual Network Access Server Configuration System Configuration Mode Disabled i Reauthentication Enabled Reauthentication Period EAPOL Timeout Aging Period Hold Time seconds seconds seconds seconds Port Configuration Port State Force Authorized wj Force Unauthorized MAC based Auth ei Ad m in State wi Globally Disabled Reauthenticate Rainitialize Globally Disabled Reauthenticate Rainitialize Globally Disabled Reauthenticate Rainitialize Globally Disabled a4 d 2 3 802 1X 4 5 Force Authorized Reauthenticati on Enabled Reauthenticati on Period EAPOL Timeout ORing Industrial Networking Corp Globally Disabled Reauthenticate Raj Indicates if 802 1X and MAC based authentication is globally enabled or disabled on the switch If globally disabled all ports are allowed to forward frames If checked clients are reauthenticated after the interval specified by
61. ation changed Last Changed Indicates which ports belong to the aggregation of the switch stack The format is Switch ID Port Click to refresh the page immediately Auto refresh Check to enable an automatic refresh of the page at regular intervals LACP Status This page provides an overview of the LACP status for all ports LACP Status Auto refresh Refresh LACP Key AggrID Partner Partner system ID Port No e z No S s No e S No S No 5 i Ul da W NJ e Yes is means LACP is enabled and the port link is up No is means LACP is not enabled or the port link is down Backup means the port cannot join in the aggregation group unless other ports are removed The LACP status is disabled The key assigned to the port Only ports with the same key can be aggregated Retesh T Clektoretesh the page mmmedatey Check to enable an automatic refresh of the page at regular Auto refresh intervals ORing Industrial Networking Corp 54 ORing IGS P9812GP Series User Manual LACP Statistics This page provides an overview of the LACP statistics for all ports LACP Statistics Auto refresh C Port LACP LACP Discarded Transmitted Received Unknown Illegal VD DD J Ch Un J bo hd eoagodouoccuuoctctu D O OG DO D O QO O QO O DO D eOgoOooooouuoadocd g 0 0 0 g 0 0 0 0 0 0 LU Pon Swtnport umber O The number of unknown or illegal LACP frames discarded at each port
62. authentication protocol Protocol SHA an optional flag to indicate that this user is using SHA authentication protocol The value of security level cannot be modified if the entry already exists which means the value must be set correctly at the time of entry creation A string identifying the authentication pass phrase For MD5 Authentication authentication protocol the allowed string length is 8 to 32 For SHA Password authentication protocol the allowed string length is 8 to 40 Only ASCII characters from 33 to 126 are allowed Indicates the privacy protocol that this entry should belong to Possible privacy protocols include Privacy Protocol None no privacy protocol DES an optional flag to indicate that this user is using DES authentication protocol A string identifying the privacy pass phrase The allowed string length Privacy Password is 8 to 32 and only ASCII characters from 33 to 126 are allowed ORing Industrial Networking Corp 72 ORing IGS P9812GP Series User Manual 5 5 4 SNMP Group Configurations An SNMP group is an access control policy for you to add users Each SNMP group is configured with a security model and is associated with an SNMP view A user within an SNMP group should match the security model of the SNMP group These parameters specify what type of authentication and privacy a user within an SNMP group uses Each SNMP group name and security model pair must be unique This page allows you
63. bled the port will not be selected as root port for CIST or any MSTI even if it has the best spanning tree priority vector Such a port will be selected as an alternate port after the root port has been selected If set spanning trees will lose connectivity It can be set by a Restricted Role network administrator to prevent bridges outside a core region of the network from influencing the active spanning tree topology because those bridges are not under the full control of the administrator This feature is also known as Root Guard When enabled the port will not propagate received topology change notifications and topology changes to other ports If set it will cause temporary disconnection after changes in an active spanning trees topology as a result of persistent incorrectly learned station location Restricted TCN information It is set by a network administrator to prevent bridges outside a core region of the network from causing address flushing in that region because those bridges are not under the full control of the administrator or is the physical link state for the attached LANs transitions frequently Configures whether the port connects to a point to point LAN rather than Bombe a shared medium This can be configured automatically or set to true or false manually Transiting to forwarding state is faster for point to point LANs than for shared media Click to undo any changes made locally and revert to previously saved val
64. ccess to the management interface When enabled requests of the client which is not in the allowed list will be rejected Remote Control Security Configuration Web Telnet SNMP 5 8 2 Device Binding Device binding is ORing s proprietary technology which binds the IP MAC address of a device with a specified Ethernet port If the IP MAC address of the device connected to the Ethernet port does not conform to the binding requirements the device will be locked for security concerns Device binding also provides security functions via alive checking streaming check and DoS DDosS prevention Device Binding iain Enable we DDOS Alive Check Stream Check Prevention Active Status Active Status Active Status IP Address MAC Address Device 2 O O O 00 00 00 00 gp qim x 00 00 00 00 omm LL ORing Industrial Networking Corp 95 ORing IGS P9812GP Series User Manual Indicates the device binding operation for each port Possible modes are disable Scan scans IP MAC automatically but no binding function Binding enables binding Under this mode any IP MAC that does not match the entry will not be allowed to access the network Shutdown shuts down the port No Link Alive Check Check to enable alive check When enabled switch will ping the Active device continually Indicates alive check status Possible statuses are disable Alive Check Got Re
65. ceived on the port are classified to the port VLAN ID If the classified VLAN ID of a frame transmitted on the port is different from the port VLAN ID a VLAN tag with the classified VLAN ID will be inserted in the frame Configures the VLAN identifier for the port The allowed range of the values is 1 through 4095 The default value is 1 Port VLAN ID Note The port must be a member of the same VLAN as the port VLAN ID Determines egress tagging of a port Untag pvid all VLANs Tx Tag except the configured PVID will be tagged Tag all all VLANs are tagged Untag all all VLANs are untagged Introduction of Port Types Below is a detailed description of each port type including Unaware C port S port and S custom port renge Denge Unaware When the port receives untagged frames an The TPID of a frame The function untagged frame obtains a tag based on PVID transmitted by of Unaware and is forwarded Unaware port will be can be used When the port receives tagged frames set to 0x8100 for 802 1QinQ 1 If the tagged frame contains a TPID of The final status of the double tag 0x8100 it will become a double tag frame and frame after egressing will be forwarded will also be affected 2 If the TPID of tagged frame is not 0x8100 ex by the Egress Rule 0x88A68 it will be discarded When the port receives untagged frames an The TPID of a frame untagged frame obtains a tag based on PVID transmitted by C port
66. console via Telnet Step 1 Telnet to the IP address of the switch from the Run window by inputingcommands or from the MS DOS prompt as below me 3 xl Type Ehe name of program Folder document or Internet resource and Windows will open it For vau telnet 192 168 10 1 cance Browse Step 2 The Login screen will appear Use the keyboard to enter the Username and Password same as the password for Web browser and then press Enter cho rma p c Telnet 192 168 10 1 IG5 P9812GP LU Command Line Interface Username Password ORing Industrial Networking Corp 147 LA IGS P9812GP Series User Manual System settings and reset options IP configuration and Ping Port management MAG address table Virtual LAM Private WLAN Security management Spanning Tree Protocol Link Aggregation Link Aggregation Control Protocol Link Layer Discovery Protocol Power Over Ethernet Quality of Service Port mirroring Load Save of configuration via TFTP Download of firmware via TFTP IEEE1588 Precision Time Protocol Loop Protection VIP PEE E Snooping Fault Alarm Configuration Event Selection DHCP Server Configuration Ring Gonfiguration Chain Gonfiguration Remote Control Security Fast HRecovery Configuration SFP Monitor Configuration Device Binding Configuration MRP Configuration Modebus TCP Configuration Fastrecovery SFF PeviceBindingy ww Modbus ORing Industri
67. ctntitictntiixtutitixtuinistuticixtnteintntinintntnisius 85 5 6 10 DSCP Translatnon 86 5 6 11 PP NNN 87 5 6 12 QoS Control Det 87 5 6 13 OS COUMO S eege 90 5 6 14 EN 90 5 7 MI 91 9 1 IOMP SMOODING ett 91 5 7 2 VLAN Configurations of IGMP Gnoopimg 92 5 7 3 IGMP Snooping Status cccccceeccseeeseeeceeeeeeeeeeeeseeeseeeseueeeeeeaeeseeeseeeseeees 93 5 7 4 Groups Information of IGMP Snooping vrnrrevrnnnvvrnnnvvrnnevernnerernnerernnenennnnn 94 5 8 OS CUNY ee 95 5 8 1 Remote Control Security Configurations ccccecceceseeeceeeseeeeeeeeseeeseeees 95 5 8 2 Device Bmdmg 95 Jo AOE O 100 5 8 4 Authentication Authorization and Accoumtmg 112 NERIS Uo cc 112 ee NL ee 118 5 9 ITE UU T UU Uum 128 5 9 1 Fault Alarm seoernnnrnnrnnnrnnnrvnnennrnnernnnennnnnernnnnnnennnnnnnnnennnnennnnnnennnnnnnnneennene 128 5 9 2 System Warming eccesso ceuccsne ctn ctetu ctu tu siu sieaulsindt aisttautsisteiictachictastesieceetcicetacieaies 128 5 10 Monitor and Dag 131 5 10 1 MEINE 131 5 10 2 Port Statistics ass 134 5 10 3 Bei VITON O EEE EE 136 5 10 4 System Log Intormatton 137 5 10 5 Galle DIAGMOS e 138 ORing Industrial Networking Corp ORing IGS P9812GP Series User Manual 5 10 6 FRU 139 5 10 7 10 PEER S 139 5 11 Sjel adel 4 E 140 5 11 1 PTP External Clock Mode 140 5 11 2 PIP Glock GConflgur
68. cure channel between two networked PCs You can configure the SSH mode in the following page ORing Industrial Networking Corp 40 IGS P9812GP Series User Manual Indicates the selected SSH mode The modes include Enabled enable SSH Disabled disable SSH Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 9 LLDP LLDP Configurations LLDP Link Layer Discovery Protocol provides a method for networked devices to receive and or transmit their information to other connected devices on the network that are also using the protocols and to store the information that is learned about other devices This page allows you to examine and configure current LLDP port settings LLDP Configuration LLDP Parameters Tx Interval _ Mode Disabled The switch port number to which the following settings will be applied Indicates the selected LLDP mode Rx only the switch will not send out LLDP information but LLDP information from its neighbors will be analyzed Tx only the switch will drop LLDP information received from its neighbors but will send out LLDP information Disabled the switch will not send out LLDP information and will drop LLDP information received from its neighbors Enabled the switch will send out LLDP information and will analyze LLDP information received from its neighbors LLDP Neighbor Information This page provides a status overview
69. current STP MSTI bridge instance MSTI Configuration Add VLANs separated by spaces or comma Unmapped VLANs are mapped to the CIST The default bridge instance Configuration Identification gt Configuration Name O0 1e 94 ff ff ff pr Configuration Revision 0 MSTI Mapping MSTI VLANs Mapped ORing Industrial Networking Corp 28 IGS P9812GP Series User Manual The name which identifies the VLAN to MSTI mapping Bridges must share the name and revision see below as well as the Configuration Name VLAN to MSTI mapping configurations in order to share spanning trees for MSTIs intra region The name should not exceed 32 characters Configuration Revision of the MSTI configuration named above This must be The bridge instance The CIST is not available for explicit mapping as it will receive the VLANs not explicitly mapped The list of VLANs mapped to the MSTI The VLANs must be separated with commas and or space A VLAN can only be VLANS Mapped mapped to one MSTI An unused MSTI will be left empty ex without any mapped VLANs Click to save changes Click to undo any changes made locally and revert to previously saved values Priority This page allows you to examine and change the configurations of current STP MSTI bridge instance priority MSTI Configuration MSTI Fronty Configuration je MSTI Priority CIST 128 Mj Mer 128 MST2 128 v MST3 128 MST4 128 Mera
70. de IEEE 802 1X and MAC based The IEEE 802 1X standard defines a port based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication One or more backend servers RADIUS determine whether the user is allowed access to the network MAC based authentication allows for authentication of more than one user on the same port and does not require the users to have special 802 1X software installed on their system The switch uses the users MAC addresses to authenticate against the backend server As intruders can create counterfeit MAC addresses MAC based authentication is less secure than 802 1X authentication Overview of 802 1X Port Based Authentication In an 802 1X network environment the user is called the supplicant the switch is the authenticator and the RADIUS server is the authentication server The switch acts as the man in the middle forwarding requests and responses between the supplicant and the authentication server Frames sent between the supplicant and the switch is special 802 1X frames known as EAPOL EAP Over LANs frames which encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS server is RADIUS packets RADIUS packets also encapsulate EAP PDUs together with other attributes like the switch s IP address name and the supplicant s port number on the switch EAP is very flexible as it allows for different authentication met
71. dustrial Networking Corp 165 Network Redundancy ORing IGS P9812GP Series User Manual Power Indicator PWR Green Power LED x 3 Ring Master Indicator R M Green Indicates that the system is operating in O Ring Master mode Green Indicates that the system operating in O Ring mode O Ring Indicator Ring Green Blinking Indicates that the Ring is broken Fault Indicator Fault Amber Indicate unexpected event occurred 10 100 1000Base T X RJ45 Port Green for Link Act Indicator Dual color LED for speed indicator Green for 1000Mbps Amber for 100Mbps Off light for 10Mbps 100 1000Base X SFP Port Indicator Green for port Link Act Fault contact Relay Relay output to carry capacity of 1A at 24VDC Power Dual power inputs 85 264VAC 88 373VDC on 6 pin Redundant Input power Dual DC inputs 12 48VDC on 6 pin terminal block terminal block Overload current protection Present Physical Characteristic Enclosure IP 30 Dimension W x D x H 115 W x 159 D x 154 H mm 4 53 x 6 26 x 6 06 inch Weight g 1520 g 18709 Environmental Storage Temperature 40 to 85 C 40 to 185 F Operating Temperature 40 to 75 C 40 to 167 F Operating Humidity 596 to 95 Non condensing Regulatory approvals Power Automation IEC 61850 3 IEEE 1613 FCC Part 15 CISPR EN55022 class A EN50155 EN50121 3 2 EN55011 EN50121 4 EN61000 4 2 EN61000 4 3 ESD RS EN61000 4 5 Surge cS
72. e Flow Control then pause frames are sent instead of being discarded Queue Policing QoS Ingress Queue Policers Queue 0 Queue1 Queue Queue 3 Queue4 Queue gt Queue Queue 7 E Rate Unit Enable Enable Enable Enable Enable Enable Enable Ej lee SC Ej soo kons WID E ales WD Ej s00 kons Ej sde WD Port The port number for which the configuration below applies Enable E Check to enable queue policer for individual switch ports Uu d WH Co kp 09 DL DI PI bjd pjd pjb kJ eek DI ER bik 09 PL DPI P kJ ek II UIDI kJ eek DI ha Configures the unit of measurement for each queue policer rate as kbps or Mbps The default value is kbps Configures the rate of each queue policer The default value is 500 This value is restricted to 100 to 1000000 when the Unit is kbps and is restricted to 1 to 3300 when the Unit is Mbps This field is only shown if at least one of the queue policers is enabled This field is only shown if at least one of the queue policers is enabled 5 6 6 Scheduling and Shaping Port scheduling can solve performance degradation during network congestions The schedulers allow switches to maintain separate queues for packets from each source and prevent specific traffic to use up all bandwidth This page allows you to configure Scheduler and Shapers for individual ports ORing Industrial Networking Corp 81 ORing IGS P9812GP Series User Manual QoS Egress Port Scheduler and Shaper Strict Priorit
73. e applied Port can be one of the following types Unaware Customer por ae C port Service S port Custom Service S custom port If port type is Unaware all frames are classified to the port VLAN ID and tags are not removed Enable ingress filtering on a port by checking the box This parameter affects VLAN ingress processing If ingress filtering is Ingress Filtering enabled and the ingress port is not a member of the classified VLAN of the frame the frame will be discarded By default ingress filtering is disabled no check mark Determines whether the port accepts all frames or only tagged untagged frames This parameter affects VLAN ingress Frame Type processing If the port only accepts tagged frames untagged frames received on the port will be discarded By default the field Is set to All ORing Industrial Networking Corp 58 IGS P9812GP Series User Manual The allowed values are None or Specific This parameter affects VLAN ingress and egress processing If None is selected a VLAN tag with the classified VLAN ID is inserted in frames transmitted on the port This mode is normally used for ports connected to VLAN aware switches Tx tag should be set to Untag pvid when this mode is used Port VLAN Mode If Specific the default value is selected a port VLAN ID can be configured see below Untagged frames received on the port are classified to the port VLAN ID If VLAN awareness is disabled all frames re
74. e ACE Any no ARP RARP OP flag is specified OP is don t care Request frame must have ARP Request or RARP Request OP flag set Reply frame must have ARP Reply or RARP Reply OP flag Specifies the sender IP filter for the ACE Any no sender IP filter is specified sender IP filter is don t care Host sender IP filter is set to Host Specify the sender IP address in the SIP Address field that appears Network sender IP filter is set to Network Specify the sender IP address and sender IP mask in the SIP Address and SIP Mask fields that appear When Host or Network is selected for the sender IP filter you can enter a specific sender IP address in dotted decimal notation When Network is selected for the sender IP filter you can enter a specific sender IP mask in dotted decimal notation Target IP Filter opecifies the target IP filter for the specific ACE ORing Industrial Networking Corp 107 IGS P9812GP Series User Manual Any no target IP filter is specified target IP filter is don t care Host target IP filter is set to Host Specify the target IP address in the Target IP Address field that appears Network target IP filter is set to Network Specify the target IP address and target IP mask in the Target IP Address and Target IP Mask fields that appear When Host or Network is selected for the target IP filter you can Target IP Address p enter a specific target IP address in dotted decimal notation When
75. e is Any IPv4 Protocol IP Protocol Number 0 255 TCP or UDP or Any Source IP specific Source IP address in value mask format or Any IP and mask are in the format of x y z w where x y z and w are decimal numbers between 0 and 255 When the mask is converted to a 32 bit binary string and read from left to right all bits following the first zero must also be zero DSCP Differentiated Code Point can be a specific value a range or Any DSCP values are in the range 0 63 including BE CS1 CS7 EF or AF11 AF43 IP Fragment lov4 frame fragmented options include yes no and any oport Source TCP UDP Port 0 65535 or Any specific value or port range applicable for IP protocol UDP TCP Dport Destination TCP UDP Port 0 65535 or Any specific value or port range applicable for IP protocol UDP TCP IPv6 Protocol IP protocol number 0 255 TCP or UDP or Any Source IP IPv6 source address a b c d or Any 32 LS bits SSAP Address valid SSAP Source Service Access Point values can range from 0x00 to OxFF or Any The default value is Any DSAP Address valid DSAP Destination Service Access Point values can range from 0x00 to OxFF or Any The default value is Any Control Valid Control valid values can range from 0x00 to OxFF or Any The default value is Any DSCP Differentiated Code Point can be a specific value a range or Any DSCP values are in the range 0 63 including BE CS1 CS7 EF or AF11 AF43 oport Source
76. e user is called the supplicant the switch is the authenticator and the RADIUS server is the authentication server The authenticator acts as the man in the middle forwarding requests and responses between the supplicant and the authentication server Frames sent between the supplicant and the switch are special 802 1X frames known as EAPOL EAP Over LANs frames which encapsulate EAP PDUs RFC3748 Frames sent between the switch and the RADIUS server is RADIUS packets RADIUS packets also encapsulate EAP PDUS together with other attributes like the switch s IP address name and the supplicant s port number on the switch EAP is very flexible as it allows for different authentication methods like MD5 Challenge PEAP and TLS The important thing is that the authenticator the switch does not need to know which authentication method the supplicant and the authentication server are using or how many information exchange frames are needed for a particular method The switch simply encapsulates the EAP part of the frame into the relevant type EAPOL or RADIUS and forwards it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding the result to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Note in an environment where two backend servers are enabled the server timeout is configured to X seconds using
77. ed 1970 0101 Enabled enable NTP Disabled disable NTP Server Input server IP address ORing Industrial Networking Corp 44 IGS P9812GP Series User Manual If NTP synchronization is completed this field will show Date Date Time Time Info 5 1 11 Modbus TCP Modbus TCP uses TCP IP and Ethernet to carry the data of the Modbus message structure between compatible devices The protocol is commonly used in SCADA systems for communications between a human machine interface HMI and programmable logic controllers This page enables you to enable and disable Modbus TCP support of the switch MODBUS Configuration Enabled zw Mode Shows the existing status of the Modbus TCP function 5 1 12 Backup Restore Configurations You can save view or load switch configurations The configuration file is in XML format Configuration Save Save configuration Configuration Upload 5 1 13 Firmware Update This page allows you to update the firmware of the switch Firmware Update ORing Industrial Networking Corp 45 ORing IGS P9812GP Series User Manual 5 2 DHCP Server The switch provides DHCP server functions By enabling DHCP the switch will become a DHCP server and dynamically assigns IP addresses and related IP information to network clients 5 2 1 Basic Settings This page allows you to set up DHCP settings for the switch You can check the Enabled checkbox to activa
78. ed 5 8 5 RADIUS Authentication and Accounting Server When a user requests network connection a RADIUS client which receives the request will perform an initial access negotiation with the user to obtain identity password information The ORing Industrial Networking Corp 112 ORing IGS P9812GP Series User Manual client then passes the information to a RADIUS server as part of an authentication authorization request The RADIUS server matches data from the authentication authorization request with information in a trusted database If a match is found and the user s credentials are correct the RADIUS server sends an accept message to the client to grant access If a match is not found or a problem is found with the user s credentials the server returns a reject message to deny access The NAD then establishes or terminates the user s connection The NAD may then forward accounting information to the RADIUS server to document the transaction the RADIUS server may store or forward this information as needed to support billing for the services provided RADIUS Authentication Server Configuration Enabled IP Address The RADIUS authentication server number for which the configuration below applies Enabled Check to enable the RADIUS authentication server The IP address or hostname of the RADIUS authentication server IP IP Address address is expressed in dotted decimal notation The UDP port to use on the RADIUS authentica
79. ed the agent inserts specific information option 82 into a DHCP message when forwarding to a DHCP server and removes it from a DHCP message when transferring to a DHCP client It only works when DHCP relay mode is enabled Disabled disable DHCP relay information Relay Information Indicates the policies to be enforced when receiving DHCP Policy relay information When DHCP relay information mode is enabled if the agent receives a DHCP message that already contains relay agent information it will enforce the policy The Replace option is invalid when relay information mode is disabled The policies includes Replace replace the original relay information when a DHCP message containing the information is received Keep keep the original relay information when a DHCP message containing the information is received Drop drop the package when a DHCP message containing the information is received The relay statistics shows the information of relayed packet of the switch Auto refresh I DHCP Relay Statistics Server Statistics 5 ues Receive Me L Receive Transmit S Receive gue Receive Receive Receive Transmit Missing ae EH Bad to from Missing Missing Bad EE Server Sud Server Poem Circuit ID Remote ID Circuit ID Option ID Description Transmit to Sever The number of packets relayed from the client to the server ORing Industrial Networking Corp 48 IGS P9812GP Series User Manual Transmit Error The number of packets
80. emap DP Aware DSCP from the analyzer is remapped and the frame is remarked with a remapped DSCP value Depending on the DP level of the frame the remapped DSCP value is either taken from the DSCP Translation gt Egress Remap DPO table or from the DSCP Translation gt Egress Remap DP1 table 5 6 5 Port Policing Policing is a traffic regulation mechanism for limiting the rate of traffic streams thereby controlling the maximum rate of traffic sent or received on an interface When the traffic rate exceeds the configured maximum rate policing drops or remarks the excess traffic This page allows you to configure Policer for all switch ports Port Policing QoS Ingress Port Policers Port Enabled Rate Unit Flow Control O L1 i M 500 Oo a C 3 O 500 C 4 0 5 DO 500 Oo EINE 7 DO 500 Oo s D C s O R 10 OD ii o d 2 13 500 O 4 a a eanl e mm a ORing Industrial Networking Corp 80 IGS P9812GP Series User Manual The port number for which the configuration below applies Check to enable the policer for individual switch ports Configures the rate of each policer The default value is 500 This value is restricted to 100 to 1000000 when the Unit is kbps or fps and is restricted to 1 to 3300 when the Unit is Mbps or kfps Configures the unit of measurement for each policer rate as kbps Mbps fps or kfps The default value is kbps If Flow Control is enabled and the port is in Flow Control mod
81. entication is complete the RADIUS server sends a success or failure indication which in turn causes the switch to open up or block traffic for that particular client using the Port Security module Only then will frames from the client be forwarded on the switch There are no EAPOL frames involved in this authentication and therefore MAC based authentication has nothing to do with the 802 1X standard The advantage of MAC based authentication over port based 802 1X is that several clients can be connected to the same port e g through a 3rd party switch or a hub and still require individual authentication and that the clients don t need special supplicant software to authenticate The advantage of MAC based authentication over 802 1X based authentication is that the clients do not need special supplicant software to authenticate The disadvantage is that MAC addresses can be spoofed by malicious users equipment whose MAC address is a valid RADIUS user can be used by anyone Also only the MD5 Challenge method is supported The maximum number of clients that can be attached to a port can be limited using the Port Security Limit Control functionality The current state of the port It can undertake one of the following values Globally Disabled NAS is globally disabled Link Down NAS is globally enabled but there is no link on the port Port State ORing Industrial Networking Corp 124 IGS P9812GP Series User Manual Aut
82. eout eapol timeout ORing Industrial Networking Corp 156 IGS P9812GP Series User Manual Statistics lt port_list gt clearleapollradius Clients lt port_list gt alll lt client_cnt gt Agetime lt age_time gt Holdtime hold time gt IGMP ACL Action lt port_list gt permitldeny rate limiter lt port copy lt logging gt lt shutdown gt Policy lt port list gt lt policy gt Rate rate limiter list gt lt packet_rate gt Add lt ace 1d gt lt ace wd next gt switch port lt port gt I policy lt policy gt vid lt tag prio gt dmac type etype etype smac dmac arp lt sip gt lt dip gt lt smac gt arp opcode arp flags ip lt sip gt lt dip gt protocol lt ip_flags gt icmp sip lt dip gt lt icmp_type gt lt icmp code gt lt ip flags gt udp lt sip gt lt dip gt lt sport gt lt dport gt ip flags gt tcp lt sip gt lt dip gt lt sport gt lt dport gt ip flags gt tcp flags ORing Industrial Networking Corp 157 IGS P9812GP Series User Manual permitldeny lt rate_limiter gt lt port_copy gt logging lt shutdown gt Delete lt ace_id gt Lookup lt ace_id gt Mirror Port lt port gt Idisable Mode lt port_list gt enableldisablelrxltx Save ip server
83. er to configure the schedulers Mode Shows the scheduling mode for this port Qn Shows the weight for this queue and port 5 6 8 Port Shaping Port shaping enables you to limit traffic on a port thereby controlling the amount of traffic passing through the port With port shaping you can shape the aggregate traffic through an interface to a rate that is less than the line rate for that interface When configuring port shaping on an interface you specify a value indicating the maximum amount of traffic allowable for the interface This value must be less than the maximum bandwidth for that interface QoS Egress Port Shapers Shapers Q4 Q5 Q7 ch on qx C Boe disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled The switch port number to which the following settings will be applied Click on the port number to configure the shapers Shows disabled or actual queue shaper rate e g 800 Mbps Shows disabled or actual port shaper rate e
84. es the TCP SYN synchronize sequence numbers value for the ACE 0 TCP frames where the SYN field is set must not be able to match this entry 1 TCP frames where the SYN field is set must be able to match this entry Any any value is allowed don t care Specifies the TCP PSH push function value for the ACE 0 TCP frames where the PSH field is set must not be able to match this entry 1 TCP frames where the PSH field is set must be able to match this entry Any any value is allowed don t care Specifies the TCP ACK acknowledgment field significant value for the ACE 0 TCP frames where the ACK field is set must not be able to match this entry 1 TCP frames where the ACK field is set must be able to match this entry Any any value is allowed don t care opecifies the TCP URG urgent pointer field significant value for the ACE 0 TCP frames where the URG field is set must not be able to match this entry 1 TCP frames where the URG field is set must be able to match this entry Any any value is allowed don t care 111 ORing IGS P9812GP Series User Manual 5 8 4 Authentication Authorization and Accounting An AAA server is an application that provides authentication authorization and accounting services for attempted access to a network An AAA server can reside in a dedicated computer an Ethernet switch an access point or a network access server The current standard by which d
85. es with DDM Digital Diagnostic Monitoring function can measure the temperature of the apparatus helping you monitor the status of connection and detect errors immediately You can manage and set up event alarms through DDM Web interface SFP Monitor Auto refresh Port No 1 2 3 4 5 D Fi a a Warning Temperature 85 PC 0 100 Event Alarm 5yslog 5 10 7 Ping This command sends ICMP echo request packets to another node on the network Using the ping command you can see if another site on the network can be reached ICMP Ping IP Address Ping Size After you press Start five ICMP packets will be transmitted and the sequence number and roundtrip time will be displayed upon reception of a reply The page refreshes automatically until responses to all packets are received or until a timeout occurs PING6 server 10 10 132 20 ORing Industrial Networking Corp 139 ORing IGS P9812GP Series User Manual 64 bytes from 10 10 132 20 icmp seq 0 time 0ms 64 bytes from 10 10 132 20 icmp seq 1 time 0ms 64 bytes from 10 10 132 20 icmp seq 2 time 0ms 64 bytes from 10 10 132 20 icmp seq 3 time 0ms 64 bytes from 10 10 132 20 icmp seq 4 time 0ms Sent 5 packets received 5 OK 0 bad You can configure the following properties of the issued ICMP packets IP Address The destination IP Address Ping Size The payload size of the ICMP packet Values range from 8 to 1400 bytes
86. et by DTE Device i i Received by DCE Device i fee Transmitted from DTE Device A Transmitted from DCE Device 3 4 2 SFP The switch comes with fiber optical ports that can connect to other devices using SFP modules The fiber optical ports are in multi mode 0 to 550M 850 nm with 50 125 um 62 5 125 um fiber ORing Industrial Networking Corp 16 ORing IGS P9812GP Series User Manual and single mode with LC connectors Please remember that the TX port of Switch A should be connected to the RX port of Switch B Switch A Switch B Fiber cord 3 4 3 O Ring O Chain O Ring You can connect three or more switches to form a ring topology to gain network redundancy capabilities through the following steps 1 Connect each switch to form a daisy chain using an Ethernet cable 2 Set one of the connected switches to be the master and make sure the port setting of each connected switch on the management page corresponds to the physical ports connected For information about the port setting please refer to 4 1 2 Configurations 3 Connect the last switch to the first switch to form a ring topology Coupling Ring If you already have two O Ring topologies and would like to connect the rings you can form them into a coupling ring All you need to do is select two switches from each ring to be connected for example switch A and B from Ring 1 and switch C and D from ring 2 Decide ORing Industrial Networking Corp 17
87. ettings You can click on the links to access the configuration pages of different functions 5 1 Basic Settings Basic Settings allow you to configure the basic functions of the switch 5 1 1 System Information This page shows the general information of the switch System Information Configuration System Name IGS P9 Si2GPAV System Description pfe stri a 20 port ma nag e d G d System Location BENE System Contact n u System Name An administratively assigned name for the managed node By convention this is the node s fully qualified domain name A domain name is a text string consisting of alphabets A Z a z digits 0 9 and minus sign Space is not allowed to be part of ORing Industrial Networking Corp 34 IGS P9812GP Series User Manual the name The first character must be an alpha character And the first or last character must not be a minus sign The allowed string length is 0 to 255 System Description Description of the device The physical location of the node e g telephone closet 3rd System Location floor The allowed string length is O to 255 and only ASCII characters from 32 to 126 are allowed The textual identification of the contact person for this managed node together with information on how to contact this person System Contact The allowed string length is O to 255 and only ASCII characters from 32 to 126 are allowed Provides the time zone offset f
88. etween the devices is insufficient to handle the traffic load This page allows you to configure the aggregation hash mode and the aggregation group Aggregation Mode Configuration Hash Code Contributors Source MAC Address Destination MAC Address IP Address TCP UDP Port Number Source MAC Address Calculates the destination port of the frame You can check this box to enable the source MAC address or uncheck to disable By default Source MAC Address is enabled Destination MAC Calculates the destination port of the frame You can check this Address box to enable the destination MAC address or uncheck to disable By default Destination MAC Address is disabled IP Address Calculates the destination port of the frame You can check this box to enable the IP address or uncheck to disable By default IP ORing Industrial Networking Corp 51 IGS P9812GP Series User Manual Address is enabled TCP UDP Port Calculates the destination port of the frame You can check this Number box to enable the TCP UDP port number or uncheck to disable By default TCP UDP Port Number is enabled Aggregation Group Configuration Port Members 10 1117 131 Ja da 1 un e LO Ce Group ID Normal 1 0000000000 OF 0000000000868 00000000000606 0000000000068 OOOOOOOOOOOL 0O000000000 06 00000000000E 000002000096E8 0000000000 OOOOOOOOOOQ0 00000000000606 00000020000 SE 00000080000060 0000000000 000000000
89. evices or applications communicate with an AAA server is RADIUS Remote Authentication Dial In User Service RADIUS is a protocol used between the switch and the authentication server This page allows you to configure common settings for an authentication server Authentication Server Configuration Common Server Configuration Timeout seconds Dead Time seconds Leg ONE The timeout which can be set to a number between 3 and 3600 seconds is the maximum time to wait for a reply from a server If the server does not reply within this time frame we will consider it to be dead and continue with the next enabled server if any Feen RADIUS servers are using the UDP protocol which is unreliable by design In order to cope with lost frames the timeout interval is divided into 3 subintervals of equal length If a reply is not received within the subinterval the request is transmitted again This algorithm causes the RADIUS server to be queried up to 3 times before it is considered to be dead The dead time which can be set to a number between 0 and 3600 seconds is the period during which the switch will not send new requests to a server that has failed to respond to a previous request Dead Time This will stop the switch from continually trying to contact a server that it has already determined as dead Setting the dead time to a value greater than O zero will enable this feature but only if more than one server has been configur
90. f RADIUS packets containing invalid authenticators received from the server The number of RADIUS packets of unknown types that Pac ket Cou nters despre ee steng rase erre eminente were received from the server on the accounting port The number of RADIUS packets that were received from Packets Dropped radiusAccClientExtPacketsDropped the server on the accounting port and dropped for some other reason The number of RADIUS packets sent to the server This does not include retransmissions The number of RADIUS packets retransmitted to the RADIUS accounting server The number of RADIUS packets destined for the server Pending that have not yet timed out or received a response Requests radiusAccClientExtPendingRequests This variable is incremented when a Request is sent and decremented due to receipt of a Response timeout or retransmission The number of accounting timeouts to the server After a timeout the client may retry to the same server send to a different server or give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout Responses Bad Authenticators radiusAcctClientExtBadAuthenticators Requests radiusAccClientExtRequests Retransmissions radiusAccClientExtRetransmissions Timeouts radiusAccClientExtTimeouts ORing Industrial Networking Corp 117 IGS P9812GP Series User Manual This sectio
91. fault port isolation is disabled for all ports 5 5 SNMP SNMP Simple Network Management Protocol is a protocol for managing devices on IP networks It is mainly used network management systems to monitor the operational status of networked devices In an event triggered situation traps and notifications will be sent to administrators 5 5 1 SNMP System Configurations SNMP System Configuration Mode Enabled Version SNMP v2c Tne s public Write Community Engine ID Indicates existing SNMP mode Possible modes include Enabled enable SNMP mode Disabled disable SNMP mode ORing Industrial Networking Corp 68 IGS P9812GP Series User Manual SNMP v2c supports SNMP version 2c m t OOOO Indicates the read community string to permit access to SNMP agent The allowed string length is 0 to 255 and only ASCII characters from 33 to 126 are allowed The field only suits to SNMPv1 and SNMPv2c SNMPv3 uses USM for authentication and privacy and the community string will be Read Community associated with SNMPv3 community table Indicates the write community string to permit access to SNMP agent The allowed string length is O to 255 and only ASCII characters from 33 to 126 are allowed The field only suits to SNMPv1 and SNMPv2c SNMPv3 uses USM for authentication and privacy and the community string will be Write Community associated with SNMPv3 community table Indicates the SNMPv3 engine ID The string mu
92. gement page of the switch via the following default values IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin System Login 1 Launch the Internet Explorer 2 Type http and the IP address of the switch Press Enter 3 Alogin screen appears Type in the username and password The default username and password is admin 5 Click Enter or OK button the management Web page appears Windows Security Enter Network Password Enter your password to connect to PC SWRDL9 admin L s Domain ORING ORING n es ber my cred Ena X Legon failure unknown user name or bad password Leid Cancel ORing Industrial Networking Corp 33 ORing IGS P9812GP Series User Manual After logging in you can see the information of the switch as below Information Message System Name Description Location Contact OID Hardware MAC Address Time System Date System Uptime Software Kernel Version IG5 P9812GP LV Industrial 20 port managed Gigabit Ethernet switch with Bx10 100 1000Base T X ports and 12x100 1000Base X SFP socket 1 3 6 1 4 1 25972 100 0 0 205 O00 le 94 44 77 1970 01 01 00 01 09 00 00 Od 00 01 09 v9 25 Software Version v1 00 Software Date 2014 12 12114 48 16 08 00 Auto refresh I Enable Location Alert On the left hand side of the management interface shows links to various s
93. h uses the table to determine which port the incoming packet should be forwarded to Entries in a MAC address table fall into two types dynamic and static entries Entries in a static MAC table are added or removed manually and cannot age out by themselves Entries in a dynamic MAC tablet will age out after a configured aging time Such entries can be added by learning or manual configuration MAC Address Table Configuration Aging Configuration Disable Automatic Aging i Age Time 300 seconds MAC Table Learning Port Members Port Members e 6 7 8 9 1011 12 P m P AG AG EI E ORing Industrial Networking Corp 131 ORing IGS P9812GP Series User Manual Aging Configuration Aging enables the switch to track only active MAC addresses on the network and flush out MAC addresses that are no longer used thereby keeping the table current By default aged entries are removed after 300 seconds You can configure aging time by entering a value in the Age Time box in seconds The allowed range is 10 to 1000000 seconds You can also disable the automatic aging of dynamic entries by checking Disable Automatic Aging MAC Table Learning The switch can add the address and port on which the packet was received to the MAC table if the address does not exist in the table by examining the source address of each packet received on a port This is called learning It allows the MAC table to expand dynamically If the learning mode for a g
94. hand way of representing multiple 16 bit groups of contiguous zeros but it can only appear once It also uses a following legally IPv4 address For example 192 1 2 34 Indicates the SNMP entity is permitted to generate authentication Trap failure traps Possible modes include Authentication mE ESI Enabled enable SNMP trap authentication failure ailure Disabled disable SNMP trap authentication failure Indicates the SNMP trap link up and link down mode Possible Trap Link up and modes include Link down Enabled enable SNMP trap link up and link down mode Disabled disable SNMP trap link up and link down mode Indicates the SNMP trap inform mode Possible modes include Trap Inform Mode Enabled enable SNMP trap inform mode Disabled disable SNMP trap inform mode Trap Inform Configures the SNMP trap inform timeout The allowed range is 0 to Trap Inform Retry Configures the retry times for SNMP trap inform The allowed range 5 5 2 SNMP Community Configurations You can define access to the SNMP data on your devices by creating one or more SNMP communities An SNMP community is the group that devices and management stations running SNMP belong to It helps define where information is sent A SNMP device or agent may belong to more than one SNMP community It will not respond to requests from management stations that do not belong to one of its communities This page allows you to configure SNMPv3 community table The entr
95. he event Only Log it simply logs the event Reboot Device if PoE is supported the device can be rebooted The event will be logged Indicates the DDOS prevention status Possible statuses are disables DDOS prevention Analyzing analyzes packet throughput for initialization Running analysis completes and ready for next move Attacked DDOS attacks occur Device Description This page allows you to configure device description settings Device Description HL oH me Rl e C Label Device Type ORing Industrial Networking Corp UD c cJ Ch tf WwW MNM Lr Device Location Address Description IP Camera IP Phone Access Point PC PLC Network Video Recorder Indicates device types Possible types are no specification 99 IGS P9812GP Series User Manual IP Camera IP Phone Access Point PC PLC Network Video Recorder Indicates location information of the device The information can be Location Address l used for Google Mapping Device descriptions Stream Check Stream check monitors the consistency of real time network traffic from the device bound with the port When the traffic changes sharply all of a sudden an alert will be issued This page allows you to configure stream check settings Stream Check Mode Action Status Enabled Logit Normal h Wi lii D c CO on amp W RJ e H e Ei MoH O Enables or disables s
96. hods like MD5 Challenge PEAP and TLS The important thing is that the authenticator the switch does not need to know which authentication method the supplicant and the authentication server are using or how many information exchange frames are needed for a particular method The switch simply encapsulates the EAP part of the frame into ORing Industrial Networking Corp 118 ORing IGS P9812GP Series User Manual the relevant type EAPOL or RADIUS and forwards it When authentication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding the result to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Note in an environment where two backend servers are enabled the server timeout is configured to X seconds using the authentication configuration page and the first server in the list is currently down but not considered dead if the supplicant retransmits EAPOL Start frames at a rate faster than X seconds it will never be authenticated because the switch will cancel on going backend authentication server requests whenever it receives a new EAPOL otart frame from the supplicant Since the server has not failed because the X seconds have not expired the same server will be contacted when the next backend authentication server request from the switch This scenario will loop forever Therefore the server timeout sh
97. horized the port is in Force Authorized or a single supplicant mode and the supplicant is authorized Unauthorized the port is in Force Unauthorized or a single supplicant mode and the supplicant is not successfully authorized by the RADIUS server X Auth Y Unauth the port is in a multi supplicant mode Currently X clients are authorized and Y are unauthorized Two buttons are available for each row The buttons are only enabled when authentication is globally enabled and the port s Admin State is in an EAPOL based or MAC based mode Clicking these buttons will not cause settings changed on the page to take effect Reauthenticate schedules a reauthentication whenever the quiet period of the port runs out EAPOL based authentication For MAC based authentication reauthentication will be attempted immediately The button only has effect on successfully authenticated clients on the port and will not cause the clients to be temporarily unauthorized Reinitialize forces a reinitialization of the clients on the port and hence transfer to the a reauthentication immediately The clients will unauthorized state while the reauthentication is in progress NAS Status This page shows the information on current NAS port statuses Network Access Server Switch Status Auto refresh L Port Admin State Force Authorized Port State Globally Disabled Last Source Last ID ch Ln P G3 he Admin State Force Authorized Force Authori
98. ild an active and a backup link Links formed by the coupling ports will run in active backup mode Check to enable Dual Homing When Dual Homing is enabled the ring will be connected to normal switches through two RSTP links ex backbone Switch The two links work in active backup mode and connect each ring to the normal switches in RSTP mode Apply Click to apply the configurations Note due to heavy loading setting one switch as ring master and coupling ring at the same time is not recommended ORing Industrial Networking Corp 21 ORing IGS P9812GP Series User Manual 4 2 O Chain 4 2 1 Introduction O Chain is ORing s revolutionary network redundancy technology which enhances network redundancy for any backbone networks providing ease of use and maximum fault recovery swiftness flexibility compatibility and cost effectiveness in a set of network redundancy topologies The self healing Ethernet technology designed for distributed and complex industrial networks enables the network to recover in less than 10ms for up to 250 switches if at any time a segment of the chain fails O Chain allows multiple redundant rings of different redundancy protocols to join and function together as a large and the most robust network topologies It can create multiple redundant networks beyond the limitations of current redundant ring technologies Edge Port Edae Port O Chain Edge Port Edqe Port O Chai
99. ing Industrial Networking Corp 74 IGS P9812GP Series User Manual to The allowed string length is 1 to 32 and only ASCII sen Indicates the security model that this entry should belong to Possible security models include any Accepted any security model v1 v2c usm v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM Security Model Indicates the security model that this entry should belong to Possible security models include Security Level NoAuth NoPriv no authentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy The name of the MIB view defining the MIB objects for which this request may request the current values The allowed string Read View Name length is 1 to 32 and only ASCII characters from 33 to 126 are allowed The name of the MIB view defining the MIB objects for which this request may potentially SET new values The allowed string Write View Name length is 1 to 32 and only ASCII characters from 33 to 126 are allowed 5 6 Traffic Prioritization 5 6 1 Storm Control A LAN storm occurs when packets flood the LAN creating excessive traffic and degrading network performance Errors in the protocol stack implementation mistakes in network configuration or users issuing a denial of service attack can cause a storm Storm control prevents traffic on a LAN from being disrupted by a broadcast mu
100. ion v 8 Normal v TCP v 80 80 Destination v v 9 Normal TCP v 80 80 Destination v 10 Normal TCP v 80 80 Destination v v 11 Normal ei TCP v 80 80 Destination v Mode Enables or disables DDOS prevention of the port Indicates the level of DDOS detection Possible levels are Low low sensibility Sensibility Normal normal sensibility Medium medium sensibility High high sensibility Indicates the types of DDoS attack packets to be monitored Possible types are RX Total all ingress packets RX Unicast unicast ingress packets Packet Type RX Multicast multicast ingress packets RX Broadcast broadcast ingress packets TCP TCP ingress packets UDP UDP ingress packets If packet type is UDP or TCP please specify the socket number here The socket number can be a range from low to high If the Socket Number socket number is only one please fill the same number in the low and high fields If packet type is UDP or TCP please choose the socket direction Destination Source Indicates the action to take when DDOS attacks occur Possible ORing Industrial Networking Corp 98 IGS P9812GP Series User Manual actions are no action Blocking 1 minute blocks the forwarding for 1 minute and log the event Blocking 10 minute blocks the forwarding for 10 minutes and log the event Blocking blocks and logs the event Shunt Down the Port shuts down the port No Link and logs t
101. ion in this page DHCP Relay Configuration Relay Mode Disabled Relay Server 0 0 0 0 CORSO ens Enabled v are mekle Replace Relay Mode Indicates the existing DHCP relay mode The modes include Enabled activate DHCP relay When DHCP relay is enabled the agent forwards and transfers DHCP messages between the clients and the server when they are not in the same subnet domain to prevent the DHCP broadcast message from flooding for security considerations Disabled disable DHCP relay Relay Server Indicates the DHCP relay server IP address A DHCP relay agent is used to forward and transfer DHCP messages between the clients and the server when they are not in the same subnet domain Relay Information Mode Indicates the existing DHCP relay information mode The format of DHCP option 82 circuit ID format is vlan_id module_id port_no The first four characters represent the VLAN ID and the fifth and sixth characters are the module ID In stand alone devices the module ID always ORing Industrial Networking Corp 47 IGS P9812GP Series User Manual equals to 0 in stacked devices it means switch ID The last two characters are the port number For example 00030108 means the DHCP message received form VLAN ID 3 switch ID 1 and port No 8 The option 82 remote ID value equals to the switch MAC address The modes include Enabled activate DHCP relay information When DHCP relay information is enabl
102. irmly EEE rar nm PREP PPE ORing Industrial Networking Corp 11 ORing IGS P9812GP Series User Manual 3 2 Wall Mounting Besides Din Rail the switch can be fixed to the wall via a wall mount panel which can be found in the package 159 0 Wall Mount Kit Measurement Unit mm To mount the switch onto the wall follow the steps 1 Screw the two pieces of wall mount kits onto both ends of the rear panel of the switch A total of six screws are required as shown below l d 2 Use the switch with wall mount plates attached as a guide to mark the correct locations of the four screws 3 Insert a screw through the cross shaped aperture on the plate and then slide the switch downwards Tighten the screw for added stability ORing Industrial Networking Corp 12 IGS P9812GP Series User Manual Note Instead of screwing the screws in all the way leave about 2 mm to allow room for sliding the wall mount panel between the wall and the screws 3 3 Wiring WARNING Do not disconnect modules or wires unless power has been switched off or the area is known to be non hazardous The devices may only be connected to the supply voltage shown on the type plate ATTENTION 1 Be sure to disconnect the power cord before installing and or wiring your switches 2 Calculate the maximum possible current in each power wire and common wire Observe all electrical codes dictating the maxi
103. iven port is grayed out it means another module is in control of the mode and thus the user cannot change the configurations An example of such a module is MAC Based authentication under 802 1X MAC Table Learning Port Member 4 5 Gi Disable Oo Learning is done automatically as soon as a frame with unknown SMAC is received No learning is done Only static MAC entries are learned all other frames are dropped Note make sure the link used for managing the switch is added to the static Mac table before changing to secure learning mode otherwise the management link will be lost and can only be restored by using another non secure port or by connecting to the switch via the serial interface Static MAC Table Configurations This tablet shows the static entries in the MAC table which can contain up to 64 entries Using static MAC address entries can reduce broadcast packets remarkably and are suitable for networks where network devices seldom change You can manage the entries in this page The MAC table is sorted first by VLAN ID and then by MAC address ORing Industrial Networking Corp 132 ORing IGS P9812GP Series User Manual Static MAC Table Configuration Port Members Delete VLAN ID MAC Address 12 3 45 6 7 8 9 1011 13 1 00 1E 94 98 89 89 EI EI EI EI FJ FJ FJ FJ FJ EI EI 11 00 00 00 00 00 00 1 OO OOOOOOOOO i 00 00 00 00 00 00 TO E1 E1 E1 E1 E1 E1 EJ 0 0 D Add new static entry
104. k to activate the configurations Event Selection The device supports both SYSLOG and SMTP alerts Check the corresponding box to enable the system event warning method you want Please note that the checkboxes will gray out if SYSLOG or SMTP is disabled System Warning Event Selection System Events SYSLOG SMIP System Start E Power Status C SNMP Authentication Failure F Redundant Ring Topology Change s SYSLOG SMIP l Disabled w Link Up and Link Down Disabled ei Link Up E Disabled Link Down Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled TETUR d Rm Disabled e Disabled Disabled Disabled Disabled Disabled Disabled Disabled Wo ww c Lom LW h i iex Ix Je p ie p Jo S i f E E hal Sends out alerts when the system is restarted ORing Industrial Networking Corp 130 IGS P9812GP Series User Manual Power Status Sends out alerts when power is up or down SNMP Authentication Failure Sends out alert when SNMP authentication fails O Ring Topology Change Sends out alerts when O Ring topology changes Port Event Disable SYSLOG SMTP event Link Up Link Down Link Up amp Link Down Apply 000 Click to activate the configurations 5 10 Monitor and Diag 5 10 1 MAC Table A MAC address tablet is a table in a network switch that maps MAC addresses to ports The switc
105. late Enables ingress translation of DSCP values based on the specified classification method DSCP can be translated to any of 0 63 DSCP values 2 Classify Enable Classification at ingress side as defined in the OkRing Industrial Networking Gaa sg Industrial Networking Corp 86 IGS P9812GP Series User Manual E QoS Port DSCP Configuration table Configurable engress parameters include Remap DPO Re maps DPO field to selected DSCP value DPO indicates a drop precedence with a low priority You can select the DSCP value from a selected menu to which you want to remap DSCP value ranges form 0 to 63 Remap DP1 Re maps DP1 field to selected DSCP value DP1 indicates a drop precedence with a high priority You can select the DSCP value from a selected menu to which you want to remap DSCP value ranges form 0 to 63 5 6 11 DSCP Classification This page allows you to configure the mapping of QoS class and Drop Precedence Level to DSCP value DSCP Classification DSCP 14 al vi QoS Class DPL c QoS Class Actual QoS class LU g 1 1 2 Ce CO e D DPL Actual Drop Precedence Level DSCP Select the classified DSCP value 0 63 5 6 12 QoS Control List This page shows all the QCE Quality Control Entries for a given QCL You can edit or ad new QoS control entries in this page A QCE consists of several parameters These parameters vary with the frame type you select ORing Indu
106. lockinst gt Timingproperties lt clockinst gt lt utcoffset gt lt valid gt ORing Industrial Networking Corp 159 Loop Protect IGS P9812GP Series User Manual lt leap59 gt lt leap61 gt lt timetrac gt lt freqtrac gt lt ptptimescale gt lt timesource gt PTP PortDataSet lt clockinst gt lt port_list gt lt announceintv gt lt announceto gt lt syncintv gt lt delaymech gt lt minpdelayreqint v gt delayasymmetry lt ingressLatency gt LocalClock lt clockinst gt updatelshowlratio clockratio Filter lt clockinst gt def delay filt2 lt period gt lt dist gt Servo lt clockinst gt lt displaystates gt lt ap enable gt ai enable gt lt ad enable lt ap gt lt ai gt lt ad gt UniConfig lt clockinst gt lt index gt lt duration gt ip addr gt ForeignMasters lt clockinst gt lt port bet EgressLatency showlclear MasterTableUnicast lt clockinst gt ExtClockMode one pps mode gt lt ext enable gt clockfreq lt vcxo_enable gt OnePpsAction lt one pps clear gt DebugMode lt clockinst gt debug mode gt Wireless mode lt clockinst gt lt port_list gt enableldisable Wireless pre notification clockinst port list Wireless delay lt clockinst gt lt port_list gt base delay lt incr delay gt Port Mode lt port_list gt enableldisable Port Action lt port_lis
107. lticast or unicast storm on a port In this page you can specify the rate at which packets are received for unicast multicast and broadcast traffic The unit of the rate can be either pps packets per second or kpps kilo packets per second Note frames sent to the CPU of the switch are always limited to approximately 4 kpps For example broadcasts in the management VLAN are limited to this rate The management VLAN is configured on the IP setup page ORing Industrial Networking Corp 75 IGS P9812GP Series User Manual Storm Control Configuration Frame Type Status Rate pps Unicast Multicast d Broadcast L Frame types supported by the Storm Control function including Frame Type Unicast Multicast and Broadcast Enables or disables the given frame type The rate is packet per second pps configure the rate as 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K or 1024K The 1 kpps is actually 1002 1 pps 5 6 2 Port Classification QoS Quality of Service is a method to achieve efficient bandwidth utilization between devices by prioritizing frames according to individual requirements and transmit the frames based on their importance Frames in higher priority queues receive a bigger slice of bandwidth than those in a lower priority queue QoS Ingress Port Classification PCP Port QoS cass DP level DEI Tag Class DSCP Based i C 1 Disabled C 2 Disabled 3 Disabled O 4 Disabled C 5 Disabled
108. mum current allowable for each wire size 3 Ifthe current goes above the maximum ratings the wiring could overheat causing serious damage to your equipment 4 Use separate paths to route wiring for power and devices If power wiring and device wiring paths must cross make sure the wires are perpendicular at the intersection point 5 Do not run signal or communications wiring and power wiring through the same wire conduit To avoid interference wires with different signal characteristics should be routed separately 6 You can use the type of signal transmitted through a wire to determine which wires should be kept separate The rule of thumb is that wiring sharing similar electrical characteristics can be bundled together 7 You should separate input wiring from output wiring 8 Itis advised to label the wiring to all devices in the system ORing Industrial Networking Corp 13 ORing IGS P9812GP Series User Manual 3 3 1 Grounding Grounding and wire routing help limit the effects of noise due to electromagnetic interference EMI Run the ground connection from the ground screw to the grounding surface prior to connecting devices 3 3 2 Fault Relay The switch provides fail open and fail close options for you to form relay circuits based on your needs If you want the relay device to start operating at power failure attach the two wires to Fail amp Fail COM and fail close to form a close circ
109. n 4 2 2 Configurations O Chain is very easy to configure and manage Only one edge port of the edge switch needs to be defined Other switches beside them just need to have O Chain enabled O Chain PENNE Port Edge Port State wp O iden E Anly ORing Industrial Networking Corp 22 IGS P9812GP Series User Manual Enable Check to enable O Chain function Ring Port The first port connecting to the ring 1 2 Ring Port The second port connecting to the ring Edge Port An O Chain topology must begin with edge ports The ports with a smaller switch MAC address will serve as the backup link and RM LED will light up 4 3 MRP 4 3 1 Introduction MRP Media Redundancy Protocol is an industry standard for high availability Ethernet networks MRP allowing Ethernet switches in ring configuration to recover from failure rapidly to ensure seamless data transmission A MRP ring IEC 62439 can support up to 50 devices and will enable a back up link in 80ms adjustable to max 200ms 500ms 4 3 2 Configurations MRP Enable E Manager W React on Link Change ist Ring Port Port7 LinkDown 2nd Ring Port Port 8 k Forwarding Enable Enables the MRP function Manager Every MRP topology needs a MRP manager One MRP topology can only have a Manager If two or more switches are set to be Manager the MRP topology will fail React on Link Change Faster mode Enabling this function will cause MRP topology t
110. n 2 e Down 3 e Down 4 e Down Down D e Down 7 OG icfax 8 L4 Down 9 LA Down 10 L Down 11 Down 12 L Down 13 Down 14 dM namn Configured Link Speed Flow Control Maximum Frame Speed Auto Auto Auto Auto Auto Auto Auto Arie IGS P9812GP Series Flow Control Maximum Current Rx Current Tx Configured Frame Size sc 9600 sl x x O 9600 el x x C 9600 x x O 9600 X x E 9600 S x x 9600 E x x C 9600 x x O 9600 x x 9600 E x x 9600 E x x C 9600 x x oO 39600 E x x 9600 E x x O 9600 s M Ww ig oann Pow 9600 Disabled Disabled Disabled jo Disabled Disabled Disabled Disabled Disabled er Control i e EE EE 2 User Manual The switch port number to which the following settings will be applied The current link state is shown by different colors Green indicates the link is up and red means the link is down Current Link Speed Indicates the current link speed of the port The drop down list provides available link speed options for a given switch port Auto selects the highest speed supported by the link partner Disabled disables switch port configuration configures all ports When Auto is selected for the speed the flow control will be negotiated to the capacity advertised by the link partner When a fixed speed setting is selected that is what is used Curre
111. n E LEOP M 9 41 ee De AU UD a 44 sm MEM volo UNES Pr 45 5 1 12 Backup Restore Configurations ccccccccsececececeeeeeaeeeeeeeesaeeeseeeeseeesseeeeaaees 45 91 19 Fimware Update Luse 45 5 2 MP TE E AAE AAA 46 s MR BR NN 46 SU MEN Pene UT 46 c NLU 46 324A REV 2 29 2 0 E nee 47 5 3 POM CUNO OT m 49 5 3 1 X Port Control 49 pou POUD ees 51 2 a 52 DO EOOD CIOUI CI E 55 5 4 VINN E E E E E 56 5 4 1 VLAN Membership EE 56 5 4 2 Port CGontguratons 57 DAS Private Nene 66 5 5 X J 68 5 5 1 SNMP System Contguratons 68 5 5 2 SNMP Community Contguratong rene 70 5 5 9 SNMP User e le UE le TE 71 5 5 4 SNMP Group Configurations ccccccccceeccceeeeseeeseeeeeeeeeseeeeseueesseeeeseeeesees 73 5 5 5 SNMP View Confguratons 73 ORing Industrial Networking Corp 3 ORing IGS P9812GP Series User Manual 5 5 06 SNMP Access ConfIQUrallOrns oro rore y porn Ur y ooa FRU RR RR PR RRRRRSRKRRRER 74 5 6 Tane POZ NON cscs cass m 75 DOT 0 1416 0 al 0 Rm 75 5 6 2 Port Clasettcaion 76 9 5 2 EA STE 0 E 78 5 6 4 Port DCH 79 s oto Ge ag Se ee e EEN 80 5 6 6 Scheduling and Ghapmg 81 S67 Por SETE dE 84 5 6 8 Port Shaping nnannnannnnnnennennnennnnnnsnnnsnnnenrrnrrsrrrnnrnsnrnnrrnnrrnnrrsnrrnrrnnrrnnrenne 85 5069 DSGP Based QOO uscicitixttetnticintutinictntni
112. n RFC4668 Name Description The number of RADIUS Access Accept packets valid or invalid received from the server The number of RADIUS Access Reject packets valid or invalid received from the server The number of RADIUS Access Challenge radiusAuthClientExtAccessChallenges packets valid or invalid received from the server The number of malformed RADIUS Access EEE Er pr jupes ae ES be alformed packets include packets with an anal a radiusAuthClientExtMalformedAccessResponses invalid length Bad authenticators or Message Authenticator attributes or unknown types are not included as malformed access responses The number of RADIUS Access Response packets containing invalid authenticators or Message Authenticator attributes received from the server Pac ket Cou nters The number of RADIUS packets that were Unknown Types radiusAuthClientExtUnknownTypes received from the server on the authentication port and dropped for some other reason The number of RADIUS packets that were Packets Dropped radiusAuthClientExtPacketsDropped received from the server on the authentication port and dropped for some other reason The number of RADIUS Access Request Access Requests radiusAuthClientExtAccessRequests packets sent to the server This does not include retransmissions Access Accepts radiusAuthClientExtAccessAccepts Access Rejects radiusAuthClientExtAccessRejects Access Challenges Bad pus E radiusAuthClientExtBadAuthenticators The n
113. n configuration page RADIUS Authentication Server Status Overview Auto refresh L IP Address Disabled Disabled Disabled Disabled Disabled ORing Industrial Networking Corp 114 IGS P9812GP Series User Manual The RADIUS server number Click to navigate to detailed statistics of the server The IP address and UDP port number in IP Address gt lt UDP Port gt IP Address notation of the server The current status of the server This field has one of the following values Disabled the server is disabled Not Ready the server is enabled but IP communication is not yet up and running Ready the server is enabled IP communications are built and the RADIUS module is ready to accept access attempts Dead X seconds left access attempts are made to this server but it does not reply within the configured timeout The server has temporarily been disabled but will be re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled RADIUS Accounting Server Status Overview Status Disabled Disabled Disabled Disabled Disabled The RADIUS server number Click to navigate to detailed statistics of the server The IP address and UDP port number in lt IP Address gt lt UDP Port gt IP Address notation of the server The current status of the server This field has one of the following v
114. n contains information about the state of the server and the latest round trip time RFC4670 Name Description Shows the state of the server It takes one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and Other Info running in Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept accounting attempts Dead X seconds left Accounting attempts were made to this server but it did not reply within the configured timeout The server has temporarily been disabled but will get re enabled when the dead time expires The number of seconds left before this occurs is displayed in parentheses This state is only reachable when more than one server is enabled The time interval measured in milliseconds between the most recent Response and the Request that matched it from the RADIUS accounting server The granularity of this measurement is 100 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet d radiusAccClientExtRoundTripTime 5 8 6 NAS 802 1x A NAS Network Access Server is an access gateway between an external communications network and an internal network For example when the user dials into the ISP he she will be given access to the Internet after being authorized by the access server The authentication between the client and the server inclu
115. n the frame matches the ACE Deny drops the frame matching the ACE opecifies the rate limiter in number of base units The allowed range is 1 Rate Limiter o EE to 15 Disabled means the rate limiter operation is disabled Frames matching the ACE are copied to the port number specified here Port Copy The allowed range is the same as the switch port number range Disabled means the port copy operation is disabled opecifies the logging operation of the ACE The allowed values are Esadind Enabled frames matching the ACE are stored in the system log Disabled frames matching the ACE are not logged Please note that system log memory capacity and logging rate is limited opecifies the shutdown operation of the ACE The allowed values are Enabled if a frame matches the ACE the ingress port will be disabled Disabled port shutdown is disabled for the ACE Indicates the number of times the ACE matched by a frame MAC Parameters SMAC Filter STR TT 00 00 00 00 00 0 DMAC Filter OCDE 00 00 00 00 00 0 ORing Industrial Networking Corp 103 IGS P9812GP Series User Manual Only displayed when the frame type is Ethernet Type or ARP Specifies the source MAC filter for the ACE SMAC Filter Any no SMAC filter is specified SMAC filter status is don t care Specific if you want to filter a specific source MAC address with the ACE choose this value A field for entering an SMAC value appears When Specific is
116. n zero must be able to match this entry Any any value is allowed don t care opecifies the fragment offset settings for the ACE This includes settings of More Fragments MF bit and Fragment Offset FRAG OFFSET for an IPv4 frame No IPv4 frames whose MF bit is set or the FRAG OFFSET field is greater than zero must not be able to match this entry Yes IPv4 frames whose MF bit is set or the FRAG OFFSET field is greater than zero must be able to match this entry IP Fragment Any any value is allowed don t care Specifies the options flag settings for the ACE No IPv4 frames whose options flag is set must not be able to match IP Option this entry Yes IPv4 frames whose options flag is set must be able to match this entry Any any value is allowed don t care opecifies the source IP filter for this ACE Any no source IP filter is specified Source IP filter is don t care Host source IP filter is set to Host Specify the source IP address in the SIP Address field that appears Network source IP filter is set to Network Specify the source IP address and source IP mask in the SIP Address and SIP Mask fields that appear When Host or Network is selected for the source IP filter you can SIP Address enter a specific SIP address in dotted decimal notation When Network is selected for the source IP filter you can enter a specific SIP mask in dotted decimal notation opecifies the destination I
117. nedlstaticlloop protectldhcplptplipmclcontlicts Port State lt port list gt enableldisable Statistics clear Security Network AAA Configuration Timeout lt timeout gt Deadtime dead Gomez RADIUS lt server_index gt enableldisable ip addr string lt secret gt lt server_port gt ORing Industrial Networking Corp 153 IGS P9812GP Series User Manual IACCT_RADIUS server index enableldisable ip addr string lt secret gt lt server_port gt Statistics lt server_index gt STP Version lt stp_version gt Non certified release v Msti Port Priority lt msti gt lt port_list gt lt priority gt Aggr Configuration Add port list aggr 1d gt ORing Industrial Networking Corp 154 IGS P9812GP Series User Manual Delete aggr id Lookup lt aggr id gt Mode smacldmacliplport enableldisable Configuration lt port_list gt LACP Statistics lt port_list gt clear LLDP Configuration lt port_list gt Mode lt port_list gt enableldisable Statistics lt port_list gt clear Info lt port_list gt PoE Configuration lt port_list gt Mode lt port list gt disabledlpoelpoe Priority lt port_list gt lowlhighlcritical Mgmt mode class conlclass reslal conlal resllldp resllldp con Maximum Power lt port_list gt port power gt Primary Supply supply
118. network the protocol automatically readjusts the ring so that the part of the network that was disconnected can reestablish contact with the rest of the network The O Ring redundant ring technology can protect mission critical applications from network interruptions or temporary malfunction with its fast recover technology IES 3080 Ba ckup Path T ass 4 1 2 Configurations O Ring supports three ring topologies Ring Master Coupling Ring and Dual Homing You can configure the settings in the interface below ORing Industrial Networking Corp 20 ORing IGS P9812GP Series User Manual O Ring Configuration la Dual Homing Homing Port Linkoown TT Porta winown Redundant Ring Check to enable O Ring topology Ring Master Only one ring master is allowed in a ring However if more than one switches are set to enable Ring Master the switch with the lowest MAC address will be the active ring master and the others will be backup masters 1 Ring Port The primary port when the switch is ring master 2 4 Ring Port The backup port when the switch is ring master Coupling Ring Coupling Port Dual Homing Check to enable Coupling Ring Coupling Ring can divide a big ring into two smaller rings to avoid network topology changes affecting all switches It is a good method for connecting two rings Ports for connecting multiple rings A coupling ring needs four switches to bu
119. network to effectively balance loads Port Settings This page allows you to examine and change the configurations of current MSTI ports A MSTI port is a virtual port which is instantiated separately for each active CIST physical port for each MSTI instance configured and applicable for the port The MSTI instance must be selected before MSTI port configuration options are displayed This page contains MSTI port settings for physical and aggregated ports The aggregation settings are stack global MSTI Port Configuration BET i MSTI v ver ORing Industrial Networking Corp 2 IGS P9812GP Series User Manual MSTI Normal Ports Configuration Port Path Cost Pot The switch port number of the corresponding STP CIST and MSTI port Configures the path cost incurred by the port Auto will set the path cost according to the physical link speed by using the 802 1D recommended values Specific allows you to enter a user defined value The path cost is used when establishing an active topology for the network Lower path cost ports are chosen as forwarding ports in favor of higher path cost ports The range of valid values is 1 to 200000000 Configures the priority for ports having identical port costs See above Click to save changes Reset Click to undo any changes made locally and revert to previously saved values Mapping This page allows you to examine and change the configurations of
120. ng Corp 137 IGS P9812GP Series User Manual ber Updates system og ens aring om te curententyID gt gt gt Updates system log entries starting from the last entry currently displayed Updates system log entries ending at the last available entry ID 5 10 5 Cable Diagnostics You can perform cable diagnostics for all ports or selected ports to diagnose any cable faults short open etc and feedback a distance to the fault Simply select the port from the drop down list and click Start to run the diagnostics This will take approximately 5 seconds If all ports are selected this can take approximately 15 seconds When completed the page refreshes automatically and you can view the cable diagnostics results in the cable status table Note that VeriPHY diagnostics is only accurate for cables 7 140 meters long 10 and 100 Mbps ports will be disconnected while running VeriPHY diagnostics Therefore running VeriPHY on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is completed VeriPHY Cable Diagnostics Cable Status Port Dap A LengthA Parr B LengthB Pairc LengthC Far D Length D Pot The port where you are requesting VeriPHY Cable Diagnostics Cable Status Port port number Pair the status of the cable pair Length the length in meters of the cable pair ORing Industrial Networking Corp 138 ORing IGS P9812GP Series User Manual 5 10 6 SFP Monitor SFP modul
121. nt Rx indicates whether pause frames on the port are obeyed and Current Tx indicates whether pause frames on the port are transmitted The Rx and Tx settings are determined by the result of the last auto negotiation You can check the Configured column to use flow control This setting is related to the setting of Configured Link Speed You can enter the maximum frame size allowed for the switch port in this column including FCS The allowed range is 1518 bytes to 9600 bytes ORing Industrial Networking Corp 50 IGS P9812GP Series User Manual Shows the current power consumption of each port in percentage The Configured column allows you to change power saving parameters for each port Power Control Disabled all power savings functions are disabled ActiPHY link down and power savings enabled PerfectReach link up and power savings enabled Enabled both link up and link down power savings enabled Total Power Usage Total power consumption of the board measured in percentage Click to undo any changes made locally and revert to previously saved values Click to refresh the page Any changes made locally will be undone 5 3 2 Port Trunk A port trunk is a group of ports that have been grouped together to function as one logical path This method provides an economical way for you to increase the bandwidth between the switch and another networking device In addition it is useful when a single physical link b
122. ny forwarding The default value is Permit Select a rate limiter for the port The allowed values are Disabled or Rate Limiter ID numbers from 1 to 15 The default value is Disabled Port C Select which port frames are copied to The allowed values are ort Copy Disabled or a specific port number The default value is Disabled opecifies the logging operation of the port The allowed values are Enabled frames received on the port are stored in the system log Logging Disabled frames received on the port are not logged The default value is Disabled Please note that system log memory capacity and logging rate is limited opecifies the shutdown operation of this port The allowed values are Enabled if a frame is received on the port the port will be disabled Disabled port shut down is disabled The default value is Disabled Counts the number of frames that match this ACE Rate Limiters This page allows you to define the rate limits applied to a port ORing Industrial Networking Corp 101 ORing IGS P9812GP Series User Manual ACL Rate Limiter Configuration Rate LimiterID Rate pps 4 Ln Lo Po LR DD On lk LATT 4 4 4 4 4 4 i V Rate Limiter ID The rate limiter ID for the settings contained in the same row The rate unit is packet per second pps which can be configured as 1 2 4 8 16 32 64 128 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K or 1024K
123. o Advanced mode converge more rapidly This function only can be set in MRP manager switch 1 Ring Port Chooses the port which connects to the MRP ring pv Ring Port Chooses the port which connects to the MRP ring ORing Industrial Networking Corp 23 ORing IGS P9812GP Series User Manual 4 4 STP RSTP MSTP 4 4 1 STP RSTP STP Spanning Tree Protocol and its advanced versions RSTP Rapid Spanning Tree Protocol and MSTP Multiple Spanning Tree Protocol are designed to prevent network loops and provide network redundancy Network loops occur frequently in large networks as when two or more paths run to the same destination broadcast packets may get in to an infinite loop and hence causing congestion in the network STP can identify the best path to the destination and block all other paths The blocked links will stay connected but inactive When the best path fails the blocked links will be activated Compared to STP which recovers a link in 30 to 50 seconds RSTP can shorten the time to 5 to 6 seconds STP Bridge Status This page shows the status for all STP bridge instance STP Bridges Auto refresh L Topology Topology Bridge ID Port Cost Flag Change Last 80 00 00 1E 984 FF FF FF 80 00 00 1E 94 FF FF FF LU Steady The bridge instance You can also link to the STP detailed bridge status Bridge ID The bridge ID of this bridge instance Root ID The bridge ID of the currently selected root bridge
124. o NAS Admin State for more details regarding each value Port State The current state of the port Refer to NAS Port State for more details regarding each value These supplicant frame counters are available for the following administrative states EAPOL Counters Force Authorized Force Unauthorized e 802 1X ORing Industrial Networking Corp 126 EAPOL Counters Direction Name IEEE Name Total dotixAuthEapolFramesRx Response ID dotixAuthEapolRespIdFramesRx Responses dotixAuthEapolRespFramesRx Start dotixAuthEapolStartFramesRx Logoff dotixAuthEapolLogoffFramesRx Invalid Type dotixAuthInvalidEapolFramesRx IGS P9812GP Series User Manual Description The number of valid EAPOL frames of any type that have been received by the switch The number of valid EAP Resp ID frames that have been received by the switch The number of valid EAPOL response frames other than Resp ID frames that have been received by the switch The number of EAPOL Start frames that have been received by the switch The number of valid EAPOL logoff frames that have been received by the switch The number of EAPOL frames that have been received by the switch in which the frame type is not recognized The number of EAPOL frames that have Invalid Length dotixAuthEapLengthErrorFramesRx been received by the switch in which the Total dotixAuthEapolFramesTx Request ID dotixAuthEapolRegIdFramesTx Requests dotixAuthEapolReqFramesTx Packet B
125. oduct s associated with this publication DISCLAIMER Information in this publication is intended to be accurate ORing shall not be responsible for its use or infringements on third parties as a result of its use There may occasionally be unintentional errors on this publication ORing reserves the right to revise the contents of this publication without notice CONTACT INFORMATION ORing Industrial Networking Corp 3F NO 542 2 Jnongjheng Rd Sindian District New Taipei City 231 Taiwan R O C Tel 886 2 2218 1066 Fax 886 2 2218 1014 Website www oring networking com Technical Support E mail support oring networking com Sales Contact E mail sales oring networking com Headquarters sales oring networking com cn China ORing Industrial Networking Corp 1 ORing IGS P9812GP Series User Manual Table of Content Getting Started c 6 1 1 About the NG SF 9G Pa 6 1 2 SOIDWAIe Ee 6 1 3 Hardware Specifications ccccccccccceececeececeececeeceseeeeseceeecessueesseesseeessneesseeenaaees 7 Hardware VEN IGEN E 8 2 1 mis Mm TT H 8 2 1 1 Ports and Connectors nennen nennen nnn nnn nnn nn 8 TEEN 9 2 2 FOF NG m R P 9 Hardware Installation eese eere eee eee 11 3 1 BLI GET AA EE de m 11 3 2 Wall
126. ody Length field is invalid The number of EAPOL frames of any type that have been transmitted by the switch The number of EAP initial request frames that have been transmitted by the switch The number of valid EAP Request frames other than initial request frames that have been transmitted by the switch These backend RADIUS frame counters are available for the following administrative states e 802 1X MAC based Auth Backend Server Counters Direction IEEE Name Access Challenges dotixAuthBackendAccessChallenges Backend Server dotixAuthBackendOtherRequestsToSupplicant Counters Auth successes dotixAuthBackendAuthSuccesses Auth Failures dotixAuthBackendAuthFails dotixAuthBackendResponses Description Port based Counts the number of times that the switch receives the first request from the backend server following the first response from the supplicant Indicates that the backend server has communication with the switch MAC based Counts all Access Challenges received from the backend server for this port left most table or client right most table Port based Counts the number of times that the switch sends an EAP Request packet following the first to the supplicant Indicates that the backend server chose an EAP method MAC based Not applicable Port and MAC based Counts the number of times that the switch receives a success indication Indicates that the supplicant client has
127. on UDP communications and received on UDP port 514 and the syslog server will not send acknowledgments back to the sender since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always be sent even if the syslog server does not exist Possible modes are Enabled enable server mode Disabled disable server mode Indicates the IPv4 host address of syslog server If the switch provides DNS functions it also can be a host name SMTP Simple Mail Transfer Protocol is a protocol for transmitting e mails across the Internet By setting up SMTP alert the device will send a notification e mail when a user defined event occurs SMTP Setting E mail Alert Disable SMTP Server Address Sender E mail Address Mail Subject Authentication Recipient E mail Address 1 Recipient E mail Address 2 Recipient E mail Address 3 Recipient E mail Address 4 Recipient E mail Address 5 Recipient E mail Address 6 ORing Industrial Networking Corp 129 IGS P9812GP Series User Manual Enables or disables transmission of system warnings by e mail Sender E mail Address SMTP server IP address Mail Subject Subject of the mail Authentication B Username the authentication username B Password the authentication password B Confirm Password re enter password Recipient E mail Address The recipient s e mail address A mail allows for 6 recipients Apply Clic
128. or a specific switch port Use the port drop down Clear list to decide the details of which switch port to be displayed The displayed counters include the total number for receive and transmit the size for receive and transmit and the errors for receive and transmit Detailed Port Statistics Port 1 Port 1 Auto refresh Receive Total Rx Packets Rx Octets Rx Unicast Rx Multicast Rx Broadcast Rx Pause Receive Size Counters Rx 64 Bytes Rx 65 127 Bytes Rx 128 255 Bytes Rx 256 511 Bytes Rx 512 1023 Bytes Rx 1024 1526 Bytes Rx 1527 Bytes Receive Queue Counters Receive Error Counters Rx CRC Alignment Rx Undersize Rx Oversize Rx Fragments Rx Jabber Rx Filtered EQuoOoubUttuuui u Transmit Total Tx Packets Tx Octets Tx Unicast Tx Multicast Tx Broadcast Tx Pause Transmit Size Counters Tx 64 Bytes Tx 65 127 Bytes Tx 128 255 Bytes Tx 256 511 Bytes Tx 512 1023 Bytes Tx 1024 1526 Bytes Tx 1527 Bytes Transmit Queue Counters Transmit Error Counters Tx Drops Tx Late Exc Coll D D D D O O O The number of received and transmitted good and bad packets The number of received and transmitted good and bad bytes Rx and Tx Octets l l l l including FCS except framing bits The number of received and transmitted good and bad unicast Rx and Tx Unicast packets The number of received and transmitted good and bad multicast Rx and Tx Multicast packets ORing Industrial Networking Cor
129. ore information please refer to Device Type In a unicast Slave Only clock you also need to configure which master clocks to request Announce and Sync messages from For more information please refer to Unicast Slave Configuration Enables VLAN tagging for PTP frames Note Packets are only tagged if the port is configured for vlan tagging i e Port Type Unaware and PortVLAN mode None and the port is member of the VLAN VLAN identifiers used for tagging the PTP frames Priority code point values used for PTP frames 142 ORing IGS P9812GP Series User Manual 9 12 Troubleshooting 5 12 1 Factory Defaults This function is to force the switch back to the original factory settings To reset the switch select Reset to Factory Defaults from the drop down list and click Yes Only the IP configuration is retained Factory Defaults Are you sure you want to reset the configuration to Factory Defaults Yes Click to reset the configuration to factory defaults Me Click to return to the Port State page without resetting 5 12 2 System Reboot You can reset the stack switch on this page After reset the system will boot normally as if you have powered on the devices Warm Reset Are you sure you want to perform a Warm Restart Yes Click to reboot device LI Click to return to the Port State page without rebooting ORing Industrial Networking Corp 143 ORing IGS P9812GP Series U
130. ould be smaller than the supplicant s EAPOL Start frame retransmission rate Overview of MAC Based Authentication Unlike 802 1X MAC based authentication is not a standard but merely a best practices method adopted by the industry In MAC based authentication users are called clients and the switch acts as the supplicant on behalf of clients The initial frame any kind of frame sent by a client is snooped by the switch which in turn uses the client s MAC address as both username and password in the subsequent EAP exchange with the RADIUS server The 6 byte MAC address is converted to a string in the following form xx xx xx xx xx xx that is a dash is used as separator between the lower cased hexadecimal digits The switch only supports the MD5 Challenge authentication method so the RADIUS server must be configured accordingly When authentication is complete the RADIUS server sends a success or failure indication which in turn causes the switch to open up or block traffic for that particular client using static entries into the MAC Table Only then will frames from the client be forwarded on the switch There are no EAPOL frames involved in this authentication and therefore MAC based authentication has nothing to do with the 802 1X standard The advantage of MAC based authentication over 802 1X is that several clients can be connected to the same port e g through a 3rd party switch or a hub and still require individual authentic
131. p 135 IGS P9812GP Series User Manual Rx and Tx The number of received and transmitted good and bad broadcast Broadcast packets The number of MAC Control frames received or transmitted on this Rx and Tx Pause EN port that have an opcode indicating a PAUSE operation The number of frames dropped due to insufficient receive buffer or Rx Drops l egress congestion Tx Late Exc Coll The number of frames dropped due to excessive or late collisions 1 Short frames are frames smaller than 64 bytes 2 Long frames are frames longer than the maximum frame length configured for this port 5 10 3 Port Mirroring Port mirroring function will copy the traffic of one port to another port on the same switch to allow the network analyzer attached to the mirror port to monitor and analyze packets The function is useful for troubleshooting To solve network problems selected traffic can be copied or mirrored to a mirror port where a frame analyzer can be attached to analyze the frame flow The traffic to be copied to the mirror port can be all frames received on a given port also known as ingress or source mirroring or all frames transmitted on a given port also known as egress or destination mirroring The port to which the monitored traffic is copied is called mirror port Mirror Configuration Buses Disabled Li 1 2 53 4 5 o Fj 8 a 0 1 ORing Industrial Networking Corp 136 IGS P9812GP Series User Manual
132. packet and put the packet into different queues before transmission such as high priority and most efficient transmission With such QoS functions you can ensure low latency for critical traffic This page allows you to configure DSCP settings for each port QoS Port DSCP Configuration Ingress Egress Translate Classify Rewrite Tos B 1 oO NR 3 E 4 Ll s D 6 d E s Oo s oO io Hn 11 d 2 p 3 DO 4 og 15 g Disable Disable v Shows the list of ports for which you can configure DSCP Ingress and Egress settings In Ingress settings you can change ingress translation and classification settings for individual ports There are two configuration parameters available in Ingress Translate check to enable the function Classify includes four values Disable no Ingress DSCP classification ORing Industrial Networking Corp 79 IGS P9812GP Series User Manual DSCP 0 classify if incoming or translated if enabled DSCP is 0 Selected classify only selected DSCP whose classification is enabled as specified in DSCP Translation window for the specific DSCP All classify all DSCP Port egress rewriting can be one of the following options Disable no Egress rewrite Enable rewrite enabled without remapping Remap DP Unaware DSCP from the analyzer is remapped and the frame is remarked with a remapped DSCP value The remapped DSCP value is always taken from the DSCP Translation gt Egress Remap DPO table R
133. ply receive ping reply from device meaning the device is still Status alive Lost Reply not receiving ping reply from device meaning the device might have been dead Stream Check Check to enable stream check When enabled the switch will detect the stream change getting low from the device Indicates stream check status Possible statuses are Stream Check disable Status Normal the stream is normal Low the stream is getting low DDoS Prevention Check to enable DDOS prevention When enabled the switch will Indicates DDOS prevention status Possible statuses are disable DDoS Prevention Status Analyzing analyzes packet throughput for initialization Running analysis completes and ready for next move Attacked DDOS attacks occur Device IP Address Specifies IP address of the device Device MAC opecifies MAC address of the device Address Advanced Configurations Alias IP Address This page provides alias IP address configuration Some devices might have more than one IP addresses You could specify other IP addresses here ORing Industrial Networking Corp 96 IGS P9812GP Series User Manual Alias IP Address Alias IP Address 1 0000 2 0000 2 ooo 0000 s ooo s 0000 7 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 opecifies alias IP address Keep 0 0 0 0 if the device does not have Alias IP Address an alias IP address Alive Check Alive Checking monitor
134. ress queues on a port such as classifying data and marking it according to its priority and the policies Packets will then travel across the switch s internal paths carrying their assigned QoS tag markers At the egress port these markers are read and used to determine which queue each data packet is forwarded to When the traffic does not conform to the conditions set in a policer command you can remark the traffic QoS Egress Port Tag Remarking Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Classified Wo co Cn ind J 6G RJ The switch port number to which the following settings will be applied Click on the port number to configure tag remarking Mode Shows the tag remarking mode for this port ORing Industrial Networking Corp 78 IGS P9812GP Series User Manual Classified use classified PCP DEI values Default use default PCP DEI values Mapped use mapped versions of QoS class and DP level 5 6 4 Port DSCP DSCP Differentiated Services Code Point is a measure of QoS It can classify data packets by using the 6 bit DS field in the IP header so you can manage each traffic class differently and efficiently thereby achieving optimized use of network bandwidth DSCP enabled routers on the network will read the DSCP value of the data
135. rom UTC GMT System Timezone The offset is given in minutes east of GMT The valid range is from 20 to 720 minutes Click to save changes Click to undo any changes made locally and revert to previously saved values 5 1 2 Admin amp Password This page allows you to configure the system password required to access the web pages or offset minutes log in from CLI System Password Username Old Password New Password Confirm New Password Old Password The existing password If this is incorrect you cannot set the new password Confirm New Password Re type the new password Save Click to save changes New Password The new system password The allowed string length is 0 to 31 and only ASCII characters from 32 to 126 are allowed ORing Industrial Networking Corp 35 ORing IGS P9812GP Series User Manual 5 1 3 Authentication This page allows you to configure how a user is authenticated when he she logs into the switch via one of the management interfaces Authentication Method Configuration Client Authentication Method Fallback console telnet ssh web Save Reset The management client for which the configuration below applies Authentication Method can be set to one of the following values Authentication None authentication is disabled and login is not possible Method Local local user database on the switch is used for authentication Radius a remote RADIUS server
136. s 1 x console port RJ 45 type IEC 61850 3 and IEEE 1613 compliance for power substation and railway applications EN50155 compliance for rolling stock applications Redundant DC power inputs Operating Temperature 40 to 75 C Storage Temperature 40 to 85 C Operating Humidity 596 to 9596 non condensing Casing IP 30 DIN Rail and wall mounting enabled Dimensions 115 W x 159 D x 154 H mm 4 53 x 6 26 x 6 06 inch ORing Industrial Networking Corp ORing IGS P9812GP Series User Manual Hardware Overview 2 1 Front Panel 2 1 1 Ports and Connectors The device provides the following ports on the front panel The Ethernet ports on the switches use RJ 45 connectors and the SFP module slots Copper ports 8 x 10 100 1000Base T X Fiber ports 12 x 100 1000Base T X fiber ports in SFP Reset button 1 x reset button Press the button for 3 seconds to reset and 5 seconds to return to factory default G20 6 PWR T PWR1 cw 8 PWR2 G19 Hz PWR2 9 RM ES 9 R M 10 9 Ring 10 Ring G181 17 Fault G ltz Fault y Console iN 14 o Rese ORing Industrial Networking Corp 8 ORing IGS P9812GP Series User Manual 9 LED for Ring Master status 10 LED for Ring status 1 LNK ACT port for Ethernet ports 2 10 100 100Base T X Ethernet ports 3 SFP fiber ports 11 Fault indicator 4 LNK status LED for SFP ports 12 Relay output 5 Console port 13 Power modules 6 Power indicator 14 Reset bu
137. s the real time status of the device connected to the port live checking packets will be sent to the device to probe if the device is running If the switch receives no response from the device actions will be taken according to your configurations Alive Check Action Status Link Change Only Log it Shunt Down the Port Reboot Device E lt iD 0 un amp Uu MJ Lr 2 HACE H H hl ORing Industrial Networking Corp 97 ORing IGS P9812GP Series User Manual DDoS Prevention The switch can monitor ingress packets and perform actions when DDOS attack occurred on this port When network traffic from a specific device increases significantly in a short period of time the switch will lock the IP address of that device to protect the network from attacks You can configure DDoS prevention on this page to achieve maximum protection DDOS Prevention Socket Number Mode Sensibili Packet Type Filte Status y yP Low High d 1 Enabled w Normal TCP b 80 80 Destination E _ Running 2 Normal ze TCP v 80 80 Destination v Blocking 1 minute 3 Normal se TCP v 80 80 Destination Blocking 10 minute nati Blocking 4 Normal m v 80 80 Destination Shunt Down the Port 5 Normal e TCP v 80 80 Destination v 6 Normal TCP v 80 80 Destination e BEES 7 Normal TCP v 80 80 Destinat
138. s value is restricted to 100 to 1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Queue Shaper Allows the queue to use excess bandwidth Excess Configures the weight of each queue The default value is 17 Queue Scheduler This value is restricted to 1 to 100 This parameter is only shown if Weight Scheduler Mode is set to Weighted Queue Scheduler Shows the weight of the queue in percentage This parameter is Percent only shown if Scheduler Mode is set to Weighted Port Shaper Enable Check to enable port shaper for individual switch ports Configures the rate of each port shaper The default value is 500 Port Shaper Rate This value is restricted to 100 to 1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Configures the unit of measurement for each port shaper rate as Port Shaper Unit kbps or Mbps The default value is kbps 5 6 7 Port Scheduler This page provides an overview of QoS Egress Port Schedulers for all switch ports QoS Egress Port Schedulers Weight O1 Q2 Q3 QI Qo Strict Priority Strict Priority S z E Strict Priority n S Strict Priority S T Strict Priority T e z Strict Priority d S min amp OM rh Pot o The switch port number to which the following settings will be applied ORing Industrial Networking Corp 84 IGS P9812GP Series User Manual BEEN Click on the port numb
139. sable the Daylight Saving Time configuration Select Recurring and configure the Daylight saving Time duration to repeat the configuration every year Select Non Recurring and configure the Daylight Saving Time duration for single time configuration Default Disabled Start Time Settings Start Time settings Week Day Month Hours Minutes Wook Seocittestngweskrumber Wont Selst ine stron Hows Setstinestrrgnaue minutes Seletinestrominte End Time Settings End Time settings Week Day Month Hours Minutes Description Select the ending week number Select the ending day Select the ending month Select the ending hour Select the ending minute ORing Industrial Networking Corp 39 ORing IGS P9812GP Series User Manual Offset Settings Offset settings 1 1 1440 Minutes 5 1 7 HTTPS You can configure the HTTPS mode in the following page HTTPS Configuration aM Disabled law nenns SS Indicates the selected HTTPS mode When the current connection is HTTPS disabling HTTPS will automatically redirect web browser to an HTTP connection The modes include Enabled enable HTTPS Disabled disable HTTPS Click to save changes Reset Click to undo any changes made locally and revert to previously saved values 5 1 8 SSH SSH Secure Shell is a cryptographic network protocol intended for secure data transmission and remote access by creating a se
140. selected for the SMAC filter you can enter a Sine mE specific source MAC address The legal format is XX XX XX XX XX XX Frames matching the ACE will use this SMAC value Specifies the destination MAC filter for this ACE Any no DMAC filter is specified DMAC filter status is don t care MC frame must be multicast BC frame must be broadcast DMAC Filter UC frame must be unicast Specific If you want to filter a specific destination MAC address with the ACE choose this value A field for entering a DMAC value appears When Specific is selected for the DMAC filter you can enter a specific destination MAC address The legal format is DMAC Value XX XX XX XX XX XX Frames matching the ACE will use this DMAC value VLAN Parameters VLAN ID Filter VLAN ID Tag Priority Specifies the VLAN ID filter for the ACE Any no VLAN ID filter is specified VLAN ID filter status is VLAN ID Filter don t care Specific if you want to filter a specific VLAN ID with the ACE choose this value A field for entering a VLAN ID number appears VLAN ID When Specific is selected for the VLAN ID filter you can enter a ORing Industrial Networking Corp 104 IGS P9812GP Series User Manual specific VLAN ID number The allowed range is 1 to 4095 Frames matching the ACE will use this VLAN ID value opecifies the tag priority for the ACE A frame matching the ACE will Tag Priority use this tag priority The allowed number
141. ser Manual 5 13 Command Line Interface Management Besides Web based management the device also supports CLI management You can use console or telnet to manage the switch by CLI CLI Management by RS 232 Serial Console 115200 8 none 1 none Before configuring RS 232 serial console connect the RS 232 port of the switch to your PC Com port using a RJ45 to DB9 F cable Follow the steps below to access the console via RS 232 serial cable Step 1 On Windows desktop click on Start gt Programs gt Accessories gt Communications gt Hyper Terminal Accessibility Fag Communications E HyperTerminal Network Time Protocol gt gi Network and Dial up Connections e System Tools dl HyperTerminal k p Acrobat Reader 5 0 A Address Book Eg Calculator B Command Prompt c MetTime Notepad A d E SJ windows Explorer fm Accessories 2 5 WordPad E Network Associates E 4 Documents 3 startup mann An xl es 9 Outlook Express Search 3 Programs BH te mns Windows 2000 Professional j ay Shut Down Am S X ORing Industrial Networking Corp 144 ORing IGS P9812GP Series User Manual otep 2 Input a name for the new connection ER ai Mew Connection Enter a name and choose an icon far the connection Name eg corr Disconnected Auto detect Auto detect SCROLL CAPS NUM Capture Print echo otep 3 Select a COM port in the drop down list e termnial H
142. sified to the default DP level If the port is VLAN aware the frame is tagged and Tag Class is enabled then the frame is classified to a DP level that is mapped from the PCP and DEI value in the tag Otherwise the frame is classified to the default DP level The classified DP level can be overruled by a QCL entry Controls the default PCP value All frames are classified to a PCP value If the port is VLAN aware and the frame is tagged then the frame is classified to the PCP value in the tag Otherwise the frame is classified to the default PCP value Controls the default DEI value All frames are classified to a DEI value OkRing Industrial NetworkingCcop mm Industrial Networking Corp II IGS P9812GP Series User Manual If the port is VLAN aware and the frame is tagged then the frame is classified to the DEI value in the tag Otherwise the frame is classified to the default DEI value Shows the classification mode for tagged frames on this port Disabled Use default QoS class and DP level for tagged frames Enabled Use mapped versions of PCP and DEI for tagged Tag Class nem Click on the mode to configure the mode and or mapping Note this setting has no effect if the port is VLAN unaware Tagged frames received on VLAN unaware ports are always classified to the default QoS class and DP level DSCP Based Click to enable DSCP based QoS Ingress Port Classification 5 6 3 Port Tag Remaking You can set QoS eg
143. so this will not detect whether the client is still attached or not and the only way to free any resources IS to age the entry This setting applies to the following modes i e modes using the Port Security functionality to secure MAC addresses MAC Based Auth If a client is denied access either because the RADIUS server denies the client access or because the RADIUS server request times out according to the timeout specified on the Configuration Security Hold Time AAA page the client is put on hold in Unauthorized state The hold timer does not count during an on going authentication The switch will ignore new frames coming from the client during the hold time The hold time can be set to a number between 10 and 1000000 seconds Port The port number for which the configuration below applies lf NAS is globally enabled this selection controls the port s authentication mode The following modes are available Force Authorized In this mode the switch will send one EAPOL Success frame when the port link is up and any client on the port will be allowed network access Admin State without authentication Force Unauthorized In this mode the switch will send one EAPOL Failure frame when the port link is up and any client on the port will be disallowed network access Port based 802 1X ORing Industrial Networking Corp 121 IGS P9812GP Series User Manual In an 802 1X network environment th
144. st contain an even number between 10 and 64 hexadecimal digits but all zeros and all F s are not allowed Change of the Engine ID will clear all original local users SNMP Trap Configuration Trap Mode Trap Version Trap Community Trap Destination Address Trap Destination IPv6 Address Trap Authentication Failure Trap Link up and Link down Trap Inform Mode Trap Inform Timeout seconds Trap Inform Retry Times Indicates existing SNMP trap mode Possible modes include Trap Mode Enabled enable SNMP trap mode Disabled disable SNMP trap mode Indicates the supported SNMP trap version Possible versions Trap Version ue include ORing Industrial Networking Corp 69 IGS P9812GP Series User Manual SNMP v1 supports SNMP trap version 1 SNMP v2c supports SNMP trap version 2c SNMP v3 supports SNMP trap version 3 Indicates the community access string when sending SNMP trap Trap Community packets The allowed string length is O to 255 and only ASCII characters from 33 to 126 are allowed Trap Destination Indicates the SNMP trap destination address Address Provides the trap destination IPv6 address of this switch IPv6 address consists of 128 bits represented as eight groups of four oo hexadecimal digits with a colon separating each field For Trap Destination example in fe80 215 c5ff fe03 4dc7 the symbol is a special IPv6 Address syntax that can be used as a short
145. strial Networking Corp 87 ORing IGS P9812GP Series User Manual QCE Configuration Port Members 11 17 13 14 15 16 17 18 19 20 Specific o m SMAC Specific ee UC v Frame Type Ethe et MAC Parameters SR Specific Y Value OxFFFF Port Members Key Parameters ORing Industrial Networki Action Parameters 3 w 1 dw 28 AF32 vw Value 0x 00 00 00 Check to include the port in the QCL entry By default all ports are included Key configurations include Tag value of tag can be Any Untag or Tag VID valid value of VLAN ID from 1 to 4095 Any can be a specific value or a range of VIDs PCP Priority Code Point can be specific numbers 0 1 2 3 4 5 6 7 arange 0 1 2 3 4 5 6 7 0 3 4 7 or Any DEI Drop Eligible Indicator can be any of values between 0 and 1 or Any SMAC Source MAC Address can be 24 MS bits OUI or Any DMAC Type Destination MAC type can be unicast UC multicast MC broadcast BC or Any Frame Type can be the following values Any Ethernet LLC SNAP IPv4 and IPv6 Note all frame types are explained below Allow all types of frames Valid Ethernet values can range from 0x600 to OxFFFF or Any but ng Corp 88 ORing IGS P9812GP Series User Manual nh 0x800 IPv4 and Ox86DD IPv6 The default value is PID valid PID Ethernet type values can range from Ox00 to OxFFFF or Any The default valu
146. t all zeros and all F s are not allowed The SNMPv3 architecture uses User based Security Model USM for message security and View based Access Control Model VACM for access control For the USM entry the usmUserEnginelD and usmUserName are the entry keys In a simple agent usmUserEnginelD is always that agent s own snmpEnginelD value Oking Industrial Networking Gar 4 Industrial Networking Corp 71 IGS P9812GP Series User Manual The value can also take the value of the snmpEnginelD of a remote SNMP engine with which this user can communicate In other words if user engine ID is the same as system engine ID then it is local user otherwise it s remote user A string identifying the user name that this entry should belong to The allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed Indicates the security model that this entry should belong to Possible security models include NoAuth NoPriv no authentication and none privacy Auth NoPriv Authentication and no privacy Security Level Auth Priv Authentication and privacy The value of security level cannot be modified if the entry already exists which means the value must be set correctly at the time of entry creation Indicates the authentication protocol that this entry should belong to Possible authentication protocols include None no authentication protocol MD5 an optional flag to indicate that this user is using MD5 Authentication
147. t gt shutdownlshut logllog Port Transmit lt port_list gt enableldisable ORing Industrial Networking Corp 160 Port Configuration lt port_list gt ORing IGS P9812GP Series User Manual Status lt port_list gt IPMC Querier igmp lt vid gt enableldisable Version 1igmp lt vid gt Fault Alarm PortLinkDown lt port list gt enableldisable Alarm PowerFailure pwrllpwr2lpwr3 enableldisable Event ISMT P Port lt port_list gt disablellinkupllinkdownlboth DHCPServer IMode enableldisable Setup lt ip_start gt lt ip end gt lt ip_mask gt ip router ORing Industrial Networking Corp 161 ORing IGS P9812GP Series User Manual lt ip_dns gt lt ip tftp gt lease lt bootfile gt Ring Mode enableldisable Dualhoming Port lt port gt Chain Configuration RCS Mode enableldisable Add Lomp addr gt lt port list gt web onlweb off telnet onltelnet off snmp onlsnmp off Configuration FastReocvery Mode enableldisable Port lt port list gt fr priority gt SFP syslog enableldisable temp temperature DeviceBinding ORing Industrial Networking Corp 162 IGS P9812GP Series User Manual Mode enableldisable Port DDOS Sensibility lt port_list gt Port DDOS Packet lt port_list gt Port DDOS High lt port_list gt lt socket_number gt Port DDO
148. te lt port_list gt enableldisable Security Switch Switch security setting Network Network security setting AAA Authentication Authorization and Accounting setting Security Switch Password lt password gt Auth Authentication SSH Secure Shell HTTPS Hypertext Transfer Protocol over Secure Socket Layer IRMON Remote Network Monitoring Security Switch Authentication Configuration Method consoleltelnetlsshlweb nonellocallradius enableldisable Security Switch SSH Mid E Mode enableldisable Security Switch HTTPS Configuration Mode enableldisable Security Switch RMON Statistics Add stats 1d data source Statistics Delete stats 1d Statistics Lookup lt stats_id gt History Add history id data source lt interval gt buckets History Delete history id ORing Industrial Networking Corp 151 IGS P9812GP Series User Manual History Lookup lt history 1d gt Alarm Add alarm 1d interval alarm variable absoluteldelta lt rising threshold rising event index gt lt falling threshold gt falling event index risinglfallinglboth Alarm Delete alarm 1d Alarm Lookup lt alarm 1d gt Security Network IPsec Port Security Status NAS Network Access Server IEEE 802 1X ACL Access Control List IDHCP Dynamic Host Configuration Protocol Security Network Psec Switch lt port_list gt
149. te VLAN ID You can check the box to include a port in a private Port Members VLAN To remove or exclude the port from the private VLAN make sure the box is unchecked By default no ports are members and all boxes are unchecked Click Add new Private VLAN to add a new private VLAN ID An empty row is added to the table and the private VLAN can be configured as needed The allowed range for a private VLAN ID is the same as the switch port number range Any values outside Adding a New Static this range are not accepted and a warning message appears Entry Click OK to discard the incorrect entry or click Cancel to return to the editing and make a correction The private VLAN is enabled when you click Save The Delete button can be used to undo the addition of new private VLANs A private VLAN is defined as a pairing of a primary VLAN with a secondary VLAN A promiscuous port is a port that can communicate with all other private VLAN port types via the primary VLAN and any associated secondary VLANs whereas isolated ports can communicate only with a promiscuous port ORing Industrial Networking Corp 67 ORing IGS P9812GP Series User Manual Port Isolation Configuration Open in new window Port Number ae Loes S A check box is provided for each port of a private VLAN When checked port isolation is enabled for that port Port Members TEM When unchecked port isolation is disabled for that port By de
150. te the function Once the box is checked you will be able to input information in each column DHCP Server Configuration Enabled Start Ip Address 192 168 10 100 End IP Address 1192 1 168 10 200 Subnet Mask 255 255 255 Router 192 168 10 254 DNS 192 168 10 254 Lease Time sec 86400 TFTP Server 0 0 d 0 Boot File Name 5 2 2 Dynamic Client List When DHCP server functions are activated the switch will collect DHCP client information and display in the following table DHCP Dynamic Client List No Select Type MAC Address IP Address Surplus Lease Select Clear All Add to static Table 5 2 3 Client List You can assign a specific IP address within the dynamic IP range to a specific port When a device is connected to the port and requests for dynamic IP assigning the switch will assign the IP address that has previously been assigned to the connected device ORing Industrial Networking Corp 46 ORing IGS P9812GP Series User Manual DHCP Client List MAC Address IP Address Add as Static No Select Type MAC Address IP Address Surplus Lease Select Clear All 5 2 4 Relay Agent DHCP relay is used to forward and transfer DHCP messages between the clients and the server when they are not in the same subnet domain You can configure the funct
151. the Reauthentication Period Reauthentication for 802 1X enabled ports can be used to detect if a new device is plugged into a switch port For MAC based ports reauthentication is only useful if the RADIUS server configuration has changed It does not involve communication between the switch and the client and therefore does not imply that a client is still present on a port see Age Period below Determines the period in seconds after which a connected client must be re authenticated This is only active if the Reauthentication Enabled checkbox is checked Valid range of the value is 1 to 3600 seconds Determines the time for retransmission of Request Identity EAPOL frames Valid range of the value is 1 to 65535 seconds This has no effect for MAC based ports 120 ORing IGS P9812GP Series User Manual This setting applies to the following modes i e modes using the Port Security functionality to secure MAC addresses MAC Based Auth When the NAS module uses the Port Security module to secure MAC addresses the Port Security module needs to check for activity on the MAC address in question at regular intervals and free resources if no Age Period activity is seen within a given period of time This parameter controls exactly this period and can be set to a number between 10 and 1000000 seconds For ports in MAC based Auth mode reauthentication does not cause direct communications between the switch and the client
152. tination filter is specified TCP UDP destination filter status is don t care TCP UDP Specific if you want to filter a specific TCP UDP destination filter with the Destination ACE you can enter a specific TCP UDP destination value A field for Filter entering a TCP UDP destination value appears Range if you want to filter a specific range TCP UDP destination filter with the ACE you can enter a specific TCP UDP destination range A field for entering a TCP UDP destination value appears ORing Industrial Networking Corp 110 TCP UDP Destination Number TCP UDP Destination Range TCP FIN TCP SYN TCP PSH TCP ACK TCP URG ORing Industrial Networking Cop mg Industrial Networking Corp IGS P9812GP Series User Manual When Specific is selected for the TCP UDP destination filter you can enter a specific TCP UDP destination value The allowed range is O to 65535 A frame matching the ACE will use this TCP UDP destination value When Range is selected for the TCP UDP destination filter you can enter a specific TCP UDP destination range value The allowed range is O to 65535 A frame matching the ACE will use this TCP UDP destination value opecifies the TCP FIN no more data from sender value for the ACE 0 TCP frames where the FIN field is set must not be able to match this entry 1 TCP frames where the FIN field is set must be able to match this entry Any any value is allowed don t care Specifi
153. tion server If the port is set to 0 zero the default port 1812 is used on the RADIUS authentication server The secret is a text string used by RADIUS to encrypt the client and server authenticator field during exchanges between the router and a RADIUS authentication server The router encrypts PPP PAP passwords using this text string The secret up to 29 characters long shared between the RADIUS authentication server and the switch stack ORing Industrial Networking Corp 113 ORing IGS P9812GP Series User Manual RADIUS Accounting Server Configuration IP Address Port Secret The RADIUS accounting server number for which the configuration below applies Enabled Check to enable the RADIUS accounting server address is expressed in dotted decimal notation The UDP port to use on the RADIUS accounting server If the port is set to 0 zero the default port 1813 is used on the RADIUS accounting server The secret is a text string used by RADIUS to encrypt the client and server authenticator field during exchanges between the router and a RADIUS authentication server The router encrypts PPP PAP passwords using this text string The secret up to 29 characters long shared between the RADIUS authentication server and the switch stack Authentication and Accounting Server Status Overview This page provides information about the status of the RADIUS server configurable on the authenticatio
154. to configure the SNMPv3 group table The entry index keys are Security Model and Security Name SNMPv3 Groups Configuration Delete Security Model Security Name GroupName public default ro group private default rw group public default ro g roup private default_rw_group default_user default rw g roup Save Check to delete the entry It will be deleted during the next save Indicates the security model that this entry should belong to Possible security models included Security Model v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM A string identifying the security name that this entry should belong to Security Name The allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed A string identifying the group name that this entry should belong to Group Name The allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed 5 5 5 SNMP View Configurations The SNMP v3 View table specifies the MIB object access requirements for each View Name You can specify specific areas of the MIB that can be accessed or denied based on the entries or create and delete entries in the View table in this page The entry index keys are View Name and OID Subtree ORing Industrial Networking Corp 73 ORing IGS P9812GP Series User Manual SNMPv3 Views Configuration Delete View Name View Type OID S
155. tream monitoring of the port Mode Indicates the action to take when the stream gets low Possible actions are no action Log it simply logs the event 5 8 3 ACL An ACL Access Control List is a list of permissions attached to an object An ACL specifies which users or system processes are authorized to access the objects and what operations ORing Industrial Networking Corp 100 ORing IGS P9812GP Series User Manual are allowed on given objects parameters will affect frames received on a port unless the frame matches a specific ACE Port Configuration ACL Ports Configuration Posey Action Pp unciis Logging Shutdown Counter ID ID 1 10 Permit v Disabled v Disabled v Disabled v Disabled v 108498 2 18 Permit v Disabled v Disabled v Disabled v Disabled v 0 3 LL Permit Disabled v Disabled Disabled v Disabled 68732984 4 iv Permtw Disabled v Disabled Disabled v Disabled v 5 iw Permit v Disabled v Disabled v Disabled v Disabled v 0 S 19 Permit v Disabled v Disabled v Disabled v Disabled v 68732984 7 19 Permit v Disabled Y Disabled Disabled v Disabled 0 8 14 Permt v Disabled v Disabled Disabled Disabled v 0 The switch port number to which the following settings will be applied Select to apply a policy to the port The allowed values are 1 to 8 The Policy ID default value is 1 Select to Permit to permit or Deny to de
156. tton 7 Power 1 module indicator 8 Power 2 module indicator 2 1 2 LED Green Blinking Ring structure is broken Faulty relay power failure or Amber port malfunctioning 10 100 1000Base T X Fast Ethernet ports LNK ACT Green S su data Speed 2 Port is running at 100Mbps Amber op Potisruning at 10Mbps SFP LNK ACT Green Blinking Transmitting data 2 2 Rear Panel On the rear panel of the switch sit three sets of screw holes The two sets placed in triangular patterns on both ends of the rear panel are used for wall mounting and the set of four holes in the middle are used for Din rail installation For more information on installation please refer to 23 1 Din rail Installation ORing Industrial Networking Corp 9 LPP I FF FFF Ak M MAM AM Ah VY YY YI VV M hd MMMM VY ORing Industrial Networking Corp CVV IGS P9812GP Series User Manual 1 Wall mount screw holes 2 Din rail screw holes 10 IGS P9812GP Series User Manual ORing Hardware Installation 3 1 DIN rail Installation The switch comes with a DIN rail kit to allow you to fasten the switch to a DIN rail in any environments 115 0 159 0 DIN rail Kit Measurement Unit mm Installing the switch on the DIN rail is easy First screw the Din rail kit onto the back of the switch right in the middle of the back panel Then slide the switch onto a DIN rail from the Din rail kit and make sure the switch clicks into the rail f
157. u can use a cable to connect the switch to a PC The table below shows the 10BASE T 100BASE TX MDI and MDI X port pin outs 10 100Base T MDI MDI X Pin Assignments TD transmit RD receive TD transmit RD receive RD receive TD transmit RD receive TD transmit Ooo 6 ORing Industrial Networking Corp 15 IGS P9812GP Series User Manual ef more mouse 1000Base T MDI MDI X Pin Assignments Pme wer w ss s em am e em mo Note and signs represent the polarity of the wires that make up each wire pair RS 232 port wiring The device can be managed via console ports using a RS 232 cable which can be found in the package You can connect the port to a PC via the RS 232 cable with a DB 9 female connector The DB 9 female connector of the RS 232 cable should be connected the PC while the other end of the cable RJ 45 connector should be connected to the console port of the switch PC pin out male assignment DE Male Shield DBD Female Received Une Signa Deag b A Signal Ground 3 ap gece Ring Indicator ff DOE Rendy DTE Ready wg 4 Transmitted Data za B Clear to Send Transmitted Data Received Data 5 7 Clear to Send im 5 Received Data 7 f Request ta Send DTE Ready 4 9 Request to Send 9 5 Received Line Signa Detect d E DCE Ready Signal Ground Ring Indicator Shield o i Recev
158. ubtree E default view included Ki Check to delete the entry It will be deleted during the next save A string identifying the view name that this entry should belong to The View Name allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed Indicates the view type that this entry should belong to Possible view types include Included an optional flag to indicate that this view subtree should be included View Type Excluded An optional flag to indicate that this view subtree should be excluded Generally if an entry s view type is Excluded it should exist another entry whose view type is Included and its OID subtree oversteps the Excluded entry The OID defining the root of the subtree to add to the named view The OID Subtree allowed OID length is 1 to 128 The allowed string content is digital number or asterisk 5 5 6 SNMP Access Configurations This page allows you to configure SNMPv3 access table The entry index keys are Group Name Security Model and Security Level SNMPv3 Accesses Configuration Delete Group Name Security Model Security Level Read View Name Write View Name C default ro group any NoAuth NoPriv default view v None E default rw group any NoAuth NoPriv default view v default view Check to delete the entry It will be deleted during the next save A string identifying the group name that this entry should belong OR
159. ues 4 5 Fast Recovery Fast recovery mode can be set to connect multiple ports to one or more switches The device with fast recovery mode will provide redundant links Fast recovery mode supports 20 priorities Only the first priority will be the active port and the other ports with different priorities will be backup ports ORing Industrial Networking Corp 31 IGS P9812GP Series User Manual Fast Recovery Mode Active Activate fast recovery mode Ports can be set to 20 priorities Only the port with the highest priority will be the active port 1st Priority is the highest Click to activate the configurations ORing Industrial Networking Corp 32 ORing IGS P9812GP Series User Manual Management The switch can be controlled via a built in web server which supports Internet Explorer Internet Explorer 5 0 or above versions and other Web browsers such as Chrome Therefore you Can manage and configure the switch easily and remotely You can also upgrade firmware via a web browser The Web management function not only reduces network bandwidth consumption but also enhances access speed and provides a user friendly viewing screen Note By default IE5 0 or later version do not allow Java applets to open sockets You need to modify the browser setting separately in order to enable Java applets for network ports Preparing for Web Management You can access the mana
160. uit vice versa The relay Open Close contacts will respond to user configured events according to the wiring 3 3 3 Redundant Power Inputs The switch has two sets of power inputs power input 1 and power input 2 which sit on the front panel along with LAN ports Follow the steps below to wire redundant power inputs D Step 1 insert the negative positive wires into the V V terminals respectively Step 2 to keep the wires from pulling loose use a small flat blade screwdriver to tighten the wire clamp screws on the front of the terminal block connector 3 4 Connection 3 4 1 Cables 10 100 1000BASE T X Pin Assignments The device has standard Ethernet ports According to the link type the switch uses CAT 3 4 5 5e UTP cables to connect to any other network devices PCs servers switches routers or hubs Please refer to the following table for cable specifications Cable Types and Specifications Cable Max Length Connector 10BASE T Cat 3 4 5 100 ohm UTP 100 m 328 ft RJ 45 Cat 5 Cat 5e 100 ohm 1000BASE T jue UTP 100 m 328ft RJ 45 100BASE TX Cat 5 100 ohm UTP UTP 100 m 328 ft RJ 45 With 10 100 1000BASE T X cables pins 1 and 2 are used for transmitting data and pins 3 ORing Industrial Networking Corp 14 ORing IGS P9812GP Series User Manual and 6 are used for receiving data 10 100Base T X RJ 45 Pin Assignments RD The device also supports auto MDI MDI X operation Yo
161. umber of RADIUS Access Request radiusAuthClientExtAccessRetransmissions packets retransmitted to the RADIUS authentication server Access Retransmissions The number of RADIUS Access Request packets destined for the server that have not yet timed out or received a response This Pending Requests radiusAuthClientExtPendingRequests variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransmission The number of authentication timeouts to the server After a timeout the client may retry to the same server send to a different server or radiusAuthClientExtTimeouts give up A retry to the same server is counted as a retransmit as well as a timeout A send to a different server is counted as a Request as well as a timeout ORing Industrial Networking Corp 116 IGS P9812GP Series User Manual This section contains information about the state of the server and the latest round trip time RFC4668 Name Description Shows the state of the server It takes one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and Other Info running l uu Ready The server is enabled IP communication is up and running and the RADIUS module is ready to accept access attempts Dead X seconds left Access attempts were made to this server but it did not reply
162. valid values is 4 to 30 seconds The maximum time the information transmitted by the root bridge Max Age is considered valid The range of valid values is 6 to 40 seconds and Max Age must be lt FwdDelay 1 2 Maximum Hop Count This defines the initial value of remaining hops for MSTI ORing Industrial Networking Corp 26 IGS P9812GP Series User Manual information generated at the boundary of an MSTI region It defines how many bridges a root bridge can distribute its BPDU information to The range of valid values is 4 to 30 seconds and MaxAge must be lt FwdDelay 1 2 The number of BPDUS a bridge port can send per second When Transmit Hold Count exceeded transmission of the next BPDU will be delayed The range of valid values is 1 to 10 BPDUS per second Click to save changes Click to undo any changes made locally and revert to previously saved values 4 4 2 MSTP oince the recovery time of STP and RSTP takes seconds which are unacceptable in some industrial applications MSTP was developed The technology supports multiple spanning trees within a network by grouping and mapping multiple VLANs into different spanning tree instances known as MSTIs to form individual MST regions Each switch is assigned to an MST region Hence each MST region consists of one or more MSTP switches with the same VLANs at least one MST instance and the same MST region name Therefore switches can use different paths in the
163. with errors when being sent to clients Receive from Server The number of packets received from the server Receive Missing Agent The number of packets received without agent information Option sees Receive Missing Circuit The number of packets received with Circuit ID Receive Missing Remote The number of packets received with the Remote ID option Receive Bad Circuit ID The number of packets whose Circuit ID do not match the known circuit ID Receive Bad Remote ID The number of packets whose Remote ID do not match the known Remote ID Client Statistics Transmit Transmit Receive Receive Replace Keep Drop to Client Error from Client Agent Option Agent Option Agent Option Agent Option 0 0 0 0 0 0 g Receive Agent Option The number of received packets containing relay agent information Replace Agent Option The number of packets replaced when received messages contain relay agent information Keep Agent Option The number of packets whose relay agent information is D mmt Drop Agent Option The number of packets dropped when received messages BED contain relay agent information 5 3 Port Setting Port Setting allows you to manage individual ports of the switch including traffic power and trunks 5 3 1 Port Control This page shows current port configurations Ports can also be configured here ORing Industrial Networking Corp 49 ORing Port Configuration Port Link Current 5 1 e Dow
164. x to enable an automatic refresh of the page at Auto refresh regular intervals STP Statistics This page displays the STP port statistics for the currently selected switch SIP Statistics Auto refresh I I Port Transmitted MSIP RSIP STP TCN MSIP Received Discarded RSIP STP TCN Unknown Illegal No ports enabled ORing Industrial Networking Corp 25 IGS P9812GP Series User Manual The switch port number to which the following settings will be applied RSTP The number of RSTP configuration BPDUs received transmitted on the port number legacy STP configuration BPDUs received transmitted on the port The number of legacy topology change notification BPDUs received transmitted on the port The number of unknown spanning tree BPDUs received and Discarded Unknown discarded on the port The number of illegal spanning tree BPDUs received and Discarded Illegal discarded on the port Refresh Click to refresh the page immediately Check to enable an automatic refresh of the page at regular Auto refresh intervals STP Bridge Configurations STP Bridge Configuration Basic Settings Protocol Version Forward Delay Max Age Maximum Hop Count Transmit Hold Count 6 The version of the STP protocol Valid values include STP RSTP Protocol Version and MSTP The delay used by STP bridges to transit root and designated Forward Delay ports to forwarding used in STP compatible mode The range of
165. y Strict Priority uses queues based only priority When traffic arrives the device traffic on the highest priority queue will be transmitted first followed by traffic on lower priorities If there is always some content in the highest priority queue then the other packets in the rest of queues will not be sent until the highest priority queue is empty The SP algorithm is preferred when the received packets contain high priority data such as voice and video Port 1 QoS Egress Port Scheduler and Shapers Port 1 Queue Shaper Port Shaper Enable Rate Unit Excess Enable Rate Unit ao 500 kbps MIT a1 S a Scheduler Mode Two scheduling modes are available Strict Priority or Weighted Queue Shaper m Enabl Check to enable queue shaper for individual switch ports nable Configures the rate of each queue shaper The default value is Queue Shaper Rate 500 This value is restricted to 100 to 1000000 when the Unit is kbps and it is restricted to 1 to 3300 when the Unit is Mbps Configures the rate for each queue shaper The default value is Queues Shaper Unit 500 This value is restricted to 100 to 1000000 when the Unit is ORing Industrial Networking Corp 82 IGS P9812GP Series User Manual kbps and itis restricted to 1 to 3300 when the Unit is Mbps Queue Shaper Allows the queue to use excess bandwidth Excess Port Shaper Enable Check to enable port shaper for individual switch ports Configures the r
166. y index key is Community ORing Industrial Networking Corp 70 ORing IGS P9812GP Series User Manual SNMPv3 Communities Configuration Delete Community Source rr ECKE public private Check to delete the entry It will be deleted during the next save Indicates the community access string to permit access to SNMPv3 Community agent The allowed string length is 1 to 32 and only ASCII characters from 33 to 126 are allowed SoucelP Indicates the SNMP source address Source Mask Indicates the SNMP source address mask 5 5 3 SNMP User Configurations Each SNMP user has a specified username a group to which the user belongs authentication password authentication protocol privacy protocol and privacy password When you create a user you must associate it with an SNMP group The user then inherits the security model of the group This page allows you to configure the SNMPv3 user table The entry index keys are Engine ID and User Name SNMPv3 Users Configuration User Security Authentication Authentication Privacy Privacy Name Level Protocol Password Protocol Password C 800007e5017f000001 default user NoAuth NoPriv None None None None Add new user Delete Engine ID Check to delete the entry It will be deleted during the next save An octet string identifying the engine ID that this entry should belong to The string must contain an even number between 10 and 64 hexadecimal digits bu
167. y received Response Identity EAPOL frame MAC based Not applicable 5 9 Alerts 5 9 1 Fault Alarm When any selected fault event happens the Fault LED on the switch panel will light up and the electric relay will signal at the same time The following pages allow you to set up alert conditions based on your needs for individual switch ports including actions to be taken during disconnection and power failure Port Link Down Broken Port Active H Fault Alarm Power Failure PWR 1 D t Ln 4 DA RJ 10 La LA la 39 1790 99 994 997 1788 988 IDE D DRE D ra 5 9 2 System Warning SYSLOG Setting PWR 2 SYSLOG is a protocol that allows a device to send event notification messages across IP networks to event message collectors It permits separation of the software that generates messages from the system that stores them and the software that reports and analyzes them As Syslog messages are UDP based the sender and receiver will not be aware of it if the packet is lost due to network disconnection and no UDP packet will be resent ORing Industrial Networking Corp 128 Server Mode Server IP Address SMTP Setting IGS P9812GP Series User Manual System Log Configuration Server Mode Disabled Server Address Indicates existing server mode When the mode operation is enabled the syslog message will be sent to syslog server The syslog protocol is based
168. yperTerminal T s l Ioj gt File Edit View Cal Transfer Help Dis es ER SECH termnial Enter details for the phone number that you want to dial Countmdregon Taiwan 885 Area code Phone number Connect using m Cancel Discannected Auto detect Auto detect SCROLL caps NUM Capture Print echo E ORing Industrial Networking Corp 145 IGS P9812GP Series User Manual ORing Step 4 A pop up window that indicates COM port properties appears including bits per second data bits parity stop bits and flow control EE la xi Fermnoisi HvoerTermiog COMI Properties Port Settings Bits per second 115200 sl Data bits E Parity None Stop bits 1 Flow control None D Restore Defaults OK Cancel Apply Disconnected Auto detect Auto detect SCROLL caps NUM Capture Print echo E Step 5 The console login screen will appear Use the keyboard to enter the Username and Password same as the password for Web browsers then press Enter IGS P9812GP LV Command Line Interface Username _ Password ORing Industrial Networking Corp 146 ORing IGS P9812GP Series User Manual CLI Management by Telnet You can can use TELNETto configure the switch The default values are IP Address 192 168 10 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 10 254 User Name admin Password admin Follow the steps below to access
169. zed Force Authorized Force Authorized Force Authorized Globally Disabled Globally Disabled Globally Disabled Globally Disabled Globally Disabled The switch port number Click to navigate to detailed 802 1X statistics of The port s current administrative state Refer to NAS Admin State for ORing Industrial Networking Corp 125 IGS P9812GP Series User Manual BEEN more details regarding each value The current state of the port Refer to NAS Port State for more details Port State regarding each value The source MAC address carried in the most recently received EAPOL Last Source frame for EAPOL based authentication and the most recently received frame from a new client for MAC based authentication The user name supplicant identity carried in the most recently received fer Response Identity EAPOL frame for EAPOL based authentication and the source MAC address from the most recently received frame from a new client for MAC based authentication This page provides detailed IEEE 802 1X statistics for a specific switch port using port based authentication For MAC based ports only the statistics of selected backend server statistics will be shown Use the drop down list to select which port details to be displayed NAS Statistics Port 2 Port 2 Auto refresh a Refresh Port State Piet Force Authorized Port State 3allv Disabled Admin State The port s current administrative state Refer t
Download Pdf Manuals
Related Search