GE-DS-82-PoE User Manual - Surveillance
Contents
1. Figure 4 5 5 STP Bridge Status page screenshot 88 The page includes the following fields Object Priority MAC Address Root Path Cost Root Port Maximum Age Hello Time Forward Delay GE DS 82 and NS2503 8P 2C Series User Manual Description The bridge identifier of the root bridge It is made up from the bridge priority and the base MAC address of the bridge The bridge identifier of the root bridge It is made up from the bridge priority and the base MAC address of the bridge For the Root Bridge this is zero For all other Bridges it is the sum of the Port Path Costs on the least cost path to the Root Bridge The switch port currently assigned the root port role Path Cost to the Designated Root for the Root Bridge Minimum time between transmissions of Configuration BPDUs Derived value of the Root Port Bridge Forward Delay parameter 89 GE DS 82 and NS2503 8P 2C Series User Manual Port Configuration This web page provides the port configuration interface for STP You can assign higher or lower priority to each port Spanning tree protocol will have the port with the higher priority in forwarding state and block other ports to make certain that there is no loop in the LAN Spanning Tree PerPort Configuration Path Cost Hd A 1200000000 cai 79 60 Default NO Default NO Sees Port ree Porte o NS Figure 4 5 6 STP Port Configuration interface The page2. witch kE 5 i Ji ge an aaa pien Serlal Port My Figure 3 4 Console management Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal emulation program such as HyperTerminal to the Managed Switch console serial port When using this management method a straight DB9 RS 232 cable is required to connect the switch to the PC After making this connection configure the terminal emulation program to use the following parameters The default parameters are 57600 bps 8 data bits No parity 1 stop bit 26 GE DS 82 and NS2503 8P 2C Series User Manual COM3 Properties Port Settings Bits per second ASIA Data bits Parity Stop bits Flow control Restore Defaults Figure 3 5 Terminal parameter settings You can change these settings if desired after you log on This management method is often preferred because you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP Protocols The Managed Switch supports the following protocols E Virtual terminal protocols such as Telnet E Simple Network M
3. 1 INTRODUC TION iicsanuaancacuananonoa dados 5 Package Conte Suicida 5 Product Descrip atra ds 6 How to Use Finis Mann al arreir aea a a E Aa A 7 Product FAS a iasidiiao 8 Product SDCCIIC AU OIN oases ch sacle aaa a a Meee ea E A a a E E aA aA 11 INSTALLA TION outra dara 14 Hardware Descriptores 14 Mich Front Panel e S 14 LEDAROICA MON Sins OI Olas 15 Witch Rear Panel aos ii il iia 18 BAS TALE TINS SW Choss A A A AEE 19 DesktoprnstalaloN a a tin 19 Pe IC I IVIOU ICI Penta td ai 20 Installing the SFP ThanSCeiy Cl tacita 21 SWITCH MANAGENMEN Tis iii 23 Requirements iaa o 23 Management ACCESS OV rvi iia A aaa Kaa aiaa 24 Web Mamagemie int sis cise cscdivvaesdcsicvetecsicscccesiesantccudscaincivsacsanicvecsssansseusseissvectesassanvocessaetacedssageeiseiocussedoecscsanne 25 SNMP Based Network Management c eeeeeesecesssseeeeeeceeeesseeeeeeeeeeeeessneeeeeeeeeooensseeeeeeseeoanseeeeseees 25 Administration Console ai 26 PrOtOCOIS A anussuanstastepanetounesutemscntenuesdanesaneucmacssusietiosnaucawntsncasseenucnsasyecuetssenaeeees 27 Witte Terminal PROLOCOIS aii Aaa 21 SNMEP Protoco vaca ds 28 Management Arente clio O A A O o 28 WEB BASED MANAGEMEN Fusion 29 About Web based Management sssscccssessseececeeseeeeeeeenseeeeeeeesseeeeeeoenseeeeeonenseeeeoesseeeseonsnseessesonnass 29 A e o A e 30 Logging OM Ne WIN adi a 30 Main WEB PAGE e ae 32 VS LOIN wicaceeanaictatece seme se tatetaneus E cassoetucetencu
4. Current Consumption CurrentimA Device Class Current Consumption Current mA Device Class 180 GE DS 82 and NS2503 8P 2C Series User Manual poe priority Description Set port priority for the power supply management The command is configurable while poe limit mode is set to Port Priority Command Level Global Configuration Syntax poe priority Critical High Low lt port list gt Parameters Critical High Low e Critical Indicates that operating the powered device is high e High Indicates that operating the powered device has medium priority e Low Indicates that operating the powered device has low priority lt port list gt specifies the ports to be set If not entered all ports are set Example Switch config poe priority low 7 Switch config show poe status 1 Current Consumption Power Limit W Current mA Device Class Port1 Enable on 802 3at Low poe maximum power Description Enabling or disabling per port power output limit GE DS 82 POE only The command is configurable while poe limit mode is set to Total Limit Command Level Global Configuration Syntax poe maximum power lt 1 15 4 gt lt port list gt no poe mximum power lt port list gt Parameters lt 1 15 4 gt lt port list gt specifies the ports to be set If not entered all ports are set 181 GE DS 82 and NS2503 8P 2C Series User Manual Example Switch conf
5. GE DS 82 and NS2503 8P 2C Series User Manual COMMAND LINE INTERFACE Operation Notice To enter the configuration mode you need to be in the privileged mode and then types in the command configure Switch configure Switch config Command Line Editing Keys Function lt Ctrl gt P Enters the previous command line in the command history lt Ctrl gt U Deletes from the cursor to the beginning of the command line lt Ctrl gt W Deletes the last word typed The following generic function keys provide functions in all of the menus Command Help You may enter at any command mode and the CLI will return possible commands at that point along with some description of 145 GE DS 82 and NS2503 8P 2C Series User Manual System Commands show running config Description Display the running configuration of the switch copy running config startup config Description Backup the switch configurations erase startup config Description Reset to default factory settings at next boot time clear arp Description lt ip addr gt specifies the IP address to be cleared If no IP address is entered the entire ARP cache is cleared show arp Description Show the IP ARP translation table ping Description Send ICMP ECHO_REQUEST to network hosts Parameters lt 1 999 gt specifies the number of repetitions If not entered it will continue to ping until you press lt Ctrl gt C to stop 146
6. 10 Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured Trunking Figure 4 6 6 Switch 1 Aggregator Information 97 GE DS 82 and NS2503 8P 2C Series User Manual State Activity Having set up the LACP aggregator on the tab of Aggregator Setting you can configure the state activity for the members of the LACP trunk group You can tick or cancel the checkbox beside the state label When you remove the tick mark of the port and click Apply the port state activity will change to Passive Trunking Aggregator Information State Activity rt LACP State Activity LACP State Activity CI ee ES Y A oA po A Figure 4 6 7 State Activity of Switch 1 The page includes the following fields Object Description Active The port automatically sends LACP protocol packets The port does not automatically send LACP protocol packets and responds only Passive o l l l if it receives LACP protocol packets from the opposite device A link having two passive LACP nodes will not perform dynamic LACP trunk because both ports are waiting for an LACP protocol packet from the opposite device Note 98 GE DS 82 and NS2503 8P 2C Series User Manual Forwarding and Filtering The frames of Ethernet Packets contain a MAC address SMAC address which shows the MAC address of the equipment sending the frame The SMAC address is u
7. Figure 4 12 2 shows a message exchange initiated by the client using the One Time Password OTP authentication method with a RADIUS server Authentication e Server Client o a 802 1X Switch RADIUS I EAPOL Start EAP Request Identity EAP Response Identity RADIUS Access Request S mo gt S EAP Request OTP RADIUS Access Challenge a EAP Response OTP RADIUS Access Request FAP Success RADIUS Access Accept 7 Port Authorized EAPOL Logoff Port Unauthorized Figure 4 12 2 EAP message exchange ul Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network The port starts in the unauthorized state While in this state the port disallows all ingress and egress traffic except for 802 1X protocol packets When a client is successfully authenticated the port transitions to the authorized state allowing all traffic for the client to flow normally If a client that does not support 802 1X is connected to an unauthorized 802 1X port the switch requests the client s identity In this situation the client does not respond to the request the port remains in the unauthorized state and the client is not granted access to the network In contrast when an 802 1X enabled client connects to a port that is not running the 802 1X protocol the client initiates the authentication process by sending the EAPOL start frame When no response is received
8. GVRP Setting To configure GVRP Enable global GVRP function select GVRP enable Enable Enable port GVRP function select GVRP checkbox for special port GVRP Configuration GVRP Setting GVRP Table GVRP Disable w Port Port1 Port2 Port3 Porta Port5 Port Port Ports Porto Port10 Apply Figure 4 4 10 GVRP Configuration Web interface The page includes the following fields Object Description GVRP Enable global GVRP function Port Indicate port 1 to port 10 Port GVRP Enable selected port GVRP function 79 GE DS 82 and NS2503 8P 2C Series User Manual GVRP Table The GVRP Table can be used to display dynamic VLANs from being learned via GVRP GVRP Configuration GVRP Table Figure 4 4 11 GVRP Table Web interface The page includes the following fields Object Description VLAN ID Display the learned VLANs via GVRP protocol on GVRP enabled ports The Managed Switch allows displaying up to 128 dynamic VLAN entries Port Members Identify the GVRP enabled port that dynamic VLAN is learned from 80 GE DS 82 and NS2503 8P 2C Series User Manual Spanning Tree Protocol Theory The Spanning Tree protocol can be used to detect and disable network loops and to provide backup links between switches bridges or routers This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network
9. If the port based VLAN groups list over one page please click Next Page to view other VLAN groups on other page Use Delete button to delete unwanted port based VLAN groups O Use Edit button to modify existing port based VLAN groups SD NO yea NS 67 GE DS 82 and NS2503 8P 2C Series User Manual By adding ports to the VLAN you have created one port based VLAN group completely Static VLAN VLAN Operation Mode Port Based VLAN VLAN Name Ports Portb Port Ports Port9 Port10 ENTE Figure 4 4 3 Static VLAN interface The page includes the following fields Object Description Use this optional field to specify a name for the VLAN It can be up to 16 VLAN Name i alphanumeric characters long including blanks Group ID You can configure the ID number of the VLAN by this item This field is used to add VLANs one at a time The VLAN group ID and available range is 2 4094 Port Indicate port 1 to port 10 Add Defines the interface as a Port Based member of a VLAN Member Remove Forbidden ports are not included in the VLAN En All unselected ports are treated as belonging to another single VLAN If the port based VLAN enabled the VLAN tagging is ignored Note 68 GE DS 82 and NS2503 8P 2C Series User Manual 802 10 VLAN Tagged based VLAN is an IEEE 802 10 specification standard Therefore it is possible to create a VLAN across devices from different switch vendors IEEE 802 1Q
10. V1 V2c USM Security Name Remove SNMPv3 View Configure SNMPv3 views table on this GE DS 82 and NS2503 8P 2C Series User Manual Description A string identifying the group name that this entry should belong to The allowed string length is 1 to 15 Indicates the security model that this entry should belong to Possible security models are e vi Reserved for SNMPv1 e v2c Reserved for SNMPv2c e usm User based Security Model USM A string identifying the security name that this entry should belong to The allowed string length is 1 to 15 Check to delete the entry It will be deleted during the next save page The entry index keys are View Name and OID Subtree The SNMPv3 Views Configuration screen is shown in Figure 4 2 9 Current Strings all included 1 80 mib2_included_ 1 3 6 1 2 1_fc V3 View SNMP View system_included_ 1 3 6 1 2 1 1_fe The page includes the following fields Object View Name Included Excluded View Subtree View Mask Hexadecimal Digits View Name Input view name Included Excluded included View Subtree eg Remove 1 3 6 1 2 1 Input view subtree View Mask Hex Adecimal Digits Input view mask Figure 4 2 9 SNMP configuration interface Description A string identifying the view name that this entry should belong to The allowed string length is 1 to 15 Indicates the view type that this entry should belong to Possible view type are e included
11. interlogix _ IFS NS2503 8P 2C GE DS 82 and GE DS 82 POE User Manual Copyright Trademarks and patents Intended use Manufacturer Certification FCC compliance ACMA compliance Canada European Union directives Contact information Contact support 2013 UTC Fire amp Security Americas Corporation Inc Interlogix is part of UTC Climate Controls amp Security a unit of United Technologies Corporation All rights reserved The IFS NS2503 8P 2C GE DS 82 and GE DS 82 POE and logo are trademarks of United Technologies Other trade names used in this document may be trademarks or registered trademarks of the manufacturers or vendors of the respective products Use this product only for the purpose it was designed for refer to the data sheet and user documentation for details For the latest product information contact your local supplier or visit us online at www interlogix com UTC Fire amp Security Americas Corporation Inc 2955 Red Hill Avenue Costa Mesa CA 92626 5923 USA EU authorized manufacturing representative UTC Fire amp Security B V Kelvinstraat 7 6003 DH Weert The Netherlands C cC N4131 This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipmen
12. Description Disable MAC limit Mac limit Description Set port MAC limit value O to turn off MAC limit of port Syntax Mac limit lt port list gt lt 1 64 gt show mac limit Description Show MAC limit information including MAC limit enable disable per port MAC limit setting Port Mirroring Configuration Port monitoring is a feature to redirect the traffic occurred on every port to a designated monitoring port on the switch With this feature the network administrator can monitor and analyze the traffic on the entire LAN segment In the Managed Switch you can specify one port to be the monitored ports and any single port to be the monitoring port You also can specify the direction of the traffic that you want to monitor After properly configured packets with the specified direction from the monitored ports are forwarded to the monitoring port The default Port Monitoring setting is disabled mirror port Description Set port monitoring information RX only TX only both RX and TX Syntax mirror port lt rx tx both gt lt port id gt lt port list gt Parameters rx specifies monitoring rx only 159 GE DS 82 and NS2503 8P 2C Series User Manual tx specifies monitoring tx only both specifies monitoring both rx and tx lt port id gt specifies the analysis port ID This port receives traffic from all monitored ports lt port list gt specifies the monitored port list show mirror port Descrip
13. Display multicast related secondary MAC address table no filter Description Set MAC address filter The packets will be filtered if both of the destination MAC address and the VLAN tag matches the filter entry If the packet does not have a VLAN tag then it matches an entry with VLAN ID 1 Syntax no filter lt mac addr gt lt vlan id gt show filter Description Display filter MAC address table 162 GE DS 82 and NS2503 8P 2C Series User Manual STP MSTP Commands no spanning tree Description Enable or disable spanning tree spanning tree forward delay Description Set spanning tree forward delay of CIST in seconds Syntax spanning tree forward delay lt 4 30 gt Parameters lt 4 30 gt specifies the forward delay in seconds Default value is 15 Es The parameters must enforce the following relationships 2 hello time 1 lt maximum age lt 2 forward delay 1 Note spanning tree hello time Description Set spanning tree hello time of CIST in seconds Syntax spanning tree hello time lt 1 10 gt Parameters lt 1 10 gt specifies the hello time in seconds Default value is 2 Es The parameters must enforce the following relationships 2 hello time 1 lt maximum age lt 2 forward delay 1 Note spanning tree maximum age Description Set spanning tree maximum age of CIST in seconds Syntax spanning tree maximum age lt 6 40 gt Parameters lt 6 40 gt specifies
14. NS2503 8P 2C No Location System 1d gt gt gt New Community String Current Strings j Port Configuration Layer 2 Features da RO CRW Security Qos Power over Ethernet Trap Managers Current Managers New Manager none lt lt Add IP Address Remove Community 7 Figure 4 2 4 SNMP configuration interface l4 An SNMP managed network consists of three key components Network management stations NMSs SNMP agents Management information base MIB and network management protocol NW Network management stations NMSs Sometimes called consoles these devices execute management applications that monitor and control network elements Physically NMSs are usually engineering workstation caliber computers with fast CPUs megapixel color displays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and store management information such as the number of error packets received by a network element m Management information base MIB A MIB is a collection of managed objects residing in a virtual information store Collections of related managed objects are defined in specific MIB modules m Network management protocol A management protocol is used to convey management information between age
15. SWITCH Static COMM UFA OM A A a a aeved eal 147 Port Configuration and SHOW STatuS oooncccccccncnconoccnccnnncononnnnnconnennnnnncnnnnnnrnnnnnnnrnnonnnrnnonnrnnnnnarnnnns 147 TUNK CONHNGUFIUO N acidos 150 TUAKNO COMMANGS 0 a 150 EACF COMMANA E Ai cotaee 150 VLAN Configura a 152 GE DS 82 and NS2503 8P 2C Series User Manual Virtual A gris laine a Sa S 152 VEAN MOGe PON DASO iep a a e a aaa a e 152 Advanced 802 1Q VLAN CONTIQUEAON 00 A a 153 MISC COMTGURAUON sancionados 156 AGMINIStFation CONMGULATION sisietvcss elise eoeces tee siete A tind 156 Change Username PaSSWOIG ccccccccccssseecceeseecceseeeceageeecsauseeeseaseeessaeeecsaaeeeeseeeessageesssageeessanass 156 IP CONNU aO rara odios 157 Bic 91010 ES WICN eterna et enna a caer is 158 PRESCU LOD A tsaneepatiee todisnle a a 158 TFTP Update FMW AG a deat o deol 158 Restore Configuie Flia ANA Gant 158 Backup Connoure Ale dos 158 MAC IM ia 159 Port Mirroring COnlguratlOn iia A a AA 159 Quality OF Service ui di 160 QOS GOMIQUIS IO as 160 SONG Eno ae 161 MAG Address Configuration ia 161 STP MSTP COMMAND 163 A A O 167 O Je Le y aa nn o ere ER ee Mer eee en One ene ey Ore a rn eer er Ren eer eee 167 COMMUNES TIAS couahccetcecssoseseshseustee soeaeck son Ea Cod EE AS E EE E E EE E AESA 168 PEASANT AOS oaa tara llas 168 IOME coe a E N a 169 802 1X PLOT COn da 170 ACCESS CONTO LS ocio lancia caos 172 PAC CONMMMANG S e ae 172 NORAD VA ACL COMMANA S o ao S
16. The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware 66 GE DS 82 and NS2503 8P 2C Series User Manual Port based VLAN Packets can go among only members of the same VLAN group Note all unselected ports are treated as belonging to another single VLAN If the port based VLAN enabled the VLAN tagging is ignored In order for an end station to send packets to different VLANs it itself has to be either capable of tagging packets it sends with VLAN tags or attached to a VLAN aware bridge that is capable of classifying and tagging the packet with different VLAN ID based on nat only default PVID but also other information about the packet such as the protocol Static VLAN VLAN Operation Mode Port Based VLAN VLAN Information VLANT 1 Aaa LNedPage_ Help Figure 4 4 2 Port based VLAN interface E Create a VLAN and add member ports to it Click the hyperlink VLAN Static VLAN to enter the VLAN configuration interface Select Port Based VLAN at the VLAN Operation Mode to enable the port based VLAN function Click Add to create a new VLAN group Then the following Figure 4 4 3 appears Type a name and Group ID for the new VLAN the available range is 2 4094 From the Available ports box select ports to add to the Managed Switch and click Add Click Apply You will see the VLAN Group displays
17. be forwarded to all the other ports except the port which this packet comes in And these ports will transmit this packet to the network it connected If found and the destination address is located at different port from this packet comes in the Ethernet Switching will forward this packet to the port where this destination address is located according to the information from address table But if the destination address is located at the same port with this packet comes in then this packet will be filtered Thereby increasing the network throughput and availability Store and Forward Store and Forward is one type of packet forwarding techniques A Store and Forward Ethernet Switching stores the incoming frame in an internal buffer do the complete error checking before transmission Therefore no error packets occurrence it is the best choice when a network needs efficiency and stability The Ethernet Switch scans the destination address from the packet header searches the routing table pro vided for the incoming port and forwards the packet only if required The fast forwarding makes the switch attractive for connecting servers directly to the network thereby increasing throughput and availability How ever the switch is most commonly used to segment existence hubs which nearly always improves overall performance An Ethernet Switching can be easily configured in any Ethernet network environment to signifi cantly boost bandwidth using conventio
18. eons Juoso CO Ports 0000 0 Ping Porti0 ooo b fm Figure 4 3 8 Remote Ping interface The page includes the following fields Object Description Remote IP Address Allows user to define the IP address of remote device Ping Size Allows user to define ping packet size Generally the size should be 64 Ping Click Ping button to start ping to remote device Shows ping action result Result If the ping successful it will be showed Ping Ok Send 5 Packet I 5 Packet If the ping failed it will showed Ping Failed Click Save button to save Remote Ping configuration User can use ping Save function even not save configuration but after WEB page be refreshed the configuration clear Click Reset button will reset all Remote Ping configuration and save Reset automatically Clear Click Clear button will clear result message 63 GE DS 82 and NS2503 8P 2C Series User Manual VLAN configuration VLAN Overview A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLAN also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily
19. on on Port4 On Down Off On On PortS On Down Off jon on Port On pown On On Port On Down On on Ports On Down Off On On Port9 On Up Auto 1000 Full On off On Potio On Down On On Figure 4 3 4 Port Statistics interface 58 GE DS 82 and NS2503 8P 2C Series User Manual The page includes the following fields Object Description Port Description Link State Tx Good Packet Tx Bad Packet Rx Good Packet Rx Bad Packet Tx Abort Packet Packet Collision Packet Dropped Rx Bcast Packet Rx Mcast Packet The port number Shows port description The status of linking Up or Down It s set by Port Control When the state is disabled the port will not transmit or receive any packet The counts of transmitting good packets via this port The counts of transmitting bad packets including undersize less than 64 octets oversize CRC Align errors fragments and jabbers packets via this port The counts of receiving good packets via this port The counts of receiving good packets including undersize less than 64 octets oversize CRC error fragments and jabbers via this port The aborted packet while transmitting The counts of collision packet The counts of dropped packet The counts of broadcast packet z The counts of multicast packet 99 GE DS 82 and
20. the client sends the request for a fixed number of times Because no response is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes to authorized and all frames from the authenticated client are allowed through the port If the authentication fails the port remains in the unauthorized state but authentication can be retried If the authentication server cannot be reached the switch can retransmit the request If no response is received from the server after the specified number of attempts authentication fails and network access is not granted 122 GE DS 82 and NS2503 8P 2C Series User Manual When a client logs off it sends an EAPOL logoff message causing the switch port to transition to the unauthorized state If the link state of a port transitions from up to down or if an EAPOL logoff frame is received the port returns to the unauthorized state System Configuration 802 1x makes use of the physical access characteristics of IEEE802 LAN infrastructures in order to provide a means of authenticating and authorizing devices attached to a LAN port that has point to point connection characteristics and of preventing access to that port in cases in which the authentication and authorization process fails To enable 802 1x from System System Information Misc Config then you
21. 1 10 gt Parameters lt 1 220 gt specifies the group id A B C D specifies the MAC address lt 0 4094 gt specifies the VLAN id O means don t care A B C D specifies the Source IP address 0 0 0 0 means don t care A B C D specifies the IP Address lt 1 10 gt specifies the Port id e g Switch config bind add 1 00 11 22 33 44 55 0 192 168 1 1 1 This Binding rule will permit all packet cross switch from device s IP is 192 168 1 1 and MAC is 00 11 22 33 44 55 and this device connect to switch port id 1 174 GE DS 82 and NS2503 8P 2C Series User Manual Power over Ethernet Commands ce Ds 82 POE NS2503 8P 2C Show System Power over Ethernet information show poe status Show POE port information poe temperature protection Enabling or disabling the PoE power supply over temperature protection GE DS 82 POE power budget is 110W and support 8 ports PoE This chapter will be described how to configure PoE feature by example of GE DS 82 POE Note Display System PoE status show poe Description Show System Power over Ethernet information Command Level Global Configuration Example Switch config show poe Maximum Available Power 150Watts System Operation Status on POE Admin mode Enable Temperature Unit1 38C 100F Temperature Unit2 35C 95F Over Temperature 39 watts 30 60 0 100 Consumption PoE Power Consumption Temperature Threshold Usage Usage Threshold PoE Power
22. Aggregation LACP Port 1 Port 4 Port 2 Port 5 Dynamitic enabled Dynamitic enabled Switch A Switch A LACP Enable Mido LACP Enable E l Keep Port 5 Backup Link 400Mbps Active Link 4 Port 1 Link broken Switch B l Switch B LACP Enable M el LACP Enable Port 1 Port 5 Port 1 Port 5 Configured Members Configured Members 92 GE DS 82 and NS2503 8P 2C Series User Manual Aggregator setting This section provides Port Trunk Aggregator Setting of each port from the Managed Switch the screen in Figure 4 6 1 appears Trunking Aggregator Setting Aggregator Information Ports Port4 Porth Fort Port Ports Apply Figure 4 6 1 Port Trunk Aggregator setting interface two ports are added to the left field with LACP enabled The page includes the following fields Object Description A value which is used to identify the active LACP The Managed Switch with the System Priority lowest value has the highest priority and is selected as the active LACP peer of the trunk group There are 13 trunk groups to be selected Assign the Group ID to the trunk Group ID group m Enabled the trunk group is using LACP A port which joins an LACP trunk group has to make an agreement with its member ports first TA Disabled the trunk group is a static trunk group The advantage of having the LACP disabled is that a port joins the trunk group without any handshaking with its member ports but member ports
23. An optional flag to indicate that this view subtree should be included e excluded An optional flag to indicate that this view subtree should be excluded The OID defining the root of the subtree to add to the named view The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk View mask is defined in order to reduce the amount of configuration information required when fine grained access control is required e g access control at the object instance level 43 SNMPv3 Access GE DS 82 and NS2503 8P 2C Series User Manual Configure SNMPv3 accesses table on this page The entry index keys are Group Name Security Model and Security Level The SNMPv3 Accesses Configuration screen is shown in Figure 4 2 10 Current Strings root_v1_noauth_all_all_all root v2c_noauth_all_all_all The page includes the following fields Object Group Name V1 V2c USM SNMP Access Read View Write View Notify View Remove SNMP V3 usm user SNMP Access admin_v1_noauth_all_none_all Group Name Input group name admin_v2c_noauth_all none_all o public_v1_noauth_system_none_system W1 W2cjUSM v1 w public v2c_noauth_system_none_system Add lt SNMP Access noauth E Remove Read View Inputread view Write View 1 nput write view Notify View Input not
24. MW Gigabit TP Interface Port 9 Port 10 10 100 1000Base T Copper RJ 45 Twist Pair Up to 100 meters WM Gigabit SFP Slots Port 9 Port 10 1000Base SX LX mini GBIC slot SFP Small Factor Pluggable transceiver module From 550 meters Multi mode fiber up to 10 30 50 70 kilometers Single mode fiber 14 GE DS 82 and NS2503 8P 2C Series User Manual MM Reset button On the left portion of front panel the reset button is designed for rebooting the Managed Switch without a power cycle The following is the summary table of Reset button functions Reset Button Pressed and Released Function About 1 3 second Reboot the Managed Switch Reset the Managed Switch to Factory Default configuration The Managed Switch will then reboot and load the default settings as below Until the PWR LED lit off 5 Default Password admin Default IP address 192 168 0 100 Subnet mask 255 255 255 0 Default Gateway 192 168 0 254 LED Indications The front panel LEDs indicates instant status of port links data activity and system power helps monitor and troubleshoot when needed GE DS 82 LED indication 8 Port 10 100Mbps 2 Gigabit Managed Switch O y 10 100 LNK GE DS 82 Gigabit Figure 2 4 GE DS 82 LED panel System Color Function Green Illuminates to indicate that the Switch has power m Per 10 100Base TX RJ 45 port Color Function LED LNK ACT Illuminates to indicate the link through that port is success
25. Relay IP 135 GE DS 82 and NS2503 8P 2C Series User Manual LLDP Link Layer Discovery Protocol LLDP is used to discover basic information about neighboring devices on the local broadcast domain LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device Advertised information is represented in Type Length Value TLV format according to the IEEE 802 1ab standard and can include details such as device identification capabilities and configuration settings LLDP also defines how to store and maintain information gathered about the neighboring network nodes it discovers LLDP Configuration Use this page to change LLDP parameters LLDP Configuration LLDP Configuration PerPort Configuration Configure LLDP Parameters LLDP status Disable w LLDP hello time 5 32768 LLDP hold time 2 10 Figure 4 15 1 LLDP Configuration The page includes the following fields Object Description LLDP Status Enable Disable LLDP LLDP hello time You can change LLDP hello time value The time interval between the transmission LLDP info packets Value range is from 5 to 32768 Default value is 30 LLDP hold time You can change LLDP hold time value The hold time the hello time is the TTL time in the LLDP info packets Value range is from 2 to 10 Default value is 4 136 GE DS 82 and NS2503 8P 2C Series User Manual Per Port Configuration This page allows the user to
26. Switch config show ip IP address 192 168 060 160 Subnet mask 299 299 299 0 Gateway 192 168 080 254 Switch config _ Connected 00 07 05 ANSI 2 600 6 h 1 Figure 5 2 1 Show IP information screen 142 GE DS and NS2503 Series User Manual a Configure IP address de On Switch config prompt enter the following command and press lt Enter gt As shown in Figure 5 2 2 Switch config ip address 192 168 1 100 255 255 255 0 Switch config ip default gateway 192 168 1 254 The previous command would apply the follow settings for the Switch IP 192 168 1 100 Subnet Mask 255 255 255 0 Gateway 192 168 1 254 COM1_57600 HyperTerminal A File Edit wiew Call Transfer Help HAC Completed Username admin assword Switch configure Switch config show ip IP address 192 168 060 160 Subnet mask 299 299 299 0 Gateway 192 168 060 254 Switch config ip address 192 168 1 100 255 255 255 6 Switch config ip default gateway 192 168 1 254 Switch config show ip IP address 192 168 1 106 Subnet mask 299 299 299 0 Gateway 192 168 1 254 Switch config copy running config startup config Switch config _ Connected 00 13 46 AM STV 2 600 5 M 1 Figure 5 2 2 Set IP address screen 2 Repeat Step 1 to check if the IP address is changed If the IP is successfully configured the Managed Switch will apply the new IP address setting immediately You can access the Web interface of FGSD Managed Switch thro
27. Type Binding box should select lt Non IPv4 Object Group ID Action VLAN Packet Type Ether Type Type Current List mE Binding Description Default Vaule 1 220 max 220ACL group Permit Deny Permit E Permit Permit packet cross switch Deny Drop packet Any VID Any EH Any Any VLAN ID m VID 1 4094 A certain VLAN ID IPv4 Non IPv4 Binding IPv4 E Pv4 Set lpv4 packet field E Non IPv4 Set non lpv4 packet field E Binding Set binding entry Set this field if Packet Type is Non IPv4 else ignore Any Any ARP 0x0806 IPX 0x8137 Set this field if Packet Type is Non IPv4 else ignore O OxFFFF If ether type not find in Ether Type field you can direct assign number You create ACL and Binding groups Let device that has specific IP address and MAC address can use network We can set specific IP address MAC address VLAN id and port id to bind and device can cross switch if all conditions match Use binding function we should enable it first in following page In Packet Type Binding box should select lt Binding Object Group ID Action VLAN Packet Type MAC Address IP Address Port Id Current List Description Default Vaule 1 220 max 220 ACL group Permit Deny Permit E Permit Permit packet cross switch m Deny Drop packet Any VID Any EH Any Any Vian id m VID 1 4094 A certain vlan id IPv4 Non IPv4 Binding IPv4 E Pv4 Set Ipv4 packe
28. User Manual 4 Select on the firmware then click Upload the Software Upload Progress would show the file upload status Firmware upgrade needs several minutes Please wait a while and then manually refresh the webpage Configuration Backup TFTP Restore Configuration You can restore a previous backup configuration from the TFTP server to recover the settings Before doing that you must locate the image file on the TFTP server first and the Managed Switch will download back the flash image Configuration Restore TFTP Restore Configuration TFTP Server IP Address Restore File Name HTTP Config File Restore Figure 4 2 14 Configuration Restore interface The page includes the following fields Object Description TFTP Server IP Address Type in the TFTP server IP Restore File Name Type in the correct file name for restoring 48 GE DS 82 and NS2503 8P 2C Series User Manual TFTP Backup Configuration You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the configuration later It helps you to avoid wasting time on configuring the settings by backing up the configuration Configuration Backup TFTP Restore Configuration TFTP Backup Configuration TFTP Server IP Address Backup File Name Apply Help Save config except IF Address HTTP Config File Backup Click here to download configuation file Click here to download configuation file exce
29. VLAN uses a technique to insert a tag into the Ethernet frames Tag contains a VLAN Identifier VID that indicates the VLAN numbers You can create and delete Tag based VLAN There are a total of 256 VLAN groups to provide configure Once 802 1Q VLAN is enabled all ports bleong to the default VLAN with the default VID defined as 1 The default VLAN can t be deleted Understand nomenclature of the Switch MM IEEE 802 1Q Tagged and Untagged Every port on an 802 1Q compliant switch can be configured as tagged or untagged e Tagged Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that flow into those ports If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact The VLAN information in the tag can then be used by other 802 1Q compliant devices on the network to make packet forwarding decisions e Untgged Ports with untagging enabled will strip the 802 1Q tag from all packets that flow into those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging port will have no 802 1Q VLAN information Remember that the PVID is only used internally within the Switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Frame Income Income Frame is tagged Income Frame is
30. a supplicant Default time is 60 seconds Set the period the port waits for retransmit next EAPOL PDU during an authentication session Default value is 30 seconds Set the period of time the switch waits for a supplicant response to an EAP request Default value is 30 seconds Set the period of time the switch waits for a server response to an authentication request Default value is 30 seconds Set the number of authentication that must time out before authentication fails and the authentication session ends Default value is 2 times Set the period of time which clients connected must be re authenticated Default value is 3600 seconds 126 GE DS 82 and NS2503 8P 2C Series User Manual Power over Ethernet GE DS 82 POE NS2503 8P 2C Providing up to 8 POE in line power interface the GE DS 82 POE NS2503 8P 2C PoE Switch can easily build a power central controlled IP phone system IP Camera system AP group for the enterprise For instance 8 camera AP can be easily installed around the corner in the company for surveillance demands or build a wireless roaming environment in the office Without the power socket limitation the PoE Switch makes the installation of cameras or WLAN AP more easily and efficiently Power over Ethernet Powered Device p 3 5 watts 6 12 watts 10 12 watts F i 3 12 watts Voice over IP phones Enterprise can install POE VolP Phone ATA and other Ethernet non Ethern
31. across your network You can define exactly how you want the switch to treat selected applications and types of traffic You can use QoS on your system to Control a wide variety of network traffic by Classifying traffic based on packet attributes Assigning priorities to traffic for example to set higher priorities to time critical or business critical applications Applying security policy through traffic filtering Provide predictable throughput for multimedia applications such as video conferencing or voice over IP by minimizing delay and jitter Improve performance for specific types of traffic and preserve performance as the amount of traffic grows Reduce the need to constantly add bandwidth to the network Manage network congestion The QoS page of the Managed Switch contains three types of QoS mode the CoS mode TOS mode or Port based mode can be selected Both the three mode rely on predefined fields within the packet to determine the output queue CoS 802 1p Tag Priority Mode The output queue assignment is determined by the IEEE 802 1p VLAN priority tag TOS DSCP Mode The output queue assignment is determined by the TOS or DSCP field in the IP packets Port Based Priority Mode Any packet received from the specified high priority port will be treated as a high priority packet 109 GE DS 82 and NS2503 8P 2C Series User Manual QoS Configuration QoS settings allow customization of packet priority in or
32. and NS2503 8P 2C Series User Manual Web Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer After you set up your IP address for the switch you can access the Managed Switch s Web interface applications directly in your Web browser by entering the IP address of the Managed Switch Managed Switch PC Workstation with IE Browser RJ 45 fUTP Cable _ IP Address 192 168 0 100 IP Address 192 168 0 x Figure 3 1 Web management You can then use your Web browser to list and manage the Managed Switch configuration parameters from one central location just as if you were directly connected to the Managed Switch s console port Web Management requires either Microsoft Internet Explorer 6 0 or later Safari or Mozilla Firefox 2 0 or later ARR o 3 NS2503 8P 2C ifs NS2503 8P 2C System ee Welcome to IFS Transmission Security Qos NS2503 8P 2C Power over Ethernet E 8 Port 10 100Mbps 2G TP SFP Combo Managed HPoE Switch Interlogix A UTC Fire amp Security Company All rights reserved Figure 3 2 Web main screen of Managed Switch SNMP Based Network Management You can use an external SNMP based application to configure and manage the Managed Switch such as SNMPc Network Manager HP Openview Network Node Management NNM or What sup Gold This management m
33. classification is to provide information about the maximum power required by the PD during operation Class O is the default for PDs However to improve power management at the PSE the PD may opt to provide a signature for Class 1 to 3 The PD is classified based on power The classification of the PD is the maximum power that the PD will draw across all input voltages and operational modes A PD shall return Class 0 to 3 in accordance with the maximum power draw as specified by Table 4 13 1 Class Usage Range of maximum power used by the PD o Default 0 44 to 12 95 Watts a Optional 0 44 to 3 84 Watts 2 Optional 3 84 to 6 49 Watts 3 Optional 6 49 to 12 95 Watts a Optional 12 95 to 25 50 Watts Table 4 13 1 Device class sm Class 4 is defined for IEEE 802 3at high power used Note PoE Schedule POE Schedule allows user to scheduling PoE power supply User has to define when system supplies PoE power from a time table as following screen shot and there are 4 profiles totally for user applying PoE power supply strategy The web screen in Figure 4 13 3 appears 132 GE DS 82 and NS2503 8P 2C Series User Manual Power Over Ethernet Schedule 0 0 0 0 0 0 0 g Ll hal oojoo g Figure 4 13 3 PoE Schedule Configure Interface The page includes the following fields Object Description Profile Power Over Ethernet Schedule offers 4 profiles totally for user to define time table 00 23 Allows system to supply PoE
34. configuration parameters set using one method console port for example are immediately displayable by the other management methods for example SNMP agent of Web browser The management architecture of the switch adheres to the IEEE open standard This compliance assures customers that the Managed Switch is compatible with and will interoperate with other solutions that adhere to the same open standard 28 GE DS 82 and NS2503 8P 2C Series User Manual Web Based Management This section introduces the configuration and functions of the Web Based management About Web based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer The Web Based Management supports Internet Explorer 6 0 It is based on Java Applets with an aim to reduce network bandwidth consumption enhance access speed and present an easy viewing screen By default IE6 0 or later version does not allow Java Applets to open sockets The user has to explicitly modify the browser setting to enable Java Applets to use network ports Note The Managed Switch can be configured through an Ethernet connection make sure the manager PC must be set on same the IP subnet address with the Managed Switch For example the default IP address of the Managed Switch is 192 168 0 100 then the manager PC should be set at 192 168 0 x where x
35. disconnect power within 300 to 400 ms from the current flow stop The lower time boundary is important to prevent shutdown due to random fluctuations AC Disconnect This method is based on the fact that when a valid PD is connected to a port the AC impedance measured on its terminals is significantly lower than in the case of an open port disconnected PD AC Disconnect detection involves the induction of low AC signal in addition to the 48 VDC operating voltage The returned AC signal amplitude is monitored by the PSE at the port terminals During normal operation the PD s relatively low impedance lowers the returned AC signal while a sudden disconnection of this PD will cause a surge to the full AC signal level and will indicate PD disconnection 190 GE DS 82 and NS2503 8P 2C Series User Manual TROUBLE SHOOTING This chapter contains information to help you solve problems If the Ethernet Switch is not functioning properly make sure the Ethernet Switch was set up according to instructions in this manual M The Link LED is not lit Solution Check the cable connection and remove duplex mode of the Ethernet Switch HM Some stations cannot talk to other stations located on the other port Solution Please check the VLAN settings trunk settings or port enabled disabled status MM Performance is bad Solution Check the full duplex status of the Ethernet Switch If the Ethernet Switch is set to full duplex and the partner is set to hal
36. gt specifies the ports to be set If not entered all ports are set port priority Description Set port priority Syntax port priority lt disable low high gt lt port lisi gt Parameters 147 GE DS 82 and NS2503 8P 2C Series User Manual lt port list gt specifies the ports to be set If not entered all ports are set port jumboframe Description Set port jumbo frame When port jumbo frame is enable the port forward jumbo frame packet Syntax port jumboframe lt enable disable gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set show port status Description Show port status including port State Link Trunking VLAN Negotiation Speed Duplex Flow control Rate control Priority Security BSF control Switch config show port status State on Link down Trunking none VLAN DEFAULT Priority disable Security off State on Link down Trunking none VLAN DEFAULT Priority disable Security off State on Link down More show port statistics Description Show port statistics including TxGoodPkt TxBadPkt RxGoodPkt RxBadPkt TxAbort Collision and DropPkt Parameters lt port id gt specifies the port to be shown Switch config show port statistics 148 GE DS 82 and NS2503 8P 2C Series User Manual show port protection Description Show protected port information 149 GE DS
37. hierarchy and retagging the tagged packets A port configured to support QinQ is called a QinQ user port A port configured to support QinQ Uplink is called a QinQ uplink port QinQ VLAN QinQ Tunnel Setting Remove gt gt Port Figure 4 4 9 Q in Q Tunnel Setting interface NW To configure QinQ Port 1 Enable global QinQ function select QinQ enable Enable 2 Fill QinQ Tpid 3 Enable port QinQ function select QinQ checkbox for special port 4 Enable port QinQ Uplink function select QinQ Uplink checkbox for special port T GE DS 82 and NS2503 8P 2C Series User Manual GVRP VLAN GVRP GARP VLAN Registration Protocol or Generic VLAN Registration Protocol is a protocol that facilitates control of virtual local area networks VLANs within a larger network GVRP conforms to the IEEE 802 1Q specification which defines a method of tagging frames with VLAN configuration data This allows network devices to dynamically exchange VLAN configuration information with other devices Switches with GVRP enable VLAN Table VLAN 1 Swilch A Swiich 6 GVRP Enable GVRP Enable Switch A Manual Add new VLAN ID jr Switch A GVRP Join packet Switch B GVRP Enable vo GVRP Enable VLAN Table VWLAN T VLAN Table wf VLAN 1 VLAN 20 Dynamic VLAN 20 Switch Switeh B GVRP Enable GVRP Enable pa 78 GE DS 82 and NS2503 8P 2C Series User Manual
38. includes the following fields Object Path Cost Priority Description The cost of the path to the other bridge from this transmitting bridge at the specified port Enter a number 1 through 200 000 000 Decide which port should be blocked by setting its priority as the lowest Enter a number between 0 and 240 The value of priority must be the multiple of 16 90 GE DS 82 and NS2503 8P 2C Series User Manual The rapid state transitions possible within STP are dependent upon whether the port concerned can only be connected to exactly another bridge i e it is served by a point to point LAN segment or can be connected to two or more bridges i e it is served by a shared medium LAN segment This function allows the P2P Admin P2P status of the link to be manipulated administratively e YES means the port is regarded as a point to point link e NO means the port is regarded as a shared link e AUTO means the link type is determined by the auto negotiation between the two peers The port directly connected to end stations won t create bridging loop in the Admin Edge network To configure the port as an edge port set the port to YES status The port includes the STP mathematic calculation Admin Non STP e YES is not including STP mathematic calculation e N is including the STP mathematic calculation Path cost 0 is used to indicate auto configuration mode When the short path cost method is selecte
39. inspect and configure the current LLDP port settings The LLDP Configuration screen in Figure 4 15 2 appears LLDP Configuration LLDP Configuration PerPort Configuration Configure Port Status Port Number Port Status Figure 4 15 2 LLDP per port Configuration The page includes the following fields Object LLDP Status LLDP hello time LLDP hold time Port Status Description Enable Disable LLDP You can change LLDP hello time value The time interval between the transmission LLDP info packets Value range is from 5 to 32768 Default value is 30 You can change LLDP hold time value The hold time the hello time is the TTL time in the LLDP info packets Value range is from 2 to 10 Default value is 4 You can change LLDP port status to Tx_only Rx_only Tx_and_Rx Disable Tx_only LLDP transmit the packet of the port only Rx_only LLDP receive the packet of the port only Tx_and_Rx LLDP transmit and receive the packets of the port Disable LLDP do not transmit and receive the packets of the port 137 GE DS 82 and NS2503 8P 2C Series User Manual Users Configuration It is allowed to configure the Managed Switch to authenticate users logging into the system for management access using local authentication methods such as telnet and Web browser The latest UTC Managed Switch provides totally six different security levels in 3 groups for local user management Group Access Security Level Access Mer e
40. is a number between 1 and 254 except 100 and the default subnet mask is 255 255 255 0 If you have changed the default IP address of the Managed Switch to 192 168 1 1 with subnet mask 255 255 255 0 via console then the manager PC should be set at 192 168 1 x where x is a number between 2 and 254 to do the relative configuration on manager PC Managed Switch PC Workstation with 192 168 0 100 IP Address 192 166 0 x 29 GE DS 82 and NS2503 8P 2C Series User Manual Requirements e Workstations of subscribers running Windows 98 ME NT4 0 2000 2003 XP MAC OS9 or later Linux UNIX or other platform compatible with TCP IP protocols e Workstation installed with Ethernet NIC Network Card e Ethernet Port connection gt Network cables Use standard network UTP cables with RJ45 connectors gt Above PC installed with WEB Browser and JAVA runtime environment Plug in It is recommended to use Internet Explore 6 0 or above to access GE DS 82 and NS2503 8P 2C series Managed Switches Logging on the switch 1 Use Internet Explorer 6 0 or above Web browser Enter the factory default IP address to access the Web interface The factory default IP Address as following http 192 168 0 100 2 When the following login screen appears please enter the default username admin with password admin or the username password you have changed via console to login the main screen of Managed Switch The login
41. management at the PSE the PD may opt to provide a signature for Class 1 to 3 The PD is classified based on power The classification of the PD is the maximum power that the PD will draw across all input voltages and operational modes APD shall return Class 0 to 3 in accordance with the maximum power draw as specified by Table 4 13 1 Current mA It shows the PoE device current Amp Consumption W It shows the PoE device current watt 129 GE DS 82 and NS2503 8P 2C Series User Manual Power Limit It can limit the port PoE supply watts Per port maximum value must less than 15 4 watts total ports values must less than the Power Reservation value Once power overload detected the port will auto shut down and keep on detection mode until PD s power consumption lower than the power limit value For GE DS 82 POE the total PoE power reservation from Port 1 8 is up to 180W For NS2503 8P 2C the total PoE power reservation from Port 1 8 is up to 150W As following provides NS2503 8P 2C PoE Power over Ethernet Configuration and PoE output status of PoE Switch screen in Figure 4 13 2 appears PoE Configuration Enable v Consumption v Figure 4 13 2 PoE Configuration 130 The page includes the following fields Object System PoE Admin Mode GE DS 82 and NS2503 8P 2C Series User Manual Description Allows user enable or disable PoE function It will cause all of PoE ports supply or not s
42. module without pull the handle or the push bolts on the module Direct pull out the module may damage the module and SFP module slot of the Managed Switch Note 22 GE DS 82 and NS2503 8P 2C Series User Manual SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch It describes the types of management applications and the communication and management protocols that deliver data between your management device work station or personal computer and the system It also contains information about port connection options This chapter covers the following topics E Requirements E Management Access Overview a Administration Console Access E Web Management Access a SNMP Access a Standards Protocols and Related Reading Requirements a Workstations of subscribers running Windows 98 ME NT4 0 2000 XP MAC OS9 or later Linux UNIX or other platform compatible with TCP IP protocols E Workstation installed with Ethernet NIC Network Interface Card ES Ethernet Port connection e Network cables Use standard network UTP cables with RJ45 connectors E Above Workstation installed with WEB Browser and JAVA runtime environment Plug in E Serial Port connection e Above PC with COM Port DB 9 RS 232 or USB to RS 232 converter It is recommended to use Internet Explore 6 0 or above to access Managed Switch 23 GE DS 82 and NS2503 8P 2C Series User Man
43. screen shown in Figure 4 1 1 will appear Connect to 192 168 0 100 S The server 192 168 0 100 at Web Management requires a username and password Warning This server is requesting that your username and password be sent in an insecure manner basic authentication Without a secure connection User name admin Password asese Remember my password Cancel Figure 4 1 1 Login screen Default User name admin Default Password admin 1 After entering the username and password the main screen appears as Figure 4 1 2 30 GE DS 82 and NS2503 8P 2C Series User Manual NS2503 8P 2C HBO B F 5 gt 3 E 110 ifs NS2503 8P 2C ee Welcome to IFS Transmission Qos NS2503 8P 2C 8 Port 10 100Mbps 2G TP SFP Combo Managed HPoE Switch Interlogix A UTC Fire amp Security Company All rights reserved Figure 4 1 2 Web main page 2 The Switch Menu on the left of the Web page let you access all the commands and statistics the Switch provides Now you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides 1 It is recommended to use Internet Explore 6 0 or above to access Managed Switch 2 The changed IP address take effect immediately after click on the Apply button you need to use
44. the new IP address to access the Web interface For security reason please change and memorize the new password after this first setup Only accept command in lowercase letter under web interface The WEB configuration of GE DS 82 POE and NS2503 8P 2C is the same with GE DS 82 except PoE feature so the NS2503 8P 2C will be the example to describe how to configure switch and also will describe PoE configuration in additional 31 GE DS 82 and NS2503 8P 2C Series User Manual Main WEB PAGE The Managed Switch provides a Web based browser interface for configuring and managing it This interface allows you to access the Managed Switch using the Web browser of your choice This chapter describes how to use the Managed Switch s Web browser interface to configure and manage it SFP Port Link Status Copper Port Link Status e ll ll C NS2503 8P 2C NS2503 8P 2C System ede Port Control A lt _ Main Screen econ vor besoin State Negotiate Speed Sr seed oule Fow Controls Port El EEE oo E Disable Auto 1000 y Auto Full Enable E I Enable Enabie Pot4 r Layer 2 Features Apply QoS a Power over Ethernet 4 Figure 4 1 3 Main Page Main Functions Menu Panel Display The web agent displays an image of the Managed Switch s ports The Mode can be set to display different information for the ports including Link up or Link down Clicking on the image of a p
45. timing it is the one generating the probing signals prior to operating the PD and monitoring the various scenarios that may occur during operation All probing is done using voltage induction and current measurement in return 188 GE DS 82 and NS2503 8P 2C Series User Manual Stages of powering up a PoE link Volts specified Volts managed per 802 3af by chipset Detection Measure whether powered device has the correct signature 27 10 0 1 8 10 0 resistance of 15 33 kQ Classification Measure which power level class the resistor indicates 14 5 20 5 12 5 25 0 Startup Where the powered device will startup gt 38 Normal operation Supply power to device 36 57 25 0 60 0 Line Detection Before power is applied safety dictates that it must first be ensured that a valid PD is connected to the PSE s output This process is referred to as line detection and involves the PSE seeking a specific 25 KO signature resistor Detection of this signature indicates that a valid PD is connected and that provision of power to the device may commence The signature resistor lies in the PD s PoE front end isolated from the rest of the the PD s circuitries till detection is certified Classification Once a PD is detected the PSE may optionally perform classification to determine the maximal power a PD is to consume The PSE induces 15 5 20 5 VDC limited to 100 mA for a period of 10 to 75 ms responded by a certain current consumption by the PD in
46. to IEEE 802 3af standard 15 4Watts max or IEEE 802 3at standard 30Watts max Priority Set port priority for the POE power management It can choose the port priority value is Critical m High Low High priority is Critical Device class Class 0 is the default for PDs However to improve power management at the PSE the PD may opt to provide a signature for Class 1 to 3 The PD is classified based on power The classification of the PD is the maximum power that the PD will draw across all input voltages and operational modes APD shall return Class O to 4 in accordance with the maximum power draw as specified by Table 4 13 1 Current mA It shows the PoE device current Amp 131 GE DS 82 and NS2503 8P 2C Series User Manual Consumption W It shows the PoE device current watt Power Limit It can limit the port PoE supply watts Per port maximum value must less than 15 4 watts total ports values must less than the Power Reservation value if current PoE mode is 802 3af Per port maximum value must less than 30 watts total ports values must less than the Power Reservation value if current PoE mode is 802 3at Once power overload detected the port will auto shut down and keep on detection mode until PD s power consumption lower than the power limit value E PD Classifications A PD may be classified by the PSE based on the classification information provided by the PD The intent of PD
47. to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Some relevant terms Tagging The act of putting 802 1Q VLAN information into the header of a packet Untagging The act of stripping 802 1Q VLAN information out of the packet header 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in the Ether Type field When a packet s Ether Type field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLAN can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained 64 GE DS 82 and NS2503 8P 2C Series User Manual 802 10 Tag User Priority VLAN ID VID 3 b
48. untagged Frame Leave Leave port is tagged Frame remains tagged Tag is inserted Leave port is untagged Frame remain untagged 69 GE DS 82 and NS2503 8P 2C Series User Manual VLAN Group Configuration m VLAN Group Configuration Static VLAN VLAN Operation Mode 302 70 VLAN Information DEFAULT 1 Figure 4 4 4 VLAN Group Configuration interface Click the hyperlink VLAN Static VLAN to enter the VLAN configuration interface Select 802 1Q at the VLAN Operation Mode to enable the 802 1Q VLAN function Click Add to create a new VLAN group or Edit to manage existing VLAN groups Then the VLAN Group column appears Define a VLAN group ID Available range is 2 4094 IS 70 AO gt GE DS 82 and NS2503 8P 2C Series User Manual Static VLAN VLAN Operation Mode Forti C CPU Port Apply Figure 4 4 5 VLAN Group Configuration interface Select specific port as member port and the screen in Figure 4 4 6 appears After setup completed please press Apply button to take effect Please press Back for return to VLAN configuration screen to add other VLAN group the screen in Figure 4 33 appears If there are many groups exceeding the limit of one page you can click Next to view other VLAN groups Use Delete button to delete unwanted VLAN Use Edit button to modify existing VLAN group 71 GE DS 82 and NS2503 8P 2C Series User Manual Static VLAN VLAN Operation
49. won t know that they should be aggregated together to form a logic trunk group 93 GE DS 82 and NS2503 8P 2C Series User Manual This column field allows the user to type in the total number of active port up to four With LACP static trunk group e g you assign four ports to be the members of a trunk group whose work ports column field is set as two the Work ports l exceed ports are standby redundant ports and can be aggregated if working ports fail If it is a static trunk group non LACP the number of work ports must equal the total number of group member ports Please notice that a trunk group including member ports split between two switches has to enable the LACP function of the two switches Note Aggregator Information When you had setup the LACP aggregator you will see relation information in here E LACP disabled Having set up the aggregator setting with LACP disabled you will see the local static trunk group information on the tab of Aggregator Information Trunking Aggregator Setting Aggregator Information System Priority 327608 Remove gt gt Figure 4 6 2 Assigning 2 ports to a trunk group with LACP disabled 94 GE DS 82 and NS2503 8P 2C Series User Manual Trunking The following information provides a wew of LACP current status Figure 4 6 3 Static Trunking Group information The page includes the following fields Object Description Group Key This is a read only
50. 00 000 A 7 Bridge ID 15 Port cost 20 000 Port cost 20 000 Port cost 20 000 Port cost 20 000 B G C Bridge ID 30 Bridge ID 20 Port cost 200 000 Port cost 200 000 Port cost 200 000 A LAN 2 _3 gt A LAN 3 gt Figure 4 5 2 Before Applying the STA Rules If switch A broadcasts a packet to switch B switch B will broadcast it to switch C and switch C will broadcast it to back to switch A and so on The broadcast packet will be passed indefinitely in a loop potentially causing a network failure In this example STP breaks the loop by blocking the connection between switch B and C The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings Now if switch A broadcasts a packet to switch C then switch C will drop the packet at port 2 and the broadcast will end there Setting up STP using values other than the defaults can be complex Therefore you are advised to keep the default factory settings and STP will automatically assign root bridges ports and block loop connections Influencing STP to choose a particular switch as the root bridge using the Priority setting or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is however relatively straight forward In this example only the default STP values are used The switch with the lowest Bridge ID switch C was elected t
51. 03 8P 2C Series User Manual Syslog Setting The Syslog Setting page allows you to configure the logging of messages that are sent to remote syslog servers or other management stations You can also limit the event messages sent to only those messages below a specified level Syslog Setting Syslog server IP Log level None Figure 4 2 18 Syslog Setting web interface The page includes the following fields Object Description es nn IP address of syslog server Log level e None No send syslog message to syslog server and Max Age parameters of the root bridge regardless of how it is configured e Major only send major syslog to syslog server eg link up down system warm cold start e All send all syslog messages to syslog server 91 GE DS 82 and NS2503 8P 2C Series User Manual SMTP Setting The SMTP alarm allows user to set E Mail account and receiver account system will send error message via E Mail if there is event happened SMTP Server IP Address s characters sender email address Figure 4 2 19 SMTP interface The page includes the following fields Object Description SMTP E Mail Alarm l l Allows user to enable or disable SMTP alarm function SMTP Server IP Address For inputting SMTP server IP address SMTP Port l For inputting SMTP port number the default value is 25 SMTP Authentication Allows user to enable SMTP authentication Because of almost SMTP server deny relay mail
52. 10 vannes Ingress Filtering Rule 1 Forward only packets with VID matching this port s configured VID Ingress Filtering 2 Disable Zp y Ingress Filtering 1 ingress Filtering 2 a ENABLE DISABLE Figure 4 4 7 802 1Q Ingress filter interface The page includes the following fields Object Description Indicate port 1 to port 10 NO p p PVID Set the port VLAN ID that will be assigned to untagged traffic on a given port This feature is useful for accommodating devices that you want to participate in the VLAN but that don t support tagging Each port allows user to set one VLAN ID the range being 1 255 and the default VLAN ID is 1 The VLAN ID must be the as same as the VLAN ID of the group the port belongs to otherwise the untagged traffic will be dropped Ingress Filtering 1 Ingress filtering lets frames belonging to a specific VLAN to be forwarded if the port belongs to that VLAN Enable Forward only packets with VID matching this port s configured VID 73 GE DS 82 and NS2503 8P 2C Series User Manual Disable Disable Ingress filter function Drop untagged frame Disable Accepts all Packets Enable Only packet with a matching VLAN ID can be allowed to go through the port Apply button Press the button to save configurations Ingress Filtering 2 Q in Q VLAN MM IEEE 802 10 Tunneling Q in Q IEEE 802 1Q Tunneling QinQ is designed for service providers carrying traffic f
53. 1000Base T port SFP interfaces Color Function LED Lit indicate that the port is operating at 1000Mbps LNK ACT 1000 Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the Switch is actively sending or receiving data over that port Lit indicate that the port is operating at 10 100Mbps LNK ACT 10 100 Orange Off indicate that the port is operating at 1000Mbps Blink indicate that the Switch is actively sending or receiving data over that port 16 GE DS 82 and NS2503 8P 2C Series User Manual NS2503 8P 2C LED indication Sea 8 Port Fast Ethernet 2 Gigabit PoE Managed Switch 2 mao Mio yiormoo NS2503 8P 2C Figure 2 6 NS2503 8P 2C LED panel m System LED Color Function PWR Green Illuminates to indicate that the Switch has power m Per 10 100Base TX PoE interfaces Port 1 to Por 8 Color Function LED illuminates To indicate the link through that port is successfully established LNK ACT Blink To indicate that the Switch is actively sending or receiving data over that port Illuminates To indicate the port is providing 48VDC in line power To indicate the connected device is not a PoE Powered Device PD m Per 10 100 1000Base T port SFP interfaces Color Function LED Lit indicate that the port is operating at 1000Mbps LNK ACT 1000 Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the Switch is active
54. 2 1000Base SX2 2 Multl mode LE 1310nm 1310nm 2km r p 19 10 O 50 C 1000Base LX LHX ZX S30 28LC 10 1000Base LX 2 Single mode LC 1310nm 1310nm 10km 9 5 3 20 10 5 0 50 C S35 2SLC 10 1000Base LX 2 Single mode LC 1310nm 1310nm 10km 9 5 3 20 10 5 40 75 C S30 2SLC 30 1000Base LHX 2 Single mode LC 1310nm 1310nm 30km Pug 23 91 0 50 C S35 2SLC 30 1000Base LHX 2 Single mode LC 1310nm 1310nm 30km e PRE 23 21 40 75 C S30 2SLC 70 1 000Base ZX 2 Singlemode LC 1550nm 1550nm 70km 0 5 24 24 0 50 C S35 2SLC 70 1000Base ZX 2 Single mode LC 1550nm 1550nm 70km 0 5 24 24 40 75 C 1000Base BX S30 1SLC A 10 1000Base BX10 U 1 Single mode LC 1310nm 1490nm 10km E 20 11 O 50 C S30 1SLC B 10 1000Base BX10 D 1 Single mode LC 1490nm 1310nm 10km Saa 20 11 0 50 C S30 1SLC A 20 1000Base BX20 U 1 Single mode LC 1310nm 1490nm 20km 8 2 23 15 0 50 C S30 1SLC B 20 1000Base BX20 D 1 Single mode Ce 1490nm 1310nm 20km 8 2 23 15 O 50 C _S30 1SLC A 60 1000Base BX60 U 1 Single mode LE 1310nm 1490nm 60km 0 5 24 24 O 50 C S30 1SLC B 60 1000Base BX60 D 1 Single mode Be 1490nm 1310nm 60km 0 45 24 24 0 50 C 220m distance Is based on 62 5 125 OM1 fiber 550m distance ls based on 50 125 OM2 fiber Requires laser optimized 60 125 OMS fiber to achleve 2km distance Fiber should be tested and verified to OM3 standard We recommend using IFS SFPs with the Switch If you insert a SFP transceiver that is not supported the Managed S
55. 2C Series User Manual Product Description High Performance Wire Speed Switching The IFS GE DS 82 and NS2503 8P 2C series Managed Switches offers 8 10 100Base TX Ethernet ports with 2 Gigabit TP SFP combo ports These two Gigabit TP SFP combo ports of these models can be either 1000Base T for 10 100 1000Mbps or 1000Base SX LX through SFP Small Factor Pluggable interface The distance can be extended from 100 meters TP or 550 meters Multi mode fiber up to 70 kilometers Single mode fiber The GE DS 82 and NS2503 8P 2C series Managed Switch boast a high performance switch s architecture that is capable of providing non blocking switch fabric and wire speed throughput as high as 5 6Gbps Its two built in GbE uplink ports also offer incredible extensibility flexibility and connectivity to the Core switches or Servers Cost effective solution with SNMP monitor for Network deployment Not only for catering to the need of easy WEB based management but also the centralized SNMP application to monitor the status of Switch and traffic per port IFS releases the cost effective Managed Switch The key features are as below WEB SSL Telnet Console management 802 1Q Q in Q VLAN Rapid Spanning Tree IGMP Snooping 802 1X Authentication RADIUS Access Control List SNMP and 4 RMON groups Remote and Centralize Management installation With its built in Web based management the GE DS 82 and NS2503 8P 2C series offers an easy to use platf
56. 35 gt lt 1024 65535 gt Parameters lt ip addr gt specifies server s IP address The first lt 1024 65535 gt specifies the server port number The second lt 1024 65535 gt specifies the accounting port number radius server key Description Set 802 1x shared key Syntax radius server key lt key str gt Parameters lt key str gt specifies shared key string radius server nas Description Set 802 1x NAS identifier Syntax radius server nas lt d str gt Parameters lt id str gt specifies NAS identifier string show radius server Description Show radius server information including radius server IP port number accounting port number shared key NAS identifier dot1x timeout quiet period Description Set 802 1x quiet period default 60 seconds Syntax dot1x timeout quiet period lt 0 65535 gt Parameters lt 0 65535 gt specifies the quiet period in seconds 170 GE DS 82 and NS2503 8P 2C Series User Manual dot1x timeout tx period Description Set 802 1x Tx period default 15 seconds Syntax dot1x timeout tx period lt 0 65535 gt Parameters lt 0 65535 gt specifies the Tx period in seconds dot1x timeout supplicant Description Set 802 1x supplicant timeout default 30 seconds Syntax dot1x timeout supplicant lt 1 300 gt Parameters lt 1 300 gt specifies the supplicant timeout in seconds dot1x timeout radius server Description Set radi
57. 802 3af POE is a technology for wired Ethernet the most widely installed local area network technology adopted today PoE allows the electrical power necessary for the operation of each end device to be carried by data cables rather than by separate power cords New network applications such as IP Cameras VoIP Phones and Wireless Networking can help enterprises improve productivity It minimizes wires that must be used to install the network for offering lower cost and less power failures IEEE802 3af also called Data Terminal equipment DTE power via Media dependent interface MDI is an international standard to define the transmission for power over Ethernet The 802 3af is delivering 48V power over RJ 45 wiring Besides 802 3af also define two types of source equipment Mid Span and End Span E Mid Span Mid Span device is placed between legacy switch and the powered device Mid Span is tap the unused wire pairs 4 5 and 7 8 to carry power the other four is for data transmit E End Span End Span device is direct connecting with power device End Span could also tap the wire 1 2 and 3 6 PoE System Architecture The specification of PoE typically requires two devices the Powered Source Equipment PSE and the Powered Device PD The PSE is either an End Span or a Mid Span while the PD is a PoE enabled terminal such as IP Phones Wireless LAN etc Power can be delivered over data pairs or spare pairs of standard CAT 5 cabling How Pow
58. 82 and NS2503 8P 2C Series User Manual Trunk Configuration Trunk allows the switch to combine ports so that they function like a single high speed link It can be used to increase the bandwidth to some devices to provide a high speed link For example trunk is useful when making connections between switches or connecting servers to the switch Trunk can also provide a redundant link for fault tolerance If one link in the trunk failed the switch can balance the traffic among the remaining links The 10 100 Mbps port cannot be trunked with Gigabit port Port 9 and Port 10 All ports in the same trunk group will be treated as a single port If a trunk group exists the ports belonging to that trunk will be replaced by TRUNK in the VLAN configuration screen The following example configures Port 1 Port 2 as TRUNK 1 Trunking Commands show trunks Description Show trunking information Switch config show trunk Group ID LACP Ports LACP Active e a A A 1 2 trunk add Description Add a new trunk group Syntax trunk add lt trunk id gt lt lacp no lacp gt lt port list gt lt active port list gt Parameters lt trunk id gt specifies the trunk group to be added lacp Description Specifies the added trunk group to be LACP enabled Syntax lacp no lacp specifies the added trunk group to be LACP disabled Parameters lt port list gt specifies the ports to be set lt active port li
59. AC Limit Enable or disable MAC limit function for the Managed Switch Port Number Indicate port 1 to port 8 The maximum number of per port MAC addresses to be learned 1 64 O to Limit disable this port s MAC limit function MAC Limit is only functioned on Fast Ethernet port the Port 1 to Port 8 119 GE DS 82 and NS2503 8P 2C Series User Manual MAC Limit Port Status This table displays current MAC Limit status of each port MAC Limit Port Status Figure 4 11 2 MAC Limit MAC Limit Port Status The page includes the following fields Object Description Port Number Indicate port 1 to port 8 Limit Display the current MAC Limit configuration and status of each port 120 GE DS 82 and NS2503 8P 2C Series User Manual 802 1X Configuration 802 1x is an IEEE authentication specification which prevents the client from accessing a wireless access point or wired switch until it provides authority like the user name and password that are verified by an authentication server such as RADIUS server Understanding IEEE 802 1X Port Based Authentication The IEEE 802 1X standard defines a client server based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN Until the client is authenticat
60. Assignments 1000Mbps 1000Base T GE DS 82 and NS2503 8P 2C Series User Manual Contact MDI MDI X 1 BI_DA BI_DB 2 BI_DA BI_DB 3 BI_DB BI_DA 4 BI_DC BI_DD 5 BI_DC BI_DD 6 BI_DB BI_DA 7 BI_DD BI_DC 8 BI_DD BI_DC Implicit implementation of the crossover function within a twisted pair cable or at a wiring panel while not expressly forbidden is beyond the scope of this standard 10 100Mbps 10 100Base TX When connecting your 10 100Mbps Ethernet Switch to another switch a bridge or a hub a straight or crossover cable is necessary Each port of the Switch supports auto MDI MDI X detection That means you can directly connect the Switch to any Ethernet devices without making a crossover cable The following table and diagram show the standard RJ 45 receptacle connector and their pin assignments RJ 45 Connector pin assignment Contact MDI MDI X Media Dependant Interface Media Dependant Interface Cross 1 Trae Tx transmit E CI Trans 1 2 3 4 5 7 8 Tx transmit 192 The standard cable RJ 45 pin assignment The standard RJ 45 receptacle connector GE DS 82 and NS2503 8P 2C Series User Manual There are 8 wires on a standard UTP STP cable and each wire is color coded The following shows the pin allocation and color of straight cable and crossover cable connection Straight Cable 1 2 3 4 5 6 7 8 SIDE 1 1 2 3 4 5 6 7 SIDE 2 Crossover Cable 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 SID
61. DHCP Relay can forward the DHCP broadcast packets to a DHCP server in a different subnet RFC 1542 So DHCP server can provide IP addresses to clients spanning multiple subnets instead of deploying a DHCP server on every subnet Configuring DHCP Relay amp Option82 To configure DHCP Option82 Enable global option82 function select DHCP Option82 enable Enable Enable port option82 function select Option82 checkbox for special port Select DHCP Router Port Click Apply iS 134 GE DS 82 and NS2503 8P 2C Series User Manual To configure DHCP Relay Enable global Relay function select DHCP Relay enable Enable Enable port Relay function Type the IP addresses of the DHCP Relay IP DHCP Server offers an IP address to client from its list of scopes which subnet is same as the Relay IP Select DHCP Router Port Click Apply SN 9 DHCP Relay amp Option 82 DHCP Option 82 y Disable DHCP Option 82 Router Port Poti DHCP Opt 82 Port Option ee E Figure 4 14 1 DHCP Relay amp Option 82 The page includes the following fields Object Description DHCP Option 82 Enable global option82 function DHCP Relay Enable global Relay function DHCP Option 82 Select the Router Port that is used to connect to the DHCP server in Router Port the domain DCHP Opt 82 Port Identify Port 1 to Port 10 to configure DHCP option 82 Option Enable port option82 function on selected port Relay IP Type the IP addresses of the DHCP
62. E 1 SIDE 2 Figure A 1 Straight Through and Crossover Cable SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE 1 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE2 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown SIDE2 1 White Green 2 Green 3 White Orange 4 Blue 5 White Blue 6 Orange 7 White Brown 8 Brown Please make sure your connected cables are with same pin assignment and color as above picture before deploying the cables into your network GE DS 82 and NS2503 8P 2C Series User Manual APPENDIX B Local User Access Level Table GE DS 82 GE DS 82 POE NS2503 8P 2C Admin Viewer Admin Viewer Admin Viewer Not Not Firmware Upgrade Change Not Accessable Not Accessable Not Accessable Accessable Accessable Not Not Configuration Restore Change Not Accessable Not Accessable Not Accessable Accessable Accessable Not Configuration Backup Change Change Not Accessable Not Accessable Not Accessable Accessable Configuration Backup except Not 5 Change Change Not Accessable Not Accessable Not Accessable IP Accessable Not Not Factory Default Change Not Accessable Not Accessable Not Accessable Accessable Accessable Not Not System Reboot Change
63. Figure 4 9 3 QoS Configuration Port Based Priority The table includes the following fields Object Description Port Number Indicate port 1 to port 10 Each port has 8 priority levels O 7 or Disable to be chosen Port Priority 7 is the highest priority 112 GE DS 82 and NS2503 8P 2C Series User Manual TOS DSCP TOS DSCP priority is obtained through a 6 bit Type of Service TOS or Differentiated Service Code Point DSCP to 3 bit priority mapping The Type of Service TOS octet in the IPv4 header is divided into three parts Precedence 3 bits TOS 4 bits and MBZ 1 bit The Precedence bits indicate the importance of a packet whereas the TOS bits indicate how the network should make tradeoffs between throughput delay reliability and cost as defined in RFC 1394 The MBZ bit for must be zero is currently unused and is either set to zero or just ignored 0 1 2 3 4 5 6 7 A A IPv4 Packet Header Type of Service Octet The four TOS bits provide 15 different priority values however only five values have a defined meaning DiffServ Code Point DSCP is the traffic prioritization bits within an IP header that are encoded by certain applications and or devices to indicate the level of service required by the packet across a network DSCP are defined in RFC2597 for classifying traffic into different service classes The Managed Switch extracts the codepoint value of the DS field from IPv4 packets and iden
64. Filter 1 Static Figure 4 7 3 MAC Filtering interface The page includes the following fields Object MAC Address VLAN ID Description Enter the MAC address that you want to filter The VLAN ID for the entry 101 GE DS 82 and NS2503 8P 2C Series User Manual IGMP Snooping Theory The Internet Group Management Protocol IGMP lets host and routers share information about multicast groups memberships IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing The overall purpose of IGMP Snooping is to limit the forwarding of multicast frames to only ports that are a member of the multicast group About the Internet Group Management Protocol IGMP Snooping Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group for members that are no longer active In the case where there is more than one multicast router on a sub network one router is elected as the queried This router then keeps track of the membership of the multicast groups that have active members The information received from IGMP is then used to determine if multicast packets should be forwarded to a given sub network or not The router can check usi
65. GE DS 82 and NS2503 8P 2C Series User Manual The Internet Group Management Protocol IGMP is an internal protocol of the Internet Protocol IP suite igmp Description Enable disable IGMP snooping Syntax no igmp igmp fastleave Description Enable disable IGMP snooping fast leave If enable switch will fast delete member who send leave report else wait one sec Syntax no igmp fastleave igmp querier Description Enable disable IGMP snooping querier Syntax no igmp querier igmp CrossVLAN Description Enable disable IGMP snooping CrossVLAN Syntax no igmp CrossVLAN igmp debug Description Enable disable IGMP snooping debugging output Syntax no igmp debug show igmp Description Show IGMP snooping information Syntax 169 GE DS 82 and NS2503 8P 2C Series User Manual show igmp lt status router groups table gt Parameters status specifies IGMP snooping status and statistics information router specifies IGMP snooping router s IP address groups specifies IGMP snooping multicast group list table specifies IGMP snooping IP multicast table entries igmp clear_statistics Description Clear IGMP snooping statistics counters 802 1x Protocol dot1x Description Enable or disable 802 1x Syntax no dot1x radius server host Description Set radius server IP port number and accounting port number Syntax radius server host lt ip addr gt lt 1024 655
66. GE DS 82 and NS2503 8P 2C Series User Manual Switch Static Configuration Port Configuration and show status port state Turn the port state on or off Syntax port state lt on off gt lt port list gt Parameters lt port list gt specifies the ports to be turn on or off If not entered all ports are turn on or off port nego Description Set port negotiation Syntax port nego lt force auto nway force gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set port speed Description Set port speed in mbps and duplex Syntax port speed lt 10 100 1000 gt lt full half gt lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set port flow Description Enable or disable port flow control Syntax port flow lt enable disable gt lt enable disable gt lt port lisi gt Parameters The first lt enable disable gt enables or disables flow control in full duplex mode The second lt enable disable gt enables or disables flow control in half duplex mode lt port list gt specifies the ports to be set If not entered all ports are set port rate Description Set port effective ingress or egress rate Syntax port rate lt ingress egress gt lt 0 8000 gt lt port list gt Parameters lt 0 8000 gt specifies the ingress or egress rate lt 0 8000 gt lt port list
67. IP DSCP The values of the IP DSCP header field within the incoming packet DSCP 0 63 Priority Specify which 802 1p priority to map the corresponding IP DSCP The value is 0 7 TOS DSCP Port Configuration Set up IP TOS DSCP mapping to 802 1p priority when receiving IPv4 packets the Managed Switch allow to by port configuring the QoS Status This TOS DSCP Port Configuration page is to configure the IP TOS DSCP mapping on the port and display the current port status The screen in Figure 4 9 6 appears 114 GE DS 82 and NS2503 8P 2C Series User Manual TOS DSCP Disable Figure 4 9 6 QoS Configuration TOS DSCP Port Status The table includes the following fields Object Description Port Number Indicate port 1 to port 10 TOS DSCP Status Enable Disable TOS DSCP map to 802 1p priority on specify port 115 GE DS 82 and NS2503 8P 2C Series User Manual Access Control List The Access Control List ACL is a concept in computer security used to enforce privilege separation It is a means of determining the appropriate access rights to a given object depending on certain aspects of the process that is making the request principally the process s user identifier Access Control List ACL is a mechanism that implements access control for a system resource by listing the identities of the system entities that are permitted or denied to access the resource The screen in following screen appears Packets can
68. Mode 010 VLAN Name DEFAULT Figure 4 4 6 802 1Q VLAN Setting Web Page screen The page includes the following fields Object Description VLAN Name Use this optional field to specify a name for the VLAN It can be up to 16 alphanumeric characters long including blanks You can configure the ID number of the VLAN by this item This field is used to VLAN ID add VLANs one ata time The VLAN group ID and available range is 2 4094 Port Indicate port 1 to port 10 Untag Packets forwarded by the interface are untagged UnTag Member Defines the interface as a tagged member of a VLAN All packets Tag forwarded by the interface are tagged The packets contain VLAN information Once 802 1Q VLAN is enabled all ports bleong to the default VLAN with the default VID defined as 1 The default VLAN can t be deleted Note 12 GE DS 82 and NS2503 8P 2C Series User Manual VLAN Filter m 802 1Q VLAN Port Configuration This page is used for configuring the Switch port VLAN The VLAN per Port Configuration page contains fields for managing ports that are part of a VLAN The port default VLAN ID PVID is configured on the VLAN Port Configuration page All untagged packets arriving to the device are tagged by the ports PVID This section provides 802 1Q Ingress Filter of each port from the Switch the screen in Figure 4 4 7 appears Static VLAN VLAN Operation Mode 802
69. NS2503 8P 2C Series User Manual Port Sniffer The Port Sniffer mirroring is a method for monitor traffic in switched networks Traffic through a port can be monitored by one specific port That is traffic goes in or out a monitored port will be duplicated into sniffer port Port Mirroring FEB a A A Target Port Monitor Client With Ethereal or Sniffer Pro Figure 4 3 5 Port Mirror application Configuring the port mirroring by assigning a source port from which to copy all packets and a destination port where those packets will be sent 60 GE DS 82 and NS2503 8P 2C Series User Manual Port Sniffer Sniffer Type BOTH E Porta o Poio 2o appn Figure 4 3 6 Port Sniffer interface The page includes the following fields Object Description Select a sniffer mode e Disable Sniffer Type e Rx e Tx e Both It means Analysis port can be used to see the traffic on another port you want to Analysis Monitoring Port monitor You can connect Analysis port to LAN analyzer or netxray The port you want to monitor The monitor port traffic will be copied to Analysis Monitored Port port You can select one monitor ports in the switch User can choose which port that they want to monitor in only one sniffer type 1When the Mirror Mode set to RX or TX and the Analysis Port be selected the packets to and from the Analysis Port will not be transmitted The Analysis Port will accept only COPPIED p
70. Not Accessable Not Accessable Not Accessable Accessable Accessable 194 User Level Main Function GE DS 82 and NS2503 8P 2C Series User Manual Master T Admin Viewer Admin Viewer Admin Viewer Static Multicast Table Static Multicast Table View Only Not Accessable Not Accessable IGMP Snooping IGMP Snooping Change Change Change View View Only Not Accessable Accessable Not Accessable Accessable System Configuration View Only propre Accessable pr Accessable Spanning Tree PerPort Configuration View Only Not Accessable Accessable Not Accessable Accessable LLDP Configuration Change Change Change View View Only Change View View Only User Configuration See Blow See Blow Il Not Accessable See Blow Ill Not Accessable Ery Security MAC Limit Change Change Change View View Only Not Accessable Accessable Not Accessable Accessable 802 1x Configuration View Only Not Accessable Not Accessable QoS Configuration View Only Not Accessable Not Accessable QoS PerPort Configuration View Only Not Accessable porros Accessable TOS DSCP Configuration View Only Not Accessable Not Accessable Accessable TOS DSCP Port l l Change Change Change View Only Not Accessable Not Accessable Configuration Power Over PoE Configuration Change Change View View only View View Only View View Only View View Only l Has permission to set up user na
71. P Fast leave Enable or disable Fast Leave on the port Enable or disable the IGMP query function The IGMP query information will be displayed in IGMP status section Allows user choosing three IGMP router port modes as follows a Auto lt is dynamic IGMP router port mode system detects multicast source then set the port to router port automatically b Static System will be forced to forward IGMP Join or Leave control packet to another switch via an indicate port c Forbidden Allows user to set an indicate port to non router port IGMP Querier IGMP Router Port Fast Leave The Managed Switch can be configured to immediately delete a member port of a multicast service if a leave packet is received at that port and the fast leave function is enabled for the parent VLAN This allows the Managed witch to remove a port from the multicast forwarding table without first having to send an IGMP group specific query to that interface 107 GE DS 82 and NS2503 8P 2C Series User Manual Static Multicast Table Static Multicast Table is a feature for user to force steaming multicast stream to indicate port When you add a static multicast address it remains in the multicast group table regardless of whether the multicast stream has been joined or hasn t been joined The static multicast group will be saved to switch and it will not be released even no one join it or even the multicast group no more streaming unless user delete it How t
72. P addresses on most modern corporate nets are assigned by an employee called a Network Administrator or Sys Admin This person assigns IP addresses and is responsible for making sure that IP addresses are not duplicated If this happens one or both machines with a duplicate address will stop working Another possibility is getting your address assigned to you automatically over the net via DHCP protocol Enable DHCP function and reset the machine If your network is set up for this service you will get an IP address assigned over the network If you don t get an address in about 30 seconds you probably don t have DHCP set up in your network E IP Configuration The IP Configuration includes the IP Address Subnet Mask and Gateway The Configured column is used to view or change the IP configuration Fill up the IP Address Subnet Mask and Gateway for the device The screen is shown in Figure 4 2 3 IP Configuration DHCP MEENG v IP Address See Subnet Mask 255 25 a Default Gateway 192 166 0 2 Figure 4 2 3 IP configuration interface The page includes the following fields Object Description Enable or disable the DHCP client function When DHCP function is enabled the Managed Switch will be assigned an IP DHCP address from the network DHCP server The default IP address will be replaced by the assigned IP address on DHCP server After the user clicks A
73. Pv4 else ignore Any IP and Mask EH Any Any IP address m IP A certain IP address Mask et EA ee is represent a digit from 0 9 is range from O to 255 Notice This is not subnet mask Set this field if Packet Type is IPv4 else ignore Any IP and Mask EH Any Any IP address m IP A certain IP address Mask Ree Lee AEA Lee is represent a digit from 0 9 is range from 0 to 255 Set this field if Packet Type is IPv4 else ignore Uncheck Check mM Uncheck Not check IP fragment field Check Check IP fragment field Set this field if Packet Type is IPv4 else ignore Any ICMP 1 IGMP 2 TCP 6 UDP 17 Set this field if Packet Type is IPv4 else ignore 0 255 If protocol not find in L4 Protocol field you can direct assign number Set this field if Packet Type is IPv4 else ignore Any FTP 21 HTTP 80 Set this field if Packet Type is IPv4 else ignore 0 65535 If TCP port not find in TCP field you can direct assign number Set this field if Packet Type is IPv4 else ignore Any DHCP 67 TFTP 69 NetBios 137 Set this field if Packet Type is IPv4 else ignore 0 65535 If UDP port not find in UDP field you can direct assign number Source port id from 1 10 O means don t care You create ACL and Binding groups 117 Default Vaule Permit Any IPv4 Any Any Uncheck Any Any Any E Non IPv4 ACL GE DS 82 and NS2503 8P 2C Series User Manual In Packet
74. RFC 1112 IGMP version 1 RFC 2236 IGMP version 2 e 50 125um or 62 5 125um multi mode fiber cable 1000Base SX up to 220 550m Cable Fiber optic cable e 9 125um single mode cable provides long distance for 1000Base LX ZX 10 15 20 30 40 50 60 70 120km very on fiber transceiver or SFP module 13 GE DS 82 and NS2503 8P 2C Series User Manual INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount For easier management and control of the Managed Switch familiarize yourself with its display indicators and ports Front panel illustrations in this chapter display the unit LED indicators Before connecting any network device to the Managed Switch please read this chapter completely Hardware Description Switch Front Panel The unit front panel provides a simple interface monitoring the switch Figure 2 1 to 2 3 shows the front panel of the Managed Switches GE DS 82 Front Panel 8 Port 10 100Mbps 2 Gigabit Managed Switch GE DS 82 POE Front Panel 8 Port 10 100Mbps 2 Gigabit F Managed POE Switch see i a 1 sad NS2503 8P 2C Front Panel Se 8 Port Fast Ethernet 2 Gigabit e PoE Managed Switch 2 Eao sio se 13 NS2503 8P 2C re st RESET 3 z f f 1 Figure 2 3 NS2503 8P 2C Switch front panel 10 100Mbps TP Interface Port 1 Port 8 10 100Base TX Copper RJ 45 Twist Pair Up to 100 meters
75. Support PoE Power up to 15 4 Watts for each PoE ports 9 GE DS 82 and NS2503 8P 2C Series User Manual Support PoE Power up to 30 Watts for each PoE ports NS2503 8P 2C only Auto detect powered device PD Circuit protection prevent power interference between ports Remote power feeding up to 100m PoE Management e IEEE 802 3af and IEEE 802 3at mode switch control e Temperature Threshold control e PoE power usage threshold control e Total PoE power budget control e Per port PoE function enable disable e POE Port Power feeding priority e Per POE port power limit e PD classification detection e PoE Power Supply Over Temperature Protection e PoE Schedule 10 GE DS 82 and NS2503 8P 2C Series User Manual Product Specification Hardware Specification A 10 100Base TX RJ 45 8 10 100Base TX RJ 45 8 10 100Base TX RJ 45 uto MDI MDI X ports Auto MDI MDI X ports Auto MDI MDI X ports Switch Fabric 5 66bps non blocking S S lt S S SCSS IA E DRAM O 2mytes SOSS SSS Flow Control Back pressure for Half Duplex IEEE 802 3x Pause Frame for Full Duplex Power Green Power Green Link Activity Green Link Activity Green LED 10 100 LNK ACT Orange PoE In Use Orange 1000 LNK ACT Green 1000 LNK ACT Green 10 100 LNK ACT Orange 10 100 LNK ACT Orange 330 x 155 x 44 mm 330 x 155 x 44 mm Dimensions W x D x H 1U height 1U height Weight 12 1 6kg 1 74kg Pow
76. VLAN can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN The Managed Switch supports IEEE 802 1Q VLAN The port untagging function can be used to remove the 802 1 tag from packet headers to maintain compatibility with devices that are tag unaware The Managed Switch supports IEEE 802 1Q tagged based and Port Base VLAN setting in web management page In the default configuration VLAN support is 802 1Q E Port based VLAN Port based VLAN limit traffic that flows into and out of switch ports Thus all devices connected to a port are members of the VLAN s the port belongs to whether there is a single computer directly connected to a switch or an entire department On port based VLAN NIC do not need to be able to identify 802 1Q tags in packet headers NIC send and receive normal Ethernet packets If the pa
77. a R E N 106 State Multicast TaBe naaa A cas 108 COS Configuration simi oa 109 Dio AS A O A A en 109 QS COMMG UPA NOM do odia 110 TOS DST notar topan 113 ACCESS Controls on 116 A O neds N A 119 MAC Lit Cont QU ANON zeniran T E EA A E 119 MAC LIME POM Status sieneen a ia eta 120 802 IX CONHOUrAUON A A A ea tet eciees 121 Understanding IEEE 802 1X Port Based Authenticati0N oocccconccccccncnoncnnconcnnnnncncnnncnnonencnnnnnnnns 121 S Stemi CONIQUTA OM acts ia ei 123 BOZA1 Xx Port Contigua ias 125 MS Om te Us tle star Ot 126 Power over Ethernet GE DS 82 POE NS2503 8P 2C 0occcoooocccooccccccoconoccononnconncnnnconannnnenannnnrnnannenenans 127 Power over Ethernet Powered Device ooocccococicoconococcnccocncononoccnanncnnanononnnconannnnnnnnnnannnnnnnnnnnnncnnnnnos 127 GE DS 82 POE NS2503 8P 2C Power Managemen t cccccccseeceeeaeeeeeeeeeeeeesaeeeeeseeeeesaeaeeeesaees 128 eje po CA PE Y 132 DHCP Relay amp ODUON 62 ui A A a 134 O A AO 136 ELDR A A 136 Per RO Contigua cols aa ade atta ane an dase gee ida cerare a haat 137 Users Configura lo aaa ias 138 CONSOLE MANAGEMEN Pisrrrananaiaiadaladoradaa nidad ada 141 Login inthe Console Meria Ensa a a 141 Configure IP addr SS iaae a seks deateeenduaanaeteateou asics 142 COMMANGS Leve non ii ii 144 COMMAND LINE INTERFACE srssaccdoccscreiessaseaarsacswsanvessndaseaostdensasscdarsancesateasivaeveacvwaanne 145 Operation Noticia di 145 SVSieMCOMMA Si iia 146
78. a waa dccbedseteietwnescusdoetwam 33 SVS LOMA ATOR PP o uot neneusnd aa abn dotaanlued Sues fala a 34 GE DS 82 and NS2503 8P 2C Series User Manual IPF GOMT QU PAT OM isa ct incl aa S 37 SNMEPConidUr ost as ti 39 Frimware Upgrade season dia 46 Connguraton BACKUP 1 A A E ei wanegeres 48 a aaa a A 50 SAS A E A mn eT eRe 50 DVSIOG CHINO a A a 51 SARE Eu EE AAPP A eer renner eae rep ee 52 A e sea cate key ace Secsatiee ease 53 SAC A A ee eae e Tenee n eeeeer 53 POR COMMOULAIONN ains 55 mn E A 55 Rate Cont la od 57 A Pe 58 PON SAIS OS aac oie anos 58 o A A 60 ROT CUR Olano 62 Remote Pistas ia 63 V LAN COMIC ATION Wu A A a A a A A 64 VEAN OVNIS Wi SAA 64 State VLAN CONT UA OM s sce sens sa asta hap ops E E 66 FP Ol DaASCGN V SAIN A bo 67 202 TO VLAN A 69 MAENAN A a a a a ggg ante eases esas eae 74 GVRP VIAN e O A A ee ee 78 Spanning Tree Protocol caia a 81 SONY arterial cala cuidar leads tea cin cacids 81 sn a aes een tend a tata cian ate aay 84 SP Paramotor ESA a a ie eu kane eee 85 STRESS YStem Comiquera ia dl 86 Port Sonia loas pl 90 A A O 92 Aggregator Selling si a 93 Aggregator INTOMMAT OM ia a 94 State ACUI OS O O oc ios 98 FOrWwarding and Fitero ai iD 99 Dy Matte MAC Table vo ar aso baii a lei 99 Statie MAG Tal e ad 100 MAC Me MO asi rai std 101 GE DS 82 and NS2503 8P 2C Series User Manual IGMP SOO PING urraca ia 102 VG ONY EA E E E A E AA A AE E TEE A E I E E A E EE aes 102 IGMP Configuration sinatra anr iad a a
79. able for new configurations Add Delete User new user Once the new user is added the new user entry shown in the Users Configuration page Users Configuration Usemame access Level Add New User 4 16 3 User Configuration page screenshot 139 GE DS 82 and NS2503 8P 2C Series User Manual After change the default password if you forget the password Please press the Reset button in the front panel of the Managed Switch over 10 seconds and then release the current setting includes VLAN will be lost and the Managed Switch will restore to the default mode The preset user priorities for each function are listed in Appendix B 140 GE DS 82 and NS2503 8P 2C Series User Manual CONSOLE MANAGEMENT The IFS GE DS 82 and NS2503 8P 2C series is equipped with a RS 232 DB9 connector as default And both of the two models support telnet management Login in the Console Interface To configure the system via console mode connect a serial cable to a COM port on a PC or notebook computer and to RJ 45 type serial console port of the Managed Switch The console port of the Managed Switch is DCE already so that you can connect the console port directly through PC without the need of Null Modem Please refer to chapter 3 5 Administration Console to get more information about how to connect to the console interface of GE DS 82 POE with HyperTerminal on Microsoft Windows platform Once the terminal has conne
80. ackets from the Monitored Port 2lf you want to disable the function you must select monitor port to none 61 GE DS 82 and NS2503 8P 2C Series User Manual Protect Port There are two protected port groups ports in different groups can t communicate In the same group protected ports can t communicate with each other but can communicate with unprotected ports Unprotected ports can communicate with any ports including protected ports Portected Port Setting m7 Figure 4 3 7 Protected Port Setting Web interface The page includes the following fields Object Description Port ID Identify the Managed Switch interface Enable the Protected function on the selected port Protected If the check box is not shown as then this port is an unprotected port and it can communicate with any port including protected ports Group 1 Set the protected port to be Group 1 member Group 2 Set the protected port to be Group 2 member Usually set the Uplink port or the Port is connected to Core switch or router to be the Untagged port 62 GE DS 82 and NS2503 8P 2C Series User Manual Remote Ping The Remote Ping allows user to check the device connection status via ping Remote Ping port Remote address Ping Sie nmm F Porti 0 0 0 0 Ping Port2 0 0 0 0 0 E Pns Port3 0 0 0 0 o Ping Porta 0 0 0 0 o Ports booo S o Pina portz 0000 lb Ema
81. acl Description Delete ACL group Syntax no acl lt 1 220 gt Parameters lt 1 220 gt specifies the group id e g no acl 1 no acl count Description Reset the Acl group count Syntax no acl count lt Groupld gt Parameters Groupld lt 1 220 gt specifies the group id show acl Description Show ACL group information Syntax show acl lt 1 220 gt Parameters lt 1 220 gt specifies the group id null means all valid groups e g Switch config show acl 1 IP Fragement Uncheck Src IP Address Any Dst IP Address Any Hit Octet Count 165074 Hit Packet count 472 acl addjedit lt 1 220 gt permitideny lt 0 4094 gt ipv4 lt 0 255 gt Description Add or edit ACL group for Ipv4 172 GE DS 82 and NS2503 8P 2C Series User Manual Syntax acl add edit lt 1 220 gt permit deny lt 0 4094 gt ipv4 lt 0 255 gt A B C D A B C D A B C D A B C D check unCheck lt 0 65535 gt lt 0 10 gt Parameters addledit specifies the operation lt 1 220 gt specifies the group id permit deny specifies the action permit permit packet cross switch deny drop packet lt 0 4094 gt specifies the VLAN id 0 means don t care lt 0 255 gt specifies the IP protocol O means don t care A B C D specifies the Source IP address 0 0 0 0 means don t care A B C D specifies the Mask 0 0 0 0 means don t care 255 255 255 255 means compare all A B C D specifies the Destination IP Address 0 0 0 0 m
82. ader The range of the priority is 7 0 The Managed Switch can specify the mapping between 802 1p priority and the four transmission queues In the default setting the packets with 802 1p priority O 1 are put into the queue with lowest priority the packets with 802 1p priority 2 3 are put into queue with second low priority and so on NH Static Port Ingress Priority each port is assigned with one priority 7 0 The priority of the packet received from one port is set to the same priority of the receiving port When the priority of the received packet was determined the packet is treated as an 802 1p packet with that priority and will be put into a queue according to the 802 1p Priority setting QoS Configuration QoS mode E First Come First Service The sequence of packets sent is depending on arrive orders All High before Low The high priority packets sent before low priority packets m WRR Weighted Round Robin Select the preference given to packets in the switch s high priority queue These options represent the number of higher priority packets sent before one lower priority packet is sent For example 8 Highest 4 second high means that the switch sends 8 highest priority packets before sending 4 second high priority packets Qos level 0 7 priority level can map to highest second high second low lowest queue Commands qos priority Description Set 802 1p priority Syntax qos priority lt first come first service all
83. age allows you to configure the logging of error message to switch such as port link down or link up You can also limit the event messages sent to only those messages below a specified level The web screen as Figure 4 2 21 appears 53 ID Level Date GE DS 82 and NS2503 8P 2C Series User Manual System Log System Log Mode Time Message Download System Log file Click here to download System Log file The total number of entries is O Figure 4 2 21 System Log interface The page includes the following fields Object Description System Log Mode y g Allows user to enable or disable system log mode Log Level Allows user to choose Major or All level for sending error message Apply Click Apply button to set configuration Refresh Click Refresh button to reload system log web page lt Previous Click lt Previous button to back pervious system log page Next gt Click Next gt button to go next system log page Hide Click Hide button to only display filter the logs within latest 24hrs Reset Click Here to download Click Reset button to clear all system log Click Click Here to download System Log file hyper link to download system System Log file log The download file format is csv user could open it by Microsoft Excel program 94 GE DS 82 and NS2503 8P 2C Series User Manual Port Configuration Use the Port Conf
84. anagement Protocol SNMP Virtual Terminal Protocols A virtual terminal protocol is a software program such as Telnet that allows you to establish a management session from a Macintosh a PC or a UNIX workstation Because Telnet runs over TCP IP you must have at least one IP address configured on the Managed Switch before you can establish access to it with a virtual terminal protocol Terminal emulation differs from a virtual terminal protocol in that you must connect a terminal directly to the console serial port To access the Managed Switch through a Telnet session 1 Be Sure of the Managed Switch is configured with an IP address and the Managed Switch is reachable from a PC 2 Start the Telnet program on a PC and connect to the Managed Switch The management interface is exactly the same with RS 232 console management 27 GE DS 82 and NS2503 8P 2C Series User Manual SNMP Protocol Simple Network Management Protocol SNMP is the standard management protocol for multi vendor IP networks SNMP supports transaction based queries that allow the protocol to format messages and to transmit information between reporting devices and data collection programs SNMP runs on top of the User Datagram Protocol UDP offering a connectionless mode service Management Architecture All of the management application modules use the same Messaging Application Programming Interface MAPI By unifying management methods with a single MAPI
85. and provide backup links which automatically take over when a primary link goes down The spanning tree algorithms supported by this Managed Switch include these versions a STP Spanning Tree Protocol IEEE 802 1D A MSTP Multiple Spanning Tree Protocol IEEE 802 15 STP The Spanning Tree Protocol STP is a standardized method IEEE 802 1D for avoiding loops in switching networks Enable STP to ensure that only one path at a time is active between any two nodes on the network MSTP The Multiple Spanning Tree Protocol MSTP is a standardized method IEEE 802 1S for providing simple and full connectivity for frames assigned to any given VLAN throughout a Bridged Local Area Network comprising arbitrarily interconnected Bridges each operating MSTP STP or RSTP MSTP allows frames assigned to different VLANs to follow separate paths each based on an independent Multiple Spanning Tree Instance MSTI within Multiple Spanning Tree MST Regions composed of LANs and or MST Bridges These Regions and the other Bridges and LANs are connected into a single Common Spanning Tree CST The IEEE 802 1D Spanning Tree Protocol and IEEE 802 1s Multiple Spanning Tree Protocol allow for the blocking of links between switches that form loops within the network When multiple links between switches are detected a primary link is established Duplicated links are blocked from use and become standby links The protocol allows for the duplicate links t
86. apped VLAN list Null means all VLANs spanning tree mst lt 0 15 gt port path cost lt 1 200000000 gt lt port list gt Description Set spanning tree port path cost of MSTI Syntax spanning tree mst lt 0 15 gt port path cost lt 1 200000000 gt lt port list gt Parameters lt 1 200000000 gt specifies port path cost lt port list gt specifies the ports to be set Null means all ports spanning tree mst lt 0 15 gt port priority lt 0 240 gt lt port list gt Description Set spanning tree port priority of MSTI Syntax spanning tree mst lt 0 15 gt port priority lt 0 240 gt lt port list gt Parameters lt 0 240 gt specifies the port priority The value must be in steps of 16 lt port list gt specifies the ports to be set Null means all ports no spanning tree mst Description Delete the specific MSTI Syntax no spanning tree mst lt 0 15 gt Parameters lt 0 15 gt specifies the MSTI instance ID show spanning tree Description Show spanning tree information of CIST show spanning tree port Description Show spanning tree port information of CIST Syntax show spanning tree port lt port list Parameters lt port list gt specifies the port to be shown Null means all ports show spanning tree mst configuration Description Show MST instance map Syntax show spanning tree mst configuration 166 show spanning tree mst lt 0 15 gt Description Show MST instance info
87. ault gateway IP address Syntax ip default gateway lt p addr gt show ip Description Show IP address subnet mask and the default gateway show info Description Show basic information including system info MAC address and versions Switch config show info Model name GE DS 82 Description 24 Port 10 100Mbps 2G TP SFP Combo Managed Switch MAC address 00 30 4F 44 55 66 Firmware version 2 08 CLI version 1 07 802 1x disabled IGMP enabled LACP enabled dhcp Description Set switch as dhcp client it can get ip from dhcp server 157 GE DS 82 and NS2503 8P 2C Series User Manual If you set this command the switch will reboot show dhcp Description show dhcp enable disable Reboot switch boot Description Reboot warm start the switch Reset to Default erase startup config Description Reset configurations to default factory settings at next boot time TFTP Update Firmware copy tftp firmware Description Download firmware from TFTP server Syntax copy tftp firmware lt p addr gt lt remote file gt Parameters lt ip addr gt specifies the IP address of the TFTP server lt remote file gt specifies the file to be downloaded from the TFTP server Restore Configure File copy tftp lt running config flash gt Description Retrieve configuration from the TFTP server If the remote file is the text file of CLI commands use the keyword running config If t
88. be forwarded or dropped by ACL rules include lpv4 or non lpv4 The Managed Switch can be used to block packets by maintaining a table of packet fragments indexed by source and destination IP address protocol and so on X Packet Type Binding can be selected to ACL for lpv4 or Non Ipv4 Access Control List y Permit A O QoS VoIP Q05 mode All High Before Low is required in QoS webpage PLAN Any OVID 1 iros Any means Wid 0 if uses binding Any CIP 0 0 0 0 Maski255 255 255 255 ar MAC e Address O Any a IP 0000 Mask K255 255 255 255 y 00 00 11 22 33 44 55 22 39 44 50 lue H Any v Protocol IDE las OTcp Any wl UDP Any a Value H Port Destination Port Value Figure 4 10 1 Access Control List ACL Web Page screen 116 GE DS 82 and NS2503 8P 2C Series User Manual The page includes the following fields m IPv4 ACL Object Group ID Action VLAN Packet Type Src IP Address Dst IP Address IP Fragment L4 Protocol Protocol TCP Port UDP Port Port Id Current List Description 1 220 max 220 ACL group 1 200 NS2503 8P 2C only Permit Deny E Permit Permit packet cross switch Deny Drop packet Any VID E Any Any VLAN id m VID 1 4094 A certain VLAN id IPv4 Non IPv4 Binding E Pv4 Set Ipv4 packet field E Non IPv4 Set non lpv4 packet field E Binding Set binding entry Set this field if Packet Type is I
89. be showed If not entered all port s PVID will be showed e g 154 GE DS 82 and NS2503 8P 2C Series User Manual vian filter Description Set ingress filter rules Syntax vian filter enable disable enable disable LIST Parameters enable disable specifies the non members packet will be forwarded or not If set enable forward only packets with VID matching this port s configured VID enable disable specifies the untagged frame will be dropped or not If set enable drop untagged frame show vlan filter Description Show VLAN filter setting Syntax show vlan filter LIST Parameters LIST specifies the ports to be showed If not entered all ports filter rules will be showed 155 GE DS 82 and NS2503 8P 2C Series User Manual Misc Configuration no mac age time Description Set MAC address age out time Syntax no mac age time Enable or disable MAC address age out mac age time lt 6 1572858 gt Parameters lt 6 1572858 gt specifies the MAC address age out time Must be divisible by 6 Type the number of seconds that an inactive MAC address remains in the switch s address table show mac age time Description Show MAC address age out time broadcast Description Set broadcast storm filter mode to off 1 2 1 4 1 8 1 16 Syntax broadcast mode lt off 1 2 1 4 1 8 1 16 gt broadcast select Description Select the Broadcast storm filter packet type E Unicast M
90. cescceeeeneceneeeseenseenseensseneseneeneees 192 SWitch s RJ 45 Pin ASSIQNIMENIS sssusa Ad 192 TO TOOMBDS 10 1 OO B aS TA cuina 192 APPENDIX B LOCAL USER ACCESS LEVEL TABLE cee cetecseeseeeeeeeeeeenees 194 GE DS 82 and NS2503 8P 2C Series User Manual Introduction The IFS GE DS 82 GE DS 82 POE and NS2503 8P 2C switches have 8 10 100Mbps ports with 2 Gigabit TP SFP fiber optical combo ports and are equipped with robust layer 2 features the description of these models as below 8 Port 10 100Base TX 2 Port Gigabit TP SFP Combo Managed Switch 8 Port 10 100Base TX 2 Port Gigabit TP SFP Managed PoE Switch 8 Port 10 100Base TX 2 Port Gigabit TP SFP Managed 802 3at PoE Switch Managed Switch refers to the Switches mentioned in the cover page of this User s manual e GE DS 82 GE DS 82 POE and NS2503 8P 2C Package Contents Open the box of the Managed Switch and carefully unpack it The box should contain the following items Check the contents of your package for following parts M The Managed Switch x1 M User s Manual CD x1 M Quick Installation Guide x1 M 19 Rack mount Accessory Kit x1 M Power Cord x1 M Rubber Feet X4 M RS 232 DB9 Male Console Cable x1 If any of these are missing or damaged please contact your distributor or IFS sales rep immediately if possible retain the original carton and packaging material in case you need to return the product for repair replacement GE DS 82 and NS2503 8P
91. cket s destination lies on the same segment communications take place using normal Ethernet protocols Even though this is always the case when the destination for a packet lies on another switch port VLAN considerations come into play to decide if the packet is dropped by the Managed Switch or delivered E IEEE 802 1Q VLANs IEEE 802 1Q tagged VLAN are implemented on the Managed Switch 802 1Q VLAN require tagging which enables them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLAN allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN will only be forwarded to the stations over IEEE 802 1Q enabled switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLAN can also provide a level of security to your network IEEE 802 1Q VLAN will only deliver packets between stations that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLAN to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN
92. ckets e IP Multicast e Control Packets e Flooded Unicast Multicast Packets Provide Collision Retry Forever function Disable or 16 32 48 collision numbers on Managed Switch If this function is disabled when a packet meet a collision the Managed Switch will retry 6 times before discard the packets Otherwise the Managed Switch will retry until the packet is successfully sent Default value is 16 Provide MAC address table Hashing setting on Managed Switch available options are CRC Hash and Direct Map Default mode is CRC Hash Enable disable IP MAC Binding function Enable disable 802 1x protocols function Press the button to complete the configuration 36 GE DS 82 and NS2503 8P 2C Series User Manual IP Configuration The Managed Switch is a network device which needs to be assigned an IP address for being identified on the network Users have to decide on an IP address to the Managed Switch IP address overview What is an IP address Each device such as a computer which participates in an IP network needs a unique address on the network It s similar to having a US mail address so other people have a known way to send you messages An IP address is a four byte number which is usually written in dot notation each of the bytes decimal value is written as a number and the numbers are separated by dots aka periods An example 199 25 123 1 How do I get one for this box The I
93. column field that displays the trunk group ID This is a read only column field that displays the members of this static trunk group Port Member E LACP enabled Having set up the aggregator setting with LACP enabled you will see the trunking group information between two switches on the tab of Aggregator Information Switch 1 configuration 1 Set System Priority of the trunk group The default is 32768 2 Select a trunk group ID by pull down the drop down menu bar 3 Enable LACP 4 Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically 95 5 GE DS 82 and NS2503 8P 2C Series User Manual Trunking Roa regator A no eee aa Petes jator Informatio Remove gt gt Figure 4 6 4 Aggregation Information of Switch 1 Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured Switch 2 configuration e oS SS Set System Priority of the trunk group For example 1 Select a trunk group ID by pull down the drop down menu bar Enable LACP Include the member ports by clicking the Add button after selecting the port number and the column field of Work Ports changes automatically 96 GE DS 82 and NS2503 8P 2C Series User Manual Trunking Aggregator Setting j Remove gt Figure 4 6 5 Switch 2 configuration interface
94. config poe power mode 802 3at 1 8 Switch config show poe Port Admin Oper Power mode Priority Power Limit W Consumption W Current mA De vice Class Port1 Enable 802 3at Critical Port2 Enable 802 3at Critical Port3 Enable 802 3at Critical Port4 Enable 802 3at Critical Port5 Enable 802 3at Critical Port6 Enable 802 3at Critical Port7 Enable 802 3at Critical Port8 Enable 802 3at Critical OOOO O00 O 183 GE DS 82 and NS2503 8P 2C Series User Manual SMTP Commands smtp Description Enabling or disabling SMTP alarm function Command Level Global Configuration Syntax smtp lt auth noauth gt SMTP server IP address SMTP port number user name password Sender mail address Receiver1 mail address Receiver2 mail address no smtp Parameters lt auth gt specifies mail account if user wants forward the alarm mail to different domain User has to register a mail account to the mail server lt noauth gt specifies no need to input mail account In most case SMTP server could relay mail to the same domain without mail account Example Switch config smtp auth 192 168 0 6 25 username password a test com b test com c test com User manage user name and password user Description Manage user name and password It offers user to add edit and delete user account and there are 3 permission modes for choosing Command Level Global Configuration Syntax user add edit delete Paramet
95. convention this is the node s fully qualified domain name A domain name is a text string drawn from the alphabet A Za z digits 0 9 minus sign No space characters are permitted as part of a name The first character must be an alpha character And the first or last character must not be a minus sign The allowed string length is O to 255 e System Location The physical location of this node e g telephone closet 3 floor e System Contact The textual identification of the contact person for this managed node together with information on how to contact this person e SNMP Status Indicates the SNMP mode operation Possible modes are e Enabled Enable SNMP mode operation e Disabled Disable SNMP mode operation Community Strings Community strings serve as passwords and can be entered as one of the following 40 GE DS 82 and NS2503 8P 2C Series User Manual Community Strings Current Strings New Community String public _read all only private__read write all i P mia String Remove RO ORW Figure 4 2 6 Community strings interface The page includes the following fields Object Description Community Strings Here you can define the new community string set and remove the unwanted community string E String Fill the name string RO Read only Enables requests accompanied by this community string to display MIB object information m RW Read write Enables requests accompanied by this com
96. cted to the device power on the GE DS 82 POE the terminal will display that it is running testing procedures Then the following message asks the login password The factory default password as following and the login screen in Figure 5 1 appears Username admin Password admin COM1_57600 HyperTerminal AE File Edit View Call Transfer Help Port interval TOS DSCP Completed Username admin Password Switch _ Connected 00 50 08 57600 6 h 1 Figure 5 1 GE DS 82 Console Login screen l For security reason please change and memorize the new username and password after this first setup Username Max 6 Min 1 characters Password Max 6 Min 1 characters Only accept command in lowercase letter under console interface 141 GE DS 82 and NS2503 8P 2C Series User Manual Configure IP address The Managed Switch is shipped with the following default IP address IP Address 192 168 0 100 Subnet Mask 255 255 255 0 To check the current IP address or modify a new IP address for the Switch please use the following procedures E Show the current IP address 1 On Switch prompt enter configure 2 On Switch config prompt enter show ip 3 The screen displays the current IP address Subnet Mask and Gateway As show in Figure 5 2 1 COM1_57600 Hyper Terminal File Edit View Call Transfer Help Forwarding IP H Completed Username admin Password Switch configure
97. d and the default path cost recommended by the IEEE 8021w standard exceeds 65 535 the default is set to 65 535 By default the system automatically detects the speed and duplex mode used on each port and configures the path cost according to the values shown below Fast Ethernet 1080 200002000000 Half Duplex 2 000 000 Full Duplex 1 999 999 Trunk 90 1 000 000 Half Duplex 19 200 000 Full Duplex 18 100 000 Trunk 15 50 000 Table 4 5 2 Recommended STP Path Costs 91 GE DS 82 and NS2503 8P 2C Series User Manual Trunking Port trunking is the combination of several ports or network cables to expand the connection speed beyond the limits of any one single port or network cable The Managed Switch supports two types of port trunk technology E Static Trunk E LACP The Link Aggregation Control Protocol LACP provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs move the link to that Link Aggregation Group and enable its transmission and reception functions in an orderly manner Link aggregation lets you group up to eight consecutive ports into a single dedicated connection This feature can expand bandwidth to a device on the network LACP operation requires full duplex mode more detail information refers to IEEE 802 3ad Link Aggregation LACP Link
98. d NS2503 8P 2C Series User Manual Non Member Leave Group Stop Timer Leave Group Join Group Send Report Start Timer Query Received Start Timer Report Received Stop Timer Timer Expried Send report Figure 4 8 4 IGMP State Transitions Delaying Member Idle Member IGMP Querier A router or multicast enabled switch can periodically ask their hosts if they want to receive multicast traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propagates the service requests on to any upstream multicast switch router to ensure that it will continue to receive the multicast service Es Multicast routers use this information along with a multicast routing protocol such as DVMRP or PIM to support IP multicasting across the Internet Note 105 GE DS 82 and NS2503 8P 2C Series User Manual IGMP Configuration The Managed Switch support IP multicast you can enable IGMP protocol on web management s switch setting advanced page then the IGMP snooping information displays IP multicast addresses range are from 224 0 0 0 through 239 255 255 255 IGMP Snooping Figure 4 8 5 IGMP Configuration interface 106 GE DS 82 and NS2503 8P 2C Series User Manual The page includes the following fields Object Description IGMP Protocol Enable or disable the IGMP protocol IGM
99. der to facilitate delivery of data traffic that might be affected by latency problems When CoS 802 1p Tag Priority is applied the Switch recognizes 802 1Q VLAN tag packets and extracts the VLAN tagged packets with User Priority value 802 1Q Tag and 802 1p priority VLAN ID VID 3 bits 1 bits 12 bits TPID Tag Protocol TCI Tag Control Identifier Information 2 bytes 2 bytes Destination Source ae Ethernet Preamble Data FCS Address Address Type 6 bytes6 bytes4 bytes 2 bytes46 1517 bytes 4 bytes Figure 4 9 1 802 1p Tag Priority Set up the COS priority level With the drop down selection item of Priority Type above being selected as COS only COS first this control item will then be available to set the queuing policy for each port Priority Queue Service settings QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems The IEEE 802 1p Priority specification uses 8 priority levels to classify data packets In 802 1p compliant devices a tag inserted into the packet header is used to identify the priority level of data packets The Switch supports Static Port Ingress priority and four queues The screen in Figure 4 9 2 appears QoS Configuration Priority Queue Service O First Come First Service All High before Low 802 1p priority 0 7 Lowest Lowe st Figure 4 9 2 QoS Configuration 802 1Pr
100. dicating its power class The PD is assigned to one of 5 classes O default class indicates that full 15 4 watts should be provided 1 3 indicate various required power levels and 4 is reserved for future use PDs that do not support classification are assigned to class 0 Special care must be employed in the definition of class thresholds as classification may be affected by cable losses Classifying a PD according to its power consumption may assist a PoE system in optimizing its power distribution Such a system typically suffers from lack of power resources so that efficient power management based on classification results may reduce total system costs Start up Once line detection and optional classification stages are completed the PSE must switch from low voltage to its full voltage capacity 44 57 Volts over a minimal amount of time above 15 microseconds A gradual startup is required as a sudden rise in voltage reaching high frequencies would introduce noise on the data lines Once provision of power is initiated it is common for inrush current to be experienced at the PSE port due to the PD s input capacitance APD must be designed to cease inrush current consumption of over 350 mA within 50 ms of power provision startup Operation During normal operation the PSE provides 44 57 VDC able to support a minimum of 15 4 watts power Power Overloads The IEEE 802 3af standard defines handling of overload conditions In t
101. ding so they can work on their laptops through lunch but the cost of electrical power to the outside is not affordable e Management asks for IP Surveillance Cameras and business access systems throughout the facility but they would rather avoid another electrician s payment References IEEE Std 802 3af 2003 Amendment to IEEE Std 802 3 2002 including IEEE Std 802 3ae 2002 2003 Page s 0 1 121 White Paper on Power over Ethernet IEEE802 3af http www poweroverethernet com articles php article id 52 Microsemi PowerDsine http www microsemi com PowerDsine Linear Tech http www linear com The PoE Provision Process While adding PoE support to networked devices is relatively painless it should be realized that power cannot simply be transferred over existing CAT 5 cables Without proper preparation doing so may result in damage to devices that are not designed to support provision of power over their network interfaces The PSE is the manager of the PoE process In the beginning only small voltage level is induced on the port s output till a valid PD is detected during the Detection period The PSE may choose to perform classification to estimate the amount of power to be consumed by this PD After a time controlled start up the PSE begins supplying the 48 VDC level to the PD till it is physically or electrically disconnected Upon disconnection voltage and power shut down Since the PSE is responsible for the PoE process
102. e Format Group Address all zeros if this is a query The IGMP Type codes are shown below MOS Membership Query if Group Address is 0 0 0 0 Specific Group Membership Query if Group Address is Present ST Membership Report version 2 Leave a Group version 2 IST Membership Report version 1 IGMP packets enable multicast routers to keep track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A host sends an IGMP report to join a group A host will never send a report when it wants to leave a group for version 1 A host will send a leave report when it wants to leave a group for version 2 Multicast routers send IGMP queries to the all hosts group address 224 0 0 1 periodically to see whether any group members exist on their sub networks If there is no response from a particular group the router assumes that there are no group members on the network The Time to Live TTL field of query messages is set to 1 so that the queries will not be forwarded to other sub networks IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN an explicit leave message and query messages that are specific to a given group The states a computer will go through to join or to leave a multicast group are shown below 104 GE DS 82 an
103. e non edge connection Syntax no spanning tree port edge port lt port list gt Parameters lt port list gt specifies the ports to be set Null means all ports no spanning tree port non stp Description Disable or enable spanning tree protocol on the CIST port Syntax no spanning tree port non stp lt port list gt Parameters lt port list gt specifies the ports to be set Null means all ports spanning tree port point to point mac Description Set the port of CIST to be point to point connection Syntax spanning tree port point to point mac lt auto true false gt lt port l st gt Parameters auto specifies point to point link auto connection true specifies point to point link true false specifies point to point link false lt port list gt specifies the ports to be set Null means all ports spanning tree mst Description Set spanning tree bridge priority of MSTI Syntax spanning tree mst lt 0 15 gt priority lt 0 61440 gt Parameters lt 0 15 gt specifies the MSTI instance ID lt 0 61440 gt specifies the MSTI bridge priority The value must be in steps of 4096 Default value is 32768 165 GE DS 82 and NS2503 8P 2C Series User Manual spanning tree mst lt 0 15 gt vlan lt vlan list gt Description Set MSTI to map VLAN list Syntax spanning tree mst lt 0 15 gt vian lt vlan list gt Parameters lt 0 15 gt specifies the MSTI instance ID lt vlan list gt specifies the m
104. e provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used independent of the customers VLANs This is accomplished by adding a VLAN tag with a MAN related VID for frames entering the MAN When leaving the MAN the tag is stripped and the original VLAN tag with the customer related VID is again available This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering with the VLAN tags All tags use Ether Type 0x8100 or 0x88A8 where 0x8100 is used for customer tags and 0x88A8 are used for service provider tags In cases where a given service VLAN only has two member ports on the switch the learning can be disabled for the particular VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports This way the MAC table requirements is reduced Q in Q Port Setting The QinQ VLAN QinQ Port Setting screen in Figure 4 4 8 appears QinQ VLAN QinQ Port Setting Qin Tpid 6100 Figure 4 4 8 Q in Q Port Setting interface 19 GE DS 82 and NS2503 8P 2C Series User Manual The page includes the following fields Object QinQ QinQ TPID Port QinQ QinQ Uplink Description Enable Sets the Managed Switch to QinQ mode and allows the QinQ tunnel port to be configured Disable The Managed Switch operates in its normal VLAN mode The default is for the Managed Swi
105. eans don t care A B C D specifies the Mask 0 0 0 0 means don t care 255 255 255 255 means compare all check unCheck specifies the IP Fragment check Check IP fragment field unCheck Not check IP fragment field lt 0 65535 gt specifies the Destination port number if TCP or UDP 0 means don t care lt 0 10 gt specifies the Port id O means don t care This ACL rule will drop all packet from IP is 192 168 1 1 with VLAN id 1 and IPv4 acl addjedit lt 1 220 gt qosvoip lt 0 4094 gt Description Add or edit ACL group for Ipv4 Syntax acl add edit lt 1 220 gt qosvoip lt 0 4094 gt lt 0 7 gt lt 0 1F gt lt 0 1F gt lt 0 FF gt lt 0 FF gt lt 0 FFFF gt lt 0 FFFF gt lt 0 FFFF gt lt 0 FFFF gt Parameters add edit specifies the operation lt 1 220 gt specifies the group id qosvoip specifies the action do qos voip packet adjustment lt 0 4094 gt specifies the VLAN id O means don t care lt 0 1F gt specifies the port ID value lt 0 1F gt specifies the port ID mask lt 0 FF gt specifies the protocol value lt 0 FF gt specifies the protocol mask lt 0 FFFF gt specifies the source port value lt 0 FFFF gt specifies the source port mask lt 0 FFFF gt specifies the destination port value lt 0 FFFF gt specifies the destination mask e g acl add 1 qosvoip 1711000000 Non Ipv4 ACL commands no acl lt 1 220 gt and show acl lt 1 220 gt commands are same as Ipv4 ACL commands acl add
106. ed 802 1X access control allows only Extensible Authentication Protocol over LAN EAPOL traffic through the port to which the client is connected After authentication is successful normal traffic can pass through the port This section includes this conceptual information eDevice Roles eAuthentication Initiation and Message Exchange ePorts in Authorized and Unauthorized States E Device Roles With 802 1X port based authentication the devices in the network have specific roles as shown below Authentication Server 802 1X oe Loy Switch WorkStations ci Cien y Figure 4 12 1 802 1x device role Client the device workstation that requests access to the LAN and switch services and responds to requests from the switch The workstation must be running 802 1X compliant client software such as that offered in the Microsoft Windows XP operating system The client is the supplicant in the IEEE 802 1X specification o Authentication server performs the actual authentication of the client The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services Because the switch acts as the proxy the authentication service is transparent to the client In this release the Remote Authentication Dial In User Service RADIUS security system with Extensible Authentication Protocol EAP extensions is the only supported authentication
107. edit lt 1 220 gt permitideny lt 0 4094 gt nonipv4 lt 0 65535 gt Description Add or edit ACL group for non lpv4 Syntax acl add edit lt 1 220 gt permit deny lt 0 4094 gt nonipv4 lt 0 65535 gt Parameters add edit specifies the operation lt 1 220 gt specifies the group id permit deny specifies the action permit permit packet cross switch deny drop packet lt 0 4094 gt specifies the VLAN id O means don t care lt 0 65535 gt specifies the Ether Type O means don t care e g acl add 1 deny 0 nonipv4 2054 This ACL rule will drop all packets for ether type is 0x0806 and non IPv4 173 GE DS 82 and NS2503 8P 2C Series User Manual Binding Let device that has specific IP address and MAC address can use network We can set specific IP address MAC address VLAN id and port id to bind and device can cross switch if all conditions match SIP SMAC binding commands bind Description Enable binding function no bind Description Disable binding function no bind Description Delete Binding group Syntax no bind lt 1 220 gt Parameters lt 1 220 gt specifies the group id e g no bind 1 show bind Description Show Binding group information Syntax show bind lt 1 220 gt Parameters lt 1 220 gt specifies the group id null means all valid groups e g show bind 1 bind add Description Add Binding group Syntax bind add lt 1 220 gt A B C D E F lt 0 4094 gt A B C D lt
108. end packets to computer B and vice versa The same situation also occurred in VLAN 2 The computer C and D can communicate with each other However the computers in VLAN 1 can not see the computers in VLAN 2 since they belonged to different VLANs IEEE 802 1Q tag based VLANs enable the Ethernet functionality to propagate tagged packets across the bridges and provides a uniform way for creating VLAN within a network then span across the network For egress packet you can choose to tag it or not with the associated VLAN ID of this port For ingress packet you can forward this packet to a specific port as long as it is also in the same VLAN group The 802 1Q VLAN works by using a tag added to the Ethernet packets The tag contains a VLAN Identifier VID which belongs to a specific VLAN group And ports can belong to more than one VLAN The difference between a port based VLAN and a tag based VLAN is that the tag based VLAN truly divided the network into several logically connected LANs Packets rambling around the switches can be forwarded more intelligently In the figure shown below by identifying the tag broadcast packets coming from computer A in VLAN1 at sw1 can be forwarded directly to VLAN1 However the switch could not be so smart in the port based VLAN mechanism Broadcast packets will also be forwarded to port 4 of sw2 It means the port based VLAN can not operate a logical VLAN group among switches The GE DS 82 and NS2503 8P 2C ser
109. er Requirement 100 240V AC 50 60 Hz Power Consumption 16 Watts Full load 140 Watts Full POE Load 1170 Watts Full PoE Load Operating Temperature 0 50 Degree C Operating Humidity 20 to 95 Non condensing Storage Temperature 10 Degree C 70 Degree C Layer 2 Functions Management Interface Console Telnet Web Browser SSL SNMP v1 v2c v3 Port disable enable Auto negotiation 10 100Mbps full and half duplex mode selection Port Configuration Flow Control disable enable Bandwidth control and broadcast storm filter on each port Display each port s speed duplex mode link status Flow control status Auto negotiation status IEEE 802 1Q Tag based VLAN up to 255 VLANs groups out of 4041 VLAN IDs Port based VLAN VLAN Q in Q tunneling GVRP for VLAN Management up to 128 dynamic VLAN entries Private VLAN Edge PVE Protected port with two protected port groups Spanning ise IEEE 802 1D Spanning Tree p g IEEE 802 1S Multiple Spanning Tree up to 15 instances Static Port Trunk Link Aggregation IEEE 802 3ad LACP Link Aggregation Control Protocol Supports 13 groups of 8 Port trunk support 4 priority queue Traffic classification based on Quality of Service e Port Based priority 11 GE DS 82 and NS2503 8P 2C Series User Manual e 802 1p priority e IP DSCP TOS field in IP Packet v1 and v2 aaa ete le 256 multicast groups and IGMP query Bandwidth Control Per port Ingress Egress bandwidth c
110. er is Transferred Through the Cable A standard CAT5 Ethernet cable has four twisted pairs but only two of these are used for 10BASE T and 100BASE T The specification allows two options for using these cables for power shown in Figure 2 and Figure 3 The spare pairs are used Figure 2 shows the pair on pins 4 and 5 connected together and forming the positive supply and the pair on pins 7 and 8 connected and forming the negative supply In fact a late change to the spec allows either polarity to be used POWER SOURCING POWERED DEVICE EQUIPMENT PSE PD SIGNAL PAJA ados C SIGNAL PAJR SPARE PAIR Figure 1 Power Supplied over the Spare Pins The data pairs are used Since Ethernet pairs are transformer coupled at each end it is possible to apply DC power to the center tap of the isolation transformer without upsetting the data transfer In this mode of operation the pair on pins 3 and 6 and the pair on pins 1 and 2 can be of either polarity 187 GE DS 82 and NS2503 8P 2C Series User Manual POWER SOURCING POWERED DEVICE EQUIPMENT PSE PD SPARE PAIR Figure 2 Power Supplied over the Data Pins When to install PoE Consider the following scenarios e You re planning to install the latest VoIP Phone system to minimize cabling building costs when your company moves into new offices next month e The company staff has been clamoring for a wireless access point in the picnic area behind the buil
111. ers lt add gt add user information lt edit gt edit user information included user name and password lt delete gt delete user information but user can t delete admin account lt administrator gt it is full control permission to the switch lt operator gt it offers full control permission to PoE configuration only the other function has read permission only lt viewer gt it offers read only permission to whole switch Example Switch config user add administrator New username test New password for user Retype new password Switch config 184 GE DS 82 and NS2503 8P 2C Series User Manual SWITCH OPERATION Address Table The Switch is implemented with an address table This address table composed of many entries Each entry is used to store the address information of some node in network including MAC address port no etc This in formation comes from the learning process of Ethernet Switch Learning When one packet comes in from any port the Switch will record the source address port no And the other related information in address table This information will be used to decide either forwarding or filtering for future packets Forwarding amp Filtering When one packet comes from some port of the Ethernet Switching it will also check the destination address besides the source address learning The Ethernet Switching will lookup the address table for the destination address If not found this packet will
112. escription Change VLAN mode Syntax vlan mode disabled port based dot1q Parameters disabled port based dot1q specifies the VLAN mode Change the VLAN mode for every time user have to restart the switch for valid value vlan add Description Add or edit VLAN entry Syntax vlan add lt 1 4094 gt NAME cpu port no cpu port LIST LIST Parameters lt 1 4094 gt specifies the VLAN id or Group id if port based VLAN mode NAME specifies the VLAN group name cpu port no cpu port specifies the CPU port belong this VLAN group LIST specifies the ports to be set to VLAN members LIST specifies the ports to be set to tagged members If not entered all members set to untagged e g switch config vlan add 1 vlan1 cpu port 1 4 153 GE DS 82 and NS2503 8P 2C Series User Manual This VLAN entry has four members from port1 to port4 and all members are untagged no vlan Description Delete VLAN entry Syntax no vlan lt 1 4094 gt Parameters lt 1 4094 gt specifies the VLAN id or group id if port based VLAN e g no vian 1 show vlan Description Show VLAN entry information Syntax show vlan lt 1 4094 gt Parameters lt 1 4094 gt specifies the VLAN id null means all valid entries e g show vlan static Description Show static VLAN entry information show vlan pvid Description Show port default VLAN id Syntax show vlan pvid LIST Parameters LIST specifies the ports to
113. et end devices to the central where UPS is installed for un interrupt power system and power control system Wireless LAN Access Points Museum Sightseeing Airport Hotel Campus Factory Warehouse can install the Access Point any where with no hesitation IP Surveillance Enterprise Museum Campus Hospital Bank can install IP Camera without limits of install location no need electrician to install AC sockets POE Splitter PoE Splitter split the PoE 48V DC over the Ethernet cable into 5 12V DC power output lt frees the device deployment from restrictions due to power outlet locations which eliminate the costs for additional AC wiring and reduces the installation time 127 GE DS 82 and NS2503 8P 2C Series User Manual GE DS 82 POE NS2503 8P 2C Power Management In a power over Ethernet system operating power is applied from a power source PSU power supply unit over the LAN infrastructure to powered devices PDs which are connected to ports Under some conditions the total output power required by PDs can exceed the maximum available power provided by the PSU The system may a previously be planned with a PSU capable of supplying less power than the total potential power consumption of all the PoE ports in the system In order to maintain the majority of ports active power management is implemented The PSU input power consumption is monitored by measuring voltage and current The input power consumption is equa
114. ethod requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string This management method in fact uses two community strings the get community string and the set community string If the SNMP Net work management Station only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The default gets and sets community strings for the Managed Switch are public 25 GE DS 82 and NS2503 8P 2C Series User Manual Managed Switch TT SNMP Agent Status Enabled ad ili PC Workstation a ee fran with fe SNMP application L IP Address 192 168 0 x IP Address 192 168 0 100 Internet Intranet Figure 3 3 SNMP management Administration Console The administration console is an internal character oriented and command line user interface for performing system administration such as displaying statistics or changing option settings Using this method you can view the administration console from a terminal personal computer Apple Macintosh or workstation connected to the switch s console serial port There are two ways to use this management method via direct access or modem port access The following sections describe these methods For more information about using the console refer to Chapter 5 Console Management PC i Worketation with Terminal emulation software
115. explains the functions of the Switch and how to physically install the Managed Switch SWITCH MANAGEMENT The section contains the information about the software function of the Managed Switch WEB CONFIGURATION The section explains how to manage the Managed Switch by Web interface CONSOLE MANAGEMENT The section describes how to use the Console management interface COMMAND LINE INTERFACE The section explains how to manage the Managed Switch by Command Line interface SWITCH OPERATION The chapter explains how to does the switch operation of the Managed Switch POWER OVER ETHERNET OVERVIEW The chapter introduce the IEEE 802 3af IEEE 802 3at PoE standard and PoE provision of the Managed Switch TROUBSHOOTING The chapter explains how to trouble shooting of the Managed Switch Appendix A The section contains cable information of the Managed Switch GE DS 82 and NS2503 8P 2C Series User Manual Product Features Physical Port GE DS 82 8 Port 10 100Base TX RJ 45 interfaces 2 10 100 1000T TP combo interfaces 2 mini GBIC SFP slots shared with Port 9 and Port 10 Reset button for system management 1 RS 232 male DB9 console interface for Switch basic management and setup GS DS 82 POE 8 Port 10 100Base TX RJ 45 with IEEE 802 3af PoE Injector 2 10 100 1000T TP combo interfaces 2 mini GBIC SFP slots shared with Port 9 and Port 10 Reset button for system management 1 RS 232 male DB9 console interface for Switch basic mana
116. f duplex then the performance will be poor Please also check the in out rate of the port E Why the Switch doesn t connect to the network Solution 1 Check the LNK ACT LED on the switch 2 Try another port on the Switch 3 Make sure the cable is installed properly 4 Make sure the cable is the right type 9 Turn off the power After a while turn on power again 100Base TX port link LED is lit but the traffic is irregular Solution Check that the attached device is not set to dedicate full duplex Some devices use a physical or software switch to change duplex modes Auto negotiation may not recognize this type of full duplex setting MW Switch does not power up Solution e AC power cord not inserted or faulty 2 Check that the AC power cord is inserted correctly 3 Replace the power cord lf the cord is inserted correctly check that the AC power source is working by connecting a different device in place of the switch 4 If that device works refer to the next step 5 If that device does not work check the AC power NW while IP Address be changed or forgotten admin password To reset the IP address to the default IP Address 192 168 0 100 or reset the password to default value Press the hardware reset button at the front panel about 10 seconds After the device is rebooted you can login the management WEB interface within the same subnet of 192 168 0 xx 191 Appendix A RJ 45 Pin Assignment Switch s RJ 45 Pin
117. fully established Blink to indicate that the Switch is actively sending or receiving data over that port Lit indicate that the port is operating at 100Mbps range g Off indicate that the port is operating at 10Mbps 15 GE DS 82 and NS2503 8P 2C Series User Manual Per 10 100 1000Base T port SFP interfaces D Function Lit indicate that the port is operating at 1000Mbps LNK ACT 1000 Off indicate that the port is operating at 10Mbps or 100Mbps Blink indicate that the Switch is actively sending or receiving data over that port Lit indicate that the port is operating at 10 100Mbps LNK ACT 10 100 Off indicate that the port is operating at 1000Mbps Blink indicate that the Switch is actively sending or receiving data over that port GE DS 82 POE LED indication 8 Port 10 100Mbps 2 Gigabit LNK e ACT Managed Switch eoe 1000 LNK 4 0 Vv 10 100 LNK 3 GE DS 82 PoE Gigabit Figure 2 5 GE DS 82 POE LED panel System Color Function Green Illuminates to indicate that the Switch has power m Per 10 100Base TX PoE interfaces Port 1 to Por 8 LED Color Function illuminates To indicate the link through that port is successfully established LNK ACT Blink To indicate that the Switch is actively sending or receiving data over that port Illuminates To indicate the port is providing 48VDC in line power arange To indicate the connected device is not a PoE Powered Device PD m Per 10 100
118. ge name of CIST Syntax spanning tree name lt name string gt Parameters lt name string gt specifies the bridge name Default name is null spanning tree revision Description Set spanning tree bridge revision of CIST Syntax spanning tree revision lt 1 65535 gt Parameters lt 1 65535 gt specifies the bridge revision Default value is 0 spanning tree port path cost Description Set spanning tree port path cost of CIST Syntax spanning tree port path cost lt 1 200000000 gt lt port list gt Parameters 164 GE DS 82 and NS2503 8P 2C Series User Manual lt 1 200000000 gt specifies port path cost lt port list gt specifies the ports to be set Null means all ports spanning tree port priority Description Set spanning tree port priority of CIST Syntax spanning tree port priority lt 0 240 gt lt port list gt Parameters lt 0 240 gt specifies the port priority The value must be in steps of 16 lt port list gt specifies the ports to be set Null means all ports no spanning tree port mcheck Description Force the port of CIST to transmit MST BPDUs No format means not force the port of CIST to transmit MST BPDUs Syntax no spanning tree port mcheck lt port list gt Parameters lt port list gt specifies the ports to be set Null means all ports no spanning tree port edge port Description Set the port of CIST to be edge connection No format means set the port of CIST to b
119. gement and setup NS2503 8P 2C 8 Port 10 100Base TX RJ 45 with IEEE 802 3af IEEE 802 3at PoE Injector 2 10 100 1000Base T TP combo interfaces 2 mini GBIC SFP slots shared with Port 9 and Port 10 Reset button for system management 1 RS 232 male DB9 console interface for Switch basic management and setup gt Layer 2 Features Prevents packet loss Flow Control e IEEE 802 3x PAUSE frame Flow Control for Full Duplex mode e Back Pressure Flow Control in Half Duplex mode High performance Store and Forward architecture broadcast storm control runt CRC filtering eliminates erroneous packets to optimize the network bandwidth 8K MAC Address Table automatic source address learning and ageing Support VLAN e IEEE 802 1Q Tag Based VLAN e Port Based VLAN e Q in Q tunneling Double Tag VLAN e GVRP for dynamic VLAN Management e Private VLAN Edge PVE Protect Port Supports Link Aggregation e Up to 13 Trunk groups e Up to 8 ports per trunk group with 1 6Gbps bandwidth Full Duplex mode e IEEE 802 3ad LACP Link Aggregation Control Protocol e Cisco ether Channel Static Trunk Support Spanning Tree Protocol e STP IEEE 802 1D Classic Spanning Tree Protocol 8 GE DS 82 and NS2503 8P 2C Series User Manual e MSTP IEEE 802 1s Multiple Spanning Tree Protocol spanning tree by VLAN gt Quality of Service m 4 priority queues on all switch ports Traffic classification e IEEE 802 1p Class of Service e IP TOS DSCP code pri
120. ginning with 01 00 5E is supplied the last parameter must be port list Otherwise it must be port id Syntax mac address table static lt mac addr gt lt vlan id gt lt port id port list gt no mac address table static mac addr Description Delete static unicast or multicast MAC address table entries Syntax no mac address table static mac addr lt vlan id gt 161 GE DS 82 and NS2503 8P 2C Series User Manual show mac address table Description Display MAC address table entries Switch config show mac address table MAC Address VLAN Type Source 00 08 B6 00 06 90 1 Dynamic 9 00 40 63 00 65 30 1 Dynamic Trk1 00 03 63 F7 80 7F 1 Dynamic 9 show mac address table static Description Display static MAC address table entries show mac address table multicast Description Display multicast related MAC address table smac address table static Description Set static unicast or multicast MAC address in secondary MAC address table If multicast MAC address address beginning with 01 00 5E is supplied the last parameter must be port list Otherwise it must be port id Syntax smac address table static lt mac addr gt lt vlan id gt lt port id port list gt show smac address table Description Display secondary MAC address table entries show smac address table multicast Description
121. h config show poe Maximum Available Power System Operation Status POE Admin mode Temperature Unit Temperature Unit2 Over Temperature PoE Power Consumption Temperature Threshold Usage Usage Threshold PoE Power limit mode poe temperature Description 150Watts on Disable 38C 100F 35C 95F 55 watts 30 60 0 100 Consumption Configure System PoE Temperature Threshold information Command Level Global Configuration Syntax poe temperature thershold 0 100 Parameters lt thershold gt Thershold lt 0 100 gt Temperature Threshold 0 100 C Example PoE temperature command has included in NS2503 8P 2C only Switch config poe temperature threshold 60 178 Switch config show poe Maximum Available Power System Operation Status POE Admin mode Temperature Unit Temperature Unit2 Over Temperature PoE Power Consumption Temperature Threshold Usage Usage Threshold PoE Power limit mode 150Watts on Disable 38C 100F 35C 95F 55 watts 30 60 0 100 Consumption GE DS 82 and NS2503 8P 2C Series User Manual poe usage Description Configure System PoE Usage Threshold information Command Level Global Configuration Syntax poe usage thershold 0 100 Parameters lt thershold gt Thershold lt 0 100 gt Usage Threshold 0 100 PoE usage command has included in NS2503 8P 2C only Example Switch c
122. he attached RS 232 cable in the package and connect to the console port on the device After the connection users an run any terminal emulation program Hyper Terminal ProComm Plus Telix Winterm and so on to enter the startup screen of the device 1 The device requires a power connection to operate If your networks should active all the time please consider using UPS Uninterrupted Power Supply for your device It will prevent you Power Notice from network data loss or network downtime 2 For additional protection against unregulated voltage or current surges you may also want to consider surge suppression as part of your installation 18 GE DS 82 and NS2503 8P 2C Series User Manual Install the Switch This section describes how to install the Managed Switch and make connections to it Please read the following topics and perform the procedures in the order being presented Desktop Installation To install the Managed Switch on desktop or shelf please follows these steps Step1 Attach the rubber feet to the recessed areas on the bottom of the Managed Switch Step2 Place the Managed Switch on the desktop or the shelf near an AC power source Figure 2 9 Place the Managed Switch on the desktop Step3 Keep enough ventilation space between the Managed Switch and the surrounding objects When choosing a location please keep in mind the environmental restrictions discussed in Chapter 1 Section 5 in Product Specificatio
123. he event of an overload a PD drawing a higher power level than the allowed 12 95 Watts or an outright short circuit caused by a failure in cabling or in the PD the PSE must shut down power within 50 to 75 milliseconds while limiting current drain during this period to protect the cabling infrastructure Immediate voltage drop is avoided to prevent shutdown due to random fluctuations Power Disconnection Scenarios The IEEE 802 3af standard requires that devices powered over Ethernet be disconnected safely i e power needs be shut down within a short period of time following disconnection of a PD from an active port When a PD is disconnected there is a danger that it will be replaced by a non PoE ready device while power is still on Imagine disconnecting a powered IP phone utilizing 48 VDC then inadvertently plugging the powered Ethernet cable into a non PoE notebook computer What s sure to follow is not a pretty picture The standard defines two means of disconnection DC Disconnect and AC Disconnect both of which provide the same functionality the PSE shutdowns power to a disconnected port within 300 to 400ms The upper boundary is a physical human limit for disconnecting one PD and reconnecting another 189 GE DS 82 and NS2503 8P 2C Series User Manual DC Disconnect DC Disconnect detection involves measurement of current Naturally a disconnected PD stops consuming current which can be inspected by the PSE The PSE must therefore
124. he port is adding addresses to its forwarding database but not yet forwarding packets Forwarding the port is forwarding packets Disabled the port only responds to network management messages and must return to the blocking state first A port transitions from one state to another as follows From initialization switch boot to blocking From blocking to listening or to disabled From listening to learning or to disabled From learning to forwarding or to disabled From forwarding to disabled From disabled to blocking gt Switch Blocking Listening Learning Forwarding Disable Figure 4 5 1 STP Port State Transitions You can modify each port state by using management software When you enable STP every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up If properly configured each port stabilizes to the forwarding or blocking state No packets except BPDUs are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 83 GE DS 82 and NS2503 8P 2C Series User Manual Illustration of STP A simple illustration of three switches connected in a loop is depicted in the below diagram In this example you can anticipate some major network problems if the STP assistance is not applied LAN1 gt Port cost 2
125. he remote file is the configuration flash image of the switch instead use the keyword flash Syntax copy tftp lt running config flash gt lt p addr gt lt remote file gt Parameters lt ip addr gt specifies the IP address of the TFTP server lt remote file gt specifies the file to be downloaded from the TFTP server Backup Configure File copy lt running config flash gt tftp Description Send configuration to the TFTP server If you want to save the configuration in a text file of CLI commands use the 158 GE DS 82 and NS2503 8P 2C Series User Manual keywordrunning config If you want to save the configuration flash image instead use the keyword flash Syntax copy lt running config flash gt tftp lt o addr gt lt remote file gt Parameters lt ip addr gt specifies the IP address of the TFTP server MAC limit MAC limit allows users to set a maximum number of MAC addresses to be stored in the MAC address table The MAC addresses chosen to be stored in MAC address table is the result of first come first save policy Once a MAC address is stored in the MAC address table it stays in until it is aged out When an opening is available the switch stored the first new MAC address it sees in that opening All packets from MAC addresses not in the MAC address table should be blocked User can configure the MAC limit setting and fill in the new value mac limit Description Enable MAC limit no mac limit
126. he root bridge and the ports were selected to give a high port cost between switches B and C The two optional Gigabit ports default port cost 20 000 on switch A are connected to one optional Gigabit port on both switch B and C The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link default port cost 200 000 Gigabit ports could be used but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link 84 GE DS 82 and NS2503 8P 2C Series User Manual A C Root Bridge Designated Port Designated Port Root Port Root Port C Designated Bridge _ o _ LAN2 gt A LAn3 gt Figure 4 5 3 After Applying the STA Rules STP Parameters STP Operation Levels The Switch allows for two levels of operation the switch level and the port level The switch level forms a spanning tree consisting of links between one or more switches The port level constructs a spanning tree consisting of groups of one or more ports The STP operates in much the same way for both levels Bridge and the Designated Bridges On the port level STP sets the Root Port and the Designated Ports The following are the user configurable STP parameters for the switch level Parameter Description Bridge Identifier Not user A combination of the User set priority and configurable the switch s MAC address except by setting pr
127. high before low weighted round robin gt Parameters lt highest weight gt lt sechighweight gt lt sec low weight gt lt lowest weight gt e g gos priority weighted round robin 8 4 2 1 qos level Description Set priority levels to highest second high second low and lowest Syntax qos level lt highest second high second low lowest gt lt evel lisi gt Parameters 160 lt level list gt specifies the priority levels to be high or low Level must be between 1 and 7 e g qos level highest 7 e g qos level lowest 4 show qos Description Show QoS configurations including802 1p priority priority level e g Switch config show gos QoS configurations QoS mode weighted round robin Highest weight 8 Second High weight 4 Second Low weight 2 Lowest weight 1 802 1p priority 0 7 Lowest Lowest SecLow SecLow SecHigh Per Port Priority port priority Description Set port priority Syntax port priority lt disable 0 7 gt lt port list gt Parameters SecHigh GE DS 82 and NS2503 8P 2C Series User Manual Highest Highest lt port list gt specifies the ports to be set If not entered all ports are set e g port priority disable 1 5 MAC Address Configuration clear mac address table Description Clear all dynamic MAC address table entries mac address table static Description Set static unicast or multicast MAC address If multicast MAC address address be
128. ields Object Description A string identifying the user name that this entry should belong to The allowed string length is 1 to 15 Indicates the authentication protocol that this entry should belong to Possible authentication protocol are e None No authentication protocol e MD5 An optional flag to indicate that this user using MD5 authentication protocol SNMP User Name Auth Type The value of security level cannot be modified if an entry already exists The user must first ensure that the value is set correctly A string identifying the authentication pass phrase Auth Key 8 32 For MDS authentication protocol the allowed string length is 8 to 32 A string identifying the privacy pass phrase Private Key 8 32 The allowed string length is 8 to 32 Remove Check to delete the selected entry It will be deleted during the next save 45 GE DS 82 and NS2503 8P 2C Series User Manual Firmware Upgrade It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol TFTP server Before updating make sure the TFTP server is ready and the firmware image is located on the TFTP server TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network Before updating make sure you have your TFTP server ready and the firmware image is on the TFTP server The screen is show i
129. ies support both Port based VLAN and Tag based 802 1Q VLAN modes The default configuration is tag based 802 1Q VLAN In the 802 1Q VLAN initially all ports on the switch belong to default VLAN VID is You cannot delete the default VLAN group in 802 1Q VLAN mode VLAN Mode Port based Packets can go among only members of the same VLAN group Note all unselected ports are treated as belonging to another single VLAN If the port based VLAN enabled the VLAN tagging is ignored show vian mode Description Display the current VLAN mode 152 GE DS 82 and NS2503 8P 2C Series User Manual vlan mode Description Change VLAN mode Syntax vlan mode disabled port based dot1 q Parameters disabled port based dot1q specifies the VLAN mode Change the VLAN mode for every time user have to restart the switch for valid value Note Advanced 802 1Q VLAN Configuration Ingress filters configuration When a packet was received on a port you can govern the switch to drop it or not if it is an untagged packet Furthermore if the received packet is tagged but not belonging to the same VALN group of the receiving port you can also control the switch to forward or drop the packet The example below configures the switch to drop the packets not belonging to the same VLAN group and forward the packets not containing VLAN tags VLAN Commands show vlan mode Description Display the current VLAN mode vlan mode D
130. ies the contact string e g snmp system contact abc sina com show snmp system Description Show SNMP system information Community Strings snmp community Description Set SNMP community string Syntax snmp community lt read sysinfo only read all only read write all gt lt community str gt Parameters lt community str gt specifies the community string e g snmp community read all only public no snmp community Description Delete SNMP community string Syntax no snmp community lt community str gt Parameters lt community str gt specifies the community string e g no snmp community public show snmp community Description Show SNMP community strings Trap Managers snmp trap Description Set SNMP trap receiver IP address community string and port number Syntax snmp trap lt p addr gt lt community str gt lt 1 65535 gt Parameters lt ip addr gt specifies the IP address lt community str gt specifies the community string lt 1 65535 gt specifies the trap receiver port number e g snmp trap 192 168 200 1 public 168 no snmp trap Description Remove trap receiver IP address and port number Syntax no snmp trap lt p addr gt lt 1 65535 gt Parameters lt ip addr gt specifies the IP address lt 1 65535 gt specifies the trap receiver port number e g no snmp trap 192 168 200 1 show snmp trap Description Show all trap receivers IGMP
131. ify vi ew Figure 4 2 10 SNMP configuration interface Description A string identifying the group name that this entry should belong to The allowed string length is 1 to 15 Indicates the security model that this entry should belong to Possible security models are e v1 Reserved for SNMPv1 e v2c Reserved for SNMPv2c e usm User based Security Model USM Indicates the security model that this entry should belong to Possible security models are e NoAuth None authentication and none privacy e Auth Authentication and privacy e Authpriv Authentication and privacy The name of the MIB views defining the MIB objects for which this request may request the current values The allowed string length is 1 to 16 The name of the MIB views defining the MIB objects for which this request may potentially SET new values The allowed string length is 1 to 16 Set up the notify view Check to delete the selected entry It will be deleted during the next save Configure SNMPv3 users table on this page The entry index keys are Engine ID and User Name The SNMPv3 Users Configuration screen is shown in Figure 4 2 11 44 GE DS 82 and NS2503 8P 2C Series User Manual V3 usm user Current Strings we SNMP usm user SNMP User Name Auth Type none ls Remove Auth Key 8 32 Input auth key Private Key 8 32 Input priv key Figure 4 2 11 SNMP configuration interface The page includes the following f
132. ig poe maximum power 10 1 Switch config show poe status 1 Power Current Consumption Admin Oper Priority Power Limit W Current mA Device Class Port1 Enable on 802 3at Low poe maximum power Description Enable per port power output limit The command is configurable while poe limit mode is set to Total Limit Command Level Global Configuration Syntax poe maximum power lt 0 308 gt lt port list gt Parameters lt 0 308 gt lt 802 af gt power limit range from 0 15 4 lt 802 at gt power limit range from 0 30 8 the set value must multiple of 10 NS2503 8P 2C only lt port list gt specifies the ports to be set If not entered all ports are set 1 This POE maximum power command has included in NS2503 8P 2C only Example Switch config poe maximum power 100 1 Switch config show poe status 7 Oper SMN Priority Pone Consumption W Current mA Boe on 802 3af Low 182 GE DS 82 and NS2503 8P 2C Series User Manual poe power mode Description Set poe power mode for the power supply management Command Level Global Configuration Syntax poe power mode 802 3af 802 3at lt port list gt Parameters lt 802 3af gt lt 802 3af gt Set maximum PoE output capability to 15 4Watts lt 802 3at gt lt 802 3at gt Set maximum PoE output capability to 30 8Watts lt LIST gt Port list e g 3 6 8 PoE power mode command has included in NS2503 8P 2C only Example Switch
133. iguration Feature Default Value Enable state STP disabled for all ports Port priority 128 Port cost 0 Bridge Priority 32 68 The Hello Time cannot be longer than the Max Age Otherwise a configuration error will occur Observe the following formulas when setting the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second STP System Configuration This section provides STP System Configuration from the Managed Switch the screen in Figure 4 5 4 appears E The user can view spanning tree information of Root Bridge a The user can modify STP state After modification click Apply 86 GE DS 82 and NS2503 8P 2C Series User Manual Spanning Tree System Configuration Configure Spanning Tree Parameters STP State Default DISABLE STP protocol version Default MSTP MSTP Priority 32768 0 61440 Default 32768 Maximum 6 40 Default 20 Hello Time 1 10 Default 2 Forward Delay 4 30 Default 15 The page includes the following fields Object STP State Protocol Version Priority 0 61440 Max Age 6 40 Hello Time 1 10 Forward Delay Time 4 30 Figure 4 5 4 STP System Configuration interface Description The user must enable the STP function first before configuring the related parameters A value used to specify the spanning tree protocol the original spanning tree protocol STP 802 1d or the multiple spa
134. iguration Menu to display or configure the Managed Switch s ports This section has the following items E Port Control Configures port connection settings E Port Status Display the current Port link status and speed etc E Port Statistics Lists Ethernet and RMON port statistics Al Port Sniffer Sets the source and target ports for mirroring Port Control In Port control you can configure the settings of each port to control the connection parameters and the status of each port is listed beneath Port Control Port Description State Negotiation Speed Duplex Flow Control AA Porta Description State Link Negotiation Flow Control Security Jumbo Frame Down Auto 1100 FU orti ort2 fon Dowmuto hoo Ful ort DownjAuto 100 Full Off fF On Om Figure 4 3 1 Port Control interface The page includes the following fields Object Description Son Use the scroll bar and click on the port number to choose the port to be or configured Description Allows user to input port description for labeling the port or Current port state The port can be set to disable or enable mode If the port state ate is set as Disable it will not receive or transmit any packet Auto and Force Being set as Auto the speed and duplex mode are negotiated Negotiation automatically When you set it as Force you have to set the speed and duplex mode manually Saeed It is available for selecting when the Negotiation column is set as Force Whe
135. iority 110 GE DS 82 and NS2503 8P 2C Series User Manual The table includes the following fields Object Description First Come First Service The sequence of packets sent is depend on arrival order All High before Low The high priority packets sent before low priority packets Select the preference given to packets in the switch s higher priority queue These options represent the number of higher priority packets sent before one lower priority packet is sent Weighted Round Robin For example 8 Highest 4 SecHigh 2 SecLow 1 Lowest means that the switch sends 8 highest priority packets before sending 4 second high priority packet before sending 2 second low priority packet before sending 1 lowest priority packet 802 1p priority 0 7 Set up the COS priority level O 7 High Middle Low Lowest 802 1p Priority Priority classifiers of the Switch forward packet COS range is from 0 to 7 Seven is the high class Zero is the less class The user may configure the mapping between COS and Traffic classifiers 111 GE DS 82 and NS2503 8P 2C Series User Manual QoS PerPort Configuration Configure the priority level for each port With the drop down selection item of Priority Type above being selected as Port based this control item will then be available to set the queuing policy for each port QoS Configuration PerPort Configuration Portz Ponts Porta Pot PortNum 1 112 3 A 6 Portl Tora
136. iority The Bridge Identifier consists of two parts below a 16 bit priority and a 48 bit Ethernet MAC address 32768 MAC Priority A relative priority for each switch lower numbers give a higher priority and a greater chance of a given switch being elected as the root bridge Hello Time The length of time between broadcasts of the hello message by the switch Maximum Age Timer Measures the age of a received BPDU for a port and ensures that the BPDU is discarded when its age exceeds the value of the 85 On the switch level STP calculates the Bridge Identifier for each switch and then sets the Root Default Value 32768 MAC 32768 2 seconds 20 seconds GE DS 82 and NS2503 8P 2C Series User Manual maximum age timer Forward Delay Timer The amount time spent by a port in the 15 seconds learning and listening states waiting for a BPDU that may return the port to the blocking state The following are the user configurable STP parameters for the port or port group level Variable Description Default Value Port Priority A relative priority for each 128 port lower numbers give a higher priority and a greater chance of a given port being elected as the root port Port Cost A value used by STP to evaluate paths 200 000 100Mbps Fast Ethernet ports STP calculates path costs and selects the 20 000 1000Mbps Gigabit Ethernet ports path with the minimum cost as the active 0 Auto path Default Spanning Tree Conf
137. its 1 bits 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Destination Source foe ee T g Ethernet Preamble VLAN TAG Address Address Type 6 bytes 6 bytes 4 bytes 2 bytes 46 1517 bytes 4 bytes The Ether Type and VLAN ID are inserted after the MAC source address but before the original Ether Type Length or Logical Link Control Because the packet is now a bit longer than it was originally the Cyclic Redundancy Check CRC must be recalculated Adding an IEEE802 1Q Tag Dest Addr Src Addr Length E type Old CRC Original Ethernet Dest Addr Src Addr E type Length E type New CRC New Tagged Packet m Port VLAN ID Packets that are tagged are carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLAN to span network devices and indeed the entire network if all network devices are 802 1Q compliant Every physical port on a switch has a PVID 802 1Q ports are also assigned a PVID for use within the switch If no VLAN are defined on the switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLAN are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets a
138. l to the system s aggregated power consumption The power management concept allows all ports to be active and activates additional ports as long as the aggregated power of the system is lower than the power level at which additional PDs cannot be connected When this value is exceeded ports will be deactivated according to user defined priorities The power budget is managed according to the following user definable parameters maximum available power ports priority maximum allowable power per port The Over Temperature Protection of the PoE Switch offers a safety and stable PoE operating by limiting the output power according to detected temperature to prevent destructive breakdown due to un expected overheating As following provides GE DS 82 POE Power over Ethernet Configuration and PoE output status of PoE Switch screen in Figure 4 13 1 appears PoE Configuration PoE Psu status OO O 3 Over Temperature Protection Power Limit Mode Por Usage Threshold n 0 a F cda 20 TY Figure 4 13 1 PoE Configuration 128 The page includes the following fields Object PoE PSU Status GE DS 82 and NS2503 8P 2C Series User Manual Description Shows the status of power supply for PoE output PoE Temperature Unit 1 Display the current operating temperature of PoE chip unit 1 The unit 1 is in charge of PoE Port 1 Port 4 PoE Temperature Unit 2 Display the current operating temperature of PoE chip u
139. lee eee 173 BiINdING seisedseeicedeebdeesdceeieeciceeetisndsccdccaiaecdnlecstosiaedstaineccsaibacecsiawecace r Eep eaaa niaaa aaaeaii 174 SIP SMAC Dinding commands asese a a lee a a a a cae 174 Power over Ethernet Commands GE DS 82 POE NS2503 8P 2C ooccocccccoccconccoonccnncnnonocannnnonnnanannns 175 Display System POE StatUS leia a aa a 175 Configure PoE Over Temperature Protection ooococcccncococonnncoconnnnccnanonnnnnnnnnononcnnnnnnnnnnnnanonnnnns 176 COnTIGUIG POE Sy SM kaen a id cca eee iene oe aaa 177 Configure POEs PON Esad acabe 180 SMTR COMMANOS ii a 184 User manage user NAME and PASSWOLM ccccceeeeseeeeseeeseeeeseeeeseeeeeeoeseeeeeooenseeeeeoonsseesesooesseesssonenseees 184 SWITGA OPERATION sonoras 185 Address Tal 185 GE DS 82 and NS2503 8P 2C Series User Manual AA eE 185 FORWArOING amp PINGHING soes seessaiewetsocisec aaae iaaa nations aaa raaa a aaa 185 Store and FO Ward id 185 AUtOsNego tatiana c 186 POWER OVER ETHERNET OVERVIEW cccccessccsecesseesscnsecnsenssenseeesenssoneeonseoes 187 Whats POE 2 eccicaclreacecen a aec tee aca eee ec A eater tee 187 The POE PROVISION PIOCESS ti AA 188 Stages of powering Up POE liNK rsrsr A Na Glas 189 Une Detection a S 189 ASS MC OMe a a a a a a Midatene teeta Sedasdet 189 ACD eaa a aa a e a a Ao 189 A A A AN 189 Power Disconnection Scenarios a aci 189 TROUBLE SHOOTING assi 191 APPENDIX A RJ 45 PIN ASSIGNMENT ccccc
140. limit mode show poe status Description Show per PoE port information Command Level Global Configuration Syntax show poe status lt port list gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set Example 1 175 GE DS 82 and NS2503 8P 2C Series User Manual Switch config show poe status 1 Current Consumption Device Priority Power Limit W Current mA Port1 Enable on 802 3at Switch config show poe status Admin Enable Enable Enable Enable Enable Enable Enable Enable Oper Power 802 3at 802 3at 802 3at 802 3at 802 3at 802 3at 802 3at Current Current Device Priority Power Limit W Configure PoE Over Temperature Protection poe temperature protection enable Description Configure PoE over temperature protection to enable or disable Command Level Global Configuration Syntax poe temperature protection enable Parameters lt Enable gt Enable PoE power budget change automatically by detected PoE unit temperature lt Disable gt Disable PoE power budget change automatically PoE temperature protection working in Priority mode or Total Limit mode only 176 GE DS 82 and NS2503 8P 2C Series User Manual Configure PoE System poe limit mode Description Configure System PoE power limit mode information Command Level Global Configuration Syntax poe limit mode Consumption Classification Total Limit Pa
141. ly sending or receiving data over that port Lit indicate that the port is operating at 10 100Mbps LNK ACT 10 100 Orange Off indicate that the port is operating at 1000Mbps Blink indicate that the Switch is actively sending or receiving data over that port 1 Press the RESET button 1 3 seconds The Switch will reboot automatically 2 Press the RESET button for about 10 seconds The Switch will back to the factory default mode the entire configuration will be erased 3 The 2 Gigabit TP SFP combo ports are shared with ports 9 10 of GE DS 82 GE DS 82 POE and the NS2503 8P 2C Either of them can operate at the same time 17 GE DS 82 and NS2503 8P 2C Series User Manual Switch Rear Panel The rear panel of the Managed Switch indicates an AC inlet power socket which works with input power range from 100 to 240V AC 50 60Hz Figure 2 7 to Figure 2 8 shows the rear panel of the Switch GE DS 82 Rear Panel 100 240V AC Console ON o o 6 096 9600 N 8 1 50 60HZ Figure 2 7 GE DS 82 rear panel GE DS 82 POE and NS2503 8P 2C Rear Panel 5 7ECO WB 1 Figure 2 8 GE DS 82 POE and NS2503 8P 2C rear panel Console Port The console port is a DB9 RS 232 male serial port connector It is an interface for connecting a terminal directly Through the console port it provides rich diagnostic information includes IP Address setting factory reset port management link status and system setting Users can use t
142. mes and passwords for all levels of Admin IT and Security Il Has permission to set up user names and passwords for all levels of IT Has permission to set up user names and passwords for all levels of Security User Level Main Function 195
143. munity string to display MIB object information and to set MIB objects Add Press the button to add the management SNMP community strings on the button Managed Switch Remove Press the button to remove the management SNMP community strings that you 41 GE DS 82 and NS2503 8P 2C Series User Manual Trap Managers A trap manager is a management station that receives the trap messages generated by the switch If no trap manager is defined no traps will be issued To define a management station as a trap manager assign an IP address enter the SNMP community strings and select the SNMP trap version Trap Managers Current Managers po New Manager 192 168 0 52 IP Address Community Figure 4 2 7 Trap Managers interface The page includes the following fields Object Description IP Address Enter the IP address of the trap manager Community Enter the community string for the trap station SNMPv3 Groups Configure SNMPv3 groups table on this page The entry index keys are Security Model and Security Name The SNMPv3 Groups Configuration screen is shown in Figure 4 2 8 Current Strings NO SNMP Group root_v1_ root admin vi_admin public_v1_ public root vc root admin_ve2c_admin public _ve2c_ public Group Name Input group name W1 W2c USM Remove Security Name Input security name Figure 4 2 8 SNMP configuration interface The page includes the following fields 42 Object Group Name
144. n Step4 Connect the Managed Switch to network devices A Connect one end of a standard network cable to the 10 100 1000 RJ 45 ports on the front of the Managed Switch B Connect the other end of the cable to the network devices such as printer servers workstations or routers etc Es Connection to the Managed Switch requires UTP Category 5 network cabling with RJ 45 tips For more information please see the Cabling Specification in Appendix A Note Step5 Supply power to the Managed Switch A Connect one end of the power cable to the Managed Switch B Connect the power plug of the power cable to a standard wall outlet When the Managed Switch receives power the Power LED should remain solid Green 19 GE DS 82 and NS2503 8P 2C Series User Manual Rack Mounting To install the Managed Switch in a 19 inch standard rack please follows the instructions described below Step1 Place the Managed Switch on a hard flat surface with the front panel positioned towards the front side Step2 Attach the rack mount bracket to each side of the Managed Switch with supplied screws attached to the package Figure 2 10 shows how to attach brackets to one side of the Managed Switch waz 1 mii Figure 2 10 Attach brackets to the Managed Switch You must use the screws supplied with the mounting brackets Damage caused to the parts by using incorrect screws would invalidate the warranty Step3 Secure the brackets
145. n it has two parts of setting Basic and Misc Config We will describe the configure detail in following Basic The Basic System Info page provides information for the current device information Basic System Info page helps a switch administrator to identify the model name firmware hardware version and MAC address The screen in Figure 4 2 1 appears NS2503 8P 2C Ses 5 1 3 5 9 oO 10 Ifs NS2503 8P 2C System Information Mise Con Description s Port 10 100Mbps 2G TP SFP Combo Managed HPoE Switch q MAC Address 9C F6 1A 7D 55 22 rro rr rr rr v D E Layer 2 Features QoS Power over Ethernet Figure 4 2 1 Basic System Information screenshot The page includes the following fields Object Description Model Name Display the system name of the Managed Switch Description Describes the Managed Switch MAC Address Displays the unique hardware address assigned by manufacturer default Firmware Version Displays the Managed Switch s firmware version Hardware Version Displays the current hardware version 34 GE DS 82 and NS2503 8P 2C Series User Manual Misc Config Choose Misc Config from System Information of Managed Switch the screen in Figure 4 2 2 will appear system Information Basic Misc Config C mac Table Address Entry Age Out Time seconds 6 1572858 must multiple of 6 default is 3005 Turn On Port Interval seconds 0 3600 seconds interval time between tu
146. n pee the Negotiation column is set as Auto this column is read only 55 Duplex Flow Control Rate Control Unit 128KBbps Security BSF Jumbo Frame GE DS 82 and NS2503 8P 2C Series User Manual It is available for selecting when the Negotiation column is set as Force When the Negotiation column is set as Auto this column is read only Whether or not the receiving node sends feedback to the sending node is determined by this item When enabled once the device exceeds the input data rate of another device the receiving device will send a PAUSE frame which halts the transmission of the sender for a specified period of time When disabled the receiving device will drop the packet if too much to process Port 1 Port 24 supports by port ingress and egress rate control For example assume port 1 is 10Mbps users can set its effective egress rate at 1Mbps and ingress rate at 500Kbps Device will perform flow control or backpressure to confine the ingress rate to meet the specified rate m Ingress Type the port effective ingress rate The valid range is 0 8000 The unit is 128K 0 disable rate control 1 8000 valid rate value E Egress Type the port effective egress rate The valid range is 0 8000 The unit is 128K 0 disable rate control 1 8000 valid rate value A port in security mode will be locked without permission of address learning Only the incoming packets with SMAC already e
147. n Figure 4 2 12 Use this menu to download a file from specified TFTP server to the Managed Switch Firmware Upgrade TFTP Firmware Upgrade TETP Server IP Address 192 168 0 1 Firmware File Name ns2503 1022 imal Avew Hei Figure 4 2 12 Firmware Upgrade interface Tas The page includes the following fields Object Description TFTP Server IP Address Type in your TFTP server IP Firmware File Name Type in the name of the firmware image file to be updated 46 GE DS 82 and NS2503 8P 2C Series User Manual HTTP Firmware Upgrade The HTTP Firmware Upgrade page contains fields for downloading system image files from the Local File browser to the device The Web Firmware Upgrade screen in Figure 4 2 13 appears HTTP Firmware Upgrade Note Firmware upgrade needs several minutes Please wait a while then manually refresh the webpage Figure 4 2 13 HTTP Firmware Upgrade interface To open Firmware Upgrade screen perform the following 1 Click System gt Web Firmware Upgrade 2 The Firmware Upgrade screen is displayed as in Figure 4 2 13 3 Click the Browse button of the main page the system would pop up the file selection menu to choose firmware Choose file Look irc O Firmware 2 FW N52503 v1 51 img My Recent Documents My Documents My Computer My Network File name FW N52503 v1 51 img Places Files of type All Files 47 GE DS 82 and NS2503 8P 2C Series
148. nal cabling and adapters Due to the learning function of the Ethernet switching the source address and corresponding port number of each incoming and outgoing packet are stored in a routing table This information is subsequently used to filter packets whose destination address is on the same segment as the source address This confines network traffic to its respective domain and reduce the overall load on the network The Switch performs Store and forward therefore no error packets occur More reliably it reduces the re transmission rate No packet loss will occur 185 GE DS 82 and NS2503 8P 2C Series User Manual Auto Negotiation The STP ports on the Switch have built in Auto negotiation This technology automatically sets the best possible bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both device is connected and capable of both 10Base T and 100Base TX devices can connect with the port in either Half or Full Duplex mode If attached device is 100Base TX port will set to 10Mbps no auto negotiation 10Mbps 10Mbps with auto negotiation 10 20Mbps 10Base T Full Duplex 100Mbps no auto negotiation 100Mbps 100Mbps with auto negotiation 100 200Mbps 100Base T X Full Duplex 186 GE DS 82 and NS2503 8P 2C Series User Manual POWER OVER ETHERNET OVERVIEW What is PoE Based on the global standard IEEE
149. ncryption key used on the RADIUS Server Set the identifier for the RADIUS client 124 GE DS 82 and NS2503 8P 2C Series User Manual 802 1x Port Configuration In this page you can select the specific port and configure the authorization state The state provides No Authorization Force Authorized Force unauthorized and Authorize 802 1x Configuration Figure 4 12 5 802 1x Per Port Setting interface The page includes the following fields Object Description FU Force Unauthorized The specified port is required to be held in the unauthorized state FA Force Authorized The specified port is required to be held in the authorized state The specified port is set to the Authorized or Unauthorized state in accordance Authorize with the outcome of an authentication exchange between the Supplicant and the authentication server No The specified port works without complying with 802 1x protocol 125 Misc Configuration In this page you can change the default configuration for the 802 1x standard 802 1x Configuration The page includes the following fields Object Quiet Period TX Period Supplicant Timeout Server Timeout Max Requests Reauth period GE DS 82 and NS2503 8P 2C Series User Manual Misc Configuration Figure 4 12 6 802 1x Misc Configuration interface Description Used to define periods of time during which it will not attempt to acquire
150. network traffic so only members of the VLAN receive traffic from the same VLAN members Basically creating a VLAN within a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch However all the network devices are still plugged into the same switch physically A station can belong to more than one VLAN group VLAN prevents users from accessing network resources of another on the same LAN thus the users can not see the hard disks and printers of another user in the same building VLAN can also increase the network performance by reducing the broadcast traffic and enhance the security of the network by isolating groups The GE DS 82 and NS2503 8P 2C series Managed Switch supports two types of VLANs E Port based E IEEE 802 10 tag based Only one of the two VLAN types can be enabled at one time Port based VLANs are VLANs where the packet forwarding decision is made based on the destination MAC address and its associated port You must define the outgoing ports allowed for each port when you use port based VLANs In port based VLANs the packets received from one port can only be sent to the ports which are configured to the same VLAN As shown in the following figure the switch administrator configured port 1 2 as VLAN 1 and port 3 4 as VLAN 2 The packets received from port 1 can only be forwarded to port 2 The packets received from port 2 can only be forwarded to port 1 That means the computer A can s
151. ng IGMP to see if there is at least one member of a multicast group on a given subnet work If there are no members on a sub network packets will not be forwarded to that sub network Give me multicast _ stream Multicast Receiver Multicast Transmitter EJ A IP PTV A Server N Switch C Receiver Give me multicast 4 stream Multicast r Bae Receiver D Figure 4 8 1 Multicast Service 102 GE DS 82 and NS2503 8P 2C Series User Manual B Multicast Receiver kh don t want Multicast the stream Transmitter A IPTV Server Switch Switch C Multicast r at Receiver Idontwant A s the stream l Multicast Receiver D Figure 4 8 2 Multicast flooding B Multicast Receiver Multicast LE GMP Snooping Transmitter Switch A IPTV Server Router IGMP Snooping Switch IGMP Snooping Switch I IGMP Snooping Multicast Switch Receiver Multicast Receiver D Figure 4 8 3 IGMP Snooping multicast stream control 103 GE DS 82 and NS2503 8P 2C Series User Manual IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group IGMP version 1 is defined in RFC 1112 It has a fixed packet size and no optional data The format of an IGMP packet is shown below IGMP Messag
152. nit 2 The unit 2 is in charge of PoE Port 5 Port 8 Temperature Threshold Allows user to set temperature threshold manually System will issue alert message to system log and syslog if PoE unit temperature is over the threshold Over Temperature Protection Enable Disable over temperature protection When the PoE temperature unit 1 unit 2 rises over 70 degree C then PoE power budget will be changed by 3 segments as following Over 70 Degree C power budget is 180 Watts Over 73 Degree C power budget is 170 Watts Over 76 Degree C power budget is 160 Watts Power limit mode Allow to configure power limit mode of Web Smart Device It can choose E Total Limit mode Customize power to PoE port E Classification mode Reserve power to PD by POE class level a Consumption mode Deliver power to PD by real power consumption PoE Usage Threshold Allows user to set the threshold value for issues alert message if PoE power usage over the vaule Power Allocation Show currently total POE power budget PoE Function Can enable or disable the PoE function PoE Schedule Allows user to set PoE schedule profile to offer POE power according to time table Priority Set port priority for the POE power management It can choose the port priority value is Critical m High E Low High priority is Critical Device class Class 0 is the default for PDs However to improve power
153. nning tree protocol MSTP 802 15 The switch with the lowest value has the highest priority and is selected as the root If the value is changed the user must reboot the switch The value must be a multiple of 4096 according to the protocol standard rule The number of seconds a switch waits without receiving Spanning tree Protocol configuration messages before attempting a reconfiguration Enter a value between 6 through 40 The time that controls the switch to send out the BPDU packet to check STP current status Enter a value between 1 through 10 The number of seconds a port waits before changing from its Rapid Spanning Tree Protocol learning and listening states to the forwarding state Enter a value between 4 through 30 8 GE DS 82 and NS2503 8P 2C Series User Manual Follow the rule as below to configure the MAX Age Hello Time and Forward Delay Time 2 x Forward Delay Time value 1 gt Max Age value gt 2 x Hello Time value 1 Note Each switch in a spanning tree adopts the Hello Time Forward Delay time and Max Age parameters of the root bridge regardless of how it is configured Note Root Bridge Information This page provides a status overview for all STP bridge instances The displayed table contains a row for each STP bridge instance where the column displays the following information The STP Bridge Status screen in Figure 4 5 5 appears Root Bridge Information
154. nts and NMSs SNMP is the Internet community s de facto standard management protocol 39 GE DS 82 and NS2503 8P 2C Series User Manual SNMP Operations SNMP itself is a simple request response protocol NMSs can send multiple requests without receiving a response Get Allows the NMS to retrieve an object instance from the agent E Set Allows the NMS to set values for object instances within an agent E Trap Used by the agent to asynchronously inform the NMS of some event The SNMPv2 trap message is designed to replace the SNMPv1 trap message SNMP community An SNMP community is the group that devices and management stations running SNMP belong to It helps define where information is sent The community name is used to identify the group A SNMP device or agent may belong to more than one SNMP community It will not respond to requests from management stations that do not belong to one of its communities SNMP default communities are m Write private m Read public System Options Use this page to define management stations You can also define a name location and contact person for the Managed Switch SNMP Configuration _ System Options _ pue e u oo Location frio Location OOOO i Contact INocontat SNMP Status Disable a LL po Help Figure 4 2 5 SNMP configuration interface The page includes the following fields Object Description e System Name An assigned name for this managed node By
155. o be used in the event of a failure of the primary link Once the Spanning Tree Protocol is configured and enabled primary links are established and duplicated links are blocked automatically The reactivation of the blocked links at the time of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users However the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured Please read the following before making any changes from the default values The Switch STP performs the following functions a Creates a single spanning tree from any combination of switching or bridging elements a Creates multiple spanning trees from any combination of ports contained within a single switch in user specified groups E Automatically reconfigures the spanning tree to compensate for the failure addition or removal of any element in the tree E Reconfigures the spanning tree without operator intervention 81 GE DS 82 and NS2503 8P 2C Series User Manual Bridge Protocol Data Units For STP to arrive at a stable network topology the following information is used E The unique switch identifier E The path cost to the root associated with each swi
156. o choose which port will be limited rate speed Type the port effective ingress rate The valid range is 0 8000 The unit is 128K 0 disable rate control 1 8000 valid rate value Type the port effective egress rate The valid range is 0 8000 The unit is 128K 0 disable rate control 1 8000 valid rate value 57 GE DS 82 and NS2503 8P 2C Series User Manual Port Status This page displays current port configurations and operating status it is a ports configurations summary table Via the summary table you can know status of each port clear at a glance like Port Link Up Link Down status negotiation Link Speed Rate Control Duplex mode and Flow Control NS2503 8P 2C ifs NS2503 8P 2C Port Status The following information provides a view of the current status of the unit v O j0 jO 0 eJWIN e viv o o un viv olo BE N Porio On bow of jon _ on Figure 4 3 3 Port Status interface Port Statistics The following chart provides the current statistic information which displays the real time packet transfer status for each port The user might use the information to plan and implement the network or check and find the problem when the collision or heavy traffic occurs Port Status The following information provides a view of the current status of the unit E Porti On Down Cone Pot3 On Dow Of
157. o delete static multicast group User has to input the multicast address port and VID again then press Delete button Static Multicast Table Static Multicast addresses currently defined on the switch are listed below Click Add to add a new static entry to the address table IP Address PORT VID tP Address lt Remove VLAN ID Figure 4 8 6 Static Multicast Table Interface 108 GE DS 82 and NS2503 8P 2C Series User Manual The page includes the following fields Object Description IP Address Allows user to input multicast address group Allows multicast streaming to indicate port Remove Remove multicast streaming from indicate port VLAN ID Allows user to input VLAN ID for streaming multicast packet Add Allows user to add static multicast information to IGMP Snooping table Allows user to delete static multicast information from IGMP Snooping table Click this button shows help description QoS Configuration Understand QoS Quality of Service QoS is an advanced traffic prioritization feature that allows you to establish control over network traffic QoS enables you to assign various grades of network service to different types of traffic such as multi media video protocol specific time critical and file backup traffic QoS reduces bandwidth limitations delay loss and jitter It also provides increased reliability for delivery of your data and allows you to prioritize certain applications
158. onfig poe usage threshold 10 Switch config show poe Maximum Available Power 150Watts System Operation Status on POE Admin mode Enable Temperature Unit1 38C 100F Temperature Unit2 35C 95F Over Temperature PoE Power Consumption Temperature Threshold Usage Usage Threshold PoE Power limit mode O watts 30 60 0 10 Consumption poe set Description Configure System PoE schedule profile Command Level Global Configuration Syntax 179 poe set profile lt 1 7 gt lt on off gt port list Parameters lt profile gt Set profile lt 1 7 gt 1 7 Week day From Monday 1 to Sunday 7 lt on off gt Enable or Disable POE port at the hour lt port list gt Hour list e g 3 6 8 Example GE DS 82 and NS2503 8P 2C Series User Manual Switch config Switch config poe set profile1 1 on 3 Configure PoE Port poe enable Description Enabling or disabling the port POE injects function Command Level Global Configuration Syntax poe enable lt port list gt no poe enable lt port lisi gt Parameters lt port list gt specifies the ports to be set If not entered all ports are set Example Switch config poe enable 1 Switch config show poe status 1 Power Admin Oper Priority Power Limit W Port1 Enable on 802 3at Switch config no poe enable 7 Switch config show poe status 1 Priority Power Limit W Port1 Disable on 802 3at
159. ontrol in steps of 128Kbps RX TX Both 1 to 1 monitor 802 1x Port Based Network access control MAC Limi Security a Static MAC MAC Filtering Access Control List Supports up to 220 rule entries RFC 1157 SNMP MIB RFC 1213 MIB II RFC 1215 Trap RFC 2863 Interface MIB RFC 1493 Bridge MIB RFC 2674 Extended Bridge MIB Q Bridge RFC 1643 RFC 2665 EtherLike MIB RFC 2819 RMON MIB Group 1 2 3 9 RFC 2737 Entity MIB POWER ETHERNET MIB Power over Ethernet IEEE 802 3af PoE PSE PoE Standard EEESO23afPoE PsE IEEE S02 Saf PoE PSE POE Power Supply Type ___ End Span _______ End Span_ _ A O Max 15 4 Watts Max 30 Watts Power Pin Assignment 1 2 3 6 120360 _PoE PowerBudget______ ___ o Max number of Class2 PD Max number of Class 3PD B Max numberofClass4PD A O Standards Conformance Safety FCC Part 15 Class A CE IEEE 802 3 10Base T IEEE 802 3u 100Base TX 100Base FX IEEE 802 3z Gigabit SX LX IEEE 802 3ab Gigabit 1000Base T IEEE 802 3x Flow Control and Back pressure Standards Compliance IEEE 802 1D Spanning tree protocol IEEE 802 1w Rapid spanning tree protocol IEEE 802 1p Class of service IEEE 802 1Q VLAN Tagging IEEE 802 1x Port Authentication Network Control IEEE 802 3af Power over Ethernet GE DS 82 POE only 12 GE DS 82 and NS2503 8P 2C Series User Manual RFC 768 UDP RFC 793 TFTP RFC 791 IP RFC 792 ICMP RFC 2068 HTTP
160. or multiple customers across their networks QinQ tunneling is used to maintain customer specific VLAN and Layer 2 protocol configurations even when different customers use the same internal VLAN IDs This is accomplished by inserting Service Provider VLAN SPVLAN tags into the customer s frames when they enter the service provider s network and then stripping the tags when the frames leave the network A service provider s customers may have specific requirements for their internal VLAN IDs and number of VLANs supported VLAN ranges required by different customers in the same service provider network might easily overlap and traffic passing through the infrastructure might be mixed Assigning a unique range of VLAN IDs to each customer would restrict customer configurations require intensive processing of VLAN mapping tables and could easily exceed the maximum VLAN limit of 4096 ee ee e e Customer A s LAN Customer A s LAN Headquarter RIE AAA MAN Service Provider Domain Q in Q Q in Q lt 4 Backbone Core Switch MAN Edge Switch VLAN 1 30 VLAN 1 30 Customer B s LAN Customer B s LAN Headquarter 74 GE DS 82 and NS2503 8P 2C Series User Manual The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge aggregating traffic from numerous independent customer LANs into the MAN Metro Access Network space One of the purposes of th
161. ority e Port Base priority E Strict priority and weighted round robin WRR CoS policies E Ingress Egress Bandwidth control on each port gt Multicast E IGMP Snooping v1 and v2 IGMP Snooping v2 fast leave IGMP Query mode for Multicast Media application Three IGMP Router modes Auto Static and Forbidden Static Multicast Table gt Security m IEEE 802 1x Port Based network access control protocol RADIUS users access authentication L3 L4 Access Control List ACL Source IP MAC Port Binding Port Security for Source MAC address entries filtering gt Management E Switch Management Interface Telnet Command Line Interface Web switch management SNMP v1 v2c v3 switch management SSL switch management DHCP client for IP address assignment DHCP Option82 and DHCP Relay Link Layer Discovery Protocol LLDP for easy network management Built in Trivial File Transfer Protocol TFTP client Firmware upgrade via TFTP or HTTP Configuration restore backup via TFTP or HTTP Event message logging to remote Syslog server Four RMON groups 1 2 3 9 history statistics alarms and events SNMP trap for interface Link Up and Link Down notification Supports Ping function gt Power over Ethernet GE DS 82 POE and NS2503 8P 2C m Complies with IEEE 802 3af IEEE 802 3at Power over Ethernet End Span PSE NS2503 8P 2C only a Up to 8 IEEE 802 3af devices powered E Up to 5 IEEE 802 3at device powered NS2503 8P 2C only E
162. orm independent management and configuration facility lt supports standard Simple Network Management Protocol SNMP and can be monitored via any standard based management software For efficient management via WEB interface the GE DS 82 and NS2503 8P 2C series can be programmed for basic switch management functions such as port speed configuration Port Trunking VLAN Port Mirroring Rapid Spanning Tree and Misc Configuration Additionally the firmware includes advanced features such as IGMP snooping QoS Quality of Service broadcast storm and bandwidth control to enhance bandwidth utilization Powerful Security The IFS GE DS 82 and NS2503 8P 2C series offers comprehensive Access Control List ACL for enforcing security to the edge Its protection mechanisms comprises of Port based 802 1X user and device authentication Moreover the switch provides MAC filter and Static MAC for enforcing security policies to the edge The administrators can now construct highly secured corporate networks with considerably less time and effort than before GE DS and NS2503 Series User Manual Power over Ethernet of GE DS 82 POE and NS2503 8P 2C The POE in line power following the standards IEEE 802 3af IEEE 802 3at makes the GE DS 82 POE and the NS2503 8P 2C able to power on 8 PoE devices at the distance up to 100 meters through the 4 pair Cat 5 5e UTP wire How to Use This Manual This User Manual is structured as follows INSTALLATION The section
163. ort opens the Port Statistics page The port states are illustrated as follows State Disabled Down Link RJ 45 Ports SFP Ports PoE Ports Main Menu Using the onboard web agent you can define system parameters manage and control the Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can setup the Managed Switch by select the functions those listed in the Main Function The screen in Figure 4 1 4 appears 32 System GE DS 82 and NS2503 8P 2C Series User Manual Figure 4 1 4 Managed Switch Main Functions Menu Use the System menu items to display and configure basic administrative details of the Managed Switch Under System the following topics are provided to configure and view the system information This section has the following items System Information IP Configuration SNMP Configuration Firmware Upgrade Configuration Backup Factory Default System Reboot Provides basic system description including contact information Sets the IP address for management access Configure SNMP agent and SNMP Trap Upgrade the firmware via TFTP server or Web Brower file transfer Save view the Managed Switch configuration to remote host Upload the switch configuration from remote host Reset the configuration of the Managed Switch Restarts the Managed Switch 33 GE DS 82 and NS2503 8P 2C Series User Manual System Information In System informatio
164. power from 00 00 to 23 00 the unit is hour Sun Sat Allows system to supply PoE power from Sunday to Saturday Apply Click Apply button to save configuratipon After we finished profile setting and then we have to get back to PoE Configuration WEB page and select Schedule option from PoE function then we can select profile from PoE Schedule which we want to apply to the PoE port The web screen in Figure 4 13 4 appears Please be noticed before we use PoE schedule function that we must set up SNTP on the switch first and make sure the SNTP has been worked well 133 GE DS 82 and NS2503 8P 2C Series User Manual PoE Configuration Enable On PoE Temperature Unit 1 389C 1000F PoE Temperature Unit 2 DC 95 F Temperature Threshold Over Temperature Protection PoE Usage Threshold 100 Do E tior Schedule w Profiled 802 3at Critica NE n y enz3a y omar e a Schedule w Profiles 802 3a Critica p og Schedule iv Profiles v Schedule w Frofile4 Schedule Profi 802 23 1 7 e Total Figure 4 13 4 PoE Configuration Interface DHCP Relay amp Option 82 The Relay Agent Information option Option82 is inserted by the DHCP relay agent when forwarding client originated DHCP packets to a DHCP server RFC 3046 Servers recognizing the Relay Agent Information option may use the information to implement IP address or other parameter assignment policies The
165. pply a popup dialog shows up to inform the user that when the DHCP client is enabled the current IP will lose and user should find the new IP on the DHCP server IP Address Assign the IP address that the network is using 37 Subnet Mask Gateway GE DS 82 and NS2503 8P 2C Series User Manual If DHCP client function is enabled this switch is configured as a DHCP client The network DHCP server will assign the IP address to the switch and display it in this column The default IP is 192 168 0 100 or the user has to assign an IP address manually when DHCP Client is disabled Assign the subnet mask to the IP address If DHCP client function is disabled the user has to assign the subnet mask in this column field Assign the network gateway for the switch If DHCP client function is disabled the user has to assign the gateway in this column field The default gateway is 192 168 0 254 38 GE DS 82 and NS2503 8P 2C Series User Manual SNMP Configuration SNMP Overview The Simple Network Management Protocol SNMP is an application layer protocol that facilitates the exchange of management information between network devices It is part of the Transmission Control Protocol Internet Protocol TCP IP protocol suite SNMP enables network administrators to manage network performance find and solve network problems and plan for network growth NS2503 8P 2C ifs NS2503 8P 2C SNMP Configuration System Options
166. pt IP Address Figure 4 2 15 Configuration Backup interface The page includes the following fields Object Description TFTP Server IP Address Type in the TFTP server IP Backup File Name Type in the file name Save config except IF Address Saves configuration without IP address Click here to download configuation file e PETUA A AONA CO A Click here to download configuation file except IP Address Uk the hyper link to download configuration file without IP address 49 GE DS 82 and NS2503 8P 2C Series User Manual Factory Default Reset switch to default configuration Click Default to reset all configurations to the default value 2 4 6 8 10 1 3 S 9 El 110 Home NS2503 8P 2C NS2503 8P 2C Factory Default System Information IP Configuration Reset Switch to Default Configuration Console Port Info Reset System Log SMTP Setting SNTP Setting Firmware Upgrade Configuration Backup Factory Default System Reboot EH E E Figure 4 2 16 Factory Default interface System Reboot Reboot the switch in software reset Click Reboot to reboot the system Home Boo n LE NS2503 8P 2C 2 4 6 6 10 NS2503 8P 2C System Reboot System Information IP Configuration Console Port Info Reboot Help SNMP Configuration Syslog Setting System Log SMTP Setting SNTP Setting Firmware Upgrade System Reboot Figure 4 2 17 System Reboot interface 50 GE DS 82 and NS25
167. rameters lt Consumption gt Power is allocated according to the actual need of each PD lt Classification gt The system will handle power allocation according to class 0 to 4 lt Total Limit gt Set limit value of the total POE port provided power to the PDs Example Switch config poe limit mode Consumption Switch config show poe Maximum Available Power 150Watts System Operation Status on POE Admin mode Enable Temperature Unit1 38C 100F Temperature Unit2 35C 95F Over Temperature i aa PoE Power Consumption ae Temperature Threshold U 0 A 100 Usage Threshold Cc i i PoE Power limit mode enh ee poe admin mode Description Configure System PoE Admin mode information Command Level Global Configuration Syntax poe admin mode enable disable no poe admin mode Parameters lt enable gt Enable POE lt disable gt Disable POE PoE admin mode command has included in NS2503 8P 2C only Example Switch config poe admin mode enable 177 Switch config show poe Maximum Available Power System Operation Status POE Admin mode Temperature Unit Temperature Unit2 Over Temperature PoE Power Consumption Temperature Threshold Usage Usage Threshold PoE Power limit mode GE DS 82 and NS2503 8P 2C Series User Manual 150Watts on Enable 38C 100F 35C 95F 55 watts 30 60 0 100 Consumption Switch config poe admin mode disable Switc
168. re also assigned a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVID within the switch to VID on the network The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VID are different the switch will drop the packet Because of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can have only one PVID but can have as many VID as the switch has memory in its VLAN table to store them Because some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged m Default VLANs The Managed Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the default As new VLAN are configured in Port based mode their respective member ports are removed from the default E VLAN and Link aggregation Groups In order to use VLAN segmentation in conjunction with port link aggregation groups you can first se
169. rity lowering the priority number of the best switch STP can be forced to select the best switch as the root switch When STP is enabled using the default parameters the path between source and destination stations in a switched network might not be ideal For instance connecting higher speed links to a port that has a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pass through a network This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops Ports must wait for new network topology information to propagate throughout the network before starting to forward packets They must also wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology The forward delay timer is used to allow the network topology to stabilize after a topology change In addition STP specifies a series of states a port must transition through to further ensure that a stable network topology is created after a topology change 82 GE DS 82 and NS2503 8P 2C Series User Manual Each port on a switch using STP exists is in one of the following five states Blocking the port is blocked from forwarding or receiving packets Listening the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state Learning t
170. rmation Syntax show spanning tree mst lt 0 15 gt Parameters lt 0 15 gt specifies the MSTI instance ID show spanning tree mst lt 0 15 gt port lt 1 10 gt Description Show specific port information of MST instance Syntax show spanning tree mst lt 0 15 gt port lt 1 10 gt Parameters lt 0 15 gt specifies the MSTI instance ID lt 1 10 gt specifies port number show vlan spanning tree Description Show per VLAN per port spanning tree status Syntax show vlan spanning tree SNMP GE DS 82 and NS2503 8P 2C Series User Manual Any Network Management running the simple Network Management Protocol SNMP can be management the switch System Options Snmp no snmp Description Enable or disable SNMP Show snmp status Description Show the enable or disable status of SNMP snmp system name Description Set agent system name string Syntax snmp system name lt name str gt Parameters lt name str gt specifies the system name string e g snmp system name SWITCH snmp system location Description Set agent location string Syntax snmp system location lt ocation str gt Parameters 167 GE DS 82 and NS2503 8P 2C Series User Manual lt location str gt specifies the location string e g snmp system location office snmp system contact Description Set agent system contact string Syntax snmp system contact lt contact str gt Parameters lt contact str gt specif
171. rning off and turning on port for flooding CPU port O disable Broadcast Storm Filter Mode OFF w Broadcast Storm Filter Packet select _ Broadcast Packets IP Multicast DD Control Packets Flooded Unicast Multicast Packets Collisions Retry Forever Disable v Hash Algorithm CRC Hash w IP MAC Binding Disable vw 802 1x Protocol Disable v Figure 4 2 2 Switch Misc Config screenshot The page includes the following fields Object Description Type the number of seconds that an inactive MAC address remains in the MAC Address Age out switch s address table The value is a multiple of 6 une Default is 300 seconds To configure broadcast storm control enable it and set the upper threshold for Broadcast Storm Filter individual ports The threshold is the percentage of the port s total bandwidth Mode used by broadcast traffic When broadcast traffic for a port rises above the threshold you set broadcast storm control becomes active 35 Broadcast Storm Filter Packets Select Collision Retry Forever Hash Algorithm IP MAC Binding 802 1x protocol Apply button GE DS 82 and NS2503 8P 2C Series User Manual The valid threshold values are 1 2 1 4 1 8 1 16 and OFF Default is OFF To select broadcast storm Filter Packets type If no packets type by selected mean can not filter any packets The Broadcast Storm Filter Mode will show OFF The selectable items as below e Broadcast Pa
172. sed by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no frames with the corresponding SMAC address have been seen after a configurable age time Dynamic MAC Table Entries in the MAC Table are shown on this page The Dynamic MAC Table contains up to 8192 entries and is sorted first by VLAN ID then by MAC address You can view all of the dynamic MAC addresses learned by the listed port Forwarding and Filtering Dynamic MAC Table Static MAC Table MAC Filtering Click Clear will clear Dynamic addresses from the switch Clear Dynamic addresses currently learned on the switch are listed below There are total 2 Mac Adresses Figure 4 7 1 Dynamic MAC Address interface 99 GE DS 82 and NS2503 8P 2C Series User Manual MAC Table Columns Object Description NO The MAC addresses index entry MAC The MAC address of the entry PORT The ports that are members of the entry VID The VLAN ID of the entry Type Indicates whether the entry is a static or dynamic entry Query Allowsuser input relate information as above to search MAC address information from this table a Click Clear to clear the dynamic MAC addresses information of the current port shown on the screen Static MAC Table You can add a static MAC address that remains in the switch s address table regardless of whether the device is physically connected to the s
173. server it is available in Cisco Secure Access Control Server version 3 0 RADIUS operates in a client server model in which secure authentication information is exchanged between the RADIUS server and one or more RADIUS clients O Switch 802 1X device controls the physical access to the network based on the authentication status of the client The switch acts as an intermediary proxy between the client and the authentication server requesting identity information from the client verifying that information with the authentication server and relaying a response to the client The switch includes the RADIUS client which is responsible for encapsulating and decapsulating the Extensible Authentication Protocol EAP frames and interacting with the authentication server When the switch receives EAPOL frames and relays them to the authentication server the Ethernet header is stripped and the remaining EAP frame is re encapsulated in the RADIUS format The EAP frames are not modified or examined during encapsulation and the authentication server must support EAP within the native frame format When the switch receives frames from the authentication server the server s frame header is removed leaving the EAP frame which is then encapsulated for Ethernet and sent to the client E Authentication Initiation and Message Exchange The switch or the client can initiate authentication If you enable authentication on a port by using the dot1x port control au
174. st gt specifies the ports to be set to LACP active no trunk Description Delete an existing trunk group Syntax no trunk lt trunk id gt Parameters lt trunk id gt specifies the trunk group to be deleted LACP Command no lacp Description Enable disable LACP 150 lacp system priority Description Set LACP system priority Syntax lacp system priority lt 1 65535 gt Parameters lt 1 65535 gt specifies the LACP system priority no lacp system priority Description Set LACP system priority to the default value 32768 show lacp status Description Show LACP enable disable status and system priority show lacp Description Show LACP information Switch config show lacp status LACP is enabled LACP system priority 32768 GE DS 82 and NS2503 8P 2C Series User Manual show lacp agg Description Show LACP aggregator information Syntax show lacp agg lt trunk id gt Parameters lt trunk id gt specifies the trunk group to be shown show lacp port Description Show LACP information by port Syntax show lacp port lt port id gt Parameters lt port id gt specifies the port to be shown VLAN group If VLAN group exist all of the members of static trunk group must be in same 151 GE DS 82 and NS2503 8P 2C Series User Manual VLAN Configuration Virtual LANs A Virtual LAN VLAN is a logical network group that limits the broadcast domain It allows you to isolate
175. still to fill in the authentication server information Broadcast Storm Filter Packet select Dl Broadcast Packets CIP Multicast Ll Control Packets Flooded Unicast Multicast Packets Collisions Retry Forever 15 bus Hash Algorithm CRC Hash vi IP MAC Binding Disable w 802 1x Protocol Costur Fe stem information Misc Configuration 802 1x Protocol Figure 4 12 3 Sy After enabling the IEEE 802 1X function you can configure the parameters of this function System Configuration PerPort Configuration Misc Configuration Configure 802 1x Parameters Radius Server IP 192 168 0 99 Server Port 1812 Accounting Port 1813 Shared ker OOOO NAS Identifier NAS L2 SWITCH Figure 4 12 4 802 1x System Configuration interface 123 The page includes the following fields Object IEEE 802 1x Protocol Radius Server IP Server Port Accounting Port Shared Key NAS Identifier GE DS 82 and NS2503 8P 2C Series User Manual Description Enable or disable 802 1x protocol Assign the RADIUS Server IP address Set the UDP destination port for authentication requests to the specified RADIUS Server Set the UDP destination port for accounting requests to the specified RADIUS Server Set an encryption key for using during authentication sessions with the specified RADIUS server This key must match the e
176. t field E Non Pv4 Set non lpv4 packet field E Binding Set binding entry A 00 11 22 33 44 55 is represent a digit from 0 9 and A F is range from 0 to FF Re AEREAS 0 0 0 0 is represent a digit from 0 9 is range from 0 to 255 Source port id from 1 10 1 You create ACL and Binding groups 118 GE DS 82 and NS2503 8P 2C Series User Manual MAC Limit MAC limit allows users to set a maximum number of MAC addresses to be stored in the MAC address table The MAC addresses chosen to be stored in MAC address table is the result of first come first save policy Once a MAC address is stored in the MAC address table it stays in until it is aged out When an opening is available the switch stored the first new MAC address it sees in that opening All packets from MAC addresses not in the MAC address table should be blocked MAC Limit Configuration The Layer 2 MAC Limit function can be per port configured for security management purposes When the port is in MAC Limit mode the port will be locked without permission of address learning Only the incoming packets with Source MAC already existing in the address table can be forwarded normally User can disable the port from learning any new MAC addresses MAC Limit Configure MAC Limit MAC Limit Limit 1 64 0 to turn off MAC limit Port Number Figure 4 11 1 MAC Limit Configure MAC Limit The page includes the following fields Object Description M
177. t generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications You are cautioned that any changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Notice This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures This Class A digital apparatus complies with Canadian ICES 003 Cet appareil num rique de la classe A est conforme la norme NMB 003du Canada 2004 108 EC EMC Directive Hereby UTC Fire amp Security Americas Corporation Inc declares that this device is in compliance with the essential requirements and other relevant provisions of Directive 2004 108 EC 2002 96 EC WEEE directive Products marked with this symbol cannot be disposed of as unsorted municipal waste in the European Union For proper recycling return this product to your local supplier upon the purchase of equivalent new equipment or dispose of it at designated collection points For more information see www recyclethis info For contact information see our Web site www interlogix com www interlogix com customer support GE DS and NS2503 Series User Manual TABLE OF CONTENTS IFS NS2503 8P 2C IFS GE DS 82 IFS GE DS 82 POE USER MANUAL
178. t the port link aggregation group s and then you may configure VLAN settings If you wish to change the port link aggregation grouping with VLAN already in place you will not need to reconfigure the VLAN settings after changing the port link aggregation group settings 65 GE DS 82 and NS2503 8P 2C Series User Manual VLAN settings will automatically change in conjunction with the change of the port link aggregation group settings Static VLAN Configuration A Virtual LAN VLAN is a logical network grouping that limits the broadcast domain It allows you to isolate network traffic so only members of the VLAN receive traffic from the same VLAN members Basically creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch However all the network devices are still plug into the same switch physically The Managed Switch supports Port based and 802 1Q Tagged based VLAN in web management page In the default configuration VLAN support is 802 1Q Static VLAN VLAN Operation Mode 802 19 No VLAN Port Based VLAN 1802 10 VLAN filter VLAN Information DEFAULT 1 Figure 4 4 1 Static VLAN interface 1No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing function between the VLAN 2 The Managed Switch supports Port based VLAN and IEEE 802 1Q VLAN
179. tch port a The port identifier STP communicates between switches on the network using Bridge Protocol Data Units BPDUs Each BPDU contains the following information a The unique identifier of the switch that the transmitting switch currently believes is the root switch E The path cost to the root from the transmitting port E The port identifier of the transmitting port The switch sends BPDUs to communicate and construct the spanning tree topology All switches connected to the LAN on which the packet is transmitted will receive the BPDU BPDUs are not directly forwarded by the switch but the receiving switch uses the information in the frame to calculate a BPDU and if the topology changes initiates a BPDU transmission The communication between switches via BPDUs results in the following E One switch is elected as the root switch E The shortest distance to the root switch is calculated for each switch E A designated switch is selected This is the switch closest to the root switch through which packets will be forwarded to the root a A port for each switch is selected This is the port providing the best path from the switch to the root switch El Ports included in the STP are selected Creating a Stable STP Topology It is to make the root port used the fastest link If all switches have STP enabled with default settings the switch with the lowest MAC address in the network will become the root switch By increasing the prio
180. tch to function in Disable mode The Tag Protocol Identifier TPID specifies the ethertype of incoming packets on a tunnel access port e 802 1Q Tag 8100 e vMAN Tag 88A8 Default 802 1Q Tag Check Sets the Port to QinQ mode Or the port operates in its normal VLAN mode Default Un check Check Configures IEEE 802 1Q tunneling QinQ for an uplink port to another device within the service provider network Cancel Configures IEEE 802 1Q tunneling QinQ for a client access port to segregate and preserve customer VLAN IDs for traffic crossing the service provider network 76 GE DS 82 and NS2503 8P 2C Series User Manual Q in Q Tunnel Setting Business customers of service providers often have specific requirements for VLAN IDs and the number of VLANs to be supported The VLAN ranges required by different customers in the same service provider network might overlap and traffic of customers through the infrastructure might be mixed Assigning a unique range of VLAN IDs to each customer would restrict customer configurations and could easily exceed the VLAN limit 4096 of the IEEE 802 10 specification Using the QinQ feature service providers can use a single VLAN to support customers who have multiple VLANs Customer VLAN IDs are preserved and traffic from different customers is segregated within the service provider network even when they appear to be in the same VLAN Using QinQ expands VLAN space by using a VLAN in VLAN
181. the maximum age in seconds Default value is 20 Es The parameters must enforce the following relationships 2 hello time 1 lt maximum age lt 2 forward delay 1 Note spanning tree priority Description Set spanning tree bridge priority of CIST and all MSTIs Syntax spanning tree priority lt 0 61440 gt Parameters lt 0 61440 gt specifies the bridge priority The value must be in steps of 4096 Default value is 32768 163 GE DS 82 and NS2503 8P 2C Series User Manual show spanning tree Description Show spanning tree information show spanning tree port Description Show spanning tree per port information Syntax show spanning tree port lt port list Parameters lt port list gt specifies the port to be shown Null means all ports no spanning tree debug Description Enable or disable spanning tree debugging information spanning tree protocol version Description Change spanning tree protocol version of CIST Syntax spanning tree protocol version lt stp mstp gt Parameters stp specifies the original spanning tree protocol STP 802 1d mstp specifies the multiple spanning tree protocol MSTP 802 1s spanning tree max hops Description Set spanning tree bridge maximum hops of CIST and all MSTIs Syntax spanning tree max hops lt 1 40 gt Parameters lt 1 40 gt specifies the bridge maximum hops Default value is 20 spanning tree name Description Set spanning tree brid
182. tifies the priority of the incoming IP packets based on the configured priority 4 bit4 bit 6 bit 2 bit VER 0100 DiffServ VLAN Destination Source Ethernet Type Preamble TAG Address Address 0800 Optional 6 bytes6 bytes4 bytes 2 bytes 2 bytes46 1517 bytes 4 bytes Figure 4 9 4 Pv4 frame format The DSCP is six bits wide allowing coding for up to 64 different forwarding behaviors The DSCP retains backward compatibility with the three precedence bits so that non DSCP compliant TOS enabled devices will not conflict with the DSCP mapping Based on network policies different kinds of traffic can be marked for different kinds of forwarding 113 GE DS 82 and NS2503 8P 2C Series User Manual TOS DSCP Configuration The TOS DSCP page provides fields for defining output queue to specific DSCP fields When TCP IP s TOS DSCP mode is applied the Managed Switch recognizes TCP IP Differentiated Service Codepoint DSCP priority information from the DS field defined in RFC2474 Enable TOS DSCP for traffic classification and then the DSCP to priority mapping column is configurable as the Figure 4 9 5 shows TOS DSCP ure TOSIDSCP OS DSCP Enable v I DSCP1 al DSCP3 DSCP4 DSCPS E 4 __TOSIDSCP Cont pscrp1io o Figure 4 9 5 QoS Configuration TOS Priority The page includes the following fields Object Description TOS DSCP ahai Disable internal traffic class 0 7 to map the corresponding
183. tightly Step4 Follow the same steps to attach the second bracket to the opposite side Step5 After the brackets are attached to the Managed Switch use suitable screws to securely attach the brackets to the rack as shown in Figure 2 11 Figure 2 11 Mounting the Switch in a Rack Step6 Proceeds with the steps 4 and steps 5 of session 2 2 1 Desktop Installation to connect the network cabling and supply power to the Managed Switch 20 GE DS 82 and NS2503 8P 2C Series User Manual Installing the SFP Transceiver The sections describe how to plug in an SFP transceiver into an SFP slot The SFP transceivers are hot swappable You can plug in and out the transceiver to from any SFP port without a need to shut down the Managed Switch As the Figure 2 12 appears SFP Transceiver LC Fiber Cable Figure 2 12 Plug in the SFP transceiver Approved IFS SFP Transceivers IFS Managed switches supports both single mode and multi mode SFP transceivers Please refer to below chart as well as IFS website for latest compatible SFP modules 1000Base SX LX SFP transceiver Gigabit 1000Mbps a ei lts PR e std EN Aia amb Copper RJ45 S30 RJ SFP 1000T 7 Copper RJ 45 a 100m 7 0 50 C 1000Base SX S30 2MLC 1000Base SX 2 Multl mode LC 850nm esonm 220nv550m 9 5 4 A 7 5 0 50 C S35 2MLC 1000Base SX 2 Multl mode LC 850nm g50nm 220nv550m 9 5 4 17 7 5 40 75 C 30 2MLC
184. tion Show port monitoring information Quality of Service There are four transmission queues with different priorities in the Managed Switch Highest SecHigh SecLow and Lowest The Managed Switch will take packets from the four queues according to its QoS mode setting If the QOS mode was set to Disable the Managed Switch will not perform QoS on its switched network If the QoS mode was set to High Empty Then Low the Managed Switch will never exhaust packets from a queue until the queues with higher priorities are empty If the QoS mode was set to weight ratio the Managed Switch will exhaust packets from the queues according to the ratio The default value of QoS mode is weight 8 4 2 1 That means the switch will first exhaust 8 packets from the queue with highest priority and then exhaust 4 packets from the queue with second high priority and so on When the switch received a packet the switch has to decide which queue to put the received packet into In the Managed Switch it will put received packets into queues according to the settings of 802 1p Priority and Static Port Ingress Priority When the received packet is an 802 1p tagged packet the switch will put the packet into a queue according to the 802 1p Priority setting Otherwise the switch will put the packet into a queue according the setting of Static Port Ingress Priority m 802 1p Priority the 802 1p packet has a priority tag in its packet he
185. to 121 GE DS 82 and NS2503 8P 2C Series User Manual interface configuration command the switch must initiate authentication when it determines that the port link state transitions from down to up It then sends an EAP request identity frame to the client to request its identity typically the switch sends an initial identity request frame followed by one or more requests for authentication information Upon receipt of the frame the client responds with an EAP response identity frame However if during bootup the client does not receive an EAP request identity frame from the switch the client can initiate authentication by sending an EAPOL start frame which prompts the switch to request the client s identity If 802 1X is not enabled or supported on the network access device any EAPOL frames from the client are dropped If the client does not receive an EAP request identity frame after three attempts to start authentication the client transmits frames as if the port is in the authorized state A port in the authorized state effectively means that the client has been successfully authenticated When the client supplies its identity the switch begins its role as the intermediary passing EAP frames between the client and the authentication server until authentication succeeds or fails If the authentication succeeds the switch port becomes authorized The specific exchange of EAP frames depends on the authentication method being used
186. to Refer to Appendix B This web page provide user configuration for switch management access level the web screen in Figure 4 16 1 appears Users Configuration Username Access Level Edit 1 adm IMast Admi Edit admin Master_Admin Exit Add New User Figure 4 16 1 User Configuration Interface Screenshot The page includes the following fields Object Description Username Display Username of the Managed Switch Access Level Display the access level of the Managed Switch Edit Provide edit current specific user setting Provide add new user setting of the Managed Switch the web screen in Figure Add New User 4 16 2 appears 138 GE DS 82 and NS2503 8P 2C Series User Manual Add Edit User This page configures a user add edit or delete user Add User User Name Tom Assign Change Password Recontirm Password Figure 4 16 2 Add New User Configuration Interface Screenshot The page includes the following fields Object Description User Name Assign Username for the Managed Switch Assign the access level of the Managed Switch the available options are Security Admin a Master Admin a Master Viewer Access Level E IT Admin E IT Viewer a o Security Viewer Assign Change Password Assign password for the Managed Switch Reconfirm Password Input password again to confirm setting Apply Press this button to take affect Delete the current user This button is not avail
187. to different domain so user has to set a valid account for relaying mail If the mail just sends to the same domain it may no need SMTP authentication Please consult to your network administrator first User Mail Account l i For inputting mail account name not mail address Password For inputting mail account password Sender email address For inputting the e mail address from administrator Mail to Allows user to input mail address which who will be noticed alarm 52 SNTP GE DS 82 and NS2503 8P 2C Series User Manual It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol TFTP server Before updating make sure the TFTP server is ready and the firmware image is located on the TFTP server SNTP Setting SNTP Disable y SNTP server IP UTC Type Before UTC Time Range p Time DO Apply Help Figure 4 2 20 SNTP Setting Screenshot The page includes the following fields Object SNTP SNTP server IP UTC Type Time Range 0 24 Time Apply Help System Log Description Provide Disable or enable SNTP function Provide inputting the SNTP server IP address Provide Before UTC and After UTC options for UTV Type Provide input the time range and the available range is 0 to 24 Provide SNTP Time display Press this button to take affect Press this button for SNTP Setting information The System Log setting p
188. ual Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods E Web browser interface E An external SNMP based network management application E An administration console The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use Each of these management methods has their own advantages Table 3 1 compares the three management methods Method Advantages Disadvantages Web Browser e Ideal for configuring the switch remotely e Security can be compromised hackers need e Compatible with all popular browsers only know the IP address and subnet mask e Can be accessed from any location e May encounter lag times on poor connections e User friendly GUls SNMP Agent e Communicates with switch functions at the MIB level e Based on open standards Requires SNMP manager software Least visually appealing of all three methods Some settings require calculations Security can be compromised hackers need only know the community name Console e No IP address or subnet needed e Must be near switch or use dial up connection e Text based e Not convenient for remote users e Telnet functionality and HyperTerminal e Modem connection may prove to be unreliable built into Windows or slow 95 98 NT 2000 ME XP operating systems e Secure Table 3 1 Management Methods Comparison 24 GE DS 82
189. ugh the new IP address If you are not familiar with console command or the related parameter enter help anytime in console to get the help description You can change these settings if desired after you log on This management method is often preferred because you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP 143 GE DS 82 and NS2503 8P 2C Series User Manual Commands Level The following table lists the CLI commands and description The user commands available at the user level are a subset of those available at the privileged level Use this mode to e Perform basic tests e Display system information The privileged command is the Enter the enable l advanced mode ee Enter disable to Use this mode to caen e exit e Display advanced function User EXEC mode Play status e Save configuration Enter the configure To exit to Use this mode to configure command while in privileged EXEC those parameters that are privileged EXEC Switen contig mode enter exit going to be applied to your mode or end switch Begin a session switchs Enter logout or with your switch quit 144
190. ulticast Flood unicast multicast filter E Control Packets Control packets filter E IP multicast P multicast packets filter E Broadcast Packets Broadcast Packets filter Syntax broadcast select lt unicast multicast control packet ip multicast broadcast gt Collision Retry Description Collision Retry setting Syntax Collision Retry lt off 16 32 48 gt Parameters 16 32 48 In Half Duplex collision retry maximum is 16132148 times and packet will be dropped if collisions still happen Disable In Half Duplex if happen collision will retry forever Default Administration Configuration Change Username Password hostname Description Set switch name Syntax hostname lt name str gt Parameters lt name str gt specifies the switch name If you would like to have spaces within the name use quotes around the name 156 GE DS 82 and NS2503 8P 2C Series User Manual no hostname Reset the switch name to factory default setting no password Description Set or remove username and password for manager or operator Syntax no password lt manager operator all gt Parameters The manager username and password is also used by the web UI IP Configuration User can configure the IP setting and fill in the new value ip address Description Set IP address and subnet mask Syntax ip address lt ip addr gt lt ip mask gt ip default gateway Description Set the def
191. upply power PoE PSU Status Display current PoE power supply working status PoE Temperature Unit Display the current operating temperature of PoE chip unit Temperature Threshold Allows setting over temperature protection threshold value It system temperature was over it then system lower total POE power budget automatically Over Temperature Protection Enable Disable over temperature protection When the PoE temperature unit 1 unit2 over 70 degree C then PoE power budget will be changed by 3 segments as following Over 70 Degree C power budget 140 Watts Over 73 Degree C power budget 130 Watts Over 76 Degree C power budget 120 Watts Power limit mode Allow to configure power limit mode of Web Smart Device It can choose E Consumption Deliver PoE power according to real power consumption from PoE device E Classification Deliver PoE power by port PoE power level Total Limit Set limit value of the total POE port provided power to the PDs PoE Usage Threshold Allows setting how much PoE power budget could be limited Power Allocation Show the total watts usage of PoE Switch PoE Function Allows user to enable disable or schedule the PoE function PoE Schedule Allows user set the PoE port enable or disable according to PoE Schedule profile This function must co work with SNTP function Power Mode Allows user to switch the PoE port offering PoE power according
192. us server timeout default 30 seconds Syntax dot1x timeout radius server lt 1 300 gt Parameters lt 1 300 gt specifies the radius server timeout in seconds dot1x max req Description Set 802 1x maximum request retries default 2 times Syntax dot1x max req lt 1 10 gt Parameters lt 1 10 gt specifies the maximum request retries dot1x timeout re authperiod Description Set 802 1x re auth period default 3600 seconds Syntax dot1x timeout re authperiod lt 30 65535 gt Parameters lt 30 65535 gt specifies the re auth period in seconds show dot1x Description Show 802 1x information quiet period Tx period supplicant timeout server timeout maximum requests and re auth period dot1x port Description Set 802 1x per port information Syntax dot1x port lt fu fa au no gt lt port list gt Parameters fu specifies forced unauthorized fa specifies forced authorized au specifies authorization no specifies disable authorization lt port list gt specifies the ports to be set 171 GE DS 82 and NS2503 8P 2C Series User Manual show dot1x port Description Show 802 1x per port information Access Control List Packets can be forwarded or dropped by ACL rules include lpv4 or non lpv4 The Managed Switch can be used to block packets by maintaining a table of packet fragments indexed by source and destination IP address protocol and so on Ipv4 ACL commands no
193. witch This saves the switch from having to re learn a device s MAC address when the disconnected or powered off device is active on the network again Via this interface you can add modify delete a static MAC address E Add the Static MAC Address You can add static MAC address in the switch MAC table here Forwarding and Filtering Dynamic MAC Table Static MAC Table MAC Filtering Dynamic addresses currently defined on the switch are listed below Click Add to add a new static entry to the address table MAC Address PORT 100 30 4F 11 22 33 Port num Add Delete Figure 4 7 2 Static MAC Addresses interface 100 GE DS 82 and NS2503 8P 2C Series User Manual The page includes the following fields Object MAC Address Port num VLAN ID MAC Filtering Description Enter the MAC address of the port that should permanently forward traffic regardless of the device network activity Pull down the selection menu to select the port number The VLAN ID for the entry By filtering MAC address the switch can easily filter the pre configured MAC address and reduce the un safety You can add and delete filtering MAC address Forwarding and Filtering Dynamic MAC Table Static MAC Table MAC Filtering Specify a MAC address to filter 00 30 4F 55 66 77 00 30 4F 77 2B FC MAC Address 00 e0 3A 11 22 33 VLAN ID J 00 30 4F 55 66 77 Filter 1 Static 00 30 4F 77 2B FC
194. witch will not recognize it Es 21 GE DS 82 and NS2503 8P 2C Series User Manual Before connecting to the other switches workstations or Media Converters do the following 1 Make sure both sides use the same SFP transceiver for example 1000Base SX to 1000Base SX or 1000Bas LX to 1000Base LX 2 make sure that the fiber optic cable type matches the SFP transceiver model gt Toconnect to 1000Base SX SFP transceiver use the multi mode fiber cable with one side must be male duplex LC connector type gt To connect to 1000Base LX SFP transceiver use the single mode fiber cable with one side must be male duplex LC connector type Connect the fiber cable 1 Attach the duplex LC connector on the network cable into the SFP transceiver 2 Connect the other end of the cable to a device switches with SFP installed fiber NIC on a workstation or a Media Converter Check the LNK ACT LED of the SFP slot on the front of the Switch Ensure that the SFP transceiver is operating correctly Check the Link mode of the SFP port if the link failed Remove the transceiver module 1 Make sure there is no network activity Use the management interface of the switch to disable the port in advance 2 Remove the Fiber Optic Cable gently 3 Turn the handle of the MGB module to the horizontal position 4 Pull out the module gently the handle f SFP Transceiver 4 2 A Figure 2 13 Pull out the SFP transceiver Never pull out the
195. xisting in the address table can be forwarded normally User can disable the port from learning any new MAC addresses then use the static MAC addresses screen to define a list of MAC addresses that can use the secure port Enter the settings then click Apply button to change on this page User can disable Enable port broadcast storm filtering option by port The filter mode and filter packets type can be select in Switch Setting gt Misc Config page User can disable Enable port jumbo frame option by port When port jumbo frame is enable the port forward jumbo frame packet The three models support up to 9Kbytes jumbo frame forwarding 96 Rate Control GE DS 82 and NS2503 8P 2C Series User Manual This page provides rate control on each port it contains Ingress and Egress items and the unit is 128Kbps The rate control screen is displayed as in Figure 4 3 2 Rate Control Po rt l i MT Ree o 128 kbps 0 128 kbps Porta i Figure 4 3 2 Rate Control Interface Screenshot The page includes the following fields Object Rate Control Unit 128KBbps Port Ingress Egress Description Port 1 Port 10 supports by port ingress and egress rate control For example assume port 1 is 10Mbps users can set its effective egress rate at 1Mbps and ingress rate at 500Kbps Device will perform flow control or backpressure to confine the ingress rate to meet the specified rate Allows user t
Download Pdf Manuals
Related Search