KGS-612F user manual
Contents
1. Click Apply will make your selection effect immediately Any improper configuration might cause network connection problem M r Note s ree All members of a trunk group if configured must be in same VLAN group and have same all per port VLAN settings VLAN Configuration Description VLAN Disable Select to disable VLAN function All ports are allowed to communicate with each others freely with no VLAN limitation Port based VLAN Mode Simple configuration for 2 port based VLAN groups Port based VLAN ISP Mode Simple configuration for 5 port based VLAN groups Advance VLAN Mode Apply Refresh Click to apply the configuration change Click to refresh current configuration 31 Full VLAN configuration for port based and Tag based VLAN 4 6 1 Port based VLAN Mode VLAN Configuration Port based VLAN Mode Pilla aisle 6 1 Fie IIR al ma 1 Two port based VLAN groups are created 2 The member ports in group can communicate with each other 3 No packet modification from ingress to egress 4 Member port overlap is allowed Configuration Description Group 1 2 Port based VLAN group number Member ports Select member ports for the group Apply Click to apply the configuration change Refresh Click to refresh current configuration Back Click to go back to upper menu Operation in this mode 1 The membe2. 1 2 Product Panels The following figure illustrates the front panel and rear panel of the switch LED indicators Reset button Front panel One combo port RJ 45 1000M SFP DC IN Jack 3 10 100 1000M copper ports 2 combo ports RJ 45 100M SFP Rear panel 1 3 LED Indicators LED POWER Function Power status LNK 1000M ACT Network port 1000M link status Port 1 Port 6 LNK 100M ACT Network port 100M link status Port 1 Port 6 LNK 10M ACT Network port 10M link status Port 1 Port 6 1 4 Specifications 10 100 1000 Copper Ports Compliance Connectors Pin assignments Configuration Transmission rate Duplex support Network cable IEEE 802 3 10Base T IEEE 802 3u 100Base TX IEEE 802 3u 1000Base T Shielded RJ 45 jacks Auto MDI MDI X detection Auto negotiation or software control 10Mbps 100Mbps 1000Mbps Full Half duplex Cat 5 UTP Combo Port with 10 100 1000 RJ 45 and 1000Mbps Mini GBIC SFP Copper interface Compliance Connectors Pin assignments Configuration Transmission rate Duplex support Network cable Fiber interface Compliance Connectors Configuration Transmission rate Network cables Eye safety IEEE 802 3 10Base T IEEE 802 3u 100Base TX IEEE 802 3u 1000Base T Shielded RJ 45 jacks Auto MDI MDI X detection Auto negotiation or software control 10Mbps 100Mbps 1000Mbps Full Half duplex Cat 5 UTP IEEE 802 3z 1000Base SX LX mini GBIC SFP for o
3. Egress Setting Untagged VID VLAN Group 1 VID VLAN Group 1 Member Ports VLAN Group 1 Source Port Check VLAN Group 2 VID VLAN Group 2 Member Ports VLAN Group 2 Source Port Check VLAN Group 3 VID VLAN Group 3 Member Ports VLAN Group 3 Source Port Check VLAN Group 4 VID VLAN Group 4 Member Ports VLAN Group 4 Source Port Check VLAN Group 5 VID VLAN Group 5 Member Ports VLAN Group 5 Source Port Check VLAN Group 6 VID VLAN Group 6 Member Ports VLAN Group 6 Source Port Check VLAN Group 7 VID VLAN Group 7 Member Ports VLAN Group 7 Source Port Check VLAN Group 8 VID VLAN Group 8 Member Ports VLAN Group 8 Source Port Check Tag ignore for all ports Enable for all ports Disable for all ports Disable for all ports Disable for all ports Disable for all ports 1 for all ports 1 Port 1 2 3 4 5 6 Disable 2 None Disable 3 None Disable 4 None Disable 5 None Disable 6 None Disable 7 None Disable 8 None Disable Aggregation Trunking Configuration Group 1 4 Member Ports None LACP Port Configuration 63 Protocol Enabled Not select disabled for all ports Key Value auto for all ports RSTP System Configuration System Priority 32766 Hello Time 2 Max Age 20 Forward Delay 15 Force Version Normal RSTP Port Configuration Protocol enabled Not select disabled for all ports Edge v Select for all ports Max Age 20 F
4. Link aggregation port trunking Mirror received frames to a sniffer port Power status Port link activity status speed status Software Management Functions Interfaces Management objects DC Power Input Interfaces Operating Input Voltages Power consumption Mechanical Dimension base Housing Mounting Environmental Operating Temperature Storage Temperature Relative Humidity Electrical Approvals FCC CE Web browser System configuration IP settings Name Password Port configuration control and status VLAN function settings Port Link Aggregation function settings Link Aggregation LACP settings RSTP settings 802 1X port access control Port mirroring settings QoS function settings Storm protection control settings Port statistic LACP status RSTP status Reboot restore factory default update firmware DC Jack D 6 3mm D 2 0mm 7 5VDC 5 OW max 7 5V 180 x 114 x 26 mm Enclosed metal with no fan Desktop mounting wall mounting Din rail mounting Typical 0 C 40 C 20 C 70 C 10 90 Part 15 rule Class A EMC CISPR22 Class A 10 2 Installation 2 1 Unpacking The product package contains e The switch unit One power adapter One product CD ROM 2 2 Safety Cautions To reduce the risk of bodily injury electrical shock fire and damage to the product observe the following precautions e Do not service any product except as explained
5. r ir ir r Disa x ls b ll irr Disable Apply _Refresh Back rRemak Source Port Check ingress port must be member port of the VLAN Otherwise packet is dropped i vemm N venen a 11 Description Group number VID of the VLAN to which this group is associated 1 4095 decimal 12 bit VID value Select the admitted egress ports for the packets belong to the VLAN Port 1 6 click to select Check whether the ingress port is the member port of the VLAN Enable set to enable this check the packet is dropped if ingress port is not member port of the VLAN Disable set to disable this check Click to apply the configuration change Click to refresh current configuration Click to go back to upper menu 39 4 6 4 Important Notes for VLAN Configuration Some considerations should be checked in configuring VLAN settings 1 Switch VLAN Mode selection It is suggested to evaluate your VLAN application first and plan your VLAN configuration carefully before applying it Any incorrect setting might cause network problem Aggregation Trunking configuration Make sure the members of a link aggregation trunk group are configured with same VLAN configuration and are in same VLAN group Double Tagged in Advanced VLAN Mode For a received packet Ingress port Keep Tag setting and Egress port Insert Tag setting are enabl
6. required 28 4 5 Ports Configuration Enable Jumbo Frames Port Link Mode Flow Control SFP DDM Apply Notes Port Configuration SFP DDM Apply Refresh Function Select to enable jumbo frame support The port number Speed and duplex status with green background port is link on Down with red background port is link down Select port operating mode Disabled disable the port operation Mode Auto negotiation Speed capability Duplex capability Auto Enable 10 100 1000M Full Half 10 Half Disable 10M Half 10 Full Disable 10M Full 100 Half Disable 100M Half 100 Full Disable 100M Full 1000 Full Enable 1000M Full Force 1000 Full Disable 1000M Full Set port flow control function v set to enable 802 3x pause flow control for ingress and egress Click to display DDM information and status of the SFP transceivers Click to apply the configuration change 1 For 100M fiber application on Port 4 and Port 5 it is necessary to configure 100 Full for the port with fiber connection 2 For 1000M fiber application on Port 6 just leave the default port configuration Auto for fiber connection 29 4 5 1 SFP DDM Status DDM Digital Diagnostic Monitoring information and status are provided in some SFP transceivers Part of the information are retrieved and listed as follows Information Port Identifier Connector SONET Compliance GbE Compliance Vendor Name Vendor OU
7. Drop Untag Per Port Setting ode ti 20 3 24 Drop Tag Per Port Setting srann an to peut teresa fud eec i 20 3 3 3 Ingress Default Tag Per Port SettinQ ooooooccccnnnccccnnnncccconnonccccnnncnnnnnnanrnnnnnanancnnnns 20 3 3 4 Packet Tag Information 312 25 c etn ree se p eerte bad tete eder OO SIR 20 3 3 5 VLAN Group Table Configuration eerte ee brennt he hcec 21 iO VEANICIASSITICRTIOF soi roe cdo Mere 21 3 3 7 Packet Forwarding MM cR 21 3 3 8 Egress Tagging Rules re rre eroe D E n vu e PU een ene ua 22 CECI o TET TDI SERES 22 3 3 9 Summary or VLAN PURCHORL iode Rr randa eret tests n 22 3 4 802 1X Authentication eos cie A A ere 22 4 Web Management risa ii 24 4 1 Start Browser Software and Making Connection ooooccccnnnccccnncccccccnonccccncnnnnccnnnancncnos 24 2 2 L gin tO the Switeh Dl do 24 4 3 Main ManagemerbMOriu adio eee eer Rud ob Red eiue eds 25 44 Syste p ai 26 4 41 Management VLAN constancia ia 28 45 PONS henen E E E 29 A A E 30 AG VANS A ein E E ds 31 4 6 1 Port based VLANMOQE ici en 32 4 6 2 Port based VLAN ISP MOJO sois htt ee nn toe etu ent To e tu pavet tada 33 4 6 3 Advanced VLAN Mode ictericia 34 46 3 1 Ingress Default tina 35 4 6 3 2 Ingress Settings oem tiene pont ret uis e pero Fu SUE desk Eos pd Pr dele top und A 36 4 6 3 3 Egress Settings esee etie aa e 37 4 6 3 4 VLAN GrOUDS oeste teeth ee redeo e ERE t aera petala RE tal Ceca teu re een os 39 4 6 4 Imp
8. Value Apply Refresh Notes LACP Port Configuration Port Protocol Enabled Key Value T p auto A e N e T s A feerrevrevererrerrrerierrrerrrerity 3 D auto pem qe penis 4 m auto Apply Refresh Description Port number Enable LACP support for the port An integer value assigned to the port that determines which ports are aggregated into an LACP link aggregate Set same value to the ports in same LACP link aggregate Value 1 255 Auto key value is assigned by the system Click to apply the configuration change Click to refresh current configuration 1 This configuration is used to configure LACP aggregate groups The ports with same key value are in same LACP aggregate group 2 3 The ports with Auto key are in same LACP aggregate group 4 The ports configured in non LACP aggregation are not available in this configuration 42 4 9 RSTP Configuration System Priority Hello Time Max Age Forward Delay Force Version RSTP System Configuration System Priority 32768 v Hello Time 2 RSTP Port Configuration Port Protocol Enabled Edge Path Cost Aggregations Li 1 Li iv auto E iv auto a y Oo fauto 6 E M auto Description The lower the bridge priority is the higher priority it has Usually the bridge with the highest bridge priority is the root Value 0 61440 Hel
9. a success the port will be authorized and user traffic will be allowed to pass through the port like any switch port connected to an access device If the response is a failure the port will remain unauthorized and therefore unused If there is no response from the server the port will also remain unauthorized and will not pass any traffic 23 4 Web Management The switch features an http server which can serve the management requests coming from any web browser software over TCP IP network Web Browser Compatible web browser software with JAVA script support Microsoft Internet Explorer 4 0 or later Netscape Communicator 4 x or later Set IP Address for the System Unit Before the switch can be managed from a web browser software make sure a unique IP address is configured for the switch 4 1 Start Browser Software and Making Connection Start your browser software and enter the IP address of the switch unit to which you want to connect The IP address is used as URL for the browser software to search the device URL http XXX XXX XXX XXX Factory default IP address 192 168 0 2 4 2 Login to the Switch Unit When browser software connects to the switch unit successfully a Login screen is provided for you to login to the device as follows KGS 612F Gigabit Ethernet Switch Please enter password to login Paseos egi Maintenance The switch will accept only one successful management connection at
10. and P3 connect to same switch as an STP redundant link associated to VLAN 2 P5 and P6 connect to another switch as an STP redundant link associated to VLAN 3 The switch supports MSTP Multiple STP over multiple VLANs Each VLAN has individual STP mechanism operating independently 58 4 18 Ping Ping Parameters Ping Target IP Address Count Time Out in secs Apply Status Received replies Request time outs Description The target IP address to which the ping command issues The number of ping commands generated The time out for a reply in seconds Start the ping command The command status The number of replies received by the system The number of requests time out Average Response Time The average reponse time of a ping request in mini seconds 59 4 19 Reboot System Reboot System Are you sure you want to reboot system Nol This menu is used to reboot the switch unit remotely with current configuration Starting this menu will make your current http connection lost You must rebuild the connection to perform any management operation to the unit 4 20 Restore Default Restore Default Are you sure you want to restore factory default No This menu is used to restore all settings of the switch unit with factory default values Note that this menu might change the current IP address of the switch and make your current http connection lost 4 21 Update Firmware Update Fi
11. for VLAN classification VLAN group table lookup in one of the following conditions 1 Ingress port Tag Aware setting Tag ignore 2 Ingress port Tag Aware setting Tag aware and the received packet is untagged or priority tagged PVID CFI User Priority Ingress Default Tag for the ingress port It is used as the tag for insertion in egress tagging operation in one of the following conditions 1 Ingress port Tag Aware setting Tag ignore Egress port Insert Tag Enable 2 Ingress port Tag Aware setting Tag aware Egress port Insert Tag Enable and the received packet is untagged or priority tagged 35 4 6 3 2 Ingress Settings Ingress Settings 1 Taoionore E Tr Fu prier Disable seal Poe 2 Mesa Y Enatie Disabie y Disable z gal 3 Tagignore x fenavie y Disable y Disable zl i i 4 p Enable Disable z Disable i Dess z Enable z Disable y Disable Disable y Disable al 6 ragignore enable y Disable 7 Disable Apply Refresh Back r Remark 1 Tag Aware Tag aware Use packet s tag VID if exists and VID gt 0 for VLAN lookup Tag ignore Use ingress default tag PVID for VLAN lookup 2 Keep Tag Disable Packet s tag is removed if exists and VID gt 0 Enable Packet s tag is not removed Configuration Description Port Port number Tag Aware Check tag data for every received packet Tag aware set
12. stripped in whole forwarding operation Disable The VLAN tag data in the received VLAN tagged packet is stripped removed 3 3 2 3 Drop Untag Per Port Setting Enable All untagged packets and priority tagged packets are dropped A priority tagged packet is treated as an untagged packet in this switch Only VLAN tagged packets are admitted Disable Disable Untagged packet filtering 3 3 2 4 Drop Tag Per Port Setting Enable All VLAN tagged packets are dropped A priority tagged packet is treated as an untagged packet in this switch Only untagged packets are admitted Disable Disable VLAN tagged packet filtering 3 3 3 Ingress Default Tag Per Port Setting Each port can be configured with one Ingress Default Tag This ingress port default tag is used when ingress port is in Tag ignore mode or for the received untagged packets in Tag aware mode The Ingress Default Tag includes PVID CFI and User Priority configuration When Ingress port default tag is used it is copied as packet associated Packet Tag Information for VLAN classification The PVID is used as index to one VLAN group in VLAN group table 3 3 4 Packet Tag Information Under VLAN process every packet is associated with one Packet Tag information in packet forward ing operation The tag information includes VID CFI and User Priority data and is used for two purposes The VID in tag is used as index for VLAN classification e The tag is used for egress t
13. 802 1X authenticator operates as a go between with the supplicant and the authentication server to provide services to the network When a switch is configured as an authenticator the ports of the switch must then be configured for authorization In an authenticator initiated port authorization a client is powered up or plugs into the port and the authenticator port sends an Extensible Authentication Protocol EAP PDU to the supplicant requesting the identification of the supplicant At this point in the process the port on the switch is connected from a physical standpoint however the 802 1X process has not authorized the port and no frames are passed from the port on the supplicant into the switching engine If the PC attached to the switch did not understand the EAP PDU that it was receiving from the switch it would not be able to send an ID and the port would remain unauthorized In this state the port would never pass any user traffic and would be as good as disabled If the client PC is running the 802 1X EAP it would respond to the request with its configured ID This could be a username password combination or a certificate After the switch the authenticator receives the ID from the PC the supplicant The switch then passes the ID information to an authentication server RADIUS server that can verify the identifica tion information The RADIUS server responds to the switch with either a success or failure message If the response is
14. I Temperature Voltage TX Power Refresh Back Note SFP DDM Port re 5 Fe Identifier IN A SFP transceiver NWA Connector N A LC NA qun Lua OC 48 short reach PONET Compliance N A IOC 3 multi mode short react NA GbE Compliance N A 1000BASE LX N A Vendor Name IN A E20 COMMS INC NA Vendor OUI N A 000000 N A Temperature N A N A N A Voltage NA NIA NA TX Power N A N A WA Refresh Back r Remark dBm N pW 30 dBm log10 N x 10 Function Port number which has SFP slot Port 4 Port 5 Port 6 come with SFP The identifier information of the transceiver The connector type used on the transceiver SONET compliance information of the transceiver Gigabit Ethernet compliance information of the transceiver The vendor name of the transceiver The vendor OUI of the transceiver The current temperature sensed inside the transceiver The working voltage sensed inside the transceiver The transmission optical power sensed Click to refresh current configuration Click to back to previous page 1 TX power data is displayed with unit of mW It can be converted to dBm as remark 2 N A the information is not available 4 6 VLANs VLAN Configuration amp VLAN Disable C Port based VLAN Mode Setting C Port based VLAN ISP Mode Setting C Advanced VLAN Mode gt Apply Refresh E Remark D D EI RES
15. INN PE fpe t a Plug and Play The switch is shipped with factory default configuration which behaves like an unmanaged Gigabit switch for workgroup It provides five 10 100 1000Mbps copper ports for connections to Ethernet Fast Ethernet and Gigabit Ethernet devices With the featured auto negotiation function the switch can detect and configure the connection speed and duplex automatically The switch also provides auto MDI MDI X function which can detect the connected cable and switch the transmission wire pair and receiving pair automatically This auto crossover function can simplify the type of network cables used Fiber Connectivity Two 100M SFP ports can be installed with an optional SFP optical fiber transceiver to support two 100Base FX fiber connections when needed One mini GBIC SFP port can also be installed with an optional SFP optical fiber transceiver to support one Gigabit fiber connection when needed Web Management The switch is embedded with an Http server which provides management functions for advanced network functions including Port Control Quality of Service and Virtual LAN functions The manage ment can be performed via Web browser based interface over TCP IP network Quality of Service For advanced application the switch is featured with powerful Quality of Service QoS function which can classify the priority for received network frames based on the ingress port and frame contents Furthermore many service p
16. KGS 612F Web Smart 6 Port Gigabit Ethernet Switch with Fiber Connectivity User s Manual R DOC 100324 C 2007 KTI Networks Inc All rights reserved No part of this documentation may be reproduced in any form or by any means or used to make any directive work such as transla tion or transformation without permission from KTI Networks Inc KTI Networks Inc reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of KTI Networks Inc to provide notification of such revision or change For more information contact United States KTI Networks Inc P O BOX 631008 Houston Texas 77263 1008 Phone 713 2663891 Fax 713 2663893 E mail kti ktinet com URL http www ktinet com International Fax 886 2 26983873 E mail kti ktinet com tw URL http www ktinet com tw The information contained in this document is subject to change without prior notice Copyright C All Rights Reserved TRADEMARKS Ethernet is a registered trademark of Xerox Corp WARNING This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 ofthe FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance w
17. ag insertion if egress tagging is enabled The following table lists how the Packet Tag information is generated Tag Aware setting Received Packet Type Packet Tag information source Tag ignore Untagged packet Ingress Port Default Tag Tag ignore Priority tagged packet Ingress Port Default Tag Tag ignore VLAN tagged packet Ingress Port Default Tag Tag aware Untagged packet Ingress Port Default Tag Tag aware Priority tagged packet Ingress Port Default Tag Tag aware VLAN tagged packet Received packet VLAN Tag 20 3 3 5 VLAN Group Table Configuration The switch provides a table of eight VLAN groups to support up to eight VLANs at the same time Each VLAN group is associated to one unique VLAN The table is referred for VLAN classification A VLAN group contains the following configuration settings VID 12 bit VLAN Identifier index to the VLAN to which the group is associated Member Ports the admitted egress ports for packets belonging to this VLAN Source Port Check the ingress port of the packet must also be the member port of this VLAN Otherwise the packet is discarded 3 3 6 VLAN Classification VLAN classification is a process to classify a VLAN group to which a received packet belongs The VID of the generated Packet Tag information associated to the received packet is used as an index for VLAN group table lookup The VID matched VLAN group will be used for packet forwarding If no matched VLAN group is found in table looku
18. ault port priority Packet switching forwarding enenb ssejo enenb z sse e enenb sselo ananb 9 sselo Egress service policy Egress port 3 2 1 Packet Priority Classification Each received packet is examined and classified into one of four priority classes Class 3 Class 2 Class 1 and Class 0 upon reception The switch provides the following classification methods 802 1p classification use User Priority tag value in the received IEEE 802 1Q packet to map to one priority class DSCP classification use DSCP value in the received IP packet to map to one priority class Port based classification used when 802 1p and DSCP are disabled or fail to be applied They all can be configured to be activated or not More than one classification methods can be enabled at the same time However 802 1p classification is superior than DSCP classification 802 1p mapping tables Each ingress port has its own mapping table for 802 1p classification DSCP mapping table All ingress ports share one DSCP mapping table for DSCP classification Default port priority A port default priority class is used when port based classification is applied All configuration settings are in per port basis except that DSCP mapping table is global to all ports A received packet is classified into one of four priority class before it is forwarded to an egress port 3 2 2 Priority Class Queues Each egress port in the switch is equippe
19. ber Port Configuration For 100M fiber application on Port 4 and Port 5 it is necessary to configure 00 Full for the port with fiber connection For 1000M fiber application on Port 6 just leave the default port configuration Auto for fiber connection IJ 2 9 LED Indication LED Function POWER Power status LNK 1000M ACT Port link status LNK 100M ACT Port link status LNK 10M ACT Port link status State ON OFF ON BLINK OFF ON BLINK OFF ON BLINK OFF Interpretation The power is supplied to the switch The power is not supplied to the switch A 1000M link is established No traffic Port link is up and there is traffic Port link is down A 100M link is established No traffic Port link is up and there is traffic Port link is down A 10M link is established No traffic Port link is up and there is traffic Port link is down 2 10 Configuring IP Address and Password for the Switch The switch is shipped with the following factory default settings for software management Default IP address of the switch 192 168 0 2 255 255 255 0 The IP Address is an identification of the switch in a TCP IP network Each switch should be desig nated a new and unique IP address in the network Refer to Web management interface for System Configuration The switch is shipped with factory default password 123 for software management The password is used for authentication in accessing to the switch v
20. cast packets are those unicast packets whose destination address is not learned in the MAC address table Apply Click to apply the configuration change Refresh Click to refresh current configuration Notes 1 The unit of the rates is pps packets per second 2 No Limit no protection control z532 4 14 Statistics Overview Statistics Overview for all ports Statistics Description Port Port number Tx Bytes Total of bytes transmitted on the port Tx Frames Total of packet frames transmitted on the port Rx Bytes Total of bytes received on the port Rx Frames Total of packet frames received on the port Tx Errors Total of error packet frames transmitted on the port Rx Errors Total of error packet frames received on the port Clear Click to reset all statistic counters Refresh Click to refresh all statistic counters 53 4 15 Detailed Statistics Statistics for Port 1 Button Description Port Click to display the detailed statistics of Port Clear Click to reset all statistic counters Refresh Click to refresh the displayed statistic counters 4 16 LACP Status LACP Aggregation Overview Group Por 1 2 3 4 5 6 Normal NN Aggregation Group 1 Partner MAC Address 00 40 F6 F8 12 34 Local Ports Aggregated 12 Seconds since last change 419 Aggregation Group 2 00 40 F6 F8 12 34 Local Ports Aggregated 34 Seconds since last c
21. cs Table of Contents 1 IntrodUctiObi sas rna ad cs ni d aa e add ada a aw e s d wie 6 O M AE s 7 1 2 Product Panels eto EE aE e aaa aa tea io aM E RM ite ped 7 1 3 CED Indicato S ii e iba RE 8 Bose cL M CL T 8 Sr mM H 11 ZI UA ee m 11 2 2 SCIEN T RRASA 11 2 3 Mounting the Switch on a Wall nennen 11 2 4 Mounting the Switch on a Din rail Chassis sssse 12 20 Applying POWE Mec RS 12 2 5 HoSOLDBULHOFD c no a uten e O dd 13 2 7 Making UTP Connections see rete hr p erae eek a aa der adi 13 2 8 Making Fiber Connection iiie a idad 14 AOE WAGGA ro EP 15 2 10 Configuring IP Address and Password for the Switch ooooonnnnicnnncconoccnnocnncnanncnnnos 15 3 Advanced Functions 5 soie atra enira ri po nias ku era a iu o Beda cuta vaa vaa dro ru again un 16 3 T ADDEOVIBIIOTIG curte tee nente ia 16 32 QOS FUNCION M 17 3 2 1 Packet Priority Classification ooonoccinnnncccnnnncccnnonocccnnnnnnncnnnnncnnnnnnnnrrcnnnnancnnnns 18 3 2 2 Priority Glass Quels cuicos iaa a integer aea inr e uec UR de tad veta 18 3 23 Egress Servic Poly eM S 18 3 9 VLAN FUNCOM iere citat E ed sees 19 ll MEAN ODE ALONG S eres eade uis A dec rdc aed ed E 19 3 9 2 Ingress Rules iti o E d iS 19 3 3 2 1 802 1Q Tag Aware Per port setting cooooocoonnccccinnnccccnnnoncconnnannncnnnanrnnnnnanancnnnns 19 3 3 2 2 Keep Tag Per port setting e cd 19 3 3 2 3
22. current configuration Back Click to go back to upper menu Every ingress port has its own 802 1p mapping table The table is referred in 802 1p priority classifica tion for the received packet 49 4 12 2 DSCP Mapping Configuration DSCP 0 63 Priority All others Apply Refresh Back QoS DSCP Mapping C DSCP 0 63 Priority ET BM ca m ptem Tk ES css aa m es I Class 3 y css 3 lpm 2 Used to classify L3 IP packets 3 All ports share same table Description Seven user defined DSCP values which are configured with a priority class 0 63 6 bit DSCP value in decimal The priority class configured for the user defined DSCP value Class 3 Class 0 The other DSCP values not in the seven user defined values are assigned a default priority class Class 3 Class 0 Click to apply the configuration change Click to refresh current configuration Click to go back to upper menu Only one DSCP mapping table is configured and applied to all ports The table is referred in DSCP priority classification 50 4 12 3 QoS Service Policy QoS Service Policy 4 AN O 5 Strict priority zl 6 strict priorit _Apply Refresh Back 1 Strict priority high class is always served first till it is empty 2 Weighted ratio 4 classes are served in round robin weighted ratio 3 Four classes are served with weighted guarantee
23. d Ingress Default Tag when Tag Aware Tag ignore Received packet s Tag when Tag Aware Tag aware and VID gt 0 r Note If Ingress Keep Tag and egress Insert Tag are enabled Priority tagged and VLAN tagged packets will be double tagged when egress 3T Configuration Port Insert Tag Untagging Specific VID Untagged VID Apply Refresh Back Description Port number Activate tagging Insert a tag to the packet Enable set to activate tagging Disable set to disable tagging function No tagging if VID of packet tag information matches Untagged VID Enable set to enable this function Disable set to disable this function VID for Untagging Specific VID setting 1 4095 decimal 12 bit VID value Click to apply the configuration change Click to refresh current configuration Click to go back to upper menu The inserted tag sources when Insert Tag 2 Enable are listed as follows Received packet type Tag Aware Tag ignore Tag Aware 7ag aware Untagged Ingress Default Tag Ingress Default Tag Priority tagged VID 0 Ingress Default Tag Ingress Default Tag VLAN tagged VID gt 0 Ingress Default Tag Packet own tag 38 4 6 3 4 VLAN Groups Configuration Group VID Member Ports Source Port Check Apply Refresh Back VLAN Groups Member Pors m TT da Ts e ere REEERE mm p ej ir ir ir r Disa x al II Ios SIE h IEEE Toisa s PEPE el E b Er
24. d bandwidth on an egress port Configuration Description Port Port number Policy Service policy for egress priority among four egress class queues Strict priority high class queue is served first always till it is empty Weighted ratio priority Class 3 2 1 0 4 3 2 1 weighted ratio 4 3 2 1 Weighted ratio priority Class 3 2 1 0 5 3 1 1 weighted ratio 5 3 1 1 Weighted ratio priority Class 3 2 1 0 1 1 1 1 weighted ratio 1 1 1 1 Apply Click to apply the configuration change Refresh Click to refresh current configuration Back Click to go back to upper menu Notes 1 Queue with higher class number has higher priority than queue with lower class number That means Class 3 gt Class 2 gt Class 1 gt Class O by default 2 In weighted ratio policies a weighted fairness round robin service is guaranteed normally However when excess bandwidth exists higher class queue will take advantage on band width allocation 31 4 13 Storm Control Storm Control Configuration Storm Control Number of frames per second Baca nume Multicast Rate No Limit Flooded Unicast Rate Not Limit y mtz Apply Refresh Configuration Description Broadcast Rate The rate limit of the broadcast packets transmitted on a port Broadcast Rate The rate limit of the Multicast packets transmitted on a port Flooded Unicast Rate The rate limit of the flooded unicast packets transmitted on a port The flooded uni
25. d with four priority class egress queues to store the packets for transmission A packet is stored into the class queue which is associated to the classified priority class For example a packet is stored into Class 3 egress queue if it is classified as priority Class 3 3 2 3 Egress Service Policy Each port can be configured with an egress service policy to determine the transmission priority among four class queues By default higher class number has higher priority than the lower class numbers Four policies are provided for selection as follows Strict priority Packets in high priority class queue are sent first until the queue is empty Weighted ratio priority Class 3 2 1 0 4 3 2 1 four queues are served in 4 3 2 1 ratio Weighted ratio priority Class 3 2 1 0 5 3 1 1 four queues are served in 5 3 1 1 ratio Weighted ratio priority Class 3 2 1 0 1 1 1 1 four queues are served equally Strict priority policy lets high priority class queue is served first until it is empty Lower priority queue may not get any service or egress bandwidth when higher priority traffic is heavy for long time Three weighted ratio policies are provided to resolve such problem Four class queues are served in weighted round robin basis Every priority class can get a guaranteed ratio for the egress bandwidth 18 3 3 VLAN Function The switch supports port based VLAN 802 1Q Tag VLAN and eight VLAN groups 3 3 1 VLAN Operation The
26. e RSTP topologies operate in three VLANs configured in a switch RSTP VLAN Bridge Overview VLAN Id Bridge Id Hello Time Max Age Fwd Delay Topology Root Id 1 32769 00 40 F6 EF 05 8E 2 20 15 Steady This switch is Root 2 32770 00 40 F6 EF 05 8E 2 20 15 Steady 32770 00 40 F6 EF 05 02 via port 2 3 32771 00 40 F6 EF 05 91 2 20 15 Steady This switch is Root Refresh RSTP Port Status Poti Port Group Vlan Id Path Cost Edge Port P2p Port Protocol Port State Pot2 2 2000 o yes RSP i Pot3 2 20000 no yes RSTP Blocked Pora los TP 3 20000 INon STP JE 1 Port 5 20000 n yes RSTP Fonarding Port6 3 000 mo yes RSTP omwarding RSTP Status Description VLAN Id The VLAN which has STP enabled ports Bridge Id STP bridge ID Priority MAC address detected in the associated VLAN Hello Time Hello Time is used to determine the periodic time to send normal BPDU from designated ports among bridges It decides how long a bridge should send this message to other bridge to tell I am alive I 10 seconds Max Age When the switch is root bridge the whole LAN uses this setting as the maximum age time 6 40 seconds Fwd Delay This figure is set at Root Bridge only Topology Steady The STP topology is steady Changing The STP topology is changing Root Id The MAC address of current STP root If the switch is STP root a message of The switch is Root is disp
27. ed at the same time It will cause the packet double tagged when egress Although it is often applied in Q in Q provider bridging application However such condition should be avoided in normal VLAN configuration See table below Ingress port Egress port Keep Tag Insert Tag Received Packet Packet Transmitted Enable Enable Priority tagged Double tagged Enable Enable VLAN tagged Double tagged 40 4 7 Aggregation Configuration Group Port Apply Refresh Back Aggregation Trunking Configuration Gop erre Apply Refresh Description Trunk group number Click to select the port as member port of the trunk group Click to apply the configuration change Click to refresh current configuration Click to go back to upper menu Link aggregation function allows to make connection between two switches using more than one physical links It can increase the connection bandwidth between two switches The switch supports up to four trunk groups and the number of member ports belonging to one trunk group is not limited Notes 1 The LACP enabled ports are not available in this configuration 2 One port cannot belong to two trunk groups at the same time 3 The member ports of one trunk group must also belong to same VLAN group and have same VLAN configuration settings Otherwise abnormal operation might be experienced 4T 4 8 LACP Configuration Port Protocol Enabled Key
28. figuration settings to factory default values The operations are Operation Function Press the button more than 5 seconds when power up Restore factory default settings Press the button and release during switch operation Reboot the switch 2 7 Making UTP Connections The 10 100 1000 RJ 45 copper ports supports the following connection types and distances Network Cables 10BASE T 2 pair UTP Cat 3 4 5 EIA TIA 568B 100 ohm 100BASE TX 2 pair UTP Cat 5 EIA TIA 568B 100 ohm 1000BASE T 4 pair UTP Cat 5 or higher Cat 5e is recommended EIA TIA 568B 100 ohm Link distance Up to 100 meters Auto MDI MDI X Function This function allows the port to auto detect the twisted pair signals and adapts itself to form a valid MDI to MDI X connection with the remote connected device automatically No matter a straight through cable or crossover cable is connected the ports can sense the receiving pair automatically and configure itself to match the rule for MDI to MDI X connection It simplifies the cable installation Auto negotiation Function The ports are featured with auto negotiation function and full capability to support connection to any Ethernet devices The port performs a negotiation process for the speed and duplex configuration with the connected device automatically when each time a link is being established If the connected device is also auto negotiation capable both devices will come out the best configuration after negotiation
29. following figure illustrates the basic VLAN operation flow beginning from a packet received on an ingress port until it is transmitted from an egress port Ingress Packet Tag Default Information Tag Ingress rules Ingress VLAN Packet Egress Classi forwarding Port fication Ingress Egress Port Port Settings Settings The following sections describe the VLAN processes and Advanced VLAN mode settings provided by the switch A global setting means the setting is applied to all ports of the switch A per port setting means each port can be configured for the setting respectively 3 3 2 Ingress Rules When a packet is received on an ingress port the ingress rules are applied for packet filtering and packet tag removal The related Ingress port settings are 3 3 2 1 802 10 Tag Aware Per port setting Tag aware 802 1Q Tag Aware mode is used The switch examines the tag content of every received packets For a VLAN tagged packet the packet VLAN tag data is retrieved as packet tag information for VLAN classification and egress tagging operation For untagged packet and priority tagged packet port based mode is used Tag ignore Port based mode is used The switch ignores the tag content of every received packets Ingress Port Default Tag is always used as packet tag information for VLAN classification 3 3 2 2 Keep Tag Per port setting Enable The VLAN tag in the received VLAN tagged packet will be kept as it is and is not
30. ge Refresh Click to refresh current configuration 46 4 11 Mirroring Configuration Mirror Port Mirror Source Apply Refresh Mirroring Configuration Apply Refresh Description The port is forwarded all packets received on the mirrored ports Select the ports which will be mirrored all received packets to the mirror port Click to apply the configuration change Click to refresh current configuration 47 4 12 Quality of Service QoS Configuration Port 802 1p DSCP Port Priority 802 1p Mapping DSCP Mapping Service Policy Apply Refresh Note QoS Configuration Port 8021p DSCP PortPriority p rem f Disable y Disable ss zl Cl 802 1p Mapping DSCP Mapping Service Policy Apply Refresh SE 1 802 1p mode uses L2 packet s User Priority tag for priority classification 2 DSCP mode uses L3 IP packet s DSCP value for priority classification 3 802 1p mode is superior over DSCP mode when both are enabled 4 Port Priority is used when 802 1p and DSCP failed in classification 5 Priority level Class 3 Class 2 Class 1 Class 0 Description Port number 802 1p priority classification Enable set to enable this classification to the port for priority tagged and VLAN tagged packets Disable 802 1p classification is not applied to the port DSCP classification Enable set to enable DSCP classificatio
31. ges RFC 2863 The Interfaces Group MIB RFC 1573 Evolution of the Interfaces Group of MIB II TRAP COLDSTART the device boot up trap TRAP LINKUP the port link recovery trap TRAP LINKDOWN port link down trap 61 Appendix Factory Default Settings System Configuration DHCP Enabled Fallback IP Address Fallback IP Subnet mask Fallback Gateway IP Management VLAN VID Management VLAN CFI Management VLAN User priority WDT Enable Name Password SNMP enabled NMP Trap destination NMP Write community S SNMP Read community S S NMP Trap community Ports Configuration Enable Jumbo Frames Not select disabled 192 168 0 2 255 255 255 0 192 168 0 1 0 0 0 Not select disabled Null 123 Not select disabled 0 0 0 0 public private public Not select disabled Mode Auto for all ports Flow Control v Enable VLAN Configuration Main Mode VLAN Disable Port based VLAN Mode setting Member Ports Port 1 2 3 4 5 6 for Group 1 None for Group 2 Port based VLAN ISP Mode setting Joint Port Advanced VLAN Mode Settings Ingress Default Tag PVID Ingress Default Tag CFI Ingress Default Tag User Priority Port 6 1 for all ports 0 for all ports 0 for all ports 62 Ingress Setting Tag Aware Ingress Setting Keep Tag Ingress Setting Drop Untag Ingress Setting Drop Tag Egress Setting Insert Tag Egress Setting Untagging VID
32. hange 456 Bl Forwarding Port link up and forwarding frames Status Port Normal Group Status Partner MAC address Local Port Aggregated Refresh Bl Forwarding Port link up and forwarding by RSTP Number is Partner port number if other switch has LACP enabled Description The port number Display the ports not LACP enabled The LACP group The LACP port status presented with color and a number Down the port is link down Blocked amp gt the port is blocked by RSTP and the is the port number of LACP link partner Learning the port is learning by RSTP Forwarding the port is link up and forwarding frames Forwarding amp gt the port is link up and forwarding frames and the is the port number of LACP link partner The MAC address of the link partner at the other end of the LACP aggregate The ports at local end which are aggregated in same LACP group Click to refresh the status Note the figure shows an example that two LACP link aggregates are configured 55 LACP Port Status Status Port Protocol Active Partner Port Number Operation Port Key Description The port number yes the port is link up and in LACP operation no the port is link down or not in LACP operation The port number of the remote link partner The operation key generated by the system 56 4 17 RSTP Status The following example shows thre
33. ia Http web based interface For security reason it is recommended to change the default settings for the switch before deploying it to your network Refer to Web management interface for System Configuration 3 Advanced Functions To help a better understanding about the software management interfaces this chapter describes some advanced functions provided by the switch 3 1 Abbreviation Ingress Port Ingress port is the input port on which a packet is received Egress Port Egress port is the output port from which a packet is sent out IEEE 802 1Q Packets A packet which is embedded with a VLAN Tag field VLAN Tag In IEEE 802 1Q packet format 4 byte tag field is inserted in the original Ethernet frame between the Source Address and Type Length fields The tag is composed of ttof bits 16 3 1 12 Frame field TPID User priority CFI VID TPID 16 bit field is set to 0x8100 to identify a frame as an IEEE 802 1Q tagged packet User Priority 3 bit field refer to the 802 1p priority CFI The Canonical Format Indicator for the MAC address is a 1 bit field VID VLAN identifier 12 bit field identifies the VLAN to which the frame belongs to Untagged packet A standard Ethernet frame with no VLAN Tag field Priority tagged packet An IEEE 802 1Q packet which VID filed value is zero VID 0 VLAN Tagged packet An IEEE 802 10 packet which VID filed value is not zero VID lt gt 0 PVID Port VID PVID is the default VID of an ing
34. in your system documentation Opening or removing covers may expose you to electrical shock e Only a trained service technician should service components inside these compartments e Ifany of the following conditions occur unplug the product from the electrical outlet and replace the part or contact your trained service provider The power cable extension cable or plug is damaged An object has fallen into the product The product has been exposed to water The product has been dropped or damaged The product does not operate correctly when you follow the operating instructions Do not push any objects into the openings of your system Doing so can cause fire or electric shock by shorting out interior components e Operate the product only from the type of external power source indicated on the electrical ratings label If you are not sure of the type of power source required consult your service provider or local power company 2 3 Mounting the Switch on a Wall The switch can be mounted on a desktop or shelf or a wall Make sure that there is proper heat dissipation from and adequate ventilation around the device Do not place heavy objects on the device Mounting holes for wall mounting Bottom face 2 4 Mounting the Switch on a Din rail Chassis The switch also can be mounted on a din rail chassis The steps are 1 Screw the din rail mounting bracket on the bottom of the switch Din rail bracket mounti
35. is applied in accessing the switch web management interface The switch web http server only accepts untagged management packets and replies untagged packets to the manage ment host If Management VLAN VID settings is zero no VLAN limitation is applied in accessing the switch web management interface The switch web http server only accepts untagged manage ment packets and replies untagged packets to the management host If Management VLAN VID settings is not zero The switch web http server only accepts tagged management packets matched Management VLAN VID and replies tagged packets with tag composed of Management VLAN VID CFI and User Priority settings to the manage ment host The egress port will also be limited in the member ports of the matched VLAN group Summary of the rules VLAN Function Management VID Switch Embedded Web Server operation VLAN disabled Ignore Accept untagged web packets Reply untagged packets No VLAN group member checking VLAN enabled VID 0 Accept untagged web packets Reply untagged packets No VLAN group member checking VLAN enabled VID lt gt 0 Accept matched tagged web packets only 1 4095 Reply tagged packets with the configured tag Matched VLAN group member checking Notes l To apply management VLAN function be sure to configure a VLAN group that matches the management VID first No matter how management VLAN is configured login password authentication is still
36. ith the instruction manual may cause harmful interference in which case the user will be required to correct the interference at his own expense NOTICE 1 The changes or modifications not expressively approved by the party responsible for compliance could void the user s authority to operate the equipment 2 Shielded interface cables and AC power cord if any must be used in order to comply with the emission limits CISPR A COMPLIANCE This device complies with EMC directive of the European Community and meets or exceeds the following technical standard EN 55022 Limits and Methods of Measurement of Radio Interference Characteristics of Information Technology Equipment This device complies with CISPR Class A WARNING This is a Class A product In a domestic environment this product may cause radio interfer ence in which case the user may be required to take adequate measures CE NOTICE Marking by the symbol C indicates compliance of this equipment to the EMC directive ofthe Euro pean Community Such marking is indicative that this equipment meets or exceeds the following techni cal standards EN 55022 Limits and Methods of Measurement of Radio Interference characteristics of Information Technology Equipment EN 50082 1 Generic Immunity Standard Part 1 Domestic Commercial and Light Industry EN 60555 2 Disturbances in supply systems caused by household appliances and similar electrical equipment Part 2 Harmoni
37. layed Refresh Click to refresh the status STe RSTP Port Status Port Group VLAN Id Path Cost Edge Port P2p Port Protocol Port State Description Port number The associated VLAN to which the RSTP port belongs PVID The path cost of the RSTP port Is the port an edge port Yes The port operates in full duplex The protocol version configured for the port RSTP or STP Forwarding A port receiving and sending data normal operation STP still monitors incoming BPDUS that would indicate it should return to the blocking state to prevent a loop Blocking A port that would cause a switching loop no user data is sent or received but it may go into forwarding mode if the other links in use were to fail and the spanning tree algorithm determines the port may transition to the forwarding state BPDU data is still received in blocking state Listening The switch processes BPDUs and awaits possible new information that would cause it to return to the blocking state Learning While the port does not yet forward frames packets it does learn source addresses from frames received and adds them to the filtering database switching database Non STP RSTP is disabled The above status example shows three STP operate in three different VLANs as follows VLAN 1 members P1 P2 P3 P4 P5 P6 VLAN 2 members P2 P3 VLAN 3 members P5 P6 P2 PVID VLAN 2 P3 PVID VLAN 2 P5 PVID VLAN 3 P6 PVID VLAN 3 P2
38. lo Time is used to determine the periodic time to send normal BPDU from designated ports among bridges It decides how long a bridge should send this message to other bridge to tell I am alive When the switch is the root bridge the whole LAN will apply this setting as their maximum age time This figure is set by Root Bridge only The forward delay time is defined as the time spent from Listening state moved to Learning state and also from Learning state moved to Forwarding state of a port in bridge Two options are offered for choosing STP algorithm Compatible STP IEEE 802 1D Normal RSTP IEEE 802 1w 43 Aggregations Enabled to support port trunking in STP It means a link aggregate is treated as a physical port in RSTP STP operation Port Protocol Enabled Port is enabled to support RSTP STP Port Edge An Edge Port is a port connected to a device that knows nothing about STP or RSTP Usually the connected device is an end station Edge Ports will immediately transit to forwarding state and skip the listening and learning state because the edge ports cannot create bridging loops in the network Port Path Cost Specifies the path cost of the port that switch uses to determine which port are the forwarding ports the lowest number is forwarding ports the rage is 1 200 000 000 and Auto Auto means a default cost is automatically calculated in RSTP operation based on the port link speed The default costs are LinkSpeed Au
39. me of an authentication exchange between the Supplicant and the Authentication Server Force Authorized the port is forced to be in authorized state Force Unauthorized the port is forced to be in unauthorized state Port 802 1X state 602 1X Disabled the port is in 802 1X disabled state Link Down the port is in link down state Authorized green color the port is in 802 1X authorized state Unauthorized red color the port is in 802 1X unauthorized state Click to perform a manual authentication for the port Click to perform an 802 1X initialization for the port Click to perform manual authentication for all ports Click to perform 802 1X initialization for all ports Click to configure Re authentication parameters Click to apply the configuration change Click to refresh current configuration 45 4 10 1 802 1X Re authentication Parameters 802 1X Parameters Reauthentication Enabled Enabled ReauthenticationPerod Do ES 1 3600 seconds E l B 1 255 seconds foo Apply Refresh Configuration Description Reauthentication Enabled Check to enable periodical re authentication for all ports Reauthentication Period The period of time after which the connected radius clients must be re authenticated unit second Value 1 3600 EAP timeout The period of time the switch waits for a supplicant response to an EAP request unit second Value 1 255 Apply Click to apply the configuration chan
40. n to the port for IP packets Disable DSCP classification is not applied to the port Port default priority class it is used as a port based QoS mode when 802 1p and DSCP classifications are disabled It is also used as default priority class for the received packet when both 802 1p and DSCP classifi cation failed in classification Class 3 Class O priority class Click to configure 802 1p mapping tables Click to configure DSCP mapping table Click to configure per port egress service policy mode Click to apply the configuration change Click to refresh current configuration 802 1p classification is superior over DSCP classification if both are enabled That means if a received packet is classified successfully in 802 1p classification the classified priority class is used directly for the packet and the result of DSCP classification is ignored 48 4 12 1 802 1p Mapping QoS 802 1p Mapping Port tag0 tag tag2 tag3 tag4 tags tag6 tag Pee Ea Class 3 y Apply _Refresh Back 1 Per port table per User Priority tag value 0 7 maps to one priority class 2 Used to classify priority tagged and VLAN tagged packets Configuration Description Port n Port number n tagm 3 bit User priority tag value m range 0 7 Priority class Mapped priority class for tag m on Port n Class 3 Class 0 Apply Click to apply the configuration change Refresh Click to refresh
41. ng holes Install din rail bracket 2 Mount the units on a din rail chassis The din rail mounting bracket is optional Consult the place where you purchased the product 2 5 Applying Power Before you begin the installation check the AC voltage of your area The AC power adapter which is used to supply the DC power for the unit should have the AC voltage matching the commercial power voltage in your area The AC Power Adapter Specifications AC input power AC power voltage of your area options Rated AC120V 60Hz DC7 5V 1 2A Rated AC230V 50Hz DC7 5V 1 2A Rated AC240V 50Hz DC7 5V 2A The steps to apply the power to the product are 1 Connect power adapter DC plug to the DC input jack located on the back of the unit before connecting to the AC outlet 2 Connect the power adapter to the AC outlet 3 Check Power LED indication Note Before you begin the installation check the AC voltage of your area The AC power adapter which is used to supply the DC power for the unit should have the AC voltage matching the commercial power voltage in your area 2 2 6 Reset Button The reset button is used to perform a reset to the switch It is not used in normal cases and can be used for diagnostic purpose If any network hanging problem is suspected it is useful to push the button to reset the switch without turning off the power Check whether the network is recovered The button can also be used to restore the software con
42. ommunicate with other only No packet tag is examined Areceived packet will not be modified i e tagging or untagging through VLAN operation till it is transmitted 33 4 6 3 Advanced VLAN Mode Advanced VLAN Mode Ingress Default Tag Ingress Settings Egress Settings VLAN Groups Ingress Default Tag ET FL ET E Remark 1 Port s Ingress Default Tag PVID CFl User priority This tag is used for egress tagging in port based mode 2 PVID is used as index for VLAN group table lookup when Tag Aware Tag ignore port based mode 3 PVID is also used as index for VLAN group table lookup when Tag Aware Tag aware for untagged and priority tagged packets Configuration Description Ingress Default Tag Click to configure per port Ingress Default Tag settings Ingress Settings Click to configure per port ingress settings Egress Settings Click to configure per port egress settings VLAN Groups Click to configure VLAN group table 34 4 6 3 1 Ingress Default Tag Configuration Description Port Port number PVID Port VID VID for Ingress Default Tag 1 4095 decimal 12 bit VID value CFI CFI for Ingress Default Tag 0 1 1 bit CFI value User Priority User priority for Ingress Default Tag 0 7 decimal 3 bit value Apply Click to apply the configuration change Refresh Click to refresh current configuration Back Click to go back to upper menu PVID is used as index
43. ortant Notes for VLAN Configuration 40 4 7 Aggregatloltscauba etus os a E matt Om ded ud ette ds ed 41 SERO cuc Au MM M EC MA O es 42 4 9 RS TP au tree PON E aici ear E nep eve e E 43 4 10 802 1X CONI guiatight od i seit ioco bete ta Pp RH Reb e o m echtes 44 4 10 1 802 1X Re authentication Parameters oooocnconoccccccccccononcnnncnnnnnnnnnnncnnnnnnnnnnnnnnnno 46 4 11 Mitrorinig ie Ro eun elu tet a T DR LM EI RM MEE 47 4 12 Quality Oh SSrVIGB ode tice a as 48 412 1802 Tp Mapping xerunt Sack epi tea ex irradia 49 4 12 2 DSCP Mapplit eun tic adds 50 4 12 3 QOS Service Polly rto ee er iaa 51 2 13 SION COMO uico Do odo ac 52 4 14 Statistics OVOIVIBW airada 53 4 15 Detailed Statistical ici 54 AT LACA Sal o ataca 55 a TT RSIP SUUS niue etie oett aia 57 AE 59 4 19 Reboot System oe Ue eee gas RE E a 60 4 20 Restore iij am EE 60 4 21 Update EIHTWAre suo Pto siste 60 4 22 Hera oH E 60 5 SNMP SUPPOF u H 61 Appendix Factory Default Settings cseeeeeeeeeeeeeseeeeeeeeeeeeeeeeeeeeeeeeeeeeeees 62 1 Introduction The KGS 612F is a managed Gigabit Ethernet switch which is featured with the following switched ports B Three 10 100 1000Mbps Gigabit copper ports E Two combo ports 10 100 1000Mbps copper amp 100Base FX SFP E One combo port 10 100 1000Mbps copper amp 1000Base X SFP and the following advantages in a small footprint box imc eec eee eee eee LS QE
44. orward Delay 15 Force Version Normal 802 1X Configuration Mode Disabled RADIUS IP 0 0 0 0 RADIUS UDP Port 1812 RADIUS Secret None Admin State Force Authorized for all ports Reauthentication Enabled No Reauthentication Period 3600 EAP Timeout 30 Port 1 Port 6 tag 1 Class 0 Port 1 Port 6 tag 2 Class 1 Port 1 Port 6 tag 3 Class 1 Port 1 Port 6 tag 4 Class 2 Port 1 Port 6 tag 5 Class 2 Port 1 Port 6 tag 6 Class 3 Port 1 Port 6 tag 7 Class 3 Mirroring Configuration Mirror source Not select for all ports Mirror Port 1 Port 1 64 Quality of Service Configuration 802 1p Classification DSCP Classification Port Priority QoS 802 1p Mapping Port 1 Port 6 tag 0 Port 1 Port 6 tag 1 Port 1 Port 6 tag 2 Port 1 Port 6 tag 3 Port 1 Port 6 tag 4 Port 1 Port 6 tag 5 Port 1 Port 6 tag 6 Port 1 Port 6 tag 7 QoS DSCP Mapping DSCP 1 Priority DSCP 2 Priority DSCP 3 Priority DSCP 4 Priority DSCP 5 Priority DSCP 6 Priority DSCP 7 Priority All others DSCP QoS Service Policy Port 1 Port 2 Port 3 Port 4 Port 5 Port 6 QoS DSCP Mapping DSCP 1 Priority DSCP 2 Priority DSCP 3 Priority DSCP 4 Priority Disable for all ports Disable for all ports Class 3 for all ports Class 0 Class 0 Class 1 Class 1 Class 2 Class 2 Class 3 Class 3 S Class 0 Class 0 Class 0 Class 0 Class 0 Class 0 Class 0 Class 0 S s S2 gt Strict priority S
45. p the packet is dropped Refer to section 3 2 4 for details about how the Packet Tag information is generated The member ports specified in the matched VLAN group are the admitted egress port range for the packet The packet will never be forwarded to other ports which are not in the member ports The Source Port Check setting of the matched VLAN group is also referred If it is enabled the ingress port will be checked whether it is a member port of this group 3 3 7 Packet Forwarding The forwarding is a process to forward the received packet to one or more egress ports The process uses the following information as forwarding decision Member ports of the matched VLAN group the egress port range for forwarding Source Port Check setting of the matched VLAN group check ingress port membership The packet destination MAC address for MAC address table loop up The switch MAC address table to find the associated port where a MAC address is learned If the MAC address table lookup is matched and the learned port is the VLAN member port the packet is forwarded to the port egress port If the lookup failed the switch will broadcast the packet to all member ports 21 3 3 8 Egress Tagging Rules Egress Tagging rules are used to make change to the packet before it is stored into egress queue of an egress port Three egress settings are provided for each port and are described as follows 3 3 8 1 Egress Settings Inser
46. ports List detailed statistics for all ports LACP port status RSTP protocol status Ping command from the switch to other IP devices Command to reboot the switch Command to restore the switch with factory default settings Command to update the switch firmware Command to logout from the switch management 25 4 4 System System Configuration Configuration MAC Address S W Version H W Version Active IP Address Active Subnet Mask Active Gateway DHCP Server Lease Time Left DHCP Enabled Fallback IP Address Fallback Subnet Mask Fallback Gateway WDT Management VLAN VID CH User priority Name Password SNMP enabled Apply Refresh Note SNMP Trap destination SNMP Read community SNMP Write community SNMP Trap community Description The MAC address factory configured for the switch It can not be changed in any cases The firmware version currently running The hardware version currently operating Currently used IP address for the switch management Currently used subnet mask for IP address for the switch management Currently used gateway IP address for the switch management Current IP address of the DHCP server The time left for the lease IP address currently used Use DHCP to get dynamic IP address configuration for the switch IP address used when DHCP mode is not enabled Subnet mask for IP address used when DHCP mode is not enabled Default gateway IP address
47. process If the connected device is incapable in auto negotiation the switch will sense the speed and use half duplex for the connection Port Configuration Management For making proper connection to an auto negotiation incapable device it is suggested to use port con trol function via software management to set forced mode and specify speed and duplex mode which match the configuration used by the connected device 2 8 Making Fiber Connection The SFP slot must be installed with an SFP fiber transceiver for making fiber connection Your switch may come with some SFP transceivers pre installed when it is shipped Installing SFP Fiber Transceiver To install an SFP fiber transceiver into SFP slot the steps are 1 Turn off the power to the switch 2 Insert the SFP fiber transceiver into the SFP slot Normally a bail is provided for every SFP transceiver Hold the bail and make insertion 3 Until the SFP transceiver is seated securely in the slot place the bail in lock position Connecting Fiber Cables LC connectors are commonly equipped on most SFP transceiver modules Identify TX and RX connector before making cable connection The following figure illustrates a connection example between two fiber ports RX Fiber cable M TX TX 3 Fiber cable Rx Make sure the Rx to Tx connection rule is followed on the both ends of the fiber cable Network Cables Multimode MMP 50 125 62 5 125 Single mode SMF 9 125 Fi
48. ptional SFP type fiber transceivers Auto Forced 1000Mbps Full duplex 1000Mbps MMF 50 125 60 125 SMF 9 125 IEC 825 compliant Combo Ports with 10 100 1000 RJ 45 and 100Mbps SFP Copper interface Compliance Connectors Pin assignments Configuration Transmission rate Duplex support Network cable Fiber interface Compliance Connectors Configuration Transmission rate Network cables Eye safety Switch Functions MAC Addresses Table Forwarding amp filtering Switching technology Maximum packet length Flow control VLAN function QoS function Port control Storm control Aggregation Port Mirroring LED Indicators System Per copper port IEEE 802 3 10Base T IEEE 802 3u 100Base TX IEEE 802 3u 1000Base T Shielded RJ 45 jacks Auto MDI MDI X detection Auto negotiation or software control 10Mbps 100Mbps 1000Mbps Full Half duplex Cat 5 UTP IEEE 802 3u 100Base FX SFP for optional SFP type fiber transceivers Forced 100Mbps Full duplex 100Mbps MMF 50 125 60 125 SMF 9 125 IEC 825 compliant 8K entries Non blocking full wire speed Store and forward 1526 bytes Jumbo frame support disabled IEEE 802 3x pause frame base for full duplex operation Back pressure for half duplex operation Port based VLAN and IEEE 802 1Q Tag based VLAN Port based 802 1p based IP DSCP based Port configuration control via software management Broadcast Multicast storm protection control via software management
49. r ports of two groups are allowed to overlap 2 The member ports in same group can communicate with other members only 3 No packet tag is examined 4 A received packet will not be modified i e tagging or untagging through VLAN operation till it is transmitted 232 4 6 2 Port based VLAN ISP Mode Configuration Joint port Apply Refresh Back Example If Port 6 is selected as the joint port the 5 port based VLAN groups are configured as follows auto matically VLAN Configuration Port based VLAN ISP Mode 1 5 port based VLAN groups are created Each includes 2 member ports 2 Joint port is the overlap among all 5 groups 3 The member ports in group can communicate with each other 4 No packet modification from ingress to egress Example P6 is joint port Groups P1 P6 P2 P6 P3 P6 P4 P6 P5 P6 are created Description Select a port as the joint port for all 5 port based VLAN groups Click to apply the configuration change Click to refresh current configuration Click to go back to upper menu Group 1 member Port 1 Port 6 Group 2 member Port 2 Port 6 Group 3 member Port 3 Port 6 Group 4 member Port 4 Port 6 Group 5 member Port 5 Port 6 Mode Operation 1 The joint port is the shared member port for all groups Un A U N Two member ports are configured in each group The member ports in same group can c
50. ress port It is often used in VLAN classification for untagged packets It is also often used for egress tagging operation DSCP Differentiated Service Code Point 6 bit value field in an IP packet VLAN Table lookup The process of searching VLAN table to find a VLAN which matches the given VID index MAC address table lookup The process of searching MAC address table to find a MAC entry which matches the given destination MAC address and the port where the MAC address is located Packet forwarding also known as packet switching in a network switch based on MAC address table and VLAN table information VLAN forwarding the operation that a packet is forwarded to an egress destination port based on VLAN table information VLAN group configuration information about a VLAN which can be recognized in the switch The information includes a VID associated to the VLAN member ports and some special settings 16 3 2 QoS Function The switch provides a powerful Quality of Service QoS function to guide the packet forwarding in four priority classes The versatile classification methods can meet most of the application needs The following figure illustrates the QoS operation flow when a packet received on the ingress port until it is transmitted out from the egress port Ingress port Packet Priority Classification 802 1p Classification 802 1p mapping tables DSCP Classification DSCP mapping table Port based Classification Def
51. riority policies can be configured for egress operation in per port basis Virtual LAN VLAN For increasing Tagged VLAN applications the switch is also featured with powerful VLAN function to fulfill the up to date VLAN requirements The switch supports both port based VLAN and tagged VLAN in per port basis 802 1x Authentication IEEE 802 1X port based network access control function provide a means of authenticating and autho rizing devices attached to the switched port that has point to point connection characteristics and of preventing access to that port in cases in which the authentication and authorization process fails 6 1 1 Features Provides 6 10 100 1000Mbps RJ 45 one 1000M SFP and two 100M SFPs Provides in band web based management interface All copper ports support auto negotiation and auto MDI MDI X detection Provides full wire speed forwarding Supports 802 3x flow control for full duplex and backpressure for half duplex Provides port status statistic monitoring and control function Supports port based and 802 1Q Tag based VLAN Provides QoS function Provides link aggregation port trunking function with LACP support Provides port mirroring function Provides 802 1X authentication for port access Supports 802 1w RSTP 802 1D STP and 802 18 MSTP Watchdog timer function Supports SFP with Digital Diagnostic Monitoring DDM Provides packet storm control function In band embedded firmware upgrade function
52. rmware mS Upload This menu is used to perform in band firmware switch software upgrade Enter the path and file name of new firmware image file for uploading Configuration Description Filename Path and filename warp format Browse Click to browse your computer file system for the firmware image file Upload Click to start upload 4 22 Logout Logout Are you sure you want to logout This menu is used to perform a logout from the switch management If current user does not perform any management operation over 3 minutes the switch will execute an auto logout and abort the current connection 60 5 SNMP Support SNMP version support Managed Objects RFC SNMP Trap Support Snmp v1 v2c management MIB II system OBJECT IDENTIFIER mib 2 1 interfaces OBJECT IDENTIFIER mib 22 ip OBJECT IDENTIFIER mib 24 snmp OBJECT IDENTIFIER mib 2 11 dotldBridge OBJECT IDENTIFIER mib 2 17 ifMIB OBJECT IDENTIFIER mib 2 31 RFC 3418 Management Information Base MIB for the Simple Network Management Protocol SNMP RFC 1907 Management Information Base for Version 2 of the Simple Network Management Protocol SNMPv2 RFC 1213 Management Information Base for Network Manage ment of TCP IP based internets MIB II RFC 1158 Management Information Base for network manage ment of TCP IP based internets MIB II RFC 1493 Definitions of Managed Objects for Brid
53. t Tag per port setting Enable Insert the Tag data of the associated Packet Tag information into the packet Disable No tagging is performed Untagging Specific VID per port setting Enable No tag insertion if the VID data of the associated Packet Tag information matches the Untagged VID configured in next setting even Insert Tag is enabled Disable This rule is not applied 3 3 9 Summary of VLAN Function VLAN Modes Port based VLAN Mode simple port based 2 VLAN groups mode Port based VLAN ISP Mode simple port based 5 VLAN groups mode Advanced VLAN Mode Full VLAN configuration for port based and Tag based VLAN Advanced VLAN Mode Egress Settings per port Tag Aware Keep Tag Drop Untag Drop Tag Ingress Default Tag per port PVID CFI User Priority VLAN Groups global 8 VLAN groups VLAN Group Settings per group VID Member Ports Source Port Check Egress Settings Insert Tag Untagging Specific VID Untagged VID VLAN range supported 1 4095 eight VLANs at the same time PVID VID Untagged VID value range 1 4095 3 4 802 1X Authentication For some IEEE 802 LAN environments it is desirable to restrict access to the services offered by the LAN to those users and devices that are permitted to make use of those services IEEE 802 1X Port based network access control function provide a means of authenticating and authorizing devices at tached to a LAN port tha
54. t has point to point connection characteristics and of preventing access to that port in cases in which the authentication and authorization process fails The 802 1X standard relies on the client to provide credentials in order to gain access to the network The credentials are not based on a hardware address Instead they can be either a username password combination or a certificate The credentials are not verified by the switch but are sent to a Remote Authentication Dial In User Service RADIUS server which maintains a database of authentication information 802 1X consists of three components for authentication exchange which are as follows 22 802 1X Authenticator Ne 321 VE fe 4 Nas o PC Station Supplicant Authentication Server Radius server An 802 1X authenticator This is the port on the switch that has services to offer to an end device provided the device supplies the proper credentials An 802 1X supplicant This is the end device for example a PC that connects to a switch that is requesting to use the services port of the device The 802 1X supplicant must be able to respond to communicate An 802 1X authentication server This is a RADIUS server that examines the credentials provided to the authenticator from the supplicant and provides the authentication service The authentication server is respon sible for letting the authenticator know if services should be granted The
55. the same time The other con nection attempts will be prompted with a warning message Duplicated Administrator This device is managed by 192 168 0 102 currently A new connection will be accepted when the current user logout successfully or auto logout by the switch due to no access for time out of 3 minutes System Configuration is displayed after a successful login 24 4 3 Main Management Menu Configuration System Ports VLAN Aggregation LACP RSTP 802 1X Mirroring QoS Storm Control Monitoring Statistics Overview Detailed Statistics LACP Status RSTP Status Ping Maintenance Reboot System Restore Default Update Firmware Logout Configuration System Ports VLAN Aggregation LACP RSTP 802 1X Mirroring erus Storm Control Monitoring Statistics Overview Detailed Statistics LACP Status RSTP Status Ping Maintenance Reboot System Restore Default Update Firmware Logout Switch information system and IP related settings Port link status port operation mode configuration VLAN related configuration Port link aggregation port trunking related configuration LACP confguration for port link aggregation RSTP Rapid spanning tree protocol related configuration 802 1X authentication related configuration Port mirroring related configuration Quality of Service related configuration Packet Storm protection control configuration List simple statistics for all
56. to Default Cost 10Mbps 2000000 100Mbps 200000 1000Mbps 20000 Apply Click to apply the configuration change Refresh Click to refresh current configuration 4 10 802 1X Configuration 802 1X Configuration Mode Disable 7 RADIUS IP ooo RADIUS UDP Port 1812 RADIUS Secret Port Admin State Port State 1 Force Authorized 7 802 1X Disabled Re authenticate Force Reinitialize 2 Force authorized y 802 1X Disabled R 7 3 Force Authorized 802 1X Disabled Re authenticate Force Reinitiaize 4 Force authorized y 802 1XDisabled Re authenticate Force Reinitiaize 6 Force Authorized 802 1X Disabled Re authenticate Force Reinitialize Force Reinitialize Parameters Apply Refresh 44 Configuration Mode RADIUS IP RADIUS UDP Port RADIUS Secret Port Admin State Port State Re authenticate Force Reinitialize Re authenticate All Force Reinitialize All Parameters Apply Refresh Description Disabled disable 802 1X function Enabled enable 802 1X function IP address of the Radius server The UDP port for authentication requests to the specified Radius server The encryption key for use during authentication sessions with the Radius server It must match the key used on the Radius server Port number Port 802 1X control Auto set to the Authorized or Unauthorized state in accordance with the outco
57. to activate Tag based mode Tag ignore set to use port based mode and ignore any tag in packet Keep Tag Tag is removed from the received packet if exists Enable set to activate tag removal for VLAN tagged packets Disable set to disable tag removal function Drop Untag Drop all untagged packets and priority tagged packets Enable drop untagged packets and priority tagged packets Disable admit untagged packets and priority tagged packets Drop Tag Drop all VLAN tagged packets Enable drop VLAN tagged packets Disable admit VLAN tagged packets Apply Click to apply the configuration change Refresh Click to refresh current configuration 36 Note l Priority tagged packet VID 0 is treated as untagged packet in the switch 2 Tag Aware setting affects the index used for VLAN classification VLAN table lookup The following table lists the index used Ingress Tag Aware setting Received packet type Tag ignore Tag aware Untagged PVID PVID Priority tagged VID 0 PVID PVID VLAN tagged VID gt 0 PVID Packet tag VID 3 Both Drop Untag and Drop Tag are set to Disable to admit all packets 4 6 3 3 Egress Settings Egress Settings Disable v Disable v i osae z foem 6 bisae z Joisame f Apply _Refresh Back r Remark Insert Tag egress tagging Disable no tag insertion Enable Insert tag to packet when egress Source of Tag inserte
58. trict priority Strict priority Strict priority Strict priority Strict priority S Class 0 Class 0 Class 0 Class 0 SSCs 65 DSCP 5 Priority 0 Class O DSCP 6 Priority 0 Class O DSCP 7 Priority 0 Class O All others DSCP Class 0 QoS Service Policy Port 1 Strict priority Port 2 Strict priority Port 3 Strict priority Port 4 Strict priority Port 5 Strict priority Port 6 Strict priority Storm Control Configuration Broadcast Rate No limit Multicast Rate No limit Flooded Unicast Rate No limit
59. used when DHCP mode is not enabled Enable WDT Watch Dog Timer Set management VLAN information VLAN ID configured for web management to the switch CFI value for web reply packets from the switch Priority value for web reply packets from the switch Set the system name for this switch unit Set new password Enable SNMP agent The IP address of the SNMP trap manager The community allowed for the SNMP get message The community allowed for the SNMP set message The community used for the SNMP trap messages sent by the switch Click to apply the configuration change Click to refresh current configuration l It is suggested to give each switch unit a system name as an alternative unique identifica tion beside IP address 2 Setting change of DHCP mode takes effective in next bootup 3 A watch dog timer WDT is a hardware timing device that triggers a system reset if the system firmware due to some fault condition such as a hang neglects to regularly service the watch dog timer The intention is to bring the system back from the hung state into normal operation The timer is set to 1 72 seconds in this switch 2 4 4 1 Management VLAN Management VLAN settings allow administrator to access the switch and perform the switch manage ment over a dedicated VLAN The following rules are applied with the Management VLAN 1 If the VLAN function is disabled Management VLAN settings are ignored and no VLAN limitation
Download Pdf Manuals
Related Search