KTI Networks KGS-2420 network switch
Contents
1. Port Configuration Port medio speed Flow contol Mma Ectiion Mode Description 1 TP Auto K 9600 Discard SFP auto 2 TP Auto v M 9600 Discard SFP Auto 3 TP Auto v 9600 Discard SFP Auto v 4 TP Auto v 9600 Discard SFP Auto j 5 TP Auto v 9600 Discard SFP Auto v 6 TP Auto v 9600 Discard SFP Auto v 7 TP Auto 9600 Discard SFP Auto y 8 TP Auto v 9600 Discard SFP Auto be 9 SFP Auto bet M 9600 10 SFP Auto Mw 9600 11 SFP Auto hi M 9600 12 SFP Auto s My 9600 13 SFP Auto he 9600 14 SFP Auto hc M 9600 15 SFP Auto v Mw 9600 16 SFP Auto v M 9600 17 SFP Auto v ra 9600 18 SFP Auto v M 9600 19 SFP Auto v al 9600 20 SFP Auto ic 9600 21 SFP Auto hi M 9600 22 SFP Auto iM M 9600 23 SFP Auto Mi M 9600 24 SFP Auto be M 9600 Fig 3 12 52 Parameter description Port To display the port index Media To display the port media type with UTP or SFP Speed Set the speed and duplex of the port In speed if the media is 1Gbps fiber it is always 1000Mbps and the duplex is full o2. VLAN Port Configuration Port VLAN Aware ingress Filtering Frame Type PVID Role untag VID Double Tag 1 o o a M 1 Access o Disable 2 Oo Fi All S 1 Access 0 Disable 3 Oo Oo All ie Access o Disable 4 o o All l1 Access 0 Disable 5 o o All 1 Access v 0 Disable 6 Fi o All i l1 Access 0 Disable 7 o o All Access o Disable 8 El Fi All S 1 Access 0 Disable 9 Fj Fj All vy 1 Access 0 Disable 10 Oo o All i 1 Access 0 Disable 11 Fj Fj All fi Access 0 Disable 12 ual o All i 1 Access 0 Disable 13 o o All 1 Access o Disable M 14 Fi o All 1 Access 0 Disable 15 Fi Fi All 1 Access 0 Disable 16 Fi Fi All vy l1 Access 0 Disable v Fig 3 24 Parameter description Port 1 24 Port number VLAN Aware Based on IEEE 802 1Q VLAN tag to forward packet Ingress Filtering Discard other VLAN group packets only forward this port joined VLAN group packets Frame Type All Forward all tagged and untagged packets Tagged Forward tagged packets only and discard untagged packets 70 PVID This PVID range will be 1 4094 Before you set a number x as PVID you have to create a Tag based VLAN with VID x For example if port x receives an untagged packet the switch will apply the PVID assume as VID y of port x to tag this p
3. Blizzard Battlenet Diablo2 and StarCraft Fighter Ace II Quake2 Quake3 MSN Game Zone o User Definition V Ethernet Type Ox fff VLAN ID 4095 UDP TCP Port Specific pscp 63 Specific g Fig 3 51 Set up Typical Network Application Rules Parameter description Audio and Video QuickTime 4 Server MSN Messenger Phone Yahoo Messenger Phone Napster Real Audio Games Blizzard Battlenet Diablo2 and StarCraft Fighter Ace Il Quake2 Quake3 MSN Game Zone User Definition Ethernet Type VLAN ID UDP TCP Port DSCP Ethernet Type Value Type Range 0x600 0xFFFF VLAN ID VLAN ID Range 1 4094 UDP TCP Port Two Mode Range Specific UDP TCP Port Range Port Range 0 65535 UDP TCP Port No Port Range 0 65535 DSCP Value DSCP Value Range 0 63 100 Set up Typical Network Application Rules According to your selection on the previous page this wizard will create specific QCEs QoS Control Entries automatically First select the QCL ID for these QCEs and then select the traffic class Different parameter options are displayed depending on your selection OCL ID 1 M Traffic Class Low Fig 3 52 Set up Typical Network Application Rules Parameter description QCL ID QCL ID Range 1 24 Traffic Class There are four classes Low Normal Medium High Finished The QCL configuration wizard is finis
4. Apply Note You should be logout every time when you change the state of Virtual Stack Fig 3 10 1 49 Parameter description State It is used for the activation or de activation of VSM Default is Enable Role The role that the switch would like to play in virtual stack Two types of roles including master and slave are offered for option Default is Master Group ID It is the group identifier GID which signs for VSM Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters 50 3 2 Port Configuration Four functions including Port Status Port Configuration Simple Counter and Detail Counter are contained in this function folder for port monitor and management Each of them will be described in detail orderly in the following sections Port Configuration Configuration Simple Counter Detail Counter 51 3 2 1 Port Configuration Port Configuration is applied to change the setting of each port In this configuration function you can set reset the following functions All of them are described in detail below Function name Port Configuration Function description It is used to set each port s operation mode The switch supports 3 parameters for each port They are state mode and flow control
5. autologout autologout Syntax autologout lt time gt Description To set up the timer of autologout Argument lt time gt range 1 to 3600 seconds 0 for autologout off current setting is 180 seconds Possible value lt time gt 0 1 3600 Example SW24GF autologout 3600 Set autologout time to 3600 seconds 239 config file export Syntax export lt current user gt lt ip address gt Description To run the export function Argument lt Usage gt set up current or user lt ip address gt the TFTP server ip address Possible value none Example SW24GF config file export current 192 168 1 63 Export successful import Syntax import lt current user gt lt ip address gt Description To run the import start function Argument None Possible value None Example SW24GF config file import current 192 168 1 63 Import successful firmware Upgrade Syntax upgrade lt ip_address gt lt file_path gt Description To set up the image file that will be upgraded Argument lt ip address gt TFTP server ip address lt filepath gt upgrade file path Possible value lt ip address gt TFTP server ip address lt filepath gt upgrade file path Example SW24GF firmware upgrade 192 168 2 4 SW24GF v2 03 img 240 gvrp set state Syntax set state lt 0 1 gt Description To disable enable the gvrp function Argument 0 disabl
6. 47 3 1 7 System log The System Log provides information about system logs including information when the device was booted how the ports are operating when users logged in when sessions timed out as well as other system information Function name System log Function description The Trap Log Data is displaying the log items including all SNMP Private Trap events SNMP Public traps and user logs occurred in the system In the report table No Time and Events are three fields contained in each trap record System Log Noo fo time Pl ET 1 Mon Mar 09 11 45 58 2009 Login admin 2 Mon Mar 09 08 44 15 2009 Login admin 3 Mon Mar 09 08 37 33 2009 Cold Start 4 Mon Mar 09 08 37 33 2009 Link Up Port 1 Fig 3 11 Parameter description No Display the order number that the trap happened Time Display the time that the trap happened Desc Displays a description event recorded in the System Log Clear Clear log data 48 3 1 8 Virtual Stack Function name Virtual Stack Function description Virtual Stack Management VSM is the group management function Through the proper configuration of this function switches in the same LAN will be grouped automatically And among these switch one switch will be a master machine and the others in this group will become the slave devices VSM offers a simple centralized management function It is not necessary to remember the address of all devices manager is
7. 4j disable 6 disable 7Jdisable J disable oeie 10 disable 11 disable 12 disable 13 disable 14 disable 15 disable 16 disable 17 disable 18 disable 19 disable 20 disable 21 disable 22 disable 23 disable 24 disable O O j Fig 3 163 2 MVID configuration Parameter description MVID The switch supports two kinds of options for managed valid VLAN VID including Client and router Default is Disable When you choose Client you can fill in MVID number The valid VID range is 1 4094 Port The switch supports two kinds of options for managed valid port range including Client and router Default is Disable You can select the ports that you would like them to be worked and restricted in the allowed group configuration if client had been chosen 191 3 15 7 Group Allow Function name Group Allow Function description The Group Allow function allows the IGMP Snooping to set up the IP multicast table based on user s specific conditions IGMP report packets that meet the items you set up will be joined or formed the multicast group Group Allow Piso C Fig 3 163 3 Group Allow Parameter description MVID The switch supports two kinds of options for managed valid VLAN VID including Client a
8. MEEME SS IS IS IS IS IS Ns S S S SI IS S S SI ISI ILS IL 1S S 1S 1S IS SH IS IS IS ILS MEE IS IS S IS SS S EIEE 1S S IS IS SI IS IS ISI IST IS Is v v Ne v wi Auto v v h k 4 Auto m N Parameter description Port 1 24 Fig 3 156 Port Config 178 Path Cost 1 200 000 000 The same definition as in the RSTP specification But in MSTP this parameter can be respectively applied to ports of CIST and ports of any MSTI Priority 0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 The same definition as in the RSTP specification But in MSTP this parameter can be respectively applied to ports of CIST and ports of any MSTI Hello Time 1 2 In contrast with RSTP Hello Time in MSTP is a per port setting for the CIST Admin Edge Yes No The same definition as in the RSTP specification for the CIST ports Admin P2P Auto True False The same definition as in the RSTP specification for the CIST ports Restricted Role Yes No If Yes causes the Port not to be selected as Root Port for the CIST or any MSTI even it has the best spanning tree priority vector Such a Port will be selected as an Alternate Port after the Root Port has been selected This parameter is No by default If set it can cause lack of spanning tree connectivity It is set by a network administrator to prevent bridge
9. lt gt 1 to 24 Example SW24GF loop detection resume 1 24 SW24GF loop detection show Detection Port Locked Port Port Status Port Status 1 Enable 1 Norma 2 Enable 2 Norma 3 Enable 3 Norma 4 Enable 4 Norma 5 Enable 5 Norma 6 Enable 6 Norma 7 Enable 7 Norma 8 Enable 8 Norma Resume Syntax resume lt gt Description To resume locked ports on switch Argument lt gt set up the range of the ports to search for syntax 1 5 7 available form 1 to 24 Possible value lt gt 1 to 24 Example SW24GF loop detection resume 1 24 SW24GF loop detection show 251 Detection Port Locked Port Port Status Port Status 1 Enable 1 Norma 2 Enable 2 Norma 3 Enable 3 Norma 4 Enable 4 Norma 5 Enable 5 Norma 6 Enable 6 Norma 7 Enable 7 Norma 8 Enable 8 Norma show Syntax show Description To display loop detection configure Argument None Possible value None Example SW24GF loop detection show Detection Port Locked Port Port Status Port Status 1 Enable 1 Norma 2 Enable 2 Norma 3 Enable 3 Norma 4 Enable 4 Norma 5 Enable 5 Norma 6 Enable 6 Norma 7 Enable 7 Norma 8 Enable 8 Norma Mac lt lt alias gt gt del Syntax del lt mac gt Description 252 To del mac alias entry Argument lt mac gt set up the MAC format xx xx xx XX XX XX Possible value lt mac gt set up the MAC format xx xx xXx
10. lt group gt 1 8 lt active LACP gt active passive Example SW24GF trunk set trunk 1 4 lacp 1 active show aggtr view Syntax show aggtr view Description To display the aggregator list Argument None Possible value None Example SW24GF trunk show aggtr view Aggregator 1 Method None Member Ports 1 Ready Ports 1 Aggregator 2 Method LACP Member Ports 2 Ready Ports show lacp detail Syntax show lacp detail lt aggtr gt Description To display the detailed information of the LACP trunk group Argument lt aggtr gt aggregator available from 1 to 24 Possible value lt aggtr gt 1 to 24 Example SW24GF trunk show lacp detail 2 Aggregator 2 Information Actor Partner System Priority MAC Address System Priority MAC Address 32768 00 40 c7 e8 00 02 32768 00 00 00 00 00 00 Port Key Trunk Status Port Key 2 257 oe 2 0 299 show lacp priority Syntax show lacp priority Description To display the value of LACP Priority Argument None Possible value None Example SW24GF trunk show lacp priority LACP System Priority 32768 show status Syntax show status Description To display the aggregator status and the settings of each port Argument None Possible value None Example SW24GF trunk show status Trunk Port Setting Trunk Port Status port Method Group Active LACP Aggtregator Status 1 None 0 Active 1 Ready
11. me Fe N a i TESS Soo a ES Ss RE ee e a SS N OES TR SS a FS OAS set lt dscp gt lt tos gt lt tagpriority gt lt qce type gt lt value gt lt class gt Description To add the QCE entry in the specific QCL Argument lt dscp gt dscp field syntax 1 5 7 available from 0 to 63 lt tos gt tos priority available from 1 to 8 lt tagpriority gt tag priority available from 1 to 8 282 2 NNN NNENENNNENY Dh E aio bo NNN NNNENDNS NS o gt o gt gt SoS SSNAN AS SS OS EO SD i BS SS a SS Fe Ba Se iw i SO SS SSA SS SS 00 o 00 9 0 0 CF DH oO v g Go goo WO WO O lt qce type gt ethernet lt value gt Oxfff0 lt class gt high Possible value lt dscp gt dscp field syntax 1 5 7 available from 0 to 63 lt tos gt tos priority available from 1 to 8 lt tagpriority gt tag priority available from 1 to 8 lt qce type gt ethernet lt value gt Oxfff0 lt class gt high Example SW24GF qos qcl set 2 0 3 ethernet Oxfff0 high SW24GF qos qcl show 2 1 QCE Type Ethernet Type Ethernet Type Value 0xfff0 Traffic Class High SW24GF qos qc 1 move Syntax move lt qcl gt lt qce gt lt new qce gt Description To move up the specific QCE entry in the specific QCL Argument lt qcl gt the qcl number available from 1 to 24 lt qce gt the original qce number available from 1 to 12 lt new qce gt
12. the new qce number available from 1 to 12 Possible value lt qcl gt available from 1 to 24 lt qce gt available from 1 to 12 lt new qce gt available from 1 to 12 Example SW24GF qos qel move 2 1 1 delete Syntax delete lt qcl gt lt qce range gt Description To delete the specific QCE entry in the specific QCL Argument lt qcl gt the qcl number available from 1 to 24 lt qce range gt 1 5 7 available from 1 to 12 Possible value lt qcl gt available from 1 to 24 lt qce range gt available from 1 to 12 Example SW24GF qos qcel delete 2 1 283 lt rate gt gt set Syntax set lt range gt lt policer enabled gt lt rate gt lt unit gt lt shaper enabled gt lt rate gt lt unit gt Description To set rate limit configuration Argument lt range syntax gt 1 5 7 available from 1 to 24 lt policer enabled gt 1 means enable and 0 means disable lt rate gt allowed values are 500kbps 1Gkps lt unit gt k means kbps and m means mbps lt shaper enabled gt 1 means enable and 0 means disable lt rate gt allowed values are 500kbps 1Gkps lt unit gt k means kbps and m means mbps Possible value range syntax 1 5 7 available from 1 to 24 policer enabled 1 means enable and 0 means disable rate allowed values are 500kbps 1Gkps unit k means kbps and m means mbps shaper enabled 1 means enable and 0 means disable rate allowed values are 500kbps
13. 192 168 255 255 Please refer to RFC 1597 and RFC 1466 for more information Subnet mask It means the sub division of a class based network or a CIDR block The 26 subnet is used to determine how to split an IP address to the network prefix and the host address in bitwise basis It is designed to utilize IP address more efficiently and ease to manage IP network For a class B network 128 1 2 3 it may have a subnet mask 255 255 0 0 in default in which the first two bytes is with all 1s This means more than 60 thousands of nodes in flat IP address will be at the same network It s too large to manage practically Now if we divide it into smaller network by extending network prefix from 16 bits to say 24 bits that s using its third byte to subnet this class B network Now it has a subnet mask 255 255 255 0 in which each bit of the first three bytes is 1 It s now clear that the first two bytes is used to identify the class B network the third byte is used to identify the subnet within this class B network and of course the last byte is the host number Not all IP address is available in the sub netted network Two special addresses are reserved They are the addresses with all zero s and all one s host number For example an IP address 128 1 2 128 what IP address reserved will be looked like All Os mean the network itself and all 1s mean IP broadcast Network Subnet All Os 128 1 2 128 All 1s 128 1 2 255 19
14. Policy 3 ARP Permit Disabled a amp l OOOO S589 OOOO C9 Policy 3 IPv4 FTP Control Port In Permit Disabled Policy 3 Pv4 FTP Control Port Out Permit Disabled 33838 G9 Policy 3 IPv4 FTP Data Port In Permit Disabled 8 x Policy 3 Pv4 FTP Date Port Out Permit Disabled o Policy 3 IPv4 POP3 In Permit Disabled o OO OW 8838 amp OG OO 6 Policy 3 Pv4 POP3 Out Permit Disabled oa Fig 3 129 Set up Policy Rules Finish Welcome to the ACL Configuration Wizard Please select an action Set up Policy Rules Set up the default policy rules for Client ports Server ports Network ports and Guest ports Set up Port Policies Group ports into several types according to different ACL policies Set up Typical Network Application Rules Set up the specific ACL for different typical network application access control To continue click Next Next gt Fig 3 130 Set up Port Policies Set up Port Policies Group ports into several categories according to different ACL policies for example Client ports work stations laptops Server ports DHCP Web file server Network ports routers switches and Guest ports laptops with Internet access only Port Members 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ODDODDPOODOOODOOOOOO Policy ID 1 Default 1213 S56 O0o000o0d 2 Client OOP0000 O0O00 3 Server 000000 0000 4 Network O0O00O0O
15. SW24GF stp show port Port Port Status Path Cost Priority Admin Edge Port Admin Point To Point DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN DISCARDIN 22 DISCARDIN q to quit ANonF WN He BO ND e e e i e e a a aad e O OOs 0 oOo e a na Ml CO CO MOOOOInarAaQAaADaAAANAIOAQDQIOaADW A DW NW A DWM 23 DISCARDING 24 DISCARDING 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 2000000 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 128 292 2222 22222222222222228228 OO Oy Or VOr OF HOs dO OO OO OF O Oo AOs OPO Oe OO Zz No Aut Au Au Au Au Au Au Au Au Au Au Au Au Au Au Au Au Au Au Au Aut Aut tet te tee tgatetg tgGQqaaoeteaatet tet tt ct Coo o E o a e E a o E E S O E o E e E s E 1 E o E e a e COCO CC E e E e Auto Auto show status Syntax show status Description To display the status of STP Argument None Possible value None Example SW24GF stp show status STP Status STP State Bridge ID Bridge Priority Designated Root Designated
16. Username changed successfully Password changed successfully show Syntax show Description To show system account including account name and identity Argument None 229 Possible value None Example SW24GF account show Account Name Identity admin Administrator guest guest m acl ace Syntax ace lt index gt Description To display the ace configuration Argument lt index gt the access control rule index value Possible value None Example SW24GF acl ace 2 index 2 rule switch vid any tag prio any dmac any frame type arp arp type Request Reply opcode any source ip any destination ip any ARP flag ARP SMAC Match any RARP DMAC Match any IP Ethernet Length any IP any Ethernet any action 1 rate limiter 0 copy port 0 230 action Syntax action lt port gt lt permit deny gt lt rate_limiter gt lt port copy gt Description To set the access control per port as packet filter action rule Argument lt port gt 1 24 lt permit deny gt permit 1 deny 0 lt rate_limiter gt 0 16 O disable lt port copy gt 0 24 0 disable Possible value lt port gt 1 24 lt permit deny gt 0 1 lt rate_limiter gt 0 16 lt port copy gt 0 24 Example SW24GF acl action 5 0 2 2 SW24GF acl show port policy id action rate limiter port copy counter a class map 5 1 deny 2 2 23 1 per
17. When configure the mirror function you should avoid setting a port to be a sniffer port and aggregated port at the same time It will cause something wrong Mirror Configuration Port to mirror to I Disabled Port Source Enable Destination Enable 1 Oo oO 2 oO Ei 3 oO O 4 O O 5 F O 6 oO oO 7 al aj 8 Fi O oO O Pi O Oo El O O O O Fi O a O Fig 3 159 Mirror Configuration Parameter description Port to mirror to Range Disabled Port 1 24 Set the monitoring port Port Range 1 24 Select the monitored ports Source Enable The source enable means the monitored port ingress traffic will be copied to monitoring port Destination Enable The destination enable means the monitored port egress traffic will be copied to monitoring port 184 3 15 Multicast The function Multicast is used to establish the multicast groups to forward the multicast packet to the member ports and in nature avoids wasting the bandwidth while IP multicast packets are running over the network This is because a switch that does not support IGMP or IGMP Snooping can not tell the multicast packet from the broadcast packet so it can only treat them all as the broadcast packet Without IGMP Snooping the multicast packet forwarding function is plain and nothing is different from broadcast packet A switch supported IGMP Snooping with the functions of query report and leave a type of packet exchanged between IP Multicas
18. e The port may be faulty 5 2 Q amp A 1 Computer A can connect to Computer B but cannot connect to Computer C through the Managed Switch v The network device of Computer C may fail to work Please check the link act status of Computer C on the LED indicator Try another network device on this connection v The network configuration of Computer C may be something wrong Please verify the network configuration on Computer C 2 The uplink connection function fails to work v The connection ports on another must be connection ports Please check if connection ports are used on that Managed Switch v Please check the uplink setup of the Managed Switch to verify the uplink function is enabled 3 The console interface cannot appear on the console port connection v The COM port default parameters are Baud Rate 115200 Data Bits 8 Parity Bits None Stop Bit A Flow Control None Please check the COM port property in the terminal program And if the parameters are changed please set the COM configuration to the new setting v Check the RS 232 cable is connected well on the console port of the Managed Switch and COM port of PC v Check if the COM of the PC is enabled 4 How to configure the Managed Switch v _ The Hyperterm is the terminal program in Win95 98 NT Users can also use any other terminal programs in Linux Unix to configure the Managed Switch Please refer to the user guide of that terminal program But the
19. set up 802 1X mode O disable the 802 1 X function 1 set 802 1X to Multi host mode Possible value lt port range gt 1 to 24 lt mode gt 0 or 1 Example SW24GF 802 1X set mode 2 1 SW24GF 802 1X 223 set port control Syntax set port control lt port range gt lt unauthorized authorized auto gt Description To set up 802 1X status of each port Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt authorized gt Set up the status of each port 0 ForceUnauthorized 1 ForceAuthorized 2 Auto Possible value lt port range gt 1 to 24 lt authorized gt 0 1 or 2 Example SW24GF 802 1X set port control 2 2 set quietPeriod Syntax set quietPeriod lt port range gt lt value gt Description A timer used by the Authenticator state machine to define periods of time during when it will not attempt to acquire a Supplicant Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt timer range 0 65535 Possible value lt port range gt 1 to 24 lt value gt 0 65535 default is 60 Example SW24GF 802 1X set quietPeriod 2 30 set reAuthEnabled Syntax set reAuthEnabled lt port range gt lt on off gt Description A constant that define whether regular reauthentication will take place on this port Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt on off gt 0 OFF Disable reauthentication 1 ON Enable reau
20. sym asym vlan setting 1 symmetric vlan 0 asymmetric vlan Possible value lt vid gt 1 to 4094 lt range gt 1 to 24 lt gt 0 or 1 Example SW24GF vlan set tag group 2 VLAN 2 2 5 6 15 13 0 show group Syntax show group Description To display the vlan mode and vlan group Argument None Possible value None Example SW24GF vlan show group Vlan mode is double tag 1 Vlan Name default Vlan ID eal Sym vlan Disable Member 123456789 1011 12 13 14 15 16 2 Vlan Name VLAN 2 Vlan ID 2 Sym vlan Disable Member 23456 13 14 15 show port Syntax show port Description To display pvid ingress egress rule Argument None 305 Possible value None Example SW24GF vlan show pvid Port PVID Rulel Rule2 Port Rule Untag Vid 1 1 Disable Disable Access 2 1 Disable Disable Access 3 5 Disable Disable Access 4 1 Disable Disable Access 3 5 5 Enable Disable Hybrid 6 6 5 Enable Disable Access T 5 Enable Disable Access 8 5 Enable Disable Access 9 1 Enable Disable Access 10 1 Enable Disable Access 5 11 1 Disable Disable Access 23 1 Disable Disable Access 24 1 Disable Disable Access 306 5 Maintenance 5 1 Resolving No Link Condition The possible causes for a no link LED status are as follows e The attached device is not powered on e The cable may not be the correct type or is faulty e The installed building premise cable is faulty
21. 0 01us 1sec 100 Mega bit Table 2 2 Sum up all elements bit time delay and the overall bit time delay of wires devices must be within Round Trip Delay bit times in a half duplex network segment collision domain For full duplex operation this will not be applied You may use the TP Fiber module to extend the TP node distance over fiber optic and provide the long haul connection Typical Network Topology in Deployment A hierarchical network with minimum levels of switch may reduce the timing delay between server and client station Basically with this approach it will minimize the number of switches in any one path will lower the possibility of network loop and will improve network efficiency If more than two switches are connected in the same network select one switch as Level 1 switch and connect all other switches to it at Level 2 Server Host is recommended to connect to the Level 1 switch This is general if no VLAN or other special requirements are applied 18 Case1 All switch ports are in the same local area network Every port can access each other See Fig 2 3 Fig 2 3 No VLAN Configuration Diagram If VLAN is enabled and configured each node in the network that can communicate each other directly is bounded in the same VLAN area Here VLAN area is defined by what VLAN you are using The switch supports both port based VLAN and tag based VLAN They are different in practical deployment espe
22. 159 3 10 4 Statistics Function name 802 1X Port Statistics Port1 Function description Show the IEEE 802 1X authentication related counters for manager monitoring authenticator status Parameter description Port Port Number 1 24 Auto refresh Refresh the authenticator counters in the web UI automatically Refresh Click on the lt Refresh gt to update the authenticator counters in the web UI Clear Click on the lt Clear gt to clear all authenticator counters in the web UI FA k n ba F Rn 5 a a a da 3 Pot1 Auto refresh O Authenticator Counters authEntersConnecting authEapLogoffsWhileConnecting authEntersAuthenticating authAuthSuccessesWhileAuthenticating authAuthTimeouts While Authenticating authAuthFailWhileAuthenticating authAuthEapStarts Whileauthenticating authAuthEapLogoffwhileauthenticating authAuthReauths Whileauthenticated authAuthEapStarts WhileAuthenticated authAuthEapLogoffWhileaAuthenticated JauthEntersConnecting o G me authEntersAuthenticating o mee JauthauthTimeoutswhileauthenticating s G jauthauthFailwhileauthenticating JauthauthEapstartswhileauthenticating S G jauthauthEapLogoffWhileauthenticating JauthauthReauthswhileauthenticated S G jauthauthEapStartsWhileauthenticated JauthauthEapLogoffWhileauthenticated S Backend authenticator Counters ackendResponses ackendAccessChallenges ackendOtherRequestsToSupplicant ackendAuthSucces
23. 2 1 3 1 4 1 5 1 SW24GF ac1 alarm lt lt email gt gt del mail address Syntax del mail address lt gt Description To remove the configuration of E mail address Argument lt gt email address number range 1 to 6 Possible value lt gt 1to6 Example SW24GF alarm email del mail address 2 del server user Syntax del server user Description To remove the configuration of server user account and password Argument None Possible value None Example SW24GF alarm email del server user set mail address Syntax set mail address lt gt lt mail address gt Description To set up the email address Argument 234 lt gt email address number range 1 to 6 lt mail address gt email address Possible value lt gt 1106 Example SW24GF alarm email set mail address 1 abc mail abc com set server Syntax set server lt ip gt Description To set up the IP address of the email server Argument lt ip gt email server ip address or domain name Possible value None Example SW24GF alarm email set server 192 168 1 6 set user Syntax set user lt username gt Description To set up the account and password of the email server Argument lt username gt email server account and password Possible value None Example SW24GF alarm email set user admin show Syntax show Description To display the config
24. 8 characters 46 VID The switch supports two kinds of options for managed valid VLAN VID including Any and Custom Default is Any When you choose Custom you can fill in VID number The valid VID range is 1 4094 IP Range The switch supports two kinds of options for managed valid IP Range including Any and Custom Default is Any In case that Custom had been chosen you can assigned effective IP range The valid range is 0 0 0 0 255 255 255 255 Incoming Port The switch supports two kinds of options for managed valid Port Range including Any and Custom Default is Any You can select the ports that you would like them to be worked and restricted in the management security configuration if Custom had been chosen Access Type The switch supports two kinds of options for managed valid Access Type including Any and Custom Default is Any Http Telnet and SNMP are three ways for the access and managing the switch in case that Custom had been chosen Action The switch supports two kinds of options for managed valid Action Type including Deny and Accept Default is Deny When you choose Deny action you will be restricted and refused to manage the switch due to the Access Type you choose However while you select Accept action you will have the authority to manage the switch
25. Default SNMP function Enable Default community name for GET public Default community name for SET private Default community name for Trap public Default Set function Enable Default trap host IP address 0 0 0 0 Default port number 162 Trap In the switch there are 6 trap hosts supported Each of them has its own community name and IP address is user definable To set up a trap host means to create a trap manager by assigning an IP address to host the trap message In other words the trap host is a network management unit with SNMP manager receiving the trap message from the managed switch with SNMP agent issuing the trap message 6 trap hosts can prevent the important trap message from losing For each public trap the switch supports the trap event Cold Start Warm Start Link Down Link Up and Authentication Failure Trap They can be enabled or disabled individually When enabled the corresponded trap will actively send a trap message to the trap host when a trap happens If all public traps are disabled no public trap message will be sent As to the Enterprise no 6 trap is classified as private trap which are listed in the Trap Alarm Configuration function folder Default for all public traps Enable 108 3 8 ACL The SW24GF switch access control list ACL is probably the most commonly used object in the IOS It is used for packet filtering but also for selecting types of traffic to be analyzed forwarded or influ
26. Just tick the check box MI beside the port x to enable it Add new VLAN 68 Create a new Port based VLAN Input the VLAN name and choose the member by ticking the check box beside the port No then press the lt Apply gt button to have the setting taken effect Create VLAN Group croun 2 VLAN Name AEE TAE aaj a lal al elal aa ala a cal eala iaia a 12 0 13 0 14 0 15 0 16 0 17 0 18 0 19 O 20 O 21 M 22 M 23 M 24M Fig 3 22 Delete Group Just press the lt Delete gt button to remove the selected group entry from the Port based group table Port Based VLAN Memberships Configuration VLAN Name Port Members Delete Group 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 21 22 23 24 Fig 3 23 69 3 3 4 Ports Function name VLAN Port Configuration Function description In VLAN Tag Rule Setting user can input VID number to each port The range of VID number is from 1 to 4094 User also can choose ingress filtering rules to each port There are two ingress filtering rules which can be applied to the switch The Ingress Filtering Rule 1 is forward only packets with VID matching this port s configured VID The Ingress Filtering Rule 2 is drop untagged frame You can also select the Role of each port as Access Trunk or Hybrid
27. OR USING THE SOFTWARE YOU ACCEPT ALL OF THE PROVISIONS AND CONDITIONS OF THIS AGREEMENT THE PROVISIONS EXPRESSED IN THIS AGREEMENT ARE THE ONLY PROVISION UNDER WHICH MANUFACTURE WILL PERMIT YOU TO USE THE SOFTWARE If you do not accept these provisions and conditions please immediately return the unused software manual and the related product Written approval is NOT a prerequisite to the validity or enforceability of this Agreement and no solicitation of any such written approval by or on behalf of Manufacture shall be deemed as an inference to the contrary LICENSE GRANT The end user hereinafter referred to as Licensee of the Software is granted a personal non sublicensable nonexclusive nontransferable license by Manufacture Corporation Manufacture 1 To use the Manufacture s software Software in object code form solely on a single central processing unit owned or leased by Licensee or otherwise embedded in the equipment offered by Manufacture 2 To copy the Software only for backup purposes in support of authorized use of the Software 3 To use and copy the documentation related to the Software solely in support of authorized use of the Software by Licensee The License applies to the Software only except other Manufacture s software or hardware products Without the prior written consent of Manufacture Licensee has no right to receive any source code or design documentation with respect to the Software RESTRICTI
28. Password Username Password Login Cancel Forget Password Fig 2 10 the Login Screen for Web 2 1 5 IP Address Assignment For IP address configuration there are three parameters needed to be filled in They are IP address Subnet Mask Default Gateway and DNS IP address The address of the network device in the network is used for internetworking communication Its address structure looks is shown in the Fig 2 11 It is classful because it is split into predefined address classes or categories Each class has its own network range between the network identifier and host identifier in the 32 bits address Each IP address comprises two parts network identifier address and host identifier address The former indicates the network where the addressed host resides and the latter indicates the individual host in the network which the address of host refers to And the host identifier must be unique in the same LAN Here the term of IP address we used is version 4 known as IPv4 32 bits I Network identifier Host identifier Fig 2 11 IP address structure With the classful addressing it divides IP address into three classes class A class B and class C The rest of IP addresses are for multicast and broadcast The bit length of the network prefix is the same as that of the subnet mask and is denoted as IP address X for example 192 168 1 0 24 Each class has its address range described below
29. Request To Send RTS 7 Clear To Send CTS 8 9 Pin Null Modem Cable CD 1 4 DTR DSR 6 1 CD DTR 4 es 6 DSR RXD 2 3 TXD TXD 3 2 RXD GND 5 5 GND RTS 7 8 CTS CTS 8 7 RTS Reserve 9 9 Reserve 311
30. force version 3 instance id 0 bridge max age 20 bridge forward delay 15 bridge max hops 20 instance priority 4096 bridge mac 00 40 c7 5e 00 09 CIST ROOT PRIORITY 4096 CIST ROOT MAC 00 40 c7 5e 00 09 CIST EXTERNAL ROOT PATH COST 0 CIST ROOT PORT ID 0 CIST REGIONAL ROOT PRIORITY 4096 CIST REGIONAL ROOT MAC 00 40 c7 5e 00 09 CIST INTERNAL ROOT PATH COST 0 CIST CURRENT MAX AGE 20 CIST CURRENT FORWARD DELAY 15 TIME SINCE LAST TOPOLOGY CHANGE SECs 2 TOPOLOGY CHANGE COUNT SECs 0 SW24GF mstp set r role Syntax set r role lt port range gt lt restricted role gt Description To set per port restricted role Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt restricted role gt 0 gt false 1 gt True Possible value lt port range gt 1 to 24 lt restricted role gt 0 gt false 1 gt True Example SW24GF mstp set r role 8 12 1 SW24GF mstp set r role 13 16 0 SW24GF mstp show ports 0 Operational Restricted Port Port Status Role Path Cost Pri Hello Edge Port P2P Role Ten 1 FORWARDING DSGN 200000 128 2 2 V 2 DISCARDING dsbl 2000000 128 2 2 V 3 DISCARDING dsbl 2000000 128 2 2 V 4 DISCARDING dsbl 2000000 128 2 2 V 266 5 FORWARDING DSGN 200000 128 2 2 V V 6 DISCARDING dsbl 2000000 128 2 2 V 7 FORWARDING DSGN 20000 128 2 2 V V 8 DISCARDING dsbl 2000000 128 2 2 V 9 DISCARDING
31. lt JoinTime gt join timer available from 20 to 100 lt LeaveTime gt leave timer available from 60 to 300 lt LeaveAllTime gt leaveall timer available from 1000 to 5000 Leave Time must equal double Join Time at least Possible value lt port gt 1 to 24 lt JoinTime gt 20 to 100 lt LeaveTime gt 60 to 300 lt LeaveAllTime gt 1000 to 5000 Example SW24GF gvrp set timer 2 8 25 80 2000 show Syntax show Description To display the gvrp configuration Argument None Possible value None Example SW24GF gvrp show 243 GVRP state Enable Port Join Time Leave Time LeaveAll Time Applicant Registrar Restricted 20 60 1000 orma orma Disable 2 25 80 2000 orma orma Disable 3 25 80 2000 orma orma Disable 4 25 80 2000 orma orma Disable 5 25 80 2000 orma orma Disable 6 25 80 2000 orma orma Disable 7 25 80 2000 orma orma Disable 8 25 80 2000 orma orma Disable 23 20 60 1000 orma a Disable 24 20 60 1000 orma orma Disable counter Syntax counter lt port gt Description To display the counter number of the port Argument lt port gt port number Possible value lt port gt available from 1 to 24 Example SW24GF evrp counter 2 Received Total GVRP Packets Invalid GVRP Packets LeaveAll message JoinEmpty message JoinIn message LeaveEmpty message Empty message ooooocloCc c Transmitted Total GVRP Packets Invalid GVRP
32. or other natural forces or by the acts of anyone not a party to this agreement or by the inability to secure materials or transportation then the party so affected shall be executed from any further performance for a period of time after the occurrence as may reasonably be necessary to remedy the effects of that occurrence but in no event more than sixty 60 days If any of the stated events should occur Party A shall promptly notify Party B in writing as soon as commercially practicable but in no event more than twenty 20 business days and provide documentation evidencing such occurrence In no event shall the maximum liability of Manufacture under this warranty exceed the purchase price of the Product covered by this warranty DISCLAIMER EXCEPT AS SPECIFICALLY PROVIDED ABOVE AS REQUIRED AS IS AND THE WARRANTIES AND REMEDIES STATED ABOVE ARE EXCLUSIVE AND IN LIEU OF ALL OTHERS ORAL OR WRITTEN EXPRESS OR IMPLIED ANY AND ALL OTHER WARRANTIES INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR THIRD PARTY RIGHTS ARE EXPRESSLY EXCLUDED MANUFACTURE SOFTWARE LICENSE AGREEMENT NOTICE Please carefully read this Software License Agreement hereinafter referred to as this Agreement before copying or using the accompanying software or installing the hardware unit with pre enabled software or firmware each of which is referred to as Software in this Agreement BY COPYING
33. show Description To display the system s DHCP function state IP address subnet mask default gateway DNS mode DNS server IP address and current IP address Argument None Possible value None Example SW24GF ip show DHCP Disable IP Address 192 168 2 237 Current IP Address 192 168 2 237 Subnet mask 255 255 255 0 Gateway 192 168 2 252 DNS Setting Manual DNS Server 168 95 1 1 248 m ip _mac_binding set entry Syntax set entry lt 0 1 gt lt mac gt lt ip gt lt port no gt lt vid gt Description To set ip mac binding entry Argument lt 0 1 gt 0 Client 1 Server lt mac gt mac address lt ip gt ip address lt port gt syntax 1 5 7 available from 1 to 24 lt vid gt vlan id 1 to 4094 Possible value lt 0 1 gt 0 Client 1 Server lt mac gt format 00 02 03 04 05 06 lt ip gt ip address lt port gt 1 to 24 lt vid gt 1 to 4094 Example SW24GF ip_mac_binding set entry 1 00 11 2f de 7b a9 192 168 2 2 1 1 delete ip Syntax delete ip lt 0 1 gt lt ip gt Description Delete ip mac binding entry by ip Argument lt 0 1 gt 0 client 1 server lt ip gt ip address Possible value None Example SW24GF ip_mac_binding delete ip 1 192 168 2 2 set state Syntax show Description To display the mac alias entry Argument None Possible value None Example SW24GF mac tabl
34. that group e When the last of its hosts in a particular multicast group leaves the 8 group sends an unsolicited leave group membership report to the all routers group 244 0 0 2 DHCP Snooping This feature enables the DHCP Snooping to include information about client when forwarding DHCP requests from a DHCP client to a DHCP server via Trust Port DHCP snooping can be configured on LAN switches to harden the security on the LAN to only allow clients with specific IP MAC addresses to have access to the network In short DHCP snooping ensures IP integrity on a Layer 2 switched domain Power Saving The Power saving using the ActiPHY Power Management and PerfectReach Power Management two techniques to detect the client idle and cable length automatically and provides the different power It could efficient to save the switch power and reduce the power consumption Q in Q VLAN for performance amp security The VLAN feature in the switch offers the benefits of both security and performance VLAN is used to isolate traffic between different users and thus provides better security Limiting the broadcast traffic to within the same VLAN broadcast domain also enhances performance Q in Q the use of double VLAN tags is an efficient method for enabling Subscriber Aggregation This is very useful in the MAN Link Layer Discovery Protocol LLDP IEEE Standard 802 1AB Link Layer Discovery Protocol gt Provide more easy debug t
35. 2 LACP 1 Active 2 a 3 LACP 1 Active 3 Soe 4 LACP 1 Active 4 ace 5 LACP 1 Active 5 s 6 LACP 1 Active 6 E T LACP 1 Active T SSS 19 None 0 Active 19 a 20 None 0 Active 20 gt 21 None 0 Active 21 ae 22 None 0 Active 22 SS 23 None 0 Active 23 24 None 0 Active 24 SSS 300 vlan del port group Syntax del port group lt name gt Description To delete the port based vlan group Argument lt name gt which vlan group you want to delete Possible value lt name gt port vlan name Example SW24GF vlan del port group VLAN 2 del tag group Syntax del tag group lt vid gt Description To delete the tag based vlan group Argument lt vid gt which vlan group you want to delete available from 1 to 4094 Possible value lt vid gt 1 to 4094 Example SW24GF vlan del tag group 2 disable drop untag Syntax disable drop untag lt range gt Description Don t drop the untagged frames Argument lt range gt which port s you want to set syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF vlan disable drop untag 5 10 301 disable sym vlan Syntax disable sym vlan lt range gt Description To drop frames from the non member port Argument lt range gt which port s you want to set syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF vian disable sym vlan 5 10 enable drop u
36. 24 lt port speed gt auto set auto negotiation mode 10half set soeed duplex 10M Half 10full set speed duplex 10M Full 100half set speed duplex 100M Half 100full set soeed duplex 100M Full 1Gfull set soeed duplex 1G Full Possible value lt port range gt 1 to 24 lt port speed gt auto 10half 10full 100half 100full 1Gfull Example SW24GF port set speed 3 auto SW24GF port show status Speed Port Link Duplex Rx Pause Tx Pause Description 1 Up 100M Full Disabled Disabled 2 Down Down Disabled Disabled 3 Up 100M Full Disabled Disabled 4 Down Down Disabled Disabled 5 Down Down Disabled Disabled 6 Down Down Disabled Disabled 7 Up 1G Full Disabled Disabled 8 Down Down Disabled Disabled 9 Down Down Disabled Disabled set powersaving Syntax set set powersaving lt port gt lt 0 1 gt Description To set power saving Argument port 1 5 7 available from 1 to 8 0 Disable 1 Enable Possible value lt port index gt 1 to 16 lt power saving gt 0 Disable 1 Enable Example SW24GF port set powersaving 2 1 SW24GF port show config Syntax show config 276 Description To display the each port s configuration information Argument None Possible value None Example SW24GF port show config Speed Flow Maximum Excessive Port Duplex Control Frame Collision Description 1 Auto Disabled 9600 Discard 2 1G Full Disabled 9600 Discar
37. 24 available port number 0 disable mirror function Possible value lt gt 1 to 24 Example SW24GF mirror set mirror 2 set monitor destination Syntax set monitor destination lt range gt Description To set monitor destination port The packets sent by this port will be copied to the monitoring port Argument lt range gt the port that is chosen for monitored port of the mirror function syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF mirror set monitor destination 2 15 SW24GF mirror show o nonea DW 11 12 13 14 15 16 17 18 ae ane e e s a a a oe e a a 260 set monitor source Syntax set monitor source lt range gt Description To set up the monitoring port of the mirror function User can observe the packets that the monitored port received via this port Argument lt range gt the monitoring port that is chosen for the mirror function Only one port is allowed to configure available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF mirror set monitor source 18 SW24GF mirror show Port to mirror to l Port Source Enable Destination Enable 2 y o non A WwW 9 10 11 12 13 14 15 16 17 18 V 19 20 21 22 23 24 SW24GF mirror a a ar e s a a a a a a a 261 show Syntax show Description To display the setting status of mirror configuration Argument None Possi
38. 24 port based VLAN groups 63 Tag based Tag based VLAN identifies its member by VID This is quite different from port based VLAN If there are any more rules in ingress filtering list or egress filtering list the packet will be screened with more filtering criteria to determine if it can be forwarded The switch supports supplement of 802 1q For more details please see the section VLAN in Chapter 3 Each tag based VLAN you built up must be assigned VLAN name and VLAN ID Valid VLAN ID is 1 4094 User can create total up to 4094 Tag VLAN groups Segment A The Segment A mode is a special function for LAN Segmentation Converter Mode application it is working under VLAN function When the segment mode enabled there are max up to 12 LAN segments on the switch and fixed two ports for each LAN segment and each LAN segment will be isolated The fixed segment ports mapping as below Segment Forwarding Port Mapping 1 Port 01 gt Port 09 2 Port 02 gt Port 10 3 Port 03 gt Port 11 4 Port 04 gt Port 12 5 Port 05 gt Port 13 6 Port 06 gt Port 14 7 Port 07 gt Port 15 8 Port 08 gt Port 16 9 Port 17 gt Port 18 10 Port 19 gt Port 20 11 Port 21 gt Port 22 12 Port 23 gt Port 24 Segment B The Segment B mode is a special function for LAN Segmentation Converter Mode application it is working under VLAN function
39. 6 2 OOS Control Tistenna dathceaadasoUeabecianes iscaosbes a a EE AAE e anain 88 2 6 3 Rate LAMIULETS ios cc0kicsdece deasdacesasiecedeassoavieatescsdvadsecedgateccensassoavsGabesenseaddoavigabacceasdes dbeudosaesdssadets 94 3 6 4 Storm 1 6 1 112 SE 96 SESAN AAO oti ots EAE Matted hatte gS EEN A os haat E ead E gh aaa Ta ats da Eada 97 3 7 SNMP CONFIGURATION 2 oss ccaecceigesavstenecs tesbepesaeactetesveddeesscacde duce dusuecdacdedsvseigecncdacss voesedenea leseveasee 107 BaS NG EEE E ek eee ep ea ess a eee E Es i Rs 109 3 8 Ts POTS vccccissivck sates a ai es ASA sai aad AA alo aoa eis Asa aod wh alan Baw A a Raa 109 3 8 2 RAE Limense an Seek ab a aa aa a ae Er aea ainera rain an reei aarre tees 111 3 8 3 Access Control List risna reias earen eoero erT oaae earo Eai aa aoira iain 112 3 8 4 Wizard visiscusccikavessvibacciesidsssssusgectdaeddvasssctiacsdcaVdavesscsdssassasdeusdeciSestsssstseeccdedessdsoutestede ceesbeseesess 140 3 9 IP MAG BINDING norena n a a E AE EE EEAO EA R 146 3 9 1 IP MAC Binding Configuration 0 cccccccccescceecesecesecesecesecsecseeeseesseesseeseeesecesesesecnsecnaenas 146 3 9 2 IP MAC BINDING DYNAMIC ENTRY cccsesseseeececsesssececececsessaececececseseasseceeeceesenssaeseeeeeenes 148 3210 802 1X CONFIGURATION resessie nnee caves t aAA Ea rE EEEE NEATE Aa NEN TEE RS 149 Di ORT Serve nann a a a a a a aaa Nba Ta nae aa a aaa aia ai eira inis 154 3 10 2Port Config r l n i srren ene ieiet aE Eai E R ER EAEE E
40. ACL for different typical network application access control To continue click Next Fig 3 134 Set up Typical Network Application Rules 143 Set up Typical Network Application Rules Set up the specific ACL for different typical network application access control by selecting the network application type for your rule o Common Servers DHCP DNS FTP TELNET o Instant Messaging Google Talk MSN Messenger Yahoo Messenger o User Definition V Ethernet Type ox UDP Port Specific TCP Port Specific Sakei Te Sue fic o Others OOHTTPS COICMP Multicast IP Stream NetBIOS Ping Request C Ping Reply LISNMP CISNMP Traps Cancel lt Back Next gt Fig 3 135 Set up Typical Network Application Rules Set up Typical Network Application Rules According to your decision on the previous page this wizard will create specific ACEs Access Control Entries automatically First select the ingress port for these ACEs and then select the action and rate limiter ID Different parameter options are displayed depending on your selections Ingress Port Rate Limiter ID Disabled Fig 3 136 Set up Typical Network Application Rules Finished The ACL configuration wizard is finished and the new configuration is ready for use Click Finish to get more information Click Wiza
41. Descriptio Capabilities Address Fig 3 18 2 LLDP Entry Parameter description Local port To display the switch local port Chassis ID To display the Chassis ID which connect to the switch and what the neighbor Chassis ID Remote Port ID To display the Remote Port ID which connect to the switch and what the neighbor s remote port ID System name To display the system name which connect to the switch and which device supports the LLDP Port Description To display an alphanumeric string describing the full name and version identification for the system s hardware type software version and networking application System Capabilities To display an includes a bitmask of system capabilities device functions 202 that are supported Also includes information on whether the capabilities are enabled Management Address To display include a specific IP address in the outbound LLDP advertisements for specific ports Auto refresh Refresh the authenticator counters in the web UI automatically Refresh Click on the lt Refresh gt to update the authenticator counters in the web UI 203 3 18 3 LLDP Statistics Function name LLDP Statistics Function description Display the detailed counting number of each port s LLDP traffic LLDP Statistics Auto refresh O Neighbor entries were last changed at 7821 sec ago Total Neighbors Entries Added 0 Total Neighbors Entries Deleted 0 Total Neighb
42. Disabled 9600 Discard salesdepartment 6 Auto Disabled 9600 Discard salesdepartment 7 Auto Disabled 9600 Discard salesdepartment 8 Auto Disabled 9600 Discard salesdepartment 9 Auto Disabled 9600 Discard set excessive collision Syntax set excessive collision lt port range gt lt discard restart gt Description To set port description Argument lt port range gt syntax 1 5 7 available from 1 to 24 Possible value lt port range gt 1 to 24 Example SW24GF port set excessive collision 6 10 restart SW24GF port show config Speed Flow Maximum Excessive Port Duplex Control Frame Collision Description a list of previously run command set priority DISCAR 2 Auto Disabled 9600 Discard 3 Auto Disabled 9600 Discard salesdepartment 4 Auto Disabled 9600 Discard salesdepartment 5 Auto Disabled 9600 Discard salesdepartment 6 Auto Disabled 9600 Restart salesdepartment 7 Auto Disabled 9600 Restart salesdepartment 8 Auto Disabled 9600 Restart salesdepartment 9 Auto Disabled 9600 Restart 10 Auto Disabled 9600 Restart 11 Auto Disabled 9600 Discard set flow control Syntax set flow control lt port range gt lt enable disable gt Description To set per port flow control Argument lt port range gt syntax 1 5 7 available from 1 to 24 Possible value lt port range gt 1 24 Example 274 SW24GF port set flow control 3 10 SW24GF port show config 1 Auto Disabled 9600 Doscard 2 Auto
43. EE e E EEE KEE SEEE E aae EE EEEa eea 56 3 24 Detail COUNT ci eena o e a E EE aE EA e A EE eaS ae S SEEE S 59 3 2 3 Power SAVING o e eE E EE tosh Gute Ra shies Wes Stes th suivedecesuteosss cutee EEE OSE EE Ea teas 62 BoB A De O ARE E E E EEPE E E E E EE E 63 BBL VLAN Mode pisope a e a les sh a Watches knaar i aa aeae 63 3 3 2 Jag based Gro p a ee oe hela ETE sb Ee be tapas pe a EEEE EAA OEE E aaae E EEEE E eS 66 3 3 3 Port based Groups reeeo eeen Eee e E EE aee E errea pa DESEA Such pie Wastes e EEEak 68 SDAP 9 A EEEREN E SE E SEA EE EA A EEA 70 3 3 Port TSOLALOMN mo ereere sven sine o a E eaea ear a eE Sae eee Naa Aattadouees 72 3 3 6 Management orn ereere En E EEE ae EE a E Ea A AKAA AEE eSa SE S Een RES 73 R Y Ve OE EE E E E EEE E E EEEO EE E 74 SAD MGC AdArESS Table srie crrr e E de siddes ce oubade leeds iaa 74 S42 SIGH CPULCR AAAA EAEE A ETE EEE E AAE E EENE ideleas suextetedepese Maspavetetegbeccvsexteusted 76 e a S1111 110E POF WOIG AEAEE E TERA S PEDANE AS E EEA SA EEES A ES A EA 77 B BA EAN Va OEA Y IEE EEA A AEEA EE EA EE E 78 AAE Ka K OE 010 AEE A E E E EE AENEA EE ov ae 79 e ESTE CRVA EA pa PATRE EE ANAE EE AA E E NE E E EE EAS E E E AAS 80 BaD AD E E N E E E A E 80 B22 B017 1A EER AA A E E AEA as EE TE 83 BaD D GHOUP E E ET E 85 3 6 QOS QUALITY OF SERVICE CONFIGURATION cccsssseceeseseeceeseeecseceececseeeecsssaeeecseseeeseseeeesenaees 86 BOD RA O A EEA ccc nae tee AAE EA AS ta es is eee ace cae Na tant ore 86 3
44. IP options SIP Filter SIP Source IP Address Range Any Host Network Any Including all source IP address Host Only one specific source host IP address Network A specific IP subnet segment under the source IP mask SIP Address Default 192 168 1 1 SIP Mask Default 255 255 255 0 DIP Filter DIP Destination IP Address Range Any Host Network Any Including all destination IP address Host Only one specific destination host IP address Network A specific IP subnet segment under the destination IP mask DIP Address Default 192 168 1 254 DIP Mask Default 255 255 255 0 VLAN Parameters VLAN ID Filter Range Any Specific Any Including all VLAN IDs Specific According to following VLAN ID and Tag Priority setting for ingress classification VLAN ID Range 1 4094 138 Tag Priority Range Any 0 7 Any Including all Tag Priority values 0 7 The Tag Priority Value is one of number 0 7 Action Parameters When the ingress frame meet above ACL ingress classification rule you can do the following actions Action Range Permit Deny Permit Permit the met ACL ingress classification rule packets forwarding to other ports on the switch Deny Discard the met ACL ingress classification rule packets Rate Limiter Range Disabled 1 16 Disable Disable Rate Limiter function 1 16 Apply the Rate Limiter Number setting for met ACL ingress rule packtes Port Copy Range Dis
45. MAC binding enabled port the system will block the access by dropping its packet 1 2 Checklist Before you start installing the switch verify that the package contains the following SW24GF 24 port Layer 2 plus Gigabit Managed Switch SFP Modules optional Mounting Accessory for 19 Rack Shelf This User s Manual in CD ROM AC Power Cord RS 232 Cable Please notify your sales representative immediately if any of the aforementioned items is missing or damaged 1 3 Features The SW24GF a standalone off the shelf switch provides the comprehensive features listed below for users to perform system network administration and efficiently and securely serve your network Hardware e 16 SFP Fiber ports 8 10 100 1000Mbps TP or 1000Mbps SFP Fiber dual media auto sense 1392KB on chip frame buffer Support jumbo frame up to 9K bytes Programmable classifier for QoS Layer 4 Multimedia 8K MAC address and 4K VLAN support IEEE802 1Q Per port shaping policing and Broadcast Storm Control Power Saving with ActiPHY Power Management and PerfectReach Power Management techniques IEEE802 1Q Q in Q nested VLAN support Full duplex flow control IEEE 802 3x and half duplex backpressure Extensive front panel diagnostic LEDs System Power TP Port1 8 LINK ACT 10 100 1000Mbps SFP Port 1 24 SFP LINK ACT Management e Supports concisely the status of port and easily port configuration e Supports
46. Message Packets Number of GARP BPDU with Leave Empty message is received by the GARP application 83 Empty Message Packets Number of GARP BPDU with Empty message is received by the GARP application Transmitted Total GVRP Packets Total GARP BPDU is transmitted by the GVRP application Invalid GVRP Packets Number of invalid GARP BPDU is transmitted by the GVRP application LeaveAll Message Packets Number of GARP BPDU with Leave All message is transmitted by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is transmitted by the GARP application Joinin Message Packets Number of GARP BPDU with Join In message is transmitted by the GARP application LeaveEmpty Message Packets Number of GARP BPDU with Leave Empty message is transmitted by the GARP application Empty Message Packets Number of GARP BPDU with Empty message is transmitted by the GARP application 84 3 5 3 Group Function name GVRP Group VLAN Information Function description To show the dynamic group member and their information GVRP VLAN Group Information vib MemberPort i Edit Administrative Control Fig 3 33 Parameter description VID VLAN identifier When GVRP group creates each dynamic VLAN group owns its VID Valid range is 1 4094 Member Port Those are the members belonging to the same dynamic VLAN group Edit Administrative Control When you create G
47. Packets LeaveAll message JoinEmpty message JoinIn message LeaveEmpty message Empty message oooocmccCc l 244 group grpinfo Syntax group grpinfo lt vid gt Description To show the gvrp group Argument lt vid gt To set the vlan id from 1 to 4094 Possible value lt vid gt 1 to 4094 Example SW24GF evrp group grpinfo 2 GVRP group information VID Member Port hostname hostname Syntax hostname lt name gt Description To set up the hostname of the switch Argument lt name gt hostname max 40 characters Possible value lt name gt hostname max 40 characters Example SW24GFH hostname Company Company igmp set drp Syntax set drp lt port gt Description Set router ports to disable Argument lt port gt syntax 1 5 7 available from 1 to 24 Possible value lt port gt 1 to 24 Example SW24GF igmp set drp 1 10 245 set erp Syntax set erp lt port gt Description Set router ports to enable Argument lt port gt syntax 1 5 7 available from 1 to 24 Possible value lt port gt 1 to 24 Example SW24GF igmp set erp 1 set flood Syntax set flood lt state gt Description To set up disable enable unregister ipmc flooding Argument lt state gt O disable 1 enable Possible value lt state gt 0 or 1 Example SW24GF igmp set flood 1 show gm Syntax show gm Description To display grou
48. Ports trunk connections allowed IP Multicast Filtering by passively snooping on the IGMP Query Supports by port Egress Ingress rate control Referred as Class of Service CoS by the IEEE 802 1P standard Classification of packet priority can be based on either a VLAN tag on packet or a user defined Per port QoS Two queues per port IP TOS Classification TCP UDP Port Classification IP DiffServe Classification Limit number of MAC addresses learned per port static MAC addresses stay in the filtering table Bridging 802 1D Spanning Tree IP Multicast IGMP Snooping IP Multicast Packet Filtering Maximum of 256 active VLANs and IP multicast sessions One RS 232 port as local control console Telnet remote control console SNMP agent MIB 2 RFC 1213 Bridge MIB RFC 1493 RMON MIB RFC 1757 statistics Ethernet like MIB RFC 1643 Web browser support based on HTTP Server and CGI parser TFTP software upgrade capability Note Any specification is subject to change without notice 310 Appendix B Null Modem Cable Specifications The DB 9 cable is used for connecting a terminal or terminal emulator to the Managed Switch s RS 232 port to access the command line interface The table below shows the pin assignments for the DB 9 cable Function Mnemonic Pin Carrier CD 1 Receive Data RXD 2 Transmit Data TXD 3 Data Terminal Ready DTR 4 Signal Ground GND 5 Data Set Ready DSR 6
49. Range Disable Normal Advanced Clientless Disable Disable IEEE 802 1X for this port 156 Normal All clients under this port will be authorized when one of the client do 802 1X authentication successfully Advanced Each clients under this port have to do 802 1X authentication by himself Clientless The clients don t need to install 802 1X client function that means the client PC for example WINDOW XP does not need to enable 802 1X client function also can do 802 1X authentication But the network maintainer need to configure the Radius server using each client s MAC address for Radius account ID and password Port Control This is used to set the operation mode of authorization There are three type of operation mode supported ForceUnauthorized ForceAuthorized Auto e ForceUnauthorized The controlled port is forced to hold in the unauthorized state e ForceAuthorized The controlled port is forced to hold in the authorized state e Auto The controlled port is set to be in authorized state or unauthorized state depends on the result of the authentication exchange between the authentication server and the supplicant Default Auto reAuthMax 1 10 The number of authentication attempt that is permitted before the port becomes unauthorized Default 2 txPeriod 1 65535 s Atime period to transmitted EAPOL PDU between the authenticator and the supplicant Default 30 Quiet Period 0 65535
50. Removed Dual Media Swapped 194 3 16 1 Events Function name Email Configuration Function description Alarm configuration is used to configure the persons who should receive the alarm message via either email It depends on your settings An email address has to be set in the web page of alarm configuration See Fig 3 61 Then user can read the trap information from the email This function provides 6 email addresses at most The 24 different trap events will be sent out to SNMP Manager when trap event occurs After ticking trap events you can fill in your desired email addresses Then please click lt Apply gt button to complete the alarm configuration It will take effect in a few seconds Trap Events Configuration Email Select Unselect All O Trap Select Unselect All C Trap Cold Start Warm Start Link Down Link Up Authentication Failure Login Logout Module Inserted Module Removed Dual Media Swapped Looping Detected STP Disabled TH TH Fig 3 164 Trap Events Configuration 195 3 16 2 Email Parameter description Email Mail Server the IP address of the server transferring your email Username your username on the mail server Password your password on the mail server Email Address 1 6 email address that would like to receive the alarm message Alarm Configuration User Name Password Email Adress 1 Email Adress 2 Email Adress 3 Em
51. Replace Fig 3 17 1 DHCP Snooping State Parameter description VID When DHCP snooping is enabled and enabled on the specified VLAN DHCP packet filtering will be performed on any un trusted ports within the VLAN It set a available VLAN ID to enable the DHCP snooping on VLAN interface Trust Port 1 If DHCP snooping is enabled globally and also enabled on the VLAN where the DHCP packet is received all DHCP packets are forwarded for a trusted por It set a trust port 1 available port from 0 to 24 0 is disabled Trust port 2 It set a trust port 2 available port from 0 to 24 0 is disabled Trust VID It set a trust VLAN ID available VID from 1 to 4094 Server IP It set a trust DHCP Server IP address for DHCP Snooping Option 82 It set the DHCP Option 82 function on the switch default is Disable Action It set the switch when received a client DHCP request packet then action for filtering available action keep drop replace Note Filtering rules are implemented as follows If the DHCP snooping is disabled all DHCP packets are forwarded If DHCP snooping is enabled and also enabled on the VLAN where the DHCP packet is received all DHCP packets are forwarded for a trusted port If DHCP snooping is enabled and also enabled on the VLAN where the DHCP packet is received but the port is not trusted it is 198 processed as follows If the DHCP packet is a reply packet from a DHCP server the pac
52. Specific Range Any Including all TCP destination ports Specific According to following Dest Port No setting for ingress classification Range According to following Dest Port Range setting for ingress classification Dest Port No Range 0 65535 Dest Port Range Range 0 65535 TCP FIN TCP Control Bit FIN Means No more data from sender Range Any 0 1 Any Including all TCP FIN case 0 The TCP control bit FIN is 0 1 The TCP control bit FIN is 1 TCP SYN TCP Control Bit SYN Means Synchronize sequence numbers Range Any 0 1 Any Including all TCP SYN case 0 The TCP control bit SYN is 0 1 The TCP control bit SYN is 1 TCP RST TCP Control Bit RST Means Reset the connection Range Any 0 1 Any Including all TCP RST case 0 The TCP control bit RST is 0 1 The TCP control bit RST is 1 TCP PSH TCP Control Bit PSH Means Push Function Range Any 0 1 Any Including all TCP PSH case 0 The TCP control bit PSH is 0 1 The TCP control bit PSH is 1 136 TCP ACK TCP Control Bit ACK Means Acknowledgment field significant Range Any 0 1 Any Including all TCP ACK case 0 The TCP control bit ACK is 0 1 The TCP control bit ACK is 1 TCP URG TCP Control Bit URG Means Urgent Pointer field significant Range Any 0 1 Any Including all TCP URG case 0 The TCP control bit URG is 0 1 The TCP control bit URG is 1 IP Protocol Value The IP Protocol Value is TCP options may occupy space at the end of the TCP
53. This is ex factory setting and cannot be altered In Web UI two restore default functions are offered for the user to restore to the default setting of the switch One is the function of Restore Default Configuration included default IP address the IP address will restore to default 192 168 1 1 as you use it The other is the function of Restore Default Configuration without changing current IP address the IP address will keep the same one that you had saved before by performing this function Working Configuration It is the configuration you are using currently and can be changed any time The configurations you are using are saved into this configuration file This is updated each time as you press lt Apply gt button User Configuration It is the configuration file for the specified or backup purposes and can be updated while having confirmed the configuration You can retrieve it by performing Restore User Configuration 206 3 19 1 Factory Defaults Function name Restore Default Configuration includes default IP address Function description Restore Default Configuration function can retrieve ex factory setting to replace the start configuration And the IP address of the switch will also be restored to 192 168 1 1 Factory Defaults Are you sure you want to reset the configuration to Factory Default Fig 3 166 Factory Defaults 3 19 2 Save Start Function name Save As Start Configurati
54. You enable IGMP on the interfaces that connect the system to its hosts that are farther away from the root of the tree These interfaces are known as downstream interfaces Please refer to 3 15 1 for detail IGMP Proxy function description Member Port 66 This is used to enable or disable if a port is a member of the new added VLAN Enable means it is a member of the VLAN Just tick the check box MI beside the port x to enable it Add new VLAN Please click on lt Add new VLAN gt to create a new Tag based VLAN Input the VLAN name as well as VID configure the SYM VLAN function and choose the member by ticking the check box beside the port No then press the lt Apply gt button to have the setting taken effect Create VLAN Group vano E annae ECE C Enable Privite VLAN Enable ae lal al eager se ies zal eer ert 9 0 10 M 11 M 12 M 13 M 14 M 15 M 16 0 17 0 18 0 19 0 20 0 21 0 22 0 23 0 24 00 Fig 3 19 Delete Group Just press the lt Delete gt button to remove the selected group entry from the Tag based group table Tag Based VLAN Memberships Configuration Port Members VLAN Name VLAN IGMP Privite Delete ID Proxy VLAN 2345 67 8 9 1011 12 13 14 15 16 17 18 19 20 21 22 23 24 Default 123456789 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Le Disable Disable vlan2 10 2 disable enable Add new VLAN Delete Fig 3 20 Not
55. few seconds later the switch will report you the pinged device is alive or dead in the field of Ping Result Parameter description IP Address An IP address with the version of v4 e g 192 168 1 1 Default Gateway IP address of the default gateway For more details please see the section of IP address in Chapter 2 ICMP Ping IP Address Ping size 64 Fig 3 172 ICMP Ping 211 3 22 Maintenance This chapter will introduce the reset and firmware upgrade function for the firmware upgrade and key parameters change system maintenance requirements 3 22 1 Reset Device Function name Reset Device Function description We offer you many ways to reset the switch including power up hardware reset and software reset You can press the RESET button in the front panel to reset the switch After upgrading software changing IP configuration or changing VLAN mode configuration then you must reboot to have the new configuration taken effect Here we are discussing is software reset for the reboot in the main menu Warm Reset Are you sure you want to perform a Warm Restart Fig 3 174 Warm Reset 3 22 2 Software Upload Function name Software Upload Function description Click on lt Browse gt to select a specific SW24GF firmware file from the Web management PC then click on lt Upload gt to confirm the upgrade firmware action The new firmware will be uploaded into the switch and write into flash
56. lt Edit gt and lt Delete gt function buttons User can add a new VLAN group by inputting a new VLAN name and VLAN ID Tag Based VLAN Memberships Configuration VLAN Name Port Members VLAN IGMP Privite 5 9 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Delete I Proxy VLAN 123456789 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ___ EE Add new VLAN Delete Fig 3 18 Parameter description VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters VLAN ID VLAN identifier Each tag based VLAN group has a unique VID It appears only in tag based and Double tag mode IGMP Proxy IGMP proxy enables the switch to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP interfaces The system acts as a proxy for its hosts This switch can be set IGMP function Enable or Disable by VLAN group If the VLAN group IGMP proxy is disabled the switch will stop the exchange of IGMP messages in the VLAN group members If the VLAN group IGMP proxy is enabled the switch will support the exchange of IGMP messages in the VLAN group members and follow up IGMP proxy router port configuration which connects to a router closer to the root of the tree This interface is the upstream interface The router on the upstream interface should be running IGMP
57. lt range gt lt path cost gt lt priority gt lt edge_port gt lt admin p2p gt Description To set up the port information of STP Argument lt range gt syntax 1 5 7 available from 1 to 24 lt path cost gt 0 1 200000000 The value zero means auto status lt priority gt priority must be a multiple of 16 available from 0 to 240 lt edge_port gt Admin Edge Port lt yes no gt lt admin p2p gt Admin point to point lt auto true false gt Possible value lt range gt 1 to 24 lt path cost gt 0 1 200000000 lt priority gt 0 to 240 lt edge_port gt yes no lt admin p2p gt auto true false Example SW24GF stp set port 1 16 0 128 yes auto 290 set version Syntax set version lt stp rstp gt Description To set up the version of STP Argument lt stp rstp gt stp rstp Possible value lt stp rstp gt stp rstp Example SW24GF stp set version rstp show config Syntax show config Description To display the configuration of STP Argument None Possible value None Example SW24GF stp show config STP State Configuration Spanning Tree Protocol Enabled Bridge Priority 0 61440 61440 Hello Time 1 10 sec E Max Age 6 40 sec 20 Forward Delay 4 30 sec 15 Force Version RSTP 291 show port Syntax show port Description To display the port information of STP Argument None Possible value None Example SW24GFH stp
58. lt value gt action lt value gt Description To add a new management policy entry Argument Synopsis add name George ip 192 168 1 1 192 168 1 90 port 2 5 8 type h s action a Synopsis add name Mary ip 192 168 2 1 192 168 2 90 action deny Possible value None Example SW24GF policy add name Mary ip 192 168 3 1 192 168 3 4 action deny SW24GF policy show 1 Name george IP Range 192 168 1 1 192 168 1 90 271 Action Accept Access Type Port 2 3458 2 Name rulel IP Range Action Deny Access Type Port 11 12 13 14 15 3 Name Mary IP Range Action Deny Access Type Port Any SW24GF policy delete Syntax delete lt index gt Description To add a new management policy entry Argument HTTP SNMP 192 168 2 1 192 168 2 30 HTTP TELENT SNMP 192 168 3 1 192 168 3 4 Any lt index gt a specific or range management policy entry s e g delete 2 3 8 12 Possible value lt index gt a specific or range management policy entry s SW24GF policy add name rule2 ip 192 168 4 23 192 168 4 33 port 6 8 type Example s t action d SW24GF policy show 1 Name rulel IP Range Action Deny Access Type Port 23 45 2 Name rule2 IP Range Action Deny Access Type Port 678 SW24GF policy delete 2 SW24GF policy show 1 Name rulel IP Range Action Deny Access Type Port 2 23 45 SW24GF policy show Synt
59. mode that the user connects to the switch According to the mode users can be classified into two types Those who are able to connect to the switch Accept and those who are unable to connect to the switch Deny Some restrictions also can be placed on the mode that the user connect to the switch for example we can decide that which VLAN VID is able to be accepted or denied by the switch the IP range of the user could be accepted or denied by the switch the port that the user is allowed or not allowed to connect with the switch or the way of controlling and connecting to the switch via Http Telnet or SNMP Management Policy List No Name IP Range Access Type Action Port Members 1 Any Delete Fig 3 9 Create Management Policy Name S TP Range d Access Type Any DOO ta Custom Oo je C TELNET CO SNMP Incoming Port Action Any Deny 1 y Bs 4 S 6 Ta 8 9 10 11 12 Accept 13 14 15 16 17 18 19 20 21 22 23 24 Fig 3 10 Add A new entry of Management Security Configuration can be created after the parameters as mentioned above had been setup and then press lt Add gt button Of course the existed entry also can be modified by pressing this button Delete Remove the existed entry of Management Security Configuration from the management security table Name A name is composed of any letter A Z a z and digit 0 9 with maximal
60. network accommodating a maximum of 15 nodes in the network Default gateway For the routed packet if the destination is not in the routing table all the traffic is put into the device with the designated IP address known as default router Basically it is a routing policy The gateway setting is used for Trap Events Host only in the switch For assigning an IP address to the switch you just have to check what the IP address of the network will be connected with the switch Use the same network address and append your host address to it 28 IP Configuration Subnet Mask CEEC 192 168 1 254 DNS Server Manual 0 0 0 0 Fig 2 12 First IP Address as shown in the Fig 2 12 enter 192 168 1 1 for instance For sure an IP address such as 192 168 1 x must be set on your PC Second Subnet Mask as shown in the Fig 2 12 enter 255 255 255 0 Any subnet mask such as 255 255 255 x is allowable in this case DNS The Domain Name Server translates human readable machine name to IP address Every machine on the Internet has a unique IP address A server generally has a static IP address To connect to a server the client needs to know the IP of the server However user generally uses the name to connect to the server Thus the switch DNS client program such as a browser will ask the DNS to resolve the IP address of the named server 29 2 2 Typical Applications The SW24GF implemen
61. of frames dropped due to the lack of transmitting buffer Auto refresh The detail counts will be refreshed automatically on the UI screen Refresh The detail counts will be refreshed manually when user use mouse to click on Refresh button Clear The detail counts will be reset to zero when user use mouse to click on Clear button 61 3 2 5 Power Saving The function of Power Saving and provides the Power saving for reduce the power consumption with ActiPHY Power Management and PerfectReach Power Management two technique lt could efficient saving the switch Power when the client idle and detec the cable length to provide different power Function name Power Saving Function description The function using ActiPHY Power Management and PerfectReach Power Management to save the switch s power consumption Power Saving Select Unselect All O S E a 2 O Fig 3 16 1 Parameter description Power Saving The parameter will enable or disable to verify switches have the ability to consider the length of any Ethernet cable connected for adjustment of power usage accordingly Shorter lengths require less power link down mode removes power for each port that does not have a device attached Default Disable 62 3 3 VLAN The switch supports Tag based VLAN 802 1Q and Port based VLAN Support 4094 active VLANs and VLAN ID 1 4094 VLAN configuration is used to partition your LAN in
62. per port traffic monitoring counters e Supports a snapshot of the system Information when you login e Supports port mirror function e Supports the static trunk function 10 Supports 802 1Q VLAN Supports user management and limits three users to login Maximal packet length can be up to 9600 bytes for jumbo frame application Supports DHCP Broadcasting Suppression to avoid network suspended or crashed e Supports Link Layer Discovery Protocol LLDP Supports to send the trap event while monitored events happened Supports default configuration which can be restored to overwrite the current configuration which is working on via web browser and CLI Supports on line plug unplug SFP modules Supports Quality of Service QoS for real time applications based on the information taken from Layer 2 to Layer 4 such as VoIP Built in web based management and CLI management providing a more convenient UI for the user Supports port mirror function with ingress egress traffic Supports rapid spanning tree 802 1w RSTP Supports multiple spanning tree 802 1s MSTP Supports 802 1X port security on a VLAN Supports IP MAC Port Binding for LAN security Supports user management and only first login administrator can configure the device The rest of users can only view the switch SNMP access can be disabled and prevent from illegal SNMP access Supports Ingress Non unicast and Egress Bandwidth rating management with a resolution of 1Mbps T
63. plug it Use Cat 5 grade RJ 45 TP cable to connect to a TP port of the switch and the other end is connected to a network aware device such as a workstation or a server Repeat the above steps as needed for each RJ 45 port to be connected to a Gigabit 10 100 1000 TP device Now you can start having the switch in operation e Power On The switch supports 100 240 VAC 50 60 Hz power supply The power supply will automatically convert the local AC power source to DC power It does not matter whether any connection plugged into the switch or not when power on even modules as well After the power is on all LED indicators will light up immediately and then all off except the power LED still keeps on This represents a reset of the system Firmware Loading After resetting the bootloader will load the firmware into the memory It will take about 30 seconds after that the switch will flash all the LED once and automatically performs self test and is in ready state 15 2 1 2 Installing Chassis to a 19 Inch Wiring Closet Rail Fig 2 2 Caution Allow a proper spacing and proper air ventilation for the cooling fan at both sides of the chassis Wear a grounding device for electrostatic discharge Screw the mounting accessory to the front side of the switch See Fig 2 2 Place the Chassis into the 19 inch wiring closet rail and locate it at the proper position Then fix the Chassis by screwi
64. port uses to aggregate with other ports None A port does not want to aggregate with any other port should choose this default setting 163 Group LACP A port use LACP as its trunk method to get aggregated with other ports also using LACP Static A port use Static Trunk as its trunk method to get aggregated with other ports also using Static Trunk Ports choosing the same trunking method other than None must be assigned a unique Group number i e Group ID valid value is from 1 to 8 in order to declare that they wish to aggregate with each other Active LACP This field is only referenced when a port s trunking method is LACP Aggotr Active An Active LACP port begins to send LACPDU to its link partner right after the LACP protocol entity started to take control of this port Passive A Passive LACP port will not actively send LACPDU out before it receives an LACPDU from its link partner Aggir is an abbreviation of aggregator Every port is also an aggregator and its own aggregator ID is the same as its own Port No We can regard an aggregator as a representative of a trunking group Ports with same Group ID and using same trunking method will have the opportunity to aggregate to a particular aggregator port This aggregator port is usually the port with the smallest Port No within the trunking group Status This field represents the trunking status of a port which uses a trunking met
65. s A period of time during which we will not attempt to access the supplicant Deafult 60 seconds reAuthEnabled Choose whether regular authentication will take place in this port Default ON 157 reAuthPeriod 1 65535 s Anon zero number seconds between the periodic re authentication of the supplicant Default 3600 max Request 1 10 The maximum of number times that the authenticator will retransmit an EAP Request to the supplicant before it times out the authentication session The valid range 1 10 Default 2 times suppTimeout 1 65535 s A timeout condition in the exchange between the authenticator and the supplicant The valid range 1 65535 Default 30 seconds serverTimeout 1 65535 s A timeout condition in the exchange between the authenticator and the authentication server The valid range 1 65535 Default 30 seconds 158 3 10 3 Status Function name 802 1X Status Function description Show the each port IEEE 802 1X authentication current operating mode and status Parameter description Port Port number 1 24 Mode Show this port IEEE 802 1X operating mode There are four modes Disable Normal Advance and Clientless Status Show this port IEEE 802 1X security current status Authorized or Unauthorized 802 1X Status Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable Disable _ Fig 3 143 802 1X Status
66. serial port running a terminal emulator supporting VT100 ANSI terminal with The switch s serial port default settings For example Windows98 2000 XP HyperTerminal utility Note The switch s serial port default settings are listed as follows Baud rate 115200 Stop bits 1 Data bits 8 Parity N Flow control none 4 When you complete the connection then press lt Enter gt key The login prompt will be shown on the screen The default username and password are shown as below Username admin Password admin 22 Set IP Address Subnet Mask and Default Gateway IP Address Please refer to Fig 2 7 CLI Management for details about ex factory IP setting They are default setting of IP address You can first either configure your PC IP address or change IP address of the switch next to change the IP address of default gateway and subnet mask For example your network address is 10 1 1 0 and subnet mask is 255 255 255 0 You can change the switch s default IP address 192 168 1 1 to 10 1 1 1 and set the subnet mask to be 255 255 255 0 Then choose your default gateway may be it is 10 1 1 254 Default Value SW24GF Your Network Setting IP Address 192 168 1 1 10 1 1 1 Subnet 255 255 255 0 255 255 255 0 Default Gateway 192 168 1 254 10 1 1 254 Table 2 3 After completing these settings in the switch it will reboot to have the configuration taken effect After this step you can operat
67. set suppTimeout 2 30 set txPeriod Syntax set txPeriod lt port range gt lt value gt Description A timer used by the Authenticator PAE state machine to determine when an EAPOL PDU is to be transmitted Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt timer range 1 65535 Possible value lt port range gt 1 to 24 lt value gt 1 65535 default is 30 Example SW24GF 802 1X set txPeriod 2 30 226 show status Syntax show status Description To display the mode of each port Argument None Possible value None Example SW24GF 802 1X show status Port Mode Disable Multi host Disable Disable Disable Disable O OI AUNE show port config Syntax show port config lt port range gt Description To display the parameter settings of each port Argument lt port range gt syntax 1 5 7 available from 1 to 24 Possible value lt port range gt 1 to 24 Example SW24GF 802 1X show port config 1 2 port 1 Mode Disabled port control Auto reAuthMax 222 txPeriod 30 Quiet Period 60 reAuthEnabled ON reAuthPeriod 120 max Request 2 suppTimeout 30 serverTimeout 30 port 2 Mode Disabled port control Auto reAuthMax 2 txPeriod 30 Quiet Period 60 reAuthEnabled ON 227 reAuthPeriod 120 max Request 2 suppTimeout 30 serverTimeout 30 show statistics Syntax show statistics lt gt
68. status versus the status of port mode set in 802 1X Port mode port control state set in 802 1X port setting Here Entry Authorized means MAC entry is authorized Port Mode Port Control Authentication Port Status Disable Don t Care Don t Care Port Uncontrolled Multihost Auto Successful Port Authorized Multihost Auto Failure Port Unauthorized Multihost ForceUnauthorized Don t Care Port Unauthorized Multihost ForceAuthorized Don t Care Port Authorized Table 3 3 153 3 10 1 Server Function name 802 1X Server Configuration Function description This function is used to configure the global parameters for RADIUS authentication in 802 1X port security application N _ gt x lt n 3 S 3 O 53 F a o 3 5 Authentication Server isa te G 192 168 1 1 UDP Port 812 i Sa UGGLA 192 168 1 1 UDP Port m co H N Secret Key Accounting Server ea E 192 168 1 1 I UDP Port 813 ea UGGLA 192 168 1 1 UDP Port p co rae en Secret Key Save Fig 3 141 802 1X Server Configuration Parameter description Authentication Server Server IP Server Server IP address for authentication Default 192 168 1 1 UDP Port 154 Default port number is 1812 Secret Key The secret key between authentication server and authenticator It is a string with the length 1 31 characters The character string may contain upper case lowe
69. supplicant and other devices connected to this port can access the network If the authenticator receives a Radius Access Reject it will send an EAP Failure to the supplicant This means the supplicant is failed to authenticate The port it connected is in the unauthorized state the supplicant and the devices connected to this port won t be allowed to access the network 10 When the supplicant issue an EAP Logoff message to Authentication server the port you are using is set to be unauthorized Bridge om Radius Server PC Port connect Access blocked EAPOL Start EAPOL Authenticator EAP Request Identity Radius Access Request EAP Response Identity Radius Access Challenge EAP Request Radius Access Request EAP Response cred EAP Sie ess Radius Access Accept EAP Failure EAP Logoff Access allowed Fig 3 55 152 Only MultiHost 802 1X is the type of authentication supported in the switch In this mode for the devices connected to this port once a supplicant is authorized the devices connected to this port can access the network resource through this port 802 1X Port based Network Access Control function supported by the switch is little bit complex for it just support basic Multihost mode which can distinguish the device s MAC address and its VID The following table is the summary of the combination of the authentication status and the port
70. the switch it supports a simple user management function allowing only one administrator to configure the system at the same time If there are two or more users using administrator s identity the switch will allow the only one who logins first to configure the system The rest of users even with administrator s identity can only monitor the system For those who have no administrator s identity can only monitor the system There are only a maximum of three users able to login simultaneously in the switch To optimize the display effect we recommend you use Microsoft IE 6 0 32 above Netscape V7 1 above or FireFox V1 00 above and have the resolution 1024x768 The switch supported neutral web browser interface In Fig 3 2 for example left section is the whole function tree with web user interface and we will travel it through this chapter Please Input Username amp Password Username admin Password ese Forget Password Fig 3 1 3 1 Web Management Home Overview After you login the switch shows you the system information as Fig 3 2 This page is default and tells you the basic information of the system including Model Name System Description Location Contact Device Name System Up Time Current Time BIOS Version Firmware Version Hardware Mechanical Version Serial Number Host IP Address Host Mac Address Devi
71. transparent to bridges outside this region CIST REGIONAL ROOT MAC Mac Address of the CIST regional root bridge CIST INTERNAL ROOT PATH COST Root path cost value from the point of view of the bridges inside the IST CIST CURRENT MAX AGE Max Age of the CIST Root bridge CIST CURRENT FORWARD DELAY Forward Delay of the CIST Root bridge TIME SINCE LAST TOPOLOGY CHANGE SECs Time Since Last Topology Change is the elapsed time in unit of seconds for a bunch of Topology Change and or Topology Change Notification receiving to occur When new series of Topology Changes occur again this counter will be reset to 0 TOPOLOGY CHANGE COUNT SECs The per spanning tree instanceTopology Change Count expresses the time spent in unit of seconds since the beginning of the Spanning Tree Topology Change to the end of the STP convergence Once there is no topology change occurring and no more topology change notification received the Topology Change count will be reset to 0 181 Port Status of Instance 0 Role Path Cost Priority Hello Oper Edge Oper P2P Restricted Role Restricted Ten v FORWARDING DSGN 20000 2 2 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 DISCARDING dsbl 2000000 1 2 3 4 5 6 7 8 9 lt x l
72. 00 00 00 01 Fig 3 71 Ethernet Type Parameters DEEEF Fig 3 72 ACE Configuration Permit MAC Parameters VLAN Parameters Any Em ARP Parameters Fig 3 73 ARP 115 ARP Parameters Other Fig 3 74 ARP ARP Parameters Any Request Repl Fig 3 75 ARP ARP Parameters Fig 3 76 ARP ARP Parameters Fig 3 77 ARP 116 ARP Parameters 192 168 1 1 255 255 255 0 Any Fig 3 79 ARP ARP Parameters Apply Fig 3 80 ARP ARP Parameters Any 192 168 1 254 Fig 3 81 ARP ARP Parameters 192 168 1 254 255 255 255 0 Fig 3 82 ARP 117 Fig 3 87 ARP 118 ACE Configuration IP MAC Parameters VLAN Parameters Any IP Parameters Fig 3 88 IPv4 IP Parameters Fig 3 89 IPv4 ICMP Parameters Any Any Fig 3 90 IPv4 119 ICMP Parameters Any Fig 3 91 IPv4 ICMP Parameters Fig 3 92 IPv4 ICMP Parameters Any Any Any Fig 3 93 IPv4 ICMP Parameters Fig 3 94 IPv4 UDP Parameters Any Any KIKI Fig 3 95 IPv4 120 UDP Parameters Fig 3 96 IPv4 UDP Parameters Fig 3 97 IPv4 UDP Parameters Fig 3 98 IPv4 UDP Parameters Fig 3 99 IPv4 UDP Parameters o Fig 3 100 IPv4 121 UDP Parameters Fig 3 101 IPv4 TCP Parameters Fig 3 102 IPv4 TCP Parameters Any x Any Range Fig 3 103 IPv4 TC
73. 000Base SX LX standards 1000Mbps Single Fiber WDM BiDi transceiver is designed with an optic Wavelength Division Multiplexing WDM technology that transports bi directional full duplex signal over a single fiber simultaneously For upgrading firmware please refer to the Section 3 21 or Section 4 2 2 for more details The switch will not stop operating while upgrading firmware and after that the configuration keeps unchanged Note The switch was for using indoor purpose if it was used in outdoor environment or connect with cable to outdoor then it must to use a lightning arrester to protect the switch e Key Features in the Device QoS Support Quality of Service by the IEEE 802 1P standard There are two priority queue and packet transmission schedule Spanning Tree VLAN Support IEEE 802 1D IEEE 802 1w RSTP Rapid Spanning Tree Protocol standards Support Port based VLAN and IEEE802 1Q Tag VLAN Support 256 active VLANs and VLAN ID 1 4094 Port Trunking Support static port trunking and port trunking with IEEE 802 3ad LACP Bandwidth Control Support ingress and egress per port bandwidth control Port Security Support allowed denied forwarding and port security with MAC address SNMP RMON SNMP agent and RMON MIB In the device SNMP agent is a client software which is operating over SNMP protocol used to receive the command from SNMP manager server site and echo the corresponded data i e M
74. 006G8100343 Temperature 070802 none Moni Bias mA none Mon2 TX PWR none Mon3 RX PWR none Parameter description of Port 1 Port 24 Connector Type Display the connector type for instance UTP SC ST LC and so on Fiber Type Display the fiber mode for instance Multi Mode Single Mode Tx Central Wavelength Display the fiber optical transmitting central wavelength for instance 850nm 1310nm 1550nm and so on Baud Rate Display the maximum baud rate of the fiber module supported for instance 10M 100M 1G and so on Vendor OUI Display the Manufacturer s OUI code which is assigned by IEEE Vendor Name Display the company name of the module manufacturer Vendor P N Display the product name of the naming by module manufacturer Vendor Rev Revision Display the module revision Vendor SN Serial Number Show the serial number assigned by the manufacturer Date Code Show the date this SFP module was made Temperature Show the current temperature of SFP module Vcc Show the working DC voltage of SFP module Mon1 Bias mA Show the Bias current of SFP module Mon2 TX PWR Show the transmit power of SFP module Mon3 RX PWR Show the receiver power of SFP module 3 2 3 Simple Counter The function of Simple Counter collects any information and provides the 56 counting about the traffic of the port no matter the packet is good or bad In the Fig 3 15 the window can show al
75. 08 06 25 A2 0 95 2008 07 21 A2 1 01 2008 10 01 A3 1 27 2009 03 17 A4 1 27 2009 05 25 A5 1 43 2009 08 03 A6 1 45 2009 09 14 A7 iv Caution Circuit devices are sensitive to static electricity which can damage their delicate electronics Dry weather conditions or walking across a carpeted floor may cause you to acquire a static electrical charge To protect your device always e Touch the metal chassis of your computer to ground the static electrical charge before you pick up the circuit device e Pick up the device by holding it on the left and right edges only e f you need using outdoor device connect to this device with cable then you need to addition an arrester on the cable between outdoor device and this device utdoor RJ 45 Coble Fig Addition an arrester between outdoor device and this switch Electronic Emission Notices Federal Communications Commission FCC Statement This equipment has been tested and found to comply with the limits for a class A computing device pursuant to Subpart J of part 15 of FCC Rules which are designed to provide reasonable protection against such interference when operated in a commercial environment European Community CE Electromagnetic Compatibility Directive This equipment has been tested and found to comply with the protection requirements of European Emission Standard EN55022 EN61000 3 and the Generic European Immunity Standard EN55024 EMC EN55022 2003
76. 1 12 13 14 15 16 17 1 8 19 20 21 22 23 24 show Syntax show Description To show all mac table informaion Argument none Possible value none Example SW24GF mac mac table show No Type VLAN MAC Port Members 1 Static 1 FF FF FF FF FF FF 254 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 1 8 19 20 21 22 23 24 lt lt maintenance gt gt set age time Syntax set age time lt gt Description To set mac table age out time of dynamic learning mac Argument lt gt age timer in seconds 0 10 1000000 The value zero disables aging Possible value lt gt 0 10 to 1000000 Example SW24GF mac table maintain set age time 300 SW24GF mac maintenance show E api ai 26 vtss_ Aging Configuration Enter into sta Age time 300mode MAC Table Learning Port Learning Mode lt lt Global commands gt 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto T Auto 8 Auto 9 Auto 10 Auto 11 Auto 12 Auto 13 Auto 14 Auto 15 Auto 16 Auto 17 Auto 18 Auto 19 Auto 20 Auto 21 Auto 22 Auto 23 Auto 24 Auto 255 set learning Syntax set learning lt range gt lt auto disable secure gt Description To set mac table learning Argument lt range syntax gt 1 5 7 available from 1 to 24 lt auto gt auto learning lt disable gt disable learning lt secure gt learn frames are discarded Possible value lt range syntax gt 1 5 7 available f
77. 1111111 In this diagram you can see the subnet mask with 25 bit long 255 255 255 128 contains 126 members in the sub netted network Another is that the length of network prefix equals the number of the bit with 1s in that subnet mask With this you can easily count the number of IP addresses matched The following table shows the result Prefix Length No of IP matched No of Addressable IP 132 1 31 2 z 30 4 2 27 129 8 6 128 16 14 127 32 30 126 64 62 125 128 126 124 256 254 123 512 510 122 1024 1022 21 2048 2046 20 4096 4094 19 8192 8190 18 16384 16382 17 32768 32766 16 65536 65534 Table 2 4 According to the scheme above a subnet mask 255 255 255 0 will partition a network with the class C It means there will have a maximum of 254 effective nodes existed in this sub netted network and is considered a physical network in an autonomous network So it owns a network IP address which may looks like 168 1 2 0 With the subnet mask a bigger network can be cut into small pieces of network If we want to have more than two independent networks in a worknet a partition to the network must be performed In this case subnet mask must be applied For different network applications the subnet mask may look like 255 255 255 240 This means it is a small
78. 128 2 true 14 0 128 2 true 15 0 128 2 true 16 0 128 2 true 17 0 128 2 true 18 0 128 2 true 19 0 128 2 true 20 0 128 2 true 21 0 128 2 true 22 0 128 2 true 23 0 128 2 true 24 0 128 2 true SW24GF mstp set region name Syntax set region name lt string gt Description To set mstp region name 0 32 bytes Argument lt string gt a null region name Possible value lt string gt 1 32 Example SW24GF mstp set region name test2 SW24GF mstp show region info Name test2 Revision 0 Instances 0 SW24GF mstp set revision level Syntax set rev lt revision level gt Description To set mstp revision level 0 65535 Argument lt revision level gt 0 65535 Possible value lt revision level gt 0 65535 Example SW24GF mstp set revision level 30000 SW24GF mstp show region info Name test2 Revision 30000 268 aut aut aut aut aut aut aut aut aut aut aut aut aut aut true true false false false false true true true true true true true true fal fal fal tr se se se ue true tr ue true tr ue true tr fal fal fal fal ue se se se se Instances 0 SW24GF mstp set version Syntax set version lt stp rstp mstp gt Description To set force version Argument lt revision level gt 0 65535 Possible value lt revision level gt 0 65535 Example SW24GF mstp set version mstp show insta
79. 15 characters Possible value lt mac gt mac address lt port gt 0 24 lt vid gt 0 1 4094 alias mac alias name Example SW24GF mac static mac add 00 02 03 04 05 06 3 0 aaa SW24GF mac static mac del Syntax del lt mac gt lt vid gt Description To del the static mac entry Argument lt mac gt mac address format 00 02 03 04 05 06 lt vid gt vlan id 0 1 4094 VID must be zero if vlan mode is not tag based Possible value lt mac gt mac address lt vid gt 0 1 4094 Example SW24GF mac static mac del 00 02 03 04 05 06 0 SW24GF mac static mac show filter Syntax show filter Description To display the static filtering mac entry Argument None Possible value 258 None Example SW24GF mac static mac show filter Static Filtering Etnry Total 1 item s 1 m SW24GF mac static mac show forward Syntax show forward Description To display the static forwarding mac entry Argument None Possible value None Example SW24GF mac static mac show forward Static Forwarding Etnry Total 1 item s 1 mac 00 02 03 04 05 06 port 3 vid SW24GF mac static mac 259 ac 00 33 03 04 05 06 vid alias ccc alias aaa mirror set mirror Syntax set mirror lt gt Description To set mirror port and enable disable mirror function Argument lt gt port available from 1 to 24 and 0 1 to
80. 1Gkps unit k means kbps and m means mbps Example SW24GF qos rate set 2 1 1000 m 1 1000 m SW24GF qos rate show 2 V 1000 Mbps V 1000 Mbps 3 500 kbps 500 kbps 4 500 kbps 500 kbps 5 500 kbps 500 kbps 6 500 kbps 500 kbps T 500 kbps 500 kbps 8 500 kbps 500 kbps 9 500 kbps 500 kbps 10 500 kbps 500 kbps lt lt Storm gt gt set broadcast Syntax set broadcast lt status gt lt rate gt Description To set broadcast storm control configuration Argument lt status gt 1 means enable and 0 means disable lt rate gt 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k 284 Possible value lt status gt 1 means enable and 0 means disable lt rate gt 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k Example SW24GF qos storm set broadcast 1 512 SW24GF qos storm show Frame Type Status Rate Packet Per Second Flooded unicast 1 ulticast 1 Broadcast V 512 set multicast Syntax set multicast lt status gt lt rate gt Description To set multicast storm control configuration Argument lt status gt 1 means enable and 0 means disable lt rate gt 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k Possible value lt status gt 1 means enable and 0 means disable lt rate gt 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 3
81. 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K 1024K 1I 3 8 3 Access Control List Function name ACL Rate Limiter Configuration Function description The switch ACL function support up to 128 Access Control Entries ACEs using the shared 128 ACEs for ingress classification You can create an ACE and assign this ACE for each port with lt Any gt or assign this ACE for a policy or assign this ACE for a port There are 8 policies each port can select one of policy then decides which of the Permit Deny Rate Limitation and Port Copy actions would take according to the ACL configuration packet s IPv4 EtherType ARP Protocol MAC Parameters and VLAN parameters Access Control List Configuration Auto refresh C vores port rome type action Rate titer Port copy Counters oo ARP Deny Disabled 2 Any ARP Permit i Disabled 0 Any ARP Permit 1 Disabled 0 Any ARP Permit Any Disabled 2898 Any undefined Deny Any Disabled 0 Any EType Deny Any Disabled 0 Any IPv4 DHCP Client Out Permit Any Disabled 0 Any IPv4 DHCP Server Out Permit Any Disabled 0 Fig 3 66 Ingress Port Insert an entry Move up this entry Edit this entry Move down this entry Parameter description Ingress Port Configurable Range Any Policy 1 8 Port 1 24 Any Apply this ACE rule for each port ingress classification Policy 1 8 Apply this ACE rule for specific policy Port 1 24 Apply this ACE rule for specific port ingress classificatio
82. 2k 64k 128k 256k 512k Example SW24GF qos storm set multicast 1 64 SW24GF qos storm show Frame Type Status Rate Packet Per Second Flooded unicast 1 ulticast V 64 Broadcast V 512 set unicast Syntax set unicast lt status gt lt rate gt Description To set flooded unicast storm control configuration Argument lt status gt 1 means enable and 0 means disable lt rate gt 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k Possible value lt status gt 1 means enable and 0 means disable 285 lt rate gt 1 2 4 8 16 32 64 128 256 512 1k 2k 4k 8k 16k 32k 64k 128k 256k 512k Example SW24GF qos storm set unicast 1 128 SW24GF qos storm show Frame Type Status Rate Packet Per Second Flooded unicast V 128 Multicast V 64 Broadcast V 512 show Syntax show Description To show storm control configuration Argument none Possible value none Example SW24GF qos storm show Frame Type Status Rate Packet Per Second Flooded unicast V 128 Multicast V 64 Broadcast V 512 reboot reboot Syntax reboot Description To reboot the system Argument None Possible value None Example SW24GF reboot snmp 286 lt lt disable gt gt Syntax disable set ability disable snmp Description The Disable here is used for the de activation of snmp or set commu
83. 4 2008 Year 2008 2000 2036 Month 3 112 Day 3 131 Hour 15 0 23 Minute30 0 59 Second 44 0 59 209 81 9 7 USA 137 189 8 174 HK 133 100 9 2 3P Time Zone GMT 131 188 3 222 Germany 209 81 9 7 Daylight Saving ia Daylight Saving Start Mth 1 v Day 1 amp Hour 0 x Daylight Saving End Mth i pay 1 Hour O Fig 3 6 Parameter description Current Time Show the current time of the system Manual This is the function to adjust the time manually Filling the valid figures in the fields of Year Month Day Hour Minute and Second respectively and press lt Apply gt button time is adjusted The valid figures for the parameter Year Month Day Hour Minute and Second are gt 2000 1 12 1 31 0 23 0 59 and 0 59 respectively Input the wrong figure and press lt Apply gt button the device will reject the time adjustment request There is no time zone setting in Manual mode Default Year 2000 Month 1 Day 1 Hour 0 Minute 0 Second 0 NTP NTP is Network Time Protocol and is used to sync the network time based Greenwich Mean Time GMT If use the NTP mode and select a built in NTP time server or manually specify an user defined NTP server as well as Time Zone the switch will sync the time in a short after pressing lt Apply gt button Though it synchronizes the time automatically NTP does not update th
84. 4GF through the Serial RS 232 Port 22 2 1 4 2 Configuring the Management Agent of SW24GF through the Ethernet Port 0 eee 24 221 55 IP Address ASSIGNING NA eriin eaei en as MS eg A Se ote ee ee 25 2 2 TYPICAL APPLICATIONS sx covessevss gues snsuvesetese ontsst sevecedy ce aeea Ee Ea dostestesesevede ce vteseebedutedpeceteoteredeserpesstes 30 OPERATION OF WEB BASED MANAGEMENT ccsscsssssssscssensssssssscsssessssnessessessesees 32 3 1 WEB MANAGEMENT HOME OVERVIEW ssccsssesssesscsseescsscescssecesesecseesseseceseseseseseseuessesesesessesess 33 B 1 1 System INfOrMmati on is csiccscsvisesscetevide ct estesscs aivecssuetnces EEE EE EEE EEE sucvvens Suesvers sh eevedsdees 36 3 1 2 Account CONPIQUTATION s siseenergia e ee e aa EEE Ea EE Ea aaea 38 3 1 3 lime CONFI QUT ANON sesine n ca teen bas E E Heep see EEE EEEE EEEE 38 3 14 TP CONfiQUTAU ON ienne a EE EE EAEE A E E so EES E E a Ei 41 S215 LOOP Detect na sunne ener ia was tate EA dba gsm cn Tute EE E days E ERR A 44 3 1 6 Management POLICY aininn seis eat da bik gh R E EE RE EE AEE EE E Mestetedbd 45 3 7 System lOb aeiee e n EE E EE EEA EA EE E EE A 48 SE EA a 1121 ESY 101 9 EA E Ga obese ota A E E A 49 3 2 PORT CONFIGURATION sasieta ane eE E EE R ENESE eA ENE SEEE EE I EE ESE NEE e 51 B22 POt CONPIQUPATION seie ie ig stele tetas E tease E EE EE N ERE E E E 52 3 2 L2eP OVE SAUS e tats a a a aE E aE A O A s E ERE E ROE e 54 3 2 3 SUMP les COUNTE raie e E beau ches EE e
85. 8 1 1 Port 162 Community public 0 0 0 0 Port 162 Community public 0 0 0 0 Port 162 Community public 0 0 0 0 Port 162 Community public 0 0 0 0 Port 162 Community public 0 0 0 0 Port 162 Community public 288 stp MCheck Syntax MCheck lt range gt Description To force the port to transmit RST BPDUs Argument lt range gt syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF stp Mcheck 1 8 disable Syntax disable Description To disable the STP function Argument None Possible value None Example SW24GF stp disable enable Syntax enable Description To enable the STP function Argument None Possible value None Example SW24GF stp enable 289 set config Syntax set config lt Bridge Priority gt lt Hello Time gt lt Max Age gt lt Forward Delay gt Description To set up the parameters of STP Argument lt Bridge Priority gt priority must be a multiple of 4096 available from 0 to 61440 lt Hello Time gt available from 1 to 10 lt Max Age gt available from 6 to 40 lt Forward Delay gt available from 4 to 30 Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 Possible value lt Bridge Priority gt 0 to 61440 lt Hello Time gt 1 to 10 lt Max Age gt 6 to 40 lt Forward Delay gt 4 to 30 Example SW24GF stp set config 61440 2 20 15 set port Syntax set port
86. 848 PPPoE PPP Over Ethernet Discovery Stage PPPoE PPP Over Ethernet PPP Session Stage 0x8863 0x8864 LWAPP Light Weight Access Point 0x88BB Protocol 0x88CC LLDP Link Layer Discovery Protocol 0x8E88 EAPOL EAP over LAN 0x9000 Loopback Configuration Test Protocol VLAN ID The configurable VID range 1 4094 UDP TCP Port To select the UDP TCP port classification method by Range or Specific 92 UDP TCP Port Range The configurable ports range 0 65535 You can refer to following UDP TCP port numbers information http Awww iana org assignments port numbers UDP TCP Port No The configurable specific port value 0 65535 DSCP Value The configurable DSCP value 0 63 Traffic Class Low Normal Medium High 93 3 6 3 Rate Limiters Function name Rate Limit Configuration Function description Each port includes an ingress policer and an egress shaper which can limit the bandwidth of received and transmitted frames Ingress policer or egress shaper operation is controlled per port in the Rate Limit Configuration Rate Limit Configuration Port Policer Policer Policer Shaper Shaper Ena
87. Age is 6 40 seconds Default is 20 seconds Forward Delay You can set the root bridge forward delay time This figure is set by root bridge only The forward delay time is defined as the time spent from Listening state moved to Learning state and also from Learning state moved to Forwarding state of a port in bridge The forward delay time contains two states Listening state to Learning state and Learning state to Forwarding state It assumes that forward delay time is 15 seconds then total forward delay time will be 30 seconds This has much to do with the STP convergent time which will be more than 30 seconds because some other factors The valid value is 4 30 seconds default is 15 seconds Force Version Two options are offered for the user s choosing STP algorithm One is RSTP and the other is STP If STP is chosen RSTP will run as a legacy STP The switch supports RSTP 802 1w which is backward compatible with STP 802 1d 170 3 12 3 STP Port Configuration Function name STP Port Setting Function description In the STP Port Setting one item selection and five parameters settings are offered for user s setup User can disable and enable each port by selecting each Port Status item User also can set Path Cost and Priority of each port by filling in the desired value and set Admin Edge Port and Admin Point To Point by selecting the desired item STP Port Configuration Port No Port
88. As User s config file stored in the flash Import File Path Import Start Import Save As Start s config file stored in the flash Import User Conf Import Save As User s config file stored in the flash Export Configuration File Export Current Configuration File Import Start Configuration File Erowse LImpor Import User Configuration File Fig 3 170 Export Import Configuration 209 3 21 Diagnostics Three functions including Diagnostics Loopback Test and Ping Test are contained in this function folder for device self diagnostics Each of them will be described in detail orderly in the following sections Diagnostics Ping Test 3 21 1 Diag Function name Diagnostics Function description Diagnostics function provides a set of basic system diagnosis It let users know that whether the system is health or needs to be fixed The basic system check includes EEPROM test UART test DRAM test and Flash test Diagnostics UART Test DRAM Test Flash Test Fig 3 171 Diagnostics 210 3 21 2 Ping Function name Ping Test Function description Ping Test function is a tool for detecting if the target device is alive or not through ICMP protocol which abounds with report messages The switch provides Ping Test function to let you know that if the target device is available or not You can simply fill in a known IP address and then click lt Ping gt button After a
89. Bytes 2066 Tx 65 127 Bytes 17 Rx 128 255 Bytes 1659 Tx 128 255 Bytes 2878 Rx 256 511 Bytes 3065 Tx 256 511 Bytes 216 Rx 512 1023 Bytes 35 Tx 512 1023 Bytes 1152 Rx 1024 1526 Bytes 2 Tx 1024 1526 Bytes 120 Rx 1527 Bytes 0 Tx 1527 Bytes 0 Rx Drops Tx Drops 0 Rx CRC Alignment Tx Late Exc Coll 0 Rx Undersize Rx Oversize Rx Fragments Rx Jabber Fig 3 16 Parameter description Rx Packets The counting number of the packet received RX Octets Total received bytes Rx High Priority Packets Number of Rx packets classified as high priority 59 Rx Low Priority Packets Number of Rx packets classified as low priority Rx Broadcast Show the counting number of the received broadcast packet Rx Multicast Show the counting number of the received multicast packet Tx Packets The counting number of the packet transmitted TX Octets Total transmitted bytes Tx High Priority Packets Number of Tx packets classified as high priority Tx Low Priority Packets Number of Tx packets classified as low priority Tx Broadcast Show the counting number of the transmitted broadcast packet Tx Multicast Show the counting number of the transmitted multicast packet Rx 64 Bytes Number of 64 byte frames in good and bad packets received Rx 65 127 Bytes Number of 65 126 byte frames in good and bad packets received Rx 128 255 Bytes Number of 127 255 byte frames in good and bad packets received Rx 256 511 Bytes
90. CISPR 22 2002 class A IEC61000 4 2 2001 4K V CD 8KV AD IEC61000 4 3 2002 3V m IEC61000 4 4 2001 1KV power line 0 5KV signal line About this user s manual In this user s manual it will not only tell you how to install and connect your network system but configure and monitor the SW24GF through the built in CLI and web by RS 232 serial interface and Ethernet ports step by step Many explanation in detail of hardware and software functions are shown as well as the examples of the operation for web based interface and command line interface CLI Overview of this user s manual Chapter 1 Introduction describes the features of SW24GF Chapter 2 Installation Chapter 3 Operation of Web based Management Chapter 4 Operation of CLI Management Chapter 5 Maintenance 1 Introduction 1 1 Overview of SW24GF SW24GF a 24 port Gigabit L2 Plus Managed Switch is a standard switch that meets all IEEE 802 3 u x z Gigabit Fast Ethernet specifications 16 Port 1000Mbps SFP and 8 Port Combo Gigabit TP SFP Fiber dual media management Ethernet switch The switch can be managed through RS 232 serial port via directly connection or through Ethernet port using CLI or Web based management unit associated with SNMP agent With the SNMP agent the network administrator can logon the switch to monitor configure and control each port s activity in a friendly way The overall network management is enhanced an
91. COM port parameters baud rate data bits parity bits flow control must be the same as the setting of the console port of the Managed Switch 307 Appendix A Technical Specifications Features 16 fiber SFP switching ports are compliant with SX LX etc LC 8 Gigabit TP SFP fiber are dual media ports with auto detected function Non blocking store and forward shared memory Web Smart switched Supports auto negotiation for configuring speed duplex mode Supports 802 3x flow control for full duplex ports Supports collision based and carrier based backpressure for half duplex ports Any ports can be in disable mode force mode or auto polling mode Supports Head of Line HOL blocking prevention Supports broadcast storm filtering Auto aging with programmable inter age time Supports 802 1p Class of Service with 2 level priority queuing Supports port sniffer function Programmable maximum Ethernet frame length of range from 1518 to 9600 bytes jumbo frame Supports port based VLAN 802 1Q tag based VLAN Efficient self learning and address recognition mechanism enables forwarding rate at wire speed Web based management provides the ability to completely manage the switch from any web browser Support Power Saving with ActiPHY Power Management and PerfectReach Power Management techniques Support Link Layer Discovery Protocol LLDP SNMP Telnet interface delivers complete in band management Supports IEEE 802 1d Spanni
92. Class A Address is less than 126 255 255 255 There are a total of 126 networks can be defined because the address 0 0 0 0 is reserved for default route and 127 0 0 0 8 is reserved for loopback function Bit 01 78 31 0 Network address Host address Class B IP address range between 128 0 0 0 and 191 255 255 255 Each class B network has a 16 bit network prefix followed 16 bit host address There are 16 384 2 14 16 networks able to be defined with a maximum of 65534 2 16 2 hosts per network Bit 012 15 16 31 10 Network address Host address Class C IP address range between 192 0 0 0 and 223 255 255 255 Each class C network has a 24 bit network prefix followed 8 bit host address There are 2 097 152 2 21 24 networks able to be defined with a maximum of 254 2 8 2 hosts per network Bit 012 3 23 24 31 110 Network address Host address Class D and E Class D is a class with first 4 MSB Most significance bit set to 1 1 1 0 and is used for IP Multicast See also RFC 1112 Class E is a class with first 4 MSB set to 1 1 1 1 and is used for IP broadcast According to IANA Internet Assigned Numbers Authority there are three specific IP address blocks reserved and able to be used for extending internal network We call it Private IP address and list below Class A 10 0 0 0 10 255 255 255 Class B 172 16 0 0 172 31 255 255 Class C 192 168 0 0
93. D can be the same with another LACP groupID to form a logic trunked port The benefit of using Static Trunk method is that a port can immediately become a member of a trunk group without any handshaking with its peer port This is also a disadvantage because the peer ports of your static trunk group may not know that they should be aggregate together to form a logic trunked port Using Static Trunk on both end of a link is strongly recommended Please also note that low speed links will stay in not ready state when using static trunk to aggregate with high speed links As to system restrictions about the port aggregation function on the switch In the management point of view the switch supports maximum 8 trunk groups for LACP and additional 8 trunk groups for Static Trunk But in the system capability view only 8 real trunked groups are supported An LACP trunk group with more than one ready member ports is a real trunked group An LACP trunk group with only one or less than one ready member ports is not a real trunked group Any Static trunk group is a real trunked group 161 Per Trunking Group supports a maximum of 12 ready member ports Please note that some decisions will automatically be made by the system while you are configuring your trunking ports Some configuration examples are listed below a 12 ports have already used Static Trunk Group ID 1 the 13th port willing to use the same Static T
94. DMAC Match Range Any 0 1 Any 0 Both 0 and 1 The ingress RARP frames where the Destination MAC address is not equal DMAC address under MAC parameter setting The ingress RARP frames where the Destination MAC address is equal DMAC address under MAC parameter setting IP Ethernet Length Range Any 0 1 132 Any Both 0 and 1 The ingress ARP PARP frames where the Hardware size is not equal 0x6 or the Protocol size is not equal 0x4 The ingress ARP PARP frames where the Hardware size is equal 0x6 and the Protocol size is 0x4 IP Range Any 0 1 Any Both 0 and 1 0 The ingress ARP PARP frames where Protocol type is not equal 0x800 1 The ingress ARP PARP frames where Protocol type is equal 0x800 Ethernet Range Any 0 1 Any Both 0 and 1 0 The ingress ARP PARP frames where Hardware type is not equal 0x100 The ingress ARP PARP frames where Hardware type is equal 0x100 IP Parameters When Frame Type IPv4 and IP Protocol Filter Any IPTTL Time To Live How many routers a datagram can pass through Each router decrements this value by 1 until it reaches 0 when the datagram is discarded This keeps misrouted datagrams from remaining on the Internet forever Range Any Non zero Zero Any Including all conditions for IPTTL Non Zero Including IPTTL is Non Zero Zero Including IPTTL is zero IP Fragment IP Fragmentation Flag Controls datagram fragmentation together wi
95. Description To display the statistics of each port Argument lt gt syntax 1 5 7 available from 1 to 24 Possible value lt gt 1 to 24 show server Syntax show server Description Show the Radius server configuration Argument None Possible value None Example SW24GF 802 1X show server Authentication Server IP Address 192 168 1 1 UDP Port 1812 Secret Key Radius Accounting Server IP Address 192 168 1 1 UDP Port 1812 Secret Key Radius account add Syntax add lt name gt Description To create a new guest user When you create a new guest user you must type in password and confirm password Argument lt name gt new account name 228 Possible value Astring must be at least 5 character Example SW24GF account add aaaaa Password W Confirm Password SW24GF account del Syntax del lt name gt Description To delete an existing account Argument lt name gt existing user account Possible value None Example SW24GF account del aaaaa Account aaaaa deleted modify Syntax modify lt username gt Description To change the username and password of an existing account Argument lt name gt existing user account Possible value None Example SW24GF account modify aaaaa username password the length is from 5 to 15 Current username aaaaa bbbbb New password Confirm password
96. Disabled 5 20 60 1000 Normal K Normal Disabled 6 o 60 1000 Normal Normal _ Disabled 7 20 60 1000 Normal x Normal Disabled 8 20 60 1000 Normal x Normal Disabled o o eo 2000 Normal Normal I Disabled 10 20 60 1000 Normal x Normal Disabled 11 20 60 1000 Normal x Normal Disabled 12 20 s0 1000 Normal x Normal i 13 20 60 1000 Normal Normal Disabled v 14 20 s0 1000 Normal Normal Disabled 15 20 s0 1000 Normal x Normal Disabled 16 20o so 1000 Normal x Normal x Disabled v 17 20 J so 1000 Normal w Normal Disabled is 20 60 1000 Normal x Normal Disabled 19 20 60 1000 Normal x Normal Disabled 20 20 60 1000 Normal Norma Disabled 21 zo 60 1000 Norma Normali __ Disabled 22 20 s0 1000 Normal x Normal 23 20 60 1000 Normal x Norma 24 20 s0 i000 Normal x Normat Disabled Fig 3 31 Parameter description 80 GVRP State This function is simply to let you enable or disable GVRP function You can pull down the list and click the lt Downward gt arrow key to choose Enable or Disable Then click the lt Apply gt button the system will take effect immediately Join Time Used to declare the Join Time in unit of centisecond Valid time range 20 100 centisecond D
97. Disabled 9600 Discard 3 Auto Enabled 9600 Discard salesdepartment 4 Auto Enabled 9600 Discard salesdepartment 5 Auto Enabled 9600 Discard salesdepartment 6 Auto Enabled 9600 Restart salesdepartment 7 Auto Enabled 9600 Restart salesdepartment 8 Auto Enabled 9600 Restart salesdepartment 9 Auto Enabled 9600 Restart 10 Auto Enabled 9600 Restart 11 Auto Disabled 9600 Discard 12 Auto Disabled 9600 Discard set max frame Syntax set max frame lt port range gt lt value gt Description To set per port maximum frame size Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt Allowed value are 1518 9600 bytes Possible value lt port range gt syntax 1 to 24 lt value gt 1518 9600 bytes Example SW24GF port set max frame 3 6 1518 SW24GF port show config Speed Flow Maximum Excessiveommands 2 Auto Disabled 9600 Discard 3 Auto Enabled 1518 Discard salesdepartment 4 Auto Enabled 1518 Discard salesdepartment 5 Auto Enabled 1518 Discard salesdepartment 6 Auto Enabled 1518 Restart salesdepartment 7 Auto Enabled 9600 Restart salesdepartment 8 Auto Enabled 9600 Restart salesdepartment 9 Auto Enabled 9600 Restart 10 Auto Enabled 9600 Restart 11 Auto Disabled 9600 Discard set speed Syntax set speed lt port range gt lt disable auto 1 Gfull 1 00full 1 OOhalf 1 Ofull 1 Ohalf Description To set port capability 275 Argument lt port range gt syntax 1 5 7 available from 1 to
98. E a R 156 3 1 O23 Y17011 EEE E E LEE EEE acc E E EE E E EEEE EE E E GE 159 SES LO E EY 0 AAI A OEE EEEE EEEE E EEEE A E E EES EA EE E E 160 3 11 TRUNKING CONFIGURATION a Aa E E EEE S ANGRE S 161 EI A E E ROT EEEE EEI PE E E E T E E E aes Name 163 3 Il 2Aggteg tor VIEW vievetcsiecisetiedas te sntees ea e RE A EE E EE EE EA AENEA E EEEE 165 S L1 3 AGP System PriOTitY siea seie oire e EE E EEE EE aa EE costes AEN E EEEE 166 32 STP CONFIGURATION mrs hA AAEE Bice N RRE N NATRE EES 167 ES AS AY 711 ERASE EA EEE EES ASE E EE EE E E EE ES 167 3 2 2 CON QUAL ON iss eies o a EE E aE RE ecto EEE EA aoa EVE EEE AEKA E EE 169 3 12 3 ST P POrt Configuratio s uee apna Ea ss geist E a EEEE E EE aR 171 A MO E a N bE BS 174 Sa o I SIGHS sass ecko EEE A EEN AEE Sea E Dag Sic E EE EE E E T 174 DTS 2 REGION Confie nnee e E ied dais i vada e E er i eae 175 133 LIROI A AAT A AR E EE EAEE E AAEE R EE E 176 e E MIRROR E E EEE EEEE TE EEEE E EEE 184 A MU OAS e a ar A A N E RAA S 185 O OMP M o E e a e e r S 185 SLD 22 IGM PEP TORY ve ser REE EE Rea ces a E a ean E E a a Cou AEN 186 ITO SNOOPING sks sis cc Sie ctae ek Hank ue sucess E A a etels owen E E E A E ER 188 3 194 Group Membership eriei e a a R E a tere 189 BS ad BS Es A Ge Pe re ES rT Er EB ET 190 Fs ad O 117 4 0B Seen rte ne Re SR BEE TE BEE 19 JAIZ Group AUOW sess sisevitgcs Sasvedss cassia tach antusstgsedseseseaa raia aa Eaa E k eaa aa aaiae ha 192 3 15 8 MVR Group Membership ccccsccescec
99. F port show status Speed 1G Full Disable Port Link Duplex Rx Pause Tx Pause Description 3 Auto Disabled 9600 Discard 2 Down Down Disabled Disabled 3 Up 100M Full Disabled Disabled 4 Down Down Disabled Disabled 5 Down Down Disabled Disabled 6 Down Down Disabled Disabled 7 Up 1G Full Disabled Disabled SW24GF port show Powersaving Syntax show powersaving Description To display the port s powersaving status Argument None Possible value None Example SW24GF port show powersaving Port Power Saving 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled SW24GF port 280 qos lt lt ports gt gt set class Syntax set class lt gt Description To set number of classes Argument Number of classes available 1 2 4 Possible value lt gt 1 2 4 Example SW24GF qos ports set class 2 SW24GF qos ports set port Syntax set port lt range gt lt default class gt lt qcl gt lt user priority gt lt queuing mode gt lt lo w queue weighted gt lt normal queue weighted gt lt medium queue weighted gt lt high queue we ighted gt Description To set port information Argument lt range syntax gt 1 5 7 available from 1 to 24 lt default class option gt low normal medium high lt qcl gt available from 1 to 24 lt user priority gt available from 0 to 7 lt queuing mode gt stri
100. GE COUNT SECs Fig 3 157 Instance Status Parameter description MSTP State MSTP protocol is Enable or Disable Force Version It shows the current spanning tree protocol version configured Bridge Max Age It shows the Max Age setting of the bridge itself Bridge Forward Delay It shows the Forward Delay setting of the bridge itself Bridge Max Hops It shows the Max Hops setting of the bridge itself Instance Priority Spanning tree priority value for a specific tree instance CIST or MSTI Bridge Mac Address The Mac Address of the bridge itself CIST ROOT PRIORITY Spanning tree priority value of the CIST root bridge 180 CIST ROOT MAC Mac Address of the CIST root bridge CIST EXTERNAL ROOT PATH COST Root path cost value from the point of view of the bridge s MST region CIST ROOT PORT ID The port ID of the bridge s root port In MSTP peer port of a root port may reside in defferent MST region or in the same MST region The first case indicates that the root port s owner is the CIST regional root bridge CIST REGIONAL ROOT PRIORITY Spanning tree priority value of the CIST regional root bridge Note that CIST Regional Root bridge is different from CIST Root bridge One exception is that when a bridge belonging to an MST region happens to be the root bridge of the CST Common Spanning Tree An MST Region in the CST can be regarded as a common RSTP bridge The IST Internal Spanning Tree and MSTIs are
101. Hops gt available from 6 to 40 Recommended value is 20 Example SW24GF mstp set config 20 15 20 SW24GF mstp set msti vian Syntax set msti vlan lt instance id gt lt vid string gt Description To map Vlan ID s to an MSTI Argument lt instance id gt MSTI id available from 1 to 4095 lt vid string gt syntax example 2 5 7 100 200 Possible value lt instance id gt available from 1 to 4094 Example SW24GF mstp set msti vlan 2 2 5 msti 2 had been successfully created and or vlan s have been added to map to this msti SW24GF mstp set p cost Syntax set p cost lt instance_id gt lt port range gt lt path cost gt Description To set port path cost per instance Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt path cost gt 0 1 200000000 The value zero means auto status Possible value lt port range gt available from 1 to 24 lt path cost gt The value zero means auto status 0 2000000000 Example SW24GF mstp set p cost 2 8 10 0 SW24GF mstp set p edge Syntax set p edge lt port range gt lt admin edge gt Description To set per port admin edge Argument 264 lt port range gt syntax 1 5 7 available from 1 to 24 lt admin edge gt 0 gt non edge port 1 gt edge ports Possible value lt port range gt syntax 1 5 7 available from 1 to 24 lt admin edge gt 0 gt non edge port 1 gt edge ports Example
102. IB object Besides SNMP agent will actively issue TRAP information when happened RMON is the abbreviation of Remote Network Monitoring and is a branch of the SNMP MIB The device supports MIB 2 RFC 1213 Bridge MIB RFC 1493 RMON MIB RFC 1757 statistics Group 1 2 3 9 Ethernet like MIB RFC 1643 Ethernet MIB RFC 1643 and so on IGMP Snooping Support IGMP version 2 RFC 2236 The function IGMP snooping is used to establish the multicast groups to forward the multicast packet to the member ports and in nature avoid wasting the bandwidth while IP multicast packets are running over the network IGMP Proxy The implementation of IP multicast processing The switch supports IGMP version 1 and IGMP version 2 efficient use of network bandwidth and fast response time for channel changing IGMP version 1 IGMPv1 is described in RFC1112 and IGMP version 2 IGMPv2 is described in RFC 2236 Hosts interact with the system through the exchange of IGMP messages Similarly when you configure IGMP proxy the system interacts with the router on its upstream interface through the exchange of IGMP messages However when acting as the proxy the system performs the host portion of the IGMP task on the upstream interface as follows e When queried sends group membership reports to the group e When one of its hosts joins a multicast address group to which none of its other hosts belong sends unsolicited group membership reports to
103. LITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT FURTHER MANUFACTURE DOES NOT WARRANT GUARANTEE OR MAKE ANY REPRESENTATIONS REGARDING THE USE OR THE RESULTS OF THE USE OF THE SOFTWARE OR RELATED WRITTEN DOCUMENTAITON IN TERMS OF CORRECTNESS ACCURACY RELIABILITY OR OTHERWISE CONSEQUENTIAL DAMAGES IN NO EVENT SHALL MANUFACTURE OR ITS AUTHORIZED RESELLER BE LIABLE TO LICENSEE OR ANY THIRD PARTY FOR A ANY MATTER BEYOND ITS REASONABLE CONTROL OR B ANY CONSEQUENTIAL SPECIAL INDIRECT OR INCIDENTAL DAMAGES ARISING OUT OF THIS LICENSE OR USE OF THE SOFTWARE PROVIDED BY MANUFACTURE EVEN IF MANUFACTURE HAS BEEN NOTIFIED OF THE POSSIBILITY OF SUCH DAMAGES IN ADVANCE IN NO EVENT SHALL THE LIABILITY OF MANUFACTURE IN CONNECTION WITH THE SOFTWARE OR THIS AGREEMENT EXCEED THE PRICE PAID TO MANUFACTURE FOR THE LICENSE TERM AND TERMINATION The License is effective until terminated however all of the restrictions in regard to Manufacture s copyright in the Software and related documentation will cease being effective at the date of expiration Notwithstanding the termination or expiration of the term of this agreement it is acknowledged and agreed that those obligations relating to use and disclosure of Manufacture s confidential information shall survive Licensee may terminate this License at any time by destroying the software together with all copies thereof This License will be immediately terminated if Licensee fails to comply with a
104. MC It is including all Multicast MAC address BC It is including all Broadcast MAC address UC It is including all Unicast MAC address MAC Parameters When Frame Type Ethernet Type SMAC Filter Range Any Specific Any It is including all source MAC address Specific It is according to SMAC Value specific the source MAC address DMAC Filter Range Any MC BC UC Specific Any It is including all destination MAC address MC It is including all Multicast MAC address BC It is including all Broadcast MAC address UC It is including all Unicast MAC address Specific It is according to DMAC Value specific the destination MAC address 130 MAC Parameters When Frame Type ARP SMAC Filter Range Any Specific Any It is including all source MAC address Specific It is according to SMAC Value specific the source MAC address DMAC Filter Range Any MC BC UC Any It is including all destination MAC address MC It is including all Multicast MAC address BC It is including all Broadcast MAC address UC It is including all Unicast MAC address MAC Parameters When Frame Type IPv4 DMAC Filter Range Any MC BC UC Any It is including all destination MAC address MC It is including all Multicast MAC address BC It is including all Broadcast MAC address UC It is including all Unicast MAC address Ether Type Parameters When Frame Type Ethernet Type EtherType Filter Range Any Specific An
105. Managed 24 Port Gigabit Ethernet Switch with 24 SFP Fiber Support User s Manual DOC 120217 User s Manual 16 Port SFP 8 Port Combo GbE L2 Plus Managed Switch Release 1 45 2009 Manufacture Corporation All rights reserved All brand and product names are trademarks or registered trademarks of their respective companies The information in this document is subject to change without notice Unless the explicit written permission of Manufacture Corporation this document in whole or in part shall not be replicated or modified or amended or transmitted in any from or by any means manual electric electronic electromagnetic mechanical optical or otherwise for any purpose DURATION OF HARDWARE WARRANTY HARDWARE In accordance with the provisions described under Manufacture Corporation hereinafter called Manufacture warrants its hardware products hereinafter referred to as Product specified herein to be for a period of twelve 12 months from the date of shipment Should a Product fail to perform during the effective warranty period as described above Manufacture shall replace the defective Product or part or delivering a functionally equivalent Product or part in receipt of customer s request provided that the customer complies with the return material authorization RMA procedures and returns all defective Product prior to installation of the replacements to Manufacture All defective Products must be returne
106. Number of 256 511 byte frames in good and bad packets received Rx 512 1023 Bytes Number of 512 1023 byte frames in good and bad packets received Rx 1024 Bytes Number of 1024 max_length byte frames in good and bad packets received Tx 64 Bytes Number of 64 byte frames in good and bad packets transmitted Tx 65 127 Bytes Number of 65 126 byte frames in good and bad packets transmitted Tx 128 255 Bytes Number of 127 255 byte frames in good and bad packets transmitted 60 Tx 256 511 Bytes Number of 256 511 byte frames in good and bad packets transmitted Tx 512 1023 Bytes Number of 512 1023 byte frames in good and bad packets transmitted Tx 1024 Bytes Number of 1024 max_length byte frames in good and bad packets transmitted Rx CRC Alignment Number of Alignment errors and CRC error packets received Rx Undersize Number of short frames lt 64 Bytes with valid CRC Rx Oversize Number of long frames according to max_length register with valid CRC Rx Fragments Number of short frames lt 64 bytes with invalid CRC Rx Jabber Number of long frames according tomax_length register with invalid CRC Rx Drops Frames dropped due to the lack of receiving buffer Rx Errors Number of the error packet received Tx Collisions Number of collisions transmitting frames experienced Tx Drops Number of frames dropped due to excessive collision late collision or frame aging Tx FIFO Drops Number
107. O O0O0 0 5 Guest 000000 0000 CIOICIOCINI O dita Lai a 000000 0000 oi alia ta Lal iv Ooo Fig 3 131 Set up Port Policies 142 Finished The ACL configuration wizard is finished and the new configuration is ready for use Click Finish to get more information Click Wizard Again to start the wizard again Fig 3 132 Set up Port Policies ACL Ports Configuration Port Policy ID Action Rate Limiter ID Port Copy Counter Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled ohio SS Permit Disabled v Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled Permit Disabled Disabled goon oanrk Wn es a eee os ee e WN O C1 SIL SI SI SIS SITSI SSL S TST SIT STS O iS OC fy OO Re OO PS oO eS Oo Ee Oo e nn Fig 3 133 Set up Port Policies Finish Welcome to the ACL Configuration Wizard Please select an action Set up Policy Rules Set up the default policy rules for Client ports Server ports Network ports and Guest ports Set up Port Policies Group ports into several types according to different ACL policies Set up Typical Network Application Rules Set up the specific
108. ONS ON USE RESERVATION OF RIGHTS The Software and related documentation are protected under copyright laws Manufacture and or its licensors retain all title and ownership in both the Software and its related documentation including any revisions made by Manufacture The copyright notice must be reproduced and included with any copy of any portion of the Software or related documentation Except as expressly authorized above Licensee shall not copy or transfer the Software or related documentation in whole or in part Licensee also shall not modify translate decompile disassemble use for any competitive analysis reverse compile or reverse assemble all or any portion of the Software related documentation or any copy The Software and related documentation embody Manufacture s confidential and proprietary intellectual property Licensee is not allowed to disclose the Software or any information about the operation design performance or implementation of the Software and related documentation that is confidential to Manufacture to any third party Software and related documentation may be delivered to you subject to export authorization required by governments of Taiwan and other countries You agree that you will not export or re export any Software or related documentation without the proper export licenses required by the governments of affected countries LIMITED SOFTWARE WARRANTY Manufacture warrants that any media on which the Software is rec
109. P Parameters Fig 3 104 IPv4 122 TCP Parameters Specific v b ea Fig 3 105 IPv4 TCP Parameters Fig 3 106 IPv4 TCP Parameters Fig 3 107 IPv4 123 IP Parameters Fig 3 108 IPv4 IP Parameters Fig 3 109 IPv4 IP Parameters Fig 3 110 IPv4 IP Parameters Fig 3 111 IPv4 124 IP Parameters Fig 3 112 IPv4 IP Parameters Fig 3 113 IPv4 IP Parameters Fig 3 114 IPv4 125 IP Parameters Fig 3 115 IPv4 IP Parameters Fig 3 116 IPv4 IP Parameters 255 255 255 0 Fig 3 117 IPv4 126 ACE Configuration hion Port Copy MAC Parameters VLAN Parameters DMAC Filter Any VLAN ID Filter Any Tag Priority Any Fig 3 118 Action ACE Configuration Any Y Frame Type Rate Limiter Disabled v Port Copy Disabled Counter MAC Parameters VLAN Param DMAC Filter VLAN ID Filter Tag Priority Fig 3 119 Rate Limiter 127 ACE Configuration aeai Policy 2 4 Permit Port Copy Frame Type Rate Limiter MAC Parameters Me Disabled Disabled MAC Parameters VLAN Parameters Fig 3 121 DMAC Filter 128 ACE Configuration Action Frame Type Disabled Port Copy Disabled MAC Parameters VLAN Parameters DMAC Filter Any VLAN ID Filter Tag Priori Any om Fig 3 122 VLAN ID Filter VLAN Parameters VLAN ID Filter T
110. P information Connector Type SFP Unknown or unspecified Fiber Type Reserved Tx Central Wavelength 0 Baud Rate 1G Vendor OUI 00 00 00 Vendor Name FIBERXON INC Vendor PN FTM C012R LC Vendor Rev 10 Vendor SN PP220052901281 Date Code 051012 Temperature none Vee none onl Bias mA none on2 TX PWR none on3 RX PWR none SW24GF port Port 23 SFP information Connector Type SFP LC Fiber Type Multi mode MM Tx Central Wavelength 850 Baud Rate 1G Vendor OUI 00 40 c7 Vendor Name APAC Opto Vendor PN KM28 C3S TC N 278 Vendor Rev 0000 Vendor SN 5425010708 Date Code 050530 Temperature none Vee none Monl Bias mA none Mon2 TX PWR none Mon3 RX PWR none show simple counter Syntax show simple counter Description To display the summary counting of each port s traffic Argument None Possible value None Example SW24GF port show simple counter set max frame Set per port maximum frame size 13 14 15 16 17 18 19 20 21 22 23 24 ooooocooooqoooo oooooocoooono oooocooocooooo OO ONO OS OPS Sy Ou SO E ae OOS OV Orion N aa TE O2 S E e E em E a E e E e E a EE e E a E a E T ae E S E e SW24GF port show status Syntax show status Description To display the port s current status Argument None Possible value None 279 SOO OO Or Or SO OS OS ooooocooooqooo o Example SW24G
111. Priority Root Port Root Path Cost Current Max Age sec Current Forward Delay sec Hello Time sec STP Topology Change Count Time Since Last Topology Change sec Enabled 00 40 C7 D8 09 1D 61440 00 40 C7 D8 09 1D 61440 0 0 20 zLTD T2 0 848 293 system set contact Syntax set contact lt contact string gt Description To set the contact description of the switch Argument lt contact gt string length up to 40 characters Possible value lt contact gt A b c d z and 1 2 3 etc Example SW24GF system set contact Taipei set device name Syntax set device name lt device name string gt Description To set the device name description of the switch Argument lt device name gt string length up to 40 characters Possible value lt device name gt A b c d z and 1 2 3 etc Example SW24GF system set device name CR 2600 set location Syntax set location lt location string gt Description To set the location description of the switch Argument lt location gt string length up to 40 characters Possible value lt location gt A b c d z and 1 2 3 etc Example SW24GF system set location Taipei 294 show Syntax show Description To display the basic information of the switch Argument None Possible value None Example SW24GF system show Model Name System De
112. RP messages and all members remain in the unregistered EMPTY state Restricted Mode 81 This function is used to restrict dynamic VLAN be created when this port received GVRP PDU There are two modes disable and enable provided for the user s choice Disabled In this mode the switch dynamic VLAN will be created when this port received GVRP PDU The default setting is Normal Enabled In this mode the switch does not create dynamic VLAN when this port received GVRP PDU Except received dynamic VLAN message of the GVRP PDU is an existed static VLAN in the switch this port will be added into the static VLAN members dynamically 82 3 5 2 Counter Function name GVRP Counter Function description All GVRP counters are mainly divided into Received and Transmitted two categories to let you monitor the GVRP actions Actually they are GARP packets GVRP Counter o Fig 3 32 Parameter description Received Total GVRP Packets Total GVRP BPDU is received by the GVRP application Invalid GVRP Packets Number of invalid GARP BPDU is received by the GARP application LeaveAll Message Packets Number of GARP BPDU with Leave All message is received by the GARP application JoinEmpty Message Packets Number of GARP BPDU with Join Empty message is received by the GARP application Joinin Message Packets Number of GARP BPDU with Join In message is received by the GARP application LeaveEmpty
113. SW24GF mstp set p edge 10 12 0 SW24GF mstp set p hello Syntax set p hello lt port range gt lt hello time gt Description To set per port hello time Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt hello time gt only 1 2 are valid values Possible value lt port range gt syntax 1 5 7 available from 1 to 24 lt hello time gt only 1 2 are valid values Example SW24GF mstp set p hello 5 10 1 SW24GF mstp set p p2p Syntax set p p2p lt port range gt lt admin p2p gt Description To set per port admin p2p Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt admin p2p gt Admin point to point lt auto true false gt Possible value lt port range gt syntax 1 5 7 available from 1 to 24 lt admin p2p gt Admin point to point lt auto true false gt Example SW24GF mstp set p p2p 8 10 auto SW24GF mstp set priority Syntax set priority lt instance id gt lt Instance Priority gt Description To set instance priority Argument lt instance id gt 0 gt CIST 1 4095 gt MSTI lt Instance Priority gt must be a multiple of 4096 available from 0 to 61440 Possible value lt instance id gt 0 gt CIST 1 4095 gt MSTI 265 lt Instance Priority gt 0 to 61440 Example SW24GF mstp set priority 0 4096 SW24GF mstp enable MSTP started SW24GF mstp show instance 0 mstp status enabled
114. TENANCE a a ea ies bedsa nce eva So sdedosaveuees coeds Susan yeacce sey enadecadecves besebanearetedeaiys 212 3 22 Reset DO a a a a r a E E E AE rE an oier TN E ainas aks 212 3 22 2 S0ftware Upload zione e a EE E EE EES E AE ETa 212 SEPA LOGOUT KEEN E E ES E EE a EA N EEES E E S SE EEE EE E E E E ES S 213 4 OPERATION OF CLI MANAGEMENT eesseoesssecsssceessoceesseceessecsscoeesscceesseceesseeesssoeessooeesse 214 t A E E BAY VANN SI L SAN H HEOI SOENE EOE EN E EEEE E E E 214 l DLO A ERE AA AE E EAEE 214 4 2 COMMANDS OF Cli PE EE E E ESO E E S EEE 216 4 2 1 Global Commands Of CLI c ccccccecccesccessceseceecusecseesseeseeeseeseceseeesecesecaecaecnaecsaecaaeeseeeaeees 217 4 2 2 Local Commands Of CEL tere rner oiro te stress E EE E E E e S 223 5 MAINTENANCE isi oa assesccccsscsessscccccetestessstucscscestsccsessasssecudescossstecssasesecesseeeessbasdesecb e cucaassesbesassseses 307 5 1 RESOLVING NO LINK CONDITION cccssscccececeesssececccecseseuececececeeseucaecececeesesssaeeeeececeessaaeeeeess 307 DDE OSTA PE EAE SEA ets Goad EA E EAE EEE Cees Satan neh Beeb a Savane EE EE eves ooo 307 APPENDIX A TECHNICAL SPECIFICATIONS cssssccsssssscsssscccssssccessscssssssccsesseccecssssseeees 308 APPENDIX B NULL MODEM CABLE SPECIFICATIONS ccssssssssssscssssscccssssccecssseeceses 311 iii Revision History Release Date Revision 0 91 2008 03 03 A1 0 95 20
115. UI screen Refresh The simple counts will be refreshed manually when user use mouse to click on Refresh button Clear The simple counts will be reset to zero when user use mouse to click on Clear button 58 3 2 4 Detail Counter The function of Detail Counter collects any information and provides the counting about the traffic of the port no matter the packet is good or bad In the Fig 3 16 the window can show only one port counter information at the same time To see another port s counter you have to pull down the list of Select then you will see the figures displayed about the port you had chosen Each data field has 20 digit long If the counting is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The valid range is 3 to 10 seconds The Refresh Interval is used to set the update frequency Default update time is 3 seconds Function name Detail Counter Function description Display the detailed counting number of each port s traffic In the Fig 3 14 the window can show all counter information of each port at one time Detailed Port Statistics Port 1 Auto refresh Receive Total Transmit Total Rx Packets 17438 Tx Packets 5463 Rx Octets 2456877 Tx Octets 1730395 Rx Unicast 9361 Tx Unicast 5461 Rx Multicast 1035 Tx Multicast 0 Rx Broadcast 7042 Tx Broadcast 2 Rx Pause 0 Tx Pause 0 Rx 64 Bytes 10611 Tx 64 Bytes 1080 Rx 65 127
116. VRP group you can use Administrative Control function to change Applicant Mode and Registrar Mode of GVRP group member 85 3 6 QoS Quality of Service Configuration The switch support four QoS queues per port with strict or weighted fair queuing scheduling There are 24 QoS Control Lists QCL for advance programmable QoS classification based on IEEE 802 1p Ethertype VID IPv4 IPv6 DSCP and UDP TCP ports and ranges High flexibility in the classification of incoming frames to a QoS class The QoS classification looks for information up to Layer 4 including IPv4 and IPv6 DSCP IPv4 TCP UDP port numbers and user priority of tagged frames This QoS classification mechanism is implemented in a QoS control list QCL The QoS class assigned to a frame is used throughout the device for providing queuing scheduling and congestion control guarantees to the frame according to what was configured for that specific QoS class The switch support advanced memory control mechanisms providing excellent performance of all QoS classes under any traffic scenario including jumbo frame A super priority queue with dedicated memory and strict highest priority in the arbitration The ingress super priority queue allows traffic recognized as CPU traffic to be received and queued for transmission to the CPU even when all the QoS class queues are congested 3 6 1 Ports Function name Port QoS Configuration Function description To configure each po
117. WIKEELGAVE 192 168 1 254 Username admin Password admin Table 3 1 After the managed switch has been finished configuration in the CLI via the switch s serial interface you can browse it For instance type http 192 168 1 1 in the address row in a browser it will show the following screen see Fig 3 1 and ask you inputting username and password in order to login and access authentication The default username and password are both admin For the first time to use please enter the default username and password then click the lt Login gt button The login process now is completed Just click the link of Forget Password in WebUI See Fig 3 1 or input Ctrl Z in CLI s login screen See Fig 4 1 4 2 in case the user forgets the manager s password Then the system will display a serial No for the user Write down this serial No and contact your vendor the vendor will give you a temporary password Use this new password as ID and Password and it will allow the user to login the system with manager authority temporarily Due to the limit of this new password the user only can login the system one time therefore please modify your password immediately after you login in the system successfully In this login menu you have to input the complete username and password respectively the switch will not give you a shortcut to username automatically This looks inconvenient but safer In
118. When the segment mode enabled there are max up to 12 LAN segments on the switch and fixed two ports for each LAN segment and each LAN segment will be isolated The fixed segment ports mapping as below Segment Forwarding Port Mapping 1 Port 01 gt Port 02 2 Port 03 gt Port 04 3 Port 05 gt Port 06 4 Port 07 gt Port 08 5 Port 09 gt Port 10 6 Port 11 gt Port 12 7 Port 13 gt Port 14 8 Port 15 gt Port 16 9 Port 17 gt Port 18 10 Port 19 gt Port 20 11 Port 21 gt Port 22 12 Port 23 gt Port 24 64 The ports in the same LAN segment will forward any packet in the same segment ports the received packets will be forwardedto the same segment port member without any change for example VLAN tag or un tag frames The L2 PDU will be passed through between two ports in the same LAN segment Including STP MSTP GVRP LACP Except 802 3X Pause Frame Notice The following L2 switch functions can not work with LAN segmentation mode at the same time GVRP MSTP RSTP STP IGMP Proxy and IGMP Snooping DHCP Snooping IP MAC Binding LACP and Static Port Link Aggregation IEEE 802 1X 65 3 3 2 Tag based Group Function name Tag based Group Configuration Function description It shows the information of existed Tag based VLAN Groups You can also easily create edit and delete a Tag based VLAN group by pressing lt Add gt
119. XX XX XX Example SW24GF mac alias set 23 56 r5 55 3f 03 test3 SW24GF mac alias show MAC Alias No MAC Alias 1 23 56 00 55 3F 03 test3 2 23 56 00 55 EF 03 test13 3 23 56 00 55 EF 33 testl SW24GF mac alias del 23 56 00 55 3F 03 SW24GF mac alias show MAC Alias No MAC Alias 1 23 56 00 55 EF 03 test13 2 23 56 00 55 EF 33 testl set Syntax set lt mac gt lt alias gt Description To set mac alias entry Argument lt mac gt mac address XX XX XX XX XX XX lt alias gt mac alias name max 15 characters Possible value lt mac gt set up the MAC format XX XX XX XX XX XX lt alias gt mac alias name max 15 characters Example SW24GF mac alias set 23 56 r5 55 3f 03 test3 SW24GF mac alias show MAC Alias No MAC Alias 1 23 56 00 55 3F 03 test3 2 23 56 00 55 EF 03 test13 3 23 56 00 55 EF 33 testl show Syntax show Description 253 To display mac alias entry Argument None Possible value none Example SW24GF mac alias show MAC Alias No MAC Alias 1 23 56 00 55 3F 03 test3 2 23 56 00 55 EF 03 test13 3 23 56 00 55 EF 33 testl lt lt mac table gt gt flush Syntax flush Description To del dynamic mac entry Argument none Possible value none Example SW24GF mac mac table flush SW24GF mac mac table show No Type VLAN MAC Port Members 1 Static 1 FF FF FF FF FF FF 1 2 3 4 5 6 7 8 9 10 1
120. abled 1 24 Disable Disable the Port Copy function 1 24 The packets will be copied to the selected port when they met ACL ingress rule 139 3 8 4 Wizard Function name Wizard Function description The wizard function is provide 3 type of typical application for user easy to configure their application with ACL function Welcome to the ACL Configuration Wizard Please select an action Set up Policy Rules Set up the default policy rules for Client ports Server ports Network ports and Guest ports Set up Port Policies Group ports into several types according to different ACL policies Set up Typical Network Application Rules Set up the specific ACL for different typical network application access control To continue click Next Fig 3 125 Wizard Parameter description Please select an Action Set up Policy Rules Set up Port Policies Set up Typical Network Application Rules Set up Source MAC and Source IP Binding Next Click on lt Next gt to confirm current setting and go to next step automatically Cancel Cancel current setting back to top layer in the ACL wizard function Back Click on lt Back gt to back to previous step Wizard Again Click on lt Wizard Again gt the UI will back to top layer in the wizard function Finish Click in lt Finish gt to finish the ACL Wizard setting it will according the selection items to change the related parameters then you hav
121. acket the packet then will be forwarded as the tagged packet with VID y Role This is an egress rule of the port Here you can choose Access Trunk or Hybrid Trunk means the outgoing packets must carry VLAN tag header Access means the outgoing packets carry no VLAN tag header If packets have double VLAN tags one will be dropped and the other will still be left As to Hybrid it is similar to Trunk and both of them will tag out When the port is set to Hybrid its packets will be untagged out if the VID of the outgoing packets with tag is the same as the one in the field of Untag VID of this port Untag VID Valid range is 1 4094 It works only when Role is set to Hybrid Double Tag Double tag mode belongs to the tag based mode however it would treat all frames as the untagged ones which means that tag with PVID will be added into all packets Then these packets will be forwarded as Tag based VLAN So the incoming packets with tag will become the double tag ones Scroll to enable the function and default is Disable 71 3 3 5 Port Isolation Function name Port Isolation Function description Port Isolation provides for an apparatus and method to isolate ports on layer 2 switches on the same VLAN to restrict traffic flow The apparatus comprises a switch having said plurality of ports each port configured as a protected port or a non protected port An address table memory stores an address table having a destination
122. address and port number pair A forwarding map generator generates a forwarding map which is responsive to a destination address of a data packet The method for isolating ports on a layer 2 switch comprises configuring each of the ports on the layer 2 switch as a protected port or a non protected port A destination address on an data packet is matched with a physical address on said layer 2 switch and a forwarding map is generated for the data packet based upon the destination address on the data packet The data packet is then sent to the plurality of ports pursuant to the forwarding map generated based upon whether the ingress port was configured as a protected or non protected port Port Isolation Configuration Port Number Fig 3 24 1 Parameter description Port 1 24 Port number To evoke the port which you want to enable the Port Isolation service Save Press the Save to complete the PVLAN configuration process 72 3 3 6 Management Function name Management Function description To assign a specific VLAN for management purpose Management VLAN viano a Fig 3 25 Parameter description VID Specific Management VLAN ID 73 3 4 MAC MAC Table Configuration gathers many functions including MAC Table Information MAC Table Maintenance Static Forward Static Filter and MAC Alias which cannot be categorized to some function type They are described below 3 4 1 Mac Address Table Functio
123. ag Priority Fig 3 123 VLAN ID Filter ACE Configuration Reon Frame Type Port Copy Disabled MAC Parameters VLAN Parameters DMAC Filter VLAN ID Filter Tag Priority 0 Fig 3 124 Tag Priority 129 Function name ACE Configuration Function description The switch ACL function support up to 128 Access Control Entries ACEs using the shared 128 ACEs for ingress classification You can create an ACE and assign this ACE for each port with lt Any gt or assign this ACE for a policy or assign this ACE for a port There are 8 policies each port can select one of policy then decides which of the Permit Deny Rate Limitation and Port Copy actions would take according to the ACL configuration packet s IPv4 EtherType ARP Protocol MAC Parameters and VLAN parameters Parameter description Ingress Port Range Any Policy 1 8 Port 1 24 Any Apply this ACE rule for each port ingress classification Policy 1 8 Apply this ACE rule for specific policy Port 1 24 Apply this ACE rule for specific port ingress classification IP Protocol Filter Range Any Ethernet Type ARP IPv4 Any It is including all frame type Ethernet Type It is including all Ethernet frame type ARP It is including all ARP protocol frame type IPv4 It is including all IPv4 protocol frame type MAC Parameters When Frame Type Any DMAC Filter Range Any MC BC UC Any It is including all destination MAC address
124. ages sent by the router if the router is the querier on this subnet Available value 1 25 sec Last Member Query Max Response Time To set the last member Query Response Time field is used in specific or group specific query messages The last member query Maximum Response Time is configured as the value Available value 1 25 sec 187 3 15 3 Snooping Function name Snooping Function description IGMP snooping provide the switch to issue to prevent hosts on a local network from receiving traffic for a multicast group they have not explicitly joined It provides switches with a mechanism to prune multicast traffic from links that do not contain a multicast listener IGMP client A switch that does not IGMP snoop will by default flood multicast traffic to all the ports in a broadcast domain or the VLAN equivalent Multicast can cause unnecessary or even crippling load on host devices by requiring them to process packets they have not solicited IGMP snooping Configuration Gnana 125 seconds 1 65535 ra 2 3 4 5 6 7s 9 io 1a 12 13 aa a5 16 a7 10 09 aa a a 4 4 4 4 4 4 4 4 4 4 4 4 4 44 Router Ports Sa ee ee pat 2 3 4 5i6 7 281 9 10 11 12 13 14 15 16 17 18 19 a a a ia al aij a aj a ll a Fa Ua a a Fi a Ceo Fig 3 162 IGMP Snooping Parameter description Host Time Out The IGMP Snooping Host query Timeout field is the amount of t
125. ail Adress 4 Email Adress 5 Email Adress 6 Fig 3 165 Alarm Configuration 196 3 17 DHCP Snooping DHCP Snooping DHCP Snooping State DHCP Snooping Entry DHCP Snooping Client Fig 3 62 3 17 1 DHCP Snooping State Function name DHCP Snooping State Function description The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the dynamic bindings registered with DHCP Snooping DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port related information to a DHCP server This information can be useful in tracking an IP address back to a physical port DHCP Snooping State Fig 3 17 1 DHCP Snooping State Disabled Disabled _ Enabled Parameter description DHCP Snooping state The parameter which set to disabled or enabled the DHCP snooping function on the switch the default is Disabled Note To click Apply when you finish the configuration 197 3 17 2 DHCP Snooping Entry Function name DHCP Snooping Entry Function description DHCP snooping Entry allows a switch to add the an trust DHCP server and 2 trust port to build the DHCP snooping available entry This information can be useful in tracking an IP address back to a physical port and enable or disable the DHCP Option 82 naui Disable v UAGA waa wd Dis Disable Add Drop s
126. art one When you enter this command the CLI would save your current configuration into the non volatile FLASH If you want the configuration still works after rebooting save the configuration using the command save stat Argument None Possible value None Example SW24GF save start Saving start Save Successfully SW24GF 221 Save user Syntax save user Description To save the current configuration as the user defined configuration When you enter this command the CLI would save your current configuration into the non volatile FLASH as user defined configuration Argument None Possible value None Example SW24GF save user Saving user Save Successfully SW24GF 222 4 2 2 Local Commands of CLI 802 1X set maxReq Syntax set maxReg lt port range gt lt vlaue gt Description The maximum number of times that the state machine will retransmit an EAP Request packet to the Supplicant before it times out the authentication session Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt max times range 1 10 Possible value lt port range gt 1 to 24 lt value gt 1 10 default is 2 Example SW24GF 802 1X set maxReq 2 2 set mode Syntax set mode lt port range gt lt mode gt Description To set up the 802 1X authentication mode of each port Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt mode gt
127. ate pps Refer to the following rate configurable value list the unit is Packet Per Second pps 1 2 4 8 16 32 64 128 256 512 1K 2K 4K 8K 16K 32K 64K 128K 256K 512K 1024K 96 3 6 5 Wizard Function name Wizard Function description The QCL configuration Wizard is targeted on user can easy to configure the QCL rules for QoS configuration The wizard provide the typical network application rules user can apply these application easily Welcome to the QCL Configuration Wizard Please select an action Set up Port Policies Group ports into several types according to different QCL policies Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control Set up TOS Precedence Mapping Set up the traffic class mapping to the precedence part of TOS 3 bits when receiving IPv4 IPv6 packets Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the user priority value 3 bits when receiving WLAN tagged packets To continue click Next Fig 3 45 Parameter description Please select an Action User need to select one of action from following items then click on lt Next gt to finish QCL configuration Set up Port Policies Set up Typical Network Application Rules Set up TOS Precedence Mapping Set up VLAN Tag Priority Mapping Next Go to next step Cancel Abort current configuration bac
128. ator guest identity in the field of Authorization in advance before configuring the username and password Only one administrator is allowed to exist and unable to be deleted In addition up to 4 guest accounts can be created The default setting for user account is Username admin Password admin Account Configuration Authorization admin Admin guest Guest KEE o oo Fig 3 5 3 1 3 Time Configuration The switch provides manual and automatic ways to set the system time via NTP Manual setting is simple and you just input Year Month Day Hour Minute and Second within the valid value range indicated in each item If you input an invalid value for example 61 in minute the switch will clamp the figure to 59 NTP is a well known protocol used to synchronize the clock of the switch system time over a network NTP an internet draft standard formalized in RFC 1305 has been adopted on the system is version 3 protocol The switch provides four built in NTP server IP addresses resided in the Internet and an user defined NTP server IP address The time zone is Greenwich centered which uses the expression form of GMT xx hours Function name Time Function description Set the system time by manual input or set it by syncing from Time servers The function also supports daylight saving for different area s time adjustment 38 System Time Setting Current Time Mon Mar 03 15 30 4
129. ax show Description 212 192 168 4 5 192 168 4 22 HTTP TELENT SNMP 192 168 4 23 192 168 4 33 TELENT SNMP 192 168 4 5 192 168 4 22 HTTP TELENT SNMP To show management policy list Argument none Possible value none Example SW24GF policy show 1 Name rulel IP Range 192 168 4 5 192 168 4 22 Action Deny Access Type HTTP TELENT SNMP Port 2345 2 Name rule2 IP Range 192 168 4 23 192 168 4 33 Action Deny Access Type TELENT SNMP Port 678 port clear counter Syntax clear counter Description To clear all ports counter include simple and detail port counter information Argument None Possible value None Example SW24GF port clear counter set description Syntax set description lt port range gt lt description gt Description To set port description Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt description gt set port description max 47 characters Possible value lt port range gt 1 to 24 lt description gt max 47 characters Example SW24GF port set description 3 8 salesdepartment SW24GF port show config Speed Flow Maximum ExcessiveSynopsis add name George ip 192 168 1 1 Port Duplex Control Frame Collision Description type 273 2 Auto Disabled 9600 Discard 3 Auto Disabled 9600 Discard salesdepartment 4 Auto Disabled 9600 Discard salesdepartment 5 Auto
130. ble value None Example SW24GF mirror show Port to mirror to 1 Port Source Enable Destination Enable 2 y o non A Ww 9 10 11 12 13 14 15 16 17 18 V 19 20 21 22 23 24 SW24GF mirror a a e e e e e a a a a 262 mstp disable Syntax disable Description To disable mstp function Argument None Possible value None Example SW24GF mstp disable enable Syntax enable Description To enable mstp function Argument None Possible value None Example SW24GF mstp enable migrate check Syntax migrate check lt port range gt Description To force the port to transmit RST BPDUs Argument Usage migrate check lt port range gt port range syntax 1 5 7 available from 1 to 24 Possible value Usage migrate check lt port range gt port range syntax 1 5 7 available from 1 to 24 Example SW24GF mstp migrate check 1 2 set config Syntax set config lt Max Age gt lt Forward Delay gt lt Max Hops gt Description To set max age forward delay max hops Argument 263 lt Max Age gt available from 6 to 40 Recommended value is 20 lt Forward Delay sec gt available from 4 to 30 Recommended value is 15 lt Max Hops gt available from 6 to 40 Recommended value is 20 Possible value lt Max Age gt available from 6 to 40 Recommended value is 20 lt Forward Delay sec gt available from 4 to 30 Recommended value is 15 lt Max
131. bled Rate Unit Enabled Rate 1 Oo Oo 3 2 Oo o v 3 o 4 o 4 F 4 o 4 5 o o v 6 oO v o v 7 Oo Mi Oo v 8 O O he 9 O Mi O be 10 O Mi Ei 11 o v o v 12 O Ms Fi he 13 Oo v o v 14 O v O ke 15 E v o v 16 O Mi oO be 17 E ba Fi v 18 oO v Fl v 19 Oo i o v 20 F Mi O he 21 F v o v 22 o Mi o 23 F v F v 24 O Mi oO v Fig 3 43 Parameter description Port Port number Policer Enabled Policer enabled to limit ingress bandwidth by policer rate 94 Policer Rate The configurable policer rate range 500 Kbps 1000000 Kbps 1 Mbps 1000 Mbps Policer Unit There are two units for ingress policer rate limit kbps Mbps Shaper Enabled Shaper enabled to limit egress bandwidth by shaper rate Shaper Rate The configurable shaper rate range 500 Kbps 1000000 Kbps 1 Mbps 1000 Mbps Shaper Unit There are two units for egress shaper rate limit kbps Mbps 95 3 6 4 Storm Control Function name Storm Control Configuration Function description The switch support storm ingress policer control function to limit the Flooded Multicast and Broadcast to prevent storm event happen Storm Control Configuration Frame Type Status Rate pps Flooded unicast Multicast Broadcast Fig 3 44 Parameter description Frame Type There three frame types of storm can be controlled Flooded unicast Multicast Broadcast Status Enable Disable Selection means enabled means disabled R
132. capable of managing the network with knowing the address of the Master machine Instead of SNMP or Telnet Ul VSM is only available in Web UI While one switch become the Master two rows of buttons for group device will appear on the top of its Web UI By pressing these buttons user will be allowed to connect the Web UI of the devices of the group in the same window without the login of these device The most top left button is only for Master device See Fig 3 9 The background color of the button you press will be changed to represent that the device is under your management Note It will remove the grouping temporarily in case that you login the switch via the console The device of the group will be shown as station address the last number of IP Address device name on the button e g 196 _GS 2224L otherwise it will show if no corresponding device exists Once the devices join the group successfully then they are merely able to be managed via Master device and user will fail to manage them via telnet console web individually Up to 16 devices can be grouped for VSM however only one Master is allowed to exist in each group For Master redundancy user may configure more than two devices as Master device however the Master device with the smaller MAC value will be the Master one All of these 16 devices can become Master device and back up with each other Virtual Stack Configuration CCC Enabie Master
133. ccescsescesscesecesecusecusecaaecaeeeseeeseesseesseeseseeceseenaesnaeenas 193 3 16 ALARM CONFIGURATION a a T E E S 194 Sal Ono A A 1 RARA EE EEE EET AEE E A EA cs 195 FEI EPA E 11121 AINE EEA AAA A AEA AE 196 3217 DHCP SNOOPING EE E E EE E A E EEE A 197 3 A7 1 DHCP Snooping State isisisi giair crisan ssnipe n aaa eoa anssi aeara 197 3 1 723 DHCP SNOOpin 8 Chente eesin eae E Ees EEEa rioei se EEE EE EI 199 eeki A B DI ces EEN EE SEE EN EAE SE EEN ETENE 199 Bs et ro eat era E B BLY I EAE E AEE E E EE E AE 200 3215 2 r LEDP ENUY an e E E e EN aa a a 202 3 18 3 LEDP StatiStics cccccccecesesesevesesevevevevsvesssesesssssesesesesesesesesesesssesssesesesesesssesesesessseseseesesesess 204 Se 19s SAVE MRES TORE sso 5 c0c5 204 eos he ects ache setae ncetes goes tes ouecsawsaseawat E E E A OE ees 206 3 19 11 Factory Defaults sssccstesscesaseassbiscessnessseiodesbseiecussiadecbes cout sgt seudobeebandsarassassipabsesiagtsandvaeeieeiees 207 EI 9 2 SGVESEGL BE si vse saseseiciudeiadesadosasesttedsessavadadees AAE EE 207 Bs a Bd ls ENTA A NNI EAE ee Ee 207 3 19 4 Restore USC icccecesesesesesesevesesssesevesssesevssssssesssesessvssesesesssesessssscssscsesesesesssesesssesesssssseseseeens 208 3220 EXPORT IMPORT EE E ibs sevscsncetec bes tesczecssvsoses votes OA E EET 209 BEPA RAI FITAGNOSTIES 335 seeicnes E svaae vase Tee A E E E EE 210 DD E E DIGG E E E T E E Gideviauasee 210 SIA 2 PUN EEE E E T E T T E E ietesviasaiaaa ics 211 3 22 MAIN
134. ce Port RAM Size and Flash Size With this information you will know the software version used MAC address serial number how many ports good and so on This is helpful while malfunctioning System Port vlan Model Name SW24GF MAC System Description Managed 24 Port Gigabit Ethernet Switch with 24 SFP Fiber Support GVRP Qos SNMP Contact G EB ACL Device Name SW24GF IP MAC Binding z P g02 1X System Up Time 0 Days 0 Hours 26 Mins 28 Secs ltrunk Current Time Tue Sep 08 10 49 08 2009 STP BIOS Version v1 04 MSTP Firmware Version v1 45 Mirroring PREC CL V1 01 1 01 Multicast Serial Number 032201000011 E Alarm Host IP Address 192 168 1 1 E DHCP Snooping Host MAC Address 00 40 c7 5e 00 d2 FDR UART 1 Dual Media Port RJ45 SFP 8 SFP 16 E Save Restore RAM Size 512M Export Import ery i Diagnostics ashiSiza zan Maintenance CRU Load 2m Location 2 3 Fy 2 3 Logout Fig 3 2 33 The Information of Page Layout On the top side it shows the front panel of the switch In the front panel the linked ports will display green as to the ports which are link off they will be dark For the optional modules the slot will show only a cover plate if no module exists and will show a module if a module is present The image of module depends on the one you inserted The same if disconnected the port will show just dark if linked green See Fig 3 3 ht
135. cially in physical location The following diagram shows how it works and what the difference they are Case2a Port based VLAN See Fig 2 4 Fig 2 4 Port based VLAN Diagram 1 The same VLAN members could not be in different switches 2 Every VLAN members could not access VLAN members each other 3 The switch manager has to assign different names for each VLAN groups at one switch 19 Case 2b Port based VLAN See Fig 2 5 Fig 2 5 Port based VLAN Diagram _ VLAN1 members could not access VLAN2 VLAN3 and VLAN4 members 2 VLAN2 members could not access VLAN1 and VLAN3 members but they could access VLAN4 members 3 VLAN3 members could not access VLAN1 VLAN2 and VLAN4 4 VLAN4 members could not access VLAN1 and VLAN3 members but they could access VLAN2 members Case3a The same VLAN members can be at different switches with the same VID See Fig 2 6 Fig 2 6 Attribute based VLAN Diagram 20 2 1 4 Configuring the Management Agent of SW24GF We offer you three ways to startup the switch management function They are RS 232 console CLI and Web Users can use any one of them to monitor and configure the switch You can touch them through the following procedures Section 2 1 4 1 Configuring the Management Agent of SW24GF through the Serial RS 232 Port Section 2 1 4 2 Configuring the Management Agent of SW24GF through the Ethernet Port Note Please first mo
136. ckets per second Forwarding Rate Speed 1 488 000PPS 1000Mbps 148 800PPS 100Mbps 14 880PPS 10Mbps MAC Address and Self learning 8K MAC address 4K VLAN table entries Buffer Memory Embedded 1392 KB frame buffer Flow Control EEE802 3x compliant for full duplex Backpressure flow control for half duplex Cable and Maximum Length Cat 5 UTP cable up to 100m Up to 220 275 500 550m which depends on Multi Mode Fiber type Single Mode Fiber up to10 30 50Km Single Mode Single Fiber up to 20Km 1000Base SX 1000Base LX 1000Base LX WDM BiDi Diagnostic LED System LED Power Per Port LED 10 100 1000M TP Port 1 to 8 LINK ACT 10 100 1000Mbps 1000M SFP Fiber Port 1 to 24 SFP LINK ACT Power Requirement AC Line Voltage 100 240 V 309 Frequency Consumption Ambient Temperature Humidity Dimensions 50 60 Hz 40W 0 to 40 C 5 to 90 44 H x 442 W x 209 D m Comply with FCC Part 15 Class A amp CE Mark Approval Management Software Specifications Auto negotiation support on 10 100 1000 Base TX ports Web browser or console interface can set transmission speed 10 100 1000Mbps and operation mode Full Half duplex on each port enable disable any port set VLAN group set Trunk Connection SNMP support MIB II Bridge MIB RMON MIB IEEE 802 1D Port Base 802 1Q Tagged allowed up to 256 active VLANs in one switch
137. ct weighted lt low queue weighted gt 1 2 4 8 lt normal queue weighted gt 1 2 4 8 lt medium queue weighted gt 1 2 4 8 lt high queue weighted gt 1 2 4 8 Possible value lt range syntax gt 1 to 24 lt default class option gt low normal medium high lt qcl gt 1 to 24 lt user priority gt 0 to 7 lt queuing mode gt strict weighted lt low queue weighted gt 1 2 4 8 lt normal queue weighted gt 1 2 4 8 lt medium queue weighted gt 1 2 4 8 lt high queue weighted gt 1 2 4 8 Example SW24GF qos ports set port 2 medium 1 3 weithted 2 2 2 2 SW24GF qos ports show 281 2 Medium 1 3 Weighted Fair 3 Low 1 0 Strict Priority 4 Low 1 0 Strict Priority 5 Low 1 0 Strict Priority 6 Low 1 0 Strict Priority 7 Low 1 0 Strict Priority 8 Low 1 0 Strict Priority 9 Low 1 0 Strict Priority 10 Low 1 0 Strict Priority 11 Low 1 0 Strict Priority 12 Low 1 0 Strict Priority 13 Low 1 0 Strict Priority 14 Low 1 0 Strict Priority SW24GF qos ports show Syntax show Description To show port information Argument none Possible value none Example SW24GF qos ports show Number of Classes 2 2 Medium 1 3 Weighted Fair 3 Low 1 0 Strict Priority 4 Low 1 0 Strict Priority 5 Low 1 0 Strict Priority 6 Low 1 0 Strict Priority 7 Low 1 0 Strict Priority 8 Low 1 0 Strict Priority 9 Low 1 0 Strict Priority 10 Low 1 0 Strict Priority lt lt qcel gt gt set Syntax
138. d 3 Auto Disabled 9600 Discard 4 1G Full Disabled 9600 Discard 5 1G Full Disabled 9600 Discard 6 Auto Disabled 9600 Discard 7 Auto Disabled 9600 Discard 8 Auto Disabled 9600 Discard 9 Auto Disabled 9600 Discard 10 Auto Disabled 9600 Discard 11 Auto Disabled 9600 Discard 12 Auto Disabled 9600 Discard show detail counter Syntax show detail counter lt port gt Description To display the display detail port counter Argument lt port gt port available from 1 to 24 Possible value lt port gt 1 24 Example SW24GF port show detail counter 3 Rx Multicast 6 Tx Multicast 641 Rx Broadcast 94 Tx Broadcast 5251 Rx Pause 0 Tx Pause 0 Receive Size Counters Transmit Size Counters Rx 64 Bytes 7381 Tx 64 Bytes 4351 Rx 65 127 Bytes 291 Tx 65 127 Bytes 2342 Rx 128 255 Bytes 118 Tx 128 255 Bytes 605 Rx 256 511 Bytes 53 Tx 256 511 Bytes 1081 Rx 512 1023 Bytes 33 Tx 512 1023 Bytes 144 Rx 1024 1526 Bytes 28 Tx 1024 1526 Bytes 11453 Rx 1527 Bytes 0 Tx 1527 Bytes 277 Receive Error Counters Transmit Error Counters Rx Drops Rx CRC Alignment Rx Undersize Rx Oversize Rx Fragments Rx Jabber show sfp Syntax show sfp lt port gt Description Tx Drops Tx Late Exc Coll oo o0c0 0 fF To display the SFP module information Argument lt port gt SFP port of the switch available from 1to 24 Possible value lt port gt 1 24 Example SW24GF port show sfp 11 Port 11 SF
139. d the network efficiency is also improved to accommodate high bandwidth applications In addition the switch features comprehensive and useful functions such as QoS Quality of Service Spanning Tree VLAN Port Trunking Bandwidth Control Port Security SNMP RMON IGMP Snooping capability via the intelligent software It is suitable for both metro LAN and office applications Others the switch increase support the Power saving for reduce the power consumption with ActiPHY Power Management and PerfectReach Power Management two technique It could efficient saving the switch power with auto detect the client idle and cable length to provide different power In this switch Port 1 and Port 8 include two types of media TP and SFP Fiber LC BiDi LC this port supports 10 100 1000Mbps TP or 1000Mbps SFP Fiber with auto detected function 1000Mbps SFP Fiber transceiver is used for high speed connection expansion 1000Mbps LC Multi Mode SFP Fiber transceiver 1000Mbps LC 10km SFP Fiber transceiver 1000Mbps LC 30km SFP Fiber transceiver 1000Mbps LC 50km SFP Fiber transceiver 1000Mbps BiDi LC 20km 1550nm SFP Fiber WDM transceiver 1000Mbps BiDi LC 20km 1310nm SFP Fiber WDM transceiver 10 100 1000Mbps TP is a standard Ethernet port that meets all IEEE 802 3 u x z Gigabit Fast Ethernet specifications 1000Mbps SFP Fiber transceiver is a Gigabit Ethernet port that fully complies with all IEEE 802 3z and 1
140. d to Manufacture with issuance of a Return Material Authorization number RMA number assigned to the reseller from whom the end customer originally purchased the Product The reseller is responsible for ensuring the shipments are insured with the transportation charges prepaid and the RMA number clearly marked on the outside of the package Manufacture will not accept collect shipments or those returned without an RMA number Manufacture shall not be responsible for any software firmware information or memory data contained in stored on or integrated with any Product returned to Manufacture pursuant to any warranty EXCLUSIONS The warranty as mentioned above does not apply to the following conditions in Manufacture s judgment it contains 1 customer does not comply with the manual instructions offered by Manufacture in installation operation repair or maintenance 2 Product fails due to damage from unusual external or electrical stress shipment storage accident abuse or misuse 3 Product is used in an extra hazardous environment or activities 4 any serial number on the Product has been removed or defaced 5 this warranty will be of no effect if the repair is via anyone other than Manufacture or the approved agents or 6 In the event of any failures or delays by either party hereto in the performance of all or any part of this agreement due to acts of God war riot insurrection national emergency strike embargo storm earthquake
141. de which is assigned by DHCP server while DHCP is enabled DNS can help you easily remember the mnemonic address name with the meaningful words in it Default is no assignment of DNS address Default 0 0 0 0 43 3 1 5 Loop Detection The loop detection is used to detect the presence of traffic When switch receives packet s looping detection frame MAC address the same as oneself from port show Loop detection happens The port will be locked when it received the looping detection frames If you want to resume the locked port please find out the looping path and take off the looping path then select the resume the locked port and click on Resume to turn on the locked ports Function name Loop Detection Function description Display whether switch open Loop detection Detection Port Parameter description Port No Display the port number The number is 1 24 Detection Port Enable When Port No is chosen and enable port s Loop detection the port can detect loop happens When Port No is chosen enable port s Loop detection and the port detects loop happen port will be Locked If Loop did not happen port maintains Unlocked Locked Port Resume When Port No is chosen enable port s Loop detection and the port detects loop happen the port will be Locked When choosing Resume port locked will be opened and turned into unlocked If not choosing Resume Port maintains locked 44 3 1 6 Manageme
142. details please refer to Section 4 2 1 Command instructions reside in the corresponding modes are local commands The same command with the same command name may occur but perform totally different function in different modes For example show in IP mode performs displaying the IP information however it performs displaying the system information in system mode For more details please refer to Section 4 2 2 Managed Switch SW24GF Login admin Password xxx SW24GFH 802 1 Enter into 802 1 mode account Enter into account mode acl Enter into acl mode alarm Enter into alarm mode autologout Change autologout time config file dhcp_snooping diagnostics firmware gyrp hostname ip ip_mac_binding ldp loop detection mac mirror mstp multicast policy port qos reboot snmp q to quit Enter into config file mode Enter into dhcp snooping mode Enter into diagnostics mode Enter into firmware mode Enter into gyrp mode Change hostname Enter into ip mode Enter into ip mac binding mode Enter into lldp mode Enter into Loop Detection LD mode Enter into mac mode Enter into mirror mode Enter into mstp mode Enter into multicast mode Enter into Management Policy mode Enter into port mode Enter into gos mode Reboot the system Enter into snmp mode Fig 4 3 216 4 2 1 Global Commands of CLI end Syntax end Description Back to the top mode When you enter this command your current p
143. dify the IP address Subnet mask Default gateway and DNS through RS 232 console and then do the next 21 2 1 4 1 Configuring the Management Agent of SW24GF through the Serial RS 232 Port To perform the configuration through RS 232 console port the switch s serial port must be directly connected to a DCE device for example a PC through RS 232 cable with DB 9 connector Next run a terminal emulator with the default setting of the switch s serial port With this you can communicate with the switch In the switch RS 232 interface only supports baud rate 115200 bps with 8 data bits 1 stop bit no parity check and no flow control RS 232 DB 9 Connector Au TESS geo e ecccce a ae d nnipn nn a 56 55 SW24GF L2 Managed Switch Default IP Setting IP address 192 168 1 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 oe io rore are oror Gombe Pert ns 42 Pies Manages Heres RS 232 cable with female DB 9 connector at both ends Fig 2 7 Terminal or Terminal Emulator To configure the switch please follow the procedures below 1 Find the RS 232 DB 9 cable with female DB 9 connector bundled Normally it just uses pins 2 3 and 7 See also Appendix B for more details on Null Modem Cable Specifications 2 Attaches the DB 9 female cable connector to the male serial RS 232 DB 9 connector on the switch 3 Attaches the other end of the serial RS 232 DB 9 cable to PC s
144. ding the VLAN registration service through a GARP application It makes use of GARP Information Declaration GID to maintain the ports associated with their attribute database and GARP Information Propagation GIP to communicate among switches and end stations With GID information and GIP GVRP state machine maintain the contents of Dynamic VLAN Registration Entries for each VLAN and propagate these information to other GVRP aware devices to setup and update their knowledge database the set of VLANs associated with currently active members and through which ports these members can be reached In GVRP Configuration function folder there are three functions supported including GVRP Config GVRP Counter and GVRP Group explained below 3 5 1 Config Function name GVRP Configuration Function description In the function of GVRP Config it is used to configure each port s GVRP operation mode in which there are seven parameters needed to be configured described below GVRP Configuration GVRP State Disabled v _Port_ Join Time Leave Time LeaveAll Time Default Applicant Mode Default Registrar Mode 1 20 60 1000 Normal Normal x Disabled 2 20 60 1000 Normal s Normal Disabled 3 20 J 650_ _ 1000 Normal E Normal Disabled v 4 20 s0 1000 Normal x Normal v
145. dsbl 2000000 128 2 2 V 10 DISCARDING dsbl 2000000 128 2 2 V 11 DISCARDING dsbl 2000000 128 2 2 V 12 DISCARDING dsbl 2000000 128 2 2 V 13 DISCARDING dsbl 2000000 128 2 2 V 14 DISCARDING dsbl 2000000 128 2 2 V 15 DISCARDING dsbl 2000000 128 2 2 V 16 DISCARDING dsbl 2000000 128 2 2 V 17 DISCARDING dsbl 2000000 128 2 2 V 18 DISCARDING dsbl 2000000 128 2 2 V 19 DISCARDING dsbl 2000000 128 2 2 V 20 DISCARDING dsbl 2000000 128 2 2 V 21 DISCARDING dsbl 2000000 128 2 2 V 22 DISCARDING dsbl 2000000 128 2 2 V 23 DISCARDING dsbl 2000000 128 2 2 V 24 DISCARDING dsbl 2000000 128 2 2 V SW24GF mstp set r tcn Syntax set r tcn lt port range gt lt restricted ten gt Description To set per port restricted tcn Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt restricted tcn gt 0 gt false 1 gt True Possible value lt port range gt 1 to 24 lt restricted tcn gt 0 gt false 1 gt True Example SW24GF mstp set r tcn 9 10 1 SW24GF mstp set r tcn 14 20 1 SW24GF mstp show pconf 0 Port Path Cost Priority Hello Edge Port P2P Role Ten system Enter in 2 0 128 2 true auto false false 3 0 128 2 true auto false true 4 0 128 2 true auto false true 5 0 128 2 true auto false false 6 0 128 2 true auto false false 7 0 128 2 true auto false false 8 0 128 2 true auto true false 9 0 128 2 true auto true true 10 0 128 2 true auto true true 267 Se SS q to quit 11 0 128 2 true 12 0 128 2 true 13 0
146. e If an unauthorized user tries to access an IP MAC binding enabled port the system will block the access by dropping its packet 3 9 1 IP MAC Binding Configuration Function name IP MAC Binding Configuration Function description The switch has IP MAC Binding table The maximum number of IP MAC binding table is 1024 entries The creation of authorized users can be manually The function is global this means a user can enable or disable the function for all ports on the switch IP MAC Binding Configuration Ela Sal Sale all al ale Sid ial Trust Port Sr toe o aee ae ast a ses ate Ere aesh lc 2928 2ezF 28 F ar ash ack MAC a ee eo CHEL H H i bw CL Add es Fig 3 139 IP MAC Binding Configuration Parameters description State Disabled Enabled Trust Port To evoke the port which you want to enable the IP MAC binding service 146 MAC Six byte MAC Address XX XX XX XX XX XX For example 00 40 c7 00 00 01 IP Four byte IP Address xxx xxx xxX XXX For example 192 168 1 100 Port No Port no 1 24 VID VLAN ID 1 4094 Add Input MAC IP Port and VID then click on lt Add gt to create a new entry into the IP MAC Binding table Delete Select one of entry from the table then click on lt Delete gt to delete this entry 147 3 9 2 IP MAC Binding Dynamic Entry Function name IP MAC Binding Dynamic Entry Function description It to display the IP MAC Binding dynamic E
147. e If you need use PVLAN Private VLAN function on Switch then you need follow up the process as below a Create a VLAN as primary VLAN and the VLAN ID is 2 and evoke the Private VLAN to enable Private VLAN service b Assign port member to the VLAN2 67 Create VLAN Group 2 VLAN2 VLAN Name IGMP Proxy C Enable Privite VLAN M Enable aj aj fil fia Tia ial al ll bena 9 0 10 M 11 M 12 M 13 M 14 4 15 M 16 0 17 1 18 0 19 0 20 0 21 0 22 0 23 0 24 0 Fig 3 20 1 3 3 3 Port based Group Function name Port based Group Configuration Function description It shows the information of the existed Port based VLAN Groups You can easily create edit and delete a Port based VLAN group by pressing lt Add gt lt Edit gt and lt Delete gt function buttons User can add a new VLAN group by inputting a new VLAN name Port Based VLAN Memberships Configuration VLAN Name Port Members Delete Group 1 1 2 34 5678 91011121314 15 16 17 18 19 20 2122 23 24 2 3 46 6 7 B 9 10 11 1213 14 18 16 17 18 19 2021 22 23 24 O 1 Fig 3 21 Parameter description VLAN Name The name defined by administrator is associated with a VLAN group Valid letters are A Z a z 0 9 and _ characters The maximal length is 15 characters Member Port This is used to enable or disable if a port is a member of the new added VLAN Enable means it is a member of the VLAN
148. e The router on the upstream interface should be running IGMP IGMP Proxy Configuration General Query Interval General Query Response Timeout General Query Max Response Time Last Member Query Count seconds 1 3600 seconds 1 25 seconds 1 25 times 1 16 seconds 1 25 Last Member Query Interval Last Member Query Max Response Time seconds 1 25 Router Ports pa 2 3 4 5io6 7 3819 iof 11 12 13 14 15 16 17 18 ja a ja a ia a lalla a a aw la a al a a a Fig 3 161 IGMP Proxy Parameter description General Query Interval The general query interval is the amount of time in seconds between IGMP General Query messages sent by the router if the router is the querier on this subnet Available value 1 3600 sec General Query Response Timeout The General Query Response Timeout field is the amount of time in seconds Available value 1 25 sec General Query Max Response Time The Maximum Response Time field is only used in general or group specific query messages The Maximum Response Time is configured as the value for the Query response interval setting Available value 1 25 sec 186 Last Member Query Count To set last member Query Count on Switch Available value 1 16 times Last Member Query Interval The last member query interval is the amount of time in seconds between IGMP last member Query mess
149. e supplicant will initiate EAPOL Start the process by sending to the authenticator And next the Supplicant replies an EAP Response Identity to the authenticator The authenticator will embed the user ID into Radius Access Request command and send it to the authentication server for confirming its identity After receiving the Radius Access Request the authentication server sends Radius Access Challenge to the supplicant for asking for inputting user password via the authenticator PAE The supplicant will convert user password into the credential information perhaps in MD5 format and replies an EAP Response with this credential information as well as the specified authentication algorithm MD5 or OTP to Authentication server via the authenticator PAE As per the value of the type field in message PDU the authentication server knows which algorithm should be applied to authenticate the credential information EAP MD5 Message Digest 5 or EAP OTP One Time Password or other else algorithm 151 8 lf user ID and password is correct the authentication server will send a Radius Access Accept to the authenticator If not correct the authentication server will send a Radius Access Reject 9 When the authenticator PAE receives a Radius Access Accept it will send an EAP Success to the supplicant At this time the supplicant is authorized and the port connected to the supplicant and under 802 1X control is in the authorized state The
150. e alias show 249 MAC Alias List MAC Address Alias 1 00 02 03 04 05 06 aaa 2 00 33 03 04 05 06 ccc 3 00 44 33 44 55 44 www loop detection disable Syntax disable lt gt Description To disable switch ports the loop detection function Argument lt gt set up the range of the ports to search for syntax 1 5 7 available form 1 to 24 Possible value lt gt 1 to 24 Example SW24GF loop detection disable 1 24 SW24GF loop detection show Detection Port Locked Port Port Status Port Status 1 Disable 1 Norma 2 Disable 2 Norma 3 Disable 3 Norma 4 Disable 4 Norma 5 Disable 5 Norma 6 Disable 6 Norma 7 Disable 7 Norma 8 Disable 8 Norma enable Syntax enable lt gt Description To enable switch ports the loop detection function Argument lt gt set up the range of the ports to search for syntax 1 5 7 available form 1 to 24 Possible value lt gt 1 to 24 Example SW24GF loop detection enable 1 24 SW24GF loop detection show Detection Port Locked Port Port Status Port Status 250 1 Enable 1 Norma 2 Enable 2 Norma 3 Enable 3 Norma 4 Enable 4 Norma 5 Enable 5 Norma 6 Enable 6 Norma 7 Enable 7 Norma 8 Enable 8 Norma Resume Syntax resume lt gt Description To resume locked ports on switch Argument lt gt set up the range of the ports to search for syntax 1 5 7 available form 1 to 24 Possible value
151. e the gvrp function 1 enable the gvrp function Possible value 0 disable the gvrp function 1 enable the gvrp function Example SW24GF gvrp set state 1 group applicant Syntax group applicant lt vid gt lt port gt lt 0 1 gt Description To enter any of gvrp group for changing gvrp group setting You can change the applicant or registrar mode of existing gvrp group per port Argument lt vid gt enter which gvrp group you had created using value is vid Available range 1 to 4094 lt port gt 1 to 24 lt O 1 gt Possible value lt vid gt 1 4094 lt port gt 1 to 24 Example SW24GF evrp group applicant 2 5 0 GVRP group information Current Dynamic Group Number 1 VID Member Port 241 set applicant Syntax set applicant lt port gt lt 0 1 gt Description To set default applicant mode for each port Argument lt port gt port range syntax 1 5 7 available from 1 to 24 lt 0 gt set applicant as normal mode lt 1 gt set applicant as non participant mode Possible value lt port gt 1 to 24 lt 0 1 gt normal or non participant Example SW24GF evrp set applicant 1 10 non participant set registrar Syntax set registrar lt port gt lt 0 1 2 gt Description To set default registrar mode for each port Argument lt port gt port range syntax 1 5 7 available from 1 to 24 lt 0 gt set registrar as normal mode lt 1 gt set registrar as f
152. e the management through the network no matter it is from a web browser or Network Management System NMS 23 2 1 4 2 Configuring the Management Agent of SW24GF through the Ethernet Port There are three ways to configure and monitor the switch through the switch s Ethernet port They are CLI Web browser and SNMP manager The user interface for the last one is NMS dependent and does not cover here We just introduce the first two types of management interface SW24GF L2 Managed Switch Default IP Setting IP 192 168 1 1 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 Assign a reasonable IP address For example IP 192 168 1 100 Subnet Mask 255 255 255 0 Default Gateway 192 168 1 254 Fig 2 9 Managing SW24GF through Ethernet Port Before you communicate with the switch you have to finish first the configuration of the IP address or to know the IP address of the switch Then follow the procedures listed below 1 Setup a physical path between the configured the switch and a PC by a qualified UTP Cat 5 cable with RJ 45 connector Note If PC directly connects to the switch you have to setup the same subnet mask between them But subnet mask may be different for the PC in the remote site Please refer to Fig 2 9 about the switch s default IP address information 2 Run CLI or web browser and follow the menu Please refer to Chapter 3 and Chapter 4 24 Please Input Username amp
153. e the parameters as below see the next section Baud rate 115200 Stop bits 1 Data bits 8 Parity N Flow control none 4 1 1 Login The command line interface CLI is a text based interface User can access the CLI through either a direct serial connection to the device or a Telnet session The default values of the managed switch are listed below Username admin Password admin After you login successfully the prompt will be shown as if you are the first login person and your authorization is administrator otherwise it may show See the following two figures The former means you behave as an administrator and have the access right of the system As to the latter it means you behave as a guest and are only allowed to view the system without the permission to do any setting for this switch 214 Managed Switch SW24GF Login admin Password s SH24GFH Fig 4 1 Managed Switch SW24GF Login guest Password s SW24GF Fig 4 2 215 4 2 Commands of CLI To see the commands of the mode please input after the prompt then all commands will be listed in the screen All commands can be divided into two categories including global commands and local commands Global commands can be used wherever the mode you are They are exit end help history logout save start save user restore default and restore user For more
154. e time periodically without user s processing Time Zone is an offset time off GMT You have to select the time zone first and then perform time sync via NTP because the switch will combine this time zone offset and updated NTP time to come out the local time otherwise you will not able to get the correct time The switch supports configurable time zone from 12 to 13 step 1 hour 39 Default Time zone 8 Hrs Daylight Saving Daylight saving is adopted in some countries If set it will adjust the time lag or in advance in unit of hours according to the starting date and the ending date For example if you set the day light saving to be 1 hour When the time passes over the starting time the system time will be increased one hour after one minute at the time since it passed over And when the time passes over the ending time the system time will be decreased one hour after one minute at the time since it passed over The switch supports valid configurable day light saving time is 5 5 step one hour The zero for this parameter means it need not have to adjust current time equivalent to in act daylight saving You don t have to set the starting ending date as well If you set daylight saving to be non zero you have to set the starting ending date as well otherwise the daylight saving function will not be activated Default for Daylight Saving 0 The following parameters are configurable for the function Daylight Sa
155. e to click on lt Apply gt to confirm the all changed parameters setting 140 Welcome to the ACL Configuration Wizard Please select an action Set up Policy Rules Set up the default policy rules for Client ports Server ports Network ports and Guest ports Set up Port Policies Group ports into several types according to different ACL policies Setup Typical Network Application Rules Set up the specific ACL for different typical network application access control To continue click Next Fig 3 126 Set up Policy Rules Set up Policy Rules Set up the default policy rules for Client ports Server ports Network ports and Guest ports Policy 2 for client ports Limit the allowed rate of broadcast and multicast frames Policy 3 for server ports Common server access only DHCP FTP Mail and WEB server Policy 4 for network ports Limit the allowed rate of TCP SYN flooding and ICMP flooding Policy 5 for guest ports Internet access only To continue click Next Fig 3 127 Set up Policy Rules Finished The ACL configuration wizard is finished and the new configuration is ready for use Click Finish to get more information Click Wizard Again to start the wizard again Fig 3 128 Set up Policy Rules 141 Access Control List Configuration Ingress Port Frame Type Action Rate Limiter Port Copy Counters Policy 2 Permit 1 Disabled o 86 C9 Policy 2 Permit 1 Disabled o amp
156. efault 20 centisecond Leave Time Used to declare the Leave Time in unit of centisecond Valid time range 60 300 centisecond Default 60 centisecond Leave All Time A time period for announcement that all registered device is going to be de registered If someone still issues a new join then a registration will be kept in the switch Valid range 1000 5000 unit time Default 1000 unit time Default Applicant Mode The mode here means the type of participant There are two modes normal participant and non participant provided for the user s choice Normal It is Normal Participant In this mode the switch participates normally in GARP protocol exchanges The default setting is Normal Non Participant It is Non Participant In this mode the switch does not send or reply any GARP messages It just listens messages and reacts for the received GVRP BPDU Default Registrar Mode The mode here means the type of Registrar There are three types of parameters for registrar administrative control value normal registrar fixed registrar and forbidden registrar provided for the user s choice Normal It is Normal Registration The Registrar responds normally to incoming GARP messages The default setting is Normal Fixed It is Registration Fixed The Registrar ignores all GARP messages and all members remain in the registered IN state Forbidden It is Registration Forbidden The Registrar ignores all GA
157. enced in some way The ACLs are divided into EtherTypes IPv4 ARP protocol MAC and VLAN parameters etc Here we will just go over the standard and extended access lists for TCP IP As you create ACEs for ingress classification you can assign a policy for each port the policy number is 1 8 however each policy can be applied to any port This makes it very easy to determine what type of ACL policy you will be working with 3 8 1 Ports Function name ACL Port Configuration Function description The switch ACL function support up to 128 Access Control Entries ACEs using the shared 128 ACEs for ingress classification You can create an ACE and assign this ACE for each port with lt Any gt or assign this ACE for a policy or assign this ACE for a port There are 8 policies each port can select one of policy then decides which of the following actions would take according to the packet s IPv4 EtherType ARP Protocol MAC Parameters and VLAN parameters Packet Deny or Permit Rate Limiter Unit pps Port Copy 1 24 ACL Ports Configuration Sa ea 1 Permit Disabled Disabled 92459 2 1 Permit Disabled Disabled x 0 3 104 Permit Disabled Disabled 0 4 im Permit i Disabled v Disabled s 0 5 1m Permit Disabled Disab
158. et the range of email syntax 1 5 7 Possible value lt range gt 1 24 Example SW24GF alarm events set email 1 3 set trap Syntax set trap lt range gt Description To enable the trap of the events Argument lt range gt set the range of trap syntax 1 5 7 Possible value lt range gt 1 24 Example SW24GF alarm events set trap 1 3 show Syntax show Description To display the configuration of alarm event Argument None Possible value None 237 Example SW24GF alarm events show Events Email Trap Cold Start Warm Start Link Down Link Up Authentication Failure Login lt lt lt lt lt Logout Module Inserted Module Removed Dual Media Swapped Looping Detected STP Disabled STP Enabled STP Topology Changed LACP Disabled 16 LACP Enabled 17 LACP Member Added 18 LACP Aggregates Port Failure 19 GVRP Disabled 20 GVRP Enabled 21 VLAN Disabled 22 Port based Vlan Enabled 23 Tag based Vlan Enabled 24 IP MAC Binding Enabled 25 IP MAC Binding Disabled 26 IP MAC Binding Client Authenticate error 27 IP MAC Binding Server Authenticate error ANoonF WN O aro ee E E o eA PAT 238 show alarm Syntax show Description The Show for alarm here is used to display the configuration of Events or E mail Argument None Possible value None Example SW24GF alarm show events SW24GF alarm show email
159. g Restore user config 218 history Syntax history Description To show a list of previous commands that you had ever run When you enter this command the CLI would show a list of commands which you had typed before The CLI supports up to 256 records If no argument is typed the CLI would list total records up to 256 If optional argument is given the CLI would only show the last numbers of records given by the argument Argument show last number of history records optional Possible value 1 2 3 256 Example SW24GF ip history Command history 0 trunk exit SW24GF trunk SW24GF trunk exit SW24GF 2 trunk exit O DR ee EOD alarm so events S end ip help ip history m m rk or D E SW24GF ip history 3 Command history 13 ip 14 history 15 history 3 SW24GF ip 219 logout Syntax logout Description When you enter this command via Telnet connection you would logout the system and disconnect If you connect the system through direct serial port with RS 232 cable you would logout the system and be back to the initial login prompt when you run this command Argument None Possible value None Example SW24GF logout restore default Syntax restore default Description When you use this function in CLI the system will show you the information Do you want to restore the default IP address y n If y
160. ge is from 1 to 65535 Default 32768 LACP System Priority System Priority 32768 1 65535 Fig 3 147 LACP System Priority Parameter description System Priority Show the System Priority part of a system ID 1 65535 166 3 12 STP Configuration The Spanning Tree Protocol STP is a standardized method IEEE 802 1D for avoiding loops in switched networks When STP is enabled ensure that only one path is active between any two nodes on the network at a time User can enable Spanning Tree Protocol on switch s web management and then set up other advanced items We recommend that you enable STP on all switches to ensure a single active path on the network 3 12 1 Status Function name STP Status Function description In the Spanning Tree Status user can read 12 parameters to know STP current status The 12 parameters description is listed in the following table STP Status STP State Disabled Fig 3 148 STP Status Parameter description STP State 00 40 C7 01 02 33 32768 00 40 C7 01 02 33 32768 0 0 20 15 2 0 0 Show the current STP Enabled Disabled status Default is Disabled Bridge ID Show switch s bridge ID which stands for the MAC address of this switch Bridge Priority Show this switch s current bridge priority setting Default is 32768 Designated Root Show root bridge ID of this network segment If this switch is a root bridge the Designated Root
161. h port lt port gt policy lt policy gt lt vid gt lt tag_prio gt lt dmac_type gt any etype lt etype gt lt smac gt arp lt arp type gt lt opcode gt any lt source ip gt lt source ip mask gt any lt destination ip gt lt destination ip mask gt lt source mac gt lt arp smac match flag gt lt raro dmac match flag gt lt ip ethernet length flag gt kip flag gt lt ethernet flag gt ip lt source ip gt lt source ip mask gt any lt destination ip gt lt destination ip mask gt any lt ip ttl gt lt ip fragment gt lt ip option gt icmp lt icmp type gt lt icmp code gt udp lt source port range gt lt destination port range gt tcp lt source port range gt lt destination port range gt lt tcp fin flag gt lt tcp syn flag gt lt tcp rst flag gt lt tcp psh flag gt lt tcp ack flag gt lt tcp urg flag gt other lt ip protocol value gt any lt action gt lt rate limiter gt lt port copy gt Description To set access control entry on switch Argument Possible value Example show Syntax show Description To show all access control entry setting on switch Argument none Possible value none Example SW24GF acl show port policy id action rate limiter port copy counter a class map 5 1 deny 2 2 23 1 permit 0 0 0 24 1 permit 0 0 0 233 rate limiter rate pps 1 1
162. h the authenticator on the port it connected via EAPOL packet The authenticator transfers the supplicant s credentials to Authentication server for verification If success the authentication server will notice the authenticator the grant PC A then is allowed to access B and C via the switch If there are two switches directly connected together instead of single one for the link connecting two switches it may have to act two port roles at the end of the link authenticator and supplicant because the traffic is bi directional 150 Server s System Authentication server Supplicant A Fig 3 54 The Fig 3 55 shows the procedure of 802 1X authentication There are steps for the login based on 802 1X port access control management The protocol used in the right side is EAPOL and the left side is EAP 1 At the initial stage the supplicant A is unauthenticated and a port on switch acting as an authenticator is in unauthorized state So the access is blocked in this stage Initiating a session Either authenticator or supplicant can initiate the message exchange If supplicant initiates the process it sends EAPOL start packet to the authenticator PAE and authenticator will immediately respond EAP Request Identity packet The authenticator always periodically sends EAP Requesi Identity to the supplicant for requesting the identity it wants to be authenticated If the authenticator doesn t send EAP Request Identity th
163. he setting click lt Apply gt button the setting takes effect SNMP Configuration ISNMP sd Enable Disable private Enable 0 0 0 0 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public 0 0 0 0 162 Community public Fig 3 63 Community and trap host setting Parameters description SNMP The term SNMP here is used for the activation or de activation of SNMP Default is Enable Get Set Trap Community Community name is used as password for authenticating if the 107 requesting network management unit belongs to the same community group If they both don t have the same community name they don t belong to the same group Hence the requesting network management unit can not access the device with different community name via SNMP protocol If they both have the same community name they can talk each other Community name is user definable with a maximum length of 15 characters and is case sensitive There is not allowed to put any blank in the community name string Any printable character is allowable The community name for each function works independently Each function has its own community name Say the community name for GET only works for GET function and can t be applied to other function such as SET and Trap
164. he trap event and alarm message can be transferred via e mail Supports diagnostics to let administrator knowing the hardware status Supports loop detection to protect the switch crash when the networking has looping issue HTTP and TFTP for firmware upgrade system log upload and configuration file import export Supports remote boot the device through user interface and SNMP Supports NTP network time synchronization and daylight saving Supports 120 event log records in the main memory and display on the local console 11 1 4 View of SW24GF Fig 1 1 Full View of SW24GF 1 4 1 User Interfaces on the Front Panel Button LEDs and Plugs There are 8 TP Gigabit Ethernet ports and 24 SFP fiber ports for optional removable modules on the front panel of the switch LED display area locating on the left side of the panel contains a Power LED which indicates the power status and 24 ports working status of the switch One RS 232 DB 9 interface is offered for configuration or management cee uno Mignon Mayen lt wt did MRE T Fiber Port Status Indication LEDs SFP Fiber Port RESET Button RESET button is used to reset the management system Fig 1 2 Front View of SW24GF LED Indicators LED Color Function System LED POWER Green _ Lit when 5V DC power is on and good 10 100 1000Ethernet TP Port 1 to 8 LED Lit when connection with remote device is good LINK ACT Green Blinks when any traffic is pre
165. header and are a multiple of 8 bits in length Currently defined options include kind indicated in octal 0 End of option list 1 No Operation Range Any 0 1 Any Including all IP protocol value case 0 The IP protocol value is 0 1 The IP protocol value is 1 IP Parameters Frame Type IPv4 and IP Protocol Filter Other IP Protocol Value Default 255 IPTTL Time To Live How many routers a datagram can pass through Each router decrements this value by 1 until it reaches 0 when the datagram is discarded This keeps misrouted datagrams from remaining on the Internet forever Range Any Non zero Zero Any Including all conditions for IPTTL Non Zero Including IPTTL is Non Zero Zero Including IPTTL is zero IP Fragment IP Fragmentation Flag Controls datagram fragmentation together with the identification field The flags indicate whether the datagram may be fragmented whether the datagram is fragmented and whether the current fragment is the final one 137 Range Any Yes No Any Including all IP fragment case Yes The ingress frame is fragmented packet No The ingress frames is not fragmented packet IP Option A list of optional specifications for security restrictions route recording and source routing Not every datagram specifies an options field Range Any Yes No Any Including all IP option case Yes The ingress frame is specified IP options No The ingress frame is not specified
166. hed and the new configuration is ready for use Click Finish to get more information Click Wizard Again to start the wizard again Fig 3 53 Set up Typical Network Application Rules 101 QoS Control List Configuration GESE 1 QCE Type Type Value Traffic Class UDP TCP Port 6970 6970 QuickTime 4 Server Low UDP TCP Port 6901 6901 MSN Messenger Phone Low UDP TCP Port 5055 5055 Yahoo Messenger Phone Low UDP TCP Port 6699 6699 Napster Low UDP TCP Pot 6970 7170 Real Audio Low Fig 3 54 Set up Typical Network Application Rules Finish QoS Control List Configuration ieee 1 QCE Type Type Y alue Traffic Class UDP TCP Port 6112 6112 Blizzard Battlenet Low UDP TCP Port 50000 50100 Fighter Ace Il Low UDP TCP Port 27910 27910 Quake2 Low UDP TCP Port 27660 27662 Quake3 Low UDP TCP Port 28800 29000 MSN Game Zone Low Fig 3 55 Set up Typical Network Application Rules Finish 102 QoS Control List Configuration DENSE i QCE Type Type Value Traffic Class UDP TCP Port 6970 6970 QuickTime 4 Server Low UDP TCP Port 6112 6112 Blizzard Battlenet Low Ethernet Type Oxffff Low VLAN ID Low UDP TCP Port O 444 Low DSCP Low Fig 3 56 Set up Typical Network Application Rules Finish Parameter description QCL QoS Control List QCL 1 24 Set up TOS Precedence Mapping Set up the traffic class mapping to the precedence part of TOS 3 bits when rece
167. hod other than None It also represents the management link status of a port which uses the None trunking method means not ready 164 3 11 2 Aggregator View Function name Aggregator View Function description To display the current port trunking information from the aggregator point of view Aggregator View None None None None None None None None oman Ook WN None n men None N None Ww None f None an None y None E oe Fig 3 146 Aggregator View Parameter description Aggregator It shows the aggregator ID from 1 to 24 of every port In fact every port is also an aggregator and its own aggregator ID is the same as its own Port No Method Show the method a port uses to aggregate with other ports Member Ports Show all member ports of an aggregator port Ready Ports Show only the ready member ports within an aggregator port 165 3 11 3 ACP System Priority Function name LACP System Priority Function description It is used to set the priority part of the LACP system ID LACP will only aggregate together the ports whose peer link partners are all on a single system Each system supports LACP will be assigned a globally unique System Identifier for this purpose A system ID is a 64 bit field comprising a 48 bit MAC Address and 16 bit priority value The System Priority can be set by the user Its ran
168. ible value None Example SW24GF time show Current Time Thu Thu 14 15 04 03 2005 297 NTP Server 209 81 9 7 Timezone GMT 8 00 Day light Saving 0 Hours Day light Saving Start Mth 1 Day 1 Hour 0 Day light Saving End Mth 1 Day 1 Hour 0 SW24GF time trunk de trunk Syntax del trunk lt port range gt Description To delete the trunking port Argument lt port range gt port range syntax 1 5 7 available from 1 to 24 Possible value lt port range gt 1 to 24 Example SW24GF trunk del trunk 1 set priority Syntax set priority lt range gt Description To set up the LACP system priority Argument lt range gt available from 1 to 65535 Possible value lt range gt 1 to 65535 default 32768 Example SW24GF trunk set priority 33333 set trunk Syntax set trunk lt port range gt lt method gt lt group gt lt active LACP gt Description To set up the status of trunk including the group number and mode of the trunk as well as LACP mode Argument lt port range gt port range syntax 1 5 7 available from 1 to 24 lt method gt static adopt the static link aggregation lacp adopt the dynamic link aggregation link aggregation control protocol lt group gt 1 8 lt active LACP gt active set the LACP to active mode passive set the LACP to passive mode Possible value 298 lt port range gt 1 to 24 lt method gt static lacp
169. ication server shown in Fig 3 53 Supplicant It is an entity being authenticated by an authenticator It is used to communicate with the Authenticator PAE Port Access Entity by exchanging the authentication message when the Authenticator PAE request to it Authenticator An entity facilitates the authentication of the supplicant entity It controls the state of the port authorized or unauthorized according to the result of authentication message exchanged between it and a supplicant PAE The authenticator may request the supplicant to re authenticate itself at a configured time period Once start re authenticating the supplicant the controlled port keeps in the authorized state until re authentication fails A port acting as an authenticator is thought to be two logical ports a controlled port and an uncontrolled port A controlled port can only pass the packets when the authenticator PAE is authorized and otherwise an uncontrolled port will unconditionally pass the packets with PAE group MAC address which has the value of 01 80 c2 00 00 03 and will not be forwarded by MAC bridge at any time Authentication server A device provides authentication service through EAP to an authenticator by using authentication credentials supplied by the supplicant to determine if the supplicant is authorized to access the network resource 149 Supplicant s pone eee eee ee The overview of operation flow for the Fig 3 53 is qu
170. if you set this function Enable When enabled the switch will issue the request to the DHCP server resided in the network to get an IP address If DHCP server is down or does not exist the switch will issue the request and show IP address is under requesting until the DHCP server is up Before getting an IP address from DHCP server the device will not continue booting procedures If set this field Disable you ll have to input IP address manually For more details about IP address and DHCP please see the Section 2 1 5 IP Address Assignment in this manual Default Disable 41 IP address Users can configure the IP settings and fill in new values if users set the DHCP function Disable Then click lt Apply gt button to update When DHCP is disabled Default 192 168 1 1 If DHCP is enabled this field is filled by DHCP server and will not allow user manually set it any more Subnet mask Subnet mask is made for the purpose to get more network address because any IP device in a network must own its IP address composed of Network address and Host address otherwise can t communicate with other devices each other But unfortunately the network classes A B and C are all too large to fit for almost all networks hence subnet mask is introduced to solve this problem Subnet mask uses some bits from host address and makes an IP address looked Network address Subnet mask number and host address It is shown i
171. ig 3 155 Instance Config 177 Parameter description Priority The priority parameter used in the CIST Common and Internal Spanning Tree connection 0 4096 8192 12288 16384 20480 24576 28672 32768 36864 40960 45056 49152 53248 57344 61440 MAX Age 6 40sec The same definition as in the RSTP protocol Forward Delay 4 30sec The same definition as in the RSTP protocol MAX Hops 6 40sec It s a new parameter for the multiple spanning tree protocol It is used in the internal spanning tree instances CIST Remaining Hops or MSTI Remaining Hops in the Spanning tree protocol message would decreased by one when the message is propagated to the neighboring bridge If the Remaining Hops in a message is zero the message BPDU would be regarded as invalid Max Hops is used to specify the initial value of the Remaining Hops for Regional Root Bridge Either CIST Regional Root or MSTI Regional Root Port Config of Instance 0 Hello Admin Admin Restricted Restricted Mcheck pe con role tae ar Pee a ee Migration Port Config Check Auto 128 Auto 128 Auto 128 Auto 128 Auto 128 Auto 128 128 Auto 128 Auto 128 Auto Eq Eg EJ Ey Eal E Ey 128 Auto ET 0 0 0 0 0 0 0 0 0 0 0 128 NUN TIN IN NTN IN IN NM NIN
172. ig 3 62 Set up VLAN Tag Priority Mapping Finish 106 3 7 SNMP Configuration Any Network Management System NMS running the Simple Network Management Protocol SNMP can manage the Managed devices equipped with SNMP agent provided that the Management Information Base MIB is installed correctly on the managed devices The SNMP is a protocol that is used to govern the transfer of information between SNMP manager and agent and traverses the Object Identity OID of the management Information Base MIB described in the form of SMI syntax SNMP agent is running on the switch to response the request issued by SNMP manager Basically it is passive except issuing the trap information The switch supports a switch to turn on or off the SNMP agent If you set the field SNMP Enable SNMP agent will be started up All supported MIB OIDs including RMON MIB can be accessed via SNMP manager If the field SNMP is set Disable SNMP agent will be de activated the related Community Name Trap Host IP Address Trap and all MIB counters will be ignored Function name SNMP Configuration Function description This function is used to configure SNMP settings community name trap host and public traps as well as the throttle of SNMP A SNMP manager must pass the authentication by identifying both community names then it can access the MIB information of the target device So both parties must have the same community name Once completing t
173. ime in seconds Available value 1 65535 sec Fast Leave To evoke the port to become a Fast leave port in IGMP snooping service Router ports To evoke the port to become a Router port in IGMP snooping service Apply To save the configuration to switch memory 188 3 15 4 Group Membership Function name Group Membership Function description To show the IGMP group members information the you can edit the parameters for IGMP groups and members in the web user interface IGMP Group Membership Port Members Group index sarees 0 2 2 2 4 5 6 7 2 9 20 22 12 13 14 15 6 17 28 Next Page Fig 3 163 IGMP Group Membership Parameter description Index To display the IGMP group membership index information Group Address The switch supports managed valid IGMP Group membership IP Address range It will show effective IP range The valid range is 224 0 0 0 239 255 255 255 VLAN ID The switch supports two kinds of options for managed valid VLAN VID including Any and Custom Default is Any When you choose Custom you can fill in VID number The valid VID range is 1 4094 Port The switch supports two kinds of options for managed valid port range including Any and Custom Default is Any You can select the ports that you would like them to be worked and restricted in the allowed group configuration if Custom had been chosen Previous Page To
174. ion To show port status Argument instance id 0 gt CIST 1 4095 gt MSTI Possible value lt instance id gt 0 gt CIST 1 4095 gt MSTI Example SW24GF mstp show ports 0 show region info tru tru tru tru tru tru tru tru Uru tru tru tru Uru tru tru tru tru tru tru tru Uru tru tru 270 oo o00 09 OOD ODO 0 0 0D 0 e a a e N a a o a OD OD O aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut aut Os Or OOO O O40 5Or Or O40 On G a Or Oe O40 Or Gi 9 10 false false false false false false true true true true true false false false false true true true true true true true true Doete eeo true true true true true true true false false false false Syntax show region info Description To show region config Argument none Possible value none Example SW24GF mstp show region info Name test2 Revision 30000 Instances 0 SW24GF mstp show vlan map Syntax show vlan map lt instance id gt Description To show vlan mapping of an instance Argument lt nstance id gt 0 gt CIST 1 4095 gt MSTI Possible value lt instance id gt 0 gt CIST 1 4095 gt MSTI Example SW24GF mstp show vlan map 0 instance 0 has those vlans 0 4095 SW24GF mstp policy add Syntax add name lt value gt ip lt value gt port lt value gt type
175. ion Edge Ports will immediately transit to forwarding state and skip the listening and learning state because the edge ports cannot create bridging loops in the network This will expedite the convergence When the link on the edge port toggles the STP topology keeps unchanged Unlike the designate port or root port though an edge port will transit to a normal spanning tree port immediately if it receives a BPDU Default No Admin Point To Point We say a port is a point to point link from RSTP s view if it is in full duplex mode but is shared link if it is in half duplex mode RSTP fast convergence can only happen on point to point links and on edge ports This can expedite the convergence because this will have the port fast transited to forwarding state 172 There are three parameters Auto True and False used to configure the type of the point to point link If configure this parameter to be Auto it means RSTP will use the duplex mode resulted from the auto negotiation In today s switched networks most links are running in full duplex mode For sure the result may be half duplex in this case the port will not fast transit to Forwarding state If it is set as True the port is treated as point to point link by RSTP and unconditionally transited to Forwarding state If it is set as False fast transition to Forwarding state will not happen on this port Default Auto M Check Migration Check It forces the port se
176. iority and Weighted Fair Default is Strict Priority After you choose any of Scheduling Method please click Apply button to be in operation Queue Weighted There are four queues per port and four classes weighted number 1 2 4 8 for each queues you can select the weighted number when the scheduling method be set to Weighted Fair mode 87 3 6 2 Qos Control List Function name Qos Control List Configuration Function description The switch support four QoS queues per port with strict or weighted fair queuing scheduling There are 24 QoS Control Lists QCL for advance programmable QoS classification based on IEEE 802 1p Ether Type VID IPv4 IPv6 DSCP and UDP TCP ports and ranges QoS Control List Configuration QCcL 1 S QCE Type Type Value Traffic Class Ethernet Type Oxffiff Low VLAN ID 1 Low UDP TCP Port O 65535 Low DSCP 63 Low OG OG o DSCP Q ToS OO Yolo Tag Priority G x Fig 3 35 Insert an entry Move up this entry Delete this entry Edit this entry Move down this entry 88 QCE Configuration The QCL consists of 12 QoS Control Entries QCEs that are searched from the top of the list to the bottom of the list for a match The first matching QCE determines the QoS classification of the frame The QCE ordering is therefore important for the resulting QoS classification algorithm If no matching QCE is found the default QoS class is u
177. is port can now contribute its learning knowledge but cannot forward packets still FORWARDING state indicates this port can both contribute its 171 learning knowledge and forward packets normally Path Cost Status It is the contribution value of the path through this port to Root Bridge STP algorithm determines a best path to Root Bridge by calculating the sum of path cost contributed by all ports on this path A port with a smaller path cost value would become the Root Port more possibly Configured Path Cost The range is 0 200 000 000 In the switch if path cost is set to be zero the STP will get the recommended value resulted from auto negotiation of the link accordingly and display this value in the field of Path Cost Status Otherwise it may show the value that the administrator set up in Configured Path Cost and Path Cost Status 802 1w RSTP recommended value Valid range 1 200 000 000 10 Mbps 2 000 000 100 Mbps 200 000 1 Gbps 20 000 Default 0 Priority Priority here means Port Priority Port Priority and Port Number are mixed to form the Port ID Port IDs are often compared in order to determine which port of a bridge would become the Root Port The range is 0 240 Default is 128 Admin Edge Port If user selects Yes this port will be an edge port An Edge Port is a port connected to a device that knows nothing about STP or RSTP Usually the connected device is an end stat
178. ite simple When Supplicant PAE issues a request to Authenticator PAE Authenticator and Supplicant exchanges authentication message Then Authenticator passes the request to RADIUS server to verify Finally RADIUS server replies if the request is granted or denied While in the authentication process the message packets encapsulated by Extensible Authentication Protocol over LAN EAPOL are exchanged between an authenticator PAE and a supplicant PAE The Authenticator exchanges the message to authentication server using EAP encapsulation Before successfully authenticating the supplicant can only touch the authenticator to perform authentication message exchange or access the network from the uncontrolled port Authentication System Authenticator s System Services Offered by Authenticator Authenticator e g Bridge Relay PAE Supplicant Authentication PAE Server Controlled port Uncontrolled port Port Authorize a MAC Enable eee Fig 3 53 In the Fig 3 54 this is the typical configuration a single supplicant an authenticator and an authentication server B and C is in the internal network D is Authentication server running RADIUS switch at the central location acts Authenticator connecting to PC A and Ais a PC outside the controlled port running Supplicant PAE In this case PC A wants to access the services on device B and C first it must exchange the authentication message wit
179. iving IPv4 IPv6 packets Co TOS Precedence 1 Class TOS Precedence 2 Class TOS Precedence 3 Class TOS Precedence 4 Class TOS Precedence 6 Class Cancel lt Back Next gt Fig 3 57 Set up TOS Precedence Mapping 103 Parameter description QCL ID QoS Control List QCL 1 24 TOS Precedence 0 7 Class Low Normal Medium High Finished The QCL configuration wizard is finished and the new configuration is ready for use Click Finish ta get more information Click Wizard Again to start the wizard again Fig 3 58 Set up TOS Precedence Mapping QoS Control List Configuration Och i D QCE Type Type Value Traffic Class OC Fig 3 59 Set up TOS Precedence Mapping Finish 104 Set up VLAN Tag Priority Mapping Set up the traffic class mapping to the user priority value 3 bits when receiving VLAN tagged packets Fig 3 60 Set up VLAN Tag Priority Mapping Parameter description QCL ID QoS Control List QCL 1 24 Tag Priority 0 7 Class Low Normal Medium High Finished The QCL configuration wizard is finished and the new configuration is ready for use Click Finish to get more information Click Wizard Again to start the wizard again Fig 3 61 Set up VLAN Tag Priority Mapping 105 QoS Control List Configuration GENES i D QCE Type Type Value Traffic Class Tag Priority oe A F
180. ixed mode lt 2 gt set registrar as forbidden mode Possible value lt range gt 1 to 24 lt 0 1 2 gt normal or fixed or forbidden Example SW24GF gvrp set registrar 1 5 fixed set restricted Syntax set restricted lt port gt lt 0 1 2 gt Description To set the restricted mode for each port Argument lt port gt port range syntax 1 5 7 available from 1 to 24 lt 0 gt set restricted normal lt 1 gt set restricted fixed lt 2 gt set restricted forbidden Possible value lt port gt 1 to 24 lt 0 1 2 gt normal fixed or forbidden Example SW24GF gvrp set restricted 1 10 1 SW24GF gvrp show config 242 GVRP state Enable Port Join Time Leave Time LeaveAll Time Applicant Registrar Restricted 1 20 60 000 orma orma Enable 2 20 60 000 orma orma Enable 3 20 60 000 orma orma Enable 4 20 60 000 orma orma Enable 5 20 60 000 orma orma Enable 6 20 60 000 orma orma Enable 7 20 60 000 orma orma Enable 8 20 60 000 orma orma Enable 9 20 60 000 orma orma Enable 10 20 60 000 orma orma Enable 22 20 60 1000 Normal Normal Disable 23 20 60 1000 Normal Normal Disable 24 20 60 1000 Normal Normal Disable set timer Syntax set timer lt port gt lt JoinTime gt lt leaveTime gt lt leaveAllTime gt Description To set gvrp join time leave time and leaveall time for each port Argument lt port gt port range syntax 1 5 7 available from 1 to 24
181. k to previous step Back Back to previous screen 97 Set up Policy Rules Group ports into several types according to different OCL policies Port Members QcLID 1 2 34 eS 0 2 13 14 15 16 17 18 19 20 21 22 23 24 Fig 3 46 Set up Port Policies Parameter description QCL ID QoS Control List QCL 1 24 Port Member Port Member 1 24 Finished The QCL configuration wizard is finished and the new configuration is ready for use Click Finish to get more information Click Wizard Again to start the wizard again Fig 3 47 Set up Port Policies Parameter description Wizard Again Click on the lt Wizard Again gt back to QCL Configuration Wizard Finish When you click on lt Finish gt the parameters will be set according to the wizard configuration and shown on the screen then ask you to click on lt Apply gt for changed parameters confirmation 98 Port QoS Configuration Number of Classes 4 x Port Default Class Queuing Mode Queue Weighted Low Normal Medium High Strict Priority Strict Priority Strict Priority Strict Priority Strict Priority Strict Priority Strict Priority Strict Priority ralicallicallik aici AAA Fig 3 48 Set up Port Policies Finish Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control by selecting the network ap
182. ket is dropped If the DHCP packet is from a client such as a DISCOVER REQUEST INFORM DECLINE or RELEASE message the packet is forwarded if MAC address verification is disabled However if MAC address verification is enabled then the packet will only be forwarded if the client s hardware address stored in the DHCP packet is the same as the source MAC address in the Ethernet header If the DHCP packet is not a recognizable type it is dropped Ifa DHCP packet from a client passes the filtering criteria above it will only be forwarded to trusted ports in the same VLAN Ifa DHCP packet is from server is received on a trusted port it will be forwarded to both trusted and un trusted ports in the same VLAN 3 17 3 DHCP Snooping Client Function name DHCP Snooping Client Function description To show the DHCP snooping client DHCP Snooping Client a E E E E E Fig 3 17 2 DHCP Snooping Client Parameter description MAC To show the DHCP snooping client s MAC address VID To show the DHCP snooping client s VLAN ID Port To show the DHCP snooping client s port IP To show the DHCP snooping client s IP address Lease To show the DHCP snooping client s lease 3 18 LLDP The switch supports the LLDP For current information on your switch model 199 The Link Layer Discovery Protocol LLDP provides a standards based method for enabling switches to advertise themselves to adjacent devices and to learn ab
183. l ports counter information at the same time Each data field has 20 digit long If the counting is overflow the counter will be reset and restart counting The data is updated every time interval defined by the user The Refresh Interval is used to set the update frequency Function name Simple Counter Function description Display the summary counting of each port s traffic including Tx Byte Rx Byte Tx Packet Rx Packet Tx Collision and Rx Error Packet Port Statistics Overview Anmosheh P Port f Packets Bytes aa ee eee ae Se a a S S a 886 493 1303805 1240969 A w 4855 ERREBEEREEREREB En umen m soocooocooococoeocoseocoscoosocossocong coooooococooscooroocoocooscoscoo s cooooooocoeoceoccececocceccecso ocoooooocooccoeceor CO ceoccece sc ooooocoocooocoocecococcocoocooecscococccso ooooocoocooooocscccooocescecccecceae oooooocoocooeocccocoeceececcecococs ooooocoocoeooooceoccocooeoeoceceocsesno Fig 3 15 Parameters description Packet Transmit The counting number of the packet transmitted Receive The counting number of the packet received Bytes Transmit 57 Total transmitted bytes Receive Total received bytes Error Transmit Number of bad packets transmitted Receive Number of bad packets received Drops Transmit Number of packets transmitted drop Receive Number of packets received drop Auto refresh The simple counts will be refreshed automatically on the
184. led 0 6 14 Permit Disabled Disabled x 0 7 1 Permit Disabled Disabled 0 8 1 Permit Disabled Disabled x 0 9 1 Permit Disabled Disabled 0 10 1 Permit Disabled Disabled 0 11 1 Permit tv Disabled x Disabled 0 12 1 Permit Disabled x Disabled sdl 0 Parameter description 109 Port Port number 1 24 Policy ID Policy ID range 1 8 Action Permit or Deny forwarding the met ACL packets Rate Limiter ID Disabled Disable Rate Limitation Rate Limiter ID Range 1 16 To select one of rate limiter ID for this port it will limit met ACL packets by rate limiter ID configuration Port Copy Disabled Disable to copy the met ACL packets to specific port Port number 1 24 Copy the met ACL packets to the selected port Counter The counter will increase from initial value 0 when this port received one of the met ACL packet the counter value will increase 1 110 3 8 2 Rate Limiters Function name ACL Rate Limiter Configuration Function description There are 16 rate limiter ID You can assign one of the limiter ID for each port The rate limit configuration unit is Packet Per Second pps ACL Rate Limiter Configuration Rate Limiter ID Rate pps 1 2 3 4 5 6 7 8 g CIS S S SIL SIL EIEI CI EMEI EEIEIEE Parameter description Rate Limiter ID ID Range 1 16 Rate pps 1 2 4 8 16 32 64 128
185. lias MAC alias name you assign Note If there are too many MAC addresses learned in the table we recommend you inputting the MAC address and alias name directly 78 3 4 5 MAC Table Function name Dynamic MAC Table Function Description Display the static or dynamic learning MAC entry and the state for the selected port Dynamic MAC Table Port Members Type VLAN MAC Address 123456789 101112131415 16 17 18 19 20 21 22 23 24 Dynamic Dynamic 1 00 02 B3 B1 01 C1 1 1 00 06 29 D5 80 35 1 Dynamic 1 00 0D 60 EC 68 74 1 Dynamic 1 00 40 C7 EA 50 57 1 Dynamic 1 00 40 C7 EE 00 DE Dynamic 1 00 60 6E CF 1F 94 1 Dynamic 1 88 62 37 89 52 36 1 Static Se A lost a a E e eE a a r e E A A gd 7x el Fig 3 30 Parameter description Type Dynamic or Static VLAN VLAN identifier This will be filled only when tagged VLAN is applied Valid range is 1 4094 MAC address Display the MAC address of one entry you selected from the searched MAC entries table Port The port that exists in the searched MAC Entry Refresh Refresh function can help you to see current MAC Table status Clear To clear the selected entry Previous Page Move to the previous page Next Page Move to the next page 79 3 5 GVRP GVRP is an application based on Generic Attribute Registration Protocol GARP mainly used to automatically and dynamically maintain the group membership information of the VLANs The GVRP offers the function provi
186. memory You have to reboot the switch for new firmware take effect after the firmware upgrade successfully Firmware Update Browse Upload Fig 3 175 Firmware Update 212 3 23 Logout You can manually logout by performing Logout function In the switch it provides another way to logout You can configure it to logout automatically Function name Logout Function description The switch allows you to logout the system to prevent other users from the system without the permission If you do not logout and exit the browser the switch will automatically have you logout in five minutes Besides this manually logout Parameter description Logout Click on lt Logout gt to leave the web UI management function Press Logout if you want to quit Fig 3 176 Logout 213 4 Operation of CLI Management 4 1 CLI Management Refer to Chapter 2 for basic installation The following description is the brief of the network connection Locate the correct DB 9 null modem cable with female DB 9 connector Null modem cable comes with the management switch Refer to the Appendix B for null modem cable configuration Attach the DB 9 female connector to the male DB 9 serial port connector on the Management board Attach the other end of the DB 9 cable to an ASCII terminal emulator or PC Com 1 2 port For example PC runs Microsoft Windows HyperTerminal utility At Com Port Properties Menu configur
187. mit 0 0 0 24 1 permit 0 0 0 rate limiter rate pps 1 1 2 1 3 1 4 1 5 1 SW24GF acl delete Syntax delete lt index gt Description To delete the ACE Access Control Entry configuration on the switch Argument lt index gt the access control rule index value Possible value None Example SW24GF acl delete 1 SW24GF acl 231 move Syntax move lt index1 gt lt index2 gt Description To move the ACE Access Control Entry configuration between index1 and index2 Argument None Possible value None Example SW24GF account move 1 2 policy Syntax policy lt policy gt lt ports gt Description To set acl port policy on switch Argument lt policy gt 1 8 lt ports gt 1 24 Possible value lt policy gt 1 8 lt ports gt 1 24 Example SW24GF acl policy 3 10 SW24GF acl ratelimiter Syntax ratelimiter lt id gt lt rate gt Description To set access control rule with rate limiter on switch Argument lt id gt 1 16 lt rate gt 1 2 4 8 16 32 64 128 256 512 1000 2000 4000 8000 16000 32000 64000 128000 256000 512000 1024000 Possible value lt id gt 1 16 lt rate gt 1 2 4 8 16 32 64 128 256 512 1000 2000 4000 8000 16000 32000 64000 128000 256000 512000 1024000 Example SW24GF acl ratelimiter 3 16000 SW24GF acl 232 set Syntax set lt index gt lt next index gt switc
188. mode 50 125um IEEE 802 3z Pane Modal Modal Gigabit Ethernet Distance i Distance 1000SX 850nm Bandwidth Bandwidth 160MHz Km 220m 400MHz Km 500m 200MHz Km 275m 500MHz Km 550m Single mode Fiber 9 125um 1000Base A LX LHX XD ZX Single mode transceiver 1310nm 10Km Single mode transceiver 1550nm 30 50Km Single Mode TX Transmit 1310nm 1000Base LX 20Km RX Receive 1550nm Single Fiber 211D1E K0 Single Mode TX Transmit 1550nm 20Km RX Receive 1310nm Table2 1 17 2 1 3 3 Switch Cascading in Topology e Takes the Delay Time into Account Theoretically the switch partitions the collision domain for each port in switch cascading that you may up link the switches unlimitedly In practice the network extension cascading levels amp overall diameter must follow the constraint of the IEEE 802 3 802 3u 802 3z and other 802 1 series protocol specifications in which the limitations are the timing requirement from physical signals defined by 802 3 series specification of Media Access Control MAC and PHY and timer from some OSI layer 2 protocols such as 802 1d 802 1q LACP and so on The fiber TP cables and devices bit time delay round trip are as follows 1000Base X TP Fiber 100Base TXTP 100Base FX Fiber Round trip Delay 4096 Round trip Delay 512 Cat 5 TP Wire 11 12 m Cat 5 TP Wire Fiber Cable 10 10 m TP to fiber Converter 56 Bit Time unit 1ns 1sec 1000 Mega bit Bit Time unit
189. n 112 ACE Configuration Action Permit Disabled Disabled counter Policy 7 MAC Paramet Policy 8 DMAC Filter VLAN Parameters RECESS any l Tag Priority Any Fig 3 67 Ingress Port Access Control List Configuration Ingress Port Frame Type Action Rate Limiter Port Copy Counters a mn Any IPv4 Permit Any Disabled Any ARP Permit Any Disabled Any EType Permit Any Disabled pa pat N Any Any Permit Any Disabled OA OOA Ao ogo OA Fig 3 68 Parameter description Frame Type Range Any Ethernet Type ARP IPv4 Any It is including all frame type Ethernet Type It is including all Ethernet frame type ARP It is including all ARP protocol frame type IPv4 It is including all IPv4 protocol frame type 113 ACE Configuration aa O Lee Frame Type any M Rate Limiter Disabled v Any Port Copy Disabled oo Counter ARP Counter IPv4 MAC Parameters VLAN Parameters DMAC Filter Any VLAN ID Filter Any Tag Priority Any Fig 3 69 Frame Type ACE Configuration Ingress Port Any v Action Ethernet Type Disabled y Port Copy Disabled MAC Parameters VLAN Parameters SMAC Filter Any v VLAN ID Filter Any v DMAC Filter Any Tag Priority Any v Ethernet Type Parameters EtherType Filter Apply Fig 3 70 114 MAC Parameters Specific 00 00
190. n name MAC Address Table Information Function Description This function can allow the user to set up the processing mechanism of MAC Table An idle MAC address exceeding MAC Address Age out Time will be removed from the MAC Table The range of Age out Time is 10 1000000 seconds and the setup of this time will have no effect on static MAC addresses In addition the learning limit of MAC maintenance is able to limit the amount of MAC that each port can learn MAC Address Table Configuration Aging Configuration Disable automatic aging C MAC Table Learning Fig 3 26 Parameter description Aging Time Delete a MAC address idling for a period of time from the MAC Table which will not affect static MAC address Range of MAC Address Aging Time is 10 1000000 seconds The default Aging Time is 300 seconds Disable automatic aging Stop the MAC table aging timer the learned MAC address will not age out automatically 74 Auto Enable this port MAC address dynamic learning mechanism Disable Disable this port MAC address dynamic learning mechanism only support static MAC address setting Secure Disable this port MAC address dynamic learning mechanism and copy the dynamic learning packets to CPU Save Save MAC Address Table configuration Reset Reset MAC Address Table configuration 75 3 4 2 Static Filter Function name Static Filter Function Description Static Filter is a function that denies the
191. n the following figure This reduces the total IP number of a network able to support by the amount of 2 power of the bit number of subnet number 2 bit number of subnet number 32 bits tO FFF Network ID Hos Network 10 Subnet number Subnet mask is used to set the subnet mask value which should be the same value as that of the other devices resided in the same network it attaches For more information please also see the Section 2 1 5 IP Address Assignment in this manual Default 255 255 255 0 Default gateway Set an IP address for a gateway to handle those packets that do not meet the routing rules predefined in the device If a packet does not meet the criteria for other pre defined path it must be forwarded to a default router on a default path This means any packet with undefined IP address in the routing table will be sent to this device unconditionally Default 192 168 1 254 42 DNS It is Domain Name Server used to serve the translation between IP address and name address The switch supports DNS client function to re route the mnemonic name address to DNS server to get its associated IP address for accessing Internet User can specify a DNS IP address for the switch With this the switch can translate a mnemonic name address into an IP address There are two ways to specify the IP address of DNS One is fixed mode which manually specifies its IP address the other is dynamic mo
192. nce Syntax show instance lt instance id gt Description To show instance status Argument lt instance id gt 0 gt CIST 1 4095 gt MST Possible value lt instance id gt 0 gt CIST 1 4095 gt MST Example SW24GF mstp show instance 0 mstp status enabled force version 2 instance id 0 bridge max age 20 bridge forward delay 15 bridge max hops 20 instance priority 4096 bridge mac 00 40 c7 5e 00 09 CIST ROOT PRIORITY 4096 CIST ROOT MAC 00 40 c7 5e 00 09 CIST EXTERNAL ROOT PATH COST 0 CIST ROOT PORT ID 0 CIST REGIONAL ROOT PRIORITY 4096 CIST REGIONAL ROOT MAC 00 40 c7 5e 00 09 CIST INTERNAL ROOT PATH COST 0 CIST CURRENT MAX AGE 20 CIST CURRENT FORWARD DELAY 15 TIME SINCE LAST TOPOLOGY CHANGE SECs 2569 TOPOLOGY CHANGE COUNT SECs 0 SW24GF mstp show pconf 269 Syntax show pconf lt instance id gt Description To show port configuration Argument instance id 0 gt CIST 1 4095 gt MSTI Possible value lt instance id gt 0 gt CIST 1 4095 gt MSTI Example SW24GF mstp show pconf 0 set r role Se 2 0 128 2 3 0 128 2 4 0 128 2 5 0 128 2 6 0 128 2 7 0 128 2 8 0 128 2 9 0 128 2 10 0 128 2 11 0 128 2 12 0 128 2 13 0 128 2 14 0 128 2 15 0 128 2 16 0 128 2 17 0 128 2 18 0 128 2 19 0 128 2 20 0 128 2 21 0 128 2 22 0 128 2 23 0 128 2 24 0 128 2 SW24GF mstp show ports Syntax show ports lt instance id gt Descript
193. nd router Default is disable When you choose Custom you can fill in VID number The valid VID range is 1 4094 Start Address to End Address IP Range The switch supports two kinds of options for managed valid IP range you can assigned effective IP range The valid range is 224 0 0 0 239 255 255 255 Add A new entry of allowed group configuration can be created after the parameters as mentioned above had been setup and then press lt Add gt button Edit The existed entry also can be modified after pressing lt Edit gt button Delete Remove the existed entry of allowed group configuration from the allowed group 192 3 15 8 MVR Group Membership Function name MVR Group Membership Function description To show the MVR IGMP group members information the you can edit the parameters for IGMP groups and members in the web user interface MVR Group Membership Port Members Group index sires 420 2 2 3 4 5 7 2 9 20 12 12 13 2a as 16 17 19129 20 Next Page Fig 3 163 4 MVR Group Membership Parameter description Index To display the MVR group membership index information Group Address The switch supports managed valid MVR Group membership IP Address range It will show effective IP range The valid range is 224 0 0 0 239 255 255 255 MVID The switch supports two kinds of options for managed valid MVID you can fill in VID number The valid VID range is 1 4094 Po
194. nding out an RSTP BPDU instead of a legacy STP BPDU at the next transmission The only benefit of this operation is to make the port quickly get back to act as an RSTP port Click lt M Check gt button to send a RSTP BPDU from the port you specified 173 3 13 MSTP The implementation of MSTP is according to IEEE 802 1Q 2005 Clause 13 Multiple Spanning Tree Protocol MSTP allows frames assigned to different VLANs to follow separate paths each based on an independent Multiple Spanning Tree Instance MSTI within Multiple Spanning Tree MST Regions composed of LANs and or MST Bridges Proper configuration of MSTP in an 802 1Q VLAN environment can ensure a loop free data path for a group of vians within an MSTI Redundant path and load balancing in vlan environment is also achieved via this feature A spanning tree instance called CIST Common and Internal Spanning Tree always exists Up to 64 more spanning tree instances MSTIs can be provisioned 3 13 1 Status Function name MSTP State Function description To enable or disable MSTP And to select a version of Spanning Tree protocol which MSTP should operate on MSTP State Multiple Spanning Tree PERTE Protocol Disable v Apply Fig 3 151 MSTP State Parameter description Multiple Spanning Tree Protocol Disabled Enabled Force Version STP RSTP MSTP 174 3 13 2 Region Config Function name MSTP Region Config Function description To config
195. ne Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt timer range 1 65535 Possible value lt port range gt 1 to 24 lt value gt 1 65535 default is 30 Example SW24GF 802 1X set serverTimeout 2 30 225 set auth server Syntax set auth server lt ip address gt lt udp port gt lt secret key gt Description To configure the settings related with 802 1X Radius Server Argument lt ip address gt the IP address of Radius Server lt udp port gt the service port of Radius Server Authorization port lt secret key gt set up the value of secret key and the length of secret key is from 1 to 31 Possible value lt udp port gt 1 65535 default is 1812 Example SW24GF 802 1X set auth server 192 168 1 115 1812 WinRadius set suppTimeout Syntax set suppTimeout lt port range gt lt value gt Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTimeout or serverTimeout as determined by the operation of the Backend Authentication state machine Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt timer range 1 65535 Possible value lt port range gt 1 to 24 lt value gt 1 65535 default is 30 Example SW24GF 802 1X
196. ng Tree Protocol Supports IEEE 802 1w Rapid Spanning Trees Supports IEEE 802 1s Multiple Spanning Trees Supports IEEE 802 1X port based network access control Supports ACL to classify the ingress packets to do permit deny rate limit actions Supports QCL to classify the ingress packets for priority queues assignment Supports IP MAC Binding function to prevent spoofing attack Supports IP Multicasting to implement IGMP Snooping function Supports 802 1p Class of Service with 4 level priority queuing Supports 802 3ad port trunking with flexible load distribution and failover function Supports ingress port security mode for VLAN Tagged and Untagged frame process Supports SNMP MIB2 and RMON sampling with sampled packet error indication 308 Hardware Specifications Standard Compliance EEE802 3 802 3ab 802 32 802 3u 802 3x Network Interface 10 100 1000Mbps Gigabit TP NWay TP RJ 45 1 8 1000Base SX Gigabit Fiber 1000 FDX SFP 1 24 Option 1000Base LX Gigabit Fiber 1000 FDX SFP 1 24 Option 1000Base LX Single Fiber WDM BiDi 1000 FDX SFEP 1 24 Option Port 1 8 are TP SFP fiber dual media ports with auto detected function Optional SFP module supports LC or BiDi LC transceiver Transmission Mode 10 100Mbps support full or half duplex 1000Mbps support full duplex only Transmission Speed 10 100 1000Mbps for TP 1000Mbps for Fiber Full Forwarding Filtering Packet Rate PPS pa
197. ng it Uug 2 1 3 Cabling Requirements To help ensure a successful installation and keep the network performance good please take a care on the cabling requirement Cables with worse specification will render the LAN to work poorly 2 1 3 1 Cabling Requirements for TP Ports gt For Fast Ethernet TP network connection The grade of the cable must be Cat 5 or Cat 5e with a maximum length of 100 meters gt Gigabit Ethernet TP network connection The grade of the cable must be Cat 5 or Cat 5e with a maximum length of 100 meters Cat 5e is recommended 2 1 3 2 Cabling Requirements for 1000SX LX SFP Module It is more complex and comprehensive contrast to TP cabling in the fiber media Basically there are two categories of fiber multi mode MM and single mode SM The later is categorized into several classes by the distance it supports They are SX LX LHX XD and ZX From the viewpoint of connector type there mainly are LC and BIDI LC Gigabit Fiber with multi mode LC SFP module Gigabit Fiber with single mode LC SFP module 16 Gigabit Fiber with BiDi LC 1310nm SFP module Gigabit Fiber with BiDi LC 1550nm SFP module The following table lists the types of fiber that we support and those else not listed here are available upon request Multi mode Fiber Cable and Modal Bandwidth Multi mode 62 5 125um Multi
198. nity Argument None Possible value None Example SW24GF snmp disable snmp SW24GF snmp disable set ability lt lt enable gt gt Syntax enable set ability enable snmp Description The Enable here is used for the activation snmp or set community Argument None Possible value None Example SW24GF snmp enable snmp SW24GF snmp enable set ability lt lt sel gt gt Syntax set get community lt community gt set set community lt community gt set trap lt gt lt ip gt port community Description The Set here is used for the setup of get community set community trap host ip host port and trap community Argument lt gt trap number lt ip gt ip address or domain name lt port gt trap port lt community gt trap community name Possible value lt gt 1 to6 lt port gt 1 65535 Example SW24GF snmp set get community public SW24GF snmp set set community private SW24GF snmp set trap 1 192 168 1 1 162 public 287 show Syntax show Description The Show here is to display the configuration of SNMP Argument None Possible value None Example SW24GF snmp show SNMP Enable Get Community public Set Community private Enable Host 1 Host 2 Host 3 Trap Trap Trap Host Host 5 Host 6 Trap Trap Trap IP Address IP Address IP Address 4 IP Address IP Address IP Address 192 16
199. nly If the media is TP the Speed Duplex is comprised of the combination of speed mode 10 100 1000Mbps and duplex mode full duplex and half duplex The following table summarized the function the media supports Media type EN Speed Duplex 1000M TP ON OFF _ 10 100 1000M _ Full for all Half for 10 100 1000M Fiber ON OFF _ 1000M Full In Auto negotiation mode no default value In Forced mode default value depends on your setting Flow Control There are two modes to choose in flow control including Enable and Disable If flow control is set Enable both parties can send PAUSE frame to the transmitting device s if the receiving port is too busy to handle When it is set Disable there will be no flow control in the port It drops the packet if too much to handle Maximum Frame This module offer 1518 9600 Bytes length to make the long packet Excessive Collision Mode There are two modes to choose when excessive collision happen in half duplex condition as below Discard The Discard mode determines whether the MAC drop frames after an excessive collision has occurred If set a frame is dropped after excessive collisions This is IEEE Std 802 3 half duplex flow control operation Restart The Restart mode determines whether the MAC retransmits frames after an excessive collision has occurred If set a frame is not dropped after excessive collisions but the backoff sequence is res
200. nt Policy Through the management security configuration the manager can do the strict setup to control the switch and limit the user to access this switch The following rules are offered for the manager to manage the switch Rule 1 When no lists exists then it will accept all connections Rule 2 When only accept lists exist then it will deny all connections excluding the connection inside of the accepting range Rule 3 When only deny lists exist then it will accept all connections excluding the connection inside of the denying range Rule 4 When both accept and deny lists exist then it will deny all connections excluding the connection inside of the accepting range Rule 5 When both accept and deny lists exist then it will deny all connections excluding the connection inside of the accepting range and NOT inside of the denying range at the same time Accept Accept Deny Denyl Acc Deny Acc _ Deny 45 Function name Management Security Configuration Function description The switch offers Management Security Configuration function With this function the manager can easily control the
201. nt in unit of seconds since the beginning of the Spanning Tree Topology Change to the end of the STP convergence Once the STP change is converged the Topology Change count will be reset to 0 The figures showing in the screen may not be the exact time it spent but very close to because the time is eclipsing Time Since Last Topology Change Time Since Last Topology Change is the accumulated time in unit of seconds the STP has been since the last STP Topology Change was made When Topology Change is initiated again this counter will be reset to 0 And it will also count again once STP topology Change is completed 168 3 12 2 Configuration The STP Spanning Tree Protocol actually includes RSTP In the Spanning Tree Configuration there are six parameters open for the user to configure as user s idea Each parameter description is listed below Function name STP Configuration Function description User can set the following Spanning Tree parameters to control STP function enable disable select mode RSTP STP and affect STP state machine behavior to send BPDU in this switch The default setting of Spanning Tree Protocol is Disable STP Configuration Spanning Tree Protocol Disable v Bridge Priority 0 61440 Hello Time 1 10 sec Max Age 6 40 sec Forward Delay 4 30 sec Force Version Note 2 Forward Delay 1 gt Max Age Max Age gt 2 Hello Time 1 Note You will lose connec
202. ntag Syntax enable drop untag lt range gt Description To drop the untagged frames Argument lt range gt which port s you want to set syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF vlan enable drop untag 5 10 enable sym vlan Syntax enable sym vlan lt range gt Description To drop frames from the non member port Argument lt range gt which port s you want to set syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF vlan enable sym vian 5 10 302 set mode Syntax set mode lt port tag gt up link Description To set switch VLAN mode including port based and tag based modes Argument lt tag gt set tag based vlan lt port gt set port based vlan Possible value lt port tag gt port tag Example SW24GF vlan set mode Usage set mode lt port tag gt tag set tag based vlan port set port based vlan SW24GF vlan set double tag Syntax set double tag lt range gt lt 0 1 2 gt Description To set double tag per port and enable Q in Q VLAN function on switch Argument lt range gt 1 5 7 available from 1 to 24 0 disable 1 service provider port 2 customer port Possible value lt range gt 1 to 24 Example SW24GF vlan set double tag 3 1 SW24GF vlan set port group Syntax set port group lt name gt lt range gt Description To add
203. ntry information IP MAC Binding Dynamic Entry aC ES EE ees Ee eee Fig 3 140 IP MAC Binding Dynamic Entry Parameters description No The index to display the IP MAC Binding Dynamic Entry MAC T Six byte MAC Address xx xx xx XX XX XX For example 00 40 c7 00 00 01 Four byte IP Address XXX XXX XXX XXX For example 192 168 1 100 Port No Port no 1 24 VID VLAN ID 1 4094 148 3 10 802 1X Configuration 802 1X port based network access control provides a method to restrict users to access network resources via authenticating user s information This restricts users from gaining access to the network resources through a 802 1X enabled port without authentication If a user wishes to touch the network through a port under 802 1X control he she must firstly input his her account name for authentication and waits for gaining authorization before sending or receiving any packets from a 802 1 X enabled port Before the devices or end stations can access the network resources through the ports under 802 1X control the devices or end stations connected to a controlled port send the authentication request to the authenticator the authenticator pass the request to the authentication server to authenticate and verify and the server tell the authenticator if the request get the grant of authorization for the ports According to IEEE802 1X there are three components implemented They are Authenticator Supplicant and Authent
204. ny term and condition of the Agreement Upon any termination of this License for any reason Licensee shall discontinue to use the Software and shall destroy or return all copies of the Software and the related documentation GENERAL This License shall be governed by and construed pursuant to the laws of Taiwan If any portion hereof is held to be invalid or unenforceable the remaining provisions of this License shall remain in full force and effect Neither the License nor this Agreement is assignable or transferable by Licensee without Manufacture s prior written consent any attempt to do so shall be void This License constitutes the entire License between the parties with respect to the use of the Software LICENSEE ACKNOWLEDGES THAT LICENSEE HAS READ THIS AGREEMENT UNDERSTANDS IT AND AGREES TO BE BOUND BY ITS TERMS AND CONDITIONS LICENSEE FURTHER AGREES THAT THIS AGREEMENT IS THE ENTIRE AND EXCLUSIVE AGREEMENT BETWEEN MANUFACTURE AND LICENSEE iii Table of Contents CAUTION ae Boa Ree ie caste etait Sy tied ete oie eee teem Sis Selecta acts Sete Sitaes cates ae bat tect ts tue Vv ELECTRONIC EMISSION NOTICES iiien NE r E tes ince oxgetnes a E R v INTRODUCTION 8eiiescsceccesicciesssccscieasiecsensstechssiecioassaessutacsteceessvaesesentstcausebessndenslesceestbechennsetsesseses 7 1 1 OVERVIEW OBS W24GE i cscs cist coves ss sepnedbs sinc eere a a RE a e aE E E EE E E E 7 1 23 CHECKLIST EEE E E T E R 10 1 3 FEATUR S e A EE EE EAE
205. o T mac d Pore Jovo O arias o 2 3 1 00 40 C7 D6 00 01 guest Fig 3 28 Parameter description MAC It is a six byte long Ethernet hardware address and usually expressed by hex and separated by hyphens For example 00 40 C7 D6 00 01 Port No Port number of the switch It is 1 24 VID VLAN identifier This will be filled only when tagged VLAN is applied Valid range is 1 4094 Alias MAC alias name you assign 77 3 4 4 MAC Alias Function name MAC Alias Function description MAC Alias function is used to let you assign MAC address a plain English name This will help you tell which MAC address belongs to which user in the illegal access report At the initial time it shows all pairs of the existed alias name and MAC address There are three MAC alias functions in this function folder including MAC Alias Add MAC Alias Edit and MAC Alias Delete You can click lt Create Edit gt button to add modify a new or an existed alias name for a specified MAC address or mark an existed entry to delete it Alias name must be composed of A Z a z and 0 9 only and has a maximal length of 15 characters MAC Alias i o No MAC AaS 00 40 C7 D6 00 02 admin 00 40 C7 D6 00 01 guest 00 40 C7 D6 00 03 john Fig 3 29 Parameter description MAC Address It is a six byte long Ethernet hardware address and usually expressed by hex and separated by hyphens For example 00 40 C7 D6 00 01 A
206. on Function description Save the current configuration as a start configuration file in flash memory Save as Start Configuration Are you sure you want to save the current setting as Start Configuration Fig 3 167 Save as Start Configuration 3 19 3 Save User Function name Save As User Configuration Function description Save the current configuration as a user configuration file in flash memory 207 Save as User Configuration Are you sure you want to save the current setting as User Configuration Fig 3 168 Save as User Configuration 3 19 4 Restore User Function name Restore User Configuration Function description Restore User Configuration function can retrieve the previous confirmed working configuration stored in the flash memory to update start configuration When completing to restore the configuration the system s start configuration is updated and will be changed its system settings after rebooting the system Restore User Configuration Are you sure you want to restore the User Configuration Fig 3 169 Restore User Configuration 208 3 20 Export Import Function name Export Import Function description With this function user can back up or reload the configuration files of Save As Start or Save As User via TFTP Parameter description Export File Path Export Start Export Save As Start s config file stored in the flash Export User Conf Export Save
207. ool and enhance the networking management availability Others it can provide auto discovery device and topology providing MVR Multicast VLAN Registration MVR can support carrier to serve content provider using multicast for Video streaming application in the network Each content provider Video streaming has a dedicated multicast VLAN The MVR routes packets received in a multicast source VLAN to one or more receive VLANs Clients are in the receive VLANs and the multicast server is in the source VLAN Access Control List ACL The ACLs are divided into EtherTypes IPv4 ARP protocol MAC and VLAN parameters etc Here we will just go over the standard and extended access lists for TCP IP As you create ACEs for ingress classification you can assign a policy for each port the policy number is 1 8 however each policy can be applied to any port This makes it very easy to determine what type of ACL policy you will be working with IP MAC Port Binding The IP network layer uses a four byte address The Ethernet link layer uses a six byte MAC address Binding these two address types together allows the transmission of data between the layers The primary purpose of IP MAC binding is to restrict the access to a switch to a number of authorized users Only the authorized client can access the Switch s port by checking the pair of IP MAC Addresses and port number with the pre configured database If an unauthorized user tries to access an IP
208. or edit a port based VLAN group Argument lt name gt port vlan name lt range gt syntax 1 5 7 available from 1 to 24 Possible value lt range gt 1 to 24 Example SW24GF vlan set port group VLAN 1 2 5 6 15 13 303 set port role Syntax set port role lt range gt lt access trunk hybrid gt vid Description To set egress rule configure the port roles Argument lt range gt which port s you want to set syntax 1 5 7 available from 1 to 24 lt access gt Do not tag frames lt trunk gt Tag all frames lt hybrid gt Tag all frames except a specific VID lt vid gt untag vid for hybrid port Possible value lt range gt 1 to 24 lt vid gt 1 to 4094 Example SW24GF vlan set port role 5 hybrid 6 set pvid Syntax set pvid lt range gt lt pvid gt Description To set the pvid of vlan Argument lt range gt which port s you want to set PVID s syntax 1 5 7 available from 1 to 24 lt pvid gt which PVID s you want to set available from 1 to 4094 Possible value lt range gt 1 to 24 lt pvid gt 1 to 4094 Example SW24GF vlan set pvid 3 5 6 8 5 304 set tag group Syntax set tag group lt vid gt lt name gt lt range gt lt gt Description To add or edit the tag based vlan group Argument lt vid gt vlan ID range from 1 to 4094 lt name gt tag vlan name lt range gt vlan group members syntax 1 5 7 available from 1 to 24 lt gt
209. orded will be free from defects in materials under normal use for a period of twelve 12 months from date of shipment If a defect in any such media should occur during the effective warranty period the media may be returned to Manufacture then Manufacture will replace the media Manufacture shall not be responsible for the replacement of media if the failure of the media results from accident abuse or misapplication of the media EXCLUSIONS The warranty as mentioned above does not apply to the Software which 1 customer does not comply with the manual instructions offered by Manufacture in installation operation or maintenance 2 Product fails due to damage from unusual external or electrical stress shipment storage accident abuse or misuse 3 Product is used in an extra hazardous environment or activities 4 any serial number on the Product has been removed or defaced or 5 this warranty will be of no effect if the repair is via anyone other than Manufacture or the authorized agents The maximum liability of Manufacture under this warranty is confined to the purchase price of the Product covered by this warranty ii DISCLAIMER EXCEPT AS PROVIDED ABOVE THE SOFTWARE IS PROVIDED AS IS AND MANUFACTURE AND ITS LICENSORS MAKE NO WARRANTIES EXPRESS OR IMPLIED WITH REPSECT TO THE SOFTWARE AND DOCUMENTAITON MANUFACTURE AND ITS LICENSORS DISCLAIM ALL OTHER WARRANTIES INCLUSIVE OF WITHOUT LIMITATION IMPLIED WARRANTIES OR MERCHANTABI
210. ors Entries Dropped 0 Total Neighbors Entries Aged Out 0 LLDP Statistics Local Counters Tx Rx Rx Frames TLVs TLVs Age Frames Frames Errors Discarded Discarded Unrecognized Outs 1 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 3 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 5 0 0 0 0 0 0 0 6 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 8 0 0 0 0 0 0 0 Fig 3 18 3 LLDP statistics Parameter description Neighbor entries were last changed at The time period which neighbor entries were be changed Total Neighbors Entries Added The total neighbors entries added be received Total Neighbors Entries Deleted The total neighbors entries deleted be received Total Neighbors Entries Dropped The total neighbors entries dropped be received Total Neighbors Entries Aged Out The total neighbors entries aged out be received Local port Show the local port on the switch 204 Tx Frames The counting number of the frames transmitted Rx Frames The counting number of the frames transmitted Frames Discarded Show the number of frame discarded TLVs Discarded Show the number of TLVs discarded TLVs Unrecognized Show the number of TLVs unrecognized Age Outs Show the number of Age Outs 205 3 19 Save Restore The switch supports three copies of configuration including the default configuration working configuration and user configuration for your configuration management All of them are listed and described below respectively Default Configuration
211. osition would move to the top mode If you use this command in the top mode you are still in the position of the top mode Argument None Possible value None Example SW24GF alarm SW24GF alarm events SW24GF alarm events end SW24GF exit Syntax exit Description Back to the previous mode When you enter this command your current position would move back to the previous mode If you use this command in the top mode you are still in the position of the top mode Argument None Possible value None Example SW24GF trunk SW24GF trunk exit SW24GF 217 help Syntax help Description To show available commands Some commands are the combination of more than two words When you enter this command the CLI would show the complete commands Besides the command would help you classify the commands between the local commands and the global ones Argument None Possible value None Example SW24GF ip SW24GF ip help Commands available set ip set dns enable dhcp disable dhcp show save start save user restore default restore user Set ip subnet mask and gateway Set dns Enable DHCP and set dns auto or manual Disable DHCP Show IP Configuration Back to the previous mode Back to the top mode Show available commands Show a list of previously run commands Logout the system Save as start config Save as user config Restore default confi
212. ou choose Y or y the IP address will restore to default 192 168 1 1 If you choose N or n the IP address will keep the same one that you had saved before If restoring default successfully the CLI would prompt if reboot immediately or not If you press Y or y the system would reboot immediately otherwise it would be back to the CLI system After restoring default configuration all the changes in the startup configuration would be lost After rebooting the entire startup configuration would reset to factory default Argument None Possible value None Example SW24GF restore default Restoring Restore Default Configuration Successfully Press any key to reboot system 220 restore user Syntax restore user Description To restore the startup configuration as user defined configuration If restoring default successfully the CLI would prompt if reboot immediately or not If you press Y or y the system would reboot immediately others would back to the CLI system After restoring user defined configuration all the changes in the startup configuration would be lost After rebooting the entire startup configuration would replace as user defined one Argument None Possible value None Example SW24GF restore user Restoring Restore User Configuration Successfully Press any key to reboot system save start Syntax save start Description To save the current configuration as the st
213. out adjacent LLDP devices 3 18 1 LLDP State Function name LLDP State Function description The LLDP state function you can set per port the LLDP configuration and the detail parameters the settings will take effect immediately LLDP Configuration LLDP Parameters SS none Tx Hold times Tx Delay Taree Je Notification Interval Optional TLVs Port Descr Sys Name SysDescr SysCapa MgmtAddr _ Notification 1 Disabled Mw i Oo 2 Disabled Y m M Fi 3 Disabled m m o 4 Disabled y M m m O 5 Disabled H H o 6 Disabled cd Fi 7 Disabled m m o 8 Disabled m M m 0 Fig 3 18 1 LLDP parameter Parameter description Tx Interval To changes the interval between consecutive transmissions of LLDP advertisements on any given port Default 30 secs Tx Hold The specifies the amount of time the receiving device holds a Link Layer Discovery Protocol LLDP packet before discarding it Default 4 times Tx Delay The specifies the delay between successive LLDP frame transmissions initiated by value status changes in the LLDP local systems MIB Default 2 secs Tx Reinit The specifies the minimum time an LLDP port waits before reinitializing LLDP transmission Default 2 secs Notification Interval A network management application can periodically check the switch MIB to detect any missed change notification traps 200 Mode Port Descr Sys Name Sys Desc
214. p memebership Argument None Possible value None Example SW24GF igmp show gm show igmpp Syntax show igmpp Description To display igmp proxy setting Argument None Possible value None 246 Example SW24GF igmp show igmpp IP disable dhcp Syntax disable dhcp Description To disable the DHCP function of the system Argument None Possible value None Example SW24GF ip disable dhcp enable dhcp Syntax enable dhcp lt manuallauto gt Description To enable the system DHCP function and set DNS server via manual or auto mode Argument lt manuallauto gt set dhcp by using manual or auto mode Possible value lt manuallauto gt manual or auto Example SW24GF ip enable dhcp manual set dns Syntax set dns lt ip gt Description To set the IP address of DNS server Argument lt ip gt dns ip address Possible value 168 95 1 1 Example SW24GF ip set dns 168 95 1 1 247 set ip Syntax set ip lt ip gt lt mask gt lt gateway gt Description To set the system IP address subnet mask and gateway Argument lt ip gt ip address lt mask gt subnet mask lt gateway gt default gateway Possible value lt ip gt 192 168 1 2 or others lt mask gt 255 255 255 0 or others lt gateway gt 192 168 1 253 or others Example SW24GF ip set ip 192 168 1 2 255 255 255 0 192 168 1 253 show Syntax
215. packet forwarding if the packet s MAC Address is listed in the filtering Static Filter table User can very easily maintain the table by filling in MAC Address VID VLAN ID and Alias fields individually User also can delete the existed entry by clicking lt Delete gt button Static Filter No SSS aaa 1 00 40 C7 D6 00 02 1 admin Fig 3 27 Parameter description MAC It is a six byte long Ethernet hardware address and usually expressed by hex and separated by hyphens For example 00 40 C7 D6 00 02 VID VLAN identifier This will be filled only when tagged VLAN is applied Valid range is 1 4094 Alias MAC alias name you assign 76 3 4 3 Static Forward Function Name Static Forward Function Description Static Forward is a function that allows the user in the static forward table to access a specified port of the switch Static Forward table associated with a specified port of a switch is set up by manually inputting MAC address and its alias name When a MAC address is assigned to a specific port all of the switch s traffics sent to this MAC address will be forwarded to this port For adding a MAC address entry in the allowed table you just need to fill in four parameters MAC address associated port VID and Alias Just select the existed MAC address entry you want and click lt Delete gt button you also can remove it Static Forward a ee T e as n
216. plication type for your rule o Audio and Video QuickTime 4 Server MSN Messenger Phone Yahoo Messenger Phone Napster i vjReal Audio o Games Blizzard Battlenet Diablo2 and StarCraft Fighter Ace Il MSN Game Zone o User Definition Ethernet Type UDP TCP Port Fig 3 49 Set up Typical Network Application Rules Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control by selecting the network application type for your rule o Audio and Video QuickTime 4 Server L MSN Messenger Phone Yahoo Messenger Phone Napster LJ Real Audio o Games Blizzard Battlenet Diablo2 and StarCraft Fighter Ace Il MSN Game Zone o User Definition Ethernet Type UDP TCP Port Fig 3 50 Set up Typical Network Application Rules 99 Set up Typical Network Application Rules Set up the specific QCL for different typical network application quality control by selecting the network application type for your rule o Audio and Video QuickTime 4 Server MSN Messenger Phone Yahoo Messenger Phone Napster Real Audio o Games
217. r Sys Capa Mgmt Addr Notification Refer to IEEE 802 1AB 2005 or later for more information Default 5 secs To enable or disable the LLDP mode per port There are four type includes Disable Tx_Rx Tx only and Rx only To evoke the outbound LLDP advertisements includes an alphanumeric string describing the port To evoke the outbound LLDP advertisements includes the system s assigned name To evoke outbound LLDP advertisements includes an alphanumeric string describing the full name and version identification for the system s hardware type software version and networking application To evoke outbound advertisements includes a bitmask of system capabilities device functions that are supported Also includes information on whether the capabilities are enabled To evoke outbound advertisements includes information on management address you can use to include a specific IP address in the outbound LLDP advertisements for specific ports To evoke outbound advertisements includes information on Notification 201 3 18 2 LLDP Entry Function name LLDP Entry Function description The LLDP Entry function allows a switch to display per port which build the LLDP available entry This information can be useful in tracking LLDP packets back to a physical port and enable or disable the LLDP LLDP Neighbor Information Auto refresh Local Chassis Remote Port System Port System Management Port ID ID Name
218. r case and 0 9 It is character sense It is not allowed for putting a blank between any two characters Default Radius Accounting Server Server IP Server Server IP address for authentication Default 192 168 1 1 UDP Port Default port number is 1812 Secret Key The secret key between authentication server and authenticator It is a string with the length 1 31 characters The character string may contain upper case lower case and 0 9 It is character sense It is not allowed for putting a blank between any two characters Default Radius 155 3 10 2 Port Configuration Function name 802 1X Port Configuration Function description This function is used to configure the parameters for each port in 802 1 X port security application Refer to the following parameters description for details 802 1X Port Configuration Port Mode Clientless Y Port Control Disabled Ss Normal Advanced 1 10 ee Clientless D 1 65535 sec 0 65535 sec reAuthPeriod 1 65535 sec maxReq 1 10 suppTimeout 1 255 sec serverlimeout 1 255 sec Fig 3 142 802 1X Port Configuration Parameter description Port It is the port number to be selected for configuring its associated 802 1X parameters which are Port control reAuthMax txPeriod Quiet Period reAuthEnabled reAuthPeriod max Request supp Timeout serverTimeout and Controlled direction Mode
219. rd Again to start the wizard again Fig 3 137 Set up Typical Network Application Rules 144 Access Control List Configuration Auto refrash Refresh Clear Ingress Port Frame Type Action Rate Limiter Port Copy Counters IPv4 DHCP Client In Deny Disabled IPv4 DHCP Client Out Deny Disabled Pv4 Google Talk In Deny Disabled IPv4 Google Talk Out Deny Disabled EType Deny Disabled IPv4 HTTPS In Deny Disabled IPv4 HTTPS Out Deny Disabled Fig 3 138 Set up Typical Network Application Rules Finish Parameter description Common Server DHCP DNS FTP HTTP IMAP NFS POP3 SAMBA SMTP TELNET TFTP Instant Messaging Google Talk MSN Messenger Yahoo Messenger User Definition Ethernet Type UDP Port TCP Port Others TCP Port ICMP Multicast IP Stream NetBIOS Ping Request Ping Reply SNMP SNMP Traps Ingress Port Any Policy1 8 Port1 24 Action Permit Deny Rate Limiter ID Disabled 1 16 145 3 9 IP MAC Binding The IP network layer uses a four byte address The Ethernet link layer uses a six byte MAC address Binding these two address types together allows the transmission of data between the layers The primary purpose of IP MAC binding is to restrict the access to a switch to a number of authorized users Only the authorized client can access the Switch s port by checking the pair of IP MAC Addresses and port number with the pre configured databas
220. rom 1 to 24 lt auto gt auto learning lt disable gt disable learning lt secure gt learn frames are discarded Example SW24GF mac table maintain set learning 1 24 auto SW24GF mac maintenance show E api ai 26 vtss_ Aging Configuration Enter into sta Age time 300mode MAC Table Learning Port Learning Mode lt lt Global commands gt 2 Auto 3 Auto 4 Auto 5 Auto 6 Auto T Auto 8 Auto 9 Auto 10 Auto 11 Auto 12 Auto 13 Auto 14 Auto 15 Auto 16 Auto 17 Auto 18 Auto 19 Auto 20 Auto 21 Auto 22 Auto 23 Auto 24 Auto show 256 Syntax show Description To display mac table maintenance Argument Noneq Possible value None Example SW24GF mac maintenance show 1 Static Aging Configuration FF 1 2 3 4 5 6 7 8 9 Age time 3004 15 16 17 1 MAC Table Learning Port Learning Mode 2 Auto Auto 4 Auto 5 Auto 6 Auto T Auto 8 Auto 9 Auto 10 Auto 11 Auto 12 Auto 13 Auto 14 Auto 15 Auto 16 Auto 17 Auto 18 Auto 19 Auto 20 Auto 21 Auto 22 Auto 23 Auto 24 Auto 257 lt lt Static mac gt gt add Syntax add lt mac gt lt port gt lt vid gt alias Description To add the static mac entry Argument lt mac gt mac address format 00 02 03 04 05 06 lt port gt 0 24 The value 0 means this entry is filtering entry lt vid gt vlan id 0 1 4094 VID must be zero if vlan mode is not tag based alias mac alias name max
221. rt The switch supports two kinds of options for managed valid port range including Any and Custom Default is Any You can select the ports that you would like them to be worked and restricted in the allowed group configuration if Custom had been chosen Previous Page To show previous page Next Page To show next page Refresh To refresh the IGMP Group membership information which caught by the switch 193 3 16 Alarm Configuration Alarm Configuration Events Configuration Email Configuration Fig 3 61 Function name Events Configuration Function description The Trap Events Configuration function is used to enable the switch to send out the trap information while pre defined trap events occurred The switch offers 24 different trap events to users for switch management The trap information can be sent out in two ways including email and trap The message will be sent while users tick M the trap event individually on the web page shown as below Parameter description Trap Cold Start Warm Start Link Down Link Up Authentication Failure User login User logout STP STP Topology Changed STP Disabled STP Enabled LACP LACP Disabled LACP Enabled LACP Member Added LACP Port Failure GVRP GVRP Disabled GVRP Enabled VLAN VLAN Disabled Port based VLAN Enabled Tag based VLAN Enabled Metro mode Vlan Enabled Double tag Vlan Enabled Module Swap Module Inserted Module
222. rt Day 01 31 HH daylight saving start Hour 00 23 mn daylight saving end Month 01 12 dd daylight saving end Day 01 31 hh daylight saving end Hour 00 23 Possible value hr 5 to 5 MM 01 12 DD 01 31 HH 00 23 mm 01 12 dd 01 31 hh 00 23 Example SW24GF time set daylightsaving 3 10 12 01 11 12 01 296 namexit 4 e from Enter into ip mode 8 Save Successfully set manual Syntax set manual lt YYYY MM DD gt lt hh mm ss gt Description To set up the current time manually Argument YYYY Year 2000 2036 MM Month 01 12 DD Day 01 31 hh Hour 00 23 mm Minute 00 59 ss Second 00 59 Possible value YYYY 2000 2036 MM 01 12 DD 01 31 hh 00 23 mm 00 59 ss 00 59 Example SW24GF time set manual 2004 12 23 16 18 00 set nip Syntax set ntp lt ip gt lt timezone gt Description To set up the current time via NTP server Argument lt ip gt ntp server ip address or domain name lt timezone gt time zone GMT range 12 to 13 Possible value lt timezone gt 12 11 0 1 13 Example SW24GF time set ntp clock via net 8 Synchronizing 1 Synchronization success show Syntax show Description To show the time configuration including Current Time NTP Server Timezone Daylight Saving Daylight Saving Start and Daylight Saving End Argument None Poss
223. rt QoS behavior Four QoS queue per port with strict or weighted fair queuing scheduling There are 24 QoS Control Lists QCL for advance programmable QoS classification based on IEEE 802 1p Ethertype VID IPv4 IPv6 DSCP and UDP TCP ports and ranges Port QoS Configuration Pek nefnt Gass GC ise vir Queen Nada Queue Weighted Low Normal Medium High 1 tow M i A 0 Strict Priority 2 Low EJ 1 ey low Strict Priority E 3 Low F E E o K Strict Priority K 4 kow 1 E o Strict Priority E 5 Low E v ov Strict Priority 6 tow HOR om Strict Priority J 7 tow HGE om Strict Priority 8 Low w w oj Strict Priority 5 9 Low 1 amp om Strict Priority 10 Low 1 A om Strict Priority 11 Low w E s om Strict Priority 12 lw MOE om Strict Priority Fig 3 34 Parameter description 86 Number of Classes 1 2 4 Port User can choose the port 1 24 respectively with Priority Class on Per Port Priority function Default Class User can set up High Priority or Low Priority for each port respectively Low Normal Medium High QCL The number of QCL rule 1 24 each port have to apply one of the QCL rule for QoS behavior User priority The user priority value 0 7 3 bits is used as an index to the eight QoS class values for VLAN tagged or priority tagged frames Queuing Mode There are two Scheduling Method Strict Pr
224. runk Group ID will be automatically set to use the None trunking method and its Group ID will turn to 0 This means the port won t aggregate with other ports b 14 ports all use LACP Trunk Group ID 1 at most 12 ports can aggregate together and transit into the ready state c A port using the None trunking method or Group ID O will be automatically set to use the None trunking method with Group ID 0 162 3 11 1 Port Function name Trunk Port Setting Status Function description Port setting status is used to configure the trunk property of each and every port in the switch system Trunk Port Setting Status Trunk Port Setting Trunk Port Status Port Method Group Activerace Aggtr Status None Active v Ready Active Y Active v Active v Active v Active v Active v Active Y Active Y None ale None None None Soo 0 SHS ISHS SIS ISSN SNS None None E won nono amp WN None None Active Y Active Y Active v Active Nj Active Y Active Ni Fig 3 145 Trunk Port Setting alel ji None lt N None j a None m po None MEIMEI EIE IE IEICE IEI EIEI EIEI EIIE Es 6 None ES None Em 15 i Ni ie m on None Parameter description Port Port Number 1 24 Method This determines the method a
225. s external to a core region of the network influencing the spanning tree active topology possibly because those bridges are not under the full control of the administrator Restricted TCN Yes No If Yes causes the Port not to propagate received topology change notifications and topology changes to other Ports This parameter is No by default If set it can cause temporary loss of connectivity after changes in a spanning trees active topology as a result of persistent incorrectly learned station location information It is set by a network administrator to prevent bridges external to a core region of the network causing address flushing in that region possibly because those bridges are not under the full control of the administrator or the status of MAC operation for the attached LANs transitions frequently Mcheck The same definition as in the RSTP specification for the CIST ports 179 Instance Status ID 0 Force Version Bridge Max Age Bridge Forward Delay Bridge Max Hops Instance Priority Bridge Mac Address CIST ROOT PRIORITY CIST ROOT MAC CIST EXTERNAL ROOT PATH COST CIST ROOT PORT ID CIST REGIONAL ROOT PRIORITY CIST REGIONAL ROOT MAC CIST INTERNAL ROOT PATH COST CIST CURRENT MAX AGE CIST CURRENT FORWARD DELAY TIME SINCE LAST TOPOLOGY CHANGE SECs MSTP State Enabled RSTP 20 15 20 32768 00 40 c7 01 02 33 32768 00 40 c7 01 02 33 0 0 32768 00 40 c7 01 02 33 0 20 15 TOPOLOGY CHAN
226. scription Location Contact Device Name System Up Time Current Time BIOS Version Firmware Version Hardware Mechanical Version Serial Number Host IP Address Host MAC Address Device Port 2 RAM Size Flash Size traplog clear Syntax clear Description To clear trap log Argument none Possible value none Example SW24GF traplog clear SW24GF traplog show No time SW24GF L2 Managed Switch SW24GF 0 Days 0 Hours 4 Mins 14 Secs Tue Jan 17 16 28 46 2006 vl 05 v2 08 vl 0l v1 01 030C02000003 192 168 1 1 00 40 c7 e7 00 10 UART 1 TP 22 Dual Media Port RJ45 SFP 16M 2M desc 295 show Syntax show Description To display the trap log Argument None Possible value None Example SW24GF tftp show 2 Mon Mar 17 15 18 38 2008gvrp mode gt lt qce type gt 6 Mon Mar 17 15 18 38 2008 Dual Media Swapped Port 5 SwapTo TP 7 Mon Mar 17 15 18 38 2008 8 Mon Mar 17 15 18 48 2008 Dual Media Swapped Port 1 SwapTo TP ge hos 3 Mon Mar 17 15 18 38 2008nto igmp mode availab Link Up Port 1 Link Up Port 5 Login admin time set daylightsaving Syntax set daylightsaving lt hr gt lt MM DD HH gt lt mm dd hh gt Description To set up the daylight saving Argument hr daylight saving hour range 5 to 5 MM daylight saving start Month 01 12 DD daylight saving sta
227. sed in the port QoS configuration QCE Configuration Ethernet Type Ox FFFF Low Fig 3 36 QCE Configuration Fig 3 38 89 QCE Configuration UDP TCP Port Specific v Fig 3 39 QCE Configuration Fig 3 40 QCE Configuration Fig 3 41 90 QCE Configuration Tag Priority Normal Fig 3 42 Parameter description QCL QCL number 1 24 QCE Type Ethernet Type VLAN ID UDP TCP Port DSCP ToS Tag Priority Ethernet Type Value The configurable range is 0x600 0xFFFF Well known protocols already assigned EtherType values The commonly used values in the EtherType field and corresponding protocols are listed below oredr 0x0808 Frame Relay ARP RFC1701 91 0x6559 Raw Frame Relay RFC1701 DRARP Dynamic RARP RARP Reverse Address Resolution Protocol 0x8035 0x8037 Novell Netware IPX 0x809B EtherTalk AppleTalk over Ethernet 0x80D5 IBM SNA Services over Ethernet AARP AppleTalk Address Resolution Protocol IEEE Std 802 1Q Customer VLAN Tag Type 0x8137 IPX Internet Packet Exchange Ox 80F3 0x8100 0x 814C SNMP Simple Network Management Protocol 0x86DD IPv6 Internet Protocol version 6 0x880B PPP Point to Point Protocol GSMP General Switch Management Protocol MPLS Multi Protocol Label Switching unicast MPLS Multi Protocol Label Switching multicast Ox 880C 0x8847 0x8
228. sent Off when cable connection is not good Lit green when 1000Mbps speed is active Lit ember when 100Mbps speed is active Off when 10Mbps speed is active 1000SX LX Gigabit Fiber Port 1 24 LED Lit when connection with the remote device is good SFP LINK ACT Green_ Blinks when any traffic is present Off when module connection is not good Table1 1 Green 10 100 1000Mbps Amber 12 1 4 2 AC Power Input on the Rear Panel One socket on the rear panel is for AC power input AC Line 100 240V 50 60 Hz Fig 1 3 Rear View of SW24GF 1 5 View of the Optional Modules In the switch Port 1 8 includes two types of media TP and SFP Fiber LC BiDi LC this port supports 10 100 1000Mbps TP or 1000Mbps SFP Fiber with auto detected function 1000Mbps SFP Fiber transceiver is used for high speed connection expansion the following are optional SFP types provided for the switch 1000Mbps LC MM SFP Fiber transceiver 1000Mbps LC SM 10km SFP Fiber transceiver 1000Mbps LC SM 30km SFP Fiber transceiver 1000Mbps LC SM 50km SFP Fiber transceiver 1000Mbps BiDi LC type 1 SM 20km SFP Fiber WDM transceiver 1000Mbps BiDi LC type 2 SM 20km SFP Fiber WDM transceiver 1000Mbps LC SM 10km SFP Fiber transceiver with DDM i loll Fig 1 4 Front View of 1000Base SX LX LC SFP Fiber Transceiver Fig 1 5 Front View of 1000Base LX BiDi LC SFP Fiber Transceiver 13 2 In
229. ser defined Default is SW24GF 36 System up time The time accumulated since this switch is powered up Its format is day hour minute second Current time Show the system time of the switch Its format day of week month day hours minutes seconds year For instance Mon March 03 14 54 07 2008 BIOS version The version of the BIOS in this switch Firmware version The firmware version in this switch Hardware Mechanical version The version of Hardware and Mechanical The figure before the hyphen is the version of electronic hardware the one after the hyphen is the version of mechanical Serial number The serial number is assigned by the manufacturer Host IP address The IP address of the switch Host MAC address It is the Ethernet MAC address of the management agent in this switch Device Port Show all types and numbers of the port in the switch RAM size The size of the DRAM in this switch Flash size The size of the flash memory in this switch CPU Load To display the CPU loading percent on this switch 37 3 1 2 Account Configuration In this function only administrator can create modify or delete the username and password Administrator can modify other guest identities password without confirming the password but it is necessary to modify the administrator equivalent identity Guest equivalent identity can modify his password only Please note that you must confirm administr
230. ses ackendAuthFails ooooceo Fig 3 144 802 1X Port Statistics 160 3 11 Trunking Configuration The Port Trunking Configuration is used to configure the settings of Link Aggregation You can bundle more than one port with the same speed full duplex and the same MAC to be a single logical port thus the logical port aggregates the bandwidth of these ports This means you can apply your current Ethernet equipments to build the bandwidth aggregation For example if there are three Fast Ethernet ports aggregated in a logical port then this logical port has bandwidth three times as high as a single Fast Ethernet port has The switch supports two kinds of port trunking methods LACP Ports using Link Aggregation Control Protocol according to IEEE 802 3ad specification as their trunking method can choose their unique LACP GroupID 1 8 to form a logic trunked port The benefit of using LACP is that a port makes an agreement with its peer port before it becomes a ready member of a trunk group also called aggregator LACP is safer than the other trunking method static trunk The switch LACP does not support the followings Link Aggregation across switches Aggregation with non IEEE 802 3 MAC link Operating in half duplex mode Aggregate the ports with different data rates Static Trunk Ports using Static Trunk as their trunk method can choose their unique Static GroupID also 1 8 this Static groupI
231. show previous page Next Page To show next page Refresh To refresh the IGMP Group membership information which caught by the switch 189 3 15 5 MVR Function name MVR Setting Function description Multicast VLAN Registration MVR routes packets received in a multicast source VLAN to one or more receive VLANs Clients are in the receive VLANs and the multicast server is in the source VLAN Multicast routing has to be disabled when MVR is enabled Refer to the configuration guide at Understanding Multicast VLAN Registration for more information on MVR MVR Configuration MVR Enable iomtuceenia 125 seconds 1 65535 Fast Leave E ee ee ee eel pi 2 sia ts e 7 a 9 sof is 12 13 14 15 16 17 18 19 20 21 22 23 24 aja an a at ea a aaja a a a eal a a a a a al al a al a Fig 3 163 1 MVR setting Parameter description MVR Enable To Set the multicast VLAN registration function enable Host Time Out The MVR Host query Timeout field is the amount of time in seconds Available value 1 65535 sec Fast Leave To evoke the port to become a Fast leave port in MVR Multicast VLAN Registration service on the switch 190 3 15 6 MVID Function name MVID Configuration Function description To create the Multicast VLAN Registration member and evoke the port with which mode as client or router Create MVID disable v 2J disable disable
232. ss classification ICMP Type Value Range 0 255 ICMP Code Filter Range Any Specific Any Including all of ICMP code values Specific According to following ICMP code value setting for ingress 134 classification ICMP Code Value Range 0 255 IP Parameters Frame Type IPv4 and IP Protocol Filter UDP Source Port Filter Range Any Specific Range Any Including all UDP source ports Specific According to following Source Port No setting for ingress classification Range According to following Source Port Range setting for ingress classification Source Port No Range 0 65535 Source Port Range Range 0 65535 Dest Port Filter Range Any Specific Range Any Including all UDP destination ports Specific According to following Dest Port No setting for ingress classification Range According to following Dest Port Range setting for ingress classification Dest Port No Destination Port Number Range 0 65535 Dest Port Range Destination Port Range Range 0 65535 IP Parameters Frame Type IPv4 and IP Protocol Filter TCP Source Port Filter Range Any Specific Range Any Including all TCP source ports Specific According to following Source Port No setting for ingress classification Range According to following Source Port Range setting for ingress classification Source Port No Range 0 65535 Source Port Range 135 Range 0 65535 Dest Port Filter Range Any
233. ss Ea EAEE A R ES 10 l4 VIEW OF S W2AGE V e E a er sock sp EAEE EEE EO E E E Eo EEE EARS SRE EEES deseavenssoves 12 1 4 1 User Interfaces on the Front Panel Button LEDs and Plugs s 12 1 4 2 AC Power Input on the Rear Panel ui s ccsccesccescsseesseenceeeeeeceseceeecesecesecnsecnaeceaecsaecsaeeseeeneees 13 1 5 VIEW OF THE OPTIONAL MODULES 3 sccsssccciscosssecssepeeconsensosnssepenesdsnsbrasseaneatesensieosseptondeasssvenssoves 13 INSTALLATION sisccccbscdscssscsestecnseiccsce sad decseassenasecsescssbasscanssassasastesscansenceebosseacceonssocestessecseossacaeases 14 221 STARTING SW24GE UP e n E E E tidvesyeastenuestespeuiensevccescs ER 2 1 1 Hardware and Cable Installation 1 2 cecccecccsseeseesseeseeeseeesceecusecusecaecaaecacecaeeeseeeaeeeseeeeeeaees 2 1 2 Installing Chassis to a 19 Inch Wiring Closet Ril cccccccessceseceseceseenseeneeeseeteeeseeeneeeaees 221 3 Cabling REQUITEMENES poine Sees Sey sndia oh Ress ches ese de Shae Sok hes Seat ied ieee be eg antaee eles e a 2 1 3 1 Cabling Requirements for TP Ports ccececesscesecsseeseesecesecseceseeeceseeaeceeeaeceeeaeseeeeaeceeeeaeeaees 2 1 3 2 Cabling Requirements for 1000SX LX SFP Module 2 1 3 3 Switch Cascading in Topology ccccccsceseeecsessscsesseeseeseeeceecseesesseeseecsessecseeaesseeseseeeaseeneeaeeats 2 1 4 Configuring the Management Agent Of SW24GF u cccccccesccesscesecesecnseceeeseeeseesseeseeeneenaees 2 1 4 1 Configuring the Management Agent of SW2
234. st is the full function tree for web user interface 34 System Port VLAN gt GVRP O n m O oS SNMP gt C IP MAC Binding 802 1X Trunk TP MSTP Mirroring Multicast Alarm DHCP Snooping LLDP Save Restore Export Imports Diagnostics Maintenance Logout 35 3 1 1 System Information Function name System Information Function description Show the basic system information Model Name SW24GF System Description Managed 24 Port Gigabit Ethernet Switch with 24 SFP Fiber Support Location Contact Device Name SW24GF System Up Time 0 Days 0 Hours 26 Mins 28 Secs Tue Sep 08 10 49 08 2009 BIOS Version 1 04 Firmware Version v1 45 Be mee mates V 1 01 Y1 01 Serial Number 032201000011 Host IP Address 192 168 1 1 Host MAC Address 00 40 c 7 5e 00 d2 Device Port UART 1 Dual Media Port RJ45 SFP 8 SFP 16 RAM Size 512M Flash Size 128M CPU Load 2 Fig 3 4 Parameter description Model name The model name of this device System description As it is this tells what this device is Here it is L2 Plus Managed Switch Location Basically it is the location where this switch is put User defined Contact For easily managing and maintaining device you may write down the contact person and phone here for getting help soon You can configure this parameter through the device s user interface or SNMP Device name The name of the switch U
235. stallation 2 1 Starting SW24GF Up This section will give users a quick start for Hardware and Cable Installation Management Station Installation Software booting and configuration 2 1 1 Hardware and Cable Installation At the beginning please do first Wear a grounding device to avoid the damage from electrostatic discharge Be sure that power switch is OFF before you insert the power cord to power source Installing Optional SFP Fiber Transceivers to the SW24GF Note If you have no modules please skip this section Fig 2 1 Installation of Optional SFP Fiber Transceiver Connecting the SFP Module to the Chassis The optional SFP modules are hot swappable so you can plug or unplug it before or after powering on 1 Verify that the SFP module is the right model and conforms to the chassis 2 Slide the module along the slot Also be sure that the module is properly seated against the slot socket connector 3 Install the media cable for network connection 4 Repeat the above steps as needed for each module to be installed into slot s 5 Have the power ON after the above procedures are done Note The switch supports the SFP Vendor includes Manufacture Agilent Avago and Finisa 14 TP Port and Cable Installation In the switch TP port supports MDI MDI X auto crossover so both types of cable straight through and crossed over can be used It means you do not have to tell from them just
236. statue ath cost status configured Path Cost priority Admin Port Type Admin Point To Point FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 128 Normal Auto FORWARDING 2000000 Normal Auto Fig 3 150 STP Port Configuration ONAOSWNE geooaeeceoeceeceeceeceoaeeaeoecaeoora Parameter description Port Status It displays the current state of a port We cannot manually set it because it displays the status only There are three possible states according to 802 1w specification DISCARDING state indicates that this port can neither forward packets nor contribute learning knowledge Notice Three other states Disable state BLOCKING state and LISTENING state defined in the 802 1d specification are now all represented as DISCARDING state LEARNING state indicates th
237. t 1 8 are optional modules Link Show that if the link on the port is active or not If the link is connected to a working well device the Link will show the link Up otherwise it will show Down This is determined by the hardware on both devices of the connection No default value Speed Duplex Mode Display the speed and duplex of all port There are three speeds 10Mbps 100Mbps and 1000Mbps supported for TP media and the duplex supported is half duplex and full duplex If the media is 1Gbps fiber it is 1000Mbps supported only The status of speed duplex mode is determined by 1 the negotiation of both local port and link partner in Auto Speed mode or 2 user setting in Force mode The local port has to be preset its capability Default None depends on the result of the negotiation Flow Control Show each port s flow control status There are two types of flow control in Ethernet Backpressure for half duplex operation and Pause flow control IEEE802 3x for full duplex operation The switch supports both of them Default None depends on the result of the negotiation Description network managers provide a description of device ports Z hitp 192_168_3_210 portstpinfo htm Microsoft Internet Explorer Port 21 Detail Information Connector Type 1 Fiber Type O E utti mode mm eaudRate 50 16 CITT EN Ruby Tech vendor Rev 5P c vendorsN O oooo Date Code IFOO
238. t Router Switch and IP Multicast Host can update the information of the Multicast table when a member port joins or leaves an IP Multicast Destination Address With this function once a switch receives an IP multicast packet it will forward the packet to the members who joined in a specified IP multicast group before The packets will be discarded by the IGMP Snooping if the user transmits multicast packets to the multicast group that had not been built up in advance 3 15 1 IGMP Mode Function name IGMP Mode Function description IGMP mode to select the switch to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP interfaces The switch acts as a proxy or snooping for its hosts IGMP Mode eam Disable v Disable Apply iaa PE Snooping _ Fig 3 160 IGMP Proxy Parameter description Disable To disable the IGMP service on the switch Proxy To select and enable the IGMP mode with a proxy on the switch Snooping To select and enable the IGMP mode with a snooping on the switch 185 3 15 2 IGMP Proxy Function name IGMP Proxy Configuration Function description IGMP proxy enables the switch to issue IGMP host messages on behalf of hosts that the system discovered through standard IGMP interfaces The switch acts as a proxy for its hosts You enable IGMP proxy on the switch which connects to a router closer to the root of the tree This interface is the upstream interfac
239. t _ lt a oncncccecccccc Fig 3 158 Port Status Parameter description Port No 1 24 Status The forwarding status Same definition as of the RSTP specification Possible values are FORWARDING LEARNING DISCARDING Status The role that a port plays in the spanning tree topology Possible values are dsbl disable port alt alternate port bkup backup port ROOT root port DSGN designated port MSTR master port The last 3 are possible port roles for a port to transit to FORWARDING state Path Cost Display currently resolved port path cost value for each port in a particular spanning tree instance Priority Display port priority value for each port in a particular spanning tree instance Hello per port Hello Time display It takes the following form Current Hello Time Hello Time Setting Oper Edge Whether or not a port is an Edge Port in reality Oper P2P Whether or not a port is a Point to Point Port in reality 182 Restricted Role Same as mentioned in Port Config Restricted Ten Same as mentioned in Port Config 183 3 14 Mirror Function name Mirror Configuration Function description Mirror Configuration is to monitor the traffic of the network For example we assume that Port A and Port B are Monitoring Port and Monitored Port respectively thus the traffic received by Port B will be copied to Port A for monitoring Note
240. tarted This is a violation of IEEE Std 802 3 but is useful in non dropping half duplex flow control operation Description Description of device ports can not include amp 53 3 2 2 Port Status The function Port Status gathers the information of all ports current status and reports it by the order of port number media link status port state Auto Negotiation status soeed duplex Rx Pause and Tx Pause An extra media type information for the module ports 1 and 8 is also offered See Fig 3 14 Port Status a sere Oa Link Speed Description 1 1Gfdx v V 2 ae down X X 5 3 down down X X TP 4 down down X X TP 5 down down X X TP 6 down down X X TP 7 down down X X TP 8 down down X X TP 9 down down X X SFP 10 down down X X SFP 11 down down X X SFP 12 down down X X SFP 13 down down X X SFP 14 down down X X SFP 15 down down X X SFP 16 down down X X SFP 17 down down X X SFP 18 down down X X SFP 19 down down X X SFP 20 down down X X SFP 21 down down X X SFP 22 down down X X SFP 23 down down X X SFP 24 down down xX X SFP Fig 3 13 Function name Port Status Function Description Report the latest updated status of all ports in this switch When any one of the ports in the switch changes its parameter displayed in the page it will be automatically refreshed the port current status about every 5 seconds 54 Parameter Description Port Display the port number The number is 1 24 Both por
241. ted Additional spanning instances MSTIs can be added or deleted At least one vlan must be provisioned for an MSTI to declare the need for the MSTI to be existent Corresponding Vlans 0 4095 176 Multiple vians can belong to an MSTI All vlans that are not provisioned through this will be automatically assigned to Instance O CIST Edit MSTI Vian Fig 3 156 To add an MSTI and provide its vlan members or modify vlan members for a specific MSTI Del MSTI To delete an MSTI Del All MSTI Deleting all provisioned MSTIs at a time Instance Configuration Fig 3 157 To provision spanning tree performance parameters per instance Port Config Fig 3 158 To provision spanning tree performance parameters per instance per port Instance Status Fig 3 159 To show the status report of a particular spanning tree instance Port Status Fig 3 160 To show the status report of all ports regarding a specific spanning tree instance Parameter description Vlan Mapping VID STRING VID STRING Example 2 5 7 100 200 301 303 1000 1500 Valid VID Range 1 4094 Instance Configuration ID 0 Priority 0 61440 32768 v Max Age 6 40 sec 20 Forward Delay 4 30 sec 15 Max Hops 6 40 sec 120 Note 2 Forward Delay 1 gt Max Age Max Age available from 6 to 40 Recommended value is 20 Forward Delay sec available from 4 to 30 Recommended value is 15 Max Hops available from 6 to 40 Recommended value is 20 F
242. th the identification field The flags indicate whether the datagram may be fragmented whether the datagram is fragmented and whether the current fragment is the final one Range Any Yes No Any Including all IP fragment case Yes The ingress frame is fragmented packet 133 No The ingress frames is not fragmented packet IP Option A list of optional specifications for security restrictions route recording and source routing Not every datagram specifies an options field Range Any Yes No Any Including all IP option case Yes The ingress frame is specified IP options No The ingress frame is not specified IP options SIP Filter SIP Source IP Address Range Any Host Network Any Including all source IP address Host Only one specific source host IP address Network A specific IP subnet segment under the source IP mask SIP Address Default 192 168 1 1 SIP Mask Default 255 255 255 0 DIP Filter DIP Destination IP Address Range Any Host Network Any Including all destination IP address Host Only one specific destination host IP address Network A specific IP subnet segment under the destination IP mask DIP Address Default 192 168 1 254 DIP Mask Default 255 255 255 0 IP Parameters Frame Type IPv4 and IP Protocol Filter ICMP ICMP Type Filter Range Any Specific Any Including all types of ICMP type values Specific According to following ICMP type value setting for ingre
243. thentication Possible value lt port range gt 1 to 24 lt on off I gt O or 1 default is 1 Example SW24GF 802 1X set reAuthEnabled 2 1 224 set reAuthMax Syntax set reAuthMax lt port range gt lt value gt Description The number of reauthentication attempts that are permitted before the port becomes Unauthorized Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt max value range 1 10 Possible value lt port range gt 1 to 24 lt value gt 1 10 default is 2 Example SW24GF 802 1X set reAuthMax 2 2 set reAuthPeriod Syntax set reAuthPeriod lt port range gt lt value gt Description Aconstant that defines a nonzero number of seconds between periodic reauthentication of the supplicant Argument lt port range gt syntax 1 5 7 available from 1 to 24 lt value gt timer range 1 65535 Possible value lt port range gt 1 to 24 lt value gt 1 65535 default is 3600 Example SW24GF 802 1X set reAuthPeriod 2 3600 set serverTimeout Syntax set serverTimeout lt port range gt lt value gt Description A timer used by the Backend Authentication state machine in order to determine timeout conditions in the exchanges between the Authenticator and the Supplicant or Authentication Server The initial value of this timer is either suppTimeout or serverTimeout as determined by the operation of the Backend Authentication state machi
244. tion with this device for a while if you enable STP Fig 3 149 STP Configuration Parameter description Spanning Tree Protocol Set 802 1W Rapid STP function Enable Disable Default is Disable Bridge Priority The lower the bridge priority is the higher priority it has Usually the bridge with the highest bridge priority is the root If you want to have the SW24GF as root bridge you can set this value lower than that of bridge in the LAN The valid value is 0 61440 The default is 32768 169 Hello Time Max Hello Time is used to determine the periodic time to send normal BPDU from designated ports among bridges It decides how long a bridge should send this message to other bridge to tell am alive When the SW24GF is the root bridge of the LAN for example all other bridges will use the hello time assigned by this switch to communicate with each other The valid value is 1 10 in unit of second Default is 2 seconds Age When the SW24GF is the root bridge the whole LAN will apply this figure set by this switch as their maximum age time When a bridge received a BPDU originated from the root bridge and if the message age conveyed in the BPDU exceeds the Max Age of the root bridge the bridge will treat the root bridge malfunctioned and issue a Topology Change Notification TCN BPDU to all other bridges All bridges in the LAN will re calculate and determine who the root bridge is The valid value of Max
245. to small ones as your demand Properly configuring it you can gain not only improving security and increasing performance but greatly reducing VLAN management 3 3 1 VLAN Mode Function name VLAN Mode Setting Function description The VLAN Mode Selection function includes five modes Port based Tag based Metro Mode Double tag and Disable you can choose one of them by pulling down list and selecting an item Then click lt Apply gt button the settings will take effect immediately Tag based Port based Port 1 lt gt Port 9 Port 2 lt gt Port 10 Port 3 lt gt Port 11 Port 4 lt gt Port 12 Port 5 lt gt Port 13 Port 6 lt gt Port 14 Port 7 lt gt Port15__ Port 8 lt gt Port 16 Port 17 lt gt Port 18 Port 19 lt gt Port 20 Port 21 lt gt Port 22 Port 23 lt gt Port 24 Fig 3 17 Parameter description VLAN Mode Port based Port based VLAN is defined by port Any packet coming in or outgoing from any one port of a port based VLAN will be accepted No filtering criterion applies in port based VLAN The only criterion is the physical port you connect to For example for a port based VLAN named PVLAN 1 contains port members Port 1 amp 2 amp 3 amp 4 If you are on the port 1 you can communicate with port 2 amp 3 amp 4 If you are on the port 5 then you cannot talk to them Each port based VLAN you built up must be assigned a group name This switch can support up to maximal
246. tp 192 168 2 25 iconportdetail htm Windows Internet Explorer http 192 168 2 25 iconportdetail htm v Port 1 Detail Information Link Enabled Auto Negotiation Enabled Speed Duplex 1G Full Flow Control rx on tx on Ingress All State Disabled Ingress All Rate 500 Kbps Egress All State Disabled Egress All Rate 500 Kbps Tx Byte 83752 Rx Byte 3714 Tx Packet 8496493 Rx Packet 1341358 Tx Collision Rx Error Packet Description oo Q o a Internet 100 Fig 3 3 port detail information In Fig 3 3 it shows the basic information of the clicked port With this you ll see the information about the port status traffic status and bandwidth rating for egress and ingress respectively On the left top corner there is a pull down list for Auto Logout For the sake of security we provide auto logout function to protect you from illegal user as you are leaving If you do not choose any selection in Auto Logout list it means you turn on the Auto Logout function and the system will be logged out automatically when no action on the device 3 minutes later If OFF is chosen the screen will keep as it is Default is ON On the left side the main menu tree for web is listed in the page They are hierarchical menu Open the function folder a sub menu will be shown The functions of each folder are described in its corresponded section respectively When clicking it the function is performed The following li
247. ts 8 Gigabit Ethernet TP ports with auto MDIX and two slots for the removable module supporting comprehensive fiber types of connection including LC and BiDi LC SFP modules For more details on the specification of the switch please refer to Appendix A The switch is suitable for the following applications Central Site Remote site application is used in carrier or ISP See Fig 2 13 Peer to peer application is used in two remote offices See Fig 2 14 Office network See Fig 2 15 Fig 2 13 Network Connection between Remote Site and Central Site Fig 2 13 is a system wide basic reference connection diagram This diagram demonstrates how the switch connects with other network devices and hosts 30 Fig 2 15 Office Network Connection 31 3 Operation of Web based Management This chapter instructs you how to configure and manage the SW24GF through the web user interface it supports to access and manage the 16 Port Gigabit SFP and 8 Port Gigabit TP SFP Fiber management Ethernet switch With this facility you can easily access and monitor through any one port of the switch all the status of the switch including MIBs status each port activity Spanning tree status port aggregation status multicast traffic VLAN and priority status even illegal access record and so on The default values of the managed switch are listed in the table below IP Address 192 168 1 1 Subnet Mask 255 255 255 0 DA E
248. uration of e mail Argument None Possible value None Example SW24GF alarm email show ail Server 192 168 1 6 Username admin Password 2 Reo eoiolokikekek Email Address 1 abc mail abc com Email Address 2 235 Email Address Email Address Email Address Email Address Dm ore Ww lt lt events gt gt del all Syntax del all lt range gt Description To disable email and trap of events Argument lt range gt del the range of events syntax 1 5 7 Possible value lt range gt 1 24 Example SW24GF alarm events del all 1 3 del email Syntax del email lt range gt Description To disable the email of the events Argument lt range gt del the range of email syntax 1 5 7 Possible value lt range gt 1 24 Example SW24GF alarm events del email 1 3 del trap Syntax del trap lt range gt Description To disable the trap of the events Argument lt range gt del the range of trap syntax 1 5 7 Possible value lt range gt 1 24 Example SW24GF alarm events del trap 1 3 set all 236 Syntax set all lt range gt Description To enable email and trap of events Argument lt range gt set the range of events syntax 1 5 7 Possible value lt range gt 1 24 Example SW24GF alarm events set all 1 3 set email Syntax set email lt range gt Description To enable the email of the events Argument lt range gt s
249. ure the basic identification of a MSTP bridge Bridges participating in acommon MST region must have the same Region Name and Revision Level MSTP Region Config Region Name 0 32 characters mstpRegion1l Revision Level 0 65535 0 Fig 3 152 MSTP Region Config Parameter description Region Name 0 32 characters A variable length text string encoded within a fixed field of 32 octets conforming to RFC 2271 s definition of SnmpAdminString Revision Level 0 65535 175 3 13 3 Instance View Function name MSTP Instance Config Function description Providing an MST instance table which include information vlan membership of a MSTI of all spanning instances provisioned in the particular MST region which the bridge belongs to Through this table additional MSTP configuration data can be applied and MSTP status can be retrieved MSTP Instance Config Instance ID Corresponding Vlans 0 4095 Edit MSTI lan Del MSTI Del All MSTI Instance Config Port Config Instance Status Port Status Fig 3 153 MSTP Instance Config MSTP Create MSTI Add Vlan Mapping Instance ID 1 4095 LE lan Mapping VID STRING bbe acl 2 5 7 100 200 301 303 1000 1500 alid VID Range 1 4094 apply Fig 3 154 Edit MSTI Vlan Parameter description Instance ID Every spanning tree instance need to have a unique instance ID within 0 4095 Instance 0 CIST always exists and can not be dele
250. ving and described in detail Day Light Saving Start This is used to set when to start performing the day light saving time Mth Range is 1 12 Default 1 Day Range is 1 31 Default 1 Hour Range is 0 23 Default 0 Day Light Saving End This is used to set when to stop performing the daylight saving time Mth Range is 1 12 Default 1 Day Range is 1 31 Default 1 Hour Range is 0 23 Default 0 40 3 1 4 IP Configuration IP configuration is one of the most important configurations in the switch Without the proper setting network manager will not be able to manage or view the device The switch supports both manual IP address setting and automatic IP address setting via DHCP server When IP address is changed you must reboot the switch to have the setting taken effect and use the new IP to browse for web management and CLI management Function name IP Configuration Function description Set IP address subnet mask default gateway and DNS for the switch IP Configuration DHCP Setting C Enable IP Address 192 168 2 25 steed 192 168 2 25 Default Gateway 192 168 2 254 Current Gateway 192 168 2 254 Fig 3 7 IP Address Configuration Parameter description DHCP Setting DHCP is the abbreviation of Dynamic Host Configuration Protocol Here DHCP means a switch to turn ON or OFF the function The switch supports DHCP client used to get an IP address automatically
251. will show this switch s bridge ID 167 Designated Priority Show the current root bridge priority Root Port Show port number connected to root bridge with the lowest path cost Root Path Cost Show the path cost between the root port and the designated port of the root bridge Current Max Age Show the current root bridge maximum age time Maximum age time is used to monitor if STP topology needs to change When a bridge does not receive a hello message from root bridge until the maximum age time is counted down to 0 the bridge will treat the root bridge malfunctioned and issue a Topology Change Notification TCN BPDU to all other bridges All bridges in the LAN will re learn and determine which the root bridge is Maximum Age time is assigned by root bridge in unit of seconds Default is 20 seconds Current Forward Delay Show the current root bridge forward delay time The value of Forward Delay time is set by root The Forward Delay time is defined as the time spent from Listening state moved to Learning state or from Learning state moved to Forwarding state of a port in bridge Hello Time Show the current hello time of the root bridge Hello time is a time interval specified by root bridge used to request all other bridges periodically sending hello message every hello time seconds to the bridge attached to its designated port STP Topology Change Count STP Topology Change Count expresses the time spe
252. y It is including all Ethernet frame type Specific It is according to specific Ethernet Type Value Ethernet Type Value The Ethernet Type Range 0x600 OxFFFF ARP Parameters When Frame Type ARP ARP RARP Range Any ARP RARP Other Any Including all ARP RARP protocol frame types ARP Including all ARP protocol frame types RARP Including all RARP frame types Other Including other frame types except ARP RARP protocol Request Reply Range Any Request Reply Any Including all ARP RARP Request and Reply Request Including all ARP RARP request frames Reply Including all ARP RARP reply frames 131 Sender IP Filter Range Any Host Network Any Including all sender IP address Host Only one specific sender host IP address Network A specific IP subnet segment under the sender IP mask Sender IP Address Default 192 168 1 1 Sender IP Mask Default 255 255 255 0 Target IP Filter Range Any Host Network Any Including all target IP address Host Only one specific target host IP address Network A specific IP subnet segment under the target IP mask Target IP Address Default 192 168 1 254 Target IP Mask Default 255 255 255 0 ARP SMAC Match Range Any 0 1 Any 0 Both 0 and 1 The ingress ARP frames where the source MAC address is not equal SMAC under MAC parameter setting The ingress ARP frames where the source MAC address is equal SMAC address under MAC parameter setting RARP
Download Pdf Manuals
Related Search