System information

ManualsBrandsComnet ManualsComputer equipmentCNGE2FE8MSPOE

INSTALLATION AND OPERATION MANUAL

CNGE2FE8MSPOE

ENVIRONMENTALLY HARDENED MANAGED ETHERNET

SWITCH WITH (8) 10/100TX + (2) 10/100/1000TX RJ45

OR 100/1000 FX SFP PORTS

V1.04 – March 2010

CNGE2FE8MSPOE Managed Ethernet Switch provides transmission of (8)

10/100 BASE-TX and (2) 10/100/1000TX or 100/1000FX combo ports. Unlike

most Ethernet switches, these environmentally hardened units are designed

for deployment in difficult operating environments, and are available for use

with either conventional CAT-5e copper or optical transmission media. The 8

electrical ports support the 10/100 Mbps Ethernet IEEE 802.3 protocol, and

auto-negotiating and auto-MDI/MDIX features are provided for simplicity and

ease of installation. All 8 ports support IEEE.802.3af based POE. 2 ports are

10/100/1000 configurable for copper or fiber media for use with multimode

or single mode optical fiber, selected by optional SFP modules. These

network managed layer 2 switches are optically (100/1000 BASE-FX) and

electrically compatible with any IEEE 802.3 compliant Ethernet devices. Plug-

and-play design ensures ease of installation, and no electrical or optical

adjustments are ever required. The CNGE2FE8MSPOE incorporates LED

indicators for monitoring the operating status of the managed switch and

network.

Summary of content (162 pages)

PAGE 1
INSTALLATION AND OPERATION MANUAL CNGE2FE8MSPOE ENVIRONMENTALLY HARDENED MANAGED ETHERNET SWITCH WITH (8) 10/100TX + (2) 10/100/1000TX RJ45 OR 100/1000 FX SFP PORTS V1.04 – March 2010 CNGE2FE8MSPOE Managed Ethernet Switch provides transmission of (8) 10/100 BASE-TX and (2) 10/100/1000TX or 100/1000FX combo ports.
PAGE 2
FCC Warning This Equipment has been tested and found to comply with the limits for a Class-A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy. It may cause harmful interference to radio communications if the equipment is not installed and used in accordance with the instructions.
PAGE 3
Content Chapter 1 Introduction .......................................... 1 1.1 Hardware Features ........................................ 1 1.2 Software Features.......................................... 5 1.3 Package Contents.......................................... 8 Chapter 2 Hardware Description .......................... 9 2.1 Physical Dimension........................................ 9 2.2 Front Panel..................................................... 9 2.3 Top View ................
PAGE 4
5.2 Pin Assignment ............................................ 29 5.3 Login in the Console Interface ..................... 30 5.4 CLI Management ......................................... 32 5.5 Commands Level ......................................... 32 Chapter 6 Web-Based Management................... 34 6.1 About Web-based Management .................. 34 6.2 Preparing for Web Management .................. 34 6.3 System Login ............................................... 35 6.
PAGE 5
6.11 IP Security.................................................. 57 6.12 User Authentication.................................... 59 6.13 Port Statistics ............................................. 60 6.14 Port Control ................................................ 62 6.15 Port Trunk .................................................. 64 6.15.1 Aggregator setting....................................... 64 6.15.2 Aggregator Information ............................... 66 6.15.
PAGE 6
.22 IGMP Configuration ................................. 100 6.23 X-Ring ...................................................... 102 6.24 LLDP Configuration.................................. 104 6.25 Security—802.1X/Radius Configuration .. 105 6.25.1 System Configuration................................ 105 6.25.2 Port Configuration ..................................... 107 6.25.3 Misc Configuration .................................... 109 6.26 MAC Address Table ...............................
PAGE 7
VLAN Commands Set .......................................... 135 Spanning Tree Commands Set ............................ 137 QOS Commands Set............................................ 140 IGMP Commands Set .......................................... 140 Multicast Filtering Commands Set........................ 141 LLDP Commands Set........................................... 142 Mac / Filter Table Commands Set........................ 142 SNMP Commands Set .........................................
PAGE 8
Chapter 1 Introduction The 8 10/100TX + 2 10/100/1000T/Mini-GBIC Combo with 8 PoE Injectors Managed Industrial Switch is a cost-effective solution and meets the high reliability requirements demanded by industrial applications. Using fiber port can extend the connection distance that increases the network elasticity and performance. Besides, the industrial switch provides the PoE function for kinds of Powered Devices to receive power as well as data over the RJ45 cable. 1.1 Hardware Features IEEE 802.
PAGE 9
Packet Buffer 1Mbits MAC Address 8K MAC address table Flash ROM 4Mbytes DRAM 32Mbytes 10/100TX: 8 x RJ45 Connector 10/100/1000T/ Mini-GBIC Combo: 2 x RJ45 + 2 x 100/1000 SFP sockets RS-232 connector: RJ45 type 10Base-T: 2-pair UTP/STP Cat. 3, 4, 5/ 5E cable EIA/TIA-568 100-ohm (100m) Network Cable 100Base-TX: 2-pair UTP/STP Cat. 5/ 5E cable EIA/TIA-568 100-ohm (100m) 1000Base-TX: 2-pair UTP/STP Cat.
PAGE 10
Sensitivity: -36 to -32 dBm (Single mode); -34 to -30 dBm (Multi mode) RJ45 port # 1~# 8 support IEEE 802.3af End-point, PoE pin Alternative A mode. Per port provides 15.4W ability. assignment Positive (VCC+): RJ45 pin 1,2. Negative (VCC-): RJ45 pin 3,6.
PAGE 11
61000-4-4, CE EN61000-4-5, CE EN61000-4-6, CE EN61000-4-8, CE EN61000-4-11, CE EN61000-4-12, CE EN61000-6-2, CE EN61000-6-4 Safety Stability Testing UL, cUL, CE/EN60950-1 IEC60068-2-32 (Free fall), IEC60068-2-27 (Shock), IEC60068-2-6 (Vibration) 4
PAGE 12
1.2 Software Features Management SNMP v1 v2c, v3/ Web/Telnet/CLI RFC 1215 Trap, RFC1213 MIBII, RFC 1157 SNMP MIB, RFC 1493 SNMP MIB Bridge MIB, RFC 2674 VLAN MIB, RFC 1643 , RFC 1757, RSTP MIB, Private MIB, LLDP MIB Port Based VLAN VLAN IEEE 802.1Q Tag VLAN (256 entries)/ VLAN ID (Up to 4K, VLAN ID can be assigned from 1 to 4094.
PAGE 13
Port Mirror IGMP Supports 3 mirroring types: “RX, TX and Both packet”. Supports IGMP snooping v1,v2 256 multicast groups and IGMP query Supports 10 IP addresses that have permission to access IP Security the switch management and to prevent unauthorized intruder. Login Security Supports IEEE802.
PAGE 14
1. Cold start 2. Link up/down SNMP Trap 3. X-Ring topology changed 4. Authorization fail 5. PD disconnect trap-PoE port event DHCP DNS Provides DHCP Client/ DHCP Server/ Port and IP Binding Provides DNS client feature and supports Primary and Secondary DNS server SNTP Supports SNTP to synchronize system clock in Internet Firmware Update Supports TFTP firmware update, TFTP backup and restore.
PAGE 15
1.3 Package Contents Please refer to the package content list below to verify them against the checklist.  8 10/100TX + 2 10/100/1000T/Mini-GBIC Combo with 8 PoE Injectors Managed Industrial Switch x 1  User manual x 1  Pluggable Terminal Block x 1  Mounting plate x 2  RJ45 to DB9-Female cable x 1 Compare the contents of the industrial switch with the standard checklist above. If any item is damaged or missing, please contact the local dealer for service.
PAGE 16
Chapter 2 Hardware Description In this paragraph, it will describe the Industrial switch’s hardware spec, port, cabling information, and wiring installation. 2.1 Physical Dimension 8 10/100TX w/ X-Ring Managed Industrial Switch dimension (W x D x H) is 72mm x 105mm x 152mm 2.
PAGE 17
2.3 Top View The top panel of the 8 10/100TX w/ X-Ring Managed Industrial Switch has one terminal block connector of two DC power inputs and one fault alarm.
PAGE 18
2.4 LED Indicators The diagnostic LEDs that provide real-time information of system and optional status are located on the front panel of the industrial switch. The following table provides the description of the LED status and their meanings for the switch. LED Color PWR Green Status On The switch unit is power on Off No power On R.M.
PAGE 19
(Lower LED) Off On Link/Active (P9, P10 Green Blinks SFP) Green from the TX device. On A network device is detected. Blinking The port is transmitting or receiving packets from the TX device. No device attached On The port is operating in full-duplex mode. Blinking Collision of Packets occurs.
PAGE 20
Chapter 3 Hardware Installation In this paragraph, we will describe how to install the 8 10/100TX w/ X-Ring Managed Industrial Switch and the installation points attended to it. 3.1 Installation Steps 1. Unpack the Industrial switch 2. Check if the DIN-Rail is screwed on the Industrial switch or not. If the DIN-Rail is not screwed on the Industrial switch, please refer to DIN-Rail Mounting section for DIN-Rail installation.
PAGE 21
3.2 DIN-Rail Mounting The DIN-Rail is screwed on the industrial switch when out of factory. If the DIN-Rail is not screwed on the industrial switch, please see the following pictures to screw the DIN-Rail on the switch. Follow the steps below to hang the industrial switch.
PAGE 22
15
PAGE 23
1. First, insert the top of DIN-Rail into the track. 2. Then, lightly push the DIN-Rail into the track. 3. Check if the DIN-Rail is tightened on the track or not. 4. To remove the industrial switch from the track, reverse above steps.
PAGE 24
3.3 Wall Mount Plate Mounting Follow the steps below to mount the industrial switch with wall mount plate. 1. Remove the DIN-Rail from the industrial switch; loose the screws to remove the DINRail. 2. Place the wall mount plate on the rear panel of the industrial switch. 3. Use the screws to screw the wall mount plate on the industrial switch. 4. Use the hook holes at the corners of the wall mount plate to hang the industrial switch on the wall. 5. To remove the wall mount plate, reverse the above steps.
PAGE 25
3.4 Wiring the Power Inputs Please follow the steps below to insert the power wire. 1. Insert DC power wires into the contacts 1 and 2 for power 1, or 5 and 6 for power. 2. Tighten the wire-clamp screws for preventing the wires from loosing. [NOTE] The wire gauge for the terminal block should be in the range between 12 ~ 24 AWG.
PAGE 26
3.5 Wiring the Fault Alarm Contact The fault alarm contacts are in the middle of the terminal block connector as the picture shows below. Inserting the wires, the switch will detect the fault status of the power failure, or port link failure (available for managed model) and then forms an open circuit. The following illustration shows an application example for wiring the fault alarm contacts.
PAGE 27
3.6 Cabling  Use four twisted-pair, Category 5e or above cabling for RJ45 port connection. The cable between the switch and the link partner (switch, hub, workstation, etc.) must be less than 100 meters (328 ft.) long.  Fiber segment using single-mode connector type must use 9/125 µm single-mode fiber cable. User can connect two devices in the distance up to 30km.  Fiber segment using multi-mode connector type must use 50 or 62.5/125 µm multimode fiber cable.
PAGE 28
To connect the transceiver and LC cable, please follow the steps shown below: First, insert the transceiver into the SFP module. Notice that the triangle mark is the bottom of the module. Transceiver to the SFP module Transceiver Inserted Second, insert the fiber cable of LC connector into the transceiver.
PAGE 29
LC connector to the transceiver 22
PAGE 30
To remove the LC connector from the transceiver, please follow the steps shown below: First, press the upper side of the LC connector to release from the transceiver and pull it out. Remove LC connector Second, push down the metal loop and pull the transceiver out by the plastic handle.
PAGE 31
Chapter 4 Network Application This chapter provides some sample applications to help user to have more actual idea of industrial switch function application.
PAGE 32
The illustration below shows an example of power over Ethernet application.
PAGE 33
4.1 X-Ring Application The industrial switch supports the X-Ring protocol that can help the network system to recovery from network connection failure within 20ms or less, and make the network system more reliable. The X-Ring algorithm is similar to spanning tree protocol (STP) algorithm but its recovery time is faster than STP. The following figure is a sample X-Ring application.
PAGE 34
4.2 Coupling Ring Application In the network, it may have more than one X-Ring group. By using the coupling ring function, it can connect each X-Ring for the redundant backup. It can ensure the transmissions between two ring groups not to fail. The following figure is a sample of coupling ring application.
PAGE 35
4.3 Dual Homing Application Dual Homing function is to prevent the connection lose from between X-Ring group and upper level/core switch. Assign two ports to be the Dual Homing port that is backup port in the X-Ring group. The Dual Homing function only works when the X-Ring function is active. Each X-Ring group only has one Dual Homing port. [NOTE] In Dual Homing application architecture, the upper level switches need to enable the Rapid Spanning Tree protocol.
PAGE 36
Chapter 5 Console Management 5.1 Connecting to the Console Port The supplied cable which one end is RS-232 connector and the other end is RJ45 connector. Attach the end of RS-232 connector to PC or terminal and the other end of RJ45 connector to the console port of the switch. The connected terminal or PC must support the terminal emulation program. 5.
PAGE 37
NC 7 Brown/White NC 8 Brown 5.
PAGE 38
Having finished the parameter settings, click ‘OK’. When the blank screen shows up, press Enter key to have the login prompt appears. Key in ‘admin’ (default value) for both User name and Password (use Enter key to switch), then press Enter and the Main Menu of console management appears. Please see below figure for login screen.
PAGE 39
5.4 CLI Management The system supports the console management—CLI command. After you log in on to the system, you will see a command prompt. To enter CLI management interface, type in “enable” command. CLI command interface The following table lists the CLI commands and description. 5.5 Commands Level Modes Access Method Prompt Exit Method About This Mode1 The user commands available at the user level are a subset of Begin a User EXEC session with switch> your switch.
PAGE 40
EXEC mode. • Display advanced function status • Save configuration Enter the configure Global command switch Configuration while in (config)# privileged EXEC mode. To exit to Use this mode to privileged configure those EXEC parameters that are mode, enter going to be applied to exit or end your switch. Enter the vlan VLAN database database command while in To exit to switch user EXEC (vlan)# mode, enter exit. privileged Use this mode to configure VLANspecific parameters.
PAGE 41
Chapter 6 Web-Based Management This section introduces the configuration and functions of the Web-Based management. 6.1 About Web-based Management There is an embedded HTML web site residing in flash memory on CPU board of the switch, which offers advanced management features and allows users to manage the switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. The Web-Based Management supports Internet Explorer 6.0 or later version.
PAGE 42
6.3 System Login 1. Launch the Internet Explorer on the PC 2. Key in “http:// “+” the IP address of the switch”, and then Press “Enter”. 3. The login screen will appear right after 4. Key in the user name and password. The default user name and password are the same as ‘admin’. 5. Press Enter or click the OK button, and then the home screen of the Web-based management appears.
PAGE 43
6.4 System Information User can assign the system name, description, location and contact personnel to identify the switch. The version table below is a read-only field to show the basic information of the switch.  System Name: Assign the system name of the switch (The maximum length is 64 bytes)  System Description: Describes the switch.  System Location: Assign the switch physical location (The maximum length is 64 bytes).  System Contact: Enter the name of contact person or organization.
PAGE 44
6.5 IP Configuration The switch is a network device which needs to be assigned an IP address for being identified on the network. Users have to decide a means of assigning IP address to the switch.  DHCP Client: Enable or disable the DHCP client function. When DHCP client function is enabled, the switch will be assigned an IP address from the network DHCP server. The default IP address will be replaced by the assigned IP address on DHCP server.
PAGE 45
IP configuration interface 38
PAGE 46
6.6 DHCP Server DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.
PAGE 47
6.6.1 System configuration  DHCP Server: Enable or Disable the DHCP Server function. Enable—the switch will be the DHCP server on your local network.  Low IP Address: Type in an IP address. Low IP address is the beginning of the dynamic IP range. For example, dynamic IP is in the range between 192.168.10.100 ~ 192.168.10.200. In contrast, 192.168.10.100 is the Low IP address.  High IP Address: Type in an IP address. High IP address is the end of the dynamic IP range.
PAGE 48
6.6.2 Client Entries When the DHCP server function is enabled, the system will collect the DHCP client information including the assigned IP address, the MAC address of the client device, the IP assigning type, status and lease time.
PAGE 49
6.6.3 Port and IP Bindings Assign the dynamic IP address bound with the port to the connected client. The user is allowed to fill each port column with one particular IP address. When the device is connecting to the port and asks for IP assigning, the system will assign the IP address bound with the port.
PAGE 50
6.7 TFTP It provides the functions allowing the user to update the switch firmware via the Trivial File Transfer Protocol (TFTP) server. Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server. 6.7.1 Update Firmware  TFTP Server IP Address: Type in your TFTP server IP.  Firmware File Name: Type in the name of the firmware image file to be updated.  Click .
PAGE 51
6.7.2 Restore Configuration You can restore a previous backup configuration from the TFTP server to recover the settings. Before doing that, you must locate the image file on the TFTP server first and the switch will download back the flash image.  TFTP Server IP Address: Type in the TFTP server IP.  Restore File Name: Type in the correct file name for restoring.  Click .
PAGE 52
6.7.3 Backup Configuration You can back up the current configuration from flash ROM to the TFTP server for the purpose of recovering the configuration later. It helps you to avoid wasting time on configuring the settings by backing up the configuration.  TFTP Server IP Address: Type in the TFTP server IP.  Backup File Name: Type in the file name.  Click .
PAGE 53
6.8 System Event Log This page allows the user to decide whether to send the system event log, and select the mode which the system event log will be sent to client only, server only, or both client and server. What kind of event log will be issued to the client/server depends on the selection on the Event Configuration tab. There are four types of event—Device Cold Start, Authentication Failure, X-Ring Topology Change, and Port Event—available to be issued as the event log. 6.8.
PAGE 54
Syslog Configuration interface 47
PAGE 55
6.8.2 System Event Log—SMTP Configuration Simple Mail Transfer Protocol (SMTP) is the standard for email transmissions across the network. You can configure the SMTP server IP, mail subject, sender, mail account, password, and the recipient email addresses which the e-mail alert will send to. There are also five types of event—Device Cold Start, Authentication Failure, X-Ring Topology Change, and Port Event—available to be issued as the e-mail alert.
PAGE 56
SMTP Configuration interface 49
PAGE 57
6.8.3 System Event Log—Event Configuration Having ticked the Syslog/SMTP checkboxes, the event log/email alert will be sent to the system log server and the SMTP server respectively. Also, Port event log/alert (link up, link down, and both) can be sent to the system log server/SMTP server respectively by setting the trigger condition.  System event selection: There are 3 event types—Device Cold Start, Authentication Failure, and X-ring Topology Change.
PAGE 58
Event Configuration interface 51
PAGE 59
6.9 Fault Relay Alarm The Fault Relay Alarm function provides the Power Failure and Port Link Down/Broken detection. With both power input 1 and power input 2 installed and the check boxes of power 1/power 2 ticked, the FAULT LED indicator will then be possible to light up when any one of the power failures occurs. As for the Port Link Down/Broken detection, the FAULT LED indicator will light up when the port failure occurs; certainly the check box beside the port must be ticked first.
PAGE 60
6.10 SNTP Configuration SNTP (Simple Network Time Protocol) is a simplified version of NTP which is an Internet protocol used to synchronize the clocks of computers to some time reference. Because time usually just advances, the time on different node stations will be different. With the communicating programs running on those devices, it would cause time to jump forward and back, a non-desirable effect.
PAGE 61
EDT - Eastern Daylight EST - Eastern Standard -5 hours 7 am -6 hours 6 am -7 hours 5 am -8 hours 4 am -9 hours 3 am -10 hours 2 am -11 hours 1 am +1 hour 1 pm +2 hours 2 pm +3 hours 3 pm ZP4 - USSR Zone 3 +4 hours 4 pm ZP5 - USSR Zone 4 +5 hours 5 pm CDT - Central Daylight CST - Central Standard MDT - Mountain Daylight MST - Mountain Standard PDT - Pacific Daylight PST - Pacific Standard ADT - Alaskan Daylight ALA - Alaskan Standard HAW - Hawaiian Standard Nome, Alaska CET - Centr
PAGE 62
ZP6 - USSR Zone 5 WAST - West Australian Standard CCT - China Coast, USSR Zone 7 JST - Japan Standard, USSR Zone 8 +6 hours 6 pm +7 hours 7 pm +8 hours 8 pm +9 hours 9 pm +10 hours 10 pm +12 hours Midnight EAST - East Australian Standard GST Guam Standard, USSR Zone 9 IDLE - International Date Line NZST - New Zealand Standard NZT - New Zealand  SNTP Sever URL: Set the SNTP server IP address. You can assign a local network time server IP address or an internet time server IP address.
PAGE 63
 Daylight Saving Offset (mins): For non-US and European countries, specify the amount of time for day light savings. Please key in the valid figure in the range of minute between 0 and 720, which means you can set the offset up to 12 hours.  Synchronization Interval (secs): The Synchronization Interval is used for sending synchronizing packets periodically. User can assign range from 64s to 1024s.
PAGE 64
6.11 IP Security IP security function allows the user to assign 10 specific IP addresses that have permission to manage the switch through the http and telnet services for the securing switch management. The purpose of giving the limited IP addresses permission is to allow only the authorized personnel/device can do the management task on the switch.
PAGE 65
IP Security interface 58
PAGE 66
6.12 User Authentication Change web management login user name and password for the management security issue.
PAGE 67
6.13 Port Statistics The following chart provides the current statistic information which displays the real-time packet transfer status for each port. The user might use the information to plan and implement the network, or check and find the problem when the collision or heavy traffic occurs.  Port: The port number.  Type: Displays the current speed of connection to the port.  Link: The status of linking—‘Up’ or ‘Down’.  State: It’s set by Port Control.
PAGE 68
Port Statistics interface 61
PAGE 69
6.14 Port Control In Port control you can configure the settings of each port to control the connection parameters, and the status of each port is listed beneath.  Port: Use the scroll bar and click on the port number to choose the port to be configured.  State: Current port state. The port can be set to disable or enable mode. If the port state is set as ‘Disable’, it will not receive or transmit any packet.  Negotiation: Auto and Force.
PAGE 70
Port Control interface 63
PAGE 71
6.15 Port Trunk Port trunking is the combination of several ports or network cables to expand the connection speed beyond the limits of any one single port or network cable. Link Aggregation Control Protocol (LACP), which is a protocol running on layer 2, provides a standardized means in accordance with IEEE 802.3ad to bundle several physical ports together to form a single logical channel.
PAGE 72
 Select the ports to join the trunk group. The system allows a maximum of four ports to be aggregated in a trunk group. Click and the ports focused in the right side will be shifted to the left side. To remove unwanted ports, select the ports and click  . When LACP enabled, you can configure LACP Active/Passive status for each port on the State Activity tab.  Click .  Use to delete Trunk Group. Select the Group ID and click .
PAGE 73
6.15.2 Aggregator Information  LACP disabled Having set up the aggregator setting with LACP disabled, you will see the local static trunk group information on the tab of Aggregator Information.
PAGE 74
Static Trunking Group information  Group Key: This is a read-only column field that displays the trunk group ID.  Port Member: This is a read-only column field that displays the members of this static trunk group.
PAGE 75
 LACP enabled Having set up the aggregator setting with LACP enabled, you will see the trunking group information between two switches on the tab of Aggregator Information.  Switch 1 configuration 1. Set System Priority of the trunk group. The default is 1. 2. Select a trunk group ID by pull down the drop-down menu bar. 3. Enable LACP. 4. Include the member ports by clicking the button after selecting the port number and the column field of Work Ports changes automatically.
PAGE 76
Switch 1 configuration interface Aggregation Information of Switch 1 5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured.
PAGE 77
 Switch 2 configuration Switch 2 configuration interface 1. Set System Priority of the trunk group. The default is 1. 2. Select a trunk group ID by pull down the drop-down menu bar. 3. Enable LACP. 4. Include the member ports by clicking the button after selecting the port number and the column field of Work Ports changes automatically.
PAGE 78
Aggregation Information of Switch 2 5. Click on the tab of Aggregator Information to check the trunked group information as the illustration shown above after the two switches configured.
PAGE 79
6.15.3 State Activity Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the state activity for the members of the LACP trunk group. You can tick or cancel the checkbox beside the state label. When you remove the tick mark of the port and click , the port state activity will change to Passive.  Active: The port automatically sends LACP protocol packets.
PAGE 80
State Activity of Switch 2 73
PAGE 81
6.16 Port Mirroring The Port mirroring is a method for monitor traffic in switched networks. Traffic through ports can be monitored by one specific port, which means traffic goes in or out monitored (source) ports will be duplicated into mirror (destination) port.  Destination Port: There is only one port can be selected to be destination (mirror) port for monitoring both RX and TX traffic which come from source port.
PAGE 82
6.17 Rate Limiting You can set up every port’s bandwidth rate and frame limitation type.  Ingress Limit Frame type: select the frame type that wants to filter. There are four frame types for selecting:  All  Broadcast/Multicast/Flooded Unicast  Broadcast/Multicast  Broadcast only Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Bbroadcast only types are only for ingress frames. The egress rate only supports All type.
PAGE 83
is 10Mbps, users can set it’s effective egress rate is 1Mbps, ingress rate is 500Kbps. The switch performs the ingress rate by packet counter to meet the specified rate   Ingress: Enter the port effective ingress rate (The default value is “0”).  Egress: Enter the port effective egress rate (The default value is “0”).
PAGE 84
6.18 VLAN configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the same VLAN will receive traffic from the ones of the same VLAN. Basically, creating a VLAN on a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still plugged into the same switch physically. This switch supports Port-based and 802.
PAGE 85
6.18.1 Port-based VLAN A port-based VLAN basically consists of its members—ports, which means the VLAN is created by grouping the selected ports. This method provides the convenience for users to configure a simple VLAN easily without complicated steps. Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.
PAGE 86
 Pull down the selection item and focus on Port Based then press to set the VLAN Operation Mode in Port Based mode.  Click to add a new VLAN group (The maximum VLAN groups are up to 64). VLAN—Port Based Add interface  Enter the group name and VLAN ID. Add the selected port number into the right field to group these members to be a VLAN group, or remove any of them listed in the right field from the VLAN.  And then, click to have the configuration take effect.
PAGE 87
 You will see the VLAN list displays. VLAN—Port Based Edit/Delete interface  Use to delete the VLAN.  Use to modify group name, VLAN ID, or add/remove the members of the existing VLAN group. [NOTE] Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off.
PAGE 88
6.18.2 802.1Q VLAN Virtual Local Area Network (VLAN) can be implemented on the switch to logically create different broadcast domain. When the 802.1Q VLAN function is enabled, all ports on the switch belong to default VLAN of VID 1, which means they logically are regarded as members of the same broadcast domain. The valid VLAN ID is in the range of number between 1 and 4094. The amount of VLAN groups is up to 256 including default VLAN that cannot be deleted. Each member port of 802.
PAGE 89
802.1Q Configuration  Pull down the selection item and focus on 802.1Q then press to set the VLAN Operation Mode in 802.1Q mode.  Enable GVRP Protocol: GVRP (GARP VLAN Registration Protocol) is a protocol that facilitates control of virtual local area networks (VLANs) within a larger network. GVRP conforms to the IEEE 802.1Q specification, which defines a method of tagging frames with VLAN configuration data.
PAGE 90
 Trunk Link: A segment which provides the link path for one or more VLAN-aware devices (switches). A Trunk Port, connected to the trunk link, has an understanding of tagged frame, which is used for the communication among VLANs across switches. Which frames of the specified VIDs will be forwarded depends on the values filled in the Tagged VID column field. Please insert a comma between two VIDs. Note: 1.
PAGE 91
802.1Q VLAN interface Group Configuration Edit the existing VLAN Group.  Select the VLAN group in the table list.  Click .
PAGE 92
Group Configuration interface  You can modify the VLAN group name and VLAN ID. Group Configuration interface  Click .
PAGE 93
6.19 Rapid Spanning Tree The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will auto-detect the connected device that is running STP or RSTP protocol. 6.19.1 RSTP System Configuration  The user can view spanning tree information of Root Bridge.  The user can modify RSTP state. After modification, click  .
PAGE 94
RSTP System Configuration interface 87
PAGE 95
6.19.2 Port Configuration This web page provides the port configuration interface for RSTP. You can assign higher or lower priority to each port. Rapid spanning tree will have the port with the higher priority in forwarding state and block other ports to make certain that there is no loop in the LAN.  Select the port in the port column field.  Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200,000,000.
PAGE 96
RSTP Port Configuration interface 89
PAGE 97
6.20 SNMP Configuration Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP. 6.20.
PAGE 98
SNMP System Configuration interface 91
PAGE 99
6.20.2 Trap Configuration A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is defined, no traps will be issued. To define a management station as a trap manager, assign an IP address, enter the SNMP community strings, and select the SNMP trap version.  IP Address: Enter the IP address of the trap manager.  Community: Enter the community string for the trap station.  Trap Version: Select the SNMP trap version type—v1 or v2c.
PAGE 100
6.20.3 SNMPV3 Configuration Configure the SNMP V3 function. Context Table Configure SNMP v3 context table. Assign the context name of context table. Click to add context name. User Table Configure SNMP v3 user table..  User ID: set up the user name.  Authentication Password: set up the authentication password.  Privacy Password: set up the private password.  Click to add context name.  Click to remove unwanted context name. Group Table Configure SNMP v3 group table.
PAGE 101
SNMP V3 configuration interface Access Table Configure SNMP v3 access table.  Context Prefix: set up the context name.  Group Name: set up the group.  Security Level: select the access level.  Context Match Rule: select the context match rule.  Read View Name: set up the read view.  Write View Name: set up the write view.  Notify View Name: set up the notify view.  Click to add context name.  Click to remove unwanted context name.
PAGE 102
MIBview Table Configure MIB view table.  ViewName: set up the name.  Sub-Oid Tree: fill the Sub OID.  Type: select the type – exclude or included.  Click to add context name.  Click to remove unwanted context name.
PAGE 103
6.21 QoS Configuration Quality of Service (QoS) is the ability to provide different priority to different applications, users or data flows, or to guarantee a certain level of performance to a data flow.
PAGE 104
QoS Configuration interface 97
PAGE 105
6.21.2 Port-based Priority Configure the priority level for each port. With the drop-down selection item of Priority Type above being selected as Port-based, this control item will then be available to set the queuing policy for each port.  Port x: Each port has 4 priority levels—High, Middle, Low, and Lowest—to be chosen.  Click to have the configuration take effect. 6.21.3 COS Configuration Set up the COS priority level.
PAGE 106
When the IP packet is received, the system will check the TOS level value in the IP packet that has received. For example, the user sets the TOS level 25 as high, the system will check the TOS value of the received IP packet. If the TOS value of received IP packet is 25 (priority = high), and then the packet priority will have highest priority.  Click to have the configuration take effect.
PAGE 107
6.22 IGMP Configuration The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts that support IGMP. Enabling IGMP allows the ports to detect IGMP queries, report packets, and manage IP multicast traffic through the switch.
PAGE 108
IGMP Configuration interface 101
PAGE 109
6.23 X-Ring X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms between them are not the same. In the X-Ring topology, every switch should be enabled with X-Ring function and two ports should be assigned as the member ports in the ring. Only one switch in the X-Ring group would be set as the master switch that one of its two member ports would be blocked, called backup port, and another port is called working port.
PAGE 110
Enable Couple Ring string label.  Couple Port: Assign the member port which is connected to the other ring group.  Control Port: When the Enable Couple Ring checkbox is ticked, you have to assign the control port to form a couple-ring group between the two X-rings.  Enable Dual Homing: Set up one of the ports on the switch to be the Dual Homing port. For a switch, there is only one Dual Homing port. Dual Homing function works only when the X-Ring function enabled.
PAGE 111
6.24 LLDP Configuration Link Layer Discovery Protocol (LLDP) is defined in the IEEE 802.1AB, it is an emerging standard which provides a solution for the configuration issues caused by expanding LANs. LLDP specifically defines a standard method for Ethernet network devices such as switches, routers and wireless LAN access points to advertise information about themselves to other nodes on the network and store the information they discover. LLDP runs on all 802 media.
PAGE 112
6.25 Security—802.1X/Radius Configuration 802.1x is an IEEE authentication specification which prevents the client from accessing a wireless access point or wired switch until it provides authority, like the user name and password that are verified by an authentication server (such as RADIUS server). 6.25.1 System Configuration After enabling the IEEE 802.1X function, you can configure the parameters of this function.  IEEE 802.1x Protocol: Enable or disable 802.1x protocol.
PAGE 113
802.
PAGE 114
6.25.2 Port Configuration You can configure the 802.1x authentication state for each port. The state provides Disable, Accept, Reject, and Authorize.  Reject: The specified port is required to be held in the unauthorized state.  Accept: The specified port is required to be held in the authorized state.  Authorize: The specified port is set to the Authorized or Unauthorized state in accordance with the outcome of an authentication exchange between the Supplicant and the authentication server.
PAGE 115
802.
PAGE 116
6.25.3 Misc Configuration  Quiet Period: Set the period which the port doesn’t try to acquire a supplicant.  TX Period: Set the period the port waits for retransmit next EAPOL PDU during an authentication session.  Supplicant Timeout: Set the period of time the switch waits for a supplicant response to an EAP request.  Server Timeout: Set the period of time the switch waits for a server response to an authentication request.
PAGE 117
6.26 MAC Address Table Use the MAC address table to ensure the port security. 6.26.1 Static MAC Address You can add a static MAC address that remains in the switch's address table regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. Via this interface, you can add / modify / delete a static MAC address.
PAGE 118
Static MAC Addresses interface 111
PAGE 119
6.26.2 MAC Filtering By filtering MAC address, the switch can easily filter the pre-configured MAC address and reduce the un-safety. You can add and delete filtering MAC address. MAC Filtering interface  MAC Address: Enter the MAC address that you want to filter.  Click  If you want to delete the MAC address from the filtering table, select the MAC address and click . .
PAGE 120
6.26.3 All MAC Addresses You can view all of the MAC addresses learned by the selected port.  Select the port number.  The selected port of static & dynamic MAC address information will be displayed in here.  Click to clear the dynamic MAC addresses information of the current port shown on the screen.
PAGE 121
6.26.4 MAC Address Table—Multicast Filtering Multicasts are similar to broadcasts, they are sent to all end stations on a LAN or VLAN. Multicast filtering is the function, which end stations can receive the multicast traffic if the connected ports had been included in the specific multicast groups. With multicast filtering, network devices only forward multicast traffic to the ports that are connected to the registered end stations.  IP Address: Assign a multicast group IP address in the range of 224.0.0.
PAGE 122
Multicast Filtering interface 115
PAGE 123
6.27 Power over Ethernet This segment shows the Power over Ethernet function. PoE Status  Actual Power Consumption: This column shows the real-time total power consumption.  Main Supply Voltage: This column shows the output voltage of the system for PoE ports.  Firmware Version: This column shows the PoE chip’s firmware version.
PAGE 124
subtracted from the pre-capacitance voltage to get a charge rate. If this charge rate is within the window of the PD signatures, the device is considered to be discovered.  And then, click  Port: The index of PoE ports.  Enable State: Check it to enable the PoE function to the port.  Power Limit From: Check it to decide the power limit method.  to carry into effect.
PAGE 125
6.28 Factory Default Reset switch to default configuration. Click to reset all configurations to the default value.
PAGE 126
6.29 Save Configuration Save all configurations that you have made in the system. To ensure the all configuration will be saved. Click to save the all configuration to the flash memory.
PAGE 127
6.30 System Reboot Reboot the switch in software reset. Click to reboot the system.
PAGE 128
Troubles shooting  Verify that is using the right power cord/adapter (DC 24-48V), please don’t use the power adapter with DC output higher than 48V, or it may damage this device.  Select the proper UTP/STP cable to construct the user network.
PAGE 129
Appendix A—RJ45 Pin Assignment RJ45 Pin Assignments The UTP/STP ports will automatically sense for Fast Ethernet (10Base-T/100Base-TX connections), or Gigabit Ethernet (10Base-T/100Base-TX/1000Base-T connections). Auto MDI/MDIX means that the switch can connect to another switch or workstation without changing straight through or crossover cabling. See the figures below for straight through and crossover cable schematic.
PAGE 130
 3 Transmit Data plus (TD+) Receive Data plus (RD+) 6 Transmit Data minus (TD-) Receive Data minus (RD-) 10/100Base-TX Cable Schematic The following two figures show the 10/100Base-TX cable schematic. Straight-through cable schematic Cross over cable schematic  10/100/1000Base-TX Pin outs The following figure shows the 10/100/1000 Ethernet RJ45 pin outs.
PAGE 131
 10/100/1000Base-TX Cable Schematic Straight through cables schematic 124
PAGE 132
Cross over cables schematic 125
PAGE 133
RJ45 Pin Assignment of PoE With 100BASE-TX/10BASE-T cable, pins 1 and 2 are used for transmitting data, and pins 3 and 6 for receiving data; pins 4, 5, 7 and 8 are used for power supplying.   Pin out of Cisco non-802.
PAGE 134
 Pin out of PoE Endspan Hub/Switch Pin Signal / Name 1 TX+/VCC+ 2 TX-/VCC+ 3 TX+/VCC- 4 5 6 TX-/VCC- 7 8 Note ‘+’ and ‘-‘ signs represent the polarity of the wires that make up each wire pair. Before you power PD, please check the RJ45 connector pin assignment follow IEEE802.3af standard; otherwise you may need to change one of the RJ45 connector pin assignment attached with the UTP cable.
PAGE 135
Appendix B—Command Sets Commands Set List User EXEC E Privileged EXEC P Global configuration G VLAN database V Interface configuration I System Commands Set Netstar Commands show config Level Description E Example Show switch switch>show config configuration show terminal P Show console switch#show terminal information write memory P Save user switch#write memory configuration into permanent memory (flash rom) system name G [System Name] system location G G [System Description] sy
PAGE 136
[Ip-address] [Subnet- address of switch mask] [Gateway] ip dhcp 192.168.1.1 255.255.255.0 192.168.1.
PAGE 137
[Hours] dhcpserver ipbinding (in hour) I [IP address] leasetime 1 Set static IP for DHCP switch(config)#interface clients by port fastEthernet 2 switch(config)#dhcpserver ipbinding 192.168.1.
PAGE 138
telnet server Port Commands Set Netstar Commands interface fastEthernet Level Description G [Portid] duplex I [full | half] Example Choose the port for switch(config)#interface modification. fastEthernet 2 Use the duplex switch(config)#interface configuration fastEthernet 2 command to specify switch(config-if)#duplex full the duplex mode of operation for Fast Ethernet.
PAGE 139
bandwidth type all I Set interface ingress switch(config)#interface limit frame type to fastEthernet 2 “accept all frame” switch(config-if)#bandwidth type all bandwidth type I Set interface ingress switch(config)#interface broadcast-multicast- limit frame type to fastEthernet 2 flooded-unicast “accept broadcast, switch(config-if)#bandwidth type multicast, and flooded broadcast-multicast-floodedbandwidth type I broadcast-multicast unicast frame” unicast Set interface ingress switch(co
PAGE 140
and zero means no limit. show bandwidth I Show interfaces switch(config)#interface bandwidth control fastEthernet 2 switch(config-if)#show bandwidth state I [Enable | Disable] Use the state interface switch(config)#interface configuration fastEthernet 2 command to specify switch(config-if)#state Disable the state mode of operation for Ethernet ports. Use the disable form of this command to disable the port.
PAGE 141
Trunk Commands Set Netstar Commands aggregator priority Level Description G [1~65535] aggregator activityport G Example Set port group system switch(config)#aggregator priority priority 22 Set activity port switch(config)#aggregator [Group ID] activityport 2 [Port Numbers] aggregator group G Assign a trunk group switch(config)#aggregator group [GroupID] [Port-list] with LACP active.
PAGE 142
comma(ex.
PAGE 143
port [PortNumbers] show vlan [GroupID] or show vlan no vlan group [GroupID] V Show VLAN switch(vlan)#show vlan 23 information V Delete port base switch(vlan)#no vlan group 2 group ID IEEE 802.1Q VLAN vlan 8021q name [GroupName] vid [VID] V Change the name of switch(vlan)#vlan 8021q name VLAN group, if the test vid 22 group didn’t exist, this command can’t be applied.
PAGE 144
[PortNumber] trunk-link tag VLAN by trunk group trunk-link tag 2,3,6,99 or [TaggedVID List] switch(vlan)#vlan 8021q trunk 3 trunk-link tag 3-20 vlan 8021q trunk [PortNumber] hybrid-link untag [UntaggedVID] tag [TaggedVID List] V Assign a hybrid link for switch(vlan)#vlan 8021q trunk 3 VLAN by trunk group hybrid-link untag 4 tag 3,6,8 or switch(vlan)#vlan 8021q trunk 3 hybrid-link untag 5 tag 6-8 show vlan [GroupID] or show vlan no vlan group [GroupID] V Show VLAN switch(vlan)#show vlan 23 infor
PAGE 145
protocol data unit (BPDU) message from the root switch within this interval, it recomputed the Spanning Tree Protocol (STP) topology. spanning-tree hello- G time [seconds] Use the spanning-tree switch(config)#spanning-tree hello-time global hello-time 3 configuration command to specify the interval between hello bridge protocol data units (BPDUs).
PAGE 146
command to set the path cost for Spanning Tree Protocol (STP) calculations. In the event of a loop, spanning tree considers the path cost when selecting an interface to place into the forwarding state. stp-path-priority I [Port Priority] Use the spanning-tree switch(config)#interface port-priority interface fastEthernet 2 configuration switch(config-if)#stp-path-priority command to configure 128 a port priority that is used when two switches tie for position as the root switch.
PAGE 147
interface. switch(config-if)#stp-admin-nonstp False show spanning-tree E Displays a summary of switch>show spanning-tree the spanning-tree states. no spanning-tree G Disable spanning-tree.
PAGE 148
igmp enable G Enable IGMP switch(config)#igmp enable snooping function Igmp query auto G Set IGMP query to switch(config)#igmp query auto auto mode Igmp query force G Set IGMP query to switch(config)#igmp query force force mode igmp unregister flooding G Set unregister stream switch(config)#igmp unregister flooding igmp unregister G blocking show igmp flooding Set unregister stream switch(config)#igmp unregister blocking P configuration flooding Displays the details of switch#show igm
PAGE 149
LLDP Commands Set Netstar Commands Level Description Example lldp enable G Enable LLDP function switch(config)#lldp enable lldp interval [Time sec] G Configure LLDP switch(config)#lldp interval 20 interval Mac / Filter Table Commands Set Netstar Commands mac-address-table static Level Description I Example Configure MAC Switch(config)#interface hwaddr address table of fastEthernet 2 [MAC] interface (static).
PAGE 150
no mac-address-table G Remove dynamic switch(config)#no mac-address- entry of MAC address table table SNMP Commands Set Netstar Commands snmp system-name Level Description G [System Name] snmp system-location G [System Location] snmp system-contact G [System Contact] snmp agent-mode G [v1v2c|v3|v1v2cv3] snmp community- Example Set SNMP agent switch(config)#snmp system- system name name l2switch Set SNMP agent switch(config)#snmp system- system location location lab Set SNMP agent swi
PAGE 151
[Group Name] Privacy password password could be empty.
PAGE 152
[User Name] user of SNMPv3 Test agent. no snmpv3 access G Remove specified Switch(config)#no snmpv3 context-name [Context access table of access context-name Test group Name ] SNMPv3 agent.
PAGE 153
port of monitor function monitor tx [Port ID] G Set TX destination switch(config)#monitor tx 3 port of monitor function show monitor P Show port monitor switch#show monitor information show monitor I Show port monitor switch(config)#interface information fastEthernet 2 switch(config-if)#show monitor no monitor I Disable source port of switch(config)#interface monitor function fastEthernet 2 switch(config-if)#no monitor 802.
PAGE 154
8021x system G Use the 802.1x switch(config)# 8021x system accountport system account port accountport 1813 [port ID] global configuration command to change the accounting port 8021x system sharedkey G [ID] Use the 802.1x Switch(config)# 8021x system system share key sharedkey 123456 global configuration command to change the shared key value. 8021x system nasid G [words] Use the 802.
PAGE 155
8021x misc G servertimeout [sec.] Use the 802.1x misc Switch(config)#8021x misc server timeout global servertimeout 20 configuration command to set the server timeout. 8021x misc maxrequest G [number] Use the 802.1x misc Switch(config)# 8021x misc max request global maxrequest 3 configuration command to set the MAX requests. 8021x misc G reauthperiod [sec.] Use the 802.
PAGE 156
backup G flash:backup_cfg Save configuration to Switch(config)#backup TFTP and need to flash:backup_cfg specify the IP of TFTP server and the file name of image. restore G flash:restore_cfg Get configuration from Switch(config)#restore TFTP server and need to flash:restore_cfg specify the IP of TFTP server and the file name of image.
PAGE 157
[IP address] smtp sender G [sendername] smtp authentication smtp account G G [account] smtp password server IP 192.168.1.5 Configure sender of switch(config)#smtp snder mail aaa@bbb.
PAGE 158
Down|Both] switch(config-if)#event smtp both show event P Show event selection switch#show event no event device-cold- G Disable cold start switch(config)#no event device- event type cold-start start no event authentication- G failure no event ring-topology- G change Disable Authentication switch(config)#no event failure event typ authentication-failure Disable X-ring switch(config)#no event ring- topology changed topology-change event type no event systemlog I Disable port event for
PAGE 159
SNTP Commands Set Netstar Commands Level Description Example sntp enable G Enable SNTP function switch(config)#sntp enable sntp daylight G Enable daylight saving switch(config)#sntp daylight time, if SNTP function is inactive, this command can’t be applied. sntp daylight-period G [Start time] [End time] Set period of daylight switch(config)# sntp daylight- saving time, if SNTP period 20060101-01:01 function is inactive, 20060202-01:01 this command can’t be applied.
PAGE 160
number sntp sync-interval G [Secs] show sntp P Set synchronization switch(config)#sntp sync-interval interval 64 Show SNTP switch#show sntp information show sntp timezone P Show index number of switch#show sntp timezone time zone list no sntp G Disable SNTP function switch(config)#no sntp no sntp daylight G Disable daylight switch(config)#no sntp daylight saving time X-ring Commands Set Netstar Commands Level Description Example ring enable G Enable X-ring switch(config)#ring enab
PAGE 161
no ring couplering G Disable couple ring switch(config)# no ring couplering no ring dualhoming G Disable dual homing switch(config)# no ring dualhoming PoE Commands Set Netstar Commands poe system knockoff- Level Description Example P Enter POE configure mode switch#poe P Set PoE system Port Knockoff Disabled switch(poe)# system knockoffdisabled disable P Set PoE system AC Disconnect switch(poe)# system acdisconnect disable P Set PoE system Capacitive Detection switch(poe)# system capa
PAGE 162
ComNet Customer Service Customer Care is ComNet Technology’s global service center, where our professional staff are ready to answer your questions at any time. Email address of ComNet Global Service Center: customercare@ComNet.