Conceptronic CB100S24S & CB100S48S User Manual ©Copyright 2008. All rights reserved.
ENGLISH Table of Contents Preface...............................................................................................................................................iv Intended Readers....................................................................................................................................v Typographical Conventions ........................................................................................................................v Notes, Notices, and Cautions......
ENGLISH Port Mirroring ...................................................................................................................................... 25 TFTP Services ...................................................................................................................................... 26 Multiple Image Services .......................................................................................................................... 27 Firmware Information.............................
ENGLISH Preface The CB100S24S/CB100S48S User Manual is divided into sections that describe the system installation and operating instructions with examples. Section 1: Introduction Describes the Switch and its features. Section 2: Installation Helps you get started with the basic installation of the Switch and also describes the front panel, rear panel, side panels, and LED indicators of the Switch.
ENGLISH Intended Readers The CB100S24S/CB100S48S User Manual contains information for setup and management of the Switch. The term, “the Switch” will be used when referring to both switches. This manual is intended for network managers familiar with network management concepts and terminology. Typographical Conventions Convention Description [] In a command line, square brackets indicate an optional entry.
ENGLISH Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this document, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow. Safety Cautions To reduce the risk of bodily injury, electrical shock, fire, and damage to the equipment, observe the following precautions: • Observe and follow service markings.
ENGLISH • When connecting or disconnecting power to hot-pluggable power supplies, if offered with your system, observe the following guidelines: • Install the power supply before connecting the power cable to the power supply. • Unplug the power cable before removing the power supply. • If the system has multiple sources of power, disconnect power from the system by unplugging all power cables from the power supplies.
ENGLISH Protecting Against Electrostatic Discharge Static electricity can harm delicate components inside your system. To prevent static damage, discharge static electricity from your body before you touch any of the electronic components, such as the microprocessor. You can do so by periodically touching an unpainted metal surface on the chassis. You can also take the following steps to prevent damage from electrostatic discharge (ESD): 1.
ENGLISH Section 1 Introduction • • • • • • CB100S24S/ CB100S48S Switch Description Features Ports Front-Panel Components Side Panel Description Rear Panel Description CB100S24S/CB100S48S These Switches provide unsurpassed performance, fault tolerance, scalable flexibility, robust security, standardbased interoperability and impressive technology to future-proof departmental and enterprise network deployments with an easy migration path.
ENGLISH Ports The following table lists the relative ports that are present within each switch as well as the features and compatibility for each port type present in the CB100S24S and CB100S48S: CB100S24S Description Twenty-four 10/100BASE-T Compliant to following standards, IEEE 802.3 compliance IEEE 802.3u compliance Support Half/Full-Duplex operations All ports support Auto MDI-X/MDI-II cross over IEEE 802.
ENGLISH CB100S48S Description Forty-eight 10/100BASE-T Compliant to following standards, IEEE 802.3 compliance IEEE 802.3u compliance Support Half/Full-Duplex operations All ports support Auto MDI-X/MDI-II cross over IEEE 802.3x Flow Control support for Full-Duplex mode, Back Pressure when Half-Duplex mode, and Head-of-line blocking prevention. Two 1000BaseT/SFP Combo Ports 2 combo 1000BASE-T/SFP ports 1000BASE-T ports compliant to following standards: IEEE 802.3 compliance IEEE 802.
ENGLISH Front-Panel Components CB100S24S • • • • • Twenty-four 10/100Mbps BASE-T ports Two Combo 1000BASE-T/SFP ports located to the right Two 1000BASE-T ports located to the right One female DCE RS-232 DB-9 console port LEDs for Power, Console, Link/Act/Speed for each port Figure 1- 1.
ENGLISH LEDs The following table lists the LEDs along with their corresponding description: Location LED Indicative Color Power Green Per Device Console Green Status Description Solid Light Power On Light off Power Off Solid Light Console on Blinking POST is in progress/ POST is failure.
ENGLISH Installing the SFP ports These Switches are equipped with SFP (Small Form Factor Portable) ports, which are to be used with fiber-optical transceiver cabling in order to uplink various other networking devices for a gigabit link that may span great distances.
ENGLISH SECTION 2 Installation • • • • • Package Contents Before You Connect to the Network Installing the Switch without the Rack Rack Installation Power On Package Contents Open the shipping carton of the Switch and carefully unpack its contents.
ENGLISH Installing the Switch without the Rack When installing the Switch on a desktop or shelf, the rubber feet included with the Switch should first be attached. Attach these cushioning feet on the bottom at each corner of the device. Allow enough ventilation space between the Switch and any other objects in the vicinity. Figure 2 - 1. Prepare Switch for installation on a desktop or shelf Installing the Switch in a Rack The Switch can be mounted in a standard 19" rack.
ENGLISH Mounting the Switch in a Standard 19" Rack CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack. After installing components in a rack, do not pull more than one component out of the rack on its slide assemblies at one time.
ENGLISH Section 3 Connecting the Switch • • • Switch to End Node Switch to Hub or Switch Connecting to Network Backbone or Server NOTE: All 10/100/1000Mbps NWay Ethernet ports can support both MDI-II and MDI-X connections. Switch to End Node End nodes include PCs outfitted with a 10, 100 or 1000 Mbps RJ 45 Ethernet/Fast Ethernet Network Interface Card (NIC) and most routers. An end node can be connected to the Switch via a twisted-pair Category 3, 4, or 5 UTP/STP cable.
ENGLISH Switch to Hub or Switch These connections can be accomplished in a number of ways using a normal cable. • A 10BASE-T hub or switch can be connected to the Switch via a twisted-pair Category 3, 4 or 5 UTP/STP cable. • A 100BASE-TX hub or switch can be connected to the Switch via a twisted-pair Category 5 UTP/STP cable. • A 1000BASE-T switch can be connected to the Switch via a twisted pair Category 5e UTP/STP cable.
ENGLISH Section 4 Introduction to Switch Management • • • • • • • • Management Options Web-based Management Interface Managing User Accounts Command Line Console Interface through the Serial Port Connecting the Console Port (RS-232 DCE) First Time Connecting to the Switch Password Protection IP Address Assignment Management Options This system may be managed through the web-based management, accessible through a web browser.
ENGLISH 9. After you have correctly set up the terminal, plug the power cable into the power receptacle on the back of the Switch. The boot sequence appears in the terminal. 10. After the boot sequence completes, the console login screen displays. 11. If you have not logged into the command line interface (CLI) program, press the Enter key at the User name and password prompts. There is no default user name and password for the Switch. The administrator must first create user names and passwords.
ENGLISH First Time Connecting to the Switch The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch. NOTE: The passwords used to access the Switch are case-sensitive; therefore, "S" is not the same as "s." When you first connect to the Switch, you will be presented with the first login screen. NOTE: Press Ctrl+R to refresh the screen.
ENGLISH Section 5 Web-based Switch Configuration • • • • • • • • • • Introduction Login to Web manager Web-Based User Interface Basic Setup Reboot Basic Switch Setup Network Management Switch Utilities Network Monitoring IGMP Snooping Status Introduction All software functions of the Switch can be managed, configured and monitored via the embedded web-based (HTML) interface.
ENGLISH Web-based User Interface The user interface provides access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to graphically monitor the system status. Areas of the User Interface The figure below shows the user interface. The user interface is divided into three distinct areas as described in the table. Area 2 Area 3 Area 1 Figure 5- 2. Main Web-Manager page Area Function Area 1 Select the folder or window to be displayed.
ENGLISH NOTICE: Any changes made to the Switch configuration during the current session must be saved in the Save Changes web menu (explained below). Web Pages When you connect to the management mode of the Switch with a web browser, a login window is displayed. Enter a user name and password to access the Switch's management mode.
ENGLISH Section 6 Administration • • • • • • • IP Address Port Configuration User Accounts Port Mirroring TFTP Services Multiple Image Services Forwarding & Filtering Device Information This window contains the main settings for all major functions for the Switch and appears automatically when you log on. To return to the Device Information window, click the CB 100S48S Web Management Tool folder.
ENGLISH IGMP Snooping To enable system-wide IGMP Snooping capability select Enabled. IGMP snooping is Disabled by default. Enabling IGMP snooping allows you to specify use of a multicast router only (see below). To configure IGMP Snooping for individual VLANs, use the IGMP Snooping window located in the IGMP Snooping folder contained in the L2 Features folder. Switch 802.1x MAC Address may enable by port or the Switch’s 802.1x function; the default is Disabled.
ENGLISH NOTE: The Switch's factory default IP address is 192.168.0.200 with a subnet mask of 255.255.255.0 and a default gateway of 192.168.0.1. To use the BOOTP or DHCP protocols to assign the Switch an IP address, subnet mask, and default gateway address: Use the Get IP From pull-down menu to choose from BOOTP or DHCP. This selects how the Switch will be assigned an IP address on the next reboot.
ENGLISH Port Settings Click Administration > Port Configuration > Port Settings to display the following window: To configure switch ports: 1. Choose the port or sequential range of ports using the From…To… port pull-down menus. Use the remaining pull-down menus to configure the parameters described below: Figure 6- 3.
ENGLISH The following parameters can be configured: Parameter Description From…. To Use the pull-down menus to select the port or range of ports to be configured. State Toggle this field to either enable or disable a given port or group of ports. Speed/Duplex Toggle the Speed/Duplex field to either select the speed and duplex/half-duplex state of the port. Auto denotes auto-negotiation between 10 and 100 Mbps devices, in full- or half-duplex.
ENGLISH Figure 6- 4.
ENGLISH User Accounts Use the User Account Management window to control user privileges. To view existing User Accounts, open the Administration folder and click on the User Accounts link. This will open the User Account Management window, as shown below. Figure 6- 5. User Accounts window To add a new user, click on the Add button. Figure 6- 6. User Account Modify Table window Add a new user by typing in a User Name, and New Password and retype the same password in the Confirm New Password.
ENGLISH Port Mirroring The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port. You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view details about the packets passing through the first port. This is useful for network monitoring and troubleshooting purposes. To view the Port Mirroring window, click Port Mirroring in the Administration folder. Figure 6- 8.
ENGLISH TFTP Services Trivial File Transfer Protocol (TFTP) services allow the Switch's firmware to be upgraded by transferring a new firmware file from a TFTP server to the Switch. A configuration file can also be loaded into the Switch from a TFTP server. Switch settings can be saved to the TFTP server, and a history log can be uploaded from the Switch to the TFTP server. The TFTP server must be running TFTP server software to perform the file transfer. Figure 6- 9.
ENGLISH Multiple Image Services To configure the files located on the Flash memory, use the following windows to guide you. Firmware Information This window is used to view boot up firmware images. Figure 6- 10. Firmware Information window Config Firmware Image The following window is used to determine which of the two firmware images will be used as the default boot file. You can also delete either of the two images. Figure 6- 11.
ENGLISH To add or edit an entry, define the following parameters and then click Add/Modify: Parameter Description VID The VLAN ID number of the VLAN on which the above Unicast MAC address resides. MAC Address The MAC address to which packets will be statically forwarded. This must be a unicast MAC address. Port Allows the selection of the port number on which the MAC address entered above resides. Click Apply to implement the changes made.
ENGLISH The following parameters can be set: Parameter Description VID The VLAN ID of the VLAN to which the corresponding MAC address belongs. Multicast MAC Address The MAC address of the static source of multicast packets. This must be a multicast MAC address. Port Settings Allows the selection of ports that will be members of the static multicast group. The options are: None - When None is chosen, the port will not be a member of the Static Multicast Group.
ENGLISH Section 7 L2 Features • • • • VLAN Trunking IGMP Snooping Spanning Tree VLANs A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLANs can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN. VLANs also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN.
ENGLISH VLANs to span multiple 802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally. The IEEE 802.1Q standard restricts the forwarding of untagged packets to the VLAN of which the receiving port is a member. The main characteristics of IEEE 802.1Q are as follows: • Assigns packets to VLANs by filtering. • Assumes the presence of a single global spanning tree. • Uses an explicit tagging scheme with one-level tagging.
ENGLISH Figure 7- 2. IEEE 802.1Q Tag The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated. Figure 7- 3. Adding an IEEE 802.1Q Tag Tagging and Untagging Every port on an 802.1Q compliant switch can be configured as tagging or untagging.
ENGLISH dropped. If the destination port is a member of the 802.1Q VLAN, the packet is forwarded and the destination port transmits it to its attached network segment. If the packet is not tagged with VLAN information, the ingress port will tag the packet with its own PVID as a VID (if the port is a tagging port). The switch then determines if the destination port is a member of the same VLAN (has the same VID) as the ingress port. If it does not, the packet is dropped.
ENGLISH Static VLAN Entry In the L2 Features folder, open the VLAN folder and click the Static VLAN Entry link to open the following window: Figure 7- 4. Static VLANs Entry Settings window The 802.1Q Static VLANs window lists all previously configured VLANs by VLAN ID and VLAN Name. To delete an existing 802.1Q VLAN, click the corresponding button under the Delete heading. To create a new 802.1Q VLAN, click the Add button in the 802.1Q Static VLANs window.
ENGLISH Figure 7- 6. 802.1Q Static VLANs window - Modify The following fields can then be set in either the Add or Modify 802.1Q Static VLANs windows: Parameter Description VID Allows the entry of a VLAN ID in the Add dialog box, or displays the VLAN ID of an existing VLAN in the Modify dialog box. VLANs can be identified by either the VID or the VLAN name. VLAN Name Displays the name of the VLAN. Port Settings Allows an individual port to be specified as member of a VLAN.
ENGLISH Trunking Port trunk groups are used to combine a number of ports together to make a single high-bandwidth data pipeline. The Switch supports up to six port trunk groups with 2 to 8 ports in each group. A potential bit rate of 800 Mbps can be achieved. Figure 7- 7. Example of Port Trunk Group The Switch treats all ports in a trunk group as a single port. Data transmitted to a specific host (destination address) will always be transmitted over the same port in a trunk group.
ENGLISH Load balancing is automatically applied to the ports in the aggregated group, and a link failure within the group causes the network traffic to be directed to the remaining links in the group. The Spanning Tree Protocol will treat a link aggregation group as a single link, on the switch level. On the port level, the STP will use the port parameters of the Master Port in the calculation of port cost and in determining the state of the link aggregation group.
ENGLISH IGMP Snooping Internet Group Management Protocol (IGMP) snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host. When enabled for IGMP snooping, the Switch can open or close a port to a specific device based on IGMP messages passing through the Switch. In order to use IGMP Snooping it must first be enabled for the entire Switch (see Device Information).
ENGLISH The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which to modify the IGMP Snooping Settings. VLAN Name This is the VLAN Name that, along with the VLAN ID, identifies the VLAN for which to modify the IGMP Snooping Settings. Query Interval This field is used to set the time (in seconds) between transmitting IGMP queries. Entries between 1 and 65535 seconds are allowed. Default = 125.
ENGLISH Static Router Ports Settings A static router port is a port that has a multicast router attached to it. Generally, this router would have a connection to a WAN or to the Internet. Establishing a router port will allow multicast packets coming from the router to be propagated through the network, as well as allowing multicast messages (IGMP) coming from the network to be propagated to the router.
ENGLISH Click Apply to implement the new settings, Click the Show All Static Router Port Entries link to return to the Current Static Router Port Entries window. Spanning Tree 802.1w Rapid Spanning Tree The Switch implements the Rapid Spanning Tree Protocol (RSTP) as defined by the IEEE 802.1w specification and a version compatible with the IEEE 802.1d STP. RSTP can operate with legacy equipment implementing IEEE 802.1d, however the advantages of using RSTP will be lost. The IEEE 802.
ENGLISH P2P Port A P2P port is also capable of rapid transition. P2P ports may be used to connect to other bridges. Under RSTP, all ports operating in full-duplex mode are considered to be P2P ports, unless manually overridden through configuration. 802.1d and 802.1w Compatibility RSTP can interoperate with legacy equipment and is capable of automatically adjusting BPDU packets to 802.1d format when necessary. However, any segment using 802.
ENGLISH STP Bridge Global Settings To open the following window, open Spanning Tree in the L2 features folder and click the STP Bridge Global Settings link. Figure 7- 14. STP Bridge Global Settings window The following parameters can be set: Parameter Description Spanning Tree Protocol Use the pull-down menu to enable or disable STP globally on the Switch. The default is Disabled.
ENGLISH STP Version Use the pull-down menu to choose the desired version of STP to be implemented on the Switch. There are two choices: STPCompatability - Select this parameter to set the Spanning Tree Protocol (STP) globally on the switch. RSTP - Select this parameter to set the Rapid Spanning Tree Protocol (RSTP) globally on the Switch.
ENGLISH STP Port Settings STP can be set up on a port per port basis. To view the following window click L2 Features > Spanning Tree > STP Port Settings: Figure 7- 15. STP Port Settings window In addition to setting Spanning Tree parameters for use on the switch level, the Switch allows for the configuration of groups of ports, each port-group of which will have its own spanning tree, and will require some of its own configuration settings.
ENGLISH An STP Group spanning tree works in the same way as the switch-level spanning tree, but the root bridge concept is replaced with a root port concept. A root port is a port of the group that is elected based on port priority and port cost, to be the connection to the network for the group. Redundant links will be blocked, just as redundant links are blocked on the switch level. The STP on the switch level blocks redundant links between switches (and similar network devices).
ENGLISH Section 8 CoS • • 802.1p Default Priority 802.1p User Priority The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of CoS (Quality of Service) and benefits of using 802.1p priority queuing. Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously.
ENGLISH Advantages of CoS CoS is an implementation of the IEEE 802.1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority, such as VoIP (voice-over Internet Protocol), web browsing applications, file server applications or video conferencing. Not only can a larger bandwidth be created, but other less critical traffic can be limited, so excessive bandwidth can be saved.
ENGLISH Understanding CoS The Switch has four priority classes of service. These priority classes of service are labeled as 3, the high class to 0, the lowest class. The eight priority tags, specified in IEEE 802.1p are mapped to the Switch's priority classes of service as follows: • Priority 0 is assigned to the Switch's Q1 class. • Priority 1 is assigned to the Switch's Q0 class. • Priority 2 is assigned to the Switch's Q0 class. • Priority 3 is assigned to the Switch's Q1 class.
ENGLISH 802.1p Default Priority The Switch allows the assignment of a default 802.1p priority to each port on the Switch. In the CoS folder, click 802.1p Default Priority, to view the window shown below. Figure 8- 2. 802.1p Default Priority window This window allows you to assign a default 802.1p priority to any given port on the Switch. The priority tags are numbered from 0, the lowest priority, to 7, the highest priority.
ENGLISH 802.1p User Priority When using 802.1p priority mechanism, the packet is examined for the presence of a valid 802.1p priority tag. If the tag is present, the packet is assigned to a programmable egress queue based on the value of the tagged priority. The tagged priority can be designated to any of the available queues. The Switch allows the assignment of a class of service to each of the 802.1p priorities. In the CoS folder, click 802.1p User Priority to view the window shown below. Figure 8- 3.
ENGLISH Section 9 Security • 802.1X 802.1X 802.1x Port-Based and MAC-Based Access Control The IEEE 802.1x standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model.
ENGLISH Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected to a port on the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered by the Switch on the LAN.
ENGLISH Client The Client is simply the endstation that wishes to gain access to the LAN or switch services. All endstations must be running software that is compliant with the 802.1x protocol. For users running Windows XP, that software is included within the operating system. All other users are required to attain 802.1x client software from an outside source. The Client will request access to the LAN and or Switch through EAPOL packets and, in turn will respond to requests from the Switch. Figure 9- 5.
ENGLISH Understanding 802.1x Port-based and MAC-based Network Access Control The original intent behind the development of 802.1x was to leverage the characteristics of point-to-point in LANs. As any single LAN segment in such infrastructures has no more than two devices attached to it, one of which is a Bridge Port. The Bridge Port detects events that indicate the attachment of an active device at the remote end of the link, or an active device becoming inactive.
ENGLISH MAC-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client 802.1X Client Network access controlled port Network access uncontrolled port Figure 9- 8. Example of Typical MAC-Based Configuration In order to successfully make use of 802.
ENGLISH 802.1x Authenticator Settings To configure the 802.1X Authenticator Settings, click Security > 802.1X > 802.1X Authenticator Settings: Figure 9- 9. 802.
ENGLISH To configure the settings by port, click on its corresponding Ports link, which will display the following table to configure: Figure 9- 10. 802.1X Authenticator Settings window (Modify) This window allows users to set the following features: Parameter Description From/To] Enter the port or ports to be set. AdmDir Sets the administrative-controlled direction to either In or Both. If In is selected, control is only exerted over incoming traffic through the port you selected in the first field.
ENGLISH QuietPeriod This allows you to set the number of seconds that the Switch remains in the “Held” state following a failed authentication exchange with the client. The default setting is 60 seconds. SuppTimeout This value determines timeout conditions in the exchanges between the Authenticator and the client. The default setting is 30 seconds. ServerTimeout This value determines timeout conditions in the exchanges between the Authenticator and the authentication server.
ENGLISH Local Users In the Security folder, open the 802.1x folder and click 802.1X User to open the 802.1x User window. This window will allow the user to set different local users on the Switch. Figure 9- 11. Local Users Configuration window Enter a User Name, Password and confirmation of that password. Properly configured local users will be displayed in the Local Users Table at the bottom of the same window.
ENGLISH 802.1X Capability Settings In the Security folder, open the 802.1x folder and click 802.1X Capability Settings to open the 802.1x Capability Settings window. This window will allow the user to set capability settings for each port on the Switch. Figure 9- 12. 802.
ENGLISH This window displays the following information: Parameter Description From and To Select the port or range of ports to be set. Capability This allows the 802.1x Authenticator settings to be applied on a per-port basis. Select Authenticator to apply the settings to the port. When the setting is activated A user must pass the authentication process to gain access to the network. Select None disable 802.1x functions on the port.
ENGLISH RADIUS Server The RADIUS feature of the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing, active hacker. The Web Manager offers three windows. Click Security > 802.1x > RADIUS Server to open the RADIUS Server window shown below: Figure 9- 13. RADIUS Server window This window displays the following information: Parameter Description Succession Choose the desired RADIUS server to configure: First, Second or Third.
ENGLISH Section 10 Monitoring • • • • MAC Address IGMP Snooping Group Browse Router Port Port Access Control MAC Address This allows the Switch's dynamic MAC address forwarding table to be viewed. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch. To view the MAC Address forwarding table, from the Monitoring menu, click the MAC Address link: Figure 10- 1.
ENGLISH The following fields can be viewed or set: Parameter Description VLAN Name Enter a VLAN Name by which to browse the forwarding table. MAC Address Enter a MAC address by which to browse the forwarding table. Port Select the port by using the corresponding pull-down menu. Find Allows the user to move to a sector of the database corresponding to a user defined port, VLAN, or MAC address. VID The VLAN ID of the VLAN of which the port is a member.
ENGLISH IGMP Snooping Group This window allows the Switch’s IGMP Snooping Group Table to be viewed. IGMP Snooping allows the Switch to read the Multicast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch. The number of IGMP reports that were snooped is displayed in the Reports field. To view the IGMP Snooping Group window, click IGMP Snooping Group on the Monitoring menu: Figure 10- 2.
ENGLISH Browse Router Port This displays which of the Switch’s ports are currently configured as router ports. A router port configured by a user (using the Web-based management interfaces) is displayed as a static router port, designated by S. A router port that is dynamically configured by the Switch is designated by D. Figure 10- 3. Browse Router Port window Port Access Control The following windows are used to monitor 802.1x statistics of the Switch, on a per port basis.
ENGLISH The following fields can be viewed: Parameter Description ServerIndex The identification number assigned to each RADIUS Authentication server that the client shares a secret with. ServerIPaddr The identification IP address of the server. UDP Port The UDP port the client is using to send requests to this server. Timeouts The number of authentication timeouts to this server. After a timeout the client may retry to the same server, send to a different server, or give up.
ENGLISH Auth State Auth State is unable to be viewed unless the Switch is set to Port-based or MAC-based for the 802.1X function. This table displays the Authenticator State for each port. To view the Authenticator State, click Monitoring > Port Access Control > Auth State. Figure 10- 5. Authenticator State window The user may select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second.
ENGLISH Reset The Reset function has several options when resetting the Switch. Some of the current configuration parameters can be retained while resetting all other configuration parameters to their factory defaults. NOTE: Only the Reset System option will enter the factory default parameters into the Switch’s non-volatile RAM, and then restart the Switch. All other options enter the factory defaults into the current configuration, but do not save this configuration.
ENGLISH Reboot System The following window is used to restart the Switch. Figure 10- 7. Reboot System window Clicking the Yes radio button will instruct the Switch to save the current configuration to non-volatile RAM before restarting the Switch. Clicking the No radio button instructs the Switch not to save the current configuration before restarting the Switch. All of the configuration information entered from the last time Save Changes was executed, will be lost.
ENGLISH Logout Click the Logout button on the Logout window to immediately exit the Switch. Figure 10- 9.
ENGLISH Appendix A Technical Specifications General Protocols Fiber-Optic IEEE 802.3 10BASE-T Ethernet IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z 1000BASE-T (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1D/S/W Spanning Tree IEEE 802.1Q VLAN IEEE 802.1p Priority Queues IEEE 802.1X Port Based Network Access Control IEEE 802.3ad Link Aggregation Control IEEE 802.3x Full-duplex Flow Control IEEE 802.3 NWay auto-negotiation IEEE802.
ENGLISH Physical and Environmental Internal Power Supply 40W AC Input 100-240Vac, 12V/3.
ENGLISH Power Feature Internal Power Supply Detailed Description 40W AC Input 100-240Vac, 12V/3.33A , 50~60Hz Performance Feature Detailed Description Wire speed on all FE/GE ports Full-wire speed (full-duplex) operation on all FE/GE ports Forwarding Mode Store and Forward Switching Capacity 12.8Gbps for CB100S24S 17.6Gbps for CB100S48S 64 Byte system packet forwarding rate 9.
ENGLISH Port Functions Feature Console Port Detailed Description DCE RS-232 DB-9 for loading factory reset purpose Compliant to following standards, 1. IEEE 802.3 compliance 24 x 10/100BaseT ports 2. IEEE 802.3u compliance 48 x 10/100BaseT ports 3. Support Half/Full-Duplex operations 4. All ports support Auto MDI-X/MDI-II cross over 5. IEEE 802.3x Flow Control support for Full-Duplex mode, Back Pressure when Half-Duplex mode, and Head-of-line blocking prevention.
ENGLISH Appendix B System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch.
ENGLISH Category Event Description Port link down Console Web Telnet Log Content Port link down Successful login through Console Unit , Successful login through Console (Username: ) Severity Informational Informational Login failed through Console Unit , Login failed through Console Warning (Username: ) Logout through Console Unit , Logout through Console (Username: ) Informational Console session timed out Unit ,
ENGLISH Category Event Description Log Content Severity SNMP SNMP request received with invalid community string SNMP request received from with invalid community string! Informational STP Topology changed Topology changed Informational New Root selected New Root selected Informational BPDU Loop Back on port BPDU Loop Back on Port Warning Spanning Tree Protocol is enabled Spanning Tree Protocol is enabled Informational Spanning Tree Protocol is disabled Spa
ENGLISH Category Event Description Login failed through Web authenticated by AAA local method Log Content Login failed failed through Web from authenticated by AAA local method (Username: , MAC: ) Severity Warning Successful login through Successful login through Web(SSL) from Web(SSL) authenticated by AAA authenticated by AAA local local method method (Username: , MAC: ) Informational Login failed through Web(SSL) authenticated by AAA local met
ENGLISH Category Event Description Log Content Successful login through Telnet Successful login through Telnet from authenticated by AAA none authenticated by AAA none method method (Username: , MAC: ) Successful login through SSH authenticated by AAA none method Severity Informational Successful login through SSH from Informational authenticated by AAA none method (Username: , MAC: ) Successful login through Console Successful login through Con
ENGLISH Category Event Description Log Content Severity Successful Enable Admin through Successful Enable Admin through Console Informational Console authenticated by AAA authenticated by AAA local_enable method local_enable method (Username: ) Enable Admin failed through Console authenticated by AAA local_enable method Enable Admin failed through Console Warning authenticated by AAA local_enable method (Username: ) Successful Enable Admin through Successful Enable Admin through W
ENGLISH Category Event Description Log Content Severity Successful Enable Admin through Successful Enable Admin through SSH from Informational SSH authenticated by AAA none authenticated by AAA none method method (Username: , MAC: ) Successful Enable Admin through Successful Enable Admin through Console Console authenticated by AAA authenticated by AAA server server (Username: ) Informational Enable Admin failed through Console authenticated by AAA ser
ENGLISH Category Packet Storm Event Description Log Content Severity Safeguard Engine is in filtering packet mode Safeguard Engine enters EXHAUSTED mode Warning Broadcast strom occurrence Port Broadcast storm is occurring Warning Broadcast storm cleared Port Broadcast storm has cleared Informational Multicast storm occurrence Port Multicast storm is occurring Warning Multicast storm cleared Port Multicast storm has Informa
ENGLISH Appendix C Cable Lengths Use the following table to as a guide for the maximum cable lengths.
Appendix D Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE-LX: A long wavelength for a "long haul" fiber optic cable for a maximum length of 10 kilometers 100BASE-FX: 100Mbps Ethernet implementation over fiber. 100BASE-TX: 100Mbps Ethernet implementation over Category 5 and Type 1 Twisted Pair cabling. 10BASE-T: The IEEE 802.3 specification for Ethernet over Unshielded Twisted Pair (UTP) cabling.
Fast Ethernet: 100Mbps technology based on the Ethernet/CMSA/CD network access method. Flow Control: (IEEE 802.3z) A means of holding packets back at the transmit port of the connected end station. Prevents packet loss at a congested switch port. Forwarding: The process of sending a packet toward its destination by an internetworking device. Full duplex: A system that allows packets to be transmitted and received at the same time and, in effect, doubles the potential throughput of a link.
Server farm: A cluster of servers in a centralized location serving a large user population. SLIP: Serial Line Internet Protocol: A protocol, which allows IP to run over a serial line connection. SNMP: Simple Network Management Protocol: A protocol originally designed to be used in managing TCP/IP internets. SNMP is presently implemented on a wide range of computers and networking equipment and may be used to manage many aspects of network and end station operation.