VigorSwitch P2260 User’s Guide Version: 1.0 Date: 2008/12/08 Cop27 yright 2008 All rights reserved.
Copyright Information Copyright Declarations Copyright 2008 All rights reserved. This publication contains information that is protected by copyright. No part may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language without written permission from the copyright holders. Trademarks The following trademarks are used in this document: z Microsoft is a registered trademark of Microsoft Corp.
European Community Declarations Manufacturer: Address: Product: DrayTek Corp. No. 26, Fu Shing Road, HuKou County, HsinChu Industrial Park, Hsin-Chu, Taiwan 303 VigorSwitch Series Device The product conforms to the requirements of Electro-Magnetic Compatibility (EMC) Directive 2004/108/EC by complying with the requirements set forth in EN55022/Class A and EN55024/Class A.
Table of Contents 1 Preface ...............................................................................................................1 1.1 Overview ................................................................................................................................. 1 1.2 Features .................................................................................................................................. 2 1.3 Packing List..............................................................
2.8.2 Tag-based Group............................................................................................................ 55 2.8.3 PVID................................................................................................................................ 56 2.8.4 Port-based Group ........................................................................................................... 57 2.8.5 Management VLAN .................................................................................
2.19.2 Loopback Test ............................................................................................................ 110 2.19.3 Ping Test..................................................................................................................... 110 2.20 TFTP Server....................................................................................................................... 111 2.21 Log ...........................................................................................
1 Preface In this user’s manual, it will not only tell you how to install and connect your network system but configure and monitor the VigorSwitch P2260 through the built-in CLI and web by RS-232 serial interface and Ethernet ports step-by-step. Many explanations in detail of hardware and software functions are shown as well as the examples of the operation for web-based interface and command-line interface (CLI). 1.
Below shows key features of this device: QoS Support Quality of Service by the IEEE 802.1P standard. There are two priority queue and packet transmission schedule using Weighted Round Robin (WRR). User-defined weight classification of packet priority can be based on either VLAN tag on packets or user-defined port priority. Spanning Tree Support IEEE 802.1D, IEEE 802.1w (RSTP: Rapid Spanning Tree Protocol) standards. VLAN Support Port-based VLAN and IEEE802.1Q Tag VLAN.
z In 24-Port PoE L2 Managed Fast Ethernet Switch with 2 SFP Dual Media switch, it supports 2 Gigabit dual media ports(TP/SFP) and 2 slots for removable SFP module supporting 1000M SFP fiber module z Supports on-line pluggable fiber transceiver modules z Supports 256KB packet buffer and 128KB control memory z Maximal packet length can be up to 1536 bytes z Full-duplex flow control (IEEE802.
z Supports diagnostics to let administrator knowing the hardware status z Supports external loopback test to check if the link is ok z TFTP for firmware upgrade, system log upload and config file import/export z Supports remote boot the device through user interface and SNMP z Supports network time synchronization and daylight saving z Supports 120 event log records in the main memory and display on the local console 1.
There are 24 TP Fast Ethernet ports and 2 slots for optional removable modules on the front panel of the switch. LED display area, locating on the front panel, contains a ACT, Power LED and 26 ports working status of the switch. LED Explanation LED ACT Color Green Explanation Blinks when CPU is active.
User Interfaces on the Rear Panel One RS-232 DB-9 interface is offered for configuration or management.
1.5 Hardware Installation At the beginning, please do first: ¾ Wear a grounding device to avoid the damage from electrostatic discharge ¾ Be sure you have inserted the power cord to power source 1.5.1 Connecting the SFP Fiber Transceiver to the Chassis The optional SFP modules are hot swappable, so you can plug or unplug it before or after powering on. 1. Verify that the SFP module is the right model and conforms to the chassis 2. Slide the module along the slot.
1.5.2 Installing Optional SFP Fiber Transceivers to the switch If you have no modules, please skip this section. 1.5.3 Installing Chassis to a 19-Inch Wiring Closet Rail Caution: Allow a proper spacing and proper air ventilation for the cooling fan at both sides of the chassis. 1. Wear a grounding device for electrostatic discharge. 2. Screw the mounting accessory to the front side of the switch (See Fig. 2-2). 3.
Cabling Requirements for 1000SX/LX SFP Module It is more complex and comprehensive contrast to TP cabling in the fiber media. Basically, there are two categories of fiber, multi mode (MM) and single mode (SM). The later is categorized into several classes by the distance it supports. They are SX, LX, LHX, XD, and ZX. From the viewpoint of connector type, there mainly are LC and BIDI LC.
Sum up all elements’ bit-time delay and the overall bit-time delay of wires/devices must be within Round Trip Delay (bit times) in a half-duplex network segment (collision domain). For full-duplex operation, this will not be applied. You may use the TP-Fiber module to extend the TP node distance over fiber optic and provide the long haul connection. Typical Network Topology in Deployment A hierarchical network with minimum levels of switch may reduce the timing delay between server and client station.
The same VLAN members could not be in different switches. Every VLAN members could not access VLAN members each other. The switch manager has to assign different names for each VLAN groups at one switch. Case 3: Port-based VLAN - 2 VLAN1 members could not access VLAN2, VLAN3 and VLAN4 members. VLAN2 members could not access VLAN1 and VLAN3 members, but they could access VLAN4 members. VLAN3 members could not access VLAN1, VLAN2 and VLAN4.
Case 4: The same VLAN members can be at different switches with the same VID 12 VigorSwitch P2260 User’s Guide
1.5.5 Configuring the Management Agent of Switch We offer you three ways to startup the switch management function. They are RS-232 console, CLI, and Web. Users can use any one of them to monitor and configure the switch. You can touch them through the following procedures.
4. Stop bits 1 Data bits 8 Parity N Flow control none When you complete the connection, then press key. The login prompt will be shown on the screen. The default username and password are shown as below: Username = admin Password = admin Additionally, if a user connects VigorSwitch to VigorPro router, he also can access into VigorPro web configuration page to find out External Devices menu item. Then click the new added switch icon to open the web configuration of VigorSwitch.
Configuring the Management Agent of VigorSwitch P2260 through the Ethernet Port There are three ways to configure and monitor the switch through the switch’s Ethernet port. They are CLI, Web browser and SNMP manager. The user interface for the last one is NMS dependent and does not cover here. We just introduce the first two types of management interface.
1. Set up a physical path between the configured the switch and a PC by a qualified UTP Cat. 5 cable with RJ-45 connector. Note: If PC directly connects to the switch, you have to setup the same subnet mask between them. But, subnet mask may be different for the PC in the remote site. 2. Run CLI or web browser and follow the menu. Please refer to Chapter 2.
1.5.6 IP Address Assignment For IP address configuration, there are three parameters needed to be filled in. They are IP address, Subnet Mask, Default Gateway and DNS. IP address: The address of the network device in the network is used for internetworking communication. Its address structure looks is shown below. It is “classful” because it is split into predefined address classes or categories. Each class has its own network range between the network identifier and host identifier in the 32 bits address.
Class D and E: Class D is a class with first 4 MSB (Most significance bit) set to 1-1-1-0 and is used for IP Multicast. See also RFC 1112. Class E is a class with first 4 MSB set to 1-1-1-1 and is used for IP broadcast. According to IANA (Internet Assigned Numbers Authority), there are three specific IP address blocks reserved and able to be used for extending internal network. We call it Private IP address and list below: Class A 10.0.0.0 --- 10.255.255.255 Class B 172.16.0.0 --- 172.31.255.
In this diagram, you can see the subnet mask with 25-bit long, 255.255.255.128, contains 126 members in the sub-netted network. Another is that the length of network prefix equals the number of the bit with 1s in that subnet mask. With this, you can easily count the number of IP addresses matched. The following table shows the result. Prefix Length No. of IP matched No.
First, IP Address: as shown above, enter “192.168.1.1”, for instance. For sure, an IP address such as 192.168.1.x must be set on your PC. Second, Subnet Mask: as shown above, enter “255.255.255.0”. Any subnet mask such as 255.255.255.x is allowable in this case. DNS: The Domain Name Server translates human readable machine name to IP address. Every machine on the Internet has a unique IP address. A server generally has a static IP address.
1.6 Typical Applications The 24-Port PoE L2 Managed Fast Ethernet Switch with 2 SFP Dual Media implements 24 Fast Ethernet TP ports with auto MDIX and 2 Gigabit dual media ports with SFP for removable module supported comprehensive fiber types of connection, including LC, BiDi LC for SFP. For more details on the specification of the switch, please refer to Appendix A. The switch is suitable for the following applications.
22 ¾ Daisy-Chain Fiber Network Connection ¾ Uninterrupted Power Supply for IP Phone Application VigorSwitch P2260 User’s Guide
2 Operation of Web-based Management This chapter instructs you how to configure and manage the switch through the web user interface it supports, to access and manage the 24-Port 10/100Mbps TP and 2-Port Gigabit TP/SFP Fiber management Ethernet switch.
2.1 Web Management Home Overview After you login, the switch shows you the system information as shown below. This page is default and tells you the basic information of the system, including “Model Name”, “System Description”, “Location”, “Contact”, “Device Name”, “System Up Time”, “Current Time”, “BIOS Version”, “Firmware Version”, “Hardware-Mechanical Version”, “Serial Number”, “Host IP Address”, “Host MAC Address”, “Device Port”, “RAM Size” and “Flash Size”.
if a module is present. The image of module depends on the one you inserted. The same, if disconnected, the port will show just dark, if linked, green. In this device, there are clicking functions on the panel provided for the information of the ports. These are very convenient functions for browsing the information of a single port. When clicking the port on the front panel, an information window for the port will be pop out. It shows the basic information of the clicked port.
2.1.2 System Information Function name: System Information Function description: Show the basic system information.
Parameter description: Model name: The model name of this device. System description: Type the device description to identity what the device is. Location: Type the device location description for management. Contact: For easily managing and maintaining device, you may write down the contact person and phone here for getting help soon. You can configure this parameter through the device’s user interface or SNMP. Device name: The name of the switch, User-defined. Default is VigorSwitch P2260.
2.1.3 IP Configuration IP configuration is one of the most important configurations in the switch. Without the proper setting, network manager will not be able to manage or view the device. The switch supports both manual IP address setting and automatic IP address setting via DHCP server. When IP address is changed, you must reboot the switch to have the setting taken effect and use the new IP to browse for web management and CLI management.
button to update. When DHCP is disabled, Default: 192.168.1.1 If DHCP is enabled, this field is filled by DHCP server and will not allow user manually set it any more. Subnet mask: Subnet mask is made for the purpose to get more network address because any IP device in a network must own its IP address, composed of Network address and Host address, otherwise can’t communicate with other devices each other.
2.1.4 Time Configuration The switch provides manual and automatic ways to set the system time via NTP. Manual setting is simple and you just input “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second” within the valid value range indicated in each item. If you input an invalid value, for example, 61 in minute, the switch will clamp the figure to 59. NTP is a well-known protocol used to synchronize the clock of the switch system time over a network.
Time Zone, the switch will sync the time in a short after pressing button. Though it synchronizes the time automatically, NTP does not update the time periodically without user’s processing. Time Zone is an offset time off GMT. You have to select the time zone first and then perform time sync via NTP because the switch will combine this time zone offset and updated NTP time to come out the local time, otherwise, you will not able to get the correct time.
password but it is necessary to modify the administrator-equivalent identity. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password. Only one administrator is allowed to exist and unable to be deleted. In addition, up to 4 guest accounts can be created.
Rule 3): When only “deny lists” exist, then it will accept all connections, excluding the connection inside of the denying range. Rule 4): When both “accept and deny” lists exist, then it will deny all connections, excluding the connection inside of the accepting range. Rule 5): When both “accept and deny” lists exist, then it will deny all connections, excluding the connection inside of the accepting range and NOT inside of the denying range at the same time.
Parameter description: 34 Name: A name is composed of any letter (A-Z, a-z) and digit (0-9) with maximal 8 characters. VID: The switch supports two kinds of options for managed valid VLAN VID, including “Any” and “Custom”. Default is “Any”. When you choose “Custom”, you can fill in VID number. The valid VID range is 1~4094. IP Range: The switch supports two kinds of options for managed valid IP Range, including “Any” and “Custom”. Default is “Any”.
setup and then press button. Of course, the existed entry also can be modified by pressing this button. Delete: Remove the existed entry of Management Security Configuration from the management security table. 2.1.7 Virtual Stack Function name: Virtual Stack Function description: Virtual Stack Management (VSM) is the group management function. Through the proper configuration of this function, switches in the same LAN will be grouped automatically.
Parameter description: 36 State: It is used for the activation or de-activation of VSM. Default is Disable. Role: The role that the switch would like to play in virtual stack. Two types of roles, including master and slave are offered for option. Default is Master. Group ID: It is the group identifier (GID) which signs for VSM. Valid letters are A-Z, a-z, 0-9, “ - “ and “_” characters.
2.2 Port Configuration Four functions, including Port Status, Port Configuration, Simple Counter and Detail Counter are contained in this function folder for port monitor and management. Each of them will be described in detail orderly in the following sections. 2.2.1 Port Status The function Port Status gathers the information of all ports’ current status and reports it by the order of port number, media, link status, port state, Auto-Negotiation status, speed/duplex, Rx Pause and Tx Pause.
Link: Show that if the link on the port is active or not. If the link is connected to a working-well device, the Link will show the link “Up”; otherwise, it will show “Down”. This is determined by the hardware on both devices of the connection. No default value. State: Show that the communication function of the port is “Enabled” or “Disabled”. When it is enabled, traffic can be transmitted and received via this port. When it is disabled, no traffic can be transferred through this port.
2.2.2 Port Configuration Port Configuration is applied to change the setting of each port. In this configuration function, you can set/reset the following functions. All of them are described in detail below. Function name: Port Configuration Function description: It is used to set each port’s operation mode. The switch supports 3 parameters for each port. They are state, mode and flow control. Parameter description: State: Set the communication capability of the port is Enabled or Disabled.
Media type NWay Speed 100M TP 1000M TP ON/OFF ON/OFF 10/100M Full/Half 10/100/1000M Full for all, Half for 10/100 1000M Full 1000M Fiber ON/OFF Duplex In Auto-negotiation mode, no default value. In Forced mode, default value depends on your setting. Flow Control: There are two modes to choose in flow control, including Symmetric and Asymmetric. If flow control is set Symmetric, both parties can send PAUSE frame to the transmitting device(s) if the receiving port is too busy to handle.
Parameters description: Tx Byte: Total transmitted bytes. Rx Byte: Total received bytes. Tx Packet: The counting number of the packet transmitted. Rx Packet: The counting number of the packet received. Tx Collision: Number of collisions transmitting frames experienced. Rx Error Packet: Number of bad packets received. 2.2.4 Detail Counter The function of Detail Counter collects any information and provides the counting about the traffic of the port, no matter the packet is good or bad.
Parameter description: 42 Rx Unicast Packets: The counting number of the packet received. Rx Octets: Total received bytes. Rx Errors: Number of bad packets received. Rx Unicast Packets: Show the counting number of the received unicast packet. Rx Broadcast Packets: Show the counting number of the received broadcast packet. Rx Multicast Packets: Show the counting number of the received multicast packet. Rx Pause Packets: Show the counting number of the received pause packet.
Packets 256-511 Octets: Number of 256 ~ 511-byte frames in good and bad packets received. Packets 512-1023 Octets: Number of 512 ~ 1023-byte frames in good and bad packets received. Packets 1024- 1522 Octets: Number of 1024-1522-byte frames in good and bad packets received. Tx Packets: The counting number of the packet transmitted. TX Octets: Total transmitted bytes. Tx Unicast Packets: Show the counting number of the transmitted unicast packet.
Parameter description: Vmain: It displays what volt was supplied by the Switch. Imain: The sum of the current that every port supplies. Pconsume: The sum of the power that every port supplies. Power Limit: The maximal power that the switch can supply (Read Only). Temperature: The temperature of the chip on PoE. Port No: Port number. Port On: Show whether the port is supplying the power to the PD or not. AC Disconnect Port Off: Port is turned off due to the AC Disconnect function.
In PoE Port Management function, user can configure the settings about PoE. The switch complies with IEEE 802.3af protocol and be capable of detecting automatically that whether the device linked to the port on the switch is PD (Powered Device) or not. The switch also manage the power supplement based on the Class of the PD, and it will stop supplying the power once the power required by the PD excesses the Class, Short Circuit or over temperature occurs.
The switch will send out looping detection frame to detect the ports on the switch whether they have looping traffic happen. When the switch port receives the looping detection frame from itself, it means there is looping happen in the network. The looping ports will be locked to avoid the looping storm causing all traffic be blocked. Parameter description: Port: User can set up the port (1~26) respectively to set loop detection. State: Enable or Disable the port loop detection.
Basically, it is passive except issuing the trap information. The switch supports a switch to turn on or off the SNMP agent. If you set the field SNMP “Enable”, SNMP agent will be started up. All supported MIB OIDs, including RMON MIB, can be accessed via SNMP manager. If the field SNMP is set “Disable”, SNMP agent will be de-activated, the related Community Name, Trap Host IP Address, Trap and all MIB counters will be ignored.
community name for GET only works for GET function and can’t be applied to other function such as SET and Trap. Default SNMP function: Enable Default community name for GET: public Default community name for SET: private Default community name for Trap: public Default Set function: Enable Default trap host IP address: 0.0.0.0 Default port number:162 Trap: In the switch, there are 6 trap hosts supported. Each of them has its own community name and IP address; is user-definable.
2.6 DHCP Boot The DHCP Boot function is used to spread the request broadcast packet into a bigger time frame to prevent the traffic congestion due to broadcast packets from many network devices which may seek its NMS, boot server, DHCP server and many connections predefined when the whole building or block lose the power and then reboot and recover.
IGMP Snooping Status Function description: IGMP is used to snoop the status of IP multicast groups and display its associated information in both tagged VLAN and non-tagged VLAN networks. Enabling IGMP with either passive or active mode, you can monitor the IGMP snooping information, which contains the multicast member list with the multicast groups, VID and member port.
2.7.2 Allowed Group Function name: Allowed Group Function description: The Allowed Group function allows the IGMP Snooping to set up the IP multicast table based on user’s specific conditions. IGMP report packets that meet the items you set up will be joined or formed the multicast group. Parameter description: IP Range: The switch supports two kinds of options for managed valid IP range, including “Any” and “Custom”. Default is “Any”.
Delete: Remove the existed entry of allowed group configuration from the allowed group. 2.7.3 Static IP Multicast Function name: Static IP Multicast Function description: Set static IP Multicast Group entry for IGMP snooping that you need to configure static group membership entries on an interface. It includes IP address, VID and member port. Parameter description: No.: The entry number. IP: Set Multicast groups IP addresses that are registered on this device.
VLAN Mode Setting Function description: The VLAN Mode Selection function includes five modes: Port-based, Tag- based, Metro Mode, Double-tag and Disable, you can choose one of them by pulling down list and selecting an item. Then, click button, the settings will take effect immediately. Parameter description: VLAN Mode: Port-based Port-based VLAN is defined by port. Any packet coming in or outgoing from any one port of a port-based VLAN will be accepted.
create total up to 64 Tag VLAN groups. Metro Mode The Metro Mode is a quick configuration VLAN environment method on Port-based VLAN. It will create 6 or 7 Port-based VLAN groups. Symmetric Vlan This is a Ingress Rule (Rule 1, The Ingress Filtering Rule 1 is “forward only packets with VID matching this port’s configured VID”.). For example, if port 1 receives a tagged packet with VID=100 (VLAN name=VLAN100), and if Symmetric-Vlan function is enabled, the switch will check if port 1 is a member of VLAN100.
Except Port 25 and Port 26, each port of the switch cannot transmit packets with each other. Each port groups a VLAN with Port 25 and Port 26, thus, total 6 groups consisting of 3 members are formed.4 2.8.2 Tag-based Group Function name: Tag-based Group Configuration Function description: It shows the information of existed Tag-based VLAN Groups, You can also easily create, edit and delete a Tag-based VLAN group by pressing , and function buttons.
Delete Just press the button to remove the selected group entry from the Tag-based group table. Edit Just select a group entry and press the button, then you can modify a group’s description. 2.8.3 PVID Function name: PVID Function description: In PVID Setting, user can input VID number to each port. The range of VID number is from 1 to 4094. User also can choose ingress filtering rule (Rule 2) to each port. The Ingress Filtering Rule 2 is “drop untagged frame”.
Parameter description: Port 1-26: Port number. PVID: This PVID range will be 1-4094. Before you set a number x as PVID, you have to create a Tag-based VLAN with VID x. For example, if port x receives an untagged packet, the switch will apply the PVID (assume as VID y) of port x to tag this packet, the packet then will be forwarded as the tagged packet with VID y. Default Priority It bases on 802.1p QoS and affects untagged packets.
Parameter description: VLAN Name: The name defined by administrator is associated with a VLAN group. Valid letters are A-Z, a-z, 0-9, “ - “ and “_” characters. The maximal length is 15 characters. Add Create a new Port-based VLAN. Input the VLAN name and choose the member by ticking the check box beside the port No., then, press the button to have the setting taken effect.
Edit a group Just select a group entry and press the button, then you can modify a group‘s description and member set. 2.8.5 Management VLAN Function name: Management VLAN Function description: To create a secure VLAN for the switch management interface, all of the management traffic will be sent via an isolated VLAN. This is a security function. It can protect switch management interface, it also can avoid the switch CPU DoS by network attacking.
The management VLAN function default setting is disabled. The management traffic can belong to any VLAN groups. VID: Valid range 1~4094. 2.9 MAC Table MAC Table Configuration gathers many functions, including MAC Table Information, MAC Table Maintenance, Static Forward, Static Filter and MAC Alias, which cannot be categorized to some function type. They are described below. 2.9.
Port: The port that exists in the searched MAC Entry. VID: VLAN Group that MAC Entry exists. State: Display the method that this MAC Entry is built. show “Dynamic MAC” or “Static MAC”. It may 2.9.2 MAC Table Maintenance Function Name: MAC Table Maintenance Function Description: This function can allow the user to set up the processing mechanism of MAC Table. An idle MAC address exceeding MAC Address Age-out Time will be removed from the MAC Table.
2.9.3 Static Forward Function Name: Static MAC Function Description: The function of Static is used to configure MAC’s real manners inside of the switch. Three kinds of manners including static, static with destination drop and static with source drop are contained in this function. As “static” is chosen, assign a MAC address to a specific port, all of the switch’s traffics sent to this MAC address will be forwarded to this port.
dropped. Port: Select the port No. you would like to do setup in the switch. It is 1~26. 2.9.4 MAC Alias Create/Edit or Delete Function name: MAC Alias Function description: MAC Alias function is used to let you assign MAC address a plain English name. This will help you tell which MAC address belongs to which user in the illegal access report. At the initial time, it shows all pairs of the existed alias name and MAC address.
Note: If there are too many MAC addresses learned in the table, we recommend you inputting the MAC address and alias name directly. 2.10 GVRP Configuration GVRP is an application based on Generic Attribute Registration Protocol (GARP), mainly used to automatically and dynamically maintain the group membership information of the VLANs. The GVRP offers the function providing the VLAN registration service through a GARP application.
Then, click the button, the system will take effect immediately. Join Time: Used to declare the Join Time in unit of centisecond. Valid time range: 20 –100 centisecond, Default: 20 centisecond. Leave Time: Used to declare the Leave Time in unit of centisecond. Valid time range: 60 –300 centisecond, Default: 60 centisecond. Leave All Time: A time period for announcement that all registered device is going to be de-registered.
2.10.2 GVRP Counter Function name: GVRP Counter Function description: All GVRP counters are mainly divided into Received and Transmitted two categories to let you monitor the GVRP actions. Actually, they are GARP packets. Parameter description: Received: Total GVRP Packets - Total GVRP BPDU is received by the GVRP application. Invalid GVRP Packets - Number of invalid GARP BPDU is received by the GARP application.
Invalid GVRP Packets - Number of invalid GARP BPDU is transmitted by the GVRP application. LeaveAll Message Packets - Number of GARP BPDU with Leave All message is transmitted by the GARP application. JoinEmpty Message Packets - Number of GARP BPDU with Join Empty message is transmitted by the GARP application. JoinIn Message Packets - Number of GARP BPDU with Join In message is transmitted by the GARP application.
Edit Administrative Control: When you create GVRP group, you can use Administrative Control function to change Applicant Mode and Registrar Mode of GVRP group member. Refresh: Refresh function can help you to see current GVRP group status. 2.11 STP Configuration The Spanning Tree Protocol (STP) is a standardized method (IEEE 802.1D) for avoiding loops in switched networks. When STP is enabled, ensure that only one path is active between any two nodes on the network at a time.
Designated Priority: Show the current root bridge priority. Root Port: Show port number connected to root bridge with the lowest path cost. Root Path Cost: Show the path cost between the root port and the designated port of the root bridge. Current Max. Age: Show the current root bridge maximum age time. Maximum age time is used to monitor if STP topology needs to change.
User can set the following Spanning Tree parameters to control STP function enable/disable, select mode RSTP/STP and affect STP state machine behavior to send BPDU in this switch. The default setting of Spanning Tree Protocol is “Disable”. Parameter description: Spanning Tree Protocol: Set 802.1W Rapid STP function Enable / Disable. Default is “Disable” Bridge Priority: The lower the bridge priority is, the higher priority it has. Usually, the bridge with the highest bridge priority is the root.
as the time spent from Listening state moved to Learning state and also from Learning state moved to Forwarding state of a port in bridge. The forward delay time contains two states, Listening state to Learning state and Learning state to Forwarding state. It assumes that forward delay time is 15 seconds, then total forward delay time will be 30 seconds. This has much to do with the STP convergent time which will be more than 30 seconds because some other factors.
DISCARDING state indicates that this port can neither forward packets nor contribute learning knowledge. Notice: Three other states (Disable state, BLOCKING state and LISTENING state) defined in the 802.1d specification are now all represented as DISCARDING state. LEARNING state indicates this port can now contribute its learning knowledge but cannot forward packets still. FORWARDING state indicates this port can both contribute its learning knowledge and forward packets normally.
Admin Point To Point: We say a port is a point-to-point link, from RSTP’s view, if it is in full-duplex mode but is shared link if it is in half-duplex mode. RSTP fast convergence can only happen on point-to-point links and on edge ports. This can expedite the convergence because this will have the port fast transited to forwarding state. There are three parameters, Auto, True and False, used to configure the type of the point-to-point link.
Ports using Static Trunk as their trunk method can choose their unique Static GroupID (also 1~8, this Static groupID can be the same with another LACP groupID) to form a logic “trunked port”. The benefit of using Static Trunk method is that a port can immediately become a member of a trunk group without any handshaking with its peer port. This is also a disadvantage because the peer ports of your static trunk group may not know that they should be aggregate together to form a “logic trunked port”.
Method: This determines the method a port uses to aggregate with other ports. None - A port does not want to aggregate with any other port should choose this default setting. LACP - A port use LACP as its trunk method to get aggregated with other ports also using LACP. Static - A port use Static Trunk as its trunk method to get aggregated with other ports also using Static Trunk. Group: Ports choosing the same trunking method other than “None” must be assigned a unique Group number (i.e.
2.12.2 Aggregator View Function name: Aggregator View Function description: To display the current port trunking information from the aggregator point of view. Parameter description: 76 Aggregator: It shows the aggregator ID (from 1 to 8) of every port. In fact, every port is also an aggregator, and its own aggregator ID is the same as its own Port No.. Method: Show the method a port uses to aggregate with other ports. Member Ports: Show all member ports of an aggregator (port).
LACP Detail Function name: LACP Detail (LACP Aggregator Detailed Information) Function description: Show the detailed information of the LACP trunking group. Parameter description: Actor: The switch you are watching on. Partner: The peer system from this aggregator’s view. System Priority: Show the System Priority part of a system ID. MAC Address: Show the MAC Address part of a system ID. Port: Show the port number part of an LACP port ID. Key: Show the key value of the aggregator.
2.12.3 LACP System Priority Function name: LACP System Priority Function description: It is used to set the priority part of the LACP system ID. LACP will only aggregate together the ports whose peer link partners are all on a single system. Each system supports LACP will be assigned a globally unique System Identifier for this purpose. A system ID is a 64-bit field comprising a 48-bit MAC Address and 16-bit priority value.
According to IEEE802.1X, there are three components implemented. They are Authenticator, Supplicant and Authentication server shown in figure below. Supplicant: It is an entity being authenticated by an authenticator. It is used to communicate with the Authenticator PAE (Port Access Entity) by exchanging the authentication message when the Authenticator PAE request to it. Authenticator: An entity facilitates the authentication of the supplicant entity.
In the following figure, this is the typical configuration, a single supplicant, an authenticator and an authentication server. B and C is in the internal network, D is Authentication server running RADIUS, switch at the central location acts Authenticator connecting to PC A and A is a PC outside the controlled port, running Supplicant PAE.
The figure below shows the procedure of 802.1X authentication. There are steps for the login based on 802.1X port access control management. The protocol used in the right side is EAPOL and the left side is EAP. 1. At the initial stage, the supplicant A is unauthenticated and a port on switch acting as an authenticator is in unauthorized state. So the access is blocked in this stage. 2. Initiating a session. Either authenticator or supplicant can initiate the message exchange.
connected to the supplicant and under 802.1X control is in the authorized state. The supplicant and other devices connected to this port can access the network. If the authenticator receives a Radius-Access-Reject, it will send an EAP-Failure to the supplicant. This means the supplicant is failed to authenticate. The port it connected is in the unauthorized state, the supplicant and the devices connected to this port won’t be allowed to access the network. 10.
2.13.1 802.1X State Setting Function name: 802.1X State Setting Function description: This function is used to configure the global parameters for RADIUS authentication in 802.1X port security application. Parameter description: Radius Server: RADIUS server IP address for authentication. Default: 192.168.1.1 Port Number: The port number to communicate with RADIUS server for the authentication service. The valid value ranges 1-65535. Default port number is 1812.
2.13.2 802.1X Mode Setting Function name: 802.1X Mode Setting Function description: Set the operation mode of 802.1X for each port. In this device, it supports only Multi-host operation mode. Parameter description: Port Number: Indicate which port is selected to configure the 802.1X operation mode. 802.1X Mode: 802.1X operation mode. There are three options, including Disable, Normal and Advanced 802.1x mode. Default is Disable.
2.13.3 Port Security Management Function name: Port Security Management Function description: Show each port status. In Multi-host mode, it shows the port number and its status, authorized or unauthorized. Parameter description: Port Number: The port number to be chosen to show its 802.1X Port Status. The valid number is Port 1 – 26. Disable Mode: When selecting Disable mode for a port in the function 802.1X Port Mode Configuration, the port is in the uncontrolled port state and does not apply 802.
Parameter description: Port: It is the port number to be selected for configuring its associated 802.1X parameters which are Port control, reAuthMax, txPeriod, Quiet Period, reAuthEnabled, reAuthPeriod, max. Request, suppTimeout, serverTimeout and Controlled direction. Port Control: This is used to set the operation mode of authorization. There are three type of operation mode supported, ForceUnauthorized, ForceAuthorized, Auto.
reAuthEnabled: Choose whether regular authentication will take place in this port. Default: ON reAuthPeriod (1-65535 s): A non-zero number seconds between the periodic re-authentication of the supplicant. Default: 3600 max. Request (1-10): The maximum of number times that the authenticator will retransmit an EAP Request to the supplicant before it times out the authentication session. The valid range: 1 – 10.
Trap: Cold Start, Warm Start, Link Down, Link Up, Authentication Failure, User login, User logout STP: STP Topology Changed, STP Disabled, STP Enabled LACP: LACP Disabled, LACP Enabled, LACP Member Added, LACP Port Failure GVRP: GVRP Disabled, GVRP Enabled VLAN: VLAN Disabled, Port-based VLAN Enabled, Tag-based VLAN Enabled, Metro-mode Vlan Enabled, Double-tag Vlan Enabled Module Swap: Module Inserted, Module Removed, Dual Media Swapped This page only provides fixed event table for user to selec
2.14.2 Email/SMS Configuration Function name: Email/SMS Configuration Function description: Alarm configuration is used to configure the persons who should receive the alarm message via either email or SMS, or both. It depends on your settings. An email address or a mobile phone number has to be set in the web page of alarm configuration (See Fig. 3-60). Then, user can read the trap information from the email or the mobile phone. This function provides 6 email addresses and 6 mobile phone numbers at most.
Password: your username in ISP. Mobile Phone 1-6: the mobile phone number that would like to receive the alarm message. 2.15 Configuration The switch supports three copies of configuration, including the default configuration, working configuration and user configuration for your configuration management. All of them are listed and described below respectively. Default Configuration This is the ex-factory setting and cannot be altered.
2.15.1 Save/Restore Save As Start Configuration Function name: Save As Start Configuration Function description: Save the current configuration as a start configuration file in flash memory. Save As User Configuration Function name: Save As User Configuration Function description: Save the current configuration as a user configuration file in flash memory.
Restore Default Configuration (includes default IP address) Function name: Restore Default Configuration (includes default IP address) Function description: Restore Default Configuration function can retrieve the ex-factory setting to replace the start configuration. And the IP address of the switch will also be restored to 192.168.1.1.
Restore User Configuration Function name: Restore User Configuration Function description: Restore User Configuration function can retrieve the previous confirmed working configuration stored in the flash memory to update start configuration. When completing to restore the configuration, the system’s start configuration is updated and will be changed its system settings after rebooting the system.
2.15.2 Config File Function name: Config File Function description: With this function, user can back up or reload the config files of Save As Start or Save As User via TFTP. Parameter description: Export File Path: Export Start -Export Save As Start’s config file stored in the flash. Export User-Conf - Export Save As User’s config file stored in the flash. Import File Path: Import Start -Import Save As Start’s config file stored in the flash.
2.16 Security 2.16.1 Mirror Function name: Mirror Configuration Function description: Mirror Configuration is to monitor the traffic of the network. For example, we assume that Port A and Port B are Monitoring Port and Monitored Port respectively, thus, the traffic received by Port B will be copied to Port A for monitoring. Parameter description: Mode: Used for the activation or de-activation of Port Mirror function. Default is “Disable”. Monitoring Port: Set up the port for monitoring.
Isolated Group function can let the port be independent of other ports in the Isolated group, and the communication is also forbidden between these ports. But, the ports of the Isolated group are still able to communicate with the ports of the non-Isolated group. With this design, it will be helpful to the administrator to immediately find and solve the port that results in the occurrence of looping problems in the network.
Parameter description: Port Number: Choose the port that you would like this function to work on it. Valid range of the port is 1~26. Rate: Set up the limit of Ingress bandwidth for the port you choose. Incoming traffic will be discarded if the rate exceeds the value you set up in Data Rate field. Pause frames are also generated if flow control is enabled. The format of the packet limits to unicast, broadcast and multicast.
Parameter description: Port Number: Choose the port that you would like this function to work on it. Valid range of the port is 1~26. Rate: Set up the limit of Egress bandwidth for the port you choose. Packet transmission will be delayed if the rate exceeds the value you set up in Data Rate field. Traffic may be lost if egress buffers run full. The format of the packet limits to unicast, broadcast and multicast.
Parameter description: Storm Type: Disable - Disable the function of the bandwidth storm control. Broadcast Storm Control - Enable the function of bandwidth storm control for broadcast packets. Multicast Storm Control - Enable the function of bandwidth storm control for multicast packets. Unknown Unicast Storm Control- Enable the function of bandwidth storm control for unknown unicast packets. These packets are the MAC address that had not completed the learning process yet.
D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED (1bit ). User can randomly control these fields to achieve some special QoS goals. When bits D, T, R, or M set, the D bit requests low delay, the T bit requests high throughput, the R bit requests high reliability, and the M bit requests low cost. DiffServ DSCP Priority act on DSCP field of IP Header.
** VIP/DSCP > TOS > 802.1p (Final result) 2.18.1 Global Function name: QoS Global Config Function description: When you want to use QoS function, please enable QoS Mode in advance. Then you can use MAC Priority, 802.1p Priority, IP TOS Priority, DiffServ DSCP Priority, or VIP Port functions and take effect. In this function, you can Enable QoS Mode. Choose any of Priority Control, such as 802.1p, TOS, DSCP. Moreover, you can select Scheduling Method of WRR (Weighted Round Robin) or Strict Priority.
2.18.2 VIP Function name: VIP Port Function description: When the port is set as VIP Port, the packets enter this port and will have highest transmitting priority. For example, as you choose port 2 is VIP Port, simultaneously transmit packets from port 2 and port 3 to port 1 at speed of 100MB and let congestion happen. The packets for port 3 will be dropped because the packets from port 2 owns highest precedence.
2.18.3 802.1p Function name: 802.1p Priority Mapping Function description: This function will affect the priority of VLAN tag. Based on priority of VLAN tag, it can arrange 0~8 priorities, priorities can map to 4 queues of the switch (queue 0~3) and possess different bandwidth distribution according to your weight setting. Parameter description: Queue: VigorSwitch P2260 User’s Guide Each Priority can select any of Queue 0 ~ Queue 3.
2.18.4 D-Type TOS Function name: TOS Delay Priority Mapping Function description: IP TOS Priority affect TOS fields of IP header, you can find it has 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field could be divided into six subfields as follows, PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
2.18.5 T-Type TOS Function name: TOS Throughput Priority Mapping Function description: IP TOS Priority affect TOS fields of IP header, you can find it has 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field could be divided into six subfields as follows, PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
2.18.6 R-Type TOS Function name: TOS Reliability Priority Mapping Function description: IP TOS Priority affect TOS fields of IP header, you can find it has 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field could be divided into six subfields as follows, PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
2.18.7 M-Type TOS Function name: TOS Monetary Cost Priority Mapping Function description: IP TOS Priority affect TOS fields of IP header, you can find it has 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field could be divided into six subfields as follows, PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit), M-Type (Monetary Cost Priority, 1bit), and UNUSED.
2.18.8 DSCP Function name: DSCP Priority Mapping Function description: In the late 1990s, the IETF redefined the meaning of the 8-bit SERVICE TYPE field to accommodate a set of differentiated services (DS). Under the differentiated services interpretation, the first six bits comprise a codepoint, which is sometimes abbreviated DSCP, and the last two bits are left unused. DSCP can form total 64 (0~63) kinds of Traffic Class based on the arrangement of 6-bit field in DSCP of the IP packet.
2.19 Diagnostics Three functions, including Diagnostics, Loopback Test and Ping Test are contained in this function folder for device self-diagnostics. 2.19.1 Diagnostics Function name: Diagnostics Function description: Diagnostics function provides a set of basic system diagnosis. It let users know that whether the system is health or needs to be fixed. The basic system check includes EEPROM test, UART test, DRAM test and Flash test.
2.19.2 Loopback Test Function name: Loopback Test Function description: In the Loopback Test function, there are two different loopback tests. One is Internal Loopback Test and the other is External Loopback Test. The former test function will not send the test signal outside the switch box. The test signal only wraps around in the switch box. As to the latter test function, it will send the test signal to its link partner. If you do not have them connected to active network devices, i.e.
Parameter description: IP Address: An IP address with the version of v4, e.g. 192.168.1.1. Default Gateway: IP address of the default gateway. 2.20 TFTP Server Function name: TFTP Server Function description: Set up IP address of TFTP server. Parameter description: Specify the IP address where the TFTP server locates. Fill in the IP address of your TFTP server, then press button to have the setting taken effect.
2.21 Log This function shows the log data. The switch provides system log data for users. There are 19 private trap logs, 5 public trap logs. The switch supports total 120 log entries. For more details on log items, please refer to the section of Trap/Alarm Configuration and SNMP Configuration. Function name: Log Data Function description: The Trap Log Data is displaying the log items including all SNMP Private Trap events, SNMP Public traps and user logs occurred in the system. In the report table, No.
2.22 Firmware Upgrade Software upgrade tool is used to help upgrade the software function in order to fix or improve the function. The switch provides a TFTP client for software upgrade. This can be done through Ethernet. Function name: Firmware Upgrade Function description: The switch supports TFTP upgrade tool for upgrading software. If you assure to upgrade software to a newer version one, you must follow two procedures: 1. Specifying the IP address where TFTP server locates.
2.23 Reboot We offer you many ways to reboot the switch, including power up, hardware reset and software reset. You can press the RESET button in the front panel to reset the switch. After upgrading software, changing IP configuration or changing VLAN mode configuration, then you must reboot to have the new configuration taken effect. Here we are discussing is software reset for the “reboot” in the main menu. Function name: Reboot Function description: Reboot the switch.
Parameter description: Auto Logout: VigorSwitch P2260 User’s Guide Default is ON. If it is “ON”, and no action and no key is stroke as well in any function screen more than 3 minutes, the switch will have you logout automatically.
3 Trouble Shooting This section will guide you to solve abnormal situations if you cannot access into the Internet after installing the device and finishing the web configuration. Please follow sections below to check your basic installation status stage by stage. z Checking if the hardware status is OK or not. z Checking if the network connection settings on your computer are OK or not. z Pinging the device from your computer. z Checking if the ISP settings are OK or not.
¾ Check the RS-232 cable is connected well on the console port of the Managed Switch and COM port of PC. ¾ Check if the COM of the PC is enabled. 4. How to configure the Managed Switch? The “Hyperterm” is the terminal program in Win95/98/NT. Users can also use any other terminal programs in Linux/Unix to configure the Managed Switch. Please refer to the user guide of that terminal program.
