User's Manual

ManualsBrandsPLANET Technology ManualsLAN Switches8-Port 10/100/1000Mbps + 2-Port 100/1000X SFP Managed Desktop Switch

Table Of Contents

User’s Manual of GSD-1002M

Summary of content (313 pages)

PAGE 1
User’s Manual of GSD-1002M 1
PAGE 2
User’s Manual of GSD-1002M Trademarks Copyright © PLANET Technology Corp. 2014. Contents are subject to revision without prior notice. PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners.
PAGE 3
User’s Manual of GSD-1002M TABLE OF CONTENTS 1. INTRODUCTION.................................................................................................................. 10 1.1 Packet Contents .........................................................................................................................................10 1.2 Product Description ...................................................................................................................................11 1.
PAGE 4
User’s Manual of GSD-1002M 4.2.3 IPv6 Configuration ...............................................................................................................................................40 4.2.4 User Configuration...............................................................................................................................................42 4.2.5 Time Settings.............................................................................................................................
PAGE 5
User’s Manual of GSD-1002M 4.4.5 LACP Port Setting................................................................................................................................................92 4.4.6 LAG Status ..........................................................................................................................................................94 4.5 VLAN....................................................................................................................................
PAGE 6
User’s Manual of GSD-1002M 4.7.4 MLD Snooping...................................................................................................................................................158 4.7.4.1 MLD Setting.............................................................................................................................................158 4.7.4.2 MLD Static Group ...............................................................................................................................
PAGE 7
User’s Manual of GSD-1002M 4.9.1.4 Guest VLAN Setting ................................................................................................................................199 4.9.1.5 Authenticed Host .....................................................................................................................................201 4.9.2 RADIUS Server ................................................................................................................................................
PAGE 8
User’s Manual of GSD-1002M 4.9.12.1 Global Setting ........................................................................................................................................246 4.9.12.2 Port Setting............................................................................................................................................247 4.10 ACL ..................................................................................................................................................
PAGE 9
User’s Manual of GSD-1002M 4.15 Maintenance............................................................................................................................................304 4.15.1 Factory Default ................................................................................................................................................304 4.15.2 Reboot Switch .....................................................................................................................................
PAGE 10
User’s Manual of GSD-1002M 1. INTRODUCTION Thank you for purchasing 8-Port 10/100/1000Mbps + 2-Port 100/1000X SFP Managed Desktop Switch (PoE PD, External PWR), GSD-1002M. “Managed Switch” mentioned in this Guide refers to the GSD-1002M. 1.1 Packet Contents Open the box of the Managed Switch and carefully unpack it.
PAGE 11
User’s Manual of GSD-1002M 1.2 Product Description PLANET GSD-1002M is an 8-port 10/100/1000Mbps + 2-port 100/1000X SFP Managed Desktop Switch specially designed to build a full Gigabit backbone to transmit reliable and forward data to remote network through fiber optic. It provides 8-port 10/100/1000Base-T copper and 2 extra 100/1000Base-X SFP fiber optic interfaces with dual power system.
PAGE 12
User’s Manual of GSD-1002M Handheld Size for FTTD Solution The GSD-1002M provides high-performance edge service and plug-and-play design for FTTD solutions. FTTD (Fiber to the desktop) service is fiber optic cable reliable and expandable, lower-cost wiring architectures with long distance.
PAGE 13
User’s Manual of GSD-1002M 1.3 How to Use This Manual This User Manual is structured as follows: Section 2, INSTALLATION The section explains the functions of the Switch and how to physically install the Managed Switch. Section 3, SWITCH MANAGEMENT The section contains the information about the software function of the Managed Switch. Section 4, WEB CONFIGURATION The section explains how to manage the Managed Switch by Web interface.
PAGE 14
User’s Manual of GSD-1002M ■ Supports Spanning Tree Protocol - STP (Spanning Tree Protocol) - RSTP (Rapid Spanning Tree Protocol) - MSTP (Multiple Spanning Tree Protocol) - STP BPDU Guard, BPDU Filtering and BPDU Forwarding ■ Supports Link Aggregation  IEEE 802.
PAGE 15
User’s Manual of GSD-1002M ■ DoS Attack Prevention ■ SSH/SSL Management ■ IPv4 and IPv6 dual stack management ■ Switch Management Interface - Web switch management Telnet Command Line Interface SNMP v1, v2c and v3 SSH / SSL secure access ■ User Privilege Levels Control ■ Built-in Trivial File Transfer Protocol (TFTP) client ■ BOOTP and DHCP for IP address assignment ■ System Maintenance - Firmware upload/download via HTTP / TFTP Configuration upload / download through Web interface Hardware reset button
PAGE 16
User’s Manual of GSD-1002M 1.5 Product Specifications Product GSD-1002M Hardware Specifications Copper Ports SFP/mini-GBIC Slots 8 x 10/100/1000Base-T RJ45 Auto-MDI/MDI-X ports 2 100/1000Base-X SFP interfaces Supports 100/1000Mbps dual mode and DDM Switch Architecture Store-and-Forward Switch Fabric 20Gbps / non-blocking Switch Throughput@64Bytes 14.8Mpps@64Bytes Address Table 8K entries Share Data Buffer 4.1 megabits Flow Control Jumbo Frame Reset Button IEEE 802.
PAGE 17
User’s Manual of GSD-1002M Spanning Tree Protocol STP / RSTP / MSTP IGMP (v2/v3) Snooping IGMP Snooping IGMP Querier Up to 256 multicast groups MLD Snooping MLD (v1/v2) Snooping, up to 256 multicast groups Access Control List IPv4/IPv6 IP-based ACL / MAC-based ACL 8 mapping ID to 8 level priority queues - Port Number QoS - 802.1p priority - 802.1Q VLAN tag - DSCP field in IP Packet Traffic classification based, Strict priority and WRR IEEE 802.
PAGE 18
User’s Manual of GSD-1002M IEEE 802.1p Class of Service IEEE 802.1Q VLAN Tagging IEEE 802.1x Port Authentication Network Control IEEE 802.1ab LLDP IEEE 802.3af (Power over Ethernet) IEEE 802.
PAGE 19
User’s Manual of GSD-1002M 2. INSTALLATION This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front panel illustrations in this chapter display the unit LED indicators. Before connecting any network device to the Managed Switch, please read this chapter completely. 2.1 Hardware Description 2.1.
PAGE 20
User’s Manual of GSD-1002M 2.1.2 LED Indications The front panel LEDs indicate instant status of port links, data activity and system power, and help monitor and troubleshoot when needed. Figure 2-2 shows the LED indications of these Managed Switches. LED Indication Figure 2-2 GSD-1002M LED panel ■ System LED Color PWR Green Function Lights to indicate that the Switch has power.
PAGE 21
User’s Manual of GSD-1002M 2.1.3 Switch Rear Panel The rear panel of the Managed Switch indicates a DC inlet power socket. Figure 2-3 shows the rear panel of these Managed Switches Rear Panel Figure 2-3 Rear panel of GSD-1002M ■ Gigabit TP Interface 10/100/1000Base-T Copper, RJ-45 Twist-Pair: Up to 100 meters.
PAGE 22
User’s Manual of GSD-1002M 2.2 Installing the Switch This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf, simply complete the following steps. 2.2.
PAGE 23
User’s Manual of GSD-1002M Step5: Supply power to the Managed Switch. Connect one end of the power cable to the Managed Switch. Connect the power plug of the power cable to a standard wall outlet. When the Managed Switch receives power, the Power LED should remain solid Green. 2.2.2 Installing the SFP transceiver The sections describe how to insert an SFP transceiver into an SFP slot. The SFP transceivers are hot-pluggable and hot-swappable.
PAGE 24
User’s Manual of GSD-1002M  MGB-LB40 SFP-Port 1000Base-LX (WDM,TX:1550nm) -40KM Fast Ethernet SFP Transceiver Modules  MFB-FX SFP-Port 100Base-FX Transceiver -2KM  MFB-F20 SFP-Port 100Base-FX Transceiver -20KM  MFB-F60 SFP-Port 100Base-FX Transceiver -60KM  MFB-FA20 SFP-Port 100Base-BX Transceiver (WDM,TX:1310nm) -20KM  MFB-FB20 SFP-Port 100Base-BX Transceiver (WDM,TX:1550nm) -20KM It is recommended to use PLANET SFP on the Managed Switch.
PAGE 25
User’s Manual of GSD-1002M Figure 2-8 How to Pull Out the SFP Transceiver Never pull out the module without lifting up the lever of the module and turning it to a horizontal position. Directly pulling out the module could damage the module and the SFP module slot of the Managed Switch.
PAGE 26
User’s Manual of GSD-1002M 3. SWITCH MANAGEMENT This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (workstation or personal computer) and the system. It also contains information about port connection options.
PAGE 27
User’s Manual of GSD-1002M Method Advantages Disadvantages Web Browser  Ideal for configuring the switch remotely  Compatible with all popular browsers  Security can be compromised (hackers need to know only the IP address and subnet mask)  Can be accessed from any location  May encounter lag times on poor connections  Most visually appealing Remote  Text-based Telnet  Telnet functionality built into Windows  Security can be compromised (hackers need only know the IP address) XP/2003,
PAGE 28
User’s Manual of GSD-1002M Internet Explorer 8.0 or later, Google Chrome, Safari or Mozilla Firefox 1.5 or later. Figure 3-2 Web main screen of Managed Switch 3.4 Remote Telnet The Remote Telnet is an IP-based command line user interface for performing system administration such as displaying statistics or changing option settings.
PAGE 29
User’s Manual of GSD-1002M Figure 3-3: Remote Telnet Interface Main Screen of Industrial Managed Switch 3.5 SNMP-based Network Management You can use an external SNMP-based application to configure and manage the Managed Switch, such as SNMPc Network Manager, HP Openview Network Node Management (NNM) or What’s Up Gold. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string.
PAGE 30
User’s Manual of GSD-1002M 4. WEB CONFIGURATION This section introduces the configuration and functions of the Web-based management. About Web-based Management The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. The Web-based Management supports Internet Explorer 8.0.
PAGE 31
User’s Manual of GSD-1002M  1. Logging on the switch Use Internet Explorer 8.0 or above Web browser. Enter the factory-default IP address to access the Web interface. The factory-default IP Address as following: http://192.168.0.100 2. When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch. The login screen in Figure 4-1-2 appears.
PAGE 32
User’s Manual of GSD-1002M After entering the username and password, the main screen appears as Figure 4-1-3. Figure 4-1-3 Default main page Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.  It is recommended to use Internet Explore 8.0 or above to access Managed Switch.
PAGE 33
User’s Manual of GSD-1002M 4.1 Main Web Page The Managed Switch provides a Web-based browser interface for configuring and managing it. This interface allows you to access the Managed Switch using the Web browser of your choice. This chapter describes how to use the Managed Switch’s Web browser interface to configure and manage it.
PAGE 34
User’s Manual of GSD-1002M Figure 4-1-5 GSD Managed Switch Main Functions Menu Buttons : Click to save changes or reset to default. : Click to logout the Managed Switch. : Click to reboot the Managed Switch. : Click to refresh the page. 4.1.1 Save Button This save button allows to save the running / startup / backup configuration or reset switch in default parameter. The screen in Figure 4-1-6 appears.
PAGE 35
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Save Configuration to Click to save the configuration. For more detailed information, please refer to the FLASH  Restore to Default chapter 4.1.2 Click to reset switch in default parameter. For more detailed information, please refer to the chapter 4.15.1 4.1.2 Configuration Manager The system file folder contains configuration settings. The screen in Figure 4-1-7 appears.
PAGE 36
User’s Manual of GSD-1002M Buttons : Click to save configuration. 4.1.2.1 Saving Configuration In the Managed Switch, the running configuration file stores in the RAM. In the current version, the running configuration sequence of running-config can be saved from the RAM to FLASH by ”Save Configurations to FLASH” function, so that the running configuration sequence becomes the startup configuration file, which is called configuration save.
PAGE 37
User’s Manual of GSD-1002M 4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under the System, the following topics are provided to configure and view the system information: This section has the following items: ■ System Information The switch system information is provided here. ■ IP Configurations Configure the switch-managed IP information on this page. ■ IPv6 Configuration Configure the switch-managed IPv6 information on this page.
PAGE 38
User’s Manual of GSD-1002M  System Location Display the current system location  System Contact Display the current system contact  MAC Address The MAC Address of this Managed Switch.  IP Address The IP Address of this Managed Switch.  Subnet Mask The subnet mask of this Managed Switch.  Gateway The gateway of this Managed Switch.  Loader Version The loader version of this Managed Switch.  Loader Date The loader date of this Managed Switch.
PAGE 39
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Mode Indicates the IP address mode operation. Possible modes are: Static: Enable NTP mode operation. When enable NTP mode operation, the agent forward and to transfer NTP messages between the clients and the server when they are not on the same subnet domain. DHCP: Enable DHCP client mode operation. Enable the DHCP client by checking this box. If DHCP fails and the configured IP address is zero, DHCP will retry.
PAGE 40
User’s Manual of GSD-1002M  Subnet Mask Display the current subnet mask.  Gateway Display the current gateway.  DNS Server 1/2 Display the current DNS server. 4.2.3 IPv6 Configuration The IPv6 Configuration includes the Auto Configuration, IPv6 Address and Gateway. The Configured column is used to view or change the IPv6 configuration. Fill up the Auto Configuration, IPv6 Address and Gateway for the device. The screens in Figure 4-2-4 & Figure 4-2-5 appear.
PAGE 41
User’s Manual of GSD-1002M hexadecimal digits with a colon separates each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can only appear once. It also used a following legally IPv4 address. For example, '::192.1.2.34'.  DHCPv6 Client To enable this Managed Switch to accept a configuration from a Dynamic Host Configuration Protocol version 6 (DHCPv6) server.
PAGE 42
User’s Manual of GSD-1002M 4.2.4 User Configuration This page provides an overview of the current users and privilege type. Currently the only way to login as another user on the web server is to close and reopen the browser. After setup completed, please press “Apply” button to take effect. Please login web interface with new user name and password, the screens in Figure 4-2-6 & Figure 4-2-7 appear.
PAGE 43
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Username Display the current username.  Password Type Display the current password type.  Privilege Type Display the current privilege type.  Modify Click to modify the local user entry. : Delete the current user 4.2.5 Time Settings 4.2.5.1 System Time Configure SNTP on this page. SNTP is an acronym for Simple Network Time Protocol, a network protocol for synchronizing the clocks of computer systems.
PAGE 44
User’s Manual of GSD-1002M SNTP messages between the clients and the server when they are not on the same subnet domain. Disabled: Disable SNTP mode operation.  Manual Time To set time manually.  Year - Select the starting Year.  Month - Select the starting month.  Day - Select the starting day.  Hours - Select the starting hour.  Minutes - Select the starting minute.  Seconds - Select the starting seconds.  Time Zone Allow select the time zone according to current location of switch.
PAGE 45
User’s Manual of GSD-1002M Buttons : Click to apply changes. Figure 4-2-9 Time Information page screenshot The page includes the following fields: Object Description  Current Data/Time Display the current data/time.  SNTP Display the current SNTP state.  Time Zone Display the current time zone.  Daylight Saving Time Display the current daylight saving time state.  Daylight Saving Time Display the current daylight saving time offset state.
PAGE 46
User’s Manual of GSD-1002M The page includes the following fields: Object Description  SNTP Server Address Type the IP address or domain name of the SNTP server.  Server Port Type the port number of the SNTP. Buttons : Click to apply changes. Figure 4-2-11 SNTP Server Informations page screenshot The page includes the following fields: Object Description  SNTP Server Address Display the current SNTP server sddress.  Server Port Display the current SNTP server port. 4.2.
PAGE 47
User’s Manual of GSD-1002M 4.2.6.1 Local Log The switch system local log information is provided here. The local Log screens in Figure 4-2-12 & Figure 4-2-13 appear. Figure 4-2-12 Logging Settings page screenshot The page includes the following fields: Object Description  Logging Service Enabled: Enable logging service operation. Disabled: Disable logging service operation. Buttons : Click to apply changes.
PAGE 48
User’s Manual of GSD-1002M 4.2.6.2 Local Log The switch system local log information is provided here. The local Log screens in Figure 4-2-14 & Figure 4-2-15 appear. Figure 4-2-14 Local Log Target Setting page screenshot The page includes the following fields: Object Description  Target The target of the local log entry. The following target types are supported:  Buffered: Target the buffer of the local log.  File: Target the file of the local log.  Severity The severuty of the local log entry.
PAGE 49
User’s Manual of GSD-1002M Object Description  Status Display the current local log state  Target Display the current local log target  Severity Display the current local log severity  Action : Delete the current status 4.2.6.3 Remote Syslog Configure remote syslog on this page. The Remote Syslog page allows you to configure the logging of messages that are sent to syslog servers or other management stations.
PAGE 50
User’s Manual of GSD-1002M Object Description  Server Address Provide the remote syslog IP address of this switch.  Server Port Provide the port number of remote syslog server. Default Port no.: 514  Severity The severity of the local log entry. The following severity types are supported:  emerg: Emergency level of the system unsable for local log.  alert: Alert level of the immediate action needed for local log.  crit: Critical level of the critical conditions for local log.
PAGE 51
User’s Manual of GSD-1002M 4.2.6.4 Log Message The switch log view is provided here. The Log View screens in Figure 4-2-18, Figure 4-2-19 & Figure 4-2-20 appear. Figure 4-2-18 Log Information Select page screenshot The page includes the following fields: Object Description  Target The target of the log view entry. The following target types are supported:  Buffered: Target the buffered of the log view.  File: Target the file of the log view.  Severity The severity of the log view entry.
PAGE 52
User’s Manual of GSD-1002M Figure 4-2-19 Logging Information page screenshot The page includes the following fields: Object Description  Target Display the current log target.  Severity Display the current log severity.  Categery Display the current log categery  Total Entries Display the current log entries Figure 4-2-20 Logging Messages page screenshot The page includes the following fields: Object Description  No. This is the number for logs.  Timestamp Display the time of log.
PAGE 53
User’s Manual of GSD-1002M 4.2.7 SNMP Management 4.2.7.1 SNMP Overview The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
PAGE 54
User’s Manual of GSD-1002M 4.2.7.2 SNMP System Information Configure SNMP setting on this page. The SNMP System global setting screens in Figure 4-2-21 & Figure 4-2-22 appear. Figure 4-2-21 SNMP Global Setting page screenshot The page includes the following fields: Object Description  Status Indicates the SNMP mode operation. Possible modes are: Enabled: Enable SNMP mode operation. Disabled: Disable SNMP mode operation. Buttons : Click to apply changes.
PAGE 55
User’s Manual of GSD-1002M Figure 4-2-23 SNMPv3 View Table Setting page screenshot The page includes the following fields: Object Description  View Name A string identifying the view name that this entry should belong to. The allowed string length is 1 to 16.  Subtree OID The OID defining the root of the subtree to add to the named view. The allowed string content is digital number or asterisk(*).
PAGE 56
User’s Manual of GSD-1002M The page includes the following fields: Object Description  View Name Display the current SNMP view name  Subtree OID Display the current SNMP subtree OID  OID Mask Display the current SNMP OID mask  View Type Display the current SNMP view type  Action : Delete the view table entry. 4.2.7.4 SNMP Access Group Configure SNMPv3 access group on this page. The entry index keys are Group Name, Security Model and Security Level.
PAGE 57
User’s Manual of GSD-1002M Note: The Security Level applies to SNNPv3 only.  Read View Name Read view name is the name of the view in which you can only view the contents of the agent. The allowed string length is 1 to 16.  Write View Name Write view name is the name of the view in which you enter data and configure the contents of the agent. The allowed string length is 1 to 16.  Notify View Name Notify view name is the name of the view in which you specify a notify, inform, or trap.
PAGE 58
User’s Manual of GSD-1002M 4.2.7.5 SNMP Community Configure SNMP Community on this page. The SNMP Community screens in Figure 4-2-27 & Figure 4-2-28 appear. Figure 4-2-27 Community Setting page screenshot The page includes the following fields: Object Description  Community Name Indicates the community read/write access string to permit access to SNMP agent. The allowed string length is 0 to 16.  Community Mode Indicates the SNMP community supported mode.
PAGE 59
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Community Name Display the current community type.  Group Name Display the current SNMP access group’s name.  View Name Display the current view name.  Access Right Display the current access type.  Delete : Delete the community entry. 4.2.7.6 SNMP User Configure SNMPv3 users table on this page. Each SNMPv3 user is defined by a unique name.
PAGE 60
User’s Manual of GSD-1002M  MD5: An optional flag to indicate that this user using MD5 authentication protocol.  SHA: An optional flag to indicate that this user using SHA authentication protocol. The value of security level cannot be modified if entry already exist. That means you must first ensure that the value is set correctly.  Authentication A string identifying the authentication pass phrase. For both MD5 and SHA Password authentication protocol, the allowed string length is 8 to 16.
PAGE 61
User’s Manual of GSD-1002M 4.2.7.7 SNMPv1, 2 Notification Recipients Configure SNMPv1 and 2 notification recipients on this page. The SNMPv1, 2 Notification Recipients screens in Figure 4-2-31 & Figure 4-2-32 appear. Figure 4-2-31 SNMPv1, 2 Notification Recipients page screenshot The page includes the following fields: Object Description  Server Address Indicates the SNMP trap destination address. It allow a valid IP address in dotted decimal notation ('x.y.z.w'). And it also allow a valid hostname.
PAGE 62
User’s Manual of GSD-1002M Figure 4-2-32 SNMPv1, 2 Host Status page screenshot The page includes the following fields: Object Description  Server Address Display the current server address.  SNMP Version Display the current SNMP version.  Notify Type Display the current notify type.  Community Name Display the current community name.  UDP Port Display the current UDP port.  Time Out Display the current time out.  Retries Display the current retry times.
PAGE 63
User’s Manual of GSD-1002M last characters must not be a dot or a dash. Indicates the SNMP trap destination IPv6 address. IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:). For example, 'fe80::215:c5ff:fe03:4dc7'. The symbol '::' is a special syntax that can be used as a shorthand way of representing multiple 16-bit groups of contiguous zeros; but it can appear only once. It can also represent a legally valid IPv4 address.
PAGE 64
User’s Manual of GSD-1002M 4.2.7.9 SNMP Engine ID Configure SNMPv3 Engine ID on this page. The entry index key is Engine ID. The remote engine ID is used to compute the security digest for authenticating and encrypting packets sent to a user on the remote host. The SNMPv3 Engine ID Setting screens in Figure 4-2-35 & Figure 4-2-36 appear.
PAGE 65
User’s Manual of GSD-1002M 4.2.7.10 SNMP Remote Engine ID Configure SNMPv3 remote Engine ID on this page. The SNMPv3 Remote Engine ID Setting screens in Figure 4-2-37 & Figure 4-2-38 appear. Figure 4-2-37 SNMPv3 Remote Engine ID Setting page screenshot The page includes the following fields: Object Description  Remote IP Address Indicates the SNMP remote engine ID address. It allow a valid IP address in dotted decimal notation ('x.y.z.w'). And it also allow a valid hostname.
PAGE 66
User’s Manual of GSD-1002M Object Description  Remote IP Address Display the current remote IP address  Engine ID Display the current engine ID  Action : Delete the remote IP address entry.
PAGE 67
User’s Manual of GSD-1002M 4.3 Port Management Use the Port Menu to display or configure the Managed Switch's ports.
PAGE 68
User’s Manual of GSD-1002M  Speed Select any available link speed for the given switch port. Draw the menu bar to select the mode.  Duplex  Auto - Setup Auto negotiation.  Auto-10M - Setup 10M Auto negotiation.  Auto-100M - Setup 100M Auto negotiation.  Auto-1000M - Setup 1000M Auto negotiation.  Auto-10/100M - Setup 10/100M Auto negotiation.  10M - Setup 10M Force mode.  100M - Setup 100M Force mode.  1000M - Setup 1000M Force mode.
PAGE 69
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Port This is the logical port number for this row.  Description Click to indicate the port name.  Enable State Display the current port state.  Link Status Display the current link status.  Speed Display the current speed status of the port.  Duplex Display the current duplex status of the port.  Flow Control Display the current flow control configuration of the port.
PAGE 70
User’s Manual of GSD-1002M Figure 4-3-4 Interface Counters page screenshot Object Description  Received Octets The total number of octets received on the interface, including framing characters.  Received Unicast The number of subnetwork-unicast packets delivered to a higher-layer protocol. Packets  Received Nuknown Unicast Packets  Received Discards Packets The number of packets received via the interface which were discarded because of an unknown or unsupported protocol.
PAGE 71
User’s Manual of GSD-1002M  Received Broadcast Packets  Transmit Multicast Packets The number of packets, delivered by this sub-layer to a higher (sub-)layer, which were addressed to a broadcast address at this sub-layer. The total number of packets that higher-level protocols requested betransmitted, and which were addressed to a multicast address at this sub-layer, including those that were discarded or not sent.
PAGE 72
User’s Manual of GSD-1002M operating in full-duplex mode.  Frame Too Longs A count of frames received on a particular interface that exceed the maximum permitted frame size.  Symbol Errors The number of received and transmitted symbol errors.
PAGE 73
User’s Manual of GSD-1002M  Multicast Packets The total number of good frames received that were directed to this multicast address.  CRC / Alignment The number of CRC/alignment errors (FCS or alignment errors). Errors  Undersize Packets The total number of frames received that were less than 64 octets long(excluding framing bits, but including FCS octets) and were otherwise well formed.
PAGE 74
User’s Manual of GSD-1002M 4.3.3 Bandwidth Utilization The Bandwidth Utilization page displays the percentage of the total available bandwidth being used on the ports. Bandwith utilization statistics can be viewed using a line graph. The Bandwidth Utilization screen in Figure 4-3-7 appears.
PAGE 75
User’s Manual of GSD-1002M 4.3.4 Port Mirroring Configure port Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incoming or outgoing packet from one port of a network Switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.
PAGE 76
User’s Manual of GSD-1002M Figure 4-3-9 Port Mirroring Settings page screenshot The page includes the following fields: Object Description  Session ID Set the port mirror session ID. Possible ID are: 1 to 4.  Monitor Session State Enable or disable the port mirroring function.  Destination Port Select the port to mirror destination port.  Allow-ingress Frames from ports that have either source (rx) or destination (tx) mirroring enabled are mirrored to this port.
PAGE 77
User’s Manual of GSD-1002M Object Description  Session ID Display the session ID.  Destination Port This is the mirroring port entry.  Ingress State Display the ingress state.  Source TX Port Display the current TX ports.  Source RX Port Display the current RX ports. 4.3.5 Jumbo Frame This page provides to select the maximum frame size allowed for the switch port. The Jumbo Frame screen in Figure 4-3-11 & Figure 4-3-12 appear.
PAGE 78
User’s Manual of GSD-1002M 4.3.6 Port Error Disabled Configuration This page provides to set port error disable function. The Port Error Disable Configuration screens in Figure 4-3-13 & Figure 4-3-14 appear. Figure 4-3-13 Error Disabled Recovery page screenshot The page includes the following fields: Object Description  Recovery Interval The period (in seconds) for which a port will be kept disabled in the event of a port error is detected (and the port action shuts down the port).
PAGE 79
User’s Manual of GSD-1002M  ARP Rate Limt Enable or disable the port error disabled function to check status by ARP rate limit Buttons : Click to apply changes. Figure 4-3-14 Error Disabled Information page screenshot The page includes the following fields: Object Description  Recovery Interval Display the current recovery interval time.  BPDU Guard Display the current BPDU guard status.  Self Loop Display the current self loop status.
PAGE 80
User’s Manual of GSD-1002M 4.3.7 Port Error Disabled This page provides disable that transitions a port into error disable and the recovery options. The ports were disabled by some protocols such as BPDU Guard, Loopback and UDLD. The Port Error Disable screen in Figure 4-3-15 appears. Figure 4-3-15 Port Error Disable page screenshot The displayed counters are: Object Description  Port Name Display the port for error disable.  Error Disable Reason Display the error disabled reason of the port.
PAGE 81
User’s Manual of GSD-1002M For protected port group to be applied, the Managed switch must first be configured for standard VLAN operation.
PAGE 82
User’s Manual of GSD-1002M Figure 4-3-16 Protected Ports Settings page screenshot The page includes the following fields: Object Description  Port List Select port number for this drop down list.  Port Type Displays protected port types. - Protected: A single stand-alone VLAN that contains one promiscuous port and one or more isolated (or host) ports. This VLAN conveys traffic between the isolated ports and a lone promiscuous port.
PAGE 83
User’s Manual of GSD-1002M 4.3.9 EEE What is EEE EEE is a power saving option that reduces the power usage when there is low or no traffic utilization.EEE works by powering down circuits when there is no traffic. When a port gets data to be transmitted all circuits are powered up. The time it takes to power up the circuits is named wakeup time. The default wakeup time is 17 us for 1Gbit links and 30 us for other link speeds.
PAGE 84
User’s Manual of GSD-1002M Figure 4-3-19 Port Isolation Status page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  EEE State Display the current EEE state. 4.3.10 SFP Module Information Managed switch has supported the SFP module with digital diagnostics monitoring (DDM) function, this feature is also known as digital optical monitoring (DOM).
PAGE 85
User’s Manual of GSD-1002M Figure 4-3-21 Fiber Port Status page screenshot The page includes the following fields: Object Description  OE-Present Display the current SFP OE-present  LOS Display the current SFP LOS 4.3.10.2 SFP Module Detail Status The SFP Module Detail Status screen in Figure 4-3-22 appears. Figure 4-3-22 SFP Module Detail Status page screenshot The page includes the following fields: Object Description  Port The logical port for the settings contained in the same row.
PAGE 86
User’s Manual of GSD-1002M 4.4 Link Aggregation Port Aggregation optimizes port usage by linking a group of ports together to form a single Link Aggregated Groups (LAGs). Port Aggregation multiplies the bandwidth between the devices, increases port flexibility, and provides link redundancy. Each LAG is composed of ports of the same speed, set to full-duplex operations. Ports in a LAG, can be of different media types (UTP/Fiber, or different fiber types), provided they operate at the same speed.
PAGE 87
User’s Manual of GSD-1002M The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection. This feature can expand bandwidth to a device on the network. LACP operation requires full-duplex mode, more detail information refer to the IEEE 802.3ad standard.
PAGE 88
User’s Manual of GSD-1002M Figure 4-4-3 LAG Setting page screenshot The page includes the following fields: Object Description  Load Balance Select load balance algorithm mode: Algorithm MAC Address: The MAC address can be used to calculate the port for the frame. IP/MAC Address: The IP and MAC address can be used to calculate the port for the frame. Buttons : Click to apply changes.
PAGE 89
User’s Manual of GSD-1002M Figure 4-4-5 LAG Management page screenshot The page includes the following fields: Object Description  LAG Select LAG number for this drop down list.  Name Indicates the per LAG name.  Type Indicates the trunk type. Static: Force aggregared selected ports to be a trunk group. LACP: LACP LAG negotiate Aggregated Port links with other LACP ports located on a different device. If the other device ports are also LACP ports, the devices establish a LAG between them.
PAGE 90
User’s Manual of GSD-1002M  Type Display the current typ  Link State Display the link state  Active Member Display the active member  Standby Member Display the standby member  Modify Click to modify LAG configuraiton. 4.4.3 LAG Port Setting This page allows setting configuration for per LAG. The LAG Port Setting screens in Figure 4-4-7 & Figure 4-4-8 appear.
PAGE 91
User’s Manual of GSD-1002M  Flow Control When Auto Speed is selected for a port, this section indicates the flow control capability that is advertised to the link partner. When a fixed-speed setting is selected, that is what is used. Current Rx column indicates whether pause frames on the port are obeyed. Current Tx column indicates whether pause frames on the port are transmitted. The Rx and Tx settings are determined by the result of the last Auto-Negotiation.
PAGE 92
User’s Manual of GSD-1002M 4.4.4 LACP Setting This page is used to configure the LACP system priority setting. The LACP Setting screens in Figure 4-4-9 & Figure 4-4-10 appear. Figure 4-4-9 LACP Setting page screenshot The page includes the following fields: Object Description  System Priority A value which is used to identify the active LACP. The Managed Switch with the lowest value has the highest priority and is selected as the active LACP peer of the trunk group. Buttons : Click to apply changes.
PAGE 93
User’s Manual of GSD-1002M Figure 4-4-11 LACP Port Setting page screenshot The page includes the following fields: Object Description  Port Select Select port number for this drop down list to set LACP port setting.  Priority The Prio controls the priority of the port. If the LACP partner wants to form a larger group than is supported by this device then this parameter will control which ports will be active and which ports will be in a backup role. Lower number means greater priority.
PAGE 94
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Port Name The switch port number of the logical port.  Priority Display the current LACP priority parameter.  Timeout Display the current timeout parameter. 4.4.6 LAG Status This page displays LAG status. The LAG Status screens in Figure 4-4-13 & Figure 4-4-14 appear. Figure 4-4-13 LAG Status page screenshot The page includes the following fields: Object Description  LAG Display the current trunk entry.
PAGE 95
User’s Manual of GSD-1002M Figure 4-4-14 LACP Information page screenshot The page includes the following fields: Object Description  Trunk Display the current trunk ID.  Port Display the current port number.  PartnerSysId The system ID of link partner. This field would be updated when the port receives LACP PDU from link partner.  PnKey Port key of partner. This field would be updated when the port receives LACP PDU from link partner.  AtKey Port key of actor.
PAGE 96
User’s Manual of GSD-1002M “Aggregation”, “Synchronization”, “Collecting”, “Distributing”, “Defaulted”, and “Expired”. The contents could be true or false. If the contents are false, the web shows “_”; if the contents are true, the web shows “A”, “T”, “G”, “S”, “C”, “D”, “F” and “E” for each content respectively.  PnState The partner state field of LACP PDU description.
PAGE 97
User’s Manual of GSD-1002M 4.5 VLAN 4.5.1 VLAN Overview A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN. VLAN also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN.
PAGE 98
User’s Manual of GSD-1002M This section has the following items:  Management VLAN Configures the management VLAN.  Create VLAN Creates thn VLAN group.  Interface Settings Configures mode and PVID on the VLAN port.  Port to VLAN Configures the VLAN membership.  Port VLAN Membership Display the VLAN membership.  Protocol VLAN Group Setting  Protocol VLAN Port Setting Configures the protocol VLAN group. Configures the protocol VLAN port setting.
PAGE 99
User’s Manual of GSD-1002M entire network (assuming all switches on the network are IEEE 802.1Q-compliant). VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown sources. VLAN can also provide a level of security to your network. IEEE 802.
PAGE 100
User’s Manual of GSD-1002M Adding an IEEE802.1Q Tag Dest. Addr. Src. Addr. Length/E. type Dest. Addr. Src. Addr. E. type Priority Tag CFI Data Original Ethernet Old CRC Length/E. type Data New CRC New Tagged Packet VLAN ID ■ Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.
PAGE 101
User’s Manual of GSD-1002M dynamically using GVRP. However, if you want a port on this switch to participate in one or more VLANs, but none of the intermediate network devices nor the host at the other end of the connection supports VLANs, then you should add this port to the VLAN as an untagged port.
PAGE 102
User’s Manual of GSD-1002M Buttons : Click to apply changes. Figure 4-5-2 Management VLAN State page screenshot The page includes the following fields: Object Description  Management VLAN Display the current management VLAN. 4.5.4 Create VLAN Create/delete VLAN on this page. The screens in Figure 4-5-3 & Figure 4-5-4 appear. Figure 4-5-3 VLAN Setting page screenshot The page includes the following fields: Object Description  VLAN List Indicates the ID of this particular VLAN.
PAGE 103
User’s Manual of GSD-1002M Figure 4-5-4 VLAN Table page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID entry.  VLAN Name Display the current VLAN ID name.  VLAN Type Display the current VLAN ID type.  Modify Click to modify VLAN configuraiton. 4.5.5 Interface Settings This Page is used for configuring the Managed Switch port VLAN. The VLAN per Port Configuration Page contains fields for managing ports that are part of a VLAN.
PAGE 104
User’s Manual of GSD-1002M device. Frame Income Income Frame is tagged Income Frame is untagged Leave port is tagged Frame remains tagged Tag is inserted Leave port is untagged Tag is removed Frame remain untagged Frame Leave Table 4-5-1: Ingress / Egress port with VLAN VID Tag / Untag table ■ IEEE 802.1Q Tunneling (Q-in-Q) IEEE 802.1Q Tunneling (QinQ) is designed for service providers carrying traffic for multiple customers across their networks.
PAGE 105
User’s Manual of GSD-1002M the MAN. When leaving the MAN, the tag is stripped and the original VLAN tag with the customer-related VID is again available. This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering with the VLAN tags. All tags use EtherType 0x8100 or 0x88A8, where 0x8100 is used for customer tags and 0x88A8 are used for service provider tags.
PAGE 106
User’s Manual of GSD-1002M By default, the field is set to All.  Ingress Filtering  If ingress filtering is enabled (checkbox is checked), frames classified to a VLAN that the port is not a member of get discarded.  If ingress filtering is disabled, frames classified to a VLAN that the port is not a member of are accepted and forwarded to the switch engine. However, the port will never transmit frames classified to VLANs that it is not a member of.
PAGE 107
User’s Manual of GSD-1002M 4.5.6 Port to VLAN Use the VLAN Static Table to configure port members for the selected VLAN index. This Page allows for adding and deleting port members of each VLAN. The screen in Figure 4-5-7 appears. Figure 4-5-7 Port to VLAN Setting page screenshot The page includes the following fields: Object Description  VLAN ID Select VLAN ID for this drop down list to assign VLAN membership.  Port The switch port number of the logical port.
PAGE 108
User’s Manual of GSD-1002M Buttons : Click to apply changes. 4.5.7 Port VLAN Membership This Page provides an overview of membership status for VLAN users. The VLAN Membership Status screen in Figure 4-5-8 appears. Figure 4-5-8 Port VLAN Membership Table page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Mode Display the current VLAN mode.  Administrative VLANs Display the current administrative VLANs.
PAGE 109
User’s Manual of GSD-1002M Command Usage To configure protocol-based VLANs, follow these steps: 1. First configure VLAN groups for the protocols you want to use. Although not mandatory, we suggest configuring a separate VLAN for each major protocol running on your network. Do not add port members at this time. 2. Create a protocol group for each of the protocols you want to assign to a VLAN using the Protocol VLAN Configuration page. 3.
PAGE 110
User’s Manual of GSD-1002M Figure 4-5-10 Protocol VLAN Group State page screenshot The page includes the following fields: Object Description  Group ID Display the current group ID  Frame Type Display the current frame type  Protocol Value Display the current protocol value  Delete Click to delete the group ID entry. 4.5.9 Protocol VLAN Port Setting This Page allows you to map a already configured Group Name to a VLAN/port for the switch.
PAGE 111
User’s Manual of GSD-1002M Figure 4-5-12 Protocol VLAN Port State page screenshot The page includes the following fields: Object Description  Port Display the current port  Group ID Display the current group ID  VLAN ID Display the current VLAN ID  Delete Click to delete the group ID entry. 4.5.10 GVRP Setting GARP VLAN Registration Protocol (GVRP) defines a way for switches to exchange VLAN information in order to register VLAN members on ports across the network.
PAGE 112
User’s Manual of GSD-1002M VLANs are dynamically configured based on join messages issued by host devices and propagated throughout the network. GVRP must be enabled to permit automatic VLAN registration, and to support VLANs which extend beyond the local switch. The GVRP Global Setting/Informations screens in Figure 4-5-13 & Figure 4-5-14 appear.
PAGE 113
User’s Manual of GSD-1002M : Click to apply changes. Figure 4-5-14 GVRP Global Setting page screenshot The page includes the following fields: Object Description  GVRP Status Display the current GVRP status.  Join Timeout Display the current join timeout parameter.  Leave Timeout Display the current leave timeout parameter.  LeaveAll Timeout Display the current leaveall timeout parameter. 4.5.11 GVRP Port Setting The GVRP Port Setting/Status screen in Figure 4-5-15 & Figure 4-5-16 appear.
PAGE 114
User’s Manual of GSD-1002M  GVRP Enabled Controls whether GVRP is enabled or disabled on port.  Registration Mode By default GVRP ports are in normal registration mode. These ports use GVRP join messages from neighboring switches to prune the VLANs running across the 802.1Q trunk link. If the device on the other side is not capable of sending GVRP messages, or if you do not want to allow the switch to prune any of the VLANs, use the fixed mode.
PAGE 115
User’s Manual of GSD-1002M 4.5.12 GVRP VLAN The GVRP VLAN Database screen in Figure 4-5-17 appears. Figure 4-5-17 GVRP VLAN Database Status page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID.  Member Ports Display the current member ports.  Dynamic Ports Display the current dynamic ports.  VLAN Type Display the current VLAN type. 4.5.
PAGE 116
User’s Manual of GSD-1002M  Empty (Rx/Tx) Display the current empty (TX/RX) packets.  Leave Empty (Rx/Tx) Display the current leave empty (TX/RX) packets.  Join In (Rx/Tx) Display the current join in (TX/RX) packets.  Leave In (Rx/Tx) Display the current leave in (TX/RX) packets.  LeaveAll (Rx/Tx) Display the current leaveall (TX/RX) packets.
PAGE 117
User’s Manual of GSD-1002M 4.5.14 VLAN setting example: - Separate VLANs - 802.1Q VLAN Trunk 4.5.14.1 Two separate 802.1Q VLANs The diagram shows how the Managed Switch handle Tagged and Untagged traffic flow for two VLANs. VLAN Group 2 and VLAN Group 3 are separated VLANs. Each VLAN isolate network traffic so only members of the VLAN receive traffic from the same VLAN members. The screen in Figure 4-5-20 appears and Table 4-5-2 describes the port configuration of the Managed Switches.
PAGE 118
User’s Manual of GSD-1002M 1. While [PC-1] transmit an untagged packet enters Port-1, the Managed Switch will tag it with a VLAN Tag=2. [PC-2] and [PC-3] will received the packet through Port-2 and Port-3.  2. [PC-4],[PC-5] and [PC-6] received no packet. 3. While the packet leaves Port-2, it will be stripped away it tag becoming an untagged packet. 4. While the packet leaves Port-3, it will keep as a tagged packet with VLAN Tag=2. Tagged packet entering VLAN 2 1.
PAGE 119
User’s Manual of GSD-1002M Port-1,Port-2 and Port-3 : VLAN Mode = Hybrid, PVID=2 Port-4,Port-5 and Port-6 : VLAN Mode = Hybrid, PVID=3 3. Assign Tagged/Untagged for each port: VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 = Tagged, Port -4~6 = Excluded. VLAN ID = 3: Port-4 & 5 = Untagged, Port -6 = Tagged, Port-1~3 = Excluded.
PAGE 120
User’s Manual of GSD-1002M 4.5.14.2 VLAN Trunking between two 802.1Q aware switch The most cases are used for “Uplink” to other switches. VLANs are separated at different switches, but they need to access with other switches within the same VLAN group. The screen in Figure 4-5-21 appears. Setup steps 1.
PAGE 121
User’s Manual of GSD-1002M 2. Assign VLAN mode and PVID for each port: Port-1,Port-2 and Port-3 : VLAN Mode = Hybrid, PVID=2 Port-4,Port-5 and Port-6 : VLAN Mode = Hybrid, PVID=3 Port-7 : VLAN Mode = Hybrid, PVID=1 3. Assign Tagged/Untagged for each port: VLAN ID = 1: Port-1~6 = Untagged, Port -7 = Excluded. VLAN ID = 2: Port-1 & 2 = Untagged, Port-3 & 7 = Tagged, Port -4~6 = Excluded.
PAGE 122
User’s Manual of GSD-1002M VLAN ID = 3: Port-4 & 5 = Untagged, Port -6 & 7= Tagged, Port-1~3 = Excluded.
PAGE 123
User’s Manual of GSD-1002M 4.6 Spanning Tree Protocol 4.6.1 Theory The Spanning Tree Protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
PAGE 124
User’s Manual of GSD-1002M  The port identifier of the transmitting port The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.
PAGE 125
User’s Manual of GSD-1002M  From disabled to blocking Figure 4-6-1 STP Port State Transitions You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.
PAGE 126
User’s Manual of GSD-1002M except by setting priority The Bridge Identifier consists of two parts: below) a 16-bit priority and a 48-bit Ethernet MAC address 32768 + MAC Priority A relative priority for each switch – lower 32768 numbers give a higher priority and a greater chance of a given switch being elected as the root bridge Hello Time The length of time between broadcasts of 2 seconds the hello message by the switch Maximum Age Timer Measures the age of a received BPDU for a 20 seconds po
PAGE 127
User’s Manual of GSD-1002M Hello Time – The Hello Time can be from 1 to 10 seconds. This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge. If you set a Hello Time for your Switch, and it is not the Root Bridge, the set Hello Time will be used if and when your Switch becomes the Root Bridge. The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will occur. Max.
PAGE 128
User’s Manual of GSD-1002M Figure 4-6-2 Before Applying the STA Rules In this example, only the default STP values are used.
PAGE 129
User’s Manual of GSD-1002M The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 20,000) on switch A are connected to one (optional) Gigabit port on both switch B and C. The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost = 200,000).
PAGE 130
User’s Manual of GSD-1002M Figure 4-6-4 Global Settings page screenshot The page includes the following fields: Object Description  Enable Enable or disable the STP function. The default value is "Disabled".  BPDU Forward Set the BPDU forward method.  PathCost Method The path cost method is used to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media.
PAGE 131
User’s Manual of GSD-1002M The page includes the following fields: Object Description  STP Display the current STP state.  BPDU Forward Display the current BPDU forward mode.  Cost Method Display the current cost method.  Force Version Display the current force version.  Configuration Name Display the current configuration name.  Configuration Revision Display the current configuration revision. 4.6.3 STP Port Setting This page allows you to configure per port STP settings.
PAGE 132
User’s Manual of GSD-1002M  BPDU Guard Control whether a port explicitly configured as Edge will disable itself upon reception of a BPDU. The port will enter the error-disabled state, and will be removed from the active topology.  P2P MAC Controls whether the port connects to a point-to-point LAN rather than a shared medium. This can be automatically determined, or forced either true or false. Transitions to the forwarding state is faster for point-to-point LANs than for shared media.
PAGE 133
User’s Manual of GSD-1002M Port Type Link Type IEEE 802.1w-2001 Ethernet Half Duplex 2,000,000 Full Duplex 1,000,000 Trunk 500,000 Half Duplex 200,000 Full Duplex 100,000 Trunk 50,000 Full Duplex 10,000 Trunk 5,000 Fast Ethernet Gigabit Ethernet Table 4-6-3 Default STP Path Costs Figure 4-6-7 STP Port Status page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical STP port.
PAGE 134
User’s Manual of GSD-1002M 4.6.4 CIST Instance Setting This Page allows you to configure CIST instance settings. The CIST Instance Setting and Information screens in Figure 4-6-8 & Figure 4-6-9 appear. Figure 4-6-8: CIST Instance Setting Page Screenshot The Page includes the following fields: Object Description  riority Controls the bridge priority. Lower numeric values have better priority.
PAGE 135
User’s Manual of GSD-1002M transmission of the next BPDU will be delayed. Valid values are in the range 1 to 10 BPDU's per second.  Hello Time The time that controls the switch to send out the BPDU packet to check STP current status. Enter a value between 1 through 10. Buttons : Click to apply changes. Figure 4-6-9 CIST Instance Information page screenshot The page includes the following fields: Object Description  Priority Display the current CIST priority.  Max Hop Display the current Max.
PAGE 136
User’s Manual of GSD-1002M 4.6.5 CIST Port Setting This page allows you to configure per port CIST priority and cost. The CIST Port Setting and Status screens in Figure 4-6-10 & Figure 4-6-11 appear. Figure 4-6-10 CIST Port Setting page screenshot The page includes the following fields: Object Description  Port Select Select port number for this drop down list.  Priority Controls the port priority. This can be used to control priority of ports having identical port cost. (See above).
PAGE 137
User’s Manual of GSD-1002M Figure 4-6-11 CIST Port Status page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical STP port.  Indentifier (Priority / Display the current indentifier (Priority / Port ID). Port ID)  External Path Cost Display the current external path cost conf/oper. Conf/Oper  Internal Path Cost Display the current internal path cost/oper. Conf/Oper  Designated Root Display the current designated root bridge.
PAGE 138
User’s Manual of GSD-1002M 4.6.6 MST Instance Configuration This page allows the user to configure MST Instance Configuration. The MST Instance Setting, Information and Status screens in Figure 4-6-12, Figure 4-6-13 & Figure 4-6-14 appear. Figure 4-6-12 MST Instance Setting page screenshot The page includes the following fields: Object Description  MSTI ID Allow assign MSTI ID. The range for the MSTI ID is 1-15.  VLAN List (1-4096) Allow assign VLAN list for special MSTI ID.
PAGE 139
User’s Manual of GSD-1002M Figure 4-6-14 MST Instance Status page screenshot The page includes the following fields: Object Description  MSTI ID Display the MSTI ID.  Regional Root Bridge Display the current designated root bridge.  Internal Root Cost Display the current internal root cost.  Designated Bridge Display the current designated bridge.  Root Port Display the current root port.  Max Age Display the current Max. age.  Forward Delay Display the current forward delay.
PAGE 140
User’s Manual of GSD-1002M 4.6.7 MST Port Setting This page allows the user to inspect the current STP MSTI port configurations, and possibly change them as well. A MSTI port is a virtual port, which is instantiated separately for each active CIST (physical) port for each MSTI instance configured and applicable for the port. The MSTI instance must be selected before displaying actual MSTI port configuration options. This page contains MSTI port settings for physical and aggregated ports.
PAGE 141
User’s Manual of GSD-1002M Figure 4-6-16 MST Port Status page screenshot The page includes the following fields: Object Description  MSTI ID Display the current MSTI ID.  Port The switch port number of the logical STP port.  Indentifier (Priority / Display the current indentifier (priority / port ID) Port ID)  Internal Path Cost Display the current internal path cost configuration / operation Conf/Oper  Regional Root Bridge Display the current regional root bridget.
PAGE 142
User’s Manual of GSD-1002M 4.6.8 STP Statistics This page displays STP statistics. The STP statistics screen in Figure 4-6-17 appears. Figure 4-6-17 STP Statistics page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical STP port.  Configuration BPDUs Display the current configuration BPDUs received.
PAGE 143
User’s Manual of GSD-1002M 4.7 Multicast This section has the following items:  Properties Configures multicast properties.  IGMP Snooping Configures IGMP snooping settings.  IGMP Snooping Statistics Display the IGMP snooping statistics.  MLD Snooping Configures MLD snooping settings  MLD Snooping Statistics Display the MLD snooping statistics.  Multicast Throttling Setting  Multicast Filter Configures multicast throttling setting Configures multicast filter 4.7.
PAGE 144
User’s Manual of GSD-1002M Figure 4-7-2 Properties Inforamtion page screenshot The page includes the following fields: Object Description  Unknow Multicast Action Display the current unknown multicast action status.  Forward Method For IPv4 Display the current IPv4 multicast forward method.  Forward Method For IPv6 Display the current IPv6 multicast forward method. 4.7.
PAGE 145
User’s Manual of GSD-1002M Figure 4-7-3 Multicast Service Figure 4-7-4 Multicast flooding 145
PAGE 146
User’s Manual of GSD-1002M Figure 4-7-5 IGMP Snooping multicast stream control IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group. IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data.
PAGE 147
User’s Manual of GSD-1002M 0x11 Specific Group Membership Query (if Group Address is Present) 0x16 Membership Report (version 2) 0x17 Leave a Group (version 2) 0x12 Membership Report (version 1) IGMP packets enable multicast routers to keep track of the membership of multicast groups, on their respective sub networks. The following outlines what is communicated between a multicast router and a multicast group member using IGMP.
PAGE 148
User’s Manual of GSD-1002M  IGMP Querier – A router, or multicast-enabled switch, can periodically ask their hosts if they want to receive multicast traffic. If there is more than one router/switch on the LAN performing IP multicasting, one of these devices is elected “querier” and assumes the role of querying the LAN for group members. It then propagates the service requests on to any upstream multicast switch/router to ensure that it will continue to receive the multicast service.
PAGE 149
User’s Manual of GSD-1002M Figure 4-7-8 IGMP Snooping Informations page screenshot The page includes the following fields: Object Description  IGMP Snooping Status Dipaly the current IGMP snooping status.  IGMP Snooping Version Display the current IGMP snooping version.  IGMP Snooping V2 Report Display the current IGMP snooping v2 report suppression. Suppression Figure 4-7-9 IGMP Snooping Informations page screenshot The page includes the following fields: Object Description  Entry No.
PAGE 150
User’s Manual of GSD-1002M  Last Member Query Display the current last member query interval. Interval (sec)  Immediate Leave Display the current immediate leave.  Modify Click to edit parameter. 4.7.2.2 IGMP Querier Setting This page provides IGMP Querier Setting. The IGMP Querier Setting screens in Figure 4-7-10 & Figure 4-7-11 appear. Figure 4-7-10 IGMP VLAN Setting page screenshot The page includes the following fields: Object Description  VLAN ID Select VLAN ID for this drop down list.
PAGE 151
User’s Manual of GSD-1002M The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID.  Querier State Display the current querier state.  Querier Status Display the current querier stauts.  Querier Version Display the current querier version.  Querier IP Display the current querier IP. 4.7.2.3 IGMP Static Group Multicast filtering can be dynamically configured using IGMP Snooping and IGMP Query messages as described in above sections.
PAGE 152
User’s Manual of GSD-1002M Buttons : Click to add IGMP router port entry. Figure 4-7-13 IGMP Static Groups page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID  Group IP Address Display the current group IP address  Member Ports Display the current member ports  Modify Click to edit parameter. 4.7.2.4 IGMP Group Table This page provides Multicast Database. The IGMP Group Table screen in Figure 4-7-14 appears.
PAGE 153
User’s Manual of GSD-1002M 4.7.2.5 IGMP Router Setting Depending on your network connections, IGMP snooping may not always be able to locate the IGMP querier. Therefore, if the IGMP querier is a known multicast router/ switch connected over the network to an interface (port or trunk) on your Managed Switch, you can manually configure the interface (and a specified VLAN) to join all the current multicast groups supported by the attached router.
PAGE 154
User’s Manual of GSD-1002M  VLAN ID Display the current VLAN ID.  Static Ports Display the current static ports  Forbidden Ports Display the current forbidden ports  Modify Click Click to edit parameter. to delete the group ID entry. 4.7.2.6 IGMP Router Table This page provides Router Table. The Dynamic, Static and Forbidden Router Table screens in Figure 4-7-17, Figure 4-7-18 & Figure 4-7-19 appear.
PAGE 155
User’s Manual of GSD-1002M Figure 4-7-19 Forbidden Router Table page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID.  Port Mask Display the current port mask. 4.7.2.7 IGMP Forward All This page provides IGMP Forward All. The Forward All screen in Figure 4-7-20 appears.
PAGE 156
User’s Manual of GSD-1002M this VLAN will not be transmitted by the interface. Static: Interface is a member of the IGMP. Buttons : Click to apply changes. 4.7.3 IGMP Snooping Statics This page provides IGMP Snooping Statics. The IGMP Snooping Statics screen in Figure 4-7-20 appears.
PAGE 157
User’s Manual of GSD-1002M  Special Group Query Display current special group query RX RX  Special Group & Display current special group & source query RX Source Query RX  Leave TX Display current leave TX  Report TX Display current report TX  General Query TX Display current general query TX  Special Group Query Display current special group query TX TX  Special Group & Display current special group & source query TX Source Query TX Buttons : Click to clear the IGMP Snooping Statistic
PAGE 158
User’s Manual of GSD-1002M 4.7.4 MLD Snooping 4.7.4.1 MLD Setting This page provides MLD Snooping related configuration. Most of the settings are global, whereas the Router Port configuration is related to the current unit, as reflected by the page header. The MLD Snooping Setting, Information and Table screens in Figure 4-7-21, Figure 4-7-22 & Figure 4-7-23 appear.
PAGE 159
User’s Manual of GSD-1002M Object Description  MLD Snooping Status Display the current MLD snooping status  MLD Snooping Version Display the current MLD snooping version  MLD Snooping Report Display the current MLD snooping report suppression Suppression Figure 4-7-23 MLD Snooping Table page screenshot The page includes the following fields: Object Description  Entry No. Display the current entry number.  VLAN ID Display the current VLAN ID.
PAGE 160
User’s Manual of GSD-1002M 4.7.4.2 MLD Static Group The MLD Static Group configuration screens in Figure 4-7-24 & Figure 4-7-25 appear. Figure 4-7-24 Add MLD Static Group page screenshot The page includes the following fields: Object Description  VLAN ID Select VLAN ID for this drop down list.  Group IP Address The IP address for a specific multicast service  Member Ports Select port number for this drop down list. Buttons : Click to add IGMP router port entry.
PAGE 161
User’s Manual of GSD-1002M 4.7.4.3 MLD Group Table This page provides MLD Group Table. The MLD Group Table screen in Figure 4-7-26 appears. Figure 4-7-26 MLD Group Table page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VID.  Group IP Address Display multicast IP address for a specific multicast service.  Member Port Display the current member port.  Type Member types displayed include Static or Dynamic, depending on selected options.
PAGE 162
User’s Manual of GSD-1002M Object Description  VLAN ID Selects the VLAN to propagate all multicast traffic coming from the attached multicast router.  Type Sets the Router port type. The types of Router port as below: Static Forbid  Static Ports Select Specify which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or MLD querier.  Forbid Port Select Specify which ports un-act as router ports.
PAGE 163
User’s Manual of GSD-1002M Figure 4-7-29 Dynamic Router Table page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID.  Port Display the current dynamic router ports  Expiry Time (Sec) Display the current expiry time Figure 4-7-30 Static Router Table page screenshot The page includes the following fields: Object Description  VLAN ID Display the current VLAN ID.  Port Mask Display the current port mask.
PAGE 164
User’s Manual of GSD-1002M 4.7.4.6 MLD Forward All This page provides MLD Forward All. The Forward All screen in Figure 4-7-32 appears. Figure 4-7-32 Forward All Setting page screenshot The page includes the following fields: Object Description  VLAN ID Select VLAN ID for this drop down list to assign MLD membership.  Port The switch port number of the logical port.
PAGE 165
User’s Manual of GSD-1002M Figure 4-7-33 Forward All Setting page screenshot The page includes the following fields: Object Description  Total RX Display current total RX  Valid RX Display current valid RX  Invalid RX Display current invalid RX  Other RX Display current other RX  Leave RX Display current leave RX  Report RX Display current report RX  General Query RX Display current general query RX  Special Group Query Display current special group query RX RX  Special Group &
PAGE 166
User’s Manual of GSD-1002M  Special Group Query Display current special group query TX TX  Special Group & Display current special group & source query TX Source Query TX Buttons : Click to clear the MLD Snooping Statistics. : Click to refresh the MLD Snooping Statistics.
PAGE 167
User’s Manual of GSD-1002M 4.7.6 Multicast Throttling Setting Multicast throttling sets a maximum number of multicast groups that a port can join at the same time. When the maximum number of groups is reached on a port, the switch can take one of two actions; either “deny” or “replace”. If the action is set to deny, any new multicast join reports will be dropped. If the action is set to replace, the switch randomly removes an existing group and replaces it with the new multicast group.
PAGE 168
User’s Manual of GSD-1002M Figure 4-7-35 IGMP Port Max Groups Information page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Max Groups Display the current Max groups.  Action Display the current action. 4.7.7 Multicast Filter In certain switch applications, the administrator may want to control the multicast services that are available to end users. For example, an IP/TV service is based on a specific subscription plan.
PAGE 169
User’s Manual of GSD-1002M 4.7.7.1 Multicast Profile Setting The Add Profile and Profile Status screens in Figure 4-7-36 & Figure 4-7-37 appear. Figure 4-7-36 Add Profile Setting page screenshot The page includes the following fields: Object Description  IP Type Select IPv4 or IPv6 for this drop down list.  Profile Index Indicates the ID of this particular profile.  Group from Specifies multicast groups to include in the profile. Specify a multicast group range by entering a start IP address.
PAGE 170
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Index Display the current index  IP Type Display the current IP Type  Group from Display the current group from  Group to Display the current group to  Action Display the current action  Modify Click Click to edit parameter. to delete the MLD/IGMP profile entry. 4.7.7.2 IGMP Filter Setting The Filter Setting and Status screens in Figure 4-7-38 & Figure 4-7-39 appear.
PAGE 171
User’s Manual of GSD-1002M Figure 4-7-39 Port Filter Status page screenshot The page includes the following fields: Object Description  Port Display the current port  Filter Profile ID Display the current filter profile ID  Action Click Click to display detail profile parameter. to delete the IGMP filter profile entry. 4.7.7.3 MLD Filter Setting The Filter Setting and Status screens in Figure 4-7-40 & Figure 4-7-41 appear.
PAGE 172
User’s Manual of GSD-1002M Figure 4-7-41 Port Filter Status page screenshot The page includes the following fields: Object Description  Port Display the current port  Filter Profile ID Display the current filter profile ID  Action Click Click to display detail profile parameter. to delete the MLD filter profile entry.
PAGE 173
User’s Manual of GSD-1002M 4.8 Quality of Service 4.8.1 Understand QoS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic, such as multi-media, video, protocol-specific, time critical, and file-backup traffic. QoS reduces bandwidth limitations, delay, loss, and jitter.
PAGE 174
User’s Manual of GSD-1002M 4.8.2 General 4.8.2.1 QoS Properties The QoS Global Setting and Information screen in Figure 4-8-1 & Figure 4-8-2 appear. Figure 4-8-1 QoS Global Setting page screenshot The page includes the following fields: Object Description  QoS Mode Enable or disable QoS mode Buttons : Click to apply changes. Figure 4-8-2 QoS Information page screenshot The page includes the following fields: Object Description  QoS Mode Display the current QoS mode. 4.8.2.
PAGE 175
User’s Manual of GSD-1002M Figure 4-8-2 QoS Port Setting page screenshot The page includes the following fields: Object Description  Port Select Select port number for this drop down list.  CoS Value Select CoS value for this drop down list.  Remark CoS Disable or enable remark CoS  Remark DSCP Disable or enable remark DSCP  Remark IP Precedence Disable or enable remark IP Precedence Buttons : Click to apply changes.
PAGE 176
User’s Manual of GSD-1002M 4.8.2.3 Queue Settings The Queue Table and Information screens in Figure 4-8-4 & Figure 4-8-5 appear. Figure 4-8-4 Queue Table page screenshot The page includes the following fields: Object Description  Queue Display the current queue ID.  Strict Priority Controls whether the scheduler mode is "Strict Priority" on this switch port.  WRR Controls whether the scheduler mode is "Weighted" on this switch port.  Weight Controls the weight for this queue.
PAGE 177
User’s Manual of GSD-1002M Figure 4-8-5 Queue Information page screenshot The page includes the following fields: Object Description  Information Name Display the current queue method information  Information Value Display the current queue vlaue information 4.8.2.4 CoS Mapping The CoS to Queue and Queue to CoS Mapping screens in Figure 4-8-6 & Figure 4-8-7 appear.
PAGE 178
User’s Manual of GSD-1002M Figure 4-8-7 CoS Mapping page screenshot The page includes the following fields: Object Description  CoS Display the current CoS value  Mapping to Queue Display the current mapping to queue  Queue Display the current queue value  Mapping to CoS Display the current mapping to CoS 4.8.2.5 DSCP Mapping The DSCP to Queue and Queue to DSCP Mapping screens in Figure 4-8-8 & Figure 4-8-9 appear.
PAGE 179
User’s Manual of GSD-1002M Figure 4-8-8 DSCP to Queue and Queue to DSCP Mapping page screenshot The page includes the following fields: Object Description  Queue Select Queue value for this drop down list.  DSCP Select DSCP value for this drop down list. Buttons : Click to apply changes.
PAGE 180
User’s Manual of GSD-1002M The page includes the following fields: Object Description  DSCP Display the current CoS value  Mapping to Queue Display the current mapping to queue  Queue Display the current queue value  Mapping to DSCP Display the current mapping to DSCP 4.8.2.6 IP Precedence Mapping The IP Precedence to Queue and Queue to IP Precedence Mapping screens in Figure 4-8-10 & Figure 4-8-11 appear.
PAGE 181
User’s Manual of GSD-1002M Figure 4-8-11 IP Precedence Mapping page screenshot The page includes the following fields: Object Description  IP Precedence Display the current CoS value  Mapping to Queue Display the current mapping to queue  Queue Display the current queue value  Mapping to IP Display the current mapping to IP Precedence Precedence 4.8.3 QoS Basic Mode 4.8.3.1 Global Settings The Basic Mode Global Settings and QoS Information screen in Figure 4-8-12 & Figure 4-8-13 appear.
PAGE 182
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Trust Mode Set the QoS mode Buttons : Click to apply changes. Figure 4-8-13 QoS Information page screenshot The page includes the following fields: Object Description  Trust Mode Display the current QoS mode 4.8.3.2 Port Settings The QoS Port Setting and Status screen in Figure 4-8-14 & Figure 4-8-15 appear.
PAGE 183
User’s Manual of GSD-1002M Buttons : Click to apply changes. Figure 4-8-15 QoS Port Status page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Trust Mode Display the current trust type. 4.8.4 Rate Limit Configure the switch port rate limit for the switch port on this page. 4.8.4.1 Ingress Bandwidth Control This page provides to select the ingress bandwidth preamble.
PAGE 184
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Port Select port number for this drop down list.  State Enable or disable the port rate policer. The default value is "Disabled".  Rate (Kbps) Configure the rate for the port policer. The default value is "unlimited". Valid values are in the range 0 to 1000000. Buttons : Click to apply changes.
PAGE 185
User’s Manual of GSD-1002M Figure 4-8-18 Egress Bandwidth Control Settings page screenshot The page includes the following fields: Object Description  Port Select port number for this drop down list.  State Enable or disable the port rate policer. The default value is "Disabled".  Rate (Kbps) Configure the rate for the port policer. The default value is "unlimited". Valid values are in the range 0 to 1000000. Buttons : Click to apply changes.
PAGE 186
User’s Manual of GSD-1002M 4.8.4.3 Egress Queue The Egress Queue Badwidth Control Settings and Status screens in Figure 4-8-20 & Figure 4-8-21 appear. Figure 4-8-20 Egress Queue BandwidthSettings page screenshot The page includes the following fields: Object Description  Port Select port number for this drop down list.  Queue Select queue number for this drop down list.  State Enable or disable the port rate policer. The default value is "Disabled".
PAGE 187
User’s Manual of GSD-1002M 4.8.5 Voice VLAN 4.5.8.1 Introduction to Voice VLAN Configure the switch port rate limit for the switch port on this page. Voice VLAN is specially configured for the user voice data traffic. By setting a Voice VLAN and adding the ports of the connected voice equipments to Voice VLAN, the user will be able to configure QoS (Quality of service) service for voice data, and improve voice data traffic transmission priority to ensure the calling quality.
PAGE 188
User’s Manual of GSD-1002M Figure 4-8-22 Properites page screenshot The page includes the following fields: Object Description  Voice VLAN State Indicates the Voice VLAN mode operation. We must disable MSTP feature before we enable Voice VLAN. It can avoid the conflict of ingress filter. Possible modes are:  Voice VLAN ID ■ Enabled: Enable Voice VLAN mode operation. ■ Disabled: Disable Voice VLAN mode operation Indicates the Voice VLAN ID.
PAGE 189
User’s Manual of GSD-1002M Figure 4-8-23 Properites page screenshot The page includes the following fields: Object Description  Voice VLAN State Display the current voice VLAN state.  Voice VLAN ID Display the current voice VLAN ID.  Remark CoS/802.1p Display the current remark CoS/802.1p.  1p remark Display the current 1p remark.  Aging Display the current aging time. 4.8.5.3 Telephony OUI MAC Setting Configure VOICE VLAN OUI table on this Page.
PAGE 190
User’s Manual of GSD-1002M  Description User-defined text that identifies the VoIP devices. Buttons : Click to add voice VLAN OUI setting. Figure 4-8-25 Voice VLAN OUI Group page screenshot The page includes the following fields: Object Description  OUI Address Display the current OUI address  Description Display the current description  Modify Click Click to edit voice VLAN OUI group parameter. to delete voice VLAN OUI group parameter. 4.8.5.
PAGE 191
User’s Manual of GSD-1002M Figure 4-8-26 Voice VLAN Port Setting page screenshot The page includes the following fields: Object Description  Port Select port number for this drop down list.  State Enable or disable the voice VLAN port setting. The default value is "Disabled".  CoS Mode Select the CoS mode that depend on all or sorce. Buttons : Click to apply changes.
PAGE 192
User’s Manual of GSD-1002M 4.9 Security This section is to control the access of the Managed Switch, including the user access and management control. The Security Page contains links to the following main topics:  802.1x  Radius Server  TACACS+ Server  AAA  Access  Management Access Method  DHCP Snooping  Dynamic ARP Inspection  IP Source Gurad  Port Security  DoS  Strom Control 4.9.1 802.1X Overview of 802.1X (Port-based) Authentication In the 802.
PAGE 193
User’s Manual of GSD-1002M  Remote Authentication Dial-in User Service (RADIUS)  Terminal Access Controller Access Control System Plus (TACACS+)  Local user name and Priviledge Level control 4.9.1.1 Understanding IEEE 802.1X Port-based Authentication The IEEE 802.1X standard defines a client-server-based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports.
PAGE 194
User’s Manual of GSD-1002M  Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from the switch. The workstation must be running 802.1X-compliant client software such as that offered in the Microsoft Windows XP operating system. (The client is the supplicant in the IEEE 802.1X specification.)  Authentication server—performs the actual authentication of the client.
PAGE 195
User’s Manual of GSD-1002M The specific exchange of EAP frames depends on the authentication method being used. “Figure 4-9-2” shows a message exchange initiated by the client using the One-Time-Password (OTP) authentication method with a RADIUS server. Figure 4-9-2 EAP message exchange  Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state.
PAGE 196
User’s Manual of GSD-1002M 4.9.1.2 802.1X Setting This page allows you to configure the IEEE 802.1X authentication system. The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication. One or more central servers, the backend servers, determine whether the user is allowed access to the network. These backend (RADIUS) servers are configured on the "Security→802.1X Access Control→802.
PAGE 197
User’s Manual of GSD-1002M 4.9.1.3 802.1X Port Setting This page allows you to configure the IEEE 802.1X Port Setting. The 802.1X Port Setting screens in Figure 4-9-5 & Figure 4-9-6 appear. Figure 4-9-5 802.1X Port Setting page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Mode If NAS is globally enabled, this selection controls the port's authentication mode.
PAGE 198
User’s Manual of GSD-1002M switch port or if a supplicant is no longer attached.  Reauthentication Period Determines the period, in seconds, after which a connected client must be reauthenticated. This is only active if the Reauthentication Enabled checkbox is checked. Valid values are in the range 30 to 65535 seconds.  Quiet Period Sets time to keep silent on supplicant authentication failure.  Supplicant Period Sets the interval for the supplicant to re-transmit EAP request/identify frame.
PAGE 199
User’s Manual of GSD-1002M  Periodic Display the current periodic reauthentication. Reauthentication  Reauthentication Display the current reauthentication period. Period  Quiet Period Display the current quiet period.  Supplicant Timeout Display the current supplicant timeout.  Max. EAP Requests Display the current Max. EAP requests.  Modify Click to edit 802.1X port setting parameter. 4.9.1.
PAGE 200
User’s Manual of GSD-1002M Figure 4-9-7 Guest VLAN Setting page screenshot The page includes the following fields: Object Description  Guest VLAN ID This is the value that a port's Port VLAN ID is set to if a port is moved into the Guest VLAN. It is only changeable if the Guest VLAN option is globally enabled. Valid values are in the range [1~4094].  Guest VLAN Enabled A Guest VLAN is a special VLAN - typically with limited network access - on which 802.
PAGE 201
User’s Manual of GSD-1002M Figure 4-9-8 Guest VLAN Status page screenshot The page includes the following fields: Object Description  Port Name The switch port number of the logical port.  Enable State Display the current state.  In Guest VLAN Display the current guest VLAN. 4.9.1.5 Authenticed Host The Authenticated Host Table screen in Figure 4-9-9 appears.
PAGE 202
User’s Manual of GSD-1002M 4.9.2 RADIUS Server This page is to configure the RADIUS server connection session parameters. The RADIUS Settings screens in Figure 4-9-10, Figure 4-9-11 & Figure 4-9-12 appears. Figure 4-9-10 Use Default Parameters page screenshot The page includes the following fields: Object Description  Retries Timeout is the number of seconds, in the range 1 to 10, to wait for a reply from a RADIUS server before retransmitting the request.
PAGE 203
User’s Manual of GSD-1002M Figure 4-9-11 New Radius Server page screenshot The page includes the following fields: Object Description  Server Definition Set the server definition.  Server IP Address of the Radius server IP/name.  Authetication Port The UDP port to use on the RADIUS Authentication Server. If the port is set to 0 (zero), the default port (1812) is used on the RADIUS Authentication Server.  Acct Port The UDP port to use on the RADIUS Accounting Server.
PAGE 204
User’s Manual of GSD-1002M  Server Priority Set the server priority.  Dead Time The Dead Time, which can be set to a number between 0 and 3600 seconds, is the period during which the switch will not send new requests to a server that has failed to respond to a previous request. This will stop the switch from continually trying to contact a server that it has already determined as dead.
PAGE 205
User’s Manual of GSD-1002M 4.9.3 TACACS+ Server This page is to configure the RADIUS server connection session parameters. The RADIUS Settings screens in Figure 4-9-13, Figure 4-9-14 & Figure 4-9-15 appear. Figure 4-9-13 Guest VLAN Setting page screenshot The page includes the following fields: Object Description  Key String The secret key - up to 63 characters long - shared between the TACACS+ server and the switch.
PAGE 206
User’s Manual of GSD-1002M Object Description  Server Definition Set the server definition.  Server IP Address of the TACACS+ server IP/name.  Server Port Network (TCP) port of TACACS+ server used for authentication messages. (Range: 1-65535; Default: 49)  Server Key The key- shared between the TACACS+ Authentication Server and the switch.  Server Timeout The number of seconds the switch waits for a reply from the server before it resends the request.
PAGE 207
User’s Manual of GSD-1002M 4.9.4 AAA Authentication, authorization, and accounting (AAA) provides a framework for configuring access control on the Managed Switch. The three security functions can be summarized as follows:  Authentication — Identifies users that request access to the network.  Authorization — Determines if users can access specific services.  Accounting — Provides reports, auditing, and billing for services that users have accessed on the network.
PAGE 208
User’s Manual of GSD-1002M Figure 4-9-17 New Authentication List screenshot The page includes the following fields: Object Description  List Name Defines a name for the authentication list.  Method 1-4 Set the login authentication method: Empty / None / Local / TACACS+ / RADIUS / Enable Buttons : Click to add authentication list. Figure 4-9-18 Login Authentication List screenshot The page includes the following fields: Object Description  List Name Display the current list name.
PAGE 209
User’s Manual of GSD-1002M 4.9.4.2 Enable List This page is to login list parameters. The authentication list screens in Figure 4-9-19 & Figure 4-9-20 appear. Figure 4-9-19 New Authentication List screenshot The page includes the following fields: Object Description  List Name Defines a name for the authentication list.  Method 1-3 Set the login authentication method: Empty / None / Enable / TACACS+ / RADIUS Buttons : Click to add authentication list.
PAGE 210
User’s Manual of GSD-1002M 4.9.5 Access This section is to control the access of the Managed Switch, including the different access methods – Telnet, SSH, HTTP and HTTPs. 4.9.5.1 Telnet The Telnat Settings and Information screen in Figure 4-9-21 & Figure 4-9-22 appear.
PAGE 211
User’s Manual of GSD-1002M Figure 4-9-21 Telnet Information page screenshot The page includes the following fields: Object Description  Telnet Service Display the current telent service.  Login Authentication List Display the current login authentication list  Enable Authentication List Display the current enable authentication list  Session Timeout Display the current session timeout.
PAGE 212
User’s Manual of GSD-1002M Figure 4-9-23 SSH Settings page screenshot The page includes the following fields: Object Description  SSH Service Disable or enable SSH service  Login Authentication List Select login authentication list for this drop down list.  Enable Authentication List Select enable authentication list for this drop down list.  Session Timeout Set the session timeout value.  Password Retry Count Set the password retry count value.  Silent Time Set the silent time value.
PAGE 213
User’s Manual of GSD-1002M The page includes the following fields: Object Description  SSH Service Display the current SSH service.  Login Authentication List Display the current login authentication list  Enable Authentication List Display the current enable authentication list  Session Timeout Display the current session timeout.
PAGE 214
User’s Manual of GSD-1002M Figure 4-9-26 HTTP Information page screenshot The page includes the following fields: Object Description  HTTP Service Display the current HTTP service.  Login Authentication List Display the current login authentication list  Session Timeout Display the current session timeout. 4.9.5.4 HTTPs The HTTPs Settings and Information screen in Figure 4-9-27 & Figure 4-9-28 appear.
PAGE 215
User’s Manual of GSD-1002M Figure 4-9-28 HTTPs Information page screenshot The page includes the following fields: Object Description  HTTPs Service Display the current HTTPs service.  Login Authentication List Display the current login authentication list  Session Timeout Display the current session timeout. 4.9.6 Management Access Method 4.9.6.1 Profile Rules The Profile Rule Table Setting and Table screens in Figure 4-9-29 & Figure 4-9-30 appear.
PAGE 216
User’s Manual of GSD-1002M  Management Method Indicates the host can access the switch from HTTP/HTTPs/telnet/SSH/SNMP/All interface that the host IP address matched the entry.  Action An IP address can contain any combination of permit or deny rules. (Default: Permit rules)Sets the access mode of the profile; either permit or deny.  Port Select port for this drop down list.  IP-Source Indicates the IP address for the access management entry. Buttons : Click to apply changes.
PAGE 217
User’s Manual of GSD-1002M 4.9.6.2 Access Rules The access profile screens in Figure 4-9-31 & Figure 4-9-32 appear. Figure 4-9-31 Access Profile page screenshot The page includes the following fields: Object Description  Access Profile Select access profile for this drop down list. Buttons : Click to apply changes. Figure 4-9-32 Access Profile Table page screenshot The page includes the following fields: Object Description  Access Profile Display the current access profile.
PAGE 218
User’s Manual of GSD-1002M 4.9.7 DHCP Snooping 4.9.7.1 DHCP Snooping Overview The addresses assigned to DHCP clients on unsecure ports can be carefully controlled using the dynamic bindings registered with DHCP Snooping. DHCP snooping allows a switch to protect a network from rogue DHCP servers or other devices which send port-related information to a DHCP server. This information can be useful in tracking an IP address back to a physical port.
PAGE 219
User’s Manual of GSD-1002M  If DHCP snooping is enabled globally, and also enabled on the VLAN where the DHCP packet is received, all DHCP packets are forwarded for a trusted port. If the received packet is a DHCP ACK message, a dynamic DHCP snooping entry is also added to the binding table.
PAGE 220
User’s Manual of GSD-1002M Object Description  DHCP Snooping Indicates the DHCP snooping mode operation. Possible modes are:  Enabled: Enable DHCP snooping mode operation. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.  Disabled: Disable DHCP snooping mode operation. Buttons : Click to apply changes.
PAGE 221
User’s Manual of GSD-1002M Figure 4-9-35 DHCP Snooping VLAN Setting page screenshot The page includes the following fields: Object Description  VLAN List Indicates the ID of this particular VLAN.  Status Indicates the DHCP snooping mode operation. Possible modes are:  Enabled: Enable DHCP snooping mode operation. When enable DHCP snooping mode operation, the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports.
PAGE 222
User’s Manual of GSD-1002M 4.9.7.4 Port Setting Configures switch ports as trusted or untrusted. Command Usage  A trusted interface is an interface that is configured to receive only messages from within the network. An untrusted interface is an interface that is configured to receive messages from outside the network or firewall.  When DHCP snooping enabled both globally and on a VLAN, DHCP packet filtering will be performed on any untrusted ports within the VLAN.
PAGE 223
User’s Manual of GSD-1002M Figure 4-9-38 DHCP Snooping Port Setting page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Type Display the current type  Chaddr Check Display the current chaddr check 4.9.7.5 Statistics The DHCP Snooping Statistics screen in Figure 4-9-39 appears.
PAGE 224
User’s Manual of GSD-1002M  Forwarded Display the current forwarded  Chaddr Check Dropped Display the chaddr check dropped  Untrust Port Dropped Display untrust port dropped  Untrust Port with Display untrust port with option82 dropped Option82 Dropped  Invaild Dropped Display invalid dropped Buttons : Click to clear the statistics. : Click to refresh the statistics. 4.9.7.
PAGE 225
User’s Manual of GSD-1002M Figure 4-9-40 DHCP Snooping Database Setting page screenshot The page includes the following fields: Object Description  Database Type Select database type.  File Name The name of file image.  Remote Server Fill in your remote server IP address.  Write Delay Specify the duration for which the transfer should be delayed after the binding database changes. The range is from 15 to 86400 seconds. The default is 300 seconds (5 minutes).
PAGE 226
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Database Type Display the current database type.  File Name Display the current file name.  Remote Server Display the current remote server.  Write Delay Display the current write delay.  Timeout Display the current timeout. 4.9.7.7 Rate Limit After enabling DHCP snooping, the switch will monitor all the DHCP messages and implement software transmission.
PAGE 227
User’s Manual of GSD-1002M Figure 4-9-43 DHCP Rate Limit Setting page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Rate Limit (pps) Display the current rate limit. 4.9.7.8 Option82 Global Setting DHCP provides a relay mechanism for sending information about the switch and its DHCP clients to DHCP servers.
PAGE 228
User’s Manual of GSD-1002M DHCP Rate Limit Setting and Config screens in Figure 4-9-44 & Figure 4-9-45 appear. Figure 4-9-44 Option82 Global Setting page screenshot The page includes the following fields: Object Description  State Set the option2 (remote ID option) content of option 82 added by DHCP request packets.  Default means the default VLAN MAC format.  User-Define means the remote-id content of option 82 specified by users Buttons : Click to apply changes.
PAGE 229
User’s Manual of GSD-1002M Figure 4-9-46 Option82 Global Setting page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Enable Enable or disable option82 function on port.  Allow Untrusted Select modes for this drop down list. The following modes are available:  Drop  Keep  Replace Buttons : Click to apply changes.
PAGE 230
User’s Manual of GSD-1002M 4.9.7.10 Option82 Circuit-ID Setting Set creation method for option82, users can define the parameters of circute-id suboption by themselves. Option82 Circuit-ID Setting screens in Figure 4-9-48 & Figure 4-9-49 appear. Figure 4-9-48 Option82 Port Circuit-ID Setting page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  VLAN Indicates the ID of this particular VLAN.
PAGE 231
User’s Manual of GSD-1002M 4.9.8 Dynamic ARP Inspection Dynamic ARP Inspection (DAI) is a secure feature. Several types of attacks can be launched against a host or devices connected to Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP requests and responses can go through DUT. This page provides ARP Inspection related configuration. A Dynamic ARP prevents the untrust ARP packets based on the DHCP Snooping Database. 4.9.8.
PAGE 232
User’s Manual of GSD-1002M 4.9.8.2 VLAN Setting DAI VLAN Setting screens in Figure 4-9-52 & Figure 4-9-53 appear. Figure 4-9-52 DAI VLAN Setting page screenshot The page includes the following fields: Object Description  VLAN ID Indicates the ID of this particular VLAN. Status Enables Dynamic ARP Inspection on the specified VLAN Options:  Enable  Disable Buttons : Click to apply changes.
PAGE 233
User’s Manual of GSD-1002M 4.9.8.3 Port Setting Configures switch ports as DAI trusted or untrusted and check mode. DAI Port Setting screens in Figure 4-9-54 & Figure 4-9-55 appear. Figure 4-9-54 DAI Port Setting page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Type Specify ARP Inspection is enabled on which ports. Only when both Global Mode and Port Mode on a given port are enabled, ARP Inspection is enabled on this given port.
PAGE 234
User’s Manual of GSD-1002M Figure 4-9-55 DAI Port Setting page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Type Display the current port type  Src-Mac Chk Display the current Src-Mac Chk status  Dst-Mac Chk Display the current Dst-Mac Chk status  IP Chk Display the current IP Chk status  IP Allow Zero Display the current IP allow zero status 4.9.8.
PAGE 235
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Port The switch port number of the logical port.
PAGE 236
User’s Manual of GSD-1002M Buttons : Click to apply changes. Figure 4-9-58 ARP Rate Limit Setting page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Rate Limit (pps) Display the current rat limit. 4.9.9 IP Source Guard IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings.
PAGE 237
User’s Manual of GSD-1002M 4.9.9.1 Port Settings IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host. The IP Source Guard Port Setting and Information screens in Figure 4-9-60 & Figure 4-9-61 appear.
PAGE 238
User’s Manual of GSD-1002M  Verify Source Configures the switch to filter inbound traffic based IP address, or IP address and MAC address.  None Disables IP source guard filtering on the Managed Switch.  IP Enables traffic filtering based on IP addresses stored in the binding table.  IP and MAC Enables traffic filtering based on IP addresses and corresponding MAC addresses stored in the binding table.  Max Binding Entry The maximum number of IP source guard that can be secured on this port.
PAGE 239
User’s Manual of GSD-1002M Figure 4-9-62 IP Source Guard Static Binding Entry page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  VLAN ID Indicates the ID of this particular VLAN.  MAC Address Source MAC address is allowed.  IP Address Source IP address is allowed. Buttons : Click to add authentication list.
PAGE 240
User’s Manual of GSD-1002M 4.9.10 Port Security This page allows you to configure the Port Security Limit Control system and port settings. Limit Control allows for limiting the number of users on a given port. A user is identified by a MAC address and VLAN ID. If Limit Control is enabled on a port, the limit specifies the maximum number of users on the port. If this number is exceeded, an action is taken. The action can be one of four different as described below.
PAGE 241
User’s Manual of GSD-1002M and reconnected on the port (by disconnecting the cable), the port will remain shut down. There are three ways to re-open the port: 1) Disable and re-enable Limit Control on the port or the switch, 2) Click the Reopen button.  Discard: If Limit + 1 MAC addresses is seen on the port, it will trigger the action that do not learn the new MAC and drop the package. Buttons : Click to apply changes.
PAGE 242
User’s Manual of GSD-1002M simple and effective protections against Dos attacks while acting no influence on the linear forwarding performance of the switch. 4.9.11.1 Global DoS Setting The Global DoS Setting and Information screens in Figure 4-9-66 & Figure 4-9-67 appear.
PAGE 243
User’s Manual of GSD-1002M  UDP Blat Enable or disable DoS check mode by UDP blat  TCP Blat Enable or disable DoS check mode by TCP blat  POD Enable or disable DoS check mode by POD  IPv6 Min Fragment Enable or disable DoS check mode by IPv6 min fragment  ICMP Fragments Enable or disable DoS check mode by ICMP fragment  IPv4 Ping Max Size Enable or disable DoS check mode by IPv4 ping max size  IPv6 Ping Max Size Enable or disable DoS check mode by IPv6 ping max size  Ping Max Size Sett
PAGE 244
User’s Manual of GSD-1002M Figure 4-9-67 DoS Informations page screenshot The page includes the following fields: Object Description  DMAC = SMAC Display the current DMAC = SMAC status  Land Attach Display the current land attach status  UDP Blat Display the current UDP blat status  TCP Blat Display the current TCP blat status  POD Display the current POD status  IPv6 Min Fragment Display the current IPv6 min fragment status  ICMP Fragments Display the current ICMP fragment status 
PAGE 245
User’s Manual of GSD-1002M 4.9.11.2 DoS Port Setting The DoS Port Setting and Status screens in Figure 4-9-68 & Figure 4-9-69 appear. Figure 4-9-68 Port Security Setting page screenshot The page includes the following fields: Object Description  Port Select Select port for this drop down list.  DoS Protection Enable or disable per port DoS protection. Buttons : Click to apply changes.
PAGE 246
User’s Manual of GSD-1002M 4.9.12 Storm Control Storm control for the switch is configured on this Page. There is an unknown unicast storm rate control, unknown multicast storm rate control, and a broadcast storm rate control. These only affect flooded frames, i.e. frames with a (VLAN ID, DMAC) pair not present on the MAC Address table. 4.9.12.1 Global Setting The Storm Control Global Setting and Information screens in Figure 4-9-69 & Figure 4-9-70 appear.
PAGE 247
User’s Manual of GSD-1002M 4.9.12.2 Port Setting Storm control for the switch is configured on this page. There are three types of storm rate control:  Broadcast storm rate control  Unknown Unicast storm rate control  Unknow Multicast storm rate contro.l The configuration indicates the permitted packet rate for unknown unicast, unknown multicast, or broadcast traffic across the switch. The Storm Control Configuration screens in Figure 4-9-71 & Figure 4-9-72 appear.
PAGE 248
User’s Manual of GSD-1002M Figure 4-9-72 Storm Control Information page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Port State Display the current port state.  Broadcast (Kbps/pps) Display the current brocast storm control rate.  Unknown Multicast Display the current unknown multicast storm control rate. (Kbps/pps)  Unknown Unicast Display the current unknown unicast storm control rate.
PAGE 249
User’s Manual of GSD-1002M 4.10 ACL ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program. Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there are specific traffic object access rights.
PAGE 250
User’s Manual of GSD-1002M  ACL Name Create a named MAC-based ACL list Figure 4-10-2 ACL Table page screenshot The page includes the following fields: Object Description  Delete Click to delete ACL name entry. 4.10.2 MAC-based ACE An ACE consists of several parameters. Different parameter options are displayed depending on the frame type that you selected. The MAC-based ACE screen in Figure 4-10-3 & Figure 4-10-4 appears.
PAGE 251
User’s Manual of GSD-1002M Figure 4-10-3 MAC-based ACE page screenshot The page includes the following fields: Object Description  ACL Name Select ACL name for this drop down list.  Sepuence Set the ACL sequence.  Action Indicates the forwarding action of the ACE.  Permit: Frames matching the ACE may be forwarded and learned.  Deny: Frames matching the ACE are dropped.  Shutdown: Port shutdown is disabled for the ACE..  DA MAC Specify the destination MAC filter for this ACE.
PAGE 252
User’s Manual of GSD-1002M  DA MAC Mask Specify whether frames can hit the action according to their sender hardware address field (SHA) settings.  0: ARP frames where SHA is not equal to the DA MAC address.  1: ARP frames where SHA is equal to the DA MAC address.  SA MAC Specify the source MAC filter for this ACE.  Any: No SA MAC filter is specified.  User Defined: If you want to filter a specific source MAC address with this ACE, choose this value. A field for entering a SA MAC value appears.
PAGE 253
User’s Manual of GSD-1002M  Sepuence Display the current sequence  Action Display the current action  Destination MAC Address Display the current destination MAC address  Destination MAC Address Display the current destination MAC address mask Mask  Source MAC Address Display the current source MAC address  Source MAC Address Mask Display the current source MAC address mask  VLAN ID Display the current VLAN ID  802.1p Display the current 802.1p value  802.
PAGE 254
User’s Manual of GSD-1002M Figure 4-10-6 ACL Table page screenshot The page includes the following fields: Object Description  Delete Click to delete ACL name entry. 4.10.4 IPv4-based ACE An ACE consists of several parameters. Different parameter options are displayed depending on the frame type that you selected. The IPv4-based ACE screens in Figure 4-10-7 & Figure 4-10-8 appear.
PAGE 255
User’s Manual of GSD-1002M Figure 4-10-7 IP-based ACE page screenshot 255
PAGE 256
User’s Manual of GSD-1002M The page includes the following fields: Object Description  ACL Name Select ACL name for this drop down list.  Sepuence Set the ACL sequence.  Action Indicates the forwarding action of the ACE.  Permit: Frames matching the ACE may be forwarded and learned.  Deny: Frames matching the ACE are dropped.  Shutdown: Port shutdown is disabled for the ACE..  Protocol Specify the protocol filter for this ACE.  Any(IP): No protocol filter is specified.
PAGE 257
User’s Manual of GSD-1002M matches this source port value.  Range: If you want to filter a specific source port range filter with this ACE, you can enter a specific source port range value. A field for entering a source port value appears. The allowed range is 0 to 65535. A frame that hits this ACE matches this source port value.  Destination Port Specify the destination port for this ACE.  Any: No specifc destination port is specified (destination port status is "don't-care").
PAGE 258
User’s Manual of GSD-1002M  Don’t Care: Any value is allowed ("don't-care"). SYN Specify the TCP "Synchronize sequence numbers" (SYN) value for this ACE.  Set: TCP frames where the SYN field is set must be able to match this entry.  Unset: TCP frames where the SYN field is set must not be able to match this entry.  Don’t Care: Any value is allowed ("don't-care"). FIN Specify the TCP "No more data from sender" (FIN) value for this ACE.
PAGE 259
User’s Manual of GSD-1002M Buttons : Click to add ACE list.
PAGE 260
User’s Manual of GSD-1002M 4.10.5 IPv6-based ACL This page shows the ACL status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. IPv6-based ACL screens in Figure 4-10-9 & Figure 4-10-10 appear. Figure 4-10-9 IPv6-based ACL page screenshot The page includes the following fields: Object Description  ACL Name Create a named IPv6-based ACL list Buttons : Click to add ACL name list.
PAGE 261
User’s Manual of GSD-1002M Figure 4-10-11 IP-based ACE page screenshot The page includes the following fields: 261
PAGE 262
User’s Manual of GSD-1002M Object Description  ACL Name Select ACL name for this drop down list.  Sepuence Set the ACL sequence.  Action Indicates the forwarding action of the ACE.  Permit: Frames matching the ACE may be forwarded and learned.  Deny: Frames matching the ACE are dropped.  Shutdown: Port shutdown is disabled for the ACE..  Protocol Specify the protocol filter for this ACE.  Any(IP): No protocol filter is specified.
PAGE 263
User’s Manual of GSD-1002M you can enter a specific source port range value. A field for entering a source port value appears. The allowed range is 0 to 65535. A frame that hits this ACE matches this source port value.  Destination Port Specify the destination port for this ACE.  Any: No specifc destination port is specified (destination port status is "don't-care").  Single: If you want to filter a specific destination port with this ACE, you can enter a specific destiantino port value.
PAGE 264
User’s Manual of GSD-1002M ACE.  Set: TCP frames where the SYN field is set must be able to match this entry.  Unset: TCP frames where the SYN field is set must not be able to match this entry.  Don’t Care: Any value is allowed ("don't-care"). FIN Specify the TCP "No more data from sender" (FIN) value for this ACE.  Set: TCP frames where the FIN field is set must be able to match this entry.  Unset: TCP frames where the FIN field is set must not be able to match this entry.
PAGE 265
User’s Manual of GSD-1002M Figure 4-10-12 IPv6-based ACE Table page screenshot The page includes the following fields: Object Description  ACL Name Display the current ACL name  Sepuence Display the current sequence  Action Display the current action  Protocol Display the current protocol  Source IP Address Display the current source IP address  Source IP Address Display the current source IP address wildcard mask Wildcard Mask  Destination IP Address Display the current destination
PAGE 266
User’s Manual of GSD-1002M 4.10.7 ACL Binding This page allows you to bind the Policy content to the appropriate ACLs. The ACL Policy screens in Figure 4-10-13 & Figure 4-10-14 appears. Figure 4-10-13 ACL Binding page screenshot The page includes the following fields: Object Description  Bibding Port Select port for this drop down list.  ACL Select Select ACL list for this drop down list. Buttons : Click to apply changes.
PAGE 267
User’s Manual of GSD-1002M 4.11 MAC Address Table Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to (based upon the DMAC address in the frame). This table contains both static and dynamic entries. The static entries are configured by the network administrator if the administrator wants to do a fixed mapping between the DMAC address and switch ports.
PAGE 268
User’s Manual of GSD-1002M Figure 4-11-2 Statics MAC Status page screenshot The page includes the following fields: Object Description  No. This is the number for entries  MAC Address The MAC address for the entry.  VLAN The VLAN ID for the entry.  Port Display the current port.  Delete Click to delete static MAC status entry. 4.11.2 MAC Filtering By filtering MAC address, the switch can easily filter the per-configured MAC address and reduce the un-safety.
PAGE 269
User’s Manual of GSD-1002M Figure 4-11-4 Statics MAC Status page screenshot The page includes the following fields: Object Description  No. This is the number for entries  MAC Address The MAC address for the entry.  VLAN The VLAN ID for the entry.  Delete Click to delete static MAC status entry. 4.11.3 Dynamic Address Setting By default, dynamic entries are removed from the MAC table after 300 seconds. The Dynamic Address Setting/Status screens in Figure 4-11-5 & Figure 4-11-6 appear.
PAGE 270
User’s Manual of GSD-1002M Figure 4-11-6 Dynamic Addresses Status page screenshot The page includes the following fields: Object Description  Aging Time Display the current aging time 4.11.4 Dynamic Learned Dynamic MAC Table Dynamic Learned MAC Table are shown on this page. The MAC Table is sorted first by VLAN ID, then by MAC address. The Dynamic Learned screens in Figure 4-11-6 & Figure 4-11-7 appear.
PAGE 271
User’s Manual of GSD-1002M Figure 4-11-7 MAC Address Information page screenshot Object Description  MAC Address The MAC address of the entry.  VLAN The VLAN ID of the entry.  Type Indicates whether the entry is a static or dynamic entry.  Port The ports that are members of the entry. Buttons : Click to add dynamic MAC address to static MAC address.
PAGE 272
User’s Manual of GSD-1002M 4.12 LLDP 4.12.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.
PAGE 273
User’s Manual of GSD-1002M  Bridging: transmit LLDP PDU in the same VLAN.  Flooding: transmit LLDP PDU for all port.  Transmission Interval The switch is periodically transmitting LLDP frames to its neighbors for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Transmission Interval value. Valid values are restricted to 5 - 32768 seconds.
PAGE 274
User’s Manual of GSD-1002M Buttons : Click to apply changes.
PAGE 275
User’s Manual of GSD-1002M Figure 4-12-3 LLDP Port Configuration and Optional TLVs Selection page screenshot The page includes the following fields: Object Description  Port Select Select port for this drop down list.  State Enables LLDP messages transmit and receive modes for LLDP Protocol Data Units. Options:  Tx only  Rx only  TxRx  Disabled  Port Select Select port for this drop down list.
PAGE 276
User’s Manual of GSD-1002M Frame Size" is included in LLDP information transmitted.  Management Address: When checked the "Management Address" is included in LLDP information transmitted.  802.1 PVID: When checked the "802.1 PVID" is included in LLDP information transmitted. Buttons : Click to apply changes. Figure 4-12-4 LLDP Port Status page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.
PAGE 277
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Port Select Select port for this drop down list.  VLAN Select Select VLAN for this drop down list. Buttons : Click to apply changes. Figure 4-12-6 LLDP Port VLAN TLV Status page screenshot The page includes the following fields: Object Description  Port The switch port number of the logical port.  Selected VLAN Display the current selected VLAN 4.12.
PAGE 278
User’s Manual of GSD-1002M Figure 4-12-7 Local Device Summary page screenshot The page includes the following fields: Object Description  Chassis ID Subtype Display the current chassis ID subtype  Chassis ID Display the current chassis ID  System Name Display the current system name  System Description Display the current system description  Capabilities Supported Display the current capabilities supported  Capabilities Enabled Display the current capabilities enabled  Port ID Subtype
PAGE 279
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Interface The switch port number of the logical port.  LLDP Status Display the current LLDP status  LLDP MED Status Display the current LLDP MED Status 4.12.5 LLDP Remove Device This Page provides a status overview for all LLDP remive devices. The displayed table contains a row for each port on which an LLDP neighbor is detected. The LLDP Remive Device screen in Figure 4-12-9 appears.
PAGE 280
User’s Manual of GSD-1002M 4.12.6 MED Network Policy Network Policy Discovery enables the efficient discovery and diagnosis of mismatch issues with the VLAN configuration, along with the associated Layer 2 and Layer 3 attributes, which apply for a set of specific protocol applications on that port. Improper network policy configurations are a very significant issue in VoIP environments that frequently result in voice quality degradation or loss of service.
PAGE 281
User’s Manual of GSD-1002M Figure 4-12-10 Voice Auto Mode Configuration and Network Policy Configuration page screenshot The page includes the following fields: Object Description  LLDP MED Policy for Set the LLDP MED policy for voice application mode. Voice Application  Network Policy Select network policy number for this drop down list.
PAGE 282
User’s Manual of GSD-1002M Softphone Voice - for use by softphone applications on typical data centric devices, such as PCs or laptops. This class of endpoints frequently does not support multiple VLANs, if at all, and are typically configured to use an 'untagged’ VLAN or a single 'tagged’ data specific VLAN. When a network policy is defined for use with an 'untagged’ VLAN (see Tagged flag below), then the L2 priority field is ignored and only the DSCP value has relevance.
PAGE 283
User’s Manual of GSD-1002M Figure 4-12-11 LLDP MED Network Policy Table page screenshot The page includes the following fields: Object Description  Network Policy Display the current network policy number Number  Application Display the current application  VLAN ID Display the current VLAN ID  VLAN Tag Display the current VLAN tag status  L2 Priertity Display the current L2 prierity  DSCP Value Dusplay the current DSCP value Buttons : Click to delete LLDP MED network policy table entry
PAGE 284
User’s Manual of GSD-1002M  MED Enable Enable or disable MED configuration.  MED Optional TVLs Configures the information included in the MED TLV field of advertised messages. -Network Policy – This option advertises network policy configuration information, aiding in the discovery and diagnosis of VLAN configuration mismatches on a port. Improper network policy configurations frequently result in voice quality degradation or complete service disruption.
PAGE 285
User’s Manual of GSD-1002M Display the current inventory  Inventory The MED Location Configuration and LLDP MED Port Location Table screens in Figure 4-12-14 & Figure 4-12-15 appear. Figure 4-12-14 Port LLDP MED Configuraiton page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list.  Location Coordinate A string identifying the Location Coordinate that this entry should belong to.
PAGE 286
User’s Manual of GSD-1002M The page includes the following fields: Object Description  Port The switch port number of the logical port.  Coordinate Display the current coordinate.  Civic Address Display the current civic address.  ESC ELIN Display the current ESC ELIN. 4.12.8 LLDP Overloading The LLDP Port Overloading screen in Figure 4-12-16 appears.
PAGE 287
User’s Manual of GSD-1002M  Status Gives the status of the TLVs.  Mandatory TLVs Displays if the mandatory group of TLVs were transmitted or overloaded.  MED Capabilites Displays if the capabilities packets were transmitted or overloaded.  MED Location Displays if the location packets were transmitted or overloaded.  MED Network Policy Displays if the network policies packets were transmitted or overloaded.
PAGE 288
User’s Manual of GSD-1002M Buttons : Click to clear the statistics. : Click to refresh the statistics. Figure 4-12-18 LLDP Port Statistics page screenshot The page includes the following fields: Object Description  Port The port on which LLDP frames are received or transmitted.  TX Frame – Total The number of LLDP frames transmitted on the port.  RX Frame – Total The number of LLDP frames received on the port.
PAGE 289
User’s Manual of GSD-1002M 4.13 Diagnostics This section provide the Physical layer and IP layer network diagnostics tools for troubleshoot. The diagnostic tools are designed for network manager to help them quickly diagnose problems between point to point and better service customers. Use the Diagnastics menu items to display and configure basic administrative details of the Managed Switch.
PAGE 290
User’s Manual of GSD-1002M The Copper test and test result screens in Figure 4-13-1 & Figure 4-13-2 appear. Figure 4-13-1 Copper Test page screenshot The page includes the following fields: Object Description  Port Select port for this drop down list. Buttons : Click to run the diagnostics. Figure 4-13-2 Test Results page screenshot The page includes the following fields: Object Description  Port The port where you are requesting Cable Diagnostics.
PAGE 291
User’s Manual of GSD-1002M 4.13.2 Ping The ping and IPv6 ping allow you to issue ICMP PING packets to troubleshoot IP connectivity issues. The Managed Switch transmits ICMP packets, and the sequence number and roundtrip time are displayed upon reception of a reply. 4.13.3 Ping Test This page allows you to issue ICMP PING packets to troubleshoot IP connectivity issues. After you press “Apply”, ICMP packets are transmitted, and the sequence number and roundtrip time are displayed upon reception of a reply.
PAGE 292
User’s Manual of GSD-1002M  Size (in bytes) The payload size of the ICMP packet. Values range from 8bytes to 5120bytes.  Ping Results Display the current ping result. Buttons : Click to transmit ICMP packets. Be sure the target IP Address is within the same network subnet of the switch, or you have to set up the correct gateway IP address. 4.13.4 IPv6 Ping Test This page allows you to issue ICMPv6 PING packets to troubleshoot IPv6 connectivity issues.
PAGE 293
User’s Manual of GSD-1002M Object Description  IP Address The destination IPv6 Address.  Count Number of echo requests to send.  Interval (in sec) Send interval for each ICMP packet.  Size (in bytes) The payload size of the ICMP packet. Values range from 8bytes to 5120bytes.  Ping Results Display the current ping result. Buttons : Click to transmit ICMPv6 packets. 4.13.
PAGE 294
User’s Manual of GSD-1002M The page includes the following fields: Object Description  IP Address The destination IP Address.  Max Hop The maximum gateway number allowed by traceroute function  Trace Route Results Display the current trace route result. Buttons : Click to transmit ICMPv6 packets.
PAGE 295
User’s Manual of GSD-1002M 4.14 RMON RMON is the most important expansion of the standard SNMP. RMON is a set of MIB definitions, used to define standard network monitor functions and interfaces, enabling the communication between SNMP management terminals and remote monitors. RMON provides a highly efficient method to monitor actions inside the subnets. MID of RMON consists of 10 groups.
PAGE 296
User’s Manual of GSD-1002M The Page includes the following fields: Object Description  Port Select port for this drop down list.  Drop Events The total number of events in which packets were dropped by the probe due to lack of resources.  Octets The total number of octets of data (including those in bad packets) received on the network.  Packets The total number of packets (including bad packets, broadcast packets, and multicast packets) received.
PAGE 297
User’s Manual of GSD-1002M 4.14.2 RMON Event Configure RMON Event table on this Page. The RMON Event screens in Figure 4-14-2 & Figure 4-14-3 appear. Figure 4-14-2: RMON Event Configuration Page Screenshot The Page includes the following fields: Object Description  Select Index Select index for this drop down list to create new index or modify index.  Index Indicates the index of the entry. The range is from 1 to 65535.
PAGE 298
User’s Manual of GSD-1002M Buttons : Click to apply changes. Figure 4-14-3: RMON Event Status Page Screenshot The Page includes the following fields: Object Description  Index Display the current event index  Event Type Display the current event type  Community Display the current community for SNMP trap  Description Display the current event description  Last Sent Time Display the current last sent time  Owner Display the current event owner  Action Click to delete RMON event entry.
PAGE 299
User’s Manual of GSD-1002M  Index Indicates the index of the log entry.  Log Time Indicates Event log time.  Description Indicates the Event description. 4.14.4 RMON Alarm Configure RMON Alarm table on this Page. The RMON Alarm screens in Figure 4-14-5 & Figure 4-14-6 appear.
PAGE 300
User’s Manual of GSD-1002M Includes FCS, but excludes framing bits.  Pkts: The total number of frames (bad, broadcast and multicast) received and transmitted.  BroadcastPkts: The total number of good frames received that were directed to the broadcast address. Note that this does not include multicast packets.  MulticastPkts: The total number of good frames received that were directed to this multicast address.  CRCAlignErrors: The number of CRC/alignment errors (FCS or alignment errors).
PAGE 301
User’s Manual of GSD-1002M received andtransmitted where the number of octets fall within the specified range (excluding framing bits but including FCS octets).  Sample Interval Sample interval (1–2147483647)  Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds, possible sample types are:  Absolute: Get the sample directly (default).  Delta: Calculate the difference between samples.
PAGE 302
User’s Manual of GSD-1002M  Falling Event Display the current falling event  Owner Display the current owner  Action Click to delete RMON alarm entry. 4.14.5 RMON History Configure RMON History table on this Page. The RMON History screens in Figure 4-14-7 & Figure 4-14-8 appear.
PAGE 303
User’s Manual of GSD-1002M Figure 4-14-8: RMON History Status Page Screenshot The Page includes the following fields: Object Description  Index Display the current index  Data Source Display the current data source  Bucket Requested Display the current bucket requested  Interval Display the current interval  Owner Display the current owner  Action Click to delete RMON history entry. 4.14.
PAGE 304
User’s Manual of GSD-1002M 4.15 Maintenance Use the Maintenance menu items to display and configure basic configurations of the Managed Switch. Under maintenance the following topics are provided to back up, upgrade, save and restore the configuration. This section has the following items: ■ Factory Default You can reset the configuration of the switch on this page. ■ Reboot Switch You can restart the switch on this page. After restart, the switch will boot normally.
PAGE 305
User’s Manual of GSD-1002M 4.15.2 Reboot Switch The Reboot page enables the device to be rebooted from a remote location. Once the Reboot button is pressed, user has to re-login the WEB interface about 60 seconds later. The Reboot Switch screen in Figure 4-15-2 appears and click to reboot the system. Figure 4-15-2 Reboot Switch page screenshot 4.15.3 Backup Manager This function allows backup of the current image or configuration of the Managed Switch to the local management station.
PAGE 306
User’s Manual of GSD-1002M 4.15.4 Upgrade Manager This function allows reload the current image or configuration of the Managed Switch to the local management station. The Upgrade Manager screen in Figure 4-15-4 appears. Figure 4-15-4 Upgrade Manager page screenshot The page includes the following fields: Object Description  Upgrade Method Select upgrade method for this drop down list.  Server IP Fill in your TFTP server IP address.  File Name The name of firmware image or configuration.
PAGE 307
User’s Manual of GSD-1002M 5. SWITCH OPERATION 5.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch. 5.2 Learning When one packet comes in from any port, the Switch will record the source address, port no. And the other related information in address table.
PAGE 308
User’s Manual of GSD-1002M 5.5 Auto-Negotiation The STP ports on the Switch have built-in "Auto-negotiation". This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
PAGE 309
User’s Manual of GSD-1002M 6. TROUBLESHOOTING This chapter contains information to help you solve your issue. If the Managed Switch is not functioning properly, make sure the Managed Switch is set up according to instructions in this manual.
PAGE 310
User’s Manual of GSD-1002M 4. If that device works, refer to the next step. 5.
PAGE 311
User’s Manual of GSD-1002M APPENDIX A A.1 Switch's RJ-45 Pin Assignments 1000Mbps, 1000Base T Contact MDI MDI-X 1 BI_DA+ BI_DB+ 2 BI_DA- BI_DB- 3 BI_DB+ BI_DA+ 4 BI_DC+ BI_DD+ 5 BI_DC- BI_DD- 6 BI_DB- BI_DA- 7 BI_DD+ BI_DC+ 8 BI_DD- BI_DC- Implicit implementation of the crossover function within a twisted-pair cable, or at a wiring panel, while not expressly forbidden, is beyond the scope of this standard. A.
PAGE 312
User’s Manual of GSD-1002M 7, 8 Not used The standard cable, RJ-45 pin assignment The standard RJ-45 receptacle/connector There are 8 wires on a standard UTP/STP cable and each wire is color-coded.
PAGE 313
EC Declaration of Conformity For the following equipment: *Type of Product *Model Number : 8-Port 10/100/1000Mbps + 2-Port 100/1000X SFP Managed Desktop Switch (PoE PD, External PWR) : GSD-1002M * Produced by: Manufacturer‘s Name : Manufacturer‘s Address : Planet Technology Corp. 10F., No.96, Minquan Rd., Xindian Dist., New Taipei City 231, Taiwan (R.O.C.).