Signamax Connectivity System 065-7708, 065-7728, 065-7764 Signamax Connectivity Systems Management Switch Model: 065-7708 065-7728 065-7764 User's Guide www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 1 Management This chapter describes three management methods of the Switch. Web-based management Console management Telnet management SNMP provides v1/v2 1.1 Web-based management The Switch has a Web GUI interface for switch configuration. The Switch can be configured through the Web browser. A network administrator can manage, control, and monitor the Switch from the local LAN.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 1-1 IP address NOTE: The factory-default IP Address : 192.168.2.11 Through the Web Management Utility, you do not need to remember the IP Address; select the device shown in the Monitor List of the Web Management Utility to settle the device on the Web browser. When the following dialog page appears, enter the default user name and password and press Login to enter the main configuration window. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure1-2 Login NOTE: The factory-default User name is empty. Pass word is “password” After entering the password, you can access main page of your switch. 1.2 Console Management A local console is a terminal or a workstation running a terminal emulation program that is connected directly to the switch via the RS-232 console port on the rear of the switch.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 1-3 1. Type in a name for the connection, select an icon for the connection, and click “OK”. Figure 1-4 www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2. Select the COM port that you are using for this connection and click “OK”. Figure 1-5 3. Setup the COM port properties by using the information below and click “OK”. Figure1-6 www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 NOTE: The console port is set at the factory for the following configuration: Baud rate: 9,600 Data width: 8 bits Parity: none Stop bits: 1 Flow Control: None 4. You should see some boot-up messages displayed within your “HyperTerminal” session. 5. At the “username” field type in “guest” or let it be empty and hit “Enter”. 6. At the “password” field type in “password” and hit “Enter”. You are now logged into the Switch’s configuration program.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 After connected successful please enter” username “and “password” Figure 1-8 NOTICE: The factory-default User name is “guest”. Pass word is “guest” 2 Configuration 2.1 System 2.1.1 IP Address Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s the factory-default IP Address is 192.168.2.11.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-1 Enter the appropriate IP Address and Submask and Gateway. NOTICE: The Switch’s factory-default IP address is 192.168.2.11 with Submask of 255.255.255.0 and a default gateway of 192.168.2.1 2.1.2 SNMP 2.1.2.1 Theory The Simple Network Management Protocol (SNMP) is an application layer protocol that facilitates the exchange of management information between network devices.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 used to identify the group. A SNMP device or agent may belong to more than one SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities are: Write = private Read = public 2.1.2.2 SNMP Configuration 1. SNMP Agent Status Configuration First turn on SNMP Agent. Enabled / Disabled: To turn on or turn off the SNMP function on the Switch. Figure 2-2 2.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Add Community: enter private or public Chooses community strings for the Switch management access: read only or read/write Read only: Enables requests accompanied by this string to display MIB-object information. Read/Write: Enables requests accompanied by this string to display MIB-object information and to set MIB objects. After complete hereinbefore two steps click “ Add”.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-6 IN “Current Management Stations” show list Figure 2-7 2.1.3 Password Password is the invaluable tool for the manager to secure the Web Management Switch. You can use this function to change the password. Enter “old password “, “new password”, “confirm password” and click “ok”. Figure 2-8 2.1.4 MAC Address Each Switch must be assigned its own MAC Address. You can use this function to modify the Switch MAC address. www.signamax-us.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-9 2.1.5 CONSOLE If you forget the parameter of Console Management .In this function you can look about all. Figure 2-10 2.1.6 Management Host Configuration This function is based upon the security of the Switch. If turn on this function then only one IP address of in “Enter Management Host IP “ input field can land the Web management .
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2.1.7 System Upgrade This function allows the administrator to perform a WEB firmware update. Click “Browse” to choose firmware. You must wait for some seconds. Upgrade successful will be show in “Update Status” Figure 2-12 CAUTION: In course of System Upgrade, Please don’t touch The Switch Power. 2.1.8 Saving Parameters This operation will save all your parameters on the switch. After reboot the switch, all the parameters are still valid.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-14 2.1.10 Load Default This operation helps you to reset the device back to the default setting from the factory. Be aware that the entire configuration will be reset, the IP address will be retrieved .The default IP address of 192.168.2.11 will be used. Figure 2-15 CAUTION: This operation will result in all the parameters losing. Except for urgency please cautioning! 2.1.11 Reboot Reboot the system. Figure 2-16 www.signamax-us.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2.2 Port Management 2.2.1 Port Configuration This page displays the current status of every port. It will display the user’s selection for each port followed by the actual discovered settings. Management Status: Display port status: Enable or Disable, Disable indicates port is off. Link Status: Down indicates “No Link”, up indicates “Link”. Speed: Used to set the port speed to either 100Mbps or 10Mbps on Port1~Port48.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-18 2.3 Redundancy 2.3.1 Spanning Tree 1. Spanning Tree Protocol The IEEE 802.1D Spanning Tree Protocol allows for the blocking of links between switches that form loops within the network. When multiple links between switches are detected, a primary link is established. Duplicated links are blocked from use and become standby links. The protocol allows for the duplicate links to be used in the event of a failure of the primary link.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Creates a single spanning tree from any combination of switching or bridging elements. Creates multiple spanning trees – from any combination of ports contained within a single switch, in user specified groups. Automatically reconfigures the spanning tree to compensate for the failure, addition, or removal of any element in the tree. Reconfigures the spanning tree without operator intervention.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 network topology information to propagate throughout the network before starting to forward packets. They must also wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology. The forward delay timer is used to allow the network topology to stabilize after a topology change.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 configured, each port stabilizes to the forwarding or blocking state. No packets (except BPDUs) are forwarded from, or received by, STP enabled ports until the forwarding state is enabled for that port. 2.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Default Spanning-Tree Configuration Feature Enable state Port priority Port cost Bridge Priority Default Value STP enabled for all ports 128 19 32,768 User-Changeable STA Parameters The Switch’s factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 greater the probability the port will be chosen to forward packets. 3. Illustration of STP A simple illustration of three switches connected in a loop is depicted in Figure 5-7. In this example, you can anticipate some major network problems if the STP assistance is not applied. If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to switch A ... and so on.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-20 After Applying the STA Rules The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 4) on switch A are connected to one (optional) Gigabit port on both switch B and C.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-21 2. Bridge Information You can view Root Bridge spanning tree information from the follow table. Figure 2-22 3. STP Port Configuration The following fields can be set for STP port configuration: Port Priority: Defines if this port is more or less likely to become the root port. The range is from 0 to 255, the default setting is 128.The lower number has the highest priority. Path Cost: Specifies the path cost of the port.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2.3.3 Link Aggregation The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems that require high speed redundant links. Port trunks can be used to increase the bandwidth of a network connection or to ensure fault recovery. Link aggregation lets you group up to many consecutive ports into a single dedicated connection between any two the Switch or other Layer 2 switches.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2.4.1.1 Theory Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously. It is intended to alleviate problems associated with the delivery of time critical data over congested networks.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally. Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLAN allow VLAN to work with legacy switches that don’t recognize VLAN tags in packet headers. The tagging feature allows VLAN to span multiple 802.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-26 Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLAN to span network devices (and indeed, the entire network – if all network devices are 802.1Q compliant). Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 VLANs and Trunk Groups In order to use VLAN segmentation in conjunction with port trunk groups, you can first set the port trunk group(s), and then you may configure VLAN settings. If you wish to change the port trunk grouping with VLAN already in place, you will not need to reconfigure the VLAN settings after changing the port trunk group settings.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-29 If you want to show or add or modify the VLAN. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-30 802.1Q VLAN There are up to 256 configurable VLAN groups. By default when 802.1Q is enabled, all ports on the switch belong to default VLAN (VID 1). The default VLAN cannot be deleted. Understand nomenclature of the Switch Tagging and Untagging Every port on an 802.1Q compliant switch can be configured as tagging or untagging.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Thus, all packets received by and forwarded by an untagging port will have no 802.1Q VLAN information. Untagging is used to send packets from an 802.1Q-compliant network device to a non-compliant network device. Trunk: Ports with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets that out of those ports.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-33 Figure 2-34 3. Choose the type of link :Access or Trunking. Define PVID for port2 Figure 2-35 4. Trunk configuration: Port2 with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets that out of it. Type a name for the new VLAN. Type a VID (between 2-4094). The default is 1.Clicd “Add”. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-36 Then display in the VLAV table. Figure 2-37 In the VLAN table choose VLAN which you want to tagging. Click “Add” Figure 2-38 If you want to display one VLAN. Figure 2-39 www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-40 2.4.2 802.1X 2.4.2.1 Theory ● Understanding IEEE 802.1X Port-Based Authentication The IEEE 802.1X standard defines a client-server-based access control and authentication protocol that restricts unauthorized clients from connecting to a LAN through publicly accessible ports. The authentication server authenticates each client connected to a switch port before making available any services offered by the switch or the LAN.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Client—the device (workstation) that requests access to the LAN and switch services and responds to requests from the switch. The workstation must be running 802.1X-compliant client software such as that offered in the Microsoft Windows XP operating system. (The client is the supplicant in the IEEE 802.1X specification.) Authentication server—performs the actual authentication of the client.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 NOTICE: If 802.1X is not enabled or supported on the network access device, any EAPOL frames from the client are dropped. If the client does not receive an EAP-request/identity frame after three attempts to start authentication, the client transmits frames as if the port is in the authorized state. A port in the authorized state effectively means that the client has been successfully authenticated.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 If a client that does not support 802.1X is connected to an unauthorized 802.1X port, the switch requests the client's identity. In this situation, the client does not respond to the request, the port remains in the unauthorized state, and the client is not granted access to the network. In contrast, when an 802.1X-enabled client connects to a port that is not running the 802.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-44 Auto: enables 802.1X authentication and causes the port to begin in the unauthorized state, allowing only EAPOL frames to be sent and received through the port. It’s a default status Force authorized: disables 802.1X authentication and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-45 3. “Other configuration”: only choose “Local Authenticate” mode is available. If you not have good experiences please keep the default value. Figure 2-46 Radius Server — In this situation, need a Radius server in the network, the normal topologies as below www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-47 1. Select the “Radius Server” mode. 2. Configure ports attribute of 802.1X, the same as “802.1X Port Status Configuration”. 3. Create user data. That step are different of “Local Authenticate”, the establishment of the user data needs to be created on the Radius Server PC. For example, the Radius Server founded on Win2000 Server, and then: Figure 2-48 www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed: Figure 2-49 4. The last, run your 802.1X Client 2.4.3 MAC Address Binding This function is based upon for the switch security. When you add one MAC Address is bind with one port.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-50 Figure 2-51 2.4.4 MAC Address Filtering MAC address filtering allows the switch to drop unwanted traffic. Traffic is filtered based on the destination addresses. In the MAC Address box, enter the MAC address that you want to filter out. Click ”Add”. To Delete a MAC address entry from the filtering table, simply select it and click Delete. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-52 Figure 2-53 2.4.5 MAC Address Learning For every port choose MAC Study’ status: Enable/Disable In the Port box enter the port number. Choose status. Click ”Ok” www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-54 2.4.6 MAC Address Aging Time The Aging Time affects the learning process of the Switch. Dynamic forwarding table entries, which are made up of the source and destination MAC addresses and their associated port numbers, are deleted from the table if they are not accessed within the aging time. The aging time can be from 30 to 1,000 seconds with a default value of 300 seconds.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2.5 QOS 2.5.1 Understand QOS Quality of Service (QoS) is an advanced traffic prioritization feature that allows you to establish control over network traffic. QoS enables you to assign various grades of network service to different types of traffic, QoS reduces bandwidth limitations, delay, loss, and jitter. It also provides increased reliability for delivery of your data and allows you to prioritize certain applications across your network.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2.5.2 QOS Configuration QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems. The IEEE 802.1p Priority specification uses 8 priority levels to classify data packets. In 802.1p compliant devices, a tag inserted into the packet header is used to identify the priority level of data packets. The Switch supports four kinds of Traffic classifiers: 802.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 2. VLAN-COS QoS settings allow customization of VLAN ID to Traffic classifiers In the field input VID. Input you want to mapping COS number. To delete an entry from the table, simply select it and click Delete. Figure 2-50 Figure 2-58 3.802.1p-priority-CoS QoS settings allow customization of packet priority in order to facilitate delivery of data traffic that might be affected by latency problems. The IEEE 802.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-59 Figure 2-60 4. Port-COS QoS settings allow customization of VLAN ID to Traffic classifiers In the field input the port number. Input you want to mapping COS number. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-61 5. COS-Queue mapping In the field input COS. Input you want to mapping the Queue number. Figure 2-62 6. Queue Management The administrator can modify Queue Policy: WRR/Always High. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-63 If choose WRR this page Show Queue Weight Figure 2-64 2.6 Multicast 2.6.1 IGMP Snooping Theory Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group. The Internet Group Management Protocol (IGMP) is used to communicate this information.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 The format of an IGMP packet is shown below: Figure 2-65 The IGMP Type codes are shown below: Type Meaning 0x11 Membership Query (if Group Address is 0.0.0.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-66 IGMP Snooping Configuration The Switch support switch for control this function. The default is “Disable” Figure 2-67 2.6.2 Static Routing Port Access this function configuring the port become the member of IGMP Groups of one VLANs In the Port box enter the port number and enter the number of The VLAN (VLD ). www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-68 2.7 Port Analysis 2.7.1 Port Analysis This function is an instrument of diagnosing the network malfunction for the administrator. Count kinds of data of every port. The following view provides statistical information about “port 6”. www.signamax-us.com www.signamax-eu.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-69 If received the packet’ size less than 64 byte or overstep 1518 byte .The network has the malfunction. 2.7.2 Port Mirror Port Mirroring is a method of monitoring network traffic that forwards a copy of each incoming and/or outgoing packet from one port of a network switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.
Signamax Connectivity System 065-7708, 065-7728, 065-7764 Figure 2-70 2.8 Storm Restricting The administrator can use this function to limit the amount of Broadcast or Multicast or Flooded for every port. Input the range from 64Kbps to 80,000Kbps. In the Port box enter the port number. Choose limited type. Enter Flow range Click “Add”. To delete a list from the table, simply select it and click Delete. Figure 2-71 www.signamax-us.com www.signamax-eu.
