2 OPERATING MANUAL PS-2126M-POE Switch Managed Switch with Twenty Four 10/100Base-TX PoE Ports Plus Two Mini GBIC Slots for 1000Base-SX or LX Fiber Connectivity Or 10/100/1000Base-TX Copper Connectivity CORPORATE HEADQUATERS MANUFACTURING/CUSTOMER SERVICE 5001 American Blvd. W., Suite 605 Bloomington, MN 55437 Phone: 800.441.5319 Phone: 952.831.5603 Fax: 952.831.5605 945 37 Avenue, NW Rochester, MN 55901 Phone: 800.328.2275 Phone: 507.252.1951 Fax: 507.285.1952 th Web site: http://www.watersnet.
TABLE OF CONTENTS 1.0 SPECIFICATIONS ........................................................................................................................... 4 2.0 PACKAGE CONTENTS................................................................................................................... 6 3.0 INTRODUCTION.............................................................................................................................. 6 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 4.
5.20.2 5.20.3 5.21 5.22 5.23 5.24 5.25 5.26 5.27 5.28 5.29 6.0 6.1 6.2 7.0 7.1 8.0 8.1 8.2 8.3 9.0 RESTORE DEFAULT CONFIGURATION ......................................................................................... 90 CONFIGURATION FILE ............................................................................................................... 92 SECURITY ....................................................................................................................................
1.0 Specifications OPERATIONAL CHARACTERISTICS MAC Address Table 8K Switching Mode Store-and-forward Memory Buffer Size 256Kb 128K control memory Performance Non-blocking wire speed Auto negotiation Auto-MDIX Back pressure flow control for half duplex Flow control for full duplex Maximum throughput is 8.8Gbps MANAGEMENT FUNCTIONS Web-based, SNMP (v1, v2c), CLI, or Telnet Port setting for duplex and speed MAC based Port trunking Port based and tagged VLANs (up to 256) IGMP snooping 802.
EMI/SAFETY COMPLIANCE: FCC Part 15 Class A & CE Mark Approval PoE SPECIFICATIONS: Endpoint with 48VDC power through RJ45 pins 1, 2, 3 and 6 PoE-PSE activity LED indicator 185 watts of total power (up to 15.4 watts for 12 ports and up to 7.
2.0 Package Contents Examine the shipping container for obvious damage prior to installing this product. Notify the carrier of any damage that you believe occurred during shipment. Ensure that the items listed below are included. If an item is missing, please contact your supplier. 3.
• PoE – PSE status and activity LED indicator 3.2 Software Features The following lists management highlights of the PS-2126M-POE switch: Provides the status of each port and allows for port configuration Supports per port traffic monitoring counters Supports a snapshot of the system information upon login Supports static trunk function Three user login; only first login administrator can configure the device.
3.3 Hardware Description LED SET Mode: ACT/FDX/SPD Power Indication LED LEDSET Button: LEDSET button is used to change the LED display mode Fast Ethernet Port Fiber Port Status Indication LEDs PoE Port Status Indication LEDs TP Port Status Indication LEDs Gigabit Dual Media Port(25~26): SFP/TP RESET Button: RESET button is used to reset the management system. Figure 3.1 - Front View of PS-2126M-POE Figure 3.1 shows the front view of the PS-2126M-POE switch.
The following table provides the status and description of the LEDs. LED Color Function System LED CPURUN POWER ACT FDX SPD Green Green Green Green Green CPU is on and good AC power is on and good LEDSET set on active mode LEDSET set on full-duplex mode LEDSET set on speed mode 10/100Base-TX Ports 1 to 24 LED Connection with remote device is good LINK Green Off when cable connection is not good a. LEDSET set on ACT (active) mode: Blinks when traffic is present b.
3.4 Optional SFP Modules The following lists the SFP modules that are available for this switch: SFP-1000SX-LC – multimode fiber transceiver with LC connector SFP-1000LX-LC-10 – singlemode (10km) fiber transceiver with LC connector SFP-1000LX-LC-30 – singlemode (30km) fiber transceiver with LC connector 3.5 Installation Choose a surface for your switch that is clean, smooth and near a power outlet.
Once the self test is performed, the bootloader will load the firmware into the memory, which takes about 30 seconds. The switch will flash the LEDs once and automatically perform a self test. 3.9 Installing Chassis to a 19-inch Wiring Closet Rail Caution: Allow a proper spacing and proper air ventilation for the cooling fan at both sides of the chassis. Wear a grounding device for electrostatic discharge.
Figure 3.3 - No VLAN Configuration Diagram If VLAN is enabled and configured, each node in the network that can communicate with each other directly is contained in the same VLAN area. In Example 2, the VLAN area is defined by the configured VLAN. The switch supports both portbased VLAN and tag-based VLAN. They are different in practical deployment, especially in physical locations. The following diagram shows how the VLAN works. Example 2a: Port-based VLAN (See Figure 3-4). Figure 3.
1. As a member of a VLAN, you cannot be a member of a VLAN in another switch. 2. As a member of a VLAN, you cannot access a member of another VLAN. 3. The switch manager has to assign different names for each VLAN at one switch. group Case 2b: Port-based VLAN (See Figure 3-5). Figure 3.5 - Port-based VLAN Diagram This is an example of how VLANs can be set up between two switches. 1. VLAN1 members cannot access VLAN2, VLAN3 and VLAN4 members. 2.
4.0 Network Applications There are three ways to access switch management functions: 1. RS-232 serial port connection (CLI) 2. Telnet 3. Web Note: Before accessing management functions through Telnet or the Web, you must modify the IP address, subnet mask, default gateway and DNS through the RS-232 connection. 4.1 Using the RS-232 Serial Port Connection To configure the switch via the RS-232 serial port connection, follow these steps: 1.
1. Once you have logged into the switch, you will see the following screen. Figure 4.1 – Login Screen 2. To set the IP Address of the switch, use the following commands: Syntax: set ip Description: To set the system IP address, subnet mask and gateway. Argument: : ip address : subnet mask : default gateway Possible value: : 192.168.1.2 or others : 255.255.255.0 or others : 192.168.1.253 or others Example: FEPoEL2-SW26# set ip 192.168.1.
4.3 Configuring the Switch via the Web You can configure and monitor the switch through: CLI Web browser SNMP manager. The user interface for SNMP is not covered at this time. Ethernet LAN Assign an IP address, For example: IP = 192.168.1.100 Subnet Mask = 255.255.255.0 Default Gateway = 192.168.1.254 Figure 4.2 – Front Switch View Before you are able to communicate with the switch, you must know the IP address of the switch. Once you know the IP address, follow these instructions: 1.
4.4 IP Address Assignment Figure 4.3 - Login Screen via a Web browser For IP address configuration, the following three parameters are required: IP address Subnet Mask Default Gateway and DNS. IP Address: The address of the network device is used for internetworking communication. IP addresses are split into predefined address classes or categories. This is referred to as “classful” addressing because the address is spilt into three predefined classes, groupings or categories.
Bit # 0 1 7 8 0 Network address Host address Class B: IP address range between 128.0.0.0 and 191.255.255.255. Each class B network has a 16-bit network prefix followed 16-bit host address. There are 16,384 (2^14)/16 networks able to be defined with a maximum of 65534 (2^16 –2) hosts per network. Bit # 01 2 15 16 10 Network address Host address Class C: IP address range between 192.0.0.0 and 223.255.255.255. Each class C network has a 24-bit network prefix followed 8-bit host address.
networks. For a class B network, 128.1.2.3, the subnet mask 255.255.0.0 in default, in which the first two bytes are all 1s. This means more than 60 thousands of nodes in flat IP address will be at the same network. This is too large to manage practically. Now if we divide it into a smaller network by extending network prefix from 16 bits to, say 24 bits, its third byte is used to subnet this class B network. Now it has a subnet mask 255.255.255.0, in which each bit of the first three bytes is 1.
Prefix Length No. of IP matched No. of Addressable IP /32 1 - /31 2 - /30 4 2 /29 8 6 /28 16 14 /27 32 30 /26 64 62 /25 128 126 /24 256 254 /23 512 510 /22 1024 1022 /21 2048 2046 /20 4096 4094 /19 8192 8190 /18 16384 16382 /17 32768 32766 /16 65536 65534 Table 4-2 According to the scheme above, a subnet mask 255.255.255.0 will partition a network with the class C.
connected to the switch. Use the same network address and append your host address. Figure 4.4 – IP Configuration IP Address: For example, as shown in the Figure 4.4 192.168.1.1. An IP address in the range of 192.168.1.x must be set on your PC. Subnet Mask: For example, as show in Figure 4.4 255.255.255.0. Any subnet mask such as 255.255.255.x is allowable in this case. DNS: The Domain Name Server translates the human readable machine name to IP address.
5.0 Web Based Management This section illustrates the configuration and management of the switch through a web interface. Management through the web interface allows you to easily access and monitor the switch through any port. The default values of the managed switch are listed in the table below: IP Address 192.168.1.1 Subnet Mask 255.255.255.0 Default Gateway 192.168.1.
Figure 5.1 – Login Screen 5.1 Overview of Web Management Once you have logged into the switch, the opening screen displays the System Information. On the left side of the screen, the function tree for all of the management functions is displayed. We will explore these functions in this chapter.
Figure 5.2 displays the System Information screen. Figure 5.2 – System Information The top of the screen displays the front panel of the switch. The linked ports will be displayed in green and the ports that are not connected will be dark. The optional modules will display a cover plate if no module exists and will show a module if a module is present. The image of module depends on the installed module. If the module port is not connected, the port be dark and, if linked, green.
On the left-top corner, there is a pull-down list for Auto Logout. For additional switch security, an auto-logout function is available to protect you from illegal users if you don’t logout of the management functions when you are finished. The Auto Logout default is set to three minutes. You may change the time by using the pull down list for Auto Logout. The system will automatically log out if there has been no activity during the time you choose. There is also an option for OFF.
5.2 System Information Function name: System Information Function description: Displays the basic system information. Parameter description: Model name: The model name of the device. System description: Describes the device. 24-Port 10/100Base-T/TX Managed PoE Switch. Location: The location of the switch. User-defined. Contact: For the purpose of managing and maintaining the device, enter the contact person and phone to be used for help.
It is the MAC address of the management agent in this switch. Device Port: Displays the types and number of ports in the switch. RAM size: The size of the DRAM in this switch. Flash size: The size of the flash memory in this switch. 5.3 IP Configuration IP configuration is one of the most important configurations in the switch. Without the proper setting, the network manager will not be able to manage or view the device.
DHCP, refer to Section 4.4 - IP Address Assignment. Default: Disabled IP address: Users can configure the IP settings and enter new values if users set the DHCP function to “Disable”. Click the Apply button to update. When DHCP is disabled, Default: 192.168.1.1 If DHCP is enabled, this field is completed by the DHCP server and will not allow user manually set future IP addresses. Subnet mask: The purpose of the subnet mask is to get more network addresses.
5.4 Time Configuration The switch provides a manual and automatic method to set the system time via NTP. Manual setting is simple. Input “Year”, “Month”, “Day”, “Hour”, “Minute” and “Second” within the valid value range indicated in each item. If you input an invalid value, for example, 61 in minute, the switch will clamp the figure to 59. NTP is a well-known protocol used to synchronize the system time of the switch system time over a network.
over the ending time, the system time will be decreased one hour after one minute at the time since it passed over. The switch supports valid configurable day light saving time is –5 ~ +5 step one hour. The zero for this parameter means it need not have to adjust the current time, equivalent to in-act daylight saving. You don’t have to set the starting/ending date as well.
Figure 5.5 – System Time Setting 5.5 Account Configuration Only the administrator can create, modify or delete the username and password. The administrator can modify other guest identities’ password without confirming the password. Guest-equivalent identity can modify his password only. Please note that you must confirm administrator/guest identity in the field of Authorization in advance before configuring the username and password. Only one administrator is allowed to exist and unable to be deleted.
5.6 Management Policy Through the management security configuration, the manager can perform the setup to control the switch and limit user to access the switch. The following rules are provided for the management of the switch: Rule 1: If no lists exists, all connections are accepted. Accept __________________________________________________ Rule 2: If “accept lists” exists, all connections will be denied except the connection inside the accepting range.
who are unable to connect to the switch (Deny). Some restrictions also can be placed on the mode used to connect to the switch. For example, VLAN VID is able to be accepted or denied by the switch, the IP range of the user could be accepted or denied by the switch, a user port can be allowed or not allowed to connect with the switch, or the way the switch is controlled when connected by via HTTP, Telnet or SNMP. Figure 5.
as have been setup. Use the Edit/Create button. Delete: Removes the existed entry of Management Security Configuration from the management security table. 5.7 Virtual Stack Function name: Virtual Stack Function description: Virtual Stack Management (VSM) is the group management function. VSM configuration automatically groups switches in the same LAN. One switch among the group will be the master device, and the others will become the slave devices. VSM offers a simple centralized management function.
Virtual Stack is disabled by default. Figure 5.8 – Virtual Stack Parameter description: State: Used for the activation or de-activation of VSM. Role: The role that the switch would like to play in virtual stack. Two types of roles, including master and slave are offered. The default is Master. Group ID: It is the group identifier (GID) which signs for VSM. Valid letters are A-Z, a-z, 0-9, “ - “ and “_” characters. The maximum length is 15 characters. Figure 5.
5.8 Port Configuration Port configuration includes the following functions: Port Configuration Status Configuration Simple Counter Detail Counter 5.8.1 Port Status The port status function gathers the current status for all ports. The information is displayed by the order of port number, link status, port state, auto-negotiation status, speed/duplex and flow control. If a fiber module is installed in one or both of the slots, the current status for those ports will be displayed. See Figure 5.10.
Port No: Displays the port number. The number is 1 – 26. Ports 25 and 26 may be fiber SFP modules. Media: Shows the media type used in all ports. Ports 25 and 26 are optional SFP modules, which support fiber Gigabit Ethernet. Since the fiber port could be multimode or singlemode, the information will be based on the actual media installed in the switch with reference to connector, distance, fiber mode, etc. The module port information is displayed in Figure 5.11. Link: Displays an active or inactive port.
Default: None Tx Pause: TX pause determines whether the port transmits the PAUSE frame or not. If on is displayed , the port will send the PAUSE frame; otherwise, the port will not send the PAUSE frame. Default: None Figure 5.11 – Port Detail Information Parameter description of Port 25 and Port 26: Connector Type: Displays the connector type. (Ex.
Vendor SN (Serial Number): Displays the serial number assigned by the manufacturer. Date Code: Displays the date this module was made. Temperature: Displays the current temperature of module. Vcc: Displays the working DC voltage of module. Mon1(Bias) mA: Displays the Bias of the module. Mon2(TX PWR): Show the transmit power of module. Mon3(RX PWR): Show the receiver power of module. 5.8.2 Port Configuration Port Configuration is used to modify the setting by port.
Speed/Duplex Flow control. Parameter description: State: The communication capability of the port is Enabled or Disabled. When enabled, traffic can be transmitted and received via this port. When disabled, the port is blocked and no traffic can be transmitted through this port. Port State is configurable by the user. If you set a port’s state to Disable, then that port cannot pass traffic, even though Link is displayed. Default: Enable. Speed/Duplex: Set the speed and duplex mode for the port.
Figure 5.13 – Simple Counter Function name: Simple Counter Function description: Displays the summary counting of each port’s traffic, including Tx Byte, Rx Byte, Tx Packet, Rx Packet, Tx Collision and Rx Error Packet. Parameters description: Tx Byte: Total transmitted bytes. Rx Byte: Total received bytes. Tx Packet: The counting number of the packets transmitted. Rx Packet: The counting number of the packet received. Tx Collision: Number of collisions transmitting frames experienced.
Each data field is 20-digits. If the counting overflows, the counter will be reset and counting will be restarted. The data is updated based on the time interval defined by the user. The valid range is three to ten seconds. The refresh interval is used to set the update frequency. Default update time is three seconds. Figure 5.14 – Detail Counter Function name: Detail Counter Function description: Displays the detailed counting number of each port’s traffic. In Figure 5.
Total transmitted bytes. Tx High Priority Packets: Number of Tx packets classified as high priority. Tx Low Priority Packets: Number of Tx packets classified as low priority. Tx Broadcast: Shows the counting number of the transmitted broadcast packet. Tx Multicast: Shows the counting number of the transmitted multicast packet. Rx 64 Bytes: Number of 64-byte frames in good and bad packets received. Rx 65-127 Bytes: Number of 65 ~ 126-byte frames in good and bad packets received.
Number of short frames (<64 Bytes) with valid CRC. Rx Oversize: Number of long frames (according to max_length register) with valid CRC. Rx Fragments: Number of short frames (< 64 bytes) with invalid CRC. Rx Jabber: Number of long frames(according to max_length register) with invalid CRC. Rx Drops: Frames dropped due to the lack of receiving buffer. Rx Errors: Number of the error packets received. Tx Collisions: Number of collisions transmitting frames experienced.
5.9 PoE Function Function name: PoE Status Function description: Displays information for PoE Figure 5.15 – PoE Status Parameter description: Vmain: The volt is supplied by the PoE. Imain: The sum of the current supplied by every port. Pconsume: The sum of the power supplied by every port. Power Limit: The maximal power supplied by the switch (Read Only). Temperature: The temperature of the chip for PoE. Port No: Port number. Port On: Shows whether the port is supplying the power to the PD or not.
Overload Port Off: The switch will stop supplying PoE power to the port if the attached PD exceeds the class setting. Short Circuit Port Off: The switch will stop supplying power to the port if it detects a short circuit in the PD linked to the port. Over Temp. Protection: The port of the switch will be disabled due to fast transient rise in temperature to 240oC or slow rise in temperature to 200oC.
Priority: Three options are offered for the user to choose, including Normal, Low and High. Default is Normal. The switch will stop supplying the power to the port based on the order of the priority LowÆNormalÆHigh in case total power required by all PDs linked to the switch exceeds the power limit. If the ports have the same priority, the switch will cease the power supplement from the port with the highest port ID (12Æ1). Power(W): The power is consumed by the port.
Community name is user-definable with a maximum length of 15 characters and is case sensitive. No blank spaces are permitted in the community name string. Any printable character is allowed. The community name for each function works independently. Each function has its own community name. The community name for GET only works for the GET function and can’t be applied to other function such as SET and Trap.
5.11 DHCP Boot The DHCP Boot function is used to spread the request broadcast packet into a bigger time frame to prevent the traffic congestion due to broadcast packets from many network devices which may seek its NMS, boot server, DHCP server and predefined connections in case the whole building or block loses power. When this happens, the switch has to be rebooted.
5.12 IGMP Snooping IGMP snooping is used to establish the multicast groups to forward multicast packets to member ports. IGMP snooping avoids wasting the bandwidth while IP multicast packets are running over the network. A switch that does not support IGMP snooping cannot tell a multicast packet from broadcast packet, so it treats them as broadcast packets. Without IGMP snooping, the multicast packet forwarding function is no different from broadcast packets.
In the active mode, IGMP snooping will periodically issue the Membership Query message to all attached hosts and gather the membership report message to update the database of the multicast table. This also reduces the unnecessary multicast traffic. Passive: In passive snooping mode, IGMP snooping will not periodically poll the hosts in the groups. The switch will send a Membership Query message to all hosts only when it has received a Membership Query message from a router.
VID: The switch supports two options for managing a valid VLAN VID: Any and Custom. The default is Any. Custom allows you to fill in VID number. The valid VID range is 1~4094. Port: The switch supports two options for managing a valid port range: Any and Custom. The default is Any. If Custom is used, you may select the ports to be included in the allowed group. Add: Use add to create a new entry for allowed group configuration once you have set the parameters listed above.
named PVLAN-1 contains port members Ports 1, 2, 3 & 4, and if you are connected to Port 1, you can communicate with Port 2-4. If you are connected to Port 5, you cannot communicate with those ports. Each port-based VLAN must be assigned a group name. This switch can support a maximum of 26 port-based VLAN groups. Symmetric VLAN: This is an Ingress Rule. This rule forwards only packets with VIDs matching this port’s configured VID.
5.13.2 Tag-based Group Function name: Tag-based Group Configuration Function description: Displays tag-based VLAN groups. Use this option to create, edit and delete a tag-based VLAN groups. Add a new VLAN group by inputting a new VLAN name and VLAN ID. Parameter description: VLAN Name: Valid letters are A-Z, a-z, 0-9, “ - “ and “_” characters. The maximum length is 15 characters. VID: VLAN identifier. Each tag-based VLAN group has a unique VID used in tag-based and Doubletag mode.
Add Group: Input the VLAN name and VID. Choose the member by clicking the check box beside the port number to create a new tag-based VLAN. The parameter of untag stands for an egress rule for the port. If you select the check box beside the port number, packets with this VID outgoing from this port will be untagged. Select Apply to save the setting. Figure 5.23 – Tag-based VLAN Delete Group: Press Delete to remove the selected group entry from the tag-based group table. Figure 5.
Edit a group: Select a group entry and select Edit. member and untagged settings. 5.13.3 This allows you to modify the group’s description, PVID Function name: PVID Function description: In the PVID Setting, you can input a range of VID numbers (1 to 4094) to each port. You can choose ingress filtering rule 2 to each port. The Ingress Filtering Rule 2 is drop untagged frames. If Rule 2 is enabled, the port will discard all Untagged-frames. Figure 5.
Drop Untag: Drop untagged frame. You can configure a port to accept all frames (Tagged and Untagged) or just receive tagged frames. If the former is the case, then the packets with tagged or untagged will be processed. If the later is the case, only the packets carrying VLAN tag will be processed, and the rest packets will be discarded. 5.13.4 Port-Based Group Function name: Port-based Group Configuration Function description: Displays the information for the existing port-based VLAN groups.
Figure 5.27 – Port-based VLAN Delete Group: Use Delete to remove the selected group entry from the port-based group table. Figure 5.28 – Port-based Group Edit a group: To edit a group entry, use Edit. This allows you to modify a group‘s description and member set.
5.14 MAC Table MAC Table Configuration gathers many functions, including MAC Table Information, MAC Table Maintenance, Static Forward, Static Filter and MAC Alias, which cannot be categorized to some function type. They are described below. Function name: MAC Table Information Function Description: Displays the static or dynamic learning MAC entry and the state for the selected port. Parameter description: Port: Select the port. Search: Set up the MAC entry.
Displays the method for this MAC entry. It may show “Dynamic MAC” or “Static MAC”. Figure 5.29 – MAC Table Information Function Name: MAC Table Maintenance Function Description: This function allows the user to set up the processing mechanism of the MAC Table. An idle MAC address exceeding MAC address age-out time will be removed from the MAC Table. The range of age-out time is 10-1000000 seconds, and the setup of this time will have no effect on static MAC addresses.
Learning Limit: Set up the maximum amount of MAC addresses that each port can learn. Valid value of learning limit for ports 1~24 ranges from 0-8191. For ports 25 and port 26, only the fixed value 8192 is assigned to these two ports and you cannot configure this value. Figure 5.30 – MAC Maintenance Function Name: Function Name: Static Setting Function Description: The static function is used to configure MAC’s real attributes inside of the switch.
Parameter description: MAC: Six-byte Ethernet hardware address and usually expressed by hex and separated by hyphens. For example, 00 – 40 - C7 - D6 – 00 - 01 VID: VLAN identifier. This will be filled only when tagged VLAN is used. Valid range is 1 ~ 4094. Queue (Priority): Set the priority( 0~3) for the MAC. Forwarding Rule(Drop Policy): Static: A MAC address is assigned to a specific port. Traffic from this MAC address will be forwarded to this port.
Figure 5.32 – MAC Alias Parameter description: MAC Address: Six-byte Ethernet hardware address and usually expressed by hex and separated by hyphens. For example, 00 – 40 - C7 - D6 – 00 - 01 Alias: Assigned MAC alias name. Note: If there are too many learned MAC addresses, it is recommended to input the MAC address and alias name directly.
5.15 GVRP Configuration GVRP is an application based on the Generic Attribute Registration Protocol (GARP), mainly used to automatically and dynamically maintain the group membership information of the VLANs. GVRP provides the VLAN registration service through a GARP application. The GARP Information Declaration (GID) is used to maintain the ports associated with their attribute database and GARP Information Propagation (GIP) to communicate among switches and end stations.
Used to declare the Leave Time in unit of centisecond. Valid time range: 60 –300 centisecond, Default: 60 centisecond. Leave All Time: A registered device will be de-registered at the end of this time period. If someone still issues a new join, then a registration will be kept in the switch. Valid range: 1000-5000 unit time, Default: 1000 unit time. Default Applicant Mode: There are two modes that indicate the type of participant: participant.
Function description: GVRP counters are divided into Received and Transmitted categories which allows you monitor the GVRP actions. They are GARP packets. Figure 5.34 – GVRP Counter Parameter description: Received: Total GVRP Packets: Total GVRP BPDU received by the GVRP application. Invalid GVRP Packets: Number of invalid GARP BPDU received by the GARP application. LeaveAll Message Packets: Number of GARP BPDU with Leave All message received by the GARP application.
LeaveAll Message Packets: Number of GARP BPDU with Leave All message transmitted application. by the GARP JoinEmpty Message Packets: Number of GARP BPDU with Join Empty message transmitted by the GARP application. JoinIn Message Packets: Number of GARP BPDU with Join In message transmitted by the GARP application. LeaveEmpty Message Packets: Number of GARP BPDU with Leave Empty message transmitted by the GARP application.
Figure 5.35 – GVRP VLAN Group Information 5.16 Spanning Tree Configuration (STP) Configuration The Spanning Tree Protocol (STP) is a standardized method (IEEE 802.1D) used to avoid loops in switched networks. When STP is enabled, only one path is active between any two nodes on the network at a time. Once Spanning Tree Protocol has been enabled, advanced functions can be configured. It is recommend that STP is enabled to ensure a single active path on the network. 5.16.
Designated Priority: Displays the current root bridge priority. Root Port: Displays port number connected to root bridge with the lowest path cost. Root Path Cost: Displays the path cost between the root port and the designated port of the root bridge. Current Max. Age: Displays the current root bridge maximum age time. Maximum age time is used to monitor STP topology.
Figure 5.36 – STP Status 5.16.2 STP Configuration STP includes Rapid Spanning Tree Protocol (RSTP). STP has six parameters to be configured. These parameters are described below. Function name: STP Configuration Function description: Set the following Spanning Tree parameters to control STP function (enable/disable). Select mode RSTP/STP and affect STP state machine behavior to send BPDU in the switch. The default setting of STP is Disable. Parameter description: Spanning Tree Protocol: Set 802.
will treat the root bridge as malfunctioning and issue a Topology Change Notification (TCN) BPDU to all other bridges. All bridges in the LAN will re-calculate to determine who the root bridge is. The valid value of Max. Age is 6 ~ 40 seconds. Default is 20 seconds. Forward Delay: You can set the root bridge forward delay time. This figure is set by the root bridge only.
learning knowledge. LEARNING state indicates this port can now contribute its learning knowledge but cannot forward packets. FORWARDING state indicates this port can both contribute its learning knowledge and forward packets normally. Note: Three other states (Disable state, BLOCKING state and LISTENING state) defined in the 802.1d specification are now represented as DISCARDING state. Path Cost Status: The contribution value of the path through this port to Root Bridge.
point link. If the parameter is configured to Auto, RSTP will use the duplex mode resulting from the auto-negotiation. If it goes into half-duplex, the port will not transit to Forwarding state. If it is set as True, the port is treated as point-to-point link by RSTP and unconditionally transited to Forwarding state. If it is set to False, fast transition to Forwarding state will not occur on this port. Default: Auto M Check: Migration Check.
⎯ Operating in half-duplex mode ⎯ Aggregate the ports with different data rates Static Trunk: Ports using Static Trunk as their trunk method can choose their unique Static Group ID (also 1~3, this Static group ID can be the same with another LACP group ID) to form a logic “trunked port”. The benefit of using Static Trunk method is that a port can immediately become a member of a trunk group without handshaking with its peer port.
Group: Ports choosing the same trunking method other than “None” must be assigned a unique Group number (i.e. Group ID, valid value is from 1 to eight) so they can aggregate with each other. Active LACP: This field is only available when a port’s trunking method is LACP. Active: An Active LACP port begins to send LACPDU to its link partner as soon as the LACP protocol entity takes control of this port.
Function name: Aggregator View Function description: To display the current port trunking information from the aggregator point of view. Parameter description: Aggregator: Displays the aggregator ID (from 1 to 26) of every port. Every port is also an aggregator, and its own aggregator ID is the same as its own port number. Method: Displays the method a port uses to aggregate with other ports. Member Ports: Displays all member ports of an aggregator (port).
MAC Address: Displays the MAC Address of a system ID. Port: Displays the port number of an LACP port ID. Key: Displays the key value of the aggregator. The key value is determined by the LACP protocol entity and can’t be set through management. Trunk Status: Displays the trunk status of a single member port.”---“ means “not ready” Figure 5.42 – Aggregator 3 Information Function name: LACP System Configuration Function description: Used to set the priority of the LACP system ID.
Figure 5.42 – LACP System Configuration 5.18 802.1X Configuration 802.1X port-based network access control provides a method to restrict users to access network resources via authenticating user’s information. This restricts users from gaining access to the network resources through a 802.1X-enabled port without authentication. To access the network through a port under 802.
controlled port remains in the authorized state until re-authentication fails. A port acting as an authenticator is thought to be two logical ports, a controlled port and an uncontrolled port. A controlled port can only pass packets when the authenticator PAE is authorized. Otherwise, an uncontrolled port will unconditionally pass the packets with PAE group MAC address, which has the value of 01-80-c2-00-00-03 and will not be forwarded by MAC bridge, at any time.
supplicant’s credentials to Authentication server for verification. If successful, the authentication server will notify the authenticator. PC A is then allowed to access B and C via the switch. If there are two switches directly connected together instead of a single one, the link ports connecting the two switches may have to perform two port roles: authenticator and supplicant, because the traffic is bi-directional. Authentication server C Figure 5.44 Authenticator B Supplicant A Figure 5.
supplicant and the devices connected to this port won’t be allowed to access the network. 10. When the supplicant issues an EAP-Logoff message to Authentication server, the active port being used is set to unauthorized.
Function name: 802.1X State Setting Function description: This function is used to configure the global parameters for RADIUS authentication in 802.1X port security application. Parameter description: Radius Server: RADIUS server IP address for authentication. Default: 192.168.1.1 Port Number: The port number to communicate with RADIUS server for the authentication service. The valid value ranges 1-65535. Default port number is 1812.
Parameter description: Port Number: Indicate which port is selected to configure the 802.1X operation mode. 802.1X Mode: 802.1X operation mode. There are two options, including Disable and Multihost mode. Default is Disable. Disable The chosen port acts as a plain port, which means 802.1X port access control does not work on the port. 802.1X with multihost In multihost mode, the devices connected to this port can access the network, once a supplicant is authorized. Figure 5.47 – 802.
Port Status: The current 802.1X status of the port. In Disable mode, this field is Disabled. 802.1X with Multihost mode: Select 802.1X with Multihost mode for a port. With the function 802.1X Port Mode Configuration, devices can access the network through this port once the authenticator is authorized. The Port Status will display the following screen. If the port is granted to access the network, the port status is authorized, otherwise, unauthorized. Figure 5.
Default: Auto reAuthMax (1-10): The number of authentication attempts that is permitted before the port becomes unauthorized. Default: 2 txPeriod (1-65535 s): A time period to transmitted EAPOL PDU between the authenticator and the supplicant. Default: 30 Quiet Period (0-65535 s): A period of time during in which access the supplicant will not be attempted. Default: 60 seconds reAuthEnabled: Choose whether regular authentication will take place in this port.
Figure 5.49 – Port Parameter Setting 5.19 Alarm Configuration Alarm Configuration Events Configuration Email/SMS Configuration Function name: Events Configuration Function description: The Trap Events Configuration function is used to enable the switch to send out trap information while pre-defined trap events occur. The switch provides 22 different trap events. The trap information can be sent out in three ways, including email, mobile phone SMS (short message system) and trap.
PoE: PoE Failure Figure 5.50 – Trap Events Configuration Function name: Email/SMS Configuration Function description: Alarm configuration is used to configure the recipients of the alarm message via email or SMS, or both. The method is dependent on the settings. An email address or a mobile phone number has to be set in the alarm configuration (See Figure 5.2). If set properly, you can read the trap information from your email or mobile phone.
Figure 5.51 – Alarm Configuration 5.20 Configuration The switch supports three copies of configurations, including the default configuration, working configuration and user configuration for your configuration management. The three copies are described below: Default Configuration: The default configuration is the factory setting and cannot be altered.
Figure 5.52 - Configuration 5.20.1 Configuration File Function name: Save As Start Configuration Function description: Save the current configuration as a start configuration file in flash memory. Figure 5.
Function name: Save As User Configuration Function description: Save the current configuration as a user configuration file in flash memory. Figure 5.54 – Configuration – Save User 5.20.2 Restore Default Configuration Function name: Restore Default Configuration (includes default IP address) Function description: Restore Default Configuration function can retrieve the factory setting to replace the start configuration.
Function name: Restore Default Configuration (excludes current IP address) Function description: Restore Default Configuration function can retrieve the factory setting to replace the start configuration. However, by using this restore, the switch’s current IP address will not be changed and will NOT be restored to 192.168.1.1. Figure 5.
5.20.3 Configuration File Function name: Config File Function description: Use this function to back up or reload the configuration files of Save As Start or Save As User via TFTP. Parameter description: Export File Path: Export Start: Export Save As Start’s configuration file stored in flash. Export User-Conf: Export Save As User’s configuration file stored in flash. Import File Path: Import Start: Import Save As Start’s configuration file stored in flash.
5.21 Security Function name: Mirror Configuration Function description: Mirror Configuration is used to monitor network traffic. For example, if Port A and Port B are used as the Monitoring Port and Monitored Port respectively, the traffic received by Port B will be copied to Port A for monitoring. Parameter description: Mode: Used for the activation or de-activation of the Port Mirror function. Port Mirroring is disabled by default. Monitoring Port: Used to set up the port for monitoring.
network administrator to immediately find a port that is causing the occurrence of looping problems in the network. Parameter description: Mode: Used for the activation or de-activation of Isolated Group function. The default is disabled. Isolated Group: Choose any port to be the member of this group. Just click the check box (;) beside the port x. The valid ports are Port 1~26. In this group, all of these member ports cannot forward packets to each other.
Figure 5.61 – Restricted Group 5.22 Bandwidth Management Function name: Ingress Bandwidth Setting Function description: The Ingress Bandwidth Setting function is used to set the limit of Ingress bandwidth for each port. Parameter description: Port No.: Choose the desired port for the Ingress Bandwidth Setting. The valid range for the ports is 1~26. Rate: Set the limit of Ingress bandwidth for the chosen port. Incoming traffic will be discarded if the rate exceeds the value you set in the Data Rate field.
Rate: Set the limit of Egress bandwidth for the chosen port. Packet transmission will be delayed if the rate exceeds the value you set in the Data Rate field. Traffic may be lost if the egress buffers run full. The format of the packets is limited to unicast, broadcast and multicast. Valid value of Ports 1~24 ranges from 66~102400 and for Ports 25~26 ranges from 66~1024000 with the minimum unit of 1. The default value of Port 1~24 is 102400 and Port 25~26 is 1024000. Figure 5.
Storm Rate : Sets up the limit of bandwidth for storm type you choose. Valid value of the storm rate ranges from 1-100 with the minimum unit of 1. Only integers are acceptable. The default is 100. Figure 5.63 – Bandwidth Storm Control 5.23 Quality of Service (QoS) Configuration The switch supports the following five types of QoS: • MAC Priority – MAC priority ports act by using the destination address of MAC in packets. • 802.1p Priority – VLAN tagged priority fields are affected by the 802.
High Priority Packet streams will experience less delay into the switch. For handing different priority packets, each egress port has up to four queues. Each QoS is influenced by two scheduling schemes, WRR (Weighted Round Robin) and Strict Priority. Once the priority mapping is set to the queue, WRR scheduling will distribute the bandwidth according to the weight you set for four queues (queue 0 to queue 3). Strict Priority is used for the VIP Port of QoS.
QoS Mode: You must Enable the QoS Mode in order for the QoS function to become effective. The default is Disabled. Priority Control: Click the check box (;) for 802.1P, TOS, or DSCP Qos. Click Apply. Scheduling Method: There are two Scheduling Methods, WRR and Strict Priority. The default is WRR. Once the Scheduling Method is chosen, click Apply. Weight (1~55): Set the weight values of Queue 0 to Queue 3. The range of Weight can be set from 1~55.
Figure 5.65 – VIP Port Function name: 802.1p Setting Function description: This function will affect the priority of VLAN tag. Based on priority of the VLAN tag, 0~8 priorities can map up to four queues of the switch (queue 0~3) and possess different bandwidth distribution according to your weight setting. Parameter description: 802.1p Priority Mapping: Each Priority can select Queue 0 ~ Queue 3.
Function name: D-Type TOS Function description: IP TOS Priority affects the TOS fields of the IP header. It has an 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field could be divided into the following six subfields: PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
Function name: T-Type TOS Function description: IP TOS Priority affects the TOS fields of the IP header. It has an 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field can be divided into the following six subfields: PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
Function name: R-Type TOS Function description: The IP TOS Priority affects the TOS fields of the IP header It has an 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field can be divided into the following six subfields: PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
The IP TOS Priority affects the TOS fields of IP header. It has an 8-bit SERVICE TYPE field that specifies how the datagram should be handled. The field can be divided into the following six subfields: PRECEDENCE (3 bits), D-Type (Delay Priority, 1 bit ), T-Type (Throughput Priority, 1bit), R-Type (Reliability Priority, 1bit ), M-Type (Monetary Cost Priority, 1bit ), and UNUSED.
Parameter description: DSCP Priority Mapping: 64 types of priority traffic can be set. You can set Queues 0~3. By default, Priority 0~15 are mapped to Queue 0, Priority 16~31 are mapped to Queue 1, Priority 32~47 are mapped to Queue 0, Priority 48~63 are mapped to Queue 0. Figure 5.71 – DSCP Priority Mapping 5.24 Diagnostics Three functions, including Diagnostics, Loopback Test and Ping Test are available for device self-diagnostics. Each of them will be described in detail in the following sections.
Function description: Diagnostics provides a set of basic system diagnosis. Diagnostics provides tests to see if the system in working order. The basic system check includes EEPROM test, UART test, DRAM test and Flash test. Figure 5.72 - Diagnostics Function name: Loopback Test Function description: In the Loopback Test function, there are two loopback tests -- Internal Loopback Test and External Loopback Test. The Internal test function will not send the test signal outside the switch box.
Figure 5.73 – Loopback Test Function name: Ping Test Function description: Ping Test function is a tool for detecting whether or not the target device is making a connection through the ICMP protocol which submits report messages. The switch provides Ping Test function to let you know whether the target device is available or not. You can simply fill in a known IP address and then click Ping. After a few seconds, the switch will report to the pinged device the result of the Ping.
5.25 TFTP Server Function name: Trivial File Transfer Protocol (TFTP) Server Function description: Set up IP address of TFTP server. Parameter description: Specify the IP address of the TFTP server. Once you have entered the IP of the TFTP server, click on Apply so the setting will take effect. Figure 5.75 – TFTP Server 5.26 Log Data This function displays the log data. The switch provides system log data for users. There are seventeen private trap logs and five public trap logs.
Function name: Log Data Function description: The Trap Log Data displays the log items including all SNMP Private Trap events, SNMP Public traps and user logs occurred in the system. In the report table, No., Time and Events are three fields contained in each trap record. Figure 5.76 – Log Data Parameter description: No.: Displays the order number of the traps. Time: Displays the time of the trap. Events: Displays the trap event name.
5.27 Firmware Upgrade A software upgrade tool is used to upgrade the software functions and to fix or improve the functionality of the switch. The switch provides a TFTP client for software upgrade which is done through the network connection. Function name: Firmware Upgrade Function description: The switch supports software upgrade through a TFTP server. To apply a firmware upgrade, follow this procedures: 1. Specify the IP address TFTP server. 2.
5.28 Reboot There are a few ways to reboot the switch, including power up, hardware reset and software reset. You can press the RESET button in the front panel to reset the switch. After upgrading software, changing IP configuration or modifying VLAN configurations, you must reboot in order for the new configuration to take effect. Function name: Reboot Function description: Reboot the switch. Reboot takes the same effect as the RESET button on the front panel of the switch.
Parameter description: Auto Logout: Default is ON (three minutes). If no action is taken within three minutes, the switch will logout automatically. Figure 5.
6.0 Operation of CLI Management Section 4 of this manual provides detailed information for console connection to the switch. This section provides detailed syntax and examples for CLI management. 6.1 Login The command-line interface (CLI) is a text-based interface. You can access the CLI through either a direct serial connection to the device or a Telnet session.
6.2 Commands of CLI To see the commands of the mode, please input “?” after the prompt, then all commands will be listed in the screen. All commands can be divided into two categories, including global commands and local commands. The following global commands can be used in any mode: Exit End Help History Logout Save start Save user Restore default Restore user Command instructions residing in the corresponding modes are local commands.
The following table lists the CLI commands and descriptions. Command Syntax Global Commands End end Exit exit Help help History history Logout logout Restore Default restore default Restore user restore user Save Start save start Waters Network Systems Description Argument Possible Value Return to top mode Returns to previous mode Displays available commands. When you use help, all commands are displayed. This command will help you distinguish between local and global commands.
Command Save User Syntax save user Local Commands 802.1x Set maxset maxrequest request Description order to use the current configuration if the switch is rebooted. Use this command to save the current configuration as the user-defined configuration. This command saves your current configuration into the non-volatile FLASH as the userdefined configuration.
Command Syntax Description Argument Possible Value becomes unauthorized. : max. value, range 1-10 : syntax 1, 5-7, available 1 to 12 : timer, range 1-65535 default is 2 Set ReAuthPeriod Set reauthperiod This command sets a constant that defines a non zero number of seconds between periodic reauthentication of the supplicant.
Command Syntax Description Argument Possible Value Show state Show state Displays the Radius server configuration None None Used to create a new guest user. When a new guest user is created, the new password must be entered and confirmed.
Command Syntax Description Set sms set sms Used to enable the SMS of the events Set trap set trap Used to enable the trap of events Show show Show (alarm) show Used to display the configuration of an alarm event Alarm is used to display the configuration of Trap, SMS or email <> Del phonenumber Del serveruser Set phonenumber Set server Set user del phonenumber <#> del server-user set phonenumber <#> set server Used to delete SMS phone number Used to
Command Syntax Description Argument Possible Value 12 : 0-1000 : syntax 1, 57, available from 1 to 12 : 0-1000 None : 01000 ; 1 to 12 : 01000 None None None None None None None None None :filepath and filename :filep ath and filename :file path and filename None Enable stormrate enable stormrate Used to set the storm-rate of the port Show Show Used to display all cu
Command Syntax Description Argument Possible Value GVRP Disable disable None None Enable enable None None Group group Used to disable the GVRP function Used to enable the GVRP function Used to modify a GVRP group’s setting. The applicant or registrar mode of an existing GVRP group per port can be changed.
Command Syntax Description Argument Possible Value Show config show config None None Show counter show counter To display the GVRP configuration Used to display the counter number of the port : port number Show group show group Used to display the GVRP groups None : available from 1 to 8 None hostname Used to set the hostname of the switch :hostname, max 40 characters :hostna me, max 40 characters Use to set the most for IGMP snooping :0:disable
Command Syntax Description Argument Possible Value ; mac address, format: 00-02-03-0405-06 ; mac address, format: 00-02-03-0405-06 mac alias name, max 15 characters None :mac address tffp. Mac-Table <> Del del Used to delete the MAC alias entry Set set Used to set the MAC alias entry.
Command Syntax Description Del del Used to remove the static MAC entry Show filter show filter Show forward show forward Used to display the static filter table Used to display the static forward table Management Add Argument Possible Value characters : mac address, format 00-02-03-0405-06 :vlan id. 0, 14094.
Command Show Syntax Description Argument Possible Value [ ] h(ttp), s(nmp) or t(elnet) or any [ ] No default and must be set None show Used to show the specific management policy record None set len Used to set the maximum length of the packet that each port of the switch can accept show Used to display current setting for maximum packet length : port range, syntax 1, 5-7, available from 1 to 12: maximum packet length None set
Command Syntax Description Argument Possible Value Enable flowcontrol enable flowcontrol Used to enable the flow control function of the port : 1~12 Enable state enable state Set speedduplex set speedduplex Used to enable the communication capability of the port Used to set the speed and duplex mode of all ports :syntax 1, 57, available from 1 to 12 :syntax 1, 57, available from 1 to 12 :syntax 1,
Command Syntax Description Set default set default Used to set priority class of the packets that QoS doesn’t affect Set diffserv set diffserve Used to set class of ports on IP DiffServe QoS Set mode set mode Used to set QoS priority mode of the switch Set port set port Used to set class of ports on port-based QoS Set pri-tag set pri_tax Used to set class of ports on
Command Syntax Description Argument Possible Value 6: prioritize databases (Oracle, IBM DB2, SQL, Microsoft) :, syntax: 1, 5-7, available from 1 to 12: tos precedence field, syntax 1, 5-7, available from 0 to 7 : classof service setting.
Command Syntax Description Set port set port Used to set up the port information of STP Set version Show config set version show config Show port show port Show status show status Used to set up the version of STP Used to display the configuration of STP Used to display the port information of STP Used to display the status of STP System Set contact set contact set devicename Used to set the
Command Syntax Description Argument Possible Value Set daylightsaving Set daylightsaving
Used to set daylight saving time hr:daylight: -5 to +5 MM: (01-12) DD: (01-31) HH: (01-23) mm: (01-12) dd: (01-31) hh: (00-23) Set manual set manual Used to set the current time manually Set ntp set ntp Used to set the current time via the NTP server Show show Used to show the time configuration, including current time, NTP server, timeCommand Syntax Show aggtrview Show lacpdetail show aggtrview show lacpdetail Show lacppriority Show status show lacppriority show status VLAN Del port-group Description Used to display the aggregator list Used to display the detailed information of the LACP trunk group Used to display the value of LACP priority Used to display the aggregator status and the settings of each port Del tag-group del port-group del tag-group Disable dropuntag disable dropuntag Used to delete t
Command Syntax Description Argument Possible Value [vid} Configure the port roles.
7.0 Maintenance The possible causes for a no link LED status are as follows: The attached device is not powered on The cable may not be the correct type or is faulty The installed building premise cable is faulty The port may be faulty 7.1 Examples 1. Computer A connects to Computer B but cannot connect to Computer C. a. The network cable from Computer C may be faulty. Check the link/act status of Computer C on the LED indicator. Try another network device with this connection. b.
8.0 Troubleshooting All Waters’ switching products are designed to provide reliability and consistently high performance in all network environments. The installation of Waters’ ProSwitch PS-2126M switch is a straightforward procedure. Should problems develop during installation or operation, this section is intended to help locate, identify and correct these types of problems. Please follow the suggestions listed below prior to contacting your supplier.
that you purchased the products from your supplier. 3. It is useful to include other network equipment models and related hardware, including personal computers, workstations, terminals and printers; plus, the various network media types being used. 4. A record of changes that have been made to your network configuration prior to the occurrence of the problem. Any changes to system administration procedures should all be noted in this record. 8.
8.3 Shipping and Packaging Information Should you need to ship the unit back to Waters Network Systems, please follow these instructions: Package the unit carefully. It is recommended that you use the original container if available. Units should be wrapped in a "bubble-wrap" plastic sheet or bag for shipping protection. (You may retain all connectors and this Installation Guide.) CAUTION: Do not pack the unit in Styrofoam "popcorn" type packing material.
9.0 Warranty Waters’ warranty statement is available on our web site at: www.watersnet.com.
