MDI-110 Series User’s Manual Version 1.
Copyright Notice Copyright 2013 Westermo Teleindustri AB All rights reserved. Reproduction in any form or by any means without permission is prohibited.
Federal Communications Commission (FCC) Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
Index 1 2 3 4 Introduction .......................................................................................................... 6 1.1 Overview .................................................................................................... 6 1.2 Major Features ........................................................................................... 7 1.3 Package List ................................................................................................ 7 Hardware Installation .....
Appendix ........................................................................................................... 158 5.1 Pin Assignment of the RS-232 Console Cable ........................................ 158 5.2 Private MIB ............................................................................................. 159 5.3 Revision History......................................................................................
1 Introduction Welcome to Westermo i-line MDI-110 Series User Manual. Following topics are covered in this chapter: 1.1 Overview 1.2 Major Features 1.3 Package Checklist 1.1 Overview MDI-110 series, Industrial 10-port Managed Ethernet Switches, have 7 10/100Base-TX ports and 3 combo ports, 10/100/1000 RJ-45 / 100-FX / Gigabit SX/LX for MDI-110-F3G and 10/100 RJ-45 / 100-FX SX/LX for MDI-110-F3. MDI-110 is especially designed to operate under harsh environmental conditions.
1.
If any of the above items are missing or damaged, please contact your local sales representative.
2 Hardware Installation This chapter includes hardware introduction, installation and configuration information. Following topics are covered in this chapter: 2.1 Hardware Introduction Dimension Panel Layout Bottom View 2.2 2.3 2.4 2.5 2.6 Wiring Power Inputs Wiring Digital Input Wiring Relay Output Wiring Ethernet Ports Wiring Combo Ports 2.7 Wiring RS-232 console cable 2.8 DIN-Rail Mounting Installation 2.9 Wall-Mounting Installation 2.
Panel Layout MDI-110-F3G MDI-110-F3 Bottom View The bottom view of the switch consists of three terminal block connectors with two DC power inputs, two Digital Inputs, two Relay Outputs and one Earth Ground.
2.2 Wiring Power Inputs Follow below steps to wire the redundant DC power inputs. 1. 2. 3. 4. Insert positive and negative wires into V+ and V- contacts respectively of the terminal block connector Tighten the wire-clamp screws to prevent DC wires from being loosened. Power 1 and Power 2 support power redundancy and polarity reverse protection functions. Positive and negative power system inputs are both accepted, but Power 1 and Power 2 must apply the same mode.
2.3 Wiring Digital Input The switch provides 2 digital inputs. It allows users to connect the termination units’ digital output and manage/monitor the status of the connected unit. The Digital Input pin can be pulled high or low; thus the connected equipment can actively drive these pins high or low. The embedded software UI allows you to read and set the value to the connected device. The power input voltage of logic low is DC 0~10V. Logic high is DC 11~30V.
suggest you to make exact connection with the Earth Ground. On the bottom side of the switch, there is one earth ground screw. Loosen the earth ground screw using a screw-driver; then tighten the screw after earth ground wire is connected. DC1 DC2 DC1 DC2 2.6 Wiring Fast Ethernet Ports The switch includes 7 RJ-45 Fast Ethernet ports. The Fast Ethernet ports support 10Base-T and 100Base-TX, full or half duplex modes.
Connect one side of an Ethernet cable into any switch port and connect the other side to your attached device. The LNK LED will light up when the cable is correctly connected. Refer to the LED Indicators section for descriptions of each LED indicator. Always make sure that the cables between the switches and attached devices (e.g. switch, hub, or workstation) are less than 100 meters (328 feet). The wiring cable types are as below. 10Base-T: 2-pair UTP/STP Cat.
1 Laser/LED Diode. Note: It is recommended not to plug in SFP fiber transceiver and link up RJ-45 port at same time, it might cause the connection does not work properly. 2.9 Wiring RS-232 Console Cable Westermo attaches one RS-232 DB-9 to RJ-45 cable in the box. Connect the DB-9 connector to the COM port of your PC, open Terminal tool and set up serial settings to 9600, N,8,1. (Baud Rate: 9600 / Parity: None / Data Bit: 8 / Stop Bit: 1) Then you can access the CLI interface using the console cable.
2. Lightly push the bottom of DIN-Rail clip into the track. 3. Check if the DIN-Rail clip is tightly attached to the track. 4. To remove the switch from the track, reverse the steps above. Note: The DIN-Rail track should comply with DIN EN50022 standard. Using the wrong DIN-Rail track may cause an unsafe system install.
2.11 Wall-Mounting Installation Follow the steps below to install the switch with the wall mounting plate. 1. 2. 3. 4. To remove the DIN-Rail clip from the switch, loosen the screws. Place the wall mounting plate on the rear panel of the switch. Use the screws to tighten the wall mounting plate onto the switch. Use the hook holes at the corners of the wall mounting plate to hang the switch onto the wall. 5. To remove the wall mounting plate, reverse the steps above.
“Laite on liitettava suojamaadoitus-koskettimilla varustettuun pistorasiaan” „Apparatet ma tilkoples jordet stikkontakt“ ”Apparaten skall anslutas till jordat uttag” 18
3 Preparation for Management The switch provides both in-band and out-band configuration methods. You can configure the switch via RS-232 console cable if you don’t attach your admin PC to your network, or if you lose network connection to the switch. This is so-called out-band management. It wouldn’t be affected by network connectivity. The in-band management means you can remotely manage the switch via the network. You can choose Telnet, SSH or Web-based management.
3.2 Preparation for Web Interface The switch provides HTTP Web Interface and Secured HTTPS Web Interface for web management. 3.2.1 Web Interface Westermo web management page is developed by JAVA. It allows you to use a standard web-browser such as Microsoft Internet Explorer, or Mozilla Firefox, to configure and/or log from the switch from anywhere on the network.
Click on Enter or OK. The Welcome page of the web-based management interface will then appear. Once you enter the web-based management interface, you can freely change the IP address to fit your network environment. Note 1: Internet Explorer (IE) 5.0 or later versions do not allow Java applets to open sockets by default. Users have to directly modify the browser settings to selectively enable Java applets to use network ports.
5. 6. 7. 3.3 Key in the user name and the password. The default user name is admin and password is westermo. Press Enter or click on OK. The welcome page of the web-based management interface will then appear. Once you enter the web-based management interface, all the commands you see are the same as what you see by HTTP login. Preparation for Telnet Console 3.3.1 Telnet The switch supports Telnet console.
1. Open SSH Client/PuTTY In the Session configuration, enter the Host Name (IP Address of your switch) and Port number (default = 22). Choose the “SSH” protocol. Then click on “Open” to start the SSH session console. 2. After click on Open, then you can see the cipher information in the popup screen. Press Yes to accept the Security Alert. 3. After few seconds, the SSH connection to the switch is opened. 4. Type the Login Name and its Password. The default Login Name and Password are admin/westermo.
5. All the commands you see in SSH are the same as the CLI commands you see via RS232 console. The next chapter will introduce in detail how to use command line to configure the switch.
4 Feature Configuration This chapter explains how to configure software features. There are four ways to access the switch: Serial console, Telnet/SSH, Web browser and SNMP. The Industrial Managed Switch provides both in-band and out-band configuration methods. You can configure the switch via RS232 console cable if you don’t attach your admin PC to your network, or if you lose the network connection to your Switch. This is so-called out-band management. It wouldn’t be affected by the network performance.
4.1 Command Line Interface Introduction The Command Line Interface (CLI) is one of the user interfaces to the switch’s embedded software system. You can view the system information, show the status, configure the switch and receive a response back from the system by typing in a command. There are different command modes and each mode has its own access ability, available command lines and uses different command lines to enter and exit.
Global Configuration Mode: Type configure terminal in privileged EXEC mode and you will then enter global configuration mode. In global configuration mode, you can configure all the features that the system provides you. Type interface IFNAME/VLAN to enter interface configuration mode, exit to leave. ? to see the command list. Available command lists of global configuration mode.
Available command lists of the global configuration mode. Switch(config)# interface fa1 Switch(config-if)# acceptable Configure 802.1Q acceptable frame types of a port.
Summary of the 5 command modes. Command Main Function Enter and Exit Method Prompt This is the first level of access. Enter: Login successfully Switch> User can ping, telnet remote Exit: exit to logout. device, and show some basic Next mode: Type enable to information enter privileged EXEC mode. Mode User EXEC Privileged In this mode, the system allows Enter: Type enable in User EXEC you to view current EXEC mode.
Here are some useful commands for you to see these available commands. Save your time in typing and avoid typing error. ? To see all the available commands in this mode. It helps you to see the next command you can/should type as well. Switch(config)# interface (?) IFNAME Interface's name vlan Select a vlan to configure (Character)? To see all the available commands starts from this character.
4.2 Basic Setting The Basic Setting group provides you to configure switch information, IP address, user name/password of the system. It also allows you to do firmware upgrade, backup and restore configuration, reload factory default, and reboot the system. Following commands are included in this section: 4.2.1 Switch Setting 4.2.2 Admin Password 4.2.3 4.2.4 4.2.5 4.2.6 4.2.7 IP Configuration Time Setting DHCP Server Backup and Restore Firmware Upgrade 4.2.8 4.2.9 4.2.
private MIB in MIB browser. Note: When you attempt to view private MIB, you should compile private MIB files into your MIB browser first. System Description: The name of this switch. Firmware Version: Display the firmware version installed in this device. MAC Address: Display unique hardware address (MAC address) assigned by the manufacturer. Once you finish the configuration, click on Apply to apply your settings. Note: Always remember to select Save to save your settings.
4.2.3 IP Configuration This function allows users to configure the switch’s IP address settings. DHCP Client: You can select to Enable or Disable DHCP Client function. When DHCP Client function is enabled, an IP address will be assigned to the switch from the network’s DHCP server. In this mode, the default IP address will therefore be replaced by the one assigned by DHCP server. If DHCP Client is disabled, then the IP address that you specified will be used instead.
fe80::207:7cff:fe60:0. IPv6 Address field: typing new IPv6 address in this field. Prefix: the size of subnet or network, and it equivalent to the subnet mask, but written in different. The default subnet mask length is 64bits, and written in decimal value -64. Add: after add new IPv6 address and prefix, don’t forget click icon-“Add” to apply new address to system. Remove: select existed IPv6 address and click icon-“Remove” to delete IP address. Reload: refresh and reload IPv6 address listing.
The system will update IPv6 Neighbor Table automatically, and user also can click the icon “Reload” to refresh the table. 4.2.4 Time Setting Time Setting source allow user to set the time manually or via a NTP server. Network Time Protocol (NTP) is used to synchronize computer clocks in a Network. You can configure NTP settings here to synchronize the clocks of several switches on the network. It also provides Daylight Saving Time function.
GMT Greenwich Mean Time.
36 37 38 39 40 41 42 43 44 (GMT+02:00) Helsinki, Riga, Tallinn (GMT+02:00) Jerusalem (GMT+03:00) Baghdad (GMT+03:00) Kuwait, Riyadh (GMT+03:00) Moscow, St.
74 (GMT+13:00) Nuku'alofa Daylight Saving Time: Set when Enable Daylight Saving Time start and end, during the Daylight Saving Time, the device’s time is one hour earlier than the actual time. Daylight Saving Start and Daylight Saving End: the functions allows user to selects and apply the daylight saving start and end week by monthly basis. Once you finish your configuration, click on Apply to apply your configuration. 4.2.5 DHCP Server You can select to Enable or Disable DHCP Server function.
After selecting to enable DHCP Server function, type in the Network IP address for the DHCP server IP pool, Subnet Mask, Default Gateway address and Lease Time for client. Once you have finished the configuration, click Apply to apply your configuration Excluded Address: You can type a specific address into the IP Address field for the DHCP server reserved IP address. The IP address that is listed in the Excluded Address List Table will not be assigned to the network device.
option 82 function. Port and IP Address (Port Based DHCP Server configuration): the Switch also supports port-based DHCP server function. It allows user assign specified IP address to specified port that DHCP client presented; and the DHCP server only offer the predefined IP address to the DHCP client. DHCP Leased Entries: the switch provides an assigned IP address list for user check. It will show the MAC and IP address that was assigned by the switch. Click the Reload button to refresh the listing.
DHCP Relay Agent You can select to Enable or Disable DHCP relay agent function, and then select the modification type of option 82 field, circuit ID, remote ID.
Relay policy drop: Drops the option 82 field and do not add any option 82 field. Relay policy keep: Keeps the original option 82 field and forwards to server. Relay policy replace: Replaces the existing option 82 field and adds new option 82 field. (This is the default setting) Helper Address: there are 4 fields for the DHCP server’s IP address. You can filll the field with prefered IP address of DHCP Server, and then click “Apply” to activate the DHCP relay agent function.
the configuration back to the switch. This mode is only provided by Web UI while CLI is not supported. TFTP Server mode: In this mode, the switch acts as TFTP client. Before you do so, make sure that your TFTP server is ready. Then please type the IP address of TFTP Server and Backup configuration file name. This mode can be used in both CLI and Web UI. TFTP Server IP Address: You need to key in the IP address of your TFTP Server here.
Click on Folder icon to select the target file you want to backup/restore. Note that the folders of the path to the target file do not allow you to input space key. Type the IP address of TFTP Server IP. Then click on Backup/Restore. Note: point to the wrong file will cause the entire configuration missed. 4.2.7 Firmware Upgrade In this section, you can update the latest firmware for your switch. Westermo provides the latest firmware in the web site.
here. Firmware File Name: The file name of the new firmware. The UI also shows you the current firmware version and built date of current firmware. Please check the version number after the switch is rebooted. Click on Upgrade to start the process. After finishing transmitting the firmware, the system will copy the firmware file and replace the firmware in the flash. The CLI show “……” until the process is finished. 4.2.
System Reboot allows you to reboot the device. Some of the feature changes require you to reboot the system. Click on Reboot to reboot your device. Note: Remember to click on Save button to save your settings. Otherwise, the settings you made will be gone when the switch is powered off. Pop-up alert screen to request confirmation. Click on Yes. Then the switch will be rebooted immediately. Pop-up message screen appears when rebooting the switch.. 4.2.
support@westermo.se SWITCH> show version 0.31-20061218 Switch# show hardware mac MAC Address : 00:07:7c:e6:00:00 Admin Password User Name and SWITCH(config)# administrator Password NAME Administrator account name SWITCH(config)# administrator super PASSWORD Administrator account password SWITCH(config)# administrator super super Change administrator account super and password super success.
! Time Setting NTP Server SWITCH(config)# ntp peer enable disable primary secondary SWITCH(config)# ntp peer primary IPADDR SWITCH(config)# ntp peer primary 192.168.2.200 Time Zone SWITCH(config)# clock timezone 26 Sun Jan 1 04:13:24 2006 (GMT) Greenwich Mean Time: Dublin, Edinburgh, Lisbon, London Note: By typing clock timezone ?, you can see the timezone list. Then choose the number of the timezone you want to select.
Switch(config-dhcp)#network 192.168.17.0/24 -( network/mask) Switch(config-dhcp)#default-router 192.168.17.
(list leased Time remain information for each entry) Backup and Restore Backup Startup Switch# copy startup-config tftp: Configuration file 192.168.2.33/default.conf Writing Configuration [OK] Note 1: To backup the latest startup configuration file, you should save current settings to flash first. You can refer to 4.12 to see how to save settings to the flash. Note 2: 192.168.2.33 is the TFTP server’s IP and default.conf is name of the configuration file.
System Reboot Reboot Switch# reboot 51
4.3 Port Configuration Port Configuration group enables you to enable/disable port state, or configure port auto-negotiation, speed, and duplex, flow control, rate limit control and port aggregation settings. It also allows you to view port status and aggregation information. Following commands are included in this section: 4.3.1 Port Control 4.3.2 Port Status 4.3.3 4.3.4 4.3.5 Rate Control Port Trunking Command Lines for Port Configuration 4.3.
Duplex(10 Half), 100M Full Duplex(100 Full), 100M Half Duplex(100 Half), 1000M Full Duplex(1000 Full), 1000M Half Duplex(1000 Half). The default mode is Auto Negotiation mode. In Flow Control column, “Symmetric” means that you need to activate the flow control function of the remote network device in order to let the flow control of that corresponding port on the switch to work.
SFP Vendor: Vendor name of the SFP transceiver you plugged. Wavelength: The wave length of the SFP transceiver you plugged. Distance: The distance of the SFP transceiver you plugged. Reload: reload the all SFP port information. Scan all: scan the SFP DDM transceiver and display the information. Eject: Eject the SFP transceiver. You can eject one port or eject all by click the icon “Eject All”. Temperature: The temperature spcific and current detected of DDM SFP transceiver.
4.3.3 Rate Control Rate limiting is a form of flow control used to enforce a strict bandwidth limit at a port. You can program separate transmit (Egress Rule) and receive (Ingress Rule) rate limits at each port, and even apply the limit to certain packet types as described below. Packet type: You can select the packet type that you want to filter. The packet types of the Ingress Rule listed here include Broadcast Only / Broadcast and multicast / Broadcast, Multicast and Unknown Unicast or All.
4.3.4 Port Trunking Port Trunking configuration allows you to group multiple Ethernet ports and to increase link bandwidth. The aggregated ports can be viewed as one physical port so that the bandwidth is higher than merely one single Ethernet port. The member ports of the same trunk group can balance the loading and backup for each other. Port Trunking feature is usually used when you need higher bandwidth for backbone network. This is an inexpensive way for you to transfer more data.
Trunk Size: The switch can support up to 5 trunk groups. Each trunk group can support up to 8 member ports. Since the member ports should use same speed/duplex, max groups for 100M ports would be 7, and 3 for gigabit ports. Group ID: Group ID is the ID for the port trunking group. Ports with same group ID are in the same group. Type: Static and 802.3ad LACP. Each Trunk Group can only support Static or 802.3ad LACP. Choose the type you need here.
Type: Static or LACP set up in Aggregation Setting. Aggregated: When the LACP links is up, you can see the member ports in Aggregated column. Individual: When LACP is enabled, member ports of LACP group which are not connected to correct LACP member ports will be displayed in the Individual column. Link Down: When LACP is enabled, member ports of LACP group which are not linked up will be displayed in the Link Down column. 4.3.
Switch(config)# interface gigabitethernet10 eject port 10 SFP DDM transceiver. Switch(config-if)# sfp ddm eject DDM SFP on Port 10 normally ejected.
Mdix mode is Disable. Medium mode is Copper. Switch# show sfp ddm show SFP DDM information Port 8 Temperature:N/A Tx power:N/A Rx power:N/A Port 9 Temperature:64.00 C Tx power:-6.0 dBm Rx power:-30.0 dBm Port 10 Temperature:67.00 C Tx power:-6.0 dBm Rx power:-2.0 dBm Note: Administrative Status -> Port state of the port. Operating status -> Current status of the port.
Bandwidth <0-100> Limit in magabits per second (0 is no limit) Switch(config-if)# rate-limit ingress bandwidth 8 Set the ingress rate limit 8Mbps for Port 1. Port Trunking LACP Switch(config)# lacp group 1 gi8-10 Group 1 based on LACP(802.3ad) is enabled! Note: The interface list is fa1,fa3-5,gi8-10 Note: different speed port can’t be aggregated together.
9 1 9 9 0x45 10 1 10 10 0x45 LACP group 2 is inactive LACP group 3 is inactive LACP group 4 is inactive Display - Switch# show trunk group 1 Trunk FLAGS: I -> Individual P -> In channel D -> Port Down Trunk Group GroupID Protocol Ports --------+---------+-----------------------------------1 LACP 8(D) 9(D) 10(D) Switch# show trunk group 2 FLAGS: I -> Individual P -> In channel D -> Port Down Trunk Group GroupID Protocol Ports --------+---------+----------------------------------
4.4 Network Redundancy The switch firmware supports standard STP/RSTP and Multiple Super Ring (MSR). The MSR includes Rapid Super Ring, Rapid Dual Homing, TrunkRing, MultiRing and backward compatible with Legacy Super Ring Client modes. MDI-110 Series support advanced Multiple Spanning Tree Protocol (MSTP). This protocol is a direct extension of RSTP. It can provide an independent spanning tree for different VLANs.
select the MSR mode. The Switch supports port based STP Enable/disable function, and also provides loop protect for each port to achieve loop eliminate when applies STP and MSR functions. 4.4.1 STP Configuration This page allows select the STP mode and configuring the global STP/RSTP Bridge Configuration. The STP mode includes the STP, RSTP, MSTP and Disable. Please select the STP mode for your system first. The default mode is RSTP enabled.
after a topology change. This is specified in IEEE 802.1w. In 2004, 802.1w is included into 802.1D-2004 version. This switch supports both RSTP and STP (all switches that support RSTP are also backward compatible with switches that support only STP). Bridge Configuration Bridge Address: This shows the switch’s MAC address. Priority (0-61440): RSTP uses bridge ID to determine the root bridge, the bridge with the highest bridge ID becomes the root bridge.
be changed to a different state. Once you have completed your configuration, click on Apply to apply your settings. Note: You must observe the following rule to configure Hello Time, Forwarding Delay, and Max Age parameters. 2 × (Forward Delay Time – 1 sec) ≥ Max Age Time ≥ 2 × (Hello Time value + 1 sec) 4.4.2 STP Port Configuration This page allows you to configure the port parameter after enabled STP or RSTP.
more bridges (i.e. it is served by a shared-medium LAN segment). This function allows link status of the link to be manipulated administratively. “Auto” means to auto select P2P or Share mode. “P2P” means P2P is enabled, the 2 ends work in Full duplex mode. While “Share” is enabled, it means P2P is disabled, the 2 ends may connect through a share media and work in Half duplex mode. Edge: A port directly connected to the end stations cannot create a bridging loop in the network.
Port Information: You can see port Role, Port State, Path Cost, Port Priority, Oper P2P mode, Oper edge port mode and Aggregated (ID/Type). 4.4.4 MSTP (Multiple Spanning Tree Protocol) Configuration MSTP is the abbreviation of Multiple Spanning Tree Protocol. This protocol is a direct extension of RSTP. It can provide an independent spanning tree for different VLANs.
To configure the MSTP setting, the STP Mode of the STP Configuration page should be changed to MSTP mode first. After enabled MSTP mode, then you can go to the MSTP Configuration pages. MSTP Region Configuration This page allows configure the Region Name and its Revision, mapping the VLAN to Instance and check current MST Instance configuration. The network can be divided virtually to different Regions. The switches within the Region should have the same Region and Revision level.
Revision: The revision for the Region. Range: 0-65535; Default: 0) Once you finish your configuration, click on Apply to apply your settings. New MST Instance This page allows mapping the VLAN to Instance and assign priority to the instance. Before mapping VLAN to Instance, you should create VLAN and assign the member ports first. Please refer to the VLAN setting page. Instance ID: Select the Instance ID, the available number is 1-15. VLAN Group: Type the VLAN ID you want mapping to the instance.
This page allows you to see the current MST Instance Configuration you added. Click on “Apply” to apply the setting. You can “Remove” the instance or “Reload“ the configuration display in this page. 4.4.5 MSTP Port Configuration This page allows configure the Port settings. Choose the Instance ID you want to configure. The MSTP enabled and linked up ports within the instance will be listed in this table. Note that the ports not belonged to the Instance, or the ports not MSTP activated will not display.
state. When the non-bridge device connects an admin edge port, this port will be in blocking state and turn to forwarding state in 4 seconds. Once you finish your configuration, click on Apply to save your settings. 4.4.6 MSTP Information This page allows you to see the current MSTP information. Choose the Instance ID first. If the instance is not added, the information remains blank. The Root Information shows the setting of the Root switch.
The most common industrial network redundancy is to form a ring or loop. Typically, the managed switches are connected in series and the last switch is connected back to the first one. The Multiple Super Ring has enhanced Ring Master selection and faster recovery time. It is also enhanced for more complex ring application. Multiple Super Ring (MSR) technology have a fast restore and failover time in the world, 0 ms for restore and less than 300 ms for failover.
Name: This field will show the name of the Ring. If it is not filled in when creating, it will be automatically named by the rule “RingID”. Version: The version of Ring can be changed here. There are three modes to choose: Rapid Super Ring as default. Device Priority: The switch with highest priority (highest value) will be automatically selected as Ring Master. Then one of the ring ports in this switch will become a forwarding port and the other one will become a blocking port.
Due to the power volume limitation, the maximum value is half of the port volume of a switch. TrunkRing: The MultiRing technology is part of the MSR technology which combines the MSR with the port trunking technology. After multiple ports aggregated, this is so-call port trunking (stat or learnt by LACP protocol), the Trunk ID can be one of the port ID of the MSR technology. Configured the port trunking first then you can add the Trunk group as a Ring Port in managed switch. 4.4.
Transmit interval: setting the detect duration time between detect packet. Loop Protection: Enable/ Disable Loop Protection function by per port. Status: shows the port status. If there is looping occurred, it will show “Loop Detected and Disabled” information and the link indicator will not turn-off, and also the port is disabled by system. Once the looping is fixed, the blocked port will keep at blocked state, and must be enabled by manual or perform system reset to recovery it.
4096 Switch(config)# spanning-tree priority 4096 Bridge Times Switch(config)# spanning-tree bridge-times (forward Delay) (max-age) (Hello Time) Switch(config)# spanning-tree bridge-times 15 20 2 This command allows you configure all the timing in one time.
revision the revision of mst region show Region Configuration show mst configuration Region Name: Switch(config-mst)# name NAME the name string Switch(config-mst)# name korenix Region Revision: Switch(config-mst)# revision <0-65535> the value of revision Switch(config-mst)# revision 65535 Mapping Instance to VLAN (Ex: Mapping VLAN 2 to Instance 1) Switch(config-mst)# instance <1-15> target instance number Switch(config-mst)# instance 1 vlan VLANMAP target vlan number(ex.10) or range(ex.
Configuration Pending MST configuration Name [] (->The name is removed by no name) Revision 65535 Instance Vlans Mapped -------- -------------------------------------- 0 1,3-4094 1 2 (->Instance 2 is removed by no instance 2) -----------------------------------------------Config HMAC-MD5 Digest: 0x3AB68794D602FDF43B21C0B37AC3BCA8 -----------------------------------------------Apply the setting and Switch(config-mst)# quit go to the apply all mst configuration changes configuration mode S
in global settings listed in above.
Spanning-Tree : Root Address : Enabled 0012.77ee.eeee Root Path Cost : 0 Root Times : Protocol : MSTP Priority : 32768 Root Port : N/A max-age 20, hello-time 2, forward-delay 15 Bridge Address : 0012.77ee.eeee Priority : Bridge Times : max-age 20, hello-time 32768 2, forward-delay 15 BPDU transmission-limit : 3 Port Role State Cost Prio.Nbr Type Aggregated ------ ---------- ---------- -------- --------------------- -----------fa1 Designated Forwarding P2P(RSTP) fa2 128.
Port 128.6 as Disabled Role is in Disabled State Port Path Cost 200000, Port Identifier 128.6 RSTP Port Admin Link-Type is Auto, Oper Link-Type is Point-to-Point RSTP Port Admin Edge-Port is Enabled, Oper Edge-Port is Edge Designated root has priority 32768, address 0012.7700.0112 Designated bridge has priority 32768, address 0012.7760.1aec Designated Port ID is 128.
Root this switch for CST and IST Configured max-age 2, hello-time 15, forward-delay 20, max-hops 20 Port Role State Cost Prio.Nbr Type ------ ---------- ---------- -------- --------------------------fa1 Designated Forwarding 200000 128.1 P2P Forwarding 200000 128.2 P2P Internal(MSTP) fa2 Designated Internal(MSTP) ###### MST01 Bridge vlans mapped: 2 address 0012.77ee.eeee priority 32768 (sysid 1) Root this switch for MST01 Port Role State Cost Prio.
15 MSTP Instance Switch# show spanning-tree mst 1 Information ###### MST01 vlans mapped: 2 Bridge address 0012.77ee.eeee priority 32768 (sysid 1) Root this switch for MST01 Port Role State Cost Prio.Nbr Type ------ ---------- ---------- -------- --------------------------fa1 Designated Forwarding 200000 128.1 P2P 200000 128.
created or configured.
rapid-dual-homing port fa3,fa5-6 set Rapid Dual Homing port success. Note: auto-detect is recommended for dual Homing.. Ring Info Ring Info Switch# show multiple-super-ring [Ring ID] [Ring1] Ring1 Current Status : Disabled Role : Disabled Ring Status : Abnormal Ring Manager : 0000.0000.
Ethernet loop protection is enabled on all interfaces! Switch(config)# loop-protect transmit-interval <1-10> Valid range is 1~10 second(s) Switch(config)# loop-protect transmit-interval 3 (set interval time – 3 seconds) Switch(config)# loop-protect enable fa6 (fa1~7, gi7~gi10) Set fa6 Ethernet loop protection enabled! Switch# sh loop-protect (show current loop-protect detected information) Loop protect information : Loop Protect Interface : fa6,gi10 Transmit Interval(sec) : 3 Loop Detected Interface :
4.5 VLAN A Virtual LAN (VLAN) is a “logical” grouping of nodes for the purpose of limiting a broadcast domain to specific members of a group without physically grouping the members together. That means, VLAN allows you to isolate network traffic so that only members of VLAN could receive traffic from the same VLAN members.
4.5.3 4.5.4 4.5.5 GVRP Configuration VLAN Table CLI Commands of the VLAN 4.5.1 VLAN Port Configuration VLAN Port Configuration allows you to set up VLAN port parameters to specific port. These parameters include PVID, Accept Frame Type and Ingress Filtering. Figure 4.5.2 Web UI of VLAN configuration. PVID: The abbreviation of the Port VLAN ID. Enter the port VLAN ID . PVID allows the switches to identify which port belongs to which VLAN.
Tunnel Mode: This is the new command for QinQ. The command includes None, 802.1Q Tunnel and 802.1Q Tunnel Uplink. The figure shows the relationship between 802.1Q Tunnel and 802.1Q Tunnel Uplink. The following are the modes you can select. None: Remain VLAN setting, no QinQ. 802.1Q Tunnel: The QinQ command applied to the ports which connect to the C-VLAN. The port receives tagged frame from the C-VLAN. Add a new tag (Port VID) as S-VLAN VID.
Ingress Filtering: Ingress filtering helps VLAN engine to filter out undesired traffic on a port. When Ingress Filtering is enabled, the port checks whether the incoming frames belong to the VLAN they claimed or not. Then the port determines if the frames can be processed or not. For example, if a tagged frame from Engineer VLAN is received, and Ingress Filtering is enabled, the switch will determine if the port is on the Engineer VLAN’s Egress list. If it is, the frame can be processed.
VLAN ID is used by the switch to identify different VLANs. Valid VLAN ID is between 1 and 4094 and VLAN 1 is the default VLAN. VLAN Name is a reference for network administrator to identify different VLANs. The available character is 12 for you to input. If you don’t input VLAN name, the system will automatically assign VLAN name for the VLAN. The rule is VLAN (VLAN ID). The steps to create a new VLAN: Type VLAN ID and NAME, and press Add to create a new VLAN.
Steps to configure Egress rules: Select the VLAN ID. Entry of the selected VLAN turns to light blue. Assign Egress rule of the ports to U or T. Press Apply to apply the setting. If you want to remove one VLAN, select the VLAN entry. Then press Remove button.
4.5.3 GVRP configuration GVRP allows users to set-up VLANs automatically rather than manual configuration on every port of every switch in the network. GVRP Protocol: Allow user to enable/disable GVRP globally. State: After enable GVRP globally, here still can enable/disable GVRP by port. Join Timer: Controls the interval of sending the GVRP Join BPDU.
4.5.4 VLAN Table This table shows you current settings of your VLAN table, including VLAN ID, Name, Status, and Egress rule of the ports. VLAN ID: ID of the VLAN. Name: Name of the VLAN. Status: Static shows this is a manually configured static VLAN. Unused means this VLAN is created by UI/CLI and has no member ports. This VLAN is not workable yet. Dynamic means this VLAN is learnt by GVRP. After created the VLAN, the status of this VLAN will remain in Unused status until you add ports to the VLAN.
4.5.5 CLI Commands of the VLAN Command Lines of the VLAN port configuration, VLAN configuration and VLAN table display Feature Command Line VLAN Port Configuration Port Interface Switch# conf ter Configuration Switch(config)# interface fa5 Switch(config-if)# VLAN Port PVID Switch(config-if)# switchport trunk native vlan 2 Set port default vlan id to 2 success QinQ Tunnel Mode Switch(config-if)# switchport dot1q-tunnel mode Set the interface as an IEEE 802.1Q tunnel 802.
Type) Duplex : Auto Speed : Auto Flow Control :off Default Port VLAN ID: 2 Ingress Filtering : Disabled Acceptable Frame Type : All Port Security : Disabled Auto Negotiation : Enable Loopback Mode : None STP Status: disabled Default CoS Value for untagged packets is 0. Mdix mode is Auto. Medium mode is Copper.
QinQ Information – Switch# show running-config Show Running Building configuration...
Note: Use no name to change the name to default name, VLAN VID. VLAN description Switch(config)# interface vlan 2 Switch(config-if)# Switch(config-if)# description this is the VLAN 2 Switch(config-if)# no description ->Delete the description. IP address of the Switch(config)# interface vlan 2 VLAN Switch(config-if)# Switch(config-if)# ip address 192.168.10.18/24 Switch(config-if)# no ip address 192.168.10.
input packets 639, bytes 38248, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0 output packets 959, bytes 829280, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 GVRP configuration GVRP enable/disable Switch(config)# gvrp mode disable Disable GVRP feature globally on the switch enable Enable GVRP feature globally on the switch Switch(config)# gvrp mode enable Gvrp is enabled on the switch! Configure GVRP S
4.6 Private VLAN The private VLAN helps to resolve the primary VLAN ID shortage, client ports’ isolation and network security issues. The Private VLAN provides primary and secondary VLAN within a single switch. Primary VLAN: The uplink port is usually the primary VLAN. A primary VLAN contains promiscuous ports that can communicate with lower Secondary VLANs. Secondary VLAN: The client ports are usually defined within secondary VLAN. The secondary VLAN includes Isolated VLAN and Community VLAN.
in VLAN Configuration page, the available VLAN ID will display here. Choose the Private VLAN types for each VLAN you want configure. None: The VLAN is Not included in Private VLAN. Primary: The VLAN is the Primary VLAN. The member ports can communicate with secondary ports. Isolated: The VLAN is the Isolated VLAN. The member ports of the VLAN are isolated. Community: The VLAN is the Community VLAN. The member ports of the VLAN can communicate with each other. 4.6.
be done first. Port Configuraion PVLAN Port Type : Normal: The Normal port is None PVLAN ports; it remains its original VLAN setting. Host: The Host type ports can be mapped to the Secondary VLAN. Promiscuous: The promiscuous port can be associated to the Primary VLAN. VLAN ID: After assigned the port type, the web UI display the available VLAN ID the port can associate to. For example: 1. VLAN Create: VLAN 2-5 are created in VLAN Configuration page. 2.
4.6.3 Private VLAN Information This page allows you to see the Private VLAN information. 4.6.
Feature Command Line Private VLAN Configuration Create VLAN Switch(config)# vlan 2 vlan 2 success Switch(config-vlan)# end End current mode and change to enable mode exit Exit current mode and down to previous mode list Print command list name Assign a name to vlan no no private-vlan Configure a private VLAN Private VLAN Type Choose the Types Primary Type Isolated Type Go to the VLAN you want configure first.
Switch(config-if)# switchport mode private-vlan promiscuous Host Port Type Switch(config-if)# switchport mode private-vlan host Private VLAN Switch(config)# interface gi9 Port Configuration Switch(config-if)# switchport mode PVLAN Port Type private-vlan host Host Association primary to secondary Switch(config-if)# switchport private-vlan host-association <2-4094> Primary range VLAN ID of the private VLAN port association Switch(config-if)# switchport (The command is private-vlan host-association
3 isolated gi9 4 community gi8 5 community fa7,gi9 10 primary Host List Switch# show vlan private-vlan port-list Ports Mode Vlan ----- ----------- ---1 normal 2 normal 3 normal 4 normal 5 normal 6 normal 7 host 5 8 host 4 9 host 3 10 promiscuous 2 Running Config Switch# show run Information Building configuration...
switchport mode private-vlan host switchport private-vlan host-association 2 3 ! interface gigabitethernet10 switchport access vlan add 2,5 switchport trunk native vlan 2 switchport mode private-vlan promiscuous switchport private-vlan mapping 2 add 3-5 ……… ……..
4.7 Traffic Prioritization Quality of Service (QoS) provides traffic prioritization mechanism and can also help to alleviate congestion problems and ensure high-priority traffic is delivered first. This section allows you to configure Traffic Prioritization settings for each port with regard to setting priorities. QoS supports four physical queues, weighted fair queuing (WRR) and Strict Priority scheme, which follows 802.
(Weight Round Robin). The switch will follow 8:4:2:1 rate to process the packets in a queue from the highest priority to the lowest. For example, the system will process 8 packets with the highest priority in the queue, 4 with middle priority, 2 with low priority, and 1 with the lowest priority at the same time. Use a strict priority scheme. Packets with higher priority in the queue will always be processed first, except that there is no packet with higher priority.
After configuration, press Apply to enable the settings. 4.7.3 DSCP-Queue Mapping This page is to change DSCP values to Physical Queue mapping table. Since the switch fabric supports four physical queues, Lowest, Low, Middle and High. Users should therefore assign how to map DSCP value to the level of the physical queue. You can freely change the mapping table to follow the upper layer 3 switch or routers’ DSCP setting. After configuration, press Apply to enable the settings.
4.7.
-----+-----------1 DSCP first 2 COS only 3 COS only 4 COS only 5 COS only 6 COS only 7 COS only 8 COS only 9 COS only 10 COS only Display – Port Setting – Switch# show qos port-cos CoS (Port Default Port Default Cos : Priority) Port CoS -----+---1 7 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 CoS-Queue Mapping Format Switch(config)# qos cos-map PRIORITY Assign an priority (7 highest) Switch(config)# qos cos-map 1 QUEUE Assign an queue (0-3) Note: Format: qos cos-ma
The CoS to queue mapping is set ok. Map CoS 3 to Queue 1 Switch(config)# qos cos-map 3 1 The CoS to queue mapping is set ok. Map CoS 4 to Queue 2 Switch(config)# qos cos-map 4 2 The CoS to queue mapping is set ok. Map CoS 5 to Queue 2 Switch(config)# qos cos-map 5 2 The CoS to queue mapping is set ok. Map CoS 6 to Queue 3 Switch(config)# qos cos-map 6 3 The CoS to queue mapping is set ok. Map CoS 7 to Queue 3 Switch(config)# qos cos-map 7 3 The CoS to queue mapping is set ok.
Display – DSCO-Queue Switch# show qos dscp-map mapping DSCP to Queue Mapping : (dscp = d1 d2) d2| 0 1 2 3 4 5 6 7 8 9 d1 | -----+---------------------0 | 1 1 1 1 1 1 1 1 0 0 1 | 0 0 0 0 0 0 0 0 0 0 2 | 0 0 0 0 1 1 1 1 1 1 3 | 1 1 2 2 2 2 2 2 2 2 4 | 2 2 2 2 2 2 2 2 3 3 5 | 3 3 3 3 3 3 3 3 3 3 6 | 3 3 3 3 115
4.8 Multicast Filtering For multicast filtering, the switch uses IGMP Snooping technology. IGMP (Internet Group Management Protocol) is an Internet Protocol that provides a way for internet device to report its multicast group membership to adjacent routers. Multicasting allows one computer on the internet to send data to a multitude of other computers that have identified themselves as being interested in receiving the originating computers data.
4.8.1 IGMP Snooping This page is to enable IGMP Snooping feature, assign IGMP Snooping for specific VLAN, and view IGMP Snooping table from dynamic learnt or static manual key-in. The switch supports IGMP snooping V1/V2/V3 automatically and IGMP query V1/V2. IGMP Snooping, you can select Enable or Disable here. After enabling IGMP Snooping, you can then enable IGMP Snooping for specific VLAN. You can enable IGMP Snooping for some VLANs so that some of the VLANs will support IGMP Snooping and others won’t.
4.8.2 IGMP Query This page allows users to configure IGMP Query feature. Since the switch can only be configured by member ports of the management VLAN, IGMP Query can only be enabled on the management VLAN. If you want to run IGMP Snooping feature in several VLANs, you should notice that whether each VLAN has its own IGMP Querier first. The IGMP querier periodically sends query packets to all end-stations on the LANs or VLANs that are connected to it.
Send to Query Ports: The unknown multicast will be sent to the Query ports. The Query port means the port received the IGMP Query packets and it is usually the uplink port on the switch. Send to All Ports: The unknown multicast will be flooded to all ports even if they are not member ports of the groups. Discard: The unknown multicast will be discarded. Non-member ports will not receive the unknown multicast streams. 4.8.
query-max-response-time: 10s Switch# sh ip igmp snooping IGMP snooping is globally enabled Vlan1 is IGMP snooping enabled Vlan2 is IGMP snooping enabled Vlan3 is IGMP snooping disabled Display – IGMP Table Switch# sh ip igmp snooping multicast all VLAN ---- IP Address --------------- Type Ports ------- -----------------------1 1 239.192.8.0 239.255.255.
! …….
4.9 SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices and is a member of the TCP/IP protocol suite. The switch series support SNMP v1 and v2c and V3. An SNMP managed network consists of two main components: agents and a manager. An agent is a management software module that resides in a managed switch. An agent translates the local management information from the managed device into a SNMP compatible format.
4.9.2 SNMP V3 Profile SNMP v3 can provide more security functions when the user performs remote management through SNMP protocol. It delivers SNMP information to the administrator with user authentication; all of data between the switch and the administrator are encrypted to ensure secure communication. Security Level: Here the user can select the following levels of security: None, User Authentication, and Authentication with privacy.
functions refer to five Federal Information Processing Standard-approved algorithms for computing a condensed digital representation. The switch provides two user authentication protocols in MD5 and SHA. You will need to configure SNMP v3 parameters for your SNMP tool with the same authentication method. Authentication Password: Here the user enters the SNMP v3 user authentication password. DES Encryption Password: Here the user enters the password for SNMP v3 user DES Encryption. 4.9.
4.9.4 CLI Commands of the SNMP Command Lines of the SNMP configuration Feature Command Line SNMP Community Read Only Community Switch(config)# snmp-server community public ro community string add ok Read Write Community Switch(config)# snmp-server community private rw community string add ok SNMP Trap Enable Trap Switch(config)# snmp-server enable trap Set SNMP trap enable ok. SNMP Trap Server IP Switch(config)# snmp-server host 192.168.2.33 without specific SNMP trap host add OK.
4.10 Security The switch provides several security features for you to secure your connection. The features include Port Security and IP Security. Following commands are included in this section: 4.10.1 Port Security 4.10.2 IP Security 4.10.3 IEEE 802.1x 4.10.4 CLI Commands of the Security 4.10.1 Port Security Port Security feature allows you to stop the MAC address learning for specific port.
Once you finish configuring the settings, click on Apply / Add to apply your configuration. 4.10.2 IP Security In IP Security section, you can set up specific IP addresses to grant authorization for management access to this switch via a web browser or Telnet. IP Security: Select Enable and Apply to enable IP security function. Add Security IP: You can assign specific IP addresses, and then press Add. Only these IP addresses can access and manage switch via a web browser or Telnet.
4.10.3 IEEE 802.1x 802.1X configuration IEEE 802.1X is the protocol that performing authentication to obtain access to IEEE 802 LANs. It is port-base network access control and the switch could control which connection should be available or not. System Auth Control: To enable or disable the 802.1x authentication. Authentication Method: Radius is an authentication server that provides authentication, with this method; user must connect the switch to the Radius server.
each port and permitted communication. The following information will explain the port configuration. Port control: Force Authorized means this port is authorized; the data is free to in/out. Force unauthorized just opposite, the port is blocked. If users want to control this port with Radius Server, please select Auto for port control. Reauthentication: If enable this field, switch will ask client to re-authenticate. The default time interval is 3600 seconds.
Sever Timeout: The timeout for server response for authenticating. Once you finish configuring the settings, click on Apply to apply your configuration. Click Initialize Selected to set the authorize state of selected port to initialize status. Click Reauthenticate Selected to send EAP Request to supplicant to request reauthentication. Click Default Selected to reset the configurable 802.1x parameters of selected port to the default values. 802.
Http service security Switch(config)# service telnet enable Switch(config)# service telnet disable Switch(config)# service http; available operating via telnet or loca console interface. Switch(config)# service http disable ; diable TCP port #80 serivce. Switch(config)# service http enable; enable TCP port #80 serivce. Port Security Add MAC Switch(config)# mac-address-table static 0007.7c01.
diable Switch(config)# no dot1x system-auth-control Switch(config)# authentic-method Switch(config)# dot1x authentic-method local Use the local username database for authentication radius Use the Remote Authentication Dial-In User Service (RADIUS) servers for authentication Switch(config)# dot1x authentic-method radius Switch(config)# radius server-ip Switch(config)# dot1x radius Switch(config)# dot1x radius server-ip 192.168.2.200 key 1234 RADIUS Server Port number NOT given.
Port number NOT given. (default=1812) RADIUS Accounting Port number NOT given. (default=1813) Secondary RADIUS Server IP : 192.168.2.
4.11 Warning The switch provides several types of Warning features for you to remote monitor the status of end devices or the change of your network. The features include Fault Relay, System Log and SMTP E-mail Alert. Following commands are included in this section: 4.11.1 Fault Relay 4.11.2 Event Selection 4.11.3 Syslog Configuration 4.11.4 SMTP Configuration 4.11.5 CLI Commands 4.11.1 Fault Relay The switch provides two digital outputs, also known as Relay Output.
Event Type: DI State DI Number: Select DI 1 or DI 2. Select which DI you want to monitor. DI State: High or Low. Select the power voltage you want to monitor. How to configure: Select the DI Number you want to monitor and DI State, High or Low. For example: When DI 1 and High are selected, it means when DI 1 is pulled high, the system will short Relay Output and light DO LED. Event Type: Dry Output On Period (Sec): Type the period time to turn on Relay Output.
Turn off the relay output Event Type: Power Failure Power ID: Select Power 1 or Power 2 you want to monitor. When the power is shut down or broken, the system will short Relay Out and light the DO LED. Event Type: Like Failure Link: Select the port ID you want to monitor. How to configure: Select the checkbox of the Ethernet ports you want to monitor. You can select one or multiple ports. When the selected ports are physically down, the system will short Relay Output and light the DO LED.
How to configure: After selecting Ping Failure event type, the system will turn Relay Output to short state and continuously ping the target device. When the ping failure occurred, the switch will turn the Relay Output to open state for a period of Reset Time. After the Reset Time timeout, the system will turn the Relay Output to close state. After the Hold Time timer is timeout, the switch system will start ping the target device. Ex: Reset Time is 5 sec, Hold Time is 50 sec.
4.11.2 Event Selection Event Types can be divided into two basic groups: System Events and Port Events. System Events are related to the overall function of the switch, whereas Port Events related to the activity of the specific ports System Event Warning Event is sent when….. Device Cold Start Power is cut off and then reconnected. Device Warm Start Reboot the device by CLI or Web UI. Power 1 Failure Power 1 is failure. Power 2 Failure Power 2 is failure.
Once you finish configuring the settings, click on Apply to apply your configuration. 4.11.3 SysLog Configuration System Log is useful to provide system administrator locally or remotely monitor switch events history. There are two System Log modes provided by the switch, local mode and remote mode. Local Mode: In this mode, the switch will print the occurred events selected in the Event Selection page to System Log table of the switch.
Once you finish configuring the settings, click on Apply to apply your configuration. Note: When enabling Local or Both mode, you can monitor the system logs in [Monitor and Diag] / [Event Log] page. 4.11.4 SMTP Configuration The switch supports E-mail Warning feature. The switch will send the occurred events to remote E-mail server. The receiver can then receive notification by E-mail. The E-mail warning is conformed to SMTP standard.
Field Description SMTP Server IP Address Enter the IP address of the email Server Authentication Click on check box to enable password User Name Enter email Account name (Max.40 characters) Password Enter the password of the email account Confirm Password Re-type the password of the email account You can set up to 4 email addresses to receive email alarm from the switch Rcpt E-mail Address 1 The first email address to receive email alert from the switch (Max.
high high is abnormal low low is abnormal Switch(config)# relay 1 di 1 high Dry Output Switch(config)# relay 1 dry <0-4294967295> turn on period in second Switch(config)# relay 1 dry 5 <0-4294967295> turn off period in second Switch(config)# relay 1 dry 5 5 Ping Failure Switch(config)# relay 1 ping 192.168.2.200 reset reset a device Switch(config)# relay 1 ping 192.168.2.200 reset <1-65535> reset time Switch(config)# relay 1 ping 192.168.2.
warmstart Switch warm start event linkdown Switch link down event linkup Switch link up event all Switch all event authentication Authentication failure event di Switch di event fault-relay Switch fault relay event loop-protect Switch loop protection event power Switch power failure event sfp-ddm Switch SFP DDM abnormal event super-ring Switch super ring topology change event time-sync Switch time synchronize event Ex: Cold Start Switch(config)# warning-event coldstart event Set c
Disable Switch(config)# no log syslog local SMTP Configuration SMTP Enable Switch(config)# smtp-server enable email-alert SMTP Email Alert set enable ok. Sender mail Switch(config)# smtp-server server 192.168.2.200 ACCOUNT SMTP server mail account, ex: support@westermo.se Switch(config)# smtp-server server 192.168.2.200 support@westermo.se SMTP Email Alert set Server: 192.168.2.200, Account: admin@Westermo.com ok. Receiver mail Switch(config)# smtp-server receipt 1 support@westermo.
4.12 Monitor and Diag The switch provides several types of features for you to monitor the status of the switch or diagnostic for you to check the problem when encountering problems related to the switch. The features include MAC Address Table, Port Statistics, Port Mirror, Event Log and Ping. Following commands are included in this section: 4.12.1 MAC Address Table 4.12.2 Port Statistics 4.12.3 Port Mirror 4.12.4 Event Log 4.12.5 Topology Discovery 4.12.5 Ping 4.12.6 CLI Commands of the Monitor and Diag 4.
Multicast can be added by CLI and can be deleted by Web and CLI. Dynamic Multicast will appear after you enabled IGMP and the switch learnt IGMP report. Click on Remove to remove the static Unicast/Multicast MAC address. Click on Reload to refresh the table. New learnt Unicast/Multicast MAC address will be updated to MAC address table. 4.12.2 Port Statistics In this page, you can view operation statistics for each port.
4.12.3 Port Mirroring Port mirroring (also called port spanning) is a tool that allows you to mirror the traffic from one or more ports onto another port, without disrupting the flow of traffic on the original port. Any traffic that goes in or out of the Source Port(s) will be duplicated at the Destination Port. This traffic can then be analyzed on the Destination port using a monitoring device or application.
4.12.4 Event Log When System Log Local mode is selected, the switch will record occurred events in local log table. This page shows this log table. The entry includes the index, occurred data and time and content of the events. Click on Clear to clear the entries. Click on Reload to refresh the table.
4.12.5 Topology Discovery The switch supports topology discovery or LLDP (IEEE 802.1AB Link Layer Discovery Protocol) function that can help user to discovery multi-vendor’s network device on same segment by NMS system which supports LLDP function; With LLDP function, NMS can easier maintain the topology map, display port ID, port description, system description, VLAN ID… Once the link failure, the topology change events can be updated to the NMS as well.
4.12.6 Ping Utility This page provides Ping Utility for users to ping remote device and check whether the device is alive or not. Type Target IP address of the target device and click on Start to start the ping. After few seconds, you can see the result in the Result field. 4.12.
Add Multicast MAC Switch(config)# mac-address-table multicast address 0100.5e01.0101 vlan 1 interface fa6-7 Adds an entry in the multicast table ok! Note: rule: mac-address-table multicast MAC_address VLAN VID interface_list interface_name/range Show MAC Address Switch# show mac-address-table Table – All types ***** UNICAST MAC ADDRESS ***** Destination Address Address Type Vlan Destination Port ------------------- --------------- ------- -----------------------000f.b079.
1 Show MAC Address 0100.5e7f.fffa fa4,fa6-7 Switch# show mac-address-table static Table – Static MAC Destination Address addresses 0 Address Type Vlan Destination Port ------------------- --------------- ------- -----------------------0007.7c10.0101 Static 1 fa7 0007.7c10.0102 Static 1 fa7 Show Aging timeout Switch# show mac-address-table aging-time time the mac-address-table aging-time is 300 sec.
Select Source Port Switch(config)# mirror source fa1-2 both Received and transmitted traffic rx Received traffic tx Transmitted traffic Switch(config)# mirror source fa1-2 both Mirror source fa1-2 both set ok. Note: Select source port list and TX/RX/Both mode.
Ping Ping IP Switch# ping 192.168.2.33 PING 192.168.2.33 (192.168.2.33): 56 data bytes 64 bytes from 192.168.2.33: icmp_seq=0 ttl=128 time=0.0 ms 64 bytes from 192.168.2.33: icmp_seq=1 ttl=128 time=0.0 ms 64 bytes from 192.168.2.33: icmp_seq=2 ttl=128 time=0.0 ms 64 bytes from 192.168.2.33: icmp_seq=3 ttl=128 time=0.0 ms 64 bytes from 192.168.2.33: icmp_seq=4 ttl=128 time=0.0 ms --- 192.168.2.33 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0.0/0.
4.12 Device Front Panel Device Front Panel commands allows you to see LED status on the switch. You can see LED and link status of the Power, DO, DI, R.M. and Ports. Feature On / Link UP Off / Link Down Power Green Black Digital Output Green Black Digital Input Green Black R.M.(Ring Master) Green Black Fast Ethernet Green Black Gigabit Ethernet Green Black SFP Green Black Other Gray: Plugged but not link up yet. Note: No CLI command for this feature.
4.13 Save to Flash Save Configuration allows you to save any configuration you just made to the Flash. Powering off the switch without clicking on Save Configuration will cause loss of new settings. After selecting Save Configuration, click on Save to Flash to save your new configuration. Command Lines: Feature Command Line Save SWITCH# write Building Configuration… [OK] Switch# copy running-config startup-config Building Configuration...
4.14 Logout The switch provides two logout methods. The web connection will be logged out if you don’t input any command after 30 seconds the Logout command allows you to manually logout the web connection. Click on Yes to logout, No to go back the configuration page.
5 Appendix 5.1 Pin Assignment of the RS-232 Console Cable The total cable length is 150cm, excluding RJ-45 and DB-9! DB-9 is ‘Female.
5.2 Private MIB The private MIB can be found in product CD. Compile the private MIB file by your SNMP tool. The private MIB tree is the same as the web tree. This is easier to understand and use. If you are not familiar with standard MIB, you can directly use private MIB to manage /monitor the switch, no need to learn or find where the OIDs of the commands are. 5.3 Modbus TCP /IP The Modbus TCP/IP is very similar to Modbus RTU, but transmits data within TCP/IP Data packets.
There are three most common Modbus versions, Modbus ASCII, Modbus RTU and Modbus TCP. Ethernet based device, Industrial Ethernet Switch for example, supports Modbus TCP that it can be polled through Ethernet. Thus the Modbus TCP master can read or write the Modbus registers provided by the Industrial Ethernet Switch. The MDI-110 Managed DIN-Rail Ethernet Switch has implement Modbus/TCP register in the firmware.
04 Read Input Registers Read data in 16-bits register format 05 Write Coil Write data to force a digital output ON/OFF 06 Write Single Register Write data in 16-bits register format 15 Force Multiple Coils Write data to force multiple consecutive coils The MDI-110 device supports the function code 04, which name is Read Input Registers. With this support, the remove SCADA or other Modbus TCP application can poll the information of the device and monitor the major status of the switch. 5.3.
07 Negative Acknowledge 08 Memory Parity Error The slave cannot perform the program function received in the query. The slave attempted to read extended memory, but detected a parity error in the memory. 5.3.4 Modbus TCP register table The 7+3G Switch and 7+3 100 Switch support Modbus TCP/IP client service for the Factory automation applications.
0x020A 2 words 0x020C 3 words 0x020F to 0x2FF 0x0300 241 words 0x0302 0x0304 0x0306 0x0308 to 0x3FF 0x0400 2 words 2 words 2 words 248 words 0x0401 1 word 0x0402 1 word 0x0403 1 word 2 words 1 word Word 0 Hi byte = first number of version Word 0 Lo byte = second number of version Word 1 Hi byte = third number of version Word 1 Lo byte = extended character of version Ex: Version = v1.2a Word 0 Hi byte = 0x1 Word 0 Lo byte = 0x2 Word 1 Hi byte = 0x0 Word 1 Lo byte = ‘a’ Version = v1.2.
0x0000:Off 0x0001:On 0xFFFF: unavailable Reserved address space 0x0404 to 0x040F 0x0410 12 words 0x0411 1 word 0x0412 1 word 0x0413 1 word 0x0414 to 0x041F 0x0420 12 words 0x0421 1 word 0x0422 1 word 0x0423 to 0x0BFF 0x0C00 2103 words 0x0C01 1 words 0x0C02 1 words 0x0C03 to 0x0FFF 1021 words 0x1000 to 0x11FF 0x1200 to 16 words 1 word DI1 0x0000:Off 0x0001:On 0xFFFF: unavailable DI2 0x0000:Off 0x0001:On 0xFFFF: unavailable DO1 0x0000:Off 0x0001:On 0xFFFF: unavailable DO2 0x0000:Off
0x121F 0x1220 to 0x123F 1 word 0x1240 to 0x125F 1 word 0x1260 to 0x127F 1 word 0x1280 to 0x129F 1 word 0x12A0 to 0x12BF 0x12C0 to 0x12DF 1 word 0x12E0 to 0x12FF 1 word 0x1300 to 0x131F 1 word 0x1320 to 0x133F 1 word 0x1340 to 0x135F 1 word 0x1360 to 0x137F 1 word 0x1380 to 1 word 1 word 0x0000: disable 0x0001: enable Operating Status 0x0000: disable 0x0001: enable 0xFFFF: unavailable Duplex 0x0000: half 0x0001: full 0x0003: auto (half) 0x0004: auto (full) 0x0005: auto 0xFFFF: unavaila
0x139F 0x13A0 to 0x13BF 1 word 0x13C0 to 0x13DF 1 word 0x13E0 to 0x13FF 1 word 0x1400 to 0x14FF 288 words 0x1500 to 0x151F 0x1520 to 0x153F 0x1540 to 0x157F 0x1580 to 0x167F 0x1680 to 0x17FF 1 word 0x1800 to 0x181F 0x1820 to 0x185F 0x1860 to 0x187F 0x1880 to 0x18BF 0x18C0 to 0x18DF 0x18E0 to 0x191F 0x1920 to 0x1FFF 0x2000 to 0x203F 0x2040 to 0x207F MDIX 0x0000: disable 0x0001: enable 0x0002: auto 0xFFFF: unavailable Medium mode 0x0000: copper 0x0001: fiber 0x0002: none 0xFFFF: unavailable Medium
0x2080 to 0x20BF 0x20C0 to 0x20FF 0x2100 to 0x213F 0x2140 to 0x217F 0x2180 to 0x21BF 0x21C0 to 0x21FF 0x2200 to 0x223F 0x2240 to 0x227F 0x2280 to 0x22BF 0x22C0 to 0x22FF 0x2300 to 0x233F 0x2340 to 0x237F 0x2380 to 0x23BF 0x23C0 to 0x23FF 0x2400 to 0x243F 0x2440 to 0x24FF 2 words Unicast 2 words Broadcast 2 words Multicast 2 words Pause 2 words Undersize 2 words Fragments 2 words Oversize 2 words Jabbers 2 words Disacrds 2 words Filtered frames 2 words RxError 2 words FCSError 2 word
0x27FF 0x2800 to 2 words FCSError 0x283F 0x2840 to 448 words Reserved address space 0x29FF Number of frames received and transmitted with a length(in octets) 0x2A00 to 2 words 64 0x2A3F 0x2A40 to 2 words 65 to 127 0x2A7F 0x2A80 to 2 words 128 to 255 0x2ABF 0x2AC0 to 2 words 256 to 511 0x2AFF 0x2B00 to 2 words 512 to 1023 0x2B3F 0x2B40 to 2 words 1024 to maximum size 0x2B7F 0x2B80 to 1152 words Reserved address space 0x2FFF Network Redundancy Information 0x3000 10 words Ring 0’s Name Ring Name = “Ring0” Word
0x3011 3 words 0x3014 2 word 0x3016 1 word 0x3017 to 0x301F 0x3020 to 0x303F 0x3040 to 0x305F 0x3060 to 0x307F 0x3080 to 0x309F 0x30A0 to 0x30BF 0x30C0 to 0x30DF 0x30E0 to 0x30FF 0x3100 to 0x311F 0x3120 to 0x313F 0x3140 to 0x315F 0x3160 to 0x317F 0x3180 to 0x319F 0x31A0 to 0x31BF 0x31C0 to 0x31DF 0x31E0 to 0x31FF 9 words Word 1 = port 17-32 Ex: 0x0001: Ethernet port 1 0x0002: Ethernet port 2 0x0003: Ethernet port 1 and 2 Ring 0’s Master MAC address Ex: MAC = 01-02-03-04-05-06 Word 0 Hi byte = 0x01 W
0x3200 to 0x321F 0x3220 to 0x323F 0x3240 to 0x325F 0x3260 to 0x327F 0x3280 to 0x329F 0x32A0 to 0x32BF 0x32C0 to 0x32DF 0x32E0 to 0x32FF 0x3300 to 0x331F 0x3320 to 0x333F 0x3340 to 0x335F 0x3360 to 0x337F 0x3380 to 0x339F 0x33A0 to 0x33BF 0x33C0 to 0x33DF 0x33E0 to 0x33FF Ring 16’s Information Ring 17’s Information Ring 18’s Information Ring 19’s Information Ring 20’s Information Ring 21’s Information Ring 22’s Information Ring 23’s Information Ring 24’s Information Ring 25’s Information Ring 26’s Informati
modbus master up to 2; maximum support up to 20 modbus communicate sessions. Set modbus TCP listening port Switch(config)# modbus port port Listening Port Switch(config)# modbus port 502 ; default modbus TCP service port is 502.
5.4 Revision History Edition Date Modifications V1.1 2013/10/22 Add new features to Modbus TCP protocol IPv6 features new sfp functions: 1. Add eject/scan function 2. Add enable/disable DDM function 3. Add new warning event Add Private VLAN and QinQ function Power input range 10.5~60VDC, typical input DC24V in HW version V2.3. Add loop protection function in network redundancy Update daylight saving time picture for new time setting format V1.
