manualshive.com logo in svg

Belden Thinklogical TLX48, Product Manual

Share
Download
Belden Thinklogical TLX48 Product Manual Download Page 33

 

 

34 

 

TLX48 2RU KVM Matrix Switch Product Manual          

thinklogical

 

 Rev. B, May 2022 

Restricted Switching 

Restricted  Switching  provides  multiple  levels  of  security  classification  domains  on  the  same  Matrix 
Switch.

 Each destination must ensure that no unauthorized content is displayed or accessed. Therefore, every 

input and output must be prioritized. Priorities can range from 1 to the total number of ports in the Matrix Switch. 
An output can connect to an input with a priority greater than, or equal to, its own. Thus, a priority level of 1 on 
an output can connect to any input (priority 1, 2, 3…). 

The user must provide a table defining the priorities for each input and output of the switch matrix. This table is 
in the form of a comma separated value (csv) file. This file contains the values in three columns: 

Port Direction

 

(i=input, o=output), 

Port Number

 and 

Port Priority

. For example: 

"i",               1,                     1 
"i",               2,                     2 
"i",               3,                     3   

 

Output 1 can connect to ports 1-5. 

"i",               4,                     1   

 

Output 2 can connect to ports 3 and 5. 

"i",               5,                     3   

 

Output 3 can connect to ports 2, 3, and 5. 

"o",              1,                     1   

 

Output 4 cannot connect to any ports. 

"o",              2,                     3   

 

Output 5 can connect to ports 1-5. 

"o",              3,                     2 
"o"               4,                     4 
"o",              5,                     1 
 
Note that Port Direction (i or o) is in quotes and that the table must use only the following ASCII printable 
characters: 

Double quotes (or speech marks) 

character code = 34   

(") 

Lower case i   

 

 

character code = 105   

(i) 

Lower case o   

 

 

character code = 111   

(o) 

Comma 

 

 

 

character code = 44   

(,) 

Carriage Return 

 

 

character code = 13   

(CR) 

Line Feed 

 

 

 

character code = 10   

(LF) 

The Restricted Switching Table files are stored on the controller card at: 

/var/local/router/restrict/upstream.csv 

At system power up, after initial boot-up, the 

Primary Controller Card

 will only evaluate its Restricted Switching 

Table  (upstream.csv  file)  once  upon  becoming  active.  The 

Back-Up  Controller  Card

  will  NOT  evaluate  its 

Restricted Switching Table (upstream.csv file) at initial boot-up, but it will when a switchover occurs from Primary 
Active to Back-Up Active. If an 

upstream.csv

 file is found, a log entry to the 

deamon.log

 file is made indicating 

“Restricted  Switching  ENABLED.”  If  no file is  found,  then  a log  entry  of  “Restricted  Switching  DISABLED”  is 
made. 

The inactive Back-Up Controller Card will not verify its Restricted Switching Table (csv file), so it will not log error 
messages  with  current  time  stamp  entries  until  it  becomes  active.  Also,  any  errors  that  occur  during  the 
Restricted Switching Ta

ble evaluation process will be logged as “error” with a 

field and line invalid

 identifier. The 

daemon.log file

 will be at the following location on the controller card: 

/var/log/daemon.log

 

For access to the 

daemon.log

 file via SSH, refer to THE NETWORK INTERFACES section of this document on 

pg. 

[9]

 for correct IP addresses of Controller Cards when in Primary Active or Back-Up Active mode. 

 

 

 

Summary of Contents for Thinklogical TLX48

Page 1: ...ticut 06460 U S A Telephone 1 203 647 8700 Subject TLX48 2RU KVM Matrix Switch Product Manual Revision B May 2022 TLX482RU Website https www thinklogical com Facebook www facebook com ThinklogicalUSA LinkedIn www linkedin com company thinklogical YouTube www youtube com user thinklogicalNA Twitter thinklogical KVM Matrix Switch Full 4K 60Hz Video and KVM Switching Extension Solutions in only 2RU o...

Page 2: ... Fiber optic Cable 17 Routing Thinklogical Extenders through the TLX48 2RU 20 Operating System Default Users Passwords 22 Order of Installation Events 22 Safely Remove an Active Control Card or Shut down the System 23 How to Remove and Replace Modules 24 How to Remove and Replace an Input Output Card 24 How to Remove and Replace a Control Card 24 How to Remove and Replace a Fan Tray 25 How to Remo...

Page 3: ... GREEN and the U S DoD DISA JITC UCR 2013 APL information assurance standards And Thinklogical Velocity products are the first system with both KVM and video matrix switching capabilities to be placed on the Unified Capabilities Approved Product List UC APL under the Video Distribution System VDS category Thinklogical products are designed and manufactured in the USA and are certified to the ISO 9...

Page 4: ...of the manual This manual also contains Appendices beginning on pg 30 Note and Warning Symbols Throughout this manual you will notice certain symbols that bring your attention to vital information These are Notes and Warnings Examples are shown below Note A note is meant to call the reader s attention to helpful or valuable information at a point in the text that is relevant to the subject under d...

Page 5: ...ecure data is essential to a secure system design System administrators can safeguard sources in a centralized location allowing users to maintain remote access to the sources but with no means to breach the system either accidentally or intentionally such as downloading sensitive information onto a USB drive Thinklogical s system permits users to access sources up to 80 kilometers away with no pe...

Page 6: ...Line replaceable Annunciator Module with external DIP Switch and Alarm terminal Design Features Each TLX48 2RU includes the following features Hot swappable current sharing Power Supply Modules 7 2 required for redundancy Control Card 8 SNMP and NTP control protocol Controllable via LAN or serial connection 2 required for redundancy Single Fan Tray with 3 fans 11 Up to 48 fiber optic In and Out Po...

Page 7: ...power supply can support the entire current load of one fully populated Switch Each Power Supply module contains an internal cooling fan TLX MSM P20048 Universal input 100 240VAC 50 60Hz 1 5A AC DC 650 Watt 12V 54 2A Main Output 12V Standby Output 2A max Output Current Front End Power Supply with back to front airflow Although the switch functions properly with one power module Thinklogical recomm...

Page 8: ...itch via the LAN port A Back up Control Card ensures uninterrupted functionality if the Primary Control Card should fail or need to be replaced The Primary Control Card should always be in the lower controller slot CTRL 1 The Back up Control Card sometimes referred to as a Secondary or Fail Over Control Card must have a LAN connection that allows it to communicate with both the Primary Control Car...

Page 9: ... IP address Upper or Lower chassis flag First port number in this block Last port number in this block N port number values 2 Port settings UDP port 17565 TLX48 2RU localhost only Port output level value Port input enable status Input port number big endian format 3 Hardware sensor status TCP port 17566 Reserved for future use 4 Alarm Inventory and Power Supply Status TCP port 17600 State of the a...

Page 10: ...st have a time server running on their network or allow the Switch to access a public time server NTP configuration is contained in the file etc ntp conf Details about NTP configuration may be found at http tldp org LDP sag html basic ntp config html System Log Files Support The TLX48 2RU records system events into files located in the directory var log If you wish to preserve log files you may re...

Page 11: ...e or a desired new setting Critical Hardware Alarms The dry alarm contacts are Normally Closed when unpowered Normally Open when powered OK condition and Closed for an alarm condition Maximum switching capacity is 2A at 12V All fan speeds are monitored and any that do not meet specification will cause an alarm condition The temperature in the chassis is continuously monitored for any anomalous con...

Page 12: ... power is applied The TLX48 2RU can have a minimum of one I O Card 24 x 24 and a maximum of 2 I O Cards 48 x 48 Each TLX48 I O card contains 24 ports so that when fully configured the TLX48 will provide a total of 48 Optical Input Output connections SFP T R described as Ports 1 48 The TLX48 switching matrix connects any port s optical output SFP T to any port s optical input SFP R Port numbers beg...

Page 13: ...nt Storage 20 C to 70 C 4 F to 158 F Humidity Operating 5 to 95 non condensing Storage Unlimited Altitude Operating Thinklogical components are rated to 1000m max elevation Max operating temp de rates by 3 for every 330m 1000m Storage Unlimited ELECTRICAL Alarm Relay Contacts Maximum DC 1A at 30VDC Maximum AC 0 3A at 125VAC Contact resistance max 1Ω Input Rating 100 240VAC 50 60Hz 1 5A AC Power Co...

Page 14: ...LX48 2RU from its shipping container Carefully inspect the entire unit to make certain that no damage occurred during shipment 2 The I O and Controller Cards are installed at the factory to meet your specific configuration Ensure that the Cards are properly seated in the unit and that all the SFP modules are sealed with a removable dust plug The I O and Controller Cards are held in place by thumb ...

Page 15: ...TLX48 2RU KVM Matrix Switch is to be controlled via Ethernet it will require a static IP address This value can be set via the DIP switch located on the front of the Annunciator ANNC Module Factory default setting is 192 168 13 15 00000000 TLX48 2RU DIP Switch Settings The simplest network connection is an isolated network with only the TLX48 the control server and any control clients using static...

Page 16: ...eceiver extenders Individual SFP modules can be easily accessed without removing the cards The SFP Optical Module is a 10Gbs Short Wavelength Transceiver designed for use in bi directional Fiber optic Channel links The modules are hot pluggable and operate on 3 3VDC Always use dust caps to protect against dust and damage when a fiber optic connector is not attached to its coupling device fiber opt...

Page 17: ...mode fiber can extend up to 80km T R T R LC LC Transmit Receive Handling Fiber optic Cable Unlike copper cabling fiber optic cable requires special handling A small speck of dust or a scratch to the ferrule tip the end of the connector can attenuate the optical signal rendering the cable inoperable Warning The ends of the connectors the ferrule should never contact any foreign object including fin...

Page 18: ...19 TLX Extender Fiber Optic Cable Configurations Single Video Dual Video Note On Dual Video models SFPs 1 2 are Video 1 and SFPs 3 4 are Video 2 ...

Page 19: ...ices audio keyboard mouse etc are connected to the Receiver first using standard cables Power can then be applied to the unit The Receiver then connects to the TLX48 Receiver ports using fiber Multi mode fiber for distances up to 400m Single mode fiber for distances beyond 400m Connecting to the Transmitter The Transmitter serves as the Source computer and video entities If the source includes a w...

Page 20: ... only one command and must end with a carriage return CR and line feed LF or just a line feed LF The characters are not echoed The serial port is configured for 9600 baud 1 stop bit no parity and no flow control The network interface listens on TCP Transmission Control Protocol port 17567 It accepts the same commands as the serial interface You may use telnet to manually open a connection and cont...

Page 21: ...ud Rate 115200 Data Bits 8 Parity none Stop Bits 1 Flow Control none DB9 DCE A straight NOT a null modem cable is needed to connect to a PC ASCII API RS 232 Settings Baud Rate 9600 Data Bits 8 Parity none Stop Bits 1 Flow Control XON XOFF Software DB9 DCE A straight NOT a null modem cable is needed to connect to a PC Order of Installation Events Please refer to the Quick Start Guide included with ...

Page 22: ...k up Control Card Note Re inserting the Primary Control Card restores the system back to running on the Primary Control Card Ensure that the LAN connection to the card is restored promptly The PWROFF Command Typing pwroff at the command line prompt from either the Primary or the Back up Control Card will halt BOTH Control Cards and turn off the power to all the I O Card slots in the system except ...

Page 23: ...align it and start over Hand tighten the thumbscrews Do not tighten the thumbscrews with a screwdriver 4 Reinstall the fiber optic cables How to Remove and Replace a Control Card Note When using a single Controller the lower Controller slot is always Primary Replacing the Primary Control Card will interrupt service if a Back up Control Card is not installed 1 Follow the shut down procedure on the ...

Page 24: ...ctor do not force it Damage may occur Remove the tray realign it and start over 4 Hand tighten the thumbscrew Do not tighten the thumb screw with a screwdriver How to Remove and Replace a Power Supply Warning Disconnect the module s power cord before proceeding Note If only ONE power supply is installed in the chassis shutdown IS required If TWO power supplies are installed shutdown IS NOT require...

Page 25: ...Remove the module realign it and start over Hand tighten the thumbscrews Do not tighten the thumbscrews with a screwdriver 5 Reinstall external connections Ordering Information Part numbers for the various components of the TLX48 2RU Matrix Switch are as follows TLX48 2RU Matrix Switch Chassis TLX MSC 020048 TLX48 2RU Matrix Switch Chassis 48 port max 1 Ctrl Card RJ45 LAN TLX MSC 02M048 TLX48 2RU ...

Page 26: ... Canadian Radiation Emitting Devices Act REDR C1370 IEC 60825 2001 Parts 1 and 2 Class 1 LASER Product Electromagnetic Interference FCC 47CFR Part 15 Subpart B 2013 Class A Industry Canada ICES 003 2016 Ed 6 Australia New Zealand This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take corrective action European Un...

Page 27: ...and used in accordance with the instruction manual may cause harmful interference to radio communications in which case the user may be required to make adequate corrective measures at their own expense This Class A digital apparatus complies with Canadian ICES 003 and has been verified as compliant within the Class A limits of the FCC Radio Frequency Device Rules FCC Title 47 Part 15 Subpart B CL...

Page 28: ...purchase on most products Thinklogical and its suppliers disclaim all other warranties Please refer to your product invoice for the Warranty Terms Conditions Defect remedy shall be the repair or replacement of the product provided that the defective product is returned to the authorized dealer within a year from the date of delivery If you wish to return your device contact the Thinklogical author...

Page 29: ...30 TLX48 2RU KVM Matrix Switch Product Manual thinklogical Rev B May 2022 APPENDIX A TLX48 2RU Quick Start Guide ...

Page 30: ...operations as necessary password NTP etc 8 Issue a reboot command 9 When reboot is ready connect the network cable to the back up controller card and wait 10 seconds 10 Unplug the network cable from the Primary Controller Card 11 After 20 seconds the system will fail over to the Back up Controller Card and the ACTIVE LED on the Back up will come ON On the Primary the ACTIVE LED will be OFF and the...

Page 31: ... and time issue the command in the format date mmddhhmmyy for month day hour minute year For example date 0503163822 will set the module for May 3 4 38PM 2022 This sets the Linux clock However this will be lost after repowering the unit 5 Check the date time and time zone again to verify that it is correct 6 Set the permanent hardware clock with the following command hwclock systohc Note that ther...

Page 32: ...age the Matrix Switch must be physically protected and have suitable identification authentication mechanisms to ensure that only trusted administrators have access Thinklogical s TLX VX and MX Matrix Switches use two methods for secure routing One is known as Restricted Switching and the other is known as Partitioning These methods can be deployed singularly or jointly depending on security requi...

Page 33: ...racter code 34 Lower case i character code 105 i Lower case o character code 111 o Comma character code 44 Carriage Return character code 13 CR Line Feed character code 10 LF The Restricted Switching Table files are stored on the controller card at var local router restrict upstream csv At system power up after initial boot up the Primary Controller Card will only evaluate its Restricted Switching...

Page 34: ... the following This procedure will be disruptive to system connections 1 Update the Restricted Switching Table of the Primary Controller Card 2 Take the Primary Controller Card out of service by following guidelines in the Safely Remove an Active Controller Card section of this document on pg 23 When updates are made to the Restricted Switching Table in a redundant system Thinklogical recommends t...

Page 35: ...e The following example shows a priority scheme for four levels of security managed by one TLX Matrix Switch Restricted switching is configured via an upstream csv file loaded into the Matrix Switch The configuration file for this scenario will appear like the table at right with values in three columns Port Direction i input o output Port Number and Port Priority ...

Page 36: ...ile contains the port number and the partitions to which it belongs Example TLX80 Matrix Switch with four distinct partitions Four partitions set up for secure routing and extension applications Signals are only capable of transmitting and receiving within a single partition and not across partitions The maximum number of partitions is the number of ports that make up the Switch 12 1280 A TLX80 fo...

Page 37: ... Controller Card for any errors in the Partition Table and correct them before implementing multiple levels of security classification domains on the same Matrix Switch using the Back Up Controller Card 4 Fully verify the Back Up Controller Card s Partitioning Domains before implementing multiple levels of security classification domains on the same Matrix Switch There are cases where updates to t...

Page 38: ...ecurity For security purposes the Switch defaults to using the Message Digest Algorithm MD5 and shadow passwords It is highly recommended that you DO NOT alter these settings If you select the older Data Encryption Standard DES format passwords will be limited to eight alphanumeric characters disallowing punctuation and other special characters with a modest 56 bit level of encryption The single m...

Page 39: ...ntal connection from the Red Network to the Black Network using the Restricted Switching feature For example the TLX Matrix Switch Network Diagram should be configured with the following csv file I 1 2 I 2 2 O 2 2 I 42 2 O 41 2 O 42 2 I 5 1 O 5 1 I 45 1 O 45 1 The following connection rules apply SOURCE 2 can be connected only to DESTINATION 2 SOURCE 1 can be connected to both DESTINATION 1 and DE...

Page 40: ...41 TLX48 2RU KVM Matrix Switch Product Manual thinklogical Rev B May 2022 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands