manualshive.com logo in svg

CTC Union FRM220-MSW404, User Manual

The CTC Union FRM220-MSW404 offers exceptional networking capabilities. With its advanced features and reliable performance, this product ensures seamless connectivity. Accessible through our website, users can easily download the user manual and enjoy the convenience of a free manual for your reference.

Share
Download
background image

Chapter 4. Web Configuration & Operation 

 

52 

 

 

 

CHAPTER 3 

WEB OPERATION & CONFIGURATION

 

 

Guest VLAN ID: 

This VLAN ID is functional only when Guest VLAN is enabled. This is the value that a port’s Port VLAN 

ID is set to if a port is moved into the Guest VLAN. The range is 1

~

4095. 

 

Max. Reauth. Count:

 The maximum number of times the switch transmits an EAPOL Request Identity frame without 

receiving a response before adding a port to the Guest VLAN. The value can only be changed  when the Guest VLAN 
option is globally enabled. The range is 1

~

255. 

 

Allow Guest VLAN if EAPOL Seen: 

The switch remembers if an EAPOL frame has been received on the port for the life-

time of the port. Once the switch considers whether to enter the Guest VLAN, it will first check if this option is enabled 
or disabled. If disabled (unchecked; default), the switch will only enter the Guest VLAN if an EAPOL frame has not been 
received  on  the  port  for  the  life-time  of  the  port.  If  enabled  (checked),  the  switch  will  consider  entering  the  Guest 
VLAN  even  if  an  EAPOL  frame  has  been  received  on  the  port  for  the  life-time  of  the  port.  The  value  can  only  be 
changed if the Guest VLAN option is globally enabled. 

 
 

 

Port Configuration 

 

Port:

 The port number. “Port *” rules apply to all ports. 

 

Admin  State:

  Select  the  authentication  mode  on  a  port.  This  setting  works  only  when  NAS  is  globally  enabled.  The 

following modes are available: 
 

Force Authorized:

 In this mode, the switch will send one EAPOL Success frame when the port link comes up, and 

any client on the port will be allowed network access without authentication. 

 

Force Unauthorized:

  In this mode, the switch will send one EAPOL Failure frame when the port link comes up, 

and any client on the port will be disallowed network access. 

 

Port-Based  802.1X: 

This  mode  requires  a  dot1x-aware  client  to  be  authorized  by  the  authentication  server. 

Clients that are not dot1x-aware will be denied access. 

 

Single  802.1X:

  In  Single  802.1X,  at  most  one  supplicant  can  get  authenticated  on  the  port  at  a  time.  Normal 

EAPOL  frames  are  used  in  the  communication  between  the  supplicant  and  the  switch.  If  more  than  one 
supplicant  is  connected  to  a port,  the one  that  comes  first  when  the  port's  link  comes  up  will  be  the  first  one 
considered.  If  that  supplicant  doesn't  provide  valid  credentials  within  a  certain  amount  of  time,  another 
supplicant will get a chance. Once a supplicant is successfully authenticated, only that supplicant will be allowed 
access. This is the most secure of all the supported modes. In this mode, the “Port Security” module is  used to 
secure a supplicant's MAC address once successfully authenticated. 

 

Summary of Contents for FRM220-MSW404

Page 1: ...1 FRM220 MSW404 L2 OAM Managed Carrier Ethernet Switch ...

Page 2: ...nauthorized use even if such claim alleges that CTC Union Technologies was negligent regarding the design or manufacture of said product TRADEMARKS Microsoft is a registered trademark of Microsoft Corp HyperTerminal is a registered trademark of Hilgraeve Inc WARNING This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules ...

Page 3: ... July 2015 This document is the current official release manual Contents are subject to change without prior notice Please check CTC Union s website for any updated manual or contact us by E mail at sales ctcu com Please address any comments for improving this manual or to point out omissions or errors to marketing ctcu com Thank you 2015 CTC Union Technologies Co Ltd All Rights Reserved The conte...

Page 4: ... 3 2 3 System IP 17 3 2 4 System IP Status 19 3 2 5 System NTP 19 3 2 6 System Time 20 3 2 7 System Log Configuration 21 3 2 8 System Log Information 21 3 2 9 System Detailed Log 22 3 2 10 System CPU Load 22 3 3 PORTS 23 3 3 1 Ports Configuration 23 3 3 2 Ports State 25 3 3 3 Ports Traffic Overview 25 3 3 4 Ports QoS Statistics 26 3 3 5 Ports QCL Status 26 3 3 6 Ports Detailed Statistics 27 3 3 7 ...

Page 5: ...te Limiters 57 3 4 5 3 3 Access Control List 57 3 4 5 3 4 ACL Status 61 3 4 5 4 DHCP 62 3 4 5 4 1 Snooping Configuration 63 3 4 5 4 2 Relay Configuration 63 3 4 5 4 3 Relay Statistics 64 3 4 5 5 IP Source Guard 65 3 4 5 5 1 Configuration 65 3 4 5 5 2 Static Table 65 3 4 5 5 3 Dynamic Table 66 3 4 5 6 ARP inspection 66 3 4 5 6 1 Port Configuration 66 3 4 5 6 2 VLAN Configuration 67 3 4 5 6 3 Static...

Page 6: ...3 3 11 1 4 Status 103 3 11 1 5 Groups Information 104 3 11 1 6 IPv4 SFM Information 104 3 11 2 MLD Snooping 105 3 11 2 1 Basic Configuration 105 3 11 2 2 VLAN Configuration 106 3 11 2 3 Port Filtering Profile 107 3 11 2 4 Status 108 3 11 2 5 Groups Information 108 3 11 2 6 IPv6 SFM Information 109 3 12 LLDP 109 3 12 1 Configuration 110 3 12 2 LLDP MED 111 3 12 3 Neighbours 113 3 12 4 LLDP MED Neig...

Page 7: ...3 23 4 Port Scheduler 152 3 23 5 Port Shaping 154 3 23 6 Port Tag Remarking 155 3 23 7 Port DSCP 156 3 23 8 DSCP Based QoS 157 3 23 9 DSCP Translation 158 3 23 10 DSCP Classification 159 3 23 11 QoS Control List 159 3 23 12 Storm Control 162 3 24 MIRRORING 163 3 25 UPNP 163 3 26 GVRP 164 3 26 1 Global Config 164 3 26 2 Port Config 165 3 27 SFLOW 165 3 27 1 Configuration 165 3 27 2 Statistics 167 3...

Page 8: ...8 TABLE OF CONTENTS 3 30 4 2 Download 176 3 30 4 3 Upload 176 3 30 4 4 Activate 177 3 30 4 5 Delete 177 ...

Page 9: ...pliant for Metro Ethernet network deployments By supporting link and service Ethernet OAM schemes the FRM220 MSW404 also provides RFC2544 features and extensive fault detection and diagnostic capabilities to ensure that actual network use complies with pre agreed SLA Service Level Agreement 1 3 Product Specifications Optical Interface Connector SFP cage x 4 Data rate 100M 1000M Manual setting Dupl...

Page 10: ...ber link or fiber link works in 1000Mbps Yellow ON Port link is up and works in 1000Mbps Blink Traffic is present OFF No fiber link or fiber link works in 100Mbps RJ 45 Port 5 8 10 100 LED Yellow ON Port link is up and works in 10 100Mbps Blink Traffic is present OFF No Ethernet link or port link works in 1000Mbps RJ 45 Port 5 8 1000 LED Orange ON Port link is up and works in 1000Mbps Blink Traffi...

Page 11: ...n TCP IP settings to factory default values Use a pencil or blue point pen and then press the button for 3 seconds then release to reset the device to the factory default settings DO NOT POWER OFF Allow the device to again fully reboot Default values Login Username admin Password None Leave this field blank IP 10 1 1 1 Netmask 255 255 255 0 Gateway 0 0 0 0 ...

Page 12: ... NMC CH04A CH08 or the full twenty slot CH 20 chassis Chassis with built in power are available with single AC 100 240VAC single DC 18 75VDC dual AC dual DC or AC plus DC combo Figure 2 Chassis options for FRM220 MSW404 card CH02M or CH02 NMC XX Chassis XX AC DC AA DD or AD FRM220 CH20 CH04A XX Chassis XX AC DC AA DD or AD CH08 XX Chassis XX AC DC AA DD or AD ...

Page 13: ...IEC AC terminal block DC power connector pin assignment 2 3 Installation of SFP Modules This device supports SFP modules that are of the Bale Clasp type The bale clasp pluggable module has a bale clasp that secures the module into the SFP cage 2 3 1 Inserting a Bale Clasp SFP Module into the Cage Step 1 Close the bale clasp upward before inserting the pluggable module Step 2 Line up the SFP module...

Page 14: ...above is recommended Firefox Chrome or other stable web browser enter the IP address of the FRM220 MSW404 in the browser s location bar The factory default address is 10 1 1 1 3 1 1 Login A standard login prompt will appear depending on the type of browser used The example below is with Firefox browser The factory default is username admin with no password Web Home Page ...

Page 15: ...ted The screen will be auto refreshed every 3 seconds Unless connected directly on a local LAN we recommend not using the auto refresh function as it does generate a bit of traffic 3 1 4 Help System The FRM220 MSW404 Series has an online help system to aid the engineer when setting the parameters of the device Each functional setting page is accompanied by a specific help for that functional page ...

Page 16: ...1 1 5 and sysLocation OID 1 3 6 1 2 1 1 6 Remember to click the Save button after entering the configuration information System Contact Indicate the descriptive contact information This could be a person s name email address or other descriptions The allowed string length is 0 255 and the allowed content is the ASCII characters from 32 126 System Name Indicate the hostname for this device Alphabet...

Page 17: ...raffic between interfaces will not be routed In Router mode traffic is routed between all interfaces When configuring this device for multiple VLANs the Router mode should be chosen Router mode is the default mode DNS Server This setting controls the DNS name resolution done by the switch The following modes are supported From any DHCP interfaces The first DNS server offered from a DHCP lease to a...

Page 18: ...is not used The field may also be left blank if IPv4 operation on the interface is not desired IPv4 Current Lease For DHCP interfaces with an active lease this column shows the current interface address as provided by the DHCP server IPv6 Address A IPv6 address is a 128 bit record represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c...

Page 19: ...re the NTP mode operation Possible modes are Enabled Enable NTP client mode operation Disabled Disable NTP client mode operation Server Enter the IPv4 or IPv6 address of an NTP server IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used a...

Page 20: ...elect appropriate Time Zone from the drop down and click Save to set Acronym Set the acronym of the time zone Daylight Saving Time Configuration Daylight Saving Time This is used to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Select Disable to disable the Daylight Saving Time configuration Select Recurring and configure th...

Page 21: ...owledgments The syslog packet will always send out even if the syslog server does not exist When the mode of operation is disabled no syslog packets are sent out Server Address This sets the IPv4 host address of syslog server If the switch provides DNS feature it also can be a host name Syslog Level This sets what kind of messages will send to syslog server Possible levels are Info Send informatio...

Page 22: ...mber 3 2 10 System CPU Load This page displays the CPU load using an SVG graph The load is measured as averaged over the last 100ms 1sec and 10 seconds intervals The last 120 samples are graphed and the last numbers are displayed as text as well In order to display the SVG graph your browser must support the SVG format Automatic refresh occurs every 3 seconds ...

Page 23: ...tes the link is up and red that it is down Current Speed This column provides the current link speed Configured Speed This pull down selects any available link speed for the given switch port Only speeds supported by the specific port are shown Possible fiber port settings are Disabled Disables the switch port operation Auto Port auto negotiates speed with the link partner This option selects the ...

Page 24: ...port including FCS This switch supports up to 9600 byte packets Excessive Collision Mode This setting configures the port transmit collision behavior to either Discard Discard frame after 16 collisions default or to Restart Restart backoff algorithm after 16 collisions Auto Laser Shutdown Auto Laser Shutdown ALS is an optical safety mechanism which will shutoff laser transmission if the transceive...

Page 25: ...en first logging into the switch for management Green colored ports indicate a 10 100M linked state while Amber colored ports indicate a 1G linked state The Yellow colored ports indicate a 2 5G linked state Black ports have no link The link status display can be updated by clicking the Refresh button When Auto refresh is checked the display will be updated every 3 seconds 3 3 3 Ports Traffic Overv...

Page 26: ...ained in the same row Qn There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx The number of received and transmitted packets per queue 3 3 5 Ports QCL Status This page shows the QCL status by different QCL users Each row describes the QCE that is defined It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations The maximum number of QCEs is 256 ...

Page 27: ...alue displayed under DSCP column Conflict Displays Conflict status of QCL entries As H W resources are shared by multiple applications it may happen that resources required to add a QCE may not be available In that case it shows conflict status as Yes otherwise it is always No Please note that conflict can be resolved by releasing the H W resources required to add QCL entry on pressing Resolve Con...

Page 28: ...Transmit Queue Counters Displays the number of received and transmitted packets per input and output queue Receive Error Counters Rx Drops The number of frames dropped due to lack of receive buffers or egress congestion Rx CRC Alignment The number of frames received with CRC or alignment errors Rx Undersize The number of short 1 frames received with valid CRC Rx Oversize The number of long 2 frame...

Page 29: ...gth Laser wavelength Tx Wave Length 2 Laser wavelength Rx not all SFP support this reading Link Length Link Length This is a marketing specification for this SFP module not an actual measurement TX Power The laser diode transmit power is reported by the SFP that support DDI Digital Diagnostic monitoring Interface RX Power The receive optical power is reported by SFP that support DDI RX Sensitivity...

Page 30: ...ntly the only way to login as another user on the web server is to close and reopen the browser By default there is only one user admin assigned the highest privilege level of 15 Click the entries in User Name column to edit the existing users Or click the Add New User button to insert a new user entry Add User User Name Enter the new user name Password Enter the password for this user account Pas...

Page 31: ... and privilege level 5 for a guest account 3 4 1 2 Privilege Levels This page provides an overview of the privilege levels Group Name This name identifies the privilege group In most cases a privilege level group consists of a single module e g LACP RSTP or QoS but a few of them contains more than one The following description defines these privilege level groups in details System Contact Name Loc...

Page 32: ... can be set to one of the following values no Authentication is disabled and login is not possible local Use the local user database on the switch for authentication radius Use remote RADIUS server s for authentication tacacs Use remote TACACS server s for authentication NOTE Methods that involve remote servers will time out if the remote servers are offline In this case the next method is tried E...

Page 33: ... method The SSH in this device uses version 2 of SSH protocol 3 4 1 5 HTTPS Configure HTTPS on this page Mode Indicates the HTTPS operation mode When the current connection is HTTPS and HTTPS mode operation is disabled web browser will automatically redirect to an HTTP connection Possible modes are Enabled Enable HTTPS mode operation Disabled Disable HTTPS mode operation Automatic Redirect Indicat...

Page 34: ...es the start IP address for the access management entry End IP address Indicates the end IP address for the access management entry HTTP HTTPS Checked indicates that the matched host can access the switch from HTTP HTTPS interface SNMP Checked indicates that the matched host can access the switch from SNMP TELNET SSH Indicates that the matched host can access the switch from TELNET SSH interface C...

Page 35: ...et SNMP supported version 3 Read Community Indicates the community read access string to permit access to the SNMP agent The allowed string length is 0 to 255 and the allowed content is the ASCII characters from 0x21 to 0x7E Write Community Indicates the community write access string to permit access to the SNMP agent The allowed string length is 0 to 255 and the allowed content is the ASCII chara...

Page 36: ...NMP trap on this page Global Settings Mode Globally enable or disable trap function Click the Add New Entry to insert a SNMP trap entry SNMP Trap Configuration Trap Config Name Indicates a descriptive name for this SNMP trap entry Trap Mode Indicates the SNMP trap mode operation Enabled Enable SNMP trap mode operation ...

Page 37: ...rm mode operation Trap Inform Timeout seconds Indicates the SNMP trap inform timeout The allowed range is 0 to 2147 Trap Inform Retry Times Indicates the SNMP trap inform retry times The allowed range is 0 to 255 Trap Probe Security Engine ID Indicates the SNMP trap probe security engine ID mode of operation Possible values are Enabled Enable SNMP trap probe security engine ID mode of operation Di...

Page 38: ... Select the checkbox to enable Dying Gasp trap A trap will be issued when the remote device encounters power failure After completing all the trap settings click the Save button 3 4 3 3 SNMPv3 Community Configuration Configure SNMPv3 community table on this page The entry index key is Community Delete Check to delete the entry It will be deleted during the next save Community Indicates the communi...

Page 39: ... Level Indicates the security model that this entry should belong to Possible security models are NoAuth NoPriv No authentication and no privacy Auth NoPriv Authentication and no privacy Auth Priv Authentication and privacy The value of security level cannot be modified if entry already exists That means it must first be ensured that the value is set correctly Authentication Protocol Indicates the...

Page 40: ...settings 3 4 3 5 SNMPv3 Group Configuration Configure SNMPv3 group table on this page The entry index keys are Security Model and Security Name Security Model Indicates the security model that this entry should belong to Possible security models are v1 Reserved for SNMPv1 v2c Reserved for SNMPv2c usm User based Security Model USM for SNMPv3 Security Name A string identifying the security name that...

Page 41: ... Model and Security Level Delete Check to delete the entry It will be deleted during the next save Group Name A string identifying the group name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is ASCII characters from 0x21 to 0x7E Security Model Indicates the security model that this entry should belong to Possible security models are any Any security...

Page 42: ...historical record can be used to monitor intermittent problems ID Indicates the index of the entry The range is from 1 to 65535 Data Source Indicates the port ID which wants to be monitored Interval Indicates the polling interval By default 1800 seconds is specified The allowed range is 1 3600 seconds Buckets The number of buckets requested for this entry By default 50 is specified The allowed ran...

Page 43: ... selected variable and calculate the value to be compared against the thresholds Rising or Falling Trigger alarm when the first value is larger than the rising threshold or less than the falling threshold Rising Trigger alarm when the first value is larger than the rising threshold Falling Trigger alarm when the first value is less than the falling threshold Rising Threshold If the current value i...

Page 44: ...ke when an alarm is triggered None No event is generated Log When the event is triggered a RMON log entry will be generated snmptrap Sends a trap message to all configured trap managers logandtrap Logs an event and sends a trap message Community A password like community string sent with the trap Although the community string can be set on this configuration page it is recommended that it be defin...

Page 45: ...ets Frag The number of frames which size is less than 64 octets received with invalid CRC Jabb The number of frames which size is larger than 64 octets received with invalid CRC Coll The best estimate of the total number of collisions on this Ethernet segment 64 Bytes The total number of packets including bad packets received that were 64 octets in length X Y 65 127 128 255 256 511 512 1023 1024 1...

Page 46: ...redths of a percent 3 4 4 7 Alarm Overview ID Display an alarm control index Interval Interval in seconds for sampling and comparing the rising and falling threshold Variable MIB object that is used to be sampled Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds Value The value of the statistic during the last sampling period S...

Page 47: ...lay Event log time Log Description Display Event description 3 4 5 Network 3 5 5 1 Port Security Port Security Limit Control can restrict the number of users that can access the switch based on users MAC address and VLAN ID on a per port basis Once the number of users that wants to access the switch exceeds the specified number a selected action will be taken immediately 3 4 5 1 1 Limit Control ...

Page 48: ...sses to access on a port No action is further taken Trap If Limit 1 MAC addresses are seen on the port send an SNMP trap If Aging is disabled only one SNMP trap will be sent but with Aging enabled new SNMP traps will be sent every time the limit is exceeded Shutdown If Limit 1 MAC addresses is seen on the port shut down the port This implies that all secured MAC addresses will be removed from the ...

Page 49: ...ort Security service Ready The Port Security service is in use by at least one user module and is awaiting frames from unknown MAC addresses to arrive Limit Reached The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in Shutdown The Port Security service is enabled by at lea...

Page 50: ... in seconds expires and no frames have been seen the MAC address will be removed from the MAC table Otherwise a new age period will begin If aging is disabled or a user module has decided to hold the MAC address indefinitely a dash will be shown 3 4 5 2 NAS Network Access Server configuration is useful to the networking environment that wants to authenticate clients supplicants before they can acc...

Page 51: ...conds Hold Time The time after an EAP Failure indication or RADIUS timeout that a client is not allowed access This setting applies to ports running Single 802 1X Multi 802 1X or MAC based authentication By default hold time is set to 10 seconds The allowed range is 10 1000000 seconds Radius Assigned QoS Enabled Select the checkbox to globally enable RADIUS assigned QoS Radius Assigned VLAN Enable...

Page 52: ...umber Port rules apply to all ports Admin State Select the authentication mode on a port This setting works only when NAS is globally enabled The following modes are available Force Authorized In this mode the switch will send one EAPOL Success frame when the port link comes up and any client on the port will be allowed network access without authentication Force Unauthorized In this mode the swit...

Page 53: ... 1X authentication point of view The possible states are as follows Globally Disabled 802 1X and MAC based authentication are globally disabled Link Down 802 1X and MAC based authentication are enabled but there is no link on a port Authorized The port is forced in authorized mode and the supplicant is successfully authorized Unauthorized The port is forced in unauthorized mode and the supplicant ...

Page 54: ... received Response Identity EAPOL frame for EAPOL based authentication QoS Class Display the QoS class that NAS assigns to the port This field is left blank if QoS is not set by NAS Port VLAN ID The VLAN ID of the port assigned by NAS This field is left blank if VLAN ID is not set by NAS 3 4 5 2 3 Port Statistics Port State Admin State Display the port s current administrative state Port Status Di...

Page 55: ...r of EAPOL frames that have been received by the switch in which the Packet Body Length field is invalid Transmit EAPOL Counters Total The number of EAPOL frames of any type that has been transmitted by the switch Request ID The number of valid EAPOL Request Identity frames that have been received by the switch Requests The number of valid EAPOL request frames other than Request Identity frames th...

Page 56: ...g frames are redirected Mirror Enable or disable mirroring feature When enabled a copy of matched frames will be mirrored to the destination port specified in Mirror configuration page ACL based port mirroring set by this parameter and port mirroring set on the general Mirror Configuration page are implemented independently To use ACL based mirroring enable the Mirror parameter on the ACL Ports Co...

Page 57: ...t is to establish filtering rules for an ACL policy for a particular port or for all ports Rules applied to a port take effect immediately Ingress Port The ingress port of the access control entry Select All to apply to all ports or select a particular port Policy Bitmask The policy number and bitmask of the ACE Frame Type The type of frame that matches to this rule Action Display the action type ...

Page 58: ... types include Any Ethernet ARP IPv4 By default any frame type is used Action Select the action type either to permit or deny Rate Limiter Enable or disable the rate limiter when matched frames are found EVC Policer Enable or disable EVC Policer Note that ACL rate limiter and EVC Policer cannot be enabled at the same time EVC Policer ID When EVC Policer is enabled you can further select EVC Police...

Page 59: ...cific Use this to self define a destination MAC address This option is for Ethernet frame type only Ethernet Type Parameter Ether Type Filter This option can only be used to filter Ethernet II formatted packets Select Specific to define an Ether Type value ARP Parameter ARP RARP Specify the type of ARP packet Any No ARP RARP opcode flag is specified ARP The frame must have ARP RARP opcode set to A...

Page 60: ...elect Any to indicate a match and not a match Ethernet Select 0 to indicate that Hardware Address Space field in ARP RARP frame is not equal to Ethernet 1 Select 1 to indicate that Hardware Address Space field is equal to Ethernet 1 Select Any to indicate a match and not a match IP Parameters IP Protocol Filter Select Any ICMP UDP TCP or Other protocol from the pull down menu for IP Protocol filte...

Page 61: ...L users Each row describes the ACE that is defined It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations The maximum number of ACEs is 256 on each switch User Display the ACL user Ingress Port Display the ingress port of the ACE This field could be all ports a specific port or a range of ports Frame Type Display the frame type of the ACE Possible values are ...

Page 62: ...Enabled Frames received on the port are mirrored Disabled Frames received on the port are not mirrored The default value is Disabled CPU Forward packet that matched the specific ACE to CPU CPU Once Forward first packet that matched the specific ACE to CPU Counter The counter indicates the number of times the ACE was hit by a frame Conflict Indicate the hardware status of the specific ACE The speci...

Page 63: ...tion Port Port number Port rules apply to all ports Mode Select the DCHP Snooping port mode Ports can be set to either Trusted or Untrusted 3 4 5 4 2 Relay Configuration Relay Mode Enable or disable the DHCP relay function Relay Server Enter DHCP server IP address that is used by the switch s DHCP relay agent Relay Information Mode Enable or disable DHCP Relay option 82 function Please note that R...

Page 64: ...ptions Receive Missing Circuit ID The number of packets received with the Circuit ID option missing Receive Missing Remote ID The number of packets received with the Remote ID option missing Receive Bad Circuit ID The number of packets whose Circuit ID option did not match known circuit ID Receive Bad Remote ID The number of packets whose Remote ID option did not match known Remote ID Client Stati...

Page 65: ...mic entries to static ones Port Mode Configuration Port The port number Port rules apply to all ports Mode Enable or disable IP source guard on a port Please note that to make IP source guard work both global mode and port mode must be enabled Max Dynamic Clients Select the maximum number of dynamic clients that can be learned on a port The available options are 0 1 2 unlimited If the port mode is...

Page 66: ...elect the Delete checkbox to remove the entry during the next save Click the Save button to save settings or changes Click the Reset button to restore settings to default settings or previously configured settings 3 4 5 5 3 Dynamic Table The Dynamic IP Source Guard table shows entries sorted by port VLAN ID IP address and MAC address By default each page displays 20 entries However it can display ...

Page 67: ... permitted entries All Log all entries 3 4 5 6 2 VLAN Configuration VLAN ID Specify ARP Inspection is enabled on which VLANs First you have to enable the port setting on Port mode configuration web page Only when both Global Mode and Port Mode on a given port are enabled ARP Inspection is enabled on this given port Second you can specify which VLAN will be inspected on VLAN mode configuration web ...

Page 68: ...cify an allowed source IP address in ARP request packets Click the Add New Entry button to insert an entry to the table Select the Delete checkbox to remove the entry during the next save Click the Save button to save newly configured settings or changes Click the Reset button to restore settings to default settings or previously configured settings 3 4 5 6 4 Dynamic Table Configuration Port The p...

Page 69: ...transmit is sent the switch considers the authentication server is dead Deadtime Deadtime is the period during which the switch will not send new requests to a server that has failed to respond to a previous request This will stop the switch from continually trying to contact a server that it has already determined as dead Setting the Deadtime to a value greater than 0 zero will enable this featur...

Page 70: ...l timeout value If you prefer to use the global value leave this field blank Retransmit If retransmit value is specified here it will replace the global retransmit value If you prefer to use the global value leave this field blank Key If secret key is specified here it will replace the global secret key If you prefer to use the global value leave this field blank 3 4 6 2 RADIUS Overview The number...

Page 71: ... The number of RADIUS Access Response packets containing invalid authenticators or Message Authenticator attributes received from the server Unknown Types The number of RADIUS packets that were received with unknown types from the server on the authentication port and dropped Packets Dropped The number of RADIUS packets that were received from the server on the authentication port and dropped for ...

Page 72: ...ommunication with the server yet RADIUS Accounting Statistics for Server Responses The number of RADIUS packets valid or invalid received from the server Malformed Responses The number of malformed RADIUS packets received from the server Malformed packets include packets with an invalid length Bad authenticators or unknown types are not included as malformed access responses Bad Authenticators The...

Page 73: ...00 ms A value of 0 ms indicates that there hasn t been round trip communication with the server yet 3 4 6 4 TACACS Global Configuration Timeout The time the switch waits for a reply from a TACACS server before it retransmits the request Deadtime Deadtime is the period during which the switch will not send new requests to a server that has failed to respond to a previous request This will stop the ...

Page 74: ... 3 5 1 Static Aggregation Mode Configuration Source MAC Address All traffic from the same Source MAC address is output on the same link in a trunk Destination MAC Address All traffic with the same Destination MAC address is output on the same link in a trunk IP Address All traffic with the same source and destination IP address is output on the same link in a trunk TCP UDP Port Number All traffic ...

Page 75: ...nk group must have the same LACP port Key In order to allow a port to join an aggregated group the port Key must be set to the same value Role The user can select either Active or Passive role depending on the device s capability of negotiating and sending LACP control packets Ports that are designated as Active are able to process and send LACP control frames Hence this allows LACP compliant devi...

Page 76: ... LAG changed Local Ports The local ports that are a port of this LAG 3 5 2 3 Port Status Port The port number LACP Show LACP status on a port Yes LACP is enabled and the port link is up No LACP is not enabled or the port link is down Backup The port is in a backup role When other ports leave LAG group this port will join LAG Key The aggregation key value on a port Aggr ID Display the aggregation I...

Page 77: ... features Auto discovery IEEE 802 3ah provides a mechanism to detect the presence of an 802 3ah capable Network Device ND on the other end of the Ethernet link To this end the 802 3ah capable ND sends specified OAMPDUs in a periodic fashion normally once a second During the OAM Discovery process the 802 3ah capable ND monitors received OAMPDUs from the remote ND and allows 802 3ah OAM functionalit...

Page 78: ...ce Loopback Support Select the checkbox to enable loopback support on a port Link OAM remote loopback support can be used for fault localization and link performance testing Enabling the loopback support will allow the DTE to execute the remote loopback command that helps in the fault detection Link Monitor Support Select the checkbox to enable link monitor support Once enabled the DTE supports ev...

Page 79: ...t value is 1 Whereas Error Threshold must be between 0 0xffffffff and its default value is 0 Seconds Summary Event The Errored Frame Seconds Summary Event TLV counts the number of errored frame seconds that occurred during the specified period The period is specified by a time interval This event is generated if the number of errored frame seconds is equal to or greater than the specified threshol...

Page 80: ...Rx Tx Variable Response The number of Variable Response OAMPDUs received and transmitted on this interface Rx Tx Org Specific PDU s The number of Organization Specific OAMPDUs transmitted on this interface Rx Tx Unsupported Codes The number of OAMPDUs transmitted on this interface with an unsupported op code Rx Tx Link fault PDU s The number of Link fault PDU s received and transmitted on this int...

Page 81: ...oopback the device is looping back non OAMPDUs to the lower sub layer When in discarding state the device is discarding non OAMPDUs Organizational Unique Identification 24 bit Organizationally Unique Identifier of the vendor PDU Revision It indicates the current revision of the Information TLV The value of this field shall start at zero and be incremented each time something in the Information TLV...

Page 82: ...tal frame period errors This eight octet field indicates the sum of frame errors that have been detected since the OAM sub layer was reset Total frame period error events This four octet field indicates the number of Errored Frame Period Event TLVs that have been generated since the OAM sub layer was reset Local Remote Symbol Period Status Symbol Period Error Event Timestamp This two octet field i...

Page 83: ...reset encoded as a 32bit unsigned integer 3 6 6 Remote Device This device enables users to configure features of the remote FRM220 MSW404 device using proprietary in band management protocol To do so the local FRM220 MSW404 device must be set to Active mode The remote device can be set to either Active or Passive mode Once two devices are successfully connected click on the Remote A Remote B Remot...

Page 84: ... be logged 3 7 1 Configuration General Settings Enable Loop Protection Enable or disable loop protection function Transmission Time The interval between each loop protection PDU sent on each port Valid values are 1 to 10 seconds Shutdown Time The period for which a port will be kept disabled Valid values are 0 to 604800 seconds 0 means that a port is kept disabled until next device restart Port Co...

Page 85: ...e paths between network nodes are established to prevent disconnections from happening However multiple paths interconnected with each other have a high tendency to cause bridge loops that make networks unstable and in worst cases make networks unusable For example the MAC address table used by the switch or bridge can fail since the same MAC addresses and hence the same network hosts are seen on ...

Page 86: ... VLANs MSTP can be more useful than legacy STP 3 8 1 Bridge Settings Basic Settings Protocol Version Select the appropriate spanning tree protocol Protocol versions provided include STP RSTP and MSTP Bridge Priority Each switch has a relative priority and cost that is used to decide what the shortest path is to forward a packet The lowest cost path lowest numeric value has a higher priority and is...

Page 87: ...the switch from sending BPDU frames on ports that are connected to end devices Edge Port BPDU Guard Edge ports generally connect directly to PC file servers or printers Therefore edge ports are configured to allow rapid transition Under normal situations edge ports should not receive configuration BPDUs However if they do this probably is due to malicious attacks or mis settings When edge ports re...

Page 88: ...Chapter 4 Web Configuration Operation 88 CHAPTER 3 WEB OPERATION CONFIGURATION 3 8 2 MSTI Mapping ...

Page 89: ...LANs are allowed Separate VLANs with a comma and use hyphen to denote a range of VLANs Example 2 5 20 40 Leave the field empty for unused MSTI 3 8 3 MSTI Priorities MSTI Display MSTI instance number MSTI priority rule applies to all ports Priority Select an appropriate priority for each MSTI instance Bridge priority is used in selecting the root device root port and designated port The device with...

Page 90: ...matically determined to be at the edge of the network when it receives no BPDUs Restricted Role If enabled this causes the port not to be selected as Root Port for the CIST or any MSTI even if it has the best spanning tree priority Restricted TCN If enabled this causes the port not to propagate received topology change notifications and topology changes to other ports BPDU Guard This feature prote...

Page 91: ...ort number Path Cost Path cost is used to determine the best path between devices If Auto mode is selected the system automatically detects the speed and duplex mode to decide the path cost Select Specific if you want to use user defined value Valid values are 1 to 200000000 Please note that path cost take precedence over port priority Priority Select port priority 3 8 6 Bridge Status ...

Page 92: ...ology Change Notification flag for this bridge instance Topology Change Last The time since this spanning tree was last configured Click the MSTI instance to view STP detailed bridge status STP Detailed Bridge Status Bridge Instance The bridge instance Bridge ID The unique bridge ID for this instance consisting a priority value and MAC address of the bridge switch Root ID Display the root device s...

Page 93: ...rrent state of a port Blocking Ports only receive BPDU messages but do not forward them Learning Port has transmitted configuration messages for an interval set by the Forward Delay parameter without receiving contradictory information Port address table is cleared and the port begins learning addresses Forwarding Ports forward packets and continue to learn addresses Edge Display whether this port...

Page 94: ...ort Display the port number Transmitted Received MSTP RSTP STP The number of MSTP RSTP STP configuration BPDU messages transmitted and received on a port Transmitted Received TCN The number of TCN messages transmitted and received on a port Discarded Unknown Illegal The number of unknown and illegal packets discarded on a port 3 9 IPMC Profile The IPMC Profile includes the following two sub menus ...

Page 95: ...n receiving the Join Report frame that has the group address matches the address range of the rule Permit Group address matches the range specified in the rule will be learned Deny Group address matches the range specified in the rule will be dropped Log Select the logging preference receiving the Join Report frame that has the group address matches the address range of the rule Enable Correspondi...

Page 96: ...am in a single multicast VLAN when clients receiving multicast VLAN stream can reside in different VLANs Clients in different VLANs intend to join or leave the multicast group simply by sending the IGMP Join or Leave message to a receiver port The receiver port that belongs to one of the multicast groups can receive multicast stream from the media server MVR further isolates users who are not inte...

Page 97: ...the MVR name string is 32 Both alphabets and numbers are allowed for use IGMP Address Specify the IPv4 unicast address as source address used in IP header for IGMP control frames Mode Two MVR operation modes are provided Dynamic MVR allows dynamic MVR membership reports on source ports This is the default mode Compatible MVR membership reports are forbidden on source ports Tagging Specify whether ...

Page 98: ...icast data Immediate Leave Setting Port The port number Port rule applies to all ports Immediate Leave Enable for disable immediate leave function When enabled the device immediately removes a port from a multicast stream as soon as it receives leave message for that group This option only applies to an interface configured as MVR receivers 3 10 2 Statistics This page displays MVR statistics infor...

Page 99: ...ode maintained per VLAN ID port number Group Address basis It can be either Include or Exclude Source Address The source IP Address Currently the system limits the total number of source IP addresses for filtering to be 128 When there is no source filtering address None is shown in the Source Address field Type Indicates the Type It can be either Allow or Deny Hardware Filter Switch Indicate wheth...

Page 100: ...GMP snooping is enabled in a switch it analyses all the IGMP packets between hosts connected to the switch and multicast routers in the network When a switch receives an IGMP report for a given multicast group from a host the switch adds the host s port number to the multicast list for that group When the switch hears an IGMP Leave it removes the host s port from the table entry IGMP snooping can ...

Page 101: ...model for the groups in the address range Leave Proxy Enabled Suppresses leave messages unless received from the last member port in the group IGMP leave proxy suppresses all unnecessary IGMP leave messages so that a non querier switch forwards an IGMP leave packet only when the last dynamic member port leaves a multicast group Proxy Enabled When enabled the switch performs like IGMP Snooping with...

Page 102: ...ailable IPv4 management address of the IP interface associated with this VLAN Compatibility This configures how hosts and routers take actions within a network depending on IGMP version selected Available options are IGMP Auto Forced IGMPv1 Forced IGMPv2 Forced IGMPv3 By default IGMP Auto is used PRI Select the priority of interface This field indicates the IGMP control frame priority level genera...

Page 103: ...on page is to filter specific multicast traffic on a per port basis Before you select a filtering profile for filtering purposes you must set up profiles in IPMC Profile page Port The port number Filtering Profile Select the configured multicast groups that are denied on a port When a certain multicast group is selected on a port IGMP join reports received on a port are dropped Click the summary b...

Page 104: ...er of Received V2 Reports V3 Reports Received The number of Received V3 Reports V2 Leaves Received The number of Received V2 Leaves Router Port Port The port number Status Indicate whether a specific port is a router port or not 3 11 1 5 Groups Information VLAN ID Display the VLAN ID of the group Groups Display the group address Port Members Ports that belong to this group 3 11 1 6 IPv4 SFM Inform...

Page 105: ...tion Snooping Enabled Select the checkbox to globally enable MLD Snooping feature When enabled this device will monitor network traffic and determine which hosts would like to receive multicast traffic The switch can passively monitor or snoop on MLD Listener Query and Report packets transferred between IP multicast routers and IP multicast service subscribers to identify the multicast group membe...

Page 106: ...specific GS query to that interface Throttling This field limits the maximum number of multicast groups that a port can join at the same time When the maximum number is reached on a port any new MLD join reports will be dropped By default unlimited is selected Other allowed options are 1 10 3 11 2 2 VLAN Configuration This page is used to configure MLD Snooping for an interface VLAN ID Specify VLA...

Page 107: ... By default RQI is set to 10 seconds The allowed range is 0 31744 tenths of a second LLQI The Last Listener Query Interval sets the interval that waits for a response to a group specific or group and source specific query message URI The Unsolicited Report Interval is the amount of time that the upstream interface should transmit unsolicited IGMP reports when report suppression proxy reporting is ...

Page 108: ...LE DISABLE denotes the specific interface is administratively disabled Queries Transmitted The number of queries transmitted Queries Received The number of queries received V1 Reports Received The number of Received V1 Reports V2 Reports Received The number of Received V2 Reports V2 Leaves Received The number of Received V2 Leaves Router Port Port The port number Status Indicate whether a specific...

Page 109: ...plane destined to the specific group address from the source IPv4 address can be handled by the chip or not 3 12 LLDP LLDP Link Layer Discovery Protocol runs over data link layer which is used for network devices to send information about themselves to other directly connected devices on the network By using LLDP two devices running different network layer protocols can learn information about eac...

Page 110: ...tdown frame and a new LLDP initialization The valid values are 1 10 seconds LLDP Port Configuration Port The port number Port settings apply to all ports Mode Select the appropriate LLDP mode Disabled LLDP information will not be sent and LLDP information received from neighbours will be dropped Enabled LLDP information will be sent and LLDP information received from neighbours will be analyzed Rx...

Page 111: ... policy to permitted voice capable devices both in order to conserve the limited LLDPU space and to reduce security and system integrity issues that can come with inappropriate knowledge of the network policy With this in mind LLDP MED defines an LLDP MED Fast Start interaction between the protocol and the application layers on top of the protocol in order to achieve these related properties With ...

Page 112: ... datum pair is to be used when referencing locations on land not near tidal water which would use Datum NAD83 MLLW NAD83 MLLW North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is Mean Lower Low Water MLLW This datum pair is to be used when referencing locations on water sea ocean Civic Address Location IETF Geopriv Civic Address based Location Conf...

Page 113: ...y Application Type The application types include Voice Voice Signalling Guest Voice Guest Voice Signalling Softphone Voice Video Conferencing Streaming Video Signalling Tag Tag indicating whether the specified application type is using a tagged or an untagged VLAN VLAN ID Specify the VLAN ID for the port L2 Priority Specify one of eight priority levels 0 7 as defined by 802 1D 2004 DSCP Specify on...

Page 114: ...nagement interface 3 12 4 LLDP MED Neighbours This page displays information about LLDP MED neighbours detected on the network 3 12 5 LLDP Global Counters Global Counters Total Neighbours Entries Added Shows the number of new entries added since the switch was rebooted and for which the remote TTL has not yet expired Total Neighbors Entries Deleted The number of LLDP neighbors which have been remo...

Page 115: ... switching protection architecture where the former architecture operates with either unidirectional or bidirectional switching while the latter one operates with unidirectional switching It can also be configured to revertive mode allowing the traffic goes back to working transport entity when the original fault is repaired and WTR wait to restore timer has expired The other timer supported is Ho...

Page 116: ...ration Protection Type Select the protection type either unidirectional or bidirectional switching APS Select the checkbox to enable APS Automatic Protection Switching feature Revertive Select the checkbox to enable revertive mode Leaving the checkbox unchecked will operate on non revertive mode WTR Time WTR stands for Wait To Restore and WTR timer is used in revertive mode to avoid a constant and...

Page 117: ...tance State This table shows the current state of the configured instance including APS frames transmitted and received and APS working status 3 14 MEP Instance Specify the MEP instance ID After saving an entry click the number of each instance to further configure details of this MEP entry Domain Three domain options are available Port This is a MEP in the Port Domain Flow Instance is a Port Evc ...

Page 118: ...nstance Data The details of the current instance item Instance Configuration Level Select a MEP level The allowed range is 0 7 Format Two formats are available ITU ICC This is defined by ITU in Y 1731 ANNEX A The maximum characters allowed for ICC format is 6 MEG id can allow 7 characters in maximum IEEE String This is defined by IEEE in 802 1ag The Domain name and short name can be input is 8 cha...

Page 119: ...from the table Peer MEP ID The peer MEP ID of the target MEP This is used only when Unicast Peer MAC is all zeros Unicast Peer MAC The target switch or device s unicast MAC address You can specify unicast MAC address in xx xx xx xx xx xx xx xx xx xx xx xx or xxxxxxxxxxxx format where x is a hexadecimal digit NOTE When Peer MEP ID field is configured the device can auto negotiate the neighboring de...

Page 120: ...r multicast The unicast MAC will be taken from the Unicast Peer MAC configuration Unicast is only valid for L APS type The R APS PDU is always transmistted with multicast MAC described in G 8032 Type R APS APS PDU is transmitted as R APS this is for ERPS L APS APS PDU is transmitted as L APS this is for ELPS Last Octet This is the last octet of the transmitted and expected RAPS multi cast MAC In G...

Page 121: ...is will be used as the LBM PDU unicast MAC This is the only way to configure Loop Back to wards a MIP To Send The number of LBM PDU to send in one loop test The value 0 indicates infinite transmission test behaviour This is HW based LBM LBR and Requires VOE Size The number of bytes in the LBM PDU Data Pattern TLV Interval The interval between transmitting LBM PDU In 10ms in case To Send 0 max 100 ...

Page 122: ...rong transaction id is ignored There are five transactions in one Link Trace activated Time To Live This is the TTL value taken from the LTM received by the MIP MEP sending this LTR decremented as if forwarded Mode This indicates if it was a MEP MIP sending this LTR Direction This indicates if MEP MIP sending this LTR is ingress or egress Relayed This indicates if MEP MIP sending this LTR has rela...

Page 123: ...main The domain of the client layer The domain can be EVC or VLAN Flow The client layer instance numbers Level The client layer level which means that PDU transmitted in client layer flows will be on this level AIS prio The priority to be used when transmitting AIS in each client flow Priority resulting in highest possible PCP can be selected LCK prio The priority to be used when transmitting LCK ...

Page 124: ...based on transmitting receiving CCM or LMM LMR PDU can be enabled disabled see Ended This is only valid with one Peer MEP configured Priority The priority to be inserted as PCP bits in TAG if any In case of enable of Continuity Check and Loss Measurement both implemented on SW based CCM Priority has to be the same Frame rate Select the frame rate of CCM LMM PDU This is the inverse of transmission ...

Page 125: ... Measurement based on transmitting 1DM DMM PDU Delay Measurement based on receiving and handling 1DM DMR PDU is always enabled Priority The priority to be inserted as PCP bits in TAG if any Cast Selection of 1DM DMM PDU transmitted unicast or multicast The unicast MAC will be configured through Peer MEP Peer MEP This is only used if the Cast is configured to Uni The 1DM DMR unicast MAC will be tak...

Page 126: ...nly since last clear Rx The accumulated receive count since last clear Rx Error The accumulated receive error count since last clear The frame delay is larger than 1 second timeout Average Total The average delay since last clear The unit is microsecond Average last N The average delay of the last n packets since last clear The unit is microsecond Average Variation Total The average delay variatio...

Page 127: ...ult detection mechanism ERPS can converge in less than 50 milliseconds and recover quickly to forward traffic ERPS ID Specify an ID for this group Port 0 Port 0 is also known as E port East port which is used by some of the other vendors Specify the east port of the switch in the ring Port 1 Port 1 is also known as W port West port which is used by some of the other vendors When this port is inter...

Page 128: ...e changes to previously saved default values Click Refresh to manually refresh ERPS information 3 16 MAC Table The MAC Table menu contains configuration and status sub menu Select the configuration page to set up detailed configuration 3 16 1 Configuration Disable Automatic Aging Learned MAC addresses will appear in the table permanently Aging Time Set up the aging time for a learned MAC to be app...

Page 129: ...er the starting VLAN ID and MAC addresses to view the desired entries Type Display whether the learned MAC address is static or dynamic VLAN ID The VLAN ID associated with this entry MAC Address The MAC address learned on CPU or certain ports Port Members Ports associated with this entry 3 17 VLAN Translation VLAN Translation is especially useful for users who want to translate the original VLAN I...

Page 130: ... the same Group ID NOTE By default each port is mapped to a group with a group ID equal to the port number For example port 2 is mapped to the group with ID is 2 Port Number Click the appropriate radio button to include a port into a group 3 17 2 VID Translation Mapping Group ID Indicate the Group ID that applies to this translation rule VLAN ID Indicate the VLAN ID that will be mapped to a new VI...

Page 131: ...d by broadcast traffic that is directed to all devices To minimize the possibility of broadcast traffic damaging the entire network VLANs can help group devices that communicate frequently with other in the same VLAN so as to divide the entire network into several broadcast domains VLANs make changes of devices or relocation more easily In traditional networks when moving a device geographically t...

Page 132: ...ted tagged Trunk Trunk ports can carry traffic on multiple VLANs simultaneously and are normally used to connect to other switches Trunk ports have the following characteristics By default a trunk port is member of all VLANs 1 4095 The VLANs that a trunk port is member of may be limited by the use of Allowed VLANs Frames classified to a VLAN that the port is not a member of are discarded By defaul...

Page 133: ...8 it is forwarded 2 If the TPID of tagged frame is not 0x88A8 ex 0x8810 it will be discarded The TIPID of frame transmitted by S custom port will be set to an self customized value which can be set by the user using the column of Ethertype for Custom S ports When an untagged frame is received on a port a tag PVID is attached and then forwarded Ingress Filtering If Ingress Filtering is enabled and ...

Page 134: ...8 3 Port Status This page shows the current VLAN settings on a per port basis saved on the Switch Port The port number Port Type Displays the selected port type of each port Ingress Filtering Displays whether Ingress Filtering function of each port is enabled or not When the checkbox is selected it indicates that Ingress Filtering is enabled Frame Type Displays the accepted Ingress frame type Port...

Page 135: ...te VLAN IDs can be identical A port must be a member of both a VLAN and a Private VLAN to be able to forward packets By default all ports are VLAN unaware and members of VLAN 1 and Private VLAN 1 A VLAN unaware port can only be a member of one VLAN but it can be a member of multiple Private VLANs PVLAN ID Specify the PVLAN ID Valid values are 1 to 11 Port Members Select the checkbox if you would l...

Page 136: ...AC based VLAN configuration page is to set up VLANs based on source MAC addresses When ingress untagged frames are received by a port source MAC address is processed to decide which VLAN these untagged frames belong When source MAC addresses does not match the rules created untagged frames are assigned to the receiving port s native VLAN ID PVID 3 20 1 1 Membership Configuration MAC Address Indica...

Page 137: ... grouped into a common VLAN This may require non standard devices to pass traffic between different VLANs in order to encompass all the devices participating in a specific protocol This kind of configuration deprives users of the basic benefits of VLANs including security and easy accessibility To avoid these problems you can configure this switch with protocol based VLANs that divide the physical...

Page 138: ...protocol ID is a value assigned by that organization to the protocol running on top of SNAP In other words if value of the OUI field is 00 00 00 then value of the PID will be etherType 0x0600 0xffff and if value of the OUI is other than 00 00 00 then valid value of the PID will be any value from 0x0000 to 0xffff LLC Logical Link Control This includes DSAP Destination Service Access Point and SSAP ...

Page 139: ...d that VoIP traffic is separated from data traffic By isolating traffic VoIP traffic can be assigned to have the highest priority while forwarding so that higher voice quality can be achieved without encountering situations like excessive packet delays packet loss and jitters Moreover This switch provides Voice VLAN feature that enables voice traffic to be forwarded on the voice VLAN The user can ...

Page 140: ...d on the port By default the aging time is set to 86400 seconds The allowed aging time is 10 10 000 000 seconds Traffic Class Select the traffic class value which defines a service priority for traffic on the Voice VLAN The priority of any received VoIP packet is overwritten with the new traffic class when the Voice VLAN feature is active on a port By default 7 Highest priority is used The allowed...

Page 141: ... three octets of a device MAC address MAC address OUI numbers must be configured in the Telephony OUI list so that the switch recognizes the traffic as being from a VoIP device LLDP Use LLDP IEEE 802 1ab to discover VoIP devices attached to a port LLDP checks that the telephone bit in the system capability TLV is turned on or not Both Use both OUI table and LLDP to detect VoIP traffic on a port 3 ...

Page 142: ...frames and 0 for green frames Fixed The DEI value is determined by ECE rules Tag Mode The tag mode specifies whether the EVC classification must be based on the outer or inner tag This can be used on NNI ports connected to another service provider where an outer tunnel tag is added together with the inner tag identifying the EVC Inner Enable inner tag in EVC classification Outer Enable outer tag i...

Page 143: ...C2 00 00 20 through 01 80 C2 00 00 2F Therefore if a vendor defines L2CP frames outside the specified MAC DA ranges the L2CP handling rules do not apply to these frames DMAC The destination MAC address The MAC DA range for Bridge block of protocol is 01 80 C2 00 00 00 through 01 80 C2 00 00 0F and for GARP block of protocol is 01 80 C2 00 00 20 through 01 80 C2 00 00 2F L2CP Mode Select the L2CP f...

Page 144: ...e of the bandwidth profile The allowed values are MEF MEF ingress bandwidth profile Single Single bucket policer Policer Mode The colour mode of the bandwidth profile The allowed values are Coupled Colour aware mode with coupling enabled Aware Colour aware mode with coupling disabled Blind Colour blind mode Rate Type The rate type of the bandwidth profile The allowed values are Data Specify that t...

Page 145: ...allowed range is from 1 through 4096 VID The VLAN ID in the PB network It may be inserted in a C tag S tag or S custom tag depending on the NNI port VLAN configuration The allowed range is from 1 through 4095 IVID The Internal classified VLAN ID in the PB network The allowed range is from 1 through 4095 Learning The learning mode for the EVC controls whether source MAC addresses are learned for fr...

Page 146: ...TION Specific The allowed range is from 1 through 2048 Discard All received frames are discarded for the EVC None None bandwidth profile for the EVC Policer ID Value Specify a policer ID 3 22 5 ECEs Click on the plus sign to add a new entry and configure its detailed settings ...

Page 147: ... The ECE will match IPv4 frames only IPv6 The ECE will match IPv6 frames only Actions Direction The EVCs and ECEs are used to setup flows in one or both directions as determined by the ECE Direction parameter If the ECE is bidirectional the ingress rules of the NNI ports will be setup to match the traffic being forwarded to NNI ports The possible values are Both Bidirectional UNI to NNI Unidirecti...

Page 148: ...MAC or DMAC file is specified Specific Filter a specific SMAC or DMAC address with this ECE When this option is selected a field for entering a specific value appears The legal format is xx xx xx xx xx xx or xxxxxxxxxxxx DMAC Type The destination MAC address for matching this ECE The possible values are Any No destination MAC is specified Unicast Frames must be unicast Multicast Frames must be mul...

Page 149: ...Rx Tx The number of received and transmitted yellow frames Red Frames Rx The number of received red frames Discarded Frames Rx Tx The number of discarded frames in ingress and egress queue system 3 23 QoS Network traffic is always unpredictable and the only basic assurance that can be offered is the best effort traffic delivery To overcome this challenge Quality of Service QoS is applied throughou...

Page 150: ... frames DEI Select the appropriate value for the default Drop Eligible Indicator for untagged frames Tag Class This field displays classification mode for tagged frames on this port Disabled Use the default QoS class and DP level for tagged frames Enabled Use the mapped versions of PCP and DEI for tagged frames DSCP Based Select the checkbox to enable DSCP based QoS Ingress Port Address Mode The I...

Page 151: ...efault 500kbps is used The allowed range for kbps and fps is 100 to 1000000 The allowed range for Mbps and kfps is 1 to 3300Mbps Unit Select the unit of measure for the policer Flow Control If flow control is enabled and the port is in flow control mode then pause frames are sent instead of discarding frames 3 23 3 Queue Policing Port The port number Port settings apply to all ports Queue 0 7 Enab...

Page 152: ...t 500kbps is used Allowed range for kbps is 100 to 1000000 Allowed range for Mbps is 1 to 3300Mbps Unit Select he unit of measure for the ingress queue policer 3 23 4 Port Scheduler Port Click the port to set up detailed settings for port scheduler Mode Display scheduler mode selected Weight Display the weight in percentage assigned to Q0 Q5 ...

Page 153: ...IGURATION This page allows you to set up the Schedulers and Shapers for a specific port Scheduler Mode The device offers two modes to handle queues Strict mode This gives egress queues with higher priority to be transmitted first before lower priority queues are serviced ...

Page 154: ...indicate a relative weight for each queue DWRR uses a predefined relative weight for each queue that determines the percentage of service time the switch services each queue before moving on to the next queue This prevents the head of line blocking that can occur with strict priority queuing Weight Assign a weight to each queue This weight sets the frequency at which each queue is polled for servi...

Page 155: ...ON 3 23 6 Port Tag Remarking Click on the port number to configure its QoS Egress Port Tag Remarking Tag Remarking Mode Select the appropriate remarking mode used by this port Classified Use classified PCP DEI values Default Use default PCP DEI values Default PCP 0 Default DEI 0 ...

Page 156: ... method Ingress Classify Select the appropriate classification method Disable No ingress DSCP classification is performed DSCP 0 Classify if incoming DSCP is 0 Selected Classify only selected DSCP for which classification is enabled in DSCP Translation table All Classify all DSCP Egress Rewrite Configure port egress rewriting of DSCP values Disable Egress rewriting is disabled Enable Enable egress...

Page 157: ... trusted DSCP values are mapped to a specific QoS class and drop precedence level DPL Frames with untrusted DSCP values are treated as non IP frames QoS Class Select the QoS class to the corresponding DSCP value for ingress processing By default 0 is used Allowed range is 0 to 7 DPL Select the drop precedence level to the corresponding DSCP value for ingress processing By default 0 is used The val...

Page 158: ...anslation of DSCP values based on the specified classification method Ingress Classify Enable classification at ingress side as defined in the QoS port DSCP Configuration Table Egress Remap DP0 Remap DP0 value to the selected DSCP value DP0 indicates a drop precedence with a low priority Egress Remap DP1 Remap DP1 value to the selected DSCP value DP1 indicates a drop precedence with a high priorit...

Page 159: ...ts based on frame type MAC address VID PCP DEI values Once a QCE is mapped to a port traffic matching the first entry in the QoS Control List is assigned to the QoS class drop precedence level and DSCP value defined by that entry Traffic not matching any of the QCEs are classified to the default QoS Class for the port This page displays rules created in QoS control list QCL only The maximum number...

Page 160: ... be taken Class If a frame matches the QCL it will be put in the queue corresponding to the specified QoS class DPL The drop precedence level will be set to the specified value DSCP The DSCP value will be set to the specified value You can modify each QCE QoS Control Entry in the table using the following buttons Insert a new QCE before the current row Edit the QCE entry Move the QCE up the list M...

Page 161: ...vice Access Point address By default any is used Select specific to indicate a value 0x00 to 0xFF Control Control field may contain command response or sequence information depending on whether the LLC frame type is Unnumbered Supervisory or Information By default any is used Select specific to indicate a value 0x00 to 0xFF SNAP SubNetwork Access Protocol can be distinguished by an OUI and a Proto...

Page 162: ...eue corresponding to the specified QoS class or placed in a queue based on basic classification rules DPL If a frame matches the QCE the drop precedence level will be set to the selected value or left unchanged DSCP If a frame matches the QCE the DSCP value will be set to the selected one 3 23 12 Storm Control Storm Control is used to keep a network from downgraded performance or a complete halt b...

Page 163: ... Both frames received and transmitted re mirrored on the mirror port 3 25 UPnP Mode Enable or disable UPnP operation TTL TTL Time to live is used to configure how many steps an UPnP advertisement can travel before it disappears Advertising Duration This defines how often an UPnP advertisement is sent The duration is carried in Simple Service Discover Protocol SSDP packets which informs a control p...

Page 164: ... centi seconds that PDUs are transmitted The default value is 20 centi seconds The valid value is 1 20 Note The Leave time parameter must be three times greater than or equal to Join time Leave time Specify the amount of time in units of centi seconds that the device waits before deleting the associated etry The leave time is activated by a Leave All time message sent received and cancelled by the...

Page 165: ...n 165 CHAPTER 3 WEB OPERATION CONFIGURATION 3 26 2 Port Config Port The port number Mode Enable GVRP on a per port basis 3 27 sFlow 3 27 1 Configuration Agent Configuration IP Address Specify an valid IPv4 or IPv6 address for sFlow agent ...

Page 166: ...ed the timeout can be changed on the fly without affecting any other settings Valid range is 0 to 2147483647 seconds Max Datagram Size The maximum number of data bytes that can be sent in a single sample datagram This should be set to a value that avoids fragmentation of the sFlow datagrams Valid range is 200 to 1468 bytes with default being 1400 bytes Port Configuration Port The port number for w...

Page 167: ...essfully sent to the sFlow receiver Tx Errors The number of UDP datagrams that has failed transmission The most common source of errors is invalid sFlow receiver IP hostname configuration To diagnose paste the receiver s IP address hostname into the Ping Web page Diagnostics Ping Ping6 Flow Samples The total number of flow samples sent to the sFlow receiver Counter Samples The total number of coun...

Page 168: ...mes are transmitted and expectedly received Sequence Number Check When checked looped Y 1731 TST frames are tested for out of order upon reception Out of order frames are frames received in a different order than they were transmitted If an out of order sequence is detected the sub test or trial is considered failing Dwell Time When a trial is executed Y 1731 TST frames are transmitted for a certa...

Page 169: ...peated for every selected frame size At least one frame size must be checked By default all but the jumbo frame size are selected Tests to Run One or more of the following sub tests may be executed through the same profile Throughput The throughput test searches for the maximum rate at which at most a certain percentage of the frames are lost The throughput test starts at the maximum configured ra...

Page 170: ... acceptable to have loss on a connection The allowed loss can be specified with this parameter The loss is measured in per mille of the number of transmitted frames during a trial so if allowed loss is set to e g 1 per mille and 1000 frames are transmitted during a trial the trial will be considered successful if 999 or 1000 frames return to the transmitter Valid range is from 0 to 100 with a defa...

Page 171: ...txt Name A unique name identifying the report Click the name to view the report Description The description assigned to the report as entered on the test execution page Created The date and time at which execution started Status This field shows the current status of executing a test Inactive Test just initiated but not started This is a transitional state that is unlikely to be noticed Executing ...

Page 172: ...s for ICMPv4 packets IP Address Enter the IP address that you wish to ping Ping Length The size or length of echo packets Ping Count The number of echo packets will be sent Ping Interval The time interval between each ping request 3 29 2 Link OAM 3 29 2 1 MIB Retrieval Local or Peer Click on the radio button to select the location of MIB to be polled Port The port on the device that is used for OA...

Page 173: ...e egress interface is not given Ping6 finds the best match interface for destination Please note that do not specify egress interface for loopback address Do specify egress interface for link local or multicast address 3 29 4 VeriPHY This page is used for running the VeriPHY Cable Diagnostics for 10 100 and 1G copper ports Select which ports to run or all Click Start This will take approximately 5...

Page 174: ...coupling with pair B Cross C Abnormal cross pair coupling with pair C Cross D Abnormal cross pair coupling with pair D Length The length in meters of the cable pair The resolution is 3 meters NOTE VeriPHY is only applicable to the electrical ports It is not applicable to the optical ports 3 30 Maintenance The Maintenance menu contains several sub menus Select the appropriate sub menu to restart th...

Page 175: ...note that all changed settings will be lost It is recommended that a copy of the current configuration is saved to your local device 3 30 3 Software 3 30 3 1 Upload Update the latest Firmware file Select a Firmware file from your local device and then click Upload to start updating 3 30 3 2 Image Select Select the image file to be used in this device 3 30 3 3 Upgrade boot code ...

Page 176: ... configurations to startup configurations 3 30 4 2 Download running config Download a copy of the current running configurations to your local device default config Download a copy of the factory default configurations to your local device startup config Download a copy of startup configurations to your local device 3 30 4 3 Upload Select a file and then click Upload Configuration to start uploadi...

Page 177: ...N 3 30 4 4 Activate Select the file that you would like to use Click on the Activate Configuration to replace configurations to the selected one 3 30 4 5 Delete Select the file that you would like to delete Click on the Delete Configuration File to remove the file from the device ...

Page 178: ...This page is intentionally left blank Date Version Description 2015 7 7 0 9b Revise LED descriptions Revise Default push button 6 secs to 3 secs Packet buffer 8Mbits Chassis 20 pix Web main page pix ...

Page 179: ......

Reviews:

No comments

Related manuals for FRM220-MSW404

PaloAlto Networks ION 1200 Series Hardware Reference Manual preview
ION 1200 Series
Brand: PaloAlto Networks Pages: 90
XNET INS2000 Install Manual preview
INS2000
Brand: XNET Pages: 17
Tbus NV-ER1816i Installation Manual preview
NV-ER1816i
Brand: Tbus Pages: 25
Faderfox 4midiloop User Manual preview
4midiloop
Brand: Faderfox Pages: 10
HGST Ultrastar Serv24 S2122-N24-4 Installation Manual preview
Ultrastar Serv24 S2122-N24-4
Brand: HGST Pages: 36
AMX AXB-PSCV Dimensional Drawing preview
AXB-PSCV
Brand: AMX Pages: 1
UNICOM DynaGST/2402G GEP-33224T-1 User Manual preview
DynaGST/2402G GEP-33224T-1
Brand: UNICOM Pages: 17
R.V.R. Elettronica PTX30-UHT Installation, Technical And Maintenance Manual preview
PTX30-UHT
Brand: R.V.R. Elettronica Pages: 171
New Media Technology IP Power 9212 User Manual preview
IP Power 9212
Brand: New Media Technology Pages: 26
E-TOP BR080n User Manual preview
BR080n
Brand: E-TOP Pages: 90
Waveshare 5G CPE BOX User Manual preview
5G CPE BOX
Brand: Waveshare Pages: 27
Waveshare OPS-I5-1135G7 User Manual preview
OPS-I5-1135G7
Brand: Waveshare Pages: 23
Westermo SDW-541-F1G-T4G User Manual preview
SDW-541-F1G-T4G
Brand: Westermo Pages: 20
Johnson Controls FIRE-MON-17 Technical Manual preview
FIRE-MON-17
Brand: Johnson Controls Pages: 72
Honeywell RMWIFI-M3 User Manual preview
RMWIFI-M3
Brand: Honeywell Pages: 29
Honeywell 057810 Manual preview
057810
Brand: Honeywell Pages: 60
Honeywell Wireless Communication Card Installation Instructions preview
Wireless Communication Card
Brand: Honeywell Pages: 4
JVC Milestone VR-N1600 Brochure & Specs preview
Milestone VR-N1600
Brand: JVC Pages: 6

Brands by name

Popular brands

Load more brands