manualshive.com logo in svg

Hirschmann MACH 4000 Series, User Manual

Share
Download
Hirschmann MACH 4000 Series User Manual Download Page 105

Synchronizing the System Time of the 

Basic - L3P

Release 3.1 06/07

7.1 Entering the Time

105

V

Enter the command 

enable

 to switch to the privileged EXEC mode.

V

Enter the command 

configure

 to change to the configuration mo-

de.

V

Enter the command 

sntp time <YYYY-MM-DD HH:MM:SS>

 to set 

the Switch system time.

V

Enter the command 

sntp client offset <-1000 to 1000>

 to 

enter the time offset between local time and “IEEE1588/SNTP Time”.

Summary of Contents for MACH 4000 Series

Page 1: ...Basic L3P Release 3 1 06 07 Technical Support HAC Support hirschmann de User Manual Basic Configuration Industrial ETHERNET Gigabit Switch Power MICE MACH 4000...

Page 2: ...he end user license agreement on the enclosed CD applies The performance features described here are binding only if they have been expressly guaranteed in the contract This publication has been creat...

Page 3: ...meter 27 2 1 1 IP address version 4 27 2 1 2 Network mask 28 2 1 3 Example of how the network mask is used 30 2 2 Entering the IP parameters via CLI 32 2 3 Entering the IP parameters via HiDiscovery 3...

Page 4: ...lable 63 4 1 2 Starting the software 65 4 1 3 Performing a cold start 65 4 2 Loading the Software from the tftp Server 66 4 3 Loading Software via file selector 68 5 Configuring ports 69 6 Protection...

Page 5: ...ering the Time 104 7 2 SNTP 106 7 2 1 Descripton SNTP 106 7 2 2 Preparing the SNTP configuration 107 7 2 3 Configuring SNTP 108 7 3 Precison Time Protocol 111 7 3 1 Funtion description PTP 111 7 3 2 P...

Page 6: ...Description VLANs 151 8 6 2 Configuring VLANs 154 8 6 3 Setting up VLANs 156 8 6 4 Displaying the VLAN configuration 157 8 6 5 Deleting the VLAN settings 157 8 6 6 Example of a simple VLAN 158 9 Opera...

Page 7: ...Server 196 A 2 Setting up DHCP Server Option 82 202 A 3 tftp server for software updates 207 A 3 1 Setting up the tftp process 208 A 3 2 Software access rights 211 A 4 Preparing for access via SSH 212...

Page 8: ...Contents 8 Basic L3P Release 3 1 06 07 Appendix C Index 231...

Page 9: ...network D Function diagnosis The Installation user manual contains a device description safety instructions a description of the display and all the other information that you need to install the devi...

Page 10: ...nce manuals If you use Network Management Software HiVision you have further opportunities to D have an event logbook D configure the System Location and System Name D configure the network address ra...

Page 11: ...heading Indicates a cross reference with a stored link Note A note emphasizes an important fact or draws your attention to a dependency Courier font ASCII representation in user interface Symbols used...

Page 12: ...Key 12 Basic L3P Release 3 1 06 07 Hub A random computer Configuration computer Server...

Page 13: ...Switch has been developed for practical application in a harsh industrial environment Accordingly the installation process has been kept simple Thanks to the selected default settings you only have t...

Page 14: ...Introduction 14 Basic L3P Release 3 1 06 07...

Page 15: ...user interfaces The Switch has three user interfaces which you can access via different interfaces D System monitor via the V 24 interface out of band D Command Line Interface CLI via the V 24 connect...

Page 16: ...on U Opening the system monitor V Using a terminal cable see accessories connect the V 24 RJ11 socket to either a terminal or a COM port of a PC with terminal emulation according to VT 100 For the phy...

Page 17: ...Release 3 1 06 07 1 1 System monitor 17 Fig 1 Screenshot during the boot process V Press within one second the 1 key to start system monitor 1 PowerMICE MS4128 5 Boot Release 1 00 Build 2005 09 17 15...

Page 18: ...desired menu by entering the number V To leave a sub menu and return to the main menu of system monitor 1 press ESC System Monitor Selected OS L3P 01 0 00 K16 2005 10 31 19 32 1 Select Boot Operating...

Page 19: ...and Line Interface can be accessed via D the V 24 out of band port or D Telnet in band D SSH in band Note To facilitate making entries the CLI offers the option of abreviating keywords Type in the fir...

Page 20: ...alue for the password is private Press the Enter key You can change the username and the password later in the Com mand Line Interface Note that these entries are case sensitive The start screen then...

Page 21: ...mmand Line Interface 21 Fig 4 CLI screen after login NOTE Enter for Command Help Command help displays all options that are valid for the normal and no command forms For the syntax of a particular com...

Page 22: ...U Opening the Web based Interface To open the Web based interface you will need a Web browser a pro gram that can read hypertext for example Mozilla Firefox version 1 or higher or Microsoft Internet...

Page 23: ...he connection by entering the IP address of the Switch that you want to administer via the Web based network management in the address field of the Web browser Enter the address in the following form...

Page 24: ...password protects the Switch against unauthorized access V Click on OK The Website of the Switch appears on the screen Note The changes you make in the dialogs are taken over by the Switch when you c...

Page 25: ...on page 35 D Using the AutoConfiguration Adapter ACA Choose this method if you are replacing the Switch with a Switch of the same type and have already saved the configuration on an ACA see Loading fr...

Page 26: ...on 82 You need a DHCP server with Option 82 for this The DHCP server assigns the configuration data to the Switch using its physical connection see System Configuration via DHCP Option 82 on page 46 I...

Page 27: ...s block contact your Internet Service Provider Internet Service Providers should contact their local higher level organization D APNIC Asia Pacific Network Information Centre Asia Pacific Region D ARI...

Page 28: ...the uniqueness of the IP addresses he assigns 2 1 2 Network mask Routers and gateways subdivide large networks into subnetworks The net work mask assigns the IP addresses of the individual devices to...

Page 29: ...is applied 255 255 192 0 Decimal notation 11111111 11111111 11000000 00000000 Binary notation Subnetwork mask bits Class B 129 218 65 17 Decimal notation 10000001 11011010 01000001 00010001 binary not...

Page 30: ...P address and also knows that the router Lorenzo knows the way to Juliet Romeo therefore puts his message in an envelope and writes Juliet s IP address as the destination address For the source addres...

Page 31: ...th Romeo s IP address Opening the inner envelope and reading its contents corresponds to transferring the message to the higher protocol layers of the ISO OSI layer model Juliet would now like to send...

Page 32: ...IP addresses If there is no terminal or PC with terminal emulation available in the vicinity of the installation location the IP parameters can also be entered in your wor king environment prior to ul...

Page 33: ...Netzmaske Gateway and press the Enter key D Locale IP address On delivery the local IP address of the Switch is 0 0 0 0 D Network mask If your network has been divided up into subnetworks and if these...

Page 34: ...tup config and then press the Enter key Confirm that you want to save the configuration by pressing y After entering the IP parameters you can easily configure the Switch via the Web based Interface s...

Page 35: ...e CD sup plied with the Switch V To install it you start the installation program on the CD Note The installation of HiDiscovery involves installing the WinPcap Version 3 0 software package If an earl...

Page 36: ...the two green dots in the tool bar to set the LEDs for the selected device flashing To Switch off the flashing click on the symbol again By double clicking a line you open a window in which you can e...

Page 37: ...ACA enables a very simple configuration data transfer by means of a substitute Switch of the same type When you start the switch it checks for an ACA If it detects an ACA with a valid password and va...

Page 38: ...art loading configuration data from ACA ACA vorhanden Ja Konfiguration vom ACA laden ACA LEDs blinken synchron Nein Passwort im Switch und ACA identisch Ja Nein Voreingestelltes Passwort im Switch Ja...

Page 39: ...ation via the Web based Interface on page 47 or see in the CLI V Make the following data for the Switch available to the BOOTP server etc bootptab for BOOTP daemon bootpd gw gateways ha hardware addre...

Page 40: ...ines The lines under global make the configuration of several devices easier With the template tc you allocate the global configuration data tc global The direct allocation of hardware address and IP...

Page 41: ...process part 1 see note on page 54 2 DHCP or BOOTP Send DHCP BOOTP Requests Reply from DHCP BOOTP server Yes Yes Save IP parameter and config file URL locally initialize IP stack with IP parameters N...

Page 42: ...the BOOTP DHCP process part 2 see note on page 54 Load transferred config file No Yes Load remote configuration from URL of DHCP No Yes Start tftp process with config file URL of DHCP tftp successful...

Page 43: ...Interface On startup an Switch receives its configuration data according to the BOOTP DHCP process flow chart see Fig 13 The Switch sends its system name to the DHCP server The DHCP server can then a...

Page 44: ...ichever one happens to be availa ble is assigned On delivery DHCP is enabled As long as DHCP is activated the Switch attempts to obtain an IP address If it cannot find a DHCP server after restarting i...

Page 45: ...p client identifier 00 68 75 67 6f fixed address 149 218 112 83 server name 149 218 112 11 filename agent config dat Lines that start with a character are comment lines The lines preceding the individ...

Page 46: ...being configured see System configuration via DHCP on page 43 Option 82 is based on the network topology This procedure gives you the option of always assigning the same IP address to any device which...

Page 47: ...ters and VLAN ID and configure the HiDiscovery access Fig 16 Dialog network parameter V Under Modus you enter where the Switch is to obtain its IP parameters D In the BOOTP mode the configuration come...

Page 48: ...the VLAN ID frame you can assign a VLAN to the Switch If you enter the illegal VLAN ID 0 here the agent can be accessed by all VLANs V The HiDiscovery protocol see Entering the IP parameters via HiDi...

Page 49: ...e same type Faulty Device Replacement D First you can configure the new switch using an AutoConfiguration Adapter see Loading the system configuration from the ACA on page 37 or D Second you can confi...

Page 50: ...Entering the IP parameters 50 2 9 Faulty Device Replacement Basic L3P Release 3 1 06 07...

Page 51: ...ings such as the IB parameters and the port configuration in the temporary memory These settings are lost when you switch off or reboot the device The Switch enables you to D save settings from the te...

Page 52: ...owing sources D the local non volatile memory D the AutoConfiguration Adapter If an ACA is connected to the Switch the Switch always loads its configuration from the ACA D a file in the connected netw...

Page 53: ...ion Adapter If an ACA is connected to the Switch the Switch always loads its configura tion from the ACA For information on how to save a configuration file onto an ACA refer to Sa ving Locally and on...

Page 54: ...ation The URL identifies the path to the tftp server from which the Switch loads the configuration file The URL is in the form tftp IP address of the tftp server path name file name e g tftp 149 218 1...

Page 55: ...Fig 17 Dialog Load Save V Enter the enable command to change to the Priviledged EXEC mode V Enter the command copy tftp 149 218 112 159 switch config dat nv ram startup config if you want the switch...

Page 56: ...very After restarting the IP address is also in the original delivery state Setting in the System Monitor V Select 5 Erase main configuration file This menu offers you the possibility to set the Switc...

Page 57: ...t memory and the ACA V Select the Basics Load Save dialog V Click in the Save frame to Switch V Click Save configuration As a result the Switch saves the current configuration data into the local nonv...

Page 58: ...s the configuration file The URL is written as follows tftp IP address of the tftp server path name file name e g tftp 149 218 112 5 switch config dat Note The configuration file contains all configur...

Page 59: ...nt configuration data in a editable and readable file on your PC V Select the Basics Load Save dialog V Click in the Save frame to PC binary V Enter in the Save window the file name under which you wa...

Page 60: ...Loading saving settings 60 3 2 Saving settings Basic L3P Release 3 1 06 07...

Page 61: ...w sysinfo Switch to Privileged EXEC mode Display the system information Alarm None System Description Hirschmann Rails witch System Name RS 1F1054 System Location Hirschmann Rails witch System Contact...

Page 62: ...are The Switch gives you three options for loading the software D From the ACA 21 USB out of band D Via tftp from a tftp server in band D Via a file selector window from your PC Note The existing conf...

Page 63: ...or on page 16 V Select 2 and press the ENTER key to copy the software from the ACA 21 USB into the local memory of the Switch On concluding the update the System Monitor prompts you to press any key t...

Page 64: ...o load the other software with the next reboot U Copy image to backup Select 2 to save a copy of the active software U Test stored images in flash memory Select 3 to test if the stored images of the s...

Page 65: ...nd store selection Select 5 to apply and store the selection of the software U Cancel selection Select Sie 6 to cancel selection and leave this dialogue without changes 4 1 2 Starting the software Thi...

Page 66: ...stored see tftp server for software updates on page 207 V Select the Basics Software dialog The URL identifies the path to the software stored on the tftp server The URL is in the format tftp IP addr...

Page 67: ...the new software as follows Select the Basics Restart dialog und and perform a cold start V After booting the switch click Reload in your browser to re enable your access to the Switch enable copy tft...

Page 68: ...e selection window select the Switch software switch bin and click on Open V Click Update to transfer the software to the Switch The end of the update is indicated by one of the following messages D U...

Page 69: ...o connect U Selecting the Operation Mode In the state on delivery all ports are switched to the Automatic Configu ration mode V Select the Basics Port Configuration dialog V Select in the Port on colu...

Page 70: ...y default Systempower for MS20 MS30 and Power MICE The Switch provides the rated system performance for the sum of all PoE ports plus a surplus Because the PoE media module gets its operating voltage...

Page 71: ...ovides for all PoE ports together V Reserved Power displays the maximum power that the Switch provides to all the connected PoE devices together on the basis of their classification V Delivered Power...

Page 72: ...Configuring ports 72 Basic L3P Release 3 1 06 07 Fig 20 Power over Ethernet dialog...

Page 73: ...om unauthorized access The Switch provides you with the following functions for protecting against unauthorized access D Password for SNMP access D Setting the SSH Telnet Web Based access D Disabling...

Page 74: ...ord with the entries in the MIB of the Switch see Management Information BASE MIB on page 220 If the password has the appropriate access right and if the IP address of the sending com puter has been e...

Page 75: ...V The Web based Interface and the User Interface communicate via SNMP version 3 V Select Modify read only password to enter the read only password V Enter the new read only password in the line New p...

Page 76: ...the Web in terface in order to access the Switch Note For security reasons the passwords are not displayed Make a note of every change You cannot access the Switch without a valid password Note For se...

Page 77: ...SNMPv2 in the table you can determine which IP addresses are allowed to access the Switch and which kind of pass words are to be used The table allows up to 8 entries For security reasons the read pas...

Page 78: ...ized access 78 6 1 Password for SNMP access Basic L3P Release 3 1 06 07 Fig 22 Dialog SNMPv1 v2 access V To create a new line in the table click Create entry V To delete an entry select the line in th...

Page 79: ...t connection is not possible An existing Telnet connection remains Note The command line interface out of band and the Security Tel net Web Access dialog in the Web based Interface allow you to to act...

Page 80: ...r access via SSH on page 212 You can deactivate the SSH server to prevent SSH access to the Switch The server is deactivated by default After the SSH server has been deactivated you will no longer be...

Page 81: ...itch off the server to which you wish to disable access V Enter the command enable to switch to the privileged EXEC mode V Enter the command transport input telnet to switch on the telnet server V Ent...

Page 82: ...iDiscovery protocol The HiDiscovery protocol see Entering the IP parameters via HiDiscovery on page 35 allows you to assign an IP address to the Switch on the basis of its MAC address HiDiscovery is a...

Page 83: ...or limit access to read only V Enter the command enable to switch to the privileged EXEC mode V Enter the command network protocol hidiscovery off to switch off the HiDiscovery function V Enter the c...

Page 84: ...ddress or his IP address D What should happen after an unauthorized access attempt The Switch can respond in three selectable ways to an unauthorized access attempt non no response trapOnly message by...

Page 85: ...ws the MAC address of the device from which data was last received By pressing the left mouse button you can copy an entry from the Current MAC address column into the Allowed MAC address column V If...

Page 86: ...This entry in the port configuration table is part of the configuration Loading saving settings on page 51 and is saved together with the configuration Note An alarm trap can only be sent if at least...

Page 87: ...ation is carried out by the Authenticator in this case the Switch This authenticates or does not authenticate the supplicant the querying device e g a PC which means that it permits the access to the...

Page 88: ...erning the autherization D The Switch evaluates the reply and allows access to the supplicant at this port or leaves the port in the blocked state 6 5 3 Preparing the switch for the 802 1X port authen...

Page 89: ...u enter the character string which you get as a key from the administrator of your Radius server V With Primary server you name this server as the first server which the Switch should contact for port...

Page 90: ...to 100 ACLs D 10 rules per ACLs D Up to 100 rules per interface D Up to 1000 rules on all interfaces together D Possible actions permit and deny in combination with permit assign queue and redirect D...

Page 91: ...des between standard and extended IP based ACLs ACLs with an ID number ACL ID D 1 to 99 are standard IP based ACLs and D 100 to 199 are extended IP based ACLs Standard IP based ACLs provide the follow...

Page 92: ...erse This means that if you want to mask an individual IP address you select the network mask 0 0 0 0 6 6 2 Description of MAC based ACLs While you identify IP based ACLs using an ID number you identi...

Page 93: ...e MRP Ring you add the following rule to the ACLs PERMIT Source MAC ANY Destination MAC 01 15 4E 00 00 00 Destination MAC mask 00 00 00 00 00 03 CLI command in the Config mac access mode permit any 01...

Page 94: ...10 0 1 158 Add to ACL 100 a further rule This permits data traffic from any IP source address to any IP desti nation address access list 110 permit ip 10 0 1 11 0 0 0 0 10 0 1 158 0 0 0 0 access list...

Page 95: ...terface 2 3 ip access group 100 in exit Switch to the configuration mode Switch to the interface configuration mode for Interface 2 3 Attach ACL 100 to interface 2 3 for received data Switch to the co...

Page 96: ...L ipx apple Add the rule deny IPX to the list Add the rule deny AppleTalk to the list Add the rule permit all other data to the list Switch to the configuration mode mac access group ipx apple in exit...

Page 97: ...y precedence 3 assign queue 3 access list 102 permit ip any any precedence 4 assign queue 4 access list 102 permit ip any any precedence 7 assign queue 7 Create the extended ACL 102 with the first rul...

Page 98: ...mit Match All FALSE Protocol 255 ip IP Precedence 1 Assign Queue 0 Rule Number 3 Action permit Match All FALSE Protocol 255 ip IP Precedence 2 More or q uit Assign Queue 1 Rule Number 4 Action permit...

Page 99: ...L ID Sequence Number IP 100 1 IP 102 3 Example Extended ACL with prioritizing using the Simple Network Management protocol Layer 4 enable configure Switch to the privileged EXEC mode Switch to the con...

Page 100: ...on mode for Interface 2 1 Attach ACL 104 to nterface 2 1 Switch to the configuration modes Switch to the privileged EXEC mode Display the ACLs attached to interface 2 1 for incoming data show access l...

Page 101: ...Protection from unauthorized access Basic L3P Release 3 1 06 07 6 6 Access Control Lists ACL 101 show access lists interface 2 1 in ACL Type ACL ID Sequence Number IP 100 10 IP 104 20 IP 102 30...

Page 102: ...Protection from unauthorized access 102 6 6 Access Control Lists ACL Basic L3P Release 3 1 06 07...

Page 103: ...milliseconds the Simple Net work Time Protocol SNTP offers a low cost solution Accuracy depends on signal running time Areas of application of this protocol are log entries time stamping of production...

Page 104: ...stem time uses IEEE 1588 SNTPtime allowing for the lo cal time difference from IEEE 1588 SNTPtime System time IEEE 1588 SNTPtime Local offset D Time Source displays the origin of the following time Th...

Page 105: ...enable to switch to the privileged EXEC mode V Enter the command configure to change to the configuration mo de V Enter the command sntp time YYYY MM DD HH MM SS to set the Switch system time V Enter...

Page 106: ...disposal The UTC is the time which is refe renced to Universal Time Coordinated The display is the same worldwide Local time differences are not taken into account The SNTP Client obtains the UTC from...

Page 107: ...function on all devices whose time you want to set using SNTP V If you do not have a reference clock at your disposal use a Switch as the reference clock and set its system time as accurately as possi...

Page 108: ...Status D The Status message displays conditions such as Server cannot be reached U Configuration SNTP Server V In Anycast destination address you enter the IP address to which the SNTP server on the...

Page 109: ...x ternal server address 0 5 seconds after making a request Note If you are receiving the system time from an external redun dant server address you do not accept any SNTP broadcasts see below Otherwis...

Page 110: ...218 112 3 Function on on on Anycast destination address 0 0 0 0 0 0 0 0 0 0 0 0 Server VLAN ID 1 1 1 Anycast send interval 120 120 120 Client External server address 149 218 112 0 149 218 112 1 149 2...

Page 111: ...their accuracy An algorithm that measures the accuracy of the available clocks in the network determines the most accurate time for the grandmaster clock Stratum number Specification 0 For temporary...

Page 112: ...nsideration in relationship to the reference clock Fig 28 Delay and jitter problems when synchronizing clocks To get around the delay and jitter in the protocol stack IEEE 1588 recom mends inserting a...

Page 113: ...into the devices These clocks are synchronized on the one side of the signal path and on the other side of the signal path are used to synchronize the subsequent clocks ordinary clocks Fig 29 Boundar...

Page 114: ...t applications V Draw a network plan showing all devices involved in PTP to get an overview of the distribution of the clocks Note Connect all connections you need to distribute PTP information to dev...

Page 115: ...to apply to all ports U PTP Global V Select the Time PTP Global dialog V Switch on the function in the Operation IEEE 1588 PTP frame V If you have designated this Switch to be the PTP reference clock...

Page 116: ...2 to the time received from an NTP server Thus the left Switch becomes the reference clock for the PTP synchronization and is the preferred master The preferred master forwards the exact time signal...

Page 117: ...SNTP Operation On Off Off Off Server destination address 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Server VLAN ID 1 1 1 1 Client External Server address 10 0 1 2 0 0 0 0 0 0 0 0 0 0 0 0 Request interval 30 arbi...

Page 118: ...rce If you want the switch to receive the system time using PTP enter the external server address 0 0 0 0 and do not accept any SNTP broadcasts when performing the SNTP client configuration If you wan...

Page 119: ...ctive in all three switches ensuring that relative to each other the system times of the switches are synchronized precisely As the con nectable terminal devices in the example exclusively support SNT...

Page 120: ...Synchronizing the System Time of the 120 7 4 Interaction PTP and SNTP Basic L3P Release 3 1 06 07...

Page 121: ...l To optimize the data transmission the Switch provides you with the following functions for controlling the network load D Settings for directed frame forwarding MAC address filter D Multicast settin...

Page 122: ...ic packet distribution 8 1 1 Store and forward All data received by the Switch is stored and its validity is checked Invalid and defective data packets 1 522 Bytes or CRC errors as well as frag ments...

Page 123: ...sses Address entries which exceed a certain age 30 seconds aging time are deleted by the Switch from its address table The Switch floods data packets with an unknown target address The Switch transmit...

Page 124: ...red in the filter table Forwarding Database FDB The table has three parts a static part and two dynamic parts D The management administrator describes the static part of the filter table dot1qStaticTa...

Page 125: ...s whose destination addresses are not in the table are sent from the receiving port to all other ports In the Create static entry dialog you can set up new filters The following status settings are po...

Page 126: ...ts with a Multicast address to all the ports This leads to an increased bandwidth re quirement Protocols such as GMRP and processes such as IGMP Snooping enable the Switches to exchange information by...

Page 127: ...camera sends its image data with a multicast address over the network To prevent the many images from slowing down the entire network the Switch uses the GMRP to distribute multicast address informat...

Page 128: ...f a Leave message from IGMP version 2 and they do not transmit any more Report messages In IGMP versions 1 and 2 the router removes the routing table entry if it does not receive any Report messages w...

Page 129: ...he ports Therefore the connected Switches know that they have to send this multicast address to this Switch The GMRP enables packets with a multicast address in the target address field to be sent to...

Page 130: ...Con trol Block 224 0 0 0 224 0 0 255 This can have an effect on the higher level routing protocol U IGMP on per port This table column enables you to switch on off the IGMP for each port when the glob...

Page 131: ...on the entire network D With the selective setting GMRP default setting forward all un registered groups the switch sends to this port all data packets with a multicast address in the target address...

Page 132: ...Traffic control 132 8 2 Multicast application Basic L3P Release 3 1 06 07 Fig 35 IGMP dialog...

Page 133: ...the Switch will discard the excessive data on this port A global setting activates deactivates the rate limiter function at all ports 8 3 2 Setting Rate Limiter for MACH 4000 and Power MICE V Select...

Page 134: ...frame D 0 no ingress limit at this port D 0 maximum inbound traffic rate in kbit s that is allowed to be received by and forwarded from this port D Egress Limiter for broadcast packets D 0 no rate lim...

Page 135: ...the VLAN tag when the receiving port was configured to trust dot1p D the QoS information ToS DiffServ contained in the IP header when the receiving port was configured to trust ip dscp in the MACH 40...

Page 136: ...ation but no VLAN information VLAN ID 0 are known as Priority Tagged Frames Note Network logs and redundancy mechanisms use the highest priority classes 3 RS20 30 40 MS20 30 MACH 1000 OCTOPUS and 7 Po...

Page 137: ...Octets Pream ble Field Start Fram e Delim iter Field Destination Address Field Source Address Field Tag Field Data Field Length Type Field Data Field Pad Field Fram e Check Sequence Field 42 1500 Octe...

Page 138: ...s D The additional 4 byte VLAN tag enlarges the data packets With small data packets this leads to a larger bandwidth load D End to end prioritizing requires the transfer of the VLAN tags in the entir...

Page 139: ...here was no need to use the ToS field Only with the real time requirements of today s networks has the ToS field become significant again Selecting the ToS byte of the IP header enables you to differe...

Page 140: ...n contrast to the ToS byte DiffServ uses six bits for the division into classes This results in up to 64 different service classes Fig 40 Differentiated Services field in the IP header The different D...

Page 141: ...lash Override 100 CS4 100000 Flash 011 CS3 011000 Immediate 010 CS2 010000 Priority 001 CS1 001000 Routine 000 CS0 000000 Table 10 Assigning the IP precedence values to the DSCP value DSCP Value DSCP...

Page 142: ...t D no trust The Switch does not trust the priority information in the packet and always assigns the packets the port priority of the receiving port D trust ip dscp MACH 4002 24G 48G The Switch assign...

Page 143: ...nsures that high priority data is sent immediately U Description of Weighted Fair Queuing With Weighted Fair Queuing also known as Weighted Round Robin WRR the user can assign every priority class a m...

Page 144: ...the Switch ignores the bandwidths guaranteed for Weighted Fair Queuing 8 4 6 Setting Prioritization V Select the Basics Port Configuration dialog V In the Port Priority column you can specify the prio...

Page 145: ...ent show classofservice dot1p mapping User Priority Traffic Class 0 4 1 4 2 1 3 3 4 4 5 5 6 6 7 7 Always assigning the port priority to received data packets enable configure interface 1 1 no classofs...

Page 146: ...ping IP DSCP Traffic Class 0 be cs0 2 1 2 48 cs6 5 Always assigning the DSCP priority to received data packets MACH 4002 24G 48G enable configure classofservice ip dscp map ping cs6 5 Switch to the pr...

Page 147: ...smits all the data packets with a high priority you can enter the weighting 0 for the Strict Priority priority classes and distribute 100 among the remaining priority classes The Switch distributes th...

Page 148: ...ch to the interface configuration mode for Interface 1 2 Restrict the maximum bandwith of Interface 1 2 to 50 Switch to the configuration mode Switch to the privileged EXEC mode Display the configurat...

Page 149: ...large amount of data to Workstation 4 The combined bandwidth of Workstations 1 2 and 3 is larger than the bandwidth of Workstation 4 to the Switch This leads to an overflow of the send queue of Port 4...

Page 150: ...ween Work station 2 and the Switch Before the send queue of Port 2 overflows the Switch sends data so that workstation 2 detects a collision and thus interrupts the transmis sion 8 5 2 Setting flow co...

Page 151: ...VLANs A virtual LAN VLAN consists of a group of network participants in one or more network segments who can communicate with each other as if they be longed to the same LAN Fig 42 Example of a VLAN M...

Page 152: ...tag see fig 38 to 4094 Key words often used in association with VLANs are U Ingress Rule The ingress rules stipulate how incoming data is to be handled by the Switch U Egress Rule The egress rules st...

Page 153: ...the ports of a VLAN which send data packets without a tag Every VLAN has an untagged set U GARP Generic Attribute Registration Protocol GARP is a general protocol for transporting attributes It descri...

Page 154: ...te For Power MICE and MACH 4000 In transparent mode the devices ignore the VLAN tags when they receive data Set the VLAN membership of the ports of all VLANs to un tagged Note When configuring the VLA...

Page 155: ...D Power MICE D MS 20 MS 30 D MACH 1000 D MACH 3000 from Rel 3 3 D MACH 4000 D OCTOPUS Note In the HIPER Ring configuration select for the ring ports VLAN ID 1 and Ingress Filtering disabled in the po...

Page 156: ...a GVRP U a member of the VLAN packet is transmitted without tag V After setting up VLANs you specify the rules for received data in the VLAN Port table port D Port VLAN ID specifies to which VLAN a re...

Page 157: ...ent table displays all locally configured VLANs and VLANs configured by GVRP V Select the Switching VLAN Global dialog The Delete button in the VLAN global dialog allows you to restore all the default...

Page 158: ...ple VLAN The following example provides a quick insight into configuring a VLAN that is commonly found in practice The configuration is explained step by step Fig 43 Example of a VLAN 149 218 112 208...

Page 159: ...Traffic control Basic L3P Release 3 1 06 07 8 6 VLANs 159 Fig 44 Creating a VLAN Fig 45 Entering a VLAN ID V Repeat the steps Creating a VLAN and Entering a VLAN ID for all VLANs...

Page 160: ...Traffic control 160 8 6 VLANs Basic L3P Release 3 1 06 07 Fig 46 Assigning a VLAN any name and saving it...

Page 161: ...ned to the terminal devices of the yellow VLAN and ports 2 1 to 2 4 to the terminal devices of the green VLAN As termi nal devices normally do not sent data packets with a tag the setting U must be se...

Page 162: ...Traffic control 162 8 6 VLANs Basic L3P Release 3 1 06 07 Fig 48 Saving the VLAN configuration...

Page 163: ...g you select the admitAll setting here Port 1 4 serves as an uplink port to the next Switch It belongs to the brown VLAN and is thus given the VLAN ID 1 Because terminal devices usually do not send da...

Page 164: ...Traffic control 164 8 6 VLANs Basic L3P Release 3 1 06 07 Fig 50 Globally activating GVRP Fig 51 Saving the configuration to non volatile memory...

Page 165: ...owing diagnostic tools for the function diagnosis D Sending traps D Monitoring Device Status D Out of band signaling via signal contact D Port status indication D Event counter on port level D SFP sta...

Page 166: ...tations at regular intervals Traps make it possible to react quickly to critical situations Examples of such events are D a hardware reset D changing the basic device configuration D segmentation of a...

Page 167: ...hold fallingAlarm is sent if an RMON alarm input falls below the lower threshold hmPortSecurityTrap is sent if a MAC address is detected at the port which does not correspond to the current settings o...

Page 168: ...you to specify which events trigger an alarm trap and to whom these alarms should be sent V In the IP Address column enter the IP address of a network management station to which the traps should be s...

Page 169: ...ed access attempt see the Access for IP Addresses und Port Security dialog Cold Start The Switch has been switched off Link Down At one port of the Switch the link to the device connected there has be...

Page 170: ...ith the SNTP A media module has been added or removed The AutoConfiguration Adapter ACA has been inserted or removed The value exceeded fell below the temperature threshold Redundancy The status of th...

Page 171: ...the failure of at least one of the two supply voltages or a permanent fault in the Switch internal supply voltage D The temperature threshold has been exceeded or has not been reached D Removing a mo...

Page 172: ...V Select in the frame Monitoring correct operation the events which you want to have monitored V For temperature monitoring set in the Basics System dialog at the end of the system data the temperatu...

Page 173: ...ic L3P Release 3 1 06 07 9 2 Monitoring Device Status 173 V Select the Basics System dialog Fig 53 Device Status display Time of the oldest existing alarm Cause of the oldest existing alarm Symbol ind...

Page 174: ...atus can be masked by the management for each port see Displaying connection error messages on page 70 Link status is not monitored in the delivery condition D HIPER Ring event the loss of redundancy...

Page 175: ...iagnostics Signal Contact 1 2 dialog V Select Manual setting in the Mode Signal Contact frame to switch the contact manually V Select Opened in the Manual setting frame to open the contact V Select Cl...

Page 176: ...ng correct operation in the frame Mode Signal con tact to use the contact for function monitoring V Select in the frame Monitoring correct operation the events which you want to have monitored V For t...

Page 177: ...ption enables you like in the function monitoring to monitor the device status see Monitoring Device Status on page 171 via the signal contact Fig 54 Signal contact dialog Display signal contact statu...

Page 178: ...the Switch with the current configuration The symbols underneath the device view represent the status of the individu al ports Abb 55 Eaxample for a device view Meaning of the symbols The port 10 100...

Page 179: ...Operation Diagnostics Basic L3P Release 3 1 06 07 9 4 Port status indication 179 The port is in autonegotiation mode...

Page 180: ...received Counter Possible Problems Received Fragments The controller of the connected device is faulty Electromagnetic interference is injected into transfer medium CRC error The controller of the co...

Page 181: ...Operation Diagnostics Basic L3P Release 3 1 06 07 9 5 Event counter on port level 181 Fig 56 Port statistic table...

Page 182: ...displayed you can view the current connection to the SFP modules and their properties The properties include D module type D support provided in the media module D temperature in degrees Celsius D tr...

Page 183: ...nce row contains the distance of the port from the cable error Prerequisites for a proper cable diagnosis D 1000BASE T port is connected via an 8 core cable with a 1000BASE T port or D 10BASE T 100BAS...

Page 184: ...e LLDP activated The connection information contains as its most significant element the precise and unique ID of a connection endpoint MSAP MAC Service Access Point This is composed of the MAC addres...

Page 185: ...ut LLDP support drop the LLDP packets Consequently a non LLDP capable device between two LLDP capable devices prevents the exchange of LLDP infor mation To avoid this Hirschmann Switch send additional...

Page 186: ...s you the possibility to switch on off the function for topology discovery LLDP The topology table shows you the selected information to neighbour devices The option View LLDP entries exclusively allo...

Page 187: ...discovery function are connected to a port the topology table hides the devices without ac tive topology discovery If D only devices without active topology discovery are connected to a port the tabl...

Page 188: ...n has been made to a network or after an IP address has been configured the switch checks immediately if the IP address already exists within the network If the IP address already exists the switch wi...

Page 189: ...ee Tab 16 on page 188 V Select the dialog Diagnostics IP Address Conflict Detection V This dialog logs the IP address conflicts which the Switch detects if it detects a conflict with its IP address Fo...

Page 190: ...Operation Diagnostics 190 9 9 IP Address Conflict Detection Basic L3P Release 3 1 06 07 Fig 59 IP address conflict detection...

Page 191: ...a data sheet in the XML format that has been standardized by IAONA Industrial Automation Open Networking Alliance Among other data it contains security related information on the accessible ports and...

Page 192: ...1 159 514 3 logging syslog ex show logging hosts Switch to the privilege EXEC mode Switch to the configuration mode Select the receiver of the log message and its port 514 The 3 indicates the importan...

Page 193: ...connected to the destination port such as an RMON probe can thus observe the data traffic at the source port The destination port forwards data to be sent and blocks received data Fig 60 Port Mirrori...

Page 194: ...ase 3 1 06 07 V Select enabled to enable the function The Delete button in the dialog allows you to restore all the default port mirroring settings state on delivery Note In active port mirroring the...

Page 195: ...Setting up the configuration Basic L3P Release 3 1 06 07 195 Apendix A Setting up the configuration environment...

Page 196: ...and then decide whether you want to purchase a license V To install the DHCP server on your PC insert the CD ROM into the CD drive of your PC and under Additional Software select haneWIN DHCP Server T...

Page 197: ...he menu bar Options Preferences and select the DHCP tab page Enter the settings shown in the illustration and click on OK Fig 63 DHCP setting V To enter the configuration profiles select manage in the...

Page 198: ...7 V Enter the network mask and click on Accept Fig 65 Network mask in the configuration profile V Select the Boot tab page V Enter the IP address of your tftp server V Enter the path and the file name...

Page 199: ...device type If devices of the same type have different configurations then you add a profile for each configuration To complete the addition of the configuration profiles click on OK Fig 67 Managing...

Page 200: ...erver Basic L3P Release 3 1 06 07 V Click on New Fig 69 Adding static addresses V Enter the MAC address of the switch V Enter the IP address of the switch V Select the configuration profile of the swi...

Page 201: ...ting up the configuration Basic L3P Release 3 1 06 07 A 1 Setting up DHCP BOOTP Server 201 V Add an entry for each device that will get its parameters from the DHCP server Fig 71 DHCP server with entr...

Page 202: ...on and then decide whether you want to purchase a license V To install the DHCP server on your PC insert the CD ROM into the CD drive of your PC and under Additional Software select haneWIN DHCP Serve...

Page 203: ...rver Option 82 203 V Select static Fig 73 Static address input V Open the window for the program settings in the menu bar Options Preferences and select the DHCP tab page V Select the DHCP tab page En...

Page 204: ...2 Setting up DHCP Server Option 82 Basic L3P Release 3 1 06 07 V To enter the static addresses click on Add Fig 75 Adding static addresses V Select Circuit Identifier and Remote Identifier Fig 76 Def...

Page 205: ...smmpprirlxxxxxxxxxxxx D ci sub identifier for the type of the circuit ID D cl length of the circuit ID D hh Hirschmann identifier 01 if a Hirschmann switch is connected to the port otherwise 00 D vvvv...

Page 206: ...etting up DHCP Server Option 82 Basic L3P Release 3 1 06 07 Fig 78 Application example of using Option 82 PLC Switch Option 82 IP 149 218 112 100 IP 149 218 112 100 MAC address 00 80 63 10 9a d7 DHCP...

Page 207: ...ou having to configure the tftp server The Switch requires the following information to be able to make a software update from the tftp server D its own IP address entered permanently D the IP address...

Page 208: ...t check whether the tftp daemon background process is running i e whether the file etc inetd conf contains the following line see Fig 79 and whether the status of this process is IW SunOS tftp dgram u...

Page 209: ...h it is actually running Special steps for HP workstations V During installation on an HP workstation enter the user tftp in the etc passwd file For example tftp 510 20 tftp server usr tftpdir bin fal...

Page 210: ...the file etc inetd conf No Delete the comment character from this line Yes Re initialize inetd conf by entering kill 1 PID Is tftp commented out tftp dgram udp wait root usr etc in tftpd in tftpd tft...

Page 211: ...tch software has been installed the tftp server should have the following directory structure with the stated access rights d directory r read w write x execute 1st position designates d directory 2nd...

Page 212: ...is located on the product CD V Start the program by double clicking V In the main window of the program within the Parameter frame select the type SSH 1 RSA V In the Actions frame click Generate Move...

Page 213: ...07 A 4 Preparing for access via SSH 213 Fig 80 PuTTY key generator The OpenSSH Suite offers experienced network administrators a further option of generating the key To generate the key enter the fol...

Page 214: ...he command no ip ssh deactivate the SSH function on the Switch before you transfer the key to the Switch V With the command copy tftp 149 218 112 159 switch rsa1 key nvram sshkey rsa1 the Switch loads...

Page 215: ...nnection to your Switch It may take up to a minute to set up a connection depending on the Switch and the time at which SSH was configured Shortly before the connection is setup PuTTY will display a s...

Page 216: ...in the Category frame before you set up a connection in PuTTY In the Encryption options frame select DES and then click Up until Des is above the line warn below here In the Category frame go back to...

Page 217: ...General Information Basic L3P Release 3 1 06 07 217 Appendix B General Information...

Page 218: ...ion with its comprehensive spectrum of innovative services D Consulting incorporates comprehensive technical advice from system evaluation through network planning to project planning D Training offer...

Page 219: ...can be found at the Hirschmann Website www hirschmann com Under Products Support inside Automation and Network Soluti ons is located on the pages Products the area FAQ For detailed information on all...

Page 220: ...ject ID OID identifies the object class The subidentifier SID is used for instantiation Example The generic object class hmPSState OID 1 3 6 1 4 1 248 14 1 2 1 3 is the description of the abstract inf...

Page 221: ...decimal number in accordance with ISO IEC 8802 3 Object Identifier x x x x e g 1 3 6 1 1 4 1 248 Octet String ASCII character string PSID Power Supply Identification number of the power supply unit Ti...

Page 222: ...MIB can be found on the CD ROM that is included with the device 1 internet 1 iso 3 org 6 dod 2 mgmt 1 enterprises 248 hirschmann 4 private 3 modules 10 Framework 6 snmp V2 1 mib 2 4 ip 2 interfaces 1...

Page 223: ...anagement Protocol IP Internet Protocoll LED Light Emitting Diode LLDP Link Layer Discovery Protocoll LWL Lichtwellenleiter MAC Media Access Control NTP Network Time Protocol PC Personal Computer PTP...

Page 224: ...ed SNMP v2 D RFC 1905 Protocol Operations for SNMP v2 D RFC 1906 Transport Mappings for SNMP v2 D RFC 1907 Management Information Base for SNMP v2 D RFC 1908 Coexistence between SNMP v1 and SNMP v2 D...

Page 225: ...2 D RFC 2580 Conformance statements for SMI v2 D RFC 2613 SMON D RFC 2618 RADIUS Authentication Client MIB D RFC 2620 RADIUS Accounting MIB D RFC 2674 Dot1p Q D RFC 2818 HTTP over TLS D RFC 2851 Inter...

Page 226: ...AC bridges includes IEEE 802 1p Priority and Dynamic Multi cast Filtering GARP GMRP D IEEE 802 1 Q 1998 Virtual Bridged Local Area Networks VLAN Tagging Port Based VLANs GVRP D IEEE 802 1 w 2001 Rapid...

Page 227: ...of VLANs max 256 simultaneously per switch max 256 simultaneously per port Number of VLANs with GMRP in VLAN 1 max 256 simultaneously per switch in VLAN 1 max 256 simultaneously per port U Access Cont...

Page 228: ...the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies...

Page 229: ...that will ensure trouble free operation Your comments and suggestions help us to further improve the quality of our documentation Your assessment of this manual excellent good satisfactory mediocre p...

Page 230: ...l information General comments Company Department Name Telephone number Street Zip code City Date Signature Dear User Please fill out and return this page by fax to the number 49 0 7127 14 1798 or by...

Page 231: ...ata 39 46 54 57 Configuration modifications 166 Coupling 170 D Destination address 124 125 Destination address field 122 Destination port 193 Device state 171 DHCP 25 33 DHCP client 43 DHCP Option 82...

Page 232: ...ID 220 Option 82 26 46 202 Ordinary clock 113 Overload protection 149 P Password 20 74 75 PHB 140 PHY layer 112 Polling 166 Port Configuration 69 Port Mirroring 193 Port priority 145 Port Security 86...

Page 233: ...gy 46 ToS 135 139 140 TP cable diagnosis 183 Traffic classes 135 Traffic Shaping 144 147 Transmission security 166 Trap 85 166 168 Trap destination table 166 Trivial File Transfer Protocol 207 trust d...

Page 234: ...Index 234 Basic L3P Release 3 1 06 07...

Page 235: ......

Page 236: ......

Reviews:

No comments

Brands by name

Popular brands

Load more brands