background image

Max. Age _ 2 x (Hello Time + 1 second) 

Port Priority

 – A Port Priority can be from 0 to 255. The lower the number, the greater the probability the port will 

be chosen as the Root Port. 

Port Cost

 – A Port Cost can be set from 0 to 65535. The lower the number, the greater the probability the port will 

be chosen to forward packets. 

3. Illustration of STP 

A simple illustration of three switches connected in a loop is depicted in Figure 5-7. In this example, you can 

anticipate some major network problems if the STP assistance is not applied. If switch A broadcasts a packet to 

switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to switch A ... and so on. The 

broadcast packet will be passed indefinitely in a loop, potentially causing a network failure. In this example, STP 

breaks the loop by blocking the connection between switch B and C. The decision to block a particular connection 

is based on the STP calculation of the most current Bridge and Port settings. Now, if switch A broadcasts a packet 

to switch C, then switch C will drop the packet at port 2 and the broadcast will end there. Setting-up STP using 

values other than the defaults, can be complex. Therefore, you are advised to keep the default factory settings and 

STP will automatically assign root bridges/ports and block loop connections. Influencing STP to choose a 

particular switch as the root bridge using the Priority setting, or influencing STP to choose a particular port to block 

using the Port Priority and Port Cost settings is, however, relatively straight forward. 

Bridge ID = 15

Port 3

Port 1

Port 2

A

Bridge ID = 20

Port 1

Port 2

Port 3

C

Bridge ID = 30

Port 1

Port 2

Port 3

B

 LAN 1 

 LAN 2 

 LAN 3 

 Portcast = 19 

Portcast = 19

Portcast = 19

Portcast = 4

Portcast = 4

Portcast = 19

Portcast = 4

Portcast = 4

 

Before Applying the STA Rules 

In this example, only the default STP values are used. 

Summary of Contents for WGD-800

Page 1: ...User s Manual WGD 800 8 Port 10 100Mbps Managed Ethernet Switch...

Page 2: ...sleading or incomplete we would appreciate your comments and suggestions FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15...

Page 3: ...2 Rack Mounting 11 3 CONSOLE MANAGEMENT 12 3 1 CONNECTING TO THE SWITCH 12 3 2 LOGIN IN THE CONSOLE INTERFACE 12 3 3 CONSOLE MANAGEMENT 13 3 4 TELNET LOGIN 14 3 5 COMMANDS 14 3 5 1 First level command...

Page 4: ...5 MAC Address Aging Time 53 4 7 6 802 1X Port Based Network Access Control 54 4 8 QOS 67 4 8 1 Understand QOS 67 4 8 2 QOS Configuration 68 4 9 MULTICAST 73 4 9 1 IGMP Snooping 73 4 9 2 Static Routing...

Page 5: ...6 2 100BASE TX 10BASE T PIN ASSIGNMENTS 86 7 APPENDIX B 87 802 1Q VLAN MULTI UNTAGGED VLAN SETTING SAMPLE 1 87...

Page 6: ...INSTALLATION The chapter explains the functions of the Switch and how to physically install the Switch Chapter 3 CONSOLE MANAGEMENT The chapter explains how to manage the switch by Console interface C...

Page 7: ...ecification Hardware Specification Network Connector 8 Port RJ 45 for 10 100Base TX RS 232 connector One RS 232 DB 9 male connector for switch management Switch architecture Store and forward switch a...

Page 8: ...terprise private MIB Standard Compliance Network Standard IEEE802 3 10Base T IEEE802 3u 100Base TX IEEE802 3x Flow Control and Back pressure IEEE802 3ad Port trunk with LACP IEEE802 1d Spanning tree p...

Page 9: ...ing to enhance security and bandwidth utilization With its built in web based management the PLANET WSD 800 offers an easy to use platform independent management and configuration facility The PLANET...

Page 10: ...itch on desktop or shelf please follows these steps Step1 Attach the rubber feet to the recessed areas on the bottom of the switch Step2 Place the switch on the desktop or the shelf near an AC power s...

Page 11: ...ide of the switch Figure 2 5 Attach brackets to the switch Caution You must use the screws supplied with the mounting brackets Damage caused to the parts by using incorrect screws would invalidate the...

Page 12: ...r remote terminal as if the console terminal were directly connected to it 3 2 Login in the Console Interface When the connection between Switch and PC is ready turn on the PC and run a terminal emula...

Page 13: ...nd the system asks for password please enter admin for the default password As shows in the following screen Console login screen 3 3 Console Management Entering a question mark at the prompt displays...

Page 14: ...w dot1x local user information show dot1x state Show dot1x information show igmp snooping group number show igmp snooping group limit show igmp snooping group policy Show igmp snooping group policy sh...

Page 15: ...nning tree information show syntax Show basic help infomation show system Show system information show trunk Show trunk information show version Get last software version show vlan Show vlan informati...

Page 16: ...trap management host clear spantree root Restore spanning tree parameters clear trunk Clear trunk port from vlans clear vlan Clear member from vlan copy config flash Copy system configuration paramete...

Page 17: ...th mode set dot1x auth ctrl disable Disable dot1x set dot1x auth ctrl enable Enable dot1x set dot1x local userInfo Set dot1x local user information set dot1x max req Max times of re transmit EAP reque...

Page 18: ...Capture egress traffic set mirror monitored port ingress Capture ingress traffic set multicast router Set multicst router port set password Set the password for telnet set port disable Disable a port...

Page 19: ...snmp trap Set snmp trap receive host set spantree disable Disable spanning tree set spantree enable Enable spaning tree set spantree fwddelay Set the forward delay for the spanning tree set spantree...

Page 20: ...n show ip telnet server Show telnet server information show ipstack info Show ipstack info show mirror Show mirror information show multicast router Show multicast router port information show port co...

Page 21: ...Show snmp information show snmp rmon Show snmp rmon state show spantree Show spanning tree information show syntax Show basic help infomation show system Show system information show trunk Show trunk...

Page 22: ...has to explicitly modify the browser setting to enable Java Applets to use network ports 4 2 Preparing for Web Management Before use web management you can use console to login the Switch checking th...

Page 23: ...tch The default IP address of the switch is 192 168 0 100 You can change the IP address to be in the same IP segment as your LAN network for convinence To change the IP address click on the System IP...

Page 24: ...ast CPUs megapixel color displays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elem...

Page 25: ...turn on SNMP Agent Enabled Disabled To turn on or turn off the SNMP function on the Switch 2 System Options This table is to define the system name system location and the contact person of the switc...

Page 26: ...acteristics can be associated with the community string Add Community enter private or public Chooses community strings for the Switch management access read only or read write Read only Enables reque...

Page 27: ...ement stations IP address 192 168 0 53 for example Trap Community must be the same string as Add community Then click on Add button The Current Management Stations field shows the trap list 4 4 3 Pass...

Page 28: ...web 4 4 5 System Upgrade This function allows performing firmware update from the web interface Click on the System System Upgrade menu button and the following table shows in the main page of the web...

Page 29: ...he following 4 4 7 Parameters Backup Recovery This function is to backup the running configuration to the workstation and to restore the configuration you had saved in the workstation Click on the Sys...

Page 30: ...anagement status port negotiation mode and the port flow control function Management Status Display port status Enable or Disable Disable is to turn off the port Link Status Up to indicate the port is...

Page 31: ...he function provides the In Band and Out Band connection speed restriction on the ports The Band of the connection speed rangs from 64Kbps to 80000Kbps Ingress Port List Egress Port List field can be...

Page 32: ...ws for the duplicate links to be used in the event of a failure of the primary link Once the Spanning Tree Protocol is configured and enabled primary links are established and duplicated links are blo...

Page 33: ...the frame to calculate a BPDU and if the topology changes initiates a BPDU transmission The communication between switches via BPDUs results in the following One switch is elected as the root switch...

Page 34: ...packets that may tell the port to go back to the blocking state Learning the port is adding addresses to its forwarding database but not yet forwarding packets Forwarding the port is forwarding packe...

Page 35: ...the switch level Parameter Description Default Value Bridge Identifier Not user configurable except by setting priority below A combination of the User set priority and the switch s MAC address The B...

Page 36: ...lo Time The Hello Time can be from 1 to 10 seconds This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge I...

Page 37: ...ction between switch B and C The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings Now if switch A broadcasts a packet to switch C...

Page 38: ...m the default to ensure that the link between switch B and switch C is the blocked link 4 6 2 Spanning Tree Configuration The Spanning Tree Protocol STP operates on two levels On the switch level the...

Page 39: ...d to a PC Print Server IP camera or any other network end node device Since end nodes cannot cause forwarding loops they can pass directly through to the spanning tree forwarding state There are two s...

Page 40: ...k LACP operation requires full duplex mode more detail information refer to the IEEE 802 3ad standard Link aggregation can be used to increase the bandwidth of a network connection or to ensure fault...

Page 41: ...critical data over congested networks The quality of applications that are dependent on such time critical data such as video conferencing can be severely and adversely affected by even very small de...

Page 42: ...a logical scheme rather than the physical layout VLAN can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLAN also logically segment the...

Page 43: ...liver packets between stations that are members of the VLAN Any port can be configured as either tagging or untagging The untagging feature of IEEE 802 1Q VLAN allows VLAN to work with legacy switches...

Page 44: ...g an IEEE802 1Q Tag Dest Addr Src Addr Length E type Data Old CRC Dest Addr Src Addr E type Tag Length E type Data New CRC Priority CFI VLAN ID New Tagged Packet Original Ethernet Port VLAN ID Packets...

Page 45: ...he Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to the default As new VLAN are configured in Port based mode their respective m...

Page 46: ...he VLAN 5 Select the ports in the Port List field and click on the Add button to add the member ports to the VLAN The selected VLAN member then shows in the VLAN Member field 6 Click on the Close butt...

Page 47: ...an 802 1Q compliant network device to a non compliant network device Frame Income Frame Leave Income Frame is tagged Income Frame is untagged Leave port is tagged Frame remains tagged Tag is inserted...

Page 48: ...ul for accommodating devices that you want to participate in the VLAN but that don t support tagging The Switch allows each port to set one PVID the range is 1 255 default PVID is 1 The PVID must be t...

Page 49: ...assigned to more than one VLAN group 4 Define the PVID for the port Set the port VLAN ID that will be assigned to untagged traffic on a given port This feature is useful for accommodating devices that...

Page 50: ...02 1Q main page 5 5 Click on the Show VLAN Members button to show the VLAN members 5 6 As shows in the following screen 4 7 2 MAC Address Bind This function is based upon for the switch security When...

Page 51: ...d 2 Click on the Add button 3 To remove the MAC Address binded by the port Simply click on the Delete button of the MAC Address in the Show MAC Address Table 4 7 3 MAC Address Filtering MAC address fi...

Page 52: ...ddress Learning The switch is able to disable MAC Address learning function on ports 1 Fill the Port List field in the MAC Address Learning table and select Enable Disable in the MAC Address Learning...

Page 53: ...that are out of date or no longer exist This may cause incorrect packet forward indecisions by the Switch If the Aging Time is too short however many entries may be aged out too soon This will result...

Page 54: ...ion Protocol over LAN EAPOL traffic through the port to which the client is connected After authentication is successful normal traffic can pass through the port This section includes this conceptual...

Page 55: ...on server When the switch receives EAPOL frames and relays them to the authentication server the Ethernet header is stripped and the remaining EAP frame is re encapsulated in the RADIUS format The EAP...

Page 56: ...thorized For more information see the Ports in Authorized and Unauthorized States section The specific exchange of EAP frames depends on the authentication method being used Figure 2 43 shows a messag...

Page 57: ...ort is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication server the port state changes to authorized and all frames from the authenti...

Page 58: ...te In this situation do not need Radius server in the network all authentication completed by 802 1x Switch the normal topologies as below 1 Enter 802 1X Port Status Configuration there are 3 Authenti...

Page 59: ...on services to the client through the interface Maximum account number the biggest user s quantity of passing authentication under this port set 1 Only one user can pass this authentication The second...

Page 60: ...Radius Server In this situation need a Radius server in the network the normal topologies as below 1 Select the Radius Server mode 2 The RADIUS Server configuration table includes the following fields...

Page 61: ...ing server The valid range is 0 65535 The default UDP Port No is 1813 Share Key Indicates if the shared secret for this server has been configured 3 Setup the RADIUS server and assign the client IP ad...

Page 62: ...Force Authorized if the port is connected to the RADIUS server or the port is a uplink port that is connected to another switch Or once the 802 1X stat to work the switch might not be able to access...

Page 63: ...Server PC For example the Radius Server founded on Win2000 Server and then Enter Active Directory Users and Computers create legal user data the next right click a user what you created to enter prope...

Page 64: ...n in Windows XP Please note that if you want to change the 802 1x authentication type of a wireless client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from...

Page 65: ...using IEEE 802 1X to enable 802 1x authentication 6 Select MD 5 Challenge from the drop down list box for EAP type 7 Click OK 8 When wireless client has associated with WGSW 2840 5240 a user authentic...

Page 66: ...9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process...

Page 67: ...unt of traffic grows Reduce the need to constantly add bandwidth to the network Manage network congestion QoS Terminology Classifier classifies the traffic on the network Traffic classifications are d...

Page 68: ...ices a tag inserted into the packet header is used to identify the priority level of data packets The Switch supports four kinds of Traffic classifiers 802 1P Port MAC VLANs and four queues NOTE COS P...

Page 69: ...Traffic classifiers 1 Fill the VID 1 2094 field in the VLAN CoS Mapping Table 2 Fill the mapping number in the CoS 0 7 field 3 Click on the OK button to save 4 To remove the VLAN CoS mapping item sim...

Page 70: ...802 1p Priority specification uses 8 priority levels to classify data packets In 802 1p compliant devices a tag inserted into the packet header is used to identify the priority level of data packets...

Page 71: ...g 1 3 7 field in the port based QoS Configuration Table 2 Fill the mapping number in the CoS 0 7 field 3 Click on the OK button to save 5 COS Queue Mapping 1 Fill the CoS 0 7 field in the CoS Queue M...

Page 72: ...ue Weighted Round Robin WRR and Always Hight To configure Queue Rule select the Queue Policy drop down menu in the Queue Rule Configuration table And Click on the OK button to save If the WRR was chos...

Page 73: ...t work If there are no members on a sub network packets will not be forwarded to that sub network IGMP Versions 1 and 2 Multicast groups allow members to join or leave at any time IGMP provides the me...

Page 74: ...ies will not be forwarded to other sub networks IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN an explicit leave message and query messages that...

Page 75: ...his fill the Port List field and the VID field for the static routing and click on the Add button to save 4 10 Port Analysis 4 10 1 Port Analysis This function shows the statistical information of eac...

Page 76: ...r it if necessary Configuring the port mirroring by assigning a source port from which to copy all packets and a sniffer port where those packets will be sent Capture Port Use this option to select th...

Page 77: ...e web main page then shows the Strom Restricting function table 1 Fill the Port List field in the Broadcast Storm Restricting table select the type in the Restricting Type drop down menu and enter the...

Page 78: ...to identify the roles of the stackable switches the Master mode and Client mode At a IP stacking group domain there is only one Master switch and many Client switches If there re more than one switch...

Page 79: ...p If not the switches will not be the IP Stack group members System priority If there re more than one switch be configured to the Master mode the it will depends on the System Priority to elect a act...

Page 80: ...assigned to the same IP Stack group 4 Modify the System priority and Stack name if necessary At this sample we change the Stack name of the Master to Switch 1 5 Click OK if the configuration is down...

Page 81: ...group 9 Modify the System priority and Stack name if necessary At this sample we change the Stack name of the Client to Switch 2 10 Click OK if the configuration is down 11 Please use a UTP cable to u...

Page 82: ...go to system and choose Saving parameters to save current configuration The following screen appears NOTE Please do not assign role for whole stack member Switch as client it cannot detect the Master...

Page 83: ...e T network installation 5 1 3 Improper Network Topologies It is important to make sure that you have a valid network topology Common topology faults include excessive cable length and too many repeat...

Page 84: ...Category 3 4 or 5 cable for 10Mbps connections or 100 Category 5 cable for 100Mbps connections Also be sure that the length of any twisted pair connection does not exceed 100 meters 328 feet...

Page 85: ...ed to connect to the serial port are provided in the following tables DB 9 Console Port Pin Numbers DB 9 Port Pin Assignments EIA Circuit CCITT Signal Description Switch s DB9 DTE Pin PC DB9 DTE Pin B...

Page 86: ...s that make up each wire pair All ports on this switch support automatic MDI MDI X operation you can use straight through cables for all network connections to PCs or servers or to other switches or h...

Page 87: ...to access the same server AP Printer But the two VLAN groups are separated and can t access to each other The graphic in Figure 7 1 appears Figure 7 1 Overlap VLAN graphic The next will be a configure...

Page 88: ...er then click on the port For this case we set the Port 1 to be the multiple untagged port The screen in Figure 7 3 appears 4 At the Link Type select Always Untag at the draw bar Click OK to apply Fig...

Page 89: ...ss close to back to the 802 1Q VLAN main screen And check if the setting be applied to Port 1 at the Egress Policy column The screen in Figure 7 5 appears Figure 7 5 Port 1 VLA N status 8 Assign the V...

Page 90: ...as the screen in Figure 7 6 appears Figure 7 6 Port 1 Port 2 and Port 3 VLAN configuration Although Port 2 and Port 3 are VLAN 1 members with different PVID setting the two ports are not able to acce...

Reviews: