background image

-51- 

4.20 TCP/UDP Filter 

Содержание KFS-2621

Страница 1: ... 1 KFS 2621 Web Smart 24 Port 10 100 Fast Ethernet Switch with 2 Gigabit Combo Ports User s Manual DOC 091229 ...

Страница 2: ...rves the right to revise this documentation and to make changes in content from time to time without obligation on the part of KTI Networks Inc to provide notification of such revision or change For more information contact United States KTI Networks Inc P O BOX 631008 Houston Texas 77263 1008 Phone 713 2663891 Fax 713 2663893 E mail kti ktinet com URL http www ktinet com International Fax 886 2 2...

Страница 3: ...t accept any interference received including the interference that may cause undesired operation CE NOTICE Marking by the symbol indicates compliance of this equipment to the EMC directive of the European Community Such marking is indicative that this equipment meets or exceeds the following technical standards EMC Class A EN55022 2006 EN61000 3 2 2006 EN61000 3 3 1995 A1 2001 A2 2005 Class A EN 5...

Страница 4: ...nd Configuring IP Address 18 3 1 Making UTP Connections 18 3 2 Making Fiber Connection 19 3 3 LED Indication 21 3 4 Configuring IP Address and Password for the Switch 22 4 Web Management 23 4 1 Abbreviation 23 4 2 Web Interface 24 4 3 Start Browser Software and Making Connection 24 4 4 Login to the Switch Unit 24 4 5 Main Management Menu 25 4 6 System Configuration 27 4 7 Port Configuration 29 4 8...

Страница 5: ...t 802 1p IP DS Based 45 4 18 Priority Classification TCP UDP Port Based 47 4 19 MAC Address Binding 49 4 20 TCP UDP Filter 51 4 21 STP Bridge Settings 53 4 22 STP Port Settings 54 4 23 Link Aggregation 57 4 24 Miscellaneous Settings 59 4 25 Port Counter 61 4 26 Backup Recovery 63 4 27 Reboot System 63 4 28 Restore Default 64 4 29 Update Firmware 64 4 30 Logout 66 Appendix Factory Default Settings ...

Страница 6: ... which can detect the connected cable and switch the transmission wire pair and receiving pair automatically This auto crossover function can simplify the type of network cables used Gigabit Ethernet Connectivity Two Gigabit combo ports are provided in the switch The combo port provides one 10 100 1000Mbps RJ 45 for connecting to Gigabit copper device and one 1000M SFP slot which can be installed ...

Страница 7: ...ority policies can be configured for egress operation in per port basis Virtual LAN VLAN For increasing Tagged VLAN applications the switch is also featured with powerful VLAN function to fulfill the up to date VLAN requirements The switch supports both port based VLAN and tagged VLAN in per port basis AC DC Power Options In addition to standard AC power input the switches provide DC options for a...

Страница 8: ...f learning for active MAC addresses up to 4K entries z Provide in band web based management interface z Provide port status statistic monitoring and control function z Provide port bandwidth control function z Provide static and LACP port link aggregation function z Support port based and 802 1Q Tag based VLAN z Provide QoS function z Provide IGMP snooping function z Support 802 1w RSTP and 802 1D...

Страница 9: ... 9 1 2 Product Panels The following figure illustrates the front panel and rear panel of the switch Front panel Rear panel AC power model Rear panel DC power model ...

Страница 10: ... 3 10Base T IEEE 802 3u 100Base TX Connectors Shielded RJ 45 jacks Pin assignments Auto MDI MDI X detection Configuration Auto negotiation or software control Transmission rate 10Mbps 100Mbps Duplex support Full Half duplex Network cable Cat 5 UTP Combo Port 25 26 with 10 100 1000 RJ 45 and 1000Mbps SFP 10 100 1000 Copper Port Interface Compliance IEEE 802 3 10Base T IEEE 802 3u 100Base TX IEEE 80...

Страница 11: ...N QoS function Port based 802 1p based IP DS based Port control Port configuration control via software management Storm control Broadcast storm protection control via software management Aggregation Link aggregation or called port trunking Port Mirroring Mirror received frames to a sniffer port IGMP Snooping IGMP snooping configuration Software Management Functions Interfaces Web browser Manageme...

Страница 12: ...ed metal Mounting Desktop mounting 19 rack mounting Environmental Operating Temperature Typical 20o C 60o C Storage Temperature 30o C 85o C Relative Humidity 10 90 non condensing Electrical Approvals FCC Part 15 rule Class A CE EMC CISPR22 Class A Safety LVD IEC60950 1 ...

Страница 13: ...of the following conditions occur unplug the product from the electrical outlet and replace the part or contact your trained service provider The power cable extension cable or plug is damaged An object has fallen into the product The product has been exposed to water The product has been dropped or damaged The product does not operate correctly when you follow the operating instructions z Do not ...

Страница 14: ...vice Do not place heavy objects on the device Rack Mounting Two 19 inch rack mounting brackets are supplied with the switch for 19 inch rack mounting The steps to mount the switch onto a 19 inch rack are 1 Turn the power to the switch off 2 Install two brackets with supplied screws onto the switch as shown in above figure 2 Mount the switch onto 19 inch rack with rack screws securely ...

Страница 15: ... 15 3 Turn the power to the switch on ...

Страница 16: ... is OFF and the AC power to the power cord is turned off AC power input specifications Connector IEC320 type Power Rating 100 240VAC 50 60Hz Voltage Range 90 264VAC Frequency 47 63 Hz Power Consumption 20W max 2 5 DC Power Supply If the purchased switch is with DC power input the power connector is shown below DC power input specifications Receptacle Screw type terminal block Operating Voltages 36...

Страница 17: ...ul to push the button to reset the switch without turning off the power Check whether the network is recovered The button can also be used to restore the software configuration settings to factory default values The operations are Operation Function Press the button more than ˇ seconds when power up Restore factory default settings Press the button and release during switch operation Reboot the sw...

Страница 18: ...hemselves to match the rule for MDI to MDI X connection It simplifies the cable installation Auto negotiation Function The ports are featured with auto negotiation function and full capability to support connection to any Ethernet devices The port performs a negotiation process for the speed and duplex configuration with the connected device automatically when each time a link is being established...

Страница 19: ...d when it is shipped Installing SFP Fiber Transceiver To install an SFP fiber transceiver into SFP slot the steps are 1 Turn off the power to the switch 2 Insert the SFP fiber transceiver into the SFP slot Normally a bail is provided for every SFP transceiver Hold the bail and make insertion 3 Until the SFP transceiver is seated securely in the slot place the bail in lock position ...

Страница 20: ... figure illustrates a connection example between two fiber ports Make sure the Rx to Tx connection rule is followed on the both ends of the fiber cable Network Cables Multimode MMF 50 125Pm 62 5 125 Pm Single mode SMF 9 125 Pm Fiber Port Configuration For 1000M fiber application on Port 25 and Port 26 just leave the default port configuration Auto for fiber connection ...

Страница 21: ... switch is in initialization and diagnostics BLINK The switch is initialized completely with diagnostic error ON The switch is initialized completely and normal P1 P24 LINK Act Port link status ON P1 P24 copper port link is established No traffic Green BLINK Port link is up and there is traffic OFF Port link is down 100M Port speed status ON P1 P24 copper port 100Mbps is selected Yellow OFF P1 P24...

Страница 22: ...ch The switch is shipped with the following factory default settings for software management Default IP address of the switch 192 168 0 2 255 255 255 0 The IP Address is an identification of the switch in a TCP IP network Each switch should be designated a new and unique IP address in the network Refer to Web management interface for System Configuration The switch is shipped with factory default ...

Страница 23: ...ifferentiated Service Code Point 6 bit value field in an IP packet VLAN Table lookup The process of searching VLAN table to find a VLAN which matches the given VID index MAC address table lookup The process of searching MAC address table to find a MAC entry which matches the given destination MAC address and the port where the MAC address is located Packet forwarding also known as packet switching...

Страница 24: ...ter the IP address of the switch unit to which you want to connect The IP address is used as URL for the browser software to search the device URL http xxx xxx xxx xxx Factory default IP address 192 168 0 2 4 4 Login to the Switch Unit When browser software connects to the switch unit successfully a Login screen is provided for you to login to the device as the display below The switch accepts one...

Страница 25: ... 25 System Configuration is displayed after a successful login 4 5 Main Management Menu ...

Страница 26: ...Based TCP UDP port number based QoS control MAC Address Binding Static MAC address configuration associated to each port TCP UDP Filter TCP UDP protocol based filtering STP Bridge Settings STP RSTP bridge configuration STP Port Settings STP RSTP per port configuration Link Aggregation Port link aggregation port trunk related configuration Miscellaneous Configurations of Packet aging time IGMP snoo...

Страница 27: ... 27 4 6 System Configuration ...

Страница 28: ...tion where this switch unit is located IP Address Configured IP address for the switch management Subnet Mask Configured subnet mask for IP address for the switch management Default Gateway Configured gateway IP address for the switch management IP Configuration Mode Static Use the above configured IP settings DHCP 2 Use DHCP to get dynamic IP address configuration for the switch Apply Click to ap...

Страница 29: ... 29 4 7 Port Configuration ...

Страница 30: ... control Addr Learning Enable enable port auto address learning Disable disable port auto address learning Select Port No v Select the port numbers to use the above port configuration settings Apply Click to apply the configuration change Current Status Function Link Down port link down 100FDX 100M Full duplex 100HDX 100M Half duplex 10FDX 10M Full duplex 10HDX 10M Half duplex 1000FDX 1000M Full d...

Страница 31: ...port mirroring function Rx received packets on the source ports are mirrored Tx transmitted packets on the source ports are mirrored Rx Tx all packets on the source ports are mirrored Source Port Select the ports which will be mirrored all received packets to the destination ports Apply Click to apply the configuration change Note 1 This port mirroring function supports multi ports to multi ports ...

Страница 32: ... 32 4 9 Bandwidth Control ...

Страница 33: ...26 Port Rate Bandwidth Rate value 2048Kbps Apply Click to apply the configuration change Refresh Click to refresh the port rate display LoadDefault Click to use the default configuration for all ports Status Description Link Speed The port link speed 10Mbps 100Mbps 1000Mbps Note 1 Rate value 0 means full speed for Tx Rx 2 Port 1 Port 24 Link speed 10M with high rate base Valid rate value 1 39 3 Po...

Страница 34: ...ackets received on the port exceeds a threshold in a time slot Time slot 50Ps for 1000Mbps 500Ps for 100Mbps 5000Ps for 10Mbps 1 63 Enable Port v Select the ports to be configured Remark As the function is enabled the incoming broadcast packets are dropped when the number of received broadcast packets exceeds the threshold in the time slot ...

Страница 35: ... 35 4 11 VLAN Mode Current VLAN mode Port Based Current VLAN mode Tag Based ...

Страница 36: ...tion enabled Add Tag Packet type received on the ingress port Packet output on the egress port with Add Tag Untagged packet Insert the PVID tag of the ingress port Priority tagged packet VID 0 Replace the tag with the PVID tag of the ingress port Priority field not changed Tagged packet No modification 2 Port Un tagging function enabled Remove Tag Packet type received on the ingress port Packet ou...

Страница 37: ...egress ports for the above specified ingress port Apply Click to apply the configuration change LoadDefault Click to use default setting values Remark 1 In port based VLAN mode the packets received on one ingress port can only be forwarded to the ports among the allowed egress ports associated to the ingress port 2 The default setting is that every port is allowed to forward packets to any ports 3...

Страница 38: ... 38 ...

Страница 39: ...1 32 N VLAN Group N VID VLAN ID of the VLAN group 1 4094 Member port Select the member ports of the VLAN group Default VLAN Index Index to the default VLAN group associated to the port 1 32 N VLAN Group N Apply Click to apply the configuration change LoadDefault Click to use default setting values ...

Страница 40: ...ket Use ingress port s default VLAN index pointing to the VLAN group to be used Priority tagged packet VID 0 Use ingress port s default VLAN index pointing to the VLAN group to be used Tagged packet Use the embedded VID in tag data of the packet to find a matched VLAN group within VLAN Group1 Group32 2 The default member ports and VID of all 32 VLAN groups are displayed as follows ...

Страница 41: ...port of a received packet must be the member port of the matched VLAN Otherwise the packet is dropped If any VLAN uplink ports are set the packet is forwarded to the unlink ports instead Refer to Section Miscellaneous VLAN Uplink for more details ...

Страница 42: ...ombing the joint port becomes an individual 2 port VLAN group logically The joint port is the common port for all groups 2 Each of all ports except the joint port can only forward packets to the joint port 3 The point port can forward packets to all ports except itself 4 All ports can t talk to each other except the joint port Note To click Apply will change VLAN mode to port based VLAN and config...

Страница 43: ...ration carefully before applying it Any incorrect setting might cause network problem 2 Members of a Tagged based VLAN Group For Tag based mode the ingress port of a received packet must be the member port of the matched VLAN Otherwise the packet is dropped 3 Link Aggregation Trunking configuration Make sure all members of one link aggregation trunk group are configured with same VLAN configuratio...

Страница 44: ...in egress based on High Low weight ratio Low weight Weight of low priority in weight ratio 0 7 weight 0 weight 8 High weight Weight of high priority in weight ratio 0 7 weight 0 weight 8 Apply Click to apply the configuration change Remark 1 The switch implements two levels of priority queues for port egress operation 2 Each packet is classified as high priority or low priority based on CoS classi...

Страница 45: ... Port number for QoS classification in ingress Port Base v set to enable the port as high priority port All packets received by a high priority port are classified as high priority packets 802 1p v set to enable 802 1p based priority classification scheme 802 1Q tagged packet is examined the TCI Tag Control Information 16 bits field of the 802 1Q tag data ...

Страница 46: ...the Traffic Class 6 bits data The classification rule is 101110 001010 010010 011010 100010 11x000 high priority Others Low priority Apply Click to apply the configuration change Remark 1 Each incoming packet is classified as high or low priority based on classification configuration of the ingress port 2 When multiple schemes are applied a received packet is treated as the high priority as long a...

Страница 47: ...sed Configuration Description Protocol Well known TCP UDP based protocol and the port numbers used Classification F I F O First in First out also means disable Discard The matched packet is dropped Low The matched packet is classified as low priority ...

Страница 48: ...umber base 0 255 TCP UDP Port CoS function Override Override other classification methods port 802 1p IP DS Not override Not override other classification methods port 802 1p IP DS Apply Click to apply the configuration change Remark 1 For TCP UDP packets configuration of classification based on TCP UDP port number is a global setting and applied for all ports 2 Discard option can be used to filte...

Страница 49: ...Select a port to display its current static MAC address settings Read Click to read and display current static MAC address settings of the selected port Port v select the ports to enable MAC address binding function Static MAC addresses Status Description Management Connection The current http connection to the switch device Port No The port on which the management connection currently hooks MAC A...

Страница 50: ...e 2 A setting of ff ff ff ff ff ff means not set One valid MAC address at least must be set for the enabled port 3 An enabled port can not be the member port of any link aggregation trunk 4 Member ports of any link aggregation trunk can not be enabled for MAC address binding setting 5 For a port the MAC Address Binding function and STP RSTP function can not be enabled at the same time ...

Страница 51: ... 51 4 20 TCP UDP Filter ...

Страница 52: ...rt number matched are forwarded to the enabled egress ports Protocol v select the protocols TCP UDP port numbers for applying filter function User_Define_x User defined TCP UDP port numb a b c d Secure Egress Ports v select egress ports for filter function Apply Click to apply the configuration Note 1 As the MAC address binding function of a port is enabled the MAC address auto learning function o...

Страница 53: ... Usually the bridge with the highest bridge priority is the root 0 61440 Hello Time Hello Time is used to determine the periodic time to send normal BPDU from designated ports among bridges It decides how long a bridge should send this message to other bridge to tell I am alive 1 10 seconds Max Age When the switch is root bridge the whole LAN uses this setting as the maximum age time 6 40 seconds ...

Страница 54: ...y time is defined as the time spent from Listening state moved to Learning state and also from Learning state moved to Forwarding state of a port in bridge Root ID The MAC address of current STP root If this switch is STP root a message of I m the root bridge is displayed Note STP support and MAC Address Binding function are exclusive Two functions can not be enabled at the same time 4 22 STP Port...

Страница 55: ...ch uses to determine which port are the forwarding ports the lowest number is forwarding ports Value 1 200 000 000 0 Auto Auto means a default cost is automatically calculated in RSTP operation based on the port link speed The default costs are Link Speed Auto Default Cost 10Mbps 2000000 100Mbps 200000 1000Mbps 20000 Apply Click to apply the configuration ...

Страница 56: ...state to prevent a loop Blocking A port that would cause a switching loop no user data is sent or received but it may go into forwarding mode if the other links in use were to fail and the spanning tree algorithm determines the port may transition to the forwarding state BPDU data is still received in blocking state Listening The switch processes BPDUs and awaits possible new information that woul...

Страница 57: ...o apply the configuration change Member Member ports of Link Group x Trunks Link Group 1 Trunk group 1 valid member ports P1 P2 P3 P4 Link Group 2 Trunk group 2 valid member ports P5 P6 P7 P8 Link Group 3 Trunk group 3 valid member ports P25 P26 State Disable The Link Group is disabled Enable The Link Group is enabled Type Static The type of link aggregation mechanism is static and proprietary LAC...

Страница 58: ...n two switches using more than one physical links It can increase the connection bandwidth between two switches The switch supports up to three trunk groups and the number of member ports belonging to one trunk group is limited and must be more than two Notes 1 All member ports of one trunk group must belong to same VLAN group and have same VLAN configuration settings Otherwise abnormal operation ...

Страница 59: ... Queues Option Disable 200ms 400ms 600ms 800ms VLAN Striding Option Disable Enable IGMP Snooping Option Disable Enable Uplink1 VLAN uplink 1 options Clear Port 1 Port 2 Port 26 Uplink2 VLAN uplink 2 Option Clear Port 1 Port 2 Port 26 Apply Click to apply the configuration change ...

Страница 60: ...ooping When this function is enabled the switch will monitor multicast router ports and maintain IP multicast group information The switch also listens on IGMP messages to maintain the associated member ports of each multicast group Multicast packets are forwarded only to the group s member ports The ports not in the member list are not affected by the multicast traffic 4 VLAN Uplink Ports With VL...

Страница 61: ... 61 4 25 Port Counter ...

Страница 62: ...e Packet Collision count Transmit Packet Dropped Packet and Receive Packet CRC Error Packet and Receive Packet Apply Click to confirm the selection Port Port no of the statistic data 2 Counters Two selected statistic data of a port Clear Click to reset the statistic counters Refresh Click to refresh the statistic counters ...

Страница 63: ...o a PC Select image file Specify a backup configuration file for upload to the switch Password Authentication for Recovery operation Browse Click to browse your computer file system for the image file Apply Click to start upload 4 27 Reboot System This menu is used to reboot the switch unit remotely with current configuration Starting this menu will make your current http connection lost You must ...

Страница 64: ... Update Firmware This menu is used to update the embedded software of the switch Firmware update may be required due to bug fix or function enhancement Configuration Description Password Authentication for operation ReConfirm Re confirm the password input Apply Click to start upload After clicking Apply a warning window prompts The flash code will be erased and all functions are deleted before a n...

Страница 65: ...isplayed as follows Specify the new firmware and proceed to upload new firmware If the uploading of new firmware is interrupted unexpectedly and can not be finished properly connect to http 192 168 0 2 to restart the uploading procedure A prompt is displayed as follows ...

Страница 66: ... 66 4 30 Logout If no user action in around 5 minutes a notice is displayed as follows If no user action around 10 minutes after the notice the web connection is logout automatically without notice ...

Страница 67: ...ort Configuration Auto Negotiation Auto for all ports Speed Port 1 Port 24 100M Port25 Port 26 1000M Duplex Full for all ports Pause ON for all ports Backpressure ON for all ports Addr Learning ON for all ports Port Mirroring Monitored Packets Disable for all ports Bandwidth Control Tx Rate Full Speed for all ports Rx Rate Full Speed for all ports Speed Base Low Broadcast Storm Control Threshold 6...

Страница 68: ...ity Mode Mode First In First Out Low weight 0 High weight 0 Port Base 802 1p IP DS CoS Configuration High Priority Setting Enable Port Base Disable for all ports 802 1p Disable for all ports IP DS Disable for all ports TCP UDP Port CoS Configuration BOOTP_DHCP 67 68 Low All others protocol F I F O MAC Address Binding Configuration MAC Address binding Disable for all ports TCP UDP Filter Configurat...

Страница 69: ...iority 1 Link Aggregation Algorithm MAC Src Dst Link Group 1 Member Enable for all ports State Static Operation Key 1 Time Out Show Time Out Activity Passive Link Group 2 Member Enable for all ports State Static Operation Key 2 Time Out Show Time Out Activity Passive Link Group 3 Member Enable for all ports State Static Operation Key 3 Time Out Show Time Out Activity Passive ...

Страница 70: ... 70 Miscellaneous Settings Packet Aging Time in Queue Disable VLAN Striding Disable IGMP Snooping Disable VLAN Uplink Setting Uplink1 Clear Uplink2 Clear ...

Отзывы: