Luxul XMS-1024P Скачать руководство пользователя страница 1

Страница: 1 / 292

Simply Connected

User Guide

XMS-1024P

24 Port Gigabit Managed

PoE/PoE+ Switch

Use the XMS-1024P to:

Cost-effectively Add 802.3af/at PoE Capability to Your Network

Deliver Power and Data for up to 24 PoE-Enabled Network
Devices with a Maximum Output of 320 Watts

Simplify PoE Device Installation, Including IP Sercurity
Cameras, VoIP Devices, and Wireless AP’s

Future Proof Your Network with Gigabit Speeds
(10X Performance of Fast Ethernet)

Optimize and Protect Your Network with Advanced
VLAN, QoS and Network Security Features

Содержание XMS-1024P

Страница 1: ...k Deliver Power and Data for up to 24 PoE Enabled Network Devices with a Maximum Output of 320 Watts Simplify PoE Device Installation Including IP Sercurity Cameras VoIP Devices and Wireless AP s Future Proof Your Network with Gigabit Speeds 10X Performance of Fast Ethernet Optimize and Protect Your Network with Advanced VLAN QoS and Network Security Features ...

Страница 2: ...is or any Luxul product This product is covered by one or more U S and foreign patents Patents 7 379 717 6 606 075 6 373 448 other patents pending DOCUMENT CONVENTIONS The following graphical alerts are used in this document to indicate notable situations NOTE Tips hints or special requirements that you should take note of CAUTION Care is required Disregarding a caution can result in data loss or ...

Страница 3: ...G ON TO THE SWITCH 14 3 1 Login 14 3 2 Configuration 15 4 SYSTEM 16 4 1 System Settings 16 4 2 User Management 24 4 3 System Tools 26 5 SWITCHING 38 5 1 Port Settings 38 5 2 LAG 48 5 3 Traffic Monitor 53 5 4 MAC Address 57 6 VLAN 64 6 1 802 1Q VLAN 66 6 2 MAC VLAN 72 6 3 Protocol VLAN 74 6 4 Application Example for 802 1Q VLAN 81 6 5 Application Example for MAC VLAN 82 6 6 Application Example for ...

Страница 4: ...9 2 Bandwidth Control 147 9 3 Voice VLAN 151 10 POE 157 10 1 PoE Config 158 10 2 PoE Time Range 161 11 ACL 165 11 1 Time Range 165 11 2 ACL Config 169 11 3 ACL Policy 176 12 NETWORK SECURITY 186 12 1 IP MAC Binding 186 12 2 ARP Inspection 199 12 3 DoS Defense 207 12 4 802 1X RADIUS 209 13 SNMP 220 13 1 SNMP Config 223 13 2 SNMP Notification 232 13 3 RMON 234 14 LLDP 239 14 1 LLDP Config 244 14 2 D...

Страница 5: ...demarks are the property of their respective owners 15 3 Cluster 269 16 MAINTENANCE 271 16 1 System Monitor 271 16 2 System Logs 273 16 3 Device Diagnostics 279 16 4 Network Diagnostics 281 17 SAVE CONFIG 282 18 REGULATORY COMPLIANCE 283 APPENDIX A SPECIFICATIONS 286 GLOSSARY 287 ...

Страница 6: ...tab under the System Settings menu option that is located under the System menu Bold font indicates a button a toolbar icon menu or menu item 1 3 Overview of This Guide Chapter Introduction Chapter 1 About This Guide Introduces the guide structure and conventions Chapter 2 Introduction Introduces the features application and appearance of XMS 1024P Switch Chapter 3 Login Illustrates how to log on ...

Страница 7: ...re an 802 1Q VLAN on a Port per Port basis MAC VLAN Configure 802 1 Q MAC based VLAN without changing the 802 1Q VLAN configuration Protocol VLAN Create VLANs using the application layer to adjust how some Data is transmitted in the specified VLAN GVRP GVRP allows the Switch to automatically add or remove VLAN membership via dynamic VLAN registration information and propagate the local VLAN regist...

Страница 8: ...v Configure priorities Port priority 802 1P Priority and DSCP priority Bandwidth Control Rate Limit feature to control the traffic rate on each Port Storm Control feature to filter Broadcast Multicast and UL frames in the Network Voice VLAN Voice VLAN to transmit Voice Data stream within the specified VLAN to ensure the transmission priority of Voice Data stream and Voice quality Chapter 10 PoE Th...

Страница 9: ...devices SNMP Config Global settings of SNMP SNMP Notification SNMP Notification options and configuration for the to monitor and process the events RMON RMON Remote Monitoring options and configuration Chapter 14 LLDP This chapter will show how to configure LLDP to provide information for SNMP applications Basic Config The LLDP parameters of the device Device Info View the LLDP information of the ...

Страница 10: ...Glossary The glossary of the manual z 2 INTRODUCTION Thanks for choosing the Luxul XMS 1024P Managed PoE PoE Switch 2 1 Overview of the Switch Designed to meet Commercial Grade requirements the XMS 1024P from LUXUL provides wire speed performance and IP Layer 2 Management features to give you the best service and security available The EIA Standardized framework and smart configuration capacity pr...

Страница 11: ...f Service Supports L2 and L3 based CoS Cost of Service with 4 priority queues per Port Rate Limiting controls the traffic flow according to the configured values Security Supports industry standard user Authentication methods such as 802 1X RADIUS RADIUS Dynamic ARP Inspection blocks ARP packets from unauthorized hosts preventing man in the middle attacks L2 L3 L4 Access Control Lists restrict unt...

Страница 12: ...odule please select 100MFD while selecting 1000MFD for Gigabit modules By default the Speed and Duplex mode of any installed SFP module is 1000MFD 1 Console Port Designed to allow connection to the serial Port of a computer or terminal for monitoring and configuring the Switch 24 Port LEDs The XMS 1024P has a LED mode button which is for Switching the LED status type When the Speed LED is lit the ...

Страница 13: ...esponding Port Off No device is connected to the corresponding Port When the PoE display is active the Port LED indicates the PoE status of the Port LED Status Indication Power On The Switch is powered on Off The Switch is powered off or power supply has failed Flashing Indicates a Power fault System Flashing The Switch booted without error and is running On The Switch encountered a boot error PoE...

Страница 14: ...e sure the voltage of the AC power source meets the requirements of the input voltage 100 240V 50 60Hz 0 6A 3 LOGGING ON TO THE SWITCH 3 1 Login 1 To access the Web Management configuration open a web browser and type in the default address 192 168 0 4 in the address field of the browser then press the Enter key Figure 3 1 Web browser NOTE To log in to the Switch the IP Address of your PC should b...

Страница 15: ...ply the current configuration changes will be applied to the running configuration If the Switch is rebooted the configuration will be lost To save the configuration to non volatile memory please click Save Config link in the left hand menu We strongly recommend clicking Save Config before cutting the power or rebooting the Switch to avoid losing the new configuration If the Switch becomes inopera...

Страница 16: ...stem Settings The System Settings submenu includes the Status Device Description System Time Daylight Saving Time and System IP tabs 4 1 1 Status This page allows you to view the Port connection status and the System Info The Port status diagram shows the status of the 24 10 100 1000Mbps RJ45 Ports and 4 SFP Ports of the Switch Ports labeled as 1 24 are 10 100 1000Mbps Ports and Ports labeled as 2...

Страница 17: ...s Indicates the SFP Port is not connected Indicates the SFP Port is connected at the speed of 1000Mbps Indicates the SFP Port is connected at the speed of 100Mbps When the cursor is used to highlight the Port the detailed information of the Port will be displayed Figure 4 2 Port Information Port Information Port Displays the selected Port number of the Switch Type Displays the configured type of t...

Страница 18: ...h utilization on a Port allows you to monitor the Network traffic and analyze the Network for any abnormalities Figure 4 3 Bandwidth Utilization Bandwidth Utilization Rx Select Rx to display the bandwidth utilization of received packets on this Port Tx Select Tx to display the bandwidth utilization of sent packets on this Port 4 1 2 Device Description On this page you can configure the description...

Страница 19: ...ngs will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 4 1 3 System Time System Time displays the current time settings of the Switch On this page you can configure the System Time settings The settings here will be used for other time based functions like Access Control List A...

Страница 20: ...e Zone Select your local time zone Primary Secondary NTP Server Enter an IP Address for the NTP Server s Update Rate Specify in hours how often the Switch will check for an NTP time update Synchronize with PC S Clock When this option is selected the administrator PC s clock is used to set the System Time NOTE The System Time settings will be restored to defaults if the Switch is restarted and you ...

Страница 21: ...on USA First Sunday in April 02 00 Last Sunday in October 02 00 Australia First Sunday in October 02 00 First Sunday in April 03 00 Europe Last Sunday in March 01 00 Last Sunday in October 01 00 New Zealand First Sunday in October 02 00 Last Sunday in March 03 00 Recurring Mode Allows you to specify a DST configuration that will run in recurring pattern Unless changed this mode will run each Start...

Страница 22: ...ch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory NOTE When DST is disabled the various modes cannot be configured NOTE When DST is enabled the default daylight savings time will be set to USA in predefined mode 4 1 5 System IP Each device in an IP Network must have a unique IP Address You log in to the Web Manageme...

Страница 23: ...can access the Management page of the Switch By default VLAN1 is the Management VLAN and you can access the Switch via any Port on the Switch However if another VLAN is created and set to be the Management VLAN you may have to reconnect the Management station to a Port that is a member of the Management VLAN IP Address The IP Address of the Switch The default IP is 192 168 0 4 if you have selected...

Страница 24: ...ult IP Address NOTE If the Switch gets an IP Address from the DHCP Server you can find the IP configuration information of the Switch in the DHCP Server connected clients list If DHCP option is selected but no DHCP Server exists the Switch will keep trying to obtain the IP Address from DHCP Server until successful 4 2 User Management User Management allows you to configure the User Name and Passwo...

Страница 25: ...dmin user can configure all functions of the Switch Choose the menu System User Management User Config to load the following page Figure 4 9 User Conﬁg The following entries are displayed on this screen User Info User Name Create a Name for a new User login Access Level Select the access Level to Apply to the User Admin Admin can edit modify and view all the settings of the Switch Guest Guest only...

Страница 26: ...ser information After modifying the settings please click the Modify button to save the modification CAUTION The User Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory CAUTION The default Admin user can be deleted please take care when selecting multiple users ...

Страница 27: ...to Restore Restore Config Click the Restore Config button to restore the backup configuration file The Switch will automatically reboot as part of the Restore process and will load the Restored Config file after reboot NOTE It can take a few minutes to restore the configuration Please wait for the operation to complete normally CAUTION To avoid damage to the Switch please do not power down the Swi...

Страница 28: ...ollowing entries are displayed on this screen Config Backup Backup Config Click the Backup Config button to save the current running configuration as a file on your computer We recommend making a Config Backup before all Firmware Upgrades NOTE It may take a few minutes to Backup the configuration Please wait without any operation Please wait for the operation to complete normally 4 3 3 Firmware Up...

Страница 29: ...ent Firmware Version Displays the current running version of Firmware on the Switch Hardware Version Displays the version of Hardware the Switch is running as new revisions are released they may not support all Firmware versions Visit http luxul com for more information Upgrade Click the Upgrade button to Upgrade the current running Firmware of the Switch We recommend making a Config Backup before...

Страница 30: ...iguration before rebooting to avoid losing the configuration Choose the menu System System Tools System Reboot to load the following page Figure 4 13 System Reboot The following entries are displayed on this screen System Reboot Save Config Leaving this checkbox checked will cause the Switch to save the Configuration to non volatile RAM prior to Reboot We recommend leaving this option checked Rebo...

Страница 31: ...n Restore Factory Defaults Reset Click the Reset button to restore the Switch to Factory Default settings The Switch will reboot as part of this operation once rebooted all settings will return to their default values CAUTION If the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory all custom configuration setti...

Страница 32: ...section 4 2 User Management Choose the menu System Access Control Access Control to load the following page Figure 4 15 Access Control The following entries are displayed on this screen Access Control Control Mode Select the control mode for users to log on to the Web Management page IP based Limit the IP Range of the Users allowed to login MAC based Limit the MAC Addresses of the Users allowed to...

Страница 33: ...the maximum number of allowed Guest User simultaneous logins 4 4 2 SSL Config SSL Secure Sockets Layer is a security protocol designed to provide a secure connec tion using the application layer protocol i e HTTP communication based on TCP SSL is widely used to secure Data transmission between Web Browsers and Servers SSL provides the following services 1 Authentication of Users and Servers based ...

Страница 34: ...oad the following page Figure 4 16 SSL Conﬁg The following entries are displayed on this screen SSL Config SSL Enable or Disable the SSL function Certificate Upload Certificate File Select the desired Certificate to Upload to the Switch The certificate must be BASE64 encoded Key Upload Key File Select the desired SSL Key to Upload to the Switch The key must be BASE64 encoded CAUTION SSL Configurat...

Страница 35: ...t remote Management method not having any inherent safety we offer this options for remote command line configuration SSH provides information security and Authentication when you log on to the Switch remotely through any Network environment It encrypts all transmitted Data to prevent the Data during Remote Management being compromised SSH has two versions V1 and V2 which are not compatible with e...

Страница 36: ...t Idle Timeout Set the connection idle timeout time The system will automatically release the connection when the time has expired the default timeout is 500 seconds Max Connect Set the maximum number of allowed connections to the SSH Server No new connection will be allowed when the number of the connections reaches the maximum the default value is 5 Key Upload Key Type Select the type of SSH Key...

Страница 37: ... of the upload file is between 256 3072 bits CAUTION After the Key File is uploaded the default key of the same type will be replaced A failed or corrupt upload will result in SSH access to default to Password Authentication Application Example 1 for SSH SSH Login In the example below we will outline a typical connection using the Windows 7 version of the PuTTY SSH Client 1 Open PuTTY enter the IP...

Страница 38: ... you to configure the features of the Ethernet Ports of the Switch the available options include Port Config Port Mirror Port Security Port Isolation and Loopback Detection pages 5 1 1 Port Config Here you can configure the basic parameters for the Ethernet Ports of the Switch When the Port is disabled all packets received on the Port will be discarded Disabling unused Ports will reduce the power ...

Страница 39: ... ports Description Description of the Port for easy identification Status Allows you to Enable or Disable the Port Speed and Duplex Select the Speed and Duplex mode for the Port The device connected to the Switch should be in the same Speed and Duplex as the port it is connected too When Auto is selected Speed and Duplex will be determined by auto negotiation For the SFP adapters the Switch does n...

Страница 40: ...led or corrupt upload will result in SSH access to default to Password Authentication NOTE The parameters of the Ports in a LAG Group should be set the same for optimal operation 5 1 2 Port Mirror Port Mirror can be used to forward copies of packets from one or multiple Ports Mirrored Port or the source Port s to a specified Port Mirroring or destination Port The mirroring Port is connected to a D...

Страница 41: ... Mirror Group List Group The Mirror Group number Mirroring The Mirroring Port number destination Port Mode Indicates the traffic mirroring options of Ingress or Egress sources Mirrored Port Displays the Mirrored Ports and whether they are mirroring Ingress Egress or Both Operation Click Edit to configure the mirror group Edit to displays the following page Figure 5 3 Mirroring Port ...

Страница 42: ...ed the incoming packets received by the Mirrored Port will be copied and forwarded to the Mirroring Port Egress Enable or Disable the Egress feature When Egress is enabled the outgoing packets received by the Mirrored Port will be copied and forwarded to the Mirroring Port LAG Displays the LAG Group number the Port belongs to A LAG Group member cannot be selected as a Mirrored Port or Mirroring Po...

Страница 43: ...maximum number of MAC Addresses that can be learned on each Port A Port with the Port Security feature enabled will learn MAC Addresses dynamically When the number of learned MAC Address reaches the maximum value set the Port will stop learning Any new devices with an unlearned MAC Address will not be allowed access to the Network via this Port Choose the menu Switching Port Settings Port Security...

Страница 44: ...ed manually The learned entries will clear if the Switch is rebooted Permanent When Permanent mode is selected the learned MAC Address will not be deleted by the aging time process and can only be deleted manually The learned entries will be saved if the Switch is rebooted Status Enable or Disable the Port Security feature for the Port s CAUTION Port Security settings will be restored to defaults ...

Страница 45: ...itching Port Settings Port Isolation to load the following page Figure 5 5 Port Isolation Conﬁg The following entries are displayed on this screen Port Isolation Config Port Select a Port number to set its Port Isolation List Allowed Ports Select the Allowed Port s for the selected Port to Forward too Port Isolation List Port Display the Port number Allowed Ports Display the Allowed Ports List for...

Страница 46: ...ved your running configuration to non volatile memory 5 1 5 Loopback Detection The Loopback Detection feature can detect Network loops using loopback detection packets When a loop is detected the Switch will display an alert and or block the corresponding Port according to the settings configured Choose the menu Switching Port Settings Loopback Detection to load the following page Figure 5 6 Loopb...

Страница 47: ...esired Port s for Loopback Detection configuration Port Displays the Port number Status Enable or Disable Loopback Detection for the Port s Operation Mode Select the Mode the Switch will operate in when loops are detected Alert When a loop is detected display an alert Port based When a loop is detected display an alert and block the Port Recovery Mode Select the Mode the Switch will use to unblock...

Страница 48: ...ex Flow Control settings configured are in a LAG Group their configurations should be the same The Ports that have Port Security Port Mirror MAC Address Filtering Static MAC Address Binding and 802 1X RADIUS Authentication settings configured cannot be added to a LAG Group It is not recommended to add any Ports with ARP Inspection and or DoS Defense to the LAG Group If a LAG Group s is to be used ...

Страница 49: ...e applied scope of Hash Algorithm which applies to choosing a Port used to transfer the packets SRC MAC DST MAC When this option is selected the Hash Algorithm will use the source and destination MAC Addresses of the packets SRC IP DST IP When this option is selected the Hash Algorithm will use the source and destination IP Addresses of the packets LAG Table Select Check the check box of the desir...

Страница 50: ...il button for the detailed information of your selected LAG Figure 5 8 Detail Information 5 2 2 Static LAG On this page you can manually configure the LAG Group The LACP feature is disabled for the member Ports of any manually added Static LAG Choose the menu Switching LAG Static LAG to load the following page Figure 5 9 Manual Conﬁg ...

Страница 51: ...member Ports NOTE Only a non member Port can be added to a LAG Group If a Port is the member of a LAG Group or is Dynamically Aggregated as an LACP member the Port number will be grayed out and cannot be selected CAUTION Static LAG settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non vo...

Страница 52: ...vice with the numerically lowest System MAC has the higher priority The device with the highest priority will choose the Ports to be aggregated based on Port Priority Port Number and Operation Key Only the Ports with the same operation key can be added into the same Aggregation group In an Aggregation group the Port with lowest Port Priority will be considered the preferred Port If Port priorities...

Страница 53: ...he Port number LAG Group Specify an LAG Group for the Port The member Ports in a dynamic Aggregation group must have the same LAG Group Port Priority Specify a Port Priority for the Port This value determines the priority of the Port to be selected as a Dynamic Aggregation group member The Port with lowest Port Priority will be considered the preferred Port If two Port priorities are equal the Por...

Страница 54: ...14203 Minuteman Drive Suite 201 Draper UT 84020 1685 luxul com 801 822 5450 LUX UG XMS 1024P Vers 081314 Choose the menu Switching Traffic Monitor Traffic Summary to load the following page Figure 5 11 Trafﬁc Summary ...

Страница 55: ...umber Packets Rx Displays the number of Packets Received on the Port Error packets are not counted in this field Packets Tx Displays the number of Packets Transmitted on the Port Octets Rx Displays the number of Octets Received on the Port Error octets are counted in this field Octets Tx Displays the number of Octets Transmitted on the Port Statistics Click the View link to View the detailed traff...

Страница 56: ... of Received Packets with a bad Frame Check Sequence FCS containing a non integral octet Alignment Error The length of the packet will be between 64 bytes and 1518 bytes UndersizePkts Displays the number of Received Packets excluding error Packets that are less than 64 bytes long Pkts64Octets Displays the number of Received Packets including error Packets that are 64 bytes long Pkts65to127Octets D...

Страница 57: ...ble The Switch offers multiple options for configuration to meet the needs of your Network see the table below The types and the features of the MAC MAC Table are listed as the following Type Configuration Auto Aging MAC Address kept after reboot Relationship between the bound MAC Address and the Port Dynamic MAC Automatic Yes Note Auto Aging can be disabled but it is not recommended No The learne...

Страница 58: ...Table The following entries are displayed on this screen Address Table MAC Address Enter the MAC address to search by VLAN ID Enter the VLAN ID to search by Port Select the corresponding Port number to search by Type Select the Type of entry to search by All Displays all MAC Address entries Note The maximum number of entries displayed on this page is 100 to display more than 100 entries please use...

Страница 59: ...ponding Port number of the MAC address Type Displays the Type of the MAC address Aging Status Displays the Aging status of the MAC address 5 4 2 Static MAC The Static MAC Table maintains the static MAC Address entries which are added or removed manually In the stable Networks static MAC Address entries can facilitate reducing broadcast packets and enhance the efficiency of packet forwarding Choose...

Страница 60: ...esponding VLAN ID of the Static MAC Address Port Displays the corresponding Port Number of the Static MAC Address You can modify the Port number to which the MAC Address is bound however the new Port must be in the same VLAN Type Displays the Type of the MAC Address entry Aging Status Displays the Aging Status of the MAC Address entry CAUTION Static MAC settings will be restored to defaults if the...

Страница 61: ...RADIUS feature is enabled 5 4 3 Dynamic MAC The Dynamic MAC Table updates automatically by learning new MAC Addresses and Auto Aging of old MAC Addresses To fully utilize the Dynamic MAC Table which has a limited capacity the Switch uses Auto Aging The Switch removes the MAC address entry related to a Network device if no packet is received from the device within the Aging Time On this page you ca...

Страница 62: ...corresponding Port statically MAC Address Displays learned MAC Address VLAN ID Displays the corresponding VLAN ID of the MAC address Port Displays the corresponding Port number of the MAC address Type Displays the Type of the MAC address Aging Status Displays the Aging Status of the MAC address Bind Select the desired entry entries and click the Bind button to bind the MAC address of your selected...

Страница 63: ...ur running configuration to non volatile memory 5 4 4 MAC Filtering MAC Filtering is used to control which packets are forwarded MAC Filtering is added or removed manually and is independent of the Aging Time MAC Filtering allows the Switch to filter the packets based on the source address or destination address MAC Filtering entries act on all Ports and in all corresponding VLANs Choose the menu ...

Страница 64: ...ort number blank indicates no specified Port Type Displays the Type of the MAC address Aging Status Displays the Aging Status of the MAC address CAUTION MAC Filtering settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory NOTE MAC Address es in the MAC Filter Table cannot ...

Страница 65: ...casts are confined to the VLAN This decreases bandwidth utilization and improves Network performance Network security is improved VLANs cannot communicate with one another directly A host in a VLAN cannot access resources in another VLAN directly Boundary devices such as Routers or Layer 3 Switches are required VLANs can be used to group specific client devices When the physical location of a clie...

Страница 66: ...and Source MAC Address to identify the VLAN membership of the packet As shown in the following figure a VLAN tag contains four fields including TPID Tag Protocol Identifier Priority CFI Canonical Format Indicator and VLAN ID Figure 6 2 Format of VLAN Tag TPID TPID is a 16 bit field indicating that this Data frame is VLAN tagged By default it is set to 0x8100 or no VLAN ID Priority Priority is a 3 ...

Страница 67: ...ives and forwards packets from multiple VLANs Packets forwarded by a TRUNK Port will not have any changes made to the existing VLAN tag The PVID can be set to the VID number of any VLAN the Port belongs to GENERAL The GENERAL Port can be added to multiple VLANs and can have various Egress Rules in different VLANs The default Egress Rule is UNTAG The PVID can be set to the VID number of any VLAN th...

Страница 68: ...ving its VLAN tag Trunk If the VID of packet is allowed by the Port the packet will be received If the VID of packet is forbidden by the Port the packet will be dropped The packet will be forwarded with its current VLAN tag General If the Egress Rule of Port is TAG the packet will be forwarded with its current VLAN tag If the Egress Rule of Port is UNTAG the packet will be forwarded after removing...

Страница 69: ...ick the Select button to quick select the corresponding entry based on the VLAN ID you entered Select Select the desired entry to delete the corresponding VLAN s VLAN ID Displays the ID of the VLAN Description Displays the description of the VLAN Members Displays the Port members of the VLAN Operation Allows you to view or modify the information for each entry Edit Click to modify the settings of ...

Страница 70: ... the VLAN Port Displays the Port number Link Type Displays the Link Type of the Port It can be change in Port VLAN Config screen Egress Rule Select the Egress Rule for the VLAN Port member The default Egress Rule for all ports until the Link Type is changed is UNTAG TAG All packets forwarded by the Port are tagged UNTAG All packets forwarded by the Port are untagged LAG Displays the LAG to which t...

Страница 71: ...he Port is UNTAG The PVID is same as the current VLAN ID If the current VLAN is deleted the PVID will be set back to VLAN ID 1 TRUNK can be added to multiple VLANs the Egress Rule of the Port is TAG The PVID can be set as the PVID of any VLAN the Port belongs to this will also be the PVID used if an Untagged packet is forwarded by the port GENERAL can be added to multiple VLANs various Egress tagg...

Страница 72: ...witch will attempt to match the packet with the current MAC VLAN If the packet is matched the Switch will add the correspond ing MAC VLAN tag If no MAC VLAN is matched to the packet the Switch will add a tag to the packet corresponding to the PVID of the receiving Port When receiving tagged packets the Switch will process them based on the VLAN settings corresponding to the tag in the packet recei...

Страница 73: ...he settings of the entry then click the Modify button to apply your changes Configuration Procedure Step Operation Description 1 Set the desired link type of the Port On the VLAN 802 1Q VLAN Port Config page set the link type for the Port based on its connected device Options include Access Trunk and General 2 Create a VLAN On the VLAN 802 1Q VLAN VLAN Config page click the Create button to create...

Страница 74: ...received Untagged packets on the Port and match the packets with the user defined Protocol Template If a packet is matched the Switch will add a corresponding VLAN Tag automatically and assigning the Data of specific protocol automatically to a corresponding VLAN for transmission Encapsulation Format of Ethernet Data This section introduces the common types of encapsulation format for Ethernet Dat...

Страница 75: ...rol encapsulation Figure 6 10 802 2LLC encapsulation The Length field DSAP Destination Service Access Point field SSAP Source Service Access Point field and Control field are encapsulated after Source MAC Address and Destination MAC Address fields The value of Control field will always be 3 in a valid packet The DSAP and SSAP fields in 802 2 LLC encapsula tion are used to identify the upper layer ...

Страница 76: ...plate and transmit packets within the specified VLAN corresponding to the protocol The Protocol Template comprising encapsulation format and protocol type is the standard to determine the protocol which a packet belongs to The following table shows commonly used encapsulation formats supported in Network layer protocol and the Protocol Templates are provided for reference Some Protocol Templates h...

Страница 77: ...is matched the Switch will add the Tag of the PVID of the receiving Port Assigning the packet automatically to the corresponding VLAN for transmission When receiving a Tagged packet the Switch will process it based on the 802 1Q VLAN ID of the packet If the receiving Port is the member of the VLAN to which the tagged packet belongs to the packet will be forwarded normally If the receiving Port is ...

Страница 78: ... Member Displays the member s of the Protocol Group Configuration Click the Edit button to modify the settings of the entry then click the Modify button to apply your changes CAUTION Protocol VLAN settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 6 3 2 Protocol Group ...

Страница 79: ...ort s for Protocol VLAN Group CAUTION Protocol Group settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 6 3 3 Protocol Template The Protocol Template must be created before configuring the corresponding Protocol VLAN By default the Switch has the predefined templates f...

Страница 80: ...plate settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory NOTE The Protocol Template bound to VLAN cannot be deleted Step Operation Description 1 Set the link type of the member Port On the VLAN 802 1Q VLAN Port Config page set the link type for the Port based on its Co...

Страница 81: ...4 Application Example for 802 1Q VLAN Network Requirements Switch A is connecting to PC A and Server B Switch B is connecting to PC B and Server A PC A and Server A are in the same VLAN PC B and Server B are in the same VLAN PCs in the two VLANs cannot communicate with each other Network Diagram Figure 6 15 Network Diagram 802 1Q VLAN ...

Страница 82: ...Link Type of the Ports On VLAN 802 1Q VLAN Port Config page configure the link type of Port 7 as ACCESS Port 6 as TRUNK and Port 8 as ACCESS 2 Create VLAN10 On VLAN 802 1Q VLAN VLAN Config page create a VLAN with a VLANID of 10 with members being Port 6 and Port 8 3 Create VLAN20 On VLAN 802 1Q VLAN VLAN Config page create a VLAN with a VLANID of 20 with members being Port 6 and Port 7 6 5 Applica...

Страница 83: ... 2 Create VLAN10 On VLAN 802 1Q VLAN VLAN Config page create a VLAN with a VLANID of 10 with members being Port 11 and Port 12 and configure the Egress Rule of Port 11 as Untag and Port 12 as Tag 3 Create VLAN20 On VLAN 802 1Q VLAN VLAN Config page create a VLAN with a VLANID of 20 with members being Port 11 and Port 12 and configure the Egress Rule of Port 11 as Untag and Port 12 as Tag 4 Configu...

Страница 84: ...VLAN10 with a MAC Address of 00 19 56 8A 4C 71 5 Configure MAC VLAN 20 On VLAN MAC VLAN page create MAC VLAN20 with a MAC Address of 00 19 56 82 3B 70 Configure Switch C Step Operation Description 1 Configure the Link Type of the Ports On VLAN 802 1Q VLAN Port Config page configure the link type of Port 2 as GENERAL Port 3 as GENERAL Port 4 as ACCESS and Port 5 as ACCESS 2 Create VLAN10 On VLAN 80...

Страница 85: ...of the Ports On VLAN 802 1Q VLAN Port Config page configure the link type of Port 11 as ACCESS Port 13 as ACCESS and Port 12 as GENERAL 2 Create VLAN10 On VLAN 802 1Q VLAN VLAN Config page create a VLAN with a VLANID of 10 with members being Port 12 and Port 13 and configure the Egress Rule of Port 12 as Untag 3 Create VLAN20 On VLAN 802 1Q VLAN VLAN Config page create a VLAN with a VLANID of 20 w...

Страница 86: ... and select Port 3 6 Create Protocol VLAN 20 On VLAN Protocol VLAN Protocol Group page create protocol VLAN 20 with Protocol as AppleTalk and select Port 3 6 7 GVRP GVRP GARP VLAN Registration Protocol is an implementation of GARP Generic Attribute Registration Protocol GVRP allows the Switch to automatically add or re move VLANs via dynamic VLAN registration information and propagate the local VL...

Страница 87: ...es a GARP entity sends each Join Message two times The Join Timer is used to define the interval between the two sending operations of each Join Message Leave Timer When a GARP entity expects to un register attribute information it sends out a Leave Message Any GARP entity receiving this message starts its Leave Timer and un registers the attribute information if it does not receive a Join Message...

Страница 88: ...ister a VLAN and propa gate the dynamic static VLAN information Fixed In this mode a Port cannot register un register a VLAN dynamically It only propagates static VLAN information A Port in Fixed mode only permits the packets of its static VLAN to pass Forbidden In this mode a Port cannot register un register VLANs It only propagates VLAN 1 information A Port in Forbidden mode only permits the pac...

Страница 89: ...Once the LeaveAll Timer is set the Port with GVRP enabled can send a LeaveAll message after the timer expires so the other GARP entities can re register all the attribute information on this entity After re registration the entity restarts the LeaveAll Timer to begin a new cycle The LeaveAll Timer ranges from 1000 to 30000 centiseconds 10 00 to 300 00 seconds the default value is 1000 centiseconds...

Страница 90: ... local Network Devices running STP discover loops in the Network and block Ports by exchanging information A Network loop can be blocked to form a standard topology loop free Network preventing packets from being duplicated and forwarded endlessly inside the Network BPDU Bridge Protocol Data Unit is the protocol Data that STP and RSTP use to pass topology information Enough information is carried ...

Страница 91: ...hosen as the Root Bridge Root Port Indicates the Port that has the lowest path cost from this bridge to the Root Bridge and forwards packets to the Root Designated Port Indicates the Port that forwards packets to a downstream Network segment or Switch Port Priority The Port priority can be set to any value in the range 0 255 The lower the value the higher the priority The Port with the higher prio...

Страница 92: ...ecifies the time needed for a Port to change its state after the Network topology is changed via STP When changes to the Network occur caused by Network malfunction or physical changes the STP structure will adapt to the corresponding change However it will take time for the new configuration BPDUs to spread throughout the whole Network a temporary loop may occur if the Port changes its state imme...

Страница 93: ...the Switch itself and the Designated Port being itself Comparing BPDUs Each Switch sends out configuration BPDUs and receives configuration BPDUs on one or more of its own Ports from other Switches The following table shows the comparison operations Step Operation 1 If the priority of the BPDU received on the Port is lower than that of the BPDU of the Port itself the Switch discards the BPDU and d...

Страница 94: ...ffic Table 7 2 Selecting root Port and designated Port NOTE In an STP Network with a stable topology only the Root Port s and Designated Port s can forward Data the other Ports are Blocked Blocked Ports only can receive BPDUs and will not process any other traffic RSTP Rapid Spanning Tree Protocol evolved from the 802 1D STP standard and enables Ethernet Ports to change their states rapidly The pr...

Страница 95: ...es a Spanning Tree Network into several regions Each region has several internal Spanning Trees which are independent of each other MSTP provides a Load Balancing mechanism for packet transmission in the VLAN MSTP is compatible with both STP and RSTP MSTP Elements MST Region Multiple Spanning Tree Region An MST Region comprises Switches with the same region configuration and VLAN to Instance mappi...

Страница 96: ...ackets and learn MAC addresses Blocking In this status the Port can only receive BPDU packets and will drop all other traffic received Disconnected In this status the Port is not participating in STP Port Roles In MSTP the following six roles exist Root Port Indicates the Port that has the lowest path cost from this Bridge to the Root Bridge and forwards packets to the root Designated Port Indicat...

Страница 97: ...g is used for global configuration of Spanning Trees implementation and can be implemented on the STP Config and STP Summary pages 7 1 1 STP Config Before configuring Spanning Tree Protocol you should decide which role each Switch plays in the Spanning Tree instance One Switch will be the Root Bridge in each Spanning Tree instance On this page you can globally configure the Spanning Tree function ...

Страница 98: ...r a value from 6 40 seconds to specify the maximum time the Switch can wait without receiving a BPDU before attempting to reconfigure The default value is 20 seconds If adjusting the Max Age the following Rules should be applied 2 Hello Time 1 Max Age and 2 Forward Delay 1 Max Age Forward Delay Enter a value from 4 30 seconds to specify the time for the Port to transit its state after the Network ...

Страница 99: ...the Network load of the Switches and wastes Network resources Keeping the default value is recommended NOTE The Max Age parameter allows the Switch to restart the STP discovery process if no BPDUs are received before the Max Age expires Too short of a Max Age may result in the Switches regenerating Spanning Trees Instances frequently and cause Network congestions that can be falsely interpreted as...

Страница 100: ...P Vers 081314 Choose the menu Spanning Tree STP Config STP Summary to load the following page Figure 7 5 STP Summary 7 2 Port Config On this page you can configure the parameters of the Ports for STP RSTP and MSTP Choose the menu Spanning Tree Port STP Config to load the following page Figure 7 6 Port Conﬁg ...

Страница 101: ...ort The lower the value the higher the priority Edge Port Enable Disable Edge Port Edge Ports can change states from blocking to forwarding rapidly without waiting for the Forward Delay P2P Link P2P Link status If the two Ports in the P2P link are Root Ports or Designated Ports they can change their states to Forwarding rapidly to reduce any unnecessary Forward Delay MCheck Enable to perform MChec...

Страница 102: ...ctly to Layer 3 devices such as a Router as edge Ports and Enable the BPDU protection function This will allow these Ports to change to Forwarding States rapidly and secure your Network NOTE All the links of Ports in a LAG should be configured as Point to Point links CAUTION When the link of a Port is configured as a Point to Point link the Spanning Tree Instance owning this Port is configured as ...

Страница 103: ...tries are displayed on this screen Region Config Region Name Create a name for the MST Region using up to 32 characters Revision Enter the Revision from 0 65535 for MST Region identification CAUTION MSTP Instance settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 7 3 2...

Страница 104: ...ID of the Switch Status Enable Disable the instance Priority Enter the Priority of the Switch in the Instance Priority is an important criterion in determining if the Switch will be chosen as the Root Bridge in the specific Instance VLAN ID Enter the VLAN ID s which belong to the corresponding Instance ID Clear Click the Clear link to remove all VLAN IDs from the Instance ID All removed VLAN ID s ...

Страница 105: ... along the CIST If you want to broadcast packets of a specific VLAN through GVRP please be sure to map the VLAN to the CIST when configuring the MSTP VLAN Instance mapping For detailed information on GVRP please refer to the GVRP section of this guide 7 3 3 Instance Port Config Ports can play different roles in different Spanning Tree Instances On this page you can configure the parameters of the ...

Страница 106: ...alue the higher the priority Port Role Displays the role the Port plays in the MSTP Instance Port Status Displays the working Status of the Port LAG Displays the LAG Group number the Port belongs to CAUTION Instance Port Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volati...

Страница 107: ...om malicious attacks against STP features 7 4 1 Port Protect On this page you can configure the Loop Protect Root Protect TC Protect BPDU Protect and BPDU Filter features for each Port We suggest enabling the corresponding Protection feature for the corresponding Ports Loop Protect In a stable Network topology a Switch maintains the Port states by receiving and processing BPDU packets from the Ups...

Страница 108: ...dress entries upon receipt of TC BPDU packets If a device or user maliciously sends a large number of TC BPDU packets the Switch will be kept busy removing MAC Address entries which will reduce the performance and stability of the Network To prevent the Switch from removing MAC Address entries you can enable the TC Protect function With the TC Protect function enabled if the number of the received...

Страница 109: ...ard BPDUs but it will send out its own BPDU This prevents the Switch from being attacked by mali cious BPDUs and protects Spanning Tree from malicious regeneration Choose the menu Spanning Tree STP Security Port Protect to load the following page Figure 7 10 Port Protect The following entries are displayed on this screen Port Protect Port Select Click the Select button to quick select the correspo...

Страница 110: ... defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 7 4 2 TC Protect When TC Protect is enabled for the Port on Port Protect page the TC threshold and TC protect cycle need to be configured on this page Choose the menu Spanning Tree STP Security TC Protect to load the following page Figure 7 11 TC...

Страница 111: ...equirements Switch A B C D and E all support the MSTP function A is the Central Switch Switches B and C are in the Convergence layer Switches D E and F are in the Access layer There are 6 VLANs labeled VLAN101 VLAN106 in the Network All Switches are running MSTP and belong to the same MST region The Data in VLAN101 103 and 105 are transmitted in the Spanning Tree with B as the Root Bridge The Data...

Страница 112: ...AN 101 103 and 105 to Instance 1 Then map VLAN 102 104 and 106 to Instance 2 Configure Switch B Step Operation Description 1 Configure Ports On VLAN 802 1Q VLAN page configure the link type of the interconnect Ports as Trunk and add the Ports to VLAN 101 VLAN 106 Detailed instructions can be found in the section 802 1Q VLAN 2 Enable STP function On Spanning Tree STP Config STP Config page enable S...

Страница 113: ...figure the Region Name and the Revision of the MST Region On Spanning Tree MSTP Instance Region Config page configure the region as LUXUL and keep the default revision setting 4 Configure VLAN to Instance mapping table of the MST region On Spanning Tree MSTP Instance Instance Config page configure VLAN to Instance mapping table Map VLAN 101 103 and 105 to Instance 1 Then map VLAN 102 104 and 106 t...

Страница 114: ...sion setting 4 Configure VLAN to Instance mapping table of the MST region On Spanning Tree MSTP Instance Instance Config page configure VLAN to Instance mapping table Map VLAN 101 103 and 105 to Instance 1 Then map VLAN 102 104 and 106 to Instance 2 The configuration procedure for Switch E and F is the same as that of Switch D The Topology Diagram of the two Instances after the Topology has stabil...

Страница 115: ... Diagram Stabilized II Suggested STP Security for this Configuration Enable TC Protect function for all the Ports of Switches Enable Root Protect function for all the Ports of Root Bridges Enable Loop Protect function for all non edge Ports Enable BPDU Protect function or BPDU Filter function for the edge Ports which are connected to any client device ...

Страница 116: ... In Multicast the Source transmits to multiple devices using a Multicast address which allows the Client devices to listen and grab the Multicast packets without the Server having to target individual client devices Suppose you have a point to multi point presentation Unicast is suitable for Networks with a small number of client devices Multicast is much more efficient in Networks with a high num...

Страница 117: ...description of Multicast IP Addresses Multicast IP Address range Description 224 0 0 0 224 0 0 255 Reserved Multicast Addresses used for routing protocols and other Network protocols 224 0 1 0 224 0 1 255 Addresses for Video Conferencing 239 0 0 0 239 255 255 255 Local Multicast Addresses which are used in the local Network only Table 8 1 Range of the special Multicast IP Multicast MAC Address Whe...

Страница 118: ... MAC Table based on the destination Multicast Address of the Multicast packet If the correspond ing entry cannot be found in the table the Switch will broadcast the packet to all of the member ports of the VLAN If the corresponding entry can be found in the table it indicates that the destination Address should be a group Port list so the Switch will duplicate the Multicast Data and deliver it eac...

Страница 119: ...ast MAC Table if the Switch receives no IGMP report messages from the host within the timeout period IGMP Messages A Switch running IGMP Snooping processes the IGMP messages of different types as follows 1 IGMP Query Message Query Messages sent by the Multicast Server fall into two categories IGMP General Query Message and IGMP Group Specific Query Message The Multicast Server regularly sends IGMP...

Страница 120: ...Multicast MAC Table when its member Port time elapses Client devices running IGMPv2 or IGMPv3 send IGMP Leave Messages when leaving a Multicast group to inform the Multicast Server it is leaving the group When receiving IGMP Leave Messages the Switch will forward an IGMP Group Specific Query Message to check if other members in the Multicast group of the member Port still need this Multicast and r...

Страница 121: ... Config and Multicast VLAN pages 8 1 1 Snooping Config To configure IGMP Snooping on the Switch please first configure the IGMP Global configuration and related parameters on the following page If the Multicast Address of the received Multicast Data is not in the Multicast MAC Table the Switch will broadcast the Data in the member VLAN When Unknown Multicast Discard feature is enabled the Switch d...

Страница 122: ... unsure of your needs we recommend keeping the default option of Forward IGMP Snooping Status Description Displays IGMP Snooping status Member Displays the members of the corresponding status CAUTION IGMP Snooping Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memo...

Страница 123: ...he Multicast group upon receiving IGMP Leave Messages LAG Displays the LAG Group number the Port belongs to CAUTION Port IGMP Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory NOTE Fast Leave on the Port is in effect only when the host supports IGMPv2 or IGMPv3...

Страница 124: ...r this Port a Router Port Default value is 300 seconds Member Port Time Specify the Aging Time of the member Port If the Switch doesn t receive an IGMP Report Message from the member Port before the Aging Time elapses it will no longer consider this Port a Member Port Default value is 260 seconds Leave Time Specify the interval between the Switch receiving a Leave Message from a client device and ...

Страница 125: ...ulticast IGMP Snooping Snooping Config and Port Config pages 2 Configure the Multicast parameters for VLANs Configure the Multicast parameters for VLANs on Multicast IGMP Snooping VLAN Config page If a VLAN has no Multicast parameters configured it indicates IGMP Snooping is not enabled in the VLAN any Multicast Data in the VLAN will be broadcasted 8 1 4 Multicast VLAN In the original implementati...

Страница 126: ...e Disable Multicast VLAN feature VLAN ID Enter the VLAN ID of the Multicast VLAN The VLAN ID must be configured in the 802 1Q VLAN page Router Port Time Specify the Aging Time of the Router Port Multicast Server If the Switch does not receive any IGMP Query Messages from the Router Port before the time elapses it will no longer consider this Port a Router Port Default value is 300 seconds Member P...

Страница 127: ... must be set to GENERAL NOTE Configure the Link Type of the Router Port Multicast Server in the Multicast VLAN as TRUNK or configure the Egress Rule as TAG and the Link Type as GENERAL otherwise the member Ports in the Multicast VLAN cannot receive Multicast streams NOTE After a Multicast VLAN is created all IGMP packets will be processed only within the Multicast VLAN Configuration procedure Step...

Страница 128: ... sends Multicast streams via the router and the streams are transmit ted to user A and user B through the Switch NOTE Most Multicast Servers can also be connected directly to the Switch please check the compatibility with your Multicast Server administrator Router A WAN or LAN Port can be connected to the Multicast Server its LAN Port is connected to the Switch The Multicast packets are transmitte...

Страница 129: ...nd its Egress Rule as TAG and add it to VLAN3 VLAN4 and VLAN5 Configure Port 4 as link type GENERAL and its Egress Rule as UNTAG and add it to VLAN3 and VLAN 4 Configure Port 5 as link type GENERAL and its Egress Rule as UNTAG and add it to VLAN3 and VLAN 5 3 Enable IGMP Snooping function Enable IGMP Snooping function globally on Multicast IGMP Snooping Snooping Config page Enable IGMP Snooping fu...

Страница 130: ...ulticast IP Table Static Multicast IP page 8 2 1 Multicast IP Table On this page you can view the Multicast IP Table on the Switch Choose the menu Multicast Multicast IP Multicast IP Table to load the following page Figure 8 8 Multicast IP Table The following entries are displayed on this screen Search Option Multicast IP Enter the Multicast IP Address of the desired entry VLAN ID Enter the VLAN I...

Страница 131: ...ast MAC Table and learn new addresses 8 2 2 Static Multicast IP The Static Multicast IP Table is isolated from any Dynamic Multicast group and Multicast Filter and is not learned by IGMP Snooping It can enhance the quality and security of information transmission in fixed Multicast Groups Choose the menu Multicast Multicast IP Static Multicast IP to load the following page Figure 8 9 Static Multic...

Страница 132: ...restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 8 3 Multicast Filter When IGMP Snooping is enabled you can specify the Multicast IP Range the Ports can join to restrict client devices ordering Multicast programs by configuring Multicast Filter Rules When applying for a Multicast Gro...

Страница 133: ...ton to quick select the corresponding IP Range ID Select Select the desired entry ies to delete or modify the corresponding IP range IP Range ID Displays IP Range ID Start Multicast IP Displays starting Multicast IP of the IP Range End Multicast IP Displays ending Multicast IP of the IP Range CAUTION Multicast IP Range settings will be restored to defaults if the Switch is restarted and you have n...

Страница 134: ...Multicast Filtering Port Displays the Port number Filter Enable Disable Multicast Filtering feature on the Port Action Mode Select the action mode to process Multicast packets when the Multicast IP is in the Filtered IP Range Permit Only the Multicast packets whose Multicast IP is in the IP Range will be processed Deny Only the Multicast packets whose Multicast IP is not in the IP Range will be pr...

Страница 135: ...ulticast Port Filter Rules have no effect on Static Multicast IPs NOTE Up to 5 IP Ranges can be bound to one Port Configuration Procedure Step Operation Description 1 Configure IP Range Configure an IP Range to be filtered on Multicast Multicast Filter IP Range page 2 Configure Multicast Filter Rules for Ports Configure Multicast Filter Rules for Ports on Multicast Multicast Filter Port Filter pag...

Страница 136: ...e page difficult to use IGMP Statistics Port Select Click the Select button to quick select the corresponding Port Port Displays the Port number of the Switch Query Packet Displays the number of Query packets the Port received RePort Packet V1 Displays the number of IGMPv1 Report packets the Port received RePort Packet V2 Displays the number of IGMPv2 Report packets the Port received RePort Packet...

Страница 137: ...he best quality QoS This Switch Classifies the Ingress packets then Maps the packets to different Priority Queues and forwards the packets according to specified Scheduling Algorithms Figure 9 1 QoS function Traffic Classification Identifies packets conforming to certain characteristics Map The user can Map the Ingress packets to different priority queues based on the priority modes This Switch im...

Страница 138: ...802 1P Priority with a range of 0 7 802 1P Priority determines the priority of the packets based on the PRI value In the Switch you can configure differ ent priority tags mapping to the corresponding priority levels The Switch determines which packets are sent with what Priority when forwarding packets The Switch processes untagged packets and Maps them to the default priority mode DSCP Priority F...

Страница 139: ... pro vides four Priority Schedule Modes SP Strict Priority WRR Weighted Round Robin SP WRR Strict Priority Weighted Round Robin and Equ Equal SP Mode Strict Priority Mode In this mode the Queue with highest priority will oc cupy all available bandwidth Packets in the Queue with Lower Priority are sent only when the Queue with Higher Priority is empty The Switch has four Egress Queues TC0 TC1 TC2 a...

Страница 140: ... Figure 9 5 WRR Mode SP WRR Mode Strict Priority Weight Round Robin Mode In this mode the Switch provides two Scheduling Groups the SP Group and the WRR Group Queues in the SP Group are Scheduled based on Strict Priority Mode while the Queues inside the WRR Group follow WRR Scheduling In SP WRR mode TC3 is in the SP Group and TC0 TC1 and TC2 belong to the WRR Group The Weight Value ratio of TC0 TC...

Страница 141: ...gorithms The Port priorities are labeled as CoS0 CoS7 The DiffServ function can be implemented on CoS Port Priority DSCP Priority CoS TC Queue Mapping and Priority Schedule Mode pages 9 1 1 CoS Port Priority On this page you can configure the Port priority Choose the menu QoS DiffServ Port Priority to load the following page Figure 9 6 CoS Port Priority The following entries are displayed on this ...

Страница 142: ...e 802 1P priority and TC On QoS DiffServ CoS TC Queue Mapping page configure the mapping relationship between the 802 1P Priority and TC Priority 3 Select a Priority Schedule Mode On QoS DiffServ Schedule Mode page select a Priority Schedule Mode 9 1 2 DSCP Priority On this page you can configure DSCP Priority DSCP DiffServ Code Point is a new definition to the IP ToS field This field is used to d...

Страница 143: ...Priority DSCP Priority Enable Disable DSCP Priority Priority Level DSCP Indicates the priority determined by the DS Field of the IP Datagram it ranges from 0 63 Priority Indicates the 802 1P priority the packets with a DSCP tag are mapped to the priorities are labeled as CoS0 CoS7 CAUTION DSCP Priority settings will be restored to defaults if the Switch is restarted and you have not selected Save ...

Страница 144: ...onship between the 802 1P Priority and TC All values have a default mapping that can be changed if needed 2 Select a Priority Schedule Mode On QoS DiffServ Schedule Mode page select a Priority Schedule Mode 9 1 3 802 1P CoS mapping On this page you can configure the mapping relationship between the 802 1P Priority Tag ID CoS ID and the TC ID 802 1P gives the PRI field in 802 1Q Tags a recommended ...

Страница 145: ...een CoS TC Queue Mapping Tag ID CoS ID Indicates the precedence level defined by IEEE 802 1P and the CoS ID Queue TC ID Indicates the priority level of the Egress Queue the packets with a Tag or CoS ID are mapped to The priority levels of the Egress Queue are labeled TC0 TC1 TC2 and TC3 CoS TC Queue Mapping settings will be restored to defaults if the Switch is restarted and you have not selected ...

Страница 146: ... that many packets complete for resources must be solved usually by way of queue scheduling The Switch will control the forwarding sequence of the packets according to the priority queues and scheduling algorithms you set On this Switch the priority levels of Egress queue are labeled as TC0 TC1 TC3 Choose the menu QoS DiffServ Priority Schedule Mode to load the following page Figure 9 9 Priority S...

Страница 147: ...oup will take up the remaining bandwidth according to their Scheduling ratio 1 2 4 Equ Mode In this Scheduling Mode all the Queues occupy the bandwidth equally The weight value ratio of all the queues is 1 1 1 1 CAUTION Port Priority Mapping settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration...

Страница 148: ...umber of the Switch Download Rate Kbps Configure the allowed Bandwidth for receiving packets on the Port You can select a Rate from the dropdown list or select Manual to set the Download Rate the system will automatically select an integral that is a multiple of 64Kbps that is closest to the rate you entered Upload Rate Kbps Configure the allowed Bandwidth for sending packets on the Port You can s...

Страница 149: ... to set Download Upload Rate the system will automatically select a multiple of 64Kbps that is closest to the rate you entered For example if you enter 1023Kbps for the Upload Rate the system will automatically select 1024Kbps as the Upload Rate NOTE When the Upload Rate Limit feature is enabled for one or more Ports we suggest you Disable Flow Control on each Port to ensure Network integrity 9 2 ...

Страница 150: ...g Port Select Select the desired Port s for Storm Control configuration Port Displays the Port number of the Switch Broadcast Rate bps Select the Bandwidth Limit for received Broadcast packets on the Port Any Broadcast packet traffic exceeding the bandwidth will be Discarded Select Disable to disable the storm control function for the Port Multicast Rate bps Select the Bandwidth Limit for received...

Страница 151: ...s Port 9 3 Voice VLAN Voice VLANs are configured specifically for Voice Data By configuring Voice VLANs and adding the Ports with Voice devices attached you can perform QoS Related filtering for Voice Data ensuring the Priority of Voice Data Stream and Voice quality OUI Organizationally Unique Identifier The Switch can determine whether a received packet is a Voice packet by checking its Source MA...

Страница 152: ... Switch will remove the Port from the Voice VLAN Manual Mode You must manually add the Port connected to an IP Phone to the Voice VLAN After adding the Port the Switch will assign ACL Rules and configure the Priority of the packets by learning the Source MAC Address of packets and matching it to an OUI The Voice VLAN mode is configured according to the type of packets sent by Voice device and the ...

Страница 153: ...e Voice VLAN function VLAN ID Enter the VLAN ID of the Voice VLAN Aging Time Specifies the timeout of the member Port in Auto Mode after the OUI ages out Priority Select the priority of the Port when sending Voice Data CAUTION VoIP VLAN Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configurati...

Страница 154: ... Select the desired Port s for Voice VLAN configuration Port Displays the Port number of the Switch Port Mode Select the mode for the Port to use joining the Voice VLAN Auto The Switch Automatically adds or removes the Port from the Voice VLAN Manual You must Manually add or remove a Port from the Voice VLAN Security Mode The Security Mode for forwarding packets Disable All packets are forwarded E...

Страница 155: ...ensure its member state corresponds with its Port mode NOTE If a Port is a member Port of the Voice VLAN changing its Port mode to be Auto will make the Port leave the Voice VLAN and will not join the Voice VLAN automatically until it receives Voice streams 9 3 3 VoIP OUI Config The Switch supports OUI creation allowing you to add any additional OUIs for Voice VLAN Identification The Switch determ...

Страница 156: ...evice this should always be the standard mask of FF FF FF 00 00 00 except in rare circumstances Description Give a description to the OUI for easy identification OUI Table Select Select the desired entry ies to be Deleted OUI Displays the OUI of the Voice device Mask Displays the OUI mask of the Voice device Description Displays the description of the OUI CAUTION VoIP OUI Config settings will be r...

Страница 157: ...ansmit Electrical Current and Data to remote devices over standard twisted pair Ethernet cable Devices A PoE system usually consists of PSE Power Sourcing Equipment and PD Powered Device PSE Power Sourcing Equipment Is the device such as a Switch that provides power via the Ethernet cable to the PD PD A powered device Is the device which accepts power from the PSE PDs falls into two types Standard...

Страница 158: ...me Range 10 1 PoE Config All the RJ45 Ports on the Switch can be configured to supply power for Powered Devices that comply with IEEE 802 3af and IEEE 802 3at The power the system can provide is limited so some attributes should be set to make full use of the power and guarantee the adequate power to linked PDs When the power exceeds the Maximum power limit the Switch may disconnect power to the P...

Страница 159: ...ed power exceeds the System Power Limit the PD linked to the Port with lower priority will be disconnected from power Power Limit 0 1w 30w Defines the max power the corresponding Port can supply Class1 4w Class2 7w Class3 15 4w and Class4 30w Time Range Select the Time Range for the PoE Port to supply power If No Limit is selected the PoE Port will supply power all the time PoE Profile Select the ...

Страница 160: ...er the name of the profile PoE Status Enable Disable PoE feature If Enabled the Port will supply power to connected PDs Power Device PoE Priority Priority Levels include High Medium and Low in descending order When the supplied power exceeds the System Power Limit the PD linked to the Port with lower priority will be disconnected from power Power Limit Defines the max power the corresponding Port ...

Страница 161: ... Slice Configure a Holiday Time Range to keep the Port based on this Time Range from supplying power on Holidays In each Time Range 4 Time Slices can be configured The Time Range configuration can be implemented on PoE Time Range Table PoE Time Range and PoE Holiday Config pages 10 2 1 Time Range Table On this page you can view edit or delete the current Time Ranges Choose the menu PoE PoE Time Ra...

Страница 162: ...Time Ranges Choose the menu PoE PoE Time Range PoE Time Range Create to load the following page Figure 10 4 PoE Time Range The following items are displayed on this screen Create Time Range Name Enter the Name of the Time Range for easy identification Exclude Holiday Select Exclude Holiday and the Port using this Time Range will not supply power when the System Time is within the Holiday period Ab...

Страница 163: ...s the Index of the Time Slice Start Time Displays the Start Time of the Time Slice End Time Displays the End Time of the Time Slice Delete Click the Delete button to Delete the corresponding Time Slice CAUTION PoE Time Range settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile ...

Страница 164: ...Date Specify the End Date of the Holiday Holiday Name Enter the Name of the Holiday Holiday Table Select Select the desired entry to Delete the corresponding Holiday Index Displays the Index of the Holiday Holiday Name Displays the Name of the Holiday Start Date Displays the Start Date of the Holiday End Date Displays the End Date of the Holiday CAUTION PoE Holiday Config settings will be restored...

Страница 165: ...tion of the Switch includes four submenus Time Range ACL Config Policy Config and Policy Binding 11 1 Time Range If a configured ACL is going to be in effect during a specified Time Range a Time Range should be created prior to specifying it in the ACL A Time Range based ACL takes effect only within the specified Time Range Absolute Week and Holiday Time Ranges can be configured Configure Absolute...

Страница 166: ...ime Range Time Range Name Displays the Name of the Time Range Slice Displays the Time Slice of the Time Range Mode Displays the Mode of the Time Range Configuration Click Edit to modify this Time Range and click Detail to display the information of this Time Range CAUTION ACL Time Range Table settings will be restored to defaults if the Switch is restarted and you have not selected Save Config fro...

Страница 167: ...elect Absolute to configure an Absolute Time Range The ACL Rule based on this Time Range takes effect only when the System Time is within the Absolute Time Range Week Select Week to configure a Weekly Time Range The ACL Rule based on this Time Range takes effect only when the System Time is within the Week Time Range Create Time Slice Start Time Set the Start Time of the Time Slice End Time Set th...

Страница 168: ...main menu and saved your running configuration to non volatile memory NOTE To successfully configure Time Ranges please specify Time Slices first and then Time Ranges 11 1 3 ACL Holiday Config Holiday mode is a different Time Range control policy from the Absolute or Week mode On this page you can define Holidays according to your local calendar Choose the menu ACL ACL Time Range ACL Holiday Confi...

Страница 169: ...l be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 11 2 ACL Config An ACL may contain a number of Rules and each Rule specifies a different packet range Packets are Matched in order Once a Rule is Matched the Switch Processes the Matched packets taking the operation specified in t...

Страница 170: ...ect Rule Table Select Select the desired entry to Delete the corresponding Holiday Index Displays the Index of the ACL Rule Rule ID Displays the Rule ID of the ACL S MAC Address Displays the Source MAC Address configured in the ACL Rule D MAC Address Displays the Destination MAC Address configured in the ACL Rule VLAN ID Displays the VLAN ID the ACL is active in Time Range Name Displays the Name o...

Страница 171: ...mory Here you can view the information about the ACL Rule you select 11 2 2 ACL On this page you can create ACLs Choose the menu ACL ACL Config ACL to load the following page Figure 11 5 ACL The following entries are displayed on this screen Create ACL ACL ID Enter ACL ID you want to create Rule Order User Config is the only Matching order CAUTION ACL settings will be restored to defaults if the S...

Страница 172: ...AC Address VLAN ID and Ether Type of the packets Choose the menu ACL ACL Config AC ACL RULE to load the following page Figure11 6 MAC ACL Rule The following entries are displayed on this screen Create MAC ACL RULE ACL ID Select the desired ACL ID for configuration Rule ID Enter the Rule ID Operation Select the operation the Switch will use to process packets Permit Forward Packets Deny Discard Pac...

Страница 173: ...e Matched packets Time Range Select the Time Range for the Rule to take effect CAUTION MAC ACL Rule settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 11 2 4 Standard IP ACL Rule Standard IP ACL Rules analyze and process Data packets based on a series of Matching condi...

Страница 174: ...ss to be contained in the Rule Mask Enter IP Address Mask If it is set to 1 the Switch must Match the Address Exactly Time Range Select the Time Range for the Rule to take effect CAUTION Standard IP ACL Rule settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 11 2 5 Ext...

Страница 175: ...ng entries are displayed on this screen Create Extend IP ACL ACL ID Select the desired Extended IP ACL Rule ID Enter the Rule ID Operation Select the operation the Switch will use to process packets Permit Forward Packets Deny Discard Packets S IP Enter the Source IP Address to be contained in the Rule D IP Enter the Destination IP Address to be contained in the Rule Mask Enter IP Address Mask If ...

Страница 176: ...Enter the DSCP value to be contained in the Rule IP ToS Enter the IP ToS value to be contained in the Rule IP Pre Enter the IP Precedence value to be contained in the Rule Time Range Select the Time Range used by the Rule CAUTION Extended IP ACL Rule settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running conf...

Страница 177: ...want to Delete the policy click the Delete button Action Table Select Select the desired entry to Delete the corresponding policy Index Enter the Index of the Policy ACL ID Displays the ID of the ACL contained in the Policy Mirror Port Displays the Mirror Port of the Policy Condition Displays the source Condition added to the Policy Redirect Displays the Redirect added to the Policy QoS Displays t...

Страница 178: ...ries are displayed on this screen Create Policy Policy Name Enter the Name of the Policy CAUTION ACL Policy settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 11 3 3 ACL Policy Rule On this page you can add ACLs and create corresponding actions for the Policy Choose th...

Страница 179: ...o change the Forwarding destination of the Data packets in the Policy Destination Port Forward the Data packets that match the corresponding ACL to the specified Port QoS Remark Select QoS to Forward the Data packets based on the QoS settings DSCP Specify the DSCP Region for the Data packets that match the corresponding ACL Local Priority Specify the Local Priority for the Data packets that match ...

Страница 180: ... Policy Binding Table The following entries are displayed on this screen Search Option Binding Mode Select a Binding Mode appropriate to your needs Policy Bind Table Select Select the desired entry to Delete the corresponding Binding Index Displays the Index of the Binding Policy Policy Name Displays the Name of the Binding Policy Interface Displays the Port number or VLAN ID Bound to the Policy D...

Страница 181: ...screen Port Binding Config Policy Name Select the Name of the Policy you want to Bind Port Enter the Number of the Port s you want to Bind Port Binding Table Index Displays the Index of the Binding Policy Policy Name Displays the Name of the Binding Policy Port Displays the Number of the Port Bound to the corresponding Policy Direction Displays the Binding Direction CAUTION ACL Policy Port Binding...

Страница 182: ...reen VLAN Bind Config Policy Name Select the Name of the Policy you want to Bind VLAN ID Enter the ID of the VLAN you want to Bind VLAN Bind Table Index Displays the Index of the Binding Policy Policy Name Displays the Name of the Binding Policy VLAN ID Displays the ID of the VLAN Bound to the corresponding Policy Direction Displays the Binding Direction CAUTION ACL Policy VLAN Binding settings wi...

Страница 183: ... ACL Rules 4 Bind the Policy to a Port or VLAN On ACL ACL Policy Binding configuration pages Bind the Policies to a Port or VLAN to bring the Policy into effect on the corresponding Port or VLAN 11 5 Application Example for ACL Network Requirements The manager of the R D Department can access to the company Forum and Internet without any limitations The MAC Address of the managers computer is 00 4...

Страница 184: ...onday to Friday Add the Time Slice 08 00 18 00 2 Configure for Requirement 1 On ACL ACL Config ACL page create ACL 11 On ACL ACL Config MAC ACL Rule page select ACL 11 create Rule 1 configure the operation as Permit configure the S MAC as 00 45 A5 5D 12 C3 and mask as FF FF FF FF FF FF and configure the Time Range as No Limit On ACL ACL Policy ACL Policy page create a Policy Named Manager On ACL A...

Страница 185: ...mask as 255 255 255 0 configure D IP as 172 31 88 5 and mask as 255 255 255 0 configure the Time Range as Work Time On ACL ACL Policy ACL Policy Rule page add ACL 100 to Policy limit1 On ACL ACL Policy Binding ACL Policy Port Binding page select Policy limit1 to Bind to Port 3 4 Configure requirement and 4 for 3 On ACL ACL Config ACL page create ACL 101 On ACL ACL Config Standard IP ACL Rule page ...

Страница 186: ...e information of client devices in the LAN using the ARP Scanning function and bind them with the collected information You are only required to enter the Range of IP Addresses to be scanned on the ARP Scanning page DHCP Snooping You can use the DHCP Snooping function to monitor the process of the client device obtaining an IP Address from a DHCP Server for Automatic Binding These three methods ar...

Страница 187: ...ARP Scanning will be displayed Snooping Only the entries added using DHCP Snooping will be displayed Binding Table IP Select Click the Select button to quick select the corresponding entry Select Select the desired entry ies to modify the Host Name and Protect Type Host Name Displays the Host Name IP Address Displays the IP Address of the Host MAC Address Displays the MAC Address of the Host VLAN ...

Страница 188: ...ong the conflicting entries with the same Source Priority the last added or edited entry will take effect 12 1 2 Manual Binding You can Manually Bind the IP Address MAC Address VLAN ID and Port Number together Choose the menu Network Security IP MAC Binding Manual IP MAC Binding to load the following page Figure 12 2 Manual IP MAC Binding The following entries are displayed on this screen Manual B...

Страница 189: ... memory NOTE Among the entries with a Critical collision level the entry with the highest Source Priority will take precedence NOTE Among the conflicting entries with the same Source Priority the last added or edited entry will take effect 12 1 3 ARP Scanning ARP Address Resolution Protocol is used to analyze and map IP Addresses to their corresponding MAC Addresses so that packets can be delivere...

Страница 190: ...ost B the IP Address of Host A and the MAC address of Host A Since the ARP Request Packets are broadcast all devices in the LAN receive them Only Host B recognizes and responds to the request Host B sends back an ARP Reply Packet to Host A with its MAC Address Upon receipt of the ARP Reply Packet Host A adds the IP Address and the corre sponding MAC Address of Host B to its ARP Table for further p...

Страница 191: ...blank the Switch will send the untagged packets when scanning Scan Click the Scan button to Scan the Hosts in the LAN Scanning Result Select Select the desired Entry to be Bound or Deleted Host Name Displays the Host Name IP Address Displays the IP Address of the Host MAC Address Displays the MAC Address of the Host VLAN ID Displays the VLAN ID Port Displays the Port Number connected to the Host P...

Страница 192: ... and more complicated Wireless Devices and Laptops are more widely used and with the location of PCs changing we need better Management options Managing all of these IP Address needs manually does not make sense This has given rise to DHCP Dynamic Host Configuration Protocol this Network configuration protocol further optimized and developed the older BOOTP protocol and solves the need to manually...

Страница 193: ...ementation Most DHCP Servers provide two methods for assigning IP Addresses Static IP Address Allows the administrator to bind the static IP Address to specific Client using the Client Device MAC Address Dynamic IP Address DHCP Server assigns any open DHCP Pool address to a connect ing Client Device This can cause the IP Address of Devices in the Network to change from time to time ...

Страница 194: ...tion DHCP REQUEST Stage If in the situation that there are multiple DHCP Servers send ing DHCP OFFER packets the Client will only respond to the first OFFER packet received Once the DHCP OFFER packet is received the client will broadcast the DHCP REQUEST packet which includes the assigned IP Address of the DHCP OFFER packet DHCP ACK Stage Since the DHCP REQUEST packet is broadcast all DHCP Servers...

Страница 195: ... 82 also can set the distribution policy of IP Addresses and the other parameters according to the Option 82 setting providing more flexible IP Address distribution Option 82 can contain up to 255 sub options If Option 82 is defined a sub option should be defined in the packet as well The Switch supports two of the available sub options Circuit ID and Remote ID Since there is no standard for the c...

Страница 196: ...ork for more wireless coverage turning the DHCP option on in a Server in the Network etc Hacker compromised machine pretending to be a valid DHCP Server to assign the IP Addresses and other parameters to Clients Hackers use the Rogue DHCP Server to assign a modified DNS Server Address to redirect users to compromised or outright fraudulent Web Sites The following figure illustrates a DHCP Cheat At...

Страница 197: ...he client device for Automatic Binding The Bound entry cooperates with ARP Inspection and the other Security Protection features The DHCP Snooping feature protects the Network from DHCP Server Cheat Attacks by discarding the DHCP packets from any untrusted Port s Choose the menu Network Security IP MAC Binding IP MAC DHCP Snooping to load the following page Figure 12 8 IP MAC DHCP Snooping The fol...

Страница 198: ... Option 82 Field Circuit ID Enter the customized Sub Option Circuit ID used by Replace Option 82 Remote ID Enter the customized Sub Option Remote ID used by Replace Option 82 Port Config Port Select Click the Select button to quick select the corresponding Port Select Select the desired Port s for configuration Port Displays the Port Number Trusted Port Enable Disable the Port as a Trusted Port On...

Страница 199: ...e are security risks inherent in ARP Implementation Cheat attacks against ARP such as Imitating Gateway Cheating Gateway Cheating Terminal Hosts and ARP Flooding can occur on the Network in larger Networks such as campus Networks large corporations public Networks etc Imitating Gateway An attacker sends the MAC Address of a forged Gateway to a Host the Host will automatically update the ARP table ...

Страница 200: ...e Figure 12 10 ARP Attack Cheating Gateway As the above figure shows when the Gateway tries to communicate with Host A in the LAN it will encapsulate the false destination MAC Address which results in a break down of normal communication Cheating Terminal Hosts The attacker sends the false IP Address to MAC Address mapping entries of Terminal Host Server to another terminal Host which causes that ...

Страница 201: ...Middle Attack The attacker continuously sends counterfeit ARP packets to Hosts in the LAN to get the Hosts to maintain a counterfeit ARP Table When the Hosts in LAN communicate with one another they will send the packets to the attacker s designated ARP table en try The attacker can process the packets before forwarding them The communication packets between the two Hosts are stolen and the Hosts ...

Страница 202: ...heir packets are directly sent to each other But in fact there is a Man In The Middle stealing the packet information during communication ARP Flood Attack In an ARP Flood attack the attacker broadcasts a mass of various fake ARP packets in a Network to occupy the maximum amount of Network bandwidth possible This can result in a dramatic slowdown of Network speed In the meantime the Gateway learns...

Страница 203: ...Port Trusted Port Select the Port s for which the ARP Detection function is unnecessary Ports such as Uplink Ports Router Ports and LAG Ports should be set as Trusted Ports To ensure the normal communication with the Switch please configure the ARP Trusted Ports before Enabling the ARP Detection function CAUTION ARP Detection settings will be restored to defaults if the Switch is restarted and you...

Страница 204: ...cify a Protect Type for the corresponding bound entry 3 Specify the trusted Port s On the Network Security ARP Inspection ARP Detection page specify the trusted Port s Ports such as Uplink Ports Router Ports and LAG Ports should be set as Trusted Ports 4 Enable ARP Detection feature On the Network Security ARP Inspection ARP Detection page Enable the ARP Detection feature 12 2 2 ARP Defense When E...

Страница 205: ...e current speed of received ARP packets Status Displays the status of ARP Defense on the port LAG Displays the LAG Group the Port belongs to Operation Click the Recover button to restore the Port to the Normal status ARP Defense for this Port will be reset CAUTION ARP Defense settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu a...

Страница 206: ... Enable Disable the Auto Refresh feature Refresh Interval Specify the refresh interval to display the ARP Statistics Illegal ARP Packet Port Displays the Port number Trusted Port Displays wither the Port is a Trusted ARP Port or not Illegal ARP Packet Displays the number of the received counterfeit ARP packets CAUTION ARP Statistics settings will be restored to defaults if the Switch is restarted ...

Страница 207: ...he FIN Field set to 1 The SYN field is used to request the initial connection whereas the FIN field is used to request termination A packet of this type is malicious This prevents the Host from establishing new connections and terminating unused connections Xmascan The attacker sends a malicious packet with its TCP index FIN URG and PSH field set to 1 This packet takes priority over other packets ...

Страница 208: ...ts the Server responds with SYN ACK packets Since the IP Address is fake no response is returned The Server keeps sending SYN ACK packets attempting to reach the counterfeit Host This attack causes latency on the Network and can block access to Server resources Table 12 1 Defendable DoS Attack Types On this page you can Enable the DoS Defense types appropriate for your Network Choose the menu Netw...

Страница 209: ...otection devices such as a Hardware based Firewall CAUTION DoS Defense settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 12 4 802 1X RADIUS The 802 1X RADIUS protocol was developed by the IEEE 802 LAN WAN committee to deal with wireless LAN security issues It was also...

Страница 210: ...rk device such as this Luxul Switch It provides the physical Port the Supplicant uses to access the LAN and authenticates the Supplicant Authentication Server The Authentication Server is an entity that provides Authentication service to the Authenticator Normally in the form of a RADIUS Server The Authentication Server stores user information and performs Authentication and Authorization To ensur...

Страница 211: ...ation Procedure 802 1X RADIUS Authentication can be initiated by Supplicant or Authenticator When the Authenticator detects an Unauthenticated Supplicant it will initiate the 802 1X RADIUS Authentication by sending EAP Request Identity packets to the Supplicant The Supplicant can also launch an 802 1X RADIUS Client program to initiate an 802 1X RADIUS Authentication process by sending an EAPOL Sta...

Страница 212: ...he Switch sends an EAP Request Identity packet to ask the 802 1X RADIUS Client program for the User Name The 802 1X RADIUS Client program responds by sending an EAP Response Identity packet to the Switch with the User Name included The Switch then encapsulates the packet in a RADIUS Access Request packet and forwards it to the RADIUS Server Upon receipt of the User Name from the Switch the RADIUS ...

Страница 213: ...the corresponding Port to Accepted which allows the Supplicant to access the Network The Switch will then monitor the status of the Supplicant by sending Hand Shake packets periodically By default the Switch will force the Supplicant to log off if it does not receive a response from the Supplicant after two attempts The Supplicant can also terminate the Authenticated state by sending EAPOL Logoff ...

Страница 214: ...ckets from the Supplicant for the specified period before it processes another Authentication Request from the Supplicant Guest VLAN The Guest VLAN function enables Supplicants that do not pass Authentication to access specified Network resources By default all of the Ports connected to the Supplicants belong to a VLAN i e Guest VLAN Users belonging to the Guest VLAN can access the resources of th...

Страница 215: ...02 1X Config 802 1X Port Config and Radius Server Config pages 12 4 1 802 1X Config On this page you can enable the 802 1X RADIUS Authentication function globally and control the Authentication process by specifying the Authentication Method Guest VLAN and various Timers Choose the menu Network Security 802 1X RADIUS 802 1X Config to load the following page Figure 12 20 802 1X Conﬁg ...

Страница 216: ...ion Guest VLAN Enable Disable the Guest VLAN feature Guest VLAN ID Enter your desired VLAN ID to enable the Guest VLAN feature The Supplicants in the Guest VLAN can access only the specified Network resources Authentication Config Quiet Enable Disable the Quiet timer Quiet Period Specify a value for Quiet Period When the Supplicant fails 802 1X RADIUS Authentication the Switch will stop responding...

Страница 217: ...ct Click the Select button to quick select the corresponding Port Select Select the desired Port s for configuration Port Displays the Port number Status Enable Disable the 802 1X RADIUS Authentication feature for the Port Guest VLAN Enable Disable the Guest VLAN feature for the Port Control Mode Specify the Control Mode for the Port Auto In this mode the Port will work normally only after passing...

Страница 218: ... number the Port belongs to CAUTION 802 1X Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 12 4 3 Radius Server The RADIUS Remote Authentication Dial In User Service Server provides Authentication service for the Switch using stored client information usually...

Страница 219: ...e IP Address of the Secondary Accounting Server Accounting Port Set the UDP Port for the Accounting Server s Default Port 1813 Accounting Key Set the shared Password for the Switch and the Accounting Server s used when exchanging messages CAUTION RADIUS Server settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your ru...

Страница 220: ...X RADIUS feature for the Port s of the Switch 13 SNMP SNMP Overview SNMP Simple Network Management Protocol provides a Management framework to monitor and maintain Network devices It is used to automatically manage various Network devices Currently most Network Management systems are based on SNMP SNMP is simple and convenient to use with no need for complex functions or a large amount of Network ...

Страница 221: ... SNMP Agent is exchanged through SNMP Simple Network Management Protocol The relationship between the SNMP Management Station SNMP Agent and MIB is illustrated in the following figure Figure 13 1 Relationship between SNMP Network Elements SNMP Versions This Switch supports SNMP up to Version 3 and is compatible with SNMP Version 1 and SNMP Version 2c The SNMP Versions used by the SNMP Management S...

Страница 222: ...SNMP Agent The combination of Authentication and Encryption creates more reliable communications between SNMP Management stations and SNMP Agents MIB Introduction To uniquely identify the Management Objects of a device in SNMP messages SNMP adopts a hierarchical architecture to identify the Managed Objects It uses a tree format with each tree node representing a Managed Object as shown in the foll...

Страница 223: ...cess by providing the users in various groups with different Management rights using the Read View Write View and Notify View Create an SNMP User Config The User configured in SNMP Group Settings can Manage the Switch using the Client program on a Management Station The specified Username and the Auth Privacy Password are used by an SNMP Management Station to access the SNMP Agent functioning as a...

Страница 224: ... Engine ID is a unique alphanumeric string used to identify the SNMP engine on the remote device which receives traps and informs from Switch CAUTION SNMP Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory NOTE The number of Engine ID Characters must be even 13 ...

Страница 225: ...dentifier OID of the Entry View Type Select the Type for the View Entry Include The View Entry can be managed by the SNMP Management Station Exclude The View Entry cannot be managed by the SNMP Management Station View Table Select Select the desired entry to Delete the corresponding View View Name Displays the Name of the View Entry View Type Displays the Type of the View Entry MIB Object ID Displ...

Страница 226: ...y Name is used for Authentication SNMP v1 can be configured on the SNMP Community Config page v2c SNMPv2c is defined for the Group In this model the Community Name is used for Authentication SNMP v2c can be configured on the SNMP Community Config page v3 SNMPv3 is defined for the Group In this model the USM mechanism is used for Authentication If SNMPv3 is enabled the Security Level field is enabl...

Страница 227: ...Security Model Displays the Security Model of the Group Security Level Displays the Security Level of the Group Read View Displays the Read View Name in the Entry Write View Displays the Write View Name in the Entry Notify View Displays the Notify View Name in the Entry Operation Click the Edit button to modify the View settings in the Entry then click the Modify button to apply CAUTION SNMP Group...

Страница 228: ...er Name Enter the User Name User Type Select the type of User Local User Indicates that the User is connected to a Local SNMP Engine Remote User Indicates that the User is connected to a Remote SNMP Engine Group Name Select the Group to which the User belongs The User is associated to the corresponding Group according to its Group Name Security Model and Security Level Security Model Select the Se...

Страница 229: ...he Privacy Password User Table Select Select the desired entry ies to Delete the corresponding User User Name Displays the Name of the User User Type Displays the User Type Group Name Displays the Group Name the User belongs Security Model Displays the Security Model of the User Security Level Displays the Security Level of the User Auth Mode Displays the Authentication Mode of the User Privacy Mo...

Страница 230: ...his screen Community Config Community Name Enter the Community Name Access Defines the Access Rights of the Community Read Only The Management Rights of a Community are restricted to Read Only Changes cannot be made to the corresponding View Read Write The Management rights of a Community are set to Read Write allowing changes to be made to the corresponding View MIB View Select the MIB View for t...

Страница 231: ...wing steps Step Operation Description 1 Enable SNMP function globally On the SNMP SNMP Config SNMP Config page enable the SNMP function globally 2 Create SNMP View Config On the SNMP SNMP Config SNMP View Config page create an SNMP View The default View Name is viewDefault and the default OID is 1 3 Create SNMP Group Settings On the SNMP SNMP Config SNMP Group Settings page create an SNMP Group fo...

Страница 232: ...work Management Station functioning as a Community Name Users can manage the device via the Read View Write View and Notify View defined in the SNMP Group Settings Create an SNMP Group and SNMP User 13 2 SNMP Notification With the SNMP Notification function enabled the Switch can send notifications to the Management Station about Events that occur within the defined View s e g the Managed device i...

Страница 233: ... used to send SNMP Notifications Default is 162 User Enter the Username for the Management Station Security Model Select the Security Model of the Management Station Security Level Select the Security Level for the User SNMP v3 only noAuthNoPriv No Authentication and No Privacy Security Level is used authNoPriv Only the Authentication Security Level is used authPriv Both the Authentication and Pri...

Страница 234: ...splays the User Name for Management Station Security Model Displays the Security Model of the Management station Security Level Displays the Security Level for the User SNMP v3 only Type Displays the type of SNMP Notification Timeout Displays the maximum Time allowed for the Switch to wait for a response from the Management Station before retrying a request Retry Displays the number of times the S...

Страница 235: ...collects and records Network Statistics which the Management station can monitor Event Group Event Group is used to define RMON Events Alarms occur when an Event is detected Statistic Group Statistic Group is set to monitor the Statistics of Alarm Variables on the specified Ports Alarm Group Alarm Group is configured to monitor the specified Alarm Variables When the value of a monitored Variable e...

Страница 236: ...ken Interval Specifies the Interval to take samplings from the Port Owner Enter the Name of the device or User that defined the entry Status Enable Disable the corresponding Sampling Entry CAUTION History Control Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memor...

Страница 237: ... by the Network device in response to an Event None No action taken Log Log the Event Notify Send Trap Message to the Management Station Log Notify Log the Event and send Trap Message to the Management Station Owner Enter the Name of the Device or User that defined the entry Status Enable Disable the corresponding event entry CAUTION Event Config settings will be restored to defaults if the Switch...

Страница 238: ...ill be triggered if the Sampled Value is larger than the Rising Threshold Falling Threshold Enter the Falling Value that triggers the Falling Threshold alarm Falling Event Select the Index of the corresponding Event which will be triggered if the Sampled Value is lower than the Falling Threshold Alarm Type Specify the Type of Alarm All The Alarm Event will be triggered if either the Sampled Value ...

Страница 239: ...f vendor specific MIBs have been created to describe a Network s physical topology and associated systems within that topol ogy There is no standard protocol for populating these MIBs or communicating this information among stations on the LAN The LLDP protocol is a stop gap protocol that accomplishes this task A Device running LLDP can Automatically Discover and Learn about neighbors allowing for...

Страница 240: ...nly Transmit LLDPDUs Disable the Port cannot Transmit or Receive LLDPDUs 2 LLDPDU Transmission If the Ports are working in TxRx or Tx mode they will advertise local information by sending LLDPDUs If there is a change made to the local Device the SNMP change Notification will be advertised To prevent a series of successive LLDPDUs during a short period due to frequent changes to a local Device a Tr...

Страница 241: ... refers to Type Length Value and is contained in a LLDPDU Type identifies what kind of information is being sent Length indicates the length of information string in bytes and Value is the actual information to be sent The basic TLV Format is shown below Figure 14 2 TLV Each TLV is identified by a unique TLV Type Value that indicates the type of information contained in the TLV The following table...

Страница 242: ...l 8 Management Address Identifies the Management IP Address the corresponding Interface number and OID Object Identifier Optional 127 Organizationally Specific Allows different organizations such as IEEE IETF as well as individual software and equipment vendors to define TLVs that advertise information to remote Devices Optional Optional TLVs are grouped into two categories Basic Management TLV an...

Страница 243: ... Port VLAN ID TLV allows a VLAN Port to advertise the Port s VLAN Identifier PVID that will i s associated with Untagged or Tagged frames Port And Protocol VLAN ID TLV The Port And Protocol VLAN ID TLV allows a Port to advertise a Port and protocol VLAN ID VLAN Name TLV The VLAN Name TLV allows an IEEE 802 1Q compatible IEEE 802 LAN station to advertise the assigned Name of any VLAN with which it ...

Страница 244: ...tion globally Parameter Config Transmit Interval Enter the Interval for the local Device to transmit LLDPDUs to its neighbors The default value is 30 Hold Multiplier Enter a Multiplier on the Transmit Interval This will determine the TTL Time To Live Value used in the LLDPDU TTL Hold Multiplier Transmit Interval The default value is 4 Transmit Delay Enter a value from 1 8192 seconds to specify the...

Страница 245: ... Tx Only the fast start mechanism will be Enabled This shortens the transmit interval to one second and several LLDPDUs will be sent out the number of LLDPDUs equals this parameter The default value is 3 CAUTION LLDP Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile m...

Страница 246: ...ode Allows you to Enable or Disable the Ports SNMP Notifications If Enabled the local Device will notify using a Trap Event to the SNMP Management Station Included TLVs Select TLVs to be included in outgoing LLDPDUs Details Click the Detail button to display the included TLVs and select the desired TLVs CAUTION Port Config settings will be restored to defaults if the Switch is restarted and you ha...

Страница 247: ...e Figure 14 3 LLDP Local Info The following entries are displayed on this screen Auto Refresh Auto Refresh Enable Disable the Auto Refresh function Refresh Rate Specify the Auto Refresh Rate Local Info Enter the desired Port number and click Select to display the information for the corresponding Port CAUTION Local Info settings will be restored to defaults if the Switch is restarted and you have ...

Страница 248: ...t Click the Select button to quick select the corresponding Port Local Port Displays the local Port number connected to the Neighbor Device System Name Displays the System Name of the Neighbor Device Chassis ID Displays the Chassis ID of the Neighbor Device System Description Displays the System Description of the Neighbor Device Neighbor Port Displays the Port number of the Neighbor linked to a l...

Страница 249: ...lowing entries are displayed on this screen Auto Refresh Auto Refresh Enable Disable the Auto Refresh function Refresh Rate Specify the Auto Refresh Rate Global Statistics Last Update Displays latest Update time for the Statistics Total Inserts Displays the number of Neighbors inserted since the last Update time Total Deletes Displays the number of Neighbors Deleted by the local Device Total Drops...

Страница 250: ...ig from the main menu and saved your running configuration to non volatile memory 14 4 LLDP Media LLDP Media is an extension of LLDP intended to assist managing endpoint devices such as Voice over IP Phones and Network Switches The LLDP MED TLVs advertise informa tion such as Network Policy Power via MDI Inventory Management information and Device Location details Elements LLDP MED Device Refers t...

Страница 251: ...tion Identification information to Communication Endpoint Devices based on the configuration of the Network Connectivity Device it is connected to If the Location Identification TLV is included and Location Identification Parameters are not set a default value is used in place of the Location Identification TLV Extended Power Via MDI TLV The Extended Power Via MDI TLV is intended to enable Advance...

Страница 252: ...nﬁguration The following entries are displayed on this screen LLDP MED Parameters Config Fast Start Count When the LLDP MED fast start mechanism is activated multiple LLDP MED frames will be transmitted based on this parameter Device Class LLDP MED Devices are of two primary device types Network Connectivity Devices and Endpoint Devices Endpoint Devices have three defined Classes Class I Class II ...

Страница 253: ...igure 14 7 LLDP Media Port Conﬁg The following entries are displayed on this screen LLDP MED Port Config Port Select Select the desired Port s to configure LLDP MED Status Configure the Port s LLDP MED status Enable The Port s LLDP MED status and the Port s Admin Status will be changed to Tx Rx Disable The Port s LLDP MED status will be completely Disabled Included TLVs Select TLVs to be included ...

Страница 254: ...n Emergency Call Service ELIN identifier which is used during emergency call setup to a traditional CAMA or ISDN Trunk Based PSAP Civic Address The Civic Address will reuse the relevant sub fields of the DHCP option for Civic Address based Location Configuration Information as specified by IETF CAUTION LLDP Media Port Config settings will be restored to defaults if the Switch is restarted and you ...

Страница 255: ...MED configuration Choose the menu LLDP LLDP Media LLDP Media Local Info to load the following page Figure 14 8 LLDP Media Local Info The following entries are displayed on this screen Auto Refresh Auto Refresh Enable Disable the Auto Refresh function Refresh Rate Specify the Auto Refresh Rate Local Info Enter the desired Port number and click Select to display the information of the corresponding ...

Страница 256: ...to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 14 4 4 LLDP Media Neighbor Info On this page you can view the LLDP MED information of Neighbor Devices Choose the menu LLDP LLDP Media LLDP Media Neighbor Info to load the following page Figure 14 9 LLDP Media Neighbor Info ...

Страница 257: ...d Device PD Information Click the Information button to Display detailed information for the corresponding Neighbor CAUTION LLDP Media Neighbor Info settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 15 CLUSTER With the development of IP based technology the scale of N...

Страница 258: ...r discovers and determines the Candidate Switches by collecting NDP Neighbor Discovery Protocol and NTDP Neighbor Topology Discovery Protocol information Member Switch Indicates the Device is Managed by the Commander Candidate Switch Indicates the Device does not belong to any Cluster though it can be added to a Cluster Individual Switch Indicates the Device has the Cluster feature Disabled The ro...

Страница 259: ...ecting NDPs NTDP The Commander collects NDP information and neighboring connection information of each device in a specified Network range to determine the Candidate Switches in the Cluster Cluster Maintenance The Commander adds Candidate Switches to the Cluster and removes Member Switches from the Cluster using the collected NTDP information The Cluster module is used for Cluster Management Confi...

Страница 260: ...cally The NDP function is implemented on the NDP Neighbor Info NDP Summary and NDP Config pages 15 1 1 NDP Neighbor Info On this page you can view the NDP Neighbor information Choose the menu Cluster NDP NDP Neighbor Info to load the following page Figure 15 2 NDP Neighbor Info The following entries are displayed on this screen NDP Neighbor Search Search Option Select the information the desired E...

Страница 261: ... for the Switch Aging Time Displays the period of time for the Neighbor Switch to keep the NDP packets from this Switch Hello Time Displays the Interval used when sending NDP packets Port Status Port Displays the Port Number of the Switch NDP Displays the NDP Status Enabled Disabled for the current Port Send NDP Packets Displays the count of Sent NDP packets Receive NDP Packets Displays the count ...

Страница 262: ...s screen NDP Config NDP Select to Enable Disable NDP function Globally Aging Time Enter the period of time the Neighbor Switch should keep the NDP packets from this Switch Hello Time Enter the Interval used when sending NDP packets Port Config Select Select the desired Port s to configure its NDP status Port Displays the Port Number of the Switch NDP Displays NDP Status of the current Port Enable ...

Страница 263: ...collected and the NDP information and neighboring connection information of each device in a specified Network range is recorded The Commander collects the specified Topology in the Network regularly You can also enable Topology Collection Manually on the Commander Switch After the Commander Switch sends out NTDP request packets the Member Switches receive the request packets and send out response...

Страница 264: ...Type collected through NTDP Device MAC Displays the MAC Address of the Device Cluster Name Displays the Cluster Name of the Device Role Displays the Role the Device plays in the Cluster Commander Indicates the Device that can configure and manage all the devices in a Cluster Member Indicates a Device that is managed in a Cluster Candidate Indicates a Device that does not belong to any Cluster thou...

Страница 265: ...265 User Guide 2014 Luxul All Rights Reserved Other trademarks and registered trademarks are the property of their respective owners Figure 15 6 Detailed Information for the Current Device ...

Страница 266: ...tus Enabled Disabled of the Switch NTDP Interval Time Displays the Interval for collecting Topology information NTDP Hops Displays the Hop Count of the Switch topology NTDP Hop Delay Displays the Time between the Switch receiving an NTDP request packet and the Switch forwarding an NTDP request packet for the first time NTDP Port Delay Displays the Time between the Port forwarding NTDP request pack...

Страница 267: ...ed Other trademarks and registered trademarks are the property of their respective owners 15 2 3 NTDP Config On this page you can configure NTDP Globally Choose the menu Cluster NTDP NTDP Config to load the following page Figure 15 8 NTDP Conﬁg ...

Страница 268: ...P Port Delay Enter the Time between the Port forwarding NTDP request packets and its adjacent Port forwarding NTDP request packets The default is 20 milliseconds Port Config Select Select the desired Port s for NTDP status configuration Port Displays the Port Number of the Switch NTDP Displays NTDP Status Enabled Disabled of the current Port Enable Click the Enable button to Enable the NTDP featur...

Страница 269: ...manage and configure the member Switch via the Commander Switch Note The XMS 1024P cannot be configured as a Commander Switch and cannot manage the Cluster The Cluster function is implemented on the Cluster Summary and Cluster Config pages 15 3 1 Cluster Summary On this page you can view the Status of the current Cluster Choose the menu Cluster Cluster Cluster Summary to load the following page Fi...

Страница 270: ...re the Status of the Cluster the Switch belongs to Choose the menu Cluster Cluster Cluster Config to load the following page Figure 15 12 Cluster Conﬁguration for Candidate Switch The following entries are displayed on this screen Current Role Role Displays the Role the Switch plays in the Cluster Role Change Individual Select this option to change the role of the Switch ...

Страница 271: ...nnection status of a cable to locate and diagnose potential cabling issues Loopback Allows you to test whether the Ports of the Switch and its peer device are available Network Diagnostics Tests whether the destination device is reachable and detects the route hops from the Switch to the destination device 16 1 System Monitor System Monitor displays the utilization status of the Memory and the CPU...

Страница 272: ... com 801 822 5450 LUX UG XMS 1024P Vers 081314 16 1 1 CPU Monitor Choose the menu Maintenance System Monitor CPU Monitor to load the following page Figure 16 1 CPU Monitor Click the Monitor button to enable monitoring and display of the CPU utilization rate every four seconds ...

Страница 273: ...tor Memory Monitor to load the following page Figure 16 2 Memory Monitor Click the Monitor button to enable monitoring and display its Memory utilization rate every four seconds 16 2 System Logs The Log system of Switch can record classify and manage the System Logs effectively providing powerful support tool for the Network administrator to monitor Network operations and diagnose malfunctions ...

Страница 274: ...cies 0 The system is unusable alerts 1 Action must be taken immediately critical 2 Critical conditions errors 3 Error conditions warnings 4 Warning conditions SNMP Notifications 5 Normal but significant conditions informational 6 Informational messages debugging 7 Debug level messages Table 16 1 Log Level The System Logs function is implemented on the Log Table Local Log Config Syslog Config and B...

Страница 275: ... Table to load the following page Figure 16 3 Log Table The following entries are displayed on this screen Log Info Index Displays the Index of the log Entry Time Displays the Time when the log Event occured The log will have the correct Time after you have configured the System System Settings System Time page Module Displays the Module which the log information belongs to You can select a Module...

Страница 276: ...e saved in the log file On this page you can set the output channel for the logs Choose the menu Maintenance System Logs Local Log Config to load the following page Figure 16 4 Local Log Conﬁg The following entries are displayed on this screen Local Log Config Select Select the desired Entry to configure the corresponding Local Log Log Buffer Indicates the location to which the system log is saved...

Страница 277: ...annel CAUTION Local Log Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory 16 2 3 Syslog Config The Syslog feature enables the Switch to send System Logs to a Log Server The Log Server is used to centralize System Logs from various devices for the administrator ...

Страница 278: ...el of the log information to be sent to each Syslog Host Only logs with the same or smaller Severity Level value will be sent to the corresponding Syslog Host Status Enable Disable the Syslog Host CAUTION Syslog Config settings will be restored to defaults if the Switch is restarted and you have not selected Save Config from the main menu and saved your running configuration to non volatile memory...

Страница 279: ...ile to your computer Note It may take a few minutes to backup the log file Please be patient 16 3 Device Diagnostics This Switch provides Cable Test and Loopback functions for device diagnostics 16 3 1 Cable Test Cable Test function tests the connection status of the cable connected to the Switch this help you to locate and diagnose cable issues Choose the menu Maintenance Device Diagnostics Cable...

Страница 280: ...to display the Length Range of the Cable Error If the Connection Status is close open or impedance this will attempt to display the Length Range of the bad cable Note The Lengths displayed are the lengths of the pairs in the cable not that of the physical cable Note The Length results are an approximation and are not to be exactly relied upon 16 3 2 Loopback The Loopback test function loops the se...

Страница 281: ...st function tests the connectivity between the Switch and a node of the Network This helps test Network connectivity Choose the menu Maintenance Network Diagnostics Ping to load the following page Figure 16 9 Ping The following entries are displayed on this screen Ping Config Destination IP Enter the IP Address of the Destination node for Ping testing Ping Times Enter the number of times to send t...

Страница 282: ...mum number of the Route Hops the test Data can pass through 17 SAVE CONFIG The Save Config function is used to Save the Running Configuration of the Switch to Non Volatile RAM If the running configuration is not saved in this manner a Reboot or Power cycle of the switch will cause any custom Configuration changes to be lost Choose the menu Save Config to load the following page Figure 17 1 Save Co...

Страница 283: ...sk of electric shock and voiding the warranty of the unit If you need service please contact us Avoid water and wet locations Warnings for the use of Wireless Devices Please observe all warning notices with regard to the usage of wireless devices Potentially Hazardous Atmospheres You are reminded of the need to observe restrictions on the use of radio devices in fuel depots chemical plants etc and...

Страница 284: ...ction against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruc tion manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the u...

Страница 285: ...he routine evaluation limits in section 2 5 of RSS 102 and compli ance with RSS 102 RF exposure users can obtain Canadian information on RF exposure and compliance Le dispositif rencontre l exemption des limites courantes d évaluation dans la section 2 5 de RSS 102 et la conformité à l exposition de RSS 102 rf utilisateurs peut obtenir l information canadienne sur l exposition et la conformité de ...

Страница 286: ...st Ethernet 100Mbps HD 200Mbps FD Gigabit Ethernet 2000Mbps FD Transmission Medium 10Base T UTP STP of Cat 3 or above 100Base TX UTP STP of Cat 5 or above 100Base FX MMF or SMF SFP Module Optional 1000Base T 4 pair UTP 100m of Cat 5 Cat 5e Cat 6 or above 1000Base X MMF or SMF SFP Module Optional LED Power System Port Status LED Speed PoE PoE Max Transmission Method Store and Forward Packets Forwar...

Страница 287: ... number or DSCP priority bit Differentiated Services Code Point DSCP DSCP uses a six bit tag to provide for up to 64 different forwarding behaviors Based on Network policies different kinds of traffic can be marked for different levels of forwarding priority The DSCP bits are mapped to the Class of Service categories and then into the output queues Domain Name Service DNS A system used for transla...

Страница 288: ...tion Protocol GMRP GMRP allows Network devices to register end stations with Multicast groups GMRP requires that any participating Network devices or end stations comply with the IEEE 802 1P standard Group Attribute Registration Protocol GARP See Generic Attribute Registration Protocol IEEE 802 1D Specifies a general method for the operation of MAC bridges including the Spanning Tree Protocol IEEE...

Страница 289: ...ers IGMP Query On each subnetwork one IGMP capable device will act as the querier that is the device that asks all hosts to report on the IP Multicast groups they wish to join or to which they already belong The elected querier will be the device with the lowest IP Address in the subnetwork IP Multicast Filtering Allows or denies the Client to add the specified Multicast group Multicast Switching ...

Страница 290: ...e standards via wire or radio Port Authentication See IEEE 802 1X Port Mirroring A method whereby Data on a target Port is mirrored to a monitor Port for troubleshoot ing with a logic analyzer or RMON probe This allows Data on the target Port to be studied Port Trunk Defines a Network link Aggregation and trunking method which specifies how to create a single high speed logical link that combines ...

Страница 291: ...updates from a Network Time Protocol NTP Server Updates can be requested from a specified NTP Server or can be received via broadcasts sent by NTP Servers Spanning Tree Algorithm STA A technology that checks your Network for any loops A loop can often occur in complicated or backup linked Network systems Spanning Tree detects and directs Data along the shortest available path maximizing the perfor...

Страница 292: ...P as the underlying transport mechanism to provide access to IP like services UDP packets are delivered just like IP packets connection less Datagrams that may be discarded before reaching their targets UDP is useful when TCP would be too complex too slow or just unnecessary Virtual LAN VLAN A Virtual LAN is a collection of Network nodes that share the same collision domain regardless of their phy...

Результаты поиска

Содержание XMS-1024P

Отзывы:

Похожие инструкции для XMS-1024P

Бренды по названию

Популярные бренды

Luxul XMS-1024P, Руководство пользователя

Результаты поиска

Содержание XMS-1024P

Отзывы:

Похожие инструкции для XMS-1024P

Бренды по названию

Популярные бренды