manualshive.com logo in svg

Planet XGSW-28040HP, Руководство пользователя

Поделиться
Скачать
Planet XGSW-28040HP Скачать руководство пользователя страница 106

User’s  Manual  of  XGSW-28040HP 

 

 

106 

 

■ 

IEEE 802.1Q Tunneling (Q-in-Q) 

IEEE 802.1Q Tunneling (QinQ) is designed for service providers carrying traffic for multiple customers across their networks. 

QinQ tunneling is used to maintain customer-specific VLAN and Layer 2 protocol configurations even when different customers 

use the same internal VLAN IDs. This is accomplished by inserting 

Service Provider VLAN (SPVLAN)

 tags into the customer’s 

frames when they enter the service provider’s network, and then stripping the tags when the frames leave the network.   

A service provider’s customers may have specific requirements for their internal VLAN IDs and number of VLANs supported. 

VLAN ranges required by different customers in the same service-provider network might easily overlap, and traffic passing 

through the infrastructure might be mixed. Assigning a unique range of VLAN IDs to each customer would restrict customer 

configurations, require intensive processing of VLAN mapping tables, and could easily exceed the maximum VLAN limit of 

4096.  

 

 

The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge, 

aggregating traffic from numerous independent customer LANs into the 

MAN (Metro Access Network)

 space. One of the 

purposes of the provider bridge is to recognize and use VLAN tags so that the VLANs in the MAN space can be used 

independent of the customers’ VLANs. This is accomplished by adding a VLAN tag with a MAN-related VID for frames entering 

the MAN. When leaving the MAN, the tag is stripped and the original VLAN tag with the customer-related VID is again available.   

This provides a tunneling mechanism to connect remote costumer VLANs through a common MAN space without interfering 

with the VLAN tags. All tags use EtherType 

0x8100

 or 

0x88A8

, where 0x8100 is used for customer tags and 0x88A8 are used 

for service provider tags. 

In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the particular 

VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC table 

requirements is reduced. 

Global VLAN Configuration 

The Global VLAN Configuration screen in 

Figure 4-6-1

 appears. 

 

Содержание XGSW-28040HP

Страница 1: ......

Страница 2: ...de reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not install...

Страница 3: ...ons 23 2 1 3 Switch Rear Panel 25 2 2 Installing the Switch 26 2 2 1 Desktop Installation 26 2 2 2 Rack Mounting 27 2 2 3 Installing the SFP SFP Transceiver 28 3 SWITCH MANAGEMENT 32 3 1 Requirements...

Страница 4: ...Configuration Upload 67 4 2 21 Configuration Activate 67 4 2 22 Configuration Delete 68 4 2 23 Image Select 68 4 2 24 Factory Default 69 4 2 25 System Reboot 70 4 3 Simple Network Management Protocol...

Страница 5: ...ng between two 802 1Q aware switches 120 4 6 8 3 Port Isolate 123 4 6 9 MAC based VLAN 124 4 6 10 MAC based VLAN Status 125 4 6 11 Protocol based VLAN 126 4 6 12 Protocol based VLAN Membership 128 4 7...

Страница 6: ...rt Policing 180 4 9 3 Port Classification 181 4 9 4 Port Scheduler 183 4 9 5 Port Shaping 184 4 9 5 1 QoS Egress Port Schedule and Shapers 185 4 9 6 Port Tag Remarking 186 4 9 6 1 QoS Egress Port Tag...

Страница 7: ...Port Limit Control 266 4 12 2 Access Management 270 4 12 3 Access Management Statistics 271 4 12 4 HTTPs 272 4 12 5 SSH 272 4 12 6 Port Security Status 273 4 12 7 Port Security Detail 276 4 12 8 DHCP...

Страница 8: ...e Check Configuration 326 4 16 10 Port Power Consumption 328 4 17 Loop Protection 329 4 17 1 Configuration 329 4 17 2 Loop Protection Status 331 4 18 RMON 332 4 18 1 RMON Alarm Configuration 332 4 18...

Страница 9: ...4 Store and Forward 357 5 5 Auto Negotiation 358 6 Power over Ethernet Overview 359 7 TROUBLESHOOTING 361 APPENDIX A Networking Connection 362 A 1 PoE RJ 45 Port Pin Assignments 362 A 2 Switch s Data...

Страница 10: ...Layer3 IPv4 IPv6 Static Routing Managed Switch is used as an alternative name in this user s manual 1 1 Packet Contents Open the box of the Managed Switch and carefully unpack it The box should contai...

Страница 11: ...the transmission speed required to extend the network efficiently With its 4 port 10G Ethernet link capability the XGSW 28040HP provides broad bandwidth and powerful processing capacity Centralized P...

Страница 12: ...ert Though most NVR or camera management software offers SMTP email alert function the XGSW 28040HP further provides event alert function to help to diagnose the abnormal device owing to whether or no...

Страница 13: ...P constructs the IPv6 FTTx edge network IPv4 and IPv6 VLAN Routing for Secure and Flexible Management To help customers stay on top of their businesses the XGSW 28040HP switch not only provides ultra...

Страница 14: ...e Management The XGSW 28040HP Managed Switch is equipped with console WEB and SNMP management interfaces With the built in Web based management interface the XGSW 28040HP offers an easy to use platfor...

Страница 15: ...f the Managed Switch Section 4 WEB CONFIGURATION The section explains how to manage the Managed Switch by Web interface Section 5 SWITCH OPERATION The chapter explains how to do the switch operation o...

Страница 16: ...etween ports Remote power feeding up to 100 meters PoE Management Total PoE power budget control Per port PoE function enable disable PoE Port Power feeding priority Per PoE port power limitation PD c...

Страница 17: ...Rate Limit per port bandwidth control 8 priority queues on all switch ports Traffic classification IEEE 802 1p CoS TOS DSCP IP Precedence of IPv4 IPv6 packets IP TCP UDP port number Typical network ap...

Страница 18: ...statistics alarms and events IPv6 Address NTP management Built in Trivial File Transfer Protocol TFTP client BOOTP and DHCP for IP address assignment Firmware upload download via HTTP TFTP DHCP Relay...

Страница 19: ...for half duplex Jumbo Frame 10K bytes Reset Button 5 sec System reboot 5 sec Factory default Dimensions W x D x H 440 x 300 x 44 5 mm 1U height Weight 4887g LED System PWR Green SYS Green Ring Green...

Страница 20: ...id Spanning Tree Protocol MSTP IEEE 802 1s Multiple Spanning Tree Protocol QoS Traffic classification based Strict priority and WRR 8 Level priority for switching Port Number 802 1p priority 802 1Q VL...

Страница 21: ...t IEEE 802 3x Flow Control and Back pressure IEEE 802 3ad Port trunk with LACP IEEE 802 1D Spanning tree protocol IEEE 802 1w Rapid spanning tree protocol IEEE 802 1s Multiple spanning tree protocol I...

Страница 22: ...RJ 45 Twist Pair Up to 100 meters SFP slot 100 1000Base X mini GBIC slot SFP Small Factor Pluggable transceiver module From 550 meters to 2km multi mode fiber up to above 10 20 30 40 50 70 120 kilome...

Страница 23: ...cations The front panel LEDs indicate instant status of power and system status fan status port links PoE in use and data activity they help monitor and troubleshoot when needed Figure 2 1 2 shows the...

Страница 24: ...indicate the port is successfully established at 1000Mbps 1000 LNK ACT Green Blink To indicate that the Switch is actively sending or receiving data over that port Lights To indicate the port is succ...

Страница 25: ...V AC and 50 60 Hz Plug the female end of the power cord firmly into the receptalbe on the rear panel of the Managed Switch Plug the other end of the power cord into an electric service outlet and the...

Страница 26: ...esktop or the shelf near an AC power source as shown in Figure 2 2 1 Figure 2 2 1 Place the Managed Switch on the Desktop Step 3 Keep enough ventilation space between the Managed Switch and the surrou...

Страница 27: ...itioned towards the front side Step 2 Attach the rack mount bracket to each side of the Managed Switch with supplied screws attached to the package Figure 2 2 2 shows how to attach brackets to one sid...

Страница 28: ...power to the Managed Switch 2 2 3 Installing the SFP SFP Transceiver The sections describe how to insert an SFP SFP transceiver into an SFP SFP slot The SFP SFP transceivers are hot pluggable and hot...

Страница 29: ...avelength RX Operating Temp MFB FA20 100 WDM LC Single Mode 20km 1310nm 1550nm 0 60 MFB FB20 100 WDM LC Single Mode 20km 1550nm 1310nm 0 60 MFB TFA20 100 WDM LC Single Mode 20km 1310nm 1550nm 40 75 MF...

Страница 30: ...e 60km 1310nm 1550nm 40 75 MGB TLB60 1000 WDM LC Single Mode 60km 1550nm 1310nm 40 75 10Gigabit Ethernet Transceiver 10GBase X SFP Model Speed Mbps Connector Interface Fiber Mode Distance Wavelength n...

Страница 31: ...h some fiber NICs or Media Converters user has to set the port Link mode to 10GForce 1000 Force or 100 Force Remove the Transceiver Module 1 Make sure there is no network activity anymore 2 Remove the...

Страница 32: ...rview Administration Console Access Web Management Access SNMP Access Standards Protocols and Related Reading 3 1 Requirements Workstations running Windows 2000 XP 2003 Vista 7 8 2008 MAC OS9 or later...

Страница 33: ...nctionality and HyperTerminal built into Windows 95 98 NT 2000 ME XP operating systems Secure Must be near the switch or use dial up connection Not convenient for remote users Modem connection may pro...

Страница 34: ...itch s console serial port Figure 3 1 1 Console Management Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal emul...

Страница 35: ...aged Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer After you set up your I...

Страница 36: ...nt Station only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The default getting and setting community strin...

Страница 37: ...ption for the devices 2 After setup is completed press Update Device Update Multi or Update All button to take effect The meaning of the 3 buttons above are shown as below Update Device use current se...

Страница 38: ...configured through an Ethernet connection making sure the manager PC must be set on the same IP subnet address with the Managed Switch For example the default IP address of the Managed Switch is 192...

Страница 39: ...creen in Figure 4 1 2 appears Figure 4 1 2 Login Screen Default User name admin Default Password admin After entering the username and password the main screen appears as shown in Figure 4 1 3 Figure...

Страница 40: ...4 1 Main Web Page The Managed Switch provides a Web based browser interface for configuring and managing it This interface allows you to access the Managed Switch using the Web browser of your choice...

Страница 41: ...s manage and control the Managed Switch and all its ports or monitor network conditions Via the Web Management the administrator can set up the Managed Switch by selecting the functions those listed i...

Страница 42: ...his Page provides statistics for DHCP relay CPU Load This Page displays the CPU load using an SVG graph System Log The Managed Switch system log information is provided here Detailed Log The Managed S...

Страница 43: ...figured in SNMP System Information System Name Location The system location configured in SNMP System Information System Location MAC Address The MAC Address of this Managed Switch Temperature Indicat...

Страница 44: ...IP configuration Object Description Mode Configure whether the IP stack should act as a Host or a Router In Host mode IP traffic between interfaces will not be routed In Router mode traffic is routed...

Страница 45: ...bits for a IPv4 address Address Provide the IP address of this Managed Switch A IPv6 address is in 128 bit records represented as eight fields of up to four hexadecimal digits with a colon separating...

Страница 46: ...he entry This may be LINK or IPv4 Address The current address of the interface of the given type IP Interfaces Status The status flags of the interface and or address Network The destination IP networ...

Страница 47: ...ser The allowed range is 1 to 15 If the privilege level value is 15 it can access all groups i e that is granted the fully control of the device But others value need to refer to each group privilege...

Страница 48: ...fully control of the device But others value need to refer to each group privilege level User s privilege should be same or greater than the group privilege level to have the access of that group By...

Страница 49: ...4 2 6 User Configuration Page Screenshot If you forget the new password after changing the default password please press the Reset button on the front panel of the Managed Switch for over 10 seconds...

Страница 50: ...ivilege levels After setup is completed please press Apply button to take effect Please login web interface with new user name and password and the screen in Figure 4 2 7 appears Figure 4 2 7 Privileg...

Страница 51: ...Restore Default System Password Configuration Save Configuration Load and Firmware Load Web Users Privilege Levels and everything in Maintenance Debug Only present in CLI Privilege Level Every privile...

Страница 52: ...a colon separates each field For example fe80 215 c5ff fe03 4dc7 The symbol is a special syntax that can be used as a shorthand way of representing multiple 16 bit groups of contiguous zeros but it ca...

Страница 53: ...e zone Range Up to 16 characters Daylight Saving Time This is used to set the clock forward or backward according to the configurations set below for a defined Daylight Saving Time duration Select Dis...

Страница 54: ...y and revert to previously saved values 4 2 8 UPnP Configure UPnP on this Page UPnP is an acronym for Universal Plug and Play The goals of UPnP are to allow devices to connect seamlessly and to simpli...

Страница 55: ...ment message from this switch If a control point does not receive any message within the duration it will think that the switch no longer exists Due to the unreliable nature of UDP in the standard it...

Страница 56: ...in length and the format is vlan_id module_id port_no The parameter of vlan_id is the first two bytes representing the VLAN ID The parameter of module_id is the third byte for the module ID in standal...

Страница 57: ...When enabling DHCP relay information mode operation if agent receives a DHCP message that already contains relay agent information It will enforce the policy And it only works under DHCP relay informa...

Страница 58: ...Receive Bad Remote ID The packets number that the Remote ID option did not match known Remote ID Client Statistics Object Description Transmit to Client The packets number that relayed packets from se...

Страница 59: ...st support the SVG format Consult the SVG Wiki for more information on browser support Specifically at the time of writing Microsoft Internet Explorer will need to have a plugin installed to support S...

Страница 60: ...system log Error Error level of the system log All All levels Clear Level To clear the system log entry level The following level types are supported Info Information level of the system log Warning...

Страница 61: ...ed Log screen in Figure 4 2 16 appears Figure 4 2 15 Detailed Log Page Screenshot The Page includes the following fields Object Description ID The ID 1 of the system log entry Message The message of t...

Страница 62: ...back sender since UDP is a connectionless protocol and it does not provide acknowledgments The syslog packet will always send out even if the syslog server does not exist Possible modes are Enabled E...

Страница 63: ...ation Controls whether SMTP authentication is enabled If authentication is required when an e mail is sent Authentication User Name Type the user name for the SMTP server if Authentication is Enable A...

Страница 64: ...the system would pop up the file selection menu to choose firmware 4 Select on the firmware then click the Software Upload Progress would show the file with upload status 5 Once the software is loade...

Страница 65: ...4 2 21 appears Figure 4 2 20 TFTP Firmware Update Page Screenshot The Page includes the following fields Object Description TFTP Server IP Fill in your TFTP server IP address Firmware File Name The n...

Страница 66: ...RAM based or stored in flash on the switch There are three system files running config A virtual file that represents the currently active configuration on the switch This file is volatile startup co...

Страница 67: ...current configuration is fully replaced with the configuration in the uploaded file Merge mode The uploaded file is merged into running config If the file system is full i e contains the three system...

Страница 68: ...ow Figure 4 2 27 Configuration Delete Page Screenshot 4 2 23 Image Select This Page provides information about the active and alternate backup firmware images in the device and allows you to revert to...

Страница 69: ...he version of the firmware image Date The date where the firmware was produced Buttons Click to use the alternate image This button may be disabled depending on system state 4 2 24 Factory Default You...

Страница 70: ...m Reboot The Reboot Page enables the device to be rebooted from a remote location Once the Reboot button is pressed user have to re login the WEB interface about 60 seconds later the System Reboot scr...

Страница 71: ...lor displays substantial memory and abundant disk space At least one NMS must be present in each managed environment Agents Agents are software modules that reside in network elements They collect and...

Страница 72: ...SNMP trap on this Page System Information The system information is provided here SNMPv3 Communities Configure SNMPv3 communities table on this Page SNMPv3 Users Configure SNMPv3 users table on this...

Страница 73: ...unity Indicates the community write access string to permit access to SNMP agent The allowed string length is 0 to 255 and the allowed content is the ASCII characters from 33 to 126 The field is appli...

Страница 74: ...lowed content is ASCII characters from 33 to 126 Trap Mode Indicates the SNMP trap mode operation Possible modes are Enabled Enable SNMP trap mode operation Disabled Disable SNMP trap mode operation T...

Страница 75: ...onds Indicates the SNMP trap inform timeout The allowed range is 0 to 2147 Trap Inform Retry Times Indicates the SNMP trap inform retry times The allowed range is 0 to 255 Trap Probe Security Engine I...

Страница 76: ...fields Object Description System Contact The textual identification of the contact person for this managed node together with information on how to contact this person The allowed string length is 0 t...

Страница 77: ...try It will be deleted during the next save Community Indicates the community access string to permit access to SNMPv3 agent The allowed string length is 1 to 32 and the allowed content is ASCII chara...

Страница 78: ...try s keys In a simple agent usmUserEngineID is always that agent s own snmpEngineID value The value can also take the value of the snmpEngineID of a remote SNMP engine with which this user can commun...

Страница 79: ...ol Indicates the privacy protocol that this entry should belong to Possible privacy protocol are None None privacy protocol DES An optional flag to indicate that this user using DES authentication pro...

Страница 80: ...A string identifying the group name that this entry should belong to The allowed string length is 1 to 32 and the allowed content is the ASCII characters from 33 to 126 Buttons Click to add a new gro...

Страница 81: ...o the named view The allowed OID length is 1 to 128 The allowed string content is digital number or asterisk Buttons Click to add a new view entry Click to apply changes Click to undo any changes made...

Страница 82: ...ication and none privacy Auth Priv Authentication and privacy Read View Name The name of the MIB view defining the MIB objects for which this request may request the current values The allowed string...

Страница 83: ...Information Display SFP information Port Mirror Sets the source and target ports for mirroring 4 4 1 Port Configuration This Page displays current port configurations Ports can also be configured her...

Страница 84: ...s selected that is what is used The Current Rx column indicates whether pause frames on the port are obeyed and the Current Tx column indicates whether pause frames on the port are transmitted The Rx...

Страница 85: ...transmitted packets per port Bytes The number of received and transmitted bytes per port Errors The number of frames received in error and the number of incomplete transmissions per port Drops The num...

Страница 86: ...iled Port Statistics Port 1 Page Screenshot The Page includes the following fields Receive Total and Transmit Total Object Description Rx and Tx Packets The number of received and transmitted good and...

Страница 87: ...er of short frames received with invalid CRC Rx Jabber The number of long frames received with invalid CRC Rx Filtered The number of received frames filtered by the forwarding process Short frames are...

Страница 88: ...4 SFP Module Information for Switch Page Screenshot The Page includes the following fields Object Description Type Display the type of current SFP module the possible types are 10GBase SR 10GBase LR...

Страница 89: ...ut via SNMP Trap Auto refresh Check this box to enable an automatic refresh of the Page at regular intervals Click to apply changes Click to undo any changes made locally and revert to previously save...

Страница 90: ...e copied to the mirror port is selected as follows All frames received on a given port also known as ingress or source mirroring All frames transmitted on a given port also known as egress or destinat...

Страница 91: ...mode Rx only Frames received at this port are mirrored to the mirroring port Frames transmitted are not mirrored Tx only Frames transmitted from this port are mirrored to the mirroring port Frames rec...

Страница 92: ...ber types provided they operate at the same speed Aggregated Links can be assigned manually Port Trunk or automatically by enabling Link Aggregation Control Protocol LACP on the relevant links Aggrega...

Страница 93: ...Link aggregation Configuration menu to specify the link aggregation on the devices at both ends When using a port link aggregation note that The ports used in a link aggregation must all be of the sa...

Страница 94: ...rts for IPv4 packets Normally all 5 contributions to the aggregation code should be enabled to obtain the best traffic distribution among the link aggregation member ports Each link aggregation may co...

Страница 95: ...the destination port for the frame Check to enable the use of the TCP UDP Port Number or uncheck to disable By default TCP UDP Port Number is enabled Static Aggregation Group Configuration The Aggrega...

Страница 96: ...orts located on a different device LACP allows switches connected to each other to discover automatically whether any ports are member of the same LAG This Page allows the user to inspect the current...

Страница 97: ...gation group while ports with different keys cannot The default setting is Auto Role The Role shows the LACP activity status The Active will transmit LACP packets each second while Passive will wait f...

Страница 98: ...ation ID associated with this aggregation instance For LLAG the id is shown as isid aggr id and for GLAGs as aggr id Partner System ID The system ID MAC address of the aggregation partner Partner Key...

Страница 99: ...d the port link is up No means that LACP is not enabled or that the port link is down Backup means that the port could not join the aggregation group but will join if other port leaves Meanwhile it s...

Страница 100: ...LACP Statistics Page Screenshot The Page includes the following fields Object Description Port The switch port number LACP Received Shows how many LACP frames have been sent from each port LACP Transm...

Страница 101: ...he broadcast was initiated 1 No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLAN without a network device performing a routing...

Страница 102: ...ch supports the following VLAN features Up to 255 VLANs based on the IEEE 802 1Q standard Port overlapping allowing a port to participate in multiple VLANs End stations can belong to multiple VLANs Pa...

Страница 103: ...information originally contained in the packet is retained 802 1Q Tag User Priority CFI VLAN ID VID 3 bits 1 bit 12 bits TPID Tag Protocol Identifier TCI Tag Control Information 2 bytes 2 bytes Preamb...

Страница 104: ...onnected to a tag aware device the packet should be tagged Default VLANs The Switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the Switch to th...

Страница 105: ...derstand nomenclature of the Switch IEEE 802 1Q Tagged and Untagged Every port on an 802 1Q compliant switch can be configured as tagged or untagged Tagged Ports with tagging enabled will put the VID...

Страница 106: ...VLAN limit of 4096 The Managed Switch supports multiple VLAN tags and can therefore be used in MAN applications as a provider bridge aggregating traffic from numerous independent customer LANs into t...

Страница 107: ...ld By default only VLAN 1 is enabled More VLANs may be created by using a list syntax where the individual elements are separated by commas Ranges are specified with a dash separating the lower and up...

Страница 108: ...r of exactly one VLAN the Port VLAN Access VLAN which by default is 1 Accepts untagged and C tagged frames Discards all frames that are not classified to the Access VLAN On egress all frames classifie...

Страница 109: ...iority tagged VLAN ID 0 On egress frames classified to the Port VLAN do not get tagged if Egress Tagging configuration is set to untag Port VLAN The Port VLAN is called an Access VLAN for ports in Acc...

Страница 110: ...low for changing the type of frames that are accepted on ingress Tagged and Untagged Both tagged and untagged frames are accepted Tagged Only Only tagged frames are accepted on ingress Untagged frames...

Страница 111: ...come a member of all possible VLANs The port must be a member of the same VLAN as the Port VLAN ID Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved...

Страница 112: ...ort is included in a Forbidden port list an image will be displayed If a port is included in a Forbidden port list and dynamic VLAN user register VLAN on same Forbidden port then conflict port will be...

Страница 113: ...port VLAN tagged frames are classified to the VLAN ID in the tag If VLAN awareness is disabled all frames are classified to the Port VLAN ID and tags are not removed Ingress Filtering Show the ingress...

Страница 114: ...c refresh occurs every 3 seconds Click to refresh the Page immediately 4 6 6 Private VLAN The Private VLAN membership configurations for the switch can be monitored and modified here Private VLANs can...

Страница 115: ...message appears Click OK to discard the incorrect entry or click Cancel to return to the editing and make a correction The Private VLAN is enabled when you click Save The Delete button can be used to...

Страница 116: ...VLAN Ports which can receive traffic from only promiscuous ports in the private VLAN The configuration of promiscuous and isolated ports applies to all private VLANs When traffic comes in on a promisc...

Страница 117: ...VLAN When checked port isolation is enabled on that port When unchecked port isolation is disabled on that port By default port isolation is disabled on all ports Buttons Click to apply changes Click...

Страница 118: ...ate network traffic so only members of the VLAN receive traffic from the same VLAN members The screen in Figure 4 6 8 appears and Table 4 6 9 describes the port configuration of the Managed Switches F...

Страница 119: ...ipped away it tag becoming an untagged packet Untagged packet entering VLAN 3 1 While PC 4 transmit an untagged packet enters Port 4 the switch will tag it with a VLAN Tag 3 PC 5 and PC 6 will receive...

Страница 120: ...ANs column Change Port 6 Mode as Trunk and Selects Egress Tagging as Tag All and Types 3 in the Allowed VLANs column The Per Port VLAN configuration in Figure 4 6 11 appears Figure 4 6 11 Check VLAN 2...

Страница 121: ...up Add two VLANs VLAN 2 and VLAN 3 Type 1 3 in Allowed Access VLANs column the 1 3 is including VLAN1 and 2 and 3 Figure 4 6 13 Add VLAN 2 and VLAN 3 2 Assign VLAN Member and PVID for each port VLAN 2...

Страница 122: ...ping with both VLAN 2 members and VLAN 3 members 4 Assign the VLAN Trunk Port to be the member of each VLAN which wants to be aggregated For this example add Port 7 to be VLAN 2 and VLAN 3 member port...

Страница 123: ...ed and promiscuous ports and the each PC is not able to access the isolated port of each other s PCs But they all need to access with the same server AP Printer This section will show you how to confi...

Страница 124: ...ed here This Page allows for adding and deleting MAC based VLAN entries and assigning the entries to different ports This Page shows only static entries The MAC based VLAN screen in Figure 4 6 18 appe...

Страница 125: ...nabled when you click on Save A MAC based VLAN without any port members will be deleted when you click Save The Delete button can be used to undo the addition of new MAC based VLANs Buttons Click to a...

Страница 126: ...h Group mapping entries as well as allow you to see and delete already mapped entries for the switch The Protocol based VLAN screen in Figure 4 6 20 appears Figure 4 6 20 Protocol to Group Mapping Tab...

Страница 127: ...is an OUI for a particular organization the protocol ID is a value assigned by that organization to the protocol running on top of SNAP In other words if value of OUI field is 00 00 00 then value of P...

Страница 128: ...existing mapping entry on this Page VLAN ID Indicates the ID to which Group Name will be mapped A valid VLAN ID ranges from 1 4095 Port Members A row of check boxes for each port is displayed for each...

Страница 129: ...blocked links at the time of a primary link failure is also accomplished automatically without operator intervention This automatic network reconfiguration provides maximum uptime to network users Ho...

Страница 130: ...might not be ideal For instance connecting higher speed links to a port that has a higher number than the current root port can cause a root port change STP Port States The BPDUs take some time to pas...

Страница 131: ...pt BPDUs are forwarded from or received by STP enabled ports until the forwarding state is enabled for that port 2 STP Parameters STP Operation Levels The Switch allows for two levels of operation the...

Страница 132: ...and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer 20 seconds Forward Delay Timer The amount time spent by a port in the learning and listening states wait...

Страница 133: ...n setting the above parameters Max Age _ 2 x Forward Delay 1 second Max Age _ 2 x Hello Time 1 second Port Priority A Port Priority can be from 0 to 240 The lower the number the greater the probabilit...

Страница 134: ...User s Manual of XGSW 28040HP 134 Figure 4 7 2 Before Applying the STA Rules In this example only the default STP values are used Figure 4 7 3 After Applying the STA Rules...

Страница 135: ...TP system settings The settings are used by all STP Bridge instances in the Switch or Switch Stack The Managed Switch support the following Spanning Tree protocols Compatiable Spanning Tree Protocol S...

Страница 136: ...2 1 Maximum 30 Max Age The maximum age of the information transmitted by the Bridge when it is the Root Bridge Valid values are in the range 6 to 40 seconds Default 20 Minimum The higher of 6 or 2 x H...

Страница 137: ...control packet Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 7 3 Bridge Status This Page provides a status overview for all STP bridge i...

Страница 138: ...to refresh Check this box to refresh the Page automatically Automatic refresh occurs every 3 seconds Click to refresh the Page immediately 4 7 4 CIST Port Configuration This Page allows the user to in...

Страница 139: ...has the best spanning tree priority vector Such a port will be selected as an Alternate Port after the Root Port has been selected If set it can cause lack of spanning tree connectivity It can be set...

Страница 140: ...E 8021w standard exceeds 65 535 the default is set to 65 535 Port Type IEEE 802 1D 1998 IEEE 802 1w 2001 Ethernet 50 600 200 000 20 000 000 Fast Ethernet 10 60 20 000 2 000 000 Gigabit Ethernet 3 10 2...

Страница 141: ...creenshot The Page includes the following fields Object Description MSTI The bridge instance The CIST is the default instance which is always active Priority Controls the bridge priority Lower numeric...

Страница 142: ...eenshot The Page includes the following fields Configuration Identification Object Description Configuration Name The name identifiying the VLAN to MSTI mapping Bridges must share the name and revisio...

Страница 143: ...lows the user to inspect the current STP MSTI port configurations and possibly change them as well A MSTI port is a virtual port which is instantiated separately for each active CIST physical port for...

Страница 144: ...STP CIST and MSTI port Path Cost Controls the path cost incurred by the port The Auto setting will set the path cost as appropriate by the physical link speed using the 802 1D recommended values Usin...

Страница 145: ...y and revert to previously saved values 4 7 8 Port Status This Page displays the STP CIST port status for port physical ports in the currently selected switch The STP Port Status screen in Figure 4 7...

Страница 146: ...tatistics This Page displays the STP port statistics counters for port physical ports in the currently selected switch The STP Port Statistics screen in Figure 4 7 12 appears Figure 4 7 12 STP Statist...

Страница 147: ...of unknown Spanning Tree BPDU s received and discarded on the port Discarded Illegal The number of illegal Spanning Tree BPDU s received and discarded on the port Buttons Auto refresh Automatic refres...

Страница 148: ...ers that they will become members of a multicast group The Internet Group Management Protocol IGMP is used to communicate this information IGMP is also used to periodically check the multicast group f...

Страница 149: ...User s Manual of XGSW 28040HP 149 Figure 4 8 2 Multicast Flooding Figure 4 8 3 IGMP Snooping Multicast Stream Control...

Страница 150: ...s to keep track of the membership of multicast groups on their respective sub networks The following outlines what is communicated between a multicast router and a multicast group member using IGMP A...

Страница 151: ...traffic If there is more than one router switch on the LAN performing IP multicasting one of these devices is elected querier and assumes the role of querying the LAN for group members It then propaga...

Страница 152: ...leted during the next save Profile Name The name used for indexing the profile table Each entry has the unique name which is composed of at maximum 16 alphabetic and numeric characters At least one al...

Страница 153: ...ure 4 8 6 appears Figure 4 8 6 IPMC Profile Address Configuration Page The Page includes the following fields Object Description Delete Check to delete the entry The designated entry will be deleted d...

Страница 154: ...fields Updates the table starting from the first entry in the IPMC Profile Address Configuration Updates the table starting with the entry after the last entry currently displayed 4 8 4 IGMP Snooping...

Страница 155: ...hernet switch that leads towards the Layer 3 multicast device or IGMP querier The Switch forwards IGMP join or leave packets to an IGMP router port Auto Select Auto to have the Managed Switch automati...

Страница 156: ...e next save VLAN ID The VLAN ID of the entry IGMP Snooping Enable Enable the per VLAN IGMP Snooping Only up to 32 VLANs can be selected Querier Election Enable the IGMP Querier election in the VLAN Di...

Страница 157: ...10 seconds LLQI LMQI for IGMP Last Member Query Interval The Last Member Query Time is the time value represented by the Last Member Query Interval multiplied by the Last Member Query Count The allowe...

Страница 158: ...file can be assigned to a port When enabled IGMP join reports received on the port are checked against the filter profile If a requested multicast group is permitted the IGMP join report is forwarded...

Страница 159: ...ew button Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 8 7 IGMP Snooping Status This Page provides IGMP Snooping status The IGMP Snoopi...

Страница 160: ...s the specific port is learnt to be a router port Both denote the specific port is configured or learnt to be a router port Port Switch port number Status Indicate whether specific port is a router po...

Страница 161: ...in the IGMP SSM Information Table are shown on this Page The IGMP SSM Information Table is sorted first by VLAN ID then by group and then by Port No Diffrent source addresses belong to the same group...

Страница 162: ...ber of IP source addresses for filtering to be 128 Type Indicates the Type It can be either Allow or Deny Hardware Filter Switch Indicates whether data plane destined to the specific group address fro...

Страница 163: ...gure 4 8 13 MLD Snooping Configuration Page Screenshot The Page includes the following fields Object Description Snooping Enabled Enable the Global MLD Snooping Unregistered IPMCv6 Flooding enabled En...

Страница 164: ...as a router port The allowed selection is Auto Fix Fone default compatibility value is Auto Fast Leave Enable the fast leave on the port Throtting Enable to limit the number of multicast groups to whi...

Страница 165: ...tness variable value is 2 QI Query Interval The Query Interval is the interval between General Queries sent by the Querier The allowed range is 1 to 31744 seconds default query interval is 125 seconds...

Страница 166: ...o assign a profile to a switch port that specifies multicast groups that are permitted or denied on the port A MLD filter profile can contain one or more or a range of multicast addresses but only one...

Страница 167: ...ings Filtering Group Select the IPMC Profile as the filtering condition for the specific port Summary about the designated profile will be shown by clicking the view button Buttons Click to apply chan...

Страница 168: ...er Status Shows the Querier status is ACTIVE or IDLE DISABLE denotes the specific interface is administratively disabled Querier Transmitted The number of Transmitted Querier Querier Received The numb...

Страница 169: ...tion Entries in the MLD Group Table are shown on this Page The MLD Group Table is sorted first by VLAN ID and then by group Each Page shows up to 99 entries from the MLD Group table default being 20 s...

Страница 170: ...to 99 entries from the MLD SFM Information table default being 20 selected through the entries per Page input field When first visited the web Page will show the first 20 entries from the beginning of...

Страница 171: ...c group address from the source IPv6 address could be handled by chip or not Buttons Auto refresh Automatic refresh occurs every 3 seconds Refreshes the displayed table starting from the input fields...

Страница 172: ...configured as an MVR receiver port When a subscriber selects a channel the set top box or PC sends an IGMP MLD report message to Switch A to join the appropriate multicast group address Uplink ports t...

Страница 173: ...ject Description MVR Mode Enable Disable the Global MVR The Unregistered Flooding control depends on the current configuration in IGMP MLD Snooping It is suggested to enable Unregistered Flooding cont...

Страница 174: ...mpatible mode MVR membership reports are forbidden on source ports The default is Dynamic mode Tagging Specify whether the traversed IGMP MLD control frames will be sent as Untagged or Tagged with MVR...

Страница 175: ...t Buttons Click to add new MVR VLAN Specify the VID and configure the new entry Click Save Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 8 17 MV...

Страница 176: ...le is sorted first by VLAN ID and then by group Each Page shows up to 99 entries from the MVR Group table default being 20 selected through the entries per Page input field When first visited the web...

Страница 177: ...addresses belong to the same group are treated as single entry Each Page shows up to 99 entries from the MVR SFM Information Table default being 20 selected through the entries per Page input field Wh...

Страница 178: ...Source Address field Type Indicates the Type It can be either Allow or Deny Hardware Filter Switch Indicates whether data plane destined to the specific group address from the source IPv4 IPv6 addres...

Страница 179: ...assifier classifies the traffic on the network Traffic classifications are determined by protocol application source destination and so on You can create and modify classifications The Switch then gro...

Страница 180: ...e policer is enabled on this switch port Rate Controls the rate for the policer This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 3300 when the Unit is Mbp...

Страница 181: ...ds Object Description Port The port number for which the configuration below applies CoS Controls the default class of service All frames are classified to a CoS There is a one to one mapping between...

Страница 182: ...d to the PCP value in the tag Otherwise the frame is classified to the default PCP value DEI Controls the default DEI value All frames are classified to a DEI value If the port is VLAN aware and the f...

Страница 183: ...ars Figure 4 9 3 QoS Egress Port Schedule Page Screenshot The Page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port n...

Страница 184: ...QoS Egress Port Shapers Page Screenshot The Page includes the following fields Object Description Port The logical port for the settings contained in the same row Click on the port number in order to...

Страница 185: ...ode is Strict Priority or Weighted on this switch port Queue Shaper Enable Controls whether the queue shaper is enabled for this queue on this switch port Queue Shaper Rate Controls the rate for the q...

Страница 186: ...e is restricted to 100 1000000 when the Unit is kbps and it is restricted to 1 13200 when the Unit is Mbps The default value is 500 Port Shaper Unit Controls the unit of measure for the port shaper ra...

Страница 187: ...configured on this Page The QoS Egress Port Tag Remarking sscreen in Figure 4 9 7 appears Figure 4 9 7 QoS Egress Port Tag Remarking Page Screenshot The Page includes the following fields Object Descr...

Страница 188: ...The Port coulmn shows the list of ports for which you can configure dscp ingress and egress settings Ingress In Ingress settings you can change ingress translation and classification settings for ind...

Страница 189: ...er is remapped and frame is remarked with remapped DSCP value The remapped DSCP value is always taken from the DSCP Translation Egress Remap DP0 table Remap DP Aware DSCP from analyzer is remapped and...

Страница 190: ...S Ingress Classification Page Screenshot The Page includes the following fields Object Description DSCP Maximum number of support ed DSCP values are 64 Trust Controls whether a specific DSCP value is...

Страница 191: ...tion screen in Figure 4 9 10 appears Figure 4 9 10 DSCP Translation Page Screenshot The Page includes the following fields Object Description DSCP Maximum number of supported DSCP values are 64 and va...

Страница 192: ...to remap DSCP value ranges form 0 to 63 Buttons Click to apply changes Click to undo any changes made locally and revert to previously saved values 4 9 10 DSCP Classification This Page allows you to m...

Страница 193: ...QoS Control List screen in Figure 4 9 12 appears Figure 4 9 12 QoS Control List Configuration Page Screenshot The Page includes the following fields Object Description QCE Indicates the index of QCE...

Страница 194: ...type Ethernet Only Ethernet frames with Ether Type 0x600 0xFFFF are allowed LLC Only LLC frames are allowed SNAP Only SNAP frames are allowed IPv4 The QCE will match only IPV4 frames IPv6 The QCE wil...

Страница 195: ...iscribed as below DMAC Type Destination MAC type possible values are unicast UC multicast MC broadcast BC or Any SMAC Source MAC address 24 MS bits OUI or Any Tag Value of Tag field can be Any Untag o...

Страница 196: ...decimal numbers between 0 and 255 When Mask is converted to a 32 bit binary string and read from left to right all bits following the first zero must also be zero DSCP Diffserv Code Point value DSCP I...

Страница 197: ...ers Each row describes the QCE that is defined It is a conflict if a specific QCE is not applied to the hardware due to hardware limitations The maximum number of QCEs is 256 on each switch The QoS Co...

Страница 198: ...a QCE may not be available in that case it shows conflict status as Yes otherwise it is always No Please note that conflict can be resolved by releasing the H W resources required to add QCL entry on...

Страница 199: ...l is enabled on this switch port Rate Controls the rate for the storm control The default value is 500 This value is restricted to 100 1000000 when the Unit is kbps or fps and it is restricted to 1 13...

Страница 200: ...hich the configuration below applies Enable Controls whether RED is enabled for this queue Min Threshold Controls the lower RED threshold If the average queue filling level is below this threshold the...

Страница 201: ...ed with Drop Precedence Level 0 are never dropped Min Threshold is the average queue filling level where the queues randomly start dropping frames The drop probability for frames marked with Drop Prec...

Страница 202: ...The Page includes the following fields Object Description Port The logical port for the settings contained in the same row Q0 Q7 There are 8 QoS queues per port Q0 is the lowest priority queue Rx Tx...

Страница 203: ...nd schedule network traffic It is recommended that there be two VLANs on a port one for voice one for data Before connecting the IP device to the switch the IP phone should configure the voice VLAN ID...

Страница 204: ...tes the Voice VLAN traffic class All traffic on Voice VLAN will apply this class Mode Indicates the Voice VLAN port mode Possible port modes are Disabled Disjoin from Voice VLAN Auto Enable auto detec...

Страница 205: ...iption Delete Check to delete the entry It will be deleted during the next save Telephony OUI An telephony OUI address is a globally unique identifier assigned to a vendor by IEEE It must be 6 charact...

Страница 206: ...cess permission associated with a particular ACE ID There are three ACE frame types Ethernet Type ARP and IPv4 and two ACE actions permit and deny The ACE also contains many detailed different paramet...

Страница 207: ...rt Redirect Indicates the port redirect operation of the ACE Frames matching the ACE are redirected to the port number The allowed values are Disabled or a specific port number When Disabled is displa...

Страница 208: ...ues are All The ACE will match all ingress port Port The ACE will match a specific ingress port Policy Bitmask Indicates the policy number and bitmask of the ACE Frame Type Indicates the frame type of...

Страница 209: ...disabled Counter The counter indicates the number of times the ACE was hit by a frame Modification Buttons You can modify each ACE Access Control Entry in the table using the following buttons Inserts...

Страница 210: ...ct the ingress port for which this ACE applies Any The ACE applies to any port Port n The ACE applies to this port number where n is the number of the switch port Policy Filter Specify the policy numb...

Страница 211: ...wed range is 1 to 16 Disabled indicates that the rate limiter operation is disabled Port Redirect Frames that hit the ACE are redirected to the port number specified here The allowed range is the same...

Страница 212: ...filter a specific destination MAC address with this ACE choose this value A field for entering a DMAC value appears DMAC Value When Specific is selected for the DMAC filter you can enter a specific de...

Страница 213: ...der IP Address When Host or Network is selected for the sender IP filter you can enter a specific sender IP address in dotted decimal notation Sender IP Mask When Network is selected for the sender IP...

Страница 214: ...value is allowed don t care Ethernet Specify whether frames can hit the action according to their ARP RARP protocol address space PRO settings 0 ARP RARP frames where the PRO is equal to IP 0x800 1 A...

Страница 215: ...E No IPv4 frames where the options flag is set must not be able to match this entry Yes IPv4 frames where the options flag is set must be able to match this entry Any Any value is allowed don t care S...

Страница 216: ...lds for defining TCP parameters will appear These fields are explained later in this help file Next Header Value When Specific is selected for the IPv6 next header value you can enter a specific value...

Страница 217: ...ange is 0 to 255 A frame that hits this ACE matches this ICMP value ICMP Code Filter Specify the ICMP code filter for this ACE Any No ICMP code filter is specified ICMP code filter status is don t car...

Страница 218: ...P destination range value A field for entering a TCP UDP destination value appears TCP UDP Destination Number When Specific is selected for the TCP UDP destination filter you can enter a specific TCP...

Страница 219: ...here the URG field is set must be able to match this entry Any Any value is allowed don t care Ethernet Type Parameters The Ethernet Type parameters can be configured when Frame Type Ethernet Type is...

Страница 220: ...The logical port for the settings contained in the same row Policy ID Select the policy to apply to this port The allowed values are 0 through 255 The default value is 0 Action Select whether forwardi...

Страница 221: ...s received on the port the port will be disabled Disabled Port shut down is disabled The default value is Disabled State Specify the port state of this port The allowed values are Enabled To reopen po...

Страница 222: ...s Figure 4 10 5 ACL Rate Limiter Configuration Page Screenshot The Page includes the following fields Object Description Rate Limiter ID The rate limiter ID for the settings contained in the same row...

Страница 223: ...tication is complete the RADIUS server sends a special packet containing a success or failure indication Besides forwarding this decision to the supplicant the switch uses it to open up or block traff...

Страница 224: ...re or TACACS aware devices on the network An authentication server contains a database of multiple user name password pairs with associated privilege levels for each user that requires management acce...

Страница 225: ...Secure Access Control Server version 3 0 RADIUS operates in a client server model in which secure authentication information is exchanged between the RADIUS server and one or more RADIUS clients Swit...

Страница 226: ...tity frame from the switch the client can initiate authentication by sending an EAPOL start frame which prompts the switch to request the client s identity If 802 1X is not enabled or supported on the...

Страница 227: ...ecause no response is received the client begins sending frames as if the port is in the authorized state If the client is successfully authenticated receives an Accept frame from the authentication s...

Страница 228: ...ly and revert to previously saved values 4 11 3 Network Access Server Configuration This Page allows you to configure the IEEE 802 1X and MAC based authentication system and port settings The IEEE 802...

Страница 229: ...Access Server Configuration Page Screenshot The Page includes the following fields System Configuration Object Description Mode Indicates if NAS is globally enabled or disabled on the switch If globa...

Страница 230: ...ing applies to the following modes i e modes using the Port Security functionality to secure MAC addresses Single 802 1X Multi 802 1X MAC Based Auth When the NAS module uses the Port Security module t...

Страница 231: ...rt When unchecked RADIUS server assigned QoS Class is disabled for all ports RADIUS Assigned VLAN Enabled RADIUS assigned VLAN provides a means to centrally control the VLAN on which a successfully au...

Страница 232: ...nly enter the Guest VLAN if an EAPOL frame has not been received on the port for the life time of the port If enabled checked the switch will consider entering the Guest VLAN even if an EAPOL frame ha...

Страница 233: ...dication Besides forwarding this decision to the supplicant the switch uses it to open up or block traffic on the switch port connected to the supplicant Note Suppose two backend servers are enabled a...

Страница 234: ...tion MAC address for EAPOL frames sent from the switch towards the supplicant since that would cause all supplicants attached to the port to reply to requests sent from the switch Instead the switch u...

Страница 235: ...only the MD5 Challenge method is supported The maximum number of clients that can be attached to a port can be limited using the Port Security Limit Control functionality RADIUS Assigned QoS Enabled W...

Страница 236: ...y be changed by the administrator in the meanwhile without affecting the RADIUS assigned This option is only available for single client modes i e Port based 802 1X Single 802 1X For trouble shooting...

Страница 237: ...d the switch will first check its history to see if an EAPOL frame has previously been received on the port this history is cleared if the port link goes down or the port s Admin State is changed and...

Страница 238: ...ill not cause settings changed on the Page to take effect Reauthenticate Schedules a reauthentication to whenever the quiet period of the port runs out EAPOL based authentication For MAC based authent...

Страница 239: ...te The current state of the port Refer to NAS Port State for a description of the individual states Last Source The source MAC address carried in the most recently received EAPOL frame for EAPOL based...

Страница 240: ...ed ports it shows selected backend server RADIUS Authentication Server statistics only Use the port select box to select which port details to be displayed The Network Access Statistics screen in Figu...

Страница 241: ...ot1xAuthEapolFrames Rx The number of valid EAPOL frames of any type that have been received by the switch Rx Response ID dot1xAuthEapolRespId FramesRx The number of valid EAPOL Response Identity frame...

Страница 242: ...that have been transmitted by the switch Tx Requests dot1xAuthEapolReqFra mesTx The number of valid EAPOL Request frames other than Request Identity frames that have been transmitted by the switch Th...

Страница 243: ...ot1xAuthBackendAuth Successes 802 1X and MAC based Counts the number of times that the switch receives a success indication Indicates that the supplicant client has successfully authenticated to the b...

Страница 244: ...nistrative states Port based 802 1X Single 802 1X Multi 802 1X MAC based Auth Name IEEE Name Description MAC Address dot1xAuthLastEapolF rameSource The MAC address of the last supplicant client VLAN I...

Страница 245: ...based Auth this column holds the MAC address of the attached client Clicking the link causes the client s Backend Server counters to be shown in the Selected Counters table If no clients are attached...

Страница 246: ...rs and all of the attached client s counters The Last Client will not be cleared however This button is available in the following modes Multi 802 1X MAC based Auth X Click to clear only the currently...

Страница 247: ...only if more than one server has been configured Key The secret key up to 63 characters long shared between the RADIUS server and the switch NAS IP Address The IPv4 address to be used as attribute 4...

Страница 248: ...ill use the global key Buttons Click to add a new RADIUS server An empty row is added to the table and the RADIUS server can be configured as needed Up to 5 servers are supported Click to undo the add...

Страница 249: ...ver has been configured Key The secret key up to 63 characters long shared between the TACACS server and the switch Server Configuration The table has one row for each TACACS server and a number of co...

Страница 250: ...following fields RADIUS Authentication Server Status Overview Object Description The RADIUS server number Click to navigate to detailed statistics for this server IP Address The IP address and UDP po...

Страница 251: ...ver This field takes one of the following values Disabled The server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communica...

Страница 252: ...nting for Server Overview Page Screenshot The Page includes the following fields RADIUS Authentication Statistics The statistics map closely to those specified in RFC4668 RADIUS Authentication Client...

Страница 253: ...malformed RADIUS Access Response packets received from the server Malformed packets include packets with an invalid length Bad authenticators or Message Authenticator attributes or unknown types are...

Страница 254: ...t yet timed out or received a response This variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Access Reject Access Challenge timeout or retransm...

Страница 255: ...ore than one server is enabled Round Trip Time radiusAuthClient ExtRoundTripTim e The time interval measured in milliseconds between the most recent Access Reply Access Challenge and the Access Reques...

Страница 256: ...were received from the server on the accounting port Rx Packets Dropped radiusAccClientExt PacketsDropped The number of RADIUS packets that were received from the server on the accounting port and dr...

Страница 257: ...one of the following values Disabled The selected server is disabled Not Ready The server is enabled but IP communication is not yet up and running Ready The server is enabled IP communication is up...

Страница 258: ...server The Pending Requests counter will not be cleared by this operation 4 11 10 Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Managed s...

Страница 259: ...40HP 259 2 Add New RADIUS Cleint on the Windows 2003 server Figure 4 11 12 Windows Server Add New RADIUS Client Setting 3 Assign the client IP address to the Managed Switch Figure 4 11 13 Windows Serv...

Страница 260: ...4 11 14 Windows Server RADIUS Server Setting 5 Configure ports attribute of 802 1X the same as 802 1X Port Configuration Figure 4 11 15 802 1x Port Configuration 6 Create user data The establishment...

Страница 261: ...GSW 28040HP 261 Figure 4 11 16 Windows 2003 AD Server Setting Path 7 Enter Active Directory Users and Computers create legal user data next right click a user what you created to enter properties and...

Страница 262: ...18 Add User Properties Screen Set the Port Authenticate Status to Force Authorized if the port is connected to the RADIUS server or the port is an uplink port that is connected to another switch Or o...

Страница 263: ...s client i e switch to EAP TLS from EAP MD5 you must remove the current existing wireless network from your preferred connection first and add it in again Configure Sample EAP MD5 Authentication 1 Go...

Страница 264: ...HP 264 Figure 4 11 20 7 Click OK 8 When client has associated with the Managed Switch a user authentication notice appears in system tray Click on the notice to continue Figure 4 11 21 Windows Client...

Страница 265: ...User s Manual of XGSW 28040HP 265 9 Enter the user name password and the logon domain that your account belongs 10 Click OK to complete the validation process Figure 4 11 22...

Страница 266: ...settings Limit Control allows for limiting the number of users on a given port A user is identified by a MAC address and VLAN ID If Limit Control is enabled on a port the limit specifies the maximum n...

Страница 267: ...System Configuration Object Description Mode Indicates if Limit Control is globally enabled or disabled on the switchstack If globally disabled other modules may still use the underlying functionalit...

Страница 268: ...the end host gets secured When the timer expires the switch starts looking for frames from the end host and if such frames are not seen within the next Aging Period the end host is assumed to be disc...

Страница 269: ...ntrol on the port or the switch 3 Click the Reopen button Trap Shutdown If Limit 1 MAC addresses is seen on the port both the Trap and the Shutdown actions described above will be taken State This col...

Страница 270: ...ot The Page includes the following fields Object Description Mode Indicates the access management mode operation Possible modes are Enabled Enable access management mode operation Disabled Disable acc...

Страница 271: ...12 3 Access Management Statistics Overview Page Screenshot The Page includes the following fields Object Description Interface The interface that allowed remote host can access the switch Receive Pac...

Страница 272: ...Redirect are enabled or redirects web browser to an HTTP connection when both are disabled Possible modes are Enabled Enable HTTPS redirect mode operation Disabled Disable HTTPS redirect mode operatio...

Страница 273: ...urity Status This Page shows the Port Security status Port Security is a module with no direct configuration Configuration comes indirectly from other modules the user modules When a user module has e...

Страница 274: ...at may request Port Security services Object Description User Module Name The full name of a module that may request Port Security services Abbr A one letter abbreviation of the user module This is us...

Страница 275: ...at least the Limit Control user module and that module has indicated that the limit is reached and no more MAC addresses should be taken in Shutdown The Port Security service is enabled by at least th...

Страница 276: ...ot The Page includes the following fields Object Description MAC Address VLAN ID The MAC address and VLAN ID that is seen on this port If no MAC addresses are learned a single row stating No MAC addre...

Страница 277: ...o block intruder on the untrusted ports of DUT when it tries to intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server Configure DHCP Snooping...

Страница 278: ...HCP snooping mode operation When enable DHCP snooping mode operation the request DHCP messages will be forwarded to trusted ports and only allowed reply packets from trusted ports Disabled Disable DHC...

Страница 279: ...een Page Screenshot Buttons Auto refresh Check this box to refresh the Page automatically Automatic refresh occurs every 3 seconds It will use the last entry of the currently displayed table as a basi...

Страница 280: ...Global IP Source Guard All configured ACEs will be lost when the mode is enabled Port Mode Configuration Specify IP Source Guard is enabled on which ports Only when both Global Mode and Port Mode on...

Страница 281: ...urce Guard Table The Static IP Source Guard Table screen in Figure 4 12 11 appears Figure 4 12 11 Static IP Source Guard Table Screen Page Screenshot The Page includes the following fields Object Desc...

Страница 282: ...vices connected to Layer 2 networks by poisoning the ARP caches This feature is used to block such attacks Only valid ARP requests and responses can go through DUT This Page provides ARP Inspection re...

Страница 283: ...k VLAN is disabled When the setting of Check VLAN is disabled the log type of ARP Inspection will refer to the port setting And the setting of Check VLAN is enabled the log type of ARP Inspection will...

Страница 284: ...llowing fields Object Description Delete Check to delete the entry It will be deleted during the next save Port The logical port for the settings VLAN ID The VLAN ID for the settings MAC Address Allow...

Страница 285: ...ss of the equipment sending the frame The SMAC address is used by the switch to automatically update the MAC table with these dynamic MAC addresses Dynamic entries are removed from the MAC table if no...

Страница 286: ...for managing the switch is added to the Static Mac Table before changing to secure learning mode otherwise the management link is lost and can only be restored by using another non secure port or by c...

Страница 287: ...owest MAC address found in the MAC Table The Start from MAC address and VLAN input fields allow the user to select the starting point in the MAC Table Clicking the Refresh button will update the displ...

Страница 288: ...Inspection Table Screenshot Navigating the ARP Inspection Table Each Page shows up to 99 entries from the Dynamic ARP Inspection table default being 20 selected through the entries per Page input fiel...

Страница 289: ...dates the table starting with the entry after the last entry currently displayed 4 13 4 Dynamic IP Source Guard Table Entries in the Dynamic IP Source Guard Table are shown on this Page The Dynamic IP...

Страница 290: ...he button to start over The Page includes the following fields Object Description Port The port number for which the status applies Click the port number to see the status for this particular port VLA...

Страница 291: ...store and maintain information gathered about the neighboring network nodes it discovers Link Layer Discovery Protocol Media Endpoint Discovery LLDP MED is an extension of LLDP intended for managing e...

Страница 292: ...erefore the default TTL is 4 30 120 seconds Tx Delay If some configuration is changed e g the IP address a new LLDP frame is transmitted but the time between the LLDP frames will always be at least th...

Страница 293: ...wn in the LLDP neighbours table CDP TLV Port ID is mapped to the LLDP Port ID field CDP TLV Version and Platform is mapped to the LLDP System Description field Both the CDP and LLDP support system cap...

Страница 294: ...owing fields Fast start repeat count Object Description Fast start repeat count Rapid startup and Emergency Call Service Location Identification Discovery of endpoints is a critically important aspect...

Страница 295: ...count it is possible to specify the number of times the fast start transmission would be repeated The recommended value is 4 times given that 4 LLDP frames with a 1 second interval will be transmitte...

Страница 296: ...Datum NAD83 MLLW NAD83 MLLW North American Datum 1983 CRS Code 4269 Prime Meridian Name Greenwich The associated vertical datum is Mean Lower Low Water MLLW This datum pair is to be used when referenc...

Страница 297: ...Service Emergency Call Service ELIN identifier data format is defined to carry the ELIN identifier as used during emergency call setup to a traditional CAMA or ISDN trunk based PSAP This format consis...

Страница 298: ...e multitude of network policies that frequently run on an aggregated link interior to the LAN Object Description Delete Check to delete the policy It will be deleted during the next save Policy ID ID...

Страница 299: ...ing conditional for use in network topologies that require a separate policy for the video signaling than for the video media This application type should not be advertised if all the same network pol...

Страница 300: ...ributes for the same network policies based on the authenticated user identity or port configuration Object Description Port The port number for which the configuration applies Policy ID The set of po...

Страница 301: ...vice Class is defined to build upon the capabilities defined for the previous Endpoint Device Class Fore example will any LLDP MED Endpoint Device claiming compliance as a Media Endpoint Class II also...

Страница 302: ...es that directly support the end user Discovery services defined in this class include provision of location identifier including ECS E911 information embedded L2 switch support inventory management L...

Страница 303: ...pplication type is using a tagged or an untagged VLAN Can be Tagged ot Untagged Untagged The device is using an untagged frame format and as such does not include a tag header as defined by IEEE 802 1...

Страница 304: ...creen in Figure 4 14 4 appears Figure 4 14 4 LLDP Neighbor Information Page Screenshot The Page includes the following fields Object Description Local Port The port on which the LLDP frame was receive...

Страница 305: ...ement This could for instance hold the neighbor s IP address Buttons Click to refresh the Page immediately Auto refresh Check this box to refresh the Page automatically Automatic refresh occurs every...

Страница 306: ...Frames The number of LLDP frames received on the port Rx Errors The number of received LLDP frames containing some kind of error Frames Discarded If an LLDP frame is received on a port and the switch...

Страница 307: ...ttons Click to refresh the Page immediately Clears the local counters All counters including global counters are cleared upon reboot Auto refresh Check this box to refresh the Page automatically Autom...

Страница 308: ...issues The Managed Switch transmit ICMP packets and the sequence number and roundtrip time are displayed upon reception of a reply Cable Diagnostics The Cable Diagnostics performing tests on copper ca...

Страница 309: ...ckets are received or until a timeout occurs The ICMP Ping screen in Figure 4 15 1 appears Figure 4 15 1 ICMP Ping Page Screenshot The Page includes the following fields Object Description IP Address...

Страница 310: ...he Page includes the following fields Object Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet Values range from 2 bytes to 1452 bytes Egress Interface...

Страница 311: ...reception of a reply The Page refreshes automatically until responses to all packets are received or until a timeout occurs The ICMP Ping screen in Figure 4 15 3 appears Figure 4 15 3 Remote IP Ping T...

Страница 312: ...ompleted the Page refreshes automatically and you can view the cable diagnostics results in the cable status table Note that Cable Diagnostics is only accurate for cables of length 7 140 meters 10 and...

Страница 313: ...r Open Open pair Short Shorted pair Short A Cross pair short to pair A Short B Cross pair short to pair B Short C Cross pair short to pair C Short D Cross pair short to pair D Cross A Abnormal cross p...

Страница 314: ...installation of cameras or WLAN AP more easily and efficiently Figure 4 16 1 Power over Ethernet Status 4 16 1 Power over Ethernet Powered Device 3 5 Watts Voice over IP phones Enterprise can install...

Страница 315: ...supply unit over the LAN infrastructure to powered devices PDs which are connected to ports Under some conditions the total output power required by PDs can exceed the maximum available power provide...

Страница 316: ...power limit mode It is hardware limited Allocation mode In this mode the user allocates the amount of power that each port may reserve The allocated reserved power for each port PD is specified in th...

Страница 317: ...E port provided power to the PDs XGSW 28040HP available maximum value is 440 Temperature Threshold Allows setting over temperature protection threshold value It system temperature was over it then sys...

Страница 318: ...Interval Configuration Screenshot The PoE port will start up after the whole system program has finished running The page includes the following fields Object Description Sequential Power up Option Al...

Страница 319: ...on Screenshot The page includes the following fields Object Description PoE Mode There are three modes for PoE mode Enable enable PoE function Disable disable PoE function Schedule enable PoE function...

Страница 320: ...when total power consumption has been over total power budget In this case the port with the lowest priority will be turn off and offer power for the port of higher priority Power Allocation It can l...

Страница 321: ...User s Manual of XGSW 28040HP 321 Figure 4 16 5 PoE Status Screenshot...

Страница 322: ...the total watts usage of Managed PoE Switch Local Port This is the logical port number for this row PD Class Displays the class of the PD attached to the port as established by the classification pro...

Страница 323: ...mental protection on the Earth the Managed PoE switch can effectively control the power supply besides its capability of giving high watts power The PoE schedule function helps you to enable or disabl...

Страница 324: ...file mode Possible profiles are Profile1 Profile2 Profile3 Profile4 Week Day Allows user to set week day for defining PoE function should be enabled on the day Start Hour Allows user to set what hour...

Страница 325: ...hedule Buttons click to add new rule Click to apply changes Check to delete the entry 4 16 8 LLDP PoE Neighbours This page provides a status overview for all LLDP PoE neighbors The displayed table con...

Страница 326: ...Once the PD stops working and without response the XGSW 28040HP PoE Switch is going to restart PoE port port power and bring the PD back to work It will greatly enhance the reliability and reduces adm...

Страница 327: ...ll be reset Action Allows user to set which action will be apply if the PD witout any response WGSW 48040HP PoE Switch offers 3 actions as following PD Reboot It menas system will reset the PoE port t...

Страница 328: ...328 4 16 10 Port Power Consumption This page allows user to see the usage of individual PoE Port The screen in Figure 4 16 10 appears Figure 4 16 10 Port Power Consumption Screenshot Buttons Click to...

Страница 329: ...ction that provides loop protection to prevent broadcast loops in Managed Switch 4 17 1 Configuration This Page allows the user to inspect the current Loop Protection configurations and possibly chang...

Страница 330: ...port Valid values are 0 to 604800 seconds 7 days A value of zero will keep a port disabled until next device restart Port Configuration Object Description Port The switch port number of the port Enabl...

Страница 331: ...itch port number of the logical port Action The currently configured port action Transmit The currently configured port transmit mode Loops The number of loops detected on this port Status The current...

Страница 332: ...plementation of Event Statistics and History display some current or history subnet statistics Alarm and Event provide a method to monitor any integer data change in the network and provide some alert...

Страница 333: ...the output packet queue in packets Sample Type The method of sampling the selected variable and calculating the value to be compared against the thresholds possible sample types are Absolute Get the s...

Страница 334: ...ing and comparing the rising and falling threshold Variable Indicates the particular variable to be sampled Sample Type The method of sampling the selected variable and calculating the value to be com...

Страница 335: ...ion of the event the possible types are none The total number of octets received on the interface including framing characters log The number of uni cast packets delivered to a higher layer protocol s...

Страница 336: ...8 5 RMON Event Overview Page Screenshot The Page includes the following fields Object Description Event Index Indicates the index of the event entry Log Index Indicates the index of the log entry LogT...

Страница 337: ...port ID which wants to be monitored If in stacking switch the value must add 1000 switch ID 1 for example if the port is switch 3 port 5 the value is 2005 Interval Indicates the interval in seconds f...

Страница 338: ...dcast packets and multicast packets received Broadcast The total number of good packets received that were directed to the broadcast address Multicast The total number of good packets received that we...

Страница 339: ...tly displayed 4 18 7 RMON Statistics Configuration Configure RMON Statistics table on this Page The entry index key is ID screen in Figure 4 18 8 appears Figure 4 18 8 RMON Statistics Configuration Pa...

Страница 340: ...hich packets were dropped by the probe due to lack of resources Octets The total number of octets of data including those in bad packets received on the network Pkts The total number of packets includ...

Страница 341: ...umber of packets including bad packets received that were between 256 to 511 octets in length 512 1023 The total number of packets including bad packets received that were between 512 to 1023 octets i...

Страница 342: ...and two ports should be assigned as the member ports in the ERPS Only one switch in the Ring group would be set as the RPL owner switch in which one port called owner port would be blocked and PRL nei...

Страница 343: ...here as screen in Figure 4 19 1 is shown below Figure 4 19 1 MEP configuration page screenshot The page includes the following fields Object Description Delete This box is used to mark an MEP for dele...

Страница 344: ...monitoring egress traffic on Residence Port Residence Port The port where MEP is monitoring see Direction Level The MEG level of this MEP Flow Instance The MEP is related to this flow See Domain Tagge...

Страница 345: ...uration page screenshot The page includes the following fields Instance Data Object Description MEP Instance The ID of the MEP Domain See help on MEP create WEB Mode See help on MEP create WEB Directi...

Страница 346: ...ed for this MEP cMEP Fault Cause indicating that a CCM is received with an MEP ID different from all Peer MEP ID configured for this MEP cAIS Fault Cause indicating that AIS PDU is received cLCK Fault...

Страница 347: ...eriod as described in Y 1731 This value has the following uses The transmission rate of the CCM PDU Fault Cause cLOC is declared if no CCM PDU has been received within 3 5 periods see cLOC Fault Cause...

Страница 348: ...lue for this last octet is 01 and the usage of other values is for further study Buttons Click to go to Fault Management page Click to go to Performance Monitor page Click to refresh the page immediat...

Страница 349: ...terconnected sub ring without virtual channel it is configured as 0 for such ring instances 0 in this field indicates that no Port 1 APS MEP is associated with this instance Ring Type Type of Protecti...

Страница 350: ...SF MEP See help on ERPS create WEB Port 1 SF MEP See help on ERPS create WEB Port 0 APS MEP See help on ERPS create WEB Port 1 APS MEP See help on ERPS create WEB Ring Type Type of Protected ring It c...

Страница 351: ...the traffic channel is restored to the working transport entity i e blocked on the RPL In Non Revertive mode the traffic channel continues to use the RPL if it is not failed after a protection switch...

Страница 352: ...timeout in milliseconds RPL Un blocked APS is received on the working flow No APS Received RAPS PDU is not received from the other end Port 0 Block Status Block status for Port 0 Both traffic and R AP...

Страница 353: ...shot The page includes the following fields Object Description All Switch Numbers Set all the switch numbers for the ring group The default number is 3 and maximum number is 30 Number ID The switch wh...

Страница 354: ...Switch ID Port MEP ID RPL Type VLAN Group Port 1 1 None 3001 Switch 1 Port 2 2 Owner 3001 Port 1 4 None 3001 Switch 2 Port 2 3 Neighbour 3001 Port 1 6 None 3001 Switch 3 Port 2 5 None 3001 Table 4 2 E...

Страница 355: ...itch 2 directly don t connect to port 1 2 Log in on the Switch 2 and click Ring Ring Wizard Set All Switch Number 3 and Number ID 2 click Next button to set the ERPS configuration for Switch 2 Set MEP...

Страница 356: ...gether in the ring topology before configuring the end of ERPS Follow the configuration or ERPS wizard to connect the Switch 1 2 3 together to establish ERPS application MEP2 MEP3 Switch1 Port2 Switch...

Страница 357: ...s packet comes in then this packet will be filtered Thereby increasing the network throughput and availability 5 4 Store and Forward Store and Forward is one type of packet forwarding techniques A Sto...

Страница 358: ...tically sets the best possible bandwidth when a connection is established with another network device usually at Power On or Reset This is done by detect the modes and speeds at the second of both dev...

Страница 359: ...ed Source Equipment PSE and the Powered Device PD The PSE is either an End Span or a Mid Span while the PD is a PoE enabled terminal such as IP Phones Wireless LAN etc Power can be delivered over data...

Страница 360: ...rnet pairs are transformer coupled at each end it is possible to apply DC power to the center tap of the isolation transformer without upsetting the data transfer In this mode of operation the pair on...

Страница 361: ...f the port Why the Switch doesn t connect to the network Solution 1 Check the LNK ACT LED on the switch 2 Try another port on the Switch 3 Make sure the cable is installed properly 4 Make sure the cab...

Страница 362: ...nd the scope of this standard A 3 10 100Mbps 10 100Base TX When connecting your Switch to another Fast Ethernet switch a bridge or a hub a straight or crossover cable is necessary Each port of the Swi...

Страница 363: ...hite Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown 1 White Orange 2 Orange 3 White Green 4 Blue 5 White Blue 6 Green 7 White Brown 8 Brown Crossover Cable SIDE 1 SIDE 2 SIDE 1 1 2 3 4 5 6 7...

Страница 364: ...the manual ACL configuration ACL Access Control List The web Page shows the ACEs in a prioritized way highest top to lowest bottom Default the table is empty An ingress frame will only get a hit on o...

Страница 365: ...al in the two ends of a protection group as defined in G 8031 Aggregation Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the redundancy for hig...

Страница 366: ...ng data converts it to an unintelligible form called cipher Decrypting cipher converts the data back to its original form called plaintext The algorithm described in this standard specifies both encip...

Страница 367: ...represent the VLAN ID The parameter of module_id is the third byte for the module ID in standalone switch it always equal 0 in stackable switch it means switch ID The parameter of port_no is the four...

Страница 368: ...is pruned from the multicast tree for the multicast group specified in the original leave message Fast leave processing ensures optimal bandwidth management for all hosts on a switched network even wh...

Страница 369: ...culties or simple exchanges such as time stamp or echo transactions For example the PING command uses ICMP to test an Internet connection IEEE 802 1X IEEE 802 1X is an IEEE standard for port based Net...

Страница 370: ...et Protocol address and this IP address is used to identify the device uniquely among all other devices connected to the extended network The current version of the Internet protocol is IPv4 which has...

Страница 371: ...connectivity in the network Can be used as a switch criteria by EPS M MAC Table Switching of frames is based upon the DMAC address contained in the frame The switch builds up a table that maps MAC ad...

Страница 372: ...twork Access Server The NAS is meant to act as a gateway to guard access to a protected source A client connects to the NAS and the NAS connects to another resource asking whether the client s supplie...

Страница 373: ...onal TLVs is disabled the corresponding information is not included in the LLDP frame OUI OUI is the organizationally unique identifier An OUI address is a globally unique identifier assigned to a ven...

Страница 374: ...rward service An alternative protocol is Internet Message Access Protocol IMAP IMAP provides the user with more capabilities for retaining e mail on the server and for organizing it in folders on the...

Страница 375: ...a method to guarantee a bandwidth relationship between individual applications or protocols A communications network transports a multitude of applications and data including high quality video and d...

Страница 376: ...ervers for Microsoft Windows IBM OS 2 and other SMB client machines Samba uses the Server Message Block SMB protocol and Common Internet File System CIFS which is the underlying protocol used in Micro...

Страница 377: ...or setting up each switch to perform shortest path forwarding within the stack SSID Service Set Identifier is a name used to identify the particular 802 11 wireless LANs to which a user wants to attac...

Страница 378: ...essage or messages to be exchanged by the application programs at each end have been exchanged TCP is responsible for ensuring that a message is divided into the packets that IP manages and for reasse...

Страница 379: ...Unlike TCP UDP does not provide the service of dividing a message into packet datagrams and UDP doesn t provide reassembling and sequencing of the packets This means that the application program that...

Страница 380: ...N ID is a 12 bit field specifying the VLAN to which the frame belongs Voice VLAN Voice VLAN is VLAN configured specially for voice traffic By adding the ports with voice devices attached to voice VLAN...

Страница 381: ...nterprise is meant for use with an IEEE 802 1X authentication server which distributes different keys to each user Personal WPA utilizes less scalable pre shared key PSK mode where every allowed compu...

Страница 382: ...A1 2009 A2 2009 EN 61000 3 3 2008 EN 55024 2010 EN 61000 4 2 2009 EN 61000 4 3 2006 A1 2008 A2 2010 EN 61000 4 4 2010 2012 EN 61000 4 5 2006 EN 61000 4 6 2009 EN 61000 4 8 2010 EN 61000 4 11 2004 Res...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды