User Manual Basic Configuration Industrial ETHERNET Gigabit Switch RS20/RS30, MS20/MS30, Power MICE, MACH 4000, OCTOPUS Layer 2 Enhanced with Layer 2 Professional Technical Support Release 1.0 10/05 HAC-Support@hirschmann.de...
Page 2
This publication has been created by Hirschmann Automation and Control GmbH according to the best of our knowledge. Hirschmann reserves the right to change the contents of this manual without prior notice. Hirschmann can give no guarantee in respect of the correctness or accuracy of the details in this publication.
Contents Contents About this Manual Introduction Access to the user interfaces System monitor Command Line Interface Web based Interface Entering the IP parameters Basics IP parameter 2.1.1 IP address (version 4) 2.1.2 Network mask 2.1.3 Example of how the network mask is used Entering the IP parameters via CLI Entering the IP parameters via HiDiscovery Loading the system configuration from the ACA...
Page 4
Contents Loading/saving settings Loading settings 3.1.1 Loading from the local non-volatile memory 3.1.2 Loading from the AutoConfiguration Adapter 3.1.3 Loading from a file 3.1.4 Resetting the configuration to the state on delivery Saving settings 3.2.1 Saving Locally (and on the ACA) 3.2.2 Saving into a file Loading Software Updates Loading the Software from the ACA...
Page 5
Contents Synchronizing the System Time of the Network Entering the Time SNTP 7.2.1 Descripton SNTP 7.2.2 Preparing the SNTP configuration 7.2.3 Configuring SNTP Precison Time Protocol 7.3.1 Funtion description PTP 7.3.2 Preparing the PTP configuration 7.3.3 Configuring PTP Interaction PTP and SNTP Traffic control Directed frame forwarding 8.1.1 Store-and-forward...
Page 6
Contents VLANs 8.6.1 Description VLANs 8.6.2 Configuring VLANs 8.6.3 Setting up VLANs 8.6.4 Displaying the VLAN configuration 8.6.5 Deleting the VLAN settings 8.6.6 Example of a simple VLAN Operation Diagnostics Sending traps 9.1.1 SNMP trap listing 9.1.2 SNMP traps when booting 9.1.3 Configuring traps Out-of-band signaling 9.2.1 Manual setting the signal contact...
Page 7
Contents General Information Hirschmann Competence Management Information BASE MIB Used abbreviations List of RFC's Based IEEE standards Technical Data Copyright of integrated software B.8.1 Bouncy Castle Crypto APIs (Java) B.8.2 LVL7 Systems, Inc. Reader's comments B.10 Index Layer 2 Enhanced with Layer 2 Professional...
Page 8
Contents Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
About this Manual About this Manual The “Basic Configuration” user manual contains all the information you need to start operating the switch. It takes you step by step from the first startup operation through to the basic settings for operation in your environment. The following thematic sequence has proven itself in practice: Set up device access for operation by entering the IP parameters Check the status of the software and update it if necessary...
Page 10
About this Manual Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
The designations used in this manual have the following meanings: List V Work step Subheading Indicates a cross-reference with a stored link. Note: A note emphasizes an important fact or draws your attention to a dependency. Courier font ASCII representation in user interface Execution in the Web-based Interface user interface Execution in the Command Line Interface user interface Symbols used:...
Page 12
A random computer Configuration computer Server Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Introduction Introduction The Switch has been developed for practical application in a harsh industrial environment. Accordingly, the installation process has been kept simple. Thanks to the selected default settings, you only have to enter a few settings before starting to operate the Switch. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 14
Introduction Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Access to the user interfaces 1 Access to the user interfaces The Switch has three user interfaces, which you can access via different interfaces: System monitor via the V.24 interface (out-of-band) Command Line Interface (CLI) via the V.24 connection (out-of-band) and Telnet (in-band) Web-based interface via Ethernet (in-band) Layer 2 Enhanced with Layer 2 Professional...
Access to the user interfaces 1.1 System monitor 1.1 System monitor The system monitor enables you to select the boot operating software, update the operating software, start the selected operating software, end the system monitor, erase the saved configuration and show the bootcode information.
Page 17
Access to the user interfaces 1.1 System monitor < PowerMICE MS4128-5 (Boot) Release: 1.00 Build: 2005-09-17 15:36 > Press <1> to enter System Monitor 1 ... Fig. 1: Screenshot during the boot process V Press within one second the <1> key to start system monitor 1. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 18
Access to the user interfaces 1.1 System monitor System Monitor (Selected OS: L3P-01.0.00-K16 (2005-10-31 19:32)) Select Boot Operating System Update Operating System Start Selected Operating System End (reset and reboot) Erase main configuration file sysMon1> Fig. 2: System monitor 1 screen display V Select the desired menu by entering the number.
Access to the user interfaces 1.2 Command Line Interface 1.2 Command Line Interface The Command Line Interface allows you to use all device functions via a local or a remote connection. The command line interface provides IT specialists with a familiar environ- ment for configuring IT devices.
Page 20
Access to the user interfaces 1.2 Command Line Interface Copyright (c) 2004-2005 Hirschmann Automation and Control GmbH All rights reserved PowerMICE Release L3P-01.0.00-K16 (Build date 2005-10-31 19:32) System Name: PowerMICE Mgmt-IP 149.218.112.105 1.Router-IP: 0.0.0.0 Base-MAC 00:80:63:51:74:00 System Time: 2005-11-01 16:00:59 User: Fig.
Page 21
NOTE: Enter '?' for Command Help. Command help displays all options that are valid for the 'normal' and 'no' command forms. the syntax of a particular command form, please consult the documentation. (Hirschmann PowerMICE) > Fig. 4: CLI screen after login Layer 2 Enhanced with Layer 2 Professional...
Access to the user interfaces 1.3 Web based Interface 1.3 Web based Interface The user-friendly Web-based interface gives you the option of operating the Switch from any location in the network via a standard browser such as the Mozilla Firefox or the Microsoft Internet Explorer. As a universal access tool, the Web browser uses an applet which commu- nicates with the Switch via the Simple Network Management Protocol (SNMP).
Page 23
Access to the user interfaces 1.3 Web based Interface V Start your Web browser. V Make sure that you have activated JavaScript and Java in the security settings of your browser. V Establish the connection by entering the IP address of the Switch that you want to administer via the Web-based network management in the address field of the Web browser.
Page 24
Access to the user interfaces 1.3 Web based Interface V The password “public”, with which you have read permission, appears in the password field. If you wish to access the Switch with write per- mission, then highlight the contents of the password field and overwri- te it with the password “private”...
Entering the IP parameters 2 Entering the IP parameters IP address(es) must be entered when the Switch is installed for the first time. The Switch provides 6 options for entering the IP parameters during the first installation: Using the Command Line Interfaces (CLI). Choose this “out-of-band”...
Page 26
Entering the IP parameters Using DHCP Option 82. Choose this “in-band” method if you want to configure the installed Switch using DHCP Option 82. You need a DHCP server with Option 82 for this. The DHCP server assigns the configuration data to the Switch using its physical connection (see “System Configuration via DHCP Option 82”...
Entering the IP parameters 2.1 Basics IP parameter 2.1 Basics IP parameter 2.1.1 IP address (version 4) The IP addresses consist of 4 bytes. These 4 bytes are written in decimal notation, separated by a decimal point. Since 1992, five classes of IP address have been defined in the RFC 1340. Class Network address Host address...
Entering the IP parameters 2.1 Basics IP parameter Net ID - 7 bits Host ID - 24 bits Klasse A Net ID - 14 bits Host ID - 16 bits Klasse B Net ID - 21 bits Host ID - 8 bit s Klasse C Multicast Group ID - 28 bits Klasse D...
Page 29
Entering the IP parameters 2.1 Basics IP parameter Example of a network mask: Decimal notation 255.255.192.0 Binary notation 11111111.11111111.11000000.00000000 Subnetwork mask bits Class B Example of IP addresses with subnetworks assignment when the above sub- net mask is applied: Decimal notation 129.218.65.17 128 <...
Entering the IP parameters 2.1 Basics IP parameter 2.1.3 Example of how the network mask is used In a large network it is possible that gateways and routers separate the man- agement agent from its management station. How does addressing work in such a case? Romeo Juliet...
Page 31
Entering the IP parameters 2.1 Basics IP parameter Lorenzo receives the letter and removes the outer envelope. From the inner envelope he recognizes that the letter is meant for Juliet. He places the inner envelope in a new outer envelope and searches his address list (the ARP ta- ble) for Juliet's MAC address.
Entering the IP parameters 2.2 Entering the IP parameters via CLI 2.2 Entering the IP parameters via CLI If you do not configure the system via BOOTP/DHCP, DHCPOption 82, Hidiscovery protocol or the ACA AutoConfiguration Adapter, then perform the configuration via the V.24 interface using the Command Line Interface: Entering IP addresses Connect the PC with terminal program started to the RJ11 socket...
Page 33
'normal' and 'no' command forms. the syntax of a particular command form, please consult the documentation. (Hirschmann PowerMICE) > V Change to privileged EXEC mode by entering enable and then press the Enter key. V Disable DHCP by entering network protocol none and then press the Enter key.
Page 34
(Hirschmann PowerMICE) >en (Hirschmann PowerMICE) #network protocol none (Hirschmann PowerMICE) #network parms 149.218.112.105 255.255.255.0 (Hirschmann PowerMICE) #copy system:running-config nvram:startup-config Are you sure you want to save? (y/n) y Copy OK: 15811 bytes copied...
Entering the IP parameters 2.3 Entering the IP parameters via HiDiscovery 2.3 Entering the IP parameters via HiDiscovery The HiDiscovery protocol enables you to assign IP parameters to the Switch via the Ethernet. You can easily configure additional parameters with the Web-based mana- gement (see Reference manual „Web-based Interface“).
Page 36
Entering the IP parameters 2.3 Entering the IP parameters via HiDiscovery When HiDiscovery is started, it automatically searches the network for those devices which support the HiDiscovery protocol. HiDiscovery uses the first PC network card found. If your computer has se- veral network cards, you can select these in HiDiscovery on the toolbar.
Entering the IP parameters 2.4 Loading the system configuration from the 2.4 Loading the system configuration from the ACA The ACA is a device for storing the configuration data of a Switch. storing the Switch software. In the case of a Switch failure, the ACA enables a very simple configuration data transfer by means of a substitute Switch of the same type.
Page 38
Entering the IP parameters 2.4 Loading the system configuration from the Switch starten Nein vorhanden? Passwort im Voreingestelltes Nein Nein Switch und ACA Passwort im identisch? Switch? Konfiguration vom Konfiguration aus ACA laden lokalem Speicher laden ACA-LEDs blinken ACA-LEDs blinken synchron alternierend Konfigurationsdaten...
Entering the IP parameters 2.5 System configuration via BOOTP 2.5 System configuration via BOOTP During startup operation via BOOTP (bootstrap protocol) the Switch receives its configuration data according to the “BOOTP process” flowchart (see Fig. 13). Note: In its state on delivery, the Switch gets its configuration data from the BOOTP server.
Page 40
Entering the IP parameters 2.5 System configuration via BOOTP rs2_01:ht=ether- net:ha=008063086501:ip=149.218.17.83:tc=.global: rs2_02:ht=ether- net:ha=008063086502:ip=149.218.17.84:tc=.global: Lines that start with a '#' character are comment lines. The lines under “.global:” make the configuration of several devices easier. With the template (tc) you allocate the global configuration data (tc=.global:). The direct allocation of hardware address and IP address occurs in the de- vice lines (rs2-0...).
Page 41
Entering the IP parameters 2.5 System configuration via BOOTP Start-up Load default configuration Switch in initalization Switch runs with settings from local flash Send DHCP DHCP/ BOOTP BOOTP? Requests Reply from Save IP parameter DHCP/BOOTP and config file URL server? locally initialize IP stack with IP parameters...
Page 42
Entering the IP parameters 2.5 System configuration via BOOTP Load remote Start tftp process configuration from with config URL of DHCP? file URL of DHCP tftp successful? Load transferred config file Save transferred config file local and set boot configuration to local Loading of configurations data...
Entering the IP parameters 2.6 System configuration via DHCP 2.6 System configuration via DHCP The DHCP (dynamic host configuration protocol) responds similarly to the BOOTP and offers in addition the configuration of a DHCP client with a name instead of the MAC address. For the DHCP, this name is known as the “client identifier”...
Page 44
Entering the IP parameters 2.6 System configuration via DHCP The special feature of DHCP in contrast to BOOTP is that the server can only provide the configuration parameters for a certain period of time (“lease”). When this time period (“lease duration”) expires, the DHCP client must at- tempt to renew the lease or negotiate a new one.
Page 45
Entering the IP parameters 2.6 System configuration via DHCP # Host hugo requests IP configuration # with his client identifier. host hugo { # option dhcp-client-identifier "hugo"; option dhcp-client-identifier 00:68:75:67:6f; fixed-address 149.218.112.83; server-name "149.218.112.11"; filename "/agent/config.dat"; Lines that start with a '#' character are comment lines. The lines preceding the individually listed devices refer to settings that apply to all the following devices.
Entering the IP parameters 2.7 System Configuration via DHCP Option 82 2.7 System Configuration via DHCP Option 82 As with the classic DHCP, on startup an agent receives its configuration data according to the “BOOTP/DHCP process” flow chart (see Fig. 13).
Entering the IP parameters 2.8 System configuration via the Web-based 2.8 System configuration via the Web-based Interface With the dialog Basics:Network you define the source from which the Switch gets its network parameters after starting, assign IP parameters and VLAN ID and configure the HiDiscovery access. Fig.
Page 48
Entering the IP parameters 2.8 System configuration via the Web-based V Enter the parameters according to the selected mode on the right. V You enter the system name applicable to the DHCP protocol in the Sy- stem dialog of the Web-based Interfaces, in the “Name” line. V In the “Local”...
Entering the IP parameters 2.9 Faulty Device Replacement 2.9 Faulty Device Replacement There are two plug-and-play solutions available for replacing a faulty Switch with a Switch of the same type (Faulty Device Replacement): First, you can configure the new switch using an AutoConfiguration Adapter (see “Loading the system configuration from the ACA”...
Page 50
Entering the IP parameters 2.9 Faulty Device Replacement Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Loading/saving settings 3 Loading/saving settings The Switch saves settings such as the IB parameters and the port configuration in the temporary memory. These settings are lost when you switch off or reboot the device. The Switch enables you to save settings from the temporary memory in a permanent memory load settings from a permanent memory into the temporary memory.
Loading/saving settings 3.1 Loading settings 3.1 Loading settings During restart, the Switch automatically loads its configuration data from the local non-volatile memory, provided that you have not activated BOOTP/ DHCP and that no ACA is connected to the Switch. During operation, the Switch enables you to load settings from the following sources: the local non-volatile memory, the AutoConfiguration Adapter.
Loading/saving settings 3.1 Loading settings 3.1.1 Loading from the local non-volatile memory When loading the configuration data locally, the Switch loads the configuration data from the local permanent memory if no ACA is connected to the Switch. V Select the Basics:Load/Save dialog. V Click in the “Load”-frame “Local”.
Loading/saving settings 3.1 Loading settings 3.1.3 Loading from a file The Switch allows you to load the configuration data from a file in the connected network if there is no AutoConfiguration Adapter connected to the Switch. V Select the Basics:Load/Save dialog. V Click in the Load"-frame “fromURL”, if you want the Switch to load the configuration data from a file and to retain the locally saved con- figuration..
Page 55
Loading/saving settings 3.1 Loading settings Fig. 17: Dialog Load/Save V Enter the enable command to change to the Priviledged EXEC mode. V Enter the command copy tftp://149.218.112.159/switch/config.dat nv- ram:startup-config if you want the switch to load the configura- tion data from a tftp server in the connected network. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Loading/saving settings 3.1 Loading settings 3.1.4 Resetting the configuration to the state on delivery The Switch gives you the option to, reset the current configuration to the state on delivery. The locally saved configuration remains. reset the Switch to the state on delivery. After restarting, the IP address is also in the original delivery state.
Loading/saving settings 3.2 Saving settings 3.2 Saving settings The Switch enables you to save the settings you have made locally locally and on the ACA, or into a file. 3.2.1 Saving Locally (and on the ACA) The Switch allows you to save the current configuration data in the local permanent memory and the ACA.
Loading/saving settings 3.2 Saving settings 3.2.2 Saving into a file The Switch allows you to save the current configuration data in a file in the connected network. V Select the Basics:Load/Save dialog. V Click in the “Save”-frame “to URL”. V Type in the “URL” edit field the path under which you want the Switch to save the configuration file.
Hirschmann is continuously working on improving the performance of its products. So it is possible that you may find a more up to date release of the Switch software on the Hirschmann Internet site than the release the you have on your Switch.
Loading Software Updates 4.1 Loading the Software from the ACA 4.1 Loading the Software from the ACA Like an usual USB stick, you can also connect the ACA 21-USB to an USB port of your PC and copy the Switch software to the main directory of the ACA 21-USB.
Page 61
Loading Software Updates 4.1 Loading the Software from the ACA Select Operating System Image (Available OS: Selected: 1.00 (2004-08-26 07:15), Backup: 1.00 (2004-08- 26 07 :15(Locally selected: 1.00 (2004-08-26 07:15)) Swap OS images Copy image to backup Test stored images in Flash mem. Test stored images in USB mem.
Loading Software Updates 4.1 Loading the Software from the ACA Test stored images in USB memory Select 4 to test, if the stored images of the software in ACA 21-USB contain valid codes. Apply and store selection Select 5 to apply and store the selection of the software. Cancel selection Select Sie 6 to cancel selection and leave this dialogue without changes.
Loading Software Updates 4.2 Loading the Software from the tftp Server 4.2 Loading the Software from the tftp Server For a tftp update you need a tftp server on which the software to be loaded is stored (see “tftp server for software updates” on page 165).
Page 64
Loading Software Updates 4.2 Loading the Software from the tftp Server V After the loading procedure has been completed successfully, activa- te the new software as follows: Select the Basics:Restart dialog und and perform a cold start. V After booting the switch, click “Reload” in your browser to re-enable your access to the Switch.
Loading Software Updates 4.3 Loading Software via HTTP 4.3 Loading Software via HTTP For an http update you need access from your computer to the update soft- ware. V Select the Basics:Software dialog. V Click “http-Update” to open the http Update browser window. V Click “Browse...”...
Page 66
Loading Software Updates 4.3 Loading Software via HTTP V After the software procedure has been completed successfully, go to Basics:Restart, and perform a cold start (“Restart Switch”). V Click “Reload” in your browser to re-enable Switch access after boo- ting. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Configuring ports 5 Configuring ports The port configuration consists of: Switching the port on and off, Selecting the operation mode, Displaying connection error messages. Switching the port on and off In the state on delivery, all ports are switched on. To enhance access security, switch off the ports which you do not wish to connect..
Page 68
Configuring ports Displaying connection error mMessages In the state on delivery the Switch displays a connection error via the signal contact and the LED display. The Switch allows you to disable the displaying of connection error messages, for instance to prevent a device that has been turned off from being interpreted as an interrupted line.
Protection from unauthorized access 6 Protection from unauthorized access Protect your network from unauthorized access. The Switch provides you with the following functions for protecting against unauthorized access. Password for SNMP access, Setting the Telnet/Web-Based access, Disabling the HiDiscovery function, Port access control via IP- or MAC-address, Authentication according to 802.1X, Layer 2 Enhanced with Layer 2 Professional...
Protection from unauthorized access 6.1 Password for SNMP access 6.1 Password for SNMP access 6.1.1 Description Password for SNMP access A network management station communicates with the Switch via the Simple Network Management Protocol. Every SNMP packet contains the IP address of the sending computer and the password under which the sender of the packet wants to access the Switch MIB.
Protection from unauthorized access 6.1 Password for SNMP access 6.1.2 Entering password for SNMP access V Select the Security:Password / SNMPv3 access dialog. This dialog gives you the option of changing the read and read/write passwords for access to the Switch via Web-based Interface/CLI/ SNMP.
Page 72
Protection from unauthorized access 6.1 Password for SNMP access Fig. 21: Password dialog Important: If you do not know a password with read/write access, you will not have write access to the Switch! Note: After changing the password for write access, restart the Web in- terface in order to access the Switch.
Page 73
Protection from unauthorized access 6.1 Password for SNMP access V Select the Security:SNMPv1/v2 Access dialog. This dialog gives you the option to select the access via SNMPv1 or SNMPv2. In the state on delivery both protocols are enabled. Thus you can manage the Switch via HiVision and communicate with earlier versions of SNMP.
Page 74
Protection from unauthorized access 6.1 Password for SNMP access Abb. 22: Dialog SNMPv1/v2 access V To create a new line in the table click "Create entry" . V To delete an entry select the line in the table and click "Delete". Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Protection from unauthorized access 6.2 Setting Telnet/Web access 6.2 Setting Telnet/Web access 6.2.1 Description Telnet/Web access The Telnet server of the Switch allows you to configure the Switch using the Command Line Interface (in-band). You can switch off the Telnet server to prevent Telnet access to the Switch.
Protection from unauthorized access 6.2 Setting Telnet/Web access 6.2.2 Enabling/disabling Telnet/Web access V Select the Security:Telnet/Web Access dialog. V Switch off the server to which you wish to disable access. V Enter the command enable to switch to the privileged EXEC mode. V Enter the command transport input telnet to switch on the telnet server.
Protection from unauthorized access 6.3 Disabling HiDiscovery function 6.3 Disabling HiDiscovery function 6.3.1 Description HiDiscovery protocol The HiDiscovery protocol (see “Entering the IP parameters via HiDiscovery” on page 35) allows you to assign an IP address to the Switch on the basis of its MAC address.
Protection from unauthorized access 6.3 Disabling HiDiscovery function 6.3.2 Disabling HiDiscovery function V Select the Basics:Network. dialog. V Switch off the HiDiscovery function in the “HiDiscovery Protocol” frame, or limit access to “read-only”. V Enter the command enable to switch to the privileged EXEC mode. V Enter the command network protocol hidiscovery off to switch off the HiDiscovery function.
Protection from unauthorized access 6.4 Port access control 6.4 Port access control 6.4.1 Description port access control The Switch protects every port from unauthorized access. Depending of your choice the Switch checks the MAC address or the IP address of the connected device. The following functions are available for monitoring every individual port: Who has access to this port? The Switch recognizes 2 classes of access control:...
Protection from unauthorized access 6.4 Port access control 6.4.2 Defining port access control V Select the Security:Port Security dialog. V First select, whether you wish the MAC based or the IP based port security. V If you have selected MAC based you enter in the “Allowed MAC address”...
Page 81
Protection from unauthorized access 6.4 Port access control Fig. 23: Port Security dialog Note: This entry in the port configuration table is part of the configuration (“Loading/saving settings” on page 51) and is saved together with the configuration. Note: An alarm (trap) can only be sent if at least one recipient is entered under “Configuring traps”...
Protection from unauthorized access 6.5 Port Authentication according to 802.1X 6.5 Port Authentication according to 802.1X 6.5.1 Description Port-Based Network Access Control (802.1X) The Port-Based Network Access Control is a method described in the standard IEEE 802.1X for the authentication and authorization of devices in IEEE 802 networks which are connected to a port of the Switch, and which want to access the Switch and/or the network connected to the Switch.
Protection from unauthorized access 6.5 Port Authentication according to 802.1X 6.5.2 Authentication process A supplicant tries to communicate via a Switch port. The Switch requests authentication from the supplicant. At that time only EAPOL traffic is permitted between the supplicant and the Switch. The supplicant replies his identification data.
Page 84
Protection from unauthorized access 6.5 Port Authentication according to 802.1X 6.5.4 Setting 802.1X Configurating the Radius server V Select the Security:802.1x Port Authentication:RA- DIUS-Server dialog This dialog allows you to enter the data for one, two or three Radius servers. V Click on “Create entry”...
Synchronizing the System Time of the 7 Synchronizing the System Time of the Network The real meaning of the term real time depends on the time requirements of the application. The Switch provides two options with different levels of accuracy for synchronizing the time in your network.
Synchronizing the System Time of the 7.1 Entering the Time 7.1 Entering the Time If there is no reference clock available, you can enter the system time in the Switch so that you can use it like a reference clock (see “PTP Global”...
Page 87
Synchronizing the System Time of the 7.1 Entering the Time V Enter the command enable to switch to the privileged EXEC mode. V Enter the command configure to change to the configuration mo- V Enter the command sntp time <YYYY-MM-DD HH:MM:SS> to set the Switch system time.
Synchronizing the System Time of the 7.2 SNTP 7.2 SNTP 7.2.1 Descripton SNTP SNTP has a hierarchical structure. The SNTP Server places the UTC (Uni- versal Time Coordinated) at disposal. The UTC is the time which is refe- renced to Universal Time Coordinated. The display is the same worldwide. Local time differences are not taken into account.
Synchronizing the System Time of the 7.2 SNTP 7.2.2 Preparing the SNTP configuration V To gain an overview of how the system time is passed on, draw a network plan which shows all devices involved in SNTP. Please bear in mind that the accuracy of the system time depends on signal runtime.
Synchronizing the System Time of the 7.2 SNTP 7.2.3 Configuring SNTP V Select the Time:SNTP dialog. Configuration SNTP Client and Server V In this frame you Switch the SNTP function on/off. When it is switched off, the SNTP server does not send any SNTP packages and does not reply to any SNTP requests.
Page 91
Synchronizing the System Time of the 7.2 SNTP Configuration SNTP-Client V In “External Server Address” you enter the IP address of the SNTP server from which the Switch periodically obtains the sy- stem time. V In “Redundant Server Address” you enter the IP address of the SNTP server from which the Switch periodically obtains the sy- stem time, if the Switch does not receive an answer from the “ex- ternal server address”...
Page 92
Synchronizing the System Time of the 7.2 SNTP Switch 149.218.112.1 149.218.112.2 149.218.112.3 Function Anycast destination address 224.0.1.1 224.0.1.1 224.0.1.1 Server VLAN ID Anycast send interval Client External server address 149.218.112.0 149.218.112.1 149.218.112.2 Server request interval Accept SNTP Broadcasts Tab. 5: Settings for the example (see Fig.
Synchronizing the System Time of the 7.3 Precison Time Protocol 7.3 Precison Time Protocol 7.3.1 Funtion description PTP The requirment for running time-critical applications over a LAN is a precise time management system. The IEEE 1588 standard with the Precision Time Protocol (PTP) describes a procedure that is based on the principle that one clock is the most precise and makes it possible to synchronize all clocks within a LAN.
Page 94
Synchronizing the System Time of the 7.3 Precison Time Protocol Cable delays; device delays The communication protocol defined by IEEE 1588 makes it possible to measure cable delays. Formulas for calculating the current time eliminate delays. Accuracy of local clocks The communication protocol defined by IEEE 1588 takes into account the inaccuracy of local clocks in relationship to the reference clock.
Page 95
Synchronizing the System Time of the 7.3 Precison Time Protocol The cable delays are relatively constant. Changes occur very slowly. This fact is taken into account by IEEE 1588 by performing measurements and calculations on a regular basis. IEEE ignores the inaccuracy caused by device delays and device jitter through the definition of “boundary clocks”.
Synchronizing the System Time of the 7.3 Precison Time Protocol Ordinary Clock Reference (Grandmaster Clock) Switch PTP Subdomain 1 Boundary Clock PTP Subdomain 2 Fig. 29: PTP- subdomains 7.3.2 Preparing the PTP configuration After the function is activated, the PTP takes over the configuration automatically.
Synchronizing the System Time of the 7.3 Precison Time Protocol V Switch on the PTP function on all devices whose time you want to syn- chronize using PTP. V If there is no reference clock available, designate a Switch as reference clock, and set the system time as precisely as possible.
Page 98
Synchronizing the System Time of the 7.3 Precison Time Protocol PTP SyncLowerBound: Lower PTP synchronization threshold = difference between reference time and local time, entry in nanoseconds. If the difference between the local clock and the reference clock exceeds the value for the lower PTP synchroni- zation threshold, the local clock is considered to be synchronous with the reference clock.
Page 99
Synchronizing the System Time of the 7.3 Precison Time Protocol PTP ClockStratum: Qualification of the local clock (see Table 6 on page 91). PTP ClockIdentifier: Properties of the clock (e.g. accuracy, epoch, etc.). Fig. 30: PTP Global dialog PTP port PTP-Port enalble: Port sends/receives PTP synchronization messages, disable: Port blocks PTP synchronization messages.
Page 100
Synchronizing the System Time of the 7.3 Precison Time Protocol PTP port state master: Port is in the PTP master mode slave: Port is in the PTP slave mode. disabled: PTP function on this port is disabled. passive: Port is in the PTP passive mode. listening: Port has no information available and is awaiting synchronization messages.
Synchronizing the System Time of the 7.4 Interaction PTP and SNTP 7.4 Interaction PTP and SNTP According to PTP and SNTP, both protocols are permitted to coexist in one network. However, since both protocols influence the system time of the device, situations may occur in which both protocols compete with each other.
Synchronizing the System Time of the 7.4 Interaction PTP and SNTP Application example: The requirements made to network time accuracy are rather high, how- ever the terminal devices exclusively support SNMP (see Fig. 32).. Switch 149.218.112.1 149.218.112.2 149.218.112.3 Operation Clock Mode ptp-mode- ptp-mode- ptp-mode-...
Traffic control 8 Traffic control To optimize the data transmission, the Switch provides you with the following functions for controlling the network load: Settings for directed frame forwarding (MAC address filter) Multicast settings Broadcast limiter Prioritization Flow control Virtual LANs Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Traffic control 8.1 Directed frame forwarding 8.1 Directed frame forwarding Directed frame forwarding is a method used by the Switch to avoid unneces- sary increases in the network load. The Switch features the following directed frame forwarding functions: Store-and-forward Multiadress capability Aging of learned addresses Static address entries 8.1.1 Store-and-forward...
Traffic control 8.1 Directed frame forwarding The Switch can learn up to 8000 addresses. This becomes necessary if more than one terminal device is connected to one or more ports. It is thus possible to connect several independent subnetworks to the Switch. 8.1.3 Aging of learned addresses The Switch monitors the age of the learned addresses.
Traffic control 8.1 Directed frame forwarding 8.1.4 Entering static address entries One of the most important functions of a Switch is the filter function. It selects data packets according to certain defined patterns called filters. These patterns are associated with switching rules. This means that a data packet received at the port of a Switch is compared to the patterns.
Page 107
Traffic control 8.1 Directed frame forwarding V Select the Switching:Filter for MAC addresses dialog. In the filtering table each row represents one filter. Filters specify the way in which data packets are sent. They are set automatically by the Switch (learned status) or manually. Data packets whose destination addresses are entered in the table are sent from the receiving port to the ports marked in the table.
Traffic control 8.2 Multicast application 8.2 Multicast application 8.2.1 Description multicast application The data distribution in the LAN distinguishes between three distribution classes with reference to the addressed recipient: Unicast - one recipient Multicast - a group of recipients Broadcast - every recipient that can be reached In the case of a Multicast address, Switches pass on all the data packets with a Multicast address to all the ports.
Traffic control 8.2 Multicast application 8.2.2 Example of a multicast application The cameras for machine surveillance normally transmit their images to monitor located in the machine room and in the monitoring room. In a IP transmission, a camera sends its image data with a multicast address over the network.
Traffic control 8.2 Multicast application 8.2.3 Description IGMP snooping The Internet Group Management Protocol (IGMP) describes the distribution of Multicast information between routers and terminal devices on the Layer 3 level. Routers with an active IGMP function periodically send queries to find out which IP Multicast group members are connected to the LAN.
Page 111
Traffic control 8.2 Multicast application 8.2.4 Description GMRP The GARP Multicast Registration Protocol (GMRP) describes how multicast information is distributed to other Switches on layer 2 level. This makes it possible for Switches to learn multicast addresses. When a Multicast address is entered in the static address table, the Switch sends this informa- tion to all the ports.
Traffic control 8.2 Multicast application 8.2.5 Setting multicast applications V Select the Switching:Multicasts dialog. Global Configuration With “IGMP Snooping” check box you can switch IGMP Snooping on/off globally for the entire Switch. If IGMP Snooping is switched off, then: the Switch does not evaluate Query and Report packets received it sends (floods) received data packets with a Multicast address as the target address to all ports.
Page 113
Traffic control 8.2 Multicast application IGMP Forward All per port This column of the table allows you to switch on/off the IGMP Snoo- ping function “Forward All” when the global IGMP Snooping is swit- ched on. With the “Forward All” setting, the Switch forwards all the data packets with a Multicast address in the target address field to this port.
Page 114
Traffic control 8.2 Multicast application Fig. 34: IGMP/GMRP dialog Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Traffic control 8.3 Broadcast Limiter 8.3 Broadcast Limiter 8.3.1 Description Broadcast Limiter To guarantee reliable data exchange during high broadcast traffic, the Switch can limit broadcast traffic. By entering a number for each port, you can set the number of broadcasts that can be sent out of this port within a second.
Traffic control 8.4 Prioritization 8.4 Prioritization 8.4.1 Description Prioritization This function prevents high priority data traffic being disrupted by other traffic during busy periods. The lower priority traffic will be discarded when the me- mory or transmission channel is overloaded. The Switch supports four priority queues (traffic classes in compliance with IEEE 802.1D-1998).
Traffic control 8.4 Prioritization 8.4.2 Strict Priority With Strict priority, the Switch sends all data packets with a higher priority level before it sends a data packet with the next lower priority level. Thus the Switch does not send a data packet with the next lower priority until there are no other data packets waiting in the queue.
Page 118
Traffic control 8.4 Prioritization 42-1500 Octets min. 64, max. 1522 Octets Fig. 35: Ethernet data packet with tag 4 Octets Fig. 36: Tag-Format Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Traffic control 8.4 Prioritization 8.4.4 Setting Prioritization V Select the Basics:Port Configuration.dialog. V In the “Port Priority” column, you can specify the priority (low, normal, high, admin) with which the Switch sends data packets which it re- ceives without a VLAN tag at this port. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Traffic control 8.5 Flow control 8.5 Flow control 8.5.1 Description Flow control Flow control is a mechanism which acts as an overload protection. During periods of heavy traffic it holds off additional traffic. In the example (see Fig. 37) the functioning of flow control is displayed gra- phically.
Traffic control 8.5 Flow control Flow control with a full duplex link In the example (see Fig. 37) there is a full duplex link between Work- station 2 and the Switch. Before the send queue of Port 2 overflows, the Switch sends a request to Workstation 2 to include a small break in the sending transmission.
Traffic control 8.6 VLANs 8.6 VLANs 8.6.1 Description VLANs A virtual LAN (VLAN) consists of a group of network participants in one or more network segments who can communicate with each other as if they be- longed to the same LAN. VLAN Yellow VLAN Green MACH 3002...
Page 123
Traffic control 8.6 VLANs VLANs are based on logical (instead of physical) links and are flexible elements in the network design. The biggest advantage of VLANs is the possibility of forming user groups based on the participant function and not on their physical location or medium.
Traffic control 8.6 VLANs Member set The member set is list of ports belonging to a VLAN. Every VLAN has a member set. Untagged set The untagged set is a list of the ports of a VLAN which send data packets without a tag.
Page 125
Traffic control 8.6 VLANs Note: Save the VLAN configuration to non-volatile memory (see Fig. 44). Note: The 256 available VLANs can use any VLAN ID in the range 1 to 4042. Note: In a HIPER-Ring with VLANs you should only operate devices with the software that supports this function, namely: Power MICE MICE Rel.
Traffic control 8.6 VLANs 8.6.3 Setting up VLANs V Select the Switching:VLAN:Static dialog. To set up VLANs, you first specify the desired VLANs in the VLAN static table: V After clicking on “Create”, you enter the appropriate VLAN ID. A new line appears in the table.
Traffic control 8.6 VLANs 8.6.4 Displaying the VLAN configuration V Select the Switching:VLAN:Current dialog. The Current table displays all configured VLANs. All refers to the local VLANs configured by GVRP. 8.6.5 Deleting the VLAN settings V Select the Switching:VLAN:Global dialog. The “Delete”...
Page 128
Traffic control 8.6 VLANs 149.218.112.76 VLAN Brown ID = 1 Network VLAN Yellow VLAN Green Management Station 149.218.112.208 Fig. 39: Example of a VLAN Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 129
Traffic control 8.6 VLANs Fig. 40: Creating a VLAN Fig. 41: Entering a VLAN ID V Repeat the steps: Creating a VLAN and Entering a VLAN ID for all VLANs. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 130
Traffic control 8.6 VLANs Fig. 42: Assigning a VLAN any name and saving it Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 131
Traffic control 8.6 VLANs Fig. 43: Defining the VLAN membership of the ports. Ports 1.1 to 1.3 are assigned to the terminal devices of the yellow VLAN and ports 2.1 to 2.4 to the terminal devices of the green VLAN. As termi- nal devices normally do not sent data packets with a tag, the setting U must be selected here.
Page 132
Traffic control 8.6 VLANs Fig. 44: Saving the VLAN configuration Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 133
Traffic control 8.6 VLANs Fig. 45: Assigning the VLAN ID to the ports and saving it Ports 1.1 to 1.3 are assigned to the terminal devices of the yellow VLAN and therefore VLAN ID 2 and ports 2.1 to 2.4 are assigned to the termi- nal devices of the green VLAN and hence VLAN ID 3.
Page 134
Traffic control 8.6 VLANs Fig. 46: Saving the configuration to non-volatile memory Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Operation Diagnostics 9 Operation Diagnostics The Switch provides you with the following diagnostic tools for the function diagnosis: Sending traps Out-of-band signaling via signal contact Port status indication Event counter on port level SFP status indication TP cable diagnosis Topology discovery Reports Monitoring the traffic of a port (Portmirroring) Layer 2 Enhanced with Layer 2 Professional...
Operation Diagnostics 9.1 Sending traps 9.1 Sending traps If unusual events occur during normal operation of the Switch, they are reported immediately to the management station. This is done by means of so-called traps - alarm messages - that bypass the polling procedure (“Polling”...
Operation Diagnostics 9.1 Sending traps 9.1.1 SNMP trap listing All possible traps that can occur are listed in the following table. Trap description Meaning authenticationFailure is sent if a station attempts to access an agent without permission. coldStart is sent for a cold and warm start during the boot process after successful management initialization.
Operation Diagnostics 9.1 Sending traps 9.1.2 SNMP traps when booting The ColdStart trap is sent during every boot procedure. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Operation Diagnostics 9.1 Sending traps 9.1.3 Configuring traps V Select the Diagnostics:Alarms (Traps) dialog. This dialog allows you to specify which events trigger an alarm (trap) and to whom these alarms should be sent. V In the “IP Address” column, enter the IP address of a network management station to which the traps should be sent.
Page 140
Operation Diagnostics 9.1 Sending traps V The events which can be selected are: Name Bedeutung Authentication The Switch has rejected an unauthorized access attempt (see the Access for IP Addresses und Port Security dialog). Cold Start The Switch has been switched off. Link Down At one port of the Switch, the link to the device connected there has been interrupted.
Operation Diagnostics 9.2 Out-of-band signaling 9.2 Out-of-band signaling The signal contacts are for controlling external devices by manually setting the signal contacts. monitoring proper functioning of the Switch which makes it possible to perform remote diagnostics. A break in contact is reported via the potential-free signal contact (relay contact, closed circuit): Faulty power supply: the failure of the supply voltage 1/2,...
Operation Diagnostics 9.2 Out-of-band signaling 9.2.1 Manual setting the signal contact This mode gives you the option of remote switching each signal individually. Application options: Simulation of an error during SPS error monitoring. Remote control of a device via SNMP, such as switching on a camera.. V Select the Diagnostics:Signal Contact 1/2 dialog.
Operation Diagnostics 9.2 Out-of-band signaling 9.2.2 Monitoring correct operation via the signal contact Configuring the signal contact V Select the Diagnostics:Signal Contact dialog. V Select “Monitoring correct operation” in the frame “Mode Signal con- tact”, to use the contact for function monitoring. V Select in the frame “Monitoring correct operation”...
Page 144
Operation Diagnostics 9.2 Out-of-band signaling Fig. 49: Signal contact dialog Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Operation Diagnostics 9.3 Port status indication 9.3 Port status indication V Select the Basics:System dialog. The device view displays the Switch with the current configuration. The symbols underneath the device view represent the status of the individu- al ports. Abb. 50: Eaxample for a device view Meaning of the symbols: The port (10, 100, 1000 MBit/s) is enabled and the connection is OK.
Page 146
Operation Diagnostics 9.3 Port status indication The port is in autonegotiation mode. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Operation Diagnostics 9.4 Event counter on port level 9.4 Event counter on port level The port statistics table allows experienced network administrators to identify possible problems occuring in the network. This table shows you the contents of various event counters. After a restart, all the event counters begin again at zero.
Page 148
Operation Diagnostics 9.4 Event counter on port level Fig. 51: Port statistic table Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Operation Diagnostics 9.5 Displaying the SFP Status 9.5 Displaying the SFP Status By having the SFP status displayed you can view the current connection to the SFP modules and their properties. The properties include: module type, support provided in the media module temperature in degrees Celsius transmission power in milliwatts reception power in milliwatts...
Page 150
Operation Diagnostics 9.6 TP cable diagnosis 9.6 TP cable diagnosis The TP cable diagnosis allows you to check the connected cables for short circuits or interruptions. Note: While the check is being carried out, the data traffic at this port is suspended.
Operation Diagnostics 9.7 Topology discovery 9.7 Topology discovery 9.7.1 Description Topology discovery IEEE 802.1AB describes the Link Layer Discovery Protocol (LLDP). LLDP allows users to automatically detect the topology of their LANs. A device with active LLDP sends its own connection and management information to neighboring devices of the shared LAN, in as far as they have also LLDP activated.
Page 152
LLDP packets. Consequently, a non-LLDP-capable device between two LLDP-capable devices prevents the exchange of LLDP infor- mation. To avoid this, Hirschmann Switch send additional LLDP packets to the Hirschmann Multicast-MAC address 01:80:63:2F:FF:0B. Hirschmann Switch with the LLDP function are thus also able to exchange LLDP informa- tion with each other via devices which themselves are not LLDP-capable.
Operation Diagnostics 9.7 Topology discovery 9.7.2 Displaying the topology discovery V Select the Diagnostics:Topology Discovery dialog. This dialogue offers you the possibility to switch on/off the function for topology discovery (LLDP). The topology table shows you the selected information to neighbour devices.
Page 154
Operation Diagnostics 9.7 Topology discovery If several devices are connected to a port, for example via a hub, the table shows one line for each connected device. devices with active topology discovery function and devices without active topology discovery function are connected to a port, the topology table hides the devices without ac- tive topology discovery.
Operation Diagnostics 9.8 Reports 9.8 Reports For diagnosis purposes, the Switch allows you to use the following reports: Log Filei The Log File is an HTML file in which the Switch records all important device internal events. System Information The system information in an HTML file containing all system relevant data.
Operation Diagnostics 9.9 Monitoring port traffic (port mirroring) 9.9 Monitoring port traffic (port mirroring) In port mirroring, the data traffic related to a port, the source port, is copied to another port, the destination port. Data traffic at the source port is not in- fluenced by port mirroring.
Page 157
Operation Diagnostics 9.9 Monitoring port traffic (port mirroring) V Select „enabled“, to enable the function. The “Delete” button in the dialog allows you to restore all the default port mirroring settings (state on delivery). Note: In active port mirroring, the specified port is used solely for obser- vation purposes.
Page 158
Operation Diagnostics 9.9 Monitoring port traffic (port mirroring) Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Setting up DHCP Server and TFTP A.1 Setting up DHCP/BOOTP Server A.1 Setting up DHCP/BOOTP Server On the CDROM supplied with the switch you will find the software for a DHCP server from the software development company IT-Consulting Dr. Herbert Hanewinkel.
Page 161
Setting up DHCP Server and TFTP A.1 Setting up DHCP/BOOTP Server V Open the window for the program settings in the menu bar: Options:Preferences and select the DHCP tab page.Enter the settings shown in the illustration and click on OK. Fig.
Page 162
Setting up DHCP Server and TFTP A.1 Setting up DHCP/BOOTP Server V Enter the network mask and click on Accept. Fig. 59: Network mask in the configuration profile V Select the Boot tab page. V Enter the IP address of your tftp server. V Enter the path and the file name for the configuration file.
Page 163
Setting up DHCP Server and TFTP A.1 Setting up DHCP/BOOTP Server V Add a profile for each device type. If devices of the same type have different configurations, then you add a profile for each configuration. To complete the addition of the configuration profiles, click on OK. Fig.
Page 164
Setting up DHCP Server and TFTP A.1 Setting up DHCP/BOOTP Server V Click on New. Fig. 63: Adding static addresses V Enter the MAC address of the switch. V Enter the IP address of the switch. V Select the configuration profile of the switch. V Click on Accept and then on OK.
Page 165
Setting up DHCP Server and TFTP A.1 Setting up DHCP/BOOTP Server V Add an entry for each device that will get its parameters from the DHCP server. Fig. 65: DHCP server with entries Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Setting up DHCP Server and TFTP A.2 Setting up DHCP Server Option 82 A.2 Setting up DHCP Server Option 82 On the CDROM supplied with the switch you will find the software for a DHCP server from the software development company IT-Consulting Dr. Herbert Hanewinkel.
Page 167
Setting up DHCP Server and TFTP A.2 Setting up DHCP Server Option 82 V Select static. Fig. 67: Static address input V Open the window for the program settings in the menu bar: Options:Preferences and select the DHCP tab page. V Select the DHCP tab page.
Page 168
Setting up DHCP Server and TFTP A.2 Setting up DHCP Server Option 82 V To enter the static addresses, click on Add. Fig. 69: Adding static addresses V Select Circuit Identifier and Remote Identifier. Fig. 70: Default setting for the fixed address assignment Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Page 169
ID cl: length of the circuit ID hh: Hirschmann identifier: 01 if a Hirschmann switch is connected to the port, otherwise 00. vvvv: VLAN ID of the DHCP request (default: 0001 = VLAN 1) ss: socket of switch at which the module with that port is located to which the device is connected.
Page 170
Setting up DHCP Server and TFTP A.2 Setting up DHCP Server Option 82 Switch (Option 82) h H h H MACH 3002 MICE MAC address = IP = 00:80:63:10:9a:d7 149.218.112.100 DHCP server IP = 149.218.112.1 IP = 149.218.112.100 Fig. 72: Application example of using Option 82 Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
Setting up DHCP Server and TFTP A.3 tftp server for software updates A.3 tftp server for software updates On delivery, the switch software is held in the flash memory. The Switch boots the software from the flash memory. Software updates can be realized via a tftp server. This presupposes that a tftp server has been installed in the connected network and that it is active.
Setting up DHCP Server and TFTP A.3 tftp server for software updates A.3.1 Setting up the tftp process General prerequisites: The local address of the Switch and the IP address of the tftp servers or the gateway are known to the Switch. The TCP/IP stack with tftp is installed on tftp server.
Page 173
Setting up DHCP Server and TFTP A.3 tftp server for software updates You can obtain additional information about the tftpd daemon tftpd with the UNIX command “man tftpd”. Hinweis: The command “ps” does not always show the tftp daemon, alt- hough it is actually running.
Page 174
Setting up DHCP Server and TFTP A.3 tftp server for software updates Checking the tftp process Edit the file /etc/inetd.conf Is tftp* commented out? Delete the comment character »#« from this line Re-initialize inetd.conf by entering kill-1 PID Problems with the tftp server? cd /tftpboot/mice tftp <tftp-Servername>...
Setting up DHCP Server and TFTP A.3 tftp server for software updates A.3.2 Software access rights The agent needs read permission to the tftp directory with the Switch soft- ware. Example of a UNIX tftp server Once Switch software has been installed, the tftp server should have the following directory structure with the stated access rights: Filename Access...
Page 176
Setting up DHCP Server and TFTP A.3 tftp server for software updates Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
General Information B.1 Hirschmann Competence B.1 Hirschmann Competence In the longterm, product excellence alone is not an absolute guarantee of a successful project implementation. Comprehensive service makes a diffe- rence worldwide. In the current scenario of global competition, the Hirsch-...
General Information B.2 FAQ B.2 FAQ Answers to frequently asked questions can be found at the Hirschmann Website: www.hirschmann.com Under Products/Support inside Automation and Network Soluti- ons is located on the pages Products the area FAQ. For detailed information on all services offered by the Hirschmann Competence Center, please visit the Web site http://www.hicomcenter.com/.
General Information B.3 Management Information BASE MIB B.3 Management Information BASE MIB The Management Information Base (MIB) is designed in the form of an ab- stract tree structure. The branching points are the object classes. The “leaves” of the MIB are called generic object classes.
Page 181
General Information B.3 Management Information BASE MIB System User Interface Upper (e.g. threshold value) Vendor = manufacturer (Hirschmann) Definition of the syntax terms used: Integer An integer in the range 0 - 2 IP address xxx.xxx.xxx.xxx (xxx = integer in the range 0-255)
Page 182
16 rmon 17 dot1dBridge 26 snmpDot3MauMGT Fig. 74: Tree structure of the Hirschmann MIB A complete description of the MIB can be found on the CD-ROM that is included with the device. Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...
General Information B.4 Used abbreviations B.4 Used abbreviations AutoConfiguration Adapter BOOTP Bootstrap Protocol Command Line Interface DHCP Dynamic Host Configuration Protocol) Forwarding Database GARP General Attribute Registration Protocol GMRP GARP Multicast Registration Protocol http Hypertext Transfer Protocol ICMP Internet Control Message Protocol IGMP Internet Group Management Protocol Internet Protocoll...
General Information B.5 List of RFC's B.5 List of RFC's RFC 768 (UDP) RFC 783 (TFTP) RFC 791 (IP) RFC 792 (ICMP) RFC 793 (TCP) RFC 826 (ARP) RFC 854 (Telnet) RFC 855 (Telnet Option) RFC 951 (BOOTP) RFC 1112 (IGMPv1) RFC 1157 (SNMPv1) RFC 1155 (SMIv1) RFC 1212 (Concise MIB Definitions)
Page 185
General Information B.5 List of RFC's RFC 2574 (User Based Security Model for SNMP v3) RFC 2575 (View Based Access Control Model for SNMP) RFC 2576 (Coexistence between SNMP v1,v2 & v3) RFC 2578 (SMI v2) RFC 2579 (Textual Conventions for SMI v2) RFC 2580 (Conformance statements for SMI v2) RFC 2613 (SMON) RFC 2618 (RADIUS Authentication Client MIB)
General Information B.6 Based IEEE standards B.6 Based IEEE standards IEEE 802.1AB Topologie Discovery (LLDP) IEEE 802.1 D Switching, GARP, GMRP, Spanning Tree (Supported via 802.1S implementation IEEE 802.1 D-1998 Media access control (MAC) bridges (includes IEEE 802.1p Priority and Dynamic Multi- cast Filtering, GARP, GMRP) IEEE 802.1 Q-1998 Virtual Bridged Local Area Networks (VLAN Tagging, Port Based VLANs, GVRP)
General Information B.7 Technical Data B.7 Technical Data Switch MAC address table up to 8000 entries Static address filter up to 100 entries VLAN VLAN ID 1 to 4042 (MACH 4000: 3966) Number of VLANs max. 256 simultaneously per switch max.
General Information B.8 Copyright of integrated software B.8 Copyright of integrated soft- ware B.8.1 Bouncy Castle Crypto APIs (Java) The Legion Of The Bouncy Castle Copyright (c) 2000 The Legion Of The Bouncy Castle (http://www.bouncycastle.org) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies...
General Information B.9 Reader's comments B.9 Reader's comments What is your opinion of this manual? We are always striving to provide as comprehensive a description of our product as possible, as well as important information that will ensure trouble-free operation. Your comments and suggestions help us to further improve the quality of our documentation.
Page 190
......................Dear User, Please fill out and return this page − by fax to the number +49 (0)7127/14-1798 or − by mail to Hirschmann Automation and Control GmbH Department AMM Stuttgarter Str. 45 - 51 72654 Neckartenzlingen Germany Layer 2 Enhanced with Layer 2 Professional...
Index Index 37, 53, 60, 62, 136 Access right Faulty Device Replacement Address table Aging Time 103, 108 Filter Alarm 80, 135 Filter table Alarm messages First installation Allowed MAC address Flow control APNIC Forwarding Database ARIN Authentication AutoConfiguration Adapter gateway Generic object classes GMRP...
Page 192
Index LLDP PTP is Synchronized Local clock PTP Offset To Master Logical communication path PTP Parent UUID Login PTP Port Burst PTP Preferred Master PTP Subdomain Name PTP synchronization interval MAC address 43, 48, 77, 80 PTP synchronization threshold MAC destination address PTP-Subdomain Master Master clock...
Page 193
Index TCP/IP stack Telnet Temperature threshold Time management Time stamp unit Topology Traffic classes Transmission security Trap 80, 132, 135 Trap destination table Trivial File Transfer Protocol Type field Unicast Unique Universal Identifier Universal Time Coordinated Untagged set Update User group Username UUID V.24...
Page 194
Index Layer 2 Enhanced with Layer 2 Professional Release 1.0 10/05...