Page 1 WGSW-24040 / WGSW-24040R 24-Port 10/100/1000Mbps Layer 2 Managed Switch SGSW-24040 / SGSW-24040R 24-Port 10/100/1000Mbps Layer 2 Managed Stackable Switch User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R User’s Manual...
Page 2: Ce Mark Warning
PLANET is a registered trademark of PLANET Technology Corp. All other trademarks belong to their respective owners. Disclaimer PLANET Technology does not warrant that the hardware will work properly in all environments and applications, and makes no warranty and representation, either implied or expressed, with respect to the quality, performance, merchantability, or fitness for a particular purpose.
Page 3: Table Of Contents
3.1 Requirements...36 3.2 Management Access Overview ...37 3.3 Administration Console ...37 3.4 Web Management ...39 3.5 SNMP-Based Network Management...40 3.6 Protocols ...40 3.6.1 Virtual Terminal Protocols ...40 3.6.2 SNMP Protocol ...41 3.6.3 Management Architecture...41 TABLE OF CONETNTS SGSW-24040 / SGSW-24040R...
Page 4 4.4.4 Port Mirroring Configuration...82 4.5 Link Aggregation ...85 4.5.1 Static Aggregation Configuration ...87 Hash Code Contributors ...87 Static Aggregation Group Configuration ...87 4.5.2 LACP Configuration ...89 4.5.3 LACP System Status ...90 4.5.4 LACP Port Status...90 4.5.5 LACP statistics...92 SGSW-24040 / SGSW-24040R...
Page 5 4.9.4 IGMP Snooping Status ...138 4.9.5 Multicast Address Table ...139 4.10 IEEE 802.1X Network Access Control ...140 4.10.1 Understanding IEEE 802.1X Port-Based Authentication...141 4.10.2 802.1X System Configuration ...144 4.10.3 802.1X and MAC-Based Authentication Port Configuration...146 4.10.4 802.1X Port Status...149 SGSW-24040 / SGSW-24040R...
Page 6 4.15 Network Diagnastics ...194 4.15.1 Cable Diagnostics...194 4.15.2 Ping ...195 4.16 Stacking...196 4.16.1 Stack...198 4.16.1.1 Switch IDs ...198 4.16.1.2 Master Election ...199 4.16.1.3 Stack Redundancy ...199 4.16.1.4 Shortest Path Forwarding ...200 4.16.2 Stack Configuration ...201 4.16.3 Stack Information ...202 SGSW-24040 / SGSW-24040R...
Page 7 6.2 Port Management Command...221 Port Configuration ...221 Port State...221 Port Mode...222 Port Flow Control...222 Port Maximum Frame ...223 Port Power...224 Port Excessive...224 Port Statistics...225 Port VeriPHY ...225 Port Numbers ...226 Mirror Configuration...227 Mirror Port ...227 Mirror SID ...227 SGSW-24040 / SGSW-24040R...
Page 8 PVLAN Configuration ...243 PVLAN Isolate ...243 6.5 Spanning Tree Protocol Command ...244 RSTP Configuration...244 RSTP SysPrio ...244 RSTP Age...245 RSTP Delay...245 RSTP Version...246 RSTP Mode...246 RSTP Cost ...247 RSTP Priority...247 RSTP Edge ...248 RSTP P2P ...248 RSTP Status ...249 SGSW-24040 / SGSW-24040R...
Page 9 QoS Multicast ...263 QoS Broadcast ...264 6.8 802.1x Port Access Control Command ...265 Dot1x Configuration...265 Dotx1 Mode ...265 Dot1x Status ...266 Dot1x Server ...266 Dot1x Secret...267 Dot1x Authenticate ...267 Dot1x Re-authentication ...268 Dot1x Period...268 Dot1x Timeout ...269 SGSW-24040 / SGSW-24040R...
Page 10 LLDP Mode ...282 LLDP Optional TLV...283 LLDP Interval...283 LLDP Hold ...284 LLDP Delay ...284 LLDP Reinit ...285 LLDP Information ...285 LLDP Statistics ...286 6.12 Stack Management Command ...287 Stack List ...287 Stack List ...287 Stack Master Reelect...287 Stack Select...288 SGSW-24040 / SGSW-24040R...
Page 11 7.2 Learning ...290 7.3 Forwarding & Filtering ...290 7.4 Store-and-Forward ...290 7.5 Auto-Negotiation ...291 8. TROUBLE SHOOTING... 293 APPENDEX A ... 295 A.1 Switch's RJ-45 Pin Assignments ...295 A.2 10/100Mbps, 10/100Base-TX ...295 APPENDEX B : GLOSSARY... 297 SGSW-24040 / SGSW-24040R...
Page 12: Introdution
The PLANET Layer 2 Managed Gigabit Switch series - WGSW-24040 / WGSW-24040R / SGSW-24040 / SGSW-24040R are all multiple ports Gigabit Ethernet Switched with SFP fiber optical connective ability and robust layer 2 features; the description of these models as below:...
Page 13 VoIP, video streaming and multicast application. High Performance The Managed Switch provides 24 10/100/1000Mbps Gigabit Ethernet ports with 4 shared Gigabit SFP slots. It boasts a high performance switch architecture that is capable of providing non-blocking switch fabric and wire-speed throughput as high as 48Gbps, which greatly simplifies the tasks of upgrading the LAN for catering to increase bandwidth demands.
Page 14: How To Use This Manual
AC / DC Power Redundant to ensure continuous operation The R series Managed Switch equip with one 100~240V AC power supply unit and one DC -48V power supply unit on its standard package, it provides redundant power supply installation. A redundant power system is also provided to enhance the reliability with either 100~240V AC power supply unit or DC -48V power supply unit.
Page 15: Product Features
WGSW-24040 / WGSW-24040R 24-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 4 mini-GBIC/SFP slots, shared with Port-21 to Port-24 RS-232 DB9 console interface for Switch basic management and setup SGSW-24040 / SGSW-24040R 24-Port 10/100/1000Base-T Gigabit Ethernet RJ-45 4 mini-GBIC/SFP slots, shared with Port-21 to Port-24...
Page 16 Hardware learning with MAC table synchronization across stack Redundant Power System (WGSW-24040R / 100~240V AC / 48V DC Dual power redundant Active-active redundant power failure protection Backup of catastrophic power failure on one supply Fault tolerance and resilience. SGSW-24040R) SGSW-24040 / SGSW-24040R...
Page 17: Product Specification
Display each port’s speed duplex mode, link status, Flow control status. Auto negotiation status, trunk status. 802.1Q Tagged Based VLAN ,up to 4K VLAN groups Q-in-Q Private VLAN SGSW-24040 / SGSW-24040R SGSW-24040 SGSW-24040R 2 5GbE / Cross-HDMI interface 68Gbps Power, Stack Master, Stack Port LNK, Link/Act and speed per Gigabit port Max.
Page 18 IEEE 802.3x Flow Control and Back pressure IEEE 802.3ad Port trunk with LACP IEEE 802.1d Spanning tree protocol IEEE 802.1w Rapid spanning tree protocol IEEE 802.1p Class of service IEEE 802.1Q VLAN Tagging IEEE 802.1x Port Authentication Network Control IEEE 802.1ab LLDP SGSW-24040 / SGSW-24040R...
Page 19: Installation
This section describes the hardware features and installation of the Managed Switch on the desktop or rack mount. For easier management and control of the Managed Switch, familiarize yourself with its display indicators, and ports. Front panel illustrations in this chapter display the unit LED indicators. Before connecting any network device to the Managed Switch, please read this chapter completely.
Page 20 ■ Reset button At the left of front panel, the reset button is designed for reboot the Managed Switch without turn off and on the power. The following is the summary table of Reset button Reset Button Pressed and Released...
Page 21: Led Indications
Blink to indicate the System is running under booting procedure. ■ 10/100/1000Base-T interfaces Color Lights: To indicate the link through that port is successfully established with speed Blink: To indicate that the switch is actively sending or receiving data over that port. 1000 Green LNK/ACT...
Page 22 STX2 Green ■ 10/100/1000Base-T interfaces Color Lights: To indicate the link through that port is successfully established with speed Blink: To indicate that the switch is actively sending or receiving data over that port. 1000 Green LNK/ACT Off: speed 1000Mbps...
Page 23: Switch Rear Panel
Stack ID (1~9, A~F, 0): To indicate the Switch ID of each SGSW Managed Switch. Switch IDs are used to uniquely identify the Managed Switches within a stack. The Switch ID of each Managed Switch is shown on the display on the front of the Managed Switch and is used widely in the web pages as well as in the CLI commands of the Stack group.
Page 24 100-240VAC and 50/60 Hz. Plug the female end of the power cord firmly into the receptalbe on the rear panel of the Managed Switch. Plug the other end of the power cord into an electric service outlet then the power will be ready.
Page 25 ■ DC Power Connector The rear panel of the WGSW-24040R and SGSW-24040R contains a power switch and a DC power connector, which accepts DC power input voltage from -30V to -60V DC. Connect the power cable to the Managed Switch at the input terminal block.
Page 26: Install The Switch
This section describes how to install your Managed Switch and make connections to the Managed Switch. Please read the following topics and perform the procedures in the order being presented. To install your Managed Switch on a desktop or shelf, simply complete the following steps.
Page 27: Rack Mounting
Secure the brackets tightly. Step4: Follow the same steps to attach the second bracket to the opposite side. Step5: After the brackets are attached to the Managed Switch, use suitable screws to securely attach the brackets to the as shown in Figure 2-12.
Page 28: Installing The Sfp Transceiver
The sections describe how to insert an SFP transceiver into an SFP slot. The SFP transceivers are hot-pluggable and hot-swappable. You can plug-in and out the transceiver to/from any SFP port without having to power down the Managed Switch. As the Figure 2-13 appears.
Page 29 Connect the other end of the cable to a device – switches with SFP installed, fiber NIC on a workstation or a Media Converter.. Check the LNK/ACT LED of the SFP slot on the front of the Managed Switch. Ensure that the SFP transceiver is operating correctly.
Page 30 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Figure 2-14 Pull out the SFP transceiver Never pull out the module without pull the handle or the push bolts on the module. Direct pull out the module with violent could damage the module and SFP module slot of the Managed...
Page 31: Connecting Dc Power Supply
2.2.4 Connecting DC Power Supply – WGSW-24040R / SGSW-24040R The WGSW-24040R and SGSW-24040R support -48VDC power input, connect the power cable to the switch at the input terminal block. The size of the two screws in the terminal block is M3.5.
Page 32: Stack Installation
SGSW-24040 / SGSW-24040R The SGSW-24040 series Managed Switch provides a switch stacking function to manage up to 16 switches using a single IP address. And up to 384 Gigabit Ethernet ports can be managed by a stacking group and you can add ports and functionality as needed.
Page 33: Connecting Stacking Cable
STEP-3: If you wish to implement stack redundancy, use the long stack cable –CB-STX200 to connect the stack port marked “STX1 / Cascade Down” on the bottom switch to the port marked “STX2 / Cascade Up” on the top switch of the stack.
Page 34 Switch IDs to be assigned so that it is easier for the user to remember the ID of each switch. STEP-7: Connect the RS-232 serial cable to the console port on the front of the stack master, then loin the SGSW Switch to start the switch management.
Page 35 The stack switch with least priority ID or MAC Address number will become Master. Only Master switch’s management interface (console, telnet, web and SNMP) is accessible. It’s allow to build a stack of up to 16 PLANET SGSW Switches. If there is the space limitation or power issue and you wish to stack all the switches in different racks, use long stack cables “CB-STX200”...
Page 36: Switch Management
This chapter explains the methods that you can use to configure management access to the Managed Switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (work-station or personal computer) and the system. It also contains information about port connection options.
Page 37: Management Access Overview
3.2 Management Access Overview The Managed Switch gives you the flexibility to access and manage it using any or all of the following methods: An administration console Web browser interface An external SNMP-based network management application The administration console and Web browser interface support are embedded in the Managed Switch software and are available for immediate use.
Page 38: Direct Access
(such as HyperTerminal) to the Managed Switch console (serial) port. When using this management method, a straight DB9 RS-232 cable is required to connect the switch to the PC. After making this connection, configure the terminal-emulation program to use the following parameters:...
Page 39: Web Management
The Managed Switch offers management features that allow users to manage the Managed Switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. After you set up your IP address for the switch, you can access the Managed Switch's Web interface applications directly in your Web browser by entering the IP address of the Managed Switch.
Page 40: Snmp-Based Network Management
(serial) port. To access the Managed Switch through a Telnet session: Be Sure of the Managed Switch is configured with an IP address and the Managed Switch is reachable from a PC. Figure 3-4 SNMP management SGSW-24040 / SGSW-24040R...
Page 41: Snmp Protocol
(for example, SNMP agent of Web browser). The management architecture of the switch adheres to the IEEE open standard. This compliance assures customers that the Managed Switch is compatible with, and will interoperate with other solutions that adhere to the same open standard.
Page 42: Web Configuration
Java Applets to use network ports. The Managed Switch can be configured through an Ethernet connection, make sure the manager PC must be set on same the IP subnet address with the Managed Switch.
Page 43 IP Address as following: http://192.168.0.100 When the following login screen appears, please enter the default username "admin" with password “admin” (or the username/password you have changed via console) to login the main screen of Managed Switch. The login screen in Figure 4-1-2 appears.
Page 44 Now, you can use the Web management interface to continue the switch management or manage the Managed Switch by Web interface. The Switch Menu on the left of the web page let you access all the commands and statistics the Managed Switch provides.
Page 45: Main Web Page
Panel Display The web agent displays an image of the Managed Switch’s ports. The Mode can be set to display different information for the ports, including Link up or Link down. Clicking on the image of a port opens the Port Statistics page.
Page 46 Main Menu Using the onboard web agent, you can define system parameters, manage and control the Managed Switch, and all its ports, or monitor network conditions. Via the Web-Management, the administrator can setup the Managed Switch by select the functions those listed in the Main Function.
Page 47: System
4.2 System Use the System menu items to display and configure basic administrative details of the Managed Switch. Under System the following topics are provided to configure and view the system information: This section has the following items: ■ System Information ■...
Page 48: System Information
4.2.1 System Information The System Info page provides information for the current device information. System Info page helps a switch administrator to identify the hardware MAC address, software version and system uptime. The screen in The page includes the following fields: Object •...
Page 49 : Click to refresh the page; any changes made locally will be undone. For the SGSW series stackable switch, the System Information page add additional column to identify the current switch ID of stack member switches in a stack group. The screen as below appears:...
Page 50: Ip Configuration
ID. The allowed range is 1 through 4095. Provide the timezone offset relative to UTC/GMT. The offset is given in minutes east of GMT. The valid range is from -720 to 720 minutes. SGSW-24040 / SGSW-24040R Figure 4-2-2 appears. dotted decimal notation.
Page 51: User Authentication
After change the default password, if you forget the password. Please press the “Reset” button in the front panel of the Managed Switch over 10 seconds and then release, the current setting includes VLAN, will be lost and the Managed Switch will restore to the default mode.
Page 52: Sntp Configuration
4.2.4 SNTP Configuration In the System sub-function menu, you can see the SNTP Configuration (see settings for the Managed Switch. You can specify SNTP Servers and set GMT Timezone. The SNTP Configuration screen in Figure 4-2-4 appears. The Time page includes the following fields: Object •...
Page 53: Web Firmware Upgrade
Once the software be loaded to the system successfully. The following screen appears. Click the “Yes” button to activate the new software immediately. The system will load the new software after reboot. Figure 4-2-6 Software successfully loaded notice screen Figure 4-2-5 appears. Figure 4-2-5 Web Firmware Upgrade page screenshot SGSW-24040 / SGSW-24040R...
Page 54: Tftp Firmware Upgrade
4.2.6 TFTP Firmware Upgrade The Firmware Upgrade page provides the functions to allow a user to update the Managed Switch firmware from the TFTP server in the network. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server.
Page 55 Please check your TFTP server application to confirm the TFTP file is well transmit to the Switch. The Switch will reboot then, and It will cost 2 to 3 minutes for the TFTP firmware upgrade and reboot procedure. Please wait for the process complete.
Page 56: Configuration Save
4.2.7 Configuration Save This function allows backup and reload the current configuration of the Managed Switch to the local management station. The screen in Figure 4-2-10 appears. Configuration Download: Download the current configuration file of the switch to the local machine.
Page 57: Configuration Upload
4.2.8 Configuration Upload This function allows backup and reload the current configuration of the Managed Switch to the local management station. The screen in Figure 4-2-13 appears. Configuration Upload: Upload the existed configuration file to the Managed Switch. The configuration file had been saved at the local machine already.
Page 58 Select on the configuration file then click “Upload”, the bottom of the browser shows the upload status. After down, the main screen appears “Transfer Completed”. Figure 4-2-14 Windows file selection menu popup SGSW-24040 / SGSW-24040R...
Page 59: Factory Default
4.2.9 Factory Default The Factory Reset button can reset the VDSL2 Switch back to the factory default mode. Be aware that the entire configuration will be reset; include the IP address of the VDSL2 Switch. Once the Factory Reset item is pressed, the screen in appears.
Page 60: System Reboot
You can also check the SYS LED at the front panel to identify the System is load completely or not. If the SYS LED is blinking, then it is in the firmware load stage; if the SYS LED light on, you can use the WEB browser to login the Switch.
Page 61 Click System, File Management, Copy Operation. Select “running-config to startup-config” as the file transfer method. Select the startup file name used for startup on the Managed Switch to overwrite or specify a new file name, then click Apply. You can also select any configuration file as the start-up configuration by using the System/File Management /Set Start-Up page.
Page 62 Select “tftp to file” as the file transfer method, enter the IP address of the TFTP server. Set the file type to “opcode,” enter the file name of the software to download, select a file on the Managed Switch to overwrite or specify a new file name and click Apply.
Page 63 Select “tftp to startup-config” as the file transfer method, enter the IP address of the TFTP server. Enter the file name of the configuration file to download, select a file on the Managed Switch to overwrite or specify a new file name and click Apply.
Page 64 Enter a new file name for the configuration to upload, and click Apply. The file “Factory_Default_Config.cfg” can be copied to the TFTP server, but cannot be used as the destination on the Managed Switch. The maximum number of user-defined configuration files is limited only by available flash memory space.
Page 65: Simple Network Management Protocol
SNMP community. It will not respond to requests from management stations that do not belong to one of its communities. SNMP default communities are: Write = private 。 Read = public 。 4.3.2 SNMP System Configuration Configure SNMP on this page. SGSW-24040 / SGSW-24040R...
Page 66 SNMPv3 communities table. Indicates the SNMPv3 engine ID. The string must contain an even number between 10 and 64 hexadecimal digits, but all-zeros and all-'F's are not allowed. Change of the Engine ID will clear all original local users. SGSW-24040 / SGSW-24040R...
Page 67: Snmp System Information Configuration
The allowed string length is 0 to 255. The physical location of this node(e.g., telephone closet, 3rd floor). The allowed string length is 0 to 255, and the allowed content is the ASCII characters from 32 to 126. Figure 4-3-3 appears. SGSW-24040 / SGSW-24040R...
Page 68 Enabled: Enable SNMP trap inform mode operation. • Disabled: Disable SNMP trap inform mode operation. Indicates the SNMP trap inform timeout. The allowed range is 0 to 2147. Indicates the SNMP trap inform retry times. The allowed range is 0 to 255. SGSW-24040 / SGSW-24040R...
Page 69: Snmpv3 Configuration
Check to delete the entry. It will be deleted during the next save. A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 SGSW-24040 / SGSW-24040R...
Page 70: Snmpv3 Communities Configuration
SET new values. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126. Figure 4-3-5 appears. Description Check to delete the entry. It will be deleted during the next save. SGSW-24040 / SGSW-24040R...
Page 71: Snmpv3 Groups Configuration
The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126. A string identifying the group name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is the ASCII SGSW-24040 / SGSW-24040R...
Page 72: Snmpv3 Users Configuration
Indicates the authentication protocol that this entry should belong to. Possible authentication protocol are: • None: None authentication protocol. • MD5: An optional flag to indicate that this user using MD5 authentication SGSW-24040 / SGSW-24040R...
Page 73: Snmpv3 Views Configuration
• Check to delete the entry. It will be deleted during the next save. A string identifying the view name that this entry should belong to. The allowed string length is 1 to 32, and the allowed content is the ASCII characters from 33 to 126. SGSW-24040 / SGSW-24040R...
Page 74 'included' and it's OID subtree overstep the 'excluded' view entry. The OID defining the root of the subtree to add to the named view. The allowed OID length is 1 to 128. The allowed string content is digital number or asterisk(*). SGSW-24040 / SGSW-24040R...
Page 75 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Figure 4-3-9 SNMPv3 Users-NEW page screenshot Once the new SNMPv3 user be successed add and be assign to a snmp group, this entry will shows in the users table. Figure 4-3-10 SNMPv3 Users page screenshot EXAMPLE: Add a new SNMPv3 Group In the New Group page, define a name, assign a security model and level, and then select read and write views.
Page 76 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Figure 4-3-11 SNMPv3 Groups-NEW page screenshot...
Page 77: Port Management
The port settings relate to the currently selected stack unit, as reflected by the page header. The table has one row for each port on the selected switch in the stack and a number of columns, which are: The Port Configuration screen in Figure 4-4-1 User’s Manual of WGSW-24040 / WGSW-24040R...
Page 78 The current link state is displayed graphically. Green indicates the link is up and red that it is down. Provides the current link speed of the port. Select any available link speed for the given switch port. Draw the menu bar to select the mode. • Auto Speed - Setup Auto negotiation.
Page 79: Port Statistics Overview
Auto-MDIX function will disable. 4.4.2 Port Statistics Overview This page provides an overview of general traffic statistics for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The Port Statistics Overview screen in •...
Page 80: Detailed Port Statistics
4.4.3 Detailed Port Statistics This page provides detailed traffic statistics for a specific switch port. Use the port select box to select which switch port details to display. The selected port belong to the currently selected stack unit, as reflected by the page header.
Page 81 CRC. The number of received frames filtered by the forwarding process. Short frames are frames that are smaller than 64 bytes. Long frames are frames that are longer than the configured maximum frame length for this port. SGSW-24040 / SGSW-24040R...
Page 82: Port Mirroring Configuration
Configure port Mirroring on this page. This function provide to monitoring network traffic that forwards a copy of each incoming or outgoing packet from one port of a network Switch to another port where the packet can be studied. It enables the manager to keep close track of switch performance and alter it if necessary.
Page 83: Mirror Port Configuration
Frames transmitted from this port are mirrored to the mirroring port. Frames received are not mirrored. • Disabled Neither frames transmitted or frames received are mirrored. • Enabled Frames received and frames transmitted are mirrored to the mirror port. SGSW-24040 / SGSW-24040R...
Page 84 SGSW Stackable Switch The SGSW Stackable switch supports port mirror function over stack switch. Figure 4-4-6 Port Mirror Configuration page screenshot Object • Switch to mirror to Description Frames from ports that have either source or destination mirroring enabled are mirrored to this switch.
Page 85: Link Aggregation
Link Aggregation Control Protocol (LACP) LAGs - LACP LAG negotiate Aggregated Port links with other LACP ports located on a different device. If the other device ports are also LACP ports, the devices establish a LAG between them. Figure 4-5-1 Link Aggregation SGSW-24040 / SGSW-24040R...
Page 86 It allows a maximum of 16 ports to be aggregated at the same time. The Managed Switch support Gigabit Ethernet ports (up to 12 groups). If the group is defined as a LACP static link aggregationing group, then any extra ports selected are placed in a standby mode for redundancy if one of the other ports fails.
Page 87: Static Aggregation Configuration
The TCP/UDP port number can be used to calculate the destination port for the frame. Check to enable the use of the TCP/UDP Port Number, or uncheck to disable. By default, TCP/UDP Port Number is enabled. Figure 4-5-3 appears. SGSW-24040 / SGSW-24040R...
Page 88 "Normal" indicates there is no aggregation. Only one group ID is valid per port. Each switch port is listed for each group ID. Select a radio button to include a port in an aggregation, or clear the radio button to remove the port from the aggregation.
Page 89: Lacp Configuration
Description The switch port number. Controls whether LACP is enabled on this switch port. LACP will form an aggregation when 2 or more ports are connected to the same partner. LACP can form max 12 LLAGs per switch and 2 GLAGs per stack.
Page 90: Lacp System Status
The system ID (MAC address) of the aggregation partner. The Key that the partner has assigned to this aggregation ID. The time since this aggregation changed. Shows which ports are a part of this aggregation for this switch/stack. The format is: "Switch ID:Port". LACP status for all ports.
Page 91 Only ports with the same key can aggregate together. The Aggregation ID assigned to this aggregation group. IDs 1 and 2 are GLAGs while IDs 3-14 are LLAGs. The partners System ID (MAC address). The partners port number connected to this port. SGSW-24040 / SGSW-24040R...
Page 92: Lacp Statistics
The switch port number. Shows how many LACP frames have been sent from each port. Shows how many LACP frames have been received at each port. Shows how many unknown or illegal LACP frames have been discarded at each port. SGSW-24040 / SGSW-24040R...
Page 93: Vlan
802.1 tag from packet headers to maintain compatibility with devices that are tag-unaware. The Switch's default is to assign all ports to a single 802.1Q VLAN named DEFAULT_VLAN. As new VLAN is created, the member ports assigned to the new VLAN will be removed from the DEFAULT_ VLAN port member list.
Page 94: Ieee 802.1Q Vlan
4.6.2 IEEE 802.1Q VLAN In large networks, routers are used to isolate broadcast traffic for each subnet into separate domains. This Managed Switch provides a similar service at Layer 2 by using VLANs to organize any group of network nodes into separate broadcast domains.
Page 95 Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated. User Priority VLAN ID (VID) 3 bits 1 bits TCI (Tag Control Information) 2 bytes 2 bytes VLAN TAG Ethernet Type 4 bytes 2 bytes SGSW-24040 / SGSW-24040R 12 bits Data 46-1517 bytes 4 bytes...
Page 96: Assigning Ports To Vlans
Tag-aware switches must keep a table to relate PVID within the switch to VID on the network. The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VID are different the switch will drop the packet.
Page 97: Vlan Classification
■ VLAN Classification When the switch receives a frame, it classifies the frame in one of two ways. If the frame is untagged, the switch assigns the frame to an associated VLAN (based on the default VLAN ID of the receiving port). But if the frame is tagged, the switch uses the tagged VLAN ID to identify the port broadcast domain of the frame.
Page 98: Vlan Basic Information
4.6.3 VLAN Basic Information The VLAN Basic Information page displays basic information on the VLAN type supported by the Managed Switch. The VLAN Basic Information screen in The page includes the following fields: Object • VLAN Mode • Maximum VLAN ID •...
Page 99: Vlan Port Configuration
4.6.4 VLAN Port Configuration This page is used for configuring the Managed Switch port VLAN. The VLAN per Port Configuration page contains fields for managing ports that are part of a VLAN. The port default VLAN ID (PVID) is configured on the VLAN Port Configuration page. All untagged packets arriving to the device are tagged by the ports PVID.
Page 100 In cases where a given service VLAN only has two member ports on the switch, the learning can be disabled for the particular VLAN and can therefore rely on flooding as the forwarding mechanism between the two ports. This way, the MAC table requirements is reduced.
Page 101 Link Type Allow 802.1Q Untagged or Tagged VLAN for selected port. When adding a VLAN to selected port, it tells the switch whether to keep or remove the tag from a frame on egress. • Untag: outgoing frames without VLAN-Tagged.
Page 102: Vlan Membership Configuration
802.1Q VLAN compliant devices, or untagged they are not connected to any VLAN-aware devices. The VLAN membership configuration for the selected stack switch unit switch can be monitored and modified here. Up to 64 VLANs are supported. This page allows for adding and deleting VLANs as well as adding and deleting port members of each VLAN.
Page 103: Private Vlan Configuration
For private VLANs to be applied, the switch must first be configured for standard VLAN operation When this is in place, one or more of the configured VLANs can be configured as private VLANs. Ports in a private VLAN fall into one of these two groups: Promiscuous ports —...
Page 104 (or host) ports. This VLAN conveys traffic between the isolated ports and a lone promiscuous port. A promiscuous port can communicate with all the interfaces - Promiscuous within a private VLAN. This is the default setting. SGSW-24040 / SGSW-24040R...
Page 105: Rapid Spanning Tree Protocol
The Spanning Tree protocol can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network, and provide backup links which automatically take over when a primary link goes down.
Page 106 Creating a Stable STP Topology It is to make the root port a fastest link. If all switches have STP enabled with default settings, the switch with the lowest MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best switch, STP can be forced to select the best switch as the root switch.
Page 107 STP Operation Levels The Switch allows for two levels of operation: the switch level and the port level. The switch level forms a spanning tree consisting of links between one or more switches. The port level constructs a spanning tree consisting of groups of one or more ports.
Page 108 Hello Time – The Hello Time can be from 1 to 10 seconds. This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge. If you set a Hello Time for your Switch, and it is not A relative priority for each switch –...
Page 109 STP assistance is not applied. If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to switch A and so on. The broadcast packet will be passed indefinitely in a loop, potentially causing a network failure. In this example, STP breaks the loop by blocking the connection between switch B and C.
Page 110 LAN 2 The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 4) on switch A are connected to one (optional) Gigabit port on both switch B and C.
Page 111: Rstp System Configuration
4.7.1 RSTP System Configuration This page allows you to configure RSTP system settings. The settings are used by all RSTP Bridge instances in the Switch or switch Stack. The Managed Switch support the following Spanning Tree protocols: ‧ Compatiable -- Spanning Tree Protocol (STP):Provides a single path between end stations, avoiding and eliminating loops.
Page 112: Rstp Bridge Status
The Gigabit Ethernet Switch implement the Rapid Spanning Protocol as the default spanning tree protocol. While select “Compatibles” mode, the system use the RSTP (802.1w) to compatible and co work with another STP (802.1d)’s BPDU control packets. 4.7.2 RSTP Bridge Status This page provides a status overview for all RSTP bridge instances.
Page 113: Rstp Port Configuration
Figure 4-7-9 RSTP Port Configuration page screenshot Description The switch port number of the logical RSTP port. Controls whether RSTP is enabled on this switch port. Controls the path cost incurred by the port. The Auto setting will set the path cost as appropriate by the physical link speed, using the 802.1D recommended...
Page 114 (This applies to physical ports only. Aggregations are always forced Point2Point). IEEE 802.1D-1998 50-600 10-60 3-10 Table 4-7-1 Recommended STP Path Cost Range IEEE 802.1D-1998 Table 4-7-2 Recommended STP Path Costs SGSW-24040 / SGSW-24040R IEEE 802.1w-2001 200,000-20,000,000 20,000-2,000,000 2,000-200,000 IEEE 802.1w-2001 2,000,000 1,999,999...
Page 115 Port Type Link Type Ethernet Half Duplex Full Duplex Trunk Fast Ethernet Half Duplex Full Duplex Trunk Gigabit Ethernet Full Duplex Trunk Table 4-7-3 Default STP Path Costs SGSW-24040 / SGSW-24040R IEEE 802.1w-2001 2,000,000 1,000,000 500,000 200,000 100,000 50,000 10,000 5,000...
Page 116: Rstp Port Status
4.7.4 RSTP Port Status This page displays the RSTP port status for port physical ports in the currently selected switch. The RSTP Port Status screen in Figure 4-7-10 The page includes the following fields: Object • Port • Role appears.
Page 117: Rstp Port Statistics
• State • Bridge 4.7.5 RSTP Port Statistics This page displays the RSTP port statistics counters for port physical ports in the currently selected switch. The RSTP Port Statistics screen in Figure 4-7-11 The page includes the following fields: Object •...
Page 118: Quality Of Service
QoS reduces bandwidth limitations, delay, loss, and jitter. It also provides increased reliability for delivery of your data and allows you to prioritize certain applications across your network. You can define exactly how you want the switch to treat selected applications and types of traffic.
Page 119: Qos Control List Configuration
• DSCP: IPv4 and IPv6 DSCP. • ToS: The 3 precedence bit in the ToS byte of the IPv4/IPv6 header (also known as DS field). • Tag Priority: User Priority. Only applicable if the frame is VLAN tagged or priority tagged. SGSW-24040 / SGSW-24040R...
Page 120: Qos Control Entry Configuration
: Moves the QCE up the list. : Moves the QCE down the list. : Deletes the QCE. : The lowest plus sign adds a new entry at the bottom of the list of QCL. appears. Figure 4-8-2 QCE Configuration page screenshot SGSW-24040 / SGSW-24040R...
Page 121: Port Qos Configuration
Select a traffic class of Low, Normal, Medium, or High to apply to the QCE. If the QCE type is ToS or Tag Priority, there are 8 rows of traffic class that can be configured for each priority. Figure 4-8-3 appears. SGSW-24040 / SGSW-24040R...
Page 122 Select which QCL to use for the port. Select the default user priority for this port when adding a Tag to the untagged frames. Select which Queuing mode for this port. Setting Queue weighted(Low:Normal:Medium:High) if the "Queuing Mode" is "Weighted". SGSW-24040 / SGSW-24040R...
Page 123: Qcl Configuration Wizard
Set up the traffic class mapping to the precedence part of ToS (3 bits) when receiving IPv4/IPv6 packets. Set up the traffic class mapping to the User Priority value (3 bits) when receiving VLAN tagged packets. Figure 4-8-6 appears.. SGSW-24040 / SGSW-24040R...
Page 124 Frames that hit this QCE are set to match this specific QCL. A row of radio buttons for each port is displayed for each QCL ID. To include a port in a QCL member, click the radio button. SGSW-24040 / SGSW-24040R...
Page 125: Set Up Typical Network Application Rules
Indicates the common servers that apply to the specific QCE . The common servers are: • QuickTime 4 Server • MSN Messenger Phone • Yahoo Messenger Phone Napster • Real Audio • Indicates the common games that apply to the specific QCE. SGSW-24040 / SGSW-24040R...
Page 126 DSCP: Specify the DSCP filter for this QCE. The allowed range is 0 to 63. Description Select the QCL ID to which these QCEs apply, Select a traffic class of Low, Normal, Medium, or High to apply to the QCE. SGSW-24040 / SGSW-24040R...
Page 127: Set Up Tos Precedence Mapping
The QCL configuration wizard is finished, and the new configuration is ready for use. Description Select the QCL ID to which this QCE applies. Select a traffic class of Low, Normal, Medium, or High to apply to the QCE. SGSW-24040 / SGSW-24040R Figure...
Page 128: Set Up Vlan Tag Priority Mapping
The QCL configuration wizard is finished, and the new configuration is ready for use. Description Select the QCL ID to which this QCE applies. Select a traffic class of Low, Normal, Medium, or High to apply to the QCE. SGSW-24040 / SGSW-24040R...
Page 129: Qos Statistics
4.8.5 QoS Statistics This page provides statistics for the different queues for all switch ports. The ports belong to the currently selected stack unit, as reflected by the page header. The QoS Statistics screen in The page includes the following fields: Object •...
Page 130: Bandwidth Control
4.8.6 Bandwidth Control Configure the switch port rate limit for Policers and Shapers on this page. The settings relate to the currently selected stack unit, as reflected by the page header. The screen Bandwidth Control in The page includes the following fields: Object •...
Page 131: Storm Control Configuration
4.8.7 Storm Control Configuration Storm control for the switch is configured on this page. There three types of storm rate control: Unicast storm rate control Multicast storm rate control Broadcast storm rate control. The rate is 2^n, where n is equal to or less than 15, or "No Limit". The unit of the rate can be either pps (packets per second) or kpps (kilopackets per second).
Page 132: Multicast
The Internet Group Management Protocol (IGMP) lets host and routers share information about multicast groups memberships. IGMP snooping is a switch feature that monitors the exchange of IGMP messages and copies them to the CPU for feature processing. The overall purpose of IGMP Snooping is to limit the forwarding of multicast frames to only ports that are a member of the multicast group.
Page 133 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Figure 4-9-2 Multicast flooding Figure 4-9-3 IGMP Snooping multicast stream control...
Page 134 The Time-to-Live (TTL) field of query messages is set to 1 so that the queries will not be forwarded to other sub networks. IGMP version 2 introduces some enhancements such as a method to elect a multicast queried for each LAN, an explicit leave Checksum Meaning SGSW-24040 / SGSW-24040R...
Page 135 IGMP Querier – A router, or multicast-enabled switch, can periodically ask their hosts if they want to receive multicast traffic. If there is more than one router/switch on the LAN performing IP multicasting, one of these devices is elected “querier” and assumes the role of querying the LAN for group members.
Page 136: Igmp Snooping Configuration
Enable the IGMP Querier in the VLAN. The Querier will send out if no Querier received in 255 seconds after IGMP Querier Enabled. Each Querier's interval is 125 second, and it will stop act as an IGMP Querier if received any Querier from other devices. SGSW-24040 / SGSW-24040R...
Page 137: Igmp Port Related Configuration
Specify which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier. If an aggregation member port is selected as a router port, the whole aggregation will act as a router port.
Page 138: Igmp Snooping Status
Show the Querier status is "ACTIVE" or "IDLE". The number of Transmitted Querier. The number of Received Querier. The number of Received V1 Reports. The number of Received V2 Reports. The number of Received V3 Reports. The number of Received V2 Leave. SGSW-24040 / SGSW-24040R...
Page 139: Multicast Address Table
Check to delete the entry. It will be deleted during the next save. The VLAN ID for the entry. The MAC address for the entry. Checkmarks indicate which ports are members of the entry. Check or uncheck as needed to modify the entry. SGSW-24040 / SGSW-24040R...
Page 140: Ieee 802.1X Network Access Control
MAC-based authentication, users are called clients, and the switch acts as the supplicant on behalf of clients. The initial frame (any kind of frame) sent by a client is snooped by the switch, which in turn uses the client's MAC address as both username and password in the subsequent EAP exchange with the RADIUS server.
Page 141: Understanding Ieee 802.1X Port-Based Authentication
Authentication server—performs the actual authentication of the client. The authentication server validates the identity of the client and notifies the switch whether or not the client is authorized to access the LAN and switch services. Because the switch acts as the proxy, the authentication service is transparent to the client. In this release, the Remote Authentication Dial-In User Service (RADIUS) security system with Extensible Authentication Protocol (EAP) extensions is the only supported authentication server;...
Page 142 It then sends an EAP-request/identity frame to the client to request its identity (typically, the switch sends an initial identity/request frame followed by one or more requests for authentication information). Upon receipt of the frame, the client responds with an EAP-response/identity frame.
Page 143 Ports in Authorized and Unauthorized States The switch port state determines whether or not the client is granted access to the network. The port starts in the unauthorized state. While in this state, the port disallows all ingress and egress traffic except for 802.1X protocol packets. When a client is successfully authenticated, the port transitions to the authorized state, allowing all traffic for the client to flow normally.
Page 144: System Configuration
MAC-based authentication allows for authentication of more than one user on the same port, and doesn't require the user to have special 802.1X software installed on his system. The Managed Switch uses the user's MAC address to authenticate against the RADIUS server. Intruders can create counterfeit MAC addresses, which makes MAC-based authentication less secure than 802.1X authentication.
Page 145 For MAC-based ports, reauthentication is only useful if the RADIUS server configuration has changed. It does not involve communication between the switch and the client, and therefore doesn't imply that a client is still present on a port (see Age Period below).
Page 146: And Mac-Based Authentication Port Configuration
The 802.1X Port Configuration screen in Figure 4-10-4 appears. Figure 4-10-4 802.1X Port Configuration page screenshot The table has one row for each port on the selected switch in the stack and a number of columns, which are: Object Description...
Page 147 Authorized: Forces the port to grant access to all clients, 802.1X-aware or not. The switch transmits an EAPOL Success frame when the port links up. Unauthorized: Forces the port to deny access to all clients, 802.1X-aware or not. The switch transmits an EAPOL Failure frame when the port links MAC-Based: Enables MAC-based authentication on the port.
Page 148 (port-based authentication). For MAC-based authentication, reauthentication will be attempted immediately. Reinitialize: Forces a reinitialization of the port/clients and thereby a reauthentication immediately. The port/clients will transfer to the unauthorized state while the reauthentication is ongoing. SGSW-24040 / SGSW-24040R...
Page 149: Port Status
4.10.4 802.1X Port Status This page provides an overview of the current IEEE 802.1X port states for the selected switch. The 802.1X Port Status screen in Figure 4-10-5 appears. The page includes the following fields: Object • Port • State •...
Page 150: And Mac-Based Authentication Statistics
4.10.5 802.1X and MAC-Based Authentication Statistics This page provides detailed IEEE 802.1X statistics for a specific switch port running port-based authentication. For MAC-based ports, it shows selected RADIUS statistics, only. Use the port select box to select which port details to be displayed. The 802.1X...
Page 151 The number of EAPOL frames that have been received by the switch in which the Packet Body Length field is invalid. The number of EAPOL frames of any type that have been transmitted by the switch.
Page 152 Responses RADIUS Counters IEEE Name Port-based: Counts the number of times that the switch receives the first request from the RADIUS server following the first response from the supplicant. Indicates that the RADIUS server has communication with the switch. MAC-based:...
Page 153 Last Authentication: Show the date and time of the last authentication of the client. This gets updated for every re-authentication of the client. MAC-based: Counts all the RADIUS packets sent from the switch towards the RADIUS server for a given port (left-most table) or client (right-most table). Possible retransmissions are not counted.
Page 154: Windows Platform Radius Server Configuration
4.10.6 Windows Platform RADIUS Server Configuration Setup the RADIUS server and assign the client IP address to the Managed switch. In this case, field in the default IP Address of the Managed Switch with 192.168.0.100. And also make sure the shared secret key is as same as the one you had set at the switch RADIUS server –...
Page 155 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Figure 4-10-9 Windows Server RADIUS Server setting path Enter ” Active Directory Users and Computers”, create legal user data, the next, right-click a user what you created to enter properties, and what to be noticed:...
Page 156: Client Configuration
The following procedures show how to configure 802.1X Authentication in Windows XP. Please note that if you want to change the 802.1x authentication type of a wireless client, i.e. switch to EAP-TLS from EAP-MD5, you must remove the current existing wireless network from your preferred connection first, and add it in again.
Page 157 Click “OK”. When client has associated with the Managed Switch, a user authentication notice appears in system tray. Click on the notice to continue. SGSW-24040 / SGSW-24040R Figure 4-10-12 Figure 4-10-13...
Page 158 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Enter the user name, password and the logon domain that your account belongs. 10. Click “OK” to complete the validation process. Figure 4-10-14...
Page 159: Access Control Lists
4.11.1 Access Control List Configuration This page shows the Access Control List (ACL), which is made up of the ACEs defined for this Managed Switch. Each row describes the ACE that is defined.
Page 160 Enabled: Frames matching the ACE are stored in the System Log. Disabled: Frames matching the ACE are not logged. Enabled: If a frame matches the ACE, the ingress port will be disabled. Disabled: Port shut down is disabled for the ACE. SGSW-24040 / SGSW-24040R...
Page 161: Ace Configuration
Any: The ACE applies to any port. Port n: The ACE applies to this port number, where n is the number of the switch port. Policy n: The ACE applies to this policy number, where n can range from 1 through 8.
Page 162 Specify the tag priority for this ACE. A frame that hits this ACE matches this tag Tag Priority priority. The allowed number range is 0 to 7. The value Any means that no tag priority is specified (tag priority is "don't-care".) SGSW-24040 / SGSW-24040R...
Page 163: Arp Parameters
0: ARP frames where SHA is not equal to the SMAC address. 1: ARP frames where SHA is equal to the SMAC address. Any: Any value is allowed ("don't-care"). Specify whether frames can hit the action according to their target hardware SGSW-24040 / SGSW-24040R...
Page 164 • UDP: Select UDP to filter IPv4 UDP protocol frames. Extra fields for defining UDP parameters will appear. These fields are explained later in this help file. • TCP: Select TCP to filter IPv4 TCP protocol frames. Extra fields for defining SGSW-24040 / SGSW-24040R...
Page 165 • Any: No destination IP filter is specified. (Destination IP filter is "don't-care".) • Host: Destination IP filter is set to Host. Specify the destination IP address in the DIP Address field that appears. • Network: Destination IP filter is set to Network. Specify the destination IP SGSW-24040 / SGSW-24040R...
Page 166 "don't-care"). you can enter a specific TCP/UDP source value. A field for entering a TCP/UDP source value appears. ACE, you can enter a specific TCP/UDP source range value. A field for entering a TCP/UDP source value appears. SGSW-24040 / SGSW-24040R...
Page 167 • 0: TCP frames where the URG field is set must not be able to match this entry. • 1: TCP frames where the URG field is set must be able to match this entry. • Any: Any value is allowed ("don't-care"). SGSW-24040 / SGSW-24040R...
Page 168: Acl Configuration Wizard
EtherType value. A field for entering a EtherType value appears. When "Specific" is selected for the EtherType filter, you can enter a specific EtherType value. The allowed range is 0x600 to 0xFFFF. A frame that hits this ACE matches this EtherType value. Figure 4-11-2 appears. SGSW-24040 / SGSW-24040R...
Page 169: Set Up Policy Rules
Strictly control the network traffic by only allowing incoming frames that match the source IP and source MAC on specific port. Set up the specific ACL to detect DoS attack. Figure 4-11-3 Set up Policy Rules page screenshot SGSW-24040 / SGSW-24040R...
Page 170: Set Up Port Policies
Frames that hit this ACE are set to match this specific policy. A row of radio buttons for each port is displayed for each Policy ID. To include a port in a policy member, click the radio button. SGSW-24040 / SGSW-24040R...
Page 171: Set Up Typical Network Application Rules
0x600 to 0xFFFF. • UDP Port: Specify the UDP destination port filter for this ACE. The allowed range is 0 to 65535. • TCP Port: Specify the TCP destination port filter for this ACE. The allowed SGSW-24040 / SGSW-24040R Figure 4-11-5 appears.
Page 172 Any: The ACE applies to any port. • Port n: The ACE applies to this port number, where n is the number of the switch port. • Policy n: The ACE applies to this policy number, where n can range from 1 SGSW-24040 / SGSW-24040R...
Page 173 • Any: The ACE applies to any port. • Switch n: The ACE applies to this switch number, where n is the number of the switch. Specify the action to take with a frame that hits this ACE. Permit: The frame that hits this ACE is granted permission for the ACE •...
Page 174: Set Up Source Mac And Source Ip Binding
Enable or disable the source IP and source MAC binding status for the given logical port. The source MAC address for the source IP and source MAC binding. The source IP address for the source IP and source MAC binding. SGSW-24040 / SGSW-24040R...
Page 175: Set Up Dos Attack Detection Rules
When the target system receives these packets, it will determine what application is waiting on the destination port. When it realizes that there is no application that is waiting on the port, it will generate an ICMP SGSW-24040 / SGSW-24040R...
Page 176: Set Up Dos Attack Detection Rules
After receiving the packet, all reachable hosts send an ICMP echo reply packet back to the spoofed source address. Thus, the target host will suffer from a larger amount of traffic generated. SGSW-24040 / SGSW-24040R...
Page 177 Select the switch to which this ACE applies. • Any: The ACE applies to any port. • Switch n: The ACE applies to this switch number, where n is the number of the switch. Specify the action to take with a frame that hits this ACE.
Page 178: Acl Rate Limiter Configuration
4.11.4 ACL Rate Limiter Configuration Configure the rate limiter for the ACL of the switch. The ACL Rate Limiter Configuration screen in Figure 4-11-13 ACL Rate Limiter Configuration page screenshot The page includes the following fields: Object • Rate Limiter ID •...
Page 179: Acl Ports Configuration
4.11.5 ACL Ports Configuration Configure the ACL parameters (ACE) of each switch port. These parameters will affect frames received on a port unless the frame matches a specific ACE. The settings relate to the currently selected stack unit, as reflected by the page header.
Page 180 Specify the port shut down operation of this port. The allowed values are: Enabled: If a frame is received on the port, the port will be disabled. Disabled: Port shut down is disabled. The default value is "Disabled". • Counter Counts the number of frames that match this ACE. SGSW-24040 / SGSW-24040R...
Page 181: Address Table
Switching of frames is based upon the DMAC address contained in the frame. The Managed Switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to ( based upon the DMAC address in the frame ).
Page 182: Static Mac Table Configuration
The static entries in the MAC table are shown in this table. The static MAC table can contain 64 entries. The maximum of 64 entries is for the whole stack, and not per switch. The MAC table is sorted first by VLAN ID and then by MAC address.
Page 183: Mac Address Table Status
Figure 4-12-3 MAC Address Table Status Description Indicates whether the entry is a static or dynamic entry. The VLAN ID of the entry. The MAC address of the entry. The ports that are members of the entry. SGSW-24040 / SGSW-24040R...
Page 184 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Buttons Auto-refresh □ : Check this box to enable an automatic refresh of the page at regular intervals. Refreshe: Refreshes the displayed table starting from the "Start from MAC address" and "VLAN" input fields.
Page 185: Port Security
4.13 Port Security (To be Continued) Port security is a feature that allows you to configure a switch port with one or more device MAC addresses that are authorized to access the network through that port. When port security is enabled on a port, the Managed Switch stops learning new MAC addresses on the specified port when it has reached a configured maximum number.
Page 186 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Make sure that the link used for managing the switch is added to the Static Mac Table before changing to secure learning mode, otherwise the management link is lost and can only be restored by using another non-secure port or by connecting to the switch via the serial interface.
Page 187: Lldp
User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R 4.14 LLDP 4.14.1 Link Layer Discovery Protocol Link Layer Discovery Protocol (LLDP) is used to discover basic information about neighboring devices on the local broadcast domain. LLDP is a Layer 2 protocol that uses periodic broadcasts to advertise information about the sending device. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.1ab standard, and can include details...
Page 188: Lldp Configuration
Figure 4-14-1 LLDP Configuration page screenshot Description The switch is periodically transmitting LLDP frames to its neighbors for having the network discovery information up-to-date. The interval between each LLDP frame is determined by the Tx Interval value. Valid values are restricted to 5 - 32768 seconds.
Page 189 • Tx Reinit When a port is disabled, LLDP is disabled or the switch is rebooted a LLDP shutdown frame is transmitted to the neighboring units, signaling that the LLDP information isn't valid anymore. Tx Reinit controls the amount of seconds between the shutdown frame and a new LLDP initialization.
Page 190 The management address protocol packet includes the IPv4 address of the switch. If no management address is available, the address should be the MAC address for the CPU or for the port sending this advertisement. The management address TLV may also include information about the specific interface associated...
Page 191: Lldp Neighbor
(-). Management Address is the neighbor unit's address that is used for higher layer entities to assist the discovery by the network management. This could for instance hold the neighbor's IP address. SGSW-24040 / SGSW-24040R...
Page 192: Lldp Statistics
This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters are counters that refer to the whole stack, switch, while local counters refers to counters for the currently selected switch. The LLDP Statistics screen in Figure 4-14-4 appears.
Page 193 • Frames Discarded If an LLDP frame is received on a port, and the switch's internal table has run full, the LLDP frame is counted and discarded. This situation is known as "Too Many Neighbors" in the LLDP standard. LLDP frames require a new entry in the table when the Chassis ID or Remote Port ID is not already contained within the table.
Page 194: Network Diagnastics
10 and 100 Mbps ports will be linked down while running cable diagnostic. Therefore, running cable diagnastic on a 10 or 100 Mbps management port will cause the switch to stop responding until VeriPHY is complete. The ports belong to the currently selected stack unit, as reflected by the page header.
Page 195: Ping
• Ping Size Be sure the target IP Address is within the same network subnet of the switch, or you had setup the correct gateway IP address. After field the parameter and press “Start” to execute the Ping function. The Ping result shows at the next tabl...
Page 196: Stacking
Multiple PLANET SGSW-24040 / SGSW-24040R devices may be connected together to constitute a ring or chain stack topology using the STX / 5Gbps ports as interconnect links. Dedicated stacking features built into SGSW-24040 / SGSW-24040R makes all devices in the stack operate together as a single, much larger switch. Among the stacking features are:...
Page 197 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R Chain Stack: A chain of switches, that is, no redundant forwarding paths. Figure 4-16-1 Chain Stack topology Ring Stack: A ring of switches, thereby providing redundant forwarding paths. Figure 4-16-2 Ring Stack topology Back-to-Back Stack : Two switches interconnected on both stacking ports.
Page 198: Stack
Assigning and Swapping Switch IDs When a switch is added to the stack, a Switch ID is automatically assigned to the switch. The automatic SID assignment can be modified by choosing a different Switch ID on the Stack Configuration page. This method allows Switch IDs to be assigned so that it is easier for the user to remember the ID of each switch.
Page 199: Master Election
4.16.1.3 Stack Redundancy In the unlikely event that a SGSW Switch fails in a stack, stack integrity is maintained if the redundant cable is connected to the stack. The affected switch within the sack can be replaced or removed without disrupting normal operation. The broken link is bypassed and data transmission continues uninterrupted.
Page 200: Shortest Path Forwarding
Figure 4-16-4 Remove or Replace a switch from the stack 4.16.1.4 Shortest Path Forwarding The SGSW Swtich supports shortest path forwarding technology to optimal data flow across the stack. The advantage of shortest path forwarding as below: Automatic Loop Prevention – Using Time To Live (TTL) information in the stack-header Utilize all stack links in the ring.
Page 201: Stack Configuration
4.16.2 Stack Configuration This page is used for configure the stack, include assign Switch ID, master priority and display the current stack member information. The screen in Figure 4-16-6appears. The page includes the following fields: Object • Delete • Stack Member •...
Page 202: Stack Information
Stack List For each switch in the stack, the following information is shown: The MAC address, Switch ID, product name and version, and master election state. The master election state is normally "No". Only when a forced master election is enforced by the user, the master election state takes the value "Yes".
Page 203 As the heading suggests, the information in the table is as seen from the master view. For each switch in the stack, the following information is shown: • The MAC address, switch ID, distance information, and the primary forwarding path to the switch. • For ring topology, a backup path is also provided.
Page 204: Stack Port State Ovewview
Figure 4-16-9 Stack Information page screenshot - Master Forwarding Table 4.16.4 Stack Port State Ovewview This page provides an overview of the current switch port states. Clicking on the image of a port opens the Port Statistics page.The port states are illustrated as follows:...
Page 205: Stack Example
Step 3: Use the Web browser such as IE 6.0 to login the Master Switch, the default IP address is 192.168.0.100. Or you can use the PLANET Smart Discovery Utility to find out the IP address of the stack group.
Page 206 SGSW-24040 / SGSW-24040R Figure 4-16-12 Stack Configuration Step 5: We wish to make the SGSW switch with MAC “00-30-4f-24-04-76” / Switch ID=2 to become the Stack Master and swap the Switch ID to 1. Select the switch with ID=1 and assign a new ID for this unit, for example: ID=4 Figure 4-16-13 Assing new ID for current master Select the target switch and set up with lower priority “1”, also re-assing the Switch ID=1 for it.
Page 207 Figure 4-16-14 The result after master election Step 6: After the Stack Master and Members have been configured, any switch in the stack can be managed from the web agent by choosing the desired Member ID from the Switch drop down menu.
Page 208: Command Line Interface
This chapter describes how to use the Command Line Interface (CLI). Logon to the Console Once the terminal has connected to the device, power on the WGSW / SGSW Managed Switch, the terminal will display that it is running testing procedures.
Page 209: Configure Ip Address
IP Address : 192.168.0.100 Subnet Mask : 255.255.255.0 To check the current IP address or modify a new IP address for the Switch, please use the procedures as follow: Show the current IP address On ”Switch/> ” prompt, enter “show ip”.
Page 210 Repeat Step 1 to check if the IP address is changed. If the IP is successfully configured, the Managed Switch will apply the new IP address setting immediately. You can access the Web interface of WGSW / SGSW Managed Switch through the new IP address.
Page 211: Telnet Login
User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R 5.2 Telnet login The Managed Switch also supports telnet for remote management. The switch asks for user name and password for remote login when using telnet, please use “admin” for password.
Page 212: Command Line Mode
Access Control List Mirror Port mirroring SNMP Simple Network Management Protocol Stack Stack management Firmware Download of firmware via TFTP 6.1 System Command System Configuration Description: Show system configuration. Syntax: System Configuration [all] [<port_list>] Parameters: SGSW-24040 / SGSW-24040R 6. Command Line Mode...
Page 213: System Reboot
: Show all switch configuration, default: Show system configuration <port_list>: Port list or 'all', default: All ports Example: To display system information: Switch/>system configuration System Name : SGSW-24040 System Password: admin CLI Prompt : Switch Timezone Offset: 0 MAC Address...
Page 214: System Name
The first character must be an alpha character, and the first or last character must not be a minus sign. Default Setting: SGSW-24040 Example: To set device title: Switch/>System name SGSW-24040-LAB System Prompt Description: Set the CLI prompt string. Syntax: System Prompt <prompt> SGSW-24040 / SGSW-24040R...
Page 215: System Password
Syntax: System Password [<password>] Parameters: <password>: System password or 'clear' to clear Default Setting: admin Example: To set password: Switch/>system password admin System SNTP Description: Set or show the SNTP Time server address. Syntax: System SNTP [<ip_addr>] SGSW-24040 / SGSW-24040R...
Page 216: System Timezone
<offset>: Time zone offset in minutes (-720 to 720) relative to UTC Default Setting: Example: To set timezone: Switch/>system timezone 0 System Firmware Load Description: Load new firmware from TFTP server. Syntax: System Firmware Load <ip_server> <file_name> Parameters: SGSW-24040 / SGSW-24040R...
Page 217 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R <ip_server>: TFTP server IP address (a.b.c.d) <file_name>: Firmware file name...
Page 218: Ip Configuration
SNTP Server: 0.0.0.0 IP DHCP Description: Set or show the DHCP client mode. Syntax: IP DHCP [enable|disable] Parameters: enable : Enable or renew DHCP client disable: Disable DHCP client Default Setting: Disable Example: Disable DHCP sever: SWITCH/>ip dhcp disable SGSW-24040 / SGSW-24040R...
Page 219: Ip Setup
Set IP address: SWITCH/>ip setup 192.168.0.100 255.255.255.0 IP Ping Description: Ping IP address (ICMP echo). Syntax: IP Ping <ip_addr> [<ping_length>] Parameters: <ip_addr> : IP host address (a.b.c.d) <ping_length>: Ping data length (8-1400), excluding MAC, IP and ICMP headers Example: SGSW-24040 / SGSW-24040R...
Page 220 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R SWITCH/>ip ping 192.168.0.51 PING server 192.168.0.51 60 bytes from 192.168.0.51: icmp_seq=0, time=0ms 60 bytes from 192.168.0.51: icmp_seq=1, time=0ms 60 bytes from 192.168.0.51: icmp_seq=2, time=10ms 60 bytes from 192.168.0.51: icmp_seq=3, time=0ms 60 bytes from 192.168.0.51: icmp_seq=4, time=0ms...
Page 221: Port Management Command
: Enable port disable : Disable port (default: Show administrative mode) Power -------- Disabled 9600 Enabled Disabled 9600 Enabled Disabled 9600 Enabled Disabled 9600 Enabled SGSW-24040 / SGSW-24040R Excessive Link ------------ ---- Discard Down Discard Down Discard Down Discard 100fdx...
Page 222: Port Mode
: Auto negotiation of speed and duplex (default: Show configured and current mode) Default Setting: Auto Example: Set 10Mbps (half duplex) speed for port1 SWITCH/>port mode 1 10hdx Port Flow Control Description: Set or show the port flow control mode. SGSW-24040 / SGSW-24040R...
Page 223: Port Maximum Frame
Port MaxFrame [<port_list>] [<max_frame>] Parameters: <port_list>: Port list or 'all', default: All ports <max_frame>: Port maximum frame size (1518-9600), default: Show maximum frame size Default Setting: 9600 Example: Set 2048 frame size for port1 SWITCH/>port maxframe 1 2048 SGSW-24040 / SGSW-24040R...
Page 224: Port Power
Set or show the port excessive collision mode. Syntax: Port Excessive [<port_list>] [discard|restart] Parameters: <port_list>: Port list or 'all', default: All ports discard : Discard frame after 16 collisions restart : Restart backoff algorithm after 16 collisions (default: Show mode) Default Setting: Discard SGSW-24040 / SGSW-24040R...
Page 225: Port Statistics
: Show normal priority statistics medium : Show medium priority statistics high : Show high priority statistics (default: Show all port statistics) Port VeriPHY Description: Run cable diagnostics. Syntax: Port VeriPHY [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports SGSW-24040 / SGSW-24040R...
Page 226: Port Numbers
Port Numbers Description: Show port numbering. Syntax: Port Numbers SGSW-24040 / SGSW-24040R...
Page 227: Mirror Configuration
Set or show the mirror port. Syntax: Mirror Port [<port>|disable] Parameters: <port>|disable: Mirror port or 'disable', default: Show port Default Setting: Disable Mirror SID Description: Set or show the mirror switch ID. Syntax: Mirror SID [<sid>] Parameters: <sid>: Switch ID (1-16) SGSW-24040 / SGSW-24040R...
Page 228: Mirror Mode
<port_list>: Port list or 'all', default: All ports enable : Enable Rx and Tx mirroring disable: Disable Mirroring : Enable Rx mirroring : Enable Tx mirroring (default: Show mirror mode) Default Setting: Disable Example: Enable mirror mode for port20 SWITCH/>mirror mode 20 enable SGSW-24040 / SGSW-24040R...
Page 229: Link Aggregation Command
Aggregation Add Description: Add or modify link aggregation. Syntax: Aggr Add <port_list> [<aggr_id>] Parameters: <port_list>: Port list <aggr_id> : Aggregation ID, global: 1-2, local: 3-14 Default Setting: Disable Example: Add port 1~4 in Group1 SWITCH/>aggr add 1-4 1 SGSW-24040 / SGSW-24040R...
Page 230: Aggregation Delete
SWITCH/>aggr delete 2 Aggregation Lookup Description: Lookup link aggregation. Syntax: Aggr Lookup [<aggr_id>] Parameters: <aggr_id>: Aggregation ID, global: 1-2, local: 3-14 Example: Show aggregation status SWITCH/>aggr lookup 1 Aggr ID Name Type ----------- ------- ------- GLAG1 Static Ports ------- SGSW-24040 / SGSW-24040R...
Page 231: Aggregation Mode
: Source and destination UDP/TCP port enable : Enable field in traffic distribution disable : Disable field in traffic distribution Default Setting: SMAC : Enabled DMAC : Disabled : Enabled Port : Enabled Example: Disable SMAC mode SWITCH/>Aggr mode smac disable SGSW-24040 / SGSW-24040R...
Page 232: Lacp Configuration
Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active Disabled Auto Active SGSW-24040 / SGSW-24040R...
Page 233: Lacp Mode
Enable LACP for port1~4 SWITCH/>lacp mode 1-4 enable LACP Key Description: Set or show the LACP key. Syntax: LACP Key [<port_list>] [<key>] Parameters: <port_list>: Port list or 'all', default: All ports <key> : LACP key (1-65535) or 'auto' SGSW-24040 / SGSW-24040R...
Page 234: Lacp Role
<port_list>: Port list or 'all', default: All ports active : Initiate LACP negotiation passive: Listen for LACP packets (default: Show LACP role) Default Setting: Active Example: Set passive for port1~4 SWITCH/>lacp role 1-4 passive LACP Status Description: Show LACP Status. Syntax: LACP Status [<port_list>] SGSW-24040 / SGSW-24040R...
Page 235: Lacp Statistics
<port_list>: Port list or 'all', default: All ports clear : Clear LACP statistics Example: Show LACP statistics of port1~4 SWITCH/>lacp statistics 1-4 Port Rx Frames Tx Frames ------ --------------- --------------- ------------------------ ------------ Rx Unknown Rx Illegal --------------- ---------- SGSW-24040 / SGSW-24040R...
Page 236 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R...
Page 237: Vlan Configuration Command
1-26 VLAN Mode Description: Set or show the VLAN Mode. Syntax: VLAN Mode [portbased|dot1q] Parameters: portbased : Port-Based VLAN Mode dot1q : 802.1Q VLAN Mode Default Setting: LinkType Q-in-Q Mode Eth type ------------ ------------------ -------- UnTag Disable SGSW-24040 / SGSW-24040R...
Page 238: Vlav Pvid
VLAN Frame Type Description: Set or show the port VLAN frame type. Syntax: VLAN FrameType [<port_list>] [all|tagged] Parameters: <port_list>: Port list or 'all', default: All ports : Allow tagged and untagged frames tagged : Allow tagged frames only SGSW-24040 / SGSW-24040R...
Page 239: Vlan Ingress Filter
: Disable VLAN ingress filtering (default: Show VLAN ingress filtering) Default Setting: Disable Example: Enable VLAN ingress filtering for port20 SWITCH/>vlan ingressfilter 20 enable VLAN Link Type Description: Set or show the port VLAN link type. Syntax: VLAN LinkType [<port_list>] [untagged|tagged] SGSW-24040 / SGSW-24040R...
Page 240: Vlan Q-In-Q Mode
Set or show out layer VLAN tag ether type in Q-in-Q VLAN mode. Syntax: VLAN Ethtype [<port_list>] [man|dot1q] Parameters: <port_list>: Port list or 'all', default: All ports : Set out layer VLAN tag ether type : MAN SGSW-24040 / SGSW-24040R...
Page 241: Vlan Add
<vid> : VLAN ID (1-4095) <port_list>: Port list or 'all', default: All ports Default Setting: Example: Add port17 to port24 in VLAN10 SWITCH/>vlan add 10 17-24 VLAN Delete Description: Delete VLAN entry. Syntax: VLAN Delete <vid> Parameters: SGSW-24040 / SGSW-24040R...
Page 242: Vlan Lookup
<vid>: VLAN ID (1-4095) Example: Delete port17 to port24 in VLAN10 SWITCH/>vlan delete 10 17-24 VLAN Lookup Description: Lookup VLAN entry. Syntax: VLAN Lookup [<vid>] Parameters: <vid>: VLAN ID (1-4095), default: Show all VLANs Example: Show VLAN status SWITCH/>vlan lookup SGSW-24040 / SGSW-24040R...
Page 243: Pvlan Configuration
Parameters: <port_list>: Port list or 'all', default: All ports enable : Enable port isolation disable : Disable port isolation (default: Show port isolation port list) Default Setting: Promiscous Example: Enable isolate for port10 SWITCH/>pvlan isolate 10 enable SGSW-24040 / SGSW-24040R...
Page 244: Spanning Tree Protocol Command
Port Mode Path Cost ---- ------------- -------------- Disabled Auto RSTP SysPrio Description: Set or show the RSTP system priority. Syntax: RSTP SysPrio [<sys_prio>] Parameters: <sys_prio>: RSTP system priority (0/4096/8192/.../57344/61440) Priority Edge Point2point ---------- ----------- --------------- Enabled Auto SGSW-24040 / SGSW-24040R...
Page 245: Rstp Age
<max_age>: RSTP maximum age time (6-200) Default Setting: Example: Set RSTP maximum age time in 200 SWITCH/>rstp age 200 RSTP Delay Description: Set or show the RSTP forward delay. Syntax: RSTP Delay [<delay>] Parameters: <delay>: RSTP forward delay (4-30) Default Setting: SGSW-24040 / SGSW-24040R...
Page 246: Rstp Version
Change RSTP version in compatible SWITCH/>rstp version compatible RSTP Mode Description: Set or show the RSTP mode. Syntax: RSTP Mode [<port_list>] [enable|disable] Parameters: <port_list>: Port list or 'all'. Port zero means aggregations. enable : Enable RSTP protocol disable: Disable RSTP protocol SGSW-24040 / SGSW-24040R...
Page 247: Rstp Cost
Example: Set RSTP cost value in 1 for port1 SWITCH/>rstp cost 1 1 RSTP Priority Description: Set or show the RSTP priority. Syntax: RSTP Priority [<port_list>] [<priority>] Parameters: <port_list>: Port list or 'all'. Port zero means aggregations. SGSW-24040 / SGSW-24040R...
Page 248: Rstp Edge
: Enable RSTP edge disable: Disable RSTP edge Default Setting: Enable Example: Disable RSTP edge parameter for port1 SWITCH/>rstp edge 1 disable RSTP P2P Description: Set or show the RSTP point2point parameter. Syntax: RSTP P2P [<port_list>] [enable|disable|auto] SGSW-24040 / SGSW-24040R...
Page 249: Rstp Status
SWITCH/>rstp status ================================================================= VLAN ID Bridge ID : 32771:00-30-4f-24-24-c1 Root ID : 32771:00-30-4f-24-24-c1 Root Port Root Cost Topology Flag: Steady Port Port Role State ------ ------------- ---------- Disabled Disabled Path Cost Edge Neigb ------------- ------ ------ ------- RSTP SGSW-24040 / SGSW-24040R...
Page 250: Rstp Statistics
RSTP Statistics [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports RSTP mCheck Description: Set the RSTP mCheck (Migration Check) variable for ports. Syntax: RSTP Mcheck [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports SGSW-24040 / SGSW-24040R...
Page 251: Multicast Configuration Command
Enable IGMP mode SWITCH/>igmp mode enable IGMP Mode Description: Set or show the IGMP snooping mode. Syntax: IGMP Mode [enable|disable] Parameters: enable : Enable IGMP snooping disable: Disable IGMP snooping (default: Show IGMP snooping mode) Default Setting: Disabled Example: SGSW-24040 / SGSW-24040R...
Page 252: Igmp State
Enable IGMP mode SWITCH/>igmp mode enable IGMP State Description: Set or show the IGMP snooping state for VLAN. Syntax: IGMP State [<vid>] [enable|disable] Parameters: <vid>: VLAN ID (1-4095), default: Show all VLANs enable : Enable IGMP snooping SGSW-24040 / SGSW-24040R...
Page 253: Igmp Querier
: Enable IGMP querier disable : Disable IGMP querier (default: Show IGMP querier mode) Default Setting: Disable Example: SWITCH/>igmp querier 1 enable IGMP Fast Leave Description: Set or show the IGMP snooping fast leave port mode. Syntax: SGSW-24040 / SGSW-24040R...
Page 254: Igmp Router
<port_list>: Port list or 'all', default: All ports enable : Enable IGMP router port disable : Disable IGMP router port (default: Show IGMP router port mode) Default Setting: Disable Example: Enable IGMP snooping function for port1~4 SWITCH/>igmp router 1-4 enable SGSW-24040 / SGSW-24040R...
Page 255: Igmp Flooding
(default: Show IGMP flood mode) Default Setting: Disable Example: Enable IGMP flooding function SWITCH/>igmp flooding enable IGMP Groups Description: Show IGMP groups. Syntax: IGMP Groups [<vid>] Parameters: <vid>: VLAN ID (1-4095) IGMP Status Description: Show IGMP status. Syntax: IGMP Status [<vid>] SGSW-24040 / SGSW-24040R...
Page 256 <vid>: VLAN ID (1-4095) Default Setting: Disable Example: Enable IGMP flooding function SWITCH/>igmp status 1 Switch 1: --------- Querier Status Queries ---- -------- ---------- IDLE Queries V1 Reports V2 Reports V3 Reports V2 Leave ---------- ------------ ------------- SGSW-24040 / SGSW-24040R -------------- -----------...
Page 257: Quality Of Service Command
QoS Classes [<class>] Parameters: <class>: Number of traffic classes (1,2 or 4) Default Setting: Example: Set QoS classes 2 SWITCH/>qos classes 2 QoS Default Description: Set or show the default port priority. Syntax: QoS Default [<port_list>] [<class>] SGSW-24040 / SGSW-24040R...
Page 258: Qos Tag Priority
<port_list>: Port list or 'all', default: All ports <tag_prio> : VLAN tag priority (0-7) Default Setting: Example: Set priority7 for VLAN3 SWITCH/>qos tagprio 3 7 QoS QCL Port Description: Set or show the port QCL ID. Syntax: SGSW-24040 / SGSW-24040R...
Page 259: Qos Qcl Add
(etype <etype>) | (vid <vid>) | (port <udp_tcp_port>) | (dscp <dscp>) | (tos <tos_list>) | (tag_prio <tag_prio_list>) <class> Parameters: <qcl_id> : QCL ID <qce_id> : QCE ID (1-24) <qce_id_next> : Next QCE ID (1-24) etype : Ethernet Type keyword SGSW-24040 / SGSW-24040R...
Page 260: Qos Qcl Delete
Description: Delete QCE. Syntax: QoS QCL Delete <qcl_id> <qce_id> Parameters: <qcl_id>: QCL ID <qce_id>: QCE ID (1-24) QoS QCL Lookup Description: Lookup QCE. Syntax: QoS QCL Lookup [<qcl_id>] [<qce_id>] Parameters: <qcl_id>: QCL ID <qce_id>: QCE ID (1-24) SGSW-24040 / SGSW-24040R...
Page 261: Qos Mode
QoS Weight [<port_list>] [<class>] [<weight>] Parameters: <port_list> : Port list or 'all', default: All ports <class> : Traffic class low/normal/medium/high or 1/2/3/4 <weight> : Traffic class weight 1/2/4/8 QoS Rate Limiter Description: Set or show the port rate limiter. SGSW-24040 / SGSW-24040R...
Page 262: Qos Shaper
<port_list>: Port list or 'all', default: All ports enable : Enable shaper disable : Disable shaper (default: Show shaper mode) <bit_rate> : Rate in 1000 bits per second (500-1000000 kbps) Default Setting: Disabled, 500kbps Example: Set 1000kbps shaper for port 9~16 SGSW-24040 / SGSW-24040R...
Page 263: Qos Unicast
Syntax: QoS Storm Multicast [enable|disable] [<packet_rate>] Parameters: enable : Enable multicast storm control disable : Disable multicast storm control <packet_rate>: Rate in pps (1, 2, 4, ..., 512, 1k, 2k, 4k, ..., 1024k) Default Setting: Disabled, 1pps SGSW-24040 / SGSW-24040R...
Page 264: Qos Broadcast
: Disable broadcast storm control <packet_rate>: Rate in pps (1, 2, 4, ..., 512, 1k, 2k, 4k, ..., 1024k) Default Setting: Disabled, 1pps Example: Enable broadcast storm rate limiter in 1kpps SWITCH/>qos storm broadcast enable 1k SGSW-24040 / SGSW-24040R...
Page 265: Port Access Control Command
Admin State Port State ------ ------------------ ------------------------- ----------------- Authorized 802.1X Disabled Dotx1 Mode Description: Set or show the 802.1X mode for the switch. Syntax: Dot1x Mode [enable|disable] Parameters: enable : Enable 802.1X Last Source Last ID ------- SGSW-24040 / SGSW-24040R...
Page 266: Dot1X Status
Dot1x State [<port_list>] [macbased|auto|authorized|unauthorized] Parameters: <port_list>: Port list or 'all', default: All ports macbased : Switch performs 802.1X authentication on behalf of the client auto : Port access requires 802.1X authentication authorized : Port access is allowed unauthorized: Port access is not allowed (default: Show 802.1X state)
Page 267: Dot1X Secret
RADIUS server IP address (a.b.c.d) (default: Show IP address) Default Setting: 0.0.0.0 Example: Set RADIUS server IP address for switch. RADIUS server IP address is 192.168.0.254. SWITCH/>dot1x server 192.168.0.254 Dot1x Secret Description: Set or show the secret shared with the RADIUS server.
Page 268: Dot1X Re-Authentication
Parameters: enable : Enable reauthentication disable: Disable reauthentication (default: Show reauthentication mode) Default Setting: Disable Example: Enable re-authentication function SWITCH/>dot1x reauthentication enable Dot1x Period Description: Set or show the period between reauthentications. Syntax: Dot1x Period [<reauth_period>] Parameters: SGSW-24040 / SGSW-24040R...
Page 269: Dot1X Timeout
Dot1x Timeout [<eapol_timeout>] Parameters: <eapol_timeout>: Time between EAPOL retransmissions (1-255 seconds) (default: Show retransmission timeout) Default Setting: Example: Set re-transmission time in 60 seconds SWITCH/>dot1x timeout 60 Dot1x Statistics Description: Show 802.1X statistics. Syntax: Dot1x Statistics [<port_list>] [clear|eapol|radius] SGSW-24040 / SGSW-24040R...
Page 270: Dot1X Clients
Description: Time in seconds between check for activity on successfully authenticated MAC addresses. Syntax: Dot1x Agetime [<age_time>] Parameters: <age_time>: Time between checks for activity on a MAC address that succeeded authentication (default: Show age time) Default Setting: SGSW-24040 / SGSW-24040R...
Page 271: Dot1X Holdtime
Time in seconds before a MAC-address that failed authentication gets a new authentication chance. Syntax: Dot1x Holdtime [<hold_time>] Parameters: <hold_time>: Hold time before MAC addresses that failed authentication expire (default: Show hold time) Default Setting: Example: Set hold time in 100 seconds SWITCH/>dot1x holdtime 100 SGSW-24040 / SGSW-24040R...
Page 272: Access Control List Command
: Deny forwarding <rate_limiter>: Rate limiter number (1-15) or 'disable' <port_copy> : Port number for copy of frames or 'disable' <logging> : System logging of frames: log|log_disable <shutdown> : Shut down ingress port: shut|shut_disable Default Setting: Action: Permit SGSW-24040 / SGSW-24040R...
Page 273: Acl Policy
<port_list>: Port list or 'all', default: All ports <policy> : Policy number (1-8) Default Setting: Example: Set policy ID 8 for port 17-24 SWITCH/>acl policy 17-24 8 ACL Rate Description: Set or show the ACL rate limiter. Syntax: ACL Rate [<rate_limiter_list>] [<packet_rate>] Parameters: SGSW-24040 / SGSW-24040R...
Page 274: Acl Add
ACE ID is not specified, the ACE will be placed last in the list. If the Switch keyword is used, the rule applies to aSyntax: ACL Add [<ace_id>] [<ace_id_next>] [switch | (port <port>) | (policy <policy>)] [<sid>] [<vid>] [<tag_prio>] [<dmac_type>] [(etype [<etype>] [<smac>] [<dmac>]) | (arp [<sip>] [<dip>] [<smac>] [<arp_opcode>] [<arp_flags>]) | (ip [<dip>] [<protocol>] [<ip_flags>]) | (icmp [<sip>] [<dip>] [<icmp_type>] [<icmp_code>] [<ip_flags>]) | (udp [<sip>] [<dip>]...
Page 275: Acl Delete
: Port number for copy of frames or 'disable' <logging> : System logging of frames: log|log_disable <shutdown> : Shut down ingress port: shut|shut_disable ACL Delete Description: Delete ACE. Syntax: ACL Delete <ace_id> Parameters: <ace_id>: ACE ID (1-1024) SGSW-24040 / SGSW-24040R...
Page 276: Acl Lookup
ACL Lookup Description: Show ACE, default: All ACEs. Syntax: ACL Lookup [<ace_id>] Parameters: <ace_id>: ACE ID (1-1024) ACL Lookup Description: Clear all ACL counters. Syntax: ACL Clear SGSW-24040 / SGSW-24040R...
Page 277: Mac Address Table Command
------ ---------- Auto Mac Add Description: Add MAC address table entry. Syntax: MAC Add <mac_addr> <port_list> [<vid>] Parameters: <mac_addr> : MAC address (xx-xx-xx-xx-xx-xx) <port_list>: Port list or 'all' or 'none' <vid> : VLAN ID (1-4095), default: 1 SGSW-24040 / SGSW-24040R...
Page 278: Mac Delete
SWITCH/>mac delete 00-30-4f-01-01-02 1 MAC Lookup Description: Lookup MAC address entry. Syntax: MAC Lookup <mac_addr> [<vid>] Parameters: <mac_addr>: MAC address (xx-xx-xx-xx-xx-xx) <vid> : VLAN ID (1-4095), default: 1 Example: Lookup state of Mac address 00-30-4F-01-01-02 SWITCH/>mac lookup 00-30-4f-01-01-02 SGSW-24040 / SGSW-24040R...
Page 279: Mac Age Time
MAC Learning [<port_list>] [auto|disable|secure] Parameters: <port_list>: Port list or 'all', default: All ports auto : Automatic learning disable: Disable learning secure : Secure learning (default: Show learn mode) Default Setting: Auto Example: Set secure learning mode in port1 SGSW-24040 / SGSW-24040R...
Page 280: Mac Dump
Example: Show all of MAC table SWITCH/>mac dump MAC Statistics Description: Show MAC address table statistics. Syntax: MAC Statistics [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports Example: Set all of MAC statistics SWITCH/>mac statistics SGSW-24040 / SGSW-24040R...
Page 281: Mac Flash
MAC Flash Description: Flush all learned entries. Syntax: MAC Flush SGSW-24040 / SGSW-24040R...
Page 282: Lldp Command
<port_list>: Port list or 'all', default: All ports enable : Enable LLDP reception and transmission disable: Disable LLDP : Enable LLDP reception only : Enable LLDP transmission only (default: Show LLDP mode) Default Setting: Disable Example: Enable port1 LLDP function. SWITCH/>lldp mode 1 enable SGSW-24040 / SGSW-24040R...
Page 283: Lldp Optional Tlv
Description of the system: Enable System capabilities: Enable Master's IP address: Enable Example: Disable description of the port for port1 SWITCH/>lldp optional_tlv 1 port_descr disable LLDP Interval Description: Set or show LLDP Tx interval. Syntax: LLDP Interval [<interval>] SGSW-24040 / SGSW-24040R...
Page 284: Lldp Hold
Set or show LLDP Tx hold value. Syntax: LLDP Hold [<hold>] Parameters: <hold>: LLDP hold value (2-10) Default Setting: Example: Set LLDP hold value in 10 SWITCH/>lldp hold 10 LLDP Delay Description: Set or show LLDP Tx delay. Syntax: LLDP Delay [<delay>] Parameters: SGSW-24040 / SGSW-24040R...
Page 285: Lldp Reinit
<reinit>: LLDP reinit delay (1-10) Default Setting: Example: Set LLDP reinit delay value in 3 SWITCH/>lldp reinit 3 LLDP Information Description: Show LLDP neighbor device information. Syntax: LLDP Info [<port_list>] Parameters: <port_list>: Port list or 'all', default: All ports SGSW-24040 / SGSW-24040R...
Page 286: Lldp Statistics
LLDP Statistics Description: Show LLDP Statistics. Syntax: LLDP Statistics [<port_list>] [clear] Parameters: <port_list>: Port list or 'all', default: All ports clear : Clear LLDP statistics SGSW-24040 / SGSW-24040R...
Page 287: Stack Management Command
: Switch ID (1-16) or local switch <mst_elect_prio>: Master election priority: 1-4. 1 => Highest master probability Example: Set low priority for switch2 SWITCH/>stack master priority 2 4 Stack Master Reelect Description: Force master reelection (ignoring master time). Syntax: Stack Master Reelect SGSW-24040 / SGSW-24040R...
Page 288: Stack Select
Swap SID values used to identify two switches. Syntax: Stack SID Swap <sid> <sid> Parameters: <sid>: Switch ID (1-16) Example: Swap switch ID 1 and 2 SWITCH/>stack sid swap 2 1 Stack SID Delect Description: Delete SID assignment and associated configuration. Syntax: SGSW-24040 / SGSW-24040R...
Page 289: Stack Sid Asign
<sid>: Switch ID (1-16) Stack SID Asign Description: Assign SID and associated configuration to switch. SID must be unassigned, switch must be present and switch must not already be assigned to a SID. Syntax: Stack SID Assign <sid> <mac_addr> Parameters: <sid>...
Page 290: Switch Operation
7.1 Address Table The Switch is implemented with an address table. This address table composed of many entries. Each entry is used to store the address information of some node in network, including MAC address, port no, etc. This in-formation comes from the learning process of Ethernet Switch.
Page 291: Auto-Negotiation
7.5 Auto-Negotiation The STP ports on the Switch have built-in "Auto-negotiation". This technology automatically sets the best possible bandwidth when a connection is established with another network device (usually at Power On or Reset). This is done by detect the modes and speeds at the second of both device is connected and capable of, both 10Base-T and 100Base-TX devices can connect with the port in either Half- or Full-Duplex mode.
Page 292 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R...
Page 293: Trouble Shooting
Solution: Check the full duplex status of the Ethernet Switch. If the Ethernet Switch is set to full duplex and the partner is set to half duplex, then the performance will be poor. Please also check the in/out rate of the port.
Page 294 To reset the IP address to the default IP Address “192.168.0.100” or reset the password to default value. Press the hardware reset button at the front panel about 10 seconds. After the device is rebooted, you can login the management WEB interface within the same subnet of 192.168.0.xx. Reset SGSW-24040 / SGSW-24040R...
Page 295: Appendex A
A.2 10/100Mbps, 10/100Base-TX When connecting your 10/100Mbps Ethernet Switch to another switch, a bridge or a hub, a straight or crossover cable is necessary. Each port of the Switch supports auto-MDI/MDI-X detection. That means you can directly connect the Switch to any Ethernet devices without making a crossover cable.
Page 296 The standard RJ-45 receptacle/connector SIDE 1 SIDE 2 SIDE 1 SIDE 2 Figure A-1: Straight-Through and Crossover Cable SGSW-24040 / SGSW-24040R SIDE 1 SIDE2 1 = White / Orange 1 = White / Orange 2 = Orange 2 = Orange...
Page 297: Appendex B : Glossary
Auto-Negotiation Auto-negotiation is the process where two different devices establish the mode of operation and the speed settings that can be shared by those devices for a link. SGSW-24040 / SGSW-24040R APPENDEX B : GLOSSARY...
Page 298 Dotted Decimal Notation refers to a method of writing IP addresses using decimal numbers and dots as separators between octets. An IPv4 dotted decimal address has the form x.y.z.w, where x, y, z, and w are decimal numbers between 0 and 255. SGSW-24040 / SGSW-24040R...
Page 299 It also provides directory service and security features. Fast Leave IGMP snooping Fast Leave processing allows the switch to remove an interface from the forwarding-table entry without first sending out group specific queries to the interface. The VLAN interface is pruned from the multicast tree for the multicast group specified in the original leave message.
Page 300 LAN port, establishing a point-to-point connection or preventing access from that port if authentication fails. With 802.1X, access to all switch ports can be centrally controlled from a server, which means that authorized users can use the same credentials for authentication from any point within the network.
Page 301 MAC Table Switching of frames is based upon the DMAC address contained in the frame. The switch builds up a table that maps MAC addresses to switch ports for knowing which ports the frames should go to ( based upon the DMAC address in the frame ).
Page 302 NFS supports sharing of files, printers, and other resources as persistent storage over a computer network. Optional TLVs. A LLDP frame contains multiple TLVs For some TLVs it is configurable if the switch shall include the TLV in the LLDP frame. These TLVs are known as SGSW-24040 / SGSW-24040R...
Page 303 In a private VLAN, communication between ports in that private VLAN is not permitted. A VLAN can be configured as a private VLAN. QCE is an acronym for QoS Control Entry. It describes QoS class associated with a particular QCE ID. SGSW-24040 / SGSW-24040R...
Page 304 Ethernet address. RARP is the complement of ARP. Router Port A router port is a port on the Ethernet switch that leads switch towards the Layer 3 multicast device. RSTP In 1998, the IEEE with document 802.1w introduced an evolution of STP: the Rapid Spanning Tree Protocol, which provides for faster spanning tree convergence after a topology change.
Page 305 Switch IDs (1-16) are used to uniquely identify the switches within a stack. The Switch ID of each switch is shown on the display on the front of the switch and is used widely in the web pages as well as in the CLI commands.
Page 306 6-bit ToS field in the IP header. The most significant 6 bits of the ToS field are fully decoded into 64 possibilities, and the singular code that results is compared against the corresponding bit in the IPv4 ToS priority control bit (0~63). SGSW-24040 / SGSW-24040R...
Page 307 VLAN unaware switching: This is the default configuration. All ports are VLAN unaware with Port VLAN ID 1 and members of VLAN 1. This means that MAC addresses are learned in VLAN 1, and the switch does not remove or insert VLAN tags.
Page 308 User’s Manual of WGSW-24040 / WGSW-24040R SGSW-24040 / SGSW-24040R forwarded to the provider port with a single VLAN tag. Tagged frames received on a subscriber port are forwarded to the provider port with a double VLAN tag. VLAN ID VLAN ID is a 12-bit field specifying the VLAN to which the frame belongs.

This manual is also suitable for:

Wgsw-24040r Wgsw-24040 Sgsw-24040

Planet SGSW-24040R User Manual

1 Introdution

2 Installation

3 Switch Management

4 Web Configuration

5 Command Line Interface

6 Command Line Mode

Quick Links

Need help?

Questions and answers

Related Manuals for Planet SGSW-24040R

Summary of Contents for Planet SGSW-24040R