Weidmüller Substation IE-SW-SL26M-24TX-2GC Manual

page of 225

/ 225
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Download this manual

Industrial Ethernet IEC-61850-3 Switches

Manual

for

IE-SW-SL26M-24TX-2GC

SubstationLine

Second Edition, September 2022

Table of Contents

Need help?

Do you have a question about the Substation IE-SW-SL26M-24TX-2GC and is the answer not in the manual?

Questions and answers

Summary of Contents for Weidmüller Substation IE-SW-SL26M-24TX-2GC

Page 1 Industrial Ethernet IEC-61850-3 Switches Manual IE-SW-SL26M-24TX-2GC SubstationLine Second Edition, September 2022...
Page 2 Industrial Ethernet managed Switches Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice Copyright ©2016 Weidmüller Interface GmbH & Co. KG All rights reserved.
Page 3: Table Of Contents
User Manual Managed Switches Table of Contents 1. About this Manual ..................... 6 2. Getting Started ....................6 2.1 Hardware features ........................6 2.2 Software features ........................7 3. Web Management ....................8 3.1 Accessing the Web interface via HTTP ................8 3.2 Accessing the Web interface via HTTPS ................
Page 4 User Manual Managed Switches 3.4.2.5 LACP Statistics ...................... 43 3.4.2.6 Aggregation Status ....................43 3.4.3 Loop Protection ......................44 3.4.3.1 Configuration......................44 3.4.3.2 Status ........................46 3.5 DHCP Server/Relay ......................46 3.5.1 DHCP Server ......................... 47 3.5.1.1 DHCP Server Mode Configuration................. 47 3.5.1.2 DHCP Server Pool Configuration ................
Page 5 User Manual Managed Switches 3.7.2 Configuring Virtual LAN ....................85 3.7.2.1 VLAN Membership ....................85 3.7.2.2 VLAN Membership Status ..................90 3.7.2.3 VLAN Port Status ....................90 3.7.2.4 Private VLAN Membership ..................92 3.7.2.5 Private VLAN Port Isolation ................... 93 3.7.2.6 GVRP Configuration ....................
Page 6 User Manual Managed Switches 3.11.4 IGMP Snooping Status ....................145 3.11.5 IGMP Snooping Group Information ................146 3.11.6 IGMP SFM Information ....................146 3.11.7 IGMP Snooping Port Group Filtering ................. 147 3.11.8 IPMC Profile Configurations..................148 3.11.9 IPMC Profile Address Configuration ................149 3.12 Security ..........................
Page 7 User Manual Managed Switches 3.14.4 Detailed Port Statistics ....................206 3.14.5 Port Monitoring ......................207 3.14.6 System Log Information ..................... 210 3.14.7 VeriPHY Cable Diagnostics ..................211 3.14.8 SFP Monitor ....................... 212 3.14.9 SFP Type ........................213 3.14.10 Ping and Ping6 ......................213 3.15 PTP Synchronization .......................
Page 8: About This Manual
User Manual Managed Switches 1. About this Manual Thank you for purchasing a Weidmüller managed Industrial Ethernet switch. Read this user’s manual to learn how to connect your Weidmüller switch to Ethernet-enabled devices used for industrial applications. The following chapters are covered in this user manual: ...
Page 9: Software Features
User Manual Managed Switches 2.2 Software features • Management Web-interface (HTTP / HTTPS) SNMP v1/v2c/v3 Telnet console Command Line Interface (CLI) Upload of a configuration file via web-interface • Network redundancy Spanning Tree Protocol (STP) Rapid Spanning Tree Protocol (RSTP) Multiple Spanning Tree Protocol (MSTP) Media Redundancy Protocol (MRP;...
Page 10: Web Management
User Manual Managed Switches 3. Web Management In this chapter, we explain how to access the Weidmüller Switch’s through the Web console as well as all the configuration, monitoring, and administration functions available when using this interface. 3.1 Accessing the Web interface via HTTP The Ethernet Switch’s web browser interface provides a convenient way to modify the switch's configuration and access the built-in monitoring and network administration functions.
Page 11 User Manual Managed Switches After logging in, the main general information of the switch is shown including, among others, System Name, Software version, MAC address and Serial number. It is also displayed the front side of the switch (showing the active ports) in the up navigation panel. In this home page is also available the button Enable location alert.
Page 12: Accessing The Web Interface Via Https
User Manual Managed Switches 3.2 Accessing the Web interface via HTTPS To secure your HTTP access, the Weidmüller switch supports HTTPS to encrypt all HTTP traffic. Perform the following steps to access the Weidmüller switch web browser interface via HTTPS/SSL. Open Internet Explorer and enter https://<Switch´s IP address>...
Page 13: Ip Configuration
User Manual Managed Switches System Name Factory Setting Description Default This option is useful for recording a name of the unit. A text string consisting of alphabets (A-Z, a-z), digits (0-9), and minus sign (-). Space is not allowed to be part of the Max.
Page 14 User Manual Managed Switches See a brief explanation of each configuration item below. IPv4 Setting DHCPv4 Factory Setting Description Default The Weidmüller switch’s IP address must be set Disabled manually. The Weidmüller switch’s IP address will be assigned Disabled automatically by the network’s DHCPv4 server. The Enabled DHCPv4 client will announce the configured System Name as hostname to provide DNS lookup.
Page 15 User Manual Managed Switches IP Address Factory Setting Description Default Assigns the Weidmüller Switch´s IPv4 address on a IPv4 address for TCP/IP network. If DHCP is enabled, this field the Weidmüller configures the fallback address. The field may be left 192.168.1.110 Switch blank if IPv4 operation on the interface is not desired -...
Page 16: Ip Status
User Manual Managed Switches (display) the DHCPv6 server. IP Address Factory Setting Description Default Assigns the Weidmüller Switch´s IPv6 address on a TCP/IP network. An IPv6 address is in 128-bit records represented as eight fields of up to four hexadecimal digits with a colon separating each field (:).
Page 17 User Manual Managed Switches The tables displays the following information: IP Interfaces Interface The name of the interface. Type The address type of the entry. This may be LINK, IPv4 or IPv6. Address The current address of the interface (of the given type). Status The status flags of the interface (and/or address).
Page 18: Access Management
User Manual Managed Switches 3.3.4 Access Management 3.3.4.1 Login Methods The Login Methods page allows the user to restrict the remote management of the switch. It is possible to block any specific kind of management (eg: web or telnet). Setting Description Factory Default...
Page 19: Authentication Methods
User Manual Managed Switches Certificate Maintain Setting Description Factory Default None No operation of certificate maintenance. None Delete Delete the current certificate. Upload a certificate PEM file through a web browser or URL. A pass phrase has to be entered if the Upload uploading certificate is protected by a specific passphrase.
Page 20 User Manual Managed Switches Authentication Method Configuration For each client type (console, telnet, ssh and http) the method to authenticate the user can be programmed: Setting Description Factory Default Authentication is disabled and login is not possible. local Use the local user database on the switch for local authentication.
Page 21: Access Security
User Manual Managed Switches Cfg Cmd Setting Description Factory Default Check / Uncheck Also authorize configuration commands. Unchecked Accounting Method Configuration The accounting section allows the administrator to configure command and exec (login) accounting. For each client type (console, telnet and ssh) the following parameters can be programmed: Method Setting Description...
Page 22 User Manual Managed Switches Mode Setting Description Factory Default Disabled / Enable or Disable the access management mode Unchecked Enabled operation. If the Access Management Mode is Enabled, for each entry of the table, the following fields have to be programmed: VLAN ID Setting Description...
Page 23: Access Statistics
User Manual Managed Switches 3.3.4.4 Access Statistics This page provides statistics for access management if the Mode is Enabled in the Access Security page. In the table shown on the page is displayed the following information: Interface The interface type through which the remote host can access the switch. Received Number of received packets from the interface.
Page 24: Privilege Levels
User Manual Managed Switches User Name Factory Setting Description Default Max. 31 Enter the new user name. The valid user name is a None characters combination of letters, numbers and underscores. Password Setting Description Factory Default Max. 31 Enter the password of the new user. Any printable None characters characters including space are acceptable.
Page 25 User Manual Managed Switches The page shows a table with the following fields: Group Name The name identifying the privilege group. In most cases, a privilege level group consists of a single module (e.g. LACP, RSTP or QoS), but a few of them contains more than one.
Page 26: Time Setting
User Manual Managed Switches Privilege Levels Every group has an authorization privilege level for the following subgroups: Configuration Read-only Configuration/Execute Read/write Status/Statistics Read-only Status/Statistics Read/write User Privilege should be same or greater than the authorization Privilege level to have the access to that group. 3.3.6 Time Setting The Time Setting configuration page lets users set the time, date, and other settings.
Page 27 User Manual Managed Switches Set System Date Time manually Factory Setting Description Default None Allows configuration of the local date in yyyy-mm-dd System Date format. Allows configuration of the local time in 24-hour System Time None format. SNTP mode Setting Description Factory Default...
Page 28: Lldp Function
User Manual Managed Switches Daylight Saving Offset Setting Description Factory Default User-specified Specifies the number of minutes that the time should None minutes. be set forward during Daylight Saving Time. 3.3.7 LLDP Function 3.3.7.1 Overview Defined by IEEE 802.11AB, LLDP is an OSI Layer 2 Protocol that standardizes the methodology of self-identity advertisement.
Page 29: Configuration
User Manual Managed Switches 3.3.7.2 Configuration This page allows the user to inspect and configure the current LLDP port settings. LLDP Parameters Tx Interval Setting Description Factory Default 5 to 32768 sec The switch periodically transmits LLDP frames to its 30 (sec) neighbors to update the network discovery information.
Page 30 User Manual Managed Switches Tx Delay Setting Description Factory Default 1 to 8192 sec If some configuration is changed (e.g. the IP address), 2 (sec) a new LLDP frame is transmitted, but the time between the LLDP frames will always be at least the value of Tx Delay seconds.
Page 31: Neighbors
User Manual Managed Switches Sys Descr Setting Description Factory Default Check / Uncheck Optional TLV: When checked, the "system Checked description" is included in LLDP information transmitted. Sys Capa Setting Description Factory Default Check / Uncheck Optional TLV: When checked, the "system capability" Checked is included in LLDP information transmitted.
Page 32: Port Statistics
User Manual Managed Switches Management The neighbor unit's address that is used for higher layer entities to assist Address discovery by the network management. This could for instance hold the neighbor’s IP address. 3.3.7.4 Port Statistics This page provides an overview of all LLDP traffic. Two types of counters are shown. Global counters refer to the whole switch, whilst local counters refer to specific interfaces/ports of the switch.
Page 33: Industrial Protocols
User Manual Managed Switches LLDP Statistics Local Counters Local Interface The port that receives or transmits LLDP frames. Tx Frames The number of LLDP frames transmitted on the port. Rx Frames The number of LLDP frames received on the port. Rx Errors The number of received LLDP frames containing some kind of error.
Page 34: Modbus Tcp
User Manual Managed Switches 3.3.8.1 Modbus TCP Introduction MODBUS TCP is a protocol commonly used for the integration of a SCADA system. It is also a vendor-neutral communication protocol used to monitor and control industrial automation equipment such as PLCs, sensors, and meters. In order to be fully integrated into industrial systems, Weidmüller’s switches support Modbus TCP/IP protocol for real-time monitoring in a SCADA system.
Page 35: Backup & Restore
User Manual Managed Switches Weidmüller Online Product Catalogue. Select or search for device name or part number and refer to section ‘Donwloads’. 3.3.9 Backup & Restore Following saving and restoring functions are available in this web page. • Save the current configuration file in connected PC •...
Page 36: Upgrade Firmware
User Manual Managed Switches 3.3.10 Upgrade Firmware This option is used to upgrade the firmware of the switch when a new version is available. The page already shows the current firmware version stored on the switch. To import a new firmware file into the Weidmüller switch, press the button Select File to select the firmware file that is saved on your computer.
Page 37 User Manual Managed Switches Link Setting Description Factory Default Graphic display of Green indicates the link is up and red that it is down. Current link status Status (no setting) Current Link Speed Setting Description Factory Default Speed Provides the current link speed of the port. Current (no setting) Speed...
Page 38 User Manual Managed Switches Advertise Duplex Setting Description Factory Default Check / Uncheck When duplex is set as auto i.e auto negotiation, the All checked Fdx, Hdx port will only advertise the specified duplex modes (Fdx or Hdx) to the link partner. Advertise Speed Setting Description...
Page 39: Port Trunking
User Manual Managed Switches indicate the frame payload size (in bytes) for values of 1535 and below. If the EtherType/Length field is above 1535, it indicates that the field is used as an EtherType (indicating which protocol is encapsulated in the payload of the frame).
Page 40 User Manual Managed Switches Hash Code Contributors Source MAC Address Setting Description Factory Default Check / Uncheck When enabled, the source MAC address is used to Checked calculate the destination port for the frame. Destination MAC Address Setting Description Factory Default Check / Uncheck When enabled, the destination MAC address is used...
Page 41: Lacp Port Settings
User Manual Managed Switches Static Aggregation Group Configuration Group ID Setting Description Factory Default Normal, 1 to half Indicates the ID of each aggregation group. Normal Normal number of total means no aggregation. Maximum number of groups is ports half number of the total ports and only one group ID is valid per port.
Page 42 User Manual Managed Switches The following parameters can be configured for each port: LACP Enabled Setting Description Factory Default Check / Uncheck Controls whether LACP is enabled on the switch port. Unchecked LACP will form an aggregation when two or more ports are connected to the same partner.
Page 43: Lacp System Status
User Manual Managed Switches Role Setting Description Factory Default Active / Passive Shows the LACP activity status. Active Active: Transmits packets every second. Passive: Waits for an LACP packet from a partner (speak if spoken to). Timeout Setting Description Factory Default Fast / Slow Controls the period between BPDU transmissions.
Page 44: Lacp Port Status
User Manual Managed Switches 3.4.2.4 LACP Port Status This page provides an overview of LACP status of all ports. The displayed table contains information about the different LACP parameters of each port: Port The switch port number. ‘Yes’ means LACP is enabled and the port link is up. ‘No’ means LACP is LACP not enabled or the port link is down.
Page 45: Lacp Statistics
User Manual Managed Switches 3.4.2.5 LACP Statistics This page provides an overview of the LACP statistics for all ports. The displayed table shows the following information: Port The switch port number. LACP Received Shows how many LACP frames have been received at each port. LACP Transmitted Shows how many LACP frames have been sent from each port.
Page 46: Loop Protection
User Manual Managed Switches Aggregated Ports Aggregated member ports of the aggregation group. 3.4.3 Loop Protection Avoid maintenance/installation crews from mistakenly placing one cable on the same switch generating a loop problem. 3.4.3.1 Configuration This page allows the user to enable the Loop Protection function in the different ports of the switch. General Settings Enable Loop Protection Setting...
Page 47 User Manual Managed Switches Transmission Time Setting Description Factory Default 1 to 10 (sec) The interval between each loop protection PDU sent 5 (sec) on each port. Shutdown Time Setting Description Factory Default 0 to 604800 (sec) The period (in seconds) for which a port will be kept 180 (sec) disabled when a loop is detected (shutting down the port).
Page 48: Status
User Manual Managed Switches 3.4.3.2 Status This page displays the loop protection port status of the switch. The displayed table contains information about the loop protection status in each port: Port The switch port number. Action The currently configured port action. Transmit The currently configured port transmit mode.
Page 49: Dhcp Server
User Manual Managed Switches 3.5.1 DHCP Server 3.5.1.1 DHCP Server Mode Configuration This page configures global mode and VLAN mode to enable/disable DHCP server per system and per VLAN. Global Mode Factory Setting Description Default Enabled / Enable / Disable DHCP server per system. Disabled Disabled VLAN Mode...
Page 50: Dhcp Server Excluded Ip Configuration
User Manual Managed Switches Type Factory Setting Description Default Display the type of pool. Network: The pool defines a pool of IP addresses to service more than one DHCP client. ‘-‘ Network / Host Host: The pool services for a specific DHCP client identified by client identifier or hardware address.
Page 51: Dhcp Server Statistics
User Manual Managed Switches 3.5.1.4 DHCP Server Statistics This page displays the database counters and the number of DHCP messages sent and received by DHCP server. There are several tables on the page showing the following information: Database Counters Pool Number of pools.
Page 52: Dhcp Server Binding Ip
User Manual Managed Switches DHCP Message Sent Counters OFFER Number of DHCP OFFER messages sent. Number of DHCP ACK messages sent. Number of DHCP NAK messages sent. 3.5.1.5 DHCP Server Binding IP This page displays bindings generated for DHCP clients. The displayed table shows the following information: IP address allocated to DHCP client.
Page 53: Dhcp Server Ip Port Binding
User Manual Managed Switches 3.5.1.7 DHCP Server IP Port Binding If is required to assign a fixed IP address to a client, this page allows to statically bind each port of the switch to an IP address in a DHCP address pool. DHCP Mode Factory Setting...
Page 54: Dhcp Relay Agent (Option 82)
User Manual Managed Switches 3.5.2 DHCP Relay Agent (Option 82) The DHCP Relay Agent makes it possible for DHCP broadcast messages to be sent over routers. The DHCP Relay Agent enables DHCP clients to obtain IP addresses from a DHCP server on a remote subnet, or those that are not located on the local subnet.
Page 55: Dhcp Relay Statistics
User Manual Managed Switches they are not in the same subnet domain. Relay Information Mode Setting Description Factory Default Enabled / Indicates the DHCP relay information mode option Disabled Disabled operation. Enabled: When DHCP relay information is enabled, the agent inserts specific information (option 82) into a DHCP message when forwarding to a DHCP server and removes it from a DHCP message when transferring to a DHCP client.
Page 56: Dhcp Snooping
User Manual Managed Switches Server Statistics Transmit to Server The number of packets relayed from the client to the server. Transmit Error The number of packets that resulted in errors while being sent to clients. Receive from The number of packets received from the server. Server Receive Missing The number of packets received without agent information option.
Page 57 User Manual Managed Switches Snooping Mode Setting Description Factory Default Enabled / Indicates the DHCP snooping mode operation. Disabled Disabled Enabled: Activates DHCP snooping. When DHCP snooping is enabled, the DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports.
Page 58: Dhcp Snooping Table
User Manual Managed Switches 3.5.3.2 DHCP Snooping Table This page displays the dynamic IP assigned information after DHCP Snooping mode is disabled. All DHCP clients that obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses.
Page 59: Redundancy
User Manual Managed Switches The displayed table shows the following information for each port of the switch: Rx and Tx The number of discover packets received and transmitted. Discover Rx and Tx Offer The number of offer packets received and transmitted. Rx and Tx Request The number of request packets received and transmitted.
Page 60: The O-Ring Concept
User Manual Managed Switches When configuring a redundant ring, all switches on the same ring must be configured to use the same redundancy protocol. You cannot mix the O-Ring, MRP or STP/RSTP/MSTP protocols on the same ring. The following table lists the key differences between the features of each protocol. Use this information to evaluate the benefits of each, and then determine which features are most suitable for your network.
Page 61: Ring Coupling Configuration
User Manual Managed Switches these connection types is about 2 – 5 ms resulting in an overall self-healing time of the ring structure of about 10 ms. For copper-based Gigabit Ethernet connections the link loss detection is not used as trigger for ring topology change due to the physical design, as a link loss recognition takes a time of several hundred millisecond.
Page 62: Dual Homing Configuration
User Manual Managed Switches NOTE: Only for two switches of an O-Ring network one coupling port may be enabled. 3.6.2.3 Dual Homing Configuration Dual Homing provides a redundant connection between an O-Ring network and an RSTP network. For a Dual Homing connection on any two switches inside of the O-Ring network a Homing port needs to be selected and enabled.
Page 63 User Manual Managed Switches For O-Ring configuration one switch needs to be configured as Ring Master. However, if two or more switches are set as Ring Master, the switch with the lowest MAC address will be the actual Ring Master and the others will be Backup Masters. If O-Ring redundancy on involved switches will be configured and applied but without setting any switch as Ring Master, then a loop will arise causing heavy data traffic when closing the ring cabling.
Page 64: Media Redundancy Protocol (Mrp)
User Manual Managed Switches Coupling Port Setting Description Factory Default Coupling Port Select any port of the Switch to be the coupling port. Port 03 Status Description Factory Default Inactive Coupling Port disabled and this port is connected. Link down No connection in this port.
Page 65: The O-Chain Concept
User Manual Managed Switches If one of the other redundancy protocols O-Ring, O-Chain, MSTP/RSTP/STP or Fast Recovery shall be used as long PROFINET MRP is enabled, the selected PROFINET MRP ports may not be used. For checking or re-configuring current PROFINET MRP settings you need to use a PROFINET engineering tool like TIA Portal.
Page 66 User Manual Managed Switches Recovery time for O-Chain connected to Daisy Chain of Weidmüller’s Substation/Advanced Line switches OR to an O-Ring network of Substation/Advanced Line switches For both above illustrated scenarios the overall network healing time can be calculated roughly to around 40 ms based on a proprietary method to force a MAC address table update for all connected Weidmüller switches.
Page 67 User Manual Managed Switches those ports as RSTP Edge port because it is designed for host connection and do not allow passing any BPDU control packet. Interaction of O-Chain and RSTP network in terms of overall network topology update: • If the chain is healthy the O-Chain Edge port of the switch with lowest MAC address always becomes the blocking (discarding) state and the other Edge port will be the forwarding one.
Page 68: Stp / Rstp / Mstp
User Manual Managed Switches Explanation of ‘Setting’ and ‘Status’ items Chain Redundancy Setting Description Factory Default Enable Enable the O-Chain operation. Disable Disable Disable the O-Chain operation. Status Description Factory Default O-Chain redundancy disabled. Healthy The Chain is operating normally. Broken Any of the two links of the Chain is not connected.
Page 69 User Manual Managed Switches • The topology of a bridged network will be determined much more quickly compared to STP. • RSTP is backward compatible with STP, making it relatively easy to deploy. For example: • Defaults to sending 802.1D style BPDUs if packets with this format are received. •...
Page 70: How Stp Works
User Manual Managed Switches Bridge B Bridge A Bridge C What happens if a link failure is detected? As shown in next figure, the STP process reconfigures the network so that traffic from LAN segment 2 flows through bridge B. Bridge B Bridge A Bridge C...
Page 71 User Manual Managed Switches MAC address of the bridge and a priority defined for the bridge. For example, the default priority setting of Weidmüller switches is 32768. • Each port has a cost that specifies the efficiency of each link. The efficiency cost is usually determined by the bandwidth of the link, with less efficient links assigned a higher cost.
Page 72 User Manual Managed Switches • Bridge A has been selected as the Root Bridge, since it was determined to have the lowest Bridge Identifier on the network. • Since Bridge A is the Root Bridge, it is also the Designated Bridge for LAN segment 1. Port 1 on Bridge A is selected as the Designated Bridge Port for LAN Segment 1.
Page 73: Configuring Stp / Rstp / Mstp - Bridge Settings
User Manual Managed Switches STP/RSTP only depend on the physical connections, whilst MSTP configures separate Spanning Tree instances for different VLAN groups. The main concepts that are specific of MSTP when comparing with STP/RSTP are: • Multiple Spanning Tree Instances (MSTIs). An MST instance (MSTI) is a particular set of VLANs that are all using the same spanning tree.
Page 74 User Manual Managed Switches Basic Settings Protocol version Setting Description Factory Default The version of the STP protocol. Valid values are STP, STP / RSTP / MSTP MSTP RSTP and MSTP. Bridge Priority Setting Description Factory Default Controls the bridge priority. Lower numeric values have higher priority.
Page 75 User Manual Managed Switches Forward Delay (sec) Setting Description Factory Default Numerical value The amount of time this device waits before checking to input by user (4 to see if it should change to a different state. Max. Age (sec) Setting Description Factory Default...
Page 76: Msti Mapping
User Manual Managed Switches Port Error Recovery Timeout (sec) Setting Description Factory Default Numerical value input This field is only enabled if Port Error Recovery is by user (30 to 86400) checked. It sets the time to pass before a port in the None error-disabled state can be enabled.
Page 77: Msti Priorities
User Manual Managed Switches Configuration Revision Setting Description Factory Default Numerical value input by user (0 to The revision of the MSTI configuration named above. 65535) MSTI Mapping VLANs Mapped Setting Description Factory Default The list of VLANs mapped to the different MSTIs. The VLAN number by the VLANs must be separated with commas and/or space.
Page 78: Cist Ports
User Manual Managed Switches 3.6.5.6 CIST Ports This page allows the user to inspect and change the current CIST port configurations. For each port of the switch, the user can program the following parameters: STP Enabled Setting Description Factory Default Checked / Controls whether STP/RSTP is enabled on this switch Unchecked...
Page 79 User Manual Managed Switches Priority Setting Description Factory Default Scroll list with Configures the priority for ports having identical path cost. acceptable values Admin Edge Setting Description Factory Default Configures the operEdge flag to start as set or cleared (the initial operEdge state when a port is initialized). The operEdge is a flag indicating whether the port is Edge / Non-Edge Non-Edge...
Page 80: Msti Ports
User Manual Managed Switches Point-to-Point Setting Description Factory Default Auto Automatic detection if the link port is point to point or not (connected to a point-to-point LAN or to a shared media). Forced True The port link is point to point and then is a candidate for Auto rapid transition to the forwarding state.
Page 81: Bridge Status
User Manual Managed Switches Path Cost Setting Description Factory Default Configures the path cost incurred by the port. Auto will set the path cost according to the physical link speed by using the 802.1D-recommended values. Specific allows the user to enter a user-defined value (1 Auto / Specific to 200000000).
Page 82: Port Status
User Manual Managed Switches Port The port of the switch. Port ID The port identifier used by the STP protocol, consisting of the priority and the logical port index of the bridge port. Role The role of a port is assigned based on whether it is part of the active topology connecting the bridge to the root bridge (i.e., root port), connecting a LAN through the bridge to the root bridge (i.e., designated port);...
Page 83: Port Statistics
User Manual Managed Switches In the table shown on the page is displayed the following information for each port: CIST Role The current STP port role of the CIST port. The port role can be one of the following values: AlternatePort BackupPort RootPort...
Page 84: Fast Recovery
User Manual Managed Switches Port The switch port number of the logical STP port. MSTP The number of MSTP BPDUs transmitted/received on the port. RSTP The number of RSTP BPDUs transmitted/received on the port. The number of legacy STP Configuration BPDUs transmitted/received on the port.
Page 85: Virtual Lan
User Manual Managed Switches Mode Setting Description Factory Default Enabled/Disabled Select to enable the Fast Recovery function. Disabled Recovery Priority Setting Description Factory Default Select the priority (number from 1 to ‘Total number of ports’) of each port. The connected port with the highest Not included, 1 to Not included Total number of ports...
Page 86 User Manual Managed Switches Benefits of VLANs The main benefit of VLANs is that they provide a network segmentation system that is far more flexible than traditional networks. Using VLANs also provides you with three other benefits: • VLANs ease the relocation of devices on networks: With traditional networks, network administrators spend most of their time dealing with moves and changes.
Page 87: Configuring Virtual Lan
User Manual Managed Switches A typical host (e.g., clients) will be untagged members of one VLAN, defined as "Access Port" in the Weidmüller switch, while inter-switch connections will be tagged members of all VLANs, defined as "Trunk Port" in the Weidmüller switch. The IEEE Std 802.1Q-1998 defines how VLANs operate within an open packet-switched network.
Page 88 User Manual Managed Switches Global VLAN Configuration Allowed Access VLANs Setting Description Factory Default Numerical value This field shows the allowed Access VLANs, it only between 1 and affects ports configured as Access ports. Ports in 4095 other modes are members of the VLANs specified in the Allowed VLANs field (Port VLAN Configuration section).
Page 89 User Manual Managed Switches • The VLANs that a trunk port is member of may be limited by the use of Allowed VLANs • Frames classified to a VLAN that the port is not a member of are discarded • By default, all frames but frames classified to the Port VLAN (Native VLAN) get tagged on egress.
Page 90 User Manual Managed Switches Port type Ports in hybrid mode allow for changing the port type, that is, whether a frame's VLAN tag is used to classify the frame on ingress to a particular VLAN, and if so, which TPID it reacts on. Likewise, on egress, the Port Type determines the TPID of the tag, if a tag is required.
Page 91 User Manual Managed Switches Ingress Acceptance Hybrid ports allow for changing the type of frames that are accepted on ingress. Factory Setting Description Default Both tagged and untagged frames are accepted. See Port Tagged and Type for a description of when a frame is considered Untagged tagged.
Page 92: Vlan Membership Status
User Manual Managed Switches VLANs. 3.7.2.2 VLAN Membership Status This page provides an overview of membership status of VLAN users. User Type Setting Description Factory Default Scroll list with Various internal software modules may Combined acceptable user use VLAN services to configure VLAN types memberships on the fly.
Page 93 User Manual Managed Switches The following information is shown on the table: User Type Various internal software modules may use VLAN services to configure VLAN port configuration on the fly. It is possible to show VLAN memberships as configured by an administrator (Admin) or as configured by one of these internal software modules.
Page 94: Private Vlan Membership
User Manual Managed Switches while another requires all frames to be untagged on egress. Since both users cannot win, this gives rise to a conflict, which is solved in a prioritized way. The Administrator has the least priority. Other software modules are prioritized according to their position in the drop-down list: The higher in the list, the higher priority.
Page 95: Private Vlan Port Isolation
User Manual Managed Switches 3.7.2.5 Private VLAN Port Isolation This page is used for enabling or disabling port isolation on ports in a Private VLAN. A port member of a VLAN can be isolated to other ports on the same VLAN and Private VLAN. Port Number Setting Description...
Page 96: Gvrp Port Configuration
User Manual Managed Switches Leave-time Setting Description Factory Default Numerical value GVRP protocol timer. between 60 and 300 (hundreds of sec) LeaveAll-time Setting Description Factory Default Numerical value GVRP protocol timer. 1000 between 1000 and 5000 (hundreds of sec) Max VLANs Setting Description Factory Default...
Page 97: Snmp
User Manual Managed Switches For each port it has to be configured whether GVRP is enabled or not. Port Mode Setting Description Factory Default Disabled / GVRP Turns the GVRP feature off or on for the Disabled Enabled port in question. 3.8 SNMP Weidmüller managed Switches support SNMP V1, V2c, and V3.
Page 98 User Manual Managed Switches Mode Factory Setting Description Default Enabled/Disabled Enables or disables SNMP operation mode. Enabled Version Factory Setting Description Default Specifies the SNMP protocol version used to manage V1 / V2c / V3 the switch. Read Community (SNMPv1 and SNMP v2c only) Factory Setting Description...
Page 99: Snmp Trap
User Manual Managed Switches 3.8.2 SNMP Trap This page allows the user to configure the general SNMP traps. Mode Factory Setting Description Default Disabled/Enabled Enables or disables SNMP traps in the switch. Disabled Pressing the button Add New Entry the SNMP Trap configuration page appears.
Page 100 User Manual Managed Switches SNMP Trap Configuration Trap Config Name Factory Setting Description Default Max. 255 Indicates the trap Configuration’s name. None characters Trap Mode Factory Setting Description Default Disabled/Enabled Enables or disables SNMP traps in the switch. Disabled Trap Version Factory Setting Description...
Page 101 User Manual Managed Switches 2147 (sec) Trap Inform Retry Times Factory Setting Description Default Numerical value between 0 and Configures the retry times for SNMP trap inform Trap Probe Security Engine ID Factory Setting Description Default This field can only be programmed if the selected trap version is SNMPv3.
Page 102: Snmp Community Configuration
User Manual Managed Switches Authentication Factory Setting Description Default Enable/Disable the traps related with the SNMP Check/Uncheck Unchecked authentication failure event. Switch Factory Setting Description Default Enable/Disable the traps related with the STP Check/Uncheck Unchecked redundancy. 3.8.3 SNMP Community Configuration This page allows the user to configure SNMP community table.
Page 103 User Manual Managed Switches This page allows the user to configure SNMPv3 user table. The entry index keys are Engine ID and User Name. A default user is already created but is possible to create additional ones with different security levels. Press the button Add New Entry to create a new User.
Page 104: Snmp Groups Configuration
User Manual Managed Switches Authentication Password Factory Setting Description Default String between 8 and 32 characters A string identifying the authentication pass phrase. None (MD5) or between 8 and 40 (SHA) Privacy Protocol Factory Setting Description Default Encryption will be based on DES protocol. Encryption will be based on AES protocol.
Page 105: Snmp View Configuration
User Manual Managed Switches Security Name Factory Setting Description Default A string identifying the security name that this entry Max. 32 should belong to. This Security Name must be one of None characters the created users names in the SNMP Users Configuration option.
Page 106: Snmp Access Configuration
User Manual Managed Switches View Type Factory Setting Description Default Indicates that the created view subtree should be Included included. Exact Indicates that the created view subtree should be Excluded excluded. OID Subtree Factory Setting Description Default The object identifier (OID) value for the created view table.
Page 107: Rmon
User Manual Managed Switches Reserved for SNMPv2c. User-based Security Model (usm): SNMPv3. Accepted any Security model. Security Level This Security Level must be selected in accordance with the one defined for the User of the selected Group Name. Factory Setting Description Default NoAuth, NoPriv...
Page 108: Rmon History Configuration
User Manual Managed Switches Press the button Add New Entry to create a new entry to get RMON statistics in any port of the switch. Setting Description Factory Default Numeric value Indicates the index of the entry. None between 1 and 65535 Data Source Setting...
Page 109: Rmon Alarm Configuration
User Manual Managed Switches port 5, the value is 2000005. Interval Setting Description Factory Default Time between 1 Indicates the interval in seconds for sampling the 1800 and 3600 sec history statistics data. Buckets Setting Description Factory Default Numeric value Indicates the maximum data entries associated this between 1 and History control entry stored in RMON.
Page 110 User Manual Managed Switches InDiscards: The number of inbound packets that are discarded even the packets are normal. InErrors: The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. InUnknownProtos: the number of the inbound packets that were discarded because of the unknown or un-support protocol.
Page 111: Rmon Event Configuration
User Manual Managed Switches Rising Threshold Setting Description Factory Default Numeric value Rising threshold value. between -2 and 2 Rising Index Setting Description Factory Default Numeric value Rising event index. between 1 and 65535 Falling Threshold Setting Description Factory Default Numeric value Falling threshold value.
Page 112: Rmon Statistics Status
User Manual Managed Switches Desc Setting Description Factory Default Max. 127 Description of the event. None characters Type Setting Description Factory Default None The event is not notified. None SNMP log is created when the event is triggered. SNMPtrap SNMP trap is sent when the event is triggered. Logandtrap SNMP log is created and SNMP trap is sent when the event is triggered.
Page 113: Rmon History Status
User Manual Managed Switches The total number of events in which packets were dropped by the probe Drop due to lack of resources. The total number of octets of data (including those in bad packets) Octets received on the network. The total number of packets (including bad packets, broadcast packets, Pkts and multicast packets) received.
Page 114: Rmon Alarm Status
User Manual Managed Switches The page includes a table with the following information: History Index Indicates the index of History control entry. Sample Index Indicates the index of the data entry associated with the control entry. The value of sysUpTime at the start of the interval over which this sample Sample Start was measured.
Page 115: Rmon Event Status
User Manual Managed Switches Index field allows the user to select the starting point in the Statistics table. Clicking the Refresh button will update the displayed table starting from that or the next closest Statistics table match. The page includes a table with the following information: Indicates the index of Alarm control entry.
Page 116: Traffic Prioritization
User Manual Managed Switches Log Time Indicates Event log time LogDescripi Indicates the Event description. 3.10 Traffic Prioritization The Weidmüller switch’s traffic prioritization capability provides Quality of Service (QoS) to your network by making data delivery more reliable. You can prioritize traffic on your network to ensure that high priority data is transmitted with minimum delay.
Page 117 User Manual Managed Switches IEEE 802.1p IEEE 802.1D Traffic Type Priority Level Best Effort (default) Background Standard (spare) Excellent Effort (business critical) Controlled Load (streaming multimedia) Video (interactive media); less than 100 milliseconds of latency and jitter Voice (interactive voice); less than 10 milliseconds of latency and jitter Network Control Reserved traffic Even though the IEEE 802.1D standard is the most widely used prioritization scheme in the LAN environment, it still has some restrictions:...
Page 118: Storm Control
User Manual Managed Switches • As the 802.1p priority levels are fixed to the traffic queues, the packet will be placed in the appropriate priority queue, ready for transmission through the appropriate egress port. When the packet reaches the head of its queue and is about to be transmitted, the device determines whether or not the egress port is tagged for that VLAN.
Page 119: Port Classification
User Manual Managed Switches and 1-1024 when "Unit" is kfps. The rate is internally rounded up to the nearest value supported by the global storm policer. Unit Setting Description Factory Default fps / kfps Controls the unit of measure for the storm control rate.
Page 120 User Manual Managed Switches The following settings can be applied to any port of the switch: Setting Description Factory Default 0 to 7 Controls the default class of service. All frames are classified to a CoS. There is a one to one mapping between CoS, queue and priority.
Page 121: Port Tag Remarking
User Manual Managed Switches Disabled Disabled: Use default QoS class and DP level for tagged frames. Enabled: Use mapped versions of PCP and DEI for tagged frames. Click on the mode to configure the mode and/or mapping. This setting has no effect if the port is VLAN unaware.
Page 122: Port Dscp
User Manual Managed Switches The user can set the tag remarking mode of each port: Tag Class Setting Description Factory Default Classified / Shows the tag remarking mode for this port: Disabled Default / Classified: Use classified PCP/DEI values. Mapped Default: Use default PCP/DEI values.
Page 123 User Manual Managed Switches Ingress Translate Setting Description Factory Default Check / Check to enable ingress translation. Unchecked Uncheck Ingress Classify Setting Description Factory Default Disable / The classification of a port has four different values: Disable DSCP=0 / Disable: No ingress DSCP classification. Selected / All DSCP=0: Classify if incoming (or translated if enabled) DSCP is 0.
Page 124: Port Policing
User Manual Managed Switches translation window for the specific DSCP. All: Classify all DSCP. Egress Rewrite Setting Description Factory Default Disable / Enable Port egress rewriting can be one of the following Disable / Remap DP options: Unaware / Disable: No egress rewrite. Remap DP Enable: Rewrite enable without remapping.
Page 125 User Manual Managed Switches Enable Setting Description Factory Default Check / Check to enable the policer on the switch port. Unchecked Uncheck Rate Setting Description Factory Default Numerical value Configures the rate of each policer. This value is restricted to 100 to 3276700 when the Unit is kbps or fps, and is restricted to 1 to 3276 when the Unit is Mbps or kfps.
Page 126: Queue Policing
User Manual Managed Switches Unit Setting Description Factory Default kbps / Mbps / Configures the unit of measure for each policer rate. kbps fps / kfps Flow Control Setting Description Factory Default Check / If enabled and the port is in Flow Control mode, then Unchecked Uncheck pause frames are sent instead of being discarded.
Page 127: Port Scheduler
User Manual Managed Switches Enable Setting Description Factory Default Check / Check to enable the queue policer on the switch port. Unchecked Uncheck Rate Setting Description Factory Default Numerical value Configures the rate for the queue policer. This value is restricted to 100-3276700 when "Unit" is kbps, and 1-3276 when "Unit"...
Page 128 User Manual Managed Switches When clicking on any port number, a new page is loaded to configure the Scheduler and Shapers for that specific port of the switch.
Page 129 User Manual Managed Switches Scheduler Mode Setting Description Factory Default Strict Priority / Configures the scheduler mode on this switch port. Strict Priority 6 Queues Weighted Queue Shaper Enable Setting Description Factory Default Check / Controls whether the queue shaper is enabled for Unchecked Uncheck this queue on this switch port.
Page 130: Port Shaper
User Manual Managed Switches "6 Queues Weighted". Port Shaper Enable Setting Description Factory Default Check / Unchecked Controls whether the port shaper is enabled for this switch Uncheck port. Queue Shaper Rate Setting Description Factory Default Numerical value Controls the rate for the port shaper. This value is restricted to 100-3281943 when "Unit"...
Page 131: Dscp-Based Qos
User Manual Managed Switches When clicking on any port number, a new page is loaded to configure the Scheduler and Shapers for that specific port of the switch. The page is the same one loaded from the Port Scheduler option and all its settings are already explained in the previous section of this manual.
Page 132: Dscp Translation
User Manual Managed Switches Setting Description Factory Default 0 to 1 Drop precedence level (DP). A DP level of 0 corresponds to committed frames and a DP level of 1 corresponds to discard eligible frames. 3.10.10 DSCP Translation This page allows the user to configure QoS DSCP translation settings for the switches. DSCP translation can be done in Ingress or Egress.
Page 133: Dscp Classification
User Manual Managed Switches Ingress Classification Setting Description Factory Default Check / Check to enable classification at ingress side. Unchecked Uncheck Egress Remap DP0 and DP1 Setting Description Factory Default 0 to 63 Controls the remapping for frames with DP level 0 0 to 63 and DP level 1.
Page 134: Qos Control List
User Manual Managed Switches For the actual QoS (0 to 7) the user can set the classified DSCP value. DSCP DP0 and DP1 Setting Description Factory Default 0 to 63 Select the classified DSCP value for frames with Drop Precedence Level 0 and Drop Precedence Level 1.
Page 135 User Manual Managed Switches Port Members Setting Description Factory Default Check/Uncheck A row of check boxes for each port. Checked Check the box to include the port in the QCL entry. Key Parameters - DMAC Setting Description Factory Default Any / Unicast / Indicates the destination MAC address Multicast / for incoming frames.
Page 136 User Manual Managed Switches Key Parameters - PCP Setting Description Factory Default Any / 0 to 7 / Valid value of Priority Code Point (PCP). ranges Can be any value in the range 1-7 or ‘Any’. Key Parameters - DEI Setting Description Factory Default...
Page 137 User Manual Managed Switches Key Parameters – Frame Type – IPv4 Setting Description Factory Default Protocol TCP, UDP, Other (value from 0 to 255) or ‘Any’. When selecting TCP or UDP, the following additional parameters have to be configured: Sport (Source TCP/UDP Port): Specific value (0 to 65535) or ‘Any’.
Page 138: Qos Statistics
User Manual Managed Switches Action Parameters – DPL Setting Description Factory Default Default, 0 or 1 Drop Precedence Level 0, 1 or Default. Default 'Default' means that the default classified value is not modified by this QCE. Action Parameters – DSCP Setting Description Factory Default...
Page 139: Qcl Status
User Manual Managed Switches 3.10.14 QCL Status This page shows the QCL (Quality of Service Control List) status by different QCL users. Each row describes the QCE (Quality of Service Control Entry) that is defined. The maximum number of QCEs is 256 on each switch.
Page 140: Multicast
User Manual Managed Switches Indicates the type of frame to look for incoming frames. Possible frame types are: Any: The QCE will match all frame type. Ethernet: Only Ethernet frames (with Ether Type 0x600-0xFFFF) are Frame Type allowed. LLC: Only (LLC) frames are allowed. SNAP: Only (SNAP) frames are allowed.
Page 141 User Manual Managed Switches Benefits of Multicast The benefits of using IP multicast are: • It uses the most efficient, sensible method to deliver the same information to many receivers with only one transmission. • It reduces the load on the source (for example, a server) since it will not need to produce several copies of the same data.
Page 142 User Manual Managed Switches Network with multicast filtering Hosts only receive dedicated traffic from other hosts belonging to the same group. The Weidmüller switch supports both automatic multicast filtering with IGMP (Internet Group Management Protocol) Snooping and manual multicast filtering by adding static multicast IP addresses.
Page 143: Igmp Snooping Basic Configuration
User Manual Managed Switches • When the report packet arrives at a port on a switch with IGMP Snooping enabled, the switch knows that the port should forward traffic for the multicast group, and then proceeds to forward the packet to the router. •...
Page 144 User Manual Managed Switches Global Configuration Snooping Enabled Setting Description Factory Default Check/Uncheck Enable the IGMP Snooping function globally. Unchecked Unregister IPMCv4 Flooding Enabled Setting Description Factory Default Check/Uncheck Enable unregistered IPMCv4 traffic flooding. Checked The flooding control takes effect only when IGMP Snooping is enabled.
Page 145: Igmp Snooping Vlan Configuration
User Manual Managed Switches Fast Leave Setting Description Factory Default Check/Uncheck Enable the fast leave on the port. Unchecked System will remove group record and stop forwarding data upon receiving the leave message without sending last member query messages. It is recommended to enable this feature only when a single IGMPv2 host is connected to the specific port.
Page 146 User Manual Managed Switches Querier Address Setting Description Factory Default IP address Define the IPv4 address as source address used in IP None header for IGMP Querier election. When the Querier address is not set, system uses IPv4 management address of the IP interface associated with this VLAN.
Page 147: Igmp Snooping Status
User Manual Managed Switches LLQI Setting Description Factory Default 1 to 31774 (tenths Last Member Query Interval. It is the time value 10 (1 sec) of sec) represented by the Last Member Query Interval, multiplied by the Last Member Query Count. Setting Description Factory...
Page 148: Igmp Snooping Group Information
User Manual Managed Switches Querier Received The number of received queriers. V1 Reports The number of received V1 reports. Received V2 Reports The number of received V2 reports. Received V3 Reports The number of received V3 reports. Received V2 Leaves The number of received V2 leave packets.
Page 149: Igmp Snooping Port Group Filtering
User Manual Managed Switches The following information can be displayed on the page: VLAN ID VLAN ID of the group. Groups Group address of the group displayed. Port Switch port number. Indicates the filtering mode maintained per basis (VLAN ID, port number, Mode Group Address).
Page 150: Ipmc Profile Configurations
User Manual Managed Switches For each port of the switch, the user can select the Filtering profile: Filtering profile Setting Description Factory Default Select IPMC Select the IPMC Profile as the filtering condition for None profile entry from the specific port. Summary about the designated a list profile will be shown by clicking the view button.
Page 151: Ipmc Profile Address Configuration
User Manual Managed Switches Rule Setting Description Factory Default Rule setting When the profile is created, click the edit button to None enter the rule setting page of the designated profile. Summary about the designated profile will be shown by clicking the view button. You can manage or inspect the rules of the designated profile by using the following buttons: : List the rules associated with the designated...
Page 152: Security
User Manual Managed Switches 3.12 Security Security can be categorized in two levels: the user name/password level, and the port access level. For both levels Weidmüller switches provide a wide range of options that allow the user to meet the security requirements of different applications.
Page 153 User Manual Managed Switches an EAP Request/Identity frame to ask for the username of the supplicant. The following actions are described below: 1. When the supplicant receives an "EAP Request/Identity" frame, it sends an "EAP Response/Identity" frame with its username back to the authenticator. 2.
Page 154: Device Binding
User Manual Managed Switches 3.12.1 Device Binding This page provides Device Binding related configuration. Device Binding is a powerful monitor tool for devices and network security. Function State Setting Description Factory Default Enabled/Disabled Enable/Disable Device Binding. Disabled Mode Setting Description Factory Default --- / Scan /...
Page 155: Alias Ip Address
User Manual Managed Switches Alive Check Active / Status Setting Description Factory Default Enable/Disable When enabled, the switch will ping the device Disabled continuously. The Status column indicates the alive check status: Got Reply: Receiving ping reply from device. Lost Reply: Not receiving ping reply from device. Stream Check Active / Status Setting Description...
Page 156: Alive Check
User Manual Managed Switches Alias IP Address Setting Description Factory Default IP address Specify Alias IP address. Keep "0.0.0.0", if the device None doesn't have alias IP address. 3.12.1.2 Alive Check This page provides additional configuration options for the Alive Check function on each port.
Page 157 User Manual Managed Switches Mode Setting Description Factory Default Enable / Disable Enable or Disable (---) the Alive Check option on the --- (Disabled) port. Note: If the Binding function is not enabled on a port, it will not be possible to enable the Alive Check option. Binding function is enabled in the Device Binding page.
Page 158: Ddos Prevention
User Manual Managed Switches Status Setting Description Factory Default Information only Indicates the Alive Check status. --- (Disabled) ---: Disabled Got Reply: Receiving ping reply from device. Lost Reply: Not receiving ping reply from device. 3.12.1.3 DDOS Prevention This page provides DDOS (Distributed Denial of Service) Prevention related configuration options. The switch could monitor the ingress packets and do some actions when DDOS attack happened on any specific port.
Page 159 User Manual Managed Switches Sensibility Setting Description Factory Default Low / Normal / Indicates the level of DDOS detection. Possible levels Normal Medium / High are: Low: Low sensibility. Normal: Normal sensibility. Medium: Medium sensibility. High: High sensibility. Packet Type Setting Description Factory...
Page 160: Device Description
User Manual Managed Switches Status Setting Description Factory Default Information only Indicates the DDOS Prevention status. --- (Disabled) ---: Disabled Analyzing: Analyze the packet throughput for initialization. Running: Function ready. Attacked: DDOS attack happened. 3.12.1.4 Device Description From this option it can be specified a description and a location for each port to help administrators differentiate between different ports.
Page 161: Stream Check
User Manual Managed Switches Location Address Setting Description Factory Default Max. of 128 Description of the location of the device connected to None characters the port. Description Setting Description Factory Default Max. of 128 Description of the device connected to the port. None characters 3.12.1.5 Stream Check...
Page 162: Ip Source Guard
User Manual Managed Switches Action Setting Description Factory Default --- / Log it Indicates the action when stream getting low. The --- (Disabled) possible actions to be configured are: ---: No action Log it: Log the event. Status Setting Description Factory Default Information only...
Page 163: Static Ip Source Guard Table
User Manual Managed Switches IP Source Guard Configuration Mode Setting Description Factory Default Enabled/Disabled Enable or Disable the IP Source Guard function Disabled globally in the switch. All configured ACEs (Access Control Entries) will be lost when the mode is enabled. The button Translate dynamic to static translates all dynamic entries to static entries (see following sections Static and Dynamic IP Source Guard Tables).
Page 164: Dynamic Ip Source Guard Table
User Manual Managed Switches VLAN ID Setting Description Factory Default 1 to 4095 The VLAN ID for the entry. None IP Address Setting Description Factory Default IP address Allowed source IP address for the entry. None MAC Address Setting Description Factory Default MAC address...
Page 165: Acl Ports Configuration
User Manual Managed Switches 3.12.3.1 ACL Ports Configuration This option allows the user to configure the ACL parameters of each switch port. These parameters will affect frames received on a port unless the frame matches a specific ACE. The parameters that can be configured for each port of the switch are: Policy ID Setting Description...
Page 166: Acl Rate Limiter Configuration
User Manual Managed Switches Port Redirect Setting Description Factory Default Disabled / Port Select which port frames are redirected on. It can't be Disabled number set when action is permitted. Mirror Setting Description Factory Default Enabled/Disabled Specifies the mirror operation of this port. Disabled Enabled: Frames received on the port are mirrored.
Page 167: Acl Configuration
User Manual Managed Switches For each Rate Limited ID (1 to 16) it has be configured the maximum data rate. Rate Setting Description Factory Default Maximum rate The valid rate is 0-3276700 in pps or 0, 100, 200, 300, ..., 1000000 in kbps. Unit Setting Description...
Page 168 User Manual Managed Switches all ingress ports) or “Port” (the ACE will match a specific ingress port). Policy / Bitmask Indicates the policy number and bitmask of the ACE. Indicates the frame type of the ACE. Possible types are: Any: The ACE will match any frame type. Ethernet Type: The ACE will match Ethernet type frames.
Page 169 User Manual Managed Switches Ingress Port Setting Description Factory Default Any / Port n Select the ingress port for which this ACE applies: All: The ACE applies to any port. Port n: The ACE applies to this port number, where n is the number of the switch port. Policy Filter Setting Description...
Page 170 User Manual Managed Switches 802.1Q Tagged Setting Description Factory Default Any / Enabled / Specify whether frames can hit the action of this ACE Disabled according to the 802.1Q tagging. Any: Any value is allowed. Enabled: Tagged frame only. Disabled: Untagged frame only. VLAN ID Filter Setting Description...
Page 171 User Manual Managed Switches Mirror Setting Description Factory Default Enabled/Disabled Specify the mirror operation of this port. When Disabled Enabled, frames matching the ACE are mirrored to the destination mirror port. The rate limiter will not affect frames on the mirror port. When isabled, frames received on the port are not mirrored.
Page 172 User Manual Managed Switches DMAC Filter Setting Description Factory Default Any / MC / BC / Specify the destination MAC address filter for this UC / Specific ACE. Any: No DMAC address filter is specified. MC: Frame must be multicast. BC: Frame must be broadcast.
Page 173 User Manual Managed Switches Sender IP Filter Setting Description Factory Default Any / Host / Specify the sender IP filter for this ACE. Network Any: No sender IP filter is specified. Host: Sender IP filter is set to Host. Specify the sender IP address in the SIP Address field that appears.
Page 174 User Manual Managed Switches IP/Ethernet Length Setting Description Factory Default Any / 0 / 1 Specify whether frames can hit the action according to their ARP/RARP hardware address length (HLN) and protocol address length (PLN) settings. Any: Any value is allowed. 0: ARP/RARP frames where the HLN is not equal to Ethernet (0x06) or the (PLN) is not equal to IPv4 (0x04).
Page 175 User Manual Managed Switches IP TTL Setting Description Factory Default Any / Non-zero / Specify the Time-to-Live settings for this ACE. Zero Any: Any value is allowed. Zero: IPv4 frames with a Time-to-Live field greater than zero must not be able to match this entry. Non-zero: IPv4 frames with a Time-to-Live field greater than zero must be able to match this entry.
Page 176 User Manual Managed Switches DIP Filter Setting Description Factory Default Any / Host / Specify the destination IP filter for this ACE. Network Any: No destination IP filter is specified. Host: Destination IP filter is set to Host. Specify the destination IP address in the DIP Address field that appears.
Page 177 User Manual Managed Switches ICMP parameters If the type of frame selected is IPv4/ICMP or IPv6/ICMP, several additional parameters can be programmed: ICMP Type Filter Setting Description Factory Default Any / Specific Specify the ICMP filter for this ACE. Any: No ICMP filter is specified. Specific: A field for entering an ICMP value (0 to 255) appears.
Page 178 User Manual Managed Switches TCP FIN Setting Description Factory Default Any / 0 / 1 Specify the TCP "No more data from sender" (FIN) value for this ACE. Any: Any value is allowed ("don't-care"). 0: TCP frames where the FIN field is set must not be able to match this entry.
Page 179: Acl Status
User Manual Managed Switches TCP ACK Setting Description Factory Default Any / 0 / 1 Specify the TCP "Acknowledgment field significant" (ACK) value for this ACE. Any: Any value is allowed ("don't-care"). 0: TCP frames where the ACK field is set must not be able to match this entry.
Page 180: Authentication, Authorization And Accounting (Aaa)
User Manual Managed Switches Filter: Frames matching the ACE are filtered. Rate Limiter Indicates the rate limiter number of the ACE. The allowed range is 1 o 16. When Disabled is displayed, the rate limiter operation is disabled. Mirror Indicates if the Mirror operation is included in the ACE (Enabled). When Disabled is displayed, the mirror operation is disabled.
Page 181 User Manual Managed Switches Retransmit Setting Description Factory Default 1 to 1000 Number of times, in the range 1 to 1000, a RADIUS request is retransmitted to a server that is not responding. If the server has not responded after the last retransmit it is considered to be dead.
Page 182 User Manual Managed Switches Server Configuration Press the button Add New Server to add and configure a RADIUS server. Up to 5 servers are supported. The parameters that have to be configured for each server are: Hostname Setting Description Factory Default IP address The IP address of the RADIUS server.
Page 183: Tacacs+ Server Configuration
User Manual Managed Switches 3.12.4.2 TACACS+ Server Configuration This page allows the user to configure the TACACS+ servers. Global Configuration Timeout Setting Description Factory Default 1 to 1000 (sec) Number of seconds to wait for a reply from a TACACS+ server before retransmitting the request. Deadtime Setting Description...
Page 184: Radius Overview
User Manual Managed Switches Hostname Setting Description Factory Default IP address The IP address of the TACACS+ server. None Port Setting Description Factory Default Port The TCP port to use on the TACACS+ server for authentication. Timeout Setting Description Factory Default 1 to 1000 (sec) This optional setting overrides the global timeout...
Page 185: Radius Details
User Manual Managed Switches Dead (X seconds left): Access attempts were made to this server but it did not reply within the configured timeout. The server has temporarily been disabled but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled.
Page 186: Network Access Server (802.1X)
User Manual Managed Switches 3.12.5 Network Access Server (802.1X) The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication. One or more central servers (the backend servers determine whether the user is allowed access to the network.
Page 187 User Manual Managed Switches Reauthentication Enabled Setting Description Factory Default Check / Uncheck Determines if connected clients must be Unchecked reauthenticated (checked) or not (unchecked). Reauthentication Period Setting Description Factory Default 1 to 3600 (sec) Period, in seconds, after which a connected client 3600 must be reauthenticated.
Page 188 User Manual Managed Switches Hold Time Setting Description Factory Default 10 to 1000000 This setting applies to the following modes Modes (sec) defined in Port Configuration (described below global settings): • Single 802.1X • Multi 802.1X • MAC-Based Auth. If a client is denied access, either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the RADIUS configuration page),...
Page 189 User Manual Managed Switches Guest VLAN Enabled Setting Description Factory Default Check / Uncheck The "Guest VLAN Enabled" checkbox provides a Unchecked quick way to globally enable/disable Guest VLAN functionality. When checked, the individual ports setting determines whether the port can be moved into Guest VLAN.
Page 190 User Manual Managed Switches Port Configuration Admin State Setting Description Factory Default Force Authorized If NAS is globally enabled, this selection controls the Force / Force port's authentication mode. The following modes are Authorized Unauthorized / available: • Force Authorized: In this mode, the switch will send Port-based 802.1X / Single one EAPOL Success frame when the port link comes...
Page 191 User Manual Managed Switches requests sent from the switch. The maximum number of supplicants that can be attached to a port can be limited using the Port Security Limit Control functionality. • MAC-based Auth: Unlike port-based 802.1X, MAC-based authentication is not a standard, but merely a best-practices method adopted by the industry.
Page 192 User Manual Managed Switches RADIUS-Assigned VLAN Enabled Setting Description Factory Default Check / Uncheck When RADIUS-Assigned VLAN is both globally Unchecked enabled and enabled (checked) for a given port, the switch reacts to VLAN ID information carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated.
Page 193: Network Access Server (Nas) Switch Status
User Manual Managed Switches Port state Setting Description Factory Default Information only The current state of the port. It can undertake one of Globally the following values: Disabled • Globally Disabled: NAS is globally disabled. • Link Down: NAS is globally enabled, but there is no link on the port.
Page 194: Network Access Server (Nas) Statistics
User Manual Managed Switches The table displayed on the page shows the following information: Port The switch port number. Click to navigate to detailed NAS statistics for this port. Admin State The port's current administrative state. Possible values already explained in previous section (Admin State).
Page 195 User Manual Managed Switches System Configuration Mode Setting Description Factory Default Enabled / Enable or Disable the Global limit control on the Disabled Disabled switch. Aging Enabled Setting Description Factory Default Check / Uncheck If checked, secured MAC addresses are subject to Unchecked aging according to the ‘Aging Period’...
Page 196 User Manual Managed Switches Aging Period Setting Description Factory Default 10 to 10000000 If Aging is enabled (checked) the user can specify the 3600 (sec) aging period of the MAC addresses in seconds. Port Configuration Mode Setting Description Factory Default Enabled / Controls whether Limit Control is enabled on this port.
Page 197: Port Security Status
User Manual Managed Switches State Setting Description Factory Default Information only This column shows the current state of the port as Disabled seen from the Limit Control's point of view. The state takes one of the following four values: Disabled: Limit Control is either globally disabled or disabled on the port.
Page 198 User Manual Managed Switches User Module Legend The table displayed shows the following information: User Module Name The full name of a user module that may request Port Security services. Abbr A one-letter abbreviation of the user module. This is used in the Users column in the Port Status table.
Page 199: Port Status
User Manual Managed Switches Shutdown: The Port Security service is enabled by at least the Limit Control user module and that module has indicated that the limit is exceeded. No MAC addresses can be learned on the port until it is administratively re-opened.
Page 200: Configuring Relay Warnings
User Manual Managed Switches 3.13.1 Configuring Relay Warnings The Fault Relay Alarm function uses relay output to alert the user when certain user-configured events take place. Configuring Relay Warning Events Settings Alarm event types can be divided into two basic groups: Power Failure and Port Link Down/Broken.
Page 201: Configuring Email Warning
User Manual Managed Switches Warning Relay output is triggered when… Power Failure PWR 1 No power input in the first power supply module of the switch. PWR 2 No power input in the second power supply module of the switch. Warning e-mail is sent when…...
Page 202: Email Settings
User Manual Managed Switches Event Types can be divided into two basic groups: System Events and Port Events. System Events are related to the overall function of the switch, whereas Port Events are related to the activity of a specific port. NOTE: For each event the user can decide if a log is registered (SYSLOG) and/or if a warning Email is sent (SMTP).
Page 203: Syslog Setting
User Manual Managed Switches E-mail Alert Setting Description Factory Default Enabled or Enable or disable the Email warning function. Disabled Disabled SMTP Server Address Setting Description Factory Default IP address The IP Address of your email server. 0.0.0.0 Sender E-mail Address Setting Description Factory...
Page 204: Monitoring And Diag
User Manual Managed Switches Server Mode Setting Description Factory Default Client(Local) Events are logged only in the switch. Client(Local) Client(Local) and Events are logged in the switch and in a remote Server(Remote) SYSLOG server. Server Address Setting Description Factory Default IP address The IP address of Syslog Server used by your None...
Page 205 User Manual Managed Switches Aging Configuration Disable Automatic Aging Setting Description Factory Default Check / Uncheck By default, dynamic entries are removed from the Unchecked MAC table after 300 seconds. This removal is called aging. It is possible to de-activate the automatic aging of dynamic entries by checking Disable Automatic Aging.
Page 206: Mac Address Table Status
User Manual Managed Switches NOTE: If the setting of the port for the MAC Table Learning is Secure, make sure the link used for managing the switch is added to the static MAC table before saving. Otherwise the management link will be lost and can only be restored by using another non-secure port, by connecting to the switch via the serial interface or by restoring the default values.
Page 207: Port Statistics Overview
User Manual Managed Switches The page includes a table with the following information: Type Indicates whether the entry is static or dynamic. VLAN The VLAN ID of the entry. MAC Address The MAC address of the entry. Port Members The ports that are members of the entry. 3.14.3 Port Statistics Overview This page provides an overview of general traffic statistics for all switch ports.
Page 208: Detailed Port Statistics
User Manual Managed Switches The number of frames received in error and the number of incomplete Errors transmissions per port. Drops The number of frames discarded due to ingress or egress congestion. Filtered The number of received frames filtered by the forwarding process. The Clear button allows the user to reset all the port counters.
Page 209: Port Monitoring
User Manual Managed Switches Receive and Transmit Queue Counters The number of received and transmitted packets per input and output queue. Receive Error Counters Rx Drops The number of frames dropped due to lack of receive buffers or egress congestion. Rx CRC/Alignment The number of frames received with CRC or alignment errors.
Page 210 User Manual Managed Switches Mode Setting Description Factory Default Enabled or Enable or disable the Mirroring or Remote mirroring Disabled Disabled function. Type Setting Description Factory Default Mirror The source port(s) and destination port are located on Mirror this switch. Source (RMirror) The source port(s) and intermediate port(s) are located on this switch.
Page 211 User Manual Managed Switches Intermediate The intermediate ports are located on this switch. (RMirror) Destination The destination port(s) and intermediate port(s) are (RMirror) located on this switch. VLAN ID Setting Description Factory Default 1 to 4095 When Remote Mirroring is activated, the VLAN ID points out where the monitor packet will copy to.
Page 212: System Log Information
User Manual Managed Switches Mode Setting Description Factory Default Check / Uncheck Select destination port. The destination port is a port Unchecked of the switch where is received a copy of traffic from the source port. 3.14.6 System Log Information This page shows the Event Log Table stored in the switch.
Page 213: Veriphy Cable Diagnostics
User Manual Managed Switches 3.14.7 VeriPHY Cable Diagnostics This page allows the user to perform Cable Diagnostics tests on copper wires. Press the Start button to run the diagnostics. When completed, the page refreshes automatically and the cable diagnostics results are shown in the cable status table. NOTE: The VeriPHY diagnostics tool is only accurate for cables 7 - 140 meters long.
Page 214: Sfp Monitor
User Manual Managed Switches Cross B - Abnormal cross-pair coupling with pair B Cross C - Abnormal cross-pair coupling with pair C Cross D - Abnormal cross-pair coupling with pair D Length The length (in meters) of the cable pair. The resolution is 3 meters. 3.14.8 SFP Monitor Optical fiber is commonly used for long distance data transmission.
Page 215: Sfp Type
User Manual Managed Switches Event Alarm Setting Description Factory Default Syslog Check to register the event in Syslog. Unchecked 3.14.9 SFP Type Besides the monitoring parameters described in the previous section, general information about the SFP transceivers can also be obtained from the web interface. Parameter Description Port...
Page 216: Ptp Synchronization
User Manual Managed Switches 3.15 PTP Synchronization IEEE Std 1588-2008 specifies the second generation of the Precision Time Protocol (PTP), which is also known as “PTPv2” or “1588v2”. This is capable of very accurate time synchronization by using special Ethernet hardware that records the exact time a PTP synchronization message is received at the Ethernet card.
Page 217 User Manual Managed Switches Device Type Setting Description Factory Default Inactive / Indicates the Type of the Clock Instance. There are Inactive Ord-Bound / five Device Types. P2pTransp / Ord-Bound: Clock's Device Type is E2eTransp / Ordinary-Boundary Clock. Mastronly / P2p Transp: Clock's Device Type is Peer to Peer Slaveonly Transparent Clock.
Page 218 User Manual Managed Switches Clock Type and Profile The clock instance, device type and selected profile is shown. If the clock has been configured to use a profile (eg: 1588), clicking the Apply button will reset configured values to profile defaults. Port Enable and Configuration Select (check) the ports configured for this Clock Instance and click on Ports Configuration to edit all the data settings.
Page 219: Ptp Clock Status
User Manual Managed Switches Announce/Sync messages. The request is repeated from the slave each Duration/4 seconds. IP Address Setting Description Factory Default IP address The IPv4 address of the master clock. None Grant Setting Description Factory Default Information only The granted repetition period for the sync message. None CommState Setting...
Page 220: Factory Default
User Manual Managed Switches is shown in all the pages of the web interface. It means the changes would be lost after restarting the switch. The button Save as Startup Configuration permanently saves the applied changes to flash memory. In this web page is also possible to activate the factory default configuration or startup configuration (last saved configuration) to the switch.
Page 221: System Reboot
User Manual Managed Switches Reset to Factory Defaults The user has the possibility to restore to factory defaults both the running and startup (flash) configuration but keeping the current IP address and username / password settings. Behavior External Reset Button Pressing the reset button located in front of the switch for more than five seconds will always restore the running configuration of the switch to factory defaults but the user can also select if the startup configuration is also restored to default values or not by this action.
Page 222: Downloads (Software And Documentation)
User Manual Managed Switches A. Downloads (Software and Documentation) Using below described link you can download following items: • Firmware Upgrades • Private MIB files • EDS file • GSDML file • Documentation (User Manual and Hardware Installation Guide) Download via Product Catalogue (Online Catalogue) •...
Page 223: Modbus Register Table
User Manual Managed Switches B. Modbus Register Table Registers can be read via ID = 1 and function code 4 (Input register). Register Register Max Data Tag name address address Data Type Length Setting (Description) (HEX) (DEC) (Words) System Information Vendor 0x0000 Word...
Page 224 User Manual Managed Switches Packets Information Port Tx Packets 0x2000~ 8192 Word Eg. 0x44332211: Packet amount = 44332211 Word 0 = 4433 Word 1 = 2211 Port Rx Packets 0x2100~ 8448 Word Eg. 0x44332211: Packet amount = 44332211 Word 0 = 4433 Word 1 = 2211 Port Tx Error 0x2200~...
Page 225 User Manual Managed Switches 0xFFFF: Not Enabled O-Chain 2 0x3702 14082 Word 0x0002: Link Down Port Status 0x0003: Blocked 0x0005: Forwarding 0xFFFF: Not Enabled...

Weidmüller Substation IE-SW-SL26M-24TX-2GC Manual

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Weidmüller Substation IE-SW-SL26M-24TX-2GC

Summary of Contents for Weidmüller Substation IE-SW-SL26M-24TX-2GC

Table of Contents