Related Manuals for Weidmüller SubstationLine IE-SW-SL20M-8GT-12GESFP
Summary of Contents for Weidmüller SubstationLine IE-SW-SL20M-8GT-12GESFP
- Page 1 Industrial Ethernet IEC-61850-3 Switches Manual IE-SW-SL20M-8GT-12GESFP SubstationLine Fifth Edition, March 2025...
-
Page 2: Copyright Notice
Industrial Ethernet managed Switches Manual The software described in this manual is furnished under a license agreement and may be used only in accordance with the terms of that agreement. Copyright Notice Copyright ©2016 Weidmüller Interface GmbH & Co. KG All rights reserved. -
Page 3: Table Of Contents
User Manual Managed Switches Table of Contents 1. About this Manual ..................... 6 2. Getting Started ....................6 2.1 Hardware features ........................6 2.2 Software features ........................7 3. Web Management ....................8 3.1 Accessing the Web interface via HTTP ................8 3.2 Accessing the Web interface via HTTPS ................ - Page 4 User Manual Managed Switches 3.4.2.4 LACP Port Status ....................44 3.4.2.5 LACP Statistics ...................... 45 3.4.2.6 Aggregation Status ....................45 3.4.3 Loop Protection ......................46 3.4.3.1 Configuration......................46 3.4.3.2 Status ........................47 3.5 DHCP Server/Relay ......................48 3.5.1 DHCP Server ......................... 48 3.5.1.1 DHCP Server Mode Configuration.................
- Page 5 User Manual Managed Switches 3.7.1 The Virtual LAN (VLAN) Concept .................. 86 3.7.2 Configuring Virtual LAN ....................88 3.7.2.1 VLAN Membership ....................88 3.7.2.2 VLAN Membership Status ..................93 3.7.2.3 VLAN Port Status ....................93 3.7.2.4 Private VLAN Membership ..................95 3.7.2.5 Private VLAN Port Isolation ...................
- Page 6 User Manual Managed Switches 3.11.2 IGMP Snooping Basic Configuration ................. 143 3.11.3 IGMP Snooping VLAN Configuration ................. 145 3.11.4 IGMP Snooping Status ....................147 3.11.5 IGMP Snooping Group Information ................148 3.11.6 IGMP SFM Information ....................148 3.11.7 IGMP Snooping Port Group Filtering ................. 149 3.11.8 IPMC Profile Configurations..................
- Page 7 User Manual Managed Switches 3.14 Monitoring and Diag ......................204 3.14.1 Port Statistics Overview ..................... 204 3.14.2 Detailed Port Statistics ....................205 3.14.3 Port Monitoring ......................206 3.14.4 System Log Information ..................... 209 3.14.5 VeriPHY Cable Diagnostics ..................209 3.14.6 SFP Monitor ....................... 210 3.14.7 SFP Type ........................
-
Page 8: About This Manual
User Manual Managed Switches 1. About this Manual Thank you for purchasing a Weidmüller managed Industrial Ethernet switch. Read this user’s manual to learn how to connect your Weidmüller switch to Ethernet-enabled devices used for industrial applications. The following chapters are covered in this user manual: ... -
Page 9: Software Features
User Manual Managed Switches 2.2 Software features • Management Web-interface (HTTP / HTTPS) SNMP v1/v2c/v3 Telnet console Command Line Interface (CLI) Upload of a configuration file via web-interface or external backup module • Network redundancy Spanning Tree Protocol (STP) Rapid Spanning Tree Protocol (RSTP) Multiple Spanning Tree Protocol (MSTP) Media Redundancy Protocol (MRP) O-Ring (optimized protocol for ring topologies;... -
Page 10: Web Management
User Manual Managed Switches Management access security via privilege level configuration for different user roles • Industrial protocols Modbus TCP slave Profinet Conformance Class B MMS server 3. Web Management In this chapter, we explain how to access the Weidmüller Switch’s through the Web console as well as all the configuration, monitoring, and administration functions available when using this interface. - Page 11 User Manual Managed Switches The web login page will open. Enter the default user name “admin” and password “Detmold”, and then click OK to continue. After logging in, the main general information of the switch is shown including, among others, System Name, Software version, MAC address and Serial number.
-
Page 12: Accessing The Web Interface Via Https
User Manual Managed Switches NOTE: The pages of the Web interface include also a Reset button closed to the Apply one. If the user modifies any parameter of a web page but still has not applied the changes, the Reset button can be used to recover the previous default values of the page. -
Page 13: Device Description
User Manual Managed Switches 3.3.1 Device Description The device description items are displayed at the top of the web page. You can configure the System Identification items to make it easier to identify different switches that are connected to your network. System Name Factory Setting... -
Page 14: Ip Configuration
User Manual Managed Switches characters from 32 to 126. 3.3.2 IP Configuration The IP settings allow the user to set manually the IP parameters or by means of a DHCP server (for both IPv4 and IPv6). See a brief explanation of each configuration item below. IPv4 Setting DHCPv4 Factory... - Page 15 User Manual Managed Switches value of zero disables the fallback mechanism, such that DHCP will keep retrying until a valid lease is obtained. Current Lease Factory Setting Description Default For DHCPv4 interface with an active lease, this column No setting shows the current interface address, as provided by None (display)
-
Page 16: Ipv6 Setting
User Manual Managed Switches IP address if the 1st DNS Server fails to connect. IPv6 Setting DHCPv6 Factory Setting Description Default The Weidmüller switch’s IP address must be set Disabled manually. Disabled The Weidmüller switch’s IP address will be assigned Enabled automatically by the network’s DHCPv6 server. -
Page 17: Ip Status
User Manual Managed Switches Default The IPv6 network mask, in number of bits (prefix Subnet mask for length). Valid values are between 1 and 128 bits for an the Weidmüller IPv6 address. None Switch This field may be left blank if IPv6 operation on the interface is not desired. -
Page 18: Access Management
User Manual Managed Switches Link Address The Link (MAC) address for which a binding to the IP address given exists. 3.3.4 Access Management 3.3.4.1 Login Methods The Login Methods page allows the user to restrict the remote management of the switch. It is possible to block any specific kind of management (eg: web or telnet). -
Page 19: Authentication Methods
User Manual Managed Switches Certificate Maintain Setting Description Factory Default None No operation of certificate maintenance. None Delete Delete the current certificate. Upload a certificate PEM file through a web browser or URL. A pass phrase has to be entered if the Upload uploading certificate is protected by a specific passphrase. - Page 20 User Manual Managed Switches Authentication Method Configuration For each client type (console, telnet, ssh and http) the method to authenticate the user can be programmed: Setting Description Factory Default Authentication is disabled and login is not possible. local Use the local user database on the switch for local authentication.
-
Page 21: Access Security
User Manual Managed Switches than or equal to this level. Cfg Cmd Setting Description Factory Default Check / Uncheck Also authorize configuration commands. Unchecked Accounting Method Configuration The accounting section allows the administrator to configure command and exec (login) accounting. For each client type (console, telnet and ssh) the following parameters can be programmed: Method Setting... - Page 22 User Manual Managed Switches Mode Setting Description Factory Default Disabled / Enable or Disable the access management mode Unchecked Enabled operation. If the Access Management Mode is Enabled, for each entry of the table, the following fields have to be programmed: VLAN ID Setting Description...
-
Page 23: Access Statistics
User Manual Managed Switches address range provided in the entry. 3.3.4.4 Access Statistics This page provides statistics for access management if the Mode is Enabled in the Access Security page. In the table shown on the page is displayed the following information: Interface The interface type through which the remote host can access the switch. - Page 24 User Manual Managed Switches User Name Factory Setting Description Default Max. 31 Enter the new user name. The valid user name is a None characters combination of letters, numbers and underscores. Password Setting Description Factory Default Max. 31 Enter the password of the new user. Any printable None characters characters are acceptable (letters, numbers, symbols...
-
Page 25: Privilege Levels
User Manual Managed Switches 3.3.5.2 Privilege Levels This page provides an overview of the default privilege levels required to perform specific actions in the switch. It also allows the administrator to modify these default values. The page shows a table with the following fields: Group Name The name identifying the privilege group. -
Page 26: Time Setting
User Manual Managed Switches Web- Users, Privilege Levels and everything in Maintenance. Debug: Only present in CLI. Privilege Levels Every group has an authorization privilege level for the following subgroups: Configuration Read-only Configuration/Execute Read/write Status/Statistics Read-only Status/Statistics Read/write User Privilege should be same or greater than the authorization Privilege level to have the access to that group. - Page 27 User Manual Managed Switches NOTE: The Weidmüller switch does not have a real time clock. The user must update the Current Time and Current Date to set the initial time for the Weidmüller switch after each reboot, especially when the network does not have an Internet connection for an SNTP server or there is no SNTP server on the LAN.
- Page 28 User Manual Managed Switches as Server or Client. Set System Date Time manually Factory Setting Description Default None Allows configuration of the local date in yyyy-mm-dd System Date format. Allows configuration of the local time in 24-hour System Time None format.
-
Page 29: Lldp Function
User Manual Managed Switches Default Week / Day / Specifies the starting time to apply the Daylight Saving None Month / Hours / Time. Minutes End Time Settings Setting Description Factory Default Week / Day / Specifies the ending time to apply the Daylight Saving None Month / Hours / Time. -
Page 30: Lldp Parameters
User Manual Managed Switches LLDP Parameters Tx Interval Setting Description Factory Default 5 to 32768 sec The switch periodically transmits LLDP frames to its 30 (sec) neighbors to update the network discovery information. The interval between each LLDP frame is determined by the Tx Interval value. -
Page 31: Lldp Interface Configuration
User Manual Managed Switches Tx Delay Setting Description Factory Default 1 to 8192 sec If some configuration is changed (e.g. the IP address), 2 (sec) a new LLDP frame is transmitted, but the time between the LLDP frames will always be at least the value of Tx Delay seconds. -
Page 32: Neighbors
User Manual Managed Switches Default Check / Uncheck Optional TLV: When checked, the "system name" is Checked included in LLDP information transmitted. Sys Descr Setting Description Factory Default Check / Uncheck Optional TLV: When checked, the "system Checked description" is included in LLDP information transmitted. -
Page 33: Port Statistics
User Manual Managed Switches 8. Station Only 9. Reserved When a capability is enabled, a (+) will be displayed. If the capability is disabled, a (-) will be displayed. Management The neighbor unit's address that is used for higher layer entities to assist Address discovery by the network management. -
Page 34: Industrial Protocols
User Manual Managed Switches Total Neighbors Shows the number of new entries deleted since switch reboot. Entries Deleted Total Neighbors Shows the number of LLDP frames dropped due to full entry table. Entries Dropped Total Neighbors Shows the number of entries deleted due to expired time-to-live. Entries Aged Out LLDP Statistics Local Counters Local Interface... -
Page 35: Modbus Tcp
User Manual Managed Switches 3.3.8.1 Modbus TCP Introduction MODBUS TCP is a protocol commonly used for the integration of a SCADA system. It is also a vendor-neutral communication protocol used to monitor and control industrial automation equipment such as PLCs, sensors, and meters. In order to be fully integrated into industrial systems, Weidmüller’s switches support Modbus TCP/IP protocol for real-time monitoring in a SCADA system. -
Page 36: Mms
User Manual Managed Switches Weidmüller Online Product Catalogue. Select or search for device name or part number and refer to section ‘Donwloads’. 3.3.8.3 MMS Introduction MMS (Manufacturing Message Specification) is a client/server protocol included in the IEC 61850 standard for the communication between IEDs (Intelligent Electronic Devices) and SCADA system. The data model used by MMS is based on Logical Nodes. -
Page 37: Backup Configuration
User Manual Managed Switches Backup Configuration The switch stores its configuration in a number of text files. The files are either virtual (RAM-based) or stored in flash on the switch. The available files are: • Running Configuration: A virtual file that represents the currently active configuration on the switch. -
Page 38: Upgrade Firmware
User Manual Managed Switches The web page Ext. Backup/Restore Module allows the user to enable or disable the use of this IE-EBR-MODULE-RS232-ALM module in the switch. Backup via EBR module Factory Setting Description Default When Enabled, the IE-EBR-MODULE-RS232-ALM Enabled/Disabled can be used in the switch to download the Enabled configuration file. -
Page 39: Port Settings
User Manual Managed Switches Once the upgrade process is completed, the switch will be automatically rebooted. If the user wants to avoid this automatic reboot, the checkbox “Do not reboot after upgrade process has been completed” has to be selected. Then the user will have to reboot the device manually to become active the new firmware. - Page 40 User Manual Managed Switches (no setting) Speed Configured Link Speed Setting Description Factory Default Disabled Immediately shuts off port access. Auto Auto Allows the port to use the IEEE 802.3u protocol to negotiate with connected devices. The port and connected devices will determine the best speed for that connection.
- Page 41 User Manual Managed Switches Check / Uncheck When speed is set as auto i.e auto negotiation, the All checked 10M, 100M, 1G port will only advertise the specified speeds (10M 100M 1G) to the link partner. Flow Control Setting Description Factory Default Enabled /...
-
Page 42: Port Trunking
User Manual Managed Switches doesn't match the actual payload length. If "frame length check" is disabled, frames are not dropped due to frame length mismatch. 3.4.2 Port Trunking Link Aggregation allows one or more links to be aggregated together to form a Link Aggregation Group. -
Page 43: Hash Code Contributors
User Manual Managed Switches Hash Code Contributors Source MAC Address Setting Description Factory Default Check / Uncheck When enabled, the source MAC address is used to Checked calculate the destination port for the frame. Destination MAC Address Setting Description Factory Default Check / Uncheck When enabled, the destination MAC address is used... -
Page 44: Lacp Port Settings
User Manual Managed Switches Group ID Setting Description Factory Default Normal, 1 to half Indicates the ID of each aggregation group. Normal Normal number of total means no aggregation. Maximum number of groups is ports half number of the total ports and only one group ID is valid per port. -
Page 45: Lacp System Status
User Manual Managed Switches LACP Enabled Setting Description Factory Default Check / Uncheck Controls whether LACP is enabled on the switch port. Unchecked LACP will form an aggregation when two or more ports are connected to the same partner. Setting Description Factory Default... -
Page 46: Lacp Port Status
User Manual Managed Switches The displayed table contains information about the different LACP groups created: Aggr ID The aggregation ID is associated with the aggregation instance. Partner System ID The system ID (MAC address) of the aggregation partner. Partner Key The Key that the partner has assigned to this aggregation ID. -
Page 47: Lacp Statistics
User Manual Managed Switches Aggr ID The Aggregation ID assigned to this aggregation group. The partner’s System ID (MAC address). Partner System ID The partner’s port number connected to this port. Partner Port Partner Prio The partner's port priority. 3.4.2.5 LACP Statistics This page provides an overview of the LACP statistics for all ports. -
Page 48: Loop Protection
User Manual Managed Switches Name Name of the aggregation group ID. Type Type of the aggregation group (static or LACP). Speed Speed pf the aggregation group. Configured Ports Configured member ports of the aggregation group. Aggregated Ports Aggregated member ports of the aggregation group. 3.4.3 Loop Protection Avoid maintenance/installation crews from mistakenly placing one cable on the same switch generating a loop problem. -
Page 49: Status
User Manual Managed Switches Default Enable / Disable Controls whether loop protection is enabled (as a Disable whole). Transmission Time Setting Description Factory Default 1 to 10 (sec) The interval between each loop protection PDU sent 5 (sec) on each port. Shutdown Time Setting Description... -
Page 50: Dhcp Server/Relay
User Manual Managed Switches The displayed table contains information about the loop protection status in each port: Port The switch port number. Action The currently configured port action. Transmit The currently configured port transmit mode. Loops The number of loops detected on this port. Status The current loop protection status of the switch. -
Page 51: Dhcp Server Pool Configuration
User Manual Managed Switches Global Mode Factory Setting Description Default Enabled / Enable / Disable DHCP server per system. Disabled Disabled VLAN Mode Factory Setting Description Default Indicate the VLAN range in which DHCP server is VLAN range None enabled or disabled. 3.5.1.2 DHCP Server Pool Configuration This page manages DHCP pools. -
Page 52: Dhcp Server Excluded Ip Configuration
User Manual Managed Switches Type Factory Setting Description Default Display the type of pool. Network: The pool defines a pool of IP addresses to service more than one DHCP client. ‘-‘ Network / Host Host: The pool services for a specific DHCP client identified by client identifier or hardware address. -
Page 53: Dhcp Server Statistics
User Manual Managed Switches 3.5.1.4 DHCP Server Statistics This page displays the database counters and the number of DHCP messages sent and received by DHCP server. There are several tables on the page showing the following information: Database Counters Pool Number of pools. -
Page 54: Dhcp Message Sent Counters
User Manual Managed Switches DHCP Message Sent Counters OFFER Number of DHCP OFFER messages sent. Number of DHCP ACK messages sent. Number of DHCP NAK messages sent. 3.5.1.5 DHCP Server Binding IP This page displays bindings generated for DHCP clients. The displayed table shows the following information: IP address allocated to DHCP client. -
Page 55: Dhcp Server Ip Port Binding
User Manual Managed Switches 3.5.1.7 DHCP Server IP Port Binding If is required to assign a fixed IP address to a client, this page allows to statically bind each port of the switch to an IP address in a DHCP address pool. DHCP Mode Factory Setting... -
Page 56: Dhcp Relay Configuration
User Manual Managed Switches client-originated DHCP packets to a DHCP server. Servers can recognize the Relay Agent Information option and use the information to implement IP addresses to Clients. When Option 82 is enabled on the switch, a subscriber device is identified by the switch port through which it connects to the network (in addition to its MAC address). -
Page 57: Dhcp Relay Statistics
User Manual Managed Switches Relay Information Mode Setting Description Factory Default Enabled / Indicates the DHCP relay information mode option Disabled Disabled operation. Enabled: When DHCP relay information is enabled, the agent inserts specific information (option 82) into a DHCP message when forwarding to a DHCP server and removes it from a DHCP message when transferring to a DHCP client. -
Page 58: Server Statistics
User Manual Managed Switches Server Statistics Transmit to Server The number of packets relayed from the client to the server. Transmit Error The number of packets that resulted in errors while being sent to clients. Receive from The number of packets received from the server. Server Receive Missing The number of packets received without agent information option. - Page 59 User Manual Managed Switches Snooping Mode Setting Description Factory Default Enabled / Indicates the DHCP snooping mode operation. Disabled Disabled Enabled: Activates DHCP snooping. When DHCP snooping is enabled, the DHCP request messages will be forwarded to trusted ports and only allow reply packets from trusted ports.
-
Page 60: Dhcp Snooping Table
User Manual Managed Switches 3.5.3.2 DHCP Snooping Table This page displays the dynamic IP assigned information after DHCP Snooping mode is disabled. All DHCP clients that obtained the dynamic IP address from the DHCP server will be listed in this table except for local VLAN interface IP addresses. -
Page 61: Redundancy
User Manual Managed Switches The displayed table shows the following information for each port of the switch: Rx and Tx The number of discover packets received and transmitted. Discover Rx and Tx Offer The number of offer packets received and transmitted. Rx and Tx Request The number of request packets received and transmitted. -
Page 62: The O-Ring Concept
User Manual Managed Switches When configuring a redundant ring, all switches on the same ring must be configured to use the same redundancy protocol. You cannot mix the O-Ring, MRP or STP/RSTP/MSTP protocols on the same ring. The following table lists the key differences between the features of each protocol. Use this information to evaluate the benefits of each, and then determine which features are most suitable for your network. -
Page 63: Ring Coupling Configuration
User Manual Managed Switches For copper-based Gigabit Ethernet connections the link loss detection is not used as trigger for ring topology change due to the physical design, as a link loss recognition takes a time of several hundred millisecond. Instead, for copper-based Gigabit Ethernet connections control packets are sent cyclic to achieve the fast recovery time of 30ms (Method 2). -
Page 64: Dual Homing Configuration
User Manual Managed Switches methods (Physical link change detection and/or Cyclic sending of control packets every 10ms) the coupling backup line will be activated (including a topology change) after around 30 ms. NOTE: Only for two switches of an O-Ring network one coupling port may be enabled. 3.6.2.3 Dual Homing Configuration Dual Homing provides a redundant connection between an O-Ring network and an RSTP network. - Page 65 User Manual Managed Switches 1. Select Enable in field Ring Redundancy. 2. If only a redundancy with 1 ring shall be created then do following: • Enable ‘Ring Master’ if the switch shall be assigned as ring master. For O-Ring configuration one switch needs to be configured as Ring Master. However, if two or more switches are set as Ring Master, the switch with the lowest MAC address will be the actual Ring Master and the others will be Backup Masters.
-
Page 66: Media Redundancy Protocol (Mrp)
User Manual Managed Switches Hello Time Setting Description Factory Default 10 to 10,000ms Cyclic time of control packets sent by Master in the failure 10ms detection method 2 of the switch. Max Age Count Setting Description Factory Default 0 to 1000 Number of lost control packets for initiating a ring topology change. - Page 67 User Manual Managed Switches MRP in Weidmüller Ethernet Switches There is a dependency between the web-interface configurable instance and the PROFINET-based MRP instance which will be configured via a PROFINET engineering tool (like TIA portal). For this reason, the web-interface based MRP redundancy can only be used if industrial protocol PROFINET is Disabled in the option Industrial Protocols of Basic Settings menu.
-
Page 68: The O-Chain Concept
User Manual Managed Switches React on Link Change Setting Description Factory Default Enabling this function will cause MRP topology to converge more rapidly in case of a ring break. This option is only available on a switch with Manager role. This feature specifies whether the Manager reacts immediately or not on a 'MRP Link Change' frame Enable... - Page 69 User Manual Managed Switches For both above illustrated scenarios the overall network healing time can be calculated roughly to around 40 ms based on a proprietary method to force a MAC address table update for all connected Weidmüller switches. Recovery time for O-Chain connected to an RSTP network For a connection to an RSTP network the overall time for topology update after the chain is broken can be estimated as the calculated healing time of the used RSTP redundancy settings plus around 30 milliseconds for chain topology update.
- Page 70 User Manual Managed Switches • If the chain is healthy the O-Chain Edge port of the switch with lowest MAC address always becomes the blocking (discarding) state and the other Edge port will be the forwarding one. • BPDU control packets which will be sent cyclic from RSTP network to the O-Chain Edge ports will be blocked by both Edge ports as long as the chain is healthy.
-
Page 71: Stp / Rstp / Mstp
User Manual Managed Switches Explanation of ‘Setting’ and ‘Status’ items Chain Redundancy Setting Description Factory Default Enable Enable the O-Chain operation. Disable Disable Disable the O-Chain operation. Status Description Factory Default O-Chain redundancy disabled. Healthy The Chain is operating normally. Broken Any of the two links of the Chain is not connected. - Page 72 User Manual Managed Switches NOTE: The STP protocol is part of the IEEE Std 802.1D, 2004 Edition bridge specification. The following explanation uses “bridge” instead of “switch.” STP (802.1D) is a bridge-based system that is used to implement parallel paths for network traffic. STP uses a loop-detection process to: •...
-
Page 73: How Stp Works
User Manual Managed Switches Bridge B Bridge A Bridge C STP will determine which path between each bridged segment is most efficient, and then assign a specific reference point on the network. When the most efficient path has been identified, the other paths are blocked. - Page 74 User Manual Managed Switches STP Calculation The first step of the STP process is to perform calculations. During this stage, each bridge on the network transmits BPDUs. The following items will be calculated: • Which bridge should be the Root Bridge. The Root Bridge is the central reference point from which the network is configured.
- Page 75 User Manual Managed Switches • Bridge A has been selected as the Root Bridge, since it was determined to have the lowest Bridge Identifier on the network. • Since Bridge A is the Root Bridge, it is also the Designated Bridge for LAN segment 1. Port 1 on Bridge A is selected as the Designated Bridge Port for LAN Segment 1.
-
Page 76: Configuring Stp / Rstp / Mstp - Bridge Settings
User Manual Managed Switches STP/RSTP only depend on the physical connections, whilst MSTP configures separate Spanning Tree instances for different VLAN groups. The main concepts that are specific of MSTP when comparing with STP/RSTP are: • Multiple Spanning Tree Instances (MSTIs). An MST instance (MSTI) is a particular set of VLANs that are all using the same spanning tree. - Page 77 User Manual Managed Switches Basic Settings Protocol version Setting Description Factory Default The version of the STP protocol. Valid values are STP, STP / RSTP / MSTP MSTP RSTP and MSTP. Bridge Priority Setting Description Factory Default Controls the bridge priority. Lower numeric values have higher priority.
-
Page 78: Advanced Settings
User Manual Managed Switches Forward Delay (sec) Setting Description Factory Default Numerical value The amount of time this device waits before checking to input by user (4 to see if it should change to a different state. Max. Age (sec) Setting Description Factory Default... -
Page 79: Msti Mapping
User Manual Managed Switches Port Error Recovery Timeout (sec) Setting Description Factory Default Numerical value input This field is only enabled if Port Error Recovery is by user (30 to 86400) checked. It sets the time to pass before a port in the None error-disabled state can be enabled. -
Page 80: Msti Priorities
User Manual Managed Switches Configuration Revision Setting Description Factory Default Numerical value input by user (0 to The revision of the MSTI configuration named above. 65535) MSTI Mapping VLANs Mapped Setting Description Factory Default The list of VLANs mapped to the different MSTIs. The VLAN number by the VLANs must be separated with commas and/or space. -
Page 81: Cist Ports
User Manual Managed Switches 3.6.5.6 CIST Ports This page allows the user to inspect and change the current CIST port configurations. For each port of the switch, the user can program the following parameters: STP Enabled Setting Description Factory Default Checked / Controls whether STP/RSTP is enabled on this switch Unchecked... - Page 82 User Manual Managed Switches Priority Setting Description Factory Default Scroll list with Configures the priority for ports having identical path cost. acceptable values Admin Edge Setting Description Factory Default Configures the operEdge flag to start as set or cleared (the initial operEdge state when a port is initialized). The operEdge is a flag indicating whether the port is Edge / Non-Edge Non-Edge...
-
Page 83: Msti Ports
User Manual Managed Switches Point-to-Point Setting Description Factory Default Auto Automatic detection if the link port is point to point or not (connected to a point-to-point LAN or to a shared media). Forced True The port link is point to point and then is a candidate for Auto rapid transition to the forwarding state. -
Page 84: Bridge Status
User Manual Managed Switches Path Cost Setting Description Factory Default Configures the path cost incurred by the port. Auto will set the path cost according to the physical link speed by using the 802.1D-recommended values. Specific allows the user to enter a user-defined value (1 Auto / Specific to 200000000). -
Page 85: Port Status
User Manual Managed Switches Port The port of the switch. Port ID The port identifier used by the STP protocol, consisting of the priority and the logical port index of the bridge port. Role The role of a port is assigned based on whether it is part of the active topology connecting the bridge to the root bridge (i.e., root port), connecting a LAN through the bridge to the root bridge (i.e., designated port);... -
Page 86: Port Statistics
User Manual Managed Switches In the table shown on the page is displayed the following information for each port: CIST Role The current STP port role of the CIST port. The port role can be one of the following values: AlternatePort BackupPort RootPort... -
Page 87: Fast Recovery
User Manual Managed Switches Port The switch port number of the logical STP port. MSTP The number of MSTP BPDUs transmitted/received on the port. RSTP The number of RSTP BPDUs transmitted/received on the port. The number of legacy STP Configuration BPDUs transmitted/received on the port. -
Page 88: Virtual Lan
User Manual Managed Switches Recovery Priority Setting Description Factory Default Select the priority (number from 1 to 20) of each port. The Not included, 1 to 20 connected port with the highest priority (lowest number) Not included will be the active one and the others will be blocked. When the Fast Recovery is Enabled, the page shows an additional text indicating the active port of the switch. - Page 89 User Manual Managed Switches Benefits of VLANs The main benefit of VLANs is that they provide a network segmentation system that is far more flexible than traditional networks. Using VLANs also provides you with three other benefits: • VLANs ease the relocation of devices on networks: With traditional networks, network administrators spend most of their time dealing with moves and changes.
-
Page 90: Configuring Virtual Lan
User Manual Managed Switches A typical host (e.g., clients) will be untagged members of one VLAN, defined as "Access Port" in the Weidmüller switch, while inter-switch connections will be tagged members of all VLANs, defined as "Trunk Port" in the Weidmüller switch. The IEEE Std 802.1Q-1998 defines how VLANs operate within an open packet-switched network. -
Page 91: Global Vlan Configuration
User Manual Managed Switches Global VLAN Configuration Allowed Access VLANs Setting Description Factory Default Numerical value This field shows the allowed Access VLANs, it only between 1 and affects ports configured as Access ports. Ports in 4095 other modes are members of the VLANs specified in the Allowed VLANs field (Port VLAN Configuration section). - Page 92 User Manual Managed Switches • The VLANs that a trunk port is member of may be limited by the use of Allowed VLANs • Frames classified to a VLAN that the port is not a member of are discarded • By default, all frames but frames classified to the Port VLAN (Native VLAN) get tagged on egress.
- Page 93 User Manual Managed Switches Factory Setting Description Default On ingress, all frames, whether carrying a VLAN tag or not, get classified to the Port VLAN, and possible tags are Unaware not removed on egress. This port type can only be selected if port mode is Hybrid.
- Page 94 User Manual Managed Switches Factory Setting Description Default Both tagged and untagged frames are accepted. See Port Tagged and Type for a description of when a frame is considered Untagged tagged. Only frames tagged with the corresponding Port Type tag Tagged and Tagged Only are accepted on ingress.
-
Page 95: Vlan Membership Status
User Manual Managed Switches 3.7.2.2 VLAN Membership Status This page provides an overview of membership status of VLAN users. User Type Setting Description Factory Default Scroll list with Various internal software modules may Combined acceptable user use VLAN services to configure VLAN types memberships on the fly. - Page 96 User Manual Managed Switches The following information is shown on the table: User Type Various internal software modules may use VLAN services to configure VLAN port configuration on the fly. It is possible to show VLAN memberships as configured by an administrator (Admin) or as configured by one of these internal software modules.
-
Page 97: Private Vlan Membership
User Manual Managed Switches software modules are prioritized according to their position in the drop-down list: The higher in the list, the higher priority. If conflicts exist, it will be displayed as "Yes" for the "Combined" user and the offending software module. The "Combined"... -
Page 98: Gvrp Configuration
User Manual Managed Switches Port Number Setting Description Factory Default Check/Uncheck A check box is provided for each port of a Unchecked private VLAN. When checked, port isolation is enabled for that port. When unchecked, port isolation is disabled for that port. -
Page 99: Gvrp Port Configuration
User Manual Managed Switches LeaveAll-time Setting Description Factory Default Numerical value GVRP protocol timer. 1000 between 1000 and 5000 (hundreds of sec) Max VLANs Setting Description Factory Default Numerical value The maximum number of VLANs between 1 and supported by GVRP. This number can 4094 only be changed when GVRP is disabled. -
Page 100: Snmp
User Manual Managed Switches 3.8 SNMP Weidmüller managed Switches support SNMP V1, V2c, and V3. SNMP V1 and SNMP V2c use a community string match for authentication, which means that SNMP servers access all objects with read-only or read/write permissions using the community strings public and private by default. SNMP V3 requires that you select an authentication level of MD5 or SHA and is the most secure protocol. - Page 101 User Manual Managed Switches Mode Factory Setting Description Default Enabled/Disabled Enables or disables SNMP operation mode. Enabled Version Factory Setting Description Default Specifies the SNMP protocol version used to manage V1 / V2c / V3 the switch. Read Community (SNMPv1 and SNMP v2c only) Factory Setting Description...
-
Page 102: Snmp Trap
User Manual Managed Switches 3.8.2 SNMP Trap This page allows the user to configure the general SNMP traps. Mode Factory Setting Description Default Disabled/Enabled Enables or disables SNMP traps in the switch. Disabled Pressing the button Add New Entry the SNMP Trap configuration page appears. SNMP Trap Configuration Trap Config Name Factory... - Page 103 User Manual Managed Switches Trap Mode Factory Setting Description Default Disabled/Enabled Enables or disables SNMP traps in the switch. Disabled Trap Version Factory Setting Description Default Specifies the SNMP protocol version used to manage V1 / V2c / V3 the traps. Trap Community Factory Setting...
- Page 104 User Manual Managed Switches Trap Probe Security Engine ID Factory Setting Description Default This field can only be programmed if the selected trap version is SNMPv3. Indicates the SNMP trap security engine ID. SNMPv3 sends traps and informs using USM for authentication and privacy. A unique engine ID for these traps and informs is Disabled/Enabled needed.
-
Page 105: Snmp Community Configuration
User Manual Managed Switches Switch Factory Setting Description Default Enable/Disable the traps related with the STP Check/Uncheck Unchecked redundancy. 3.8.3 SNMP Community Configuration This page allows the user to configure SNMP community table. The entry index key is Community. Press the button Add New Entry to create a new Community. Community Factory Setting... - Page 106 User Manual Managed Switches A default user is already created but is possible to create additional ones with different security levels. Press the button Add New Entry to create a new User. Engine ID Factory Setting Description Default An octet string identifying the engine ID that this entry should belong to.
-
Page 107: Snmp Groups Configuration
User Manual Managed Switches Authentication Password Factory Setting Description Default String between 8 and 32 characters A string identifying the authentication pass phrase. None (MD5) or between 8 and 40 (SHA) Privacy Protocol Factory Setting Description Default Encryption will be based on DES protocol. Encryption will be based on AES protocol. -
Page 108: Snmp View Configuration
User Manual Managed Switches Security Name Factory Setting Description Default A string identifying the security name that this entry Max. 32 should belong to. This Security Name must be one of None characters the created users names in the SNMP Users Configuration option. -
Page 109: Snmp Access Configuration
User Manual Managed Switches View Type Factory Setting Description Default Indicates that the created view subtree should be Included included. Exact Indicates that the created view subtree should be Excluded excluded. OID Subtree Factory Setting Description Default The object identifier (OID) value for the created view table. -
Page 110: Rmon
User Manual Managed Switches Reserved for SNMPv2c. User-based Security Model (usm): SNMPv3. Accepted any Security model. Security Level This Security Level must be selected in accordance with the one defined for the User of the selected Group Name. Factory Setting Description Default NoAuth, NoPriv... -
Page 111: Rmon Statistics Configuration
User Manual Managed Switches 3.9.1 RMON Statistics Configuration This page allows the user to configure RMON Statistics. Press the button Add New Entry to create a new entry to get RMON statistics in any port of the switch. Setting Description Factory Default Numeric value... -
Page 112: Rmon Alarm Configuration
User Manual Managed Switches Data Source Setting Description Factory Default Number (OID) Indicates the port ID which wants to be monitored. None The value of the switch must add 1000000*(switch ID-1). For example, if we want to monitor switch 3 port 5, the value is 2000005. - Page 113 User Manual Managed Switches InOctets: The total number of octets received on the interface, including framing characters. InUcastPkts: The number of uni-cast packets delivered to a higher-layer protocol. InNUcastPkts: The number of broad-cast and multi-cast packets delivered to a higher-layer protocol.
-
Page 114: Rmon Event Configuration
User Manual Managed Switches Rising Or Falling when the first value is larger than the rising threshold or lower than the falling threshold. Rising Threshold Setting Description Factory Default Numeric value Rising threshold value. between -2 and 2 Rising Index Setting Description Factory... -
Page 115: Rmon Statistics Status
User Manual Managed Switches Desc Setting Description Factory Default Max. 127 Description of the event. None characters Type Setting Description Factory Default None The event is not notified. None SNMP log is created when the event is triggered. SNMPtrap SNMP trap is sent when the event is triggered. Logandtrap SNMP log is created and SNMP trap is sent when the event is triggered. - Page 116 User Manual Managed Switches The page includes a table with the following information: Indicates the index of Statistics entry. Data Source The port ID which wants to be monitored. The total number of events in which packets were dropped by the probe Drop due to lack of resources.
-
Page 117: Rmon History Status
User Manual Managed Switches 3.9.6 RMON History Status This page provides an overview of RMON History entries. The page shows up to 99 entries from the History table, default being 20, selected through the Entries per page input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table. -
Page 118: Rmon Alarm Status
User Manual Managed Switches 3.9.7 RMON Alarm Status This page provides an overview of RMON Alarm entries. The page shows up to 99 entries from the Alarm table, default being 20, selected through the Entries per page input field. When first visited, the web page will show the first 20 entries from the beginning of the Statistics table. -
Page 119: Traffic Prioritization
User Manual Managed Switches The page includes a table with the following information: Event Index Indicates the index of the event entry. Log Index Indicates the index of the log entry. Log Time Indicates Event log time LogDescripi Indicates the Event description. 3.10 Traffic Prioritization The Weidmüller switch’s traffic prioritization capability provides Quality of Service (QoS) to your network by making data delivery more reliable. - Page 120 User Manual Managed Switches IEEE 802.1D Traffic Marking The IEEE Std 802.1D, 1998 Edition marking scheme, which is an enhancement to IEEE Std 802.1D, enables Quality of Service on the LAN. Traffic service levels are defined in the IEEE 802.1Q 4-byte tag, which is used to carry VLAN identification as well as IEEE 802.1p priority information.
-
Page 121: Traffic Queues
User Manual Managed Switches Traffic Prioritization Weidmüller managed Switches classify traffic based on layer 2 of the OSI 7 layer model, and the switch prioritizes received traffic according to the priority information defined in the received packet. Incoming traffic is classified based upon the IEEE 802.1D frame and is assigned to the appropriate priority queue based on the IEEE 802.1p service level value defined in that packet. -
Page 122: Port Classification
User Manual Managed Switches For each frame type (Unicast / Multicast / Broadcast) is possible: Enable Setting Description Factory Default Check / Enable or disable the storm control status for the Unchecked Uncheck given frame type. Rate Setting Description Factory Default Numeric value Controls the rate for the global storm policer. - Page 123 User Manual Managed Switches The following settings can be applied to any port of the switch: Setting Description Factory Default 0 to 7 Controls the default class of service. All frames are classified to a CoS. There is a one to one mapping between CoS, queue and priority.
-
Page 124: Iec 61850 Messages
User Manual Managed Switches Tag Class Setting Description Factory Default Enabled / Shows the classification mode for tagged frames on Disabled Disabled this port. Disabled: Use default QoS class and DP level for tagged frames. Enabled: Use mapped versions of PCP and DEI for tagged frames. -
Page 125: Port Tag Remarking
User Manual Managed Switches QoS Mode Factory Setting Description Default Enabled / Enable or Disable the prioritization applicable to Disabled Disabled GOOSE and Sampled Value (SV) messages. GOOSE priority Factory Setting Description Default Forwarding priority applied to the GOOSE messages received by the switch. -
Page 126: Port Dscp
User Manual Managed Switches The user can set the tag remarking mode of each port: Tag Class Setting Description Factory Default Classified / Shows the tag remarking mode for this port: Disabled Default / Classified: Use classified PCP/DEI values. Mapped Default: Use default PCP/DEI values. - Page 127 User Manual Managed Switches Ingress Classify Setting Description Factory Default Disable / The classification of a port has four different values: Disable DSCP=0 / Disable: No ingress DSCP classification. Selected / All DSCP=0: Classify if incoming (or translated if enabled) DSCP is 0. Selected: Classify only selected DSCP for which classification is enabled as specified in DSCP translation window for the specific DSCP.
-
Page 128: Port Policing
User Manual Managed Switches 3.10.6 Port Policing This page allows the user to configure the Policer settings for all switch ports. Enable Setting Description Factory Default Check / Check to enable the policer on the switch port. Unchecked Uncheck Rate Setting Description Factory... -
Page 129: Queue Policing
User Manual Managed Switches Uncheck pause frames are sent instead of being discarded. 3.10.7 Queue Policing This page allows the user to configure Queue Policer settings for all switch ports. Enable Setting Description Factory Default Check / Check to enable the queue policer on the switch port. Unchecked Uncheck Rate... -
Page 130: Port Scheduler
User Manual Managed Switches This field is only shown if the queue policer is enabled. 3.10.8 Port Scheduler This page provides an overview of QoS Egress Port Schedulers for all switch ports. The following information of each port is displayed on the page: Mode Shows the scheduling mode (Strict Priority or Weighted). - Page 131 User Manual Managed Switches Scheduler Mode Setting Description Factory Default Strict Priority / Configures the scheduler mode on this switch port. Strict Priority 6 Queues Weighted Queue Shaper Enable Setting Description Factory Default Check / Controls whether the queue shaper is enabled for Unchecked Uncheck this queue on this switch port.
-
Page 132: Port Shaper
User Manual Managed Switches Queue Shaper Excess Setting Description Factory Default Check / Controls whether the queue is allowed to use excess Unchecked Uncheck bandwidth. It can only be programmed if queue shaper is enabled. Queue Scheduler Weight Setting Description Factory Default Numerical value... -
Page 133: Dscp-Based Qos
User Manual Managed Switches Port Shows "-" for disabled or actual port shaper rate - e.g. "800 Mbps". When clicking on any port number, a new page is loaded to configure the Scheduler and Shapers for that specific port of the switch. The page is the same one loaded from the Port Scheduler option and all its settings are already explained in the previous section of this manual. -
Page 134: Dscp Translation
User Manual Managed Switches corresponds to discard eligible frames. 3.10.11 DSCP Translation This page allows the user to configure QoS DSCP translation settings for the switches. DSCP translation can be done in Ingress or Egress. For the 64 DSCP values is possible to set: Ingress Translate Setting Description... -
Page 135: Dscp Classification
User Manual Managed Switches Egress Remap DP0 and DP1 Setting Description Factory Default 0 to 63 Controls the remapping for frames with DP level 0 0 to 63 and DP level 1. The user can select the DSCP value from a selected menu to which is desired to remap. 3.10.12 DSCP Classification This page allows the user to configure the mapping of QoS class and Drop Precedence Level to DSCP value. -
Page 136: Qos Control List
User Manual Managed Switches For the actual QoS (0 to 7) the user can set the classified DSCP value. DSCP DP0 and DP1 Setting Description Factory Default 0 to 63 Select the classified DSCP value for frames with Drop Precedence Level 0 and Drop Precedence Level 1. - Page 137 User Manual Managed Switches Port Members Setting Description Factory Default Check/Uncheck A row of check boxes for each port. Checked Check the box to include the port in the QCL entry. Key Parameters - DMAC Setting Description Factory Default Any / Unicast / Indicates the destination MAC address Multicast / for incoming frames.
- Page 138 User Manual Managed Switches Key Parameters - PCP Setting Description Factory Default Any / 0 to 7 / Valid value of Priority Code Point (PCP). ranges Can be any value in the range 1-7 or ‘Any’. Key Parameters - DEI Setting Description Factory Default...
- Page 139 User Manual Managed Switches Key Parameters – Frame Type – IPv4 Setting Description Factory Default Protocol TCP, UDP, Other (value from 0 to 255) or ‘Any’. When selecting TCP or UDP, the following additional parameters have to be configured: Sport (Source TCP/UDP Port): Specific value (0 to 65535) or ‘Any’.
-
Page 140: Qos Statistics
User Manual Managed Switches Action Parameters – DPL Setting Description Factory Default Default, 0 or 1 Drop Precedence Level 0, 1 or Default. Default 'Default' means that the default classified value is not modified by this QCE. Action Parameters – DSCP Setting Description Factory Default... -
Page 141: Qcl Status
User Manual Managed Switches 3.10.15 QCL Status This page shows the QCL (Quality of Service Control List) status by different QCL users. Each row describes the QCE (Quality of Service Control Entry) that is defined. The maximum number of QCEs is 256 on each switch. -
Page 142: Multicast
User Manual Managed Switches IPv6: The QCE will match only IPV6 frames. Indicates the classification action taken on ingress frame if parameters configured are matched with the frame's content. There are six action fields: CoS: Classified QoS class; if a frame matches the QCE, it will be put in the queue. -
Page 143: Multicast Filtering
User Manual Managed Switches traffic must be sent to several end-stations at the same time, but where broadcasting the traffic to all end-stations would cause a substantial reduction in network performance. Furthermore, the GOOSE messages and SAMPLED VALUES defined in the IEC 61850 standard are multicast and use publisher/subscriber communications models by multicasting packets that could flood a network with heavy traffic. - Page 144 User Manual Managed Switches Network with multicast filtering Hosts only receive dedicated traffic from other hosts belonging to the same group. The Weidmüller switch supports multicast filtering with both IGMP (Internet Group Management Protocol) Snooping and MLD (Multicast Listener Discovery) Snooping. MLD is the IPv6 equivalent of IGMP.
-
Page 145: Igmp Snooping Basic Configuration
User Manual Managed Switches • When the router receives the report packet, it registers that the LAN or VLAN requires traffic for the multicast groups. • When the router forwards traffic for the multicast group to the LAN or VLAN, the switches only forward the traffic to ports that received a report packet. -
Page 146: Global Configuration
User Manual Managed Switches Global Configuration Snooping Enabled Setting Description Factory Default Check/Uncheck Enable the IGMP Snooping function globally. Unchecked Unregister IPMCv4 Flooding Enabled Setting Description Factory Default Check/Uncheck Enable unregistered IPMCv4 traffic flooding. Checked The flooding control takes effect only when IGMP Snooping is enabled. -
Page 147: Igmp Snooping Vlan Configuration
User Manual Managed Switches Fast Leave Setting Description Factory Default Check/Uncheck Enable the fast leave on the port. Unchecked System will remove group record and stop forwarding data upon receiving the leave message without sending last member query messages. It is recommended to enable this feature only when a single IGMPv2 host is connected to the specific port. - Page 148 User Manual Managed Switches Querier Address Setting Description Factory Default IP address Define the IPv4 address as source address used in IP None header for IGMP Querier election. When the Querier address is not set, system uses IPv4 management address of the IP interface associated with this VLAN.
-
Page 149: Igmp Snooping Status
User Manual Managed Switches LLQI Setting Description Factory Default 1 to 31774 (tenths Last Member Query Interval. It is the time value 10 (1 sec) of sec) represented by the Last Member Query Interval, multiplied by the Last Member Query Count. Setting Description Factory... -
Page 150: Igmp Snooping Group Information
User Manual Managed Switches V1 Reports The number of received V1 reports. Received V2 Reports The number of received V2 reports. Received V3 Reports The number of received V3 reports. Received V2 Leaves The number of received V2 leave packets. Received Port Switch port number. -
Page 151: Igmp Snooping Port Group Filtering
User Manual Managed Switches The following information can be displayed on the page: VLAN ID VLAN ID of the group. Groups Group address of the group displayed. Port Switch port number. Indicates the filtering mode maintained per basis (VLAN ID, port number, Mode Group Address). -
Page 152: Ipmc Profile Configurations
User Manual Managed Switches Filtering profile Setting Description Factory Default Select IPMC Select the IPMC Profile as the filtering condition for None profile entry from the specific port. Summary about the designated a list profile will be shown by clicking the view button. Note: No available IPMC Profiles by default. -
Page 153: Ipmc Profile Address Configuration
User Manual Managed Switches Rule Setting Description Factory Default Rule setting When the profile is created, click the edit button to None enter the rule setting page of the designated profile. Summary about the designated profile will be shown by clicking the view button. You can manage or inspect the rules of the designated profile by using the following buttons: : List the rules associated with the designated... -
Page 154: Mld Snooping
User Manual Managed Switches 3.11.10 MLD Snooping The same options described for IGMP in previous sections (Basic Configuration, VLAN Configuration, Status, Groups Information, IP SFM Information and Port Group Filtering) are also available for MLD protocol in case multicast of IPv6 traffic in required. 3.12 Security Security can be categorized in two levels: the user name/password level, and the port access level. - Page 155 User Manual Managed Switches The Weidmüller switch acts as an authenticator in the 802.1X environment. A supplicant and an authenticator exchange EAPOL (Extensible Authentication Protocol over LAN) frames with each other. Authentication can be initiated either by the supplicant or the authenticator. When the supplicant initiates the authentication process, it sends an EAPOL-Start frame to the authenticator.
-
Page 156: Mac Address Table Configuration
User Manual Managed Switches 7. The authenticator sends "EAP Success" or "EAP Failure" based on the reply from the authentication server. 3.12.1 MAC Address Table Configuration The user can configure the MAC Address Table on this page. It is possible to set timeouts for entries in the dynamic MAC Table as well as configure the static MAC table. -
Page 157: Static Mac Table Configuration
User Manual Managed Switches Secure: Only static MAC entries are learned, all other frames are dropped. NOTE: If the setting of the port for the MAC Table Learning is Secure, make sure the link used for managing the switch is added to the static MAC table before saving. Otherwise the management link will be lost and can only be restored by using another non-secure port, by connecting to the switch via the serial interface or by restoring the default values. -
Page 158: Device Binding
User Manual Managed Switches The page includes a table with the following information: Type Indicates whether the entry is static or dynamic. VLAN The VLAN ID of the entry. MAC Address The MAC address of the entry. Port Members The ports that are members of the entry. 3.12.3 Device Binding This page provides Device Binding related configuration. - Page 159 User Manual Managed Switches Mode Setting Description Factory Default --- / Scan / The Mode configuration is only possible when Device Binding / Binding function is enabled. The possible states for Shutdown each port are: ---: Device Binding disabled in that port. Scan: Scans IP/MAC automatically, but no binding function executed in the port.
-
Page 160: Alias Ip Address
User Manual Managed Switches Device MAC Address Setting Description Factory Default If the Mode configuration is ‘Scan’, this field indicates MAC address None the MAC address detected. If the Mode configuration is ‘Binding’, this field must specify the MAC address of the authorized device. 3.12.3.1 Alias IP Address Some devices might have more than one IP address. - Page 161 User Manual Managed Switches Mode Setting Description Factory Default Enable / Disable Enable or Disable (---) the Alive Check option on the --- (Disabled) port. Note: If the Binding function is not enabled on a port, it will not be possible to enable the Alive Check option. Binding function is enabled in the Device Binding page.
-
Page 162: Ddos Prevention
User Manual Managed Switches 3.12.3.3 DDOS Prevention This page provides DDOS (Distributed Denial of Service) Prevention related configuration options. The switch could monitor the ingress packets and do some actions when DDOS attack happened on any specific port. Mode Setting Description Factory Default... -
Page 163: Device Description
User Manual Managed Switches Rx Unicast: Unicast ingress packets. Rx Multicast: Multicast ingress packets. Rx Broadcast: Broadcast ingress packets. TCP: TCP ingress packets. UDP: UDP ingress packets. Socket Number Setting Description Factory Default Socket number If the packed type is TCP or UDP, the socket number has to be specified. -
Page 164: Stream Check
User Manual Managed Switches Type Setting Description Factory Default Select from a list Indicates device types. Possible types are: --- (no None specification), IP Camera, IP Phone, Access Point, PC, PLC, and Network Video Recorder. Location Address Setting Description Factory Default Max. - Page 165 User Manual Managed Switches Mode Setting Description Factory Default Enable / Disable Enable or Disable (---) the Stream Check option on the --- (Disabled) port. Note: If the Binding function is not enabled on a port, it will not be possible to enable the Stream Check option.
-
Page 166: Ip Source Guard
User Manual Managed Switches 3.12.4 IP Source Guard IP Source Guard is a feature used to restrict IP traffic on DHCP snooping untrusted ports. It helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host. IP Source Guard Configuration Mode Setting... -
Page 167: Static Ip Source Guard Table
User Manual Managed Switches to 0, it means only allow the IP packets forwarding that are matched in static entries on the specific port. 3.12.4.1 Static IP Source Guard Table This page allows to create entries for the static IP source guard table. Press the button Add New Entry to create an entry for the Static IP Source Guard Table. -
Page 168: Access Control List (Acl)
User Manual Managed Switches Port Switch port number for which the entries are displayed. VLAN ID VLAN ID in which the traffic is permitted. IP Address User IP address of the entry. MAC Address Source MAC address. 3.12.5 Access Control List (ACL) The switch has an Access Control List (ACL) where the user can create different Access Control Entries (ACEs) specifying individual frame types permitted or denied. - Page 169 User Manual Managed Switches Policy ID Setting Description Factory Default 0 to 255 Indicate the policy ID to apply to this port. Action Setting Description Factory Default Permit / Deny Select whether forwarding is permitted ("Permit") or Permit denied ("Deny"). Rate Limiter ID Setting Description...
-
Page 170: Acl Rate Limiter Configuration
User Manual Managed Switches Disabled: Port shut down is disabled. State Setting Description Factory Default Enabled/Disabled Specifies the state of this port. Enabled Enabled: To reopen ports by changing the volatile port configuration of the ACL user module. Disabled: To close ports by changing the volatile port configuration of the ACL user module. -
Page 171: Acl Configuration
User Manual Managed Switches Unit Setting Description Factory Default pps / kbps Packets per second (pps) or Kilobits per second (kbps). 3.12.5.3 ACL Configuration This page shows the Access Control List (ACL), made up of the Access Control Entries (ACEs) defined on this switch. - Page 172 User Manual Managed Switches operation is disabled. Indicates the mirror operation of the ACE. Frames matching the ACE are mirrored to the destination mirror port. The allowed values are Enabled Mirror (frames received on the port are mirrored) or Disabled (frames received on the port are not mirrored).
- Page 173 User Manual Managed Switches Frame Type Setting Description Factory Default Any / Ethernet / Select the frame type for this this ACE: ARP / IPv4 / IPv6 Any: Any frame can match this ACE. Ethernet type: Only Ethernet type frames can match this ACE.
- Page 174 User Manual Managed Switches Action Setting Description Factory Default Permit / Deny / Specify the action to take with a frame that hits this Permit Filter ACE. Permit: The frame that hits this ACE has granted permission for the ACE operation. Deny: The frame that hits this ACE is dropped.
- Page 175 User Manual Managed Switches frame. Ethernet type parameters If the type of frame selected is Ethernet type, additional parameters can be programmed: SMAC Filter Setting Description Factory Default Any / Specific Specify the source MAC address filter for this ACE. Any: No SMAC address filter is specified.
- Page 176 User Manual Managed Switches Request/Reply Setting Description Factory Default Any / Request / Specify the available Request/Reply opcode (OP) flag Reply for this ACE. Any: No Request/Reply OP flag is specified. Request: Frame must have ARP Request or RARP Request OP flag set. Reply: Frame must have ARP Reply or RARP Reply OP flag.
- Page 177 User Manual Managed Switches Any: Any value is allowed. 0: RARP frames where THA is not equal to the target MAC address. 1: RARP frames where THA is equal to the target MAC address. IP/Ethernet Length Setting Description Factory Default Any / 0 / 1 Specify whether frames can hit the action according to their ARP/RARP hardware address length (HLN) and...
- Page 178 User Manual Managed Switches / TCP Any: No IPv4 protocol is specified. ICMP: IPv4 ICMP protocol frames. UDP: IPv4 UDP protocol frames. TCP: IPv4 TCP protocol frames. New fields are shown for the specific IPv4 protocols. At the end of this section the new fields are described. IP TTL Setting Description...
-
Page 179: Ipv6 Parameters
User Manual Managed Switches Address and SIP Mask fields that appear. DIP Filter Setting Description Factory Default Any / Host / Specify the destination IP filter for this ACE. Network Any: No destination IP filter is specified. Host: Destination IP filter is set to Host. Specify the destination IP address in the DIP Address field that appears. - Page 180 User Manual Managed Switches ICMP parameters If the type of frame selected is IPv4/ICMP or IPv6/ICMP, several additional parameters can be programmed: ICMP Type Filter Setting Description Factory Default Any / Specific Specify the ICMP filter for this ACE. Any: No ICMP filter is specified. Specific: A field for entering an ICMP value (0 to 255) appears.
- Page 181 User Manual Managed Switches Any / 0 / 1 Specify the TCP "No more data from sender" (FIN) value for this ACE. Any: Any value is allowed ("don't-care"). 0: TCP frames where the FIN field is set must not be able to match this entry.
-
Page 182: Acl Status
User Manual Managed Switches to match this entry. TCP URG Setting Description Factory Default Any / 0 / 1 Specify the TCP "Urgent Pointer field significant" (URG) value for this ACE. Any: Any value is allowed ("don't-care"). 0: TCP frames where the URG field is set must not be able to match this entry. -
Page 183: Authentication, Authorization And Accounting (Aaa)
User Manual Managed Switches Displays ‘Yes’ if there is a HW conflict related with the created ACE. Conflict Otherwise displays ‘No’. 3.12.6 Authentication, Authorization and Accounting (AAA) For user name/password level security, Weidmüller switches provide the possibility to enable/disable any possible access to the management of the device and also provide the login option through Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access-Control System Plus (TACACS+). -
Page 184: Server Configuration
User Manual Managed Switches Deadtime Setting Description Factory Default 1 to 1440 Deadtime is the period during which the switch will not (minutes) send new requests to a server that has failed to respond to a previous request. This will stop the switch from continually trying to contact a server that it has already determined as dead. -
Page 185: Tacacs+ Server Configuration
User Manual Managed Switches Auth Port Setting Description Factory Default Port The UDP port to use on the RADIUS server for 1812 authentication. Set to 0 to disable authentication. Acct Port Setting Description Factory Default Port The UDP port to use on the RADIUS server for 1813 accounting. - Page 186 User Manual Managed Switches Global Configuration Timeout Setting Description Factory Default 1 to 1000 (sec) Number of seconds to wait for a reply from a TACACS+ server before retransmitting the request. Deadtime Setting Description Factory Default 1 to 1440 Deadtime is the period during which the switch will not (minutes) send new requests to a server that has failed to respond to a previous request.
-
Page 187: Radius Overview
User Manual Managed Switches 1 to 1000 (sec) This optional setting overrides the global timeout None value. Leaving it blank will use the global timeout value. Setting Description Factory Default Max 63 This optional setting overrides the global key. Leaving None characters it blank will use the global key. -
Page 188: Radius Details
User Manual Managed Switches been disabled but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled. 3.12.6.4 RADIUS Details This page provides detailed statistics for a particular RADIUS server. -
Page 189: System Configuration
User Manual Managed Switches System Configuration Mode Setting Description Factory Default Enabled / Indicates if NAS is globally enabled or disabled on Disabled Disabled the switch. If globally disabled, all ports are allowed forwarding of frames. Note: The backend (RADIUS) servers are configured on the RADIUS Configuration page (Security/AAA menu). - Page 190 User Manual Managed Switches EAPOL Timeout Setting Description Factory Default 1 to 65535 (sec) Determines the time for retransmission of Request Identity EAPOL frames. This has no effect for MAC-based ports. Aging Period Setting Description Factory Default 10 to 1000000 This setting applies to the following Modes defined in (sec) Port Configuration (described below global settings):...
- Page 191 User Manual Managed Switches RADIUS-Assigned QoS Enabled Setting Description Factory Default Check / Uncheck The "RADIUS-Assigned QoS Enabled" checkbox Unchecked provides a quick way to globally enable/disable RADIUS-server assigned QoS Class functionality. When checked, the individual ports setting determines whether RADIUS-assigned QoS Class is enabled on that port.
-
Page 192: Port Configuration
User Manual Managed Switches Allow Guest VLAN if EAPOL seen Setting Description Factory Default Check / Uncheck The switch remembers if an EAPOL frame has been Unchecked received on the port for the life-time of the port. Once the switch considers whether to enter the Guest VLAN, it will first check if this option is enabled or disabled. - Page 193 User Manual Managed Switches If more than one supplicant is connected to a port, the one that comes first when the port's link comes up will be the first one considered. If that supplicant doesn't provide valid credentials within a certain amount of time, another supplicant will get a chance.
- Page 194 User Manual Managed Switches switch reacts to QoS Class information carried in the RADIUS Access-Accept packet transmitted by the RADIUS server when a supplicant is successfully authenticated. If present and valid, traffic received on the supplicant's port will be classified to the given QoS Class.
-
Page 195: Network Access Server (Nas) Switch Status
User Manual Managed Switches (Port-based 802.1, Single 802.1 and Multi 802.1X). Port state Setting Description Factory Default Information only The current state of the port. It can undertake one of Globally the following values: Disabled • Globally Disabled: NAS is globally disabled. •... -
Page 196: Network Access Server (Nas) Statistics
User Manual Managed Switches The table displayed on the page shows the following information: Port The switch port number. Click to navigate to detailed NAS statistics for this port. Admin State The port's current administrative state. Possible values already explained in previous section (Admin State). -
Page 197: Port Security
User Manual Managed Switches The page shows the Port State information including the parameters Admin State, Port State, QoS Class and Port VLAN ID already described in the previous section of this manual. Additionally, the page also shows the Port Counters. The Help button provides a detailed description of all these counters shown on the page. - Page 198 User Manual Managed Switches System Configuration Mode Setting Description Factory Default Enabled / Enable or Disable the Global limit control on the Disabled Disabled switch. Aging Enabled Setting Description Factory Default Check / Uncheck If checked, secured MAC addresses are subject to Unchecked aging according to the ‘Aging Period’...
-
Page 199: Port Security Status
User Manual Managed Switches the port will be shut down. This implies that all secured MAC addresses will be removed from the port and no new address will be learned. Even if the link is physically disconnected and reconnected on the port (by disconnecting the cable), the port will remain shut down. -
Page 200: User Module Legend
User Manual Managed Switches User Module Legend The table displayed shows the following information: User Module Name The full name of a user module that may request Port Security services. Abbr A one-letter abbreviation of the user module. This is used in the Users column in the Port Status table. -
Page 201: Port Status
User Manual Managed Switches MAC addresses that can be learned on the port, respectively. If no user modules are enabled on the port, the Current column will show a dash (-). If the Limit Control user module is not enabled on the port, the Limit column will show a dash (-). -
Page 202: Configuring Email Warning
User Manual Managed Switches Configuring Relay Warning Events Settings Alarm event types can be divided into two basic groups: Power Failure and Port Link Down/Broken. You can configure which events are related to the relay output. NOTE: The events that are configured to activate the relay output also activate the amber light in the FAULT LED of the front-plate of the switch. -
Page 203: Event Selection
User Manual Managed Switches Configure Email Settings To configure a Weidmüller switch’s email setup, enter your Mail Server IP, Account Name, Account Password, Retype New Password, and the email addresses to which warning messages will be sent. 3.13.2.1 Event Selection Event Types can be divided into two basic groups: System Events and Port Events. -
Page 204: Email Settings
User Manual Managed Switches Configuration Changed Any configuration item has been changed and saved. and Saved Log is registered when / Warning e-mail is sent when… Port Events Disable Never. Link Up The port is connected to another device. Link Down The port is disconnected (e.g., the cable is pulled out, or the opposing device shuts down). -
Page 205: Syslog Setting
User Manual Managed Switches Authentication Setting Description Factory Default Check / Uncheck Check if the SMTP server needs authentication. Unchecked Username Type the username of the SMTP server. None Password Type the password of the SMTP server. None Confirm Retype the password of the SMTP server. None password Recipient Email Address... -
Page 206: Monitoring And Diag
User Manual Managed Switches Syslog Level Setting Description Factory Default Informational / Select the severity level for the syslog messages to be Informational Error / Warning / logged: Message Informational: Send the specific messages which severity code is less or equal than Informational (6). Error: Send the specific messages which severity code is less or equal than Error (3). -
Page 207: Detailed Port Statistics
User Manual Managed Switches 3.14.2 Detailed Port Statistics This page provides detailed traffic statistics for any specific switch port. Use the port select box to select which switch port details to display. The tables shown on the page include the following information: Receive and Transmit Total Rx and Tx Packets The number of received and transmitted (good and bad) packets. -
Page 208: Port Monitoring
User Manual Managed Switches The number of long frames (frames longer than the configured maximum Rx Oversize frame length for this port) received with valid CRC. The number of frames received with a length of more than 64 bytes and Rx Fragments with an invalid FCS/CRC. - Page 209 User Manual Managed Switches Mode Setting Description Factory Default Enabled or Enable or disable the Mirroring or Remote mirroring Disabled Disabled function. Type Setting Description Factory Default Mirror The source port(s) and destination port are located on Mirror this switch. Source (RMirror) The source port(s) and intermediate port(s) are located on this switch.
- Page 210 User Manual Managed Switches Reflector port Setting Description Factory Default Port of the switch The reflector port is a method to redirect the traffic to Port 1 Remote Mirroring VLAN. Any device connected to a port set as a reflector port loses connectivity until the Remote Mirroring is disabled.
-
Page 211: System Log Information
User Manual Managed Switches 3.14.4 System Log Information This page shows the Event Log Table stored in the switch. The page shows up to 999 entries, default being 20, selected through the Entries per page input field. When first visited, the web page will show the first 20 entries from the beginning of the Event Log table. -
Page 212: Sfp Monitor
User Manual Managed Switches Press the Start button to run the diagnostics. When completed, the page refreshes automatically and the cable diagnostics results are shown in the cable status table. NOTE: The VeriPHY diagnostics tool is only accurate for cables 7 - 140 meters long. 10 and 100 Mbps ports will be disconnected while running VeriPHY diagnostics. -
Page 213: Sfp Type
User Manual Managed Switches Tx Bias (mA) The bias current of the optical transmitter Tx power (mW) The amount of light being transmitted into the fiber optic cable in (dBm) The amount of light being transmitted into the fiber optic cable in Rx power (mW) The amount of light being received from the fiber optic cable in mW (dBm) -
Page 214: Ptp Synchronization
User Manual Managed Switches Weidmüller switch itself. In this way, the user can essentially sit on top of the Weidmüller switch and send ping commands out through its ports. To use the Ping function, type in the desired IP address (ICMPv4 or ICMPv6), and then click Start. The payload size of the ICMP packet (8 to 1400 bytes) as well as its number can be programmed by the user. - Page 215 User Manual Managed Switches Clock Instance Setting Description Factory Default 0 to 3 Indicates the Instance of a particular Clock Instance. Click on the Clock Instance number to edit the Clock details. Device Type Setting Description Factory Default Inactive / Indicates the Type of the Clock Instance.
- Page 216 User Manual Managed Switches Clock Type and Profile The clock instance, device type and selected profile is shown. If the clock has been configured to use a profile (eg: 1588), clicking the Apply button will reset configured values to profile defaults. Port Enable and Configuration Select (check) the ports configured for this Clock Instance and click on Ports Configuration to edit all the data settings.
- Page 217 User Manual Managed Switches Clock Default DataSet The clock default data set is defined in the IEEE 1588 Standard. It holds three groups of data: the static members defined at clock creation time, the Dynamic members defined by the system, and the configurable members which can be set here.
-
Page 218: Ptp Clock Status
User Manual Managed Switches 3.15.2 PTP Clock Status This page shows an overview of the PTP clocks configured in the switch. The table on the page shows the following information: Inst The particular clock instance. Device Type The type of clock for that particular instance. The five possible types are Transparent Clock (End to End or Peer to Peer), Boundary Clock, Master only or Slave only. -
Page 219: Factory Defaults
User Manual Managed Switches Additionally, it is also possible to delete the startup configuration file by selecting the file and clicking the button Delete Configuration File. If the startup configuration file is delete, then the factory default settings will be used at next reboot. 3.17 Factory Defaults This function provides users with a quick way of restoring the Weidmüller switch’s configuration to factory defaults. -
Page 220: Logout
User Manual Managed Switches 3.19 Logout This option can be used for explicit logoff from the web interface. 3.20 License Information This page shows Weidmüller’s declaration for used Open Source Software (GNU General Public License). -
Page 221: Downloads (Software And Documentation)
User Manual Managed Switches A. Downloads (Software and Documentation) Using below described link you can download following items: • Firmware Upgrades • Private MIB files • EDS file • GSDML file • Documentation (User Manual and Hardware Installation Guide) Download via Product Catalogue (Online Catalogue) •... -
Page 222: Modbus Register Table
User Manual Managed Switches B. Modbus Register Table Registers can be read via ID = 1 and function code 4 (Input register). Register Register Max Data Tag name address address Data Type Length Setting (Description) (HEX) (DEC) (Words) System Information Vendor 0x0000 Word... - Page 223 User Manual Managed Switches Packets Information Port Tx Packets 0x2000~ 8192 Word Eg. 0x44332211: Packet amount = 44332211 Word 0 = 4433 Word 1 = 2211 Port Rx Packets 0x2100~ 8448 Word Eg. 0x44332211: Packet amount = 44332211 Word 0 = 4433 Word 1 = 2211 Port Tx Error 0x2200~...
- Page 224 User Manual Managed Switches 0xFFFF: Not Enabled O-Chain 2 0x3702 14082 Word 0x0002: Link Down Port Status 0x0003: Blocked 0x0005: Forwarding 0xFFFF: Not Enabled...
-
Page 225: Supported Logical Nodes (Mms)
User Manual Managed Switches C. Supported Logical Nodes (MMS) LLN0 Category (DO) Name (DA) Description Value Type Read / Write vendor Vendor Name Char NamPlt swRev Software Version Char configRev Kernel Version Char Health stVal Switch Status 1: Normal; Int32 3: Fault Alarm Status LBRI1 Category (DO) Name (DA) Description... - Page 226 User Manual Managed Switches False: Disabled AutoNgtCfg setVal Auto-nego Status True: Enabled Boolean False: Disabled stVal RFC 3636 MAU Table Int32 below AdminCfg setVal Admin Status True: Enabled Boolean Port False: Disabled LBSP1-20 Category (DO) Name (DA) Description Value Type Read / Write RstpSt stVal...
- Page 227 User Manual Managed Switches PwrGGIO1 Category (DO) Name (DA) Description Value Type Read / Write Alm1-2 stVal Power Status True: Power on Boolean False: Power off MAU Table Code (Value) Item Description bOther Other or Unknown bAUI b10Base5 10Base-5 bFoirl FOIRL b10base2 10Base-2...
Need help?
Do you have a question about the SubstationLine IE-SW-SL20M-8GT-12GESFP and is the answer not in the manual?
Questions and answers