Korenix 5010G / 4510 Series Industrial Managed Ethernet Switch User Manual Ver. 2.11, Apr-2013 Firmware v2.7 Hardware v2.3 www.korenix.com...
Page 2
Korenix JetNet 5010G/ 4510 Series Industrial Managed Ethernet Switch User’s Manual Copyright Notice Copyright 2007-2013 Korenix Technology Co., Ltd. All rights reserved. Reproduction in any form or by any means without permission is prohibited.
Page 3
Federal Communications Commission (FCC) Statement This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
Device Front Panel ....................118 4.13 Save to Flash ......................119 4.14 Logout ........................120 5. Appendix ..........................121 Pin Assignment of the RS-232 Console Cable.............121 Korenix SFP family ....................122 Korenix Private MIB ....................125 ModBus TCP /IP ....................126 Revision History .....................137 About Korenix ......................139...
300ms to 5ms for 10/100TX RJ-45 ports, and 30ms for 100FX and Gigabit Fiber. This is Korenix patented ring technology, which is registered in most countries. For interoperability with your existed network, the 10-port Managed Switch series also come with an advanced redundant network solution, Ring Coupling and Rapid Dual Homing technology.
7+3G/ 7+3 100 Switch; For the UL 60950-1, the high ° temperature only support 60 C for all models Note: The detail spec is listed in Appendix 5.1. The following table listed the nick name used in this user manual for Korenix model mapping. Model Description Managed/ Temperature °...
Page 7
Quick Installation Guide If any of the above items are missing or damaged, please contact your local sales representative.
Panel Layout The front panel includes 10/100Mbps Fast Ethernet ports, Gigabit Ethernet ports, SFP slot, RS232 console port, System / Combo Port LED and Reset button. Bottom View The bottom view of the Industrial 7+3 Gigabit Managed Switch consists of three terminal block connectors with two DC power inputs, two Digital Inputs, 2 Relay Outputs and 1 Earth Ground.
Wiring Power Inputs Follow below steps to wire the Switch’s redundant DC power inputs. Insert positive and negative wires into V+ and V- contacts respectively of the terminal block connector Tighten the wire-clamp screws to prevent DC wires from being loosened. Power 1 and Power 2 support power redundancy and polarity reverse protection functions.
Wiring Digital Input The Switch provides 2 digital inputs. It allows users to connect the termination units’ digital output and manage/monitor the status of the connected unit. The Digital Input pin can be pulled high or low; thus the connected equipments can actively drive these pins high or low.
Wiring Fast Ethernet Ports The Switch includes 7 RJ-45 Fast Ethernet ports. The fast Ethernet ports support 10Base-T and 100Base-TX, full or half duplex modes. All the fast Ethernet ports will auto-detect the signal from connected devices to negotiate the link speed and duplex mode.
DIN-Rail Mounting Installation The DIN-Rail clip is already attached to the Switch when packaged. If the DIN-Rail clip is not screwed on the Switch, follow the instructions and the figure below to attach DIN-Rail clip to the Switch. 1. Use the screws to attach DIN-Rail clip to the real panel of Switch.
Page 16
Check if DIN-Rail clip is tightly attached on the track. To remove it from the track, reverse the steps above. Notes: The DIN Rail should compliance with DIN EN50022 standard. Using wrong DIN rail may cause system install unsafe.
2.10 Wall-Mounting Installation Follow the steps below to install the Switch with the wall mounting plate. 1. To remove DIN-Rail clip from the Switch, loosen the screws from DIN-Rail clip. 2. Place the wall mounting plate on the rear panel of Switch 3.
/ telnet interface. Preparation for Serial Console In the package, Korenix attached one RS-232 DB-9 to RJ-45 console cable. Please attach RS-232 DB-9 connector to your PC COM port, connect RJ-45 to the Console port of the Switch.
3.2.1 Web Interface Korenix web management page is developed by JAVA. It allows you to use a standard web-browser such as Microsoft Internet Explorer, or Mozila, to configure and interrogate the switch from anywhere on the network. Before you attempt to use the embedded web interface to manage switch operation, verify that your Industrial Ethernet Switch is properly installed on your network and that every PC on this network can access the switch via the web browser.
Page 20
3.2.2 Secured Web Interface Korenix web management page also provides secured management HTTPS login. All the configuration commands will be secured and will be hard for the hackers to sniff the login password and configuration commands.
The popup screen will appear and request you to trust the secured HTTPS connection distributed by the Switch first. Press “Yes” to trust it. The login screen will appear next. Key in the user name and the password. The default user name and password is admin.
Page 22
3.3.2 SSH (Secure Shell) The Switch also support SSH console. You can remotely connect to the switch by command line interface. The SSH connection can secure all the configuration commands you sent to the switch. SSH is a client/server architecture while the Switch is the SSH server. When you want to make SSH connection with the switch, you should download the SSH client tool first.
Page 23
3. After few seconds, the SSH connection is opened. You can see the login screen as the below figure. 4. Type the Login Name and its Password. The default Login Name and Password are admin / admin. 5. All the commands you see in SSH are the same as the CLI commands you see via RS232 console.
Then you can remotely connect to its embedded HTML web pages or Telnet console. Korenix web management page is developed by JAVA. It allows you to use a standard web-browser such as Microsoft Internet Explorer, or Mozila, to configure and interrogate the switch from anywhere on the network.
Command Line Interface Introduction The Command Line Interface (CLI) is the user interface to the switch’s embedded software system. You can view the system information, show the status, configure the switch and receive a response back from the system by keying in a command. There are some different command modes.
Page 26
Global Configuration Mode: Press configure terminal in privileged EXEC mode. You can then enter global configuration mode. In global configuration mode, you can configure all the features that the system provides you. Type interface IFNAME/VLAN to enter interface configuration mode, exit to leave. ? to see the command list.
Page 27
Available command lists of the global configuration mode. Switch(config)# interface fa1 Switch(config-if)# acceptable Configure 802.1Q acceptable frame types of a port. auto-negotiation Enable auto-negotiation state of a given port description Interface specific description duplex Specify duplex mode of operation for a port End current mode and change to enable mode exit Exit current mode and down to previous mode...
Page 28
Summary of the 5 command modes. Command Main Function Enter and Exit Method Prompt Mode User EXEC This is the first level of access. Enter: Login successfully Switch> User can ping, telnet remote Exit: exit to logout. device, and show some basic Next mode: Type enable to information enter privileged EXEC mode.
Page 29
Here are some useful commands for you to see these available commands. Save your time in typing and avoid typing error. ? To see all the available commands in this mode. It helps you to see the next command you can/should type as well. Switch(config)# interface (?) IFNAME Interface's name vlan...
Basic Setting The Basic Setting group provides you to configure switch information, IP address, User name/Password of the system. It also allows you to do firmware upgrade, backup and restore configuration, reload factory default, and reboot the system. Following commands are included in this group: 4.2.1 Switch Setting 4.2.2 Admin Password 4.2.3 IP Configuration...
Page 31
System Description: the name of this Switch. Firmware Version: Display the firmware version installed in this device. MAC Address: Display unique hardware address (MAC address) assigned by the manufacturer. Once you finish the configuration, click on Apply to apply your settings. Note: Always remember to select Save to save your settings.
Page 32
4.2.3 IP Configuration This function allows users to configure the switch’s IP address settings. DHCP Client: You can select to Enable or Disable DHCP Client function. When DHCP Client function is enabled, an IP address will be assigned to the switch from the network’s DHCP server.
Page 33
IPv6 Address field: typing new IPv6 address in this field. Prefix: the size of subnet or netwok, and it equivalent to the subnetmask, but written in different. The default subnet mask length is 64bits, and writen in decimal value - 64. Add: after add new IPv6 address and prefix, don’t forget click icon -“Add”...
Page 34
Client. The system will send request packet to acquire current time from the NTP server you assigned. Time-zone: Select the time zone where the switch is located. Following table lists the time zones for different locations for your reference. The default time zone is GMT Greenwich Mean Time.
Page 35
40 (GMT+03:00) Moscow, St. Petersburg, Volgograd 41 (GMT+03:00) Nairobi 42 (GMT+03:30) Tehran 43 (GMT+04:00) Abu Dhabi, Muscat 44 (GMT+04:00) Baku, Tbilisi, Yerevan 45 (GMT+04:30) Kabul 46 (GMT+05:00) Ekaterinburg 47 (GMT+05:00) Islamabad, Karachi, Tashkent 48 (GMT+05:30) Calcutta, Chennai, Mumbai, New Delhi 49 (GMT+05:45) Kathmandu 50 (GMT+06:00) Almaty, Novosibirsk 51 (GMT+06:00) Astana, Dhaka...
Page 36
4.2.5 DHCP Server The DHCP Server session includes DHCP server configuration, Leased Entries and DHCP Relay Agent parts that allowed user to configure and maintain the DHCP function. DHCP Server configuration After selecting to enable DHCP Server function, type in the Network IP address for the DHCP server IP pool, Subnet Mask, Default Gateway address and Lease Time for client.
Page 37
DHCP Relay Agent You can select to Enable or Disable DHCP relay agent function, and then select the modification type of option 82 field. Relay policy drop: Drops the option 82 field and do not add any option 82 field. Relay policy keep: Keeps the original option 82 field and forwards to server.
Page 38
4.2.7 Firmware Upgrade In this section, you can update the latest firmware for your switch. Korenix provides the latest firmware in Korenix Web site. The new firmware may include new features, bug fixes or other software changes. We’ll also provide the release notes for the update as well. For technical viewpoint, we suggest you use the latest firmware before installing the switch to the customer site.
Page 39
Note that the system will be automatically rebooted after you finished upgrading new firmware. Please remind the attached users before you do this. Figure 4.2.7.1 Main UI of Firmware Upgrade There are 2 modes for users to backup/restore the configuration file, Local File mode and TFTP Server mode.
Page 40
Type the IP address of TFTP Server and Firmware File Name. Then click on Upgrade to start the process. After finishing transmitting the firmware, the system will copy the firmware file and replace the firmware in the flash. The CLI show …… until the process is finished.
Page 41
4.2.8 Factory Default In this section, you can reset all the configurations of the switch to default setting. Click on Reset the system will then reset all configurations to default setting. The system will show you popup message window after finishing this command. Default setting will work after rebooting the switch.
Page 42
Switch(config)# hostname System Name WORD Network name of this system Switch(config)# hostname JN5010G SWITCH(config)# SWITCH(config)# snmp-server location Taipei System Location SWITCH(config)# snmp-server contact korecare@korenix.com System Contact SWITCH# show snmp-server name Display SWITCH SWITCH# show snmp-server location Taipei SWITCH# show snmp-server contact korecare@korenix.com...
Page 43
PASSWORD Administrator account password SWITCH(config)# administrator orwell orwell Change administrator account orwell and password orwell success. SWITCH# show administrator Display Administrator account information name: orwell password: orwell IP Configuration IP Address/Mask SWITCH(config)# int vlan 1 (192.168.10.8, SWITCH(config-if)# ip ; IPv4 configuration 255.255.255.0 address dhcp...
Page 44
SWITCH# show clock Sun Jan 1 04:14:19 2006 (GMT) Greenwich Mean Time: Dublin, Edinburgh, Lisbon, London SWITCH# show clock timezone clock timezone (26) (GMT) Greenwich Mean Time: Dublin, Edinburgh, Lisbon, London DHCP Server Enable DHCP Server on JetNet Switch DHCP Server Switch# configuration Switch# configure terminal...
Page 45
to see how to save settings to the flash. Note 2: 192.168.10.33 is the TFTP server’s IP and default.conf is name of the configuration file. Your environment may use different IP addresses or different file name. Please type target TFTP server IP or file name in this command. Restore Configuration Switch# copy tftp: 192.168.10.33/default.conf startup-config Show Startup Switch# show startup-config...
Port Configuration Port Configuration group enables you to enable/disable port state, or configure port auto-negotiation, speed, and duplex, flow control, rate limit control and port aggregation settings. It also allows you to view port status and aggregation information. Following commands are included in this group: 4.3.1 Port Control 4.3.2 Port Status 4.3.3 Rate Control...
Page 47
The default mode is Auto Negotiation mode. In Flow Control column, “Symmetric” means that you need to activate the flow control function of the remote network device in order to let the flow control of that corresponding port on the switch to work. “Disable” means that you don’t need to activate the flow control function of the remote network device, as the flow control of that corresponding port on the switch will work anyway.
Page 48
The UI can display vendor name, wave length and distance of all Korenix SFP transceiver family. If you see Unknown info, it may mean that the vendor doesn’t provide their information or that the information of their transceiver can’t be read.
Page 49
The aggregated ports can interconnect to the other switch which also supports Port Trunking. Korenix Supports 2 types of port trunking. One is Static Trunk, the other is 802.3ad. When the other end uses 802.3ad LACP, you should assign 802.3ad LACP to the trunk.
Page 50
firmware V2.4) Port Priority: The command allows you to change the port priority setting of the specific port. LACP port priority is configured on each port using LACP. The port priority can be configured through the CLI. The higher the number, the lower the priority. The default value is 32768.
Page 51
Switch(config-if)# no shutdown -> Enable port state Port1 Link Change to DOWN Port1 Link Change to UP interface fastethernet1 is up now. Switch(config-if)# Port1 Link Change to UP Switch(config)# sfp ddm Digital diagnostic and monitoring Switch(config)# sfp ddm Eject Reject DDM SFP Switch(config)# sfp ddm eject ...
Page 52
Default CoS Value for untagged packets is 0. Mdix mode is Disable. Medium mode is Copper. Switch# show sfp ddm show SFP DDM information Port 8 Temperature:N/A Tx power:N/A Rx power:N/A Port 9 Temperature:64.00 C <range :0.0-80.00> Tx power:-6.0 dBm <range : -9.0 - -4.0> Rx power:-30.0 dBm <range: -30.0 - -4.0>...
Page 53
The group 1 is a lacp enabled group! SWITCH(config)# trunk group 2 fa11-12 Can't set trunk group 2 enable! The group 2 is a static aggregation group. etNet 5010G# show lacp internal Display - LACP LACP group 1 internal information: LACP Port...
MultiRing Technology. The Ring ports can be LACP/Port Trunking ports, after aggregated ports to a group, the group of ports can act as the Ring port of the Ring. This is Korenix Pattened TrunkRing Technology. Advanced Rapid Dual Homing(RDH) technology also facilitates the Switch to connect with a core managed switch easily and conveniently.
Page 55
The STP Configuraiton, STP Port Configuration and STP Information pages are available while select the STP and RSTP mode. The MSTP Configuraiton, MSTP Port Configuration and MSTP Information pages are available while select the MSTP mode. The Multiple Super Ring and Multiple Super Ring Information are available while select the MSR mode.
Page 56
Bridge Configuration Bridge Address: This shows the switch’s MAC address. Priority (0-61440): RSTP uses bridge ID to determine the root bridge, the bridge with the highest bridge ID becomes the root bridge. The bridge ID is composed of bridge priority and bridge MAC address.
Page 57
4.4.2 STP Port Configuration This page allows you to configure the port parameter after enabled STP or RSTP. Port Configuration Select the port you want to configure and you will be able to view current settings and status of the port. STP State: Enable /Disable the STP function by port configure.
Page 58
4.4.3 STP Info (The same as 4.4.2 of previous version manual.) This page allows you to see the information of the root switch and port status. Root Information: You can see root Bridge ID, Root Priority, Root Port, Root Path Cost and the Max Age, Hello Time and Forward Delay of BPDU sent from the root switch.
Page 59
One VLAN can be mapped to a Multiple Spanning Tree Instance (MSTI). The miximum Instance Switch supports is 16, range from 0-15. The MSTP builds a separate Multiple Spanning Tree (MST) for each instance to maintain connectivity among each of the assigned VLAN groups.
Page 60
After enabled MSTP mode, then you can go to the MSTP Configuraiton pages. MSTP Region Configuration This page allows configure the Region Name and its Revision, mapping the VLAN to Instance and check current MST Instance configuration. The network can be divided virtually to different Regions.
Page 61
Current MST Instance Configuration This page allows you to see the current MST Instance Configuration you added. Click on “Apply” to apply the setting. You can “Remove” the instance or “Reload“ the configuration display in this page. 4.4.5 MSTP Port Configuration This page allows configure the Port settings.
Page 62
4.4.6 MSTP Information This page allows you to see the current MSTP information. Choose the Instance ID first. If the instance is not added, the information remains blank. The Root Information shows the setting of the Root switch. The Port Information shows the port setting and status of the ports within the instance. Click on “Reload“...
Page 63
Multiple Super Ring (MSR) technology is Korenix’s 3 generation Ring redundancy technology. This is patented and protected by Korenix and is used in countries all over the world. MSR ranks the fastest restore and failover time in the world, 0 ms for restore and about milliseconds level for failover for 100Base-TX copper port.
Page 64
Ring Port2: Assign another port for ring connection Path Cost: Change the Path Cost of Ring Port2 Rapid Dual Homing: Rapid Dual Homing is an important feature of Korenix 3 generation Ring redundancy technology. When you want to connect multiple RSR or form redundant topology with other vendors,RDH could allow you to have maximum 7 multiple links for redundancy without any problem.
Page 65
4.4.8 Multiple Super Ring Info (The same as 4.4.4 of previous version manual.) This page shows the MSR information. ID: Ring ID. Version: which version of this ring, this field could be Rapid Super Ring, Super Ring, or Any Ring Role: This Switch is RM or nonRM Status: If this field is Normal which means the redundancy is approved.
Page 66
Transmit interval: setting the detect duration time between detect packet. Loop Protection: Enable/ Disable Loop Preotection function by per port. Status: shows the port status. If there is looping occurred, it will show “Loop Detected and Disabled” information and the link indicator will not turn-off, and also the port is disabled by system.
Page 67
Region Configuration Region Name: Switch(config-mst)# name NAME the name string Switch(config-mst)# name korenix Region Revision: Switch(config-mst)# revision <0-65535> the value of revision Switch(config-mst)# revision 65535 Mapping Instance to Switch(config-mst)# instance VLAN (Ex: Mapping <1-15>...
Page 68
Switch(config)# spanning-tree mst configuration Switch(config-mst)# show pending Show Pending to see Pending MST configuration the new settings are Name [korenix] (->The nameis not applied after Abort settings.) not applied. Revision 65535 Instance Vlans Mapped -------- -------------------------------------- 1,4-4094 (-> The instance is not applied after Abort settings.)
Page 69
TCN : sent 0 , received 0 Forwarding-State Transmit count Message-Age Expired count MSTP Information MSTP Configuraiton Switch# show spanning-tree mst configuration Current MST configuration (MSTP is Running) Name [korenix] Revision 65535 Instance Vlans Mapped -------- -------------------------------------- 1,4-4094 ------------------------------------------------ Config HMAC-MD5 Digest: 0xB41829F9030A054FB74EF7A8587FF58D...
Page 70
------ ---------- ---------- -------- ---------- ------------------ fa1 Designated Forwarding 200000 128.1 P2P Internal(MSTP) Internal(MSTP) fa2 Designated Forwarding 200000 128.2 P2P ###### MST01 vlans mapped: 2 Bridge address 0012.77ee.eeee priority 32768 (sysid 1) Root this switch for MST01 Port Role State Cost Prio.Nbr Type...
Page 71
Switch(config)# super-ring priority 100 Ring Port Switch(config-multiple-super-ring)# port IFLIST Interface list, ex: fa1,fa3-5,gi8-10 cost path cost Switch(config-multiple-super-ring)# port fa1,fa2 Ring Port Cost Switch(config-multiple-super-ring)# port cost <0-255> valid range is 0 or 255 default set default (128)valid range is 0 or 255 Switch(config-multiple-super-ring)# port cost 100 <0-255>...
Page 72
Switch(config)# loop-protect transmit-interval <1-10> Valid range is 1~10 second(s) Switch(config)# loop-protect transmit-interval 3 (set interval time – 3 seconds) Switch(config)# loop-protect enable fa6 (fa1~7, gi7~gi10) Set fa6 Ethernet loop protection enabled! Switch# sh loop-protect (show current loop-protect detected information) Loop protect information : Loop Protect Interface : fa6,gi10 Transmit Interval(sec) : 3...
Figure 4.5.1 802.1Q VLAN QinQ In the firmware V2.4, Korenix release extended VLAN feature, QinQ. The QinQ is originally designed to expand the number of VLANs by adding a tag to the 802.1Q packets.
Page 74
Ingress/Egress parameters and view VLAN table. Following commands are included in this group: 4.5.1 VLAN Port Configuration 4.5.2 VLAN Configuration 4.5.3 GVRP Configuration 4.5.4 VLAN Table 4.5.5 CLI Commands of the VLAN 4.5.1 VLAN Port Configuration VLAN Port Configuration allows you to set up VLAN port parameters to specific port. These parameters include PVID, Accept Frame Type and Ingress Filtering.
Page 75
Following is the modes you can select. None: Remian VLAN setting, no QinQ. 802.1Q Tunnel: The QinQ command applied to the ports which connect to the C-VLAN. The port receives tagged frame from the C-VLAN. Add a new tag (Port VID) as S-VLAN VID.
Page 76
Management VLAN ID: The switch supports management VLAN. The management VLAN ID is the VLAN ID of the CPU interface so that only member ports of the management VLAN can ping and access the switch. The default management VLAN ID is “1”.
Page 77
Untagged or Tagged here. Figure 4.5.2.3 Static VLAN Configuration table. You can see that new VLAN 3 is created. VLAN name is test. Egress rules of the ports are not configured now. Figure 4.5.2.4 Configure Egress rule of the ports. -- : Not available U: Untag: Indicates that egress/outgoing frames are not VLAN tagged.
Page 78
4.5.3 GVRP configuration GVRP allows users to set-up VLANs automatically rather than manual configuration on every port of every switch in the network. GVRP Protocol: Allow user to enable/disable GVRP globally. State: After enable GVRP globally, here still can enable/disable GVRP by port. Join Timer: Controls the interval of sending the GVRP Join BPDU.
Page 79
After created the VLAN, the status of this VLAN will remain in Unused status until you add ports to the VLAN. 4.5.5 CLI Commands of the VLAN Command Lines of the VLAN port configuration, VLAN configuration and VLAN table display Feature Command Line VLAN Port Configuration (Go to the port interface configuration mode first.)
Page 80
Display – Port Egress Switch# show running-config Rule (Egress rule, IP …… address, status) interface fastethernet1 switchport access vlan 1 switchport access vlan 3 switchport trunk native vlan 2 ……. interface vlan1 ip address 192.168.10.8/24 no shutdown QinQ Information – Switch# show dot1q-tunnel 802.1Q Tunnel dot1q-tunnel mode...
Page 81
VLAN Name Switch(config)# vlan 2 vlan 2 has exists Switch(config-vlan)# name v2 Switch(config-vlan)# no name Note: Use no name to change the name to default name, VLAN VID. VLAN description Switch(config)# interface vlan 2 Switch(config-if)# Switch(config-if)# description this is the VLAN 2 Switch(config-if)# no description ->Delete the description.
Page 82
interface vlan1 ip address 192.168.10.17/24 ip igmp no shutdown ….
Private VLAN The private VLAN helps to resolve the primary VLAN ID shortage, client ports’ isolation and network security issues. The Private VLAN provides primary and secondary VLAN within a single switch. Primary VLAN: The uplink port is usually the primary VLAN. A primary VLAN contains promiscuous ports that can communicate with lower Secondary VLANs.
Page 84
4.6.2 PVLAN Port Configuration PVLAN Port Configuration page allows configure Port Configuration and Private VLAN Association. Private VLAN Association Secondary VLAN: After the Isolated and Community VLAN Type is assigned in Private VLAN Configuration page, the VLANs are belonged to the Secondary VLAN and displayed here.
Page 85
VLAN 2 is belonged to Primary VLAN. VLAN 3-5 are belonged to secondary VLAN (Isolated or Community). 3. Private VLAN Association: Associate VLAN 3-5 to VLAN 2 in Private VLAN Association first. 4. Private VLAN Port Configuraiton VLAN 2 – Primary -> The member port of VLAN 2 is promiscuous port. VLAN 3 –...
Page 86
4.6.4 CLI Command of the PVLAN Command Lines of the Private VLAN configuration Feature Command Line Private VLAN Configuration Create VLAN Switch(config)# vlan 2 vlan 2 success Switch(config-vlan)# End current mode and change to enable mode exit Exit current mode and down to previous mode list Print command list name...
Page 87
primary to secondary <2-4094> Primary range VLAN ID of the private VLAN port association (The command is only Switch(config-if)# switchport private-vlan host-association 2 available for host port.) <2-4094> Secondary range VLAN ID of the private VLAN port association Switch(config-if)# switchport private-vlan host-association 2 3 Mapping primary to Switch(config)# interface gi10 secondary VLANs...
Traffic Prioritization Quality of Service (QoS) provides traffic prioritization mechanism which allows users to deliver better service to certain flows. QoS can also help to alleviate congestion problems and ensure high-priority traffic is delivered first. This section allows you to configure Traffic Prioritization settings for each port with regard to setting priorities.
Page 90
In JetNet, users can freely assign the mapping table or follow the suggestion of the 802.1p standard. Korenix uses 802.p suggestion as default values. You can find CoS values 1 and 2 are mapped to physical Queue 0, the lowest queue. CoS values 0 and 3 are mapped to physical Queue 1, the low/normal physical queue.
Page 91
4.7.4 CLI Commands of the Traffic Prioritization Command Lines of the Traffic Prioritization configuration Feature Command Line QoS Setting Queue Scheduling – Switch(config)# qos queue-sched Strict Priority Strict Priority wrr Weighted Round Robin (Use an 8,4,2,1 weight) Switch(config)# qos queue-sched sp <cr>...
Page 92
CoS-Queue Mapping Format Switch(config)# qos cos-map PRIORITY Assign an priority (7 highest) Switch(config)# qos cos-map 1 QUEUE Assign an queue (0-3) Note: Format: qos cos-map priority_value queue_value Map CoS 0 to Queue 1 Switch(config)# qos cos-map 0 1 The CoS to queue mapping is set ok. Map CoS 1 to Queue 0 Switch(config)# qos cos-map 1 0 The CoS to queue mapping is set ok.
Multicast Filtering For multicast filtering, the Switch uses IGMP Snooping technology. IGMP (Internet Group Management Protocol) is an Internet Protocol that provides a way for internet device to report its multicast group membership to adjacent routers. Multicasting allows one computer on the internet to send data to a multitude of other computers that have identified themselves as being interested in receiving the originating computers data.
Page 95
others won’t. To assign IGMP Snooping to VLAN, please select the checkbox of VLAN ID or select Select All checkbox for all VLANs. Then press Enable. In the same way, you can also Disable IGMP Snooping for certain VLANs. IGMP Snooping Table: In the table, you can see multicast group IP address, VLAN ID it belongs to, and member ports of the multicast group.
Page 96
4.8.3 Force Filtering The Force filtering function allows the switch to filter the unknown-multicast data flow. If Force filtering is enabled, all the unknown multicast data will be discarded. 4.8.4 CLI Commands of the Multicast Filtering Command Lines of the multicast filtering configuration Feature Command Line IGMP Snooping...
Page 97
Switch(config-if)# ip igmp version 2 Disable Switch(config)# int vlan 1 Switch(config-if)# no ip igmp Display Switch# sh ip igmp interface vlan1 enabled: Yes version: IGMPv2 query-interval: 125s query-max-response-time: 10s Switch# show running-config …. interface vlan1 ip address 192.168.10.17/24 ip igmp no shutdown …….
SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. The Switch series support SNMP v1 and v2c and V3. An SNMP managed network consists of two main components: agents and a manager.
Page 99
V1 or V2. After configuration, you can see the change of the SNMP pre-defined standard traps and Korenix pre-defined traps. The pre-defined traps can be found in Korenix private MIB. 4.9.4 CLI Commands of the SNMP Command Lines of the SNMP configuration...
Page 100
SNMP Trap Enable Trap Switch(config)# snmp-server enable trap Set SNMP trap enable ok. SNMP Trap Server IP Switch(config)# snmp-server host 192.168.10.33 without specific SNMP trap host add OK. community name SNMP Trap Server IP Switch(config)# snmp-server host 192.168.10.33 version 1 with version 1 and private community...
4.10 Security The Switch provides several security features for you to secure your connection. The features include Port Security and IP Security. Following commands are included in this group: 4.10.1 Port Security 4.10.2 IP Security 4.10.3 IEEE 802.1x 4.10.4 CLI Commands of the Security 4.10.1 Port Security Port Security feature allows you to stop the MAC address learning for...
Page 102
Reload to reload the table. Once you finish configuring the settings, click on Apply to apply your configuration. 4.10.3 IEEE 802.1x 4.10.3.1 802.1X configuration IEEE 802.1X is the protocol that performing authentication to obtain access to IEEE 802 LANs. It is port-base network access control. With the function, the Switch could control which connection is available or not.
Page 103
4.10.3.2 802.1x Port Configuration After the configuration of Radius Server or Local user list, user also need configure the authentication mode, authentication behavior, applied VLAN for each port and permitted communication. The following information will explain the port configuration. Port control: Force Authorized means this port is authorized; the data is free to in/out. Force unauthorized just opposite, the port is blocked.
Page 104
Click Initialize Selected to set the authorize state of selected port to initialize status. Click Reauthenticate Selected to send EAP Request to supplicant to request reauthentication. Click Default Selected to reset the configurable 802.1x parameters of selected port to the default values.
Page 105
Port Security Add MAC Switch(config)# mac-address-table static 0012.7701.0101 vlan 1 interface fa1 mac-address-table unicast static set ok! Port Security Switch(config)# interface fa1 Switch(config-if)# switchport port-security Disables new MAC addresses learning and aging activities! Note: Rule: Add the static MAC, VLAN and Port binding first, then enable the port security to stop new MAC learning.
Page 106
RADIUS Accounting Port number NOT given. (default=1813) Secondary RADIUS Server IP : 192.168.10.250 Secondary RADIUS Server Key : 5678 Secondary RADIUS Server Port : 1812 Secondary RADIUS Accounting Port : 1813 User name/password Switch(config)# dot1x username korenix passwd korenix vlan for authentication...
4.11 Warning The Switch provides several types of Warning features for you to remote monitor the status of end devices or the change of your network. The features include Fault Relay, System Log and SMTP E-mail Alert. Following commands are included in this group: 4.11.1 Fault Relay 4.11.2 Event Selection 4.11.3 Syslog Configuration...
Page 108
period is 0-4294967295 seconds. How to configure: Type turn-on period and turn-off period when the time is reached, the system will turn on or off the Relay Output. If you connect DO to DI of the other terminal unit, the setting can help you to change DI state. If you connect DO to the power set of other terminal units, this setting can help you to turn on or off the unit.
Page 109
Event Type: Ping Failure IP Address: IP address of the target device you want to ping. Reset Time (Sec): Waiting time to short the relay output. Hold Time (Sec): Waiting time to ping the target device for the duration of remote device boot How to configure: After selecting Ping Failure event type, the system will turn Relay Output to short state and continuously ping the target device.
Page 110
Once you finish configuring the settings, click on Apply to apply your configuration. 4.11.2 Event Selection Event Types can be divided into two basic groups: System Events and Port Events. System Events are related to the overall function of the switch, whereas Port Events related to the activity of specific ports System Event Warning Event is sent when…..
Page 111
Once you finish configuring the settings, click on Apply to apply your configuration. 4.11.3 SysLog Configuration System Log is useful to provide system administrator locally or remotely monitor switch events history. There are 2 System Log modes provided by the system, local mode and remote mode.
Page 112
Note: When enabling Local or Both modes, you can monitor the system logs in [Monitor and Diag] / [Event Log] page. 4.11.4 SMTP Configuration The Switch supports E-mail Warning feature. The switch will send the occurred events to remote E-mail server.
Page 113
Command Lines of the Warning configuration Feature Command Line Relay Output Relay Output Switch(config)# relay 1 DI state dry output ping ping failure port port link failure power power failure ring super ring failure Note: Select Relay 1 or 2 first, then select the event types. DI State Switch(config)# relay 1 di <1-2>...
Page 114
Switch(config)# smtp-server server 192.168.10.100 admin@korenix.com SMTP Email Alert set Server: 192.168.10.100, Account: admin@korenix.com ok. Receiver mail Switch(config)# smtp-server receipt 1 korecare@korenix.com SMTP Email Alert set receipt 1: korecare@korenix.com ok. Authentication with Switch(config)# smtp-server authentication username admin username and password admin password...
4.12 Monitor and Diag The Switch provides several types of features for you to monitor the status of the switch or diagnostic for you to check the problem when encountering problems related to the switch. The features include MAC Address Table, Port Statistics, Port Mirror, Event Log and Ping. Following commands are included in this group: 4.12.1 MAC Address Table 4.12.2 Port Statistics...
Page 117
4.12.2 Port Statistics In this page, you can view operation statistics for each port. The statistics that can be viewed include Link Type, Link State, Rx Good, Rx Bad, Rx Abort, Tx Good, Tx Bad and Collision. Rx means the received packet while Tx means the transmitted packets. Note: If you see many Bad, Abort or Collision counts increased, that may mean your network cable is not connected well, the network performance of the port is poor…etc.
Page 118
4.12.3 Port Mirroring Port mirroring (also called port spanning) is a tool that allows you to mirror the traffic from one or more ports onto another port, without disrupting the flow of traffic on the original port. Any traffic that goes into or out of the Source Port(s) will be duplicated at the Destination Port.
Page 119
easier maintain the topology map, display port ID, port description, system description, VLAN ID… Once the link failure, the topology change events can be updated to the NMS as well. The LLDP Port State can display the neighbor ID and IP leant from the connected devices.
Page 120
MAC Address Table Ageing Time Switch(config)# mac-address-table aging-time 350 mac-address-table aging-time set ok! Note: 350 is the new ageing timeout value. Add Static Unicast MAC Switch(config)# mac-address-table static 0012.7701.0101 address vlan 1 interface fastethernet7 mac-address-table ucast static set ok! Note: rule: mac-address-table static MAC_address VLAN VID interface interface_name Add Multicast MAC Switch(config)# mac-address-table multicast 0100.5e01.0101...
4.12 Device Front Panel Device Front Panel command allows you to see LED status of the switch. You can see LED and link status of the Power, DO, DI, R.M. and Ports. Feature On / Link UP Off / Link Down Other Power Green...
4.13 Save to Flash Save Configuration allows you to save any configuration you just made to the Flash. Powering off the switch without clicking on Save Configuration will cause loss of new settings. After selecting Save Configuration, click on Save to Flash to save your new configuration.
4.14 Logout The switch provides 2 logout methods. The web connection will be logged out if you don’t input any command after 30 seconds. The Logout command allows you to manually logout the web connection. Click on Yes to logout, No to go back the configuration page. Command Lines: Feature Command Line...
5. Appendix Pin Assignment of the RS-232 Console Cable The total cable length is 150cm, excluding RJ-45 and DB-9! DB-9 is ‘Female.’ RJ-45 Pin DB-9 Pin Description DB-9 Female Connector...
Korenix certificated SFP transceivers when you constructing your network. Korenix will keep on certificating and updating the certificated SFP transceivers in Korenix web site and purchase list. You can refer to the web site to get the latest information about SFP transceivers.
SNMP. But, since some commands can’t be found in standard MIB, Korenix provides Private MIB to meet up the need. Compile the private MIB file by your SNMP tool. You can then use it. Private MIB can be found in product CD or downloaded from Korenix Web site.
The slave/server can be any peripheral device (DSC unit, PLC unit, Volt/Current Transducer, network communication switch) which process information and sends the output data to the master using modbus TCP protocol. Korenix JetNet Switch operating as slave/server devices, while a typical master/client device is host computer running appropriate application software, like as SCADA / HMI system.
Page 131
The JetNet Managed DIN-Rail Ethernet Switch has implement modbud/TCP register in the firmware. Those register mapping to some of Ethernet Switchs’ operating information, includes decription, IP address, power status, interface status, interface information and inbound/outbound packet statistics. With the register supports, user can read the information through their own Modbus TCP based progress/ display/ monitor applications and monitor the status of the switch easily.
Page 132
Data Type Description System Information 0x0000 16 words Vender Name = “Korenix” Word 0 Hi byte = ‘K’ Word 0 Lo byte = ‘o’ Word 1 Hi byte = ‘r’ Word 1 Lo byte = ‘e’ Word 2 Hi byte = ‘n’...
Page 133
Word 2 Hi byte = ‘e’ Word 2 Lo byte = ‘t’ Word 3 Hi byte = ‘5’ Word 3 Lo byte = ‘8’ Word 4 Lo byte = ‘2’ Word 4 Hi byte = ‘8’ Word 5 Lo byte = ‘G’ Word 5 Hi byte = ‘\0’...
Page 134
Word 1 Hi byte = 0x0A Word 1 Lo byte = 0x01 0x0302 2 words Subnet Mask 0x0304 2 words Default Gateway 0x0306 2 words DNS Server 0x0308 to 0x3FF 248 words Reserved address space (IPv6 or others) 0x0400 1 word 0x0000:Off 0x0001:On 0xFFFF: unavailable...
Page 135
To clear port 1 Word = 0x0001 To clear port 1 and 2 Word = 0x0003 0x0C02 1 words Clear rmon by bitmap of port 17 to 32 Write to clear Read to return 0x0000 To clear port 17 Word = 0x0001 To clear port 17 and 18 Word = 0x0003 0x0C03 to...
Page 136
0x1320 to 1 word Auto Negotiation 0x133F 0x0000: disable 0x0001: enable 0xFFFF: unavailable 0x1340 to 1 word Loopback Mode 0x135F 0x0000: none 0x0001: MAC 0x0002: PHY 0xFFFF: unavailable 0x1360 to 1 word STP Status 0x137F 0x0000: disabled 0x0001: blocking 0x0002: listening 0x0003: learning 0x0004: forwarding 0x1380 to...
Page 137
0x18C0 to 0x18DF 1 words Rx power Raw data 0x18E0 to 0x191F 2 words Warning Rx power Word 0 : Raw data of High Alarm Word 1 : Raw data of Low Alarm 0x1920 to 1760 words Reserved address space 0x1FFF Inbound packet information 0x2000 to...
Page 138
0x26FF 0x2700 to 2 words MultipleCollision 0x273F 0x2740 to 2 words ExcessiveCollision 0x277F 0x2780 to 2 words LateCollision 0x27BF 0x27C0 to 2 words Filtered 0x27FF 0x2800 to 0x283F 2 words FCSError 0x2840 to 448 words Reserved address space 0x29FF Number of frames received and transmitted with a length(in octets) 0x2A00 to 2 words 0x2A3F...
Page 139
Word 1 = port 17-32 0x0001: Ethernet port 1 0x0002: Ethernet port 2 0x0003: Ethernet port 1 and 2 0x300F 2 word Ring 0’s Port List of 2nd Ring Port Word 0 = port 1-16 Word 1 = port 17-32 0x0001: Ethernet port 1 0x0002: Ethernet port 2 0x0003: Ethernet port 1 and 2...
Page 140
0x319F 0x31A0 to Ring 13’s Information 0x31BF 0x31C0 to Ring 14’s Information 0x31DF 0x31E0 to Ring 15’s Information 0x31FF 0x3200 to Ring 16’s Information 0x321F 0x3220 to Ring 17’s Information 0x323F 0x3240 to Ring 18’s Information 0x325F 0x3260 to Ring 19’s Information 0x327F 0x3280 to Ring 20’s Information...
Telnet, HTTP service enable/ disable function Restrict maximum 20 command entry records to be storage in system. Integrated JetNet 5010G and JetNet 4510 in one user manual. V2.10 18-Jun, 2012 Add New Features – Port Based Loop Protect function in network redundancy and waning selection.
Page 142
Apply to the New Firmware V2.4 Update major feature description Remove product specification from the manual; please check the most up to date datasheet from Korenix Web. Add 802.1s Multiple Spanning Tree Protocol description and configuration pages in Network Redundancy chapter.
Less Time At Work! Fewer Budget on applications! The Korenix business idea is to let you spend less time at work and fewer budget on your applications. Do you really want to go through all the troubles but still end up with low quality products and lousy services? Definitely not! This is why you need Korenix.