1. Manuals
  2. Brands
  3. KTI Networks Manuals
  4. Switch
  5. KS-2601
  6. User manual

KTI Networks KS-2601 User Manual

Managed switch
Hide thumbs Also See for KS-2601:
Table of Contents

Advertisement

Quick Links

Download this manual
Managed Switch
User's Manual
KS-2601
DOC.061214
1

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the KS-2601 and is the answer not in the manual?

Questions and answers

Related Manuals for KTI Networks KS-2601

Summary of Contents for KTI Networks KS-2601

  • Page 1 Managed Switch User's Manual KS-2601 DOC.061214...
  • Page 2 We make no warranties with respect to this documentation and disclaim any implied warranties of merchantability, quality, or fitness for any particular purpose. The information in this document is subject to change without notice. We reserve the right to make revisions to this publication without obligation to notify any person or entity of any such changes.
  • Page 3 About this manual … This manual is a general user’s manual for the managed switch: 24+2G fully-modularized model It has three 8-port module slots at front panel. These 8-port modules can be 8* 10/100M TX ports or 8* 100M FX ports. It has flexible design for hardware configuration.

  • Page 4: Table Of Contents

    Contents 1. INTRODUCTION--------------------------------------------------------- 1 1.1 PACKAGE CONTENTS ------------------------------------------------------------1 2. WHERE TO PLACE THE MANAGED SWITCH ----------------- 1 3. CONFIGURE NETWORK CONNECTION ------------------------- 2 3.1 CONNECTING DEVICES TO THE INTELLIGENT SWITCH ------------2 3.2 CONNECTING TO ANOTHER ETHERNET SWITCH/HUB ---------------2 3.3 APPLICATION ------------------------------------------------------------------------3 4.

  • Page 5: Introduction

    1. Introduction This managed switch is a Layer2 management switch with lots of advanced network functions including VLAN, trunking, spanning tree, mirror port, IP multicast, rate limit and port configuration. It supports console, telnet, http and SNMP interface for switch management. IEEE 802.1x is supported for port security application.

  • Page 6: Configure Network Connection

    3. Configure Network Connection 3.1 Connecting Devices to the Intelligent Switch [ Connection Guidelines: ] For 10BaseT connection: Category 3 or 5 twisted-pair Ethernet cable For 100BaseTX connection: Category 5 twisted-pair Ethernet cable For 1000BaseTX connection: Category 5e or 6 twisted-pair Ethernet cable For UTP cable connection, always limit the cable distance to 100 meters (328 ft) as defined by IEEE specification If your switch has 100BaseFX/1000BaseSX/1000BaseLX ports, you can...

  • Page 7: Application

    3.3 Application A switch can be used to overcome the hub-to-hub connectivity limitations as well as improve overall network performance. Switches make intelligent decisions about where to send network traffic based on the destination address of the packet. As a result, the switch can significantly reduce unnecessary traffic. The example below demonstrates the switch ability to segment the network.

  • Page 8: Add/Remove Module

    4. Add/Remove Module 4.1 Add/Remove Module [ For 24+2G Fully Modulized Model ] This model supports three 8-port 10/100Mbps TX/FX modules at front panel and two 1-port gigabit TX/SX/LX modules at rear panel. Note: This switch does not support hot-swap function. Turn off the switch first before adding or removing module.
  • Page 9 2. If the switch is rack-mounted, you have to remove the switch from rack first. 3. Loosen the screws of the module with screwdriver. Two at the front side, one at bottom side. 4. Remove the module slowly from the module slot. 5.

  • Page 10: Leds Conditions Definition

    5. LEDs Conditions Definition 5.1 LEDs Defined The LEDs provide useful information about the switch and the status of all individual ports. [ For 24+2G fully modulized model ] STATUS CONDITION Switch is receiving power. Power Link / Act Port has established a valid link. Flashing Data packets being received or sent.

  • Page 11: Manage / Configure The Switch

    6. Manage / Configure the switch 6.1 Introduction of the management functions This switch is a L2 management switch. It supports in-band management function from SNMP, Http and Telnet interface. It also supports out-band management function from RS232 console interface. Besides, it supports network configuration functions, like VLAN, Trunking, Port Mirror, QoS, spanning tree and software backup/update.
  • Page 12 Port Mirror This switch operates in store-and-forward algorithm so it is not possible to monitor network traffic from another connection port. But the port mirror function could copy packets from some monitored port to another port for network monitor. This switch also provides DA/SA filtering function for monitoring the traffic to/from some user.
  • Page 13 Rate Control This function can limit the burst traffic rate for physical ports. The traffic could be ingress traffic or egress traffic. This function can protect the network bandwidth usage by different users. IP Multicast with IGMP Snooping IP multicast function can forward packets to a group of users connected on different ports.

  • Page 14: Management With Console Connection

    6.2 Management with Console Connection Please follow the steps to complete the console hardware connection first. 1. Connect from the console port of the switch to COM port of PC with the console cable. 2. Start the terminal program. Create a new connection and select COM port of PC used for the console.
  • Page 15 With help command, you can find the command list as follow. ------------------------------------------------------------------------------------------------------- >help [Command List] ?....Help commands help... Help commands set.... Set commands show... Show commands default..Restore to factory default setting del.... Del commands find... Find commands whoami..Display current login user name reset..
  • Page 16 qos.... Set QoS configuration ratecontrol..Set Rate Control configuration rmon... Set RMON Function configuration security..Set port security mode for Static MAC address snmp... Set snmp configuration sta.... Set Spanning Tree configuration stormcontrol... Set Storm Control configuration trunk..Set Trunk function configuration 2.1 set ? and set help command These two commands will show the sub-command list for set command.
  • Page 17 the switch by Http, Telnet and SNMP. For example, “set 1qvlan mgrpvid 5” will allow the users in the VLAN with VLAN ID 5 to manage the switch remotely. priority sub-command is used to set port priority for tag adding when untagged packet is translated to tagged packet.
  • Page 18 For example, “set ARL 00-00-01-11-22-33 5” will add a static Mac ID “00-00- 01-11-22-33” to ARL table for Port 5 and this Mac ID will never be aged out from Port 5. Note: Because the static Mac address is fixed on the assigned port by the switch, the static Mac address can access network through the assigned port only.
  • Page 19 reauthtime..Set 802.1x Re-authentication Timeout Period reqcnt..Set 802.1x Max Request Count rsip... Set Radius Server Address shkey..Set 802.1x Shared Key supptime..Set 802.1x Supplicant Timeout Period svrtime..Set 802.1x Server Timeout Period transparent..Set 802.1x as transparent mode txtime..
  • Page 20 transparent sub-command is used to set the operation of 802.1x function to transparent mode. In this mode, the switch will forward the 802.1x packets only. txtime sub-command is used to set the timeout value for the identification request from the switch to users. The request will be re-tried until the reauthcnt is met.
  • Page 21 2.12 set igmp command This command is used to enable/disable IGMP snooping function for IP multicast operation. Its syntax is . . . >set igmp [Command List] enable..Enable igmp snooping function disable..Disable igmp snooping function 2.13 set loopback command This command is used to set the loopback detection function of the switch.
  • Page 22 This command is used to configure the mirror operation for ingress traffic. Its syntax is . . . >set mirror ingress [Argument List] div.... Set mirror ingress/egress [div=%d] mode... Set mirror ingress/egress [mode=ALL/SA/DA] mac.... Set mirror ingress/egress [mac=xx-xx-xx-xx-xx-xx] monitor..Set mirror ingress/egress [monitor=xx,xx,xx] set mirror ingress div x : every x packets, capture one for mirror.
  • Page 23 netmask 255.255.255.0 gateway 192.168.1.154” will set these parameters as the IP address configuration of the switch. After the command, you can use “show net” to verify the setting. 2.16 set port command This command is used to change the connection configuration of ports. Its syntax is .
  • Page 24 This command is used to set the configuration for port-based VLAN. This switch supports both 802.1Q VLAN and port-based VLAN. If you want to apply port-based VLAN for the switch, you can use this command to configure it. Its syntax is … >set pvlan Syntax : Set pvlan [1:enable|0:disable]...
  • Page 25 2.19.4 set qos dot1p command This sub-command is used to enable/disable the 802.1P QoS operation for each connection port. For example, “set qos dot1p 3 on” will enable the 802.1P QoS operation at Port 3. If any tagged packet comes to Port 3, it will be forwarded with the priority setting in its tag.
  • Page 26 Examples : Set security 1 1 Description: Set Security mode of port 1 to Accept mode for Static Mac addresses. mode 0 = No Security mode 1 = Accept function mode 2 = Reject function For examples, “set security 1 1” will set Port 1 to accept the users with the static Mac addresses configured on Port 1.
  • Page 27 f. TRAP Community string with “trapcommunity” sub-command. g. TRAP IP Address with “tapip” sub-command. h. Test TRAP Operation with “txtrp” sub-command For example, “set snmp name ABC location AAA-1F contact Jack” command will set these SNMP information to switch. 2.24 set sta command This command is used to configure spanning tree protocol of the switch.
  • Page 28 >set sta port Port number is missing! Syntax: set sta port [port#] [cost=xxxx] [priority=xxxx] cost (1~65535) : It is used to determine the best path between devices if looping happens. Lower values will be forwarded and should be assigned to ports with fast connections. Higher values will be blocked and should be assigned to ports with slow connections.
  • Page 29 2.26 set trunk command This switch supports three trunk groups (Trunk 1~3) maximum. They are disabled and null trunk groups default. Users can use this command to configure trunk function of the switch. Its syntax is . . . >set trunk Syntax : Set trunk [enable|disable] Description: Enable/Disable trunk function.
  • Page 30 rmon... Show RMON Function configuration security..Show port security mode for static MAC address snmp... Show snmp configuration sta.... Show Spanning Tree setting stormcontrol... Show Storm Control configuration trunk..Show Trunk function configuration 3.1 show ? and show help commands will show the sub-command list. 3.2 show 1qvlan command will show current 802.1Q VLAN status and settings.
  • Page 31 1(0x001) 1(0x001) 1(0x001) 1(0x001) 1(0x001) 1(0x001) 1(0x001) 1(0x001) 1(0x001) 1(0x001) ………………… ======================= Management Port : ======================= Note: The PVID of Management Port is for the management interface of the switch. Only the users in the VLAN with VLAN ID equal to the PVID of Management Port can manage the switch from network because they are in the same VLAN.
  • Page 32 For Auto Detect mode, the switch will always keep auto-negotiation function ON but just modify its attribution if the auto mode of port is disabled. Auto-MDIX function will be always enabled in this mode. For applications, you should select Auto Detect mode if the connected device is auto-negotiation enabled.
  • Page 33 PORT Status Auth.Mode ================================= ……………………… ================================= The Auth. Mode could be Auto, FA(Forced Authenticated), FU(Forced Unauthenticated) and No(No 802.1x function). 3.8 show guest will show current username and password for guest account. For example, >show guest [Guest configuration] Username: guest Password: 3.9 show gvrp command will show current GVRP function status for 802.1Q VLAN operation.
  • Page 34 3.12 show igmp command will show current IGMP snooping function enable/disable status and the IP multicast groups that learned by the switch. For example, >show igmp [IGMP Configuration] IGMP Switch : Enabled Total Groups ======================================================== [Group 1] IP Address : 224.0.0.9 Member Port : 1 [Group 2] IP Address : 224.0.0.2...
  • Page 35 Port Name Status Disable Auto. Speed Duplex Flow Control ============================================================== 1 10/100M base-T DOWN Half 2 10/100M base-T DOWN Half 3 10/100M base-T DOWN Half 4 10/100M base-T Full 5 10/100M base-T DOWN Half 6 10/100M base-T DOWN Half 7 10/100M base-T DOWN Half 8 10/100M base-T...
  • Page 36 [ID] [Vlan Name] [Port List] ==== ============== ================================== [ 1] 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 [ 2] [ 3] [ 4] [ 5] [ 6]...
  • Page 37 ============================================================== The first part is the mapping of 802.1P priority values 0~7 to the four priority queues of the switch. The second part is the port-based priority setting. The third part is the 802.1P priority function status for each port. 3.20 show ratecontrol command will show current rate control setting for each port.
  • Page 38 No Security No Security No Security No Security No Security No Security No Security No Security No Security Press any key to continue ... ========================================================= The “Security Control” could be No, Accept, Reject modes. “No” is for no Mac address security. “Accept” is for only the static Mac address can access. “Reject”...
  • Page 39 None 00:00:00:00:00:00 [0] None 00:00:00:00:00:00 [0] None 00:00:00:00:00:00 [0] Press any key to continue ... ================================================================ It shows the Bridge and Port spanning tree configuration. 3.25 show stormcontrol command will show current packet storm control settings. This switch supports broadcast and flooding storm control functions. With this command, you can find the maximum storm rate setting and the port list doing the storm control.
  • Page 40 Note: Trunk 3 is the trunk for gigabit ports. For 8*FX+2G model, they are Port 9 and 10 for Trunk 3. 4. default command This command will restore all the settings of switch to factory default. >default All current setting will be lost after restoring default! Are you sure to restore default setting now?(Y/N) 5.
  • Page 41 [Command List] ?....Help commands help... Help commands arl.... Search a specified MAC address in ARL table The syntax is as follow. >find arl Find ARL [xx-xx-xx-xx-xx-xx] If the Mac address is in ARL table, it will be shown as follow. >find arl 00-00-01-11-22-33 This MAC [00-c0-f6-11-22-33] is DYNAMIC in port [2]! If the Mac address is not in ARL table, it will be shown as follow.
  • Page 42 This switch supports TFTP protocol for firmware and configuration update and backup. You should select backup firmware or configuration first. And provide the IP address of the TFTP server and the backup file name for the backup operation. Enter “backup” at the prompt, the command syntax will be shown. >backup Syntax: backup [firmware | config] ip filename For example, “backup config 192.168.1.80 abcd”...

  • Page 43: Management With Http Connection

    6.3 Management with Http Connection You can manage the switch with Http Web Browser connection. Before http connection, IP address configuration of the switch should be done first. Please follow the instruction in Section 6.2 to complete the console connection and use “show net”...
  • Page 44 System Configuration...
  • Page 45 “System Configuration” is the homepage of the switch. You can find firmware version and Mac address of the switch in this page. And you can configure the following items in this page. a. ARL Aging Time: You can enable/disable the aging operation of the switch and modify the aging time here.
  • Page 46 Port Configuration You can configure the operation of ports and find their status here. Auto Mode You can select the auto function for port forced setting here. (Port forced setting means forcing it to some special setting, e.g. 10M/Half, instead of fully auto- negotiation.) For Auto Negotiation mode, the switch will do auto-negotiation ON/OFF when the auto mode of port is enabled/disabled.
  • Page 47 For Auto Detect mode, the switch will always keep auto-negotiation function ON but just modify its attribution if the auto mode of port is disabled. The Auto- MDIX function will be always enabled in this mode. For applications, you should select Auto Detect mode if the connected device is auto-negotiation enabled.
  • Page 48 Spanning Tree In the page, users can enable/disable spanning tree function and configure the bridge parameters. Please refer to 2.24 of Section 6.2 for the details of these parameters. Press [Apply] after any modification. Configuring port parameters for spanning tree, press [Configuration STA Port] and the configuration page will appear.
  • Page 49 Dynamic Mac Address Table This web page will show the Mac address table content of the switch for connection ports. Select the port first and the Mac address learned by the switch on the port will be shown. Up to 128 Mac addresses will be shown. You can select the Mac addresses that you want to assign them as static Mac addresses for the port.
  • Page 50 Static Mac Address Table This switch supports static Mac address assignment. You can assign static Mac addresses by two methods. a. Select from the Mac address list in “Dynamic Mac Address Table” page. b. Assign manual. Enter a Mac address and select the port, then add this entry to the static Mac address table.
  • Page 51 Mac Security Configuration This function is used to set the security modes for static Mac address on the port. There could be three options for this function. 1. No Security: No any Mac address access limitation for the port, i.e. every Mac address could access network through the port.
  • Page 52 Port-based VLAN This switch supports both 802.1Q VLAN and Port-based VLAN function. This web page is for you to configure port-based VLAN. There are three parts in the page. VLAN Mode Selecting: With “VLAN Function”, you can change the VLAN mode as 802.1Q VLAN, Port-based VLAN and Disabled.
  • Page 53 Click [Apply] to activate it. Current Port-based VLAN Table You can see current Port-based VLAN settings in the table.
  • Page 54 802.1Q VLAN Configuration This function is used to configure 802.1Q VLAN function. VLAN Function: This function is used to select VLAN mode – 802.1Q VLAN, Port-based VLAN and Disabled. GVRP Protocol: The GVRP protocol can learn remote 802.1Q VLAN on other devices and add to dynamic 802.1Q VLAN table.
  • Page 55 Ingress Filter: The ingress-filter function is for doing VLAN filtering at ingress port. If the packet and its ingress port are in the same VLAN, it will go to forwarding process. Otherwise, it will be discarded. VLAN Mode: This function can select different VLAN modes of 802.1Q VLAN operation.
  • Page 56 Static 802.1Q VLAN Create an 802.1Q VLAN: Input the VLAN ID and VLAN Name in “Create New Static VLAN”. Click [Create] to create the VLAN. The valid VLAN ID is 1 ~ 4094. Select the VLAN in “Show Static VLAN Table”. The new VLAN is empty by default.
  • Page 57 About Switch Management from Users Only the users in the same VLAN as Management Port PVID (set in “802.1Q VLAN Configuration” page) can manage the switch via Web/Telnet/SNMP. The users in other VLAN cannot manage the switch from network.
  • Page 58 10. 802.1Q VLAN Table This table will show the activity of 802.1Q VLAN. Both static and dynamic 802.1Q VLAN will be shown in the table. Follow the steps to show the 802.1Q VLAN. Select a VLAN in “Show VLAN Table”. The 802.1Q VLAN activity status will be shown for the selected VLAN.
  • Page 59 11. 802.1x Configuration The 802.1x function can limit the port access for authentication users only. It needs a RADIUS server for the authentication process and the switch acts as an authenticator. The function here is for 802.1x function configuration. 802.1x Authentication Status: [Enable/Disable/Transparent] Enable: enable 802.1x function in authentication mode Disable: disable 802.1x function Transparent: only forwarding 802.1x packets...
  • Page 60 This is the timeout value between the switch and users (called “supplicant” in 802.1x) after first identification. The valid value is 0~65535. Quiet Timeout Period: This is the quiet time value between the switch and the user before next authentication process when authentication fails. Tx Timeout Period: This is the timeout value for the identification request from the switch to users.
  • Page 61 The Port Authentication Configuration is used to select the authentication mode for each port of the switch. 1. Auto: This is the normal 802.1x operation mode. The authentication status (authenticated or unauthenticated) depends on the authentication result of port. 2. Force-Authorized: This mode will force the port always being authentication successful in 802.1x process and the real authentication result will be ignored.
  • Page 62 12. Protected Port Setting The Protected Port function can isolate the traffic between these protected ports. For example, Port 1,2,3 are marked as protected. So the traffic between Port 1,2,3 will be blocked, even they are in the same VLAN. But they still can communicate with other ports in the same VLAN.
  • Page 63 13. Trunk This switch supports three trunk connections and they are null by default. If users want to use trunk function, follow the steps to configure it. Select Enable in “Trunk Function” and click [Apply] to enable the function. If you will create the trunk connection by 10/100M ports, you can enable Trunk 1 or Trunk 2.
  • Page 64 14. Mirror Follow the steps to configure Mirror function. Select Enable in “Mirroring” and click [Apply] to enable the function. Select the capture port. (The monitored traffic will be forwarded to this port.) Select the monitored port from Ingress or Egress table – depending on the traffic direction.
  • Page 65 15. QoS This switch supports four priority queues on each port for QoS operation. Follow the steps to configure QoS function. 1. Select Enable in “QoS Function” and click [Apply] to enable the function. 2. If port-based priority is used, select ports for High and Low priorities. The packets from High priority port will be forwarded to highest priority queue on egress port.
  • Page 66 Rate Control The rate control function can limit the maximum traffic rate for each physical port. The traffic could be ingress traffic or egress traffic.
  • Page 67 The rate control range is 64Kbps ~ 1000Mbps. Here is the rule for the setting. Maximum Rate Rate Control Number (N) Rule No Limit 0 means no limit. 64K,128K,192K,…,1792Kbps 1 ~ 28 Rate = N x 64Kbps 2M,3M,4M, …,100Mbps 29 ~ 127 Rate = (N-27) x 1Mbps 104M,112M,…,1000Mbps 128 ~ 240...
  • Page 68 17. Storm Control The storm control function can limit the maximum traffic rate for packet storm. There are two traffic storms could be limited – broadcast storm and flooding...
  • Page 69 packet storm. You can enable the storm control by port. Follow the steps to do the storm control settings. Set the suppression rate. Select which storm will be controlled and which ports will be applied – all of the ports, none of the ports or selected by port in the table. If “By Port”...
  • Page 70 18. SNMP In this page, you can enable/disable RMON function; configure GET/SET/Trap Community Name and the IP address for trap operation. Then you can manage this switch with these settings from SNMP management program.
  • Page 71 IGMP The IGMP function is for IP multicast operation in network. This switch can do IGMP Snooping function to get the IP multicast group information from IGMP active device. The learned IP multicast member group will be shown in the IGMP web page.
  • Page 72 20. Statistics Users can find the traffic statistics here. Select port number to get the counters for different port. Users can modify the refresh interval to get different counter updating period. Click “Refresh” button can update the counter immediately. Users can reset counters to zero with the “Reset Statistics” button.
  • Page 73 21. Tools Four functions are supported as the system maintenance tools. a. System Reset This function will reset the switch. b. System Restore Factory Default Settings This function will restore the switch configuration to factory default setting. c. System Backup/Restore [Backup Setting] will backup the configuration of the switch to the web management PC.

  • Page 74: About Telnet Interface

    6.4 About Telnet Interface If you want to use Telnet to management the switch from remote site, you have to set the IP/Mask/Gateway address to the switch first from console. Then use "telnet <IP>" command in DOS. Its operation interface is the same as console interface.

  • Page 75: Software Update And Backup

    7. Software Update and Backup This switch supports software/configuration backup and update/restore functions. It could be done in three ways. 1. From console when booting: by Xmodem protocol and doing by terminal program. This function can be used for run-time code and boot code updating.

  • Page 76: Product Specifications

    A. Product Specifications [ 24+2G fully-modularized model ] Access Method Ethernet, CSMA/CD Standards Conformance IEEE 802.3 10BASE-T, IEEE 802.3u 100BASE IEEE 802.3z, IEEE 802.3ab (1000Base) Communication Rate 10/100/1000Mbps, Full / Half duplex (auto-negotiation) Indicator Panel LEDs - each unit : Power / each port : Link/Act, Full/Col Number of Ports 3* 8-port modules, 2* gigabit modules ports...

  • Page 77: Compliances

    B. Compliances EMI Certification FCC Class A Certification (USA) Warning: This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause interference to radio communications. It has been tested and found to comply with the limits for a Class A digital device pursuant to Subpart B of Part 15 of FCC Rules, which are designed to provide reasonable protection against such interference when operated in a commercial environment.

Table of Contents