Powered by Accton ES4324 24-Port Gigabit Web-Smart Switch Management Guide www.edge-core.
Management Guide 24-Port Gigabit Web-Smart Switch with 24 1000BASE-T (RJ-45) Ports, and 4 Combination (RJ-45/SFP) Ports
ES4324 E082007-AP-R02 149100031800A
Contents Chapter 1: Introduction Key Features Description of Software Features System Defaults 1-1 1-1 1-2 1-5 Chapter 2: Initial Configuration Changing a PC’s IP Address 2-1 2-2 Chapter 3: Configuring the Switch Using the Web Interface Navigating the Web Browser Interface Home Page Configuration Options Panel Display Main Menu Basic Information Displaying System Information Showing Port Statistics Displaying the System Name Setting the Switch’s IP Address Manual Configuration Configuring the Logon Pass
Contents Trunk Configuration Trunk Rate Limit VLAN Settings Introduction to VLANs VLAN Memembership QoS Settings 802.1p DSCP RSTP Spanning Tree Protocol Introduction RSTP System Configuration Field Attributes RSTP Port Configuration RSTP Status Overview RSTP Port Status 802.1X 802.1X Setting 802.
Tables Table 1-1 Table 1-2 Table 3-1 Table 3-2 Table 3-3 Table B-1 Key Features System Defaults Configuration Options Main Menu Port Statistics Troubleshooting Chart 1-1 1-5 3-3 3-4 3-9 B-1 iii
Tables iv
Figures Figure 3-1 Figure 3-2 Figure 3-3 Figure 3-4 Figure 3-5 Figure 3-6 Figure 3-7 Figure 3-8 Figure 3-9 Figure 3-10 Figure 3-11 Figure 3-12 Figure 3-13 Figure 3-14 Figure 3-15 Figure 3-16 Figure 3-17 Figure 3-18 Figure 3-19 Figure 3-20 Figure 3-21 Figure 3-22 Figure 3-23 Figure 3-24 Figure 3-25 Figure 3-26 Figure 3-27 Figure 3-28 Figure 3-29 Figure 3-30 Figure 3-31 Figure 3-32 Figure 3-33 Figure 3-34 Figure 3-35 Figure 3-36 Figure 3-37 Figure 3-38 Figure 3-39 Home Page Panel Display System Information P
Figures vi
Chapter 1: Introduction This switch provides a broad range of features for Layer 2 switching. It includes a management agent that allows you to configure the features listed in this manual. The default configuration can be used for most of the features provided by this switch. However, there are many options that you should configure to maximize the switch’s performance for your particular network environment.
1 Introduction Description of Software Features The switch is a managed Gigabit switch that delivers performance and control to your network. It provides 24 full-duplex 1000BASE-T ports that significantly improve network performance and boost throughput using features configured through a web-based management interface. With 48 Gigabits of throughput bandwidth, this switch provides an effective solution to meeting the growing demands on your network.
Description of Software Features 1 Static Addresses – A static address can be assigned to a specific interface on this switch. Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table. Static addresses can be used to provide network security by restricting access for a known host to a specific port. IEEE 802.1D Bridge – The switch supports IEEE 802.
1 Introduction Traffic Prioritization – This switch prioritizes each packet based on the required level of service, using four priority queues with strict or Weighted Round Robin Queuing. It uses IEEE 802.1p and 802.1Q tags to prioritize incoming traffic based on input from the end-station application. These functions can be used to provide independent priorities for delay-sensitive data and best-effort data.
System Defaults 1 System Defaults To reset the switch defaults: 1. Remove the power cord from the back of the switch. 2. Remove all cables from the front-panel ports. 3. Use a standard network cable to connect port 1 to port 2 on the front panel. 4. Reconnect the power cord to the switch. 5. Wait at least 40 seconds before disconnecting port 1 from port 2. The following table lists some of the basic system defaults.
1 Introduction Table 1-2 System Defaults (Continued) Function Parameter Default Traffic Prioritization Queue Mode Strict QoS Mode Disabled IP Address 192.168.2.10 Subnet Mask 255.255.255.0 Default Gateway 0.0.0.
Chapter 2: Initial Configuration To make use of the management features of your switch, you must first configure it with an IP address that is compatible with the network it is being installed in. This should be done before you permanently install the switch in the network. Follow this procedure: 1. Place your switch close to the PC that you intend to use for configuration. It helps if you can see the front panel of the switch while working on your PC. 2.
2 Initial Configuration Changing a PC’s IP Address To change the IP address of a Windows 2000 PC: 1. Click Start, Settings, then Network and Dial-up Connections. 2. For the IP address you want to change, right-click the network connection icon, and then click Properties. 3. In the list of components used by this connection on General tab, select Internet Protocol (TCP/IP), and then click the Properties button. 4.
Chapter 3: Configuring the Switch Using the Web Interface This switch provides an embedded HTTP Web agent. Using a Web browser you can configure the switch and view statistics to monitor network activity. The Web agent can be accessed by any computer on the network using a standard Web browser (Internet Explorer 5.0 or above, or Firefox v1.5 or above). Prior to accessing the switch from a Web browser, be sure you have performed the tasks in the Initial Configuration chapter. Notes: 1.
3 Configuring the Switch Home Page When your web browser connects with the switch’s web agent, the home page is displayed as shown below. The home page displays the Main Menu on the left side of the screen and Status Overview on the right side. The Main Menu links are used to navigate to other menus, and display configuration parameters and statistics.
Panel Display 3 Configuration Options Configurable parameters have a dialog box or a drop-down list. Once a configuration change has been made on a page, be sure to click on the Apply button to confirm the new setting. The following table summarizes the web page configuration buttons. Table 3-1 Configuration Options Button Action. Revert Cancels specified values and restores current values prior to pressing Apply. Apply Sets specified values to the system. Help Links directly to webhelp. Notes: 1.
3 Configuring the Switch Main Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network conditions. The following table briefly describes the selections available from this program. Table 3-2 Main Menu Menu Description STATUS Page 3-6 Overview Provides a basic system description, including system name, IP 3-6 address, port, trunk, and VLAN information. Statistics Shows interface and RMON statistics for the selected port.
Main Menu 3 Table 3-2 Main Menu (Continued) Menu Description Page VLAN Port Config Configures VLAN behavior for individual ports and trunks. 3-26 VLAN Membership Configure VLAN port groups. 3-28 Sets the priority of packets forwarded through the switch. 3-29 QOS Settings 3-29 RSTP 3-32 Settings Configures Spanning Tree parameters. Status Shows Spanning Tree bridge and port status. 802.1X 3-32 3-34 3-34 Settings Sets up 802.1X port authentication. 3-35 Statistics Displays the 802.
3 Configuring the Switch Basic Information Displaying System Information You can easily identify the system by displaying the device name, location and contact information. Field Attributes System Information • System Name – Name assigned to the switch system. • Number of Ports – Number of built-in ports. • Hardware Version – Hardware version of the main board. • Code Version – Version number of the code. • Serial Number – The serial number of the switch.
Basic Information 3 • PVID - The VLAN ID assigned to untagged frames received on the interface. Outgoing frames are tagged unless the frame’s VLAN ID is the same as the PVID. When the PVID is set to “None,” all outgoing frames are tagged. (Default: 1) Trunk Information • Trunk – The trunk label. “T1” through “T8” are used as trunk labels. • Type – All trunks and ports on this switch are 10/100/1000Mbps • Trunk Status – Indicates the speed and duplex setting of the trunk.
3 Configuring the Switch Web – Click STATUS, Overview.
Basic Information 3 Showing Port Statistics You can display statistics on network traffic from the ports. These statistics can be used to identify potential problems with the switch (such as a faulty port or unusually heavy loading). All values displayed have been accumulated since the last system reboot, but can be reset to zero by clicking the CLEAR button. The current statistics are not displayed until you click the REFRESH button.
3 Configuring the Switch Table 3-3 Port Statistics Parameter Description RMON Statistics Drop Events The total number of events in which packets were dropped due to lack of resources. Received Frames The total number of frames (bad, broadcast and multicast) received. Multicast Frames The total number of good frames received that were directed to this multicast address.
Basic Information 3 Web – Click STATUS, Statistics.
3 Configuring the Switch Displaying the System Name You can identify the system by displaying the device name. Field Attributes • Switch Name – A name assigned to the switch system. Web – Click System, Name. Figure 3-5 System Name Setting the Switch’s IP Address This section describes how to configure an IP interface for management access over the network. The IP address for this switch is 192.168.2.10 by default.
3 Configuring the Logon Password Manual Configuration Web – Click System, LAN Settings. Enter the IP address, subnet mask and gateway, then click APPLY. Note that if you change the switch IP address, you must close the web interface and start a new session using the new IP address. Figure 3-6 LAN Settings Configuring the Logon Password The administrator has write access for all parameters governing the onboard agent.
3 Configuring the Switch Web – Click System, Password. To change the password for the administrator, enter current password, the new password, confirm it by entering it again, then click APPLY. Figure 3-7 Password Settings Tools On the Tools page, you can restore the switch to default settings, upgrade the firmware of the switch, or restart the switch. Restore to Factory Defaults Forces the switch to restore the original factory settings.
Tools 3 Upgrade Firmware Upgrades the switch system firmware using a file provided by Edgecore. Select “Upgrade Firmware” from the Tools drop-down list, then click on the “Browse” button to select the firmware file. Click the APPLY button to upgrade the selected switch firmware file. You can download firmware files for your switch from the Support section of the Edgecore web site at www.edge-core.com. Web – Click System, Tools, Reset to Factory Defaults.
3 Configuring the Switch Set Boot Image Allows you to select one of two software image files to run on the switch. (Default: Image0) When a new software image file is downloaded to the switch, it replaces the non-active file. For example, if the switch has booted from Image0, the new downloaded file replaces Image1. Also, the new software file is automatically set as the boot image. Web – Click SYSTEM, Tools, Set Boot Image. Select the software image file to boot after the next switch reset.
Static MAC 3 You can also manually configure static MAC addresses that are assigned to specific ports on the switch. A static MAC address is bound to a specific port and will not be moved or aged out. You can define up to 24 static MAC addresses on the switch. Add Static MAC Type the static MAC address and associated VLAN ID (1-4095) into corresponding fields in the Add Static MAC table. After clicking the ADD button, a new page opens to configure the Destination Mask for this MAC entry.
3 Configuring the Switch Web – Click SYSTEM, Counter Config.
3 Ports Configuration Ports Configuration Ports Settings You can use the Port Configuration page to manually set the speed, duplex mode, and flow control. Field Attributes • Speed/Duplex – Allows you to manually set the port speed and duplex mode. • Flow Control – Allows flow control to be enabled or disabled. When the box is checked, flow control is enabled. • Trunk – Indicates if a port is a member of a trunk. Web – Click PORTS, Settings.
3 Configuring the Switch Web – Click PORTS, Rate Limiting. This page enables you to set the rate limiting parameters for each port on the switch.
3 Ports Configuration Storm Control Broadcast storms may occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degraded or everything can come to complete halt. You can protect your network from broadcast storms by setting a threshold for broadcast traffic for each port. Any broadcast packets exceeding the specified threshold will then be dropped.
3 Configuring the Switch Port Mirroring You can mirror traffic from any source port to a target port for real-time analysis. You can then attach a logic analyzer or RMON probe to the target port and study the traffic crossing the source port in a completely unobtrusive manner. Field Attributes • Ports to Mirror - Select the ports that you want to mirror from this section of the page. A port will be mirrored when the “Mirroring Enabled” check-box is checked.
3 Ports Configuration Cable Diagnostic You can perform cable diagnostics for all ports or selected ports to diagnose any cable faults (short, open etc..) and feedback a distance to the fault. Field Attributes • Cable Diagnostics – Cable diagnostics is performed on a per-port basis. Select the port number from the drop-down list. • Cable Status – Shows the cable length, operating conditions and isolates a variety of common faults that can occur on Category 5 twisted pair cabling.
3 Configuring the Switch Web – Click TRUNKS, Membership. To assign a port to a trunk, click the required trunk number, then click APPLY.
3 Ports Configuration Trunk Configuration Field Attributes • Trunk – Indicates trunk identification. • Speed/Duplex – Allows you to manually set the port speed and duplex mode for all ports in the trunk. (Default: Auto speed) • Flow Control – Allows flow control to be enabled or disabled. When the box is checked, flow control is enabled. • Ports – Indicates which ports belong to the trunk. Web – Click TRUNKS, Settings.
3 Configuring the Switch Web – Click TRUNKS, Settings. Figure 3-22 Trunk Rate Limiting VLAN Settings This page allows you to create and delete VLANs (Virtual LANs) and to change the VLAN membership and behaviour of individual ports. VLANs are powerful, but can be difficult to set up properly. Each row of the table corresponds to one port or trunk; trunked ports cannot be configured individually. Introduction to VLANs VLANs are logical partitions of the physical LAN.
VLAN Settings 3 same internal VLAN IDs. This is accomplished by inserting Service Provider VLAN (SPVLAN) tags into the customer’s frames when they enter the service provider’s network, and then stripping the tags when the frames leave the network. QinQ tunneling expands VLAN space by using this VLAN-in-VLAN hierarchy, preserving the customer’s original tagged packets, and adding SPVLAN tags to each frame (also called double tagging).
3 Configuring the Switch Web – Click VLANS, VLAN Settings. Fill in the required settings for each interface, click Apply. Figure 3-23 VLAN Settings VLAN Memembership The switch supports up to 255 VLANs based on 802.1Q standard. From the VLAN Membership page you can create and delete VLANs, and change the VLAN port membership. Note: For QinQ application, the number of VLAN groups that would be setup is equal to the number of customer ports.
QoS Settings 3 Web – Click VLANS, VLAN Membership. To add a new , type into the VLAN ID (1-4095) of the VLAN group you want the new group to be, then click Add to open up the 802.1Q VLAN Group window, on which you can configure VLAN membership. Figure 3-24 802.1Q VLAN Configuration Figure 3-25 802.1Q VLAN Group QoS Settings QoS (Quality of Service) is a mechanism which is used to prioritize certain traffic as it is moves through the switch.
3 Configuring the Switch Web – Click QOS, Settings. In Queue Mode, select Strict. Figure 3-26 QoS Settings - Queue Mode Strict WRR - In this mode, all priorities can be guaranteed a share of the bandwidth when the system is overloaded. The bandwidth sharing percentage can be adjusted by specifying the four QOS class with different ratio in WRR Weight, which appears after WRR is enabled in Queue Mode. Note: WRR is selectable when Jumbo Frame is disabled in Ports > Settings. Web – Click QOS, Settings.
3 QoS Settings priority or select All High Priority to set all values to high priority. Use Custom if you want to set each value individually. Note: End stations, such as PCs, are not usually VLAN aware and do not create VLAN-tagged frames. As a result, this method of prioritization is not ideal when there are a lot of PCs connected to the switch. Figure 3-28 QoS Settings - 802.
3 Configuring the Switch Figure 3-29 QoS Settings - DSCP Mode Priority Mapping RSTP The Rapid Spanning Tree Protocol (RSTP) is a protocol that prevents loops in the network and dynamically reconfigures which physical links in a switch should forward frames. Spanning Tree Protocol Introduction The Spanning Tree Protocol (STP) can be used to detect and disable network loops, and to provide backup links between switches, bridges or routers.
RSTP 3 • Hello Time – Interval (in seconds) at which the root device transmits a configuration message (BPDU frame). Number between 1 - 10 (default is 2). • Max Age – The maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. That also means the maximum life time for a BPDU frame. Number between 6 - 40 (default is 20). • Forward Delay – The maximum time (in seconds) the root device will wait before changing states (i.e.
3 Configuring the Switch RSTP Status Overview The RSTP Bridge Overview table has one row to display settings for the whole switch. Hello Time, Maximum Age and Forward Delay are displayed. Topology shows the switch current state. Root ID indicates the root port ID for the switch. RSTP Port Status Shows the detailed RSTP information for each port. Field Attributes • • • • Port/Trunk - Port or trunk ID number. VLAN ID - VLAN IDs of the port. Path Cost - Show the path cost on this port.
802.1X 3 802.1X Setting The IEEE 802.1X standard defines a port-based access control procedure that prevents unauthorized access to a network by requiring users to first submit credentials for authentication. Field Attributes System Setting • Mode - Indicates if 802.1X protocol is globally enabled or disabled on the switch. • RADIUS IP - Sets the RADIUS server IP address. • RADIUS UDP Port - Sets the UDP port to the use for the external RADIUS server.
3 Configuring the Switch Web – Click 802.1X, Settings. Figure 3-32 802.1X Configuration 802.1X Statistics Field Attributes • Port Statistics - Statistics can be viewed on a per-port basis. Select the port that you want to view here. • Authenticator counters - General statistics for authenticator. • Backend Authenticator counters - General statistics for RADIUS server. • 802.1X MIB counters - MIB module defined for 802.1X.
Security 3 Web – Click 802.1X, Statistics. Figure 3-33 802.1X Statistics Security IP Filter On this page, you can set up a source IP Filter on all or some ports. It is used to block unwanted access and provide access to the network for either a specific source IP address or a specific subnet. The IP Filter Configuration table has one row for each port and five columns. Field Attributes • Port - The front-panel port-number of the port. This cannot be changed.
3 Configuring the Switch • Mode - Select the IP filter mode for this port. • Disabled - Disable the source IP filter. • Static - Enable the IP filter with configured values in the Address and IP Mask fields. • DHCP - The IP address for the device connected to this port will be automatically assigned by DHCP server and only frames with the assigned IP address are allowed to access the network. The IP Address and IP Mask fields will be filled with the assigned IP address and 255.255.255.
Security 3 Field Attributes • Port - The front-panel port-number of the port. This cannot be changed. • Allowed number of Learned MAC addresses - Set the maximum of MAC addresses that can be learned by this port. The Mode settings for the port are set by a single drop-down list. • No Limit - No limitation on the number of dynamcally learned MAC address. This means port security is disabled. • 8/7/6/5/4/3/2/1 - The maximum number of dynamically learned MAC address.
3 Configuring the Switch Web – Click Security, Port Security. Figure 3-35 Port Security ACL This page enables you to set up a management access filter on the switch. With the Management Access Filter Configuration table, you can create a list of up to 8 IP addresses or IP address groups that are allowed management access to the switch through the web interface or SNMP. The management interfaces are open to all IP addresses by default.
IGMP Snoop 3 Web – Click Security, ACL. Figure 3-36 Management Access Filter Configuration IGMP Snoop The switch can use Internet Group Management Protocol (IGMP) to filter multicast traffic. IGMP Snooping monitors IGMP service requests passing between multicast clients and servers, and dynamically configures the ports which need to recieve the mulitcast traffic. Note: For IGMPV3, the switch incudes basic support for reports only, Source Multicast is not supported.
3 Configuring the Switch • IGMP Snooping Enabled -When enabled, the port will monitor network traffic to determine which hosts want to receive the multicast traffic. • IGMP Querying Enabled - When enabled, the port can serve as the Querier, which is responsible for asking hosts if they want to receive multicast traffic. Web – Click IGMP Snoop, Settings. Figure 3-37 IGMP Snooping Configuration IGMP Status Show the IGMP Snooping statistics for the whole switch.
SNMP 3 Web – Click IGMP Snoop, Status. Figure 3-38 IGMP Snoop Status SNMP Simple Network Management Protocol (SNMP) is a communication protocol designed specifically for managing devices on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.
3 Configuring the Switch Web – Click SNMP, Settings.
Appendix A: Software Specifications Software Features Authentication Port (802.1X), Port Security Access Control Lists IP filter for management access DHCP Client Port Configuration 100BASE-TX: 10/100 Mbps, half/full duplex 1000BASE-T: 10/100 Mbps at half/full duplex, 1000 Mbps at full duplex Flow Control Full Duplex: IEEE 802.
A Software Specifications Additional Features SNMP (Simple Network Management Protocol) Management Features In-Band Management Web, SNMP manager Software Loading HTTP in-band SNMP Management access via MIB database Trap management to specified hosts Standards IEEE 802.1D Spanning Tree Protocol and traffic priorities IEEE 802.1p Priority tags IEEE 802.1Q VLAN IEEE 802.1w Rapid Spanning Tree Protocol IEEE 802.1X Port Authentication IEEE 802.
Management Information Bases A MAU MIB (RFC 2668) MIB II (RFC 1213) Port Access Entity MIB (IEEE 802.
A A-4 Software Specifications
Appendix B: Troubleshooting Problems Accessing the Management Interface Table B-1 Troubleshooting Chart Symptom Action Cannot connect using web browser, or SNMP software • Be sure the switch is powered up. • Check network cabling between the management station and the switch. • Check that you have a valid network connection to the switch and that the port you are using has not been disabled.
B B-2 Troubleshooting
Glossary Access Control List (ACL) ACLs can limit network traffic and restrict access to certain users or devices by checking each packet for certain IP or MAC (i.e., Layer 2) information. Boot Protocol (BOOTP) BOOTP is used to provide bootup information for network devices, including IP address information, the address of the TFTP server that contains the devices system files, and the name of the boot file.
Glossary IEEE 802.1D Specifies a general method for the operation of MAC bridges, including the Spanning Tree Protocol. IEEE 802.1Q VLAN Tagging—Defines Ethernet frame tags which carry VLAN information. It allows switches to assign endstations to different virtual LANs, and defines a standard way for VLANs to communicate across switched networks. IEEE 802.1p An IEEE standard for providing quality of service (QoS) in Ethernet networks.
Glossary IP Multicast Filtering A process whereby this switch can pass multicast traffic along to participating hosts. IP Precedence The Type of Service (ToS) octet in the IPv4 header includes three precedence bits defining eight different priority levels ranging from highest priority for network control packets to lowest priority for routine traffic.
Glossary Port Trunk Defines a network link aggregation and trunking method which specifies how to create a single high-speed logical link that combines several lower-speed physical links. Remote Authentication Dial-in User Service (RADIUS) RADIUS is a logon authentication protocol that uses software running on a central server to control access to RADIUS-compliant devices on the network. Remote Monitoring (RMON) RMON provides comprehensive network monitoring capabilities.
ES4324 E082007-AP-R02 149100031800A
