EKI-7758F 8G ports Industrial Managed Redundant Gigabit Ethernet Switch, 4 Gigabit Copper and 4 Gigabit SFP User Manual
Copyright The documentation and the software included with this product are copyrighted 2007 by Advantech Co., Ltd. All rights are reserved. Advantech Co., Ltd. reserves the right to make improvements in the products described in this manual at any time without notice. No part of this manual may be reproduced, copied, translated or transmitted in any form or by any means without the prior written permission of Advantech Co., Ltd. Information provided in this manual is intended to be accurate and reliable.
Product Warranty (2 years) Advantech warrants to you, the original purchaser, that each of its products will be free from defects in materials and workmanship for two years from the date of purchase. This warranty does not apply to any products which have been repaired or altered by persons other than repair personnel authorized by Advantech, or which have been subject to misuse, abuse, accident or improper installation.
Declaration of Conformity CE This product has passed the CE test for environmental specifications. Test conditions for passing included the equipment being operated within an industrial enclosure. In order to protect the product from being damaged by ESD (Electrostatic Discharge) and EMI leakage, we strongly recommend the use of CE-compliant industrial enclosure products.
Safety Instructions 1. Read these safety instructions carefully. 2. Keep this User's Manual for later reference. 3. Disconnect this equipment from any AC outlet before cleaning. Use a damp cloth. Do not use liquid or spray detergents for cleaning. 4. For plug-in equipment, the power outlet socket must be located near the equipment and must be easily accessible. 5. Keep this equipment away from humidity. 6. Put this equipment on a reliable surface during installation.
Safety Precaution - Static Electricity Follow these simple precautions to protect yourself from harm and the products from damage. 1. To avoid electrical shock, always disconnect the power from your PC chassis before you work on it. Don't touch any components on the CPU card or other cards while the PC is on. 2. Disconnect power before making any configuration changes. The sudden rush of power as you connect a jumper or install a card may damage sensitive electronic components.
Chapter 1 Contents Overview ........................................... 2 1.1 Introduction .......................................... 2 1.1.1 The SFP Advantage ...................... 2 1.1.2 High-Speed Transmissions ........... 2 1.1.3 Dual Power Input ........................... 2 1.1.4 Flexible Mounting .......................... 2 1.1.5 Advanced Protection ..................... 3 1.1.6 Wide Operating Temperature ........ 3 1.1.7 Easy Troubleshooting.................... 3 1.2 Features ...................
3.1.1 Commands Level ........................ 26 Table 3.1: Command Level ......................................... 26 3.1.2 Commands Set List ..................... 27 Table 3.2: Commands Set List .................................... 27 3.1.3 System Commands Set............... 27 Table 3.3: System Commands Set ............................... 27 3.1.4 Port Commands Set .................... 28 Table 3.4: Port Commands Set ................................... 28 3.1.5 Trunk Commands Set ...........
Figure 3.16: Syslog Configuration .............................. 46 Figure 3.17: SMTP Configuration ............................... 47 Figure 3.18: Event Configuration ................................ 48 Figure 3.19: Fault Relay Alarm ................................... 49 Table 3.18: UTC Timezone ......................................... 49 Figure 3.20: SNTP Configuration ............................... 51 Figure 3.21: IP Security ............................................... 52 Figure 3.
Figure A.4: DB 9-pin female connector ...................... 87 Appendix B Appendix C Compatible SFP Modules ........... 90 X-View........................................... 92 Figure C.1: X-View interface ...................................... 92 Figure C.2: Items to the ‘Task’ menu bar .................... 92 Figure C.3: Two devices have been discovered .......... 93 Figure C.4: Discovery Filter setting window .............. 93 Figure C.5: Login interface .........................................
Figure C.33: Port Control .......................................... 111 C.2.3 Port Status ................................ 111 Figure C.34: Port Status............................................. 111 C.2.4 Port Trunk ................................. 112 Figure C.35: Port Trunk............................................. 112 Figure C.36: Port Trunk Status .................................. 113 C.2.5 Port Mirroring ............................ 113 Figure C.37: Port Mirroring......................
C.6 Save To Flash ................................. 134 Figure C.67: Save to Flash ........................................ 134 C.7 System Reboot ................................ 135 Figure C.68: System Reboot ......................................
xiii Contents
CHAPTER Overview Sections include: z Introduction z Features z Specifications z Packing List z Safety Precaution 1 Chapter1
Chapter 1 Overview 1.1 Introduction To create reliability in your network, the EKI-7758F comes equipped with a proprietary redundant network protocol—X-Ring that was developed by Advantech, which provides users with an easy way to establish a redundant Ethernet network with ultra high-speed recovery time less than 10 ms. Aside from 4 x 10/100/1000Base-T(X) fast Ethernet ports, the EKI-7758F come equipped with 4 SFP (mini-GBIC) fiber optic ports.
1.1.5 Advanced Protection The power line of EKI-7758F supports up to 3,000 VDC EFT protection, which secure equipment against unregulated voltage and make systems safer and more reliable. Meanwhile, 4,000 VDC ESD protections for Ethernet ports make EKI-7758F more suitable for harsh environments. 1.1.6 Wide Operating Temperature The operating temperature of the EKI-7758F is between -10 ~ 60 ℃. With such a wide range, you can use the EKI-7758F in some of the harshest industrial environments that exist.
1.2 Features • All Gigabit Ethernet ports for 4 Copper and 4 SFP • SFP sockets for easy and flexible fiber expansion • Redundancy: Gigabit X-Ring (ultra high-speed recovery time < 10ms), RSTP/STP (802.1w/1D) • Management: Web, Telnet, Serial Console, Windows Utility, SNMP • Control: VLAN/GVRP, QoS, IGMP Snooping, LACP, Rate Limit • Security: IP/MAC and port binding, DHCP Server, IP access list, 802.
1.3 Specification Communications Standard LAN Transmission Distance Transmission Speed IEEE 802.3, 802.3ab, 802.3ad, 802.3u, 802.3x, 802.3z IEEE 802.1d, 802.1p, 802.1Q, 802.1w, 802.1X, 10/100/1000Base-TX, Optional 100Base-FX, 1000Base-SX/LX/LHX/XD/ZX/EZX Ethernet: Up to 100m (4-wire Cat.5e, Cat.
Power Consumption Power Input Fault Output Max. 17 W 2 x Unregulated +12 ~ 48 VDC 1 Relay Output Mechanism Dimensions (WxHxD) Enclosure Mounting 79 x 152 x 105 mm IP30, metal shell with solid mounting kits DIN-rail, wall Protection ESD (Ethernet) Surge (EFT for power) Power Reverse Overload 4,000 VDC 3,000 VDC Present 3.
1.4 Packing List • • • • • • • 1 x EKI-7758F Industrial Managed Gigabit Ethernet Switch 1 x eAutomation Industrial Communication CD-ROM with software, and User manual 2 x Wall Mounting Bracket and Screws 1 x DIN-rail Mounting Bracket and Screws 1 x 8-pin RJ-45 to RS-232 serial cable 1 x DC Jack Cable φ2.0/150mm 1 x EKI-7758F Startup Manual 1.5 Safety Precaution Attention IF DC voltage is supplied by an external circuit, please use a protection device on the power supply input.
EKI-7758F User Manual 8
CHAPTER Installation Sections include: z LED Indicators z Dimensions z Mounting z Network Connection z Connection to a Fiber Optic Network z Power Connection 9 Chapter2
Chapter 2 Installation In this chapter, you will be given an overview of the EKI-7758F hardware installation procedures. 2.1 LED Indicators There are few LEDs display the power status and network status located on the front panel of EKI-7758F, each of them has its own specific meaning shown as below. Table 2.1: EKI-7758F LED Definition LED Color PWR Green R.M.
2.2 Dimensions (units: mm) Figure 2.
Figure 2.
Figure 2.
Figure 2.
2.3 Mounting The EKI-7758F supports two mounting methods: DIN-rail & Wall. 2.3.1 Wall mounting EKI-7758F can be wall-mounted by using the included mounting kit. Then, hang on the EKI-7758F to the nails on the wall. First, use the screws included in the package to combine the EKI-7758F and metal mounting kit. And then you can install the device firmly via the components, please see Figure 2.5 as below. Figure 2.
2.3.2 DIN-rail Mounting You can also mount EKI-7758F on a standard DIN-rail by below steps. The DIN-rail kit is screwed on the industrial switch when out of factory. If the DIN-rail kit is not screwed on the industrial switch, please screw the DIN-rail kit on the switch first. First, hang the EKI-7758F to the DIN-rail with angle of inclination. See Figure 2.6. Figure 2.
Then, let the device down straight to slide over the rail smoothly. See Figure 2.7. Figure 2.
2.4 Network Connection The EKI-7758F has 4 x RJ-45 ports that support connection to 10 Mbps Ethernet, 100 Mbps Fast Ethernet or 1000 Mbps Gigabit Ethernet. EKI-7758F can be connected to other hubs or switches through a twisted-pair straight cable or a crossover cable up to 100m long. The connection can be made from any TX port of the EKI-7758F (MDI-X) to another hub or switch either MDI-X or uplink MDI port. The EKI-7758F supports auto-crossover to make networking more easy and flexible.
Figure 2.9: Transceiver Inserted Second, insert the fiber cable of LC connector into the transceiver. Figure 2.
To remove the LC connector from the transceiver, please follow the steps shown below: First, press the upper side of the LC connector to release from the transceiver and pull it out. Figure 2.11: Remove LC connector Second, push down the metal loop and pull the transceiver out by the plastic handle. Figure 2.
2.6 Power Connection The EKI-7758F supports dual +12 ~ 48 VDC power inputs and power-fail relay output. Figure 2.8: Pin Assignment of the Power Connector You can connect an alarm indicator, buzzer or other signaling equipment through the relay output. The relay opens if power input 1, 2 fails or port link down/break (″Open″ means if you connect relay output with an LED, the light would be off).
EKI-7758F User Manual 22
CHAPTER Configuration Sections include: z RS-232 Console z Web Browser z Mounting z Self Diagnosis 23 Chapter3
Chapter 3 Configuration The EKI-7758F can be configured in two ways: via RS-232 Console or a web browser. 3.1 RS-232 Console EKI-7758F’s RS-232 console is designed for rapidly configuring which provides the console management – CLI command. Attach the supplied cable, which one end is RJ-45 and the other end is female DB9, to connect EKI7758F and your host PC or terminal. The connected PC or terminal must support the terminal emulation program.
Select the appropriate COM port, and set the parameter as Fig.3.2 (9600 for Baud Rate, 8 for Data Bits, None for Parity, 1 for Stop Bits, and None for Flow Control). Figure 3.2: COM Port Properties Setting Press Enter for login screen (If you can not find the login screen, press Enter one more time). The default user name and password are both “admin”. Key-in the user name and password to enter the command line interface. Figure 3.
After you have logged in to the system, you will see a command prompt. To enter CLI management interface, type in “enable” command. Figure 3.4: Command Line Interface The following table lists the CLI commands and description. 3.1.1 Commands Level Table 3.1: Command Level Modes Access Method Prompt Begin a session with your switch. User EXEC Privileged EXEC Global configuration VLAN database Interface configuration Exit Method About This Model Enter logout or quit.
3.1.2 Commands Set List Table 3.2: Commands Set List Command 3.1.3 Code Word User EXEC E Privileged EXEC P Global configuration G VLAN database V Interface configuration I System Commands Set Table 3.
dhcpserver subnetmask [Subnet mask] dhcpserver gateway [Gateway] G G dhcpserver dnsip [DNS IP] G dhcpserver leasetime [Hours] G dhcpserver ipbinding [IP address] show dhcpserver configuration show dhcpserver clients show dhcpserver ip-binding no dhcpserver P P P G security http G security telnet G security ip [Index(1..10)] [IP Address] show security G P no security G no security http G no security telnet 3.1.
bandwidth type all I bandwidth type broadcast-multicastflooded-unicast I bandwidth type broadcast-multicast I bandwidth type broadcast-only I bandwidth in [Value] I bandwidth out [Value] show bandwidth I Set interface ingress limit frame type to “only accept broadcast frame” switch(config)#interface fastEthernet 2 switch(config-if)#bandwidth type broadcast-only Set interface input bandwidth. Rate Range is from 100 kbps to 102400 kbps or to 256000 kbps for giga ports, and zero means no limit.
aggregator group [GroupID] [Port-list] nolacp G show aggregator Assign a static trunk group. [GroupID] :1~3 [Port-list]:Member port list, This parameter could be a port range(ex.1-4) or a port list separate by a comma(ex.
vlan 8021q trunk [PortNumber] access-link untag [UntaggedVID] vlan 8021q trunk [PortNumber] trunk-link tag [TaggedVID List] V V vlan 8021q trunk [PortNumber] hybrid-link untag [UntaggedVID] tag [TaggedVID List] show vlan [GroupID] or show vlan V switch(vlan)#vlan 8021q trunk 3 access-link untag 33 Assign a trunk link for VLAN by trunk switch(vlan)#vlan 8021q trunk 3 trunk-link tag group 2,3,6,99 or switch(vlan)#vlan 8021q trunk 3 trunk-link tag 320 Assign a hybrid link for VLAN by switch(vlan)#vlan 80
stp-admin-p2p [Auto|True|False] stp-admin-edge [True|False] stp-admin-non-stp [True|False] show spanning-tree I I I E no spanning-tree 3.1.8 G position as the root switch. Admin P2P of STP priority on this interface. Admin Edge of STP priority on this interface. Admin NonSTP of STP priority on this interface. Displays a summary of the spanning-tree states. Disable spanning-tree.
Table 3.10: Mac/Filter Table Commands Set Netstar Commands Level mac-address-table static hwaddr [MAC] I mac-address-table filter hwaddr [MAC] show mac-address-table show mac-address-table static show mac-address-table filter no mac-address-table static hwaddr [MAC] G P P P I no mac-address-table filter hwaddr [MAC] no mac-address-table 3.1.11 G G Description Example Configure MAC address table of interface (static).
sub-oid [OID] show snmp no snmp community-strings [Community] no snmp-server host [Host-address] no snmpv3 user [User Name] no snmpv3 access context-name [Context Name ] group [Group Name ] security-level [NoAuthNoPriv|AuthNoPriv|AuthPriv] match-rule [Exact|Prifix] views [Read View Name] [Write View Name] [Notify View Name] no snmpv3 mibview view [View Name] type [Excluded|Included] sub-oid [OID] 3.1.12 P G G G Show SNMP configuration switch#show snmp Remove the specified community.
8021x system accountport [port ID] G 8021x system sharekey [ID] G 8021x system nasid [words] G 8021x misc quietperiod [sec.] G 8021x misc txperiod [sec.] G 8021x misc supportimeout [sec.] G 8021x misc servertimeout [sec.] G 8021x misc maxrequest [number] G 8021x misc reauthperiod [sec.] G 8021x portstate [disable | reject | accept | authorize] I show 8021x E no 8021x G 3.1.14 change the radious server port Use the 802.
systemlog mode [client|server|both] G show systemlog show systemlog E no systemlog smtp enable smtp serverip [IP address] smtp authentication smtp account [account] smtp password [password] smtp rcptemail [Index] [Email address] show smtp no smtp event device-cold-start [Systemlog|SMTP|Both] G G P G G G G G P G switch(config)# systemlog mode both Displays system log.
Show index number of time zone list switch#show sntp timezone P no sntp G Disable SNTP function switch(config)#no sntp no sntp daylight G Disable daylight saving time switch(config)#no sntp daylight show sntp timezone 3.1.17 X-ring Commands Set Table 3.
3.2 Web Browser EKI-7758F provides a convenient configure way via web browser, you can follow below step to access EKI-7758F. EKI-7758F’s default IP is 192.168.1.1, make sure your host PC and EKI-7758F are on the same logical sub-network. Warning Your host PC should be in the same VLAN setting with EKI-7758F, or the management will not be configured. Connect EKI-7758F to the Ethernet then your host PC could configure it via Ethernet.
In the main page, you can find the tree menu structure of the EKI-7758F in the left side. Click the “+” symbol to unroll the hiding hyperlink, and click the hyperlink to open the function page you want to configure. Figure 3.7: Main page 3.2.1 System System Information Assign the system name, location and view the system information • • • • • • • System Name: Assign the name of the switch. The maximum length is 64 bytes. System Description: Displays the description of switch.
Figure 3.8: System Information IP Configuration User can configure the IP Settings and DHCP client function here. • DHCP Client: To enable or disable the DHCP client function. When DHCP client function is enabling, the industrial switch will be assigned the IP address from the network DHCP server. The default IP address will be replace by the DHCP server assigned IP address. After user click “Apply” button, a popup dialog show up.
Figure 3.9: IP Configuration DHCP Server – System configuration The system provides the DHCP server function. Enable the DHCP server function, the switch system will be a DHCP server. • DHCP Server: Enable or Disable the DHCP Server function. Enable – the switch will be the DHCP server on your local network. • Low IP Address: the dynamic IP assign range. Low IP address is the beginning of the dynamic IP assigns range. For example: dynamic IP assign range is from 192.168.1.100 ~ 192.168.1.200. 192.168.1.
Figure 3.10: DHCP Server - System Configuration DHCP Client – System Configuration When the DHCP server function is active, the system will collect the DHCP client information and displays it here. Figure 3.11: DHCP Server – Client Entries DHCP Server - Port and IP Bindings You can assign the specific IP address that is the IP in dynamic IP assign range to the specific port.
Figure 3.12: DHCP Server – Client Entries TFTP - Update Firmware It provides the functions to allow a user to update the switch firmware. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server. • TFTP Server IP Address: fill in your TFTP server IP. • Firmware File Name: the name of firmware image. • And then, click Apply Figure 3.
You can restore Flash ROM value from TFTP server, but you must put the image file on TFTP server first, switch will download back flash image. • TFTP Server IP Address: fill in the TFTP server IP. • Restore File Name: fill in the correct restore file name. • Click Apply Figure 3.14: TFTP – Restore Configuration TFTP - Backup Configuration You can save current Flash ROM value from the switch to TFTP server, then go to the TFTP restore configuration page to restore the Flash ROM value.
Figure 3.15: TFTP – Backup Configuration System Event Log – Syslog Configuration Configuring the system event mode that want to be collected and system log server IP. • Syslog Client Mode: select the system log mode – client only, server only, or both S/C. • System Log Server IP Address: assigned the system log server IP. • Click Reload to refresh the events log. • Click to clear all current events log. Clear • After configuring, Click Apply .
Figure 3.16: Syslog Configuration System Event Log - SMTP Configuration You can set up the mail server IP, mail account, account password, and forwarded email account for receiving the event alert. • Email Alert: enable or disable the email alert function. • SMTP Server IP: set up the mail server IP address (when Email Alert enabled, this function will then be available).
Figure 3.17: SMTP Configuration System Event Log - Event Configuration You can select the system log events and SMTP events. When selected events occur, the system will send out the log information. Also, per port log and SMTP events can be selected. After configure, Click Apply . • System event selection: 4 selections – Device cold start, Device warm start, SNMP Authentication Failure, and X-ring topology change. Mark the checkbox to select the event.
Figure 3.18: Event Configuration Fault Relay Alarm • Power Failure: Mark the check box to enable the function of lighting up FAULT LED on the panel when power fails. • Port Link Down/Broken: Mark the check box to enable the function of lighting up FAULT LED on the panel when Ports’ states are link down or broken.
Figure 3.19: Fault Relay Alarm SNTP Configuration You can configure the SNTP (Simple Network Time Protocol) settings. The SNTP allows you to synchronize switch clocks in the Internet. • SNTP Client: enable or disable SNTP function to get the time from the SNTP server. • Daylight Saving Time: enable or disable daylight saving time function. When daylight saving time is enabled, you need to configure the daylight saving time period. • UTC Timezone: set the switch location time zone.
CST - Central Standard MDT - Mountain Daylight -6 hours 6 am MST - Mountain Standard PDT - Pacific Daylight -7 hours 5 am PST - Pacific Standard ADT - Alaskan Daylight -8 hours 4 am ALA - Alaskan Standard -9 hours 3 am HAW - Hawaiian Standard -10 hours 2 am Nome, Alaska -11 hours 1 am CET - Central European FWT - French Winter MET - Middle European MEWT - Middle European Winter SWT - Swedish Winter +1 hour 1 pm EET - Eastern European, USSR Zone 1 +2 hours 2 pm BT - Baghdad, USSR Zone
Figure 3.20: SNTP Configuration IP Security IP security function allows user to assign 10 specific IP addresses that have permission to access the switch through the web browser for the securing switch management. • IP Security Mode: when this option is in Enable mode, the Enable HTTP Server and Enable Telnet Server check boxes will then be available. • Enable HTTP Server: when this check box is checked, the IP addresses among Security IP1 ~ IP10 will be allowed to access via HTTP service.
Figure 3.21: IP Security User Authentication Change web management login user name and password for the management security issue. • User name: Key in the new user name (The default is “admin”) • Password: Key in the new password (The default is “admin”) • Confirm password: Re-type the new password • And then, click Apply button to apply the configuration.
Figure 3.
3.2.2 Port Port Statistics The following information provides the current port statistic information. • • • • • • • • • • • • • • Port: The port number. Type: Displays the current speed of connection to the port. Link: The status of linking—‘Up’ or ‘Down’. State: It’s set by Port Control. When the state is disabled, the port will not transmit or receive any packet. Tx Good Packet: The counts of transmitting good packets via this port.
• Click Apply button to apply the configuration. Figure 3.24: Port Control Port Trunk The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner.
Figure 3.25: Aggregator Setting Aggregator Information When you have setup the aggregator setting with LACP disabled, you will see the local static trunk group information here. Figure 3.26: Aggregator Information State Activity When you had setup the LACP aggregator, you can configure port state activity. You can mark or unmark the port. When you mark the port and click Apply button the port state activity will change to Active. Opposite is Passive.
• Active: The port automatically sends LACP protocol packets. • Passive: The port does not automatically send LACP protocol packets, and responds only if it receives LACP protocol packets from the opposite device. Note A link having either two active LACP ports or one active port can perform dynamic LACP trunk. A link has two passive LACP ports will not perform dynamic LACP trunk because both ports are waiting for an LACP protocol packet from the opposite device.
Figure 3.28: Port Mirroring Rate Limiting You can set up every port’s bandwidth rate and frame limitation type. • Ingress Limit Frame type: select the frame type that wants to filter. The frame types have 4 options for selecting: All, Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Broadcast only. Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Bbroadcast only types are only for ingress frames. The egress rate only supports All type.
Figure 3.
3.2.3 Protocol VLAN configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the VLAN will receive traffic from the same members of VLAN. Basically, creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still plugged into the same switch physically.
Figure 3.31: Port based mode • Pull down the select item menu of VLAN Operation Mode, and select Port Based mode.
Figure 3.32: Port based mode-Add interface • You will see the VLAN displays. • Use Delete button to delete unwanted VLAN. • Use Edit button to modify existing VLAN group. Note Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off. 802.1Q VLAN Tagged-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices from different switch venders. IEEE 802.
Figure 3.33: 802.1Q VLAN Configuration 802.1Q Configuration • Pull down the select item menu of VLAN Operation Mode, and select Port Based mode. • Enable GVRP Protocol: mark the check box to enable GVRP protocol that allows network devices to dynamically exchange VLAN configuration information with other devices. If GVRP protocol is not enabled, user has to set the tagging information manually. • Select the port that you want to configure. • Link Type: there are 3 types of link type.
Figure 3.34: Edit Group Configuration interface • You can Change the VLAN group name and VLAN ID. • Click Apply . Figure 3.
Rapid Spanning Tree The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will auto detect the connected device that is running STP or RSTP protocol. RSTP - System Configuration • User can view spanning tree information about the Root Bridge • User can modify RSTP state.
RSTP - Port Configuration You can configure path cost and priority of every port. • Select the port in Port column. • Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200000000. • Priority: Decide which port should be blocked by priority in LAN. Enter a number 0 through 240. The value of priority must be the multiple of 16.
SNMP Configuration Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP.
Trap Configuration A trap manager is a management station that receives traps, the system alerts generated by the switch. If no trap manager is defined, no traps will issue. Create a trap manager by entering the IP address of the station and a community string. To define management stations as trap manager and enter SNMP community strings and selects the SNMP version. • IP Address: Enter the IP address of trap manager. • Community: Enter the community string.
Figure 3.40: SNMP V3 Configuration interface Group Table Configure SNMP v3 group table. • Security Name (User ID): Assign the user name that you have set up in user table. • Group Name: Set up the group name. • Click Add to add context name. • Click Remove to remove unwanted context name.
Access Table Configure SNMP v3 access table. • • • • • • • Context Prefix: Set up the context name. Group Name: Set up the group. Security Level: Set up the access level. Context Match Rule: Select the context match rule. Read View Name: Set up the read view. Write View Name: Set up the write view. Notify View Name: Set up the notify view. • Click Add to add context name. • Click Remove to remove unwanted context name. MIBview Table Configure MIB view table. • ViewName: Set up the name.
QoS Configuration You can configure Qos policy and priority setting, per port priority setting, COS and TOS setting. QoS Policy and Priority Type • Qos Policy: select the Qos policy rule. ¾ Use an 8,4,2,1 weighted fair queuing scheme: The switch will follow 8:4:2:1 rate to process priority queue from High to Lowest queue.
Figure 3.41: QoS Configuration interface Port Base Priority Configure per port priority level. • Port 1 ~ Port 10: each port has 4 priority levels – High, Middle, Low, and Lowest. • Click Apply . COS Configuration Set up the COS priority level. • COS priority: Set up the COS priority level 0~7 –High, Middle, Low, Lowest. • Click Apply .
TOS Configuration Set up the TOS priority. • TOS priority: the system provides 0~63 TOS priority level. Each level has 4 types of priority – high, middle, low, and lowest. The default value is “Lowest” priority for each level. When the IP packet is received, the system will check the TOS level value in the IP packet that has received. For example, user set the TOS level 25 is high. The port 1 is following the TOS priority policy only.
Figure 3.42: IGMP Configuration interface X-Ring X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms not the same. In the X-Ring topology, every switch should enable X-Ring function and assign two member ports in the ring. Only one switch in the X-Ring group would be set as a master switch, one of its path would be blocked, called backup port, and another port is called working port.
• Enable Dual Ring: When this check box is marked, the ‘Enable Ring Master’ check box will then also be enabled by the system which means this equipment is assigned as the Ring Master. The Dual Ring differs from the Couple Ring in that it only needs a unit to form a redundant linking system of two rings. • And then, click Apply to apply the configuration. Figure 3.43: X-ring interface Note When the X-Ring function enable, user must disable the RSTP.
3.2.4 Security In this section, you can configure 802.1x and MAC address table. 802.1X/Radius Configuration 802.1x is an IEEE authentication specification that allows a client to connect to a wireless access point or wired switch but prevents the client from gaining access to the Internet until it provides authority, like a user name and password that are verified by a separate server. 802.1X/Radius - System Configuration After enabling the IEEE 802.
Figure 3.45: 802.1x/Radius - Port Setting interface 802.1X/Radius - Misc Configuration • Quiet Period: set the period during which the port doesn’t try to acquire a supplicant. • TX Period: set the period the port wait for retransmit next EAPOL PDU during an authentication session. • Supplicant Timeout: set the period of time the switch waits for a supplicant response to an EAP request. • Server Timeout: set the period of time the switch waits for a server response to an authentication request.
MAC Address Table Use the MAC address table to ensure the port security. You can add a static MAC address; it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. You can add / modify / delete a static MAC address.
Figure 3.48: MAC Filtering interface • MAC Address: Enter the MAC address that you want to filter. • Click Add . • If you want to delete the MAC address from filtering table, select the MAC address and click Delete . MAC Address Table - All MAC Addresses You can view the port that connected device’s MAC address and related devices’ MAC address. • Select the port. • The selected port of static MAC address information will be displayed here.
Factory Default Reset switch to default configuration. Click Reset to reset all configurations to the default value. Figure 3.50: Factory Default interface Save Configuration Save all configurations that you have made in the system. To ensure the all configuration will be saved. Click Save to save the all configuration to the flash memory. Figure 3.51: Save Configuration interface System Reboot Reboot the switch in software reset. Click EKI-7758F User Manual Reboot 80 to reboot the system.
Figure 3.
EKI-7758F User Manual 82
CHAPTER Troubleshooting 83
Chapter 4 Troubleshooting Verify that is using the right power cord/adapter (+12~48VDC), please don’t use the power adaptor with DC output voltage higher than 48 V, or it will burn this converter down. Select the proper UTP cable to construct user network. Please check that is using the right cable. Use Unshielded Twisted-Pair (UTP) or Shielded Twisted-Pair (STP) cable for RJ-45 connections: 100 Category 3, 4 or 5 cable for 10 Mbps connections or 100 Category 5 cable for 100 Mbps connections.
APPENDIX Pin Assignment & Wiring 85
Appendix A Pin Assignment & Wiring It is suggested to adopt ELA/TIA as the wiring of the RJ-45. Figure A.1: RJ-45 Pin Assignment Figure A.2: EIA/TIA-568B Figure A.
Figure A.
EKI-7758F User Manual 88
APPENDIX Compatible SFP Modules 89
Appendix B Compatible SFP Modules The table below shows compatible SFP modules for EKI-7758F.
APPENDIX X-View 91
Appendix C X-View Based on the same function structure of the web management interface (Web UI), XView is a friendly and ease-of-use windows based utility which is designed to manage multiple devices in an easy operating environment with more color graphic pictures, diagrams, and consistent menus. The following descriptions and pictures will guide you to be familiar with this convenient utility. Firstly, the operating window will show up when the utility is launched. Figure C.
the managed devices on your LAN. Here is an example screenshot: Figure C.3: Two devices have been discovered • Discovery Filter: Click the mouse pointer on ‘Discovery Filter’ item or press ‘Ctrl+F’ to set the ‘Discovery Type’. Here is an example screenshot: Figure C.4: Discovery Filter setting window There is a radio button group of three selections to set the discovery type.
‘Range in this subnet’ to assign a range of IP addresses with the begin and the end ones then you will find the devices whose IP addresses are among this range. • Login: Click the mouse pointer on ‘Login’ in the top menu bar. Figure C.5: Login interface Select any one of the devices in the left tree menu field; the login interface (User Name/Password) on the right side will subsequently be available (see the figure below). Figure C.
Figure C.7: Reboot function Select any one of the devices in the left tree menu field; the reboot button on the right side will subsequently be available (see the figure below). Figure C.8: Press Reboot button to restart the switch • Refresh: Click the mouse pointer on ‘Refresh’ in the top menu bar to get the newest information of the current displaying function.
Figure C.9: Refresh for single function • Refresh All: Click the mouse pointer on ‘Refresh All’ in the top menu bar to refresh all the information of the switch. Figure C.
You can also make a check of the log by clicking on the ‘Log tab’ on the right side. Figure C.
The items in the top menu bar have been introduced. Subsequently, we will go through how to manage the devices via X-View interface. C.1 System C.1.1 System Information Assign the system name, location and view the system information • System Name: Assign the name of the switch. The maximum length is 64 bytes. • System Description: Displays the description of switch. Read only cannot be modified. • System Location: Assign the switch physical location. The maximum length is 64 bytes.
After user click “Apply” button, a popup dialog shows up to ask user entering user name and password. Figure C.13: IP Configuration—DHCP • Auto Range: When the Method is selected as Auto Range, you can fill in the IP addresses for IP Begin, IP End, Subnet Mask, Gateway, DNS Server1 and DNS Server2 column fields to assign a range of IP addresses. Or you can press the small square button (beside the ‘Set’ button) to load discovery filter as the IP distributing range.
• Manual: When the Method is selected as Manual, you can enter the IP configuration into the related column fields directly to assign or change the IP configuration. Press the ‘Set’ button to carry the setting into effect. Figure C.15: IP Configuration—Manual C.1.3 DHCP Server The system provides the DHCP server function. Enable the DHCP server function, the switch system will be a DHCP server. • DHCP Server: Enable or Disable the DHCP Server function.
Figure C.16: DHCP Server interface Client Entries When the DHCP server function is active, the system will collect the DHCP client information and displays it here. Figure C.17: DHCP Server – Client Entries Port and IP Binding You can assign the specific IP address that is one of the IP addresses in dynamic IP assigning range to the specific port.
Figure C.18: DHCP Server – Port and IP Binding C.1.4 TFTP Transaction Upgrade It provides two options that allow you to update the switch firmware. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server. • Use build-in support: Click the mouse pointer on the ‘Open’ button to locate file via explorer window. Figure C.19: TFTP Transaction – Upgrade 1 • Use remote tftp server: Enter the IP address of the TFTP server and the firmware file name.
Figure C.20: TFTP Transaction – Upgrade 2 Restore You can restore Flash ROM value from TFTP server, but you must put the image file on TFTP server first, switch will download back flash image. • Use build-in support: Click the mouse pointer on the ‘Open’ button to locate file via explorer window. Figure C.21: TFTP Transaction –Restore 1 • Use remote tftp server: Enter the IP address of the TFTP server and the firmware file name.
Figure C.22: TFTP Transaction – Restore 2 Backup You can save current Flash ROM value from the switch to TFTP server that you can go to the TFTP restore configuration page to restore the Flash ROM value later. • Use build-in support: Click the mouse pointer on the ‘Save’ button to locate a path via explorer window for saving the backup file. Figure C.23: TFTP Transaction – Backup 1 • Use remote tftp server: Enter the IP address of the TFTP server and the firmware file name.
Figure C.24: TFTP Transaction – Backup 2 C.1.5 System Event Log Syslog Configuration Configuring the system event mode you want to collect and system log server IP. • Mode: select the system log mode – Client Only, Server Only, or Both. • Server IP Address: assign the system log server IP. Figure C.25: Syslog Configuration Syslog Table This function lists the log information.
Figure C.26: Syslog Table SMTP Configuration You can set up the mail server IP, mail account, account password, and forwarded email account for receiving the event alert. Figure C.27: SMTP Configuration • Mode: enable or disable the email alert function. • Server IP Address: set up the mail server IP address (when Mode enabled, this function will then be available). • Sender: key in a complete email address, e.g. switch101@123.com, to identify where the event log comes from.
Event Configuration You can select the ‘Syslog’ and ‘SMTP’ events. When selected events occur, the system will send out the log information. Also, per port log and SMTP events can be selected. After configuring, Click ‘Apply’. • System Event selection: 4 selections – Device cold start, Device warm start, SNMP Authentication Failure, and X-ring topology change. Pull down the selection menu items to select the events. When selected events occur, the system will issue the logs.
• SNTP Client: enable or disable SNTP function to get the time from the SNTP server. • UTC Timezone: set the switch location time zone. The following table lists the different location time zone for your reference. • SNTP Sever URL: set the SNTP server IP address. Daylight Saving Time: • Daylight Saving: enable or disable daylight saving time function. When daylight saving time is enabled, you need to configure the daylight saving time period. • Period Begin: set up the Daylight Saving beginning time.
Figure C.30: IP Security Note Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off. C.1.8 User Authentication Change web management login user name and password for the management security issue. • • • • User name: Key in the new user name (The default is “admin”) Password: Key in the new password (The default is “admin”) Confirm password: Re-type the new password And then, click ‘Apply’ button to apply the configuration. Figure C.
C.2 Port C.2.1 Port Statistics The following information provides the current port statistic information. • • • • • • • • • • • • • • Port: The port number. Type: Displays the current speed of connection to the port. Link: The status of linking—‘Up’ or ‘Down’. State: It’s set by Port Control. When the state is disabled, the port will not transmit or receive any packet. Tx Good Packet: The counts of transmitting good packets via this port.
• Security: when its state is “On” that means this port accepts only one MAC address. • Click ‘Apply’ button to apply the configuration. Figure C.33: Port Control C.2.3 Port Status In Port Status, you can view every port status that depends on user setting and the negotiation result. Figure C.34: Port Status • Port No.: select the port that you want to configure. • State: current port status. The port can be set to disable or enable mode.
C.2.4 Port Trunk The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner. Link aggregation lets you group up to 4 consecutive ports into two dedicated connections.
Figure C.36: Port Trunk Status C.2.5 Port Mirroring The Port mirroring is a method for monitor traffic in switched networks. Traffic through ports can be monitored by one specific port. That means traffic goes in or out monitored (source) ports will be duplicated into mirror (destination) port. • Rx Destination Port: There is only one port can be selected to be destination (mirror) port for monitoring RX traffic which come from source port. User can connect mirror port to LAN analyzer or Netxray.
Here you can set up every port’s bandwidth rate and frame limitation type. • Ingress Limit Frame type: select the frame type that wants to filter. The frame types have 4 options for selecting: All, Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Broadcast only. Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast and Bbroadcast only types are only for ingress frames. The egress rate only supports All type. • All the ports support port ingress and egress rate control.
C.3 Protocol C.3.1 VLAN VLAN configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the VLAN will receive traffic from the same members of VLAN. Basically, creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still plugged into the same switch physically.
Figure C.40: 802.1Q VLAN Port Configuration Set Port No., Link Type, Untagged VID, and Tagged VIDs then click ‘Apply’ button to apply. Figure C.41: Port Configuration VLAN Table This function displays the VLAN table information.
Figure C.42: VLAN Table Port-based VLAN Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.
C.3.2 Rapid Spanning Tree The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will auto detect the connected device that is running STP or RSTP protocol. • User can view spanning tree information about the Root Bridge. • User can modify RSTP state. After modification, click ‘Apply’ button.
Figure C.44: RSTP Note Follow the rule to configure the MAX Age, Hello Time, and Forward Delay Time. 2 x (Forward Delay Time value –1) > = Max Age value >= 2 x (Hello Time value +1) RSTP - Port Configuration Here you can view the RSTP information. Figure C.45: RSTP Information C.3.3 SNMP Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network.
network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP. Agent Version Select the SNMP version that you want to use it. And then click ‘Apply’ to switch to the selected SNMP version mode. Figure C.46: SNMP Community Strings Figure C.47: Community Strings You can define new community string set and remove unwanted community string. • Community String: Fill the name string.
A trap manager is a management station that receives traps, the system alerts generated by the switch. If no trap manager is defined, no traps will issue. Create a trap manager by entering the IP address of the station and a community string. To define management stations as trap manager and enter SNMP community strings and selects the SNMP version. • • • • • Server IP: Enter the IP address of trap manager. Community: Enter the community string. Trap Version: Select the SNMP trap version type – v1 or v2c.
SNMPv3 User Table Configure SNMP v3 user table.. • User Name: set up the user name. • Authentication Password: set up the authentication password. • Privacy Password: set up the private password. • Click ‘Add’ to add context name. • Click ‘Delete’ to remove unwanted context name. Figure C.50: SNMPv3 User Table SNMPv3 Group Table Configure SNMP v3 group table. • • • • Security Name (User ID): Assign the user name that you have set up in user table. Group Name: Set up the group name.
SNMPv3 Access Table Configure SNMP v3 access table. Figure C.52: SNMPv3 Access Table • • • • • • • • • Context Prefix: Set up the context name. Group Name: Set up the group. Security Level: Set up the access level. Context Match Rule: Select the context match rule. Read View Name: Set up the read view. Write View Name: Set up the write view. Notify View Name: Set up the notify view. Click ‘Add’ to add context name. Click ‘Delete’ to remove unwanted context name.
Figure C.53: SNMPv3 MIBView Table C.3.4 QoS Configuration You can configure Qos policy and priority setting, per port priority setting, COS and TOS setting. QoS Policy and Priority Type • Qos Policy: select the Qos policy rule. ¾ Use an 8,4,2,1 weighted fair queuing scheme: The switch will follow 8:4:2:1 rate to process priority queue from High to Lowest queue.
Figure C.54: QoS Port Base Priority Configure per port priority level. • Port 1 ~ Port 10: each port has 4 priority levels – High, Middle, Low, and Lowest. • Click ‘Apply’. Figure C.55: Port Based Priority COS Settings Set up the COS priority level. • COS priority: Set up the COS priority level 0~7 –High, Middle, Low, Lowest. • Click ‘Apply’.
Figure C.56: COS Settings TOS Settings Set up the TOS priority. • TOS priority: the system provides 0~63 TOS priority level. Each level has 4 types of priority – high, middle, low, and lowest. The default value is “Lowest” priority for each level. When the IP packet is received, the system will check the TOS level value in the IP packet that has received. For example, user set the TOS level 25 is high. The port 1 is following the TOS priority policy only.
IGMP Configuration The Internet Group Management Protocol (IGMP) is a communications protocol used to manage the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to establish multicast group memberships. It is an integral part of the IP multicast specification, like ICMP for unicast connections. IGMP can be used for online video and gaming, and allows more efficient use of resources when supporting these uses.
Figure C.59: IGMP Snooping Table X-Ring X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms not the same. In the X-Ring topology, every switch should enable X-Ring function and assign two member ports in the ring. Only one switch in the X-Ring group would be set as a master switch, one of its path would be blocked, called backup port, and another port is called working port.
• And then, click ‘Apply’ to apply the configuration. Figure C.
C.4 Security In this section, you can configure 802.1x and MAC address table. C.4.1 802.1x/RADIUS 802.1x is an IEEE authentication specification that allows a client to connect to a wireless access point or wired switch but prevents the client from gaining access to the Internet until it provides authority, like a user name and password that are verified by a separate server. After enabling the IEEE 802.1X function, you can configure the parameters of this function. Radius Server Settings: • IEEE 802.
Figure C.61: 802.1x/RADIUS Port Auth You can configure 802.1x authentication state for each port. The State provides Disable, Accept, Reject and Authorize. • Reject: the specified port is required to be held in the unauthorized state. • Accept: the specified port is required to be held in the Authorized state. • Authorized: the specified port is set to the Authorized or Unauthorized state in accordance with the outcome of an authentication exchange between the Supplicant and the authentication server.
You can add a static MAC address; it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. You can add / modify / delete a static MAC address. Static MAC Address You can add static MAC address in the switch MAC table here.
Figure C.64: MAC Filtering All MAC Addresses You can view the port of connected device’s MAC address and related devices’ MAC address. • Select the port. • The selected port of the static MAC address information will be displayed here. • Click ‘Clear’ button to clear the current port static MAC address information in the MAC table. Figure C.
C.5 Factory Default Reset switch to default configuration. Mark the check boxes to keep current IP, User Name and Password while rebooting. Click ‘Apply button to reset all configurations to the default value. Figure C.66: Factory Default C.6 Save To Flash Save all configurations that you have made in the system. To ensure the all configuration will be saved. Click ‘Save’ button to save the entire configuration to the flash memory. Figure C.
C.7 System Reboot Reboot the switch in software reset. Click ‘Reboot’ button to reboot the system. Figure C.