EKI-2748FI 8G ports Industrial Managed Redundant Gigabit Ethernet Switch, 4 Gigabit Copper and 4 Gigabit SFP User Manual
Copyright The documentation and the software included with this product are copyrighted 2010 by Advantech Co., Ltd. All rights are reserved. Advantech Co., Ltd. reserves the right to make improvements in the products described in this manual at any time without notice. No part of this manual may be reproduced, copied, translated or transmitted in any form or by any means without the prior written permission of Advantech Co., Ltd. Information provided in this manual is intended to be accurate and reliable.
Product Warranty (2 years) Advantech warrants to you, the original purchaser, that each of its products will be free from defects in materials and workmanship for two years from the date of purchase. This warranty does not apply to any products which have been repaired or altered by persons other than repair personnel authorized by Advantech, or which have been subject to misuse, abuse, accident or improper installation.
Declaration of Conformity CE This product has passed the CE test for environmental specifications. Test conditions for passing included the equipment being operated within an industrial enclosure. In order to protect the product from being damaged by ESD (Electrostatic Discharge) and EMI leakage, we strongly recommend the use of CE-compliant industrial enclosure products.
Safety Instructions 1. Read these safety instructions carefully. 2. Keep this User's Manual for later reference. 3. Disconnect this equipment from any AC outlet before cleaning. Use a damp cloth. Do not use liquid or spray detergents for cleaning. 4. For plug-in equipment, the power outlet socket must be located near the equipment and must be easily accessible. 5. Keep this equipment away from humidity. 6. Put this equipment on a reliable surface during installation.
Safety Precaution - Static Electricity Follow these simple precautions to protect yourself from harm and the products from damage. 1. To avoid electrical shock, always disconnect the power from your equipment chassis before you work on it. 2. Disconnect power before making any configuration changes.
Chapter 1 Contents Overview......................................... 12 1.1 Introduction ......................................................... 12 1.1.1 The SFP Advantage ................................ 12 1.1.2 SFP with DMI Function............................ 12 1.1.3 High-Speed Transmissions ..................... 12 1.1.4 Dual Power Inputs ................................... 12 1.1.5 Flexible Mounting .................................... 13 1.1.6 Wide Operating Temperature .................. 13 1.
Figure 3.1-3 Figure 3.1-4 Figure 3.1-5 COM Port Properties Setting ..............................37 Login Screen: RS-232 Configuration .................37 Command Line Interface ....................................38 3.2 Commands Set ................................................... 39 3.2.1 Commands Level..................................... 39 Table 3.1: Command Level.........................................................39 3.2.2 Commands Set List ................................. 39 Table 3.
3.3.1 System..................................................... 53 Figure 3.3-4 System Information.............................................53 Figure 3.3-5 IP Configuration..................................................54 Figure 3.3-6 DHCP Server - System Configuration................55 Figure 3.3-7 DHCP Server – Client Entries ............................56 Figure 3.3-8 DHCP Server – Port & IP Binding .....................57 Figure 3.3-9 TFTP – Update Firmware ...................................
Figure 3.3-47 Figure 3.3-48 Figure 3.3-49 Figure 3.3-50 Figure 3.3-51 Figure 3.3-52 Figure 3.3-53 Figure 3.3-54 802.1x/Radius - Misc Configuration...................99 Static MAC Addresses interface.......................100 MAC Filtering interface....................................101 All MAC Address interface ..............................102 Multicast Filtering interface..............................103 Factory Default interface ..................................104 Save Configuration interface .......
CHAPTER Overview Sections include: z Introduction z Features z Specifications z Packing List z Safety Precaution xi Contents
Chapter 1 Overview 1.1 Introduction To create reliability in your network, the EKI-2748FI comes equipped with a proprietary redundant network protocol—X-Ring that was developed by Advantech, which provides users with an easy way to establish a redundant Ethernet network with ultra high-speed recovery time less than 10 ms. Aside from 4 x 10/100/1000Base-T(X) Fast Ethernet ports, the EKI-2748FI come equipped with 4 SFP (mini-GBIC) fiber optic ports.
1.1.5 Flexible Mounting EKI-2748FI is compact and can be mounted on a DIN-rail or panel, so it is suitable for any space-constrained environment. 1.1.6 Wide Operating Temperature The operating temperature of the EKI-2748FI is between -40 ~ 75 ℃. With such a wide range, you can use the EKI-2748FI in some of the harshest industrial environments that exist. 1.1.7 Easy Troubleshooting LED indicators make troubleshooting quick and easy.
1.2 Features • All Gigabit Ethernet ports for 4 Copper and 4 SFP • SFP sockets for easy and flexible fiber expansion • Redundancy: Gigabit X-Ring (ultra high-speed recovery time < 10ms), RSTP/STP (802.1w/1D) • Management: Web, Telnet, Serial Console, Windows Utility, SNMP • Control: VLAN/GVRP, QoS, IGMP Snooping, LACP, Rate Limit • Security: IP/MAC and port binding, DHCP Server, IP access list, 802.
1.3 Specifications Communications Standard LAN Transmission Distance Transmission Speed IEEE 802.3, 802.3ab, 802.3ad, 802.3u, 802.3x, 802.3z IEEE 802.1d, 802.1p, 802.1Q, 802.1w, 802.1X, 10/100/1000Base-TX, Optional 100Base-FX, 1000Base-SX/LX/LHX/XD/ZX/EZX Ethernet: Up to 100m (4-wire Cat.5e, Cat.
Power Power Consumption Power Input Fault Output 13W 2 x Unregulated +12 ~ 48 VDC, 24VAC (18~30V) 1 Relay Output Mechanism Dimensions (WxHxD) Enclosure Mounting 59.
1.4 Packing List • • • • • • • 1 x EKI-2748FI Industrial Managed Gigabit Ethernet Switch 1 x eAutomation Industrial Communication CD-ROM and User manual 2 x Wall Mounting Bracket and Screws 1 x DIN-rail Mounting Bracket and Screws 1 x 8-pin RJ-45 to RS-232 serial cable 1 x DC Jack Cable φ2.0/150mm 1 x EKI-2748FI Startup Manual 1.5 Safety Precaution Attention IF DC voltage is supplied by an external circuit, please use a protection device on the power supply input.
EKI-2748FI_Manual 18
CHAPTER Installation Sections include: z LED Indicators z Dimensions z Mounting z Network Connection z Connection to a Fiber Optic Network z Power Connection 19 Chapter 2
Chapter 2 Installation In this chapter, you will be given an overview of the EKI-2748FI hardware installation procedures. 2.1 LED Indicators There are few LEDs display the power status and network status located on the front panel of EKI-2748FI, each of them has its own specific meaning shown as below. Table 2.1: EKI-2748FI LED Definition LED Color R.M.
2.2 Dimensions (unit: mm) Figure 2.
Figure 2.
Figure 2.
Figure 2.
2.3 Mounting The EKI-2748FI supports two mounting methods: DIN-rail & Wall. 2.3.1 Wall mounting EKI-2748FI can be wall-mounted by using the included mounting kit. Then, hang on the EKI-2748FI to the nails on the wall. First, use the screws included in the package to combine the EKI-2748FI and metal mounting kit. And then you can install the device firmly via the components, please see Figure 2.5 as below. Figure 2.
2.3.2 DIN-rail Mounting You can also mount EKI-2748FI on a standard DIN-rail by steps below. The DIN-rail kit is screwed on the industrial switch when out of factory. If the DIN-rail kit is not screwed on the industrial switch, please screw the DIN-rail kit on the switch first. First, hang the EKI-2748FI to the DIN-rail with angle of inclination. See Figure 2.6. Figure 2.
Then, hook the device over the DIN rail and let it drop down straight to slide over the rail smoothly. Figure 2.
2.4 Network Connection The EKI-2748FI has 4 x RJ-45 ports that support connection to 10 Mbps Ethernet, 100 Mbps Fast Ethernet or 1000 Mbps Gigabit Ethernet. EKI-2748FI can be connected to other hubs or switches via a twisted-pair straight-through or crossover cable up to 100m long. The connection can be made from any TX port of the EKI-2748FI (MDI-X) to another hub or switch either MDI-X or uplink MDI port. The EKI-2748FI supports auto-crossover to make networking more easy and flexible.
Figure 2.9: Transceiver Inserted Second, insert the fiber cable of LC connector into the transceiver. Figure 2.
To remove the transceiver from the slot, please follow the steps shown below: First, press the upper side of the LC connector to release from the transceiver and pull it out. Figure 2.11: Remove LC connector Second, push down the metal loop and pull the transceiver out by the plastic handle. Figure 2.
2.6 Power Connection The EKI-2748FI supports dual +12 ~ 48 VDC and 24 VAC power inputs and power-fail relay output. Terminal Block Front View for Fault Alarm Contact 24Vdc, 1A Resistance Fault Alarm Application Example Figure 2.13: Pin Assignment of the Power Connector You can connect an alarm indicator, buzzer or other signaling equipment through the relay output.
2.7 X-Ring Application The industrial switch supports the X-Ring protocol that can help the network system recover from network connection failure within 10ms or less and make the network system more reliable. The X-Ring algorithm is similar to Spanning Tree Protocol (STP) and Rapid STP (RSTP) algorithm but its recovery time is less than STP/RSTP. The figure below is a sample of X-Ring application. Note The Ethernet switches with firmware version before v3.
2.8 Coupling Ring Application As the illustration shown below, users can use the X-Ring groups to form a coupling ring for redundant backup. It can ensure the transmissions between X-Ring groups not to fail. The following figure is a sample of coupling ring application. Note The Ethernet switches with firmware version before v3.0 use the X-Ring function that has the limitations as follows. However, the ones with firmware version after v3.
2.9 Dual Homing Application The Dual Homing function is to prevent the connection loss between the particular XRing group and the upper level/core switch. Assign one port, and only one, to be the Dual Homing port that is the backup port in each single X-Ring group. The Dual Homing function only works when the X-Ring function is active. Note The Ethernet switches with firmware version before v3.0 use the X-Ring function that has the limitations as follows. However, the ones with firmware version after v3.
CHAPTER Configuration Sections include: z RS-232 Console z Commands Set z Web Browser 35 Chapter3
Chapter 3 Configuration The EKI-2748FI can be configured via RS-232 Console or a web browser. 3.1 RS-232 Console EKI-2748FI’s RS-232 console is designed for rapidly configuring which provides the console management – CLI command. Attach the supplied cable, which one end is RJ-45 and the other end is female DB9, to connect EKI2748FI and your host PC or terminal. The connected PC or terminal must support the terminal emulation program. Figure 3.
Select the appropriate COM port, and set the parameter as the figure shown below (9600 for Baud Rate, 8 for Data Bits, None for Parity, 1 for Stop Bits, and None for Flow Control). Figure 3.1-3 COM Port Properties Setting Press Enter to bring the login screen (If you can not find the login screen, press Enter one more time). The default user name and password are both “admin”. Key-in the user name and password to enter the command line interface. Figure 3.
After you have logged in to the system, you will see a command prompt. To enter CLI management interface, type in “enable” command. Figure 3.
3.2 Commands Set The following table lists the CLI commands and description. 3.2.1 Commands Level Table 3.1: Command Level Modes Access Method Prompt Begin a session with your switch. User EXEC Enter the enable command while in user EXEC mode. Global Configuration VLAN database 3.2.2 About This Model Enter logout or quit. The user commands available at the user level are a subset of those available at the privileged level. Use this mode to • Perform basic tests. • Display system information.
3.2.3 System Commands Set Table 3.
no security G no security http G no security telnet 3.2.4 G Disable IP security function switch(config)#no security Disable IP security of HTTP server switch(config)#no security http Disable IP security of telnet server switch(config)#no security telnet Port Commands Set Table 3.4: Port Commands Set Commands interface fastEthernet [Portid] duplex [full | half] Level Description Example Choose the port for modification.
show interface configuration show interface status I Clear interface accounting information I show interface accounting no accounting 3.2.
3.2.7 VLAN Commands Set Table 3.7: VLAN Commands Set Commands vlan database Vlanmode [portbase| 802.1q | gvrp] Level P Description Enter VLAN configure mode To set switch VLAN mode. V no vlan V No VLAN Example switch#vlan database switch(vlan)#vlanmode portbase or switch(vlan)#vlanmode 802.
3.2.8 Spanning Tree Commands Set Table 3.8: Spanning Tree Commands Set Commands spanning-tree enable spanning-tree priority [0~61440] Level G G spanning-tree max-age [seconds] G spanning-tree hello-time [seconds] G spanning-tree forward-time [seconds] G stp-path-cost [1~200000000] I stp-path-priority [Port Priority] I stp-admin-p2p [Auto|True|False] stp-admin-edge [True|False] stp-admin-non-stp [True|False] show spanning-tree I I I E no spanning-tree 3.2.
Commands Level qos policy [weighted-fair|strict] qos prioritytype [port-based|cos-only|tos-only|cosfirst|tos-first] qos priority portbased [Port] [lowest|low|middle|high] G Example Select QOS policy scheduling switch(config)#qos policy weighted-fair Setting of QOS priority type switch(config)#qos prioritytype Configure Port-based Priority switch(config)#qos priority portbased 1 low Configure COS Priority switch(config)#qos priority cos 0 middle Configure TOS Priority switch(config)#qos priorit
address table 3.2.12 SNMP Commands Set Table 3.
SNMPV3 agent. [View Name] type [Excluded|Included] sub-oid [OID] 3.2.13 Excluded sub-oid 1.3.6.1 Port Mirroring Commands Set Table 3.13: Port Mirroring Commands Set Commands monitor rx Level G monitor tx G show monitor P monitor [RX|TX|Both] I show monitor I no monitor I 3.2.
8021x misc maxrequest [number] G 8021x misc reauthperiod [sec.] G 8021x portstate [disable | reject | accept | authorize] I show 8021x E no 8021x G 3.2.15 timeout global configuration command to set the server timeout. Use the 802.1x misc max request global configuration command to set the MAX requests. Use the 802.1x misc reauth period global configuration command to set the reauth period. Use the 802.1x port state interface configuration command to set the state of the selected port.
[Systemlog|SMTP|Both] event X-ring-topology-change [Systemlog|SMTP|Both] event systemlog [Link-UP|Link-Down|Both] event smtp [Link-UP|Link-Down|Both] show event no event device-cold-start no event authentication-failure G I I P G G no event X-ring-topology-change G no event systemlog I no event smpt I show systemlog 3.2.
ring ringport [1st Ring Port] [2nd Ring Port] G ring couplingport [Coupling Port] ring controlport [Control Port] G G ring homingport [Dual Homing Port] show ring G Configure 1st/2nd Ring Port switch(config)#ring ringport 7 8 Configure Coupling Port switch(config)#ring couplingport 1 Configure Control Port switch(config)#ring controlport 2 Configure Dual Homing Port switch(config)#ring homingport 3 P Show the information of X - Ring switch#show ring no ring G Disable X-ring switch(config
3.3 Web Browser EKI-2748FI provides a convenient configuring way via web browser. You can follow the steps below to access EKI-2748FI. EKI-2748FI’s default IP is 192.168.1.1. Make sure your host PC and EKI-2748FI are on the same logical sub-network. Warning Your host PC should be in the same VLAN setting with EKI-2748FI, or the management will not be configured. Connect EKI-2748FI to the Ethernet then your host PC could be configured via Ethernet.
In the main page, you can find the tree menu structure of the Ethernet switch in the left side. Click the “+” symbol to unroll the hiding hyperlink, and click any one of the hyperlinks to open its function page. Figure 3.
3.3.1 System System Information Assign the system name, location and view the system information • • • • • • • System Name: Assign the name of the switch. The maximum length is 64 bytes. System Description: Displays the description of switch. Read only cannot be modified. System Location: Assign the switch physical location. The maximum length is 64 bytes. System Contact: Enter the name of contact person or organization. Firmware Version: Displays the switch’s firmware version.
IP Configuration Due to the foreseeable address exhausition of IPv4, the IP configuration of the Ethernet switch is designed to provide an interface for users to configure the switch running both IPv4 and IPv6 architecture. IPv4 The IPv4 tab allows users to configure the switch to receive an IP address from DHCP server or manually fill in IP Address, Subnet Mask, Gateway, IP addresses of the primary and the secondary DNS servers. • DHCP Client: Enable or disable the DHCP client function.
DHCP Server – System configuration DHCP is the abbreviation of Dynamic Host Configuration Protocol that is a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.
DHCP Server – Client Entries When the DHCP server function is active, the system will collect the DHCP client information and displays it here. Figure 3.
DHCP Server - Port and IP Bindings Assign the dynamic IP address to the port. When the device is connecting to the port and asks for IP assigning, the system will assign the IP address that has been assigned before to the connected device. Figure 3.
TFTP - Update Firmware Trivial File Transfer Protocol (TFTP) is a very simple file transfer protocol, with the functionality of a very basic form of FTP. It provides the functions to allow the user to update the switch firmware. Before updating, make sure you have your TFTP server ready and the firmware image is on the TFTP server. • TFTP Server IP Address: Fill in your TFTP server IP. • Firmware File Name: Type in the name of the firmware image. • And then, click Apply Figure 3.
TFTP – Restore Configuration You can restore the configuration from TFTP server. Before doing that, you must put the image file on TFTP server first and the switch will download back the flash image. • TFTP Server IP Address: Fill in the TFTP server IP. • Restore File Name: Fill in the correct restore file name. • Click Apply Figure 3.
TFTP - Backup Configuration You can save current Flash ROM value from the switch to TFTP server for restoring later. • TFTP Server IP Address: Fill in IP address of the TFTP server. • Backup File Name: Fill in the file name • Click Apply . Figure 3.
System Event Log – Syslog Configuration Configure the system event mode to collect system log. • Syslog Client Mode: Select the system log mode—Client Only, Server Only, or Both. • System Log Server IP Address: Assign the system log server IP. • When Syslog Client Mode is set as Client Only, the system event log will only be reserved in the switch’s RAM until next reboot.
System Event Log - SMTP Configuration You can set up the mail server IP, mail account, password, and forwarded email account for receiving the event alert. • Email Alert: Enable or disable the email alert function. • SMTP Server IP: Set up the mail server IP address (when Email Alert enabled, this function will then be available). • Sender: Type in an alias of the switch in complete email address format, e.g. switch01@123.com, to identify where the event log comes from.
System Event Log - Event Configuration When the Syslog/SMTP checkbox is ticked, the event log will be sent to system log server/SMTP server. Also, per port log (link up, link down, and both) events can be sent to the system log server/SMTP server with the respective checkbox ticked. After configuring, click ‘Apply’ to have the setting taken effect. • System event selection: There are 4 event types—Device cold start, Device warm start, Authentication Failure, and X-ring topology change.
Fault Relay Alarm • Power Failure: Tick the checkbox to enable the function of lighting up the FAULT LED on the panel when power fails. • Port Link Down/Broken: Tick the checkbox to enable the function of lighting up FAULT LED on the panel when ports’ states are link-down or broken. Figure 3.
SNTP Configuration You can configure the SNTP (Simple Network Time Protocol) settings which allow you to synchronize switch clocks on the Internet. • SNTP Client: Enable/disable SNTP function to get the time from the SNTP server. • Daylight Saving Time: Enable/disable daylight saving time function. When daylight saving time is enabled, you need to configure the daylight saving time period. • UTC Timezone: Set the switch location time zone.
ZP5 - USSR Zone 4 +5 hours 5 pm ZP6 - USSR Zone 5 +6 hours 6 pm WAST - West Australian Standard +7 hours 7 pm CCT - China Coast, USSR Zone 7 +8 hours 8 pm JST - Japan Standard, USSR Zone 8 +9 hours 9 pm EAST - East Australian Standard GST Guam Standard, USSR Zone 9 +10 hours 10 pm IDLE - International Date Line NZST - New Zealand Standard NZT - New Zealand +12 hours Midnight • SNTP Sever URL: Set the SNTP server IP address. • Switch Timer: Displays the current time of the switch.
IP Security IP security function allows the user to assign 10 specific IP addresses that have permission to access the switch through the web browser for the securing switch management. • IP Security Mode: When this option is in Enable mode, the Enable HTTP Server and Enable Telnet Server checkboxes will then be available. • Enable HTTP Server: When this checkbox is ticked, the IP addresses among Security IP1 ~ IP10 will be allowed to access this switch via HTTP service.
User Authentication Change web management login user name and password for the management security issue. • User Name: Key in the new user name (The default is “admin”). • Password: Key in the new password (The default is “admin”). • Confirm Password: Re-type the new password. • And then, click Apply to apply the configuration. Figure 3.
3.3.2 Port Port setting includes Port Statistics, Port Control, Port Trunk, Port Mirroring, and Rate Limiting. The user can use this interface to set the parameters and control the packet flow among the ports. Port Statistics The following information provides the current port statistics information. • • • • • • • • • • • • • • Port: Displays the port number. Type: Displays the media type of the port. Link: The status of linking—‘Up’ or ‘Down’.
Port Control In Port Control, you can pull down the selection items to set the parameters of each port to control the transmitting/receiving packets. • Port: Select the port that you want to configure. • State: Current port status. The port can be set to disable or enable mode. If the port state is set as ‘Disable’, it will not receive or transmit any packet. • Negotiation: Auto and Force. Being set as Auto, the speed and duplex mode are negotiated automatically.
Port Trunk The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner. Link aggregation lets you group up to 4 ports into one dedicated connections.
Aggregator Information When you have set up the aggregator setting with LACP disabled, you will see the local static trunk group information as below. Figure 3.3-22 Figure 3.
When you have set up the aggregator setting of two interconnected switches with LACP enabled, you will see the respective LACP trunk group information as below. Figure 3.
State Activity Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the state activity for the members of the LACP trunk group. You can tick or cancel the checkbox beside the state display. When you remove the tick mark to the port and click Apply , the port state activity will change to Passive. • Active: The port automatically sends LACP protocol packets.
Port Mirroring The Port mirroring is a method for monitoring traffic in switched networks. Traffic through ports can be monitored by one specific port which means traffic goes in or out monitored (source) ports will be duplicated into mirroring (destination) port. • Destination Port: There is only one port can be selected to be the destination (mirroring) port for monitoring both RX and TX traffic which come from the source port.
Rate Limiting Here you can set up every port’s frame limitation type and bandwidth rate. • Ingress Limit Frame type: Select the frame type you want to filter. The frame types have 4 options for selecting: All, Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast, and Broadcast only. The four frame type options are for ingress frames limitation. The egress rate only supports ‘All’ type. All ports support port ingress and egress rate control.
DMI (Digital Monitoring Interface) The SFP supports DMI function which allows real-time access to device operating parameters, and includes optional digital features such as soft control and monitoring of SFP I/O signals. In addition, you can set up the action of alarms and warnings by ports to manage your device. You can see the transceiver’s status by ports and set up the action when detecting the exceptional value. The action includes the following options.
3.3.3 Protocol The user can set the layer 2 protocol setting via this interface. VLAN configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the same VLAN will receive traffic from the ones of the same VLAN. Basically, creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch.
VLAN configuration - Port-based VLAN Packets can go among only members of the same VLAN group. Note all unselected ports are treated as belonging to another single VLAN. If the port-based VLAN enabled, the VLAN-tagging is ignored.
Figure 3.3-31 Port based mode-Add interface • Enter the group name and VLAN ID. Add the port number having selected into the right field to group these members to be a VLAN group or remove any of them listed in the right field from the VLAN. • And then, click Apply to have the settings take effect. • You will see the VLAN displays.
Figure 3.3-32 Port Based Edit/Delete interface • Use Delete to delete the VLAN. • Use Note Edit to modify group name, VLAN ID, or add/remove the members of the existing VLAN group. Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off.
802.1Q VLAN Tagged-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices from different switch venders. IEEE 802.1Q VLAN uses a technique to insert a “tag” into the Ethernet frames. Tag contains a VLAN Identifier (VID) that indicates the VLAN numbers. You can create Tag-based VLAN, and enable or disable GVRP protocol. There are 256 VLAN groups to provide configuration. Enable 802.1Q VLAN, all ports on the switch belong to default VLAN of VID 1.
Figure 3.3-33 802.
Group Configuration Edit the existing VLAN Group. • Select the VLAN group in the table list. • Click Edit . Figure 3.3-34 Edit Group Configuration interface • Having clicked the Edit button, you can change the VLAN group name and VLAN ID. Figure 3.3-35 • Click Apply . EKI-2748FI_Manual 84 802.
Rapid Spanning Tree The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will auto-detect the connected device that is running STP or RSTP protocol. RSTP - System Configuration • The user can view spanning tree information of the Root Bridge. • The user can modify RSTP state. After modification, click Apply .
RSTP - Port Configuration Here you can configure the path cost and priority of each port. • Select the port in the port column field. • Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200,000,000. • Priority: Decide which port should be blocked by priority in LAN. Enter a number 0 through 240 (the port of the highest value will be blocked). The value of priority must be the multiple of 16.
SNMP Configuration Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP.
Trap Configuration A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is defined, no traps will be issued. Create a trap manager by entering the IP address of the station and a community string. To define a management station as a trap manager, assign an IP address, enter the SNMP community strings, and select the SNMP trap version. • IP Address: Enter the IP address of the trap manager. • Community: Enter the community string.
SNMPV3 Configuration Configure the SNMP V3 function. Context Table Configure SNMP v3 context table. Assign the context name of context table. Click Apply to add context name. User Table Configure SNMP v3 user table.. • User ID: Set up the user name. • Authentication Password: Set up the authentication password. • Privacy Password: Set up the private password. • Click Add to add context name. • Click Remove to remove unwanted context name. Group Table Configure SNMP v3 group table.
Figure 3.
QoS Configuration Here you can configure Qos policy and priority setting, per port priority setting, COS and TOS setting. QoS Policy and Priority Type • Qos Policy: Select the QoS policy rule. ¾ Use an 8,4,2,1 weighted fair queuing scheme: The switch will follow 8:4:2:1 rate to process priority queue from High to lowest queue.
Figure 3.
IGMP Configuration The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts that support IGMP. Enabling IGMP allows the ports to detect IGMP queries, report packets, and manage IP multicast traffic through the switch. IGMP have three fundamental types of message shown as follows: Table 3.
X-Ring X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms between them are not the same. In the X-Ring topology, each switch should be enabled with the X-Ring function and two ports of each switch should be configured as the member ports in the ring.
Figure 3.3-43 Note X-ring interface To enable the X-Ring function, users must disable the RSTP first. The X-Ring function and RSTP function cannot both be activated on a single switch. Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch powers off.
LLDP Configuration LLDP (Link Layer Discovery Protocol) function allows the switch to advertise its information to other nodes on the network and store the information it discovers. • LLDP Protocol: Disable or enable the LLDP function. • LLDP Interval: Set the interval of learning the information in seconds. • Click Apply . Figure 3.
3.3.4 Security In this section, you can configure 802.1x and MAC address table. 802.1X/Radius Configuration 802.1x is an IEEE authentication specification which prevents the client from connecting to a wireless access point or wired switch until it provides authority, like the user name and password that are verified by an authentication server (such as RADIUS server). 802.1X/Radius - System Configuration After enabling the IEEE 802.1X function, you can configure the parameters of this function.
802.1x/Radius - Port Configuration You can configure the 802.1x authentication state for each port. The state provides Disable, Accept, Reject, and Authorize. • Reject: The specified port is required to be held in the unauthorized state. • Accept: The specified port is required to be held in the Authorized state. • Authorized: The specified port is set to the Authorized or Unauthorized state in accordance with the outcome of an authentication exchange between the Supplicant and the authentication server.
802.1X/Radius - Misc Configuration • Quiet Period: Set the period which the port doesn’t try to acquire a supplicant. • TX Period: Set the period the port waits for retransmit next EAPOL PDU during an authentication session. • Supplicant Timeout: Set the period of time the switch waits for a supplicant response to an EAP request. • Server Timeout: Set the period of time the switch waits for a server response to an authentication request.
MAC Address Table Use the MAC address table to ensure the port security. You can add a static MAC address; it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again. You can add / modify / delete a static MAC address.
MAC Address Table - MAC Filtering By filtering MAC address, the switch can easily filter the pre-configured MAC address and reduce the unsafety. You can add and delete filtering MAC address. Figure 3.3-49 MAC Filtering interface • MAC Address: Enter the MAC address that you want to filter. • Click Add . • If you want to delete the MAC address from filtering table, select the MAC address and click Delete .
Figure 3.
MAC Address Table—Multicast Filtering Multicasts are similar to broadcasts, they are sent to all end stations on a LAN or VLAN. Multicast filtering is the system by which end stations only receive multicast traffic if they register to join specific multicast groups. With multicast filtering, network devices only forward multicast traffic to the ports that are connected to registered end stations. • IP Address: Assign a multicast group IP address in the range of 224.0.0.0 ~ 239.255.255.255.
Factory Default Reset switch to default configuration. Tick the check boxes to keep the current IP address, user name and password before reset. Click Reset to reset all configurations to the default value. Figure 3.
Save Configuration Save all configurations that you have made in the system. To ensure the all configuration will be saved, click Save to save the all configuration to the flash memory. Figure 3.
System Reboot Reboot the switch in software reset. Click Reboot to reboot the system. Figure 3.
Chapter3
CHAPTER Troubleshooting EKI-2748FI_Manual 108
Chapter 4 Troubleshooting Verify that you are using the included or appropriate power cord/adapter. Don’t use the power adaptor with DC output voltage higher than the power rating of the device. Otherwise, the device will burn down. Select the proper UTP cable to construct the network.
APPENDIX Pin Assignments & Wiring EKI-2748FI_Manual 110
Appendix A Pin Assignments & Wiring It is suggested to adopt ELA/TIA as the wiring of the RJ-45. Figure A.1: RJ-45 Pin Assignments Figure A.2: EIA/TIA-568B Figure A.
Figure A.
APPENDIX Compatible SFP Transceivers EKI-2748FI_Manual 114
Appendix B Compatible SFP Transceivers The table below shows compatible SFP transceivers for EKI-2748FI.
