INSTALLATION AND OPERATION MANUAL CWGE9MS COMMERCIAL GRADE 9 PORT GIGABIT MANAGED ETHERNET SWITCH WITH (7) 10/100/1000TX + (2) 1000FX SFP OR 10/100/1000TX PORTS V1.02 – October 2010 The ComNet™ CWGE9MS Managed Ethernet Switch provides transmission of (7) 10/100/1000 BASE-TX and (2) 1000FXcombo ports. These units are available for use with either conventional CAT-5e copper or optical transmission media. Ports 1 – 7 support the 10/100/1000 Mbps Ethernet IEEE 802.
FCC Warning This Equipment has been tested and found to comply with the limits for a Class-A digital device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates uses and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
Content Chapter 1 Introduction.............................................................................................6 1.1 Hardware Features ...................................................................................................... 6 1.2 Software Feature.......................................................................................................... 8 1.3 Package Contents......................................................................................................
6.6.2 Client Entries.................................................................................................... 29 6.6.3 Port and IP Bindings ........................................................................................ 29 6.7 TFTP .......................................................................................................................... 30 6.7.1 Update Firmware ............................................................................................. 30 6.7.
.20 QoS Configuration.................................................................................................... 69 6.20.1 QoS Policy and Priority Type ......................................................................... 69 6.20.2 Port-based Priority ......................................................................................... 70 6.20.3 COS Configuration......................................................................................... 70 6.20.3 TOS Configuration ...........
Port Mirroring Commands Set........................................................................................ 107 802.1x Commands Set................................................................................................... 108 TFTP Commands Set .................................................................................................... 111 SystemLog, SMTP and Event Commands Set .............................................................. 111 SNTP Commands Set.......................
Chapter 1 Introduction The CWGE9MS managed Ethernet switch is a multi-port switch that can be used to build high-performance switched workgroup networks. It provides wire-speed, Fast Ethernet switching function that allows for a high-performance, low-cost connection. The switch features a store-and-forward switching and it can auto-learn and store source address on an 8K-entry MAC address table.
10/100/1000TX: 7 x RJ45 with Auto MDI/MDI-X Connector function Gigabit fiber: 2 x Mini-GBIC socket Console port: RS-232 connector Store and forward switch architecture. 18Gbps Switch architecture system backplane. System throughput up to 26.7Mpps. Packet buffer RS-232 connector 1Mbits for packet buffer One RS-232 DB-9 Female connector for switch management Dimensions 217mm(W) x 140mm(D) x 43mm(H) MAC Address 8K MAC address table with Auto learning function Storage Temp.
1.2 Software Feature Management SNMP v1 v2c, v3/ Web/Telnet/CLI Management Port Based VLAN VLAN IEEE 802.1Q Tag VLAN (256 entries)/ VLAN ID (Up to 4K, VLAN ID can be assigned from 1 to 4094.) GVRP (256 Groups) Port Trunk with LACP Port Trunk: 4 Trunk groups/Maximum 4 trunk LACP members Spanning Tree IEEE802.1d Spanning tree IEEE802.
IGMP Support IGMP snooping v1,v2 256 multicast groups and IGMP query Provide 10 IP addresses that have permission to access IP Security the switch management and to prevent unauthorized intruder Support IEEE802.1x User-Authentication and can report to RADIUS server.
RFC 1215 Trap, RFC1213 MIBII, RFC 1157 SNMP MIB, SNMP MIB RFC 1493 Bridge MIB, RFC 2674 VLAN MIB, RFC 1643 , RFC 1757, RSTP MIB, Private MIB DHCP DNS SNTP Firmware Upgrade Configuration upload and download DHCP Client, DHCP Server Provides DNS client feature and support Primary and Secondary DNS server Support Simple Network Time Protocol to synchronize system clock in Internet Support TFTP firmware upgradeable, TFTP backup and restore Support text format configuration file for system quick installation
Chapter 2 Hardware Description This section describes the hardware of the CWGE9MS managed Ethernet switch. 2.1 Physical Dimension The physical dimensions of the CWGE9MS managed Ethernet switch is 217mm(W) x 140mm(D) x 43mm(H) 2.2 Front Panel The front panel of the CWGE9MS managed Ethernet switch consists of 7x auto-sensing 10/100/1000Mbps Ethernet RJ45 ports (automatic MDI/MDIX), 2 SFP/Giga copper combo ports, and the LED indicators are also located on the front panel of the switch.
2 SFP/Giga copper combo port Traditional RJ45 ports can be used for unlinking wide-band paths in short distance (<100m), or the appropriate replaceable mini-GBIC ports can be used for the application of wideband unlinking and long distance transmissions to fit the flexible field request. 2.3 Rear Panel The 3-pronged power plug are located at the rear panel of the CWGE9MS managed Ethernet switch as shown in figure. The switch will work with AC in the range 100-240V AC, 50-60Hz.
2.4 LED Indicators The following table provides descriptions of the LED statuses and meaning. They provide a real-time indication of systematic operation status. LED Status Power Green Power On Yellow The port is operating at the speed of 1000Mbps. Amber The port is operating at the speed of 100Mbps. 1000M Off Green LNK / ACT (SFP) The port is operating at the speed of 10Mbps or no device attached The port is successfully connecting with the device.
Chapter 3 Hardware Installation 3.1 Desktop Installation Set the switch on a sufficiently large flat space with a power outlet nearby. The surface where you put your Switch should be clean, smooth, level, and sturdy. Make sure there is enough clearance around the Switch to allow attachment of cables, power cord and air circulation. 3.2 Attaching Rubber Feet 1. Make sure mounting surface on the bottom of the switch is grease and dust free. 2. Remove adhesive backing from your rubber feet. 3.
Chapter 4 Network Application This section provides you a few samples of network topology in which the switch is used. In general, the CWGE9MS managed Ethernet switch is designed to be used as a desktop or segment switch. 4.1 Desktop Application The CWGE9MS managed Ethernet switch is designed to be a desktop size switch that is an ideal solution for small workgroup.
You can use the CWGE9MS managed Ethernet switch to connect PCs, workstations, and servers to each other by connecting these devices directly to the switch. All the devices in this network can communicate with each other. Connecting servers to the backbone switch allow other users to access the server’s data. The switch automatically learns node address, which are subsequently used to filter and forward all traffic based on the destination address.
[NOTE] When the X-Ring function is enabled, the user must disable the RSTP. The X-Ring function and RSTP function cannot operate simultaneously. With X-Ring topology, every switch enables the X-Ring function and assigns two member ports in the ring. Only one switch in the X-Ring group would be the backup switch with one of the two member ports’ being a backup port then switches are called working switches’ working ports.
network detection of the failed link’s activation of the master’s backup link and address table. If the failed link is restored, the ring slaves will alert the ringmaster to restore normal operation by disabling the backup link on the network in less than 300ms. 4.4 Coupling Ring Application Within the network there may be more than one X-Ring group. By using the coupling ring function, it can connect each X-Ring for redundant backup. It can ensure the transmission between two ring groups will not fail.
19
Chapter 5 Console Management 5.1 Connecting to the Console Port Use the supplied RS-232 cable to connect a terminal or PC to the console port. The terminal or PC to be connected must support the terminal emulation program. Connecting the switch to a terminal via RS-232 cable 5.
The settings of communication parameters After finished the parameter settings, select “OK“. When the blank screen shows up, press Enter key to bring out the login prompt. Key in the “admin“ (default value) for the both User name and Password (use Enter key to switch), then press Enter key and the Main Menu of console management appears. Please see below figure for login screen.
5.3 CLI Management The system supports two types of console management – CLI command. After you login to the system, you will see a command prompt. To enter CLI management interface, enter “enable” command. The following table lists the CLI commands and description. Commands Level Modes User EXEC Access Method Begin a session Prompt switch> with your Exit Method About This Mode1 Enter logout The user commands or quit. available at the user level switch.
VLAN Enter the vlan switch To exit to Use this mode to configure database database (vlan)# user EXEC VLAN-specific parameters. command while mode, enter in privileged exit. EXEC mode. Interface Enter the switch To exit to Use this mode to configure configuration interface (config-if)# global parameters for the switch command (with configuration and Ethernet ports. a specific mode, enter interface) while exit.
Chapter 6 Web-Based Management This section introduces the configuration and functions of the Web-based management. 6.1 About Web-based Management Inside the CPU board of the switch exists an embedded HTML web site residing in flash memory. It offers advanced management features and allow users to manage the switch from anywhere on the network through a standard browser such as Microsoft Internet Explorer. The Web-Based Management supports Internet Explorer 5.0.
User Name: admin Password: admin 6.3 System Login 1. Launch the Internet Explorer on the PC 2. Key in “http:// “+” the IP address of the switch”, and then Press “Enter”. Uniform Resource Locator 3. The login screen appears right after. 4. Key in the user name and password. The default user name and password are the same as ‘admin’ 5. Press Enter or select OK button, and then the home screen of the Web-based management shows up.
6.4 System Information Assign the system name and location and view the system information. System Name: Assign the system name of the switch (The maximum length is 64 bytes) System Description: Describes the switch. System Location: Assign the switch physical location (The maximum length is 64 bytes). System Contact: Enter the name of contact person or organization.
Subnet Mask: Assign the subnet mask to the IP address. If DHCP client function is enabled, and then the user does not need to assign the subnet mask. Gateway: Assign the network gateway for the industrial switch. The default gateway is 192.168.10.254. DNS1: Assign the primary DNS IP address. DNS2: Assign the secondary DNS IP address. And then, select IP configuration interface 6.
6.6.1 System configuration DHCP Server: Enable or Disable the DHCP Server function. Enable—the switch will be the DHCP server on your local network. Low IP Address: Type in an IP address. Low IP address is the beginning of the dynamic IP range. For example, dynamic IP is in the range between 192.168.1.100 ~ 192.168.1.200. In contrast, 192.168.1.100 is the Low IP address. High IP Address: Type in an IP address. High IP address is the end of the dynamic IP range.
6.6.2 Client Entries When the DHCP server function is active, the system will collect the DHCP client information and displays it at this tab. DHCP Client Entries interface 6.6.3 Port and IP Bindings Assign the dynamic IP address to the port. When the device is connecting to the port and asks for IP assigning, the system will assign the IP address that has been assigned before to the connected device.
6.7 TFTP 6.7.1 Update Firmware It provides the functions that allow user to update the switch firmware. Before updating, make sure the TFTP server is ready and the firmware image is located on the TFTP server. 1. TFTP Server IP Address: Type in your TFTP server IP. 2. Firmware File Name: Type in the name of firmware image. 3. Select . Update Firmware interface 6.7.2 Restore Configuration You can restore the configuration from TFTP server.
Restore Configuration interface 6.7.3 Backup Configuration You can save the current configuration from flash ROM to TFTP server for restoring later. 1. TFTP Server IP Address: Type in the TFTP server IP. 2. Backup File Name: Type in the file name. 3. Select .
6.8 System Event Log 6.8.1 Syslog Configuration Configure the system event mode to collect system log. 1. Syslog Client Mode: Select the system log mode—Client Only, Server Only, or Both. 2. System Log Server IP Address: Assign the system log server IP. 3. When Syslog Client Mode is set as Client Only, the system event log will only be reserved in the switch’s RAM until next reboot.
Syslog Configuration interface 6.8.2 SMTP Configuration You can set up the mail server IP, mail account, password, and forwarded email account for receiving the event alert. 1. Email Alert: Enable or disable the email alert function. 2. SMTP Server IP: Set up the mail server IP address (when Email Alert enabled, this function will then be available). 3. Sender: Type in an alias of the switch in complete email address format, e.g. switch101@123.com, to identify where the event log comes from.
4. Authentication: Select the checkbox to enable this function, configuring the email account and password for authentication (when Email Alert enabled, this function will then be available). 5. Mail Account: Set up the email account, e.g. johnadmin, to receive the alert. It must be an existing email account on the mail server, which you had set up in SMTP Server IP Address column. 6. Password: Type in the password to the email account. 7. Confirm Password: Reconfirm the password. 8.
6.8.3 Event Configuration When the Syslog/SMTP checkbox is marked, the event log will be sent to system log server/SMTP server. Also, per port log (link up, link down, and both) events can be sent to the system log server/SMTP server with the respective checkbox selected. After configuring, select to have the setting taken effect. System event selection: There are 4 event types—Device cold start, Device warm start, Authentication Failure, and X-ring topology change.
Event Configuration interface 36
6.9 SNTP Configuration You can configure the SNTP (Simple Network Time Protocol) settings. The SNTP allows you to synchronize switch clocks in the Internet. 1. SNTP Client: Enable/disable SNTP function to get the time from the SNTP server. 2. Daylight Saving Time: Enable/disable daylight saving time function. When daylight saving time is enabled, you need to configure the daylight saving time period. 3. UTC Timezone: Set the switch location time zone.
CET - Central European FWT - French Winter MET - Middle European +1 hour 1 pm +2 hours 2 pm BT - Baghdad, USSR Zone 2 +3 hours 3 pm ZP4 - USSR Zone 3 +4 hours 4 pm ZP5 - USSR Zone 4 +5 hours 5 pm ZP6 - USSR Zone 5 +6 hours 6 pm +7 hours 7 pm +8 hours 8 pm +9 hours 9 pm +10 hours 10 pm +12 hours Midnight MEWT - Middle European Winter SWT - Swedish Winter EET - Eastern European, USSR Zone 1 WAST - West Australian Standard CCT - China Coast, USSR Zone 7 JST - Japan Standard, USSR Zo
8. Select . SNTP Configuration interface 6.10 IP Security The IP security function allows the user to assign 10 specific IP addresses that have permission to access the switch through the web browser for the securing switch management. IP Security Mode: When this option is in Enable mode, the Enable HTTP Server and Enable Telnet Server checkboxes will then be available.
And then, select [NOTE] button to apply the configuration. Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when the switch powers off.
6.11 User Authentication Change web management login user name and password for the management security issue. 1. User name: Type in the new user name (The default is ‘admin’) 2. Password: Type in the new password (The default is ‘admin’) 3. Confirm password: Re-type the new password 4.
6.12 Port Statistics The following information provides the current port statistic information. Port: Displays the port number. Type: Displays the media type of the port. Link: The status of linking—‘Up’ or ‘Down’. State: The user can set the state of the port as ‘Enable’ or ‘Disable’ via Port Control. When the state is disabled, the port will not transmit or receive any packet. Tx Good Packet: The counts of transmitting good packets via this port.
6.13 Port Control In Port control, you can view and set the operation mode of each port. 1. Port: Select the port that you want to configure. 2. State: Current port status. The port can be set to disable or enable mode. If the port state is set as ‘Disable’, it will not receive or transmit any packet. 3. Negotiation: Auto and Force. Being set as Auto, the speed and duplex mode are negotiated automatically. When you set it as Force, you have to assign the speed and duplex mode manually. 4.
Port Control interface 6.14 Port Trunk The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner.
6.14.1 Aggregator setting 1. System Priority: A value that is used to identify the active LACP. The switch with the lowest value has the highest priority and is selected as the active LACP. 2. Group ID: There are four trunk groups to be selected. Choose the "Group ID" and select 3. button. LACP: When enabled, the trunk group is using LACP. A port that joins an LACP trunk group has to make an agreement with its member ports first. When disabled, the trunk group is a static trunk group.
8. Use button to delete Trunk Group. Select the Group ID and select button.
6.14.2 Aggregator Information When you have setup the aggregator setting with LACP disabled, you will see the local static trunk group information here. 1. Group Key: Displays the trunk group ID. 2. Port Member: Displays the members of this static trunk group.
Port Trunk – Aggregator Information interface 6.14.3 State Activity Having set up the LACP aggregator on the tab of Aggregator Setting, you can configure the state activity for the members of the LACP trunk group. You can select or cancel the checkbox beside the state display. When you remove the select mark to the port and select button, the port state activity will change to Passive. Active: The port automatically sends LACP protocol packets.
Port Trunk – State Activity interface 49
6.15 Port Mirroring The Port mirroring is a method for monitoring traffic in switched networks. Traffic through ports can be monitored by one specific port which means traffic goes in or out monitored (source) ports will be duplicated into mirroring (destination) port. Port Trunk – Port Mirroring interface Destination Port: There is only one port can be selected to be the destination (mirroring) port for monitoring both RX and TX traffic which come from the source port.
6.16 Rate Limiting You can set up every port’s frame limitation type and bandwidth rate. Rate Limiting interface Ingress Limit Frame type: Select the frame type you want to filter. The frame types have 4 options for selecting: All, Broadcast/Multicast/Flooded Unicast, Broadcast/Multicast, and Broadcast only. The four frame type options are for ingress frames limitation. The egress rate only supports ‘All’ type. All the ports support port ingress and egress rate control.
Egress: Enter the port effective egress rate (The default value is “0”). And then, select to make the settings taken effect. 6.17 VLAN configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which would allow you to isolate network traffic, so only the members of the same VLAN will receive traffic from the ones of the same VLAN.
ports are treated as belonging to another single VLAN. If the port-based VLAN is enabled, the VLAN-tagging is ignored. In order for an end station to send packets to different VLAN groups, it has to be either capable of tagging packets it sends with VLAN tags or attached to a VLAN-aware bridge that is capable of classifying and tagging the packet with different VLAN ID based on not only default PVID but also other information about the packet, such as the protocol.
VLAN—Port Based Add interface Enter the group name and VLAN ID. Add the port number having selected into the right field to group these members to be a VLAN group or remove any of them listed in the right field from the VLAN. And then, select button to have the settings taken effect. You will see the VLAN displays.
VLAN—Port Based Edit/Delete interface Use button to delete the VLAN. Use button to modify group name, VLAN ID, or add/remove the members of the existing VLAN group. [NOTE] Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch power off.
6.17.2 802.1Q VLAN Tagged-based VLAN is an IEEE 802.1Q specification standard. Therefore, it is possible to create a VLAN across devices from different switch venders. IEEE 802.1Q VLAN uses a technique to insert a “tag” into the Ethernet frames. Tag contains a VLAN Identifier (VID) that indicates the VLAN numbers. You can create Tag-based VLAN, and enable or disable GVRP protocol. There are 256 VLAN groups to provide configuration. Enable 802.1Q VLAN, all ports on the switch belong to default VLAN of VID 1.
Select the port you want to configure. Link Type: There are 3 types of link type. Access Link: Single switch only, it allows the user to group ports by assigning the same Untagged VID. While this link type is set, the Untagged VID column field is available but the Tagged VID column field is disabled. Trunk Link: The extended application of Access Link. It allows the tagged frames go across 2 or more switches by assigning the tagged VID to the frames.
Group Configuration Edit the existing VLAN Group. Select the VLAN group in the table list. Select button. Group Configuration interface You can modify the VLAN group name and VLAN ID.
Group Configuration interface Select button.
6.18 Rapid Spanning Tree The Rapid Spanning Tree Protocol (RSTP) is an evolution of the Spanning Tree Protocol and provides for faster spanning tree convergence after a topology change. The system also supports STP and the system will auto-detect the connected device that is running STP or RSTP protocol. 6.18.1 RSTP - System Configuration The user can view spanning tree information of Root Bridge. The user can modify RSTP state. After modification, select button.
[NOTE] Follow the rule as below to configure the MAX Age, Hello Time, and Forward Delay Time. 2 x (Forward Delay Time value –1) > = Max Age value >= 2 x (Hello Time value +1) RSTP System Configuration interface 6.18.2 RSTP - Port Configuration You can configure path cost and priority of every port. Select the port in the port column field. Path Cost: The cost of the path to the other bridge from this transmitting bridge at the specified port. Enter a number 1 through 200,000,000.
through 240 (the port of the highest value will be blocked). The value of priority must be the multiple of 16. Admin P2P: Some of the rapid state transactions that are possible within RSTP are dependent upon whether the port concerned can only be connected to exactly one other bridge (i.e. it is served by a point-to-point LAN segment), or can be connected to two or more bridges (i.e. it is served by a shared medium LAN segment).
6.19 SNMP Configuration Simple Network Management Protocol (SNMP) is the protocol developed to manage nodes (servers, workstations, routers, switches and hubs etc.) on an IP network. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth. Network management systems learn of problems by receiving traps or change notices from network devices implementing SNMP. 6.19.
SNMP System Configuration interface 6.19.2 Trap Configuration A trap manager is a management station that receives the trap messages generated by the switch. If no trap manager is defined, no traps will be issued. Create a trap manager by entering the IP Address of the station and a community string. To define a management station as a trap manager, assign an IP address, enter the SNMP community strings, and select the SNMP trap version. IP Address: Enter the IP address of the trap manager.
Trap Managers interface 6.19.3 SNMPV3 Configuration Configure the SNMP V3 function. Context Table Configure SNMP v3 context table. Assign the context name of context table. Select to add context name. Select to remove the unwanted context name. User Profile Configure SNMP v3 user table.. User ID: Set up the user name. Authentication Password: Set up the authentication password. Privacy Password: Set up the private password.
Select to add the context name. Select to remove the unwanted context name.
Group Table Configure SNMP v3 group table. Security Name (User ID): Assign the user name that you have set up in user table. Group Name: Set up the group name. Select to add the group name. Select to remove the unwanted group name. Access Table Configure SNMP v3 access table. Context Prefix: Set up the context name. Group Name: Set up the group. Security Level: Set up the access level. Context Match Rule: Select the context match rule.
Type: Select the type—excluded or included. Select to add the context name. Select to remove the unwanted context name.
6.20 QoS Configuration Here you can configure QoS policy and priority setting, per port priority setting, COS and TOS setting. 6.20.1 QoS Policy and Priority Type QoS Policy interface QoS Policy: Select the QoS policy rule. Using the 8,4,2,1 weight fair queue scheme: The switch will follow 8:4:2:1 rate to process priority queue from high to lowest queue.
6.20.2 Port-based Priority Configure the priority level for each port. With the drop-down selection item of Priority Type above being selected as Port-based, this control item will then be available to set the queuing policy for each port. Port-based Priority interface Port x: Each port has 4 priority levels—High, Middle, Low, and Lowest—to be chosen. Select button to make the settings effective. 6.20.3 COS Configuration Set up the COS priority level.
6.20.3 TOS Configuration Set up the TOS priority. With the drop-down selection item of Priority Type above being selected as TOS only/TOS first, this control item will then be available to set the queuing policy for each port. TOS Configuration interface TOS priority: The system provides 0~63 TOS priority level. Each level has 4 types of priority—High, Middle, Low, and Lowest. The default value is ‘Lowest’ priority for each level.
6.21 IGMP Configuration The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts that support IGMP. Enabling IGMP allows the ports to detect IGMP queries, report packets, and manage IP multicast traffic through the switch.
Select button. IGMP Configuration interface 6.22 X-Ring X-Ring provides a faster redundant recovery than Spanning Tree topology. The action is similar to STP or RSTP, but the algorithms between them are not the same. In the X-Ring topology, every switch should be enabled with the X-Ring function and two ports should be assigned as the member ports in the ring.
with lowest MAC address number as the ringmaster. Setting the X-Ring configuration interface can enable the X-Ring master ring mode. The system also supports the Couple Ring that can connect 2 or more X-Ring group for the redundant backup function; Dual Homing function that can prevent connection loss between the X-Ring group and upper level/core switch. Apart from the advantages, Central Ring can handle up to 4 rings in the system and has the ability to recover from failure within 300 milliseconds.
X-ring Interface [NOTE] 1. When the X-Ring function enabled, the user must disable the RSTP. The X-Ring function and RSTP function cannot exist on a switch at the same time. 2. Remember to execute the “Save Configuration” action, otherwise the new configuration will lose when switch powers off.
6.23 LLDP Link Layer Discovery Protocol (LLDP) is defined in the IEEE 802.1AB, it is an emerging standard which provides a solution for the configuration issues caused by expanding LANs. LLDP specifically defines a standard method for Ethernet network devices such as switches, routers and wireless LAN access points to advertise information about themselves to other nodes on the network and store the information they discover. LLDP runs on all 802 media.
6.25.4 Multicast Filtering Multicasts are similar to broadcasts, they are sent to all end stations on a LAN or VLAN. Multicast filtering is the function, which end stations can receive the multicast traffic if the connected ports had been included in the specific multicast groups. With multicast filtering, network devices only forward multicast traffic to the ports that are connected to the registered end stations. IP Address: Assign a multicast group IP address in the range of 224.0.0.0 ~ 239.255.255.
6.23 Security-802.1X/Radius Configuration 802.1x is an IEEE authentication specification which prevents the client from connecting to a wireless access point or wired switch until it provides authority, like the user name and password that are verified by an authentication server (such as RADIUS server). 6.23.1 System Configuration After enabling the IEEE 802.1X function, you can configure the parameters of this function. IEEE 802.1x Protocol: Enable or disable 802.1 x protocols.
802.1x System Configuration interface 6.23.2 Port Configuration You can configure the 802.1x authentication state for each port. The state provides Disable, Accept, Reject, and Authorize. Reject: The specified port is required to be held in the unauthorized state. Accept: The specified port is required to be held in the authorized state.
802.1x Per Port Setting interface 6.23.3 Misc Configuration Quiet Period: Set the period that the port doesn’t try to acquire a supplicant. TX Period: Set the period the port waits for retransmit next EAPOL PDU during an authentication session. Supplicant Timeout: Set the period of time the switch waits for a supplicant response to an EAP request. Server Timeout: Set the period of time the switch waits for a server response to an authentication request.
re-authenticated. Select button. 802.1x Misc Configuration interface 6.24 MAC Address Table Use the MAC address table to ensure the port security. 6.24.1 Static MAC Address You can add a static MAC address; it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the disconnected or powered-off device is active on the network again.
Port No.: Pull down the selection menu to select the port number. Select If you want to delete the MAC address from filtering table, select the MAC address button. and select button. Static MAC Addresses interface 6.24.2 MAC Filtering By filtering MAC addresses, the switch can easily filter the pre-configured MAC address and reduce the un-safety. You can add and delete filtering MAC address.
MAC Filtering interface MAC Address: Enter the MAC address that you want to filter. Select If you want to delete the MAC address from the filtering table, select the MAC button. address and select button. 6.24.3 All MAC Addresses You can view the port that connected device’s MAC address and the related devices’ MAC address. 1. Select the port. 2. The selected port of static & dynamic MAC address information will be displayed in here. 3.
All MAC Address interface 6.25 Factory Default Reset switch to default configuration. Select button to reset all configurations to the default value. Factory Default interface 6.26 Save Configuration Save all configurations that you have made in the system.
will be saved. Select to save the all configuration to the flash memory. Save Configuration interface 6.27 System Reboot Reboot the switch in software reset. Select System Reboot interface 85 to reboot the system.
Problem Solving This section is intended to help you solve the most common problems on the CWGE9MS managed Ethernet switch. Incorrect connections The switch port can auto detect straight or crossover cable when you link switch with other Ethernet device. For the RJ45 connector should use correct UTP or STP cable, 10/100Mbps port use 2-pairs twisted cable and Gigabit 1000T port use 4 pairs twisted cable. If the RJ45 connector is not the correct pin on right position then the link will fail.
Improper Network Topologies It is important to make sure that you have a valid network topology. Common topology faults include excessive cable length and too many repeaters (hubs) between end nodes. In addition, you should make sure that your network topology contains no data path loops. Between any two ends nodes, there should be only one active cabling path at any time. Data path loops will cause broadcast storms that will severely impact your network performance.
Appendix A Command Sets Commands Set List User EXEC E Privileged EXEC P Global configuration G VLAN database V Interface configuration I System Commands Set Netstar Commands show config Level Description E Show switch Example switch>show config configuration show terminal P Show console switch#show terminal information write memory P Save user switch#write memory configuration into permanent memory (flash rom) system name G [System Name] system location G G [System Description] sys
ip address G [Ip-address] Configure the IP switch(config)#ip address address of switch 192.168.1.1 255.255.255.0 [Subnet-mask] 192.168.1.
dhcpserver dnsip G [DNS IP] dhcpserver leasetime G [SEC.] dhcpserver ipbinding I [IP address] Configure DNS IP for switch(config)#dhcpserver dnsip DHCP clients 192.168.1.1 Configure lease time switch(config)#dhcpserver (in sec.) leasetime 86400 Set static IP for DHCP switch(config)#interface clients by port fastEthernet 2 switch(config)#dhcpserver ipbinding 192.168.1.
no security http G Disable IP security of switch(config)#no security http HTTP server no security telnet G Disable IP security of switch(config)#no security telnet telnet server Port Commands Set Netstar Commands interface fastEthernet Level Description G [Portid] duplex I [full | half] Example Choose the port for switch(config)#interface modification.
security enable I Enable security of switch(config)#interface interface fastEthernet 2 switch(config-if)#security enable no security I Disable security of switch(config)#interface interface fastEthernet 2 switch(config-if)#no security bandwidth type all I Set interface ingress switch(config)#interface limit frame type to fastEthernet 2 “accept all frame” switch(config-if)#bandwidth type all bandwidth type I Set interface ingress switch(config)#interface broadcast-multicast-floo limi
bandwidth out Set interface output switch(config)#interface [Value] bandwidth. Rate Range fastEthernet 2 is from 100 kbps to switch(config-if)#bandwidth out 102400 kbps or to 100 256000 kbps for giga ports, and zero means no limit.
Trunk Commands Set Netstar Commands aggregator priority Level Description G [1~65535] aggregator activityport G Example Set port group system switch(config)#aggregator priority priority 22 Set activity port switch(config)#aggregator [Group ID] activityport 2 2 [Port Numbers] aggregator group G Assign a trunk group with switch(config)#aggregator [GroupID] [Port-list] LACP active.
show aggregator P [Group-number] Show the information of switch#show aggregator 1 trunk group or switch#show aggregator 2 or switch#show aggregator 3 no aggregator lacp G [GroupID] no aggregator group G Disable the LACP switch(config)#no aggreator function of trunk group lacp 1 Remove a trunk group switch(config)#no aggreator [GroupID] group 2 VLAN Commands Set Netstar Commands vlan database Level Description P Example Enter VLAN configure switch#vlan database mode Vlanmode V [portb
no vlan group [GroupID] V vlan 8021q name V Delete port base group switch(vlan)#no vlan group 2 ID IEEE 802.1Q VLAN Change the name of switch(vlan)#vlan 8021q name [GroupName] VLAN group, if the vid [VID] group didn’t exist, this test vid 22 command can’t be applied. vlan 8021q port V [PortNumber] access-link untag Assign a access link switch(vlan)#vlan 8021q port 3 for VLAN by port, if the access-link untag 33 port belong to a trunk [UntaggedVID] group, this command can’t be applied.
vlan 8021q trunk V [PortNumber] Assign a trunk link for switch(vlan)#vlan 8021q trunk 3 VLAN by trunk group trunk-link tag 2,3,6,99 trunk-link tag or switch(vlan)#vlan 8021q trunk [TaggedVID List] 3 trunk-link tag 3-20 vlan 8021q trunk [PortNumber] V Assign a hybrid link for switch(vlan)#vlan 8021q trunk 3 VLAN by trunk group hybrid-link untag 4 tag 3,6,8 hybrid-link untag or [UntaggedVID] switch(vlan)#vlan 8021q trunk 3 tag hybrid-link untag 5 tag 6-8 [TaggedVID List] 97
Spanning Tree Commands Set Netstar Commands spanning-tree enable Level Description G Enable spanning tree Example switch(config)#spanning-tree enable spanning-tree priority G [0~61440] spanning-tree max-age G [seconds] Configure spanning tree switch(config)#spanning-tree priority parameter priority 32767 Use the spanning-tree switch(config)#spanning-tree max-age global max-age 15 configuration command to change the interval between messages the spanning tree receives from the root switch.
spanning-tree G forward-time [seconds] Use the spanning-tree switch(config)#spanning-tree forward-time global forward-time 20 configuration command to set the forwarding-time for the specified spanning-tree instances. The forwarding time determines how long each of the listening and stp-path-cost [1~200000000] I learning states last before the port begins forwarding.
stp-path-priority I [Port Priority] Use the spanning-tree switch(config)#interface port-priority interface fastEthernet 2 configuration switch(config-if)#stp-path-priority command to configure 128 a port priority that is used when two switches tie for position as the root switch. stp-admin-p2p I [Auto|True|False] Admin P2P of STP switch(config)#interface priority on this fastEthernet 2 interface.
QOS Commands Set Netstar Commands qos policy Level Description G [weighted-fair|strict] qos prioritytype G [port-based|cos-only|tos Example Select QOS policy switch(config)#qos policy scheduling weighted-fair Setting of QOS priority switch(config)#qos prioritytype type -only|cos-first|tos-first] qos priority portbased G [Port] [lowest|low|middle|high] qos priority cos [Priority][lowest|low|mid dle|high] qos priority tos Configure Port-based switch(config)#qos priority Priority G portbased 1
IGMP Commands Set Netstar Commands igmp enable Level Description G Enable IGMP Example switch(config)#igmp enable snooping function Igmp-query auto G Set IGMP query to switch(config)#Igmp-query auto auto mode Igmp-query force G Set IGMP query to switch(config)#Igmp-query force force mode show igmp P configuration Displays the details of switch#show igmp configuration an IGMP configuration. show igmp multi P Displays the details of switch#show igmp multi an IGMP snooping entries.
Mac / Filter Table Commands Set Netstar Commands mac-address-table static Level Description I Example Configure MAC switch(config)#interface hwaddr address table of fastEthernet 2 [MAC] interface (static).
SNMP Commands Set Netstar Commands snmp system-name Level Description G [System Name] snmp system-location G [System Location] snmp system-contact G [System Contact] snmp agent-mode G [v1v2c|v3|v1v2cv3] snmp community-strings G [Community] Set SNMP agent switch(config)#snmp system name system-name l2switch Set SNMP agent switch(config)#snmp system location system-location lab Set SNMP agent switch(config)#snmp system contact system-contact where Select the agent switch(config)#snmp a
snmpv3 access G Configure the access switch(config)#snmpv3 access context-name [Context table of SNMPV3 context-name Test group G1 Name ] agent security-level AuthPriv group match-rule Exact views V1 V1 V1 [Group Name ] security-level [NoAuthNoPriv|AuthNoPri v|AuthPriv] match-rule [Exact|Prifix] views [Read View Name] [Write View Name] [Notify View Name] snmpv3 mibview view G Configure the switch(config)#snmpv3 mibview [View Name] mibview table of view V1 type Excluded sub-oid type SNMPV3
no snmpv3 access G Remove specified switch(config)#no snmpv3 access context-name [Context access table of context-name Test group G1 Name ] SNMPv3 agent.
Port Mirroring Commands Set Netstar Commands monitor rx Level Description G Set RX destination Example switch(config)#monitor rx port of monitor function monitor tx G Set TX destination port switch(config)#monitor tx of monitor function show monitor P Show port monitor switch#show monitor information monitor I [RX|TX|Both] Configure source port switch(config)#interface of monitor function fastEthernet 2 switch(config-if)#monitor RX show monitor I Show port monitor switch(config)#interface
802.1x Commands Set Netstar Commands 8021x enable Level Description G Example Use the 802.1x global switch(config)# 8021x enable configuration command to enable 802.1x protocols. 8021x system radiusip G [IP address] Use the 802.1x system switch(config)# 8021x system radius IP global radiusip 192.168.1.1 configuration command to change the radius server IP. 8021x system serverport G [port ID] Use the 802.
8021x system nasid G [NAS ID] Use the 802.1x system switch(config)# 8021x system nasid global nasid test1 configuration command to change the NAS ID 8021x misc quietperiod G [sec.] Use the 802.1x misc switch(config)# 8021x misc quiet period global quietperiod 10 configuration command to specify the quiet period value of the switch. 8021x misc txperiod G [sec.] Use the 802.1x misc switch(config)# 8021x misc TX period global txperiod 5 configuration command to set the TX period.
8021x misc maxrequest G [number] Use the 802.1x misc switch(config)# 8021x misc max request global maxrequest 3 configuration command to set the MAX requests. 8021x misc G reauthperiod [sec.] Use the 802.1x misc switch(config)# 8021x misc reauth period global reauthperiod 3000 configuration command to set the reauth period. 8021x portstate I Use the 802.
TFTP Commands Set Netstar Commands backup Level Description G flash:backup_cfg Defaults Example Save configuration to switch(config)#backup TFTP and need to flash:backup_cfg specify the IP of TFTP server and the file name of image. restore G flash:restore_cfg Get configuration from switch(config)#restore TFTP server and need to flash:restore_cfg specify the IP of TFTP server and the file name of image.
smtp enable G Enable SMTP function switch(config)#smtp enable smtp serverip G Configure SMTP switch(config)#smtp serverip server IP 192.168.1.5 Configure sender of switch(config)#smtp sender mail dut1@xxx.
event smtp I [Link-UP|Link-Down|Bot Set port event for switch(config)#interface SMTP fastethernet 3 h] switch(config-if)#event smtp both show event P Show event selection switch#show event no event G Disable cold start switch(config)#no event event type device-cold-start Disable warm start switch(config)#no event event type device-warm-start device-cold-start no event G device-warm-start no event G authentication-failure no event G X-ring-topology-change Disable Authentication s
SNTP Commands Set Netstar Commands Level Description Example sntp enable G Enable SNTP function switch(config)#sntp enable sntp daylight G Enable daylight saving switch(config)#sntp daylight time, if SNTP function is inactive, this command can’t be applied. sntp daylight-period G [Start time] [End time] Set period of daylight switch(config)# sntp saving time, if SNTP daylight-period 20060101-01:01 function is inactive, 20060202-01:01 this command can’t be applied.
show sntp P Show SNTP switch#show sntp information show sntp timezone P Show index number of switch#show sntp timezone time zone list no sntp G Disable SNTP function switch(config)#no sntp no sntp daylight G Disable daylight saving time 115 switch(config)#no sntp daylight
X-ring Commands Set Netstar Commands Level Description Example ring enable G Enable X-ring switch(config)#ring enable ring master G Enable ring master switch(config)# ring master ring couplering G Enable couple ring switch(config)#ring couplering ring dualhoming G Enable dual homing switch(config)#ring dualhoming ring ringport G Configure 1st/2nd switch(config)#ring ringport 7 8 [1st Ring Port] [2nd Ring Port Ring Port] ring couplingport G [Coupling Port] ring controlport Configu
ComNet Customer Service Customer Care is ComNet Technology’s global service center, where our professional staff are ready to answer your questions at any time. Email address of ComNet Global Service Center: customercare@ComNet.
