8 Port 10/100BASE-TX Plus One 100BASE-FX or 1000BASE-FX Port Advanced Managed Switch MIL-SME801P MIL-SME801GSX MIL-SME801GLX USER GUIDE
Regulatory Approval - FCC Class A - UL 1950 - CSA C22.2 No. 950 - EN60950 - CE - EN55022 Class A - EN55024 Canadian EMI Notice This Class A digital apparatus meets all the requirements of the Canadian Interference-Causing Equipment Regulations. Cet appareil numerique de la classe A respecte toutes les exigences du Reglement sur le materiel brouilleur du Canada.
Table of Contents 1. Introduction Features Intelligent Management Features Package Contents Management Methods Console and Telnet Management Web-based Management 2. Hardware Description Front Panel LED Indicators Rear Panel Desktop Installation Power On 3. Network Application Small Workgroup Extended Workgroup 4. Console Management Connecting a Terminal or PC to the Console Port Console - Menu 4-1. Main Menu 4-2. Status and Counters 4-2-1. Port Status 4-2-2. Port Counters 4-2-3. System Information 4-3.
-3-8-2. Broadcast Storm Filtering 4-3-8-3. Max Bridge Transmit Delay Bound 4-3-8-4. Collision Retry Forever 4-3-8-5. Hash Algorithm 4-3-8-6. IFG Compensation 4-4. Protocol Related Configuration 4-4-1. STP 4-4-1-1. STP Setup 4-4-1-2. System Configuration 4-4-1-3. STP Per Port Setting 4-4-2. SNMP 4-4-2-1. SNMP System Options 4-4-2-2. Community Strings 4-4-2-3. Trap Managers 4-4-3. LACP 4-4-3-1. Working Ports Setting 4-4-3-2. LACP State Activity 4-4-3-3. Group Status 4-4-4. IGMP/GVRP Configuration 4-4-5. 802.
-4-5-3. State Activity 5-4-6. Forwarding and Filtering 5-4-6-1. IGMP Snooping 5-4-6-2. Static MAC Address 5-4-6-3. MAC Filtering 5-4-7. VLAN Configuration 5-4-7-1. Port-based VLAN 5-4-7-2. 802.1Q VLAN 5-4-8. Spanning Tree 5-4-8-1. System Configuration 5-4-8-2. Per Port Configuration 5-4-9. Port Mirroring 5-4-10. SNMP 5-4-11. Security Manager 5-4-12. 802.1x 5-4-12-1. System Configuration 5-4-12-2. Per Port Configuration 5-4-12-3. 802.1x Miscellaneous Configuration 5-4-13. TFTP Update Firmware 5-4-14.
1. Introduction The MIL-SME801P and MIL-SME801G advanced managed switch families are multi-port switches that can be used to build high-performance workgroup networks and as Customer Provider Edge (CPE) devices in Fiber-to-the-Home (FTTH) networks. Figure 1-1. The MIL-SME801P switch The MIL-SME801P switch has eight auto-sensing 10/100BASE-TX RJ-45 ports plus one 100BASE-FX fiber port that enables long-distance connections.
Features Console and Telnet management Conforms to IEEE803.u 10BASE-T, 802.3u 100BASE-TX/FX 8 auto-sensing 10/100Mbps Ethernet RJ-45 ports One 100 FX fiber port Switch fabric bandwidth up to 8.8 Gbps throughput Full Layer 2 management function Port mirroring IGMP support for Multi media applications Back-Pressure-Base flow control on Half-duplex link mode Pause-Frame-Base flow control on Full-duplex link mode Port Based VLAN /IEEE802 .
Intelligent Management Features Management Telnet management, Web management, In-Band Local Console (RS-232) RFC Standard RFC 1157 SNMP, RFC 1213 MIB II, Bridge MIB, RFC 1643 ETHERNET LIKE, RFC 1493 BRIDGE MIB, RFC 1757 RMON 1, RFC 1215 Trap Software TFTP and console firmware upgrade Upgrade Port Trunk Supports IEEE802.3ad and IEEE802.1ad with LACP function and provides 2 Trunk groups of 4 member ports within 10 ports. Spanning Tree IEEE802.1d spanning Tree VLAN Port based VLAN IEEE802.
IGMP IGMP Snooping for Multi-Media applications, IGMP group supports 256 groups Port Security MAC address filtering for ingress packets Static MAC address lock for source address. Port Mirror Global system supports 3 mirroring types: RX, TX and Both. The maximum mirror entries is 8. Bandwidth Per port bandwidth control support. Per level 100K. Control 802.1x Supports IEEE802.1x user authentication and can report to Radius Server.
Package Contents Unpack the contents of the package and verify them against the checklist below. MIL-SME801P Switch Power Cord Four Rubber Feet RS-232 cable Rack-mounted kit CD ROM containing Users Guide If any item is missing or damaged, please contact your local dealer for service.
Management Methods The MIL-SME801P switch supports the following management methods: Console and Telnet Management Web-based Management Console and Telnet Management Console Management is done through the RS-232 Console Port. Managing the switch in this method requires a direct connection between a PC and the switch. Telnet management requires a network connection. The default IP address is 192.168.1.77 with a subnet mask of 255.255.255.0.
2. Hardware Description Front Panel The Front Panel of the MIL-SME801P switch consists of eight 10/100BASE-TX RJ-45 ports and one 100BASE-FX fiber port, one LED-Indicator for Power, one LED-Indicator for the Fiber port, and 3 LED-Indicators for each of the RJ-45 ports on the switch. Figure 2-1. Front panel for MIL-SME801P RJ-45 Ports (Auto MDI/MDIX): The MIL-SME801P comes with eight 10/100Mbps N-way auto-sensing for 10BASE-T or 100BASE-TX UTP connections.
LED Indicators The LED Indicators give real-time information of systematic operation status. The following table provides descriptions of LED statuses and their meaning. LED Power Status Color Description On Green Power On On Green The port is operating at 100Mbps. 100M The port is operating at 10Mbps mode or Off On LNK /ACT Blinks no device is attached. The port is successfully connecting with Green the device. The port is receiving or transmitting Green data.
9
Rear Panel The 3-pronged power plug and ventilation fan are located at the rear panel of the MIL-SME801P switch as shown in Figure 2-2. The switch will work with AC in the range 100-240V AC, 50-60Hz. Figure 2-2.
Desktop Installation Set the Switch on a sufficiently large flat space with a power outlet nearby. The surface where you put your Switch should be clean, smooth, level, and sturdy. Provide enough clearance around the switch to allow attachment of cables, power cord and air circulation. Attaching Rubber Feet A. Make sure mounting surface on the bottom of the Switch is grease and dust free. B. Remove adhesive backing from the Rubber Feet. C. Apply the Rubber Feet to each corner on the bottom of the Switch.
Power On Connect the power cord to the power socket on the rear panel of the switch. Connect the other end of the cord to an appropriate power outlet. The internal power supply in the switch works with AC in the voltage range 100-240VAC, frequency 50~60Hz. Check the power indicator on the front panel to see if power is properly supplied.
3. Network Application Small Workgroup The MIL-SME801P switch can be used as a standalone switch to direct connect computers, servers and printer servers to form a small workgroup. Figure 3-1.
Extended Workgroup The MIL-SME801P switch can be also used o interconnect two small workgroups. By using the fiber ports to connect the switches, the distance between the two switches via fiber cable can be up to 2Km or 30Km (SC single-mode fiber connector). Figure 3-2.
4. Console Management Connecting a Terminal or PC to the Console Port Console management involves the administration of the switch via a direct connection to the RS-232 console port. This port is a male DB-9 connector wired for connecting to a standard PC serial port. From the main menu of the console program, the user has access to manage the functions of the switch. Figure 4-1.
After the connection between Switch and PC is finished, turn on the PC and run a terminal emulation program or Hyper Terminal to match the following default characteristics of the console port: Baud Rate: 9600 bps Data Bits: 8 Parity: none Stop Bit: 1 Flow Control: None Figure 4-2. The settings of communication parameters After you have entered the parameter settings, press the Enter Key and the Main Menu of console management appears.
Console – Menu 1. The switch also provides a serial interface to manage and monitor the switch. The user can follow the Console Port Information provided by the web to use the Windows HyperTerminal program to link the switch. 2. Type the user name and password to login. The default user name is root; the default password is root. 3. The timeout on the console port is 60 seconds.
4-1. Main Menu There are five items for selection as follows: Status and Counters: Shows the status of the switch. Switch Configuration: Menus to configure the switch. Protocol Related Configuration: Configures the protocol features. System Reset Configuration: Restarts the system or resets switch to the default configuration. Logout: Exits the menu line program. The control keys listed below are provided in all menus: Tab: Move the cursor to next item.
4-2. Status and Counters Press the Tab or Backspace key to choose an action item, and then press Enter key to select the item.
4-2-1. Port Status Type: Displays the port type of 10T, 100TX or 100FX. Link: Displays the port's link. “Down” the port has no link, and “Up” the port has a link with the remote device. State: A port that is enabled will be displayed as “Enable”. A port that is disabled will be displayed as “Disable”. Negotiation: Displays the state of Auto-negotiation as either "Auto" or "Fixed". Speed / Duplex: Displays the port speed and duplex mode. FC: Displays the flow control for the port as being either on or off.
increments of 10 kbps, 0 indicates port is at full bandwidth out. Priority: Indicates whether traffic received on this port is put into the high priority or low priority queue or do not care. Security: Indicates whether or not source MAC address based traffic filtering is enabled on the port. Actions-> Press the Tab or Backspace key to choose action menu, and then press the Enter key to select the item. : Exits the port status page, and returns to previous menu.
4-2-2. Port Counters The following information provides a view of the current status of the unit. Select Refresh to view updated statistics or select Clear to reset all counters to 0. Actions-> Press the Tab or Backspace key to choose action menu, and then press the Enter key to select item. : Updates statistics on all counters. : Sets all counters to 0. : Exits the port counters page, and returns to previous menu.
4-2-3. System Information System Name: Displays the name of device. System Location: Displays where the device is located. System Description: Displays the device description. Firmware Version: Displays the switch’s firmware version. Kernel Version: Displays the system kernel software version. Hardware Version: Displays the switch’s hardware version. MAC Address: The unique hardware address assigned by manufacturer. Uplink port information: Displays the 100BASE-FX fiber port information.
4-3. Switch Static Configuration Press the Tab or Backspace key to choose action menu, and then press the Enter key to select item.
4-3-1.
4-3-1-1. Device Information Name: 10 characters can be used to give the switch a unique name in order to distinguish it on the network. After configuration this name will show at the top of each menu screen. Description: 32 characters can be used to describe the switch. Location: 32 characters can be used to give a location of the switch. Content: 32 characters can be used to describe devices attached. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line.
4-3-1-2. IP Configuration This menu enables the user to change the default settings of the IP address, subnet mask and gateway. Rebooting the switch is necessary to have the configuration change take affect. DHCP: User can disable or enable the DHCP function. IP Address: User can assign a new IP address for the switch. Subnet Mask: User can assign a new subnet mask IP address for the switch. Gateway: User can assign a new gateway IP address for the switch. Actions-> : Configures all items.
4-3-1-3. Username Configuration Use this screen to change the User Name. The default user name is root. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits the user name configuration page and returns to previous menu.
4-3-1-4. Password Configuration Use this screen to change the console and web management password. The default password is root. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits the password configuration page and returns to previous menu.
4-3-2. Port Configuration This page can change every port status. Press the TAB key to select each item and press the SPACE key to change the configuration of each item. State: Displays current port status. The port can be set to disable or enable mode. If the port setting is set to disable, the port will not receive or transmit any packets. Negotiation: Displays current auto negotiation setting status of each port. Speed/Duplex: Each port can be set for link speed and duplex mode.
Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits the port configuration page and returns to previous menu.
4-3-3. Trunk Configuration This page can configure trunk groups. Press the TAB key to select each item and press the SPACE key to change the configuration of each item. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits the trunk configuration page and returns to previous menu.
4-3-4. Port Mirroring Configuration Port mirroring is a method for monitoring traffic in switched networks. Traffic through ports can be monitored by one specific port. The traffic being received or transmitted by the monitored ports will be duplicated into the monitoring port. Press the Space key to change the configuration of an item. Mirroring state: User can enable or disable Port Mirroring mode. The default is disabled, enabled options are TX packet only, RX packet only or Both.
4-3-5. VLAN Configuration This page can set VLAN mode to port-based VLAN, 802.1Q VLAN or disable VLAN function. All ports are automatically placed in VLAN 1, the default VLAN. To create new VLANs, use the Create a VLAN Group menu and add a VLAN. Make sure when you enter a VLAN name you do not leave spaces. For example VLAN2 is correct; VLAN 2 will give an error. The VLAN name can be any 15 alphanumeric characters. Special characters are not allowed.
4-3-5-1. VLAN Configure Choose a VLAN In the VLAN Configure menu select the type of VLAN you want to configure: VLAN Disabled (default), Port Based VLAN, or IRRR802.1Q Tag based VLAN. Save the configuration. There are 3 different options for VLANs to choose from using the space bar: Disabled, Port Based and 802.1Q. To configure a new VLAN, select Edit and then use the tab key to select items you want to configure. The space bar allows you to select the different options.
IEEE802.1Q VLANs If IEEE802.1Q VLANs is selected, all the ports will belong to the default VLAN If more than one VLAN is necessary, the additional VLANs may be created. Security VLANs Security VLAN’s allow for limiting telnet, SNMP and web access to the switch to a specific VLAN. The VID of the Security VLAN may be changed from 255 to another value after creating the VLAN. already exist on the box.
Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Displays previous page. : Displays next page. : Exits this page and returns to previous menu.
PVID (Port VID): Set the port VLAN ID that will be assigned to untagged traffic on a given port. This feature is useful for accommodating devices that you want to participate in the VLAN, but don’t support tagging. Only one untagged VLAN is allowed per port. Other VLANs need to be tagged. Ingress Filter 1: If this is set, the port will only forward packets with VID (VLAN ID) matching this port’s configured VID.
4-3-5-2. Create VLAN Group Create Port-Based VLAN Select to create a port-based VLAN and add member or nonmember ports to it. 1. VLAN Name: Type a name for the new VLAN using 15 alphanumeric characters and no spaces. 2. Group ID: Type the VLAN group ID. The group ID range is 1to 4094. 3. Member: Press the Space key to choose VLAN member type. There are two selections: Member: The port is member port. NO: The port is NOT member port. 4. Press “ESC” to go back to the action menu line. 5.
Create 802.1Q VLAN Select to create an 802.1Q VLAN and add tagged or untagged member ports to it. 1. VLAN Name: Type a name for the new VLAN using 15 alphanumeric characters and no spaces. 2. VLAN ID: Type a VID (between 1~4096). The default is 1. There are 256 VLAN groups provided to configure. 3. Protocol VLAN: Press the Space key to choose the protocol type. 4. Member: Press the Space key to choose the VLAN member.
6. Select to save all configured values. NOTE: If the trunk groups exist, it will be displayed (ex: Trunk1, Trunk2…) after port 9. The user can configure select if it is the member of the VLAN or not. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-3-5-3. Edit / Delete VLAN Group Use this menu to edit or delete a VLAN group. When editing the chosen VLAN, the user can change the protocol VLAN or a member port. A new protocol can be configured and the ports can be changed to tagged or untagged or deleted as member ports from this VLAN. In edit mode the VLAN Name and VLAN ID are read-only and cannot be modified. VLAN1, the default VLAN, can never be deleted. 1. Press or item. 2.
NOTE: The VLAN Name and VLAN ID are read-only and cannot be modified. In 802.1Q VLAN mode, the default VLAN cannot be deleted. In Port Based VLAN mode, there is no default VLAN. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Deletes selected VLAN Groups. : Displays previous page. : Displays next page. : Exits this page and returns to previous menu.
4-3-5-4. Groups Sorted Mode Use this menu to select the VLAN groups sorted mode. There are two selections: Name: Sorted by name VLAN ID: Sorted by VID The results can be viewed on the Edit/Delete a VLAN Group screen. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-3-6. Priority Configuration Level (0-7): There are eight (0 to 7) priority levels that can be mapped as high or low priority queues. QoS Mode: User can select the ratio of high priority packets and low priority packets by pressing the Space key. High Low Queue service ratio: 1:1, 2:1, 3:1, 4:1, 5:1, 6:1, 7:1, FIFO, HÎL First In First Out (FIFO): The sequence of packets sent depends on arrival order. High to Low (HÎL): The high priority packets are sent before the low priority packets.
Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-3-7.
4-3-7-1. Static MAC Address When a static MAC address is added, it remains in the switch's address table, regardless of whether the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the device is disconnected or powered-off and then becomes active again. The menu shows the current configured static MAC addresses. The user can add, modify or delete a static MAC address. Once added, the MAC address will be listed on this page.
4. If tag-based (802.1Q) VLANs are configured, the static addresses are associated with individual VLANs. Enter the VID to associate with the MAC address. 5. Press ESC to go back action menu line, and then select to save all configured values. Edit static MAC address 1. Press key to modify a static MAC address. 2. Choose the MAC address that you want to modify and then press enter. 3. Press the key to modify all the items. 4.
4-3-7-2. Filtering MAC Address Add Filtering MAC address 1. Press the key. Then press the key on this menu to add a filtering MAC address. 2.
all configured values. Edit Filtering MAC address 1. Press the key to modify a Filtering MAC address. 2. Choose the MAC address that you want to modify and then press enter. 3. Press the key to modify all the items. 4. Press ESC to go back action menu line, and then select to save all configured values. Delete Filtering MAC address 1. Press the key to delete a Filtering MAC address. 2. Choose the MAC address that you want to delete and then press enter. 3.
4-3-8. Miscellaneous Configuration Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu. 4-3-8-1. MAC Address Ageing Time To configure a different MAC Address Ageing Time, type the number of seconds that an inactive MAC address remains in the switch’s address table before it is deleted.
4-3-8-2. Broadcast Storm Filtering Broadcast storm filtering is used to limit the amount of broadcast traffic on the network. An excessive amount of broadcast traffic can inhibit data packets from timely delivery. The valid threshold values are 5%, 10%, 15%, 20%, 25% and NO. If the broadcast traffic is greater than the configured value, broadcast packets will be dropped. The default is NO.
4-3-8-3. Max Bridge Transmit Delay Bound Max bridge transmit delay bound (0,1-4 sec): Limits the packets queuing time in the switch. If enabled, the packets exceeding the queuing time will be dropped. Press the Space key to set the time. Valid values are 1sec, 2sec, 4sec and Off. The default is 1 second when this feature is enabled. This setting does not depend on what values are set in the “Priority Configuration” menu.
4-3-8-4. Collision Retry Forever Collisions Retry Forever: User can choose to disable collision retry forever and, if a collision occurs in half-duplex mode, the switch will attempt to send the packet 48 times and then drop the frame. When enabled, a collision that occurs in half-duplex mode will result in repeated attempts by the switch forever. 4-3-8-5. Hash Algorithm This Hash Algorithm is for hardware maintenance on the MAC table calculation.
4-4. Protocol Related Configuration 4-4-1.
4-4-1-1. STP Setup This page enables or disables the Spanning Tree function. Press the Space key to select Enabled or Disabled. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-1-2. System Configuration All devices in the spanning tree instance will utilize the same values as the root bridge to ensure consistency throughout the network. If this device becomes the root bridge, then the other switches in the STP instance will utilize its values. Spanning tree information for the Root Bridge on the left is for display only. Configure new values for the STP parameter on the right. You must enable STP function before selecting the configuration menu.
Max Age: The number of seconds a bridge waits without receiving Spanning-Tree Protocol configuration messages before attempting a reconfiguration. Enter a number 6 through 40. Hello Time: The number of seconds between the transmission of Spanning-Tree Protocol configuration messages. Enter a number 1 through 10. Forward Delay Time: The number of seconds a port waits before changing from its Spanning-Tree Protocol learning and listening states to the forwarding state. Enter a number 4 through 30.
4-4-1-3. STP Per Port Setting State: Spanning tree status for each port is either forwarding or blocking. PathCost: Specifies the path cost of the port that the switch uses to determine which ports are the forwarding ports. If you change the value, you need to restart the switch for valid value change to take effect. Priority: Specifies the path cost of the port that the switch uses to determine which ports are the forwarding ports. forwarding port.
Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-2. SNMP Any Network Management station running the Simple Network Management Protocol (SNMP) can manage the switch provided that the Management Information Base (MIB) is installed. SNMP is a protocol that governs the transfer of information between management and agent. The switch supports SNMP V1. Use this menu to define management stations as trap managers and to enter SNMP community strings. Users can also define a name, location, and contact person for the switch.
4-4-2-1. SNMP System Options Press to enter all items, ESC to return to the action menu, and then press to save the configured values. System Name: Enter a name to identify the switch. System Contact: Enter the name of the contact person or organization. System Location: Enter the location of the switch. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-2-2. Community Strings Community strings serve as passwords and can be entered as one of the following: Read only: Enables requests accompanied by this string to display MIB-object information. Read Write: Enables requests accompanied by this string to display MIB-object information and to set MIB objects. Community Name: Enter the name of current community strings. The default is “public”. Write Access: Enables the permissions for Read Only or Read/Write.
Add Community Strings 1. Press the key. Then press the key on this menu to add a SNMP Trap Manager. 2. Enter the Community Name and select the Write Access setting for the Community String. 3. Press ESC to go back action menu line, and then select to save all configured values.
Edit Community Strings 1. Press key to modify a Community String. 2. Choose the Community Name that you want to modify and then press enter. 3. Enter the correct Community Name and Write Access setting. 4. Press ESC to go back action menu line, and then select to save all configured values. Delete Community Strings 1. Press the key to delete a Community String. 2. Choose the Community Name that you want to delete and then press enter. 3.
Actions-> : Creates a trap manager. : Configures all items. When finished, pressing ESC returns to the action menu line. : Deletes a community string. After deleting, press to complete the deletion. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-2-3. Trap Managers A trap manager is a management station that receives traps. The switch generates system alerts. If no trap manager is defined, no traps are issued. Create a trap manager by entering the IP address of the station and a community string.
Add SNMP Trap Managers 1. Press the key. Then press the key on this menu to add a SNMP Trap Manager. 2. Enter the IP address and Community Name for the SNMP Trap Manager. 3. Press ESC to go back action menu line, and then select to save all configured values.
Edit SNMP Trap Managers 1. Press key to modify a SNMP Trap Manager. 2. Choose the IP address and Community Name that you want to modify and then press enter. 3. Enter the correct IP Address and Community Name. 4. Press ESC to go back action menu line, and then select to save all configured values.
Delete SNMP Trap Managers 1. Press the key to delete a SNMP Trap Manager. 2. Choose the IP Address and Community Name that you want to delete and then press enter. 3. After deleting the SNMP Trap Manager, you must press to complete the deletion. Actions-> : Creates a trap manager. : Configures all items. When finished, pressing ESC returns to the action menu line. : Deletes a trap manager. After deleting, press to complete the deletion.
4-4-3. LACP The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances to reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner. Link aggregation lets you group up to eight consecutive ports into a single dedicated connection.
4-4-3-1. Working Ports Setting Group: Displays the trunk group ID. LACP: Press the Space key to enable or disable LACP (Link Aggregation Control Protocol) support. If enabled, the group is an LACP static trunking group. If disabled, the group is a local static trunking group. LACP Work Port Num: The maximum number of ports that can be aggregated at the same time. If the group is an LACP static trunking group, the exceed ports is standby and able to aggregate if the work ports fail.
: Exits this page and returns to previous menu. 4-4-3-2. LACP State Activity Active: The port automatically sends LACP protocol packets. Passive: The port does not automatically send LACP protocol packets, and responds only if it receives LACP protocol packets from the opposite device. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-3-3. Group Status When setting a trunking group, the relationship status information may be seen on the LACP Group Status screen. Actions-> : Exits this page and returns to previous menu.
4-4-4. IGMP/GVRP Configuration Use the GVRP Configuration screen to enable or disable GVRP (GARP VLAN Registration Protocol) support. Press the Space key to choose Enabled or Disabled. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-5. 802.
4-4-5-1. 802.1x Setup Use this screen to enable or disable 802.1x. Press the Space key to choose Enabled or Disabled mode. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-5-2. 802.1x System Configuration Use the 802.1x System Configuration screen to configure the IEEE 802.1x parameters. Radius Server IP: Enter the Radius Server IP address. Shared Key: Enter an encryption key for use during authentication sessions with the specified radius server. This key must match the encryption key used on the Radius Server. NAS, Identifier: Enter the identifier for the radius client.
4-4-5-3. 802.1x Per Port Configuration Press the Space key to select Disable, Accept, Reject or Authorize for the State of each port. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Saves all configured values. : Exits this page and returns to previous menu.
4-4-5-4. 802.1x Miscellaneous Configuration Quiet period: Enter the period during which the port doesn’t try to acquire a supplicant. TX period: Enter the period the port waits to retransmit next EAPOL PDU during an authentication session. Supplicant timeout: Enter the period of time the switch waits for a supplicant response to an EAP request. Server timeout: Enter the period of time the switch waits for a server response to an authentication request.
4-5.
4-5-1. Factory Default Use this menu to restore all factory default settings. Pressing y will reset the switch configuration settings to their factory defaults. Rebooting the switch is necessary for the new configurations to take effect. y: Resets the switch to the factory default configuration. The software version that the switch will be reset to can be found on the “System Information” menu under the main menu “Status and Counters”. N: Returns to the previous menu.
4-5-3. TFTP Configuration Use this screen to update firmware, restore EEPROM values or upload current EEPROM value.
4-5-3-1. Update Firmware Use this screen to update firmware from the TFTP server. Start the TFTP server, and copy the firmware update version image file to TFTP server. TFTP Server IP: Enter the IP address of the TFTP server. Firmware File Name: Enter the image file name. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line. : Starts download of image file from the TFTP server. When the save is successful, the image is downloaded.
4-5-3-2. TFTP Restore Configuration Use this screen to restore an EEPROM value or save a previous version of the image file from the TFTP server. Start the TFTP server, and copy the firmware update version image file to TFTP server. TFTP Server IP: Enter the IP address of the TFTP server. Restore File Name: Enter the image file name. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line.
4-5-3-3. TFTP Backup Configuration Use this screen to save the current EEPROM value to an image file. Then go to the update configuration page to restore the EEPROM value. Start the TFTP server, and copy the firmware update version image file to TFTP server. TFTP Server IP: Enter the IP address of the TFTP server. Restore File Name: Enter the image file name. Actions-> : Configures all items. When finished, pressing ESC returns to the action menu line.
4-6. Xmodem Upgrade 1. While booting the switch, press the X key to start the Xmodem routine on the device. 2. Pressing X will cause the switch Xmodem application to begin and cause the baud rate to change to 57600 bps. You will need to disconnect the cable connected to the serial port, and change the baud rate of your hyper-terminal application on your laptop to 57600 bps, then connect the cable and reconnect to the switch.
3. Select “send file" under the "transfer" menu from menu bar. 4. Press the "browse" button to select the path. 5. Select "1K Xmodem" of protocol and press the "Send" button. 6. After successfully upgrading to the new firmware, change the baud rate back to the default 9600bps.
5. Web-Based Management This section introduces the configuration and functions of the web-based management of MIL-SME801P switch series. The managed switch series provides an embedded HTML website residing in flash memory. It offers advanced management features and allow users to manage the device from anywhere on the network through a standard browser such as Internet Explorer or Netscape. Web-Based Management supports Internet Explorer 5.0.
Preparing for Web Management You must either reconfigure the IP address information for the switch using the serial console port following the instructions in the “Console Management” section, or setup your network to support the default address of the switch. The default values are as follow: IP Address: 192.168.1.77 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.1.6 User Name: root Password: root If you change the IP address of the box from the one above, please replace references of 192.168.1.
5-1. System Login 1. Launch Internet Explorer or Netscape. 2. Type http:// and the IP address of the switch in the Location or Address field. The default IP Address is 192.168.1.77. 3. Press Enter. Figure 5-1: The Password Window 4. In the login screen, type the user name and password. The default is root for both. 5. Press Enter or Click OK and the Home Page screen for web-based management will appear.
5-2. Port Status State: Displays port status off or on depending on user setting. “Unlink” means the port is offline or “off ”. Link Status: Down is “No Link”, UP is “Link”. Auto Negotiation: Displays the auto negotiation mode. There are three selections: Auto, Force and Nway-force. Speed status: Displays link speeds of 100Mbps or 10Mbps. Duplex status: Displays full-duplex or half-duplex mode. Flow Control: Displays the flow control status as enabled or disabled in full-duplex mode.
5-3. Port Statistics The following information provides a view of the current status of the unit. Pressing the Reset button will return all counts to zero. Left click mouse on the desired port on the graphical image of the switch to get specific information for that port.
5-4. Administrator The management functions include IP address, switch settings, console port information, port controls, trunking, filter database, VLAN configuration, spanning tree, port mirroring, SNMP, security manager, TFTP update firmware, configuration backup, system reset, and reboot.
5-4-1. IP Address The IP Settings can be changed by entering new values and clicking the Apply button. The switch must be reset for the new IP address to take effect. Default IP: 192.168.1.77 Subnet Mask: 255.255.255.0 Gateway: 192.168.1.
5-4-2. Switch Setting 5-4-2-1. Basic System Name: Displays the name of the device. System Location: Displays the location of the device. System Description: Displays the name of the device type. Firmware Version: Displays the switch’s downloaded firmware version. Kernel version: Displays write to default EEPROM value version. Hardware Version: Displays the switch’s hardware version. MAC Address: Displays unique hardware address assigned by manufacturer.
5-4-2-2. Advanced Setting MAC Address Entry Age-out Time: Enter the number of seconds that an inactive MAC address remains in the switch's address table. The valid range is 300 to 765 seconds. Default is 300 seconds. Max bridge transmit delay bound control: Limits the packets queuing time in the switch. If enabled, the packets that exceed the time limit in the queue will be dropped. This valid values are 1sec, 2 sec, 4 sec and off. Default is 1 second.
Priority Queue Service settings: First Come First Service: The sequence of packets sent is dependent on the order of arrival. The first packets in the queue are transmitted before any other packets. All High before Low: The high priority packets are sent before the low priority packets. Weighted Round Robin: This option enables the user to choose a ratio of the number of high priority packets sent before one low priority packet is sent.
Qos Policy: High Priority Levels: 0 to 7 priority level can map to a high or low queue. When the VLAN Tag number of a frame is mapping as a high priority level, this frame always has high priority. In this example, the QoS policy applies to the switch, not for a single port.
5-4-2-3. Miscellaneous Setting Collisions Retry Forever: Disabled – In half duplex, if a collision occurs, the switch will retry 48 times and then drop frame. Enabled – In half duplex, if a collision occurs, the switch will retry forever. 802.1x Protocol: Select enable or disable for 802.1x protocol. Hash Algorithm: CRC Hash or Direct Map for MAC address learning algorithm. IFG Compensation: Select enable or disable for Internal Packet Gap time compensation configuration.
IGMP Theory of Operation The following three topologies detail how IGMP Query works and to be configured within a network: 1. Auto mode needs to be enabled when the router’s IP address is smaller than other switches in the subnet.
2. IGMP needs to be enabled when the router’s IP address is not smaller than other switches in the subnet. This Router supports IGMP protocol, but IGMP has to be enabled, and the Router has to be the Querier.
3. The following topology must be set when the IP address of the switch is not the smallest in the subnet. The network will cause a multi-cast storm from the IGMP client report if it is in Auto mode. All switches must be in disable mode when the VOD server is configured for IGMP Querier. Note: It is suggested that the VOD server switch have the smallest IP address.
5-4-3. Console Port Information Console is a standard UART interface to communicate with a serial port. The Windows HyperTerminal program can be used to link the switch with the console port. In order to change any of these parameters, you must be connected to the console port.
5-4-4. Port Controls The menu allows changing of port configurations. State: User can disable or enable each port. Negotiation: User can set auto negotiation mode for each port to Auto, Nway (specify the speed/duplex on this port and enable auto-negotiation) or Force. Speed: User can set 100Mbps or 10Mbps speed on Ports 1 to 8. Port 9 is fixed at 100 Mbps. Duplex: User can set full-duplex or half-duplex mode for each port.
1 to 1000: valid rate value. Priority: This static priority is based on each port setting. If the port priority is set high, incoming frames from this port will always be high priority frames. Security: A port in security mode will be “locked” unless address learning is enabled. Only the incoming packets with SMAC already existing in the address table can be forwarded normally.
5-4-5. Trunking The Link Aggregation Control Protocol (LACP) provides a standardized means for exchanging information between Partner Systems on a link to allow their Link Aggregation Control instances. To reach agreement on the identity of the Link Aggregation Group to which the link belongs, move the link to that Link Aggregation Group, and enable its transmission and reception functions in an orderly manner.
5-4-5-1. Aggregator Setting System Priority: A value used to identify the active LACP. The switch with the lowest value has the highest priority and is selected as the active LACP. To create a trunk across two or more ports: 1. Group ID: Choose the "Group ID" and click "Get". 2. LACP: If enabled, the group supports LACP. If disabled, the group is a local static trunking group between two switches. All ports support LACP dynamic trunking group.
configure LACP Active/Passive status for each port. 5. Click the Apply button to save the new configuration. 6. To remove ports from a trunk group, highlight the ports in the table you want to remove and then click the Remove button. To delete a trunk group, highlight the selection in the table you want to delete and then click the Delete button.
5-4-5-2. Aggregator Information The LACP Aggregator relation information is displayed as shown.
5-4-5-3. State Activity Active (selected): The active port automatically sends LACP protocol packets. Passive (not selected): The passive port does not automatically send LACP protocol packets, but responds only if it receives LACP protocol packets from the other device. A link having either two active LACP ports or one active port can perform dynamic LACP trunking.
status will be created automatically.
5-4-6. Forwarding and Filtering 5-4-6-1. IGMP Snooping The switch supports IP multicasting. You can enable IGMP via the web management’s configuration screen. In addition, you can view different multicast groups, VIDs and member ports, and IP multicast addresses that range from 224.0.0.0 through 239.255.255.255. The Internet Group Management Protocol (IGMP) is an internal protocol of the Internet Protocol (IP) suite. IP manages multicast traffic by using switches, routers, and hosts that support IGMP.
IGMP has three fundamental types of messages: Message Description Query A message sent from the querier (IGMP router or switch) asking for a response from each host belonging to the multicast group. Report A message sent by a host to the querier to indicate that the host wants to be or is a member of a given group indicated in the report message. Leave Group A message sent by a host to the querier to indicate that the host has quit to be a member of a specific multicast group.
5-4-6-2. Static MAC Address When a static MAC address is added, it remains in the switch's address table, regardless of whether or not the device is physically connected to the switch. This saves the switch from having to re-learn a device's MAC address when the device is disconnected or powered-off. To add a static MAC address: 1. Click on Administrator on the main menu. 2. Click on Filter Database. 3. Click Static MAC Addresses.
addresses are associated with individual VLANs. Type the VID (tag-based VLANs) to associate with the MAC address. 6. Click the Add button. 7. To delete a static MAC address, highlight the selection in the table you want to delete and then click the Delete button.
5-4-6-3. MAC Filtering MAC address filtering allows the switch to drop unwanted traffic. Traffic is filtered based on the destination addresses. Steps to specify a MAC address to filter: 1. In the MAC Address box, enter the MAC address to filter. 1. If tag-based (802.1Q) VLAN are set up on the switch, in the VLAN ID box, type the VID to associate with the MAC address. 2. Click the Add button. 3.
5-4-7. VLAN Configuration A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain. It allows you to isolate network traffic so only members of the VLAN receive traffic from the same VLAN members. Basically, creating a VLAN from a switch is logically equivalent of reconnecting a group of network devices to another Layer 2 switch. However, all the network devices are still plugged into the same switch physically. The MIL-SME801P switch supports port-based, 802.
Support Port-based VLANs Ethernet frames received on a port are sent only to ports belonging to the same VLAN group of ports. All ports default belonging to the same VLAN group. The VLAN information included in Ethernet frames tagged with VLAN IDs is ignored by the switch in Port Based VLAN mode. Support Tag-based VLAN (IEEE 802.1Q VLAN) The IEEE 802.1Q specification is the standard for Port-based Tagging. Therefore, it is possible to create a VLAN across devices from different switch suppliers. IEEE 802.
5-4-7-1. Port-based VLAN In order for an end station to send packets to different VLANs, it has to be either capable of tagging the packets it sends with VLAN tags OR be attached to a VLAN-aware bridge. The VLAN-aware bridge must be capable of classifying and tagging the packet with different VLAN ID. The classification and tagging of the packets is based on default PVID and other information about the packet, such as the protocol.
Create a VLAN and add tagged member ports to it. 1. Click the Add button to create a new VLAN group. 2. Enter the VLAN name, group ID and select the members for the new VLAN. 3. Click the Apply button. 4. If the number of groups exceeds the limit for a single page, click the NextPage button to view other VLAN groups. 5. To delete a VLAN group, highlight the selection in the table you want to delete and then click the Delete button. 6.
5-4-7-2. 802.1Q VLAN On this page, the user can create Tag-based VLANs, and enable or disable GVRP protocol. There are 256 VLAN groups provided to configure. If 802.1Q VLAN is enabled, then all ports on the switch belong to the default VLAN1. The default VLAN1 can’t be deleted. GVRP (GARP VLAN Registration Protocol) GVRP allows automatic VLAN configuration between the switch and nodes.
Security VLANs Security VLAN’s allow for limiting telnet, SNMP and web access to the switch to a specific VLAN. The VID of the Security VLAN may be changed from 255 to another value after creating the VLAN. The new VID must not already exist on the box. Note: Before enabling the security VLAN feature, you must set the management port you are managing from to PVID 255.
Basic To create a VLAN and add tagged member ports to it: 1. Select the Add button to create a new VLAN. 2. Enter a name for the new VLAN. 3. Enter a VLAN ID (2 to 4094). The default is 1. 4. Choose the protocol type. Default is NONE. 5. From the Available ports box, select ports to add to the switch and click Add. If the trunk groups exist, you can see it here (ex:Trunk1,Trunk2…) and configure it as a member of the VLAN or not. 6. Click the Next button.
Tag: Outgoing frames with VLAN-Tagged. Untag: Outgoing frames without VLAN-Tagged.
VLAN Port ID To configure port VID settings: From the main 802.1Q VLAN page, click Port VLAN ID Settings. VLAN ID Set the port VLAN ID that will be assigned to untagged traffic on a given port. This feature is useful for accommodating devices that you want to participate in the VLAN but that don’t support tagging. Only one untagged VLAN is allowed per port. Other VLANs need to be tagged.
the port belongs to that VLAN. Enable: Forward only packets with VID matching this port's configured VID. Disable: Disable Ingress filter function. Acceptable Frame Type ALL: All packets are acceptable. Tag Only: Only packets that match the VLAN ID will have permission to go through the port.
5-4-8. Spanning Tree The Spanning-Tree Protocol (STP) is a standardized method (IEEE 802.1d) for avoiding loops in switched networks. When STP is enabled it ensures that only one path at a time is active between any two nodes on the network. Spanning-Tree Protocol can be enabled using web management’s switch setting advanced item, and selecting enable Spanning-Tree protocol. By default, spanning tree is disabled on the switch.
5-4-8-1. System Configuration To enable STP mode select the box next to STP State and click so that a check mark √ appears. This indicates that STP is enabled on the device. After enabling STP, configure the system level functions for the device. The second table displays the current active Root Bridge. The switch will take on the attributes of the active Root Bridge regardless what has been configured above. 5-4-8-2. Per Port Configuration You can configure path cost and priority of each port.
The priority and path cost can be configured for each port. Click the Apply button to modify the configuration. Parameter Port Priority Path Cost Description A change to the Port Priority affects which port will be the root port. The lowest number has the highest priority. The range is 0-255 and the default setting for all ports is 128. If you change the value, you must reboot the switch. Path Cost specifies the path cost of the port that the switch uses to determine which ports are the forwarding ports.
5-4-9. Port Mirroring The Port Mirroring feature is disabled by default. Selecting enable from the pull down menu will cause the selected traffic from the selected monitor ports to be mirrored to the selected analysis port. Press the Apply button to submit the changes. Port Mirroring State: Enables or Disables the port mirroring function. Enabled states include RX, TX or Both. Analysis Port: All mirrored traffic is sent out this port. Monitor Port: The ports you want to mirror.
5-4-10. SNMP Management A SNMP is a protocol that governs the transfer of information between management and agent. The switch supports SNMP V1. Any Network Management station running the Simple Network Management Protocol (SNMP) can manage the switch provided that the Management Information Base (MIB) is installed. Use this menu to define management stations as trap managers and to enter SNMP community strings.
1. System Options – The length of each can be 26 characters. Name: Enter a name to be used for the switch. Location: Enter the location of the switch. Contact: Enter the name of a person or organization. 2. Community strings serve as passwords and can be entered as one of the following: RO (Read only): Enables requests accompanied by this string to display MIB-object information. RW (Read write): Enables requests accompanied by this string to display MIB-object information and to set MIB objects.
3. Trap Manager A trap manager is a management station that receives traps. Traps are the system alerts generated by the switch. If no trap manager is defined, no traps are issued. Create a trap manager by entering the IP address of the station and a community string.
5-4-11. Security Manager The user can change the user name and password to keep the switch secure. After entering a new user name and password, click the Apply button to submit the changes. The default user name and password are below.
5-4-12. 802.1x You must enable the 802.1x protocol on the miscellaneous section of the Switch Settings menu for changes in this section to take effect. This section deals with the system level and per port configurations to support the IEEE 802.1x authentication and authorization protocol. 5-4-12-1. System Configuration Radius Server IP: Set the Radius Server IP address. Server Port: Set the UDP destination port for authentication requests to the specified Radius Server.
5-4-12-2. Per Port Configuration Each port can be configured to one of the following four states: Reject: The specified port is required to be held in the Unauthorized state. Accept: The specified port is required to be held in the Authorized state. Authorized: The specified port is set to the Authorized or Unauthorized state in accordance with the outcome of an authentication exchange between the Supplicant and the authentication server.
5-4-12-3. 802.1x Miscellaneous Configuration Quiet period: Set the period during which the port doesn’t try to acquire a supplicant. TX period: Set the period the port waits to retransmit next EAPOL PDU during an authentication session. Supplicant timeout: Set the period of time the switch waits for a supplicant response to an EAP request. Server timeout: Set the period of time the switch waits for a server response to an authentication request.
5-4-13. TFTP Update Firmware The following menu options provide some system control functions to allow a user to update firmware and remotely reboot the switch system. Before updating, make sure you have your TFTP server ready and the firmware image copied to the TFTP server. TFTP Server IP Address: Enter the TFTP server IP address. Firmware File Name: Enter the firmware image file name. 5-4-14. Configuration Backup 5-4-14-1.
5-4-14-2. TFTP Backup Configuration The current configuration image can be uploaded from the switch to a TFTP server using this page. Use the TFTP Restore Configuration page to download a configuration image to the switch. TFTP Server IP Address: Enter the TFTP server IP address. Backup File Name: Enter the file name to back up.
5-4-15. Factory Default Resets the Switch to default configuration. Default IP address: 192.168.16.1 Default Gateway: 192.168.16.254 Subnet mask: 255.255.255.0 All other settings default to either Disabled or no value. 5-4-16. Reboot Select Reboot to restart the system with the current saved configuration.
6. Troubleshooting This section is intended to help you solve some common problems encountered while using the MIL-SME801P switch series. Incorrect connections The RJ-45 port will auto-detect the signal configuration of the cable. For 10/100 Mbps, only two pairs of wires are required for communications. For 1000Base-TX, all four pairs of wire are required. Some cabling plants may not have all four pairs, causing a fault in the link. The fiber port is either a multi-mode or single-mode fiber type.
Improper Network Topologies It is important to make sure that you have a valid network topology. Common topology faults include excessive cable length and too many repeaters or hubs between end nodes. In addition, you should make sure that your network topology contains no data path loops. Between any two ends nodes, there should be only one active cabling path at any time. Data path loops will cause broadcast storms that will severely impact your network performance.
100BASE-FX Fiber port: Multi-mode fiber connector types must use 50/125 or 62.5/125 µm multi-mode fiber cable. Two devices may be connected over a 2-kilometer distance. Single-mode fiber connector types must use 9/125 µm single mode fiber cable. Two devices may be connected over a15 to 60-kilometer distance in full duplex operation in single mode.
7. Technical Specifications This section provides the specifications of the MIL-SME801P switch product. IEEE802.3 10BASE-T IEEE802.3u 100BASE-TX/100BASE-FX IEEE802.3x Flow Control and Back pressure Standard IEEE802.3ad Port Trunk with LACP IEEE802.1d Spanning tree protocol IEEE802.1p Class of service IEEE802.
1000BASE-SX MMF SC 220m 1000BASE-LX SMF SC 10km Gigabit SX Transceiver: SC. Support Multi-mode fiber up to 500Meters Gigabit LX Transceiver: SC. Supports Single Mode fiber up to 10KM Switch architecture Store and Forward, 8.
90000415 Rev A
