mn smc8024l2 man
DESCRIPTION
rTRANSCRIPT
-
TigerSwitch 10/100/1000
Managed Ethernet Switch 24 auto-MDI/MDI-X 10/100/1000BASE-T ports 4 ports shared with 4 SFP transceiver slots Non-blocking switching architecture Spanning Tree Protocol Up to eight LACP or static 8-port trunks Layer 2/3/4 CoS support through four priority queues Full support for VLANs IGMP multicast filtering and snooping Support for jumbo frames up to 9 KB Manageable via console, Web, SNMP/RMON
Management GuideSMC8024L2
-
38 TeslaIrvine, CA 92618Phone: (949) 679-8000
TigerSwitch 10/100/1000Installation Guide
From SMCs Tiger line of feature-rich workgroup LAN solutions
April 2006Pub. # 150000022900H
-
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice.
Copyright 2006 bySMC Networks, Inc.
38 TeslaIrvine, CA 92618
All rights reserved. Printed in Taiwan
Trademarks:SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.
-
LIMITED WARRANTYLimited Warranty Statement: SMC Networks, Inc. (SMC) warrants its products to be free from defects in workmanship and materials, under normal use and service, for the applicable warranty term. All SMC products carry a standard 90-day limited warranty from the date of purchase from SMC or its Authorized Reseller. SMC may, at its own discretion, repair or replace any product not operating as warranted with a similar or functionally equivalent product, during the applicable warranty term. SMC will endeavor to repair or replace any product returned under warranty within 30 days of receipt of the product.
The standard limited wanew products within 30can be accomplished viasite. Failure to register wwarranty covers a produtime during which the pActive while it is listedtechnologies become obproduct line with one thproduct is discontinuedproducts with their resphttp://www.smc.com
All products that are repeither new or reconditiowarranty or the remaindfor any custom softwareCustomer contained in, to any warranty. Producadd-on components, sureplacement. SMC is no
Customers must contacany product to SMC. Prwithout a valid Return Mof the package will be reNorth America, please cCustomers are responsiresponsible for return si
rranty can be upgraded to a Limited Lifetime* warranty by registering days of purchase from SMC or its Authorized Reseller. Registration the enclosed product registration card or online via the SMC Web ill not affect the standard limited warranty. The Limited Lifetime ct during the Life of that Product, which is defined as the period of roduct is an Active SMC product. A product is considered to be on the current SMC price list. As new technologies emerge, older solete and SMC will, at its discretion, replace an older product in its at incorporates these newer technologies. At that point, the obsolete
and is no longer an Active SMC product. A list of discontinued ective dates of discontinuance can be found at:/index.cfm?action=customer_service_warranty.
laced become the property of SMC. Replacement products may be ned. Any replaced or repaired product carries either a 30-day limited er of the initial warranty, whichever is longer. SMC is not responsible or firmware, configuration information, or memory data of stored on, or integrated with any products returned to SMC pursuant ts returned to SMC should have any customer-installed accessory or ch as expansion modules, removed prior to returning the product for t responsible for these items if they are returned with the product.
t SMC for a Return Material Authorization number prior to returning oof of purchase may be required. Any product returned to SMC aterial Authorization (RMA) number clearly marked on the outside
turned to customer at customers expense. For warranty claims within all our toll-free customer support number at (800) 762-4968.
ble for all shipping charges from their facility to SMC. SMC is hipping charges from SMC to customer.
-
ii
WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, CUSTOMERS SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMCS OPTION. THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OLIABILITY IN CONNMAINTENANCE ORUNDER THIS WARRAALLEGED DEFECT CUSTOMERS OR ANINSTALLATION OR ANY OTHER CAUSEACCIDENT, FIRE, LI
LIMITATION OF LIAOR TORT (INCLUDININCIDENTAL, CONSDAMAGES OF ANY KOTHER FINANCIALSALE, INSTALLATIOINTERRUPTION OFRESELLER HAS BEE
SOME STATES DO NOR THE LIMITATIOCONSUMER PRODUMAY NOT APPLY TORIGHTS, WHICH MAWARRANTY SHALL
* SMC will provide warSMC price list. Under thand cables are covered bTHER PERSON TO ASSUME FOR IT ANY OTHER ECTION WITH THE SALE, INSTALLATION,
USE OF ITS PRODUCTS. SMC SHALL NOT BE LIABLE NTY IF ITS TESTING AND EXAMINATION DISCLOSE THE
IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY Y THIRD PERSONS MISUSE, NEGLECT, IMPROPER
TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR BEYOND THE RANGE OF THE INTENDED USE, OR BY GHTNING, OR OTHER HAZARD.
BILITY: IN NO EVENT, WHETHER BASED IN CONTRACT G NEGLIGENCE), SHALL SMC BE LIABLE FOR
EQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE IND, OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR
LOSS ARISING OUT OF OR IN CONNECTION WITH THE N, MAINTENANCE, USE, PERFORMANCE, FAILURE, OR ITS PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED N ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
OT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES N OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL
Y VARY FROM STATE TO STATE. NOTHING IN THIS BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.
ranty service for one year following discontinuance from the active e limited lifetime warranty, internal and external power supplies, fans, y a standard one-year warranty from date of purchase.
SMC Networks, Inc.38 Tesla
Irvine, CA 92618
-
TABLE OF CONTENTSIntroduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Initial Configu
Configuring thUsing the Web InteNavigating the We
Home PageConfiguratioPanel DisplaMain Menu
Web ConfigurationDisplaying SShowing PoDisplaying SSetting the SConfiguringTools . . . . Register ProStatic MACCounter Co Port ConfigConfiguringStorm ContPort MirrorCable DiagnTrunks MemTrunk ConfTrunk Rate LACP SetupLACP StatuVLAN Settivii
ration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
e Switch . . . . . . . . . . . . . . . . . . . . . . . . . . 4rface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
b Browser Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5n Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9tatus Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9rt Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13ystem Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16witchs IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . 17 the Logon Password . . . . . . . . . . . . . . . . . . . . . . . . . 18. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19duct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22nfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23uration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Rate Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25rol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27ing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28ostic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29bership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
iguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34ngs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
-
viii
QOS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38RSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47IGMP Snoop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
TroubleshootinDiagnosing Switch
Changing a PC
Software SpeciSoftware Features Management FeatuStandards . . . . . . Management Inforg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57 Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
s IP Address . . . . . . . . . . . . . . . . . . . . .59
fications . . . . . . . . . . . . . . . . . . . . . . . . . .61. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61res . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63mation Bases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
-
FEATURES AND BENEFITS
INTRODUCTIONThe Tiger Switch SMC8024L2 is a high performance managed switch that delivers performance and control to your network. It provides 24 full-duplex 1000BASE-T ports that significantly improve network performance and bweb interface. Withprovide the quickesnetwork.
Features and B User friendly we Supports Qos, S Store-and-forwa Half- and full-du
under heavy load Plug-and-play At-a-glance L Desktop or rack1
oost throughput using features configured through the 48 Gigabits of throughput bandwidth, these switches t solution to meeting the growing demands on your
enefitsb-management interfacepanning Tree, IGMP, VLANs and trunk configurationrd switching ensures error-free transmissionplex flow control prevents packets from being dropped ing
optional configuration using web interfaceEDs for port and system status monitoring installation
-
INITIAL CONFIGURATION
2
INITIAL CONFIGURATIONTo make use of the management features of your Tiger Switch, you must first configure it with an IP address that is compatible with the network it is being installed in. For simplicity, this should be done before you permanently install
The following proc
1. Place your Tigit. It will help iworking on you
2. Connect the Eof your Tiger Shave a link by cDescription on
3. The default IPmask is 255.25switch but is oaddresses that Otherwise, youunfamiliar withpage 7.
4. Open your webyour PC is proTiger Switch. Iaddress and rep
5. Enter the defaubutton. the switch in the network.
edure is recommended:
er Switch close to the PC that you will use to configure f you can see the front panel of the switch while r PC.
thernet port of your PC to any port on the front panel witch. Connect power to the switch and verify that you hecking the front-panel LEDs. (See the Hardware page 2 for more information on the LEDs.)
address of the switch is 192.168.2.10 and the subnet 5.255.0. If your PC has a different IP address from the n the same subnet (i.e. the PC and switch both have start 192.168.2.x ) you can skip directly to step 4. must set your PCs IP address manually. If you are this process, see Changing a PCs IP Address on
browser and enter the address http://192.168.2.10. If perly configured, you will see the login page of your f you do not see the login page, please check your IP eat step 3.
lt password "smcadmin" and click on the Login
-
FEATURES AND BENEFITS
6. From the menu, click on SYSTEM, then click on LAN Settings. On the LAN Settings page, enter the new IP address, Subnet Mask and Gateway IP Address for the switch, then click on the APPLY button.
No other configuration changes are required at this stage, but it is recommended that you change the administrators password before logging out. To change the password, click SYSTEM, Password, and then fill in all the fields oAPPLY button.3
n the Password Settings page before clicking on the
-
CONFIGURING THE SWITCH
4
CONFIGURING THE SWITCHUsing the Web Interface
This switch provideyou can configure tactivity. The web agusing a standard weFirefox 1.0 or abov
Prior to accessing tperformed the follo
1. Configure the sgateway. (Defau(See Initial Co
2. Set a new passwAccess to the w(See Configuri
Note: If, at any you can redescribeds an embedded HTTP web agent. Using a web browser he switch and view statistics to monitor network ent can be accessed by any computer on the network b browser (Internet Explorer 5.5 or above, or Mozilla e).
he switch from a web browser, be sure you have first wing tasks:
witch with a valid IP address, subnet mask, and default lt: 192.168.2.10/255.255.255.0/0.0.0.0)nfiguration on page 2.)ord using the web interface. (Default: smcadmin). eb interface is controlled by the password. ng the Logon Password on page 18.)
point, you cannot remember the switch's IP address, store the original settings by following the procedure
in the "Troubleshooting" section.
-
NAVIGATING THE WEB BROWSER INTERFACE
Navigating the Web Browser InterfaceTo access the web-browser interface you must first enter a password. The user has Read/Write access to all configuration parameters and statistics. The default password for the switch is smcadmin. If user input is not detected within five minutes, the current session will be terminated.
Home PageWhen your web brpage is displayed ason the left side of tThe Main Menu linconfiguration param5
owser connects with the switchs web agent, the home shown below. The home page displays the Main Menu he screen and System Information on the right side. ks are used to navigate to other menus, and display eters and statistics.
Figure 1 Home Page
-
CONFIGURING THE SWITCH
6
Configuration OptionsConfigurable parameters have a dialog box or a drop-down list. Once a configuration change has been made on a page, be sure to click on the Apply button to confirm the new setting. The following table summarizes the web page configuration buttons.
Notes: To ensuis confiOptionsetting should
Panel DisplayThe web agent dispgreen when the coranother device. To intended port.
TabButtonApplyCancelHelpre proper screen refresh, be sure that Internet Explorer gured as follows: Under the menu Tools / Internet s / General / Temporary Internet Files / Settings, the for item Check for newer versions of stored pages be Every visit to the page.
lays an image of the switchs ports. The port will turn responding front-panel port is in connection with show the port number, place mouse pointer onto the
Figure 2 Front Panel Indicators
le 1 Web Page Configuration ButtonsActionSets specified values to the system. Discards all changes and restores current values.Links directly to web help.
-
NAVIGATING THE WEB BROWSER INTERFACE
Main Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network conditions. The following table briefly describes the selections available from this program.
MenuSTATUS
Overview
Statistics
SYSTEM
Name
LAN Settings
Password
Tools
Restore to FactoDefaults
Upgrade Firmw
Restart
Register Product
Static MAC
Counter Config
PORTS
Settings7
Table 2 Switch Main MenuDescription Page
9
Provides basic system description, including system information, address information, port information, trunk information, and VLAN information.
9
Shows statistics for port, interface, and RMON.
13
16
Shows the name of the switch. 16
Sets LAN IP address, subnet mask, and gateway IP address.
17
Changes password. 18
19
ry Force the Switch to perform a power reset and restore the original factory settings.
19
are Upgrade the Switch system firmware using a file provided by SMC.
20
Restarts the switch. 21
Registers the switch online. 22
Creates Static MAC addresses. 22
Selects which statistics to count and show. 23
24
Configure the speed and duplex mode of the port.
24
-
CONFIGURING THE SWITCH
8
Rate Limiting Sets the rate limiting parameters for each port on the Switch
25
Storm Control Sets the broadcast storm control parameters for every port on the Switch.
23
Port Mirroring
Cable Diagnostic
TRUNKS
Membership
Settings
Rate Limiting
LACP Setup
LACP Status
VLANS
VLAN Membersh
VLAN Port Confi
QOS
Settings
RSTP
Settings
Status
802.1X
Settings
Statistics
Security
IP Filter
Table 2 Switch Main Menu (Continued)Menu Description PageSets up the port mirroring features of the switch to enable traffic monitoring.
28
Diagnoses cable faults. 29
30
Specifies ports to group into static trunks 31
Configures trunk connection settings 31
Sets the rate limiting parameters for each Trunk configured on the Switch.
32
Sets link aggregation. 33
Shows the LACP groups status. 34
33
ip Sets VLAN group. 35
g Configures the VLANs on the switch for both Ports and Trunks.
33
38
Sets the priority of packets within the switch. 38
40
Sets up RSTP configuration. 41
Shows RSTP bridge and port status. 42
43
Sets up 802.1X configuration. 44
Displays the 802.1x statistics collected by the switch.
46
47
Setus up IP filter. 47
-
WEB CONFIGURATION
Web Configura
Displaying Status OYou can easily idenand contact inform
Field Attributes
System Information System Name Number of Por Hardware Vers Code Version Serial Number
Address Information Management V
cannot be changmanagement sta
IP Address A
Port Security Sets security policy for port. 49
ACL Sets up management access filter. 51
IGMP Snoop 52
Settings
Status
SNMP
Settings
LOGOUT
Table 2 Switch Main Menu (Continued)Menu Description Page9
tion
verviewtify the system by displaying the device name, location ation.
Name assigned to the switch system.ts Number of built-in ports.ion Hardware version of the main board. Version number of the code.
The serial number of the switch.
LAN ID of the configured VLAN (this is set to 1 and ed) all ports on the unit are members of VLAN 1. The tion must always be attached to a port on VLAN 1. ddress of the VLAN to which the management station
Sets up IGMP Snooping configuration 54
Shows IGMPSNOOP instances and port states.
54
55
Sets up SNMP agent. 55
Quits to the Login page.
-
CONFIGURING THE SWITCH
10
is attached. (Note that the management station must always be on VLAN 1) Valid IP addresses consist of four numbers, 0 to 255, separated by periods.
Subnet Mask This mask identifies the host address bits used for routing to specific subnets. (Default: 255.255.255.0)
Gateway IP Address IP address of the gateway router between the stack and manag(Default: 0.0.0.0
MAC Address
Port Information Type Indicate Link Status I Speed/Duplex
Displays a numbfull-duplex or "h
Flow Control Sdisabled.
Autonegotiatio Frame Type E
will only send anport will also sen
PVID VLANinterface. (Defau
Trunk Information Trunk The tru Type All trun Trunk Status
trunk. This is a nfull-duplex or HTRUNKS > Set
Ports The porement stations that exist on other network segments. ) The physical layer address.
s the port type.ndicates if the link is Up or Down. Status Shows the current speed and duplex mode. er, the speed in Mbps, followed by either "fdx" for dx" for half-duplex.tatus Indicates whether flow control is enabled or
n Shows if auto-negotiation is enabled or disabled.ither "Tagged" or "All". "Tagged" means that the port
d receive VLAN-tagged packets. When set to "All", the d and receive untagged packets.
ID assigned to untagged frames received on the lt: 1)
nk label. "T1" through "T8" are used as trunk labels.ks and ports on this switch are 10/100/1000M An indication of the speed and duplex setting of the umber, the speed in Mbps, followed by either Full for alf for half-duplex. This can be changed on the
tings page.ts that are members of the trunk.
-
WEB CONFIGURATION
VLAN Inoformation VLAN ID A number in the range 1 - 4094 which identifies the VLAN. VLAN Member A list of the ports that are members of the VLAN.
By default, all ports are members of VLAN 1.11
-
CONFIGURING THE SWITCH
12
Web Click STATUS, Overview.Figure 3 Switch Information
-
WEB CONFIGURATION
Showing Port StatisticsYou can display statistics on network traffic from the ports. These statistics can be used to identify potential problems with the switch (such as a faulty port or unusually heavy loading). All values displayed have been accumulated since the last system reboot, but can be reset to zero by clicking the CLEAR button. The current statistics are not displayed until you click the REF
ParameterInterface Statistics
Received Octets
Received Unicast Pa
Received Errors
Transmitted MulticaPackets
Transmitted BroadcPackets
Received High PriorPackets
Transmitted High PPackets
Received Multicast P13
RESH button.
Table 3 Port StatisticsDescription
The total number of octets received on the interface, including framing characters.
ckets The number of subnetwork-unicast packets delivered to a higher-layer protocol.
The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.
st The total number of packets that higher-level protocols requested be transmitted, and which were addressed to a multicast address at this sub-layer, including those that were discarded or not sent.
ast The total number of packets that higher-level protocols requested be transmitted, and which were addressed to a broadcast address at this sub-layer, including those that were discarded or not sent.
ity The total number of received packets that set as High Priority in the QoS settings.
riority The total number of transmitted packets that set as High Priority in the QoS settings.
ackets The number of packets, delivered by this sub-layer to a higher (sub-)layer, which were addressed to a multicast address at this sub-layer.
-
CONFIGURING THE SWITCH
14
Received Broadcast Packets
The number of packets, delivered by this sub-layer to a higher (sub-)layer, which were addressed to a broadcast address at this sub-layer.
Transmitted Octets The total number of octets transmitted out of the
Transmitted UnicastPackets
Transmitted Errors
Received Normal PrPackets
Transmitted NormaPriority Packets
RMON Statistics
Drop Events
Received Frames
Multicast Frames
Undersize Frames
Fragments
Collisions
Table 3 Port Statistics (Continued)Parameter Descriptioninterface, including framing characters.
The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.
The number of outbound packets that could not be transmitted because of errors.
iority The total number of received packets that set as High Priority in the QoS settings.
l The total number of transmitted packets that set as High Priority in the QoS settings.
The total number of events in which packets were dropped due to lack of resources.
The total number of frames (bad, broadcast and multicast) received.
The total number of good frames received that were directed to this multicast address.
The total number of frames received that were less than 64 octets long (excluding framing bits, but including FCS octets) and were otherwise well formed.
The total number of frames received that were less than 64 octets in length (excluding framing bits, but including FCS octets) and had either an FCS or alignment error.
The best estimate of the total number of collisions on this Ethernet segment.
-
WEB CONFIGURATION
Received Bytes Total number of bytes of data received on the network. This statistic can be used as a reasonable indication of Ethernet utilization.
Broadcast Frames The total number of good frames received that were
CRC/Alignment Er
Oversize Frames
Jabbers
64 Bytes Frames
65-127 Byte Frames128-255 Byte Frame256-511 Byte Frame512-1023 Byte Fram1024-1518 Byte Fram
Table 3 Port Statistics (Continued)Parameter Description15
directed to the broadcast address. Note that this does not include multicast packets.
rors The number of CRC/alignment errors (FCS or alignment errors).
The total number of frames received that were longer than 1518 octets (excluding framing bits, but including FCS octets) and were otherwise well formed.
The total number of frames received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either an FCS or alignment error.
The total number of frames (including bad packets) received and transmitted that were 64 octets in length (excluding framing bits but including FCS octets).
sseses
The total number of frames (including bad packets) received and transmitted where the number of octets fall within the specified range (excluding framing bits but including FCS octets).
-
CONFIGURING THE SWITCH
16
Web Click STATUS, Statistics.
Displaying System NYou can easily iden
Field Attributes Switch Name Figure 4 Port Statistics
ametify the system by displaying the device name.
Name assigned to the switch system.
-
WEB CONFIGURATION
Web Click System, Name.
Setting the SwitchsThis section descriaccess over the netdefault. To manualldefault settings (IPvalues that are comestablish a default gthat exist on anoth
Field Attributes
DHCP Enabenabled)
LAN IP Addrmanagement a255, separated
Subnet Maskrouting to spe
Gateway IP Adevice and ma(Default: 0.0.0
Note: If, at any you can redescribed17
Figure 5 System Name
IP Address bes how to configure an IP interface for management work. The IP address for this switch is 192.168.2.10 by y configure an address, you need to change the switchs address 192.168.2.10 and netmask 255.255.255.0) to patible with your network. You may also need to a ateway between the switch and management stations
er network segment.
led Clciik to select the box to enable DHCP. (default:
ess Address of the VLAN interface that is allowed ccess. Valid IP addresses consist of four numbers, 0 to by periods. (Default : 192.168.2.10) This mask identifies the host address bits used for cific subnets. (Default: 255.255.255.0)ddress IP address of the gateway router between this
nagement stations that exist on other network segments. .0)point, you cannot remember the switch's IP address, store the original settings by following the procedure
in the "Troubleshooting" section.
-
CONFIGURING THE SWITCH
18
Manual ConfigurationWeb Click System, LAN Settings. Enter the IP address, subnet mask and gateway, then click APPLY.
Configuring the LogThe administrator onboard agent. Youas soon as possible
Field Attributes
Password S(Range: 1-16 c
Note: If, at any restore thin the "TrFigure 6 LAN Settings
on Passwordhas write access for all parameters governing the should therefore assign a new administrator password
, and store it in a safe place.
pecifies the user password.haracters plain text, case sensitive)
point, you cannot remember the password, you can e original settings by following the procedure described oubleshooting" section.
-
WEB CONFIGURATION
Web Click System, Password. To change the password for the administrator, enter current password, the new password, confirm it by entering it again, then click APPLY.
ToolsOn Tools page, youfirmware of the sw
Restore to FactorForce the Switch toswitch, select "Reseclick APPLY. The Lwill not be reset.19
Figure 7 Password Settings
can restore the switch to default settings, upgrade the itch, or restart the switch.
y Defaults restore the original factory settings. To reset the t to Factory Defaults" from the drop-down list and AN IP Address, Subnet Mask and Gateway IP Address
-
CONFIGURING THE SWITCH
20
Web Click System, Tools, Reset to Factory Defaults.
F
Upgrade FirmwaUpgrades the Switc"Upgrade Firmwar"Browse" button tobutton to upgrade firmware files for y
Web Click Systemigure 8 Reset to Factory Defaults
reh system firmware using a file provided by SMC. Select e" from the Tools drop-down list then click on the select the firmware file. Finally, press the APPLY
the selected Switch firmware file. You can download our Switch from the Support section of www.smc.com.
, Tools, Reset to Factory Defaults.
Figure 9 Upgrade Firmware
-
WEB CONFIGURATION
Upload/Download ConfigurationWeb Click SYSTEM, Tools, Upload/Download Configuration. To upload or download the configuration file, select "Upload/Download Configuration" from the Tools drop-down list, then click "Upload" or "Download", and then click on the "Browse" button to select the file.
Figur
Restart SwitchWeb Click SYSTfrom the Tools drocomplete when the21
e 10 Upload/Download Configuration
EM, Tools, Restart Switch. To restart the switch, select p-down list, and then click APPLY. The reset will be user interface displays the login page.
Figure 11 Restart Switch
-
CONFIGURING THE SWITCH
22
Register ProductRegister your product if you have not already done so.
Web Click System, Register Product. By clicking the Register Now button you will be taken to the SMC website, where you can enter the products details.
Static MACA static MAC addr
Add Static MACType the static MAcorresponding fieldbutton, you will beMask for this MACtime.
Static MAC AddrThis table shows thindicates that the cis set to 1 in the deassociated with theright side and use MModify button willDestination Mask.Figure 12 Register Product
ess is an entry in MAC table which can not be aged out.
C address and associated VLAN ID (1-4095) into s in the Add Static MAC table. After pressing ADD
navigated to a new page to configure the Destination entry. Only one static MAC address can be added per
ess Configuratione stored static MAC entries in MAC table. Symbol X
orresponding bit for the port the symbol X respresents stination mask. Click the radio button which is static MAC entry that is displayed immediately at its odify or Delete button can modify or delete this entry.
navigate to a web page for reconfiguring the
-
WEB CONFIGURATION
Web Click System, Static MAC.
Figure
Counter ConfigThis page allows thIt is possible to motransmit byte counalso note the follow
Received Unicast Pand Received Broa
Received Multicastdisabled after Rece
The above 2 rules aTransmitted Unicas23
13 Static MAC Address Configuration
e customer to select the statistics to count and display. nitor 5 Transmit counters,5 receive counters as well as 1 ter and receive byte counter at the same time. Please ing restrictions.
ackets can be enabled after Received Multicast Packets dcast Packets are enabled.
Packets and Received Broadcast Packets can be ived Unicast Packets is disabled.
re also applied to Transmitted Multicast Packets, t Packets and Transmitted Broadcast Packets.
-
CONFIGURING THE SWITCH
24
Web Click PORTS, Settings.
Port ConfigurationYou can use the Pomode, and flow co
Field Attributes
Speed/Duplexmode.
Flow Control box is checked,
Trunk IndicatFigure 14 Counter Configuration
rt Configuration page to manually fix the speed, duplex ntrol.
Allows you to manually set the port speed and duplex
Allows flow control to be enabled or disabled. When the flow control is enabled.es if a port is a member of a trunk.
-
WEB CONFIGURATION
Web Click PORTS, Settings.
Configuring Rate LiThis function allowfor traffic transmittconfigured on interof the switch. Traffpackets that exceed
Rate limiting can binterface is configuby the hardware toconforming traffic
The Input/Outputinteger number in t25
Figure 15 Port Configuration
mitss the network manager to control the maximum rate ed or received on an interface. Rate limiting is faces at the edge of a network to limit traffic into or out ic that falls within the rate limit is transmitted, while the acceptable amount of traffic are dropped.
e applied to individual ports or trunks. When an red with this feature, the traffic rate will be monitored verify conformity. Non-conforming traffic is dropped, is forwarded without any changes.
Bandwidth Limit field is a type-in box which accepts an he range 1 to 100. The number specifies the percentage
-
CONFIGURING THE SWITCH
26
of the total input bandwidth of the port that can be used before packets are dropped or flow-control starts.
Web Click PORTS, Rate Limiting. This page enables you to set the rate limiting parameters for each port on the Switch.Figure 16 Rate Limiting
-
WEB CONFIGURATION
Storm ControlBroadcast storms may occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degraded or everything can come to complete halt.
You can protect yothreshold for broadexceeding the spec
Field Attributes
Type List the tLearn Frames, B
Enable Storm Cstorm control fo
Rate(number odrop-down list. switch. When thirrespective of th27
ur network from broadcast storms by setting a cast traffic for each port. Any broadcast packets
ified threshold will then be dropped.
ype of traffic which can be rate limited, including ICMP, roadcast, Multicast and Flooded Unicast frames.ontrol Click to select the box to enable/disable the
r the type of frames listed just in the left side of it.f frame per second) The Rate field is set by a single The same threshold is applied to every port on the e threshold is exceeded, packets are dropped, e flow-control settings.
-
CONFIGURING THE SWITCH
28
Web Click PORTS, Storm Control. This page enables you to set the broadcast storm control parameters for every port on the Switch.
Port MirroringYou can mirror traanalysis. You can thport and study the unobtrusive manne
Field Attributes
Ports to MirrorSelect the ports thaport will be mirror
Port to Mirror ton the source pobe dropped whebandwidth.
Note: If the totabandwidtFigure 17 Port Broadcast Control
ffic from any source port to a target port for real-time en attach a logic analyzer or RMON probe to the target traffic crossing the source port in a completely r.
t you want to mirror from this section of the page. A ed when the"Mirroring Enabled" check-box is checked.
o The port that will duplicate or mirror the traffic rt. Only incoming packets can be mirrored. Packets will n the available egress bandwidth is less than ingress
l ingress bandwidth exceeds the mirror port's egress h, packets will eventually be dropped on ingress to the
-
WEB CONFIGURATION
switch which means they will not reach the mirror port or their intended destination port. Input rate-limiting in conjunction with port flow-control could be used to ensure that the total ingress bandwidth never exceeds the egress bandwidth.
Web Click PORTS, Port Mirroring.
Cable DiagnosticYou can perform cdiagnose any cable fault.
Field Attributes
Cable Diagnosport that you wa
Cable Status a variety of comcabling.29
Figure 18 Port Mirroring
able diagnostics for all ports or selected ports to faults (Short, Open etc..) and feedback a distance to the
tics It can be performed on a per-port basis. Select the nt to do the cable diagnostics.Show the cable length, operating conditions and isolate mon faults that can occur on the CAT5 twisted pair
-
CONFIGURING THE SWITCH
30
Web Click PORTS, Port Mirroring.
Trunks MembershipThis page allows yoports each. The Mecolumns. Each rowwhich trunk (if any
Field Attributes
Port The fron Not a Trunk M
the port is not a Trunk T1-T8
supported by thecolumns causes trunk.Figure 19 Cable Diagnostics
u to create a maximum of eight trunks of up to eight mbership Table has one row for each port and ten contains nine radio buttons which are used to indicate ) the port belongs to.
t-panel port-number of the port.ember If the radio button in this column is selected, member of any trunks. This is the default state. These columns correspond to the eight trunks that are Switch. Clicking on the radio button in any one of these the port to become a member of the corresponding
-
WEB CONFIGURATION
Web Click TRUNKS, Membership. Click to select which Trunk member to which each port belongs.
Trunk ConfiguratioField Attributes
Trunk Indicat Speed/Duplex
mode for all por Flow Control
box is checked, Ports Indicate31
Figure 20 Trunk Membership
n
es trunk identification. Allows you to manually set the port speed and duplex ts in the trunk. Allows flow control to be enabled or disabled. When the flow control is enabled.s which ports belong to the trunk.
-
CONFIGURING THE SWITCH
32
Web Click TRUNKS, Settings.
Trunk Rate LimitThis page allows yoeach trunk on the s
Field Attributes
Trunk Indicat Trunk Speed Enable Input R
Input Rate Limi Input Limit E Enable Output
Output Rate Lim Output Limit Ports IndicateFigure 21 Trunk Configuration
u to change the maximum data-rate into and out of witch.
es trunk identification. Indicates the trunk speed.ate Limiting - Click to select the box to enable the
ting function. nter the desired limit. (% of port speed)
Rate Limiting Click to select the box to enable the iting function. Enter the desired limit. (% of port speed)s which ports belong to the trunk.
-
WEB CONFIGURATION
Web Click TRUNKS, Settings.
LACP SetupThis page enables yports. LACP (IEEEset up aggregation
Field Attributes
Port The fronchanged.
Enabled Ena Key Value SeWeb Click TRUN
F33
Figure 22 Trunk Rate Limiting
ou to setup the configuration of LACP on all or some 802.3ad Link Aggregation Protocol) provides a way to
automatically between switc
t-panel port-number of the port. This cannot be
ble LACP on the associated port.tup key value for each port.KS, Settings.
igure 23 LACP Port Configuration
-
CONFIGURING THE SWITCH
34
LACP StatusThis page displays the LACP status of the switch.
LACP AggregationShows the status of each port. The LACP Aggregation table has one row for each LACP group. Normal means no LACP group is active. For active LACP groups, a nemembers are displawhich use color an
Aggregation InfoShows aggregation
Field Attributes
Aggregation G Partner MAC A Local Ports Ag Seconds Since
since last setup.
LACP Port StatusShows LACP port
Field Attributes
Port - The port Port Active - Sh Partner Port N Operational Po
LACP group.w row is created from which the status of its port yed. Status of each port is indicated by a colored box, d number to differentiate status.
rmation information for each LACP group.
roup - The ID number of the LACP group.ddress - The MAC address of link partner.
gregated - Port member list of the local LACP group.Last Change - Time in seconds for the LACP group
status.
ID. ow if the port is a member of active LACP group.umber - List of port ID for the link partner. rt Key - The current operational value of the Key for the
-
WEB CONFIGURATION
Web Click TRUNKS, LACP Status.
VLAN SettingsYou can configure default VLAN idenallows you to creatVLAN membershipowerful but can bcorresponds to oneindividually.
Introduction to VVLANs (or Virtualcan use VLANs tonetwork security.35
Figure 24 LACP Status Overview
VLAN behavior for specific interfaces, including the tifier (PVID) and accepted frame types. This page
e and delete VLANs (Virtual LANs) and to change the p and behaviour of individual ports. VLANs are e difficult to set up properly. Each row of the table port or trunk; trunked ports cannot be configured
LANs LANs) are logical partitions of the physical LAN. You increase network performance or increase internal
-
CONFIGURING THE SWITCH
36
If the network has adequate performance and security for your current needs, it is recommended that you leave the VLAN settings in the default configuration. The default configuration is as follows:
All ports are members of VLAN 1 The switch management interface is on VLAN 1 (this cannot be
changed) All ports have a All ports can sen
(i.e. they are hybIn the default confport and a PC conninterface. Broadcasswitch.
There are three difon the switch; VLANote that the portsconfigure the Trun
Field Attributes
Port/Trunk Ttrunk. This cann
VLAN Awarenreceived frames VLAN unaware the tag in transmFor QinQ applicnetwork port (tr
QinQ QinQ elength, which mFor QinQ applicnot for customeNote: For QinQPort VLAN ID (PVID) of 1 d and receive both VLAN-tagged and untagged packets rid ports) iguration, any port is able to send traffic to any other ected to any port will be able ro reach the management t traffic, for example, will be flooded to all ports on the
ferent parameters that can be configured for each port N IDs (VLAN membership), PVID and Packet Type. within a Trunk cannot be configured individually; k instead (Trunks are labelled T1 to T8).
he front-panel port-number of the port or the ID of a ot be changed.ess VLAN aware ports will strip the VLAN tag from and insert the tag in transmitted frames (except PVID). ports will not strip the tag from received frames or insert itted frames. ation, customer port should be VLAN unaware and unk port) should be VLAN aware.nabled port will accept packets up to 1526 bytes in eans double tag header frames can be accepted. ation, the QinQ should be enabled for provider port but r port. application, customer ports indicate those ports which
-
are connected to normal VLAN aware switches at the customer network and the network ports are those which are connected to the service provider network. To tunnel the packets through MAN, QinQ needs to be enabled on network ports
Packet Type Sets the interface to accept all frame types, including tagged or untagged frames, or only tagged frames. When set to receive all frame types, adefault VLAN. Pto All. PCs canshould be connethe Packet Typeuntagged packetidentified by theis a member of tOutgoing packesame as the PVIdrop untagged pTagged packets VLAN identifiedeffect in this cas
PVID VLANinterface. The PVassociated with uport from VLANthan 1. The PVITagged. (Defaulny received frames that are untagged are assigned to the Cs should be connected to ports with Packet Type set not, in general, send or receive tagged packets. Switches cted to each other with Packet Type set to Tagged. If is set to All, the port can accept incoming tagged and s. Untagged packets will be associated with the VLAN PVID. Tagged packets will be dropped unless the port he VLAN identified by the VLAN tag in the packet. ts will be tagged unless the packet's VLAN ID is the D. If the Packet Type is set to Tagged, the port will ackets and will only send and receive tagged packets. will be dropped unless the port is a member of the by the VLAN tag in the packet. The PVID has no
e.(Option: All, Tagged; Default: All) ID assigned to untagged frames received on the
ID is (Port VLAN ID) is the VLAN ID that is ntagged, ingress packets. It is not possible to remove a 1 unless its PVID has been changed to something other
D has no effect on ports that have Packet Type set to t: 1)
-
CONFIGURING THE SWITCH
38
Web Click VLANS, VLAN Settings. Fill in the required settings for each interface, click Apply.
QOS SettingsQoS (Quality of Setraffic as it is movesNormal priority anpriority packets thaprioritized by usingQoS Mode drop-do
Note: Only onefor examp802.1p tag
QoS Disabled QoS is turned off aFigure 25 VLAN Settings
rvice) is a mechanism which is used to prioritize certain through the switch. Traffic can be classified as High or d, when the switch is heavily loaded, it is the Normal t are dropped first. You can select how traffic is one of the four QoS modes which is selected using the wn list.
QoS mode can be active at one time. It is not possible, le, to prioritise traffic using the IP Port number and .
nd all packets have equal priority.
-
WEB CONFIGURATION
802.1pPackets are prioritzed using the content of the VLAN-tag. The 802.1p field is held within the VLAN-tag of a packet. The field is three bits long so can hold eight values; 0 - 7 inclusive. When QoS Mode is set to 802.1p, the 802.1p Configuration table appears which allows a priority (normal or high) to be set for each of the eight values.
You can use the Prin the 802.1p Confvalues to normal prpriority. Use Custo
Note: Because endnot create VLAN-tis not ideal when th
DSCPPackets are prioritizPoint) value.
The Differentiatedcontained within anfield to take any vato DSCP, the DSCP(normal or high) to
You can use the Prin the DSCP Confivalues to normal prpriority. Use Custo39
ioritize Traffic drop-down list to quickly set the values iguration table. Select All Normal Priority to set all iority or select All High Priority to set all values to high m if you want to set each value individually.
-stations, like PCs, are not usually VLAN aware, they do agged frames. As a result, this method of prioritization ere are a lot of PCs connected to the Switch.
ed using the DSCP (Differentiated Services Code
Services Code Point (DSCP) is a six bit field that is IP (TCP or UDP) header. Six bits allows the DSCP
lue in the range 0 - 63 inclusive. When QoS Mode is set Configuration table appears which allows a priority
be set for each of the DSCP values.
ioritize Traffic drop-down list to quickly set the values guration table. Select All Normal Priority to set all iority or select All High Priority to set all values to high m if you want to set each value individually.
-
CONFIGURING THE SWITCH
40
Web Click QOS, Settings. In QoS Mode, select QoS Diabled, 802.1p, or DSCP to configure the related parameters.
RSTPRSTP is a protocolreconfigures which
STA IntroductionThe Spanning Treenetwork loops, androuters. This allowsis, an STA-compliathat only one routeprovide backup lingoes down. The spSTP, Spanning TreeTree Protocol (IEEFigure 26 QoS Settings
that prevents loops in the network and dynamically physical links in a switch should forward frames.
Algorithm (STA) can be used to detect and disable to provide backup links between switches, bridges or the switch to interact with other bridging devices (that nt switch, bridge or router) in your network to ensure exists between any two stations on the network, and ks which automatically take over when a primary link anning tree algorithms supported by this switch are Protocol (IEEE 802.1D), and RSTP, Rapid Spanning E 802.1w).
-
WEB CONFIGURATION
RSTP System ConfigurationField Attributes
System Priority This parameter configures the spanning tree priority globally for this switch. The device with the highest priority becomes the STA root device. However, if all devices have the same priority, the device with the lowest MAC address will then become the root device. Number betwee16 distinct value
Hello Time Iconfiguration mis 2).
Max Age Thereceiving a confialso means the m6 - 40 (default is
Forward Delaywait before chanNumber betwee
Force Version RSTP, Compatib
RSTP Port ConfigField Attributes
Port - The port configured trunk
Enabled - Clickfor the port.
Edge - Expect ta link to another41
n 0 - 61440 in increments of 4096. Therefore, there are s.nterval (in seconds) at which the root device transmits a essage (BPDU frame). Number between 1 - 10 (default
maximum time (in seconds) a device can wait without guration message before attempting to reconfigure. That aximum life time for a BPDU frame. Number between
20). The maximum time (in seconds) the root device will ging states (i.e., discarding to learning to forwarding). n 4 - 30 (default is 15). Set and show the RSTP protocol to use. Normal - use le - compatible with STP.
uration
ID. It can not be changed. Aggregations means any group. on the tick-box to enable/disable the RSTP prototocl
he port to be an edge port (linking to an end station) or STP device.
-
CONFIGURING THE SWITCH
42
Path Cost - This parameter is used by the STP to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. Set the RSTP pathcost on the port. Number between 0 - 200000000. 0 means autogenerated pathcost.
Web Click RSTP, Settings.
Figure 26
RSTP Status OveThe RSTP Bridge Owhole switch. Hellodisplayed. Topologroot port ID for th
RSTP Port StatusShows the detailedFigure 27 RSTP Configuration
rviewverview table has one row to display settings for the
Time, Maximum Age and Forward Delay are y shows the switch current state. Root ID indicates the e switch.
RSTP information for each port.
-
WEB CONFIGURATION
Field Attributes Port/Trunk - Port/Trunk ID number. VLAN ID - VLAN IDs of the port. Path Cost - Show the path cost on this port. Edge Port - Yes if the port is an edge port which connects to an end
station. P2p Port - Yes Protocol - Show Port State - Sho
etc... Web Click RSTP
802.1XNetwork switches cby simply attachingaccess is a desirable43
if the port link is connected to another STP device. the running protocol, RSTP or STP. w the current port state, blocking, forwarding, learning
, Status.
Figure 28 RSTP Status Overview
an provide open and easy access to network resources a client PC. Although this automatic configuration and feature, it also allows unauthorized personnel to easily
-
CONFIGURING THE SWITCH
44
intrude and possibly gain access to sensitive network data. With IEEE 802.1X (dot1X), access to all switch ports in a network can be centrally controlled from a server, which means that authorized users can use the same credentials for authentication from any point within the network.
802.1 X SettingThe IEEE 802.1x sthat prevents unautsubmit credentials
Field AttributesSystem Setting
Mode - Indicateswitch.
RADIUS IP - S RADIUS UDP
server. RADIUS Secre
RADIUS server Reauthenticati
the interval speccan be used to d
Reauthenticaticonnected client
EAP timeout - response before
Port Setting
Port - The port Admin State - S
options: Auto - Re
authenticatandard defines a port-based access control procedure horized access to a network by requiring users to first for authentication.
s if 802.1x protocol is globally enabled or disabled on the
et RADIUS server IP address. Port - Set up UDP Port for the external RADIUS
t - Set the secret shared between the switch and the . on Enabled - Sets the client to be re-authenticated after ified by the Re-authentication Period. Re-authentication etect if a new device is plugged into a switch port. on Period - Sets the time period after which a must be re-authenticated. The time the switch shall wait for the supplicant re-transmitting a packet.
ID. It can not be changed. ets the authentication mode to one of the following
quires a dot1x-aware client to be authorized by the tion server. Clients that are not dot1x-aware will be
-
WEB CONFIGURATION
denied access.
Force-Authorized - Forces the port to grant access to all clients, either dot1x-aware or otherwise.
Force-Unauthorized - Forces the port to deny access to all clients, either dot1x-aware or otherwise.
Port State - The Reset - Two op
Re-Authequiet-peri
Force-Reenables imquiet-peri
Note: The reasofails, the I"quiet-perand not resupplican'brute-for45
state of the port. tions available: nticate - Schedules a reauthentication to whenever the
od of the port runs out.
initialize - Bypasses the quiet-period of the port and mediate reauthentication regardless of the status for the
od.
n for a "quiet-period" follows: If a re-authentication EEE802.1X standard enforces a so-called iod" in which the authenticator (switch) shall be quiet -try another authentication - also packets from
t are discarded in this quiet period - this way ce' attacks are prevented.
-
CONFIGURING THE SWITCH
46
Web Click 802.1X, Settings.
802.1XField Attributes
Port Statistics -port that you wa
Authenticator c Backend Authe Dot1x MIB couFigure 29 802.1X Configuration
Statistics can be viewed on a per-port basis. Select the nt to view here. ounters - General statistics for authenticator. nticator counters - General statistics for Radius server. nters - MIB module defined for 802.1x.
-
WEB CONFIGURATION
Web Click 802.1X, Statistics.
Security
IP FilterOn this page, you cused to block unwaeither a specific souConfiguration table
Field Attributes
Port - The front Source IP Filte Mode - Select th
Disabled47
Figure 30 802.1X Statistics
an setup the source IP Filter on all or some ports. It is nted access and provide access to the network for rce IP address or a specific subnet. The IP Filter has one row for each port and five columns.
-panel port-number of the port. This cannot be changed. r - Set mode and IP addresses for IP filter. e mode for this port.
- Disable source IP filter.
-
CONFIGURING THE SWITCH
48
Static - Enable source IP filter with configured values in IP Address and IP Mask fields.
DHCP - The IP address for the device connected to this port will be automatically assigned by DHCP server and only frames with the assigned IP address are allowed to access the network. The IP Address and IP Mask fields will be filled with the assigned IP address an
IP Address - Seaddress outside
IP Mask - Setupwith a specific IP255.255.255.255
DHCP Sever Athis port. When allowed to be linunwanted or und 255.255.255.255 individually by software.
tup IP addresses to allow accessing. Frames with IP the allowed range will be dropped. IP subnet mask to allow accessing for a subnet. If frame address is allowed, the mask should be set to
. llowed - Set if DHCP server is enabled or disabled on DHCP Server Allowed is selected on a port, the port is ked to a DHCP server. This can prevent the access of
solicited DHCP servers.
-
WEB CONFIGURATION
Web Click Security, IP Filter.
Figure 30
Port SecurityPort security is a femore MAC addressthat port. The Portcolumns.
When port securityMAC addresses onmaximum number.stored in the dynamto access the netwoMAC address attemdetected and the swIntrusion Action.
Field Attributes49
Figure 31 IP Filter Configuration
ature that allows you to configure a port with one or es that are authorized to access the network through Security table has one row for each port and five
is enabled on a port, the switch stops learning new the specified port when it has reached a configured Only incoming traffic with source addresses already ic or static address table will be accepted as authorized rk through that port. If a device with an unauthorized pts to use the switch port, the intrusion will be itch can automatically take action which is specified in
-
CONFIGURING THE SWITCH
50
Port - The front-panel port-number of the port. This cannot be changed. Allowed number of Learned MAC addresses - Set maximum of MAC
addresses which can be learned by this port. The Mode settings for the port are set by a single drop-down list.
No Limit - No limitation on the number of dynamcally learned MAC address. Also means disable port security.
8/7/6/5/learned M
0 - No dyBut this h
Note: Port secuand have 24 static MMAC.
Note: The MACand will nport will b
Number of Leacurrently learnedsetup with "No addresses field.
Intrusion Actioaddresses are de
Deny Neaddress w
Send Trastation, traction.
Trunk - Display4/3/2/1 - The maximum number of dynamically AC address.
namically learned MAC address is allowed on this port. as no influence on the static MAC address.
rity only handles dynamically learned MAC addresses no limitations on static MAC addresses. On this switch,
AC address can be configured by System > Static
addresses already in the address table will be retained ot age out. Any other device that attempts to use the e prevented from accessing the switch.
rned MAC addresses - Display the number of MAC addresses. The string '-' is displayed if a port is
Limit" mode in the Allowed number of Learned MAC
n - Action to be carried out if unauthorized MAC tected. w Stations - The station with unauthorized MAC ill be denied to access the port.
p and Deny New Stations - Besides denying the new ap message is sent by the switch to report an intrusion
the trunk ID if the port is member of a trunk group.
-
WEB CONFIGURATION
Web Click Security, Port Cecurity.
ACLThis page enables yWith the Managemlist of up to 8 IP admanagement accessmanagement interfadd an entry to a fispecified addressesthe switch from an
Note: Invalid frabut norm51
Figure 32 Port Security
ou to setup management access filter on the switch. ent Access Filter Configuration table, you can create a dresses or IP address groups that are allowed to the switch through the web interface or SNMP. The aces are open to all IP addresses by default. Once you lter list, access to that interface is restricted to the . If anyone tries to access a management interface on invalid address, the switch will reject the connection.
mes will not be able to access management interface, al forwarding is not impacted.
-
CONFIGURING THE SWITCH
52
Web Click Security, ACL.
Figure 33
IGMP SnoopIGMPSNOOP momulticast clients anneed to recieve thereports only, Sourc
Settings
Field AttributesIGMP Snooping Con
IGMP Enabledto determine wh
Router Ports - routers. Management Access Filter Configuration
nitors IGMP service requests passing between d servers, and dynamically configures the ports which mulitcast traffic. For IGMPV3, basic support for e Multicast not supported.
figuration
- When enabled, the switch will monitor network traffic ich hosts want to receive multicast traffic. Set if ports are conneting to the IGMP administrative
-
WEB CONFIGURATION
Unregistered IPMC Flooding enabled - Set forwarding mode for unregistered (not-joined) IP multicast traffic. The traffic will flood when enabled, and forward to router-ports only when disabled.
IGMP Snooping VLAN Configuration
VLAN ID - The VLAN ID. It can not be changed. IGMP Snoopin
network traffic ttraffic.
IGMP QueryinQuerier, which imulticast traffic.
Web Click IGMP
Figu53
g Enabled -When enabled, the port will monitor o determine which hosts want to receive the multicast
g Enabled - When enabled, the port can serve as the s responsible for asking hosts if they want to receive
Snoop, Settings.
re 34 IGMP Snooping Configuration
-
CONFIGURING THE SWITCH
54
IGMP StatusShow the IGMPSNOOP statistics for the whole switch.
Field Attributes
VLAN ID - VLAN ID number. Querier - Show whether Querying is enabled. Queries transm Queries receive v1 Reports - Sh v2 Reports - Sh v3 Reports - Sh v3 Leave - Show
Web Click IGMPitted - Show the number of transmitted Query packets. d - Show the number of received Query packets.
ow the number of received v1 Report packets. ow the number of received v2 Report packets. ow the number of received v2 Report packets. the number of v3 leave packets received.
Snoop, Status.
Figure 35 IGMP Snoop Status
-
WEB CONFIGURATION
SNMPSimple Network Management Protocol (SNMP) is a communication protocol designed specifically for managing devices on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performanonboard SNMP aghardware, as well amanagement statiomanagement softwby community strinstation must first su
Field Attributes
SNMP Enable SNMP Trap D
Traps indicatingmanagers. You mreported by thisdestination spec
SNMP Read Cpassword and pecommunity strinstations are only
SNMP Write Cmanagement sta
SNMP Trap Conotification ope55
ce or detect potential problems. The switch includes an ent that continuously monitors the status of its s the traffic passing through its ports. A network n can access this information using network are. Access rights to the onboard agent are controlled gs. To communicate with the switch, the management bmit a valid community string for authentication.
d -Activate or deactivate SNMP. estination - IP address of the trap manager. status changes are issued by the switch to specified trap
ust specify trap managers so that key events are switch to your management station. SNMP trap ifies the IP address of the trap manager.ommunity - A community string that acts like a rmits access to the SNMP protocol. The read g specifies read-only access. Authorized management able to retrieve MIB objects. ommunity - Specifies read-write access. Authorized tions are able to both retrieve and modify MIB objects. mmunity - Community string sent with the
ration.
-
CONFIGURING THE SWITCH
56
Web Click IGMP Snoop, Status.Figure 36 SNMP Configuration
-
DIAGNOSING SWITCH INDICATORS
TROUBLESHOOTINGDiagnosing Switch Indicators
1. SymptomPower LED doe
Probable Cause
AC power cord Possible Solutio
Check for loose Check the powe Replace the AC
2. SymptomLink LED does
Probable Cause
Switch port, net
Possible Solutio Check that the s Be sure the netw Verify that Cate
connections, Cathe length of an
Check the netwo Replace the defe57
s not light after power on.
s
may be defective.ns
connections.r outlet by using it for another device.power cord.
not light after connection is made.
s
work card or cable may be defective.
nswitch and attached device are both powered on.ork cable is connected to both devices.
gory 5 or better cable is used for 10/100 Mbps tegory 5 or 5e cable for 1000 Mbps connections, and that y cable does not exceed 100 meters (328 feet).rk card and cable connections for defects.ctive card or cable if necessary.
-
TROUBLESHOOTING
58
3. Forgotten passwordIf you have forgotten the administration password you can return the Switch to its factory default state by dong the following:
1. Remove the power cord from the back of the Switch.2. Remove all cables from the front-panel ports.
3. Connect port 1cable.
4. Reconnect the
5. Wait at least 40
After completing thnetwork address w to port 2, on the front panel, using a standard network
power cord to the rear of the Switch.
seconds before disconnecting port 1 from port 2.
is procedure, the password will be smcadmin and the ill be returned to the default; 192.168.2.10.
-
DIAGNOSING SWITCH INDICATORS
CHANGING A PCS IP ADDRESSTo change the IP address of a Windows 2000 PC:
1. Click Start, Settings, then Network and Dial-up Connections.2. For the IP add
connection ico
3. In the list of coselect Internet button.
4. In the Internetselect Use the address, Subne
5. Click OK to sa
To change the IP a
1. Click Start, Co2. For the IP add
connection ico
3. In the list of coselect Internet button.
4. In the Internetselect Use the address, Subne
5. Click OK to sa59
ress you want to change, right-click the network n, and then click Properties.
mponents used by this connection on General tab, Protocol (TCP/IP), and then click the Properties
Protocol (TCP/IP) Properties dialog box, click to following IP address. Then type your intended IP t mask, and Default gateway in the provided text boxes
ve the changes.
ddress of a Windows XP PC:
ntrol Panel, then Network Connections.ress you want to change, right-click the network n, and then click Properties.
mponents used by this connection on General tab, Protocol (TCP/IP), and then click the Properties
Protocol (TCP/IP) Properties dialog box, click to following IP address. Then type your intended IP t mask, and Default gateway in the provided text boxes
ve the changes.
-
CHANGING A PCS IP ADDRESS
60
Note: For users of systems other than Windows 2000 or Windows XP, refer to your system documentation for information on changing the PC's IP address.
-
SOFTWARE FEATURES
SOFTWARE SPECIFICATIONSSoftware Features
AuthenticationRADIUS, Port (802
Access Control LIP, MAC (up to 88
DHCP Client
Port Configuratio100BASE-TX: 10/1000BASE-T: 10/1
Flow ControlFull Duplex: IEEEHalf Duplex: Back
Broadcast Storm Traffic throttled ab
Port MirroringOne source port, o
Rate LimitsInput LimitOutput limitRange (configured
Port TrunkingStatic trunks (CiscoDynamic trunks (L
Spanning Tree AlSpanning Tree Pro61
.1X), Port Security
istslists)
n100 Mbps, half/full duplex00 Mbps at half/full duplex, 1000 Mbps at full duplex
802.3-2002pressure
Control ove a critical threshold
ne destination port
per port)
EtherChannel compliant)ink Aggregation Control Protocol)
gorithmtocol (STP, IEEE 802.1D)
-
SOFTWARE SPECIFICATIONS
62
Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w)
VLAN SupportUp to 255 groups; port-based or tagged (802.1Q),GVRP for automatic VLAN learning, private VLANs
Class of ServiceSupports four level(which can be confLayer 3/4 priority m
Multicast FilterinIGMP Snooping (L
Additional FeaturBOOTP clientSNTP (Simple NetSNMP (Simple NeRMON (Remote MSMTP Email Alert
Management FIn-Band ManageTelnet, Web-based
Out-of-Band ManRS-232 DB-9 cons
Software LoadingTFTP in-band or X
SNMPManagement accesTrap management
RMONGroups 1, 2, 3, 9 (Ss of priority and Weighted Round Robin Queueingigured by VLAN tag or port),
apping: IP Port, IP Precedence, IP DSCP
g ayer 2)
es
work Time Protocol)twork Management Protocol)onitoring, groups 1,2,3,9)
s
eaturesmentHTTP or HTTPS, SNMP manager, or Secure Shell
agementole port
Modem out-of-band
s via MIB databaseto specified hosts
tatistics, History, Alarm, Event)
-
STANDARDS
StandardsIEEE 802.1D Spanning Tree Protocol and traffic prioritiesIEEE 802.1p Priority tagsIEEE 802.1Q VLANIEEE 802.1w Rapid Spanning Tree ProtocolIEEE 802.1X PortIEEE 802.3-2002
Ethernet, Fast EtFull-duplex flow Link Aggregation
IEEE 802.3ac VLADHCP Client (RFCHTTPS IGMP (RFC 1112)IGMPv2 (RFC 223RADIUS+ (RFC 2RMON (RFC 1757SNMP (RFC 1157)SNMPv2 (RFC 257SNTP (RFC 2030)SSH (Version 2.0)TFTP (RFC 1350)63
Authentication
hernet, Gigabit Ethernetcontrol Control ProtocolN tagging 1541)
6)618) groups 1,2,3,9)
1)
-
SOFTWARE SPECIFICATIONS
64
Management Information BasesBridge MIB (RFC 1493)Entity MIB (RFC 2737)Ether-like MIB (RFC 2665)Extended Bridge MIB (RFC 2674)Extensible SNMP Forwarding Table MIGMP MIB (RFC 2Interface Group MInterfaces EvolutioIP Multicasting relaMAU MIB (RFC 2MIB II (RFC 1213Port Access EntityPort Access EntityPrivate MIBRADIUS AuthentiRMON MIB (RFCRMON II Probe Cimplementation)SNMP CommunitySNMPv2 IP MIB (TACACS+ AuthenTCP MIB (RFC 20Trap (RFC 1215)UDP MIB (RFC 20Agents MIB (RFC 2742)IB (RFC 2096)
933)IB (RFC 2233)n MIB (RFC 2863)ted MIBs 668)) MIB (IEEE 802.1X) Equipment MIB
cation Client MIB (RFC 2621) 2819)onfiguration Group (RFC 2021, partial
MIB (RFC 2576)RFC 2011)tication Client MIB13)
12)
-
38 TeslaIrvine, CA 92618Phone: (949) 679-8000
Model Numbers: SMC8024L2Pub. Number: 150000022900H E042006-JC-R01
FOR TECHNICAL SUPPORT, CALL:From U.S.A. and Canada (24 hours a day, 7 days a week)
(800) SMC-4-YOU; (949) 679-8000; Fax: (949) 679-1481 From Europe: Contact details can be found on
www.smc-europe.com or www.smc.com
INTERNETE-mail addresses:
[email protected]@smc-europe.com
Driver updates: http://www.smc.com/index.cfm?action=tech_support_drivers_downloads
World Wide Web: http://www.smc.comhttp://www.smc-europe.com
FOR LITERATURE OR ADVERTISING RESPONSE, CALL:U.S.A. and Canada: (800) SMC-4-YOU; Fax (949) 679-1481Spain: 34-91-352-00-40; Fax 34-93-477-3774UK: 44 (0) 1932 866553; Fax 44 (0) 118 974 8701France: 33 (0) 41 38 32 32; Fax 33 (0) 41 38 01 58Italy: 39 (0) 335 5708602; Fax 39 02 739 14 17Benelux: 31 33 455 72 88; Fax 31 33 455 73 30Central Europe: 49 (0) 89 92861-0; Fax 49 (0) 89 92861-230Nordic: 46 (0) 868 70700; Fax 46 (0) 887 62 62Eastern Europe: 34 -93-477-4920; Fax 34 93 477 3774Sub Saharian Africa: 216-712-36616; Fax 216-71751415North West Africa: 34 93 477 4920; Fax 34 93 477 3774CIS: 7 (095) 7893573; Fax 7 (095) 789 35 73PRC: 86-10-6235-4958; Fax 86-10-6235-4962Taiwan: 886-2-8797-8006; Fax 886-2-8797-6288Asia Pacific: (65) 6 238 6556; Fax (65) 6 238 6466Korea: 82-2-553-0860; Fax 82-2-553-7202Japan: 81-45-224-2332; Fax 81-45-224-2331Australia: 61-2-8875-7887; Fax 61-2-8875-7777India: 91-22-8204437; Fax 91-22-8204443
If you are looking for further contact information, please visit www.smc.com, www.smc-europe.com, or www.smc-asia.com.
IntroductionFeatures and Benefits
Initial ConfigurationConfiguring the SwitchUsing the Web InterfaceNavigating the Web Browser InterfaceHome PageConfiguration OptionsPanel DisplayMain Menu
Web ConfigurationDisplaying Status OverviewShowing Port StatisticsDisplaying System NameSetting the Switchs IP AddressManual Configuration
Configuring the Logon PasswordToolsRestore to Factory DefaultsUpgrade FirmwareUpload/Download ConfigurationRestart Switch
Register ProductStatic MACAdd Static MACStatic MAC Address Configuration
Counter ConfigPort ConfigurationConfiguring Rate LimitsStorm ControlPort MirroringCable DiagnosticTrunks MembershipTrunk ConfigurationTrunk Rate LimitLACP SetupLACP StatusLACP AggregationAggregation InformationLACP Port Status
VLAN SettingsIntroduction to VLANs
QOS SettingsQoS Disabled802.1pDSCP
RSTPSTA IntroductionRSTP System ConfigurationRSTP Port ConfigurationRSTP Status OverviewRSTP Port StatusField Attributes
802.1X802.1 X SettingField Attributes802.1X
SecurityIP FilterPort SecurityACL
IGMP SnoopSettingsField AttributesIGMP Status
SNMP
TroubleshootingDiagnosing Switch Indicators1. Symptom2. Symptom3. Forgotten password
Changing a PCs IP AddressSoftware SpecificationsSoftware FeaturesManagement FeaturesStandardsManagement Information Bases
/ColorImageDict > /JPEG2000ColorACSImageDict > /JPEG2000ColorImageDict > /AntiAliasGrayImages false /DownsampleGrayImages true /GrayImageDownsampleType /Bicubic /GrayImageResolution 300 /GrayImageDepth -1 /GrayImageDownsampleThreshold 1.50000 /EncodeGrayImages true /GrayImageFilter /DCTEncode /AutoFilterGrayImages true /GrayImageAutoFilterStrategy /JPEG /GrayACSImageDict > /GrayImageDict > /JPEG2000GrayACSImageDict > /JPEG2000GrayImageDict > /AntiAliasMonoImages false /DownsampleMonoImages true /MonoImageDownsampleType /Bicubic /MonoImageResolution 1200 /MonoImageDepth -1 /MonoImageDownsampleThreshold 1.50000 /EncodeMonoImages true /MonoImageFilter /CCITTFaxEncode /MonoImageDict > /AllowPSXObjects false /PDFX1aCheck false /PDFX3Check false /PDFXCompliantPDFOnly false /PDFXNoTrimBoxError true /PDFXTrimBoxToMediaBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ] /PDFXSetBleedBoxToMediaBox true /PDFXBleedBoxToTrimBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ] /PDFXOutputIntentProfile (None) /PDFXOutputCondition () /PDFXRegistryName (http://www.color.org) /PDFXTrapped /Unknown
/Description >>> setdistillerparams> setpagedevice