Mn Smc8024l2 Man

TigerSwitch 10/100/1000

Managed Ethernet Switch 24 auto-MDI/MDI-X 10/100/1000BASE-T ports 4 ports shared with 4 SFP transceiver slots Non-blocking switching architecture Spanning Tree Protocol Up to eight LACP or static 8-port trunks Layer 2/3/4 CoS support through four priority queues Full support for VLANs IGMP multicast filtering and snooping Support for jumbo frames up to 9 KB Manageable via console, Web, SNMP/RMON

Management GuideSMC8024L2

38 TeslaIrvine, CA 92618Phone: (949) 679-8000

TigerSwitch 10/100/1000Installation Guide

From SMCs Tiger line of feature-rich workgroup LAN solutions

April 2006Pub. # 150000022900H

Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice.

Copyright 2006 bySMC Networks, Inc.

38 TeslaIrvine, CA 92618

All rights reserved. Printed in Taiwan

Trademarks:SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are trademarks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.

LIMITED WARRANTYLimited Warranty Statement: SMC Networks, Inc. (SMC) warrants its products to be free from defects in workmanship and materials, under normal use and service, for the applicable warranty term. All SMC products carry a standard 90-day limited warranty from the date of purchase from SMC or its Authorized Reseller. SMC may, at its own discretion, repair or replace any product not operating as warranted with a similar or functionally equivalent product, during the applicable warranty term. SMC will endeavor to repair or replace any product returned under warranty within 30 days of receipt of the product.

The standard limited wanew products within 30can be accomplished viasite. Failure to register wwarranty covers a produtime during which the pActive while it is listedtechnologies become obproduct line with one thproduct is discontinuedproducts with their resphttp://www.smc.com

All products that are repeither new or reconditiowarranty or the remaindfor any custom softwareCustomer contained in, to any warranty. Producadd-on components, sureplacement. SMC is no

Customers must contacany product to SMC. Prwithout a valid Return Mof the package will be reNorth America, please cCustomers are responsiresponsible for return si

rranty can be upgraded to a Limited Lifetime* warranty by registering days of purchase from SMC or its Authorized Reseller. Registration the enclosed product registration card or online via the SMC Web ill not affect the standard limited warranty. The Limited Lifetime ct during the Life of that Product, which is defined as the period of roduct is an Active SMC product. A product is considered to be on the current SMC price list. As new technologies emerge, older solete and SMC will, at its discretion, replace an older product in its at incorporates these newer technologies. At that point, the obsolete

and is no longer an Active SMC product. A list of discontinued ective dates of discontinuance can be found at:/index.cfm?action=customer_service_warranty.

laced become the property of SMC. Replacement products may be ned. Any replaced or repaired product carries either a 30-day limited er of the initial warranty, whichever is longer. SMC is not responsible or firmware, configuration information, or memory data of stored on, or integrated with any products returned to SMC pursuant ts returned to SMC should have any customer-installed accessory or ch as expansion modules, removed prior to returning the product for t responsible for these items if they are returned with the product.

t SMC for a Return Material Authorization number prior to returning oof of purchase may be required. Any product returned to SMC aterial Authorization (RMA) number clearly marked on the outside

turned to customer at customers expense. For warranty claims within all our toll-free customer support number at (800) 762-4968.

ble for all shipping charges from their facility to SMC. SMC is hipping charges from SMC to customer.

ii

WARRANTIES EXCLUSIVE: IF AN SMC PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, CUSTOMERS SOLE REMEDY SHALL BE REPAIR OR REPLACEMENT OF THE PRODUCT IN QUESTION, AT SMCS OPTION. THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES OR CONDITIONS, EXPRESS OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. SMC NEITHER ASSUMES NOR AUTHORIZES ANY OLIABILITY IN CONNMAINTENANCE ORUNDER THIS WARRAALLEGED DEFECT CUSTOMERS OR ANINSTALLATION OR ANY OTHER CAUSEACCIDENT, FIRE, LI

LIMITATION OF LIAOR TORT (INCLUDININCIDENTAL, CONSDAMAGES OF ANY KOTHER FINANCIALSALE, INSTALLATIOINTERRUPTION OFRESELLER HAS BEE

SOME STATES DO NOR THE LIMITATIOCONSUMER PRODUMAY NOT APPLY TORIGHTS, WHICH MAWARRANTY SHALL

* SMC will provide warSMC price list. Under thand cables are covered bTHER PERSON TO ASSUME FOR IT ANY OTHER ECTION WITH THE SALE, INSTALLATION,

USE OF ITS PRODUCTS. SMC SHALL NOT BE LIABLE NTY IF ITS TESTING AND EXAMINATION DISCLOSE THE

IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY Y THIRD PERSONS MISUSE, NEGLECT, IMPROPER

TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR BEYOND THE RANGE OF THE INTENDED USE, OR BY GHTNING, OR OTHER HAZARD.

BILITY: IN NO EVENT, WHETHER BASED IN CONTRACT G NEGLIGENCE), SHALL SMC BE LIABLE FOR

EQUENTIAL, INDIRECT, SPECIAL, OR PUNITIVE IND, OR FOR LOSS OF REVENUE, LOSS OF BUSINESS, OR

LOSS ARISING OUT OF OR IN CONNECTION WITH THE N, MAINTENANCE, USE, PERFORMANCE, FAILURE, OR ITS PRODUCTS, EVEN IF SMC OR ITS AUTHORIZED N ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

OT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES N OF INCIDENTAL OR CONSEQUENTIAL DAMAGES FOR CTS, SO THE ABOVE LIMITATIONS AND EXCLUSIONS YOU. THIS WARRANTY GIVES YOU SPECIFIC LEGAL

Y VARY FROM STATE TO STATE. NOTHING IN THIS BE TAKEN TO AFFECT YOUR STATUTORY RIGHTS.

ranty service for one year following discontinuance from the active e limited lifetime warranty, internal and external power supplies, fans, y a standard one-year warranty from date of purchase.

SMC Networks, Inc.38 Tesla

Irvine, CA 92618

TABLE OF CONTENTSIntroduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Features and Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Initial Configu

Configuring thUsing the Web InteNavigating the We

Home PageConfiguratioPanel DisplaMain Menu

Web ConfigurationDisplaying SShowing PoDisplaying SSetting the SConfiguringTools . . . . Register ProStatic MACCounter Co Port ConfigConfiguringStorm ContPort MirrorCable DiagnTrunks MemTrunk ConfTrunk Rate LACP SetupLACP StatuVLAN Settivii

ration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

e Switch . . . . . . . . . . . . . . . . . . . . . . . . . . 4rface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

b Browser Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5n Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9tatus Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9rt Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13ystem Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16witchs IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . 17 the Logon Password . . . . . . . . . . . . . . . . . . . . . . . . . 18. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19duct . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22nfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23uration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Rate Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25rol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27ing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28ostic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29bership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30

iguration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34ngs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

viii

QOS Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38RSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47IGMP Snoop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

TroubleshootinDiagnosing Switch

Changing a PC

Software SpeciSoftware Features Management FeatuStandards . . . . . . Management Inforg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57 Indicators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

s IP Address . . . . . . . . . . . . . . . . . . . . .59

fications . . . . . . . . . . . . . . . . . . . . . . . . . .61. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61res . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63mation Bases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

FEATURES AND BENEFITS

INTRODUCTIONThe Tiger Switch SMC8024L2 is a high performance managed switch that delivers performance and control to your network. It provides 24 full-duplex 1000BASE-T ports that significantly improve network performance and bweb interface. Withprovide the quickesnetwork.

Features and B User friendly we Supports Qos, S Store-and-forwa Half- and full-du

under heavy load Plug-and-play At-a-glance L Desktop or rack1

oost throughput using features configured through the 48 Gigabits of throughput bandwidth, these switches t solution to meeting the growing demands on your

enefitsb-management interfacepanning Tree, IGMP, VLANs and trunk configurationrd switching ensures error-free transmissionplex flow control prevents packets from being dropped ing

optional configuration using web interfaceEDs for port and system status monitoring installation

INITIAL CONFIGURATION

2

INITIAL CONFIGURATIONTo make use of the management features of your Tiger Switch, you must first configure it with an IP address that is compatible with the network it is being installed in. For simplicity, this should be done before you permanently install

The following proc

1. Place your Tigit. It will help iworking on you

2. Connect the Eof your Tiger Shave a link by cDescription on

3. The default IPmask is 255.25switch but is oaddresses that Otherwise, youunfamiliar withpage 7.

4. Open your webyour PC is proTiger Switch. Iaddress and rep

5. Enter the defaubutton. the switch in the network.

edure is recommended:

er Switch close to the PC that you will use to configure f you can see the front panel of the switch while r PC.

thernet port of your PC to any port on the front panel witch. Connect power to the switch and verify that you hecking the front-panel LEDs. (See the Hardware page 2 for more information on the LEDs.)

address of the switch is 192.168.2.10 and the subnet 5.255.0. If your PC has a different IP address from the n the same subnet (i.e. the PC and switch both have start 192.168.2.x ) you can skip directly to step 4. must set your PCs IP address manually. If you are this process, see Changing a PCs IP Address on

browser and enter the address http://192.168.2.10. If perly configured, you will see the login page of your f you do not see the login page, please check your IP eat step 3.

lt password "smcadmin" and click on the Login

FEATURES AND BENEFITS

6. From the menu, click on SYSTEM, then click on LAN Settings. On the LAN Settings page, enter the new IP address, Subnet Mask and Gateway IP Address for the switch, then click on the APPLY button.

No other configuration changes are required at this stage, but it is recommended that you change the administrators password before logging out. To change the password, click SYSTEM, Password, and then fill in all the fields oAPPLY button.3

n the Password Settings page before clicking on the

CONFIGURING THE SWITCH

4

CONFIGURING THE SWITCHUsing the Web Interface

This switch provideyou can configure tactivity. The web agusing a standard weFirefox 1.0 or abov

Prior to accessing tperformed the follo

1. Configure the sgateway. (Defau(See Initial Co

2. Set a new passwAccess to the w(See Configuri

Note: If, at any you can redescribeds an embedded HTTP web agent. Using a web browser he switch and view statistics to monitor network ent can be accessed by any computer on the network b browser (Internet Explorer 5.5 or above, or Mozilla e).

he switch from a web browser, be sure you have first wing tasks:

witch with a valid IP address, subnet mask, and default lt: 192.168.2.10/255.255.255.0/0.0.0.0)nfiguration on page 2.)ord using the web interface. (Default: smcadmin). eb interface is controlled by the password. ng the Logon Password on page 18.)

point, you cannot remember the switch's IP address, store the original settings by following the procedure

in the "Troubleshooting" section.

NAVIGATING THE WEB BROWSER INTERFACE

Navigating the Web Browser InterfaceTo access the web-browser interface you must first enter a password. The user has Read/Write access to all configuration parameters and statistics. The default password for the switch is smcadmin. If user input is not detected within five minutes, the current session will be terminated.

Home PageWhen your web brpage is displayed ason the left side of tThe Main Menu linconfiguration param5

owser connects with the switchs web agent, the home shown below. The home page displays the Main Menu he screen and System Information on the right side. ks are used to navigate to other menus, and display eters and statistics.

Figure 1 Home Page


6

Configuration OptionsConfigurable parameters have a dialog box or a drop-down list. Once a configuration change has been made on a page, be sure to click on the Apply button to confirm the new setting. The following table summarizes the web page configuration buttons.

Notes: To ensuis confiOptionsetting should

Panel DisplayThe web agent dispgreen when the coranother device. To intended port.

TabButtonApplyCancelHelpre proper screen refresh, be sure that Internet Explorer gured as follows: Under the menu Tools / Internet s / General / Temporary Internet Files / Settings, the for item Check for newer versions of stored pages be Every visit to the page.

lays an image of the switchs ports. The port will turn responding front-panel port is in connection with show the port number, place mouse pointer onto the

Figure 2 Front Panel Indicators

le 1 Web Page Configuration ButtonsActionSets specified values to the system. Discards all changes and restores current values.Links directly to web help.

NAVIGATING THE WEB BROWSER INTERFACE

Main Menu Using the onboard web agent, you can define system parameters, manage and control the switch, and all its ports, or monitor network conditions. The following table briefly describes the selections available from this program.

MenuSTATUS

Overview

Statistics

SYSTEM

Name

LAN Settings

Password

Tools

Restore to FactoDefaults

Upgrade Firmw

Restart

Register Product

Static MAC

Counter Config

PORTS

Settings7

Table 2 Switch Main MenuDescription Page

9

Provides basic system description, including system information, address information, port information, trunk information, and VLAN information.

9

Shows statistics for port, interface, and RMON.

13

16

Shows the name of the switch. 16

Sets LAN IP address, subnet mask, and gateway IP address.

17

Changes password. 18

19

ry Force the Switch to perform a power reset and restore the original factory settings.

19

are Upgrade the Switch system firmware using a file provided by SMC.

20

Restarts the switch. 21

Registers the switch online. 22

Creates Static MAC addresses. 22

Selects which statistics to count and show. 23

24

Configure the speed and duplex mode of the port.

24


8

Rate Limiting Sets the rate limiting parameters for each port on the Switch

25

Storm Control Sets the broadcast storm control parameters for every port on the Switch.

23

Port Mirroring

Cable Diagnostic

TRUNKS

Membership

Settings

Rate Limiting

LACP Setup

LACP Status

VLANS

VLAN Membersh

VLAN Port Confi

QOS

Settings

RSTP

Settings

Status

802.1X

Settings

Statistics

Security

IP Filter

Table 2 Switch Main Menu (Continued)Menu Description PageSets up the port mirroring features of the switch to enable traffic monitoring.

28

Diagnoses cable faults. 29

30

Specifies ports to group into static trunks 31

Configures trunk connection settings 31

Sets the rate limiting parameters for each Trunk configured on the Switch.

32

Sets link aggregation. 33

Shows the LACP groups status. 34

33

ip Sets VLAN group. 35

g Configures the VLANs on the switch for both Ports and Trunks.

33

38

Sets the priority of packets within the switch. 38

40

Sets up RSTP configuration. 41

Shows RSTP bridge and port status. 42

43

Sets up 802.1X configuration. 44

Displays the 802.1x statistics collected by the switch.

46

47

Setus up IP filter. 47

WEB CONFIGURATION

Web Configura

Displaying Status OYou can easily idenand contact inform

Field Attributes

System Information System Name Number of Por Hardware Vers Code Version Serial Number

Address Information Management V

cannot be changmanagement sta

IP Address A

Port Security Sets security policy for port. 49

ACL Sets up management access filter. 51

IGMP Snoop 52

Settings

Status

SNMP

Settings

LOGOUT

Table 2 Switch Main Menu (Continued)Menu Description Page9

tion

verviewtify the system by displaying the device name, location ation.

Name assigned to the switch system.ts Number of built-in ports.ion Hardware version of the main board. Version number of the code.

The serial number of the switch.

LAN ID of the configured VLAN (this is set to 1 and ed) all ports on the unit are members of VLAN 1. The tion must always be attached to a port on VLAN 1. ddress of the VLAN to which the management station

Sets up IGMP Snooping configuration 54

Shows IGMPSNOOP instances and port states.

54

55

Sets up SNMP agent. 55

Quits to the Login page.


10

is attached. (Note that the management station must always be on VLAN 1) Valid IP addresses consist of four numbers, 0 to 255, separated by periods.

Subnet Mask This mask identifies the host address bits used for routing to specific subnets. (Default: 255.255.255.0)

Gateway IP Address IP address of the gateway router between the stack and manag(Default: 0.0.0.0

MAC Address

Port Information Type Indicate Link Status I Speed/Duplex

Displays a numbfull-duplex or "h

Flow Control Sdisabled.

Autonegotiatio Frame Type E

will only send anport will also sen

PVID VLANinterface. (Defau

Trunk Information Trunk The tru Type All trun Trunk Status

trunk. This is a nfull-duplex or HTRUNKS > Set

Ports The porement stations that exist on other network segments. ) The physical layer address.

s the port type.ndicates if the link is Up or Down. Status Shows the current speed and duplex mode. er, the speed in Mbps, followed by either "fdx" for dx" for half-duplex.tatus Indicates whether flow control is enabled or

n Shows if auto-negotiation is enabled or disabled.ither "Tagged" or "All". "Tagged" means that the port

d receive VLAN-tagged packets. When set to "All", the d and receive untagged packets.

ID assigned to untagged frames received on the lt: 1)

nk label. "T1" through "T8" are used as trunk labels.ks and ports on this switch are 10/100/1000M An indication of the speed and duplex setting of the umber, the speed in Mbps, followed by either Full for alf for half-duplex. This can be changed on the

tings page.ts that are members of the trunk.

WEB CONFIGURATION

VLAN Inoformation VLAN ID A number in the range 1 - 4094 which identifies the VLAN. VLAN Member A list of the ports that are members of the VLAN.

By default, all ports are members of VLAN 1.11


12

Web Click STATUS, Overview.Figure 3 Switch Information

WEB CONFIGURATION

Showing Port StatisticsYou can display statistics on network traffic from the ports. These statistics can be used to identify potential problems with the switch (such as a faulty port or unusually heavy loading). All values displayed have been accumulated since the last system reboot, but can be reset to zero by clicking the CLEAR button. The current statistics are not displayed until you click the REF

ParameterInterface Statistics

Received Octets

Received Unicast Pa

Received Errors

Transmitted MulticaPackets

Transmitted BroadcPackets

Received High PriorPackets

Transmitted High PPackets

Received Multicast P13

RESH button.

Table 3 Port StatisticsDescription

The total number of octets received on the interface, including framing characters.

ckets The number of subnetwork-unicast packets delivered to a higher-layer protocol.

The number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.

st The total number of packets that higher-level protocols requested be transmitted, and which were addressed to a multicast address at this sub-layer, including those that were discarded or not sent.

ast The total number of packets that higher-level protocols requested be transmitted, and which were addressed to a broadcast address at this sub-layer, including those that were discarded or not sent.

ity The total number of received packets that set as High Priority in the QoS settings.

riority The total number of transmitted packets that set as High Priority in the QoS settings.

ackets The number of packets, delivered by this sub-layer to a higher (sub-)layer, which were addressed to a multicast address at this sub-layer.


14

Received Broadcast Packets

The number of packets, delivered by this sub-layer to a higher (sub-)layer, which were addressed to a broadcast address at this sub-layer.

Transmitted Octets The total number of octets transmitted out of the

Transmitted UnicastPackets

Transmitted Errors

Received Normal PrPackets

Transmitted NormaPriority Packets

RMON Statistics

Drop Events

Received Frames

Multicast Frames

Undersize Frames

Fragments

Collisions

Table 3 Port Statistics (Continued)Parameter Descriptioninterface, including framing characters.

The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.

The number of outbound packets that could not be transmitted because of errors.

iority The total number of received packets that set as High Priority in the QoS settings.

l The total number of transmitted packets that set as High Priority in the QoS settings.

The total number of events in which packets were dropped due to lack of resources.

The total number of frames (bad, broadcast and multicast) received.

The total number of good frames received that were directed to this multicast address.

The total number of frames received that were less than 64 octets long (excluding framing bits, but including FCS octets) and were otherwise well formed.

The total number of frames received that were less than 64 octets in length (excluding framing bits, but including FCS octets) and had either an FCS or alignment error.

The best estimate of the total number of collisions on this Ethernet segment.

WEB CONFIGURATION

Received Bytes Total number of bytes of data received on the network. This statistic can be used as a reasonable indication of Ethernet utilization.

Broadcast Frames The total number of good frames received that were

CRC/Alignment Er

Oversize Frames

Jabbers

64 Bytes Frames

65-127 Byte Frames128-255 Byte Frame256-511 Byte Frame512-1023 Byte Fram1024-1518 Byte Fram

Table 3 Port Statistics (Continued)Parameter Description15

directed to the broadcast address. Note that this does not include multicast packets.

rors The number of CRC/alignment errors (FCS or alignment errors).

The total number of frames received that were longer than 1518 octets (excluding framing bits, but including FCS octets) and were otherwise well formed.

The total number of frames received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either an FCS or alignment error.

The total number of frames (including bad packets) received and transmitted that were 64 octets in length (excluding framing bits but including FCS octets).

sseses

The total number of frames (including bad packets) received and transmitted where the number of octets fall within the specified range (excluding framing bits but including FCS octets).


16

Web Click STATUS, Statistics.

Displaying System NYou can easily iden

Field Attributes Switch Name Figure 4 Port Statistics

ametify the system by displaying the device name.

Name assigned to the switch system.

WEB CONFIGURATION

Web Click System, Name.

Setting the SwitchsThis section descriaccess over the netdefault. To manualldefault settings (IPvalues that are comestablish a default gthat exist on anoth

Field Attributes

DHCP Enabenabled)

LAN IP Addrmanagement a255, separated

Subnet Maskrouting to spe

Gateway IP Adevice and ma(Default: 0.0.0

Note: If, at any you can redescribed17

Figure 5 System Name

IP Address bes how to configure an IP interface for management work. The IP address for this switch is 192.168.2.10 by y configure an address, you need to change the switchs address 192.168.2.10 and netmask 255.255.255.0) to patible with your network. You may also need to a ateway between the switch and management stations

er network segment.

led Clciik to select the box to enable DHCP. (default:

ess Address of the VLAN interface that is allowed ccess. Valid IP addresses consist of four numbers, 0 to by periods. (Default : 192.168.2.10) This mask identifies the host address bits used for cific subnets. (Default: 255.255.255.0)ddress IP address of the gateway router between this

nagement stations that exist on other network segments. .0)point, you cannot remember the switch's IP address, store the original settings by following the procedure

in the "Troubleshooting" section.


18

Manual ConfigurationWeb Click System, LAN Settings. Enter the IP address, subnet mask and gateway, then click APPLY.

Configuring the LogThe administrator onboard agent. Youas soon as possible

Field Attributes

Password S(Range: 1-16 c

Note: If, at any restore thin the "TrFigure 6 LAN Settings

on Passwordhas write access for all parameters governing the should therefore assign a new administrator password

, and store it in a safe place.

pecifies the user password.haracters plain text, case sensitive)

point, you cannot remember the password, you can e original settings by following the procedure described oubleshooting" section.

WEB CONFIGURATION

Web Click System, Password. To change the password for the administrator, enter current password, the new password, confirm it by entering it again, then click APPLY.

ToolsOn Tools page, youfirmware of the sw

Restore to FactorForce the Switch toswitch, select "Reseclick APPLY. The Lwill not be reset.19

Figure 7 Password Settings

can restore the switch to default settings, upgrade the itch, or restart the switch.

y Defaults restore the original factory settings. To reset the t to Factory Defaults" from the drop-down list and AN IP Address, Subnet Mask and Gateway IP Address


20

Web Click System, Tools, Reset to Factory Defaults.

F

Upgrade FirmwaUpgrades the Switc"Upgrade Firmwar"Browse" button tobutton to upgrade firmware files for y

Web Click Systemigure 8 Reset to Factory Defaults

reh system firmware using a file provided by SMC. Select e" from the Tools drop-down list then click on the select the firmware file. Finally, press the APPLY

the selected Switch firmware file. You can download our Switch from the Support section of www.smc.com.

, Tools, Reset to Factory Defaults.

Figure 9 Upgrade Firmware

WEB CONFIGURATION

Upload/Download ConfigurationWeb Click SYSTEM, Tools, Upload/Download Configuration. To upload or download the configuration file, select "Upload/Download Configuration" from the Tools drop-down list, then click "Upload" or "Download", and then click on the "Browse" button to select the file.

Figur

Restart SwitchWeb Click SYSTfrom the Tools drocomplete when the21

e 10 Upload/Download Configuration

EM, Tools, Restart Switch. To restart the switch, select p-down list, and then click APPLY. The reset will be user interface displays the login page.

Figure 11 Restart Switch


22

Register ProductRegister your product if you have not already done so.

Web Click System, Register Product. By clicking the Register Now button you will be taken to the SMC website, where you can enter the products details.

Static MACA static MAC addr

Add Static MACType the static MAcorresponding fieldbutton, you will beMask for this MACtime.

Static MAC AddrThis table shows thindicates that the cis set to 1 in the deassociated with theright side and use MModify button willDestination Mask.Figure 12 Register Product

ess is an entry in MAC table which can not be aged out.

C address and associated VLAN ID (1-4095) into s in the Add Static MAC table. After pressing ADD

navigated to a new page to configure the Destination entry. Only one static MAC address can be added per

ess Configuratione stored static MAC entries in MAC table. Symbol X

orresponding bit for the port the symbol X respresents stination mask. Click the radio button which is static MAC entry that is displayed immediately at its odify or Delete button can modify or delete this entry.

navigate to a web page for reconfiguring the

WEB CONFIGURATION

Web Click System, Static MAC.

Figure

Counter ConfigThis page allows thIt is possible to motransmit byte counalso note the follow

Received Unicast Pand Received Broa

Received Multicastdisabled after Rece

The above 2 rules aTransmitted Unicas23

13 Static MAC Address Configuration

e customer to select the statistics to count and display. nitor 5 Transmit counters,5 receive counters as well as 1 ter and receive byte counter at the same time. Please ing restrictions.

ackets can be enabled after Received Multicast Packets dcast Packets are enabled.

Packets and Received Broadcast Packets can be ived Unicast Packets is disabled.

re also applied to Transmitted Multicast Packets, t Packets and Transmitted Broadcast Packets.


24

Web Click PORTS, Settings.

Port ConfigurationYou can use the Pomode, and flow co

Field Attributes

Speed/Duplexmode.

Flow Control box is checked,

Trunk IndicatFigure 14 Counter Configuration

rt Configuration page to manually fix the speed, duplex ntrol.

Allows you to manually set the port speed and duplex

Allows flow control to be enabled or disabled. When the flow control is enabled.es if a port is a member of a trunk.

WEB CONFIGURATION

Web Click PORTS, Settings.

Configuring Rate LiThis function allowfor traffic transmittconfigured on interof the switch. Traffpackets that exceed

Rate limiting can binterface is configuby the hardware toconforming traffic

The Input/Outputinteger number in t25

Figure 15 Port Configuration

mitss the network manager to control the maximum rate ed or received on an interface. Rate limiting is faces at the edge of a network to limit traffic into or out ic that falls within the rate limit is transmitted, while the acceptable amount of traffic are dropped.

e applied to individual ports or trunks. When an red with this feature, the traffic rate will be monitored verify conformity. Non-conforming traffic is dropped, is forwarded without any changes.

Bandwidth Limit field is a type-in box which accepts an he range 1 to 100. The number specifies the percentage


26

of the total input bandwidth of the port that can be used before packets are dropped or flow-control starts.

Web Click PORTS, Rate Limiting. This page enables you to set the rate limiting parameters for each port on the Switch.Figure 16 Rate Limiting

WEB CONFIGURATION

Storm ControlBroadcast storms may occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degraded or everything can come to complete halt.

You can protect yothreshold for broadexceeding the spec

Field Attributes

Type List the tLearn Frames, B

Enable Storm Cstorm control fo

Rate(number odrop-down list. switch. When thirrespective of th27

ur network from broadcast storms by setting a cast traffic for each port. Any broadcast packets

ified threshold will then be dropped.

ype of traffic which can be rate limited, including ICMP, roadcast, Multicast and Flooded Unicast frames.ontrol Click to select the box to enable/disable the

r the type of frames listed just in the left side of it.f frame per second) The Rate field is set by a single The same threshold is applied to every port on the e threshold is exceeded, packets are dropped, e flow-control settings.


28

Web Click PORTS, Storm Control. This page enables you to set the broadcast storm control parameters for every port on the Switch.

Port MirroringYou can mirror traanalysis. You can thport and study the unobtrusive manne

Field Attributes

Ports to MirrorSelect the ports thaport will be mirror

Port to Mirror ton the source pobe dropped whebandwidth.

Note: If the totabandwidtFigure 17 Port Broadcast Control

ffic from any source port to a target port for real-time en attach a logic analyzer or RMON probe to the target traffic crossing the source port in a completely r.

t you want to mirror from this section of the page. A ed when the"Mirroring Enabled" check-box is checked.

o The port that will duplicate or mirror the traffic rt. Only incoming packets can be mirrored. Packets will n the available egress bandwidth is less than ingress

l ingress bandwidth exceeds the mirror port's egress h, packets will eventually be dropped on ingress to the

WEB CONFIGURATION

switch which means they will not reach the mirror port or their intended destination port. Input rate-limiting in conjunction with port flow-control could be used to ensure that the total ingress bandwidth never exceeds the egress bandwidth.

Web Click PORTS, Port Mirroring.

Cable DiagnosticYou can perform cdiagnose any cable fault.

Field Attributes

Cable Diagnosport that you wa

Cable Status a variety of comcabling.29

Figure 18 Port Mirroring

able diagnostics for all ports or selected ports to faults (Short, Open etc..) and feedback a distance to the

tics It can be performed on a per-port basis. Select the nt to do the cable diagnostics.Show the cable length, operating conditions and isolate mon faults that can occur on the CAT5 twisted pair


30

Web Click PORTS, Port Mirroring.

Trunks MembershipThis page allows yoports each. The Mecolumns. Each rowwhich trunk (if any

Field Attributes

Port The fron Not a Trunk M

the port is not a Trunk T1-T8

supported by thecolumns causes trunk.Figure 19 Cable Diagnostics

u to create a maximum of eight trunks of up to eight mbership Table has one row for each port and ten contains nine radio buttons which are used to indicate ) the port belongs to.

t-panel port-number of the port.ember If the radio button in this column is selected, member of any trunks. This is the default state. These columns correspond to the eight trunks that are Switch. Clicking on the radio button in any one of these the port to become a member of the corresponding

WEB CONFIGURATION

Web Click TRUNKS, Membership. Click to select which Trunk member to which each port belongs.

Trunk ConfiguratioField Attributes

Trunk Indicat Speed/Duplex

mode for all por Flow Control

box is checked, Ports Indicate31

Figure 20 Trunk Membership

n

es trunk identification. Allows you to manually set the port speed and duplex ts in the trunk. Allows flow control to be enabled or disabled. When the flow control is enabled.s which ports belong to the trunk.


32

Web Click TRUNKS, Settings.

Trunk Rate LimitThis page allows yoeach trunk on the s

Field Attributes

Trunk Indicat Trunk Speed Enable Input R

Input Rate Limi Input Limit E Enable Output

Output Rate Lim Output Limit Ports IndicateFigure 21 Trunk Configuration

u to change the maximum data-rate into and out of witch.

es trunk identification. Indicates the trunk speed.ate Limiting - Click to select the box to enable the

ting function. nter the desired limit. (% of port speed)

Rate Limiting Click to select the box to enable the iting function. Enter the desired limit. (% of port speed)s which ports belong to the trunk.

WEB CONFIGURATION

Web Click TRUNKS, Settings.

LACP SetupThis page enables yports. LACP (IEEEset up aggregation

Field Attributes

Port The fronchanged.

Enabled Ena Key Value SeWeb Click TRUN

F33

Figure 22 Trunk Rate Limiting

ou to setup the configuration of LACP on all or some 802.3ad Link Aggregation Protocol) provides a way to

automatically between switc

t-panel port-number of the port. This cannot be

ble LACP on the associated port.tup key value for each port.KS, Settings.

igure 23 LACP Port Configuration


34

LACP StatusThis page displays the LACP status of the switch.

LACP AggregationShows the status of each port. The LACP Aggregation table has one row for each LACP group. Normal means no LACP group is active. For active LACP groups, a nemembers are displawhich use color an

Aggregation InfoShows aggregation

Field Attributes

Aggregation G Partner MAC A Local Ports Ag Seconds Since

since last setup.

LACP Port StatusShows LACP port

Field Attributes

Port - The port Port Active - Sh Partner Port N Operational Po

LACP group.w row is created from which the status of its port yed. Status of each port is indicated by a colored box, d number to differentiate status.

rmation information for each LACP group.

roup - The ID number of the LACP group.ddress - The MAC address of link partner.

gregated - Port member list of the local LACP group.Last Change - Time in seconds for the LACP group

status.

ID. ow if the port is a member of active LACP group.umber - List of port ID for the link partner. rt Key - The current operational value of the Key for the

WEB CONFIGURATION

Web Click TRUNKS, LACP Status.

VLAN SettingsYou can configure default VLAN idenallows you to creatVLAN membershipowerful but can bcorresponds to oneindividually.

Introduction to VVLANs (or Virtualcan use VLANs tonetwork security.35

Figure 24 LACP Status Overview

VLAN behavior for specific interfaces, including the tifier (PVID) and accepted frame types. This page

e and delete VLANs (Virtual LANs) and to change the p and behaviour of individual ports. VLANs are e difficult to set up properly. Each row of the table port or trunk; trunked ports cannot be configured

LANs LANs) are logical partitions of the physical LAN. You increase network performance or increase internal


36

If the network has adequate performance and security for your current needs, it is recommended that you leave the VLAN settings in the default configuration. The default configuration is as follows:

All ports are members of VLAN 1 The switch management interface is on VLAN 1 (this cannot be

changed) All ports have a All ports can sen

(i.e. they are hybIn the default confport and a PC conninterface. Broadcasswitch.

There are three difon the switch; VLANote that the portsconfigure the Trun

Field Attributes

Port/Trunk Ttrunk. This cann

VLAN Awarenreceived frames VLAN unaware the tag in transmFor QinQ applicnetwork port (tr

QinQ QinQ elength, which mFor QinQ applicnot for customeNote: For QinQPort VLAN ID (PVID) of 1 d and receive both VLAN-tagged and untagged packets rid ports) iguration, any port is able to send traffic to any other ected to any port will be able ro reach the management t traffic, for example, will be flooded to all ports on the

ferent parameters that can be configured for each port N IDs (VLAN membership), PVID and Packet Type. within a Trunk cannot be configured individually; k instead (Trunks are labelled T1 to T8).

he front-panel port-number of the port or the ID of a ot be changed.ess VLAN aware ports will strip the VLAN tag from and insert the tag in transmitted frames (except PVID). ports will not strip the tag from received frames or insert itted frames. ation, customer port should be VLAN unaware and unk port) should be VLAN aware.nabled port will accept packets up to 1526 bytes in eans double tag header frames can be accepted. ation, the QinQ should be enabled for provider port but r port. application, customer ports indicate those ports which

are connected to normal VLAN aware switches at the customer network and the network ports are those which are connected to the service provider network. To tunnel the packets through MAN, QinQ needs to be enabled on network ports

Packet Type Sets the interface to accept all frame types, including tagged or untagged frames, or only tagged frames. When set to receive all frame types, adefault VLAN. Pto All. PCs canshould be connethe Packet Typeuntagged packetidentified by theis a member of tOutgoing packesame as the PVIdrop untagged pTagged packets VLAN identifiedeffect in this cas

PVID VLANinterface. The PVassociated with uport from VLANthan 1. The PVITagged. (Defaulny received frames that are untagged are assigned to the Cs should be connected to ports with Packet Type set not, in general, send or receive tagged packets. Switches cted to each other with Packet Type set to Tagged. If is set to All, the port can accept incoming tagged and s. Untagged packets will be associated with the VLAN PVID. Tagged packets will be dropped unless the port he VLAN identified by the VLAN tag in the packet. ts will be tagged unless the packet's VLAN ID is the D. If the Packet Type is set to Tagged, the port will ackets and will only send and receive tagged packets. will be dropped unless the port is a member of the by the VLAN tag in the packet. The PVID has no

e.(Option: All, Tagged; Default: All) ID assigned to untagged frames received on the

ID is (Port VLAN ID) is the VLAN ID that is ntagged, ingress packets. It is not possible to remove a 1 unless its PVID has been changed to something other

D has no effect on ports that have Packet Type set to t: 1)


38

Web Click VLANS, VLAN Settings. Fill in the required settings for each interface, click Apply.

QOS SettingsQoS (Quality of Setraffic as it is movesNormal priority anpriority packets thaprioritized by usingQoS Mode drop-do

Note: Only onefor examp802.1p tag

QoS Disabled QoS is turned off aFigure 25 VLAN Settings

rvice) is a mechanism which is used to prioritize certain through the switch. Traffic can be classified as High or d, when the switch is heavily loaded, it is the Normal t are dropped first. You can select how traffic is one of the four QoS modes which is selected using the wn list.

QoS mode can be active at one time. It is not possible, le, to prioritise traffic using the IP Port number and .

nd all packets have equal priority.

WEB CONFIGURATION

802.1pPackets are prioritzed using the content of the VLAN-tag. The 802.1p field is held within the VLAN-tag of a packet. The field is three bits long so can hold eight values; 0 - 7 inclusive. When QoS Mode is set to 802.1p, the 802.1p Configuration table appears which allows a priority (normal or high) to be set for each of the eight values.

You can use the Prin the 802.1p Confvalues to normal prpriority. Use Custo

Note: Because endnot create VLAN-tis not ideal when th

DSCPPackets are prioritizPoint) value.

The Differentiatedcontained within anfield to take any vato DSCP, the DSCP(normal or high) to

You can use the Prin the DSCP Confivalues to normal prpriority. Use Custo39

ioritize Traffic drop-down list to quickly set the values iguration table. Select All Normal Priority to set all iority or select All High Priority to set all values to high m if you want to set each value individually.

-stations, like PCs, are not usually VLAN aware, they do agged frames. As a result, this method of prioritization ere are a lot of PCs connected to the Switch.

ed using the DSCP (Differentiated Services Code

Services Code Point (DSCP) is a six bit field that is IP (TCP or UDP) header. Six bits allows the DSCP

lue in the range 0 - 63 inclusive. When QoS Mode is set Configuration table appears which allows a priority

be set for each of the DSCP values.

ioritize Traffic drop-down list to quickly set the values guration table. Select All Normal Priority to set all iority or select All High Priority to set all values to high m if you want to set each value individually.


40

Web Click QOS, Settings. In QoS Mode, select QoS Diabled, 802.1p, or DSCP to configure the related parameters.

RSTPRSTP is a protocolreconfigures which

STA IntroductionThe Spanning Treenetwork loops, androuters. This allowsis, an STA-compliathat only one routeprovide backup lingoes down. The spSTP, Spanning TreeTree Protocol (IEEFigure 26 QoS Settings

that prevents loops in the network and dynamically physical links in a switch should forward frames.

Algorithm (STA) can be used to detect and disable to provide backup links between switches, bridges or the switch to interact with other bridging devices (that nt switch, bridge or router) in your network to ensure exists between any two stations on the network, and ks which automatically take over when a primary link anning tree algorithms supported by this switch are Protocol (IEEE 802.1D), and RSTP, Rapid Spanning E 802.1w).

WEB CONFIGURATION

RSTP System ConfigurationField Attributes

System Priority This parameter configures the spanning tree priority globally for this switch. The device with the highest priority becomes the STA root device. However, if all devices have the same priority, the device with the lowest MAC address will then become the root device. Number betwee16 distinct value

Hello Time Iconfiguration mis 2).

Max Age Thereceiving a confialso means the m6 - 40 (default is

Forward Delaywait before chanNumber betwee

Force Version RSTP, Compatib

RSTP Port ConfigField Attributes

Port - The port configured trunk

Enabled - Clickfor the port.

Edge - Expect ta link to another41

n 0 - 61440 in increments of 4096. Therefore, there are s.nterval (in seconds) at which the root device transmits a essage (BPDU frame). Number between 1 - 10 (default

maximum time (in seconds) a device can wait without guration message before attempting to reconfigure. That aximum life time for a BPDU frame. Number between

20). The maximum time (in seconds) the root device will ging states (i.e., discarding to learning to forwarding). n 4 - 30 (default is 15). Set and show the RSTP protocol to use. Normal - use le - compatible with STP.

uration

ID. It can not be changed. Aggregations means any group. on the tick-box to enable/disable the RSTP prototocl

he port to be an edge port (linking to an end station) or STP device.


42

Path Cost - This parameter is used by the STP to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. Set the RSTP pathcost on the port. Number between 0 - 200000000. 0 means autogenerated pathcost.

Web Click RSTP, Settings.

Figure 26

RSTP Status OveThe RSTP Bridge Owhole switch. Hellodisplayed. Topologroot port ID for th

RSTP Port StatusShows the detailedFigure 27 RSTP Configuration

rviewverview table has one row to display settings for the

Time, Maximum Age and Forward Delay are y shows the switch current state. Root ID indicates the e switch.

RSTP information for each port.

WEB CONFIGURATION

Field Attributes Port/Trunk - Port/Trunk ID number. VLAN ID - VLAN IDs of the port. Path Cost - Show the path cost on this port. Edge Port - Yes if the port is an edge port which connects to an end

station. P2p Port - Yes Protocol - Show Port State - Sho

etc... Web Click RSTP

802.1XNetwork switches cby simply attachingaccess is a desirable43

if the port link is connected to another STP device. the running protocol, RSTP or STP. w the current port state, blocking, forwarding, learning

, Status.

Figure 28 RSTP Status Overview

an provide open and easy access to network resources a client PC. Although this automatic configuration and feature, it also allows unauthorized personnel to easily


44

intrude and possibly gain access to sensitive network data. With IEEE 802.1X (dot1X), access to all switch ports in a network can be centrally controlled from a server, which means that authorized users can use the same credentials for authentication from any point within the network.

802.1 X SettingThe IEEE 802.1x sthat prevents unautsubmit credentials

Field AttributesSystem Setting

Mode - Indicateswitch.

RADIUS IP - S RADIUS UDP

server. RADIUS Secre

RADIUS server Reauthenticati

the interval speccan be used to d

Reauthenticaticonnected client

EAP timeout - response before

Port Setting

Port - The port Admin State - S

options: Auto - Re

authenticatandard defines a port-based access control procedure horized access to a network by requiring users to first for authentication.

s if 802.1x protocol is globally enabled or disabled on the

et RADIUS server IP address. Port - Set up UDP Port for the external RADIUS

t - Set the secret shared between the switch and the . on Enabled - Sets the client to be re-authenticated after ified by the Re-authentication Period. Re-authentication etect if a new device is plugged into a switch port. on Period - Sets the time period after which a must be re-authenticated. The time the switch shall wait for the supplicant re-transmitting a packet.

ID. It can not be changed. ets the authentication mode to one of the following

quires a dot1x-aware client to be authorized by the tion server. Clients that are not dot1x-aware will be

WEB CONFIGURATION

denied access.

Force-Authorized - Forces the port to grant access to all clients, either dot1x-aware or otherwise.

Force-Unauthorized - Forces the port to deny access to all clients, either dot1x-aware or otherwise.

Port State - The Reset - Two op

Re-Authequiet-peri

Force-Reenables imquiet-peri

Note: The reasofails, the I"quiet-perand not resupplican'brute-for45

state of the port. tions available: nticate - Schedules a reauthentication to whenever the

od of the port runs out.

initialize - Bypasses the quiet-period of the port and mediate reauthentication regardless of the status for the

od.

n for a "quiet-period" follows: If a re-authentication EEE802.1X standard enforces a so-called iod" in which the authenticator (switch) shall be quiet -try another authentication - also packets from

t are discarded in this quiet period - this way ce' attacks are prevented.


46

Web Click 802.1X, Settings.

802.1XField Attributes

Port Statistics -port that you wa

Authenticator c Backend Authe Dot1x MIB couFigure 29 802.1X Configuration

Statistics can be viewed on a per-port basis. Select the nt to view here. ounters - General statistics for authenticator. nticator counters - General statistics for Radius server. nters - MIB module defined for 802.1x.

WEB CONFIGURATION

Web Click 802.1X, Statistics.

Security

IP FilterOn this page, you cused to block unwaeither a specific souConfiguration table

Field Attributes

Port - The front Source IP Filte Mode - Select th

Disabled47

Figure 30 802.1X Statistics

an setup the source IP Filter on all or some ports. It is nted access and provide access to the network for rce IP address or a specific subnet. The IP Filter has one row for each port and five columns.

-panel port-number of the port. This cannot be changed. r - Set mode and IP addresses for IP filter. e mode for this port.

- Disable source IP filter.


48

Static - Enable source IP filter with configured values in IP Address and IP Mask fields.

DHCP - The IP address for the device connected to this port will be automatically assigned by DHCP server and only frames with the assigned IP address are allowed to access the network. The IP Address and IP Mask fields will be filled with the assigned IP address an

IP Address - Seaddress outside

IP Mask - Setupwith a specific IP255.255.255.255

DHCP Sever Athis port. When allowed to be linunwanted or und 255.255.255.255 individually by software.

tup IP addresses to allow accessing. Frames with IP the allowed range will be dropped. IP subnet mask to allow accessing for a subnet. If frame address is allowed, the mask should be set to

. llowed - Set if DHCP server is enabled or disabled on DHCP Server Allowed is selected on a port, the port is ked to a DHCP server. This can prevent the access of

solicited DHCP servers.

WEB CONFIGURATION

Web Click Security, IP Filter.

Figure 30

Port SecurityPort security is a femore MAC addressthat port. The Portcolumns.

When port securityMAC addresses onmaximum number.stored in the dynamto access the netwoMAC address attemdetected and the swIntrusion Action.

Field Attributes49

Figure 31 IP Filter Configuration

ature that allows you to configure a port with one or es that are authorized to access the network through Security table has one row for each port and five

is enabled on a port, the switch stops learning new the specified port when it has reached a configured Only incoming traffic with source addresses already ic or static address table will be accepted as authorized rk through that port. If a device with an unauthorized pts to use the switch port, the intrusion will be itch can automatically take action which is specified in


50

Port - The front-panel port-number of the port. This cannot be changed. Allowed number of Learned MAC addresses - Set maximum of MAC

addresses which can be learned by this port. The Mode settings for the port are set by a single drop-down list.

No Limit - No limitation on the number of dynamcally learned MAC address. Also means disable port security.

8/7/6/5/learned M

0 - No dyBut this h

Note: Port secuand have 24 static MMAC.

Note: The MACand will nport will b

Number of Leacurrently learnedsetup with "No addresses field.

Intrusion Actioaddresses are de

Deny Neaddress w

Send Trastation, traction.

Trunk - Display4/3/2/1 - The maximum number of dynamically AC address.

namically learned MAC address is allowed on this port. as no influence on the static MAC address.

rity only handles dynamically learned MAC addresses no limitations on static MAC addresses. On this switch,

AC address can be configured by System > Static

addresses already in the address table will be retained ot age out. Any other device that attempts to use the e prevented from accessing the switch.

rned MAC addresses - Display the number of MAC addresses. The string '-' is displayed if a port is

Limit" mode in the Allowed number of Learned MAC

n - Action to be carried out if unauthorized MAC tected. w Stations - The station with unauthorized MAC ill be denied to access the port.

p and Deny New Stations - Besides denying the new ap message is sent by the switch to report an intrusion

the trunk ID if the port is member of a trunk group.

WEB CONFIGURATION

Web Click Security, Port Cecurity.

ACLThis page enables yWith the Managemlist of up to 8 IP admanagement accessmanagement interfadd an entry to a fispecified addressesthe switch from an

Note: Invalid frabut norm51

Figure 32 Port Security

ou to setup management access filter on the switch. ent Access Filter Configuration table, you can create a dresses or IP address groups that are allowed to the switch through the web interface or SNMP. The aces are open to all IP addresses by default. Once you lter list, access to that interface is restricted to the . If anyone tries to access a management interface on invalid address, the switch will reject the connection.

mes will not be able to access management interface, al forwarding is not impacted.


52

Web Click Security, ACL.

Figure 33

IGMP SnoopIGMPSNOOP momulticast clients anneed to recieve thereports only, Sourc

Settings

Field AttributesIGMP Snooping Con

IGMP Enabledto determine wh

Router Ports - routers. Management Access Filter Configuration

nitors IGMP service requests passing between d servers, and dynamically configures the ports which mulitcast traffic. For IGMPV3, basic support for e Multicast not supported.

figuration

- When enabled, the switch will monitor network traffic ich hosts want to receive multicast traffic. Set if ports are conneting to the IGMP administrative

WEB CONFIGURATION

Unregistered IPMC Flooding enabled - Set forwarding mode for unregistered (not-joined) IP multicast traffic. The traffic will flood when enabled, and forward to router-ports only when disabled.

IGMP Snooping VLAN Configuration

VLAN ID - The VLAN ID. It can not be changed. IGMP Snoopin

network traffic ttraffic.

IGMP QueryinQuerier, which imulticast traffic.

Web Click IGMP

Figu53

g Enabled -When enabled, the port will monitor o determine which hosts want to receive the multicast

g Enabled - When enabled, the port can serve as the s responsible for asking hosts if they want to receive

Snoop, Settings.

re 34 IGMP Snooping Configuration


54

IGMP StatusShow the IGMPSNOOP statistics for the whole switch.

Field Attributes

VLAN ID - VLAN ID number. Querier - Show whether Querying is enabled. Queries transm Queries receive v1 Reports - Sh v2 Reports - Sh v3 Reports - Sh v3 Leave - Show

Web Click IGMPitted - Show the number of transmitted Query packets. d - Show the number of received Query packets.

ow the number of received v1 Report packets. ow the number of received v2 Report packets. ow the number of received v2 Report packets. the number of v3 leave packets received.

Snoop, Status.

Figure 35 IGMP Snoop Status

WEB CONFIGURATION

SNMPSimple Network Management Protocol (SNMP) is a communication protocol designed specifically for managing devices on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performanonboard SNMP aghardware, as well amanagement statiomanagement softwby community strinstation must first su

Field Attributes

SNMP Enable SNMP Trap D

Traps indicatingmanagers. You mreported by thisdestination spec

SNMP Read Cpassword and pecommunity strinstations are only

SNMP Write Cmanagement sta

SNMP Trap Conotification ope55

ce or detect potential problems. The switch includes an ent that continuously monitors the status of its s the traffic passing through its ports. A network n can access this information using network are. Access rights to the onboard agent are controlled gs. To communicate with the switch, the management bmit a valid community string for authentication.

d -Activate or deactivate SNMP. estination - IP address of the trap manager. status changes are issued by the switch to specified trap

ust specify trap managers so that key events are switch to your management station. SNMP trap ifies the IP address of the trap manager.ommunity - A community string that acts like a rmits access to the SNMP protocol. The read g specifies read-only access. Authorized management able to retrieve MIB objects. ommunity - Specifies read-write access. Authorized tions are able to both retrieve and modify MIB objects. mmunity - Community string sent with the

ration.


56

Web Click IGMP Snoop, Status.Figure 36 SNMP Configuration

DIAGNOSING SWITCH INDICATORS

TROUBLESHOOTINGDiagnosing Switch Indicators

1. SymptomPower LED doe

Probable Cause

AC power cord Possible Solutio

Check for loose Check the powe Replace the AC

2. SymptomLink LED does

Probable Cause

Switch port, net

Possible Solutio Check that the s Be sure the netw Verify that Cate

connections, Cathe length of an

Check the netwo Replace the defe57

s not light after power on.

s

may be defective.ns

connections.r outlet by using it for another device.power cord.

not light after connection is made.

s

work card or cable may be defective.

nswitch and attached device are both powered on.ork cable is connected to both devices.

gory 5 or better cable is used for 10/100 Mbps tegory 5 or 5e cable for 1000 Mbps connections, and that y cable does not exceed 100 meters (328 feet).rk card and cable connections for defects.ctive card or cable if necessary.

TROUBLESHOOTING

58

3. Forgotten passwordIf you have forgotten the administration password you can return the Switch to its factory default state by dong the following:

1. Remove the power cord from the back of the Switch.2. Remove all cables from the front-panel ports.

3. Connect port 1cable.

4. Reconnect the

5. Wait at least 40

After completing thnetwork address w to port 2, on the front panel, using a standard network

power cord to the rear of the Switch.

seconds before disconnecting port 1 from port 2.

is procedure, the password will be smcadmin and the ill be returned to the default; 192.168.2.10.

DIAGNOSING SWITCH INDICATORS

CHANGING A PCS IP ADDRESSTo change the IP address of a Windows 2000 PC:

1. Click Start, Settings, then Network and Dial-up Connections.2. For the IP add

connection ico

3. In the list of coselect Internet button.

4. In the Internetselect Use the address, Subne

5. Click OK to sa

To change the IP a

1. Click Start, Co2. For the IP add

connection ico

3. In the list of coselect Internet button.

4. In the Internetselect Use the address, Subne

5. Click OK to sa59

ress you want to change, right-click the network n, and then click Properties.

mponents used by this connection on General tab, Protocol (TCP/IP), and then click the Properties

Protocol (TCP/IP) Properties dialog box, click to following IP address. Then type your intended IP t mask, and Default gateway in the provided text boxes

ve the changes.

ddress of a Windows XP PC:

ntrol Panel, then Network Connections.ress you want to change, right-click the network n, and then click Properties.

mponents used by this connection on General tab, Protocol (TCP/IP), and then click the Properties

Protocol (TCP/IP) Properties dialog box, click to following IP address. Then type your intended IP t mask, and Default gateway in the provided text boxes

ve the changes.

CHANGING A PCS IP ADDRESS

60

Note: For users of systems other than Windows 2000 or Windows XP, refer to your system documentation for information on changing the PC's IP address.

SOFTWARE FEATURES

SOFTWARE SPECIFICATIONSSoftware Features

AuthenticationRADIUS, Port (802

Access Control LIP, MAC (up to 88

DHCP Client

Port Configuratio100BASE-TX: 10/1000BASE-T: 10/1

Flow ControlFull Duplex: IEEEHalf Duplex: Back

Broadcast Storm Traffic throttled ab

Port MirroringOne source port, o

Rate LimitsInput LimitOutput limitRange (configured

Port TrunkingStatic trunks (CiscoDynamic trunks (L

Spanning Tree AlSpanning Tree Pro61

.1X), Port Security

istslists)

n100 Mbps, half/full duplex00 Mbps at half/full duplex, 1000 Mbps at full duplex

802.3-2002pressure

Control ove a critical threshold

ne destination port

per port)

EtherChannel compliant)ink Aggregation Control Protocol)

gorithmtocol (STP, IEEE 802.1D)

SOFTWARE SPECIFICATIONS

62

Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w)

VLAN SupportUp to 255 groups; port-based or tagged (802.1Q),GVRP for automatic VLAN learning, private VLANs

Class of ServiceSupports four level(which can be confLayer 3/4 priority m

Multicast FilterinIGMP Snooping (L

Additional FeaturBOOTP clientSNTP (Simple NetSNMP (Simple NeRMON (Remote MSMTP Email Alert

Management FIn-Band ManageTelnet, Web-based

Out-of-Band ManRS-232 DB-9 cons

Software LoadingTFTP in-band or X

SNMPManagement accesTrap management

RMONGroups 1, 2, 3, 9 (Ss of priority and Weighted Round Robin Queueingigured by VLAN tag or port),

apping: IP Port, IP Precedence, IP DSCP

g ayer 2)

es

work Time Protocol)twork Management Protocol)onitoring, groups 1,2,3,9)

s

eaturesmentHTTP or HTTPS, SNMP manager, or Secure Shell

agementole port

Modem out-of-band

s via MIB databaseto specified hosts

tatistics, History, Alarm, Event)

STANDARDS

StandardsIEEE 802.1D Spanning Tree Protocol and traffic prioritiesIEEE 802.1p Priority tagsIEEE 802.1Q VLANIEEE 802.1w Rapid Spanning Tree ProtocolIEEE 802.1X PortIEEE 802.3-2002

Ethernet, Fast EtFull-duplex flow Link Aggregation

IEEE 802.3ac VLADHCP Client (RFCHTTPS IGMP (RFC 1112)IGMPv2 (RFC 223RADIUS+ (RFC 2RMON (RFC 1757SNMP (RFC 1157)SNMPv2 (RFC 257SNTP (RFC 2030)SSH (Version 2.0)TFTP (RFC 1350)63

Authentication

hernet, Gigabit Ethernetcontrol Control ProtocolN tagging 1541)

6)618) groups 1,2,3,9)

1)

SOFTWARE SPECIFICATIONS

64

Management Information BasesBridge MIB (RFC 1493)Entity MIB (RFC 2737)Ether-like MIB (RFC 2665)Extended Bridge MIB (RFC 2674)Extensible SNMP Forwarding Table MIGMP MIB (RFC 2Interface Group MInterfaces EvolutioIP Multicasting relaMAU MIB (RFC 2MIB II (RFC 1213Port Access EntityPort Access EntityPrivate MIBRADIUS AuthentiRMON MIB (RFCRMON II Probe Cimplementation)SNMP CommunitySNMPv2 IP MIB (TACACS+ AuthenTCP MIB (RFC 20Trap (RFC 1215)UDP MIB (RFC 20Agents MIB (RFC 2742)IB (RFC 2096)

933)IB (RFC 2233)n MIB (RFC 2863)ted MIBs 668)) MIB (IEEE 802.1X) Equipment MIB

cation Client MIB (RFC 2621) 2819)onfiguration Group (RFC 2021, partial

MIB (RFC 2576)RFC 2011)tication Client MIB13)

12)

38 TeslaIrvine, CA 92618Phone: (949) 679-8000

Model Numbers: SMC8024L2Pub. Number: 150000022900H E042006-JC-R01

FOR TECHNICAL SUPPORT, CALL:From U.S.A. and Canada (24 hours a day, 7 days a week)

(800) SMC-4-YOU; (949) 679-8000; Fax: (949) 679-1481 From Europe: Contact details can be found on

www.smc-europe.com or www.smc.com

INTERNETE-mail addresses:

[email protected]@smc-europe.com

Driver updates: http://www.smc.com/index.cfm?action=tech_support_drivers_downloads

World Wide Web: http://www.smc.comhttp://www.smc-europe.com

FOR LITERATURE OR ADVERTISING RESPONSE, CALL:U.S.A. and Canada: (800) SMC-4-YOU; Fax (949) 679-1481Spain: 34-91-352-00-40; Fax 34-93-477-3774UK: 44 (0) 1932 866553; Fax 44 (0) 118 974 8701France: 33 (0) 41 38 32 32; Fax 33 (0) 41 38 01 58Italy: 39 (0) 335 5708602; Fax 39 02 739 14 17Benelux: 31 33 455 72 88; Fax 31 33 455 73 30Central Europe: 49 (0) 89 92861-0; Fax 49 (0) 89 92861-230Nordic: 46 (0) 868 70700; Fax 46 (0) 887 62 62Eastern Europe: 34 -93-477-4920; Fax 34 93 477 3774Sub Saharian Africa: 216-712-36616; Fax 216-71751415North West Africa: 34 93 477 4920; Fax 34 93 477 3774CIS: 7 (095) 7893573; Fax 7 (095) 789 35 73PRC: 86-10-6235-4958; Fax 86-10-6235-4962Taiwan: 886-2-8797-8006; Fax 886-2-8797-6288Asia Pacific: (65) 6 238 6556; Fax (65) 6 238 6466Korea: 82-2-553-0860; Fax 82-2-553-7202Japan: 81-45-224-2332; Fax 81-45-224-2331Australia: 61-2-8875-7887; Fax 61-2-8875-7777India: 91-22-8204437; Fax 91-22-8204443

If you are looking for further contact information, please visit www.smc.com, www.smc-europe.com, or www.smc-asia.com.

IntroductionFeatures and Benefits

Initial ConfigurationConfiguring the SwitchUsing the Web InterfaceNavigating the Web Browser InterfaceHome PageConfiguration OptionsPanel DisplayMain Menu

Web ConfigurationDisplaying Status OverviewShowing Port StatisticsDisplaying System NameSetting the Switchs IP AddressManual Configuration

Configuring the Logon PasswordToolsRestore to Factory DefaultsUpgrade FirmwareUpload/Download ConfigurationRestart Switch

Register ProductStatic MACAdd Static MACStatic MAC Address Configuration

Counter ConfigPort ConfigurationConfiguring Rate LimitsStorm ControlPort MirroringCable DiagnosticTrunks MembershipTrunk ConfigurationTrunk Rate LimitLACP SetupLACP StatusLACP AggregationAggregation InformationLACP Port Status

VLAN SettingsIntroduction to VLANs

QOS SettingsQoS Disabled802.1pDSCP

RSTPSTA IntroductionRSTP System ConfigurationRSTP Port ConfigurationRSTP Status OverviewRSTP Port StatusField Attributes

802.1X802.1 X SettingField Attributes802.1X

SecurityIP FilterPort SecurityACL

IGMP SnoopSettingsField AttributesIGMP Status

SNMP

TroubleshootingDiagnosing Switch Indicators1. Symptom2. Symptom3. Forgotten password

Changing a PCs IP AddressSoftware SpecificationsSoftware FeaturesManagement FeaturesStandardsManagement Information Bases

/ColorImageDict > /JPEG2000ColorACSImageDict > /JPEG2000ColorImageDict > /AntiAliasGrayImages false /DownsampleGrayImages true /GrayImageDownsampleType /Bicubic /GrayImageResolution 300 /GrayImageDepth -1 /GrayImageDownsampleThreshold 1.50000 /EncodeGrayImages true /GrayImageFilter /DCTEncode /AutoFilterGrayImages true /GrayImageAutoFilterStrategy /JPEG /GrayACSImageDict > /GrayImageDict > /JPEG2000GrayACSImageDict > /JPEG2000GrayImageDict > /AntiAliasMonoImages false /DownsampleMonoImages true /MonoImageDownsampleType /Bicubic /MonoImageResolution 1200 /MonoImageDepth -1 /MonoImageDownsampleThreshold 1.50000 /EncodeMonoImages true /MonoImageFilter /CCITTFaxEncode /MonoImageDict > /AllowPSXObjects false /PDFX1aCheck false /PDFX3Check false /PDFXCompliantPDFOnly false /PDFXNoTrimBoxError true /PDFXTrimBoxToMediaBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ] /PDFXSetBleedBoxToMediaBox true /PDFXBleedBoxToTrimBoxOffset [ 0.00000 0.00000 0.00000 0.00000 ] /PDFXOutputIntentProfile (None) /PDFXOutputCondition () /PDFXRegistryName (http://www.color.org) /PDFXTrapped /Unknown

/Description >>> setdistillerparams> setpagedevice

Mn Smc8024l2 Man

Documents

smc products

smc web

active smc product

trademarks of smc networks

patent rights of smc

older product

equivalent product

contacany product