gm28p-500 user manual

1

User Manual

16/24 PortPOE/4 Port Combo /2 Port SFP

Managed Switch

2

Index ＊ ABOUTTHIS MANUAL………………..……………P.3

＊ CONTENTS………………………….……………..P.4 - PART1 INTRODUCTION………………………………………........P.4 - PART 2 HARDWARE DESCRIPTION………………………….…..P.4 - PART 3 WEB CONFIGURATION………………………………...…P.4 - PART 4 WEB MANAGEMENT……………………………………....P.4 - PART 5 WEB MONITOR………………………………………..…....P.6 - PART 6 WEB DIAGNOSTICS………………………………….…....P.7 - PART 7 WEB MAINTENANCE…………………………….…..…....P.7

＊Chapter 1INTRODUCTION……………….…..P.8 - PART 1 INTRODUCTION FEATURES…………….………..….....P.9

- PART 2 INTRODUCTION SPECIFICATIONS….………….........P.10

- PART 3 INTRODUCTION PACKAGE CONTENTS..................P.11

＊Chapter 2HARDWARE DESCRIPTION…….P.12

- PART 1 HARDWARE DESCRIPTION REAR PANEL...............P.13

＊ Chapter 3 WEB MANAGEMENT………........P.14

- PART 1 WEB MANAGEMENT INITIAL SWITCH......................P.15 CONFIGURATION

- PART 2WEB MANAGEMENT CONFIGURATION OPTION.....P.16

- PART 3WEB MANAGEMENT MENU TREE…………………....P.17

- PART 4 WEB CONFIGURATION CONFIGURATION…….….....P.23

- PART 5 WEB MONITOR SYSTEM………………………….….....P.80

- PART 6 WEB DIAGNOSTICS PING…………………….….........P.119

- PART 7 WEB MAINTENANCE RESTART DEVICE….………...P.117

＊ Glossary..........................................................P.125

3

ABOUT THIS MANUAL

PurposeThis manual gives specific information on how to operate and use the

management functions of this switch.

AudienceThis manual is intended for use by network administrators who are responsible for operating and maintaining network equipments；

consequently, it assumes a basic network network knowledge of generalswitch functions, the Internet Protocol (IP), IEEE 802.3at/af Power over Ethernet

Standard and Simple Network Management Protocol(SNMP).

4

CONTENTS

REVISION HISTORY

ABOUT THIS MANUAL CONTENTS FIGURES TABLES

PART1INTRODUCTION Product Overview Features Specifications Performance Package Contents PART 2HARDWARE DESCRIPTION Physcial Dimensions / Weight Configuration Option Front Panel Menu Tree PART 3WEB CONFIGURATION

Configuration System

Information IP & Time

LFront Panel LED Indicator Rear Panel Hardware Installation

PART4WEB MANAGEMENT

Initial Switch Configuration

5

Web Interface og

Power Reduction LED

Ports Security

Switch Password Auth Method SNMP

System Communities Users Groups Views Access

Network ACL Ports Rate Limiters Access Control List

AAA Port Trunking

Statics LACP

Loop Protection Spanning Tree

Bridge Settings Bridge Ports

IPMC IGMP Snooping

Basic Configuration VLAN Configuration

POE Private VLANs

PVLAN Membership Port Isolation

QoS

6

Port Classification Port Policing QoS Control List Storm Control

Mirroring

PART 5WEB MONITOR Monitor

System Information CPU Load Log Detailed log

Ports State Traffic Overview QoS Statistics QCL Status Detailed Statistics

Security Network

ACL Status AAA

RADIUS Overview RADIUS Details

LACP System Status Port Status Port Statistics

Loop Protection Spanning Tree

Bridge Status Port Status Port Statistics

IPMC IGMP Snooping

Status Groups Information

7

POE VLANs

VLAN Membership VLAN Port

PART 6WEB DIAGNOSTICS

Diagnostics Ping

PART 7WEB MAINTENANCE

Maintenance Restart Device Factory Defaults Software

Upload Image Select

Configuration Save Upload

8

This chapter provides an overview of thisPOEWeb Smart switch, and introduces

thekey features and supported specificationsof thisPOEWeb Smart switches.

PRODUCT OVERVIEW ThisPOE switch is aPOEWeb Smart switch equiped with 8-ports 10/100/1000BaseT(X) plus 2-ports gigabit SFP open

slots. It provides a broad range of features for Layer2 switching and fully802.3at/afPOE/POE+ functions.

It was designed for easy installation and high performance in an environment where the traffic is on the network and the number of users increases continuously. The smart and efficient power design can improve the power saving.

FEATURES Table 1. Features

Features Descriptions Dual Images Prevent any kind of upgrading process

failure IPv4 Supports IPv4 addressing, management

and QoS Log Support local and remote syslog server

with 3 levels(Info, Warning, Error) Power Saving ActiPHY, PerfectReach

LED Power management Thermal Protection

Security Private VLAN(Static) ACLs for filtering, policing, and port copy, including ACL wizards

CHAPTER 1 INTRODUCTION

9

Table 1. Features

(continued)

Authentication Telnet, Web - username/password Telnet - SSH SNMP v1/2c – Community strings SNMP version 3 – MD5 or SHA password Port-based 802.1X

Port Limiting Input rate limiting per port(manual setting or ACL)

Port Configuration Speed, Duplex mode, Flow control, MTU, Power saving mode

Port Mirroring 1 sessions, up to 10 source port to one analysis port per session

Port Trunking IEEE 802.3ad Link Aggregation, static and LACP

Spanning Tree Algorithm

Supports standard STP, Rapid Spanning Tree Protocol (RSTP)

IEEE 802.1D Bridge

Supports dynamic data switching and addresses learning

Quality of Service Traffic classes(1,2, or 4/8 active priorities) Storm control for UC, MC and BC

DHCP Client Configuration Save and Restore configuration Firmware Upgrade & firmware image switch using

Web & console port CLI command Support Cli command with console port

(Baudrate:115200, DataBit:8, Parity: N,StopBit 1)

INTRODUCTION

FEATURES

PART 1

10

SPECIFICATIONS Table 2, Specifications

Standard IEEE 802.3at/af Power over Ethernet(POE/POE+) IEEE 802.3ad Link Aggregation IEEE 802.3x Flow Control IEEE 802.1x Port-based Network Access Control IEEE 802.1Q VLAN Tagging IEEE 802.1d Spanning Tree Protocol IEEE 802.1w Rapid Spanning Tree Protocol 8 integrated IEEE 802.3ab-compliant 10/100/1000BASE-T Ethernet MIBs RFC 1213 MIB II RFC 3411 SNMP Management Frameworks RFC 3621 LLEP-MED Power RFC 3635 Ethernet-like MIB RFC 4188 Bridge MIB IEEE 802.1AB LLDP MIB

PERFORMANCES Table 3, Performance

Information MAC Address : 8K , 4K VLAN support Packet Memory : 4 Megabits of Integrated shared memory Jambo Frame : 9.6K Transmission Method : Store and Forward

PART 2 INTRODUCTION

SPECIFICATIONS

11

Before you start to install this switch, please verify your package that contains the following items: OnePOEGigabit Ethernet Switch One Power Cord One User’s Manual (CD disk)

Note: If any of these items is found missing or damaged, please contact your local supplier for replacement.

PART 3 INTRODUCTION

PACKAGE CONTENTS

12

This chapter primarily presents hardware of thePOE switch,

physical dimenstions and functional overview would be described.

PHYSICAL DIMENSION AND WEIGHT 263 x 160 x 44 mm (H x W x D) / 1.5kg FRONT PANEL The Front Panel of thePOE Web Smart Switch consists of8-port gigabit ethernet port

and 2-port gigabit SFP open slot. The LED indicators are also located on the Front Panel.

LED INDICATORS The LED Indicators present real-time information of

systematic operation status. The following table provides the description of LED status and meanings.

Table 4, LED INDICATORS

LED Status Description Power On System on

OFF System off POE On Port is linked to Power Device

OFF No Power Device is connected Link/ACT Flashing Link and Data Activating

OFF Port is disable or disconnected

CHAPTER 2 HARDWARE DESCRIPTION

13

REAR PANEL The 3-pronged power plug is placed at the rear panel of the

POE Web Smart Switch right side show as below:

HARDWARE INSTALLATION Theattachment with a PICTURE with Power cord, RJ45

cable, And SFP if needed. Then step1~4 to describe

PART 1 HARDWARE DESCRIPTION

REAR PANEL

14

This chapter provides the entire Web SmartPOE switch

features, along with a detailed description of how to configure each feature via web interface.

Initial Switch Configuration This part guides you to configure and manage this switch through the web

interface. With this facility, you can easilyconfigure and monitor through any one port of this switch. Start up by the following steps: 1. Place the switch close to your PC/NB that you intend to

use for configuration. It will help you to check the status of the switch by LED in front panel while working on your PC/NB.

2. Connect the Ethernet port of your PC/NB to any port on the front panel of the switch. Turn the switch on and make sure the connectivity by checking LED in the front panel of the switch.

3. Configure your PC’s IP address the same subnet with the switch’s. The following table describes the default necessary login Information: Table. Login Information IP Address 192.168.2.1 IP Mask 255.255.255.0 IP Router 0.0.0.0 Username admin Password

4. Open the web browser, and go to 192.168.2.1Site then the login windows will pop out. Key in theusername “admin” and leave password blank then clicks OK.

CHAPTER 3 WEB MANAGEMENT

15

5. After you login successfully, you will see the home page

is displayed as shown below. The home page display the Menu Bar on the left side of the screen and show the front panel port states on the right side.

Before you start to configure, we strongly recommended you to change the password. To change the password, click Security and then Switch. Fill old and new password in Password tab.

PART 1 WEB MANAGEMENT

INITIAL SWITCH CONFIGURATION

16

WEB Interface Configuration OptionConfigurable parameters have seveal forms : text field,

drop-down list, radio button and checkbox. Once you change the parameters, please make sure to click Save button to apply

The following table provides the description of each button:

Table. Configuration buttons Front Panel The default page after you login successfully is port states’

page. The port 1 to port 8 are gigabit Ethernet port and port 9 and 10 are SFP slot. When the port image is green, it means this port is connected. Auto-refresh mode is disable by default setting. It will update the current port state by 5 seconds if you check it. Or you can click Refresh button to update the statesmanually. Click the each port image will open detailed statstics of selected port.

Button Description

Save Set specific value into the Switch Reset Restore the parameters to previous

saving value

Show the help information for selected page

Logout the management web interface of the switch

WEB MANAGEMENT

MENU TREE

PART 3

PART 2 WEB MANAGEMENT

CONFIGURATION OPTION

17

MENU TREEThere isa Menu Tree in the left side of Web management

system with 4 categories: Configuration, Monitor, Diagnostic and Maintenance. The follow table has a breifly description of each tab.

Table. MENU TREE

Menu Descriptions Configuration

System Information Configures system contact, name,

location and timezone offset IP & Time Configures IPv4 (Statics IP

Address, DHCP client), VLAN ID and SNTP settings

Log Configures Remote system log Server which 3 levels( Infor, Warning, Error)

Power Reductinon LED Reduces LED intensity during

specified hours and configure link change at error settings

Thermal Protection Configures temperature 4 priority levels and each value. Port will shut-down if the temperature exceeded the assigned value.

Ports Configures ports’ connection settings

Secuirty Switch Password Change the new password Auth Method Configures authentication method

for console and web access via local database and RADIUS

WEB MANAGEMENT

MENU TREE

18

Table. MENU TREE (Continue) Menu Descriptions

SNMP System Configures read-only and R/W

community strings for SNMP v1/v2c, engine ID for SNMP v3, and trap parameters

Communities Configures community strings Users Configures SNMP v3 users on this

switch Groups Configures SNMP v3 groups Views Configures SNMP v3 views Access Assigns security model, Security

level, and R/W views to SNMP groups

Network ACL Access Control Lists AAA Configures RADIUS authentication

server.( Max 5 Server supported) Port Trunking Static Speifies ports to group into static

trunks LACP Allows ports to join trunk

dynamically Loop Protection Configure ports to shutdown if the

ports are in loop Spanning Tree

Bridge Setting 1. Configures global bridge setting for STP and RSTP

2. Configures edge port setting for BPDU filtering, BPDU guard and port error recovery

WEB MANAGEMENT

MENU TREE

19


Bridge Ports Configure CIST port, priority and path cost

IPMC IGMP Snooping Basic Configuration Configures global and related

port setting VLAN Configuration Configures IGMP snooping per

VLAN group POE Configures total power supply

and eachPOE port type(POE/POE++/disabled)

VLANs VLAN Membership Configures VLAN groups Ports Specifies default PVID and

VLAN atrributes Private VLANs PVLAN Membership Configures PVLAN groups Port isolation Configures Port isolation QoS Port Classification Configures QoS Ingress

Classification Settings for all ports

Port Policing Configures QoS ingress Port policers to constrain traffic flows and mark frames by specific rate

QoS Control List Configures QoS Control Entry based on parameters such as VLAN ID, UDP/TCP port, IPv4 DSCP or Tag Priority

Storn Control Set limitation for broadcast, unicast and multicast traffic


Mirroring Set source and destination port

20

for mirroring Monitor System Information Displays system contact, name,

location, switch’s MAC address, system time, firmware version

CPU load Displays CPU load by realtime SVG graph

Log Displays logged message with selected level (Info, Warning, Error, All)

Detailed Log Displays fully logged message Thermal Protection Shows the current port

temperature and status Ports State Displays a graphic image of the

front panel to indicate current port states

Traffic Overview Shows the basic port statistics QoS Statistics Shows the count of incoming

and outgoing egress queues QCL Status Shows the QoS Control Lists

status Detailed Statistics Shows the detailed port statistics Security Network ACL Status Shows the ACL status by

different ACL users

WEB MANAGEMENT

MENU TREE

21


AAA RADIUS Overview Displays the status of associated

authentication RADIUS servers RADIUS Details Displays the traffic and status of

each associated RADIUS server LACP System Status Displays each local port’s LACP

information included Aggr ID, Partner system ID and Parter key

Port Status Displays each local port’s Key, Aggr ID, Partner system ID and Parnter port

Port Statistics Displays statistics for LACP protocol message

Loop Protection Display loop status for each port Spanning Tree Bridge Status Displays STP detailed bridge

status, CIST Ports and Aggregations state

Port Status Displays CIST role, State and uptime for each port

Port Statistics Displays statistics for RSTP, STP and TCN packets

IPMC IGMP Snooping Status Displays statistics related to

IGMP packets passed upstream to the IGMP Querier or downstream to multicast clients

WEB MANAGEMENT

MENU TREE

22


Groups Information Displays IGMP snooping groups information

POE Displays total power consumption, PD class and power usage for each associated port

VLANs VLAN Membership Show the port members for

specific VLAN ID VLAN Port Shows the VLAN Port Status for

Static user Diagnostics Ping Tests specific IP Address by

using ping function Maintenance Restart Device Restarts the device Factory Defaults Restores all settings to

manufactory default Software Upload Updates firmware of this switch

through Web UI Image Select Selects a rescovery firmware to

boot up the device Configuration Save Saves configuration to your local

management PC Upload Restores the previous

configuration from a file

WEB CONFIGURATION

CONFIGURATION

PART 4

23

This chapter describes all of the configuration for thisPOE Web Smart Switch.

System Information Using System Information page to set System Contact, Name, Location, Timezone offset LOCATION： ▼ Configuration ▼ System ￭Information PARAMETERS： Items Description System Contact Administrator is responsible for this

device ( Maximum Length：255 characters)

System Name Name of this device ( Maximum Length：255 characters)

System Location Sets the location of this device ( Maximum Length：255 characters)

System Timezone offset (minutes)

Sets the timezone as an offset from Greenwich Mean Time(GMT), negative vale is meaning before GMT, postive value is meaning of after GMT ( Range： -720~720 )

Note the unit of system timezone is minute WEB Interface To configure System Information

A. Click Configuration/System/Information/ B. Specify the System contact, Name, Location and

Timezone. C. Click Save to apply the setting or Reset to restore

the previous setting

24

IP & Time Using IP & Time page to Configure Static IP Address or

DHCP client, and SNTP server

LOCATION： ▼ Configuration ▼ System ￭IP & Time

PARAMETERS： Items Description DHCP Client Sets the checkbox in configured column to

enable DHCP client or uncheck for static IP Address

IP Address Address of the VLAN specified in the VLAN ID field. It should match with your management PC/NB’s setting.(Default IP：192.168.2.1)

IP Mask This mask identifies the host address bits used for routing to specific subnet.

IP Router IP address of the gateway VLAN ID Default VLAN ID＝1, it needs to match your

management PC/NB’s VLAN ID. (Range：1~4096)

SNTP Server SNTP Server’s IP address Renew Clicks renew button to renew IP address

25

WEB Interface To Configure Static IP address & DHCP Client

enable/disable：

A. Click Configuration/System/IP&Time B. Enable DHCP client vis set checkbox C. Specify the IP address, IP Mask, IP Router and SNTP

Server IP address D. Click Renew button to renew IP Address under DHCP

Client Enable mode E. Click Save to apply the setting or Reset to restore


Log Using Log page to configure remote system log server.

LOCATION： ▼ Configuration ▼ System ￭Log

PARAMETERS： Items Description

26

Server Mode Enable or Disable remote system logging function

Server Address Set IP address of remote system log server

Syslog Level Choose the logging event level. Info：send info, Warnings, Errors. Warning：send Warnings and Errors Error：send Errors

WEB Interface

A. Click Configuration/System/Log B. Enable remote system logging, enter Server’s IP

Address, and choose what kind of logging level to record

C. Click Save to apply the setting or Reset to restore the previous setting

Power Reduction(LED) Using LED Power Reduction page to reduce LED intensity

during specificed hour(s), the maximum setting range is 24 hours.

LOCATION： ▼ Configuration ▼ Power Reduction ￭LED

PARAMETERS： Items Description

27

LED Intensity Timers Time Time at which LED intensity is set Intensity LED Intensity

(10 levels increase by 10%, 0%=LED off, 100%=LED full power)

Maintenance On time at link change LED set full powr for a period of

time(second) when a link change occurs.

On at errors LED set full power when a link error occurs.

WEB Interface

A. Click Configuration/Power Reduction/LED B. Set LED intensity for corresponding hours, then

click Add button to attach list C. Set the duration of LED full power when a link

change occurs D. Set the duration of LED full power when a link error

occurs E. Click Save to apply the setting or Reset to restore


Ports

28

Using Port Configuration page to configure the detail parameters for each port. You can enable/disable each port and set port speed such as Auto, half-duplex, full-duplexfor 10Mbps, 100Mbps, 1Gbps and disabled. It also allows to set frame size , collision policy and Power control.

LOCATION： ▼ Configuration ￭Port PARAMETERS： Items Description Link Displays the status of the ports Speed Current：Displays the current speed

Configured ：There are 7 options Disabled ：disables the port interface Auto ：Enables auto-negotiation 10Mbps HDX：Support 10Mbps half-duplex 10Mbps FDX：Support 10Mbps full-duplex 100Mbps HDX：Support 100Mbps half-duplex 100Mbps FDX：Support 100Mbps full-duplex 1Gbps FDX：Support 1Gbps full-duplex

Flow Control Current TX and Current RX indicate the Flow control state of TX and RX. Checks the configured box to enable Flow Control Flow control can eliminate packet loss. When auto-negotiation mode is set, this switch advertises the flow control information to linked partner. When the manual speed is set, the Current TX field indicates if the pause frame be transmitted from this port, and the Current RX field indicates whether the pasue frame are obeyed on this port

Maximum Frame Size

Set the Maximum frame size allows to transfer for each port

Excessive Collision

Configure port transmit collision behavior Discard：Discards the frames after 16 collision

29

Mode happened. Restart：Restarts the backoff algorithm after

16 collision happened. Power Control

There are 3 options for automatic power saving mode： ActiPHY：It will detect unused Ethernet ports

on Network devices and power them down.

PerfectReach：an intelligent algorithm that actively adjusts the power level needed based on cable length.

Enabled：Enables both ActiPHY and PerfectReach

Disabled：Disables power saving mechanism WEB Interface

A. Click Configuration/Port B. Specify the Speed Configured, Flow Control,

Maximum Frame Size, Excessive Collision Mode and Power Control.

C. Click Save to apply the setting or Reset to restore the previous setting ● Refresh button：Re-load information of the page

manually.

30

Security You can configure user authentication for management

access and control client access ports Password Using this Password page to change the administrator’s

password. LOCATION：

▼ Configuration ▼ Security ▼ Switch ￭ Password PARAMETERS： Items Description Old Password Insert the old password

(Default is blank)

31

New Password Inserts new password (Case sensitive, Maximum is 31 characters)

Confirm New Password

Re-types the same string as New Password field.

WEB Interface

A. Click Configuration/Security/Switch/User B. Enter Old Password, New Password, and Confirm

New Password. C. Click Save to apply the setting.

Security Auth Method Using Authentication Method Configuration page to

specify the authentication Method for access management via console and web. Access can be controlled by local(Password) or remote access authentication(RADIUS Server).

LOCATION：

▼ Configuration ▼ Security ▼ Switch ￭ Auth Method

32

PARAMETERS： Items Description Client Specify the authentication Method for

Administrator Authentication Method

There are 3 options for Console and Web None：disablesaccess vis specified management interface Local：checks by password RADIUS：checks vis RADIUS Server

Fallback This only works for Authentication Method =”RADIUS”. When Radius Server authentication fail, it will check by local password if fallback is checked

WEB Interface

A. Click Configuration/Security/Switch/Auth Method B. Select Authentication Method for console and web,

specify the Fallback check if needed. C. Click Save to apply the settingor Reset to restore

the previous setting.

Security SNMP Any Network Management System (NMS) running the

Simple Network Management Protocol(SNMP) can manage the device which equipped with SNMP agent and attached with Management information Bases(MIBs). The SNMP is a common comminunication protocol for managing devices on a network. SNMP is typically using for configuring and monitoring devices.

33

The switch supports SNMPv1, v2c and v3.It continously

monitors the status of the switch hardware as well as the traffic passing through its’ ports.

SNMP System Using the SNMP System Configuration page to configure

SNMP settings, Community name, trap host and public traps as well as the throttle of SNMP, A SNMP manager must pass the authentication by identifying both community names, then it can access the MIB information of the switch. So, both parties must have the same community name.

LOCATION： ▼ Configuration ▼ Security ▼ Switch ▼ SNMP ￭ System

PARAMETERS： Items Description SNMP System Configuration Mode Enables or disables SNMP service Version Specifies the SNMP version

(SNMP v1, SNMP v2c, SNMP v3) Read Community The community for Read access Write Community The community for Read/Write access Engine ID The SNMP v3 Engine ID,It is only

available for SNMP v3 (10-64 HEX digits, excluding a string of all 0’s or F’s)

SNMP Trap Configuration Trap Mode Enables or disables SNMP traps Trap Version Specifies the Trap Version

(SNMP v1, SNMP v2c, SNMP v3) Trap Community Specifies the community string for

SNMP trap packets

34

Trap Destination Address

Specifies the IP Address of management PC/NB to get trap packets

Trap Authentication Failure

Issues a notification message to specified IP trap managers whenever of a SNMP request fails.

Trap Link-up and Link-down

Issues a notification message to specified IP trap managers whenever a port link is established or broken

Trap Inform Mode Enables or disables sending notification as inform message. It is only available for SNMP v2c and SNMP v3. Inform mode can guarantee the message is received.

Trap Inform Timeout

The time for waiting a ACK (Range：0-2147, unit：second)

Trap Inform Retry Times

The Maximum numbers of re-try times before gotting ACK

Trap Probe Security Engine ID

Specifies whether or not to use the engine ID of the SNMP trap probe in trap and inform messages(It is only available for SNMP v3)

Trap Security Engine ID

Displays the SNMP Trap security engine ID. (It is only available for SNMP v3)

Trap Security Name Displays the Trap security Name (It is only available for SNMP v3)

WEB Interface To setup SNMP System & Trap Configuration

A. ClicksConfiguration/Security/Switch/SNMP/System B. Set Mode to Enable SNMP service and specify

SNMP version then change the Read and Write Community access strings if required and set the engine ID

35

C. In the SNMP Trap Configuration table, enable Trap mode to allow the switch to send SNMP traps. Specifies the trap version, trap community and IP Address of management PC/NB which will receive the trap messages. Select inform mode for SNMP v2c and SNMP v3 clients. Set Security engine ID for SNMP v3 client.

D. Click Save to apply the setting or Reset to restore the previous setting.

Communities Using SNMPv3 Community Confugration page to set

access community strings. It should include all community strings for SNMPv1, SNMPv2c and SNMPv3.

36

LOCATION： ▼ Configuration ▼ Security ▼ Switch ▼ SNMP ￭ Communities PARAMETERS： Items Description Community Specifies the community string to allow

access the SNMP agent.(Range：1-32) Source IP Specifies the IP Address of the SNMP client Source Mask Specifies the subnet mask of the SNMP client WEB Interface To setup SNMP Community access string：

A. ClicksConfiguration/Security/Switch/SNMP/Commu

nities B. Set the IP Address and subnet mask for the default

community string or delete for security. C. Add any new Community strings by click Add new

community button D. Click Save to apply the setting or Reset to restore


Users Using SNMPv3 User Configuration page to set a specific

Engine ID, Name, security level and the types of authentication and privacy for each SNMPv3 user.

37

LOCATION： ▼ Configuration ▼ Security ▼ Switch ▼ SNMP ￭ Users PARAMETERS： Items Description Engine ID The engine identifier for SNMP agent.

(It is only available for SNMPv3) User Name The unique username for SNMP agent

(Range：1-32 characters) Security Level There are 3 options:

NoAuth, NoPriv：no authentication and encryption during the communication

Auth,NoPriv：with authentication but no encryption during the cummunication

Auth,Priv： with both authentication and encryption during the communication

Authentication Protocol

The methods for authentication (None, MD5, SHA,)

Authentication Password

A plain text as password(Range：1-32 characters)

Privacy Protocol

The encryption algorithm ( none or 56-bit DES)

Privacy password

A string for Privacy pass phrase (Range：8-40 characters)

WEB Interface To setup SNMPv3 User：

A. ClicksConfiguration/Security/Switch/SNMP/Users B. Clicks “Add new user” to configure a username C. Enters a remote Engine ID

38

D. Defines username, security level, authentication and privacy settings

E. Click Save to apply the setting or Reset to restore the previous setting.

Groups Using SNMPv3 Group Configuration page to configure

SNMPv3 Group, it defines a specific SNMPv3 group and restricts assigned user’s access policy for read and write views.

LOCATION： ▼ Configuration ▼ Security ▼ Switch ▼ SNMP ￭ Groups PARAMETERS： Items Description Secuirty Model The user security model, 3 options：

(v1, v2, usm=User-based security Model) Security Name The username which connect to SNMP

agent(Range：1-32 characters) Group Name The name of SNMP group

WEB Interface To setup SNMPv3 Group：

A. ClickConfiguration/Security/Switch/SNMP/Groups B. Click“Add new group” to create a new group

39

C. Select a Security Model( SNMPv1, SNMPv2c or User-based Security Model)

D. Select a Security Name E. Enter a Group Name F. Click Save to apply the setting or Reset to restore


Figure Views Using SNMPv3 View Configuration page to define the

restricts access policy for specific MIB tree The default_view includes access ability for whole MIB tree.

LOCATION： ▼ Configuration ▼ Security ▼ Switch ▼ SNMP ￭ Views PARAMETERS： Items Description View Name The Name of SNMP view

(Range：1-32 characters) View Type Indicates the OID is included or excluded

in this SNMP view OID Subtree Object identifiers of branches within the

MIB tree

40

WEB Interface To setup SNMPv3 Views：

A. ClickConfiguration/Security/Switch/SNMP/Views B. Click “Add new view” to create a new view C. Enter a View Name, Type and OID Subtree D. Click Save to apply the setting or Reset to restore


Access Using SNMPv3 Access Configuration page to define the

Access rights for portion of MIB tree. You can have more than one Access policy for SNMPv3 group.

LOCATION： ▼ Configuration ▼ Security ▼ Switch ▼ SNMP ￭ Access PARAMETERS： Items Description Group Name The Name of SNMP group

(Range：1-32 characters) Security Model The user security model, 3 options：

(v1, v2, usm=User-based security Model) Security Level There are 3 options:

NoAuth, NoPriv：no authentication and encryption during the communication

41

Auth,NoPriv：with authentication but no encryption during the cummunication

Auth,Priv： with both authentication and encryption during the communication

Read View Name Select View Name for Read Access Write View Name Select Write Name for Write Access

WEB Interface

To setup SNMPv3 Accesss： A. ClickConfiguration/Security/Switch/SNMP/Access B. Click “Add new access” to create a new view C. Select a Group Name, security model, security level,

Read View and Write View. D. Click Save to apply the setting or Reset to restore


Network ACL ports Using ACL Ports Configuration page to specify the

assigned port’s re-actions when certain kind of frames are matchs. These behaviors include “Port Redirect”, “Mirror”, “Logging” and “Shutdown”.

LOCATION： ▼ Configuration ▼ Security ▼ Network ▼ ACL ￭Ports

42

PARAMETERS： Items Description Port Port Number Policy ID Specify the Policy ID

(Range：0-255) Action Permit or deny the forwarding if policy is

matched Rate limiter ID Specify a Rate Limiter ID, the mapping

table is in “Rate Limiters” page Port Redirect Specify the packets redirect to which port if

policy matched Mirror Specify the packets also forward to

predefined mirror port if policy matched Logging Enable logging the matched frames to

system log Shutdown Shut down the port if policy matched Counter Show the number of frames which match

the specific policy

WEB Interface To Configure ACL policies and its’ re-action：

A. ClickConfiguration/Security/Network/ACL/Ports B. Assign policy which is set on ACE Configuration

page. Specify re-action behaviors when frames matcheds, it includes “Port Redirect”, “Mirror”, “Logging”, “Shutdown”.

C. Click Save to apply the setting or Reset to restore the previous setting. ● Refresh Button：Refresh the Counter of frames

matched the policy. ● Clear Button：Clean the Counter of frames

matched the policy

43

.

. Rate Limiters Using ACL Rate Limiter Configuration page to configure up

to 16 Rate Limit options

LOCATION： ▼ Configuration ▼ Security ▼ Network ▼ ACL ￭ Rate Limiters PARAMETERS： Items Description Rate Limiter ID Rate Limit Identifier (Range：1-16) Rate The dropping threshold, the allowed value：

0-3276700 in pps,0, 100, 2*100, 3*100…100000 in kbps

Unit Unit of measure( pps, kbps)

44

WEB Interface To Configure ACL Rate limitation：

A. Click Configuration/Security/Network/ACL/Rate

Limiters B. Specify Rate and Unit for Rate Limiter ID(1-16) C. Click Save to apply the setting or Reset to

restore the previous setting.

Access Control List Using Access Control List page to make up of ACE s deine on this switch. Each row describes the ACE that is defined.

You can define filtering rules for an ACL policy, for a specific port or for all ports.

LOCATION： ▼ Configuration ▼ Security ▼ Network ▼ ACL ￭ Access Control List

45

PARAMETERS： Items Description Ingress Port Specific port or All ports Policy/Bitmask Indicate the Policy and Bitmask of the ACE Frame Type Indicate the frame type of ACE.

Any：match any frames Ethernet：match Ethernet type frames ARP：match ARP/RARP frames IPv4：matchIPv4 frames IPv4/ICMP：match IPv4 frames with ICMP

Protocol IPv4/UDP：match IPv4 frames with UDP

Protocol IPv4/TCP：match IPv4 frames with TCP

Protocol IPv4/Other：match IPv4 frames which are

not ICMP/UDP/TCP Action Permit or deny frames when the frames

matched Rate Limiter Indicate the rate limiter number of the ACE. Port Redirect Indicate the port redirect operation of the ACE Mirror Specify the mirror operation of this port Counter Indicate the number of times the ACE was hit

by a frame Modification Buttons

Insert a new ACE before the current row Edit the ACE row Move the ACE up the list Move the ACE down the list Delete the ACE The lowest plus sign adds a new entry at the buttom of the ACE listings


A. Click Configuration/Security/Network/ACL/Access

46

Control List B. Click the button to add new ACE, or use the

button to modify the ACE row C. Specify the parameters of the ACE D. Click Save to apply the setting, Reset to restore

the previous setting or Cancl to back ACE list

● Clear Button：Clean the Counter of frames matched the policy

● Remove All Button：Delete all ACE rows ● Auto-refresh：Refresh the page automatically

47

AAA Using the Authentication Server Configuration page to build

up an authenticated mechanism with RADIUS server.

LOCATION： ▼ Configuration ▼ Security ￭ AAA PARAMETERS： Items Description Common Server Configuration Timeout The maximum waiting time to wait for a reply

from server (Range：3-3600 seconds) Dead Time The time after which the switch

Considers an authentication server to be dead if it does not reply

RADIUS Authentication Server Configuration Enable Enable the RADIUS Authentication Server by

Check this box IP Address IP Address of RADIUS server Port The UDP port to use on the RADIUS

authentication Server. Secret Encryption key(Maximum characters：29)


A. Click Configuration/Security/AAA B. Specify the parameters of the RADIUS

Authentication Server. C. Click Save to apply the setting or Reset to


48

Port Trunking(Static) Using Aggregation Mode Configuration page to configure

the Aggregation Mode and Members of each static group.

LOCATION： ▼ Configuration ▼ Port Trunking ￭ Static PARAMETERS： Items Description Hash Code Contributors Source MAC Address

Enable：The source MAC Address can be used to calculate the destination

49

port for the frame.(Disable is not) Destination MAC Address

Enable：The Destination MAC Address can be used to calculate the destination port for the frame. (Disable is not)

IP Address Enable：The IP Address can be used to calculate the destination port for the frame.(Disable is not)

TCP/IP Port Number

Enable：The TCP/IP port number canbe used to caclulate the destination port for the frame.(Disable is not)

Port Members Group ID Normal：There is no aggregation

Note：Only one group ID is valid per port. Port Members Port Identifier

WEB Interface To Configure a Static Trunk：

A. Click Configuration/Port Trunking/Static B. Select load-balancing method in hash code

contributors C. Assign port members to specific trunking group D. Click Save to apply the setting or Reset to


50

Port Trunking(LACP) Using LACP Port configuration page to enable LACP on

selected ports, configure key and LACP mode.

LOCATION： ▼ Configuration ▼ Port Trunking ￭ LACP PARAMETERS： Items Description Port Port Identifier LACP Enabled Control whether LACP is enabled on this

switch port. LACP will from an aggregation when 2 or more ports are connected to the same partner. LACP can from max 12 LLAGs per switch and GLAGs per stack.

Key The Key value incurred by the port.(Range：

51

1-65535). The “Auto” setting will set the key as appropriate by the physical link speed, 10Mb=1, 100Mb=2, 1Gb=3. Using the specific setting, a user-defined value can be entered. The same key setting ports can participate in the same aggregation group.

Role The Role shows the LACP activity status. The “Active” will transmit LACP packets each second, while “Passive” will wait for a LACP packet from a partner.

WEB Interface To Configure theLACP：

A. Click Configuration/Port Trunking/LACP B. Enable LACP on all of the ports in an LAG C. Divide the LAG by different key D. Set one Active role port in one LAG at least E. Click Save to apply the setting or Reset to


52

Loop Protection Using Loop Protection page to configure loop protection

LOCATION： ▼ Configuration ￭ Loop Protection PARAMETERS： Items Description General Settings Enable Loop Protection

Controls whether loop protections is enabled

Transmission Time

The interval between each loop protection PDU sent on each port. Valid values are 1 to 10 seconds

Shutdown Time

The period(in seconds) for which a port will be kept disabled in the event of loop is detected (and the port action shuts down the port). Valid values are 0 to 604800 seconds(7 days). A value of zero will keep a port disabled (until next device restart)

Port Configuration Port Port identifier Enable Control whether loop protection is enabled on

this switch port Action Configure the action performed when a loop

protection is detected on a port. Valid values are “Shutdown Port”, “Shutdown Port and Log”, or “Log only”

Tx mode Control whether the port is actively generating loop protection PDU’s, or whether it is just passively looking for looped PDU’s

WEB Interface To Configure the Loop Protection：

A. Click Configuration/Loop Protection B. Enable Loop Protection, configure Transmission

Time and Shutdown Time C. Specify reaction for each port when loop

protection is detected

53

D. Click Save to apply the setting or Reset to restore the previous setting.

Spanning Tree The Spanning Tree Algorithm can be used to detect and

disable network loops and provide backup links between switches, bridges and routers. This allows the switch to cooperate with other bridging devices.

Spanning Tree

(Bridge Settings) Using the STP Bridge Settings page to configure settings for STA which apply globally setting.

54

LOCATION： ▼ Configuration ▼ Spanning Tree ￭ Bridge Settings PARAMETERS： Items Description Basic Settings Protocol Version The STP protocol version setting, the

Valid values are STP(IEEE 802.1D)and RSTP(IEEE 802.1w).

Bridge Priority Control the bridge priority, low numeric values have higher priority

Forward Delay The delay used by STP Bridges to transit Root and Designated Ports to forwarding(used in STP compatible mode). (Range：4-30 seconds)

Max Age The Maximum age of information transmitted by the Bridge when it is the Root Bridge. (Range：6-40 seconds). Max Age must be <=(FwdDelay-1)*2

Maximum Hop Count

This define the initial value of remaining Hops for MSTI information generated at the boundary of an MSTI region. (Range：6-40 hops)

Transmit Hold Count

The number of BPDU’s bridge port can send per seconds. When exceed, transmission of the next BPDU will delay. (Range：1-10 BPDUs per second)

Advanced Settings Edge Port BPDU filtering

Control whether the port explicitly configured as Edge will transmit and receive BPDUs.

Edge Port BPDU Guard

Control whether a port explicitly configured as Edge will disable itself upon reception of a BPDUs. The port will enter the error-disables state and will be

55

removed from the active topology. Port Error Recovery

Control whether a port in the error-disable state automatically will be enabled after a certain time. If recovery is not enabled, ports have to be disabled and re-enabled from normal STP operation. The condition is also cleared by a system reboot.

Port Error Recovery Timeout

The time to pass beofre a port in the error-disabled state can be enabled.(Range：30-86400seconds)

WEB Interface To Configure STP Configuration：

A. Click Configuration/Spanning Tree/Bridge

Settings B. Configure the required attributes C. Click Save to apply the setting or Reset to


56

Spanning Tree (Bridge Ports) Using the STP CIST Ports Configuration page to configure

STA attributes for interfaces when the Spanning Tree mode is set to STP or RSTP or for Interfaces in the CIST.

STA interface attributes include path cost, priority, edge port, automatic detection of an edge port and PtP link type

LOCATION： ▼ Configuration ▼ Spanning Tree ￭ Bridge Ports PARAMETERS： Items Description CIST Aggregation Port Configuration STP Enable Control whether STP is enabled on this

switch port Path Cost Control the Path Cost incurred by this

port. The “Auto” setting will set the path cost as approciate by physical link speed, using the 802.1D recommended values. Using “specific” settings, a user-defined value can be entered. The path cost is used when establishing the active topology of the network. Low path cost ports are chosen as forwarding ports in favour of higher path cost ports. (Range：1-200000000)

Priority Control the port priority. This can be used to control priority of the ports having identical port cost.

Admin Edge Enable this option if this port is connected to an end node or at the end o the bridge.

Auto Edge Control whether automatic edge detection is enabled on a bridge port

Restricted Role If enabled, cause the port not to be selected as Root port for the CIST, even if

57

it has the best spanning tree priority vector. This features is also known as “Root Guard”

Restricted TCN If enabled, cause the port not to propagate received topology change notifications and topology changes to other ports.If set it can cause temporary loss of connectivity after changes in a spannig tree’s active topology as a result of persistently incorrect learned station location information. It is set by a network administrator to prevent bridges extenal to a core region of the network, causing address flushing in that region, possibly because those bridges are not under the full control of the administrator or the physical link state of the attached LANs transits frequently.

BPDU Guard If enabled, cause the port to disable itself upon receiving valid BPDU’s. Contrary to the similar bridge setting, the port Edge status desn’t effect this settings.

Point-to-Point Control whether the port connects to a point-to-point LAN rather than a shared medium. This can be automatically determined, or forced either true or false. Transtion to the forwarding state is faster for point-to-point LAns than for shared media.

WEB Interface To Configure STP CIST Port Configuration：

A. Click Configuration/Spanning Tree/Bridge Port s B. Configure the required attributes C. Click Save to apply the setting or Reset to


58

IGMP SNOOPING Multi-casting is using to support real-time applications

such as video-conferencing or streaming audio. A multicast server doesn’t have to establish a separate connection to each client. It merely broadcasts its’ service to the network. By this approach, it will increase a lot of broadcast traffic in the network.

This switch can use IGMP to filter multi-cast traffic. IGMP snooping can be used to passively monitor or snoop the packets exchanging between multi-cast hosts and clients.

Then, it can set its filters

59

IGMP SNOOPING Basic Configuration Using the IGMP Snooping Configuration page to configure

Global and Port Related settings to control the forwarding of multi-cast traffic. This can decrease broadcast traffic to improve the network performance.

LOCATION： ▼ Configuration ▼ IPMC ▼ IGMP Snooping ￭ Basic Configuration PARAMETERS： Items Description Global Configuration Snooping Enabled Control whether the IGMP snooping

is enabled Unregistered IPMCv4 Flooding Enabled

Enable unregistered IPMCv4 Flooding

Port Related Configuration Port Port Identifier Router Port Specify which porta act as router

ports.A Router port is a port on the Ethernet switch that leads toward the layers multi-cast device or IGMP querier. If an aggregation member port is selected as a router port. The whole aggregation will act as a router port.

Fast Leave Delete a member port of mult-cast Service immediately if a leave packet is received at this portEnable Fast Leave on this port.

60

WEB Interface To Configure Global and Port related settings for IGMP

Snooping： A. Click Configuration/IPMC/IGMP Snooping/Basic

Configuration B. Specify the required IGMP Snooping Settings C. Click Save to apply the setting, Reset to restore


61

IGMP SNOOPING VLAN Configuration Using the IGMP Snooping VLAN Configuration page to

configure IGMP Snooping settings.

LOCATION： ▼ Configuration ▼ IPMC ▼ IGMP Snooping ￭ VLAN Configuration PARAMETERS： Items Description VLAN ID VLAN Identifier Snooping Enabled Enable the per-VLAN IGMP

Snooping. Up to 32 VLANs can be selected for IGMP Snooping.

Port Port Identifier

WEB Interface To Configure IGMP Snooping VLAN：

A. Click Configuration/IPMC/IGMP Snooping/VLAN

Configuration B. Specify the required IGMP Snooping VLAN

Settings C. Click Save to apply the setting, Reset to restore

the previous setting. ● Refresh Button：Refresh the Display table

Starting from the first entry of the VLAN table.

62

Power Over EthernetThis Switch provides IEEE 802.3af/atPOE functions, it provides PD class power allocation and power reserved manually with different priority policy. The total power is 120 Watt.

Using Power Over Ethernet Configuration to setPOE mode,

its priority and Maximum power per port：

LOCATION： ▼ Configuration ￭POE PARAMETERS： Items Description Primary Power Supply[W]

It depends on power supply. We provides 120 Watt for this model

Port Port identifier POE Mode ThePOE Mode represents thePOE

operating mode for the port. Disabled：Turn thePOE off POE：Enable 802.3af(Class 4 PD Maximum power is 15.4Watt) POE+：Enable 802.3at(Class 4 PD Maximum power is 34.2Watt)

Priority There are 3 priority levels.(Low, High, Critical). The priority is used in the case where the remote devices requires more power than power supply can deliver. In this case the port with lowest priority will be turn off starting from the port with the highest port number.

WEB Interface To ConfigurePOE functions：

A. Click Configuration/POE B. Specify Disabled/POE/POE+ and priority for

each port C. Click Save to apply the setting, Reset to restore

63


IEEE 802.1Q VLAN This switch provides Layer 2 VLAN for following reasons;

By appropriated settings to eliminate broadcast storms in large networks. This also provide a more secure and cleaner network environment.

VLAN provides greater network performance by reducing broadcast traffic and also provides high level of network security since traffic must pass through a configured Layer 3 link to reacha different VLAN.

64

VLAN Configuration Using VLAN Membership Configuration page to set VLAN group：

LOCATION： ▼ Configuration ▼ VLANs ￭ VLAN Membership PARAMETERS： Items Description VLAN ID ID of this particular VLAN

(Range：1-4096) VLAN Name The name of VLAN

(Range：up to 32 characters) Port Members A row of checkboxes for each port is

displayed for each VLAN ID Check the box . to include a port in a VLAN Check the box as shown to include a port in a forbidden port list. Uncheck the box .. to remove a port from a VLAN

WEB Interface To Configure IEEE 802.1Q VLAN groups：

A. Click Configuration/VLANs/VLAN Membership B. Change Default VLAN ID=1, if necessary. C. Click “Add New Entry” to create a new VLAN

group with ID, Name and port members. D. Click Save to apply the setting, Reset to restore

the previous setting. ● Refresh Button：Refresh the Display table

Starting from the first entry of the VLAN table.

65

VLAN Ports Using VLAN Ports Configuration page to set VLAN attributes for specific

interfaces, including processing frames with embedded tags, Ingress filtering, setting the accepted frame types and assigning Port VLAN ID.

LOCATION： ▼ Configuration ▼ VLANs ￭ Ports PARAMETERS： Items Description Ethertype for Custom S-ports

This field specifies the ether type used for Custom S-ports. This is a global setting for all the Custom S-ports.

Port The logical port number of this row Port Type Port can be one of the following types：

Unaware, Customer port(C-port), Service Port(S-port), Custom Service port(S-custom-port). If Port Type is Unaware, all frames are classified to the Port VLAN ID and tags are not removed

Ingress Enable ingress filtering on a port by checking

66

filtering the box. This parameter affects VLAN ingress processing. If ingress filtering is enabled and the ingress port is not a member of the classified VLAN of the frame, the frame is discarded. By default, ingress filtering is disabled.

Frame Type Determines whether the port accepts all frames or only tagged/untagged frames. This parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on this port will be discarded

Port VLAN mode

Configure VLAN mode to “None” or “Specific”, None：a VLAN tag with classified VLAN ID is

Inserted in frames transmitted on the port.This mode is normally used for ports connected to VLAN aware swithces.

Specific：a Port VLAN ID can be configured. Untagged frames received on the

port are classified to the Port VLAN ID. If If VLAN awareness is disabled, all frames received on the port are classified to the Port VLAN ID. If the classified VLAN ID of a frame transmitted on the port is different from the Port VLAN ID, a VLAN tag with the classified VLAN ID is inserted in the frame.

Port VLAN ID Configures the VLAN identifier for the port. The allowed values are 1 through 4095. The default value is 1. Note： The port must be a member of the

same VLAN as the Port VLAN ID. Tx Tag Determines egress tagging of a port.

Untag_pvid - All VLANs except the configured PVID will be tagged. Tag_all - All VLANs are tagged. Untag_all - All VLANs are untagged

67

WEB Interface To Configure attributes for VLAN port member：

A. Click Configuration/VLANs/Ports B. Configure the required settings for each

interface. C. Click Save to apply the setting, Reset to restore


68

Private VLAN Private VLAN provides port-base security and isolation between ports within

assigned VLAN. Data Traffic on ports assigned to a private VLAN can only be forwarded to or from uplinks ports. Ports isolated in the private VLAN are designated as downlink ports and can only communicate to uplink ports with the same private VLAN.

PVLAN Membership Using the private VLAN Membership Configuation page to assign

ports to specific private VLAN.

LOCATION： ▼ Configuration ▼ Private VLANs ￭ PVLAN Membership PARAMETERS： Items Description PVLAN ID The ID of this particular private VLAN Port Members A row of check boxes for each port is

displayed for each private VLAN ID. To include a port in a Private VLAN, check the box. To remove or exclude the port from the Private VLAN, make sure the box is unchecked. By default, no ports are members, and all boxes are unchecked

WEB Interface To Configure VLAN port member for PVLANs：

A. Click Configuration/Private VLANs/PVLAN

Membership B. Add or delete members of any existing PVLAN,

or click “Add New Private VLAN” to create new PLVAN.

C. Click Save to apply the setting, Reset to restore the previous setting.

69

Port Isolation Using the Port Isolation Configuration page to prevent

communications between customer ports within the same private VLAN

LOCATION： ▼ Configuration ▼ Private VLANs ￭ Port Isolation PARAMETERS： Items Description Port Members A check box is provided for each port of a

private VLAN. When checked, port isolation is enabled on that port. When unchecked, port isolation is disabled on that port. By default, port isolation is disabled on all ports.

WEB Interface To Configure PVLAN port isolation：

A. Click Configuration/Private VLANs/Port Isolation B. Make the checked ports are isolated from each

other. C. Click Save to apply the setting, Reset to restore


70

Quality of Service The switch supports 4 QoS queues per port with stricted or weighted fair queuing

scheduling. This QoS classification mechanism is implemented in a QoS control list (QCL). The QoS class assigned to a frame is used throughout the device for providing queuing, scheduling and congestion control guarantee to the frame according to what was configured for that specific QoS class.

The switch also allows you to configure QoS classification criteria and service polices. The switch’s resources can be prioritized to meet the requirements of specific traffic types on a per hop basis. Each packet is classified upon entry into network based on Ethernet type, TCP/UDP port, DSCP and ToS.

71

Port Classification Using the QoS Ingress Port Configuration page to set the basic QoS parameters for a port, including the default traffic class, DP Level (IEEE 802.1p), user priority and drop eligible indicator.

LOCATION： ▼ Configuration ▼ QoS ￭ Port classification PARAMETERS： Items Description Port The port number for which the configuration

below applies. QoS Class Controls the default QoS class, i.e., the QoS

class for frames not classified in any other way. There is a one to one mapping between QoS class, queue and priority. A QoS class of 0 (zero) has the lowest priority. Note: If the QoS class has been dynamically

changed, then the actual QoS class is shown in parentheses after the configured QoS class.DP level

DP Level Controls the default Drop Precedence Level, i.e., the DP level for frames not classified in any other way.

PCP Controls the default Priority Code Point(PCP) for untagged frames.

DEI Controls the default Drop Eligible Indicator (DEI) for untagged frames.

WEB Interface To useQoS Ingress Port Configuration：

A. Click Configuration/QoS/Port Classification B. Set QoS Class priority for each port, DP Level

and PCP, DEI for untagged frames. C. Click Save to apply the setting, Reset to restore


72

Port Policing The Port policing is useful in constraining traffic flows and marking frames avobe specific rates. Policing is primarily useful for data flows and voice or video flows because voice video usually maintains a steady rate of traffic.

LOCATION： ▼ Configuration ▼ QoS ￭ Port Policing

73

PARAMETERS： Items Description Port The port number for which the configuration

below applies. Enabled Controls whether the policer is enabled on

this switch port. Rate Controls the rate for the policer. The default

value is 500. This value is restricted to 100-1000000 when the "Unit" is "kbps" or "fps", and it is restricted to 1-3300 when the "Unit" is "Mbps" or "kfps".

Unit Controls the unit of measure for the policer rate as kbps, Mbps, fps or kfps . The default value is "kbps".

Flow Control If flow control is enabled and the port is in flow control mode, then pause frames are sent instead of discarding frames.

WEB Interface To Configure QoS Ingress Port Policiers：

A. Click Configuration/QoS/Port Policing. B. Evoke which port need to enable the QoS

Ingress Port Policers and type the Rate limitcondition

C. Scroll down to select Rate unit. D. Click Save to apply the setting, Reset to restore


74

QoS Control List Using QoS Control List Configuration page to configure Quality of Service policies for handling ingress packets based on Ethernet type, VLAN ID, TCP/UDP port, DSCP, ToS or VLAN priority tag.

LOCATION： ▼ Configuration ▼ QoS ￭ QoS Control List

75

PARAMETERS： Items Description QCE# Indicate the index of QCE. Port Indicates the list of ports configured with the

QCE. Frame Type Indicates the type of frame to look for

incomming frames. Possible frame types are： Any:：The QCE will match all frame type. Ethernet:：Only Ethernet frames (with Ether

Type 0x600-0xFFFF) are allowed. LLC：Only (LLC) frames are allowed. SNAP： Only (SNAP) frames are allowed. IPv4：The QCE will match only IPV4 frames. IPv6：The QCE will match only IPV6 frames

SMAC Display the OUI field of Source MAC address, i.e. first three octet (byte) of MAC address.

DMAC Specify the type of Destination MAC addresses for incoming frame. Possible values are： Any：All types of Destination MAC addresses

are allowed. Unicast：Only Unicast MAC addresses are

allowed. Multicast：Only Multicast MAC addresses are

allowed. Broadcast：Only Broadcast MAC addresses

are allowedd. The default value is 'Any'.

VID Indicates (VLAN ID), either a specific VID or range of VIDs. VID can be in the range 1-4095 or 'Any'

PCP Priority Code Point: Valid value PCP are specific(0, 1, 2, 3, 4, 5, 6, 7) or range(0-1, 2-3, 4-5, 6-7, 0-3, 4-7) or 'Any'.

DEI Drop Eligible Indicator: Valid value of DEI can be any of values between 0, 1 or 'Any'.

Action Indicates the classification action taken on ingress frame if parameters configured are

76

matched with the frame's content. There are three action fields： Class, DPL and DSCP. Class：Classified QoS class. DPL：Classified Drop Precedence Level. DSCP：Classified DSCP value.

Modification Buttons

Insert a new QCE before the current row Edit the QCE row Move the QCE up the list Move the QCE down the list Delete the QCE The lowest plus sign adds a new entry at the buttom of the QCE listings

WEB Interface To Configure QCE Configuration：

A. Click Configuration/QoS/QoS Control List. B. Click the to add new QoS Control List C. Scroll all parameters and evoke the Port Member

to join the QCE rules. D. Click Save to apply the setting, Reset to restore


77

Storm Control Using the Storm Control Configuration page to set limitation of broadcast,

multi-cast and unknown uni-cast traffic to control traffic storms when switch device is malfunctioning. Traffic storm can degrade the network performance or halt the network.

LOCATION： ▼ Configuration ▼ QoS ￭Storm Control PARAMETERS： Items Description Frame Type The settings in a particular row apply to the

frame type listed here: Unicast, Multicast or Broadcast.

Enable Enable or disable the storm control status for the given frame type.

Rate The rate unit is packets per second (pps). Valid values are：1, 2, 4, 8, 16, 32, 64, 128,

256, 512, 1K, 2K, 4K, 8K, 16K, 32K, 64K, 128K, 256K, 512K , 1024K, 2048K, 4096K, 8192K, 16384K or 32768K.

78

WEB Interface To Configure QCE Configuration：

A. Click Configuration/QoS/Storm Control. B. Enable Storm Control for Broadcast, Multi-cast

and unknow uni-cast and Scroll down to select the Rate value.

C. Click Save to apply the setting, Reset to restore the previous setting.

Port Mirroring Using the Mirror Configuration page to mirror traffic from any source port to a target port.

LOCATION： ▼ Configuration ￭ Mirroring PARAMETERS： Items Description Port The logical port for the settings contained in

the same row. Mode Select mirror mode.

Rx only：Frames received on this port are mirrored on the mirror port. Frames transmitted are not mirrored.

Tx only：Frames transmitted on this port are mirrored on the mirror port. Frames received are not mirrored.

Disabled：Neither frames transmitted nor frames received are mirrored.

Enabled：Frames received and frames

79

transmitted are mirrored on the mirror port.

Note: For a given port, a frame is only transmitted once. It is therefore not possible to mirror Tx frames on the mirror port. Because of this, mode for the selected mirror port is limited to Disabled or Rx only.

WEB Interface To Configure Mirroring Configuration：

A. Click Configuration/Mirroring. B. Select the destination port to which all mirrored

traffic will be sent C. Set the mirror mode on any of source ports to be

mirrored. D. Click Save to apply the setting, Reset to restore


80

This chapter describes how to monitor all of the basic

Functions, Configurations, System log, Traffic views and the switch (ports) states...etc. Under the Monitor/System menu, it displays system information, Real-time CPU load, log and detailed syslog.

SYSTEM INFORMATION Using System Information page to verfiy the firmware and

hardware versions. It also displays System Contact, Device name, Location and System uptime.

LOCATION： ▼ Monitor ▼ System ￭ Information PARAMETERS： Items Description Contact The system contact configured in

Configuration| System | Information | System Contact.

Name The system name configured in Configuration | System | Information | System Name.

Location The system location configured in Configuration | System | Information | System Location.

MAC Address The MAC Address of this switch Chip ID The Chip ID of the switch System Date The current (GMT) system time and date. The

system time is obtained through the Timing server running on the switch, if any.

System Uptime

The period of time the device has been operational.

Software The software version of this switch

WEB MONITOR

SYSTEM

PART 5

81

Version Software Date The date when the switch software was

produced

WEB Interface To Update the System Information：

A. Click Monitor/System/Information. ● Click “Refresh” button to refresh the page

information manually. ● Check “Auto-refresh” checkbox to update page

information automatically

CPU Load This page display the CPU Load, using an SVG graph. The load

is measured as average over the last 100ms, 1 sec and 10 seconds intervals. The last 120 samples are graphed and the last numbers are displayed as text as well. In order to display the SVG graph, your browser must support SVG format. Consult the SVG wiki for more information on browser support. Specifically, at the time of writing, Microsoft Internet Explorer will need to have a plug-in installed to support SVG.

LOCATION： ▼ Monitor ▼ System ￭ CPU Load

82

WEB Interface To Update the System Information：

B. Click Monitor/System/CPU Load. ● Default the“Auto-refresh” checkbox is checked to

update page information automatically

Log Using the System Log Information page to display event

messages

LOCATION： ▼ Monitor ▼ System ￭ Log PARAMETERS： Items Description ID Event log ID Level The level of the system log entry. The

following level types are supported: Info：Information level of the system log. Warning：Warning level of the system log. Error：Error level of the system log. All：All levels.

Time The time of the system log entry. Message The message of the system log entry. Buttons Auto-refresh ：Check this box to enable an

83

automatic refresh of the page at regular intervals.

：Updates the system log entries,

starting from the current entry ID.

：Flushes all system log entries.


starting from the first available entry ID.

：Updates the system log entries, ending

at the last entry currently displayed.


starting from the last entry currently displayed.


ending at the last available entry ID.

WEB Interface To display the System Log：

A. Click Monitor/System/Log. B. Specify the different level to show the log up. C. Check the “auto-refresh”checkbox to update the

system log automatically and click “clear” to clean the log.

84

Detailed Log Using the Detail System log information page to display the detail event log LOCATION： ▼ Monitor ▼ System ￭ Detailed Log PARAMETERS： Items Description ID Event log ID Message The detailed message of the system log entry. Buttons




starting from the first available entry ID.

：Updates the system log entries, ending

at the last entry currently displayed.


starting from the last entry currently displayed.


ending at the last available entry ID.

WEB Interface To display the Detailed System Log：

A. Click Monitor/System/Detailed Log. B. Specify the Detailed system log.

85

Thermal Protection Using the Thermal Protection Status page to show the thermal status for each port. LOCATION： ▼ Monitor ￭ Thermal Protection PARAMETERS： Items Description Thermal Portection Port Status

Shows if the port is thermally protected (link is down) or if the port is operating normally.

Port Status Display Port Status, the port will shutdown if temperature exceed.

Buttons Auto-refresh ：Check this box to enable an automatic refresh of the page at regular intervals.


starting from the current entry ID.. Port s State Using the Port State Overview page to display an image of

switch’s ports. Clicking specific port image to open detailed statistics of this port.

LOCATION： ▼ Monitor ▼ Ports ￭ State

86

PARAMETERS： Items Description Port State The port states are illustrated as follows：

Buttons Auto-refresh ：Check this box to enable an




WEB Interface To display an image of the switch’s ports：

A. Click Monitor/Ports/State. B. Display current state of each port. C. Check “Auto-refresh” to update the switch’s port

state automatically.

Traffic Overview Using Port Statistics Overviewpage to display an overview of

incoming and ongoing packets for each port.

LOCATION： ▼ Monitor ▼ Ports ￭ Traffic Overview

87

PARAMETERS： Items Description Port The logical port for the settings contained in the

same row. Packets The number of received and transmitted packets

per port. Bytes The number of received and transmitted bytes per

port. Errors The number of frames received in error and the

number of incomplete transmissions per port. Drops The number of frames discarded due to ingress

or egress congestion. Filtered The number of received frames filtered by the

forwarding process. Buttons Auto-refresh ：Check this box to enable an





WEB Interface To display a summary of port statistics：

A. Click Monitor/Ports/Traffic Overview. B. Check “Auto-refresh” to update the switch’s port

state automaticallyand click “clear” to reset all data.

88

QoS Statistics Using the Queuing Counters page to display the number of

packets processed by each port.

LOCATION： ▼ Monitor ▼ Ports ￭ QoS Statistics PARAMETERS： Items Description Port The logical port for the settings contained in the

same row. Qn There are 8 QoS queues per port. Q0 is the

lowest priority queue. RX/TX The number of received and transmitted packets

per queue. Buttons Auto-refresh ：Check this box to enable an





89

WEB Interface To display a Queue Counters：

A. Click Monitor/Ports/QoS Statistics. B. Check “Auto-refresh” to update the switch’s port

state automatically and click “clear” to reset all data.

QCL Status Using QoS Control List Status to show QCE configured for different users or software modules and whether or not there is a conflict. LOCATION： ▼ Monitor ▼ Ports ￭ QCL Status

90

PARAMETERS： Items Description Users Indicates the QCL user. QCE# Indicates the index of QCE. Frame Type

Indicates the type of frame to look for incomming frames. Possible frame types are： Any： The QCE will match all frame type. Ethernet： Only Ethernet frames (with Ether Type 0x600-0xFFFF) are allowed. LLC：Only (LLC) frames are allowed. SNAP：Only (SNAP) frames are allowed. IPv4：The QCE will match only IPV4 frames. IPv6：The QCE will match only IPV6 frames.

Port Indicates the list of ports configured with the QCE.

Action Indicates the classification action taken on ingress frame if parameters configured are matched with the frame's content. There are three action fields： Class, DPL and DSCP. Class：Classified QoS class; if a frame matches

the QCE it will be put in the queue. DPL：Drop Precedence Level; if a frame matches

the QCE then DP level will set to value displayed under DPL column.

DSCP：If a frame matches the QCE then DSCP will be classified with the value displayed under DSCP column.

Conflict Displays Conflict status of QCL entries. As H/W resources are shared by multiple applications. It may happen that resources required to add a QCE may not be available, in that case it shows conflict status as 'Yes', otherwise it is always 'No'. Please note that conflict can be resolved by releaseing the H/W resources required to add QCL entry on pressing 'Resolve Conflict' button.

Buttons Combined：Select the QCL Status from this

91

drop down list.

Auto-refresh ：Check this box to refresh the

page automatically. Automatic refresh occurs at regular intervals.

：Click to release the resources

required to add QCL entry, incase conflict status for any QCL entry is 'yes'



WEB Interface To display the status of QCE entries：

A. Click Monitor/Ports/QCL Status. B. Select the user type to display from a dropdown

list. C. If any of the entries show the conflict, click

“Rresolve Conflict” to resolve the conflict then click “refresh” to check the result.

Detailed Port Statstics Using the Detailed Port Statistics page to display the detailed

statistic on network. All values have been accumulated since the system bootup.

92

LOCATION： ▼ Monitor ▼ Ports ￭ Detailed Statistics PARAMETERS： Items Description Receive Total and Transmit Total RX and TX packets

The number of received and transmitted (good and bad) packets.

Rx and Tx Octets

The number of received and transmitted (good and bad) bytes. Includes FCS, but excludes framing bits.

Rx and Tx Unicast

The number of received and transmitted (good and bad) unicast packets.

Rx and Tx Multicast

The number of received and transmitted (good and bad) Multicast packets.

Rx and Tx Broadcast

The number of received and transmitted (good and bad) Broadcast packets.

Rx and Tx Pause

A count of the MAC Control frames received or transmitted on this port that have an opcode indicating a PAUSE operation

Receive and Transmit Size Counters

The number of received and transmitted (good and bad) packets split into categories based on their respective frame sizes.

Receive and Transmit Queue Counters

The number of received and transmitted packets per input and output queue.

Receive Error Counters Rx Drops The number of frames dropped due to lack

of receive buffers or egress congestion. Rx CRC /Alignment

The number of frames received with CRC or alignment errors.

Rx Undersize The number of short1 frames received with valid CRC.

Rx Oversize The number of long2 frames received with valid CRC.

Rx Fragments The number of short1 frames received with

93

invalid CRC. Rx Jabber The number of long 2 frames received with

invalid CRC. Rx Filtered The number of received frames filtered by

the forwarding process. 1 Short frames are frames that are smaller than 64 bytes. 2 Long frames are frames that are longer than the configured maximum frame length for this port. Transmit Error Counters Tx Drops The number of frames dropped due to

output buffer congestion. Tx Late/ Exc. Coll.

The number of frames dropped due to excessive or late collisions.

Buttons Auto-refresh ：Check this box to enable an automatic refresh of the page at regular intervals.




WEB Interface To display the Detailed Port Statistics：

A. Click Monitor/Ports/Detailed Statistics. B. Select the Port number to display Detailed

Statistics of specific port.

94

ACL Status This ACL Status page shows the status by different ACL users. Each row describes the ACE that is defined. It is a conflict if a specific ACE is not applied to the hardware due to hardware limitations. The maximum number of ACE is 256 on each switch.

LOCATION： ▼ Monitor ▼ Security ▼ Network ￭ ACL Status PARAMETERS： Items Description User Indicates the ACL user. Ingress Indicates the ingress port of the ACE.

95

Port Possible values are： All：The ACE will match all ingress

port. Port：The ACE will match a specific

ingress port. Frame Type Indicates the frame type of the ACE. Possible

values are Any：The ACE will match any frame type. EType：The ACE will match Ethernet Type

frames. Note that an Ethernet Type based ACE will not get matched by IP and ARP frames.

ARP：The ACE will match ARP/RARP frames. IPv4：The ACE will match all IPv4 frames. IPv4/ICMP：The ACE will match IPv4 frames

with ICMP protocol. IPv4/UDP：The ACE will match IPv4 frames with

UDP protocol. IPv4/TCP：The ACE will match IPv4 frames with

TCP protocol. IPv4/Other：The ACE will match IPv4 frames,

which are not ICMP/UDP/TCP. IPv6: The ACE will match all IPv6 standard frames.

Action Indicates the forwarding action of the ACE. Permit：Frames matching the ACE may be

forwarded and learned. Deny：Frames matching the ACE are dropped.

Rate Limiter

Indicates the rate limiter number of the ACE. The allowed range is 1 to 16. When Disabled is displayed, the rate limiter operation is disabled.

Port Redirect

Indicates the port redirect operation of the ACE. Frames matching the ACE are redirected to the port number. The allowed values are Disabled or a specific port number. When Disabled is displayed, the port redirect operation is disabled.

Mirror Specify the mirror operation of this port. The allowed values are：

96

Enabled：Frames received on the port are mirrored.

Disabled：Frames received on the port are not mirrored.

The default value is "Disabled". CPU Forward packet that matched the specific ACE

to CPU. CPU Once Forward first packet that matched the specific

ACE to CPU. Counter The counter indicates the number of times the

ACE was hit by a frame. Conflict Indicates the hardware status of the specific

ACE. The specific ACE is not applied to the hardware due to hardware limitations.

Buttons Combined：Select the QCL Status from

this drop down list.


page automatically. Automatic refresh occurs at regular intervals.'


starting from the current entry ID. WEB Interface To display ACL Status：

A. Click Monitor/Security/Network/ACL Status B. Select a software module from the scroll-down

list.

RADIUS Overview Using the RADIUS Overview page to display a list of configured

97

RADIUS Server

LOCATION： ▼ Monitor ▼ Security ▼ AAA ￭ RADIUS Overview PARAMETERS： Items Description # The RADIUS server number. Click to navigate to

detailed statistics for this server. IP Address The IP address and UDP port number (in <IP

Address>:<UDP Port> notation) of this server. Status The current status of the server. This field takes

one of the following values： Disabled：The server is disabled. Not Ready：The server is enabled, but IP

communication is not yet up and running.

Ready：The server is enabled, IP communication is up and running, and the RADIUS module is ready to accept access attempts.

Dead (X seconds left)：Access attempts were made to this server, but it did not reply within the configured timeout. The server has temporarily been disabled, but will get re-enabled when the dead-time expires. The number of seconds left before this occurs is displayed in parentheses. This state is only reachable when more than one server is enabled.

Buttons Combined：Select the QCL Status from



98




WEB Interface To display a list of RADIUS Server：

A. Click Monitor/Security/AAA/RADIUS Overview

RADIUS Details Using the RADIUS Details page to display statistics for RADIUS

Server.

LOCATION： ▼ Monitor ▼ Security ▼ AAA ￭ RADIUS Details PARAMETERS：

99

Items Description Receive packets

The counters of Receive Packets, including following parameters： (Access Accepts, Access Rejects,Access Challenges, Malformed Access Responses,Bad Authenticators, Unknown Types,Packets Dropped)

Transmit Packets

The counters of Transmit Packets, including following parameters： (Access Requests,Access Retransmissions,Pending Requests,Timeouts)

Other Info. IP Address：Show the IP Address of RADIUS server.

State：Show the state of RADIUS server Round-Trip Time：the handshake time between

RADIUS Server and clients Buttons






WEB Interface To display a detail information of RADIUS Server：

A. Click Monitor/Security/AAA/RADIUS Details

100

LACP System Status Using the LACP System Status page to display an overview of LACP groups.

LOCATION： ▼ Monitor ▼ LACP ￭ System Status PARAMETERS： Items Description Aggr ID The Aggregation ID associated with this

aggregation instance. For LLAG the id is shown as 'isid:aggr-id' and for GLAGs as 'aggr-id'

Partner System ID

The system ID (MAC address) of the aggregation partner.

Partner Key The Key that the partner has assigned to this aggregation ID

Last changed

The time since this aggregation changed.

Local Ports Shows which ports are a part of this aggregation for this switch.

101

Buttons Auto-refresh ：Check this box to refresh the



starting from the current entry ID. WEB Interface To display an overview of LACP group active on this

switch： A. Click Monitor/LACP/System Status

LACP Port Status Using the LACP Port Status page to display information on the

LACP groups active on each port.

LOCATION： ▼ Monitor ▼ LACP ￭ Port Status PARAMETERS： Items Description Port The switch port number. LACP 'Yes' means that LACP is enabled and the port

link is up. 'No' means that LACP is not enabled or that the port link is down. 'Backup' means that the port could not join the aggregation group but will join if other port leaves. Meanwhile it's LACP status is disabled

Key The key assigned to this port. Only ports with the same key can aggregate together.

102

Aggr ID The Aggregation ID assigned to this aggregation group.

Partner System ID

The partner's System ID (MAC address).

Partner Port

The partner's port number connected to this

port. Buttons




starting from the current entry ID. WEB Interface To display LACP Status for local ports：

A. Click Monitor/LACP/Port Status

103

LACP Port Status Using the LACP Port Statistics page to display statistics on LACP control packets cross on each port.

LOCATION： ▼ Monitor ▼ LACP ￭ Port Statistics PARAMETERS： Items Description Port The switch port number. LACP Received

Shows how many LACP frames have been received at each port.

LACP Transmitted

Shows how many LACP frames have been sent from each port.

Discarded Shows how many unknown or illegal LACP frames have been discarded at each port.






WEB Interface To display LACP Port Statistics for local ports：

A. Click Monitor/LACP/Port Statistics Loop Protection Using Loop Protection Status page to display the loop status.

LOCATION： ▼ Monitor

104

￭ Loop Protection PARAMETERS： Items Description Port The switch port number of the logical port. Action The currently configured port action. Transmit The currently configured port transmit mode. Loops The number of loops detected on this port. Status The current loop protection status of the port. Loop Whether a loop is currently detected on the port. Time of Last Loop

The time of the last loop event detected.





WEB Interface To display the Loop Status for each port：

A. Click Monitor/Loop Protection. INFORMATION OF SPANNING TREE Using Monitor menu to display Spanning Tree bridge status,

CIST port status for physical ports of the currently switch and statistics for STP packets.

Bridge Status Using STP Detailed Bridge Status page to display STA information on the global bridge and individual ports.

LOCATION： ▼ Monitor ▼ Spanning Tree ￭ Bridge Status

105

PARAMETERS： Items Description Bridge Instance

The Bridge instance - CIST, MST1, ...

Bridge ID The Bridge ID of this Bridge instance.

Root ID The Bridge ID of the currently elected root bridge.

Root Port The switch port currently assigned the root port role.

Root Cost Root Path Cost. For the Root Bridge this is zero. For all other Bridges, it is the sum of the Port Path Costs on the least cost path to the Root Bridge.

Regional Root

The Bridge ID of the currently elected regional root bridge, inside the MSTP region of this bridge. (For the CIST instance only).

Internal Root Cost

The Regional Root Path Cost. For the Regional Root Bridge this is zero. For all other CIST instances in the same MSTP region, it is the sum of the Internal Port Path Costs on the least cost path to the Internal Root Bridge. (For the CIST instance only).

Topology Flag

The current state of the Topology Change Flag of this Bridge instance.

Topology Change Count

The number of times where the topology change flag has been set (during a one-second interval).

Topology Last

The time passed since the Topology Flag was last set.

CIST Ports & Aggregations State Port The switch port number of the logical STP port. Port ID The port id as used by the STP protocol. This is

the priority part and the logical port index of the bridge port.

Role The current STP port role. The port role can be one of the following values: AlternatePort BackupPort RootPort DesignatedPort.

106

State The current STP port state. The port state can be one of the following values: Discarding Learning Forwarding.

Path Cost The current STP port path cost. This will either be a value computed from the Auto setting, or any explicitly configured value.

Edge The current STP port (operational) Edge Flag. An Edge Port is a switch port to which no Bridges are attached. The flag may be automatically computed or explicitly configured. Each Edge Port transits directly to the Forwarding Port State, since there is no possibility of it participating in a loop.

Point2Point The current STP port point-to-point flag. A point-to-point port connects to a non-shared LAN media. The flag may be automatically computed or explicitly configured. The point-to-point properties of a port affect how fast it can transit to STP state.

Uptime The time since the bridge port was last initialized.





WEB Interface To display detailed information for the STP bridge

instance, along with port state for all active ports associated： A. Click Monitor/Spanning Tree/Bridge Status

to display the information.

107

STP Port Status Using STP Port Status page to display the STP CIST port status

for physical ports of the currently selected.

LOCATION： ▼ Monitor ▼ Spanning Tree ￭ Port Status PARAMETERS： Items Description Port The switch port number of the logical STP port. CIST Role The current STP port role of the CIST port. The

port role can be one of the following values: AlternatePort BackupPort RootPort DesignatedPort Disabled.

CIST State The current STP port state of the CIST port. The port state can be one of the following values: Discarding Learning Forwarding

Uptime The time since the bridge port was last initialized.





WEB Interface

108

To display STP Port Status： A. Click Monitor/Spanning Tree/Port Status

to display the participating STP Ports Status.

STP Port Statistics Using STP Port Statistics page to display statistics on Spanning

Tree Protocol packets crossing each port.

LOCATION： ▼ Monitor ▼ Spanning Tree ￭ Port Statistics PARAMETERS： Items Description Port The switch port number of the logical STP port. RSTP The number of RSTP Configuration BPDU's

received/transmitted on the port. STP The number of legacy STP Configuration

BPDU's received/transmitted on the port. TCN The number of (legacy) Topology Change

Notification BPDU's received/transmitted on the port.

Discarded Unknown

The number of unknown Spanning Tree BPDU's received (and discarded) on the port.

Discarded Illegal

The number of illegal Spanning Tree BPDU's received (and discarded) on the port.






109

WEB Interface To display information on STP Port Statstics：

A. Click Monitor/Spanning Tree/Port Statstics to display the STP Ports Statistics.

SHOW IGMP SNOOPING INFORMATION Using IGMP SNOOPING pages to display IGMP Snooping

statistics, Router port status and group information. IGMP Snooping Status Using IGMP Snooping Status page to display IGMP querier status,

snooping statistics for each VLAN

LOCATION： ▼ Monitor ▼ IPMC ▼ IGMP Snooping ￭ Status PARAMETERS： Items Description VLAN ID The VLAN ID of the entry. Querier Version Working Querier Version currently.

Host Version Working Host Version currently. Querier Status Shows the Querier status is "ACTIVE" or

"IDLE". "DISABLE" denotes the specific interface is administratively disabled.

Queries Transmitted

The number of Transmitted Queries.

Queries Received

The number of Received Queries.

110

V1 Reports Received

The number of Received V1 Reports

V2 Reports Received


V3 Reports Received


V2 Leaves Received

The number of Received V2 Leaves.

Router Port Display which ports act as router ports. A router port is a port on the Ethernet switch that leads towards the Layer 3 multicast device or IGMP querier. Static denotes the specific port is configured to be a router port. Dynamic denotes the specific port is learnt to be a router port. Both denote the specific port is configured or learnt to be a router port.

Port Switch port number Status Indicate whether specific port is a router port

or not. Buttons

Auto-refresh ：Check this box to refresh

the page automatically. Automatic refresh occurs at regular intervals.'




WEB Interface To display IGMP Snooping Status information：

A. Click Monitor/IPMC/IGMP Snooping/Status

111

to display the STP Ports Statistics.

IGMP Snooping Group Information Using IGMP Snooping Group Information page to display the port

member of each service group.

LOCATION： ▼ Monitor ▼ IPMC ▼ IGMP Snooping ￭Groups Information PARAMETERS： Items Description

112

VLAN ID The VLAN ID of the entry. Groups Group address of the group displayed.

Port Members Ports under this group. Buttons





：Updates the table,starting with the

first entry in the IGMP group table.

：Updates the table, starting with the

entry after the last entry currently displayed..

WEB Interface To display IGMP Snooping Group information：

A. Click Monitor/IPMC/IGMP Snooping/Groups

informationto display group port members.

SHOW POWER OVER ETHERNET

Using Power Over Ethernet Status page to display total power consumption, PD Class, Power used, Current used, Priority and

113

Port status for each port. LOCATION： ▼ Monitor ￭POE PARAMETERS： Items Description Local Port This is the logical port number for this row. PD Class Each PD is classified according to a class

that defines the maximum power the PD will use. The PD Class shows the PDs class. Five Classes are defined： Class 0：Max. power 15.4 W Class 1：Max. power 4.0 W Class 2：Max. power 7.0 W Class 3：Max. power 15.4 W Class 4：Max. power 34.2 W

Power Requested

The Power Requested shows the requested amount of power the PD wants to be reserved.

Power Allocated

The Power Allocated shows the amount of power the switch has allocated for the PD.

Power Used The Power Used shows how much power the PD currently is using.

Current Used The Power Used shows how much current the PD currently is using.

Priority The Priority shows the port's priority configured by the user.

Port Status The Port Status shows the port's status. Buttons



114



WEB Interface To display Power Over Ethernet information：

A. Click Monitor/POEto displayPOE information for each port and total power consumption.

DISPLAY INFORMATION OF VLANs Using Monitor pages for VLANs to display port members of VLANs and its’ VLAN attributes corresponding each port.

VLAN Membership Using VLAN Membership Status for specific users page to display the information of all VLAN status and reports. LOCATION： ▼ Monitor

▼ VLANs ￭POE PARAMETERS： Items Description VLAN USER VLAN User module uses services of the

VLAN management functionality to configure VLAN memberships and VLAN port configurations such as PVID and UVID. Currently we support the following VLAN user types： CLI/Web/SNMP：These are referred to as static. NAS：NAS provides port-based authentication, which involves communications between a Supplicant, Authenticator, and an Authentication Server.

115

MSTP：The 802.1s Multiple Spanning Tree protocol (MSTP) uses VLANs to create multiple spanning trees in a network, which significantly improves network resource utilization while maintaining a loop-free environment.

Port Members A row of check boxes for each port is displayed for each VLAN ID. If a port is included in a VLAN, an image will be displayed. If a port is included in a Forbidden port list, an image will be displayed. If a port is included in a Forbidden port list and dynamic VLAN user register VLAN on same Forbidden port, then conflict port will be displayed as .

VLAN Membership

The VLAN Membership Status Page shall show the current VLAN port members for all VLANs configured by a selected VLAN User (selection shall be allowed by a Combo Box). When ALL VLAN Users are selected, it shall show this information for all the VLAN Users, and this is by default. VLAN membership allows the frames class ified to the VLAN ID to be forwarded on the respective VLAN member ports.

Buttons Static: Select VLAN Users from



the page automatically. Automatic refresh

occurs at regular intervals.'


116


WEB Interface To display VLAN Membership Status for specific

users： A. Click Monitor/VLANs/VLAN Membership to

display VLAN Membership information.

VLAN Port Using VLAN Port Status for specific users page to display the information of all VLAN Port status. LOCATION： ▼ Monitor

▼ VLANs ￭ VLAN Port PARAMETERS： Items Description Port The logical port for the settings contained in

the same row. PVID Shows the VLAN identifier for that port. The

allowed values are 1 through 4095. The default value is 1.

Port Type Shows the Port Type. Port type can be any of Unaware, C-port, S-port, Custom S-port. If Port Type is Unaware, all frames are classified to the Port VLAN ID and tags are not removed. C-port is Customer Port. S-port is Service port. Custom S-port is S-port with Custom TPID.

Ingress Filtering Shows the ingress filtering on a port. This parameter affects VLAN ingress processing. If ingress filtering is enabled and the ingress port is not a member of the classified VLAN, the frame is discarded.

117

Frame Type Shows whether the port accepts all frames or only tagged frames. This parameter affects VLAN ingress processing. If the port only accepts tagged frames, untagged frames received on that port are discarded.

Tx Tag Shows egress filtering frame status whether tagged or untagged.

UVID Shows UVID (untagged VLAN ID). Port's UVID determines the packet's behaviour at the egress side.

Conflicts Shows status of Conflicts whether exists or not. When a Volatile VLAN User requests to set VLAN membership or VLAN port configuration, the following conflicts can occur： Functional Conflicts between features. Conflicts due to hardware limitation. Direct conflict between user modules.

Buttons Static

: Select VLAN Users from



the page automatically. Automatic refresh

occurs at regular intervals.'



WEB Interface To display VLAN Port Status for specific users：

A. Click Monitor/VLANs/VLAN Portto display VLAN Port information.

119

This chapter provides IPv4 ping for test the connectivity of network.

DIAGNOSTICS ICMP IPv4 Ping Using ICMP Ping page to send ICMP request packet to

another connected point to check if it is connect. LOCATION： ▼ Diagnostic ￭ Ping PARAMETERS： Items Description IP Address The destination IP Address Ping Length The payload size of the ICMP packet.

Values range from 2 bytes to 1452 bytes. Ping Count The count of the ICMP packet. Values range

from 1 time to 60 times. Ping Interval The interval of the ICMP packet. Values

range from 0 second to 30 seconds. WEB Interface To Ping another IP device on the network：

A. Click Diagnostics/Ping to run the testing.

WEB DIAGNOSTICS

PING

PART 6

120

This chapter describes how to restart device, reload device tomanufactory default, saving or restore configuration andfirmware upgrading , swapping.

RESTART DEVICE

Using the Restart Device page to restart the switch. LOCATION： ▼ Maintenance ￭ Restart Device WEB Interface To restart the switch：

A. Click Maintanence/Restart Device to restart the

switch. B. Click “Yes” to confirm the restart process and

“No” to cancel the restart process.

Figure FACTORY DEFAULTS

Using Factory Defaults page to reset the switch to manufactory default setting. LOCATION： ▼ Maintenance ￭ Factory Defaults

WEB MAINTENANCE

RESTART DEVICE

PART 7

121

WEB Interface To resett the switch：

A. Click Maintanence/Factory Defaults to reset the

switch to manufactory default settings. B. Click “Yes” to confirm the process and “No” to

cancel.

Figure

SOFTWARE UPLOAD

Using Firmware Update page to upgrade the firmware of the switch. LOCATION： ▼ Maintenance

▼ Software ￭Upload

PARAMETERS：

Items Description Buttons

to the location of a software

image and click

After the software image is uploaded, a page announces that the firmware update is initiated. After about a minute, the firmware is updated and the switch restarts. Warning: While the firmware is being

updated, Web access appears to be

122

defunct. The front LED flashes Green/Off

with a frequency of 10 Hz while the firmware

update is in progress. Do not restart or

power off the device at this time or the

switch may fail to function afterwards. WEB Interface To upgrade the firmware of the switch：

A. Click Maintanence/Software/Upload and browse the firmware file then click Upload.

Figure

SWAP IMAGE

Using Software Image Selection page to swap the firmware to alternative image. LOCATION： ▼ Maintenance

▼ Software ￭ Image Select

PARAMETERS：

Items Description Image The flash index name of the firmware image.

The name of primary (preferred) image is image, the alternate image is named image.bk.

Version The version of the firmware image. Date The date where the firmware was produced. Buttons

：Click to use the

alternate image. This button may be disabled depending on system state

123

：Cancel activating the backup

image. Navigates away from this page. WEB Interface To swap the firmware to alternative image for the

switch： A. Click Maintanence/Software/Image Select to

swap to alternative image.

SAVE CONFIGURATIONUsing Configuration Save page to save your switch’s configuration to management PC/NB.

LOCATION： ▼ Maintenance

▼ Configuration ￭Save

PARAMETERS：

Items Description Buttons

：Click the button, it will

pop out a file saving dialog, the default name is “config.xml”

WEB Interface To click “Save configuration” to save config：

124

A. Click Maintanence/Configuration/Saveto save to alternative image.

UPLOAD CONFIGURATION

Using Configuration Upload page to restore your switch’s to backup configuration from management PC/NB.

LOCATION： ▼ Maintenance

▼ Configuration ￭ Upload

PARAMETERS： Items Description Buttons

to the location of configuration file

and click

After the configuration file is uploaded, a page announces that the configuration upload done. Reset the device to make configuration applied

WEB Interface To click “Configuration Upload” to restore config：

A. Click Maintanence/Configuration/Uploadto restore a backupconfiguration file.

125

Glossary

A B CDEF G HI J K LMNOPQRSTUVW X Y Z

A

ACE

ACE is an acronym for Access Control Entry. It describes access permission associated with a particular ACE ID.

There are three ACE frame types (Ethernet Type, ARP, and IPv4) and two ACE actions (permit and deny). The

ACE also contains many detailed, different parameter options that are available for individual application.

ACL

ACL is an acronym for Access Control List. It is the list table of ACEs, containing access control entries that

specify individual users or groups permitted or denied to specific traffic objects, such as a process or a program.

Each accessible traffic object contains an identifier to its ACL. The privileges determine whether there are specific

traffic object access rights.

ACL implementations can be quite complex, for example, when the ACEs are prioritized for the various situation.

In networking, the ACL refers to a list of service ports or network services that are available on a host or server,

each with a list of hosts or servers permitted or denied to use the service. ACL can generally be configured to

control inbound traffic, and in this context, they are similar to firewalls.

There are 3 web-pages associated with the manual ACL configuration:

ACL|Access Control List: The web page shows the ACEs in a prioritized way, highest (top) to lowest (bottom).

Default the table is empty. An ingress frame will only get a hit on one ACE even though there are more matching

ACEs. The first matching ACE will take action (permit/deny) on that frame and a counter associated with that ACE

is incremented. An ACE can be associated with a Policy, 1 ingress port, or any ingress port (the whole switch). If

an ACE Policy is created then that Policy can be associated with a group of ports under the "Ports" web-page.

There are number of parameters that can be configured with an ACE. Read the Web page help text to get further

information for each of them. The maximum number of ACEs is 64.

ACL|Ports: The ACL Ports configuration is used to assign a Policy ID to an ingress port. This is useful to group

ports to obey the same traffic rules. Traffic Policy is created under the "Access Control List" - page. You can you

also set up specific traffic properties (Action / Rate Limiter / Port copy, etc) for each ingress port. They will though

only apply if the frame gets past the ACE matching without getting matched. In that case a counter associated with

http://192.168.131.99/help/glossary.htm#a

http://192.168.131.99/help/glossary.htm#c

http://192.168.131.99/help/glossary.htm#c

http://192.168.131.99/help/glossary.htm#e

http://192.168.131.99/help/glossary.htm#e

http://192.168.131.99/help/glossary.htm#h

http://192.168.131.99/help/glossary.htm#h

http://192.168.131.99/help/glossary.htm#l

http://192.168.131.99/help/glossary.htm#l

http://192.168.131.99/help/glossary.htm#n

http://192.168.131.99/help/glossary.htm#n

http://192.168.131.99/help/glossary.htm#p

http://192.168.131.99/help/glossary.htm#p

http://192.168.131.99/help/glossary.htm#r

http://192.168.131.99/help/glossary.htm#r

http://192.168.131.99/help/glossary.htm#t

http://192.168.131.99/help/glossary.htm#t

http://192.168.131.99/help/glossary.htm#v

http://192.168.131.99/help/glossary.htm#v

http://192.168.131.99/help/glossary.htm#ace

http://192.168.131.99/help/glossary.htm#ethernet_type

http://192.168.131.99/help/glossary.htm#arp

http://192.168.131.99/help/glossary.htm#acl

http://192.168.131.99/help/glossary.htm#ace

126

that port is incremented. See the Web page help text for each specific port property.

ACL|Rate Limiters: Under this page you can configure the rate limiters. There can be 15 different rate limiters,

each ranging from 1-1024K packets per seconds. Under "Ports" and "Access Control List" web-pages you can

assign a Rate Limiter ID to the ACE(s) or ingress port(s).

AES

AES is an acronym for Advanced Encryption Standard. The encryption key protocol is applied in 802.1i standard

to improve WLAN security. It is an encryption standard by the U.S. government, which will replace DES and 3DES.

AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits.

AMS

AMS is an acronym for Auto Media Select. AMS is used for dual media ports (ports supporting both copper (cu)

and fiber (SFP) cables. AMS automatically determines if a SFP or a CU cable is inserted and switches to the

corresponding media. If both SFP and cu cables are inserted, the port will select the prefered media.

APS

APS is an acronym for Automatic Protection Switching. This protocol is used to secure that switching is done

bidirectional in the two ends of a protection group, as defined in G.8031.

Aggregation

Using multiple ports in parallel to increase the link speed beyond the limits of a port and to increase the

redundancy for higher availability.

(Also Port Aggregation, Link Aggregation).

ARP

ARP is an acronym for Address Resolution Protocol. It is a protocol that used to convert an IP address into a

physical address, such as an Ethernet address. ARP allows a host to communicate with other hosts when only the

Internet address of its neighbors is known. Before using IP, the host sends a broadcast ARP request containing

the Internet address of the desired destination system.

ARP Inspection

ARP Inspection is a secure feature. Several types of attacks can be launched against a host or devices connected

to Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such attacks. Only valid ARP

requests and responses can go through the switch device.

Auto-Negotiation

Auto-negotiation is the process where two different devices establish the mode of operation and the speed

settings that can be shared by those devices for a link.

http://192.168.131.99/help/glossary.htm#aes

http://192.168.131.99/help/glossary.htm#ams

http://192.168.131.99/help/glossary.htm#APS

http://192.168.131.99/help/glossary.htm#aggregation


http://192.168.131.99/help/glossary.htm#ip

http://192.168.131.99/help/glossary.htm#arp_inspection

http://192.168.131.99/help/glossary.htm#autoneg

127

C

CC

CC is an acronym for Continuity Check. It is a MEP functionality that is able to detect loss of continuity in a network

by transmitting CCM frames to a peer MEP.

CCM

CCM is an acronym for Continuity Check Message. It is a OAM frame transmitted from a MEP to it's peer MEP

and used to implement CC functionality.

CDP

CDP is an acronym for Cisco Discovery Protocol.

D

DEI

DEI is an acronym for Drop Eligible Indicator. It is a 1-bit field in the VLAN tag.

DES

DES is an acronym for Data Encryption Standard. It provides a complete description of a mathematical algorithm

for encrypting (enciphering) and decrypting (deciphering) binary coded information.

Encrypting data converts it to an unintelligible form called cipher. Decrypting cipher converts the data back to its

original form called plaintext. The algorithm described in this standard specifies both enciphering and deciphering

operations which are based on a binary number called a key.

DHCP

DHCP is an acronym for Dynamic Host Configuration Protocol. It is a protocol used for assigning dynamic IP

addresses to devices on a network.

DHCP used by networked computers (clients) to obtain IP addresses and other parameters such as the default

gateway, subnet mask, and IP addresses of DNS servers from a DHCP server.

The DHCP server ensures that all IP addresses are unique, for example, no IP address is assigned to a second

client while the first client's assignment is valid (its lease has not expired). Therefore, IP address pool

management is done by the server and not by a human network administrator.

Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather

than requiring an administrator to manage the task. This means that a new computer can be added to a network

without the hassle of manually assigning it a unique IP address.

http://192.168.131.99/help/glossary.htm#CC

http://192.168.131.99/help/glossary.htm#MEP

http://192.168.131.99/help/glossary.htm#CCM

http://192.168.131.99/help/glossary.htm#CCM

http://192.168.131.99/help/glossary.htm#OAM


http://192.168.131.99/help/glossary.htm#CDP

http://192.168.131.99/help/glossary.htm#DEI

http://192.168.131.99/help/glossary.htm#des

http://192.168.131.99/help/glossary.htm#dhcp


http://192.168.131.99/help/glossary.htm#dns

128

DHCP Relay

DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server when they are

not on the same subnet domain.

The DHCP option 82 enables a DHCP relay agent to insert specific information into a DHCP request packets

when forwarding client DHCP packets to a DHCP server and remove the specific information from a DHCP reply

packets when forwarding server DHCP packets to a DHCP client. The DHCP server can use this information to

implement IP address or other assignment policies. Specifically the option works by setting two sub-options:

Circuit ID (option 1) and Remote ID (option2). The Circuit ID sub-option is supposed to include information specific

to which circuit the request came in on. The Remote ID sub-option was designed to carry information relating to

the remote host end of the circuit.

The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id" "port_no". The

parameter of "vlan_id" is the first two bytes represent the VLAN ID. The parameter of "module_id" is the third byte

for the module ID (in standalone switch it always equal 0, in stackable switch it means switch ID). The parameter

of "port_no" is the fourth byte and it means the port number.

The Remote ID is 6 bytes in length, and the value is equal the DHCP relay agents MAC address.

DHCP Snooping

DHCP Snooping is used to block intruder on the untrusted ports of the switch device when it tries to intervene by

injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP client and server.

DNS

DNS is an acronym for Domain Name System. It stores and associates many types of information with domain

names. Most importantly, DNS translates human-friendly domain names and computer hostnames into

computer-friendly IP addresses. For example, the domain name www.example.com might translate to

192.168.0.1.

DoS

DoS is an acronym for Denial of Service. In a denial-of-service (DoS) attack, an attacker attempts to prevent

legitimate users from accessing information or services. By targeting at network sites or network connection, an

attacker may be able to prevent network users from accessing email, web sites, online accounts (banking, etc.), or

other services that rely on the affected computer.

Dotted Decimal Notation

Dotted Decimal Notation refers to a method of writing IP addresses using decimal numbers and dots as

separators between octets.

An IPv4 dotted decimal address has the form x.y.z.w, where x, y, z, and w are decimal numbers between 0 and

255.

http://192.168.131.99/help/glossary.htm#dhcp_relay

http://192.168.131.99/help/glossary.htm#dhcp_snooping



http://192.168.131.99/help/glossary.htm#dos

http://192.168.131.99/help/glossary.htm#dotted_decimal

129

Drop Precedence Level

Every incoming frame is classified to a Drop Precedence Level (DP level), which is used throughout the device for

providing congestion control guarantees to the frame according to what was configured for that specific DP level.

A DP level of 0 (zero) corresponds to 'Committed' (Green) frames and a DP level of 1 corresponds to 'Discard

Eligible' (Yellow) frames.

DSCP

DSCP is an acronym for Differentiated Services Code Point. It is a field in the header of IP packets for packet

classification purposes.

E

EEE

EEE is an abbreviation for Energy Efficient Ethernet defined in IEEE 802.3az.

EPS

EPS is an abbreviation for Ethernet Protection Switching defined in ITU/T G.8031.

Ethernet Type

Ethernet Type, or EtherType, is a field in the Ethernet MAC header, defined by the Ethernet networking standard.

It is used to indicate which protocol is being transported in an Ethernet frame.

F

FTP

FTP is an acronym for File Transfer Protocol. It is a transfer protocol that uses the Transmission Control Protocol

(TCP) and provides file writing and reading. It also provides directory service and security features.

Fast Leave

Multicast snooping Fast Leave processing allows the switch to remove an interface from the forwarding-table entry

without first sending out group specific queries to the interface. The VLAN interface is pruned from the multicast

tree for the multicast group specified in the original leave message. Fast-leave processing ensures optimal

bandwidth management for all hosts on a switched network, even when multiple multicast groups are in use

simultaneously. This processing applies to IGMP and MLD.

H

HTTP

HTTP is an acronym for Hypertext Transfer Protocol. It is a protocol that used to transfer or convey information on

the World Wide Web (WWW).

http://192.168.131.99/help/glossary.htm#dpl

http://192.168.131.99/help/glossary.htm#dscp


http://192.168.131.99/help/glossary.htm#EEE

http://192.168.131.99/help/glossary.htm#EPS


http://192.168.131.99/help/glossary.htm#ftp

http://192.168.131.99/help/glossary.htm#tcp

http://192.168.131.99/help/glossary.htm#igmp_fastleave

http://192.168.131.99/help/glossary.htm#http

130

HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should

take in response to various commands. For example, when you enter a URL in your browser, this actually sends

an HTTP command to the Web server directing it to fetch and transmit the requested Web page. The other main

standard that controls how the World Wide Web works is HTML, which covers how Web pages are formatted and

displayed.

Any Web server machine contains, in addition to the Web page files it can serve, an HTTP daemon, a program

that is designed to wait for HTTP requests and handle them when they arrive. The Web browser is an HTTP client,

sending requests to server machines. An HTTP client initiates a request by establishing a Transmission Control

Protocol (TCP) connection to a particular port on a remote host (port 80 by default). An HTTP server listening on

that port waits for the client to send a request message.

HTTPS

HTTPS is an acronym for Hypertext Transfer Protocol over Secure Socket Layer. It is used to indicate a secure

HTTP connection.

HTTPS provide authentication and encrypted communication and is widely used on the World Wide Web for

security-sensitive communication such as payment transactions and corporate logons.

HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular HTTP

application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.)

SSL uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of

encryption for commercial exchange.

I

ICMP

ICMP is an acronym for Internet Control Message Protocol. It is a protocol that generated the error response,

diagnostic or routing purposes. ICMP messages generally contain information about routing difficulties or simple

exchanges such as time-stamp or echo transactions. For example, the PING command uses ICMP to test an

Internet connection.

IEEE 802.1X

IEEE 802.1X is an IEEE standard for port-based Network Access Control. It provides authentication to devices

attached to a LAN port, establishing a point-to-point connection or preventing access from that port if

authentication fails. With 802.1X, access to all switch ports can be centrally controlled from a server, which means

that authorized users can use the same credentials for authentication from any point within the network.

IGMP


http://192.168.131.99/help/glossary.htm#https

http://192.168.131.99/help/glossary.htm#http



http://192.168.131.99/help/glossary.htm#icmp

http://192.168.131.99/help/glossary.htm#ping

http://192.168.131.99/help/glossary.htm#dot1x

131

IGMP is an acronym for Internet Group Management Protocol. It is a communications protocol used to manage

the membership of Internet Protocol multicast groups. IGMP is used by IP hosts and adjacent multicast routers to

establish multicast group memberships. It is an integral part of the IP multicast specification, like ICMP for unicast

connections. IGMP can be used for online video and gaming, and allows more efficient use of resources when

supporting these uses.

IGMP Querier

A router sends IGMP Query messages onto a particular link. This router is called the Querier.

IMAP

IMAP is an acronym for Internet Message Access Protocol. It is a protocol for email clients to retrieve email

messages from a mail server.

IMAP is the protocol that IMAP clients use to communicate with the servers, and SMTP is the protocol used to

transport mail to an IMAP server.

The current version of the Internet Message Access Protocol is IMAP4. It is similar to Post Office Protocol version

3 (POP3), but offers additional and more complex features. For example, the IMAP4 protocol leaves your email

messages on the server rather than downloading them to your computer. If you wish to remove your messages

from the server, you must use your mail client to generate local folders, copy messages to your local hard drive,

and then delete and expunge the messages from the server.

IP

IP is an acronym for Internet Protocol. It is a protocol used for communicating data across an internet network.

IP is a "best effort" system, which means that no packet of information sent over is assured to reach its destination

in the same condition it was sent. Each device connected to a Local Area Network (LAN) or Wide Area Network

(WAN) is given an Internet Protocol address, and this IP address is used to identify the device uniquely among all

other devices connected to the extended network.

The current version of the Internet protocol is IPv4, which has 32-bits Internet Protocol addresses allowing for in

excess of four billion unique addresses. This number is reduced drastically by the practice of webmasters taking

addresses in large blocks, the bulk of which remain unused. There is a rather substantial movement to adopt a

new version of the Internet Protocol, IPv6, which would have 128-bits Internet Protocol addresses. This number

can be represented roughly by a three with thirty-nine zeroes after it. However, IPv4 is still the protocol of choice

for most of the Internet.

IPMC

IPMC is an acronym for IPMultiCast.

http://192.168.131.99/help/glossary.htm#igmp

http://192.168.131.99/help/glossary.htm#imap

http://192.168.131.99/help/glossary.htm#smtp

http://192.168.131.99/help/glossary.htm#pop3


http://192.168.131.99/help/glossary.htm#ipmc

132

IPMC supports IPv4 and IPv6 multicasting. IPMCv4 denotes multicast for IPv4. IPMCv6 denotes multicast for

IPv6.

IP Source Guard

IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic

based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing

attacks when a host tries to spoof and use the IP address of another host.

L

LACP

LACP is an IEEE 802.3ad standard protocol. The Link Aggregation Control Protocol, allows bundling several

physical ports together to form a single logical port.

LLC

The IEEE 802.2 Logical Link Control (LLC) protocol provides a link mechanism for upper layer protocols. It is the

upper sub-layer of the Data Link Layer and provides multiplexing mechanisms that make it possible for several

network protocols (IP, IPX) to coexist within a multipoint network. LLC header consists of 1 byte DSAP

(Destination Service Access Point), 1 byte SSAP (Source Service Access Point), 1 or 2 bytes Control field

followed by LLC information.

LLDP

LLDP is an IEEE 802.1ab standard protocol.

The Link Layer Discovery Protocol(LLDP) specified in this standard allows stations attached to an IEEE 802 LAN

to advertise, to other stations attached to the same IEEE 802 LAN, the major capabilities provided by the system

incorporating that station, the management address or addresses of the entity or entities that provide

management of those capabilities, and the identification of the stations point of attachment to the IEEE 802 LAN

required by those management entity or entities. The information distributed via this protocol is stored by its

recipients in a standard Management Information Base (MIB), making it possible for the information to be

accessed by a Network Management System (NMS) using a management protocol such as the Simple Network

Management Protocol (SNMP).

LLDP-MED

LLDP-MED is an extendsion of IEEE 802.1ab and is defined by the telecommunication industry association

(TIA-1057).

LOC

LOC is an acronym for Loss Of Connectivity and is detected by a MEP and is indicating lost connectivity in the

network. Can be used as a switch criteria by EPS

http://192.168.131.99/help/glossary.htm#ip_source_guard

http://192.168.131.99/help/glossary.htm#LOC


http://192.168.131.99/help/glossary.htm#EPS

133

M

MAC Table

Switching of frames is based upon the DMAC address contained in the frame. The switch builds up a table that

maps MAC addresses to switch ports for knowing which ports the frames should go to ( based upon the DMAC

address in the frame ). This table contains both static and dynamic entries. The static entries are configured by the

network administrator if the administrator wants to do a fixed mapping between the DMAC address and switch

ports.

The frames also contain a MAC address ( SMAC address ), which shows the MAC address of the equipment

sending the frame. The SMAC address is used by the switch to automatically update the MAC table with these

dynamic MAC addresses. Dynamic entries are removed from the MAC table if no frame with the corresponding

SMAC address have been seen after a configurable age time.

MEP

MEP is an acronym for Maintenance Entity Endpoint and is an endpoint in a Maintenance Entity Group (ITU-T

Y.1731).

MD5

MD5 is an acronym for Message-Digest algorithm 5. MD5 is a message digest algorithm, used cryptographic hash

function with a 128-bit hash value. It was designed by Ron Rivest in 1991. MD5 is officially defined in RFC 1321 -

The MD5 Message-Digest Algorithm.

Mirroring

For debugging network problems or monitoring network traffic, the switch system can be configured to mirror

frames from multiple ports to a mirror port. (In this context, mirroring a frame is the same as copying the frame.)

Both incoming (source) and outgoing (destination) frames can be mirrored to the mirror port.

MLD

MLD is an acronym for Multicast Listener Discovery for IPv6. MLD is used by IPv6 routers to discover multicast

listeners on a directly attached link, much as IGMP is used in IPv4. The protocol is embedded in ICMPv6 instead

of using a separate protocol.

MVR

Multicast VLAN Registration (MVR) is a protocol for Layer 2 (IP)-networks that enables multicast-traffic from a

source VLAN to be shared with subscriber-VLANs.

http://192.168.131.99/help/glossary.htm#MAC_table


http://192.168.131.99/help/glossary.htm#md5

http://192.168.131.99/help/glossary.htm#mirroring

134

The main reason for using MVR is to save bandwidth by preventing duplicate multicast streams being sent in the

core network, instead the stream(s) are received on the MVR-VLAN and forwarded to the VLANs where hosts

have requested it/them(Wikipedia).

N

NAS

NAS is an acronym for Network Access Server. The NAS is meant to act as a gateway to guard access to a

protected source. A client connects to the NAS, and the NAS connects to another resource asking whether the

client's supplied credentials are valid. Based on the answer, the NAS then allows or disallows access to the

protected resource. An example of a NAS implementation is IEEE 802.1X.

NetBIOS

NetBIOS is an acronym for Network Basic Input/Output System. It is a program that allows applications on

separate computers to communicate within a Local Area Network (LAN), and it is not supported on a Wide Area

Network (WAN).

The NetBIOS giving each computer in the network both a NetBIOS name and an IP address corresponding to a

different host name, provides the session and transport services described in the Open Systems Interconnection

(OSI) model.

NFS

NFS is an acronym for Network File System. It allows hosts to mount partitions on a remote system and use them

as though they are local file systems.

NFS allows the system administrator to store resources in a central location on the network, providing authorized

users continuous access to them, which means NFS supports sharing of files, printers, and other resources as

persistent storage over a computer network.

NTP

NTP is an acronym for Network Time Protocol, a network protocol for synchronizing the clocks of computer

systems. NTP uses UDP (datagrams) as transport layer.

O

OAM

OAM is an acronym for Operation Administration and Maintenance.

http://192.168.131.99/help/glossary.htm#dot1x

http://192.168.131.99/help/glossary.htm#netbios


http://192.168.131.99/help/glossary.htm#nfs

http://192.168.131.99/help/glossary.htm#ntp

http://192.168.131.99/help/glossary.htm#udp


135

It is a protocol described in ITU-T Y.1731 used to implement carrier ethernet functionality. MEP functionality like

CC and RDI is based on this

Optional TLVs.

A LLDP frame contains multiple TLVs

For some TLVs it is configurable if the switch shall include the TLV in the LLDP frame. These TLVs are known as

optional TLVs. If an optional TLVs is disabled the corresponding information is not included in the LLDP frame.

OUI

OUI is the organizationally unique identifier. An OUI address is a globally unique identifier assigned to a vendor by

IEEE. You can determine which vendor a device belongs to according to the OUI address which forms the first 24

bits of a MAC address.

P

PCP

PCP is an acronym for Priority Code Point. It is a 3-bit field storing the priority level for the 802.1Q frame. It is also

known as User Priority.

PD

PD is an acronym for Powered Device. In a POE system the power is delivered from a PSE ( power sourcing

equipment ) to a remote device. The remote device is called a PD.

PHY

PHY is an abbreviation for Physical Interface Transceiver and is the device that implement the Ethernet physical

layer (IEEE-802.3).

PING

ping is a program that sends a series of packets over a network or the Internet to a specific computer in order to

generate a response from that computer. The other computer responds with an acknowledgment that it received

the packets. Ping was created to verify whether a specific computer on a network or the Internet exists and is

connected.

ping uses Internet Control Message Protocol (ICMP) packets. The PING Request is the packet from the origin

computer, and the PING Reply is the packet response from the target.

POE

POE is an acronym for Power Over Ethernet.



http://192.168.131.99/help/glossary.htm#RDI

http://192.168.131.99/help/glossary.htm#tlv






http://192.168.131.99/help/glossary.htm#oui

http://192.168.131.99/help/glossary.htm#PCP

http://192.168.131.99/help/glossary.htm#user_priority

http://192.168.131.99/help/glossary.htm#PD

http://192.168.131.99/help/glossary.htm#PoE

http://192.168.131.99/help/glossary.htm#PHY

http://192.168.131.99/help/glossary.htm#ping

http://192.168.131.99/help/glossary.htm#icmp

http://192.168.131.99/help/glossary.htm#poe

136

Power Over Ethernet is used to transmit electrical power, to remote devices over standard Ethernet cable. It could

for example be used for powering IP telephones, wireless LAN access points and other equipment, where it would

be difficult or expensive to connect the equipment to main power supply.

Policer

A policer can limit the bandwidth of received frames. It is located in front of the ingress queue.

POP3

POP3 is an acronym for Post Office Protocol version 3. It is a protocol for email clients to retrieve email messages

from a mail server.

POP3 is designed to delete mail on the server as soon as the user has downloaded it. However, some

implementations allow users or an administrator to specify that mail be saved for some period of time. POP can be

thought of as a "store-and-forward" service.

An alternative protocol is Internet Message Access Protocol (IMAP). IMAP provides the user with more

capabilities for retaining e-mail on the server and for organizing it in folders on the server. IMAP can be thought of

as a remote file server.

POP and IMAP deal with the receiving of e-mail and are not to be confused with the Simple Mail Transfer Protocol

(SMTP). You send e-mail with SMTP, and a mail handler receives it on your recipient's behalf. Then the mail is

read using POP or IMAP. IMAP4 and POP3 are the two most prevalent Internet standard protocols for e-mail

retrieval. Virtually all modern e-mail clients and servers support both.

PPPOE

PPPOE is an acronym for Point-to-Point Protocol over Ethernet.

It is a network protocol for encapsulating Point-to-Point Protocol (PPP) frames inside Ethernet frames. It is used

mainly with ADSL services where individual users connect to the ADSL transceiver (modem) over Ethernet and in

plain Metro Ethernet networks (Wikipedia).

Private VLAN

In a private VLAN, PVLANs provide layer 2 isolation between ports within the same broadcast domain. Isolated

ports configured as part of PVLAN cannot communicate with each other. Member ports of a PVLAN can

communicate with each other.

PTP

PTP is an acronym for Precision Time Protocol, a network protocol for synchronizing the clocks of computer

systems.

http://192.168.131.99/help/glossary.htm#policer

http://192.168.131.99/help/glossary.htm#pop3

http://192.168.131.99/help/glossary.htm#imap


http://192.168.131.99/help/glossary.htm#pppoe

http://192.168.131.99/help/glossary.htm#private_vlan

http://192.168.131.99/help/glossary.htm#ptp

137

Q

QCE

QCE is an acronym for QoS Control Entry. It describes QoS class associated with a particular QCE ID.

There are six QCE frame types: Ethernet Type, VLAN, UDP/TCP Port, DSCP, TOS, and Tag Priority. Frames can

be classified by one of 4 different QoS classes: "Low", "Normal", "Medium", and "High" for individual application.

QCL

QCL is an acronym for QoS Control List. It is the list table of QCEs, containing QoS control entries that classify to

a specific QoS class on specific traffic objects.

Each accessible traffic object contains an identifier to its QCL. The privileges determine specific traffic object to

specific QoS class.

QL

QL In SyncE this is the Quality Level of a given clock source. This is received on a port in a SSM indicating the

quality of the clock received in the port.

QoS

QoS is an acronym for Quality of Service. It is a method to guarantee a bandwidth relationship between individual

applications or protocols.

A communications network transports a multitude of applications and data, including high-quality video and

delay-sensitive data such as real-time voice. Networks must provide secure, predictable, measurable, and

sometimes guaranteed services.

Achieving the required QoS becomes the secret to a successful end-to-end business solution. Therefore, QoS is

the set of techniques to manage network resources.

QoS class

Every incoming frame is classified to a QoS class, which is used throughout the device for providing queuing,

scheduling and congestion control guarantees to the frame according to what was configured for that specific QoS

class. There is a one to one mapping between QoS class, queue and priority. A QoS class of 0 (zero) has the

lowest priority.

R

RARP

http://192.168.131.99/help/glossary.htm#qce

http://192.168.131.99/help/glossary.htm#qos


http://192.168.131.99/help/glossary.htm#vlan



http://192.168.131.99/help/glossary.htm#dscp

http://192.168.131.99/help/glossary.htm#tos

http://192.168.131.99/help/glossary.htm#tag_priority

http://192.168.131.99/help/glossary.htm#qcl

http://192.168.131.99/help/glossary.htm#qce


http://192.168.131.99/help/glossary.htm#QL

http://192.168.131.99/help/glossary.htm#SyncE

http://192.168.131.99/help/glossary.htm#SSM


http://192.168.131.99/help/glossary.htm#qos_class

138

RARP is an acronym for Reverse Address Resolution Protocol. It is a protocol that is used to obtain an IP address

for a given hardware address, such as an Ethernet address. RARP is the complement of ARP.

RADIUS

RADIUS is an acronym for Remote Authentication Dial In User Service. It is a networking protocol that provides

centralized access, authorization and accounting management for people or computers to connect and use a

network service.

RDI

RDI is an acronym for Remote Defect Indication. It is a OAM functionallity that is used by a MEP to indicate defect

detected to the remote peer MEP

Router Port

A router port is a port on the Ethernet switch that leads switch towards the Layer 3 multicast device.

RSTP

In 1998, the IEEE with document 802.1w introduced an evolution of STP: the Rapid Spanning Tree Protocol,

which provides for faster spanning tree convergence after a topology change. Standard IEEE 802.1D-2004 now

incorporates RSTP and obsoletes STP, while at the same time being backwards-compatible with STP.

S

SAMBA

Samba is a program running under UNIX-like operating systems that provides seamless integration between UNIX

and Microsoft Windows machines. Samba acts as file and print servers for Microsoft Windows, IBM OS/2, and

other SMB client machines. Samba uses the Server Message Block (SMB) protocol and Common Internet File

System (CIFS), which is the underlying protocol used in Microsoft Windows networking.

Samba can be installed on a variety of operating system platforms, including Linux, most common Unix platforms,

OpenVMS, and IBM OS/2.

Samba can also register itself with the master browser on the network so that it would appear in the listing of hosts

in Microsoft Windows "Neighborhood Network".

SHA

SHA is an acronym for Secure Hash Algorithm. It designed by the National Security Agency (NSA) and published

by the NIST as a U.S. Federal Information Processing Standard. Hash algorithms compute a fixed-length digital

representation (known as a message digest) of an input data sequence (the message) of any length.

Shaper

A shaper can limit the bandwidth of transmitted frames. It is located after the ingress queues.

http://192.168.131.99/help/glossary.htm#rarp



http://192.168.131.99/help/glossary.htm#radius

http://192.168.131.99/help/glossary.htm#RDI



http://192.168.131.99/help/glossary.htm#stp

http://192.168.131.99/help/glossary.htm#samba

http://192.168.131.99/help/glossary.htm#sha

http://192.168.131.99/help/glossary.htm#shaper

139

SMTP

SMTP is an acronym for Simple Mail Transfer Protocol. It is a text-based protocol that uses the Transmission

Control Protocol (TCP) and provides a mail service modeled on the FTP file transfer service. SMTP transfers mail

messages between systems and notifications regarding incoming mail.

SNAP

The SubNetwork Access Protocol (SNAP) is a mechanism for multiplexing, on networks using IEEE 802.2 LLC,

more protocols than can be distinguished by the 8-bit 802.2 Service Access Point (SAP) fields. SNAP supports

identifying protocols by Ethernet type field values; it also supports vendor-private protocol identifier.

SNMP

SNMP is an acronym for Simple Network Management Protocol. It is part of the Transmission Control

Protocol/Internet Protocol (TCP/IP) protocol for network management. SNMP allow diverse network objects to

participate in a network management architecture. It enables network management systems to learn network

problems by receiving traps or change notices from network devices implementing SNMP.

SNTP

SNTP is an acronym for Simple Network Time Protocol, a network protocol for synchronizing the clocks of

computer systems. SNTP uses UDP (datagrams) as transport layer.

SPROUT

Stack Protocol using ROUting Technology. An advanced protocol for almost instantaneous discovery of topology

changes within a stack as well as election of a master switch. SPROUT also calculates parameters for setting up

each switch to perform shortest path forwarding within the stack.

SSID

Service Set Identifier is a name used to identify the particular 802.11 wireless LANs to which a user wants to

attach. A client device will receive broadcast messages from all access points within range advertising their SSIDs,

and can choose one to connect to based on pre-configuration, or by displaying a list of SSIDs in range and asking

the user to select one (wikipedia).

SSH

SSH is an acronym for Secure SHell. It is a network protocol that allows data to be exchanged using a secure

channel between two networked devices. The encryption used by SSH provides confidentiality and integrity of

data over an insecure network. The goal of SSH was to replace the earlier rlogin, TELNET and rsh protocols,

which did not provide strong authentication or guarantee confidentiality (Wikipedia).

SSM

SSM In SyncE this is an abbreviation for Synchronization Status Message and is containing a QL indication.

STP




http://192.168.131.99/help/glossary.htm#snmp



http://192.168.131.99/help/glossary.htm#sntp


http://192.168.131.99/help/glossary.htm#sprout

http://192.168.131.99/help/glossary.htm#ssh

http://192.168.131.99/help/glossary.htm#telnet

http://192.168.131.99/help/glossary.htm#SSM


http://192.168.131.99/help/glossary.htm#QL

140

Spanning Tree Protocol is an OSI layer-2 protocol which ensures a loop free topology for any bridged LAN. The

original STP protocol is now obsolete by RSTP.

Switch ID

Switch IDs (1-16) are used to uniquely identify the switches within a stack. The Switch ID of each switch is shown

on the display on the front of the switch and is used widely in the web pages as well as in the CLI commands.

SyncE

SyncE Is an abbreviation for Synchronous Ethernet. This functionality is used to make a network 'clock frequency'

synchronized. Not to be confused with real time clock synchronized (IEEE 1588).

sFlow

sFlow is an acronym for sample Flow. This protocol is used to monitor the sampled traffic on the switch.The sFlow

Agent configures the sampling rate at which the samples have to collected. The sFlow collector is configured to

send the sample data to the external traffic monitoring application.

T

TACACS+

TACACS+ is an acronym for Terminal Acess Controller Access Control System Plus. It is a networking protocol

which provides access control for routers, network access servers and other networked computing devices via

one or more centralized servers. TACACS+ provides separate authentication, authorization and accounting

services.

Tag Priority

Tag Priority is a 3-bit field storing the priority level for the 802.1Q frame.

TCP

TCP is an acronym for Transmission Control Protocol. It is a communications protocol that uses the Internet

Protocol (IP) to exchange the messages between computers.

The TCP protocol guarantees reliable and in-order delivery of data from sender to receiver and distinguishes data

for multiple connections by concurrent applications (for example, Web server and e-mail server) running on the

same host.

The applications on networked hosts can use TCP to create connections to one another. It is known as a

connection-oriented protocol, which means that a connection is established and maintained until such time as the

message or messages to be exchanged by the application programs at each end have been exchanged. TCP is

responsible for ensuring that a message is divided into the packets that IP manages and for reassembling the

packets back into the complete message at the other end.

http://192.168.131.99/help/glossary.htm#rstp

http://192.168.131.99/help/glossary.htm#switch_id


http://192.168.131.99/help/glossary.htm#sFlow

http://192.168.131.99/help/glossary.htm#tacplus

http://192.168.131.99/help/glossary.htm#tag_priority



141

Common network applications that use TCP include the World Wide Web (WWW), e-mail, and File Transfer

Protocol (FTP).

TELNET

TELNET is an acronym for TELetype NETwork. It is a terminal emulation protocol that uses the Transmission

Control Protocol (TCP) and provides a virtual connection between TELNET server and TELNET client.

TELNET enables the client to control the server and communicate with other servers on the network. To start a

Telnet session, the client user must log in to a server by entering a valid username and password. Then, the client

user can enter commands through the Telnet program just as if they were entering commands directly on the

server console.

TFTP

TFTP is an acronym for Trivial File Transfer Protocol. It is transfer protocol that uses the User Datagram Protocol

(UDP) and provides file writing and reading, but it does not provide directory service and security features.

ToS

ToS is an acronym for Type of Service. It is implemented as the IPv4 ToS priority control. It is fully decoded to

determine the priority from the 6-bit ToS field in the IP header. The most significant 6 bits of the ToS field are fully

decoded into 64 possibilities, and the singular code that results is compared against the corresponding bit in the

IPv4 ToS priority control bit (0~63).

TLV

TLV is an acronym for Type Length Value. A LLDP frame can contain multiple pieces of information. Each of these

pieces of information is known as TLV.

TKIP

TKIP is an acronym for Temporal Key Integrity Protocol. It used in WPA to replace WEP with a new encryption

algorithm. TKIP comprises the same encryption engine and RC4 algorithm defined for WEP. The key used for

encryption in TKIP is 128 bits and changes the key used for each packet.

U

UDP

UDP is an acronym for User Datagram Protocol. It is a communications protocol that uses the Internet Protocol (IP)

to exchange the messages between computers.

UDP is an alternative to the Transmission Control Protocol (TCP) that uses the Internet Protocol (IP). Unlike TCP,

UDP does not provide the service of dividing a message into packet datagrams, and UDP doesn't provide

reassembling and sequencing of the packets. This means that the application program that uses UDP must be


http://192.168.131.99/help/glossary.htm#telnet


http://192.168.131.99/help/glossary.htm#tftp


http://192.168.131.99/help/glossary.htm#tos



http://192.168.131.99/help/glossary.htm#tkip




142

able to make sure that the entire message has arrived and is in the right order. Network applications that want to

save processing time because they have very small data units to exchange may prefer UDP to TCP.

UDP provides two services not provided by the IP layer. It provides port numbers to help distinguish different user

requests and, optionally, a checksum capability to verify that the data arrived intact.

Common network applications that use UDP include the Domain Name System (DNS), streaming media

applications such as IPTV, Voice over IP (VoIP), and Trivial File Transfer Protocol (TFTP).

UPnP

UPnP is an acronym for Universal Plug and Play. The goals of UPnP are to allow devices to connect seamlessly

and to simplify the implementation of networks in the home (data sharing, communications, and entertainment)

and in corporate environments for simplified installation of computer components

User Priority

User Priority is a 3-bit field storing the priority level for the 802.1Q frame. It is also known as PCP.

V

VLAN

Virtual LAN. A method to restrict communication between switch ports. VLANs can be used for the following

applications:

VLAN unaware switching: This is the default configuration. All ports are VLAN unaware with Port VLAN ID 1 and

members of VLAN 1. This means that MAC addresses are learned in VLAN 1, and the switch does not remove or

insert VLAN tags.

VLAN aware switching: This is based on the IEEE 802.1Q standard. All ports are VLAN aware. Ports connected

to VLAN aware switches are members of multiple VLANs and transmit tagged frames. Other ports are members of

one VLAN, set up with this Port VLAN ID, and transmit untagged frames.

Provider switching: This is also known as Q-in-Q switching. Ports connected to subscribers are VLAN unaware,

members of one VLAN, and set up with this unique Port VLAN ID. Ports connected to the service provider are

VLAN aware, members of multiple VLANs, and set up to tag all frames. Untagged frames received on a subscriber

port are forwarded to the provider port with a single VLAN tag. Tagged frames received on a subscriber port are

forwarded to the provider port with a double VLAN tag.

VLAN ID

VLAN ID is a 12-bit field specifying the VLAN to which the frame belongs.

Voice VLAN


http://192.168.131.99/help/glossary.htm#tftp

http://192.168.131.99/help/glossary.htm#upnp

http://192.168.131.99/help/glossary.htm#user_priority

http://192.168.131.99/help/glossary.htm#PCP


http://192.168.131.99/help/glossary.htm#vlan_id

http://192.168.131.99/help/glossary.htm#vlan_id


143

Voice VLAN is VLAN configured specially for voice traffic. By adding the ports with voice devices attached to voice

VLAN, we can perform QoS-related configuration for voice data, ensuring the transmission priority of voice traffic

and voice quality.

W

WEP

WEP is an acronym for Wired Equivalent Privacy. WEP is a deprecated algorithm to secure IEEE 802.11 wireless

networks. Wireless networks broadcast messages using radio, so are more susceptible to eavesdropping than

wired networks. When introduced in 1999, WEP was intended to provide confidentiality comparable to that of a

traditional wired network (Wikipedia).

WiFi

WiFi is an acronym for Wireless Fidelity. It is meant to be used generically when referring of any type of 802.11

network, whether 802.11b, 802.11a, dual-band, etc. The term is promulgated by the Wi-Fi Alliance.

WPA

WPA is an acronym for Wi-Fi Protected Access. It was created in response to several serious weaknesses

researchers had found in the previous system , Wired Equivalent Privacy (WEP). WPA implements the majority of

the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i

was prepared. WPA is specifically designed to also work with pre-WPA wireless network interface cards (through

firmware upgrades), but not necessarily with first generation wireless access points. WPA2 implements the full

standard, but will not work with some older network cards (Wikipedia).

WPA-PSK

WPA-PSK is an acronym for Wi-Fi Protected Access - Pre Shared Key. WPA was designed to enhance the

security of wireless networks. There are two flavors of WPA: enterprise and personal. Enterprise is meant for use

with an IEEE 802.1X authentication server, which distributes different keys to each user. Personal WPA utilizes

less scalable 'pre-shared key' (PSK) mode, where every allowed computer is given the same passphrase. In PSK

mode, security depends on the strength and secrecy of the passphrase. The design of WPA is based on a Draft 3

of the IEEE 802.11i standard (Wikipedia)

WPA-Radius

WPA-Radius is an acronym for Wi-Fi Protected Access - Radius (802.1X authentication server). WPA was

designed to enhance the security of wireless networks. There are two flavors of WPA: enterprise and personal.

Enterprise is meant for use with an IEEE 802.1X authentication server, which distributes different keys to each

user. Personal WPA utilizes less scalable 'pre-shared key' (PSK) mode, where every allowed computer is given

the same passphrase. In PSK mode, security depends on the strength and secrecy of the passphrase. The design

of WPA is based on a Draft 3 of the IEEE 802.11i standard (Wikipedia)

WPS

http://192.168.131.99/help/glossary.htm#voice_vlan

http://192.168.131.99/help/glossary.htm#wep

http://192.168.131.99/help/glossary.htm#wifi

http://192.168.131.99/help/glossary.htm#wpa

http://192.168.131.99/help/glossary.htm#wpa_psk

http://192.168.131.99/help/glossary.htm#wpa_radius

144

WPS is an acronym for Wi-Fi Protected Setup. It is a standard for easy and secure establishment of a wireless

home network. The goal of the WPS protocol is to simplify the process of connecting any home device to the

wireless network (Wikipedia).

WRED

WRED is an acronym for Weighted Random Early Detection. It is an active queue management mechanism that

provides preferential treatment of higher priority frames when traffic builds up within a queue. A frame's DP level is

used as input to WRED. A higher DP level assigned to a frame results in a higher probability that the frame is

dropped during times of congestion.

WTR

WTR is an acronym for Wait To Restore. This is the time a fail on a resource has to be 'not active' before

restoration back to this (previously failing) resource is done.

http://192.168.131.99/help/glossary.htm#wpa_psk

http://192.168.131.99/help/glossary.htm#WRED

http://192.168.131.99/help/glossary.htm#dpl

http://192.168.131.99/help/glossary.htm#WTR

gm28p-500 user manual

Documents