TL-SL5428E 24-Port 10/100Mbps + 4-Port Gigabit JetStream L2 Managed Switch REV1.4.0 1910010915
Package Contents The following items should be found in your box: One TL-SL5428E switch One power cord One console cable Two mounting bra
LAG: Displays the LAG number which the port belongs to. Note: 1. Configure the ports connected directly to terminals as edge ports and enable the B
Figure 7-8 Instance Config The following entries are displayed on this screen: Instance Table Instance ID Select: Click the Select button to qui
Note: In a network with both GVRP and MSTP enabled, GVRP packets are forwarded along the CIST. If you want to broadcast packets of a specific VLAN th
Priority: Enter the priority of the port in the instance. It is an important criterion on determining if the port connected to this port will be cho
Loop Protect In a stable network, a switch maintains the states of ports by receiving and processing BPDU packets from the upstream switch. Howeve
With BPDU filter function enabled, a port does not receive or forward BPDUs, but it sends out its own BPDUs. Such a mechanism prevents the switch fro
7.4.2 TC Protect When TC Protect is enabled for the port on Port Protect page, the TC threshold and TC protect cycle need to be configured on this pa
Configuration Procedure Configure switch A: Step Operation Description 1 Configure ports On VLAN→802.1Q VLAN page, configure the link type
Configure switch C: Step Operation Description 1 Configure ports On VLAN→802.1Q VLAN page, configure the link type of the related ports as Trun
The configuration procedure for switch E and F is the same with that for switch D. The topology diagram of the two instances after the topolo
Chapter 1 About This Guide This User Guide contains information for setup and management of TL-SL5428E switch. Please read this guide carefully befo
Chapter 8 Multicast Multicast Overview In the network, packets are sent in three modes: unicast, broadcast and multicast. In unicast, the source
Multicast Address 1. Multicast IP Address: As specified by IANA (Internet Assigned Numbers Authority), Class D IP addresses are used as destinatio
IGMP Snooping In the network, the hosts apply to the near Router for joining (leaving) a multicast group by sending IGMP (Internet Group Managemen
3. IGMP Leave Message The host, running IGMPv1, does not send IGMP leave message when leaving a multicast group, as a result, the switch can not get
Figure 8-4 Basic Config The following entries are displayed on this screen: Global Config IGMP Snooping: Select Enable/Disable IGMP Snooping fun
Figure 8-5 Port Config The following entries are displayed on this screen: Port Config Port Select: Click the Select button to quick-select the
Figure 8-6 VLAN Config The following entries are displayed on this screen: VLAN Config VLAN ID: Enter the VLAN ID to enable IGMP Snooping for th
Router Ports: Displays the router port of the VLAN. Note: The settings here will be invalid when multicast VLAN is enabled Configuration procedure:
The following entries are displayed on this screen: Multicast VLAN Multicast VLAN: Select Enable/Disable Multicast VLAN feature. VLAN ID: Enter
Step Operation Description 3 Configure parameters for multicast VLAN Optional. Enable and configure a multicast VLAN on the Multicast→IGMP Snooping
Chapter Introduction Chapter 4 System This module is used to configure system properties of the switch. Here mainly introduces: System Info: Con
Step Operation Description 2 Configure ports On VLAN→802.1Q VLAN function pages. For port 3, configure its link type as GENERAL and its egress rul
The following entries are displayed on this screen: Search Option Multicast IP: Enter the multicast IP address the desired entry must carry. VLAN
The following entries are displayed on this screen: Create Static Multicast Multicast IP: Enter static multicast IP address. VLAN ID: Enter the
Figure 8-10 Multicast Filter The following entries are displayed on this screen: Create IP-Range IP Range ID: Enter the IP-range ID. Start Multi
Figure 8-11 Port Filter The following entries are displayed on this screen: Port Filter Config Port Select: Click the Select button to quick-sel
Configuration Procedure: Step Operation Description 1 Configure IP-Range Required. Configure IP-Range to be filtered on Multicast→Multicast Filter
Port: Displays the port number of the switch. Query Packet: Displays the number of query packets the port received. Report Packet (V1): Displays t
Query Interval: Enter the time interval of sending a general query frame by IGMP Snooping Querier. Max Response Time: Enter the maximal time for the
Chapter 9 QoS QoS (Quality of Service) functions to provide different quality of service for various network applications and requirements and optim
2. 802.1P Priority Figure 9-2 802.1Q frame As shown in the figure above, each 802.1Q Tag has a Pri field, comprising 3 bits. The 3-bit priority fie
Chapter Introduction Chapter 8 Multicast This module is used to configure multicast function of the switch. Here mainly introduces: IGMP Snoopin
Figure 9-4 SP-Mode 2. WRR-Mode: Weight Round Robin Mode. In this mode, packets in all the queues are sent in order based on the weight value for ea
9.1 DiffServ This switch classifies the ingress packets, maps the packets to different priority queues and then forwards the packets according to sp
Configuration Procedure: Step Operation Description 1 Select the port priority Required. On QoS→DiffServ→Port Priority page, configure the port
Priority Level DSCP: Indicates the priority determined by the DS region of IP datagram. It ranges from 0 to 63. Priority Level: Indicates the
The following entries are displayed on this screen: 802.1P Priority Config 802.1P Priority: Select Enable/Disable 802.1P Priority. Priority an
WRR-Mode: Weight Round Robin Mode. In this mode, packets in all the queues are sent in order based on the weight value for each queue. The weight va
The following entries are displayed on this screen: Rate Limit Config Port Select: Click the Select button to quick-select the corresponding port
Figure 9-11 Storm Control The following entries are displayed on this screen: Storm Control Config Port Select: Click the Select button to quick
9.3 Voice VLAN Voice VLANs are configured specially for voice data stream. By configuring Voice VLANs and adding the ports with voice devices attach
Port Voice VLAN Mode Voice Stream Type Link type of the port and processing mode ACCESS: Not supported. TRUNK: Supported. The default VLAN of the p
Chapter Introduction Chapter 12 SNMP This module is used to configure SNMP function to provide a management frame to monitor and maintain the netwo
Note: Don’t transmit voice stream together with other business packets in the voice VLAN except for some special requirements. The Voice VLAN functio
Figure 9-13 Port Config Note: To enable voice VLAN function for the LAG member port, please ensure its member state accords with its port mode. If a
LAG: Displays the LAG number which the port belongs to. 9.3.3 OUI Config The switch supports OUI creation and adds the MAC address of the special vo
the port configure the link type of ports of the voice device. Step Operation Description 2 Create VLAN Required. On VLAN→802.1Q VLAN→Port Confi
Chapter 10 ACL ACL (Access Control List) is used to filter packets by configuring match rules and process policies of packets in order to control th
10.1.2 Time-Range Create On this page you can create time-ranges. Choose the menu ACL→Time-Range→Time-Range Create to load the following page. Figu
10.1.3 Holiday Config Holiday mode is applied as a different secured access control policy from the week mode. On this page you can define holidays
Choose the menu ACL→ACL Config→ACL Summary to load the following page. Figure 10-4 ACL Summary The following entries are displayed on this screen:
Choose the menu ACL→ACL Config→MAC ACL to load the following page. Figure10-6 Create MAC Rule The following entries are displayed on this screen:
Figure10-7 Create Standard-IP Rule The following entries are displayed on this screen: Create Standard-IP Rule ACL ID: Select the desired Standa
Chapter 2 Introduction Thanks for choosing the TL-SL5428E 24-Port 10/100Mbps + 4-Port Gigabit JetStream L2 Managed Switch! 2.1 Overview of the Swit
Figure10-8 Create Extend-IP Rule The following entries are displayed on this screen: Create Extend-IP Rule ACL ID: Select the desired Extend-IP
S-Port: Configure TCP/IP source port contained in the rule when TCP/UDP is selected from the pull-down list of IP Protocol. D-Port: Configure TCP/I
Operation: Click the Edit button to modify the action. 10.3.2 Policy Create On this page you can create the policy. Choose the menu ACL→Policy Conf
S-Mirror: Select S-Mirror to mirror the data packets in the policy to the specific port. S-Condition: Select S-Condition to limit the transmission
Policy Bind Table Select: Select the desired entry to delete the corresponding binding policy.Index: Displays the index of the binding policy. P
Figure10-14 Bind the policy to the VLAN The following entries are displayed on this screen: VLAN-Bind Config Policy Name: Select the name of
Network Diagram Configuration Procedure Step Operation Description 1 Configure Time-range On ACL→Time-Range page, create a time-range name
Step Operation Description 3 Configure for requirement 2 and 4 On ACL→ACL Config→ACL Create page, create ACL 100. On ACL→ACL Config→Standard-IP A
Chapter 11 Network Security Network Security module is to provide the multiple protection measures for the network security, including five submenus
The following entries are displayed on this screen: Search Option Source: Select a Source from the pull-down list and click the Searchbutton to v
Manageability + IP Clustering provides high scalability and easy Single-IP-Management. + Supports Telnet, CLI, SNMP v1/v2c/v3, RMON and web access
Figure 11-2 Manual Binding The following entries are displayed on this screen: Manual Binding Option Host Name: Enter the Host Name. IP Address:
address of the Host on Network layer. MAC address, the address of the Host on Data link layer, is necessary for the packet to reach the very device.
Figure 11-4 ARP Scanning The following entries are displayed on this screen: Scanning Option Start IP Address: Specify the Start IP Address. E
DHCP Working Principle DHCP works via the “Client/Server” communication mode. The Client applies to the Server for configuration. The Server assig
(2) DHCP-OFFER Stage: Upon receiving the DHCP-DISCOVER packet, the DHCP Server selects an IP address from the IP pool according to the assigning pri
Figure 11-7 DHCP Cheating Attack Implementation Procedure DHCP Snooping feature only allows the port connected to the DHCP Server as the trusted por
Figure 11-8 DHCP Snooping Note: If you want to enable the DHCP Snooping feature for the member port of LAG, please ensure the parameters of all the
Decline Flow Control: Select the value to specify the Decline Flow Control. The trafficflow of the corresponding port will be limited to be this val
ARP, such as imitating Gateway, cheating Gateway, cheating terminal Hosts and ARP Flooding Attack, frequently occur to the network, especially to the
Figure 11-10 ARP Attack – Cheating Gateway As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway, and then the
2.3.2 Rear Panel The rear panel of TL-SL5428E features a power socket and a Grounding Terminal (marked with). Figure 2-2 Rear Panel Grounding Ter
As the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then Host B will automatically update its ARP table after
ARP Flooding Attack The attacker broadcasts a mass of various fake ARP packets in a network segment to occupy the network bandwidth viciously, whi
Trusted Port Trusted Port: Select the port for which the ARP Detect function is unnecessaryas the Trusted Port. The specific ports, such as up-li
Figure 11-14 ARP Defend The following entries are displayed on this screen: ARP Defend Port Select: Click the Select button to quick-select the
Figure 11-15 ARP Statistics The following entries are displayed on this screen: Auto Refresh Auto Refresh: Enable/Disable the Auto Refresh featu
Figure 11-16 IP Source Guard The following entries are displayed on this screen: IP Source Guard Config Port Select: Click the Select button to
packets may incur a breakdown of the network. The switch can defend several types of DoS attack listed in the following table. DoS Attack Type Des
11.4.1 DoS Defend On this page, you can enable the DoS Defend type appropriate to your need. Choose the menu Network Security→DoS Defend→DoS Defend
Figure 11-18 DoS Detect The following entries are displayed on this screen: Detect Config Detect Time: Specify the detect time for each DoS atta
Figure 11-19 Architecture of 802.1X authentication (1) Supplicant System: The supplicant system is an entity in LAN and is authenticated by the aut
Chapter 3 Login to the Switch 3.1 Login 1) To access the configuration utility, open a web-browser and type in the default address http://192.168.0
can also launch an 802.1X client program to initiate an 802.1X authentication through the sending of an EAPOL-Start packet to the switch, This TP-L
6. The RADIUS server compares the received encrypted password (contained in a RADIUS Access-Request packet) with the locally-encrypted password. If t
the authentication request packet if the RADIUS server fails to respond in the specified timeout period. (3) Quiet-period timer (Quiet Period): This
The following entries are displayed on this screen: Global Config 802.1X: Enable/Disable the 802.1X function. Auth Method: Select the Authentica
Figure 11-23 Port Config The following entries are displayed on this screen: Port Config Port Select: Click the Select button to quick-select t
11.5.3 Radius Server RADIUS (Remote Authentication Dial-In User Service) server provides the authentication service for the switch via the stored
Note: 1. The 802.1X function takes effect only when it is enabled globally on the switch and for the port. 2. The 802.1X function can not be enable
Chapter 12 SNMP SNMP Overview SNMP (Simple Network Management Protocol) has gained the most extensive application on the UDP/IP networks. SNMP pr
failing to pass community name authentication are discarded. The community name can limit access to SNMP Agent from SNMP NMS, functioning as a passwo
SNMP module is used to configure the SNMP function of the switch, including three submenus: SNMP Config, Notification and RMON. 12.1 SNMP Config The
Figure 3-3 Main Setup-Menu Note: Clicking Apply can only make the new configurations effective before the switch is rebooted. If you want to keep th
12.1.2 SNMP View The OID (Object Identifier) of the SNMP packets is used to describe the managed objects of the switch, and the MIB (Management Info
Figure 12-5 SNMP Group The following entries are displayed on this screen: Group Config Group Name: Enter the SNMP Group name. The Group Name, S
Group Table Select: Select the desired entry to delete the corresponding group. It'smulti-optional. Group Name: Displays the Group Name her
User Type: Select the type for the User. Local User: Indicates that the user is connected to a local SNMP engine. Remote User: Indicates that
12.1.5 SNMP Community SNMP v1 and SNMP v2c adopt community name authentication. The community name can limit access to the SNMP agent from SNMP netw
Configuration Procedure: If SNMPv3 is employed, please take the following steps: Step Operation Description 1 Enable SNMP function globally. Re
12.2 Notification With the Notification function enabled, the switch can initiatively report to the management station about the important events tha
Type: Select the type for the notifications. Trap: Indicates traps are sent. Inform: Indicates informs are sent. The Inform type has a higher
RMON Group Function History Group After a history group is configured, the switch collects and records network statistics information periodically,
12.3.2 Event Config On this page, you can configure the RMON events. Choose the menu SNMP→RMON→Event Config to load the following page. Figure 12-1
COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other
Chapter 4 System The System module is mainly for system configuration of the switch, including four submenus: System Info, User Management, System T
Figure 12-11 Alarm Config The following entries are displayed on this screen: Alarm Table Select: Select the desired entry for configuration. In
Owner: Enter the name of the device or user that defined the entry. Status: Select Enable/Disable the corresponding alarm entry. Note: When alarm v
Chapter 13 LLDP LLDP (Link Layer Discovery Protocol) is a Layer 2 protocol that is used for network devices to advertise their own device informatio
Disable: the port cannot transmit or receive LLDPDUs. 2) LLDPDU transmission mechanism If the ports are working in TxRx or Tx mode, they will a
TLV Type TLV Name Description Usage in LLDPDU 3 Time To Live Indicates the number of seconds that the neighbor device is to regard the local infor
System Name TLV The System Name TLV allows network management to advertise the system's assigned name, which should be the system's fully
Figure 13-1 Global Configuration The following entries are displayed on this screen: Global Config LLDP: Enable/disable LLDP function globally.
Figure 13-2 Port Configuration The following entries are displayed on this screen: LLDP Port Config Port Select: Select the desired port to conf
Figure 13-3 Local Information The following entries are displayed on this screen: Auto Refresh Auto Refresh: Enable/Disable the auto refresh fu
The following entries are displayed on this screen: Auto Refresh Auto Refresh: Enable/Disable the auto refresh function. Refresh Rate: Specify t
Indicates the 1000Mbps port is at the speed of 10Mbps or 100Mbps. Indicates the SFP port is not connected to a device. Indicates the SFP port is a
Figure 13-5 Device Statistics The following entries are displayed on this screen: Auto Refresh Auto Refresh: Enable/Disable the auto refresh fun
Receive Total: Displays the number of LLDPDUs received by this port. Discards: Displays the number of LLDPDUs discarded by this port. Errors: Di
Chapter 14 Cluster With the development of network technology, the network scale is getting larger and more network devices are required, which may
The commander switch discovers and determines candidate switches by collecting related information. After being added to the cluster, the candi
Neighbor Search Option: Select the information the desired entry should contain and then click the Search button to display the desired entry in
The following entries are displayed on this screen: Global Config NDP: Displays the global NDP status (enabled or disabled) for the switch. Aging
Figure 14-4 NDP Config The following entries are displayed on this screen: Global Config NDP: Select Enable/Disable NDP function globally. Aging
14.2 NTDP NTDP (Neighbor Topology Discovery Protocol)is used for the commander switch to collect NDP information. NTDP transmits and forwards NTDP to
Neighbor Info: Click the Detail button to view the complete information of this device and its neighbors. Collect Topology: Click the Collect Topol
Figure 14-7 NTDP Summary The following entries are displayed on this screen: Global Config NTDP: Displays the NTDP status (enabled or disabled)
4.1.2 Device Description On this page you can configure the description of the switch, including device name, device location and system contact. Cho
Figure 14-8 NTDP Config The following entries are displayed on this screen: Global Config NTDP: Select Enable/Disable NTDP for the switch globa
NTDP: Displays NTDP status (enabled or disabled) of the current port. Enable: Click the Enable button to enable NTDP feature for the port you selec
For a commander switch,the following page is displayed: Figure 14-10 Cluster Summary for Commander Switch The following entries are displayed on
Hops: Displays the hop count from the member switch to the commander switch. For a member switch, the following page is displayed: Figure 14-11
For a candidate switch, the following page is displayed. Figure 14-13 Cluster Configuration for Candidate Switch The following entries are displa
Current Role Role: Displays the role the current switch plays in the cluster. Role Change Candidate: Select this option to change the role of
The following entries are displayed on this screen: Current Role Role: Displays the role the current switch plays in the cluster. Role Change
14.3.4 Cluster Topology On this page you can see the whole cluster topology. Click the node switch to directly log on to the corresponding Web manag
If the switch is a commander switch in the cluster, please take the following steps. Step Operation Description 1 Enable the NDP function globa
14.4 Batch Management The Batch Management function allows you to manage the switches in cluster. With a TFTP server set, you can backup the current
The following entries are displayed on this screen: Time Info Current System Date: Displays the current date and time of the switch. Current Time
Figure 14-20 Status The following entries are displayed on this screen: Status Select: Select the desired switch and click the cancel button to
The following entries are displayed on this screen: Create Time-Segment Name: Enter the name of the time-segment. Absolute: Select Absolute and
Chapter 15 Maintenance Maintenance module, assembling the commonly used system tools to manage the switch, provides the convenient method to locate
15.1.2 Memory Monitor Choose the menu Maintenance→System Monitor→Memory Monitor to load the following page. Figure 15-2 Memory Monitor Click the Mo
The Log function is implemented on the Log Table, Local Log, Remote Log and Backup Log pages. 15.2.1 Log Table The switch supports logs output to t
15.2.2 Local Log Local Log is the log information saved in switch. By default, all system logs are saved in log buffer and the logs with severities
Figure 15-5 Log Host The following entries are displayed on this screen: Log Host Index: Displays the index of the log host. The switch supports
Backup Log: Click the Backup Log button to save the log as a file to your computer. Note: It will take a few minutes to backup the log file. Please
4. If the port is 100Mbps and its connection status is normal, cable test can’t get the length of the cable. 15.3.2 Loopback Loopback test function
Choose the menu Maintenance→Network Diagnostics→Ping to load the following page. Figure 15-9 Ping The following entries are displayed on this screen
The following entries are displayed on this screen: DST Config DST Status: Enable or Disable DST. Predefined Mode: Select a predefined DST confi
Figure 15-10 Tracert The following entries are displayed on this screen: Tracert Config Destination IP: Enter the IP address of the destinatio
Chapter 16 System Maintenance via FTP The firmware can be downloaded to the switch via FTP function. FTP (File Transfer Protocol), a protocol in the
2) The Connection Description Window will prompt shown as Figure 16-3. Enter a name into the Name field and click OK. Figure 16-3 Connection Descrip
Figure 16-5 Port Settings 3. Download Firmware via bootrom menu To download firmware to the switch via FTP function, you need to enter into the boo
[TL-SL5428E]: ifconfig ip 10.10.70.22 mask 255.255.255.0 gateway 10.10.70.1 4) Configure the parameters of the FTP server which keeps the upgrade fir
Appendix A: Specifications IEEE802.3 10Base-T Ethernet IEEE802.3u 100Base-TX/100Base-FX Fast Ethernet IEEE802.3ab 1000Base-T Gigabit Ethernet IEEE802
Appendix B: Configuring the PCs In this section, we’ll introduce how to install and configure the TCP/IP correctly in Windows 2000. First make sure y
238 5) The following TCP/IP Properties window will display and the IP Address tab is open on this window by default. Figure B-3 6) Select Use the fo
Appendix C: 802.1X Client Software In 802.1X mechanism, the supplicant Client should be equipped with the corresponding client software complied with
Figure C-3 Welcome to the InstallShield Wizard 4. To continue, choose the destination location for the installation files and click Next on the fol
Figure 4-7 System IP The following entries are displayed on this screen: IP Config MAC Address: Displays MAC Address of the switch. IP Address M
Figure C-5 Install the Program 6. The InstallShield Wizard is installing TpSupplicant shown as the following screen. Please wait. Figure C-6 Setup
Figure C-7 InstallShield Wizard Complete Note: Please pay attention to the tips on the above screen. If you have not installed WinPcap 4.0.2 or the
2. Then the following screen will appear. If you want to stop the remove process, click Cancel. Figure C-9 Preparing Setup 3. On the continued scre
Figure C-12 TP-LINK 802.1X Client Enter the Name and the Password specified in the Authentication Server. The length of Name and Password should be
3. To continue, click Connect button after entering the Name and Password on Figure C-12. Then the following screen will appear to prompt that the Ra
246 A1: It’s because the supported DLL file is missing. You are suggested to go to http://www.winpcap.org to download WinPcap 4.0.2 or the higher ve
Appendix D: Glossary Access Control List (ACL) ACLs can limit network traffic and restrict access to certain users or devices by checking each packet
Generic Multicast Registration Protocol (GMRP) GMRP allows network devices to register end stations with multicast groups. GMRP requires that any par
Layer 2 Data Link layer in the ISO 7-Layer Data Communications Protocol. This is related directly to the hardware interface for network devices and p
250 Secure Shell (SSH) A secure replacement for remote access functions, including Telnet. SSH can authenticate users with a cryptographic key, and e
5. By default, the IP address is 192.168.0.1. 4.2 User Management User Management functions to configure the user name and password for users to lo
The following entries are displayed on this screen: User Info User Name: Create a name for users’ login. Access Level: Select the access level t
Figure 4-10 Config Restore The following entries are displayed on this screen: Config Restore Restore Config: Click the Restore Config button to
Note: It will take a few minutes to backup the configuration. Please wait without any operation. 4.3.3 Firmware Upgrade The switch system can be upgr
II Safety Information When product has power button, the power button is one of the way to shut off the product; When there is no power button,
4.3.5 System Reset On this page you can reset the switch to the default. All the settings will be cleared after the switch is reset. Choose the menu
Figure 4-15 Access Control The following entries are displayed on this screen: Access Control Config Control Mode: Select the control mode for u
Access User Number Number Control; Select Enable/Disable the Number Control function. Admin Number: Enter the maximum number of the users logging
The following entries are displayed on this screen: Global Config SSL: Select Enable/Disable the SSL function on the switch. Certificate Down
Figure 4-17 SSH Config The following entries are displayed on this screen: Global Config SSH: Select Enable/Disable SSH function. Protocol V1:
Application Example 1 for SSH: Network Requirements 1. Log on to the switch via password authentication using SSH and the SSH function is enabled
Note: 1. The key length is in the range of 256 to 3072 bits. 2. During the key generation, randomly moving the mouse quickly can accelerate the
3. On the Web management page of the switch, download the public key file saved in the computer to the switch. Note: 1. The key type should accor
29 After successful authentication, please enter the login user name. If you log on to the switch without entering password, it indicates that the ke
Chapter 5 Switching Switching module is used to configure the basic functions of the switch, including four submenus: Port, LAG, Traffic Monitor and
CONTENTS Package Contents...1
Status: Allows you to Enable/Disable the port. When Enable is selected, the port can forward the packets normally. Speed and Duplex: Select the S
The following entries are displayed on this screen. Mirroring Port Mirroring Port: Select a port from the pull-down list as the mirroring port. W
Figure 5-3 Port Security The following entries are displayed on this screen: Port Security Select: Select the desired port for Port Security con
5.1.4 Port Isolation Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward p
5.1.5 Loopback Detection With loopback detection feature enabled, the switch can detect loops using loopback detection packets. When a loop is detect
Port Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select th
If the LAG is needed, you are suggested to configure the LAG function here before configuring the other functions for the member ports. Tips: 1. Ca
Description: Displays the description of LAG. Member: Displays the LAG member. Operation: Allows you to view or modify the information for each LA
The following entries are displayed on this screen: LAG Config Group Number: Select a Group Number for the LAG. Description: Give a descriptio
Figure 5-9 LACP Config The following entries are displayed on this screen: Global Config System Priority: Specify the system priority for the sw
5.1.1 Port Config ...30 5.1.2 Port Mirror ...
Status: Enable/Disable the LACP feature for your selected port. LAG: Displays the LAG number which the port belongs to. 5.3 Traffic Monitor The Tr
Packets Tx: Displays the number of packets transmitted on the port. Octets Rx: Displays the number of octets received on the port. The error octe
Sent: Displays the details of the packets transmitted on the port. Broadcast: Displays the number of good broadcast packets received or transmitted
Type Configuration Way Aging outBeing kept after reboot (if the configuration is saved) Relationship between the bound MAC address and the port Sta
Type: Select the type of your desired entry. All: This option allows the address table to display all theaddress entries. Static: This option
The following entries are displayed on this screen: Create Static Address MAC Address: Enter the static MAC Address to be bound. VLAN ID: En
On this page, you can configure the dynamic MAC address entry. Choose the menu Switching→MAC Address→Dynamic Address to load the following page. Fig
Bind: Click the Bind button to bind the MAC address of your selected entryto the corresponding port statically. Tips: Setting aging time properly h
49 Filtering Address Table Select: Select the entry to delete the corresponding filtering address. It ismulti-optional. MAC Address: Displays
Chapter 6 VLAN The traditional Ethernet is a data network communication technology basing on CSMA/CD (Carrier Sense Multiple Access/Collision Detect
6.9.1 PVLAN Config...77 6.9.2 Port Config ...
6.1 802.1Q VLAN VLAN tags in the packets are necessary for the switch to identify packets of different VLANs. The switch works at the data link laye
PVID PVID (Port Vlan ID) is the default VID of the port. When the switch receives an un-VLAN-tagged packet, it will add a VLAN tag to the packet a
To ensure the normal communication of the factory switch, the default VLAN of all ports is set to VLAN1. The following entries are displayed on this
The following entries are displayed on this screen: VLAN Config VLAN ID: Enter the ID number of VLAN. Description: Give a description to the VLA
Figure 6-5 802.1Q VLAN – Port Config The following entries are displayed on this screen: VLAN Port Config Port Select: Click the Select button
Click the Detail button to view the information of the corresponding VLAN. Figure 6-6 View the Current VLAN of Port The following entries are displa
received port. Thus, the packet is assigned automatically to the corresponding VLAN for transmission. 2. When receiving tagged packet, the switch w
6.2.2 Port Enable On this page, you can enable the port for the MAC VLAN feature. Only the port is enabled, can the configured MAC VLAN take effect.
Protocol Type Type value IPX 0x8137 IS-IS 0x8000 LACP 0x8809 802.1X 0x888E Table 6-2 Protocol types in common use The packet in Protocol VLAN is pro
Protocol VLAN Table Select: Select the desired entry. It is multi-optional. Protocol: Displays the protocol template of the VLAN. Ether Type: D
9.2 Bandwidth Control ...126 9.2.1 Rate Limit...
6.3.3 Port Enable On this page, you can enable the port for the Protocol VLAN feature. Only the port is enabled, can the configured Protocol VLAN tak
Switch B is connecting to PC B and Server A; PC A and Server A is in the same VLAN; PC B and Server B is in the same VLAN; PCs in the two
6.5 Application Example for MAC VLAN Network Requirements Switch A and switch B are connected to meeting room A and meeting room B respectivel
Step Operation Description 4 Configure MAC VLAN 10 On VLAN→MAC VLAN→MAC VLAN page, create MAC VLAN10 with the MAC address as 00-19-56-8A-4C-71. 5
IP host, in VLAN10, is served by IP server while AppleTalk host is served by AppleTalk server; Switch B is connected to IP server and AppleTalk
Step Operation Description 4 Create Protocol Temp l ate Required. On VLAN→Protocol VLAN→Protocol Template page, configure the protocol template pr
Protocol type Value LACP 0x8809 802.1X 0x888E Table 6-3 Values of Ethernet frame protocol type in common use This VLAN VPN function is implemented o
Choose the menu VLAN→VLAN VPN→VLAN Mapping to load the following page. Figure 6-13 Create VLAN Mapping Entry The following entries are displayed on
Figure 6-14 Enable VLAN Mapping for Port Select your desired port for VLAN Mapping function. All the ports are disabled for VLAN Mapping function by
Step Operation Description 3 Create SP (Service Provider) VLAN Optional. On the VLAN→802.1Q VLAN page, create the SP VLAN. For the steps of creat
11.3 IP Source Guard ...165 11.4 DoS Defend ...
LeaveAll Timer: Once a GARP entity starts up, it starts the LeaveAll timer, and sends out a LeaveAll message after the timer times out, so that ot
Figure 6-15 GVRP Config Note: If the GVRP feature is enabled for a member port of LAG, please ensure all the member ports of this LAG are set to be
LeaveAll Timer: Once the LeaveAll Timer is set, the port with GVRP enabled can send a LeaveAll message after the timer times out, so that other GARP
Private VLAN technology is mainly used in campus or enterprise networks to achieve user layer-2-separation and to save VLAN resources of uplink devic
2) Port configuration and MAC address duplication should be synchronized on the switch. Port configuration synchronization is completed in the whole
MAC address duplication: After port configuration synchronization, packets from Secondary VLAN can be forwarded via the promiscuous port untagged,
The Private VLAN packet forwarding process (here we take traffic transmission for PC2) based on the figure above is illustrated as follows: 1) PC2 s
Figure 6-17 Create Private VLAN The following entries are displayed on this screen: Create Private VLAN Primary VLAN: Enter the ID number of the
Figure 6-18 Create and View Protocol Template The following entries are displayed on this screen: Port Config Port: Select the desired port for
Step Operation Description 4 Delete VLAN. Optional. On the VLAN→Private VLAN→PVLAN Config page, select the desired entry to delete the correspond
VI 14.3 Cluster ...212 14.3.1 Cl
Step Operation Description 2 Add Promiscuous port to Private VLANs Required. On the VLAN→Private VLAN→Port Config page, configure the port type of
Chapter 7 Spanning Tree STP (Spanning Tree Protocol), subject to IEEE 802.1D standard, is to disbranch a ring network in the Data Link layer in a lo
Figure 7-1 Basic STP diagram STP Timers Hello Time: Hello Time ranges from 1 to 10 seconds. It specifies the interval to send BPDU packets. It
Step Operation 1 If the priority of the BPDU received on the port is lower than that of the BPDU if of the port itself, the switch discards the BPD
point-to-point link, it can transit to forwarding state after getting response from the downstream switch through handshake. RSTP Elements Edge
Port States In an MSTP, ports can be in the following four states: Forwarding: In this status the port can receive/forward data, receive/send
Figure 7-4 STP Config The following entries are displayed on this screen: Global Config STP: Select Enable/Disable STP function globally on the
Note: 1. The forward delay parameter and the network diameter are correlated. A too small forward delay parameter may result in temporary loops. A t
Figure 7-5 STP Summary 7.2 Port Config On this page you can configure the parameters of the ports for CIST Choose the menu Spanning Tree→Port Confi
The following entries are displayed on this screen: Port Config Port Select: Click the Select button to quick-select the corresponding port base
Komentáře k této Příručce