TP-LINK TL-SL5428E V2 Uživatelská příručka

TL-SL5428E 24-Port 10/100Mbps + 4-Port Gigabit JetStream L2 Managed Switch REV1.4.0 1910010915

Package Contents The following items should be found in your box:  One TL-SL5428E switch  One power cord  One console cable  Two mounting bra

LAG: Displays the LAG number which the port belongs to. Note: 1. Configure the ports connected directly to terminals as edge ports and enable the B

Figure 7-8 Instance Config The following entries are displayed on this screen:  Instance Table Instance ID Select: Click the Select button to qui

Note: In a network with both GVRP and MSTP enabled, GVRP packets are forwarded along the CIST. If you want to broadcast packets of a specific VLAN th

Priority: Enter the priority of the port in the instance. It is an important criterion on determining if the port connected to this port will be cho

 Loop Protect In a stable network, a switch maintains the states of ports by receiving and processing BPDU packets from the upstream switch. Howeve

With BPDU filter function enabled, a port does not receive or forward BPDUs, but it sends out its own BPDUs. Such a mechanism prevents the switch fro

7.4.2 TC Protect When TC Protect is enabled for the port on Port Protect page, the TC threshold and TC protect cycle need to be configured on this pa

 Configuration Procedure  Configure switch A: Step Operation Description 1 Configure ports On VLAN→802.1Q VLAN page, configure the link type

 Configure switch C: Step Operation Description 1 Configure ports On VLAN→802.1Q VLAN page, configure the link type of the related ports as Trun

 The configuration procedure for switch E and F is the same with that for switch D.  The topology diagram of the two instances after the topolo

Chapter 1 About This Guide This User Guide contains information for setup and management of TL-SL5428E switch. Please read this guide carefully befo

Chapter 8 Multicast  Multicast Overview In the network, packets are sent in three modes: unicast, broadcast and multicast. In unicast, the source

 Multicast Address 1. Multicast IP Address: As specified by IANA (Internet Assigned Numbers Authority), Class D IP addresses are used as destinatio

 IGMP Snooping In the network, the hosts apply to the near Router for joining (leaving) a multicast group by sending IGMP (Internet Group Managemen

3. IGMP Leave Message The host, running IGMPv1, does not send IGMP leave message when leaving a multicast group, as a result, the switch can not get

Figure 8-4 Basic Config The following entries are displayed on this screen:  Global Config IGMP Snooping: Select Enable/Disable IGMP Snooping fun

Figure 8-5 Port Config The following entries are displayed on this screen:  Port Config Port Select: Click the Select button to quick-select the

Figure 8-6 VLAN Config The following entries are displayed on this screen:  VLAN Config VLAN ID: Enter the VLAN ID to enable IGMP Snooping for th

Router Ports: Displays the router port of the VLAN. Note: The settings here will be invalid when multicast VLAN is enabled Configuration procedure:

The following entries are displayed on this screen:  Multicast VLAN Multicast VLAN: Select Enable/Disable Multicast VLAN feature. VLAN ID: Enter

Step Operation Description 3 Configure parameters for multicast VLAN Optional. Enable and configure a multicast VLAN on the Multicast→IGMP Snooping

Chapter Introduction Chapter 4 System This module is used to configure system properties of the switch. Here mainly introduces:  System Info: Con

Step Operation Description 2 Configure ports On VLAN→802.1Q VLAN function pages. For port 3, configure its link type as GENERAL and its egress rul

The following entries are displayed on this screen:  Search Option Multicast IP: Enter the multicast IP address the desired entry must carry. VLAN

The following entries are displayed on this screen:  Create Static Multicast Multicast IP: Enter static multicast IP address. VLAN ID: Enter the

Figure 8-10 Multicast Filter The following entries are displayed on this screen:  Create IP-Range IP Range ID: Enter the IP-range ID. Start Multi

Figure 8-11 Port Filter The following entries are displayed on this screen:  Port Filter Config Port Select: Click the Select button to quick-sel

Configuration Procedure: Step Operation Description 1 Configure IP-Range Required. Configure IP-Range to be filtered on Multicast→Multicast Filter

Port: Displays the port number of the switch. Query Packet: Displays the number of query packets the port received. Report Packet (V1): Displays t

Query Interval: Enter the time interval of sending a general query frame by IGMP Snooping Querier. Max Response Time: Enter the maximal time for the

Chapter 9 QoS QoS (Quality of Service) functions to provide different quality of service for various network applications and requirements and optim

2. 802.1P Priority Figure 9-2 802.1Q frame As shown in the figure above, each 802.1Q Tag has a Pri field, comprising 3 bits. The 3-bit priority fie

Chapter Introduction Chapter 8 Multicast This module is used to configure multicast function of the switch. Here mainly introduces:  IGMP Snoopin

Figure 9-4 SP-Mode 2. WRR-Mode: Weight Round Robin Mode. In this mode, packets in all the queues are sent in order based on the weight value for ea

9.1 DiffServ This switch classifies the ingress packets, maps the packets to different priority queues and then forwards the packets according to sp

Configuration Procedure: Step Operation Description 1 Select the port priority Required. On QoS→DiffServ→Port Priority page, configure the port

 Priority Level DSCP: Indicates the priority determined by the DS region of IP datagram. It ranges from 0 to 63. Priority Level: Indicates the

The following entries are displayed on this screen:  802.1P Priority Config 802.1P Priority: Select Enable/Disable 802.1P Priority.  Priority an

WRR-Mode: Weight Round Robin Mode. In this mode, packets in all the queues are sent in order based on the weight value for each queue. The weight va

The following entries are displayed on this screen:  Rate Limit Config Port Select: Click the Select button to quick-select the corresponding port

Figure 9-11 Storm Control The following entries are displayed on this screen:  Storm Control Config Port Select: Click the Select button to quick

9.3 Voice VLAN Voice VLANs are configured specially for voice data stream. By configuring Voice VLANs and adding the ports with voice devices attach

Port Voice VLAN Mode Voice Stream Type Link type of the port and processing mode ACCESS: Not supported. TRUNK: Supported. The default VLAN of the p

Chapter Introduction Chapter 12 SNMP This module is used to configure SNMP function to provide a management frame to monitor and maintain the netwo

Note: Don’t transmit voice stream together with other business packets in the voice VLAN except for some special requirements. The Voice VLAN functio

Figure 9-13 Port Config Note: To enable voice VLAN function for the LAG member port, please ensure its member state accords with its port mode. If a

LAG: Displays the LAG number which the port belongs to. 9.3.3 OUI Config The switch supports OUI creation and adds the MAC address of the special vo

the port configure the link type of ports of the voice device. Step Operation Description 2 Create VLAN Required. On VLAN→802.1Q VLAN→Port Confi

Chapter 10 ACL ACL (Access Control List) is used to filter packets by configuring match rules and process policies of packets in order to control th

10.1.2 Time-Range Create On this page you can create time-ranges. Choose the menu ACL→Time-Range→Time-Range Create to load the following page. Figu

10.1.3 Holiday Config Holiday mode is applied as a different secured access control policy from the week mode. On this page you can define holidays

Choose the menu ACL→ACL Config→ACL Summary to load the following page. Figure 10-4 ACL Summary The following entries are displayed on this screen: 

Choose the menu ACL→ACL Config→MAC ACL to load the following page. Figure10-6 Create MAC Rule The following entries are displayed on this screen: 

Figure10-7 Create Standard-IP Rule The following entries are displayed on this screen:  Create Standard-IP Rule ACL ID: Select the desired Standa

Chapter 2 Introduction Thanks for choosing the TL-SL5428E 24-Port 10/100Mbps + 4-Port Gigabit JetStream L2 Managed Switch! 2.1 Overview of the Swit

Figure10-8 Create Extend-IP Rule The following entries are displayed on this screen:  Create Extend-IP Rule ACL ID: Select the desired Extend-IP

S-Port: Configure TCP/IP source port contained in the rule when TCP/UDP is selected from the pull-down list of IP Protocol. D-Port: Configure TCP/I

Operation: Click the Edit button to modify the action. 10.3.2 Policy Create On this page you can create the policy. Choose the menu ACL→Policy Conf

S-Mirror: Select S-Mirror to mirror the data packets in the policy to the specific port. S-Condition: Select S-Condition to limit the transmission

 Policy Bind Table Select: Select the desired entry to delete the corresponding binding policy.Index: Displays the index of the binding policy. P

Figure10-14 Bind the policy to the VLAN The following entries are displayed on this screen:  VLAN-Bind Config Policy Name: Select the name of

 Network Diagram  Configuration Procedure Step Operation Description 1 Configure Time-range On ACL→Time-Range page, create a time-range name

Step Operation Description 3 Configure for requirement 2 and 4 On ACL→ACL Config→ACL Create page, create ACL 100. On ACL→ACL Config→Standard-IP A

Chapter 11 Network Security Network Security module is to provide the multiple protection measures for the network security, including five submenus

The following entries are displayed on this screen:  Search Option Source: Select a Source from the pull-down list and click the Searchbutton to v

 Manageability + IP Clustering provides high scalability and easy Single-IP-Management. + Supports Telnet, CLI, SNMP v1/v2c/v3, RMON and web access

Figure 11-2 Manual Binding The following entries are displayed on this screen:  Manual Binding Option Host Name: Enter the Host Name. IP Address:

address of the Host on Network layer. MAC address, the address of the Host on Data link layer, is necessary for the packet to reach the very device.

Figure 11-4 ARP Scanning The following entries are displayed on this screen:  Scanning Option Start IP Address: Specify the Start IP Address. E

 DHCP Working Principle DHCP works via the “Client/Server” communication mode. The Client applies to the Server for configuration. The Server assig

（2） DHCP-OFFER Stage: Upon receiving the DHCP-DISCOVER packet, the DHCP Server selects an IP address from the IP pool according to the assigning pri

Figure 11-7 DHCP Cheating Attack Implementation Procedure DHCP Snooping feature only allows the port connected to the DHCP Server as the trusted por

Figure 11-8 DHCP Snooping Note: If you want to enable the DHCP Snooping feature for the member port of LAG, please ensure the parameters of all the

Decline Flow Control: Select the value to specify the Decline Flow Control. The trafficflow of the corresponding port will be limited to be this val

ARP, such as imitating Gateway, cheating Gateway, cheating terminal Hosts and ARP Flooding Attack, frequently occur to the network, especially to the

Figure 11-10 ARP Attack – Cheating Gateway As the above figure shown, the attacker sends the fake ARP packets of Host A to the Gateway, and then the

2.3.2 Rear Panel The rear panel of TL-SL5428E features a power socket and a Grounding Terminal (marked with). Figure 2-2 Rear Panel  Grounding Ter

As the above figure shown, the attacker sends the fake ARP packets of Host A to Host B, and then Host B will automatically update its ARP table after

 ARP Flooding Attack The attacker broadcasts a mass of various fake ARP packets in a network segment to occupy the network bandwidth viciously, whi

 Trusted Port Trusted Port: Select the port for which the ARP Detect function is unnecessaryas the Trusted Port. The specific ports, such as up-li

Figure 11-14 ARP Defend The following entries are displayed on this screen:  ARP Defend Port Select: Click the Select button to quick-select the

Figure 11-15 ARP Statistics The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the Auto Refresh featu

Figure 11-16 IP Source Guard The following entries are displayed on this screen:  IP Source Guard Config Port Select: Click the Select button to

packets may incur a breakdown of the network. The switch can defend several types of DoS attack listed in the following table. DoS Attack Type Des

11.4.1 DoS Defend On this page, you can enable the DoS Defend type appropriate to your need. Choose the menu Network Security→DoS Defend→DoS Defend

Figure 11-18 DoS Detect The following entries are displayed on this screen:  Detect Config Detect Time: Specify the detect time for each DoS atta

Figure 11-19 Architecture of 802.1X authentication （1） Supplicant System: The supplicant system is an entity in LAN and is authenticated by the aut

Chapter 3 Login to the Switch 3.1 Login 1) To access the configuration utility, open a web-browser and type in the default address http://192.168.0

can also launch an 802.1X client program to initiate an 802.1X authentication through the sending of an EAPOL-Start packet to the switch, This TP-L

6. The RADIUS server compares the received encrypted password (contained in a RADIUS Access-Request packet) with the locally-encrypted password. If t

the authentication request packet if the RADIUS server fails to respond in the specified timeout period. （3） Quiet-period timer (Quiet Period): This

The following entries are displayed on this screen:  Global Config 802.1X: Enable/Disable the 802.1X function. Auth Method: Select the Authentica

Figure 11-23 Port Config The following entries are displayed on this screen:  Port Config Port Select: Click the Select button to quick-select t

11.5.3 Radius Server RADIUS (Remote Authentication Dial-In User Service) server provides the authentication service for the switch via the stored

Note: 1. The 802.1X function takes effect only when it is enabled globally on the switch and for the port. 2. The 802.1X function can not be enable

Chapter 12 SNMP  SNMP Overview SNMP (Simple Network Management Protocol) has gained the most extensive application on the UDP/IP networks. SNMP pr

failing to pass community name authentication are discarded. The community name can limit access to SNMP Agent from SNMP NMS, functioning as a passwo

SNMP module is used to configure the SNMP function of the switch, including three submenus: SNMP Config, Notification and RMON. 12.1 SNMP Config The

Figure 3-3 Main Setup-Menu Note: Clicking Apply can only make the new configurations effective before the switch is rebooted. If you want to keep th

12.1.2 SNMP View The OID (Object Identifier) of the SNMP packets is used to describe the managed objects of the switch, and the MIB (Management Info

Figure 12-5 SNMP Group The following entries are displayed on this screen:  Group Config Group Name: Enter the SNMP Group name. The Group Name, S

 Group Table Select: Select the desired entry to delete the corresponding group. It'smulti-optional. Group Name: Displays the Group Name her

User Type: Select the type for the User.  Local User: Indicates that the user is connected to a local SNMP engine.  Remote User: Indicates that

12.1.5 SNMP Community SNMP v1 and SNMP v2c adopt community name authentication. The community name can limit access to the SNMP agent from SNMP netw

Configuration Procedure:  If SNMPv3 is employed, please take the following steps: Step Operation Description 1 Enable SNMP function globally. Re

12.2 Notification With the Notification function enabled, the switch can initiatively report to the management station about the important events tha

Type: Select the type for the notifications.  Trap: Indicates traps are sent.  Inform: Indicates informs are sent. The Inform type has a higher

RMON Group Function History Group After a history group is configured, the switch collects and records network statistics information periodically,

12.3.2 Event Config On this page, you can configure the RMON events. Choose the menu SNMP→RMON→Event Config to load the following page. Figure 12-1

COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other

Chapter 4 System The System module is mainly for system configuration of the switch, including four submenus: System Info, User Management, System T

Figure 12-11 Alarm Config The following entries are displayed on this screen:  Alarm Table Select: Select the desired entry for configuration. In

Owner: Enter the name of the device or user that defined the entry. Status: Select Enable/Disable the corresponding alarm entry. Note: When alarm v

Chapter 13 LLDP LLDP (Link Layer Discovery Protocol) is a Layer 2 protocol that is used for network devices to advertise their own device informatio

 Disable: the port cannot transmit or receive LLDPDUs. 2) LLDPDU transmission mechanism  If the ports are working in TxRx or Tx mode, they will a

TLV Type TLV Name Description Usage in LLDPDU 3 Time To Live Indicates the number of seconds that the neighbor device is to regard the local infor

System Name TLV The System Name TLV allows network management to advertise the system's assigned name, which should be the system's fully

Figure 13-1 Global Configuration The following entries are displayed on this screen:  Global Config LLDP: Enable/disable LLDP function globally.

Figure 13-2 Port Configuration The following entries are displayed on this screen:  LLDP Port Config Port Select: Select the desired port to conf

Figure 13-3 Local Information The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the auto refresh fu

The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the auto refresh function. Refresh Rate: Specify t

Indicates the 1000Mbps port is at the speed of 10Mbps or 100Mbps. Indicates the SFP port is not connected to a device. Indicates the SFP port is a

Figure 13-5 Device Statistics The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the auto refresh fun

Receive Total: Displays the number of LLDPDUs received by this port. Discards: Displays the number of LLDPDUs discarded by this port. Errors: Di

Chapter 14 Cluster With the development of network technology, the network scale is getting larger and more network devices are required, which may

 The commander switch discovers and determines candidate switches by collecting related information.  After being added to the cluster, the candi

 Neighbor Search Option: Select the information the desired entry should contain and then click the Search button to display the desired entry in

The following entries are displayed on this screen:  Global Config NDP: Displays the global NDP status (enabled or disabled) for the switch. Aging

Figure 14-4 NDP Config The following entries are displayed on this screen:  Global Config NDP: Select Enable/Disable NDP function globally. Aging

14.2 NTDP NTDP (Neighbor Topology Discovery Protocol）is used for the commander switch to collect NDP information. NTDP transmits and forwards NTDP to

Neighbor Info: Click the Detail button to view the complete information of this device and its neighbors. Collect Topology: Click the Collect Topol

Figure 14-7 NTDP Summary The following entries are displayed on this screen:  Global Config NTDP: Displays the NTDP status (enabled or disabled)

4.1.2 Device Description On this page you can configure the description of the switch, including device name, device location and system contact. Cho

Figure 14-8 NTDP Config The following entries are displayed on this screen:  Global Config NTDP: Select Enable/Disable NTDP for the switch globa

NTDP: Displays NTDP status (enabled or disabled) of the current port. Enable: Click the Enable button to enable NTDP feature for the port you selec

 For a commander switch，the following page is displayed: Figure 14-10 Cluster Summary for Commander Switch The following entries are displayed on

Hops: Displays the hop count from the member switch to the commander switch.  For a member switch, the following page is displayed: Figure 14-11

 For a candidate switch, the following page is displayed. Figure 14-13 Cluster Configuration for Candidate Switch The following entries are displa

 Current Role Role: Displays the role the current switch plays in the cluster.  Role Change Candidate: Select this option to change the role of

The following entries are displayed on this screen:  Current Role Role: Displays the role the current switch plays in the cluster.  Role Change

14.3.4 Cluster Topology On this page you can see the whole cluster topology. Click the node switch to directly log on to the corresponding Web manag

 If the switch is a commander switch in the cluster, please take the following steps. Step Operation Description 1 Enable the NDP function globa

14.4 Batch Management The Batch Management function allows you to manage the switches in cluster. With a TFTP server set, you can backup the current

The following entries are displayed on this screen:  Time Info Current System Date: Displays the current date and time of the switch. Current Time

Figure 14-20 Status The following entries are displayed on this screen:  Status Select: Select the desired switch and click the cancel button to

The following entries are displayed on this screen:  Create Time-Segment Name: Enter the name of the time-segment. Absolute: Select Absolute and

Chapter 15 Maintenance Maintenance module, assembling the commonly used system tools to manage the switch, provides the convenient method to locate

15.1.2 Memory Monitor Choose the menu Maintenance→System Monitor→Memory Monitor to load the following page. Figure 15-2 Memory Monitor Click the Mo

The Log function is implemented on the Log Table, Local Log, Remote Log and Backup Log pages. 15.2.1 Log Table The switch supports logs output to t

15.2.2 Local Log Local Log is the log information saved in switch. By default, all system logs are saved in log buffer and the logs with severities

Figure 15-5 Log Host The following entries are displayed on this screen:  Log Host Index: Displays the index of the log host. The switch supports

Backup Log: Click the Backup Log button to save the log as a file to your computer. Note: It will take a few minutes to backup the log file. Please

4. If the port is 100Mbps and its connection status is normal, cable test can’t get the length of the cable. 15.3.2 Loopback Loopback test function

Choose the menu Maintenance→Network Diagnostics→Ping to load the following page. Figure 15-9 Ping The following entries are displayed on this screen

The following entries are displayed on this screen:  DST Config DST Status: Enable or Disable DST. Predefined Mode: Select a predefined DST confi

Figure 15-10 Tracert The following entries are displayed on this screen:  Tracert Config Destination IP: Enter the IP address of the destinatio

Chapter 16 System Maintenance via FTP The firmware can be downloaded to the switch via FTP function. FTP (File Transfer Protocol), a protocol in the

2） The Connection Description Window will prompt shown as Figure 16-3. Enter a name into the Name field and click OK. Figure 16-3 Connection Descrip

Figure 16-5 Port Settings 3. Download Firmware via bootrom menu To download firmware to the switch via FTP function, you need to enter into the boo

[TL-SL5428E]: ifconfig ip 10.10.70.22 mask 255.255.255.0 gateway 10.10.70.1 4） Configure the parameters of the FTP server which keeps the upgrade fir

Appendix A: Specifications IEEE802.3 10Base-T Ethernet IEEE802.3u 100Base-TX/100Base-FX Fast Ethernet IEEE802.3ab 1000Base-T Gigabit Ethernet IEEE802

Appendix B: Configuring the PCs In this section, we’ll introduce how to install and configure the TCP/IP correctly in Windows 2000. First make sure y

238 5) The following TCP/IP Properties window will display and the IP Address tab is open on this window by default. Figure B-3 6) Select Use the fo

Appendix C: 802.1X Client Software In 802.1X mechanism, the supplicant Client should be equipped with the corresponding client software complied with

Figure C-3 Welcome to the InstallShield Wizard 4. To continue, choose the destination location for the installation files and click Next on the fol

Figure 4-7 System IP The following entries are displayed on this screen:  IP Config MAC Address: Displays MAC Address of the switch. IP Address M

Figure C-5 Install the Program 6. The InstallShield Wizard is installing TpSupplicant shown as the following screen. Please wait. Figure C-6 Setup

Figure C-7 InstallShield Wizard Complete Note: Please pay attention to the tips on the above screen. If you have not installed WinPcap 4.0.2 or the

2. Then the following screen will appear. If you want to stop the remove process, click Cancel. Figure C-9 Preparing Setup 3. On the continued scre

Figure C-12 TP-LINK 802.1X Client Enter the Name and the Password specified in the Authentication Server. The length of Name and Password should be

3. To continue, click Connect button after entering the Name and Password on Figure C-12. Then the following screen will appear to prompt that the Ra

246 A1: It’s because the supported DLL file is missing. You are suggested to go to http://www.winpcap.org to download WinPcap 4.0.2 or the higher ve

Appendix D: Glossary Access Control List (ACL) ACLs can limit network traffic and restrict access to certain users or devices by checking each packet

Generic Multicast Registration Protocol (GMRP) GMRP allows network devices to register end stations with multicast groups. GMRP requires that any par

Layer 2 Data Link layer in the ISO 7-Layer Data Communications Protocol. This is related directly to the hardware interface for network devices and p

250 Secure Shell (SSH) A secure replacement for remote access functions, including Telnet. SSH can authenticate users with a cryptographic key, and e

5. By default, the IP address is 192.168.0.1. 4.2 User Management User Management functions to configure the user name and password for users to lo

The following entries are displayed on this screen:  User Info User Name: Create a name for users’ login. Access Level: Select the access level t

Figure 4-10 Config Restore The following entries are displayed on this screen:  Config Restore Restore Config: Click the Restore Config button to

Note: It will take a few minutes to backup the configuration. Please wait without any operation. 4.3.3 Firmware Upgrade The switch system can be upgr

II Safety Information  When product has power button, the power button is one of the way to shut off the product; When there is no power button,

4.3.5 System Reset On this page you can reset the switch to the default. All the settings will be cleared after the switch is reset. Choose the menu

Figure 4-15 Access Control The following entries are displayed on this screen:  Access Control Config Control Mode: Select the control mode for u

 Access User Number Number Control； Select Enable/Disable the Number Control function. Admin Number: Enter the maximum number of the users logging

The following entries are displayed on this screen:  Global Config SSL: Select Enable/Disable the SSL function on the switch.  Certificate Down

Figure 4-17 SSH Config The following entries are displayed on this screen:  Global Config SSH: Select Enable/Disable SSH function. Protocol V1:

Application Example 1 for SSH:  Network Requirements 1. Log on to the switch via password authentication using SSH and the SSH function is enabled

Note: 1. The key length is in the range of 256 to 3072 bits. 2. During the key generation, randomly moving the mouse quickly can accelerate the

3. On the Web management page of the switch, download the public key file saved in the computer to the switch. Note: 1. The key type should accor

29 After successful authentication, please enter the login user name. If you log on to the switch without entering password, it indicates that the ke

Chapter 5 Switching Switching module is used to configure the basic functions of the switch, including four submenus: Port, LAG, Traffic Monitor and

CONTENTS Package Contents...1

Status: Allows you to Enable/Disable the port. When Enable is selected, the port can forward the packets normally. Speed and Duplex: Select the S

The following entries are displayed on this screen.  Mirroring Port Mirroring Port: Select a port from the pull-down list as the mirroring port. W

Figure 5-3 Port Security The following entries are displayed on this screen:  Port Security Select: Select the desired port for Port Security con

5.1.4 Port Isolation Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward p

5.1.5 Loopback Detection With loopback detection feature enabled, the switch can detect loops using loopback detection packets. When a loop is detect

 Port Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select th

If the LAG is needed, you are suggested to configure the LAG function here before configuring the other functions for the member ports. Tips: 1. Ca

Description: Displays the description of LAG. Member: Displays the LAG member. Operation: Allows you to view or modify the information for each LA

The following entries are displayed on this screen:  LAG Config Group Number: Select a Group Number for the LAG. Description: Give a descriptio

Figure 5-9 LACP Config The following entries are displayed on this screen:  Global Config System Priority: Specify the system priority for the sw

5.1.1 Port Config ...30 5.1.2 Port Mirror ...

Status: Enable/Disable the LACP feature for your selected port. LAG: Displays the LAG number which the port belongs to. 5.3 Traffic Monitor The Tr

Packets Tx: Displays the number of packets transmitted on the port. Octets Rx: Displays the number of octets received on the port. The error octe

Sent: Displays the details of the packets transmitted on the port. Broadcast: Displays the number of good broadcast packets received or transmitted

Type Configuration Way Aging outBeing kept after reboot (if the configuration is saved) Relationship between the bound MAC address and the port Sta

Type: Select the type of your desired entry.  All: This option allows the address table to display all theaddress entries.  Static: This option

The following entries are displayed on this screen:  Create Static Address MAC Address: Enter the static MAC Address to be bound. VLAN ID: En

On this page, you can configure the dynamic MAC address entry. Choose the menu Switching→MAC Address→Dynamic Address to load the following page. Fig

Bind: Click the Bind button to bind the MAC address of your selected entryto the corresponding port statically. Tips: Setting aging time properly h

49  Filtering Address Table Select: Select the entry to delete the corresponding filtering address. It ismulti-optional. MAC Address: Displays

Chapter 6 VLAN The traditional Ethernet is a data network communication technology basing on CSMA/CD (Carrier Sense Multiple Access/Collision Detect

6.9.1 PVLAN Config...77 6.9.2 Port Config ...

6.1 802.1Q VLAN VLAN tags in the packets are necessary for the switch to identify packets of different VLANs. The switch works at the data link laye

 PVID PVID (Port Vlan ID) is the default VID of the port. When the switch receives an un-VLAN-tagged packet, it will add a VLAN tag to the packet a

To ensure the normal communication of the factory switch, the default VLAN of all ports is set to VLAN1. The following entries are displayed on this

The following entries are displayed on this screen:  VLAN Config VLAN ID: Enter the ID number of VLAN. Description: Give a description to the VLA

Figure 6-5 802.1Q VLAN – Port Config The following entries are displayed on this screen:  VLAN Port Config Port Select: Click the Select button

Click the Detail button to view the information of the corresponding VLAN. Figure 6-6 View the Current VLAN of Port The following entries are displa

received port. Thus, the packet is assigned automatically to the corresponding VLAN for transmission. 2. When receiving tagged packet, the switch w

6.2.2 Port Enable On this page, you can enable the port for the MAC VLAN feature. Only the port is enabled, can the configured MAC VLAN take effect.

Protocol Type Type value IPX 0x8137 IS-IS 0x8000 LACP 0x8809 802.1X 0x888E Table 6-2 Protocol types in common use The packet in Protocol VLAN is pro

 Protocol VLAN Table Select: Select the desired entry. It is multi-optional. Protocol: Displays the protocol template of the VLAN. Ether Type: D

9.2 Bandwidth Control ...126 9.2.1 Rate Limit...

6.3.3 Port Enable On this page, you can enable the port for the Protocol VLAN feature. Only the port is enabled, can the configured Protocol VLAN tak

 Switch B is connecting to PC B and Server A;  PC A and Server A is in the same VLAN;  PC B and Server B is in the same VLAN;  PCs in the two

6.5 Application Example for MAC VLAN  Network Requirements  Switch A and switch B are connected to meeting room A and meeting room B respectivel

Step Operation Description 4 Configure MAC VLAN 10 On VLAN→MAC VLAN→MAC VLAN page, create MAC VLAN10 with the MAC address as 00-19-56-8A-4C-71. 5

 IP host, in VLAN10, is served by IP server while AppleTalk host is served by AppleTalk server;  Switch B is connected to IP server and AppleTalk

Step Operation Description 4 Create Protocol Temp l ate Required. On VLAN→Protocol VLAN→Protocol Template page, configure the protocol template pr

Protocol type Value LACP 0x8809 802.1X 0x888E Table 6-3 Values of Ethernet frame protocol type in common use This VLAN VPN function is implemented o

Choose the menu VLAN→VLAN VPN→VLAN Mapping to load the following page. Figure 6-13 Create VLAN Mapping Entry The following entries are displayed on

Figure 6-14 Enable VLAN Mapping for Port Select your desired port for VLAN Mapping function. All the ports are disabled for VLAN Mapping function by

Step Operation Description 3 Create SP (Service Provider) VLAN Optional. On the VLAN→802.1Q VLAN page, create the SP VLAN. For the steps of creat

11.3 IP Source Guard ...165 11.4 DoS Defend ...

 LeaveAll Timer: Once a GARP entity starts up, it starts the LeaveAll timer, and sends out a LeaveAll message after the timer times out, so that ot

Figure 6-15 GVRP Config Note: If the GVRP feature is enabled for a member port of LAG, please ensure all the member ports of this LAG are set to be

LeaveAll Timer: Once the LeaveAll Timer is set, the port with GVRP enabled can send a LeaveAll message after the timer times out, so that other GARP

Private VLAN technology is mainly used in campus or enterprise networks to achieve user layer-2-separation and to save VLAN resources of uplink devic

2) Port configuration and MAC address duplication should be synchronized on the switch. Port configuration synchronization is completed in the whole

 MAC address duplication: After port configuration synchronization, packets from Secondary VLAN can be forwarded via the promiscuous port untagged,

The Private VLAN packet forwarding process (here we take traffic transmission for PC2) based on the figure above is illustrated as follows: 1) PC2 s

Figure 6-17 Create Private VLAN The following entries are displayed on this screen:  Create Private VLAN Primary VLAN: Enter the ID number of the

Figure 6-18 Create and View Protocol Template The following entries are displayed on this screen:  Port Config Port: Select the desired port for

Step Operation Description 4 Delete VLAN. Optional. On the VLAN→Private VLAN→PVLAN Config page, select the desired entry to delete the correspond

VI 14.3 Cluster ...212 14.3.1 Cl

Step Operation Description 2 Add Promiscuous port to Private VLANs Required. On the VLAN→Private VLAN→Port Config page, configure the port type of

Chapter 7 Spanning Tree STP (Spanning Tree Protocol), subject to IEEE 802.1D standard, is to disbranch a ring network in the Data Link layer in a lo

Figure 7-1 Basic STP diagram  STP Timers Hello Time: Hello Time ranges from 1 to 10 seconds. It specifies the interval to send BPDU packets. It

Step Operation 1 If the priority of the BPDU received on the port is lower than that of the BPDU if of the port itself, the switch discards the BPD

point-to-point link, it can transit to forwarding state after getting response from the downstream switch through handshake.  RSTP Elements Edge

 Port States In an MSTP, ports can be in the following four states:  Forwarding: In this status the port can receive/forward data, receive/send

Figure 7-4 STP Config The following entries are displayed on this screen:  Global Config STP: Select Enable/Disable STP function globally on the

Note: 1. The forward delay parameter and the network diameter are correlated. A too small forward delay parameter may result in temporary loops. A t

Figure 7-5 STP Summary 7.2 Port Config On this page you can configure the parameters of the ports for CIST Choose the menu Spanning Tree→Port Confi

The following entries are displayed on this screen:  Port Config Port Select: Click the Select button to quick-select the corresponding port base