WSG18SFP Switch User Manual
Apr 01, 2020 11:36
This manual explains how to log in and configure WSG18SFP Switch via the web interface.
Created: January 2011
This switch is equipped with 16 10/100/1000BaseT(X) UTP/SFP combo ports + 2 Gigabit SFP Open Slots. It is designed for easy installation and high performance in an environment where traffic is on the network and the number of users increases continuously. The compact rigid 19” rack-mount size is specifically designed for small to medium workgroups. It can be installed where the space is limited; moreover, it provides smooth network migration, the network capacity can be upgraded easily. In addition, the switch has comprehensive features such as QoS (Quality of Service), Spanning Tree, VLAN, Port Trunking, Bandwidth Control, Port Security, SNMP, IGMP Snooping capability via the intelligent software. It is suitable for both metro-LAN and office application.
Web Management Features
- Port Configuration
- VLAN Setting
- Link Aggregation
- Raid Spanning Tree
- IGMP Snooping
- Port Mirroring
- QoS Setting
- Rate Limit
- Storm Control
- Statistics Overview
- Detailed Statistics
- LACP Status
- RSTP Status
- IGMP Status
- Reboot Device (Warm Restart)
- Load Default Setting (Factory Default)
- Firmware Updating (Software Upload)
- Backup/Recovery (Configuration File Transfer)
- IEEE 802.3 10BaseT
- IEEE 802.3u 100BaseTX
- IEEE 802.ab 1000BaseT
- IEEE 802.3z 1000BaseSX/LX
- IEEE 802.3x Flow Control
- IEEE 802.1x Port-based Network Access Control
- IEEE 802.1Q VLAN Tagging
- IEEE 802.3ad Link Aggregation
- IEEE 802.1d Spanning tree protocol
- IEEE 802.1w Rapid Spanning tree protocol
- IEEE 802.1p Class of service, Priority Protocols
Number of Port
- 16 x 10/100/1000BaseT(X) UTP/SFP combo ports + 2 Gigabit SFP Open Slots
- Per Port: LINK/ACT
- UTP Port 1~16: 1000M
- SFP Port 1~16:: ACT
- Per Unit: Power
- 100~240V/AC, 50~60HZ
Product Dimensions/ Weight:
- 44 × 220 × 440 mm (H × D x W) / 3kg
- MAC Address: 8K
- Buffer Memory: 500 KB
- Jumbo Frames: 9K
- Transmission Method: Store and Forward
Before you start to install this switch, please verify your package that contains the following items:
- One PoE Gigabit Ethernet Switch
- One AC Power Cord
- User Manual CD
- One Rack-mount kit
Physical Dimensions/ Weight
44 × 220 × 440 mm (H × W × D) / 3KG
The front Panel consists of 16 x 10/100/1000BaseT(X) UTP/SFP combo ports + 2 Gigabit SFP open slots. The LED Indicators are also located on the front panel.
The LED Indicators present real-time information of the operation status.
Table 1-1 LED Indicators
|UTP (1-16)||1000M||On||Port is linked to 1000M|
|Off||Port isn't linked to 1000M|
|SFP (1-18)||Link/ ACT (1-18)||On||Link|
The 3-pronged power plug is placed at the rear panel of the switch right side shown as below.
Set the switch on a large flat space with a power socket close by. The flat space should be clean, smooth, level and sturdy. Make sure there is enough of space to attach the cables, power cord and allow air circulation. Use twisted pair cable to connect this switch to your PC.
Open the web browser, and type in the URL: 192.168.2.1. You see the login screen. The factory default did not set up a password, so you can just click the Apply button. The login process is completed and “Password successfully entered” appears on the screen.
This page shows system configuration information.
- MAC Address: hardware address assigned by manufacturer (default).
- S/W Version: switch’s firmware version.
- H/W Version: switch’s Hardware version.
- DHCP Enabled: click to enable DHCP
- Fallback IP address: assign the IP address manually, the default IP is 192.168.2.1
- Fallback Subnet Mask: assign the subnet mask to the IP address
- Fallback Gateway: assign the network gateway, the default gateway is 0.0.0.0.
Management VLAN: ID of the configured VLAN (1-4094) to manage the switch. By default, all ports on the switch are members of VLAN 1. However, if the management VLAN is changed, the management station should be attached to a port belonging to this VLAN.
Name: type in a new user name (default value is ‘admin’).
Password: type in a new password (default value is ‘admin’).
NMP Enabled: enables or disables SNMP on the switch. Supports SNMP version 1and 2c management clients.
SNMP Trap Destination: IP address of the trap manager to receive notification messages from this switch. Traps indicating status changes are issued by the switch to specified trap managers. Specify trap managers so that key events are reported by this switch to your management station.
SNMP Read Community: community string serves as a password and allows access to the SNMP database on this switch.
SNMP Trap Community: community string sent with the notification operation.
Port configuration ensures access to a switch port based on MAC address, limits the total number of devices using a switch port and protects against MAC flooding attacks.
In Port Configuration, you can set and view the operation mode for each port.
- Enable Jumbo Frames: This switch provides more efficient throughput for large sequential data transfers by supporting jumbo frames on Gigabit Ethernet ports up to 9216 bytes. Compared to standard Ethernet frames that run only up to 1.5 KB, using jumbo frames significantly reduces the per-packet overhead required to process protocol encapsulation fields.
- Power Saving Mode: Adjusts the power provided to ports based on the length of the cable used to connect to other devices. Only sufficient power is used to maintain connection requirements.
- Mode: allow user to manually set the port speed as Auto, 10 half, 10 Full, 100 Half, 100 Full, 1000 Full or Disabled. Press Apply button to complete the configuration procedure.
A Virtual LAN (VLAN) is a logical network grouping that limits the broadcast domain, which allows you to isolate network traffic, so that only the members of the same VLAN receive traffic from each other. Basically, creating a VLAN is logically equivalent to connecting a group of network devices to another Layer 2 switch. However, all the network devices are still plugged into the same switch physically.
Port Segmentation (VLAN) Configuration
- VLAN ID: ID of configured VLAN (1-4094, no leading zeroes).
- VLAN Configuration List: Lists all the current VLAN groups created for this system. Up to 16 VLAN groups can be defined. VLAN 1 is the default untagged VLAN.
Port trunk allows multiple links to be bundled together and act as a single physical link for increased throughput. It provides load balancing, and redundancy of links in a switched inter- network. Actually, the link does not have an inherent total bandwidth equal to the sum of its component physical links. Traffic in a trunk is distributed across an individual link within the trunk in a method called a hash algorithm. The hash algorithm automatically applies load balancing to the ports in the trunk. A port failure within the trunk group causes the network traffic to be directed to the remaining ports. Load balancing is maintained whenever a link in a trunk is lost or returned to service.
Aggregation / Trunking Configuration
To assign a port to a trunk, click on the required trunk number, then click Apply.
Link Aggregation (LACP)
IEEE 802.3ad Link Aggregation Control Protocol (LACP) increases bandwidth by automatically aggregating several physical links together as a logical trunk and providing load balancing and fault tolerance for uplink connections.
LACP Port Configuration
- Port: Port number.
- Enabled: Enables LACP on the associated port.
- Key Value: Configures a port's LACP administration key. The port administrative key should be set to the same value for ports belonging to the same link aggregation group (LAG). If this administrative key is not set when an LAG is formed (i.e., it has the null value of 0), this key is automatically set to the same value as the one used by the LAG.
Raid Spanning Tree
IEEE 802.1w Rapid Spanning tree protocol (LACP) provides a loop-free network and redundant links to the core network with rapid convergence to ensure faster recovery from failed links, enhancing overall network stability and reliability.
RSTP System Configuration
- System Priority: This parameter configures the spanning tree priority globally for this switch. The device with the highest priority becomes the STP root device. If all devices have the same priority, the device with the lowest MAC address becomes the root device. Number between 0-61440 in increments of 4096. Therefore, there are 16 values.
- Hello Time: Interval (in seconds) at which the root device transmits a configuration message (BPDU frame). Number between 1-10 (default is 2).
- Max Age – The maximum time (in seconds) a device can wait without receiving a configuration message before attempting to reconfigure. It also means the maximum life time for a BPDU frame. Number between 6-40 (default is 20).
Forward Delay: The maximum time (in seconds) the root device waits before changing states (i.e., discarding to learning to forwarding). Number between 4 – 30 (default is 15).
Force Version: Set and show the RSTP protocol to use. Normal - use RSTP, Compatible - compatible with STP
RSTP Port Configuration
- Port: The port ID. It cannot be changed. Aggregations mean any configured trunk group.
- Enabled: Click on the tick-box to enable/disable the RSTP protocol for the port.
- Edge: Expect the port to be an edge port (linking to an end station) or a link to another STP device.
- Path Cost: This parameter is used by the STP to determine the best path between devices. Therefore, lower values should be assigned to ports attached to faster media, and higher values assigned to ports with slower media. Set the RSTP path cost on the port. Number between 0 - 200000000. 0 means auto generated path cost.
802.1X provides port-based authentication, which involves communication between a supplicant, authenticator, and authentication server. Port refers to a single point of attachment to the LAN infrastructure. Supplicant is often software on a client device, such as a laptop; authenticator is a network device, such as an Ethernet switch or wireless access point; authentication server is typically a host running software supporting the RADIUS and EAP protocols.
Port-based Network access control (PNAC) ensures that all the users are authorized before being granted an access to the network. User authentication is carried out using any standard-based RADIUS server.
- Mode: Enables or disables 802.1X globally for all ports. The 802.1X protocol should be enabled globally for the switch before the port settings are active (Default: Disabled)
- RADIUS IP: Address of authentication server
- RADIUS UDP Port: Network port of authentication server used for authentication messages (Range: 1-65535; Default: 1812)
RADIUS Secret: Sets the text string used for encryption between the switch and the RADIUS server. This key is used to authenticate logon access for the client. Do not use blank spaces in the string. (Max. length: 48 characters).
IGMP Snooping is the process of listening to IGMP network traffic. IGMP Snooping allows a layer 2 switch to “listen in” on the IGMP conversation between hosts and routers by processing the layer3 IGMP packets sent in a multicast network.
When IGMP Snooping is enabled, it analyzes all IGMP packets between hosts connected to the switch and multicast routers in the network. When a switch hears an IGMP report from a host for a given multicast group, the switch adds the host’s port number to the multicast list for that group. When the switch hears an IGMP Leave, it removes the host’s port from the table entry. It prevents flooding of IP multicast traffic, and limits bandwidth intensive video traffic to the subscribers only.
- IGMP Enabled: When enabled, the switch monitors network traffic to determine which hosts want to receive multicast traffic.
- Router Ports: Set if ports are connecting to the IGMP administrative routers.
- Unregistered IPMC Flooding enabled: Set the forwarding mode for unregistered (not-joined) IP multicast traffic. The traffic floods when enabled, and forward to router-ports when disabled.
IGMP Snooping Enabled: When enabled, the port monitors network traffic to determine which hosts want to receive the multicast traffic.
IGMP Querying Enabled: When enabled, the port can serve as Querier which is responsible for asking hosts if they want to receive multicast traffic.
Port Mirroring is used on a network to send a copy of network packets seen on one switch port (or an entire VLAN) to a network monitoring connection on another switch port. This is commonly used for network appliances that require monitoring of network traffic, such as an intrusion-detection system.
- Port to Mirror to: The port that “duplicates” or “mirrors” the traffic on the source port. Only incoming packets can be mirrored. Packets are dropped when the available egress bandwidth is less than ingress bandwidth.
- Ports to Mirror: Select the ports that you want to mirror from this section of the page. A port is mirrored when the “Mirroring Enabled” check-box is checked.
In QoS Mode, select QoS Disabled, 802.1p, or DSCP to configure the related parameters.
- Strict: Services the egress queues in sequential order, transmitting all traffic in the higher priority queues before servicing lower priority queues.
WRR: Weighted Round-Robin shares bandwidth at the egress ports by using scheduling weights with default values of 1, 2, 4, 8 for queues 0 through 7, respectively. (This is the default selection.)
Note: WRR can only be selected if Jumbo Frame mode is disabled on the Port Configuration page.
QoS Mode: QoS Disabled
When the QoS Mode is set to QoS Disabled, the following table is displayed.
QoS Mode: 802.1p
Packets are prioritized using the 802.1p field in the VLAN tag. This field is three bits long, representing the values 0 - 7. When the QoS Mode is set to 802.1p, the 802.1p Configuration table appears, allowing you to map each of the eight 802.1p values to a local priority queue (low, normal, medium or high). The default settings are shown below.
When the QoS Mode is set to 802.1p, the 802.1p Configuration table is displayed as shown below.
DSCP: Packets are prioritized using the DSCP (Differentiated Services Code Point) value. The Differentiated Services Code Point (DSCP) is a six-bit field that is contained within an IP (TCP or UDP) header. The six bits allow the DSCP field to take any value in the range 0 - 63. When QoS Mode is set to DSCP, the DSCP Configuration table is displayed, allowing you to map each of the DSCP values to a hardware output queue (low, normal, medium or high). The default settings map all DSCP values to the high priority egress queue.
You can use the Prioritize Traffic drop-down list to quickly set the values in the DSCP Configuration table to a common priority queue. Use Custom if you want to set each value individually.
When the QoS Mode is set to DSCP, the DSCP Configuration table is displayed as shown below.
Administrators can easily assign IP addresses to the ports of the switch. Press Apply button after you make the changes.
Mode: There are three modes, by default it’s “disabled”
- Disabled: Allow all IP network addresses to login to this switch and to manage it.
Static: Only configured IP network addresses (IP with IP mask) are allowed to login to this switch and to manage it. Only the the received IP packets containing configured source network addresses can be forward by the switch.
Note: In this mode, the received packets are filtered except the IP packets with configured source network addresses.
1. IP Address: 192.168.3.2, IP Mask: 255.255.255.0; Network address 192.168.3.x (254 IP Addresses) can be forwarded on this port
2. IP Address: 192.168.3.2, IP Mask: 255.255.255.255; Only IP 192.168.3.2 can be forwarded on the port.
- DHCP: Allow the IP Address received from DHCP server to login to this switch and manage it. Only the IP packets containing the source IP are allowed to be forwarded through the switch.
- IP Address: IP Address, it can be one IP Address or a LAN
- IP Mask: IP Subnet Mask, related to the IP Address
- DHCP Server Allowed: Tick off the check-box under the port x to allow the DHCP Server on this Port, valid port is Port 1-18.
Rate Limit Configuration
Select the Port number.
Policer: Set up the ingress bandwidth limit. Incoming traffic is discarded if the rate exceeds the value entered. Pause frames are also generated if flow control is enabled. The format of the packet limits to unicast, broadcast and multicast. Valid value of Port 1-18 is 128-3968 kbps. Default: No Limit
Shaper: Set up the egress bandwidth limit. Outgoing traffic is discarded if the rate exceeds the value entered. Pause frames are generated if flow control is enabled. The format of the packet limits to unicast, broadcast and multicast. Valid value of Port 1-18 is 128-3968. Default: No limit
Broadcast storms may occur when a device on your network is malfunctioning, or if application programs are not well designed or properly configured. If there is too much broadcast traffic on your network, performance can be severely degraded or everything can come to complete halt.
You can protect your network from broadcast storms by setting a threshold for broadcast traffic for each port. Any broadcast packets exceeding the specified threshold are dropped then.
Storm Control Configuration
Storm control is used to block unnecessary multicast and broadcast frames that reduce switch’s performance. When the function is enabled and Storm Control rate settings are detected as exceeded, the unnecessary frames are dropped. There are five types of traffic which can be rate limited, including ICMP Rate, Learn Frames Rate, Broadcast Rate, Multicast Rate and Flooded unicast Rate. The setting range is 1k-32768k per second. Default of four Rates is No Limit.
After completing the function's setting, press Apply button.
Statistic Overview for all ports
You can mirror traffic from any source port to a target port for real-time analysis.
Display the detailed counting number of each port’s traffic.
LACP Aggregation Overview
- Port: Port number.
- Port Active: Shows if the port is a member of an active LACP group.
- Partner Port Number: A list of the ports attached to the remote end of this LAG link member.
- Operational Port Key: Current operational value of the key used by this LAG.
LACP Port Status
RSTP VLAN Bridge Overview
- Bridge ID: Show the switch’s current bridge priority setting and bridge ID which stands for the MAC address of the switch
- Hello Time: Interval (in seconds) with which the root device transmits configuration message
- Max Age: The max. time (in seconds) a device waits without receiving configuration message before attempting to reconfigure. All device ports (except for designated ports) should receive configuration messages with regular intervals. Any port that ages out STA information (provided in the last configuration message) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from the device ports attached to the network.
- Fwd Delay: The max. time (in seconds) the root device waits before changing state (i.e. discarding to learning to forwarding). This delay is required because every device should receive information about topology changes before it starts to forward frames. In addition, each port needs time to listen to conflicting information that makes it return to a discarding state; otherwise, temporary data loops can occur.
- Topology: Indicates if spanning tree topology is steady or undergoing reconfiguration. (The time required for reconfiguration is extremely short, so no values other than “steady” state are likely to be seen in this field)
- Root ID: The priority and MAC address of the device in the Spanning Tree that the switch has accepted as the root device. Each port has been connected to the root device.
RSTP Port Status
- Port/Group: The number of a port or the ID of a static trunk.
- Path Cost: The cost for a packet to travel from this port to the root in the current Spanning Tree configuration. The slower is the media, the higher is the cost.
- Edge Port: Shows if this port is functioning as an edge port, either through manual selection (see the RSTP Port Configuration table) or auto-detection. Note that if the switch detects another bridge connected to this port, the manual setting for Edge Port will be overridden, and the port functions as a point-to-point connection instead.
- P2P Port: Shows if this port is functioning as a Point-to-Point connection. The switch can automatically determine if the interface is attached to a point-to-point link or to shared media. If shared media is detected, the switch assumes that it is connected to two or more bridges.
- Protocol: Shows the spanning tree protocol functioning on this port, either RSTP or STP (STP- compatible mode).
IGMP Status shows the IGMP Snooping statistics for the whole switch.
- VLAN ID: VLAN ID number.
- Querier: Shows whether Querying is enabled.
- Queries transmitted: Shows the number of transmitted Query packets. ➤ Queries received: Shows the number of received Query packets.
- v1 Reports: Shows the number of received v1 Report packets.
- v2 Reports: Shows the number of received v2 Report packets.
- v3 Reports: Shows the number of received v2 Report packets.
v3 Leave: Shows the number of v3 leave packets received.
VeriPHY Cable Diagnostics
User can perform cable diagnostics for all ports or selected ports to diagnose any cable faults (short, open etc..) and feedback a distance to the fault.
- Cable Diagnostics: Cable diagnostics is performed on a per-port basis. Select the port number from the drop-down list.
- Cable Status: Shows the cable length, operating conditions and isolates a variety of common faults that can occur on Category 5 twisted pair cabling.
This command sends ICMP echo request packets to another node on the network.
- Target IP Address: IP address of the host
- Count: Number of packets to send. Select between 1, 5, 10, 20. Default: 1
- Time Out: setting the time period of host is Ping. Select between 1,5, 10, 20. Default: 1
Use the ping command to see if another site on the network can be reached. The following are some results of the ping command:
- Normal response: The normal response occurs in one to ten seconds, depending on network traffic.
- Destination does not respond: If the host does not respond, a “timeout” appears in ten seconds.
- Destination unreachable: The gateway for this destination indicates that the destination is unreachable.
- Network or host unreachable: The gateway found no corresponding entry in the route table.
Press <Esc> to stop pinging.
There are many ways to reboot the switch, such as power up, hardware reset, software reset. Press RESET button situated on the front panel to reset the device and to retrieve default settings. After upgrading software, reboot the device to apply new configuration. The procedure of software reset is explained below.
Reboot Device (Warm Restart)
Press Yes button to restart the switch, the reset is complete when the power lights stop blinking.
Load Default Setting (Factory Default)
Factory Default retrieves default settings and replaces the current configuration. Except IP address setting, all settings are restored to the factory defaults. If you want to restore all configurations including the IP address, press RESET button situated on the front panel.
Firmware Updating (Software upload)
Select “Upgrade Firmware” from the Tools drop-down list then click on the “Browse” button to select the firmware file. Click the APPLY button to upgrade the selected switch firmware file. You can download firmware files from the Support section of your local supplier.
Backup/Recovery (Configuration File Transfer)
Configuration file transfer allows you to save the switch’s current configuration or restore a previously saved configuration back to the device. Configuration files can be saved to any location on the web management station. Select “Upload” the configuration file to save a configuration or
"Download" to restore a configuration. Use the Browse button to choose a file location on the web management station, or to find a saved configuration file.
The administrator has write access for all parameters governing the onboard agent. User should therefore assign a new administrator password as soon as possible, and store it in a safe place.