ConneXium Ethernet Cabling System Managed Switch
Contents
1. 4 and 8 Port Versions mm inch 46 1 8 30 48 111 a 1 2 4 37 ooo0oo0o C 5 S a h wo D m 1 e UUU oA oO o 74 2 91 30 48 111 a e 1 2 4 37 oooo a C V Se a LO i 4 TI i 4 Tan le KC ok oj o 168 31007122 8 2006 General Information 16 and 24 Port Versions mm F 1 20 Res B elg a f CD Hd 1 I KD TTT le feed la EL i 3 0 1 31007122 8 2006 169 General Information General Technical Software Data ESM The following table shows the technical data of the ESM Switch Data Latenc2. 5 dotldBasePortMtuExceededDiscards 2 dotldStp 1 dotldStpProtocolSpecification 2 dotldStpPriority 3 dotldStpTimeSinceTopologyChange 4 dot1l1dStpTopChanges 5 dotldStpDesignatedRoot 6 dotldStpRootCost 7 dotldStpRootPort 8 dotldStpMaxAge 9 dotldStpHelloTime 10 dot1dStpHoldTime 11 dotldStpForwardDelay 12 dotldStpBridgeMaxAge 13 dotldStpBridgeHelloTime 14 dot1dStpBridgeForwardDelay 15 dotldStpPortTable 1 dotlidStpPortEntry 1 dot1ldStpPort 2 dotldStpPortPriority 3 dot1dStpPortState 4 dotidStpPortEnable 5 dotldStpPortPathCost 6 dotldStpPortDesignatedRoot 7 dot1dStpPortDesignatedCost 8 dotldStpPortDesignatedBridg 9 dot1dStpPortDesignatedPort 10 dot1dStpPortForwardTransitions 11 dot1dStpPortPathCost32 16 dot1dStpVersion 17 dotldStpTxHoldCount 18 dot1dStpPathCostDefault 19 dotldStpExtPortTable 31007122 8 2006 145 General Information 3 dotl dotl 1 2 3 4 5 dotl 1 6 1 pBri 1 dotldStpExtPortEntry 1 dotldStpPortProtocolMigration 2 dotldStpPortAdminEdgePort 3 dotldStpPortOperEdgePort 4 dot1dStpPortAdminPointToPoint 5 dotldStpPortOperPointToPoint 6 dotldStpPortAdminPathCost dSr dTp dotldTpLearnedEntryDiscards dotldTp
3. Click Load Configuration 31007122 8 2006 45 Loading and Saving Settings Loading Settings from the Local Non Volatile Memory Using the Command Line Interface CLI Loading Settings from the Memory back up adapter EAM Loading Settings from a File Proceed as follows in the CLI Step Action 1 Connect the ESM to a serial cable 2 Open the CLI 3 Enter the command enable to change to the privileged EXEC mode 4 Enter the command copy nvram startup config system running config to load the configuration data from the local non volatile memory If an EAM is connected to the ESM the ESM always loads its configuration from the EAM For information on how to save a configuration file onto an EAM refer to p 50 The ESM enables you to load the configuration data from a file in the connected network provided that no EAM is connected to it 46 31007122 8 2006 Loading and Saving Settings Loading Settings from a File Using the Web Based Load the settings as follows Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Load Save The figure below shows the Load Save dialog box Load B Local O from URL from URL 8 save local Load configuration Save o Local O to URL URL tftp 192 16
4. Open the CLI Type the command enable to switch to the privileged EXEC mode AJOJN Type the command network protocol Ethernet Switch Configurator off to switch off the Ethernet Switch Configurator function Type the command network protocol Ethernet Switch Configurator read only to switch on the ESC function with the Read access right Type the command network protocol Ethernet Switch Configurator read write to switch on the ESC function with the Read and Write access right 70 31007122 8 2006 Protection from Unauthorized Access Port Access Control Description of Port Access Control The ESM protects every port from unauthorized access Depending on your choice the ESM checks either the MAC address or the IP address of the connected device The following functions are available for monitoring every individual port e Who has access to this port The ESM recognizes two classes of access control e all There is no access restriction e user Only an assigned user has access You define this user with his MAC or IP address e What should happen after an unauthorized access attempt The ESM can respond in three selectable ways to an unauthorized access attempt e none no response e trapOnly message by sending a trap e portDisabled message by sending a trap and disabling a port Note Since the ESM is a layer 2 device it translates the stored IP addresses i
5. The following table shows an application example Switch 149 218 112 1 149 218 112 2 149 218 112 3 PTP Function On On On Clock Mode PTP Mode PTP Mode PTP Mode Boundary Clock Boundary Clock Boundary Clock Preferred Master False False False SNTP Function On On On Anycast Destination Address 224 0 1 1 224 0 1 1 224 0 1 1 Server VLAN ID 1 1 1 Anycast Send Interval 30 30 30 Client External Server Address 149 218 112 0 0 0 0 0 0 0 0 0 Server Request Interval Any Any Any Accept SNTP Broadcasts No No No In the example above the left switch receives as the SNTP client the system time from the NTP server using SNTP The switch assigns to a time received from an NTP server the stratum clock number 2 see table on p 82 Thus the left switch becomes the reference clock for PTP synchronization PTP is active in all three switches ensuring that relative to each other the system times of the switches are synchronized precisely As the connectable end devices in the example exclusively support SNTP all three switches serve as SNTP servers 86 31007122 8 2006 Traffic Control At a Glance Overview This chapter describes traffic control What s in this This chapter contains the following topics Chapter Topic Page Directed Frame Forwarding 88 Multicast Application 91 The Broadcast Limiter 96 Prioritization 97 Flow Contr
6. 31007122 8 2006 157 General Information 11 saRelayInterfaceTabl 1 saRelayIfEntry 1 saRelayIfaceGroupID 2 saRelayIfaceID 3 saRelayIfaceOption82Enable 4 saRelayIfaceBCReguestFwd 20 saRelayBCPktInCnt 21 saRelayMCPktInCnt 22 saRelayPktServerRelayCnt 23 saRelayPktClientRelayCnt 24 saRelayErrCnt 25 saRelayLastDuplicateIP User Groups The user groups group contains parameters for configuring the user group Group functions 14 saConfiguration 3 saUserGroup 4 saPortSecurityTable 1 saPortSecurityEntry 1 saPortSecSlotID 2 saPortSecPortID 3 saPortSecPermission 4 saPortSecAllowedUserID 5 saPortSecAllowedGroupIDs 6 saPortSecConnectedUserID 7 saPortSecAction 8 saPortSecAutoReconfigure Redundancy The redundancy group contains parameters for configuring the redundancy Group functions 14 saConfiguration 5 saRingRedundancy 1 saRingRedTable 1 saRingRedEntry 1 saRingRedPrimGroupID 158 31007122 8 2006 General Information saRingRedPrimIfIndex saRingRedPrimIfOpState saRingRedRedGroupID saRingRedRedIfIndex saRingRedRedIfOpState saRingRedOperState saRingRedMode saRingRedConfigOperState 2 saRingCouplingTable 1 saRingCouplingEntry tt 10 saProducts 2 ESMx
7. therStatsUndersizePkts etherStatsOversizePkts etherStatsFragments 31007122 8 2006 141 General Information 2 21 history 1 historyC On therStatsJabbers therStatsCollisions tnerStatsPkts64Octets tnerStatsPkts65to127Octets tnerStatsPkts128to255Octets tnerStatsPkts256to511Octets tnerStatsPkts512to1023Octets therStatsPkts1024to1518Octets therStatsOwner therStatsStatus trolTable 1 historyControlEntry 2 etherHis 1 ethe hi hi hi hi hi hi hi et et et e toryTable storyControlIndex storyControlDataSource storyControlBucketsReguested storyControlBucketsGranted storyControlInterval storyControlOwner storyControlStatus rHistoryEntry herHistoryIndex herHistorySampleIndex herHistoryIntervalStart therHistoryDropEvents therHistoryOctets therHistoryPkts therHistoryBroadcastPkts therHistoryMulticastPkts therHistoryCRCAlignErrors therHistoryUndersizePkts therHistoryOversizePkts 142 31007122 8 2006 General Information alarm 3 1 a 9 1 event li 2 l eventi logTable 1 2 a a a a a a a a a Ee e e e e e HE 1 etherHistoryFragments etherHistoryJabbers etherHistoryCollisions etherHistoryUtilization larmTable larmEntry larmInde
8. 108 31007122 8 2006 Operation Diagnostics At a Glance Overview This chapter describes the diagnosis tools of your switch What s in this This chapter contains the following topics Chapter Topic Page Sending Traps 110 Contact Signal 114 Displaying the Port Status 117 Event Counter on Port Level 118 Displaying the SFP Status 120 Topology Discovery 121 Reports 124 Monitoring Port Traffic 125 31007122 8 2006 109 Operation Diagnostics Sending Traps SNMP Traps SNMP Trap Listing If unusual events occur during normal operation of the ESM they are reported immediately to the management station This is done by means of so called trap alarms that bypass the polling procedure Polling means to query the data stations in regular intervals Traps make it possible to react quickly to critical situations Examples for such events are e hardware reset e changing the basic device configuration e segmentation of a port Traps can be sent to various hosts to increase the transmission reliability for the messages A trap message consists of a packet that is not acknowledged The management agent sends traps to those hosts that are entered in the target table trap destination table The trap destination table can be configured with the management station via SNMP All possible traps that can occur are listed in the following table Trap Description
9. 4 ipRouteMetric2 5 ipRouteMetric3 6 ipRouteMetric4 7 ipRouteNextHop 8 ipRouteType 9 ipRouteProto 10 ipRouteAge 11 ipRouteMask 12 ipRouteMetric5 13 ipRoutelnfo 22 ipNetToMediaTable 1 ipNetToMediaEntry 1 ipNetToMedialfIndex 2 ipNetToMediaPhysAddress 3 ipNetToMediaNetAddress 4 ipNetToMediaType 23 ipRoutingDiscards 31007122 8 2006 137 General Information ICMP Group The internet control message protocol group is obligatory for all systems It contains 1 3 6 1 2 1 5 all the information on error handling and control for data exchange in the Internet 5 icmp 1 icmpInMsgs 2 icmpInMsgs 3 icmpInDestUnreachs 4 icmpInTimeExcds 5 icmpInParmProbs 6 icmpInSrcQuenchs 7 icmpInRedirects 8 icmpInEchos 9 icmpInEchoReps 10 icmpInTimestamps 11 icmpInTimestampReps 12 icmpInAddrMasks 13 icmpInAddrMaskReps 14 icmpOutMsgs 15 icmpOutErrors 16 icmpOutDestUnreachs 17 icmpOutTimeExcds 18 icmpOutParmProbs 19 icmpOutSrcQuenchs 20 icmpOutRedirects 21 icmpOutEchos 22 icmpOutEchoReps 23 icmpOutTimestamps 24 icmpOutTimestampReps 25 icmpOutAddrMasks 26 icmpOutAddrMaskReps 138 31007122 8 2006 General Inform
10. Ordinary Clock Slave Master Boundary Clock 31007122 8 2006 83 Synchronizing the System Time of the Network Setting Up Your Network and Enabling PTP Independent of the physical communication paths PTP provides logical communication paths you define when you set up PTP subdomains Subdomains are designed to create groups of clocks that are time independent of the rest of the domain Typically the clocks use the same communication paths that other clocks use The following figure illustrates how subdomains work Reference Grandmaster Clock Boundary You can set up your network and enable PTP as follows Step Action 1 Draw a network plan showing all devices involved in PTP 2 Connect all connections you need to distribute PTP information to devices equipped with an integrated time stamp unit RT modules Devices which are not equipped with a time stamp unit obtain the PTP information and set their clocks accordingly They are not involved in the protocol 3 Connect all devices to Ethernet cables 4 Open the Web based interface 5 Go to Time gt PTP 6 Select On to enable the PTP function on all devices whose time you want to synchronize using PTP 7 Click Set to retain your setting 8 If there is no reference clock available designate a switch as reference clock and set the system time as precisely as possible 84 31007122 8 2006
11. e the faulty link status of the control line e partner device in stand by mode The management setting determines which events causes a contact to the ESM Note With non redundant supply of the mains voltage the EMS reports a power failure You can prevent this message by applying the supply voltage over the two inputs or by switching off the monitoring function This mode enables you to carry out the remote switching of each signal individually You have the following applications options simulating an error during PLC error monitoring remote controlling a device using SNMP for instance switching on a camera 114 31007122 8 2006 Operation Diagnostics Setting Up Procedure Using the Web Based Interface Configuring the Signal Contact for Monitoring Set the signal contact as follows Step Action Connect the ESM to an Ethernet cable Open the Web based interface Go to Diagnostics gt Signal Contact AJo Pm Click Manual setting in the Mode Signal contact frame to set contact to manual oa Click Opened in the Manual Setting group box to open the contact Click Closed in the Manual Setting group box to close the contact Configure the signal contact as follows Correct Operation in the Web Based Interface Step Action 1 Go to Diagnostics gt Signal Contact The dialog below appears Mode Signal contaet
12. On the start screen of the System Monitor select 4 End reset and reboot to perform a cold start 31007122 8 2006 55 Loading Software Updates Loading Software Updates from the TFTP Server TFTP Server Note For a tftp see tftp update you need a tftp server on which the ESM software you wish to load is saved 56 31007122 8 2006 Loading Software Updates Loading Download ESM software updates from the tftp server as follows Procedure Using the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Software The screen below shows the Software dialog box Stored version RAM Running version Bachup version 2 00 2005 05 06 23 13 RAM 2 00 2005 05 06 23 13 BAK 2 00 2005 05 06 16 53 tftp Sotware Update URL tftp 192 168 1681 100 product product bin tftp Update http http Update Help iggy The URL identifies the path to the software stored on the tftp server It is written as follows tftp IP address of the tftp server path name file name e g tftp 149 218 112 4 esm esm bin 4 Click tftp Update to load the software from the tftp server onto the switch After the loading procedure has been completed successfully activate the new software as follows Go to Basics gt Restart and perform a cold st
13. Port Security A data packet has been received on one port from an unauthorized end device 31007122 8 2006 113 Operation Diagnostics Contact Signal Description of the Contact Signal Manually Setting the Signal Contact The signal contacts are for controlling external devices by manually setting the signal contacts monitoring proper functioning of the ESM which makes it possible to perform remote diagnostics By means of the potential free signal contact relay contact closed circuit a contact break is reported This can be due to faulty power supply the failure of the supply voltage 1 2 power supply voltage 1 or 2 lt 18 V a continuous malfunction in the ESM internal 3 3 VDC voltage values that exceed or fall below the set temperature threshold removing a module removing the back up configuration adapter the defective link status of at least one port With the ESM the displaying of the link status can be masked by the management for each port see p 62 The link status is not monitored in the default settings HIPER ring event the loss of redundancy guarantee in redundancy manager mode The Ring redundancy monitoring default setting is monitoring turned off redundant ring net coupling event the loss of redundancy guarantee Ring redundancy monitoring default setting is monitoring turned off In Stand by mode the ESM reports additionally the following conditions
14. THE SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND EXPRESS OR IMPLIED INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM DAMAGES OR OTHER LIABILITY WHETHER IN AN ACTION OF CONTRACT TORT OR OTHERWISE ARISING FROM OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE 31007122 8 2006 181 General Information 182 31007122 8 2006 Switch Function Examples At a Glance Overview What s in this Chapter This chapter provides two examples illustrating key ESM switch functions This chapter contains the following topics Topic Page Setting Up the DHCP Server for Option 82 184 TFTP Server for Software Updates 187 31007122 8 2006 183 Switch Function Examples Setting Up the DHCP Server for Option 82 Introduction A WARNING UNINTENDED OPERATION If IP addresses are assigned using DHCP option 82 changing the port to which a device is connected will cause its IP address to change e Do not change device port connections on the ESM e When performing maintenance on an ESM make sure to label each Ethernet cable with the ESM port number assigned so that you can reestablish the same configuration Failure to follow this instruction can result in death serious injury o
15. This means the same time is displayed worldwide and that differences are not taken into account e System Time uses IEEE 1588 SNTP time allowing for the local time difference of IEEE 1588 SNTP time System Time IEEE 1588 SNTP time Local offset e Time Source displays the origin of the following time The ESM automatically selects the source with the highest precision e If you click Set Time from PC the switch will load the PC s time as the system time and calculate IEEE 1588 SNTP time allowing for the local time difference IEEE 1588 SNTP time System time Local offset e Local offset allows you to display enter the time difference between local time and IEEE 1588 SNTP time e If you click Offset from PC the switch will calculate the time zone on your PC on the basis of which it will calculate the local time difference Note When setting the time zones with summer and winter times make an adjustment for the local offset The switch can also receive the IP address of the SNTP server as well as the local offset from a DHCP server Set the system time and enter the difference between SNTP and IEEE 1588 as follows Step Action 1 Connect the ESM to a serial cable 2 Open the CLI 3 Enter the command enable to change to the privileged EXEC mode 4 Enter the command configure to change to the configuration mode 5 Enter the command sntp time lt YYYY MM DD HH MM SS gt to set the switch
16. ae Event Log a Bj Ports g Statistics SFP modules 4 Topology Discovery Port Mirroring 77 7 Signal Contact ATEN Yz Alarms Traps B Report Gig DHCP Relay Agent e nae G About Index 31007122 8 2006 19 The User Interfaces 20 31007122 8 2006 Entering the IP Parameters At a Glance Overview What s in this Chapter This chapter provides information concerning the IP parameters This chapter contains the following topics Topic Page Basics of the IP Parameters 22 Configuring the ESM using the Command Line Interface 26 Configuring the ESM Using the Ethernet Switch Configurator ESC Software 28 Loading the System Configuration from the Memory Back Up Adapter EAM 30 System Configuration Using BOOTP 31 System Configuration Using DHCP 35 System Configuration Using DHCP Option 82 40 System Configuration Using the Web Based Interface 41 Faulty Device Replacement 42 31007122 8 2006 21 Entering the IP Parameters Basics of the IP Parameters Background Information concerning the IP Address The IP address is used for the configuration of the ESM The IP address background information is discussed here The IP addresses consist of four bytes These four bytes are written in decimal notation each separated by a dot Five classes of IP addresses were defined i
17. e select the operation mode transfer speed duplex operation in the Manual Configuration column e and deactivate the port in the Auto negotiation column Note The active auto negotiation has priority over the manual configuration 31007122 8 2006 61 Port Configuration Displaying Connection Error Messages General Information Activating Connection Error Messages If the ESM is set to default it will display a connection error via the signal contact and the LED display The ESM allows you to disable the displaying of connection error messages for instance to prevent a device that has been turned off from being interpreted as an interrupted line Activate the connection error messages as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Port Configuration 4 In the Signal Contact mask column select the ports whose connections you want to mask the displaying of the connection error message 62 31007122 8 2006 Protection from Unauthorized Access 6 At a Glance Overview This chapter provides information on how to protect your network from unauthorized access What s in this This chapter contains the following topics 2 Chapter Topic Page The Password for SNMP Access 64 Setting the Telnet Web Based Access 68 Disabling the Ethernet Switch Configurat
18. Synchronizing the System Time of the Network Interaction between PTP and SNTP Suggested PTP and SNTP permit each other to coexist in one network However since both Configuration of protocols influence the system time of the device situations may occur in which they Devices compete with each other Note Configure the devices in such a way that each device receives the system time exclusively from one source If you want the switch to receive the system time using PTP enter the external server address 0 0 0 0 and do not accept any SNTP broadcasts when performing the SNTP client configuration If you want the switch to receive the system time using SNTP make sure that the best clock is connected to the SNTP server Thus both protocols receive the time from the same server Application This figure shows an application example of the coexistence of PTP and SNTP Example GPS PLC SNTP Client NTP SNTP N 149 218 112 0 M S SNTP Client SNTP Client SNTP Server SNTP Server SNTP Server PTP PTP PTP 149 218 112 1 149 218 112 2 149 218 112 3 31007122 8 2006 85 Synchronizing the System Time of the Network The requirements made to network time accuracy are rather high however the end devices exclusively support SNMP which is less precise than PTP SNTP achieves an accuracy of milliseconds whereas PTP has an accuracy of fractions of microseconds see fig above
19. e Local IP Address address network mask and if The default setting local IP address of the necessary gateway switch is 0 0 0 0 e Network Mask Enter the networks mask here if your network has been divided into subnetworks and if these are identified with a network mask The default setting of the network mask is 0 0 0 0 e IP Address of the Gateway This entry is only needed if the switch and the management station tftp server are located in different subnetworks Type the IP address of the gateway between the subnetwork of the switch and the path to the management station The default setting of the IP address is 0 0 0 0 6 Save the configuration entered by typing the command copy system running config nvram startup config and press ENTER 7 Confirm that you wish to save by pressing Y After entering the IP parameters using the CLI you can easily configure the ESM using the Web based interface see p 47 31007122 8 2006 27 Entering the IP Parameters Configuring the ESM Using the Ethernet Switch Configurator ESC Software General Select the IP address using the ESC software if Information e the ESM is already installed on your network or e if there is another Ethernet connection between your PC and the ESM available Note You can easily configure additional parameters using the Web based interface see p 47 Note The installation of the ESC involves installin
20. link with or distribute the Library except as expressly provided under this License Any attempt otherwise to copy modify sublicense link with or distribute the Library is void and will automatically terminate your rights under this License However parties who have received copies or rights from you under this License will not have their licenses terminated so long as such parties remain in full compliance 9 You are not required to accept this License since you have not signed it However nothing else grants you permission to modify or distribute the Library or its derivative works These actions are prohibited by law if you do not accept this License Therefore by modifying or distributing the Library or any work based on the Library you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Library or works based on it 10 Each time you redistribute the Library or any work based on the Library the recipient automatically receives a license from the original licensor to copy distribute link with or modify the Library subject to these terms and conditions You may not impose any further restrictions on the recipients exercise of the rights granted herein You are not responsible for enforcing compliance by third parties with this License 11 If as a consequence of a court judgment or allegation of patent infringement or for any other reason not li
21. procedure for controlling access to management information 3 snmpModules 16 5 snmpVacmMIB vacmMIBObjects 1 vacmContextTable 1 vacmContextEntry 1 vacmContextName 2 vacmSecurityToGroupTable 1 vacmSecurityToGroupEntry 1 vacmSecurityModel 2 vacmSecurityName 3 vacmGroupName 31007122 8 2006 163 General Information 4 vacmSecurityToGroupStorageType 5 vacmSecurityToGroupStatus 4 vacmAccessTable 1 vacmAccessEntry 1 vacmAccessContextPrefix 2 vacmAccessSecurityModel 3 vacmAccessSecurityLevel 4 vacmAccessContextMatch 5 vacmAccessReadViewNam 6 vacmAccessWriteViewNam 7 vacmAccessNotifyViewName 8 vacmAccessStorageType 9 vacmAccessStatus 5 vacmMIBViews 1 vacmViewSpinLock 2 vacmViewTreeFamilyTable 1 vacmViewTreeFamilyEntry 1 vacmViewTreeFamilyViewName 2 vacmViewTreeFamilySubtree 3 vacmViewTreeFamilyMask 4 vacmViewTreeFamilyType 5 vacmViewTreeFamilyStorageType 6 vacmViewTreeFamilyStatus 164 31007122 8 2006 General Information RFCs List of RFCs The following table contains a list of RFCs RFC 768 UDP RFC 783 TFTP RFC 791 IP RFC 792 ICMP RFC 793 TCP RFC 826 ARP RFC 854 Telnet sas pom s eet
22. 00 00 00 0 0 0 0 none 2 3 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 2 4 enabled 00 00 00 00 00 00 00 0D 60 6F 1E E0 0 0 0 0 none Set Help iggy Choose IP Based Port Security Enter in the Allowed IP address column the IP address of the device with which data exchange is permitted at this port Without an entry data can be received from any device 6 In the Action column select one of the following reactions to an unauthorized access attempt no action none message by sending a trap trapOnly e the respective port in the Port Configuration table is disabled see p 59 and trap portDisabled is sent An entry in the Port Configuration table is part of the configuration and is saved with the configuration An alarm trap can only be sent if at least one recipient is entered under Configuring Traps Using the Web Based Interface p 112 and if both the appropriate status and Port Security are marked 72 31007122 8 2006 Protection from Unauthorized Access Defining MAC Based Port Access Control Using the Web Based Interface Define the MAC based port access control as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web Based Interface 3 Go to Security Port Security The following dialog box appears Configuration MAC Based Port Security OlP Based Port
23. 1 4 1 3833 Octet String ASCII character string PSID power supply identifier power supply number Time Ticks Stopwatch elapsed time in seconds numerical value 100 numerical value integer in the range 0 232 Timeout time value in hundredths of a second time value integer in the range 0 232 Type Field 4 digit hexadecimal number in accordance with ISO IEC 8802 3 Counter Integer 0 232 whose value is incremented by 1 when certain events occur 31007122 8 2006 131 General Information MIB Tree Structure 1 system 2 interfaces 3 at 4ip 5 icmp 7 udp 11 snmp 16 rmon 17dot1dBridge 26 snmpDot3MauMGT O O Oo The following flowchart describes the tree structure of the ESM MIB 2 mgmt 6 snmp V2 1 mib 2 3 modules 10 framework 14 saConfiguration 13 notification 15 usm 16 vacm Note Not all devices support all object classes The value not supported is given in response to a non supported object class request Any attempt to alter a non supported object class produces the message bad value 32 31007122 8 2006 General Information MIB II System Group 1 3 6 1 2 1 1 The system group is a required group for all systems It contains system related objects If an agent has no value for a variable then the response returned includes a string of length 0 1 system sysDescr
24. 7 saAuthGroup saFSUpdFileName saFSConfFileName saFSLogFileName saFSUserName saFSTPPassword saFSAction saFSActionRes saFSBootConfi ult guration saFSRunningConfiguration 1 saBackupC e saTemperature m empUprLimi Es saTempLwrLimi saAuthHostTab saAuthCommTab saAuthCommTab figGroup onfigAdapterStatus t E leEntriesMax leEntriesMax le 1 saAuthCommEntry 1 saAut 2 saAut 3 saAut 4 saAut saAuthHostTab 1 saAuthHos 1 saAut 2 saAut 3 saAut 4 saAut 5 saAut 6 saAut 8 saTrapGroup hCommIndex hCommName hCommPerm hCommState le tEntry hHostIndex hHostName hHostCommIndex hHostIpAddress hHostIpMask hHostState 31007122 8 2006 155 General Information bey co 10 paso 1 ese of 1 sa 2 sa 3 sa 1 4 sa aa 1 3 sa saMul salG 2 sa 1 2 TrapCommTableEntriesMax TrapDestTableEntriesMax TrapCommTable saTrapCommEntry 1 saTrapCommIndex 2 saTrapCommCommIndex 3 saTrapCommColdStart 4 saTrapCommLinkDown 5 saTrapCommLinkUp 6 saTrapCommAuthentication 7 saTrapCommBridge 8 saTrapCommRMON 9 saTrapCommUsergroup 10 saTrapCommDualHoming 11 saTrapCommChassis 12 saTrapCommState TrapDestTable saTrapDestEntry 1 saTrapDestIndex 2 saTrapD
25. A trap is sent if authenticationFailure A station attempts to access an agent without permission coldStart A cold and warm start occurs during the boot process after successful management initialization saMemoryBackupAdapterTrap The Memory back up adapter is inserted or removed linkDown The link to a port breaks linkUp The link to a port is re established saTemperature This alarm message is sent if the temperature exceeds the limit set saPowerSupply The status of the voltage supply changes saSignallingRelay The status of the signal contact changes newRoot The sending agent becomes the new root of the spanning tree topologyChange The transmission mode of a port changes risingAlarm An RMON alarm input exceeds the upper threshold fallingAlarm an RMON alarm input falls below the lower threshold 110 31007122 8 2006 Operation Diagnostics SNMP Traps when Booting Trap Description A trap is sent if saPortSecurityTrap A MAC address is detected at the port which does not correspond to the current settings of saPortSecPermission and saPorSecAction set either to trapOnly 2 or portDisable 3 saModuleMapChange The hardware configuration has changed saBDPUGuardTrap A BPDU is received at a port although the BPDU guard function is activated saRingRedReconfig when the configuration of the redundant ring changes
26. ConneXium Ethernet Cabling System Managed Switch Installation Manual 31007122 8 2006 About the Book Product Related Warnings User Comments Schneider Electric assumes no responsibility for any errors that may appear in this document If you have any suggestions for improvements or amendments or have found errors in this publication please notify us No part of this document may be reproduced in any form or by any means electronic or mechanical including photocopying without express written permission of Schneider Electric All rights reserved Copyright 2006 When controllers are used for applications with technical safety requirements please follow the relevant instructions Failure to use Schneider Electric software or approved software with our hardware products may result in injury harm or improper operating results Failure to observe this product related warning can result in injury or equipment damage We welcome your comments about this document You can reach us by e mail at techpub schneider electric com 10 31007122 8 2006 The User Interfaces At a Glance Overview This chapter provides information concerning the user interfaces What s in this This chapter contains the following topics 2 Chapter Topic Page The System Monitor 12 The Command Line Interface CLI 14 The Web Based Interface 16 31007122 8 2006 11 The User Inte
27. Enter the command no transport input telnet to switch off the Telnet server You can enable and disable the Web access via the CLI as follows Step Action 1 Enter the command enable to switch to the privileged EXEC mode 2 Enter the command ip http server to switch on the Web server 3 Enter the command no ip http server to switch off the Web server 31007122 8 2006 69 Protection from Unauthorized Access Disabling the Ethernet Switch Configurator ESC Function Description of the ESC Software Disabling and Limiting the ESC Function Using the Web Based Interface Disabling Limiting and Enabling the Ethernet Switch Configurator Function Using the Command Line Interface The ESC software see p 28 allows you to assign an IP address to the ESM on the basis of its MAC address Note For security reasons either limit or switch off completely the ESC function of the ESM after assigning the IP parameters You can disable or limit the ESC function as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Network 4 Switch off the ESC function in the Ethernet Switch Configurator Software group box or limit access to Read Only You can disable limit or enable the Ethernet Switch Configurator function as follows Step Action 1 Connect the ESM to a serial cable
28. browser window Click System Information to open the HTML file in a new browser window 124 31007122 8 2006 Operation Diagnostics Monitoring Port Traffic Port Mirorring In port mirroring data traffic related to one port the source port is copied to another the destination port Data traffic at the source port is not influenced by port mirroring A management tool connected to the destination port like an RMON probe can observe data traffic at the source port The destination port forwards data to be sent and blocks received data Port monitoring is shown in the figure below PLC Backbone RMON Probe 31007122 8 2006 125 Operation Diagnostics Monitoring Port Monitor port traffic as follows Traffic Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Diagnostics Port Mirroring The window below appears Module Port Source port Destination port J enabled Set Reload Delete Help o Select the source port whose data traffic you wish to monitor Select the destination port to which you have connected your management tool Click enabled to enable the function 126 31007122 8 2006 Appendices At a Glance What s in this Appendix The appendix contains the fo
29. control 72 port mirroring 125 figure 125 port traffic monitoring port traffic 125 31007122 8 2006 197 Index ports configuration 59 prioritization assignment of priorities 97 description 97 private MIB defined 151 R redundancy group 158 reload button 18 resetting the configuration to the default settings 49 RFCs 165 RMON group 141 S saving locally and on the EAM using the CLI 50 using the Web based interface 50 saving to a file using the CLI 51 using the Web based interface 51 server option 82 example 184 set button 18 settings loading and saving 43 signal contact configuration 115 display 116 setting manually 114 simple network management protocol group 140 SNMP traps definition 110 types 110 SNMP V2 management framework 160 module MIB 160 MPD group 160 notification group 162 target group 161 USM group 162 VACM group 163 SNTP configuration 80 description 79 preparation of configuration 79 screenshot 80 software updates tftp server for software updates 187 software updates using tftp update requirements 187 source address 24 static address entries 89 subidentifier 130 SunOS tftp process 188 system configuration using BOOTP 31 system group 133 system group objects 134 System Monitor data transfer parameters 12 opening 13 system network time protocols 76 T target table configuration 110 TCP 139 Telnet description of Tel
30. dotlqMaxVlanId 3 dotlqMaxSupportedVlans 31007122 8 2006 147 General Information 4 5 dotlqNumVlans dotlqGvrpStatus 2 dotlqTp 1 1 1 2 2 1 dotlgTpFdbTabl dotlqFdbTable dotlgFdb Entry dotlqFdbId dotlqFdbDynamicCount e dot1gTpFdbEntry 1 2 3 3 1 lt 2 3 dot1gTpGroup 1 dot1g1 dot1g1 dot1g1 dot1g1 dot1g1 pFdbAddress pFdbPort dot1g1 dotlqTpGroupTable En pGrou pGroup pGroup pFdbStatus try pAddress EgressPorts Learnt P04 1 1 2 3 5 js 1 sa 3 dotlqForwardAllTable dotlgForwardUnregisteredS dotlgForwardAllEntry dotlgForwardAllPorts dotlqForwardAllStaticPorts dotlqForwardAllForbiddenPorts dotlqForwardUnregisteredTabl dotlqForwardUnregisteredEntry dotlqForwardUnregisteredPorts taticPorts dotlgForwardUnregisteredForbiddenPorts 3 1 1 sh li 2 3 dotlgStatic dot1lgStaticUnicastTable dotlqStaticUnicastEntry dotlgqStaticUnicastAddress dot1gStaticUnicastReceivePort dot1gStaticUnicastAllowedToGoTo 148 31007122 8 2006 General Information 4 dot1gStaticUnicastStatus 2 dotlqStaticMulticastTable 1 dotlqStaticMulticastEntry 1 2 3 dotigqStaticMulticastAddress dotlqSt
31. in any way that the product will function as described and disclaims any responsibility for damages that may result from its use 186 31007122 8 2006 Switch Function Examples TFTP Server for Software Updates Switch Software The ESM software is in the flash memory by default The ESM boots the software from the flash memory Software updates can be realized via a tftp server This presupposes that a tftp server has been installed in the connected network and that it is active Note An alternative to the tftp update is the http update If you perform an http update you do not have to configure the tftp server The ESM requires the following information for updating software from the tftp server e its own IP address entered permanently e the IP address of the tftp server or gateway to the tftp server e the path in which the operating system of the tftp server is located File transfer between the ESM and the tftp server is handled by way of the Trivial File Transfer Protocol tftp Management station and tftp server may be made up of one or more computers Preparation of the tftp server for the ESM software involves e setting up the ESM directories and copying ESM software e setting up the tftp process Prerequisites for The general prerequisites for setting up the tftp process are the following Setting Up the e The ESM knows its local IP address and the IP address of tftp server
32. integrated into the multicast addressing scheme by means of a static filter address entry on the connector port The multicast tree is set up within 5 seconds in a network of up to 20 EMS modules after the multicast address has been entered for the first time at an EMS port This time period depends on the Join Time that is set default setting 200 ms 31007122 8 2006 93 Traffic Control Setting Multicast The remaining blocks of this map explain the setting of multicast applications Applications Global IGMP Set the multicast applications as follows GMRP Configuration Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Switching gt Multicasts The following figure shows the Multicasts dialog box Global Configuratio IGMP Querier 6 IGMP Snooping IGMP Querier active O GMRP Protocol Version O1 62 O disabled IGMP Static Module Port IGMP Forw Query enabled All Port 1 1 M O oO e 1 2 v 1 3 V 1 4 M O O 2 1 v 2 2 V 2 3 V oO Oo 2 4 V Set E 4 Click the check box to switch IGMP Snooping on off globally for the entire switch If the IGMP snooping is switched off e the switch does not evaluate query and report packets received and e it sends floo
33. is comparable to going from layer three to layer two of the ISO OSI base reference model Finally Romeo puts the entire data packet into the mailbox This is comparable to going from layer two to layer one i e to sending the data packet over the Ethernet Lorenzo receives the letter and removes the outer envelope From the inner envelope he recognizes that the letter is meant for Juliet He places the inner envelope in a new outer envelope and searches his address list the ARP table for Juliet s MAC address He writes her MAC address on the outer envelope as the destination address and his own MAC address as the source address He then places the entire data packet in the mail box Juliet receives the letter and removes the outer envelope exposing the inner envelope with Romeo s IP address Opening the letter and reading its contents corresponds to transferring the message to the higher protocol layers of the ISO OSI layer model Juliet would now like to send a reply to Romeo She places her reply in an envelope with Romeo s IP address as destination and her own IP address as source The question then arises where should she send the letter since she did not receive Romeo s MAC address It was lost when Lorenzo replaced the outer envelope In the MIB Juliet finds Lorenzo listed under the variable aNetGatewaylPAddr as a means of communicating with Romeo The envelope with the IP addresses is therefore placed in a further envelope with t
34. is described in the IEEE 1588 standard achieves accuracies in the order of fractions of microseconds Note Choose the protocol which best meets your requirements When using both protocols at the same time bear in mind that they interact 76 31007122 8 2006 Synchronizing the System Time of the Network Entering the System Time Entering the If there is no reference watch available you can enter the system time in the ESM System Time so that you can use it like a reference clock see p 80 Using PTP or SNTP Making Time Make settings independent of PTP or SNTP as follows Related Settings Using the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Time 4 Make your time related settings in the screen below IEEE 1588 SNTP time System time Set Time from PC Time Source local v Local offset min Set Offset from PC Sa Fe iy 31007122 8 2006 77 Synchronizing the System Time of the Network Possible Time Related Settings Setting the System Time and Entering Differences Between IEEE 1588 and SNTP Time Using the CLI You can make the following settings independent of PTP or SNTP e IEEE 1588 Time displays the time received via PTP SNTP Time displays the time with reference to Universal Time Coordinated UTC
35. m s em cas RFC 855 Telnet Option RFC 951 BOOTP RFC 1112 IGMPv1 RFC 1155 SMIv1 RFC 1157 SNMPv1 RFC 1212 Concise MIB Definitions RFC 1213 MIB2 RFC 1493 Dot1d RFC 1542 BOOTP Extensions RFC 1643 Ethernet Like MIB RFC 1757 RMON RFC 1769 SNTP RFC 1867 HTML 2 0 Forms W File Upload Extensions RFC 1905 Protocol Operations for SNMP v2 RFC 1906 Transport Mappings for SNMP v2 RFC 1907 MIB2 RFC 1908 Coexistence Between SNMP v1 and SNMP v2 RFC 1945 HTTP 1 0 RFC 2068 HTTP 1 1 RFC 2131 DHCP RFC 2132 DHCP Options RFC 2233 The Interface Group MIB Using SMI v2 RFC 1901 Community Based SNMP v2 RFC 2236 IGMPv2 31007122 8 2006 165 General Information RFC 2239 MAU MIB RFC 2246 The TLs Protocol Version 1 0 RFC 2271 SNMP Framework MIB RFC 2346 AES Ciphersuites for Transport Layer Security RFC 2570 Introduction to SNMP v3 RFC 2571 SNMP Framework RFC 2572 SNMP MPD RFC 2573 SNMP Applications RFC 2574 SNMP USM RFC 2575 SNMP VACM RFC 2576 Coexistence Between SNMP v1 v2 and v3 RFC 2578 SMI v2 RFC 2579 Textual Conventions for SMI v2 RFC 2580 Conformance Statements for SMI v2 RFC 2613 SMON RFC 2618 RAD
36. number of broadcasts that can be sent out of this port within a second If more than the maximum entered number of broadcasts are sent within a second the switch rejects all subsequent broadcasts destined for this port A global setting activates deactivates the broadcast limiter function at all ports Step Action Comment 1 Connect the ESM to an Ethernet cable Open the Web based interface 3 Go to Switching gt Broadcast In the check box you can switch on and Limiter to set the options per port off the broadcast limiter for all ports 4 Enter a number of broadcast for each e 0 no limitation on the broadcasts port out of this port gt 0 maximum number of broadcasts that can be sent out of this port 96 31007122 8 2006 Traffic Control Prioritization Descripton of This function prevents high priority data traffic from being disrupted by other traffic Prioritization during busy periods Low priority traffic is discarded when the memory or transmission channel is overloaded The EMS supports four priority queues traffic classes in compliance with IEEE 802 1D 1998 The assignment of received data packets to these classes depends on e the priority of the data packet contained in the VLAN tag priority over port priority e the priority for receiving the data packets that do not contain a tag see p 59 Assignment of The as
37. of a DHCP client with a name instead of the MAC address For the DHCP this name is known as the client identifier in accordance with rfc 2131 The ESM uses the name entered under sysName as the client identifier in the system group of the MIB II You can enter the system name directly via SNMP the Web based management or the user interface Configure the ESM as follows Step Action 1 Connect the ESM to a serial cable when using the CLI and to an Ethernet cable when using the Web based interface Activate DHCP to receive the configuration data in the CLI or refer to p 41 Change to the privileged EXEC mode by typing enable and press the ENTER key 4 Enable DHCP by typing configure protocol DHCP and press the ENTER key 5 Perform the configuration providing the DHCP server with the required switch data 6 Save the configuration performed by typing the command copy system running nvram startup config and press the ENTER key 7 Confirm that you wish to save the configuration by pressing Y 31007122 8 2006 35 Entering the IP Parameters Flow Chart for On startup an ESM receives its configuration data according to the BOOTP DHCP the DHCP procedure described in the following chart Process Start up Load boot configuration Local Default Load settings from flash memory ESM initialization ESM runs with settings from local flash Send DHCP BOOTP requ
38. programs whose distribution conditions are incompatible with these write to the author to ask for permission For software which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally 15 BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE THERE IS NO WARRANTY FOR THE LIBRARY TO THE EXTENT PERMITTED BY APPLICABLE LAW EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND OR OTHER PARTIES PROVIDE THE LIBRARY AS IS WITHOUT WARRANTY OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU SHOULD THE LIBRARY PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 31007122 8 2006 179 General Information Applying These Terms 16 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER OR ANY OTHER PARTY WHO MAY MODIFY AND OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE BE LIABLE TO YOU FOR DAMAGES INCLUDING ANY GENERAL SPECIAL INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE LIBRARY INCLUDING BUT NOT L
39. purpose remains meaningful For example a function in a library to compute square roots has a purpose that is entirely well defined independent of the application Therefore Subsection 2d requires that any application supplied function or table used by this function must be optional if the application does not supply it the square root function must still compute square roots These requirements apply to the modified work as a whole If identifiable sections of that work are not derived from the Library and can be reasonably considered independent and separate works in themselves then this License and its terms do not apply to those sections when you distribute them as separate works But when you distribute the same sections as part of a whole which is a work based on the Library the distribution of the whole must be on the terms of this License whose permissions for other licensees extend to the entire whole and thus to each and every part regardless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distribution of derivative or collective works based on the Library In addition mere aggregation of another work not based on the Library with the Library or with a work based on the Library on a volume of a storage or distribution medium does not bring the other work under the scope of this Lice
40. snmpNotifyFilterProfileTable 1 snmpNotifyFilterProfileEntry 1 snmpNotifyFilterProfileName 2 snmpNotifyFilterProfileStorType 3 snmpNotifyFilterProfileRowStatus 3 snmpNotifyFilterTable 1 snmpNotifyFilterEntry 1 snmpNotifyFilterSubtree 2 snmpNotifyFilterMask 3 snmpNotifyFilterType 4 snmpNotifyFilterStorageType 5 snmpNotifyFilterRowStatus USM Group The USM group User Based Security Model defines the elements of procedure for providing SNMP message level security 3 snmpModules 15 snmpUsmMIB 1 usmMIBObjects 1 usmStats 1 usmStatsUnsupportedSecLevels 2 usmStatsNotInTimeWindows 3 usmStatsUnknownUserNames 162 31007122 8 2006 General Information VACM Group 4 usmStatsUnknownEngineIDs 5 usmStatsWrongDigests 6 usmStatsDecryptionErrors 2 usmUser 1 usmUserSpinLock 2 usmUserTable 1 usmUserEntry 1 usmUserEnginelD 2 usmUserName 3 usmUserSecurityName 4 usmUserCloneFrom 5 usmUserAuthProtocol 6 usmUserAuthKeyChang 7 usmUserOwnAuthKeyChange 8 usmUserPrivProtocol 9 usmUserPrivKeyChang 10 usmUserOwnPrivKeyChange 11 usmUserPublic 12 usmUserStorageType 13 usmUserStatus The VACM group View based Access Control Model defines the elements of
41. sysObjectID sysUpTime sysContact sysName sysLocation sysServices sysORLastChange sysORTable 1 sysOREntry 1 sysORIndex 2 sysORID 3 sysDescr 4 sysORUpTime 31007122 8 2006 133 General Information System Group Objects The following table describes the member objects of the system group Object OID Syntax Access Description sysDescr 1 3 6 1 2 1 1 1 0 ASCII String Size 0 255 Read Is a verbal description of the entry This value should contain the full name and version number of type of system hardware operating system software and network software The description must consist only of printable ASCII characters sysObjectID 1 3 6 1 2 1 1 2 0 Object identifier Read Is the authorization identification of the manufacturer of the network management system that is integrated in this device This value is placed in the SMI enterprises subtree 1 3 6 1 4 1 and describes which type of device is being managed For example if the manufacturer Schneider Electric is assigned the subtree 1 3 6 1 4 1 3833 then he can assign his switch the identifier 1 3 6 1 4 1 3833 1 1 sysUpTime 1 3 6 1 2 1 1 3 0 Time ticks Read Is the time in 1 100 seconds since the last reset of the network management unit sysContact 1 3 6 1 2 1 1 4 0 ASCII string size 0 255 Read and write Is the clear text identification of the co
42. system time 6 Enter the command sntp client offset lt 1000 to 1000 gt to enter the time offset between local time and IEEE1588 SNTP Time 78 31007122 8 2006 Synchronizing the System Time of the Network Simple Network Time Protocol SNTP Description of SNTP Preparing the SNTP Configuration SNTP has a hierarchical structure The SNTP server provides Universal Time Coordinated UTC UTC is the time which is referenced to SNTP The same time is displayed worldwide Local time differences are not taken into account The ESM supports the SNTP server and the SNTP client functions The figure below shows a SNTP application example GPS PLC Client Switch 149 218 112 0 Client Client Server Client Server Client Server 149 218 112 1 149 218 112 2 149 218 112 3 Prepare the configuration as follows Step Action 1 To gain an overview of how the system time is passed on draw a network plan which shows all devices involved in SNTP Please bear in mind that the accuracy of the system time depends on signal running time Switch on the SNTP function on all devices whose time you want to set using SNTP If you do not have a reference clock at your disposal use a switch as the reference clock and set its system time as accurately as possible Note To ensure the most accurate system time distribution possible do not
43. the Memory Back Up Adapter EAM Uses of the EAM Loading the System Configuration from the EAM Loading the System Configuration from the Local Memory The EAM is a USB device used for e storing the configuration data of an ESM e storing the ESM software e providing back up if the ESM fails In case the switch fails the EAM enables a very simple configuration data transfer by means of a substitute switch of the same type When you start the switch it checks for an EAM If it detects an EAM with a valid password and valid software the ESM loads the configuration data from the EAM The password is valid if e the password on the ESM matches the password on the EAM or e the default password is saved on the ESM To save the configuration data in the EAM see p 50 Note If there is no valid password load the system configuration from the local memory 30 31007122 8 2006 Entering the IP Parameters System Configuration Using BOOTP Basic To configure the ESM using BOOTP you need a BOOTP server The BOOTP Information server matches the configuration data to the ESM on the basis of its MAC address Note For loading the configuration data the ESM default setting is DHCP mode so this method requires changing the ESM to the BOOTP mode Configuration Configure the ESM as follows Procedure Using t Act CLI or the Web Step ee Based Inte
44. the Web based interface 3 Goto Switching gt VLAN gt Static The following dialog box appears VLAN ID Name Status 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 1 Default activeU U U jU JU JU JU JU Set Reload Create entry Delete Help foo 4 Click Create and enter the appropriate VLAN ID in the dialog box shown below Subsequently a new line appears in the table VLAN Index Q Please enter VLAN ID 2 OK Cancel Java Applet Window 31007122 8 2006 105 Traffic Control Step Action 5 Enter the name of you choice for this VLAN 6 Define in the dialog box shown below the affiliation of the ports you reguire and save your settings by pressing Set You can choose from the following options nota member of the VLAN e M a member of the VLAN packet is transmitted with a tag e F not a member of the VLAN e U a member of the VLAN packet is sent without a tag For the following explanation refer also to the section Simple VLAN Example below Ports 1 to 3 are assigned to the end devices of the yellow VLAN and ports 4 to 5 to the end devices of the green VLAN As end devices normally do not sent data packets with a tag the setting U must be selected here Port 6 serves as uplink port to the next switch It is assigned the setting M The VLAN information can thus be passed on Simple VLAN This exam
45. two dynamic parts e The management administrator describes the static part of the filter table dot1StaticTable e During operation the switch is capable of learning which ports will receive tagged frames from which source addresses This information is stored in the dynamic part of the table dot1dTpFdbTable e Addresses learned from the neighboring agent and those learned by GMRP are written to another dynamic part Addresses already located in the static filter table are automatically transferred by a switch into the dynamic part An address entered statically cannot be overwritten through learning Note If the redundancy manager is active it is not possible to make permanent unicast entries Note In the filtering database you can create up to 100 filters for multicast addresses 90 31007122 8 2006 Traffic Control Multicast Application Description of Multicast Application The data distribution in the LAN distinguishes between three distribution classes with reference to the addressed recipient e unicast one recipient e multicast a group of recipients e broadcast every recipient that can be reached In the case of a multicast address switches pass all data packets with a multicast address to all ports in the multicast group This leads to an increased bandwidth requirement Protocols such as GMRP and processes such as IGMP Snooping enable the switches to exchange inf
46. v 1 7 B6 06 00 00 01 00 01 07 v 1 8 B6 06 00 00 01 00 01 08 V Set Heb iggy In line 1 of the Server IP Address group box enter the DHCP servers IP address In the Operation line of the DHCP Option 82 group box select On Choose MAC from the drop down list in the Type line oO a amp wo Click Set to save the configuration 31007122 8 2006 185 Switch Function Examples DHCP Option 82 Server Hardware Address DHCP option 82 servers require that you input a hardware address This address consists of the switch s remote ID and circuit ID The circuit ID identifies the port on the switch where the device to which you want to assign an IP address is connected The addresses of remote ID and circuit ID are shown on the DHCP Relay Agent web page which is shown in step 2 of the procedure above In the screen above the remote ID is A104C0A8A8C8 If the device is connected to port 7 of the switch then the circuit ID is B606000001000107 Note One tool you may use to set up DHCP server option 82 on your PC is haneWIN which can be downloaded from the www hanewin de website You may elect to use other appropriate software like those included with Windows 2000 servers or Linux operating systems The haneWiIN software can be tested for 30 calendar days from the date of the first installation before deciding whether you want to purchase a license Schneider Electric does not guarantee
47. 0 6 10 100 TX 1 100 FX MM 1 100 FX SM Managed 16 Port Version TCSESM163F23F0 16 10 100 TX Managed TCSESM163F2CU0 14 10 100 TX 2 100 FX MM Managed 24 Port Version TCSESM243F2CU0 22 10 100 TX 2 100 FX MM Managed Gigabit 10 Port Version TCSESM103F23G0 8 10 100 TX 2 10 100 1000 TX Managed TCSESM103F2LGO 8 10 100 TX 2 1000 SFP fiber Managed Note These products ship with open sockets SFP on the fiber ports so in order to use these ports you must order 1 or 2 media modules shown below Fiber Media Modules TCSEAAF1LFU00 SFP SX LC fiber module for Gigabit TCSEAAF1LFS00 SFP LX LC fiber module for Gigabit TCSEAAF1LFHOO SFP LH LC fiber module for Gigabit Accessories TCSEAM0100 Memory Backup Adapter 31007122 8 2006 171 General Information Copyright for Integrated Software GNU Lesser General Public License Preamble Version 2 1 February 1999 Copyright C 1991 1999 Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document but changing it is not allowed This is the first released version of the Lesser GPL It also counts as the successor of the GNU Library Public License version 2 hence the version number 2 1 The licenses for most software are designed to take away your freedom to share and
48. 10 To be able to communicate with earlier versions of SNMP select SNMPv1 2 enabled 11 Select SNMPv1 enabled or SNMPv2 enabled in the table to determine which IP addresses are allowed to access the ESM and which type of passwords are to be used The table allows you to create up to 8 entries For security reasons the read password and the read write password must not be identical Please note that passwords are case sensitive 12 To create a new line in the table Click Create entry 13 To delete an entry select the line in the table and click Delete The items in the table have the following meanings e Index current number for this table entry e Password password the computer must use to have access to the ESM This password is independent of the SNMPv3 password IP address IP address of the computer permitted to access the ESM IP mask IP mask to the IP address Access Mode determines if the computer has read only or write access Active enabling disabling this entry 31007122 8 2006 67 Protection from Unauthorized Access Setting the Telnet Web Based Access Description of Telnet Access Description of Web Based Access Disabling and Enabling Telnet or Web Based Access Using the Web Based Interface The Telnet server of the ESM allows you to configure the ESM using the Command Line Interface CLI You can switch off the Telnet server to prevent Telnet access to the ESM The default setting is tha
49. 184 TFTP Server for Software Updates aaa 187 cjg A chun ws a St ws Rc ne 191 Bc an ac a ug at Rr Dw Se i ec 195 Safety Information Aa Important Information NOTICE Read these instructions carefully and look at the equipment to become familiar with the device before trying to install operate or maintain it The following special messages may appear throughout this documentation or on the equipment to warn of potential hazards or to call attention to information that clarifies or simplifies a procedure The addition of this symbol to a Danger or Warning safety label indicates A that an electrical hazard exists which will result in personal injury if the instructions are not followed This is the safety alert symbol It is used to alert you to potential personal injury hazards Obey all safety messages that follow this symbol to avoid possible injury or death A DANGER DANGER indicates an imminently hazardous situation which if not avoided will result in death or serious injury A WARNING WARNING indicates a potentially hazardous situation which if not avoided can result in death serious injury or equipment damage A CAUTION CAUTION indicates a potentially hazardous situation which if not avoided can result in injury or equipment damage 31007122 8 2006 Safety Information PLEASE NOTE Electrical equipment should be installed operated serviced and ma
50. 31007122 01 Telemecanique ConneXium Ethernet Cabling System Managed Switch Configuration Manual 8 2006 Schneider Electric Building a New Electric World Table of Contents Chapter 1 Chapter 2 Chapter 3 Chapter 4 Safety Information aa 7 About the Book sidissssiskssis sads s ns k ts ads 9 The User Interfaces 002 c eee eee aa 11 The System Monitor 0 0 0 cece eee eae 12 The Command Line Interface CLI 0 0 0 0 cece eee 14 The Web Based Interface 1 2 cee teens 16 Entering the IP Parameters a 21 Basics of the IP Parameters aaa 22 Configuring the ESM using the Command Line Interface 26 Configuring the ESM Using the Ethernet Switch Configurator ESC Softwares tnra eyes ad are tees ie he nts teats ane utis aa jaki 28 Loading the System Configuration from the Memory Back Up Adapter EAM A i itis elect A cathy M es te dace i S 30 System Configuration Using BOOTP 1 aaa 31 System Configuration Using DHCP 11 anaran anae 35 System Configuration Using DHCP Option 82 0 0 0 c ee eee eee 40 System Configuration Using the Web Based Interface 41 Faulty Device Replacement 0 00 0 cee eee ett 42 Loading and Saving Settings eee eens 43 Loading Settings ni esarri t m s etwas ed hen et Gs Jr dusk a eel as 44 SAVING SCUINGS a iee Gee ea heen Aneta dans d anise js in 50 Loading S
51. 7100 saRingCplInterconnGroupID saRingCplInterconnlfIndex saRingCplInterconnIfOpState saRingCplControlGroupID saRingCplControllIfIndex saRingCplControlIfOpState saRingCplControlMode saRingCplPartnerIpAddr saRingCplPartnerInterconnGroupID saRingCpl saRingCpl saRingCp saRingCp saRingCp saRingCp PartnerInterconnIfIndex LPartnerInterconnIfOpState lOperState 1Mode LRowStatus ConfigOperState saRingCp 1CouplingLinks 31007122 8 2006 159 General Information SNMP V2 Module MIB Overview The SNMP V2 Module MIB is based on the SNMP MIB Simple Network Management Protocol Group Framework Group Frameworks 3 10 The framework group contains parameters for describing SNMP Management snmpModules snmpFrameworkMIB 2 snmpFramewor 1 kMIBObjects snmpEngine snmpEngineID snmpEngineBoots snmpEngineTime snmpEngineMaxMessageSiz MPD Group The MPD group Message Processing and Dispatching contains parameters for dispatching SNMP messages which are potentially in different SNMP versions It defines the procedures for dispatching potentially multiple versions of SNMP messages 3 snmpModules 11 snmpMPDMIB 2 snmpMPDMIBObjects 1 2 3 snmpUnknownSecurityModels snmpInvalidMsgs snmpUnknownPDUHandlers 160 31007122 8 2006 General Information Target Group
52. 8 1 100 product product cfg Delete current configuration current configuration an local Delete configuration AutoConfiguration Adapter tus notPresent Set O Help ex 4 Click from URL in the group box Load if you want the ESM to load the configuration data from a file and to retain the locally saved configuration Click from URL amp Save Locally in the group box Load if you want the ESM to load the configuration data from a file and to save this configuration locally In the URL edit box type the field path under which the ESM finds the configuration file Click Load Configuration 31007122 8 2006 47 Loading and Saving Settings Example of Loading a File from the TFTP Server Using the Web Based Interface Trouble Shooting Using the Web Based Interface Loading Settings from a File Using the CLI Load a file from the tftp server as follows Step Action 1 To enable yourself to download a file from the tftp server save the configuration file into the corresponding path of the tftp server with the file name e g switch switch_o1 cfg see p 51 2 Type the path to the tftp server in the edit box URL e g tftp 149 218 112 5 ESM config dat To load from an ETY or NOE module the URL is tftp IPaddress RAM0 switch rolename prm where the Paddress is the IP address of the module and switch rolename is the roll name assigned to the switch You can trouble shoot
53. 9 218 112 111 filename agent config dat Lines that start with a character are comment lines The lines preceding the individually listed devices refer to settings that apply to all the following devices The fixed address line assigns a permanent IP address to the device 31007122 8 2006 39 Entering the IP Parameters System Configuration Using DHCP Option 82 General If you want to configure the system using DHCP Option 82 you need a DHCP server Information with Option 82 The DHCP server matches the configuration data to the ESM based on its physical connection As with the classic DHCP on startup an agent receives its configuration data according to the BOOTP DHCP process flow chart see p 36 The system configuration is based on the classic DHCP protocol on the device being configured whereas Option 82 is based on the network topology This procedure allows you to always assign the same IP address to any device connected to a particular location port of a switch on the LAN For the installation and configuration of a DHCP Option 82 server refer to p 184 The figure shows an application example of DHCP Option 82 PLC Switch Option 82 MAC Address 00 80 63 10 9a d7 P 149 218 112 100 IP 149 218 112 100 DHCP Server p a 149 218 112 1 mE A 40 31007122 8 2006 Entering the IP Parameters S
54. AN ID Every VLAN in a network is identified with an ID which must be unique i e every ID may only be assigned once in the network Port VLAN Identifier PVID The management assigns a VLAN ID for every port Thus it is known as the port VLAN ID The switch adds a tag to every packet received without a tag This tag contains a valid VLAN ID When a data packet is received with a priority tag the switch adds the port VLAN ID Member Set The member set is a list of ports belonging to a VLAN Each VLAN has a member set Untagged Set The untagged set is a list of the ports of a VLAN which send data packets without a tag Every VLAN has an untagged set 102 31007122 8 2006 Traffic Control Configuring VLANs Configuration Procedure Using the Web Based Interface Configure VLANs as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go the Switching gt VLAN gt Global The figure shows the VLAN Global dialog box Version Max VLAND ID Number of VLANs 1 version 4042 Max supported VLANs 256 Fe ig Under VLAN you will find all tables and attributes to configure and monitor the VLAN functions complying with IEEE 802 1Q standard Note When configuring VLAN ensure that the port to which your management station is connected can still send data of the management sta
55. AgingTime dotldTpFdbTable 1 dotldTpFdbEntry 1 dotlidTpFdbAddress 2 dotldTpFdbPort 3 dotldTpFdbStatus dotldTpPortTable 1 dotldTpPortEntry 1 dotldTpPort 2 dotldTpPortMaxInfo 3 dotldTpPortInFrames 4 dotldTpPortOutFrames 5 dotldTpPortInDiscards dStatic dotl1dStaticTable 1 dotldStaticEntry 1 dotldStaticAddress 2 dotldStaticReceivePort 3 dotldStaticAllowedToGoTo 4 dotldStaticStatus dgeMIB pBridgeMIBObjects 1 dotidExtBase 146 General Information 1 dotldDeviceCapabilities 2 dotlidTrafficClassesEnabled 3 dot1dGmrpStatus 4 dotldPortCapabilitiesTable 1 dotldPortCapabilitiesEntry 1 dotldPortCapabilities 2 dotldPriority 1 dotldPortPriorityTable 1 dotldPortPriorityEntry 1 dot1dPortDefaultUserPriority 2 dot1dPortNumTrafficClasses 3 dotlidTrafficClassTable 1 dotldPortPriorityEntry 1 dot1ldTrafficClassPriority 2 dotldTrafficClass 3 dot1dGarp 1 dotldPortGarpTable 1 dotlidPortGarpEntry 1 dotldPortGarpJoinTime 2 dotldPortGarpLeaveTime 3 dot1dPortGarpLeaveAllTime 4 dot1dGmrp 1 dot1dPortGmrpTable 1 dot1dPortGmrpEntry 1 dot1dPortGmrpStatus 2 dot1dPortGmrpFailedRegistrations 3 dot1dPortGmrpLastPduOrigin 7 gBridgeMIB 1 gBridgeMIBObjects 1 dotlqBase 1 dotlqVlanVersionNumber 2
56. Entering the Aging Time in the Web Based Interface Static Address Entries Enter the aging time as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Switching gt Global 4 Enter the Aging Time s for all dynamic entries in the range from 10 to 630 seconds Unit 1 second default setting 30 One of the most important functions of a switch is the filter function It selects tagged frames according to certain defined patterns called filters These patterns are associated with switching rules This means that a tagged frame received at the port of a switch is compared to the patterns If no pattern matches the tagged frame the switch will either transmit or reject the packet according to the switching rules for the affected ports The following are valid filter criteria e destination address e broadcast address e multicast address e VLAN membership The Ethernet tagged frame format is shown in the following figure Ke o ir 8 o E Q L d gt n D D O N LL Ko 2 o Om L c D a O oE S lt 2 D m BS LE Oo oO o Of etc 8S L L ir 29 at B D G N c Oo og oO O O O c O ao ao O a QO a L0 minimum 64 maximum 1518 octets 31007122 8 2006 89 Traffic Control The individual filters are stored in the filter table The table is divided into three parts a static part and
57. IMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES END OF TERMS AND CONDITIONS If you develop a new library and you want it to be of the greatest possible use to the public we recommend making it free software that everyone can redistribute and change You can do so by permitting redistribution under these terms or alternatively under the terms of the ordinary General Public License To apply these terms attach the following notices to the library It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty and each file should have at least the copyright line and a pointer to where the full notice is found lt one line to give the library s name and a brief idea of what it does gt Copyright C lt year gt lt name of author gt This library is free software you can redistribute it and or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation either version 2 1 of the License or at your option any later version This library is distributed in the hope that it will be useful but WITHOUT ANY WARRANTY without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE See the GNU Lesser General P
58. IUS Authentication Client MIB RFC 2620 RADIUS Accounting MIB RFC 2674 Dottp O RFC 2818 HTTP over TLs RFC 2851 Internet Addresses MIB RFC 2865 RADIUS Client RFC 2866 RADIUS Accounting RFC 2868 RADIUS Attributes for Tunnel Protocol Support RFC 2869 RADIUS Extensions RFC 2869 RADIUS Support for EAP RFC 2933 IGMP MIB 166 31007122 8 2006 General Information IEEE Standards List of IEEE Standards The following table lists the IEEE standards applying to the ESM Standard Explanation IEEE 802 1 D Switching GARP GMRP Spanning Tree supported via 802 1S implementation IEEE 802 1 D 1998 Media Access Control MAC bridges includes IEEE 802 1p Priority Dynamic and Multicast Filtering GARP GMRP IEEE 802 1 Q 1998 Virtual Bridged Local Area Networks VLAN Tagging port based VLANs GVRP IEEE 802 1S Multiple Spanning Tree IEEE 802 1 v Protocol Based VLANs IEEE 802 1 w 2001 Rapid Reconfiguration supported via 802 1S implementation IEEE 802 1 X Port Authentication IEEE 802 3 2002 Ethernet IEEE 802 3 ac VLAN Tagging IEEE 802 3 ad Link Aggregation with static LAG and LACP Support IEEE 802 1 X Port Authentication IEEE 802 3 x Flow Control 31007122 8 2006 167 General Information Dimension Drawings
59. Monitoring correct operation OManual setting Monitoring correct operattea Contact Opened error Closed ok Powersupply 1 Powersupply 2 Temperature Module removal EAM removal Connection error HIPER Ring Ring Network CouplOdMVonitor Ignore Monitor Monitor O Monitor Monitor O Monitor O Monitor O Monitor O Ignore O Ignore Ignore O Ignore Ignore Ignore Ignore Manual settipag _ Contact Openedo Closed Trapconfiguratien generate Trap 7 Set Reload Feb ga 31007122 8 2006 115 Operation Diagnostics Step Action 2 In the Mode Signal contact group box select Monitoring correct operation to use the contact for function monitoring In the Monitoring correct operation group box select the events which you want to have monitored For temperature monitoring go to Basics gt System In the line Temperature C of the System Data group box set the temperature thresholds to be monitored Displaying the You can view the signal contact state in three ways Signal Contact Using the LED display e using the web based interface e executing a query in the command line interface Alarm This portion of the home page provides information on the alarm state of the ESM r Signal Contact 1 G asso Time o
60. O O O cd ao O 0 Fo O O a ww 42 1500 octets minimum 64 maximum 1522 octets The tag format is shown in the following figure Tag protocol identifier 2 x 8 bit Priority 3 bit Canonical format identifier 1 bit AN identifier 12 bit 4 octets Set the Prioritization as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Port Configuration Specify in the Port Priority column the priority low normal high admin with which the switch sends data packets which it receives without a VLAN tag at this port 98 31007122 8 2006 Traffic Control Flow Control Description of Flow control is a mechanism which acts as an overload protection During periods Flow Control of heavy traffic it holds off additional traffic In the example below the functioning of flow control is displayed graphically Workstations 1 2 and 3 want to simultaneously transmit a large amount of data to workstation 4 The combined bandwidth of Workstations 1 2 and 3 is larger than the bandwidth of workstation 4 to the switch This leads to an overflow of the send queue of port 4 The left hand funnel symbolizes this status If the flow control function at ports 1 2 and 3 of the switch is turned on the switch reacts before the funnel overflows Ports 1 2 and 3 send a message to the connected devices that no data may be received at presen
61. Security Port Allowed Current Allowed Modul Port odut OT Status MAC Address MAC Address IP Address ction 1 1 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 1 2 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 1 3 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 1 4 enabled 00 00 00 00 00 00 00 E0 18 95 D8 61 0 0 0 0 none 2 1 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 2 2 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 2 3 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 2 4 enabled 00 00 00 00 00 00 00 0D 60 6F 1E E0 0 0 0 0 none Set Help igs 4 Choose MAC Based Port Security port Without an entry data can be received from any device In the Allowed MAC Address column enter the MAC address of the device with which data exchange is permitted at this column 6 Press the left mouse button to copy an entry from the Current MAC Address column into the Allowed MAC Address The Current MAC Address column shows the MAC address of the device from which data was received last no action none message by sending a trap trapOnly TA In the Action column select one of the following reactions to an unauthorized access attempt the respective port in the Port Configuration table is disabled see p 59 and trap portDisabled is sent An entry in the Port Configuration table is part of the configuration and is
62. The Target group contains parameters for specifying targets of SNMP management operations 3 snmpModules 12 snmpTargetMIB 2 snmpTargetObjects 1 snmpTargetSpinLock m 1 snmp 2 snmp 3 snmp 4 snmp a 5 snmp n 6 snmp Fe 7 snmp 8 snmp 9 snmp 1 snmpTargetParams t 6 snmp 2 snmpTargetAddrTable 1 snmpTargetAddrEntry TargetAddrName TargetAddrTDomain TargetAddrTAddress TargetAddrTimeout TargetAddrRetryCount TargetAddrTagList TargetAddrParams TargetAddrStorageType TargetAddrRowStatus 3 snmpTargetParamsTable Entry 1 snmpTargetParamsName 2 snmpTargetParamsMPModel 3 snmpTargetParamsSecurityModel 4 snmpTargetParamsSecurityName 5 snmpTargetParamsSecurityLevel TargetParamsStorageType 7 snmpTargetParamsRowStatus 4 snmpUnavailableContexts 5 snmpUnknownContexts 31007122 8 2006 161 General Information Notification The Notification group contains parameters for specifying targets for notification Group filtering 3 snmpModules 13 snmpNotificationMIB 1 snmpNotifyObjects 1 snmpNotifyTable 1 snmpNotifyEntry 1 snmpNotifyName 2 snmpNotifyTag 3 snmpNotifyType 4 snmpNotifyStorageType 5 snmpNotifyRowStatus 2
63. TopologyIpAddress saESMDisableLearningGroup ESMVlanGroup ESMVlanMode tt ti tt PSGroup ESMPSAlarm ESMDisableLearningStatus SigRelayGroup ESMSigRelayMode ESMSigRelayManualState SMVlanStatus ESMSelftestGroup SMSelftestResult SMSelftestMode 31007122 8 2006 153 General Information Management The management group contains parameters for configuring the management Group agent 14 saConfiguration 2 saAgent Sas 1 20 30 1 saAction 3 saNetwor I 85 2 saActionResult k saNetLocall saNetLocalP saNetGatewa saNetMask saNetAction saNetVlanID saNetEther aNetEth saNetSNTPG 1 saNetSN 2 saNetSN 3 saNetSN 4 saNetSN 5 saNetSN 6 saNetSN 7 saNetSN 8 saNetSN 9 saNetSN 10 saNetS 11 saNetS saNetSNMPG 1 saNetSN 2 saNetSN 3 saNetSN 4 saNetSN 4 saFSTable PAddr hysAddr yIPAddr netSwitchConfigurationGroup ernetSwitchConfigurationStatus roup TPStatus m PServer m PTime TPLocalOffset PServer2 PSyncInterval PAcceptBroadcasts TPAnycastAddr m PAnycastVlan NTPAnycastInterval NTPOperStatus roup PvlStatus Pv2Status Pv3Status PAccessStatus 154 31007122 8 2006 General Information 9 e 4 2 8 sa 110 200 saBackupCon 5 saTempTable
64. address to which the SNTP server on the switch sends the SNTP data packets target address 224 0 1 1 the SNTP packets are sent to multicast 7 Go to the Configuration SNTP Server group box and specify under VLAN ID the VLAN to which the ESM may periodically send SNTP packets 80 31007122 8 2006 Synchronizing the System Time of the Network Step Action 8 Gotothe Configuration SNTP Server group box and specify under Anycast send interval the interval at which the ESM sends SNTP packets valid entries 1 second to 3600 seconds default 120 seconds 9 Go to the Configuration SNTP Client group box and enter under External server address the IP address of the SNTP server from which the switch periodically obtains the system time 10 Gotothe Configuration SNTP Client group box and enter under Redundant server address enter the IP address of the SNTP server from which the ESM periodically obtains the system time if the ESM does not receiveananswerfromthe External Server AddresswithinO 5secondsaftermakingtheguery Note If you receive the system time from an external redundant server address do not accept any SNTP broadcasts Otherwise you do not know whether the ESM displays the time from the server entered or the time from an SNTP broadcast package 11 Gotothe Configuration SNTP Client group box and specify under Server reguest interval the interval at which the EMS reguests SNTP packages val
65. art 6 After booting the switch click reload in your browser to re enable your access to the ESM 31007122 8 2006 57 Loading Software Updates Loading Software Updates via HTTP Loading Proceed as follows to update the software on your switch Procedure Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Software The following dialog box appears Stored version RAM Running version Bachup version 2 00 2005 05 06 23 13 RAM 2 00 2005 05 06 23 13 BAK 2 00 2005 05 06 16 53 ctftp Sotware Update URL _ tftp 192 168 1681 100 product product bin tftp Update http http Update Hep 4 Click http Update to open the http Update browser window 5 Click Browse to select the software on you PC for the update 6 Click Update to transfer the software to the switch One of the following messages is displayed when the update has been completed e Update completed successfully e Update failed Reason incorrect file e Update failed Reason file damaged e Update failed Reason flash error Close this browser window File Close to return to the Software dialog box After the software procedure has been completed successfully go to Basics Restart and perform a cold start by clicking Restart Swtich 9 Click Reload in your browser to re enable ESM access af
66. as follows Step Action Comment 1 View the status of the loading If you get an error message while saving procedure in the selected option URL the configuration one reason may be amp Save Locally of the group box that the loading procedure has not been Load completed DHCP BOOTP does not finish the loading procedure until a valid configuration has been loaded 2 If DHCP BOOTP cannot find any valid configuration stop the active loading procedure by loading the local configuration via the Load group box Load settings from a file as follows Step Action 1 Connect the ESM to a serial cable Open the CLI Enter the enable command to change to the privileged EXEC mode AJOIN Enter the command copy tftp 149 218 112 159 switch config dat nv ram startup config if you want the switch to load the configuration data from a tftp server in the connected network 48 31007122 8 2006 Loading and Saving Settings Resetting the Configuration to the Default Settings Resetting the Configuration to the Default Settings Using the Web Based Interface Resetting the Configuration to the Default Settings Using the System Monitor The switch enables you to e reset the current configuration to the default settings The locally saved configuration is retained e reset the ESM to the default settings After a restart the IP address is also set to the de
67. aticMulticastReceivePort dotlqStaticMulticastStaticEgressPorts 4 dotlqStaticMulticastForbiddenEgressPorts Fa 4 dotlgVlan dot1lgStaticMulticastStatus 1 dotlgVlanNumDeletes 3 dotlqVlanStaticTable 1 dotlqVlanStaticEntry 1 dotlgVlanStaticName 2 dotlqVlanStaticEgressPorts 3 dotiqVlanForbiddenEgressPorts 4 dotlqVlanStaticUntaggedPorts 5 dotlgVlanStaticRowStatus 5 dotlqPortVlanTable 1 dot1lgPortVlanEntry 5 1 dot1lgPvid 2 dotlqPortAcceptableFrameTypes 3 dotlqPortIngressFiltering 4 dotlqPortGvrpStatus dot1gPortGvrpFailedRegistrations 6 dot1lgPortGvrpLastPduOrigin 31007122 8 2006 149 General Information MAU The MAU management group is responsible for setting the autonegotiation Management parameters Group 26 snmpDot 3MauMgt 1 3 6 1 2 1 26 2 dot3IfMauBasicGroup 1 ifMauTable 1 ifMauEntry 1 ifMaulfIndex 2 ifMaulndex 3 ifMauType 4 ifMauStatus 5 ifMauMediaAvailable 6 ifMauMediaAvailableStateExits 7 ifMauJabberState 8 ifMauJabberingStateEnters 9 ifMauFalseCarriers 10 ifMauTypeList 11 ifMauDefaultType 12 ifMauAutoNegSupported 5 dot3IfMauAutoNegGroup 1 ifMauAutoNegTable 1 ifMauAutoNegEntry 1 ifMauAutoNegAdminStatus 2 ifMauA
68. ation Transfer Control The transfer control protocol group is required for all systems that have implemented Protocol Group TCP Instances of objects that describe information about a particular TCP 1 3 6 1 2 1 6 connection exist only as long as the connection exists 6 tcp 1 tcpRtoAlgorithm 2 tcpRtoMin 3 tcpRtoMax 4 tcpMaxConn 5 tcpActiveOpens 6 tcpPassiveOpens 7 tcpAttemptFails 8 tcpEstabResets 9 tcpCurrEstab 10 tcpInSegs 11 tcpOutSegs 12 tcpRetransSegs 13 tepConnTable 1 tepConnEntry 1 tcpConnState 2 tcpConnLocalAddress 3 tepConnLocalPort 4 tcpConnRemAddress 5 tcpConnRemPort 14 tcpInErrs 15 tcpOutRsts 31007122 8 2006 139 General Information User Datagram Protocol Group UDP 1 3 6 1 2 1 7 7 Gas 1 2 3 lt ld 5 The user datagram protocol group is reguired for all systems that have implemented udpInDatagrams udpNoPorts udpInErrors udpOutDatagrams udpTable 1 udpEntry 1 2 udpLocalAddress udpLocalPort Simple Network Management Protocol Group 1 3 6 1 2 1 11 11 snmp The simple network management protocol group is required for all systems In SNMP installations that have been optimized to support either just one agent or one management station some of the listed object
69. ce code even though third parties are not compelled to copy the source along with the object code 5 A program that contains no derivative of any portion of the Library but is designed to work with the Library by being compiled or linked with it is called a work that uses the Library Such a work in isolation is not a derivative work of the Library and therefore falls outside the scope of this License However linking a work that uses the Library with the Library creates an executable that is a derivative of the Library because it contains portions of the Library rather than a work that uses the library The executable is therefore covered by this License Section 6 states terms for distribution of such executables When a work that uses the library uses material from a header file that is part of the Library the object code for the work may be a derivative work of the Library even though the source code is not Whether this is true is especially significant if the work can be linked without the Library or if the work is itself a library The threshold for this to be true is not precisely defined by law If such an object file uses only numerical parameters data structure layouts and accessors and small macros and small inline functions ten lines or less in length then the use of the object file is unrestricted regardless of whether it is legally a derivative work Executables containing this object code plus portions of the Lib
70. change it By contrast the GNU General Public Licenses are intended to guarantee your freedom to share and change free software to make sure the software is free for all its users This license the Lesser General Public License applies to some specially designated software packages typically libraries of the Free Software Foundation and other authors who decide to use it You can use it too but we suggest you first think carefully about whether this license or the ordinary General Public License is the better strategy to use in any particular case based on the explanations below When we speak of free software we are referring to freedom of use not price Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software and charge for this service if you wish that you receive source code or can get it if you want it that you can change the software and use pieces of it in new free programs and that you are informed that you can do these things To protect your rights we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights These restrictions translate to certain responsibilities for you if you distribute copies of the library or if you modify it For example if you distribute copies of the library whether gratis or for a fee you must give the recipients all the rights that we gave you You must make sure that they
71. ckets to the ESM Multicast MAC address 01 80 63 2F FF 0B ESM Switch with the LLDP function are thus also able to exchange LLDP information with each other via devices which themselves are not LLDP capable The Management Information Base MIB of an LLDP capable ESM Switch holds out the LLDP information in the Ildp MIB and in the private salldp MIB 31007122 8 2006 121 Operation Diagnostics Displaying Display topology discovery as follows Topology Discovering the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Diagnostics gt Topology Discovery The table shows you the selected information to neighbor devices Configuration _ Operation GOn OOff Module Port Neighbour MAC Address Neighbour IP Address Neighbour Port Description Neighbour System Name 2 00 80 63 33 24 00 149 218 112 171 Slot 3 Module 2 Interface 2 TCSESMO Set Reload 4v Slow LLDP entries exclusivley Help ao 4 Click Show LLDP entries exclusively to reduce the number of topology table entries In this case the topology table hides entries of devices without active topology discovery function 122 31007122 8 2006 Operation Diagnostics Explanation If several devices are connected to a port for example via a switch the table shows concerning t
72. connected to the LAN Multicast group members reply with a report message This report message contains all parameters required by the IGMP The router records the IP multicast group address from the report message in its routing table Then the router transfers frames with this IP multicast group address in the target address field only in accordance with the routing table 92 31007122 8 2006 Traffic Control Description of GMRP Devices that no longer want to be members of a multicast group can cancel their membership with a Leave message from IGMP version 2 and they do not transmit any more report messages In IGMP versions 1 and 2 the router removes the routing table entry if it does not receive any report messages within a specified period of time aging time If there are a number of routers with an active IGMP function in the network then they work out among themselves which router carries out the query function when using IGMP version 2 If there is no router in the network a suitably equipped switch can carry out the query function A switch that connects a multicast receiver with a router can evaluate the IGMP information with the aid of the IGMP Snooping procedure IGMP Snooping translates IP multicast group addresses into MAC multicast addresses so that the IGMP functions can also be used by layer 2 switches The switch records the MAC addresses of the multicast receivers which are obtained by the IGMP snooping
73. d be taken into account when traps are being sent 6 In the Selection group box check the trap categories from which you want to send traps 112 31007122 8 2006 Operation Diagnostics Selecting Events Triggering an Alarm You can have an alarm triggered in case of the following events by selecting them in the Selection group box of the Alarms Traps dialog box Event Description Authentication The switch has rejected an unauthorized access attempt see Access for IP Addresses and Port Security dialog Cold Start The switch has been turned on Link Up The link to the device at one port of the switch has been established Link Down The link to the device at one port of the switch has been interrupted Spanning Tree The topology of the Rapid Spanning Tree has changed Chassis Chassis encompasses the following events e Power Supply The status of a supply voltage has changed see System dialog box e Signal Contact The status of the signal contact has changed To follow the event go to Signal Contact and select generate Trap e Media Module A media module has been added or removed e Memory back up adapter The Memory back up adapter has been inserted or removed e Temperature The value has been exceeded fallen below the temperature threshold Redundancy The status of the HIPER ring or the redundant coupling of HIPER rings network segments has changed
74. ds received data packets with a multicast address as the target address to all ports 5 Click the check box to switch GMRP on off globally for the entire switch If GMRP is switched off e the switch does not generate any GMRP packets e the switch does not evaluate any GMRP packets received and discards them e it sends streams received data packets with a multicast address as the target address for all ports The switch is transparent for received GMRP packets regardless of the GMRP setting 94 31007122 8 2006 Traffic Control Individual IGMP GMRP Configuration IGMP Querier IGM Enabled per Port IGM Forward All per Port Static Query Port Learned Query Port GMRP per Port The blocks below explain the individual IGMP GMRP configuration With IGMP Querier Active you can switch the query function on off The protocol check boxes allow you to select IGMP version 1 or version 2 This table column enables you to switch on off the IGMP for each port when the global IGMP is switched on When you switch off the IGMP ata port no registrations can be made for this port This column of the table allows you to switch on off the IGMP Snooping function when the global IGMP Snooping is switched on With the forward all setting the switch forwards all the data packets with a multicast address in the target address field to this port Note If you use IGMP version 1 in a subnetwork then yo
75. e EAM see p 50 Monitor Options software Swapping the In addition the System Monitor features further options in connection with your ESM e swapping the software images available e performing a cold start Software Images Swap the software images as follows Step Action Comment 1 On the start screen of the A new screen appears System Monitor select 1 Boot Operating System 2 Onthe new screen select 1 1 Swap Os images to swap the two software The memory of the ESM offers space for two images of the software Via this images available In item you can load a new version of the software without erasing the existing connection with the version swapping of the images see 2 Copy image to backup also 1 7 Via this item you can save a copy of the active software 3 Test stored images in Flash mem Via this item you can test whether the stored images in the flash memory contain valid codes 4 Test stored images in USB mem Via this item you can test whether the stored images of the software on the EAM contain valid codes 5 Apply and store selection Via this item you can apply and store the selection of the software 6 Reformat Flash file system Via this item you can reformat the flash file system 7 Cancel selection Via this item you can cancel the selection and leave this dialog without changes Performing a Perform a cold start as follows Cold Start Step Action 1
76. e main configuration file 6 Show Bootcode Information 4 Select the desired menu by typing its number 5 To leave a sub menu and to return to the main menu of the System Monitor press ESC 31007122 8 2006 13 The User Interfaces The Command Line Interface CLI Features of the CLI Interfaces to Access the CLI Abbreviating Keywords The CLI allows you to e use all device functions via a local or remote connection e provides you with a familiar environment for configuring IT devices e feed several devices with identical configuration data due to its script ability For a detailed description of the CLI refer to the reference guide Command Line Interface The CLI can be accessed using e the V 24 port out of band or e Telnet in band In the CLI you can abbreviate keywords as follows Step Action Comment 1 Type the first letters of the keyword 2 Press the TAB key The command line interface adds the remaining letters for you 14 31007122 8 2006 The User Interfaces Opening the CLI Open the CLI as follows Step Action Comment 1 Connect the device via the V 24 A window in which you are asked to interface to enter your user name appears on the a terminal screen A maximum of five users are orto a COM port of a PC with permitted to access the CLI terminal emulation according to VT 100 usi
77. e p 193 to the ESM An alternative method to assign the IP address is to use the Ethernet Switch Configurator software provided with the ESM see p 28 10 Save the settings you have made to ensure they are still available after restart see p 50 31007122 8 2006 41 Entering the IP Parameters Faulty Device Replacement Solutions for There are two plug and play solutions available for replacing a faulty ESM Faulty Device e First you can configure the new switch using an Memory back up adapter EAM Replacement see p 46 e Second you can configure the new switch using DHCP Option 82 see p 40 In both cases the same configuration data which the faulty ESM had are transferred to the new ESM during booting 42 31007122 8 2006 Loading and Saving Settings At a Glance Overview What s in this Chapter This chapter provides information concerning the loading and saving procedures for the settings you have made This chapter contains the following topics Topic Page Loading Settings 44 Saving Settings 50 31007122 8 2006 43 Loading and Saving Settings Loading Settings Sources for Loading Settings Loading from the Local Non Volatile Memory During operation the ESM enables you to load settings from the following sources e the local non volatile memory e the Memory back up adapter If a Memory back up adapter EAM is co
78. emperature C Uptime TCSESM_2FF96F Schneider TCSESM Schneider Electric HW 1 30 present Failed Ll 33 0 day s 3 10 17 Device view Set _Help iggy The table explains the Set and Reload buttons Set Reload Click the Set button to save the changes you have made to the dialogs Click the Reload button to update the system screen 18 31007122 8 2006 The User Interfaces The Tree View The figure below shows the tree view of the Web based interface All path references in the manual refer to this tree view For example Go to Basics gt System ja a a Pa S a Security oe Redundancy vrhdvanced System Network l Software B Port Configuration es H Load Save 4 Restart PIN Password SNMP access xff SNMPv1 v2 Access Telnet Web Access Port Security S Time SNTP G PTP 9 Switching z Global Vas Filter for MAC addresses iz ers Broadcast Limiter re ee Multicasts a Q VLAN 6 Global FF Current Static F Port HIPER Ring l Ring Network Coupling 5 Rapid Spanning Tree fe Global By Port Bie Diagnostic
79. estName 3 saTrapDestCommIndex 4 saTrapDestIpAddress 5 saTrapDestIpMask 6 saTrapDestState saLastAccessGroup LastIpAddr LastPort LastCommuni ticast PGroup IGMPSnoop saIGMPSnoop ty Status salGMPSnoopUnknownMode 156 31007122 8 2006 General Information 11 saRelayGroup 3 saIGMPSnoopAgingTime 10 saIGMPSnoopQueryTable 1 saIGMPSnoopQueryEntry 1 saIGMPSnoopQueryVlanIndex 2 saIGMPSnoopQueryPorts 11 saIGMPSnoopFilterTable 1 saIGMPSnoopFilterEntry 1 saIGMPSnoopFilterVlanIndex 2 saIGMPSnoopFilterAddress 3 saIGMPSnoopFilterLearntPorts 12 saIGMPSnoopForwardAllTable 1 saIGMPSnoopForwardAllEntry 1 saIGMPSnoopForwardAl1VlaniIndex 2 saIGMPSnoopForwardAllStaticPorts 13 saIGMPSnoopQueryStaticTable 1 saIGMPSnoopQueryStaticEntry 1 saIGMPSnoopQueryStaticVlanIndex 2 saIGMPSnoopQueryStaticPorts 100 saIGMPQuerierGroup 1 saIGMPQuerierStatus 2 saIlGMPQuerierMode 3 saIGMPQuerierTransmitInterval 4 saIGMPQuerierMaxResponseTim 5 saIGMPQuerierProtocolVersion 1 saRelayOption82Status 2 saRelayOptionRemoteIDType 3 saRelayOptionRemoteID 10 saRelayServerGroup 1 saRelayDHCPServerIpAddr 2 saRelayDHCPServer2IpAddr 3 saRelayDHCPServer3IpAddr 4 saRelayDHCPServer4IpAddr
80. ests DHCP or BOOTP Reply from Save IP parameter DHCP BOOTP and config file server URL locally Initialize IP stack with IP parameters 2 ESM is manageable 36 31007122 8 2006 Entering the IP Parameters The following shows part 2 of the BOOTP DHCP process Start tftp process Load remote with config configuration from file URL of DHCP URL of DHCP Start tftp process with config file URL of local configuration Load remote configuration Load transferred config file No Save transferred config file local and set boot configuration to local Load transferred config file Loading of configuration data is complete 31007122 8 2006 37 Entering the IP Parameters The ESM sends its system name to the DHCP server The DHCP server can then assign an IP address as an alternative to the MAC address by using the system name In addition to the IP address the DHCP server sends e the tftp server name if present and e the name of the configuration file if present The ESM accepts this data as configuration parameters see p 47 If an IP address has been assigned by a DHCP server it will be permanently saved in the local memory The ESM requests these DHCP options Option Meaning 1 subnet mask 2 time offset 3 router 4 time server 12 host name 66 tftp server name 67 bootfile name The special feature of DHCP i
81. f the last alarm 2 Power suppy2 Cause of the last alarm Flashing lamp that indicates an alarm 116 31007122 8 2006 Operation Diagnostics Displaying the Port Status Procedure Using You can dispaly the port status as follows the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web Based interface 3 Go to Basics gt System The figure below shows the device view 4 Point the mouse arrow at the symbols for the individual ports at the bottom of the screen As a result a box will appear which indicates the port status and other port related information 31007122 8 2006 117 Operation Diagnostics Event Counter on Port Level The Port Statistics Table The port statistics table allows experienced network administrators to identify possible problems occurring in the network This table shows you the contents of various events counters After a restart all the event counters begin at zero The counters add up the events which have been transmitted and received The following table explains the content of various event counters Counter Possible Problems Received Fragments The controller of the connected device is faulty Electromagnetic interference is injected into transfer medium CRC Errors The controller of the connected device is faulty Electromagnetic interference is injected into
82. fault setting Reset the configuration to the default settings as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Load Save 4 In the group box Delete click either current configuration or current configuration and local 5 Click Delete configuration Reset the configuration to the default settings as follows Step Action Comment 1 Connect the ESM V 24 socket to a terminal or VT 100 emulator PC using a terminal cable 2 Open the System Monitor Select 5 Erase main configuration This menu allows you to reset the switch file to its default settings The ESM saves configurations which differ from the default settings in the ESM cfg file of the flash memory 4 Press the ENTER key to delete the ESM cfg file 31007122 8 2006 49 Loading and Saving Settings Saving Settings Options for The ESM enables you to save the settings you have made Saving Settings e locally e locally and on the EAM or e toa file Saving Locally Save the current configuration data as follows and on the EAM Ste Action Using the Web 7 Based Interface 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Load Save 4 Click Local in the Save group box 5 Click Save Configuration As a result the ESM saves the current c
83. from the IP addresses in the static address table Thus the switch blocks multicast packets at those ports to which no multicast receivers are connected The GARP Multicast Registration Protocol GMRP describes how multicast information is distributed to other switches on layer 2 level Thus switches can learn multicast addresses When a multicast address is entered in the static address table the ESM sends this information to all ports This tells the connected switches to pass this multicast address on to this switch The GARP Multicast Registration Protocol GMRP describes the distribution of data packets with a multicast address as the target address Devices that want to receive data packets with a multicast address as the target address carry out the registration of the multicast address with the aid of the GMRP For a switch registration involves entering the multicast address in the filter table When a multicast address is entered in the filter table the switch sends this information ina GMRP packet to all the ports Therefore the connected switches know that they have to send this multicast address to this switch The GMRP enables packets with a multicast address in the target address field to be sent to the ports entered The other ports are not affected by these packets Data packets with unregistered multicast addresses are sent to all ports by the switch Default setting GMRP enabled Devices that do not support GMRP can be
84. g form start the Web based interface If your nttp xxx XXX XXX XXX computer is not connected to the Internet or you do not have access to the Java plug in install the version on the enclosed CD ROM For NT users and computers not connected to the Internet Cancel the installation and install the plug in from the enclosed CD ROM Start the program file j2re1_4 0 win i exe in the Java directory on the CD ROM 16 31007122 8 2006 The User Interfaces Login Screen The figure below shows the login window yess e Schneider Electric Release 1 00 Login Password x IEIET english Logging In Log in as follows Step Action Comment 1 Select the desired language Choose english or german 2 In the login pull down menu select user read access either user or admin access to access admin read and write access the switch 3 For read permission enter the Change the password from these default password public settings to protect the switch against For read write permission enter the unauthorized access password private default setting 4 Click OK The system screen appears 31007122 8 2006 17 The User Interfaces System Screen The Set and Reload Buttons The figure shows the system screen of the ESM switch Alarm 18 11 05 11 37 System Data Name Location Contact Basic module Power supply 1 2 T
85. g the version 3 0 of the WinPcap software package If an earlier version of WinPcap is already installed on the PC you must uninstall it first A newer version remains intact when you install the Ethernet Switch configurator However this cannot be guaranteed for all future versions of WinPcap If the installation of the ESC has overwritten a newer version of WinPcap you must uninstall WinPcap 3 0 and then reinstall the new version Installing the Install the WinPcap software on your PC as follows ESC Software Step Action 1 To install the ESC software on your PC start the installation program on the CD supplied with the switch and follow the instructions given by the program 2 Start the ESC program Subsequently the screen displayed below appears This figure shows the start screen of the ESC Ethernet Switch Configurator BG Fie Edit oo x a Exit Signal Properties WWW Rescan Status MAC Address Access IP Address Net Mask Default Gateway Product Name 1 00 80 63 14 DB D9 149 218 112 103 255 255 255 0 0 0 0 0 TCSES _2FF96F Click here to switch on off flashing the signal light of the selected device Aa 28 31007122 8 2006 Entering the IP Parameters General Information concerning the ESC Software Configuring your ESM Using the ESC When the ESC software is started it automatically searches the network for devices supporting the ESC pr
86. gateway TFTP Process e The TCP IP stack and tftp are installed on the tftp server 31007122 8 2006 187 Switch Function Examples Setting up the TFTP Process Tftp Installation on HP Workstations The following table shows the steps for setting up the tftp process with subsequent tables providing a breakdown according to operating system and application Step Action Comment 1 Check if the tftp daemon background Check whether the file etc inetd conf process is running contains the following line e in SunOS tftp dgram udp wait root usr etc in tftpd in tftpd s tftpboot inHP tftp dgram udp wait root usr etc in tftpd tftpd 2 Check whether the status of this process The status should be IW is IW 3 If the process is not in the file or if the related line is commented out modify etc inetd conf accordingly 4 Enter the UNIX command man tftp The command ps does not always show the tftp daemon although it is actually running The following table describes the special steps to be taken when installing tftp on HP workstations Step Action Comment 1 Enter the user tftp in the For example file etc passwd tftp 510 20 tftp server usr tftpdir bin false Where tftp user ID in the password field 510 sample user ID 20 sample group ID tftp server reely selectable designation bin false mandatory entry login shell 2 Test the tftp p
87. he Lesser General Public License In other cases permission to use a particular library in non free programs enables a greater number of people to use a large body of free software For example permission to use the GNU C Library in non free programs enables many more people to use the whole GNU operating system as well as its variant the GNU Linux operating system Although the Lesser General Public License is Less protective of the users freedom it does ensure that the user of a program that is linked with the Library has the freedom and the wherewithal to run that program using a modified version of the Library 31007122 8 2006 173 General Information Terms and Conditions The precise terms and conditions for copying distribution and modification follow Pay close attention to the difference between a work based on the library and a work that uses the library The former contains code derived from the library whereas the latter must be combined with the library in order to run Terms and conditions for copying distribution and modification are listed in this topical discussion 0 This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License also called this License Each licensee is addressed as you A library means a collection of sof
88. he MAC destination address of Lorenzo The letter then travels back to Romeo via Lorenzo in the same manner that the first letter traveled from Romeo to Juliet 31007122 8 2006 25 Entering the IP Parameters Configuring the ESM using the Command Line Interface General Information concerning the Configuration via CLI Entering the IP Parameters Using the CLI Choose this method if e you preconfigure your switch outside its operating environment or e if you have no network access to the switch Note If there is no terminal or PC with terminal emulation available in the vicinity of the installation location you can also enter the IP parameters in your working environment prior to performing the ultimate installation Enter the IP parameters using the CLI as follows Step Action Comment 1 Establish a connection to the switch following the instructions made in the step action table on p 15 Change to the privileged EXEC mode by entering enable and press ENTER Enter the password and press ENTER Press ENTER without typing the password since the default setting is no password Disable DHCP by typing network protocol none and press the ENTER key 26 31007122 8 2006 Entering the IP Parameters Configuring the Switch Using the Web Based Interface Step Action Comment 5 Enter the following IP parameters IP
89. he one line for each connected device Topology if Discovery Dialog Box e devices with active topology discovery function and e devices without active topology discovery function are connected to a port the Topology Discovery table hides the devices without active topology discovery e only devices without active topology discovery are connected to a port the table will contain one line for this port symbolically for all devices MAC addresses of devices that the Topology Discovery table hides for the sake of clarity are located in the Address table see p 89 31007122 8 2006 123 Operation Diagnostics Reports Explanation of the Various Report Types Viewing and Sending the Reports Using the Web Based Interface For diagnosis purposes the ESM allows you to use the following reports e Log File The Log File is an HTML file in which the ESM records all important switch internal events e System Information The system information in an HTML file containing all system relevant data These reports provide technicians with the information required for servicing the ESM Proceed as follows to view and open the reports Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Diagnostics gt Reports A window is opened which shows the following links e Log File e System Information Click Log File to open the HTML file in a new
90. id entries 1 second to 3600 seconds default 30 seconds 12 Click Accept SNTP Broadcasts if you want the switch to obtain the system time from SNTP broadcast multicast packages which it receives Configuration The following table shows a configuration example Example Switch 149 218 112 1 149 218 112 2 Operation On On Anycast Destination Address 224 0 1 1 224 01 1 Server VLAN ID 1 1 Anycast Send Interval 120 120 Client External Server Address 149 218 112 0 149 218 112 1 Server Reguest Interval 30 30 Accept SNTP Broadcasts No No 31007122 8 2006 81 Synchronizing the System Time of the Network Precision Time Protocol PTP Function Description of PTP The requirement for running time critical applications over a LAN is a precision time management system The IEEE 1588 standard with the Precision Time Protocol describes a procedure that is based on the reference clock principle This means that the clocks in a LAN are synchronized according to the most precise clock reference or grandmaster clock in that LAN This procedure permits synchronization of the clocks with an accuracy on the scale of hundredths of nanoseconds The synchronization messages have virtually no effect on the network load PTP uses multicast communication Factors influencing precision are e Accuracy of the Reference Clock IEEE 1588 classifies clocks according to their accurac
91. ifInUnknownProtos 16 ifOutOctets 17 ifOutUcastPkts 18 ifOutNUcastPkts 19 ifOutDiscards 20 ifOutErrors 21 ifOutOLen 22 ifSpecific 31007122 8 2006 135 General Information Address Translation Group 1 3 6 1 2 1 3 Internet Protocol Group 1 3 6 1 2 1 4 The address translation group is required for all systems It contains information about the assignment of addresses 3 at 1 atTable 1 atEntry 1 atIfIndex 2 atPhysAddress 3 atNetAddress The internet protocol group is required for all systems It contains information affecting IP switching 4 ip 1 ipForwarding 2 ipDefaultTTL 3 ipInReceives 4 ipInHdrErrors 5 ipInAddrErrors 6 ipForwDatagrams 7 ipInUnknownProtos 8 ipInDiscards 9 ipInDelivers 10 ipOutRequests 11 ipOutDiscards 12 ipOutNoRoutes 13 ipReasmTimeout 14 ipReasmRegds 15 ipReasmOKs 16 ipReasmFails 17 ipFragOKs 18 ipFragFails 19 ipFragCreates 20 ipAddrTable 1 ipAddrEntry 1 ipAdEntAddr 136 31007122 8 2006 General Information 2 ipAdEntIfIndex 3 ipAdEntNetMask 4 ipAdEntBcastAddr 5 ipAdEntReasmMaxSize 21 ipRouteTable l 1 ipRouteEntry 1 ipRouteDest 2 ipRouteIfIndex 3 ipRouteMetricl
92. ights of all others 190 31007122 8 2006 Glossary E EAM The EAM Memory back up adapter is a USB device which stores the configuration data of the ESM switch If the switch fails the configuration data can be easily transferred to another switch F FDB The forwarding database stores addresses which may be MAC addresses or network addresses against the relevant forwarding data i e port numbers G GARP GARP General Attribute Registration Protocol is a standard for registering a client station into a multicast domain GARP is an industry standard protocol defined by IEEE 802 1P GMRP GMRP GARP Multicast Registration Protocol is a General Attribute Registration Protocol GARP application that provides a constrained multicast flooding facility GMRP is an industry standard protocol defined by IEEE 802 1P 31007122 8 2006 191 Glossary ICMP IGMP ICMP Internet Control Message Protocol is TCP IP protocol used to send error and control messages For example a router uses ICMP to notify the sender that its destination node is not available IGMP Internet Group Management Protocol governs the management of multicast groups in a TCP IP network LLDP The LLDP Link Layer Discovery Protocol provides a method for switches routers and access points to advertise their identification configuration and capabilities to neighboring devices that store the data in a MIB management info
93. intained only by qualified personnel No responsibility is assumed by Schneider Electric for any consequences arising out of the use of this material 2006 Schneider Electric All Rights Reserved 31007122 8 2006 About the Book y At a Glance Document Scope Validity Note Related Documents The Schneider Electric ConneXium Industrial Ethernet Offer is comprised of a complete family of products and tools reguired to build the infrastructure of an Industrial Ethernet network The offer includes e switches hubs and transceivers e gateways e cables connectors and accessories This manual contains a device description safety instructions technical data and all the other information you need to install the ConneXium ESM Ethernet switches before you start configuring them This manual contains all the information you need to choose and configure the appropriate redundancy procedures for a ConneXium ESM Ethernet switch The data and illustrations found in this book are not binding We reserve the right to modify our products in line with our policy of continuous product development The information in this document is subject to change without notice and should not be construed as a commitment by Schneider Electric Title of Documentation ConneXium Ethernet Cabling System Managed Switch Redundancy Manual ConneXium Ethernet Cabling System Managed Switch Command Line Interface
94. is used for instantiation Example The generic object class saPSState OID 1 3 6 1 4 1 3833 1 1 14 1 2 1 3 is the description of the abstract information power supply state It is however not possible to read any information from this as the system does not know which power supply is meant Specification of the subidentifier 2 images this abstract information on the reality instantiates it which means that it refers to power supply 2 A value is assigned to this instance and can then be read The instance get 1 3 6 1 4 1 248 14 1 2 1 3 2 for example returns the response 1 which means that the power supply is ready for operation 130 31007122 8 2006 General Information MIB The following table defines the abbreviations used in the MIB Abbreviations Abbreviation Meaning Comm Group access rights Con Configuration Descr Description Fan Fan ID Identifier Lwr Lower e g threshold PS Power supply Pwr Supply voltage sys System UI User Interface Upr Upper e g threshold ven Vendor Schneider Electric The following table defines the syntax terms used in the MIB Definition an integer in the range 0 232 Syntax Definitions Term Integer IP address XXX XXX XXX XXX xxx integer in the range 0 255 MAC address 12 digit hexadecimal number in accordance with ISO IEC 8802 3 Object Identifier X X X X e g 1 3 6 1
95. is the roll name assigned to the switch Note The configuration file contains all configuration data including the password Thus note the access rights on the tftp server This table outlines the procedure to save the current configuration data to a file using the command line interface Step Action 1 Connect the ESM to a serial cable 2 Open the CLI 3 Enter the command enable to change to the privileged EXEC mode 4 Enter the command copy nvram startup config tftp 149 218 112 159 switch config dat if you want the switch to load the current configuration data from a tftp server in the connected network 31007122 8 2006 51 Loading and Saving Settings 52 31007122 8 2006 Loading Software Updates At a Glance Overview This chapter explains how to update your ESM software What s in this This chapter contains the following topics 2 Chapter Topic Page Loading Software from the EAM Memory Back up Adapter 54 Loading Software Updates from the TFTP Server 56 Loading Software Updates via HTTP 58 31007122 8 2006 53 Loading Software Updates Loading Software from the EAM Memory Back up Adapter Checking the Software Release Installed Using the Web Based Interface Loading Procedure Using the CLI Check the software release installed on your ESM as follows Step Action 1 Ope
96. llowing chapters Chapter Chapter Name Page A General Information 129 B Switch Function Examples 183 31007122 8 2006 127 Appendices 128 31007122 8 2006 General Information At a Glance Overview What s in this Chapter This chapter provides general information concerning the ESM This chapter contains the following topics Topic Page The Management Information Base MIB 130 MIB II 133 Private MIB 151 SNMP V2 Module MIB 160 RFCs 165 IEEE Standards 167 Dimension Drawings 168 General Technical Software Data 170 Switches and Accessories 171 Copyright for Integrated Software 172 31007122 8 2006 129 General Information The Management Information Base MIB MIB Description The Management Information Base MIB is designed in the form of an abstract tree structure The branching points are the object classes The leaves of the MIB are called generic object classes Wherever necessary for unambiguous identification the generic object classes are instantiated i e the abstract structure is imaged on the reality by specifying the port address or the source address Values integers time ticks counters or octet strings are assigned to these instances These values can be read and in some cases modified The object description or object ID OID identifies the object class The subidentifier SID
97. ment information scheme and object definitions for saving connection information of neighboring devices that have LLDP activated The connection information contains as its most significant element the precise and unique ID of a connection endpoint MSAP MAC Service Access Point This is composed of the MAC address of the device and a port ID that is unique to this device The contents of the connection and management information are chassis ID its MAC address port ID its port MAC address description of the port system name system description currently activated system capabilities Interface ID of the management address VLAN ID of the port status of autonegotiation on the port medium half full duplex setting and transmission speed setting of the port information about the redundancy protocol STP RSTP HIPER ring ring coupling dual homing activated at this port VLAN information concerning the port VLAN ID and VLAN name This information can be called up from a network management station With this information the network management station is able to display the topology of the network LLDP uses an IEEE MAC address for exchanging information This address is normally not routed by switches This is why switches without LLDP support drop the LLDP packets Consequently a non LLDP capable device between two LLDP capable devices prevents the exchange of LLDP information To avoid this ESM Switch send additional LLDP pa
98. mited to patent issues conditions are imposed on you whether by court order agreement or otherwise that contradict the conditions of this License they do not excuse you from the conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribute the Library at all For example if a patent license would not permit royalty free redistribution of the Library by all those who receive copies directly or indirectly through you then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Library If any portion of this section is held invalid or unenforceable under any particular circumstance the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims this section has the sole purpose of protecting the integrity of the free software distribution system which is implemented by public license practices Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system it is up to the author donor to decide if he or she is willing to distribute software through any othe
99. n RFC 790 1992 The most frequently used address classes are A B and C The following table describes IP address classification Class Net Address Host Address Address Range A 1 byte 3 bytes 1 0 0 0 to 126 255 255 255 B 2 bytes 2 bytes 128 0 0 0 to 191 255 255 255 C 3 bytes 1 bytes 192 0 0 0 to 223 255 255 255 D 224 0 0 0 to 239 255 255 255 E 240 0 0 0 to 255 255 255 255 The network address assigned by ARIN American Registry for Internet Numbers represents the fixed part of the IP address The following figure shows the bit notation of the IP address 0 31 Network address Host address The network address represents the fixed part of the IP address The worldwide leading regulatory board for assigning Internet addresses is the IANA Internet Assigned Numbers Authority If you need an IP address block contact your Internet service provider Internet service providers should contact their local higher level organization e APNIC Asia Pacific Network Information Centre Asia Pacific region e DARIN American Registry for Internet Numbers Americas and Sub Sahara Africa e LACNIC Regional Latin American and Caribbean IP Address Registry Latin America and some Caribbean Islands e RIPE NCC R seaux IP Europ ens Europe and Surrounding Regions 22 31007122 8 2006 Entering the IP Parameters The bit representation of the IP address is shown in the following fig
100. n contrast to BOOTP is that the server can only provide the configuration parameters for a certain period of time lease When the time period expires lease duration the DHCP client must attempt to renew the lease or negotiate a new one A BOOTP similar response can be set on the server i e the same IP address is always assigned to a particular client using the MAC address but this requires the explicit configuration of a DHCP server in the network If this configuration was not performed a random IP address whichever one happens to be available is assigned Default setting is DHCP enabled As long as DHCP is activated the ESM attempts to obtain an IP address If it cannot find a DHCP server after restarting it will not have an IP address To activate or deactivate DHCP refer to p 41 Below you can view an example of a DHCP configuration file 38 31007122 8 2006 Entering the IP Parameters etc dhcpd conf for DHCP Daemon subnet 149 218 112 0 netmask 255 255 240 0 option subnet mask 255 255 240 0 option routers 149 218 112 96 Host berta requests IP configuration with her MAC address host berta hardware ethernet 00 80 63 08 65 42 fixed address 149 218 112 82 Host hugo requests IP configuration with his client identifier host hugo option dhcp client identifier hugo option dhcp client identifier 00 68 75 67 6f fixed address 149 218 112 83 server name 14
101. n designated libraries and is quite different from the ordinary General Public License We use this license for certain libraries in order to permit linking those libraries into non free programs When a program is linked with a library whether statically or using a shared library the combination of the two is legally speaking a combined work a derivative of the original library The ordinary General Public License therefore permits such linking only if the entire combination fits its criteria of freedom The Lesser General Public License permits more lax criteria for linking other code with the library We call this license the Lesser General Public License because it does Less to protect the user s freedom than the ordinary General Public License It also provides other free software developers Less of an advantage over competing non free programs These disadvantages are the reason we use the ordinary General Public License for many libraries However the Lesser license provides advantages in certain special circumstances For example on rare occasions there may be a special need to encourage the widest possible use of a certain library so that it becomes a de facto standard To achieve this non free programs must be allowed to use the library A more frequent case is that a free library does the same job as widely used non free libraries In this case there is little to gain by limiting the free library to free software only so we use t
102. n the Web based interface 2 Connect the ESM with an Ethernet cable 3 Go to Basics gt Software to view the release number of the software installed on your ESM Load the software from the EAM as follows Step Action Comment 1 Connect the EAM to which you have copied the ESM software to the USB port of the ESM 2 Connect the ESM to a terminal or a VT 100 emulator using a terminal cable 3 Start the terminal program on the PC and establish a connection with the ESM 4 Reboot the ESM While the ESM is booting the following message appears on the terminal Press lt l gt to enter System Monitor Le 5 Type 1 within 1 s to start System System Monitor 1 displays the following Monitor 1 1 Select Boot Operating System 2 Update Operating System 3 Start Selected Operating System 4 End reset and reboot 5 Erase main configuration file 6 Show Bootcode Information 6 Select 2 and press the ENTER On concluding the update the System key to copy the software from the Monitor prompts you to press any key to EAM into the local memory of the continue ESM 7 Select 3 to start the new software on the ESM 54 31007122 8 2006 Loading Software Updates Loading the Software from the EAM Using a Computer Further System Like a standard USB memory stick you can also connect the EAM to an USB port of your PC and copy the ESM software to the main directory of th
103. ndex A address translation group 136 alarm illustration 116 alarms traps dialog box 72 figure 72 screenshot 112 bit notation illustration 22 BOOTP figure of system configuration using BOOTP 33 system configuration using BOOTP 31 broadcast limiter 96 description 96 setting 96 C CLI access via Telnet 14 access via V 24 14 features of the CLI 14 opening the CLI 15 cold start performing a cold start 55 configuration DHCP server option 82 40 ports 59 resetting the configuration to the default settings 49 configuration data 30 configuration procedure using the Web based interface 41 configuring the ESM using the Command Line Interface 26 contact signal description 114 copyright applying terms of 180 GNU Lesser General Public License 172 Legion of the Bouncy Castle 181 no warranty 179 terms and conditions 174 D default settings resetting the configuration to the default settings 49 destination address 24 device group 151 DHCP defined 35 options reguested during ESM configuration 38 DHCP relay agent 185 31007122 8 2006 195 Index DHCP server option 82 configuration 40 dialog box alarms traps 72 password 65 VLAN Global 107 directed frame forwarding learning addresses 88 multi address capability 88 store and forward 88 displaying the SFP status 120 dotidBridge 144 E enhancing access security 60 entering the IP parameter
104. net access 68 setting the Telnet access 68 Telnet access disabling and enabling Telnet access using the Web based or the Command Line Interface 68 tftp process HP 188 installing on HP workstations 188 setting up 187 SunOS 188 tftp server directory structure 190 flowchart for setup 189 198 31007122 8 2006 Index loading settings from the TFTP server 48 loading software updates 56 tftp server for software updates 187 tftp server setup figure 189 transfer control protocol group 139 trap destination table configuration 110 trap message definition 110 U user datagram protocol group 140 user groups group 158 V VLAN simpleVLAN example 106 VLAN Global dialog box 107 VLAN tag description 98 format 98 illustration 98 W Web access disabling and enabling Web access using the Web based or the Command Line Interface 68 Web based Interface description of Web based access 68 Web based interface 27 28 login 16 reguirements 16 setting the Web based access 68 31007122 8 2006 199 Index 200 31007122 8 2006
105. ng aserial cable and press any key see p 13 or start the CLI using Telnet 2 Type a user name The default setting for the user name is admin You can change the user name later in the CLI Note that these entries are case sensitive Press the ENTER key Type the password The default setting for the password is private You can change the password later in the CLI Note that these entries are case sensitive 5 Press the ENTER key 31007122 8 2006 15 The User Interfaces The Web Based Interface Requirements To open the Web based interface you will need a Web browser a program that can read hypertext for example Netscape Navigator Communicator version 6 0 or higher or Microsoft Internet Explorer version 5 5 or higher Enabling the The following table shows the steps to enable the Web based interface Web Based Step Action Comment Interface 1 Connect the ESM switch to an Ethernet cable Start your Web browser 3 Make sure that Java Script is active on your browser 4 Establish the connection by entering The Web based interface uses the plug the IP address of the switch with which in Java runtime environment version you want to administer the Web based 41 4 If this is not installed on your network management in the address computer an installation via the Internet field of the Web browser Enter the starts automatically the first time you address in the followin
106. nnected to the ESM the ESM always loads its configuration from the EAM e a file on the connected network default setting e default settings Note When loading a configuration do not access the switch until it has loaded the configuration file and has made the new configuration settings Depending on the complexity of the configuration settings this procedure can last between 10 200 seconds Note During restart the switch automatically loads its configuration data from the local non volatile memory provided that you have not activated BOOTP DHCP and that no EAM see EAM is connected to the switch 44 31007122 8 2006 Loading and Saving Settings Loading Settings from the Local Non Volatile Memory Using the Web Based Interface Proceed as follows in the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Load Save The figure below shows the Load Save dialog box Load o Local O from URL from URL 8 save local Load configuration Save o Local O to URL Save configuration URL tftp 192 168 1 100 product product cfg Delete o current configuration current configuration an local Delete configuration AutoConfiguration Adapter ats notPresent Set Help iggy Click Local in the group box Load
107. nse 3 You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library To do this you must alter all the notices that refer to this License so that they refer to the ordinary GNU General Public License version 2 instead of to this License If a newer version than version 2 of the ordinary GNU General Public License has appeared then you can specify that version instead if you wish Do not make any other change in these notices Once this change is made in a given copy it is irreversible for that copy so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy This option is useful when you wish to copy part of the code of the Library into a program that is not a library 31007122 8 2006 175 General Information 4 You may copy and distribute the Library or a portion or derivative of it under Section 2 in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine readable source code which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange If distribution of object code is made by offering access to copy from a designated place then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the sour
108. ntact person for this managed node along with the information about how that person is to be contacted sysName 1 3 6 1 2 1 1 5 0 ASCII string size 0 255 Read and write Is a name for this node for identifying it for administration By convention this is the fully qualified name in the domain sysLocation 1 3 6 1 2 1 1 6 0 ASCII string size 0 255 Read and write the physical location of this node e g staircase 3rd floor sysServices 1 3 6 1 2 1 1 7 0 Integer 0 127 Read This value indicates the services offered by the node It is an integral value calculated by summing 2llayer 1 for each ISO layer for which the node provides service For example A node primarily provides routing functions OSI layer 3 sysServices 271 4 A node is a host and offers application and network services OSI layers 4 and 7 sysServices 241 20 1 72 134 31007122 8 2006 General Information Interface Group The interface group contains information about the device interfaces 1 3 6 1 2 1 2 23 dzi r ab s 1 ifNumber 2 ifTable 1 ifEntry 1 ifIndex 2 ifDescr 3 ifType 4 ifMtu 5 ifSpeed 6 ifPhysAddress 7 ifAdminStatus 8 ifOperStatus 9 ifLastChange 10 ifInOctets 11 ifInUcastPkts 12 ifInNUcastPkts 13 ifInDiscards 14 if InErrors 15
109. nto MAC addresses In so doing a MAC address should be assigned to exactly one IP address Please bear in mind that when you use a router several IP addresses can be assigned to one MAC address namely that of the router This means that all packets of the router will pass the port unchecked if the permitted IP address is that of the router If a connected device sends packets with other MAC addresses and a permitted IP address the ESM will disable the port 31007122 8 2006 71 Protection from Unauthorized Access Defining IP Based Port Access Control Using the Web Based Interface Define IP based port access control as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Security Port Security The following dialog box appears Configuration 6 MAC Based Port Security OlP Based Port Security Port Allowed Current Allowed A Module Port i Status MAC Address MAC Address IP Address 0 1 1 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 1 2 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 1 3 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 1 4 enabled 00 00 00 00 00 00 00 E0 18 95 D8 61 0 0 0 0 none 2 1 enabled 00 00 00 00 00 00 00 00 00 00 00 00 0 0 0 0 none 2 2 enabled 00 00 00 00 00 00 00 00 00
110. oftware Updates eee ee eee eee 53 Loading Software from the EAM Memory Back up Adapter 54 Loading Software Updates from the TFTP Server a 56 Loading Software Updates via HTTP 0c cece eee eee eee 58 Chapter 5 Chapter 6 Chapter 7 Chapter 8 Chapter 9 Port Configuration su ss2s00iecee chet deste neiaees 59 Switching the Ports on and Off a an eee eee 60 Selecting the Operation Mode 1 0 0 0 cece tees 61 Displaying Connection Error Messages aa 62 Protection from Unauthorized Access 63 The Password for SNMP Access aaa 64 Setting the Telnet Web Based Access aaa 68 Disabling the Ethernet Switch Configurator ESC Function 70 Port Access Comro wariri Cr bees ta ne ea ae a 71 Synchronizing the System Time of the Network 75 Protocols for Synchronizing the System Time of the Network 76 Entering the System Time 0 6 0 cette eae 77 Simple Network Time Protocol SNTP 11 cece eee eee eee ee 79 Precision Time Protocol PTP 2 06 cece cece eee 82 Interaction between PTP and SNTP aaa 85 Traffic Control ss s sssssassrsas asais ad s c rases 87 Directed Frame Forwarding aaa 88 Multicast Application 11 eee 91 The Broadc st limiter s sies ciens d utt kids k Gass bear bade done tr eden 96 PriQritiZation nonen So tests Kia Pe a ee ee ee DE Pee a ae ey 97 Flow Con
111. ol 99 Description of VLANs 101 Configuring VLANs 103 Setting up VLANs 105 31007122 8 2006 87 Traffic Control Directed Frame Forwarding Directed Frame Forwarding Functions Store and Forward Multi Address Capability Learning Addresses Directed frame forwarding is a method used by the switch to avoid unnecessary increases in the network load The switch features the following directed frame forwarding functions e store and forward e multi address capability e static address entries All data received by a ESM are stored and their validity is checked Invalid and defective tagged frames gt 1522 bytes or CRC errors as well as fragments lt 64 Bytes are discarded Valid tagged frames are forward by the ESM An ESM learns all the source addresses for a port Only packets with e unknown addresses e these addresses or e amulti broadcast address in the target address field are sent to this port An ESM can learn up to 4000 addresses This becomes necessary if more than one end device is connected to one or more ports It is thus possible to connect several independent subnetworks to an ESM An ESM monitors the age of the learned addresses Address entries which exceed a certain age 30 seconds aging time are deleted by the ESM from its address table Note A reboot deletes the learned address entries 88 31007122 8 2006 Traffic Control
112. onfiguration data to the local non volatile memory and provided that an EAM is connected also to the EAM Saving Locally Save the current configuration data as follows and on the EAM M Ste Action Using the CLI P 1 Connect the ESM to a serial cable 2 Open the CLI 3 Enter the command enable to change to the Privileged EXEC mode 4 Enter the command copy system running config nvram startup config to save the current configuration data to both the local non volatile memory and to the EAM if an EAM is connected 50 31007122 8 2006 Loading and Saving Settings Saving to a File Using the Web Based Interface Configuration Data Saving to a File Using the CLI Save the configuration data to a file as follows Step Action Comment 1 Connect the ESM to an Ethernet cable Open the Web based interface Go to Basics gt Load Save Click to URL in the Save group box 5 Type in the URL edit field the path under which you want the ESM to save the configuration file 6 Click Save Configuration The URL marks the path to the tftp server on which the switch saves the configuration file The URL is written as follows tftp IP address of the tftp server path name file name e g tftp 149 218 112 5 switch contig dat To save from an ETY or NOE module the URL is tftp IPaddress RAM0 switch rolename prm where the Paddress is the IP address of the module and switch rolename
113. or ESC Function 70 Port Access Control 71 31007122 8 2006 63 Protection from Unauthorized Access The Password for SNMP Access Description of the Password for SNMP Protecting your Switch from Unwanted Access A network management station communicates with the switch via the Simple Network Management Protocol SNMP Every SNMP packet contains the IP address of the sending computer and the password under which the sender of the packet would like to access the switch MIB The switch receives the SNMP packet and compares the IP address of the sending computer and the password with the entries in the MIB of the switch If the password has the appropriate access right and if the IP address of the sending computer has been entered then the switch will allow access The default setting is that the switch can be accessed using the public read only and the private read and write passwords and their respective login names user or path from every computer Protect your switch from unauthorized access as follows Step Action 1 Define a new password which you can access from your computer with all rights 2 Treat this password with discretion as everyone who knows the password can access the switch MIB with the IP address of your computer 3 Limit the access rights of the known passwords or delete their entries 64 31007122 8 2006 Protection from Unauthorized Acces
114. ord for write access restart the Web based interface to access the ESM Note For security reasons the passwords are not displayed Note down each change You cannot access the ESM without a valid password Note For security reasons SNMP version 3 encrypts the password Enabling SNMPv1 or SNMPv2 unencrypts the password Note As many applications do not accept passwords shorter than 8 characters you should use 8characters for the password 8 To unencrypt the password go to Security gt SNMPv1 v2 Access and select SNMPv1 enabled or SNMPv2 enabled As many applications do not accept passwords shorter than 8 characters you should use 8 characters for the password in SNMP version 3 9 Go to Security gt SNMPv1 v2 The following dialog box appears SNMPv1 enabled V SNMPv2 enabled Y Index Password IP Address IP mask Access Mode Active 0 public 0 0 0 0 0 0 0 0 read only v 1 private 0 0 0 0 0 0 0 0 read write M Set Reload Create entry Delete Help o The SNMPv1 v2 dialog box allows you to select the access using SNMPv1 or SNMPv2 The default setting for SNMPv1 v2 is both protocols are enabled which allows you to communicate with earlier versions of SNMP Please note that passwords are case sensitive 66 31007122 8 2006 Protection from Unauthorized Access Step Action
115. ormation by means of the targeted distribution of multicast data packets The distribution of the multicast data packets exclusively to those ports to which the recipients of these multicast data packets are connected reduces the bandwidth required You can recognize IGMP multicast addresses by the area in which an address is located e MAC multicast address 01 00 5E 00 00 00 01 00 5E FF FF FF e IP multicast address class D 224 0 0 0 239 255 255 255 31007122 8 2006 91 Traffic Control Example of a Multicast Application Description of IGMP Snooping The cameras for machine surveillance normally transmit their images to monitors located in the machine room and in the monitoring room In an EMS IP transmission a camera sends its image data with a multicast address over the network To prevent the many images from slowing down the entire network the EMS uses the GMRP to distribute multicast address information As a result those images with a multicast address are only distributed to those ports that are connected to the associated monitors for surveillance The figure shows a multicast application example 1st floor 2nd floor Control room The Internet Group Management Protocol IGMP describes the distribution of multicast information between routers and end devices on layer 3 Routers with an active IGMP function periodically send queries to find out which IP multicast group members are
116. ort counters 31007122 8 2006 119 Operation Diagnostics Displaying the SFP Status Properties of SFP Modules module type support provided in the media module temperature in degrees Celsius transmission power in mW reception power in mW By having the SFP status displayed you can view the current connection to the SFP modules and their properties The properties include Opening the SFP Open the SFP dialog box as follows Module Dialog Box in the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Diagnostics gt Ports gt SFP modules The figure shows the SFP module dialog box Module Temperature Tx Power Rx Power Module Port a Supported INGES in mW in mW 1 3 M SFP SXLC v 42 1 7929 3 5840 o Help iggy 120 31007122 8 2006 Operation Diagnostics Topology Discovery Description of Topology Discovery IEEE 802 1AB describes the Link Layer Discovery Protocol LLDP LLDP allows users to automatically detect the topology of their LANs A device with active LLDP sends its own connection and management information to neighboring devices of the shared LAN if they have LLDP activated receives connection and management information from neighboring devices of the shared LAN if they have LLDP activated and sets up a manage
117. otocol The ESC program uses the first PC network card found If your computer has more than one network card you can select them on the toolbar of the ESC program The ESC program displays a line for each device which responds to the ESC protocol Configure the ESM as follows Step Action 1 Select the device line of the ESM 2 Click the symbol with the two green dots in the toolbar to set the LEDs for the selected device flashing To switch off the flashing click the symbol again Double click the device line of your switch to open the window displayed below In this dialog you can enter your device name as well as the IP parameters Properties for MAC Address 00 80 63 2 Name TCSES _2FF96F IP Configuration IP Address 149 218 112 102 Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 OK Cancel Enter your device name as well as your IP parameters For security reasons switch off the ESC function for the device in the Web based interface after you have assigned the IP parameters to the device see p 70 Save the settings you have made so they will still be available after restart see p 50 Note After the IP address has been entered and saved the ESM loads the local configuration settings see p 44 31007122 8 2006 29 Entering the IP Parameters Loading the System Configuration from
118. ple reflects a standard implementation of the EMS in a simple VLAN Example configuration VLAN yellow VLAN brown VLAN green ID 2 D 1 ID 3 149 218 112 208 106 31007122 8 2006 Traffic Control Specifying Rules After setting up VLANs specify the rules for data received as follows for Data i Ste Action Received p 1 Go to Switching gt VLAN gt Port 2 Specify the rules for data received in the port table e VLAN ID specifies to which VLAN a received untagged data packet is assigned to e Acceptable Frame Types determines whether data packets can also be received untagged e Ingress Filter specifies whether the received tags are evaluated 3 To save the settings you have made press Set Viewing and Delete the VLAN settings as follows Deleting the VLAN Settings Step Action 1 Go to Switching gt VLAN gt Current to view the settings The table displays all VLANs configured 2 Go to Switching gt VLAN gt Global In the dialog box shown below press the Delete button to restore all the VLAN settings of the device to default settings Version version v Max VLAND ID 4062 Max supported VLANs 256 Number of VLANs 1 5 Go to Switching gt VLAN gt Static Press the Delete button in this dialog to delete a selected row in the table 31007122 8 2006 107 Traffic Control
119. process the BOOTP Process Load boot configuration Local Default Load settings from flash memory ESM initialization ESM runs with settings from local flash Send DHCP DHCP or BOOTP BOOTE requests Reply from Save IP parameter DHCP BOOTP and config file server URL locally Initialize IP stack with IP parameters ESM is manageable 31007122 8 2006 33 Entering the IP Parameters The following figure shows part 2 of the BOOTP DHCP process Start tftp process Load remote with config Y configuration from file URL of DHCP eS URL of DHCP Start tftp process Load remote ith config file URL of configuration local configuration Load transferred config file No Save transferred config file local and set boot configuration to local Load transferred config file Loading of configuration data is complete Note The agent of the ESM does not support IEEE 802 3 frame type 34 31007122 8 2006 Entering the IP Parameters System Configuration Using DHCP General Information Configuration Procedure Using the CLI or the Web Based Interface To configure the system via DHCP Dynamic Host Configuration Protocol you need a DHCP server The DHCP server matches the configuration data to the ESM on the basis of its MAC address or its system name The DHCP responds similar to the BOOTP and offers in addition the configuration
120. r equipment damage Option 82 DHCP option 82 allows you to assign the same IP address to any device connected Application to a particular switch port The server shown in the example below must support Example option 82 ESM option 82 PLC MAC address 00 80 63 0f 7c 2e CI m m ee m m m m m m m m m m m m m m DHCP server IP 84 16 127 5 IP 84 16 127 30 HIHHHHHHHE HIHHH HHHH HAHH HHHH IP 84 16 127 30 184 31007122 8 2006 Switch Function Examples Configuring a Switch for DHCP Option 82 Step Action 1 Log in to the Web based interface see p 16 TCSESM Schneider Electric Release 1 00 Login Password Language 2 Goto Advanced gt DHCP Relay Agent Server IP Addre DHCP Option 82 Operation COn C Off 1 0 0 0 0 Type MAC e 2 0 0 0 0 Manual Value Type other 0 0 0 0 DHCP server RemotelD entry A1 04 CO A8 A8 C8 4 0 0 0 0 Type display 192 168 168 200 DHCP Relay disabled Module Port Circuit ID Option 82 on Schneider Agent 1 1 B6 06 00 00 01 00 01 01 V 1 2 B6 06 00 00 01 00 01 02 V 1 3 B6 06 00 00 01 00 01 03 v 1 4 B6 06 00 00 01 00 01 04 E O 1 5 B6 06 00 00 01 00 01 05 V 1 6 B6 06 00 00 01 00 01 06
121. r system and a licensee cannot impose that choice 178 31007122 8 2006 General Information No Warranty This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License 12 lf the distribution and or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries so that distribution is permitted only in or among countries not thus excluded In such case this License incorporates the limitation as if written in the body of this License 13 The Free Software Foundation may publish revised and or new versions of the Lesser General Public License from time to time Such new versions will be similar in spirit to the present version but may differ in detail to address new problems or concerns Each version is given a distinguishing version number If the Library specifies a version number of this License which applies to it and any later version you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation If the Library does not specify a license version number you may choose any version ever published by the Free Software Foundation 14 lf you wish to incorporate parts of the Library into other free
122. rary will still fall under Section 6 Otherwise if the work is a derivative of the Library you may distribute the object code for the work under the terms of Section 6 Any executables containing that work also fall under Section 6 whether or not they are linked directly with the Library itself 6 As an exception to the Sections above you may also combine or link a work that uses the Library with the Library to produce a work containing portions of the Library and distribute that work under terms of your choice provided that the terms permit modification of the work for the customer s own use and reverse engineering for debugging such modifications You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License You must supply a copy of this License If the work during execution displays copyright notices you must include the copyright notice for the Library among them as well as a reference directing the user to the copy of this License Also you must do one of these things 176 31007122 8 2006 General Information a Accompany the work with the complete corresponding machine readable source code for the Library including whatever changes were used in the work which must be distributed under Sections 1 and 2 above and if the work is an executable linked with the Library with the complete machine readable work that uses the Libra
123. receive it in any medium provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty keep intact all the notices that refer to this License and to the absence of any warranty and distribute a copy of this License along with the Library You may charge a fee for the physical act of transferring a copy and you may at your option offer warranty protection in exchange for a fee 2 You may modify your copy or copies of the Library or any portion of it thus forming a work based on the Library and copy and distribute such modifications or work under the terms of Section 1 above provided that you also meet all of these conditions a The modified work must itself be a software library 174 31007122 8 2006 General Information b You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change c You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License d If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility other than as an argument passed when the facility is invoked then you must make a good faith effort to ensure that in the event an application does not supply such function or table the facility still operates and performs whatever part of its
124. rface 1 Activate BOOTP to receive the configuration data in the CLI or refer to p 41 2 Change to the privileged EXEC mode by typing enable and press the ENTER key 3 Enable BOOTP by typing network protocol BOOTP and press the ENTER key 4 Perform the configuration providing the BOOTP server with the switch data listed in the block ESM Data for BOOTP Server below 5 Save the configuration performed by typing the command copy system running nvram startup config and press the ENTER key 6 Confirm that you wish to save the configuration by pressing Y 31007122 8 2006 31 Entering the IP Parameters ESM Data for BOOTP Server Provide the BOOTP server with the following ESM data etc bootptab for BOOTP daemon bootpd gw gateways ha hardware address ht hardware type ip IP address sm subnet mask tc template global gw 0 0 0 0 sm 255 255 240 0 rs2 01 ht ether net ha 008063086501 ip 149 218 17 83 tc global rs2_02 ht ether net ha 008063086502 ip 149 218 17 84 tc global Note Lines that start with a character are comment lines The lines under global make the configuration of several devices easier The template tc allows you to allocate the global configuration data tc global The direct allocation of the hardware or IP address occurs in the device lines rs2 0 32 31007122 8 2006 Entering the IP Parameters Flow Chart for This figure illustrates the BOOTP
125. rfaces The System Monitor Features of the System Monitor Data Transfer Parameters The System Monitor enables you to select the boot operating system update the operating system start the selected operating system end the System Monitor erase the saved configuration and show the boot code information The following table shows the data transfer parameters Parameter Value or Status Speed 9600 baud Data 8 bit Parity none Stopbit 1 bit Handshake off 12 31007122 8 2006 The User Interfaces Opening the System Monitor Open and the System Monitor as follows Step Action Comment 1 Connect the V 24 RJ11 socket The V 24 interface of the switch supports the to baud rates 9600 and 19200 default setting e either a terminal 9600 ora COM port of a PC with For the physical connection refer to the terminal emulation Installation User Manual according to VT 100 using a terminal cable 2 Start the terminal program on While the ESM is being booted the following the PC and establish a message appears on the terminal connection with the switch Press lt 1 gt to enter System Monitor 1 3 Type 1 within one second to Subseguently System Monitor 1 displays the start System Monitor 1 following information 1 Select Boot Operating System 2 Update Operating System 3 Start Selected Operating System 4 End reset and reboot 5 Eras
126. rmation base NTP NTP Network Time Protocol is used to update the real time clock in a computer There are numerous primary and secondary servers in the Internet that are synchronized to the international time standard Coordinated Universal Time UTC via radio satellite or modem RFC RM RFC Request For Comment is document that describes the specifications for a recommended technology RFCs are used by the Internet Engineering Task Force IETF and other standards bodies RM Redundancy Manager is a switch function which allows you to close both ends of a backbone in a line type configuration to create a redundant HIPER ring 192 31007122 8 2006 Glossary RSTP RSTP Rapid Spanning Tree protocol provides a loop free topology for any LAN Local Area Network or bridged network S SFP The SFP interface Small Form Factor Pluggable interface is an industry standard daughter card used in networking Their main advantage is that new speeds can be interfaced to an expensive network device by changing only the SFP module T TFTP The TFTP Trivial Transfer File Protocol is a version of the TCP IP FTP protocol that has no directory or password capability V VLAN VLANs Virtual Local Area Networks are logical subgroups within a local area network that is created via software rather than manually moving cables in the wiring closet 31007122 8 2006 193 Glossary 194 31007122 8 2006 I
127. rocess For example rm ESM bin cd tftpboot ESM tftp lt tftp Servername gt get ESM ESM bin 188 31007122 8 2006 Switch Function Examples Flowchart for The following flowchart summarizes the procedure for setting up the tftp server with Setup SunOS and HP Checking the tftp process Edit the file etc inetd conf Is tftp commented out Delete the comment character from this line Re initialize inetd conf by entering kill 1 PID Problems with the tftp server e g cd tftpboot ESM tftp lt tftp Servername gt Test the tftp process get ESM ESM bin Response if the process is running Received rm ESM bin Checking of the tftp process completed tftp dgram udp wait root usr etc in tftpd in tftpd tftpboot 31007122 8 2006 189 Switch Function Examples Software Access Rights Directory Structure of the Software The agent needs read permission to the tftp directory with the ESM software The following table shows the directory structure of the tftp server with stated access rights once the ESM software has been installed Filename Access TCSESM xxxxx bin 444 r r r d directory r read w write x execute 1st position designates d directory 2nd to 4th positions designate access rights of user 5th to 7th positions designate access rights of user groups 8th to 10th positions designate access r
128. ry 410 11 12 13 fox 14 24 saSys 26 saSys 27 saSys 30 saSys 2 saPSTable l 1 saPSEn 1 sa 2 sa 3 sa salfaceGroupID salfaceID salfaceStpEnable salfaceLinkType salfaceAction salfaceNextHopMacAddress salfaceFlowControl salfacePriorityThreshold salfaceName salfaceTrunkID saIfacePrioTOSEnable salIfBcastLimit salfaceUtilization salfaceUtilizationControlInterval 20 saSysChassisName 21 saSysStpEnable 22 saSysFlowControl 23 saSysBOOTPEnable DHCPI Gl nable 25 saSysTelnetEnable HTTPEnable PlugAndPlay 29 saBcastLimiterMode temT ime try PSSysID PSID PSState 5 saCurrentAddressTabl 1 saCurrentAddressEntry 1 saCurrentAddress 152 31007122 8 2006 General Information saCurrentAddressReceivePort saCurrentAddressStaticEgressPorts saCurrentAddressEgressPorts saCurrentAddressStatus saESMext saESMOperMode saESMConfigError saESMSigRelayState saSigLinkTable 1 sas sa 1 2 s ig SigLinkEntry saSigLinkID saSigLinkAlarm rapReason saSigReasonIndex saESM1 Sa ESMTopology1 saESMTopol 1 saESM 1 2 saESMI TopologyGroup ESMPartnerIpAddress Table logyEntry TopologyLinkID
129. ry as object code and or source code so that the user can modify the Library and then re link to produce a modified executable containing the modified Library It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions b Use a suitable shared library mechanism for linking with the Library A suitable mechanism is one that 1 uses at run time a copy of the library already present on the user s computer system rather than copying library functions into the executable and 2 will operate properly with a modified version of the library if the user installs one as long as the modified version is interface compatible with the version that the work was made with c Accompany the work with a written offer valid for at least three years to give the same user the materials specified in Subsection 6a above for a charge no more than the cost of performing this distribution d If distribution of the work is made by offering access to copy from a designated place offer equivalent access to copy the above specified materials from the same place e Verify that the user has already received a copy of these materials or that you have already sent this user a copy For an executable the required form of the work that uses the Library must include any data and utility programs needed for reproducing the executable from i
130. s Entering the Password for Proceed as follows to enter the password for SNMP access SNMP Access Using the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Security gt Password SNMP The dialog enables you to change the read and read write passwords for access to the ESM via the Web based interface CLI SNMP Please note that passwords are case sensitive For security reasons the read password and the read write password must not be identical The Web based interface and the user interface communicate using SNMP version 3 The following figure is displayed on the screen Select password CLI WEB SNMPv3 l Modify read only password user O Modify read write password admin New password Please retype Set o Select Modify read only password user to enter the read only password Enter the new read only password in the line New password and repeat the entry in the line Please retype 6 Select Modify read write password admin to enter the read write password 31007122 8 2006 65 Protection from Unauthorized Access Step Action 7 Enter the new read write password in the line New password and repeat the entry in the line Please retype Note If you do not know a password with read write access you will not have access to the ESM Note After changing the passw
131. s loading the system configuration from the Memory back up adapter 30 using the CLI 26 entering the IP parameters using the CLI 26 entering the system time 77 ESM login 17 ESM home page alarm 116 Ethernet Switch Configurator function disabling limiting and enabling using the Web based or the Command Line Interface 70 Ethernet Switch Configurator software installing 28 Ethernet tagged frame illustration 89 event counter on port level 118 F figure alarms traps screen 72 DHCP BOOTP configuration 36 password screen 65 flow control full duplex link 99 half duplex link 100 introduction 99 frame switching tagging 98 from the default settings 44 G general technical software data 170 generic object class 130 GMRP 91 93 H HP tftp process 188 http loading software updates 58 ICMP group 138 IEEE standards 167 IGMP 91 IGMP snooping 92 illustration Ethernet tagged frame 89 VLAN Global 107 VLAN tag 98 interface group 135 internet protocol group 136 IP address classification 22 description 22 IP address with subnetwork allocation figure 24 IP parameters 26 basics 22 entering the IP parameters using the Ethernet Switch Configurator software 28 ISO OSI 25 196 31007122 8 2006 Index L loading settings 44 from a file 47 from a file in the connected network 44 from the local non volatile memory 44 from the local non volatile memory u
132. s B 31007122 8 2006 23 Entering the IP Parameters The following figure shows an example of IP addresses with subnetwork allocation in accordance with the network mask from the above example Decimal notation 129 218 65 17 128 lt 129 lt 191 gt Class B binary notation 10000001 11011010 01000001 00010001 ISS Subnetwork 1 Network address Decimal notation 129 218 129 17 L 428 lt 129 lt 191 gt Class B binary notation 10000001 11011010 10000001 00010001 Ll Subnetwork 2 Network address Example of Network Mask Usage In a large network it is possible that gateways and routers separate the management card from its management station How does addressing work in such a case The figure below shows a management agent that is separated from its management station by a router Romeo Lorenzo Sending Data The management station Romeo wants to send data to the management agent Juliet Romeo knows Juliet s IP address and also knows that the router Lorenzo knows the way to Juliet 24 31007122 8 2006 Entering the IP Parameters Example Romeo therefore puts his message in an envelope and writes Juliet s IP address on the outside as the destination address For the source address he writes his own IP address on the envelope Romeo then places this envelope in a second one with Lorenzo s MAC address as the destination and his own MAC address as the source This process
133. s will contain the value O snmpInPkts snmpOutPkts snmpInBadVersions snmpInBadCommunityNames snmpInBadCommunityUses snmpInASNParseErrs not used snmpInTooBigs snmpInNoSuchNames snmpInBadValues snmpInReadOnlys snmpiInGenErrs snmpInTotalRegVars snmpInTotalSetVars snmpInGetRequests snmpiInGetNexts snmpInSetRequests snmpInGetResponses 140 31007122 8 2006 General Information 19 snmpInTraps 20 snmpOutTooBigs 21 snmpOutNoSuchNames 22 snmpOutBadValues 23 not used 24 snmpOutGenErrs 25 snmpOutGetRequests 26 snmpOutGetNexts 27 snmpOutSetRequests 28 snmpOutGetResponses 29 snmpOutTraps 30 snmpEnableAuthenTraps 31 snmpSilentDrops 32 snmpProxyDrops RMON Group This part of the MIB provides a continuous flow of current and historical network 1 3 6 1 2 1 16 component data to the network management The configuration of alarms and events controls the evaluation of network component counters The agents inform the management station of the evaluation result by means of traps depending on the configuration 16 rmon 1 statistics 1 etherStatsTable 1 etherStatsEntry etherStatsIndex etherStatsDataSource etherStatsDropEvents etherStatsOctets etherStatsPkts etherStatsBroadcastPkts etherStatsMulticastPkts oO t etherStatsCRCAlignErrors
134. saRingRedCplReconfig The configuration of the redundant ring network coupling changes saSNTPTrap Errors occur in connection with the SNTP protocol e g server not available saRelayDuplicateTrap A duplicate IP address is detected in connection with the DHCP Option IldpRemTablesChangeTrap This alarm message is sent if an entry in the topology table changes Note The trap coldStart is sent during every boot procedure 31007122 8 2006 111 Operation Diagnostics Configuring Configure the traps as follows Traps Using the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Diagnostics gt Alarms Traps Access this dialog with the read write password The Alarms Traps dialog allows you to specify both the events triggering an alarm trap and the persons these alarms should be sent to This figure shows the Alarms Traps dialog box Selection Address Enabled Authentication J 149 218 112 159 V Link Up Down Spanning Tree V Chassis J Redundancy V Port security a Set Reload Create entry Delete oo 4 In the IP Address column enter the IP address of a network management station which the traps should be sent to 5 In the Enabled column mark the entries which shoul
135. saved with the configuration An alarm trap can only be sent if at least one recipient is entered under Configuring Traps Using the Web Based Interface p 112 and if both the appropriate status and Port Security are marked 31007122 8 2006 73 Protection from Unauthorized Access 74 31007122 8 2006 Synchronizing the System Time of the Network 7 At a Glance Overview This chapter contains information concerning the synchronization of the system time of the network What s in this This chapter contains the following topics 2 Chapter Topic Page Protocols for Synchronizing the System Time of the Network 76 Entering the System Time 77 Simple Network Time Protocol SNTP 79 Precision Time Protocol PTP 82 Interaction between PTP and SNTP 85 31007122 8 2006 Synchronizing the System Time of the Network Protocols for Synchronizing the System Time of the Network SNTP and PTP When you synchronize the system time of the network the ESM allows you to use either the Simple Network Time Protocol SNTP or the Precision Time Protocol PTP The accuracies of both protocols differ If you only require accuracies in the order of milliseconds the Simple Network Time Protocol SNTP offers a low cost solution Areas of application of this protocol are e log entries e time stamping of production data e production control The Precision Time Protocol PTP which
136. signment of the priority number to the four priority classes is as follows Priorities Entered Priority Priority Class 0 1 normal 1 0 low 2 0 low 3 1 normal 4 2 high 5 2 high 6 3 admin 7 3 admin Strict Priority With strict priority the switch send all data packets with a higher priority level before it sends a data packet with the next lower priority level Thus the switch does not send a data packet with the next lower priority level until there are no other data packets waiting in the queue 31007122 8 2006 97 Traffic Control Tagging Setting Prioritization Using the Web Based Interface The VLAN tag is integrated into the MAC data frame for the VLAN and prioritization functions in accordance with the IEEE 802 1 Q standard The VLAN tag consists of 4 Bytes It is inserted between the source address field and the type field With VLAN tagged frames the switch evaluates e the priority information at all times e the VLAN information if VLANs have been set up Frames with VLAN tags that contain priority information but no VLAN information VLAN ID 0 are called priority tagged frames An Ethernet tagged frame with one such tag is shown in the following figure ko o 3 ir 0 PE bt o g o E o i D S5 Go 7 O D o oO 0 iL oo 2 2 x0 iz o Sir L 0 e 3 Q O o E Oo 2 kolas ae 2 o Zg sa tk a Ss 2 O o Vc EL 7S i i oo er p S t g L t os 8 gt Oc BF cy O O G
137. sing the Command Line Interface 46 from the local non volatile memory using the Web based interface 45 from the Memory back up adapter 44 46 loading settings from the tftp server 48 loading software from Memory back up adapter 54 loading the settings from a file 46 loading the system configuration from the local memory 30 from the Memory back up adapter 30 local memory loading the system configuration from the local memory 30 login screen 17 M MAC address 25 management agent figure 24 management group 154 Management Information Base MIB 130 MAU management group 150 Memory back up adapter application 30 loading settings 46 loading software 54 loading the system configuration from the EAM 30 purpose of the Memory back up adapter 30 MIB abbreviations 131 description 130 syntax 131 tree structure 132 MIB tree structure figure 132 MIB module SNMP V2 160 multicast GMRP per port 95 IGMP forward all 95 static query port 95 multicast application description 91 example of an application 92 multicasting 93 N network mask assigning devices to subnetworks 23 figure 23 O object class 130 object description 130 object ID 130 operation diagnosis diagnosis dialog 124 reports 124 operation mode selecting 61 option 82 example 184 P password 30 dialog box 65 port access control defining MAC based port access control 73 description 71 IP based port access
138. t The following figure shows a flow control example et ag Ha Port 1 7 Port 2 Switch Port 4 Port 3 _ _ _ _ ll ll C EU Workstation 1 Workstation 2 Workstation 3 Workstation 4 Full Duplex Link In the above example there is a full duplex link between workstation 2 and the switch Before the send gueue of Port 4 overflows the switch sends a reguest to workstation 2 to include a small break in the sending transmission 31007122 8 2006 99 Traffic Control Half Duplex Link Setting Flow Control in the Web Based Interface In the above example there is a half duplex link between workstation 2 and the switch Before the send queue of port 4 overflows the switch sends data so that workstation 2 detects a collision and thus interrupts the transmission You can set flow control as follows in the web based interface Step Action 1 Connect the ESM to an Ethernet cable Open the Web based interface Go to Basics Port Configuration AJON Enable flow control for a particular port by checking Flow Control for the appropriate port number Go to Switching gt Global This dialog enables you to e switch off flow control at all ports or e switch on flow control at all ports which have been selected for flow control in the configura
139. t However as a special exception the materials to be distributed need not include anything that is normally distributed in either source or binary form with the major components compiler kernel and so on of the operating system on which the executable runs unless that component itself accompanies the executable It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system Such a contradiction means you cannot use both them and the Library together in an executable that you distribute 7 You may place library facilities that are a work based on the Library side by side in a single library together with other library facilities not covered by this License and distribute such a combined library provided that the separate distribution of the work based on the Library and of the other library facilities is otherwise permitted and provided that you do these two things a Accompany the combined library with a copy of the same work based on the Library uncombined with any other library facilities This must be distributed under the terms of the sections above 31007122 8 2006 177 General Information b Give prominent notice with the combined library of the fact that part of it is a work based on the Library and explaining where to find the accompanying uncombined form of the same work 8 You may not copy modify sublicense
140. t the server is switched on After the Telnet server has been switched off the ESM can no longer be accessed using a Telnet connection Note The Telnet server may be reactivated using the CLI or the Web based interface via Security lt Telnet Web Access The Web server of the ESM allows you to configure the ESM using the Web based interface You can switch off the Web server to prevent Web access to the ESM The default setting is that the server is switched on After the Web server has been switched off the ESM can no longer be accessed using a Web browser Note The Web server may be reactivated using the CLI You can disable and enable Telnet or Web access as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web Based interface 3 Go to Security gt Telnet Web Access 4 Switch off on the server to which you wish to disable enable access 68 31007122 8 2006 Protection from Unauthorized Access Enabling and Disabling Telnet Access Using the Command Line Interface CLI Enabling and Disabling Web Based Access Using the CLI You can enable and disable Telnet access as follows Step Action Connect the ESM to a serial cable Open the CLI Enter the command enable to change to the privileged EXEC mode Enter the command transport input telnet to switch on the Telnet server GO AJ O N
141. ter booting 58 31007122 8 2006 Port Configuration At a Glance Overview This chapter provides information concerning the port configuration procedure What s in this This chapter contains the following topics 2 Chapter Topic Page Switching the Ports On and Off 60 Selecting the Operation Mode 61 Displaying Connection Error Messages 62 31007122 8 2006 59 Port Configuration Switching the Ports On and Off Enhancing Access Security In the the default setting is all ports are switched on To enhance access security switch off the ports which you do not wish to connect Procedure Using Switch the ports on and off as follows the Web Based Step Action Interface 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Port Configuration 4 Select in the column Port On the ports which a device will be connected to 60 31007122 8 2006 Port Configuration Selecting the Operation Mode Default Settings The default setting for all ports is Auto negotiation mode Procedure Using Change to Auto negotiation mode as follows the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable Open the Web based interface Go to Basics gt Port Configuration 2 3 4 If the device connected to this port requires a fixed setting
142. the transfer medium There is a faulty component in the network Collisions The controller of the device is faulty The network expansion is too big or the line is too long A packet has collided with an interference signal 118 31007122 8 2006 Operation Diagnostics Opening the Open the statistics table as follows Statistics Table Dialog in the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Diagnostics gt Ports Statistics The figure shows the Statistics table Module Port Transmitted Recelved Recelved Recelved Detected Detected Packets Packets a Packets Octets Fragments CRC errors Collisions 64 bytes 65 to 127 bytes ackels 1 1 0 0 0 0 0 0 0 0 4 4 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 3 3 0 0 0 0 0 0 0 0 3 3 0 0 0 0 0 0 0 0 3 3 0 0 0 0 0 0 0 0 3 3 0 0 0 0 0 0 0 0 4 4 0 0 0 0 0 0 0 0 4 4 0 0 0 0 0 0 0 0 4 4 0 0 0 0 0 0 0 0 4 4 0 0 0 0 0 0 0 0 5 5 676091 274384 274384 0 0 0 377820 214446 5 5 266919 2030742 1208661399 0 0 0 664755 385734 5 5 0 0 0 0 0 0 0 0 5 5 0 0 0 0 0 0 0 0 O CD Hel iggy Resetting Port Reset port counters as follows Counters Using Ste Action the Web Based p Interface 1 Go to Basics gt Restart 2 Click Reset p
143. tion after saving the VLAN configuration If you assign the port to the VLAN with ID 1 you can always ensure that the management station data can be sent To set up VLANs you first specify the desired VLANs in the desired static VLAN table Static After setting up VLANs you specify the rules for received data in the port table Port Use the Delete button to restore all the default VLAN settings of the device default settings Save the VLAN configuration to ensure it is effective after restart and then restart the switch 31007122 8 2006 103 Traffic Control Note The 256 VLANs available can use any VLAN ID in the range of 1 to 4042 Note In the HIPER ring with VLANs you should select only operate devices with the software that supports this function Note In the HIPER ring configuration select for the ring ports e VLAN ID 1 and Ingress Filtering are disabled in the port table and e VLAN affiliation U in the static table Note In the Ring Network coupling configuration select for the coupling and partner coupling ports e VLAN ID 1 and Ingress Filtering disabled in the port table and e VLAN affiliation U in the static table 104 31007122 8 2006 Traffic Control Setting up VLANs Setting up Set up VLANs as follows Procedure Using the Web Based Interface Step Action 1 Connect the ESM to an Ethernet cable 2 Open
144. tion table 100 31007122 8 2006 Traffic Control Description of VLANs VLANs A virtual LAN VLAN consists of a group of network subscribers in one or more network segments which can communicate with each other as if they belonged to the same LAN VLANs are based on logical instead of physical links and are flexible elements in the network design The biggest advantage of VLANs is the fact that they permit the formation of user groups based on their subscriber function and not on their physical location or medium Since broadcast multicast data packets are transmitted exclusively within a virtual LAN the remaining data is not affected The VLAN function is defined in the IEEEE 802 1Q standard The maximum number of VLANs is limited by the structure of the VLAN tag to 4094 see figure in p 98 The following figure shows a VLAN application example VLAN Yellow ESM VLAN Green eo I VLAN Yellow VLAN Green VLAN Green oe 31007122 8 2006 101 VLAN Yellow Traffic Control VLAN Keywords Keywords used in association with VLANs are Ingress Rule Ingress rules stipulate how incoming data are to be handled by the switch Egress Rule Egress rules stipulate how outgoing data are to be handled by the switch VLAN Identifier The assignment to a VLAN is executed using VL
145. too receive or can get the source code If you link other code with the library you must provide complete object files to the recipients so that they can re link them with the library after making changes to the library and recompiling it And you must show them these terms so they know their rights We protect your rights with a two step method 1 we copyright the library and 2 we offer you this license which gives you legal permission to copy distribute and or modify the library 172 31007122 8 2006 General Information To protect each distributor we want to make it very clear that there is no warranty for the free library Also if the library is modified by someone else and passed on the recipients should know that what they have is not the original version so that the original author s reputation will not be affected by problems that might be introduced by others Finally software patents pose a constant threat to the existence of any free program We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder Therefore we insist that any patent license obtained for a version of the library must be consistent with the full freedom of use specified in this license Most GNU software including some libraries is covered by the ordinary GNU General Public License This license the GNU Lesser General Public License applies to certai
146. troles Sater hates Buh aie E ana Sateen este Maa tae Sas 99 Description of VLANs eee eee eee 101 Configuring VLANS aaa 103 setting up VEANSH ete ted area la tan eat abi ka ia ae bas 105 Operation Diagnostics a 109 Sending Traps fs s kts a he eno ote a ritu tate fie emcee os 110 Contact Signal si canis S sti due ba eae Aste ee ao ako a tS 114 Displaying the Port Status 0 2 ects 117 Event Counter on Port Level aaa 118 Displaying the SFP Status 0 0 0 0 cece ae 120 Topology Discovery aaa 121 Reports avanti Ga Se Slaktera pa ee is SB A dejas el gg 124 Monitoring Port Traffic 0 2 aaa 125 Appendices Appendix A Appendix B Glossary Index A oy sn atc Ge Costi asas ga de jaa aed esas 127 General Information cece e ee eee eee 129 The Management Information Base MIB 200 0c eee eee eee ee 130 MIB Las d betel dente us identity Sato nisi S 133 Privat MIB sia anien step Pau t s n a ais meta 151 SNMP V2 Module MIB 0 00 cece 160 REGSia eesti fate Stan T cy ee ne C ee te ss 165 IEEE Standards 3 eon ksi heed alan a Breitners Poke had 167 Dimension Drawings aaa 168 General Technical Software Data a 170 Switches and Accessories 0000 cette eee 171 Copyright for Integrated Software 1 0 aaa 172 Switch Function Examples eee eee ee eee 183 Setting Up the DHCP Server for Option 82 00 0 c eee eee
147. tware functions and or data prepared so as to be conveniently linked with application programs which use some of those functions and data to form executables The library below refers to any such software library or work that has been distributed under these terms A work based on the Library means either the Library or any derivative work under copyright law that is to say a work containing the Library or a portion of it either verbatim or with modifications and or translated straightforwardly into another language Hereinafter translation is included without limitation in the term modification Source code for a work means the preferred form of the work for making modifications to it For a library complete source code means all the source code for all modules it contains plus any associated interface definition files plus the scripts used to control compilation and installation of the library Activities other than copying distribution and modification are not covered by this License they are outside its scope The act of running a program using the Library is not restricted and output from such a program is covered only if its contents constitute a work based on the Library independent of the use of the Library ina tool for writing it Whether that is true depends on what the Library does and what the program that uses the Library does 1 You may copy and distribute verbatim copies of the Library s complete source code as you
148. u must also use IGMP version 1 in the entire network Note If a number of routers are connected to a subnetwork you must use IGMP version so that all the routers receive all the IGMP reports A switch sends IGMP report messages to the ports at which it receives IGMP queries This column allows you to also send IGMP report messages to other selected ports A switch sends IGMP report messages to the port at which it receives IGMP queries This column displays the ports on which the switch has received IGMP queries This table column enables you to switch on off the GMRP for each port when the global GMRP is switched on When you switch off the GMRP at a port no registrations can be made for this port and GMRP packets cannot be sent out of this port Note If the switch is connected to a HIPER ring you can ensure in case of a ring interruption quick reconfiguration of the network for data packets with registered multicast target addresses by e switching on the IGMP both at the ring port and globally and e switching on the IGMP Forw All per port on the port rings 31007122 8 2006 95 Traffic Control The Broadcast Limiter Description of the Broadcast Limiter Setting the Broadcast Limiter in the Web Based Interface To guarantee reliable data exchange during high broadcast traffic the switch can limit broadcast traffic By entering a number for each port you can set the
149. ublic License for more details You should have received a copy of the GNU Lesser General Public License along with this library if not write to the Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Also add information on how to contact you by electronic and paper mail You should also get your employer if you work as a programmer or your school if any to sign a copyright disclaimer for the library if necessary Here is a sample alter the names Yoyodyne Inc hereby disclaims all copyright interest in the library Frob a library for tweaking knobs written by James Random Hacker lt signature of Ty Coon gt 1 April 1990 Ty Coon President of Vice That s all there is to it 180 31007122 8 2006 General Information The Legion Of The Bouncy Castle Copyright c 2000 The Legion Of The Bouncy Castle http www bouncycastle org Permission is hereby granted free of charge to any person obtaining a copy of this software and associated documentation files the Software to deal in the Software without restriction including without limitation the rights to use copy modify merge publish distribute sublicense and or sell copies of the Software and to permit persons to whom the Software is furnished to do so subject to the following conditions The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software
150. ure Class A 0 NetID 7 bits Host ID 24 bits B 1 0 Net ID 14 bits Host ID 16 bits C 1 1 0 Net ID 21 bits Host ID 8 bits D o Multicast Group ID 28 bits E 1 1 1 1 reserved for future use 28 bits All IP addresses belong to class A when their first bit is a zero i e the first decimal number is 126 or less The IP address belongs to class B if the first bit is 1 and the second bit is 0 i e the first decimal number is between 128 and 191 The IP address belongs to class C if the first two bits are a 1 i e the first decimal number is higher than 191 Assigning the host address host ID is the responsibility of the network operator who is solely responsible for the uniqueness of the assigned IP addresses Network Mask Routers and gateways subdivide large networks into subnetworks The network mask assigns the individual devices to particular subnetworks The subdivision of the network into subnetworks is performed in much the same was as IP addresses are divided into classes A to C net ID The bits of the host address host ID that are to be shown by the mask are set to one The other host address bits are set to zero in the network mask see the following example The following figure shows an example of a network mask Decimal notation 255 255 192 0 Binary notation 11111111 11111111 11000000 00000000 Subnetwork mask bits Clas
151. use network components routers switches which do not support SNTP in the signal path between the SNTP server and the SNTP client 31007122 8 2006 79 Synchronizing the System Time of the Network Configuring Configure the SNTP as follows SNTP Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Goto Time gt SNTP The figure below shows the SNTP dialog Configuration SNTP Client and Servem Configuration SNTP Server Anycast destination address 0 0 0 0 e Operation On Off i lt VLAN ID 0 Anycast send interval s 0 SNTP Status Configuration SNTP Client External server address 0 0 0 0 Redundant server address 0 0 0 0 Status message Server request interval s 0 Accept SNTP Broadcasts v Set ao 4 In the Configuration SNTP Client and Server group box switch the SNTP function on or off When it is switched off the SNTP server does not send any SNTP packages and does not reply to any SNTP requests The SNTP client does not send any SNTP requests and does not interpret any broadcast multicast packages 5 Go to the SNTP Status group box to view server conditions under Status message such as Server cannot be reached 6 Go to the Configuration SNTP Server group box and enter under Anycast destination address the IP
152. utoNegRemoteSignaling 4 ifMauAutoNegConfig 5 ifMauAutoNegCapability 6 ifMauAutoNegCapAdvertised 7 ifMauAutoNegCapReceived 8 ifMauAutoNegRestart 150 31007122 8 2006 General Information Private MIB Overview The private MIB is for configuring the device specific properties of the ESM The groups below are implemented in the ESM from the private MIB saConfiguration OID 1 3 6 1 4 1 3833 1 1 14 saChassis OID 1 3 6 1 4 1 3833 1 1 14 1 saAgent OID 1 3 6 1 4 1 3833 1 1 14 2 saUserGroup OID 1 3 6 1 4 1 3833 1 1 1 4 3 saRingRedundancy OID 1 3 6 1 4 1 3833 1 1 14 5 saProducts OID 1 3 6 1 4 1 3833 1 1 14 10 Device Group The device group contains information on the status of the ESM hardware 14 saConfiguration 1 saChassis 1 saSystemTable 1 saSysProduct 2 saSysVersion 4 saSysGroupMap 6 saSysMaxFan 7 saSysGroupModu 8 saSysModulePor 1 saSysGroup 9 saSysGroupTable 3 saSysGroupCapacity 5 saSysMaxPowerSupply leCapacity tCapacity Entry 1 saSysGroupID 2 saSysGroupType 3 saSysGroupDescription 4 saSysGroupHwVersion 5 saSysGroupSwVersion 6 saSysGroupModuleMap 7 saSysGroupAction 8 saSysGroupActionResult 11 saInterfaceTable 31007122 8 2006 151 General Information 1 salfEnt
153. wing for the inaccuracy of the local clock relative to the reference clock 82 31007122 8 2006 Synchronizing the System Time of the Network The figure illustrates delay and jitter problems when synchronizing clocks Reference ae Local Master clock Slace clock PTP PTP UDP i i UDP Delay Jitter Delay Jitter P IP To get around the delay and jitter in the protocol stack IEEE 1588 recommends inserting a special hardware time stamp unit between the MAC and the PHY layer Devices or modules with the name supplement RT are equipped with a time stamp unit The delay and jitter in the LAN increases in the media and transmission devices along the transmission path The cable delays are relatively constant Changes occur very slowly This fact is taken into account by IEEE 1588 So measurements and calculations are performed on a regular basis IEEE ignores the inaccuracy caused by device delays and device jitter by defining boundary clocks Boundary clocks are clocks that are integrated into the devices These clocks are synchronized on one side of the signal path and on the other side of the signal path they are used to synchronize the subsequent clocks ordinary clocks The following figure illustrates how a boundary clock works GPS PLC Reference ED Grandmaster Clock i Ordinary Clock Switch
154. x larmiInterval larmVariable larmSampleType larmValue larmStartupAlarm larmRisingThreshold larmFallingThreshold larmRisingEvent Index alarmFallingEvent Index alarmOwner alarmStatus Table eventEntry ventIndex ventDescription ventT ype Community ven ventLastTimeSent ventOwner ventStatus logEntry 1 ogEventIndex ogIndex 31007122 8 2006 143 General Information 3 logTime 4 logDescription 19 probeConfig 15 smonCapabilities 22 switchRMON 1 smonMIBObjects 1 dataSourceCaps 1 dataSourceCapsTable 1 dataSourceCapsEntry 1 dataSourceCapsObject 2 dataSourceRmonCaps 3 dataSourceCopyCaps 4 dataSourceCapsIfIndex 3 portCopyConfig 1 portCopyTable 1 portCopyEntry 1 portCopySource 2 portCopyDest 3 portCopyDestDropEvents 4 portCopyDirection 5 portCopyStatus dotidBridge This part of the MIB contains bridge specific objects 1 3 6 1 2 1 17 17 dotldBridge 1 dot1dBase 1 dot1dBaseBridgeAddress 2 dotldBaseNumPorts 3 dot1dBaseType 4 dotlidBasePortTable 1 dotldBasePortEntry 1 dotldBasePort 2 dotldBasePortIfIndex 3 dotldBasePortCircuit 4 dot1dBasePortDelayExceededDiscards 144 31007122 8 2006 General Information
155. y 1000 MBit s max 3 5 us 100 MBit s max 4 5 us 100 MBit s max 19 us MAC address table up to 8000 entries Static Address Filter up to 100 entries in RM redundancy manager mode 0 unicast entries VLAN The following table shows the VLAN related technical data of the ESM VLAN Data VLAN ID 1 to 4062 Number of VLANs max 256 simultaneously per switch Number of VLANs max 256 simultaneously per port Number of VLANs with GMRP VLAN 1 max 256 simultaneously per switch Number of VLANs with GMRP VLAN 1 max 256 simultaneously per port 170 31007122 8 2006 General Information Switches and Accessories Scope of Delivery Order Numbers The delivery comprises CD ROM selected switch version terminal block for supply voltage and signal contact description and manuals Part Number Description 4 Port Version TCSESM043F23F0 4 10 100 TX Managed TCSESM043F 1CU0 3 10 100 TX 1 100 FX MM Managed TCSESM043F2CU0 2 10 100 TX 2 100 FX MM Managed TCSESM043F1CS0 3 10 100 TX 1 100 FX SM Managed TCSESM043F2CS0 2 10 100 TX 2 100 FX SM Managed 8 Port Version TCSESM083F23F0 8 10 100 TX Managed TCSESM083F1CU0 7 10 100 TX 1 100 FX MM Managed TCSESM083F2CU0 6 10 100 TX 2 100 FX MM Managed TCSESM083F1CS0 7 10 100 TX 1 100 FX SM Managed TCSESM083F2CS0 6 10 100 TX 2 100 FX SM Managed TCSESM083F2CX
156. y An algorithm that measures the accuracy of the available clocks in the network determines the most accurate time for the grandmaster clock The following table explains what some stratum numbers stand for Stratum Number Specification 0 To assign for temporary special purposes a better value to one clock than to all other clocks within the network 1 Designates the clock with the highest precision as the reference clock A stratum 1 clock can be both a boundary and an ordinary clock Stratum 1 clocks include GPS clocks and calibrated atomic clocks A stratum 1 clock cannot be synchronized using PTP from another clock in the PTP system 2 Designates the clock as the second choice reference clock and cannot be synchronized using PTP from another clock in the PTP system 3 Designates the clock that can synchronize other devices using an external cable as the reference clock 4 Designates the clock as the reference clock 5 254 Reserved 255 Default Setting Such a clock should never be the best master clock e Cable Delays Device Delays The communication protocol defined by IEEE 1588 allows you to measure cable delays Formulas for calculating the current time eliminate delays e Accuracy of Local Clocks The communication protocol defined by IEEE 1588 takes into account the inaccuracy of local clocks relative to the reference clock Calculation formulas permit the synchronization of local time allo
157. ystem Configuration Using the Web Based Interface Configuration Procedure Using the Web Based Interface Perform the configuration as follows Step Action 1 Connect the ESM to an Ethernet cable 2 Open the Web based interface 3 Go to Basics gt Network The figure below shows the Network dialog box Mode BOOTP DHCP MAC address 00 80 63 51 F5 00 DHCP C BOOTP system name PM m t fast KO7 c DHCP Local Local Agent IP address 149 218 17 14 Netmask 255 255 240 0 Gateway address 149 218 20 96 VLAN ID 1 Ethernet Switch Configurator Software Operation On Off Access read write Sel o 4 Under Mode select where the ESM receives its IP parameters from Inthe BOOTP mode the configuration parameters are assigned via a BOOTP or DHCP server on the basis of the MAC address of the ESM Inthe DHCP mode the configuration parameters are assigned via a DHCP server on the basis of the MAC address or the name of the ESM Inthe Local Mode the net parameters in the ESM memory are used Enter the parameters according to the mode selected In the System Name line enter the system name applicable to the DHCP protocol In the Local frame assign an Agent IP address a Netmask and a Gateway Address to the ESM In the VLAN ID group box you can assign a VLAN se
Download Pdf Manuals
Related Search