Basic Configuration: Industrial ETHERNET (Gigabit-)Switch .

2y ago
17 Views
3 Downloads
3.64 MB
284 Pages
Last View : 18d ago
Last Download : 2m ago
Upload by : Warren Adams
Transcription

User ManualBasic ConfigurationIndustrial ETHERNET (Gigabit-)SwitchPowerMICE, MACH 4000UM BasicConfig L3ERelease 8.0 05/2013Technical Supporthttps://hirschmann-support.belden.eu.com

The naming of copyrighted trademarks in this manual, even when not specially indicated, shouldnot be taken to mean that these names may be considered as free in the sense of the trademarkand tradename protection law and hence that they may be freely used by anyone. 2013 Hirschmann Automation and Control GmbHManuals and software are protected by copyright. All rights reserved. The copying, reproduction,translation, conversion into any electronic medium or machine scannable form is not permitted,either in whole or in part. An exception is the preparation of a backup copy of the software foryour own use. For devices with embedded software, the end-user license agreement on theenclosed CD/DVD applies.The performance features described here are binding only if they have been expressly agreedwhen the contract was made. This document was produced by Hirschmann Automation andControl GmbH according to the best of the company's knowledge. Hirschmann reserves the rightto change the contents of this document without prior notice. Hirschmann can give no guaranteein respect of the correctness or accuracy of the information in this document.Hirschmann can accept no responsibility for damages, resulting from the use of the networkcomponents or the associated operating software. In addition, we refer to the conditions of usespecified in the license contract.You can get the latest version of this manual on the Internet at the Hirschmann product site(www.hirschmann.com).Printed in GermanyHirschmann Automation and Control GmbHStuttgarter Str. 45-5172654 NeckartenzlingenGermanyTel.: 49 1805 141538Rel. 8.0 - 05/2013 – 02.05.2013

ContentsContentsAbout this Manual9Key11Introduction131Access to the user interfaces151.1System Monitor161.2Command Line Interface191.3Graphical User Interface222Entering the IP Parameters252.1IP Parameter Basics2.1.1 IP Address (Version 4)2.1.2 Netmask2.1.3 Classless Inter-Domain Routing272728322.2Entering IP parameters via CLI342.3Entering the IP Parameters via HiDiscovery372.4Loading the system configuration from the ACA392.5System configuration via BOOTP412.6System Configuration via DHCP462.7System Configuration via DHCP Option 82492.8Graphical User Interface IP Configuration502.9Faulty Device Replacement533Loading/saving settings553.1Loading settings3.1.1 Loading from the local non-volatile memory3.1.2 Loading from a file3.1.3 Resetting the configuration to the default settings3.1.4 Loading from the AutoConfiguration Adapter3.1.5 Using the offline configurator565758606162UM BasicConfig L3ERelease 8.0 05/20133

Contents3.2Saving settings3.2.1 Saving locally (and on the ACA)3.2.2 Saving in a binary file or a script file on a URL3.2.3 Saving to a binary file on the PC3.2.4 Saving as a script on the PC3.2.5 Saving as an offline configuration file on the PC6565676868693.3Configuration Signature704Loading Software Updates714.1Loading the Software manually from the ACA4.1.1 Selecting the software to be loaded4.1.2 Starting the software4.1.3 Performing a cold start737475764.2Automatic software update by ACA774.3Loading the software from the TFTP server794.4Loading the Software via File Selection814.5Bootcode Update via TFTP4.5.1 Updating the Bootcode file82825Configuring the Ports836Assistance in the Protection from UnauthorizedAccess896.1Protecting the device906.2Password for SNMP access6.2.1 Description of password for SNMP access6.2.2 Entering the password for SNMP access9191926.3Telnet/internet/SSH access6.3.1 Description of Telnet Access6.3.2 Description of Web Access (http)6.3.3 Description of SSH Access6.3.4 Switching Telnet/Internet/SSH access on/off6.3.5 Web access through HTTPS9696969798996.4Restricted Management Access1026.5HiDiscovery Access6.5.1 Description of the HiDiscovery Protocol6.5.2 Enabling/disabling the HiDiscovery function1051051054UM BasicConfig L3ERelease 8.0 05/2013

Contents6.6Port access control6.6.1 Description of the port access control6.6.2 Application Example for Port Access Control1061061076.7Port Authentication IEEE 802.1X6.7.1 Description of Port Authentication according toIEEE 802.1X6.7.2 Authentication Process according to IEEE 802.1X6.7.3 Preparing the Device for theIEEE 802.1X Port Authentication6.7.4 IEEE 802.1X Settings1091091106.8Access Control Lists (ACL)6.8.1 Description of prioritizing with ACLs6.8.2 Description of IP-based ACLs6.8.3 Description of MAC-based ACLs6.8.4 Configuring IP ACLs6.8.5 Configuring MAC ACLs6.8.6 Configuring Priorities with IP ACLs6.8.7 Specifying the Sequence of the Rules6.8.8 ACLs for Layer 4 fragments1121131141151171191191211226.9Login Banner1247Synchronizing the System Time in the Network7.1Setting the time1267.2SNTP7.2.1 Description of SNTP7.2.2 Preparing the SNTP Configuration7.2.3 Configuring SNTP1281281291307.3Precision Time Protocol7.3.1 Description of PTP Functions7.3.2 Preparing the PTP Configuration7.3.3 Application Example1331331391417.4Interaction of PTP and SNTP1468Network Load Control8.1Direct Packet Distribution8.1.1 Store and Forward8.1.2 Multi-Address Capability8.1.3 Aging of learned MAC addresses8.1.4 Entering Static Addresses8.1.5 Disabling the Direct Packet DistributionUM BasicConfig L3ERelease 8.0 05/20131101111251491501501501511521535

Contents8.2Multicast Application8.2.1 Description of the Multicast Application8.2.2 Example of a Multicast Application8.2.3 Description of IGMP Snooping8.2.4 Setting IGMP Snooping8.2.5 Description of GMRP8.2.6 Setting GMRP1551551561571581631658.3Rate Limiter8.3.1 Description of the Rate Limiter8.3.2 Rate limiter settings1671671688.4QoS/Priority8.4.1 Description of Prioritization8.4.2 VLAN tagging8.4.3 IP ToS / DiffServ8.4.4 Management prioritization8.4.5 Handling of Received Priority Information8.4.6 Handling of traffic classes8.4.7 Setting prioritization1691691701721751751761788.5Flow Control8.5.1 Description of Flow Control8.5.2 Setting the Flow Control1851851878.6VLANs8.6.1 VLAN Description8.6.2 Examples of VLANs1881881899Operation Diagnosis9.1Sending Traps9.1.1 List of SNMP traps9.1.2 SNMP Traps when Booting9.1.3 Configuring Traps2042052062079.2Monitoring the Device Status9.2.1 Configuring the Device Status9.2.2 Displaying the Device Status2092102119.3Out-of-band Signaling9.3.1 Controlling the Signal Contact9.3.2 Monitoring the Device Status via the Signal Contact9.3.3 Monitoring the Device Functions via the SignalContact9.3.4 Monitoring the Fan212213213Port Status Indication2189.46203214215UM BasicConfig L3ERelease 8.0 05/2013

Contents9.5Event Counter at Port Level9.5.1 Detecting Non-matching Duplex Modes9.5.2 TP Cable Diagnosis9.5.3 Port Monitor9.5.4 Auto Disable2202212232252279.6Displaying the SFP Status2299.7Topology Discovery9.7.1 Description of Topology-Detection9.7.2 Displaying the Topology Discovery Results2302302319.8Detecting IP Address Conflicts9.8.1 Description of IP Address Conflicts9.8.2 Configuring ACD9.8.3 Displaying ACD2332332342349.9Detecting Loops2359.10 Reports2369.11 Monitoring Data Traffic on the Ports (Port Mirroring)2389.12 Syslog2429.13 Event Log2459.14 MAC Notification246ASetting up the Configuration EnvironmentA.1Setting up a DHCP/BOOTP Server248A.2Setting up a DHCP Server with Option 82254A.3TFTP Server for Software UpdatesA.3.1 Setting up the TFTP ProcessA.3.2 Software Access Rights258259262A.4Preparing access via SSHA.4.1 Generating a keyA.4.2 Loading a key onto the deviceA.4.3 Access through an SSH263263265265A.5HTTPS Certificate268UM BasicConfig L3ERelease 8.0 05/20132477

ContentsBGeneral InformationB.1Management Information Base (MIB)270B.2Abbreviations used273B.3Technical Data274B.4Readers’ Comments275CIndex277DFurther Support2818269UM BasicConfig L3ERelease 8.0 05/2013

About this ManualAbout this ManualThe “Basic Configuration” user manual contains the information you need tostart operating the device. It takes you step by step from the first startupoperation through to the basic settings for operation in your environment.The following thematic sequence has proven itself in practice: Set up device access for operation by entering the IP parameters Check the status of the software and update it if necessary Load/store any existing configuration Configure the ports Set up protection from unauthorized access Optimize the data transmission with network load control Synchronize system time in the network Perform an operation diagnosis Store the newly created configuration in the non-volatile memoryThe “Installation” user manual contains a device description, safetyinstructions, a description of the display, and the other information that youneed to install the device.The “Redundancy Configuration” user manual document contains theinformation you require to select the suitable redundancy procedure andconfigure it.The “Industry Protocols” user manual describes how the device is connectedby means of a communication protocol commonly used in the industry, suchas EtherNet/IP and PROFINET IO.UM BasicConfig L3ERelease 8.0 05/20139

About this ManualThe “Routing Configuration User Manual” document contains the informationyou need to start operating the routing function. It takes you step-by-stepfrom a small router application through to the router configuration of acomplex network.The manual enables you to configure your router by following the examples.The “GUI” reference manual contains detailed information on using thegraphical interface to operate the individual functions of the device.The “Command Line Interface” reference manual contains detailedinformation on using the Command Line Interface to operate the individualfunctions of the device.The Industrial HiVision Network Management Software provides you withadditional options for smooth configuration and monitoring: Simultaneous configuration of multiple devicesGraphical user interface with network layoutAuto-topology discoveryEvent logEvent handlingClient/server structureBrowser interfaceActiveX control for SCADA integrationSNMP/OPC gateway. MaintenanceHirschmann is continually working to improve and develop our software.You should regularly check whether there is a new version of the softwarethat provides you with additional benefits. You will find softwareinformation and downloads on the product pages of the Hirschmannwebsite.10UM BasicConfig L3ERelease 8.0 05/2013

KeyKeyThe designations used in this manual have the following meanings: ListWork stepSubheadingLinkNote:Cross-reference with linkA note emphasizes an important fact or draws your attention to a dependency.Courier ASCII representation in user interfaceExecution in the Graphical User InterfaceExecution in the Command Line InterfaceSymbols used:WLAN access pointRouter with firewallSwitch with firewallRouterSwitchUM BasicConfig L3ERelease 8.0 05/201311

KeyBridgeHubA random computerConfiguration ComputerServerPLC Programmable logiccontrollerI/O Robot12UM BasicConfig L3ERelease 8.0 05/2013

IntroductionIntroductionThe device has been developed for use in a harsh industrial environment.Accordingly, the installation process has been kept simple. Thanks to theselected default settings, you only have to enter a few settings before startingto operate the device.Note: The changes you make in the dialogs are copied into the volatilememory of the device when you click on "Set".To save the changes to the device into permanent memory, select the savinglocation in the Basic Settings:Load/Save dialog box and click on "Save".UM BasicConfig L3ERelease 8.0 05/201313

Introduction14UM BasicConfig L3ERelease 8.0 05/2013

Access to the user interfaces1 Access to the user interfacesThe device has 3 user interfaces, which you can access via differentinterfaces: System monitor via the V.24 interface (out-of-band) Command Line Interface (CLI) via the V.24 connection (out-of-band) aswell as Telnet or SSH (in-band) Graphical User Interface via Ethernet (in-band).UM BasicConfig L3ERelease 8.0 05/201315

Access to the user interfaces1.1 System Monitor1.1 System MonitorThe system monitor enables you to select the software to be loaded perform a software update start the selected software shut down the system monitor delete the configuration saved and display the boot code information. Starting the System MonitorPrerequisites Terminal cable for connecting the device to your PC (available as anoptional accessory). PC with VT100 terminal emulation (such as PuTTY) or serial terminalPerform the following work steps: Use the terminal cable to connect the V.24 port of the device with the“COM” port of the PC. Start the VT100 terminal emulation on the PC. Define the following transmission parameters:– Speed: 9600 Baud– Data: 8 bit– Parity: None– Stopbit: 1 bit– Flow control: NoneSpeedDataParityStopbitHandshakeTable 1:169,600 Baud8 bitNone1 bitOffData transfer parametersUM BasicConfig L3ERelease 8.0 05/2013

Access to the user interfaces1.1 System Monitor Start the terminal program on the PC and set up a connection with thedevice.When you boot the device, the message"Press 1 to enter System Monitor 1"appears on the terminal. Device Name(Boot) Release: 1.00 Build: 2005-09-17 15:36 Press 1 to enter System Monitor 1 .1Figure 1: Screen display during the boot processUM BasicConfig L3ERelease 8.0 05/201317

Access to the user interfaces1.1 System Monitor Press the 1 key within one second to start system monitor 1.System Monitor(Selected OS: L3P-06.0.00 (2010-09-09 09:09))12345Select Boot Operating SystemUpdate Operating SystemStart Selected Operating SystemEnd (reset and reboot)Erase main configuration filesysMon1 Figure 2: System monitor 1 screen display Select a menu item by entering the number. To leave a submenu and return to the main menu of system monitor 1,press the ESC key.18UM BasicConfig L3ERelease 8.0 05/2013

Access to the user interfaces1.2 Command Line Interface1.2 Command Line InterfaceThe Command Line Interface enables you to use the functions of the devicevia a local or remote connection.The Command Line Interface provides IT specialists with a familiarenvironment for configuring IT devices.The script compatibility of the Command Line Interface enables you, amongother things, to feed multiple devices with the same configuration data, tocreate and use partial configurations, or to compare 2 configurations using 2script files.You will find a detailed description of the Command Line Interface in the“Command Line Interface” reference manual.You can access the Command Line Interface via: the V.24 port (out-of-band) Telnet (in-band) SSH (in-band)Note: To facilitate making entries, the CLI gives you the option ofabbreviating keywords. Type in the beginning of a keyword. When you pressthe tab key, the CLI finishes the keyword.UM BasicConfig L3ERelease 8.0 05/201319

Access to the user interfaces1.2 Command Line Interface Opening the Command Line Interface Connect the device to a terminal or to a “COM” port of a PC usingterminal emulation based on VT100, and press any key (see onpage 16 “System Monitor”) orcall up the Command Line Interface via Telnet.A window for entering the user name appears on the screen.Up to 5 users can access the Command Line Interface.Copyright (c) 2004-2010 Hirschmann Automation and Control GmbHAll rights reservedPowerMICE Release L3P-06.0.00(Build date 2010-09-09 12:13)System Name:Mgmt-IP:1.Router-IP:Base-MAC:System 10-09-09 13:14:15User:Figure 3: Logging in to the Command Line Interface program Enter a user name. The default setting for the user name is admin .Press the Enter key. Enter the password. The default setting for the password is private .Press the Enter key.You can change the user name and the password later in theCommand Line Interface.Please note that these entries are case-sensitive.The start screen appears.20UM BasicConfig L3ERelease 8.0 05/2013

Access to the user interfaces1.2 Command Line InterfaceNOTE: Enter '?' for Command Help. Command help displays all optionsthat are valid for the 'normal' and 'no' command forms. Forthe syntax of a particular command form, please consult thedocumentation.(Hirschmann Product) Figure 4: CLI screen after loginUM BasicConfig L3ERelease 8.0 05/201321

Access to the user interfaces1.3 Graphical User Interface1.3 Graphical User InterfaceThe user-friendly graphical user interface gives you the option of operatingthe device from any location in the network via a standard browser such asMozilla Firefox or Microsoft Internet Explorer.As a universal access tool, the Web browser uses an applet whichcommunicates with the device via the Simple Network Management Protocol(SNMP).The graphical user interface allows you to graphically configure the device. Opening the Graphical User InterfaceTo open the graphical user interface, you need a Web browser, forexample Mozilla Firefox version 3.5 or later, or Microsoft Internet Explorerversion 6 or later.Note: The graphical user interface uses Java 6 or Java 7.Install the software from www.java.com. Start your Web browser. Activate Java in the security settings of your Web browser. Establish the connection by entering the IP address of the devicewhich you want to administer via the Web-based management in theaddress field of the Web browser. Enter the address in the followingform:http://xxx.xxx.xxx.xxxThe login window appears on the screen.22UM BasicConfig L3ERelease 8.0 05/2013

Access to the user interfaces1.3 Graphical User InterfaceFigure 5: Login window Select the desired language. In the drop-down menu, you select– user, to have read access, or– admin, to have read and write accessto the device. The password “public”, with which you have read access, appears inthe password field. If you wish to have write access to the device, thenhighlight the contents of the password field and overwrite it with thepassword “private” (default setting). Click on OK.The website of the device appears on the screen.Note: The changes you make in the dialogs are copied to the devicewhen you click on “Write”. Click on “Load” to update the display.Note: You can block your access to the device by entering an incorrectconfiguration.Activating the function “Cancel configuration change” in the “Load/Save”dialog enables you to return automatically to the last configuration after aset time period has elapsed. This gives you back your access to thedevice.UM BasicConfig L3ERelease 8.0 05/201323

Access to the user interfaces241.3 Graphical User InterfaceUM BasicConfig L3ERelease 8.0 05/2013

Entering the IP Parameters2 Entering the IP ParametersWhen you install the device for the first time enter the IP parameters.The device provides the following options for entering the IP parametersduring the first installation: Entry using the Command Line Interface (CLI).You choose this “out of band” method if you preconfigure your device outside its operating environment, or you need to restore network access (“in-band”) to the device Entry using the HiDiscovery protocol.You choose this “in-band” method on a previously installed networkdevice or if you have another Ethernet connection between your PC andthe device Configuration using the AutoConfiguration Adapter (ACA).You choose this method if you are replacing a device with a device of thesame type and have already saved the configuration on anACA. Using BOOTP.You choose this “in-band” method to configure the installed device usingBOOTP. You need a BOOTP server for this method. The BOOTP serverassigns the configuration data to the device using its MAC address. TheDHCP mode is the default mode for the configuration data reference, setthe parameter to the BOOTP mode for this method. Configuration via DHCP.You choose this “in-band” method to configure the install

The “Basic Configuration” user manual contains the information you need to start operating the device. It takes you step by step from the first startup . from a small router application through to the router configuration of a complex network. The manual enables you to configure your router by following the examples.

Related Documents:

principles of network operation and management. Under the Open Systems Interconnection (OSI) model, Ethernet is fundamentally a Layer 1 and 2 protocol. 10 Gigabit Ethernet retains key Ethernet architecture, including the Media Access Control (MAC) protocol, the Ethernet frame format, and the minimum and maximum frame size. Just as Gigabit Ethernet,

Forty-eight 10/100/1000 Ethernet ports 4 mini Gigabit Interface Converter (mini-GBIC) slots (shared with 4 Ethernet ports) for fiber Gigabit Ethernet expansion IEEE 802.3af PoE delivered over any of the forty-eight 10/100/1000 ports 15.4W available power to a Gigabit Ethernet po

Figure 4 demonstrates the use of the Cisco 1-Port 10 Gigabit Ethernet WAN Service Module as part of the Cisco IWAN solution. At the regional office, the Cisco 6-Port Gigabit Ethernet WAN Service Module aggregates the sub-rate Gigabit Ethernet WAN connections from different Internet service providers (ISPs). The remote branch-office

They provide 24 and 48 Gigabit Ethernet ports, with Power over Ethernet/Power over Ethernet Plus (PoE/PoE ) support and four Gigabit Ethernet SFP or two 10 Gigabit Ethernet Small Form-Factor Pluggable Plus (SFP ) uplinks. 2.1.2. Cisco ASA 5505 Firewalls: Cisco A

Wireless AC3200 Tri Band Gigabit Cloud Router Wireless AC3150 Ultra-WiFi Gigabit Cloud Router Wireless AC1900 Gigabit Cloud Router Wireless AC1750 Gigabit Cloud Router Wireless AC1750 High-Power Gigabit Router Wireless AC1200 Gigabit Cloud Router Wireless Technology Tri Band Wireless AC (5300

Cisco Catalyst 2950 &' * &' * Fast Ethernet Gigabit Ethernet Catalyst 2950 &' * &' * (Quality of Service QoS) (Multicast) LAN Catalyst 2950 Catalyst 3550 &' * IP &' * Catalyst 2950 Cisco Cluster Management Suite (CMS) Web & Catalyst &' * Cisco CMS &' * &' Cisco Catalyst 2950 &' &' Catalyst 2950G-48 -48 10/100 2 Gigabit (Gigabit Interface Converter, GBIC) Gigabit

Cisco IE-3010-24TC: Rugged Industrial Ethernet switch with 24 10/100BASETX ports and 2 dual-purpose Gigabit Ethernet uplinks. The dual-purpose Gigabit Ethernet uplinks consist of two 10/100/1000BASETX ports and two 100/1000 SFP ports on board. The user can select two fiber ports, two copper ports, or a combination of fiber and copper ports

22 Ethernet Standards: IEEE 802.3 802.3 Now encompasses – Original 802.3: 10BASE-T 10BASE-5 10BASE-2 10BROAD-36 – 802.3u Fast Ethernet: 100BASE-TX 100BASE-FX 100BASE-T4 – 802.3x: Flow Control – 802.3z Gigabit Ethernet: 1000BASE-SX / -LX / -CX 802.3ab Copper Gigabit Ethernet: 1000BASE-T 802.3ac