Manuale d’uso / di manutenzione del prodotto TL-SG2008 del fabbricante TP-Link
Vai alla pagina of 153
TL-SG2008 8-Port Gigabit Smart Switch REV1.0.0 1910010984.
I COPYRIGHT & TRADEMARKS S pecifications ar e subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., L TD. Other brands and product names are trademarks or registered trademarks of t heir respective holders.
II Safety Information z When product has power button, the power button is one of the way to shut off the product; When there is no power button, the only way to co mpletely shut off power is to disconnect the product or the power adapter from the power source.
III CONTENTS Package C ontent s ............................................................................................................... ........... 1 Chapter 1 About this G uide..................................................................
IV 5.1.1 Port C onfig ....................................................................................................... 28 5.1.2 Port Mi rror .......................................................................................................
V 8.1.1 Snooping Config .............................................................................................. 79 8.1.2 Port C onfig ....................................................................................................... 80 8.1.
VI 10.3.2 Port Bi nding ................................................................................................... 11 3 10.3.3 VLAN Bi nding ................................................................................................. 11 3 10.
1 Package Content s The following items should be found in your box: ¾ One TL-SG2008 8-Port Gigabit Smart Switch ¾ One power adapter ¾ Four rubber cushions ¾ Quick In stallation Guide ¾ Resource CD for TL-SG2008 switch, including: • This User Guide • Other Helpful Information Note: Make sure that the package contains the above it ems.
2 Chapter 1 About this Guide This User Guide contains in formation for setup and managem ent of TL-SG2008 8-Port Gigabit Smart Switch. Please read this guide carefully before operation. 1.1 Intended Readers This Guide is intended for network managers fam iliar with IT concepts and network terminologies.
3 Chapter Introduction Chapter 4 System This module is used to confi gure system properties of the switch. Here mainly introduces: z System Info: Configure the description, system time and network parameters of the switch.
4 Chapter Introduction Chapter 9 QoS This module is used to confi gure QoS function to provide different quality of service for va rious network applications and requirements. Here mainly introduces: z Diff Se rv: Co nf igu re priorities, port prio rity , 802.
5 Chapter 2 Introduction Thanks for choosing the TL-SG2008 8-Port Gigabit Smart Switch! 2.1 Overview of the Switch Designed for workgroups and departments, TL-SG2008 from TP-LINK provides wire-speed performance and full set of layer 2 management featur es.
6 The following parts are lo cated on the front panel of the switch: ¾ Reset: Press this button for five seconds or above to reset the sof tware setting back to factory default setting. ¾ LEDs Name Statu s Indication On(Green) The switch is powered on.
7 Chapter 3 Login to the Switch 3.1 Login 1) T o access the configurat ion utility , open a web-browser and type in the default address http://192.168.
8 Figure 3-3 Main Setup-Menu Note: Clicking Apply can only make the new conf igurati ons effective before the switch is rebooted. If you want to keep the configur ations effective even the swit ch is rebooted, please click Save Config .
9 Chapter 4 System The System module is mainly for system confi guration of the switch, including four submenus: System Info , User Management, System T ools and Access Security .
10 Figure 4-2 Port Information ¾ Port Info Port: Displays the port number of the switch. Ty p e : Displays the type of the port. Rate: Displays the maximum trans mission rate of the port. Statu s: Displays the connection status of the po rt. Click a port to display the bandwidth utilization on th is port.
11 Figure 4-4 Device Description The following entries are displayed on this screen: ¾ Device Description Device Name: Enter the name of the switch. Device Location: Enter the location of the switch. System Cont act: Enter your contact information. 4.
12 ¾ Time Config Manual: When this option is selected, you can set the date and time manually . Get Time from NTP Server: When this option is selected, y ou can configure the time zone and the IP Address for th e NTP Se rver . The switch will get UTC automatically if it has connected to an NTP Server .
13 Predefined Mode: Select a predefined DST configuration. z USA: Second Sunday in Marc h, 02:00 ~ First Sunday in November , 02:00. z Australia: First Sunday in Oct ober , 02:00 ~ First Sunday in April, 03:00. z Europe: Last Sunday in Marc h, 01:00 ~ Last Sunday in October , 01:00.
14 ¾ IP Config MAC Address: Displays MAC Address of the switch. IP Address Mode: Select the mode to obtain IP Address for the switch. z S tatic IP: When this option is selected, you should enter IP Address, Subnet Mask and Default Gateway manually .
15 Figure 4-8 User T able 4.2.2 User Config On this page you can configure the access level of the user to log on to the Web management page. The switch provides two access levels : Guest and Admin. The guest only can view the settings without the right to conf igure the switch; the admin can c onfigure all the functions of the switch.
16 Confirm Password: Retype the password. Password Display Mode: z Simple : Select a simple password display mode. z Cipher : Select a cipher password display mode. ¾ User T able Select: Select the desired entry to delete the corresponding user information.
17 Note: 1. It will take a few minutes to restore the c onfiguration. Please wait without any operation. 2. T o avoid any damage, please don’t power down the switch while being restored. 3. After being restored, the current settings of the switch will be lost.
18 Figure 4-12 Firmware Upgrade Note: 1. Don’t interrupt the upgrade. 2. Please select the proper software version matching with your hardware to upgrade. 3. T o avoid damage, please don't turn off the device while upgrading. 4. After upgrading, the devic e will reboot automatically .
19 Figure 4-14 System Reset Note: After the system is reset, the sw itch will be reset to the default an d all the settings will be cleared. 4.4 Access Security Access Security provides different security m easures for the remote l ogin so as to enhance the configuration management securi ty.
20 ¾ Access Control Config Control Mode: Select the control mode for users to log on to the W eb management page. z Disable : Disable the access control function. z IP-based: Select this option to limit the IP-range of the users for login. z MAC-based: Select this option to limit the MAC Ad dress of the users for login.
21 default the switch has a certific ate (self-signed certificate) and a corresponding private key. The Certificate/Key Download func tion enables the user to r eplace the default key pair. After SSL is effective, you can log on to the Web management page via https://192.
22 4. It may take more time for https connection than that for http connection, because https connection involves auth entication, encryption and decryption etc. 4.4.3 SSH Config As stipulated by IFTF (Internet E ngineering T ask Force), SSH (Secure Shell) is a security protocol established on application and transpor t layers.
23 Idle Timeou t: S pecify the idle timeout time. The system will automatically release the connection when the time is up. The default time is 120 seconds. Max Connect: S pecify the maximum number of the connections to the SSH server . No new connection will be established when the number of the connections reaches t he maximum number you set.
24 2. Click the Open button in the above figure to log on to the switch. Enter the login user name and password, and then you can conti nue to configure the switch. Application Example 2 for SSH: ¾ Network Requirements 1. Log on to the switch via key authentication using SSH and the SSH functio n is enabled on the switch.
25 Note: 1. The key len gth is in the range of 256 to 307 2 bits. 2. During the key generation, rand omly moving the mouse quickly can accelerate the key generation. 2. After the key is successfu lly generated, please save the p ublic key and private key to the computer .
26 3. On the W eb managem ent page of the switch, download the public key file saved in the computer to the switch. Note: 1. The key typ e should accord with the type of the key file.
27 After successful authentication, pl ease enter the login user name. If you log on to the switch without entering password, it indicates t hat the key has been successfully downloaded.
28 Chapter 5 Switching Switching module is used to conf igure the basic functi ons of the switch, in cluding four submenus: Port , LAG , T raffic Monitor and MAC Address .
29 Duplex mode with the switch. When “Auto” is selected, the S peed and Duplex mode will be deter mined by auto-negotiation. For the SFP port, this switch does not support auto-negotiation. Flow Control: Allows you to Enable/Disable t he Flow Control feature.
30 Click Edit to display the following figure. Figure 5-3 Port Mirror Config The following ent ries are displaye d on this screen: ¾ Mirror Group Number: Select the mirror group number you want to configure. ¾ Mirroring Port Mirroring Port: Select the mirroring port number .
31 Note: 1. The LAG member can not be selected as the mirrored port or mirroring port. 2. A port can not be set as the mirrored port and the mirroring port simultaneously .
32 Max Learned MAC: S pecify the maximum number of MAC addresses that can be learned on the port. Learned Num: Displays the number of MAC addr esses that have been learned on the port.
33 ¾ Port Isolation Config Port: Select the port number to set its forwardlist. Forward Portlist: Select the port that to be forwarded to. ¾ Port Isolation List Port: Display the port number .
34 Automatic Recovery Tim e : T ime after which the blocked port would automatically recover to normal status. It can be set as int egral times of detection interval. Web Re fresh St atus: Here you can enable or disable web automatic refresh. Web Refresh Interval: Set a web refresh interval between 3 and 100 seconds.
35 If the LAG is needed, you are sugges ted to configure the LAG functi on here b efore configuring the other functions for the member ports. Tips: 1. Calculate the bandwidth for a LAG: If a LAG consi.
36 Group Number: Displays the LAG number here. Description: Displays the description of LAG . Member: Displays the LAG member . Operation: Allows you to view or modify the information for each LAG . • Edit: Click to modify the settings of the LAG . • Detail: Click to get the information of the LAG .
37 ¾ LAG Config Group Number: Select a Group Number for the LAG . Description: Displays the description of the LAG . ¾ Member Port Member Port: Select the p ort as the LAG member . Clearing all the ports o f the LAG will delete this LAG . Tips: 1. The LAG can be deleted by clearing its all member ports.
38 Figure 5-10 LACP Config The following ent ries are displaye d on this screen: ¾ Global Config System Priority : S pecify the system priority for the switch. The system priority and MAC address constitute the system identification (ID). A lower system priority value indicates a higher system priority .
39 LAG: Displays the LAG number which the port belongs to. 5.3 T raffic Monitor The T raffic Monitor function, monitoring the traffic of each p ort, is implemented on the Tr a f f i c Summary and T raffic St atistics pag es .
40 Octets Rx: Displays the number of octets received on the port. The error octets are counted in. Octet s Tx: Displays the number of octe ts transmitted on the port. St atistics: Click the St atistics button to vie w the detailed traf fic statistics of the port.
41 Broadcast: Displays the number of good broadcast packet s received o r transmitted on the port. The erro r frames are not counted in. Multicast: Displays the number of good mu lticast packets received o r transmitted on the port. The erro r frames are not counted in.
42 Ty p e Configuration Wa y Aging out Being kept af ter reboot (if the configuration is saved) Relationship between the bound MAC address and the port Dynamic Address T able Automatically learning Y es No The bound MAC address can be learned by the other ports in the same VLAN.
43 z Filtering: This option allows the addr ess t able to display the filtering address entries only . ¾ Address T able MAC Address: Displays the MAC addres s learned by the switch. VLAN ID: Displays the correspondi ng VLAN ID of the MAC address. Port: Displays the correspondi ng Port number of the MAC address.
44 ¾ Search Option Search Option: Select a Search Option from the pull-down list and click the Search button to find your desired entry in the S tatic Address T able. • MAC: Enter the MAC address of your desired entry . • VLAN ID: Enter the VLAN ID number of your desired entry .
45 Figure 5-15 Dynamic Address The following ent ries are displaye d on this screen: ¾ Aging Config Auto Aging: Allows you to Enable/Disable t he Auto Aging feature.
46 Tips: Setting aging time properly helps implement effect ive MAC address aging. The aging time that is too long or too short results decreas es the performance of the switch. If the aging time is too long, excessive invalid MAC address entries maintained by the switch may fill up the MAC address table.
47 ¾ Filtering Address T able Select: Select the entry to delete the co rresponding filtering address. It is multi-optional. MAC Address: Displays the filtering MAC Address. VLAN ID: Displays the correspondi ng VLAN ID. Port: Here the symbol “__” ind icates no specified port.
48 Figure 5-17 Network diagram of DHCP For different DHCP clients, DHCP server pr ovides three IP address assigning methods: (1) Manually assign the IP address: Allows the adm inistrator to bind the static IP address to a specific client (e.g.: WWW Server) via the DHCP server .
49 packet and broadcast the DHCP-REQUEST packet which includes the assigned IP address of the DHCP-OFFER packet. ( 4 ) DHCP-ACK Stage: Since the DHCP-REQUEST packet is broadcasted, all DHCP servers on the network segment can rece ive it. However , only the re quested server processes the request.
50 Figure 5-20 DHCP Filteri ng The following entries are displayed on this screen: ¾ DHCP Filtering DHCP Filtering: Enable/Disable the DHCP Fi ltering function globall y . ¾ T rusted Port Here you can select the desired port(s) to be Tr usted Port(s).
51 Chapter 6 VLAN The traditional Ethernet is a data network communication technology based on CSMA/CD (Carrier Sense Multiple Access/Collision Detect) vi a shared communication medium.
52 6.1 802.1Q VLAN VLAN tags in the packet s are necessary for the sw itch to identify packets of dif ferent VLANs. The switch works at the data link layer in OSI model and it can identify the data link layer encapsulation of the packe t only , so you can add the VLAN tag field into the data link layer encapsulation for identification.
53 ingress port belongs to, this packet will be dropped. When the VLAN-tagged packets are forwarded by the T agged port, its VLAN t ag will not be changed.
54 Figure 6-3 VLAN T able T o ensure the normal communication of the factory sw itch, the default VLAN of all ports is set to VLAN1. VLAN1 cannot be modified or deleted. The following ent ries are displaye d on this screen: ¾ VLAN Create VLAN ID : Enter the VLAN ID you want to create.
55 Unt agged: The port will be an untagged member of the specific VLAN if you select it. T agged: The port will be an tagged member of the specific VLAN if you select it. NotMember: The port will not be a member of t he specific VLAN if you select it.
56 ¾ Configuration Procedure z Configure Switch A Ste p Operation Description 1 Configure the Link T ype of the ports Required. On VLAN → 802.1Q VLAN → VLAN Config page, configure the link type of Port 2, Port 3 and Port 4 as Untagged, T agged and Untagged respectively 2 Create VLAN10 Required.
57 Chapter 7 S p anning T ree STP (S panning T ree P rotocol), subject to IEEE 802 .1 D standard, is to disbranch a ring netwo rk in the Data Link layer in a local netwo rk.
58 Figure 7-1 Basic STP diagram ¾ STP T imers Hello T ime: Hello T ime ranges from 1 to 10 seconds. It specifie s the interval to send BPDU p ackets. It is used to test the links. Max. Age: Max. Age ranges from 6 to 40 sec onds. It specifies the maximum time the switch can wait without receiving a BPDU before attempting to reconfigure.
59 z Comparing BPDUs Each switch sends out configur ation BPDUs and receives a confi guration BPDU on one of its ports from another switch. The following t abl e shows the comparing operations.
60 RSTP (R apid S pa nning T ree Pr otoco l), ev olved from th e 802 .1D STP stan dard, enable Ethernet ports to transit their states rapidl y . The premises for the port in the RSTP to tr ansit its state rapidly are as follows.
61 Figure 7-2 Basic MSTP diagram ¾ MSTP MSTP divides a network into several MST r egions. The CST is generat ed between these MST regions, and multiple spanning trees can be gener ated in each MST region. Each spanning tree is called an instance. As well as STP , MSTP us es BPDUs to generate sp anning tree.
62 Figure 7-3 Port roles The S panning T ree module is mainly for spanning tree configuration of the switch, including four submenus: STP Config , Port Config , MSTP Inst ance and STP Security . 7.1 STP Config The STP Config function, for global configuration of spanning trees on the switch, can be implemented on STP Config and STP Summary p ages.
63 The following entries are displayed on this screen: ¾ Global Config STP: Select Enable/Disable STP f unction globally on the switch. V ersion: Select the desired STP version on the switch. z STP: S panning Tree Protocol. z RSTP: Rapid S panning Tr ee Protocol.
64 7.1.2 STP Summar y On this page you can view the related parameters for S panning T ree function. Choose the menu Sp anning T ree → STP Config → STP S ummary to load the following page.
65 The following entries are displayed on this screen: ¾ Port Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select the desired port for STP conf iguration. It is multi-optional.
66 z Disconnected: In this status the port is not pa rticipating in the STP . LAG: Displays the LAG number which the port belongs to. Note: 1. Configure the ports con nected directly to terminals as edge port s and enable the BPDU protection function as well.
67 Figure 7-8 Instance Config The following entries are displayed on this screen: ¾ Inst ance T able Inst ance ID Select: Click the Select button to quick-select the corresponding Instance ID based on the ID number you entered. Select: Select the desired Instance ID for c onfiguration.
68 Inst ance ID: Enter the corresponding instance ID. 7.3.3 Inst ance Port Config A port can play different roles in different sp anni ng tree instance. On this page you can configure the parameters of the port s in di fferent instance IDs as well as view sta tus of the ports in the specified instance.
69 Note: The port status of one port in dif ferent spanning tree instances can be different. Global configuration Procedure for S panning T ree function: Ste p Operation Description 1 Make clear roles the switches play in spanning tree instances: root bridge or designated bridge Preparation.
70 ¾ Root Protect A CIST and its secondary root bridges are usually located in the high-bandwidth core region. Wrong configuration or malicious attacks may resu lt in configuration BPD U p ackets wit.
71 Figure 7-10 Port Protect The following entries are displayed on this screen: ¾ Port Protect Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select the desired port for port protect configuration.
72 Figure 7-1 1 TC Protect The following entries are displayed on this screen: ¾ TC Protect TC Threshold: Enter a number from 1 to 100. It is the maximum number of the TC-BPDUs received by the switch in a TC Protect Cycle. The default value is 20. TC Protect Cycle: Enter a value from 1 to 10 to s pecify the TC Protect Cycle.
73 ¾ Configuration Procedure z Configure Switch A: Ste p Operation Description 1 Configure ports On VLAN → 802.1Q VLAN page, configure the link type of the related ports as T agged, and add the ports to VLAN101-VLAN106. The detailed instructions can be found in the section 802.
74 z Configure Switch C: Ste p Operation Description 1 Configure ports On VLAN → 802.1Q VLAN page, configure the link type of the related ports as T agged, and add the ports to VLAN101-VLAN106. The detailed instructions can be found in the section 802.
75 ¾ The topology diagram of the t w o inst ances after the topology is stable z For Instance 1 (VLAN101, 103 and 105), the red paths in the following figure are connected links; the gray paths ar e the blocked links.
76 Chapter 8 Multicast ¾ Multicast Overview In the network, packet s are sent in three modes: unicast, broadcas t and multicast. In unicast, the source server sends separate copy information to each receiver .
77 ¾ Multicast Address 1. Multicast IP Address: As specified by IANA (Internet Assigned Numbers Authority), Class D IP addresses are used as destination addresses of multic ast packets. The multicast IP addresses range from 224.0.0.0~239.255.255.255.
78 should be a group port list, so the switch will dup licate this multicast data and deliver each port one copy . The general format of the mu lticast address table is described as Figure 8-3 below .
79 in the VLAN as well as analyze the message to get the address of the mu lticast group the host applies for joining. The receiving port will be processed: if the rece iving port is a new member port.
80 Figure 8-4 Basic Config The following entries are displayed on this screen: ¾ Global Config IGMP Snooping: Select Enable/Disable IGMP S nooping function globally on the switch. Unknown Multicast: Select the operation for the swit ch to process unknown multicast, Forward or Discard.
81 The following entries are displayed on this screen: ¾ Port Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select the desired port for IGMP Snooping featur e configuration.
82 ¾ VLAN Config VLAN ID: Enter the VLAN ID to enable IGMP Snooping for the desired VLAN. Router Port Time: S pecify the aging time of the router port. Within this time, if the switch doesn’t receive IGMP query message from the router port, it will consider this port is not a router port any more.
83 VLAN owning a receiver one copy . Th is mode wastes a lot of bandwid th. The problem above can be solved by configuring a multicast VLAN. By adding switch port s to the multicast VLAN and enabling IGMP Snooping, you c an make users in different VLANs share the same multicast VLAN.
84 2. The Multicast VLAN won't take effect unle ss you first complete the configuration for the corresponding VLAN owning the port on the 802.1Q VLAN page. 3. Configure the link type of the router port in the multicast VL AN as T agged otherwise all the member ports in the multicast VLAN can not receive multicast streams.
85 ¾ Network Diagram ¾ Configuration Procedure Ste p Operation Description 1 Create VLANs Create three VLANs with the VLAN ID 3, 4 and 5 respectively , and specify the description of VL AN3 as Multicast VLAN on VLAN → 802.1Q VLAN page. 2 Configure ports On VLAN → 802.
86 Choose the menu Multicast → Multicast IP → Multicast IP T able to load the following page. Figure 8-8 Multicast IP T able The following entries are displayed on this screen: ¾ Search Option Multicast IP: Enter the multicast IP address the desired entry must carry .
87 Figure 8-9 S tatic Multicast IP T able The following entries are displayed on this screen: ¾ Create St atic Multicast Multicast IP: Enter static multicast IP address. VLAN ID: Enter the VLAN ID of the multicast IP . Forward Port: Enter the forward port of the multicast group.
88 port. If the port can be added to the multicast group, it will be added to the multicast address table; if the port can not be added to the multicast group, the switch will drop the IG MP report message. In that way , the multicast streams will not be trans mitted to this port, which allows you to control hosts joining the multicast group.
89 Choose the menu Multicast → Multicast Filter → Port Filter to load the following page. Figure 8-1 1 Port Filter The following entries are displayed on this screen: ¾ Port Filter Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered.
90 Configuration Procedure: Ste p Operation Description 1 Configure IP-Range Requir ed. C onfigure IP-Range to be filtered on Multicast → Multicast Filter → IP-Range page. 2 Configure multicast filter rules for ports Optional. Configure multicast filter rules for ports on Multicast → Multicast Filter → Port Filter page.
91 Report Packet (V1): Displays the number of IGMPv1 report packet s the port received . Report Packet (V2): Displays the number of IGMPv2 report packet s the port received . Report Packet (V3): Displays the number of IGMPv3 report packet s the port received .
92 Chapter 9 QoS QoS (Quality of Service) functi ons to provide different quality of service for various network applications and requirements and optim ize the bandwidth resource dist ribution so as to provide a network service experience of a better quality .
93 2. 802.1P Priority Figure 9-2 802.1Q frame As shown in the figure above, each 802.1Q T ag ha s a Pri field, comprising 3 bits. The 3-bit priority field is 802.1p priority in the range of 0 to 7. 802.1P priority determi nes the priority of the packet s based on the Pri value.
94 Figure 9-4 SP-Mode 2. WRR-Mode: We ight Roun d Robin Mode. In this mode, packet s in all the queues are sent in order based on the weight value for each queue and every queue can be assured of a certain service time. The weight value indicates the occupied proportion of the resource.
95 The QoS module is mainly for traffic control and priority configurati on, including two submenus: DiffServ and Bandwidth Control . 9.1 DiffServ This switch classifies the ingr ess packets, map s th.
96 Configuration Procedure: Ste p Operation Description 1 Select the port priority Required. On QoS → DiffServ → Port Priority page, configure the port priority . 3 Select a schedule mode Requir ed. On QoS → DiffServ → Schedule Mode page, select a schedule mode.
97 Configuration Procedure: Ste p Operation Description 1 Log on to the 802.1 P/CoS Mapping page 2 Enable 802.1P priority function Required. By default, the 802. 1P priority function is disabled. 3 Map the 802.1P priority t ag to the priority level Required.
98 ¾ Priority Level DSCP: Indicates the priority determined by the DS region of IP dat agram . It ranges from 0 to 63. Priority Level: Indicates the priority level the packets with t ag are mapped to. The priority levels are labeled as TC0, TC1, TC2 and TC3.
99 SP+WRR-Mode: S trict-Priority + Weight Round Ro bin Mode. In this mode, this switch provides two scheduling groups, SP group and WRR group. Queues in SP group and WRR group are schedule d strictly based on strict-priority mode while the queues inside WRR group follow the WRR mode.
100 Select: Select the desired port for Rate configuration. It is multi-optional. Port: Displays the port number of the switch. Ingress Rate (bps ): Configure the bandwidth for receiving p ackets on the port.
101 The following entries are displayed on this screen: ¾ Storm Control Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select the desired port for S tor m Control configuration.
102 Number OUI Address V endor 2 00-03-6b-00-00-0 0 Cisco phone 3 00-04-0d-00- 00-00 Avaya phone 4 00-60-b9-00-00-00 Philips/NEC phone 5 00-d0-1e-00-00-0 0 Pingtel phone 6 00-e0-75-00-00-0 0 Polycom p.
103 ¾ Security Mode of V oice VLAN When voice VLAN is enabled for a port, you can configure its security mode to filter data stream. If security mode is enabled, the port just forwards voice packet s, and discards other packets whose source MAC addresses do not match OUI addresses.
104 VLAN ID: Enter the VLAN ID of the voice VLAN. Aging Time: S pecifies the living time of the membe r port in auto mode after the OUI address is aging out.
105 Security Mode: Configure the security mode for forwarding packets. z Disable: All packets are forwarded. z Enable: Only voice data are forwarded. Member St ate: Displays the state of the port in the current voice VLAN. LAG: Displays the LAG number which the port belongs to.
106 Configuration Procedure of V oice VLAN: Ste p Operation Description 1 Configure the link type of the port Required. On VLAN → 802.1Q VLAN → VLAN Config page, configure the link type of ports of the voice device. 2 Create VLAN Requir ed. On VLAN → 802.
107 Chapter 10 ACL 10.1 ACL Config An ACL may contain a number of rules, and each ru le specifies a different package range. Packet s are matched in match order .
108 Figure 10-2 ACL Create The following entries are displayed on this screen: ¾ Create ACL ACL ID: Enter ACL ID of the ACL you want to create. Rule Order: User Config order is set to be match order in this ACL.
109 MASK: Enter MAC address mask. If it is set to 1, it must strictly match the address. 10.1.4 St andard-IP ACL S tandard-IP ACLs analyze and process data packe ts based on a series of ma tch conditions, which can be the source IP addresses and destination IP addresses carried in the packets.
1 10 Figure 10-5 Create Extend-IP Rule The following entries are displayed on this screen: ¾ Create Extend-IP ACL ACL ID: Select the desired Extend-I P ACL for configuration. Rule ID: Enter the rule ID. Operation: Select the operation for the switch to process packet s which match the rules.
111 Choose the menu ACL → Policy Config → Policy Summary to load the following page. Figure 10-6 Policy Summary The following entries are displayed on this screen: ¾ Search Option Select Policy: Select name of the desired policy fo r view . If you want to delete the desired policy , please click the Delete button.
1 12 Figure 10-8 Action Create The following entries are displayed on this screen: ¾ Create Action Select Policy: Select the name of the policy . Select ACL: Select the ACL for configuration in the policy . 10.3 Policy Binding Policy Binding function can have the policy take its effect on a specific port/VLAN.
1 13 Interface: Displays the port number or VLAN ID bound to the policy . Direction: Displays the binding direction. 10.3.2 Port Binding On this page you can bind a policy to a port. Choose the menu ACL → Policy Binding → Port Binding to load the following p age.
1 14 The following entries are displayed on this screen: ¾ VLAN-Bind Config Policy Name: Select the name of the po licy you want to bind. VLAN ID: Enter the ID of the VLAN you want to bind. ¾ VLAN-Bind T able Index: Displays the index of the binding policy .
1 15 ¾ Network Diagram ¾ Configuration Procedure Ste p Operation Description 1 Configure for requirement 1 On ACL → ACL Config → ACL Create page, create ACL 1 1. On ACL → ACL Config → MAC ACL page, select ACL 1 1, create Rule 1, configure the operation as Perm it, configure the S-MAC as 00-64-A5-5D-12-C3 and mask as FF-FF-FF-FF-FF-FF .
1 16 Ste p Operation Description 3 Configure for requirement 3 and 4 On ACL → ACL Config → ACL Create page, create ACL 101. On ACL → ACL Config → St andard-IP ACL p age, select ACL 101, create Rule 4, configure operatio n as Deny , configure S-IP as 10.
1 17 Chapter 11 SNMP ¾ SNMP Overvie w SNMP (Simple Network Management Protocol) has gained the most extens ive application on the UDP/IP networks. SNMP provides a management frame to monitor and maintain the network devices. It is used for automatica lly managing the various network devices no matter the physical differences of the devices.
1 18 SNMP v1: SNMP v1 adopts Community Name authentic ation. The community name is used to define the relation between SNMP Management S tation and SNMP Agent. The SNMP packet s failing to pass community name authentication are discarded. The community name can limit access to SNMP Agent from SNMP NMS, functioning as a password.
1 19 management station. The specif ied User Name and the Auth/Privacy Password are used for SNMP Management S tation to access the SNMP Agent, functioning as the p assword. SNMP module is used to configure the SNMP f unction of the switch, including three submenus: SNMP Config , Notification and RMON .
120 11.1.2 SNM P View The OID (Object Identifier) of t he SNMP packets is used to describe the managed objects of the switch, and the MIB (Management Information Base) is the set of the OIDs. The SNMP View is created for the SNMP management station to manage MIB objects.
121 Figure 1 1-5 SNMP Group The following ent ries are displaye d on this screen: ¾ Group Config Group Name: Enter the SNMP Group name. The Group Name, Security Model and Security Level compose the identifier of the SNMP Group. The Groups with these three items the same are considered to be the same.
122 Notify V iew : Select the View to be the Notify V iew . The management station can receive trap messages of the assigned SNMP view generate d by the switch's SNMP agent. ¾ Group T able Select: Select the desired entry to del ete the corresponding group.
123 ¾ User Config User Name: Enter the User Name here. User T ype: Select the type for the User . • Local User: Indicates that the user is connected to a local SNMP engine. • Remote User: Indicates that the user is connected to a remote SNMP engine.
124 11.1.5 SNM P Community SNMP v1 and SNMP v2c adopt community name authentication. The comm unity name can limit access to the SNMP agent from SNMP network ma nagement station, functioni ng as a password. If SNMP v1 or SNMP v2c is employed, you can di rectly configure the SNMP Community on this page without configuring SNMP Group and User .
125 Configuration Procedure: z If SNMPv3 is employed, please take the following step s: Ste p Operation Description 1 Enable SNMP function globally . Requir ed. On the SNMP → SNMP C onfig → Global Config page, enable SNMP function globally . 2 Create SNMP View .
126 11.2 Notification With the Notification function enabl ed, the switch can initiatively report to the management station about the important events that o ccur on the V iews (e.g., the manag ed device is rebooted), which allows the management station to monitor and process the events in time.
127 Ty p e : Select the type for the notifications. • Tr a p : Indicates traps are sent. • Inform: Indicates informs are sen t. The Inform type has a higher security than the T rap type. Retry: S pecify the amount of times t he switch resends an inform request.
128 RMON Group Function History Group After a history group is confi gured, the switch collects and records network statistics information periodically , based on which the m anagement station can monitor network effectively . Event Group Event Group is used to define RMON events.
129 11.3.2 Event Config On this page, you can configure the RMON events. Choose the menu SNMP → RMON → Event Config to load the following page. Figure 1 1-10 Event Config The following ent ries are displaye d on this screen: ¾ Event T able Select: Select the desired entry for configuration.
130 Figure 1 1-1 1 Alarm Config The following ent ries are displaye d on this screen: ¾ Alarm T able Select: Select the desired entry for configuration. Index: Displays the index number of the entry . Va r i a b l e : Select the alarm variables from the pull-down list.
131 Ow ner : Enter the name of the device or user that defined the entry . Statu s: Select Enable/Disable t he corresponding alarm entry . Note: When alarm variables exceed the Threshold on the same d.
132 Chapter 12 Maintenance Maintenance module, assembling the commonly used system tools to manage the switch, provides the convenient method to locate and solve the network problem. ( 1 ) System Monitor: Monitor the utilization stat us of the memory and the CPU of switch.
133 Click the Monitor button to enable the switch to monitor and display its CPU utilization rate every four seconds. 12.1.2 Memor y Monitor Choose the menu Maintenance → S ystem Monitor → Memory Monitor to load the following page.
134 Severity Level Description debugging 7 Debug-level messages T able 12-1 Log Level The Log function is implemented on the Log T able , Local Log , Remote Log and Backup Log pages. 12.2.1 Log T able The switch supports logs output to two directions , namely , log buf fer and log file.
135 Severity: Displays the severity level of the log information. Y ou can select a severity level to display the log in formation whose severity le vel value is the same or smaller . Content: Displays the content of the log information. Note: 1. The logs are classified into eight levels based on severity .
136 12.2.3 Remote Log Remote log feature enables the switch to send sy stem logs to the Log Ser ver . Log Server is to centralize the system logs from various devices for the administ rator to monitor and m anage the whole network. Choose the menu Maintenance → Log → Remote Log to load the following page.
137 Figure 12-6 Backup Log The following ent ry is displayed on this screen: ¾ Backup Log Backup Log: Click the Backup Log button to save the log as a file to your computer . Note: It will take a few minutes to backup the l og file. Please wait without any operat ion.
138 Length: If the connection status is normal, here displays the length range o f the cable. Error: If the connection status is close, open or impedanc e, here displays the error length of the cable. Note: 1. The interval between two cable tests for one port must be more than 3 seconds.
139 12.4.1 Ping Ping test function, testing the connectivit y between the switch and one node of the network, facilitates you to test the network connectivity and r eachability of the host so as to locate the network malfunctions. Choose the menu Maintenance → Netw ork Diagnostics → Ping to load the following page.
140 Figure 12-10 T racert The following ent ries are displaye d on this screen: ¾ T racert Config Destination IP: Enter the IP address of the destination device.
141 Appendix A: Sp ecifications IEEE802.3 10Base-T Ethernet IEEE802.3u 100Base-TX/100Bas e-FX Fast Ethernet IEEE802.3ab 1000Base-T Gigabit Ethernet IEEE802.3ad Dynamic link aggregation IEEE802.3x Flow Control IEEE802.1p QoS IEEE802.1q VLAN IEEE802.1d Spanning Tree IEEE802.
142 Appendix B: Configuring the PCs In this section, we’ll introduce how to install and configure the TCP/IP correctly in Windows 2000. First make sure your Ethernet Adapter is work ing, refer to the adapter ’s manual if necessary . Configure TCP/IP comp onent 1) On the Windows taskbar , click the St a rt button, and then click Control Panel .
143 5) The following TCP/IP Properties window will display and the I P Address t ab is open on this window by default. Figure B-3 6) Select Use the following IP address . And the following items will be available. If the switch's IP address is 192.
144 Appendix C: Glossary Boot Protocol (BOOTP) BOOTP is used to provide bootup informat ion for netwo rk devices, including IP address information, the address of the TFTP server that contains the de vices system files, and the name of the boot file.
145 IGMP Snooping Listening to IGMP Query and IGMP Report packets transferred between IP Multicast routers and IP Multicast host groups to ident ify IP Multicast group members.
146 in standard SNMP, and can set alarms on a variety of traffic conditions, in cluding specific error types. Rapid Spanning Tree Protocol (RSTP) RSTP reduces the conver gence time for network t opology changes to about 10% of that required by the older IEEE 802.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il TP-Link TL-SG2008 è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del TP-Link TL-SG2008 - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso TP-Link TL-SG2008 imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul TP-Link TL-SG2008 ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il TP-Link TL-SG2008, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del TP-Link TL-SG2008.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il TP-Link TL-SG2008. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo TP-Link TL-SG2008 insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.