TP-Link TL-SG2008 - Manual

VI 10.3.2 Port Binding ................................................................................................... 113 10.3.3 VLAN Binding................................................................................................. 113 10.4 Application Example for ACL ......................

1 Package Contents The following items should be found in your box: ¾ One TL-SG2008 8-Port Gigabit Smart Switch ¾ One power adapter ¾ Four rubber cushions ¾ Quick Installation Guide ¾ Resource CD for TL-SG2008 switch, including: • This User Guide • Other Helpful Information Note: Make sure that the ...

2 Chapter 1 About this Guide This User Guide contains information for setup and management of TL-SG2008 8-Port Gigabit Smart Switch. Please read this guide carefully before operation. 1.1 Intended Readers This Guide is intended for network managers familiar with IT concepts and network terminologies...

3 Chapter Introduction Chapter 4 System This module is used to configure system properties of the switch. Here mainly introduces: z System Info: Configure the description, system time and network parameters of the switch. z User Management: Configure the user name and password for users to log on to...

5 Chapter 2 Introduction Thanks for choosing the TL-SG2008 8-Port Gigabit Smart Switch! 2.1 Overview of the Switch Designed for workgroups and departments, TL-SG2008 from TP-LINK provides wire-speed performance and full set of layer 2 management features. It provides a variety of service features an...

6 The following parts are located on the front panel of the switch: ¾ Reset: Press this button for five seconds or above to reset the software setting back to factory default setting. ¾ LEDs Name Status Indication On(Green) The switch is powered on. Power Flashing/Off The switch is powered off or po...

7 Chapter 3 Login to the Switch 3.1 Login 1) To access the configuration utility, open a web-browser and type in the default address http://192.168.0.1 in the address field of the browser, then press the Enter key. Figure 3-1 Web-browser Tips: To log in to the switch, the IP address of your PC shoul...

8 Figure 3-3 Main Setup-Menu Note: Clicking Apply can only make the new configurations effective before the switch is rebooted. If you want to keep the configurations effective even the switch is rebooted, please click Save Config . You are suggested to click Save Config before cutting off the power...

9 Chapter 4 System The System module is mainly for system configuration of the switch, including four submenus: System Info , User Management, System Tools and Access Security . 4.1 System Info The System Info, mainly for basic properties configuration, can be implemented on System Summary , Device ...

13 Predefined Mode: Select a predefined DST configuration. z USA: Second Sunday in March, 02:00 ~ First Sunday in November, 02:00. z Australia: First Sunday in October, 02:00 ~ First Sunday in April, 03:00. z Europe: Last Sunday in March, 01:00 ~ Last Sunday in October, 01:00. z New Zealand: Last Su...

14 ¾ IP Config MAC Address: Displays MAC Address of the switch. IP Address Mode: Select the mode to obtain IP Address for the switch. z Static IP: When this option is selected, you should enter IP Address, Subnet Mask and Default Gateway manually. z DHCP: When this option is selected, the switch wil...

19 Figure 4-14 System Reset Note: After the system is reset, the switch will be reset to the default and all the settings will be cleared. 4.4 Access Security Access Security provides different security measures for the remote login so as to enhance the configuration management security. It can be i...

22 4. It may take more time for https connection than that for http connection, because https connection involves authentication, encryption and decryption etc. 4.4.3 SSH Config As stipulated by IFTF (Internet Engineering Task Force), SSH (Secure Shell) is a security protocol established on applicat...

23 Idle Timeout: Specify the idle timeout time. The system will automatically release the connection when the time is up. The default time is 120 seconds. Max Connect: Specify the maximum number of the connections to the SSH server. No new connection will be established when the number of the connec...

24 2. Click the Open button in the above figure to log on to the switch. Enter the login user name and password, and then you can continue to configure the switch. Application Example 2 for SSH: ¾ Network Requirements 1. Log on to the switch via key authentication using SSH and the SSH function is e...

25 Note: 1. The key length is in the range of 256 to 3072 bits. 2. During the key generation, randomly moving the mouse quickly can accelerate the key generation. 2. After the key is successfully generated, please save the public key and private key to the computer.

26 3. On the Web management page of the switch, download the public key file saved in the computer to the switch. Note: 1. The key type should accord with the type of the key file. 2. The SSH key downloading can not be interrupted. 4. After the public key is downloaded, please log on to the interfac...

28 Chapter 5 Switching Switching module is used to configure the basic functions of the switch, including four submenus: Port , LAG , Traffic Monitor and MAC Address . 5.1 Port The Port function, allowing you to configure the basic features for the port, is implemented on the Port Config , Port Mirr...

29 Duplex mode with the switch. When “Auto” is selected, theSpeed and Duplex mode will be determined by auto-negotiation.For the SFP port, this switch does not support auto-negotiation. Flow Control: Allows you to Enable/Disable the Flow Control feature. When Flow Control is enabled, the switch can ...

30 Click Edit to display the following figure. Figure 5-3 Port Mirror Config The following entries are displayed on this screen: ¾ Mirror Group Number: Select the mirror group number you want to configure. ¾ Mirroring Port Mirroring Port: Select the mirroring port number. ¾ Mirrored Port Port Select...

31 Note: 1. The LAG member can not be selected as the mirrored port or mirroring port. 2. A port can not be set as the mirrored port and the mirroring port simultaneously. 3. The Port Mirror function can take effect span the multiple VLANs. 5.1.3 Port Security MAC Address Table maintains the mapping...

34 Automatic Recovery Time : Time after which the blocked port would automatically recover to normal status. It can be set as integral times of detection interval. Web Refresh Status: Here you can enable or disable web automatic refresh. Web Refresh Interval: Set a web refresh interval between 3 and...

36 Group Number: Displays the LAG number here. Description: Displays the description of LAG. Member: Displays the LAG member. Operation: Allows you to view or modify the information for each LAG. • Edit: Click to modify the settings of the LAG. • Detail: Click to get the information of the LAG. Clic...

39 LAG: Displays the LAG number which the port belongs to. 5.3 Traffic Monitor The Traffic Monitor function, monitoring the traffic of each port, is implemented on the Traffic Summary and Traffic Statistics pages. 5.3.1 Traffic Summary Traffic Summary screen displays the traffic information of each ...

41 Broadcast: Displays the number of good broadcast packets received or transmitted on the port. The error frames are not counted in. Multicast: Displays the number of good multicast packets received or transmitted on the port. The error frames are not counted in. Unicast: Displays the number of goo...

45 Figure 5-15 Dynamic Address The following entries are displayed on this screen: ¾ Aging Config Auto Aging: Allows you to Enable/Disable the Auto Aging feature. Aging Time: Enter the Aging Time for the dynamic address. ¾ Search Option Search Option: Select a Search Option from the pull-down list a...

47 ¾ Filtering Address Table Select: Select the entry to delete the corresponding filtering address. It ismulti-optional. MAC Address: Displays the filtering MAC Address. VLAN ID: Displays the corresponding VLAN ID. Port: Here the symbol “__” indicates no specified port. Type: Displays the Type of t...

48 Figure 5-17 Network diagram of DHCP For different DHCP clients, DHCP server provides three IP address assigning methods: (1) Manually assign the IP address: Allows the administrator to bind the static IP address to a specific client (e.g.: WWW Server) via the DHCP server. (2) Automatically assign...

49 packet and broadcast the DHCP-REQUEST packet which includes the assigned IP address of the DHCP-OFFER packet. （ 4 ） DHCP-ACK Stage: Since the DHCP-REQUEST packet is broadcasted, all DHCP servers on the network segment can receive it. However, only the requested server processes the request. If th...

50 Figure 5-20 DHCP Filtering The following entries are displayed on this screen: ¾ DHCP Filtering DHCP Filtering: Enable/Disable the DHCP Filtering function globally. ¾ Trusted Port Here you can select the desired port(s) to be Trusted Port(s). Only the Trusted Port(s) can receive DHCP packets from...

51 Chapter 6 VLAN The traditional Ethernet is a data network communication technology based on CSMA/CD (Carrier Sense Multiple Access/Collision Detect) via shared communication medium. Through the traditional Ethernet, the overfull hosts in LAN will result in serious collision, flooding broadcasts, ...

52 6.1 802.1Q VLAN VLAN tags in the packets are necessary for the switch to identify packets of different VLANs. The switch works at the data link layer in OSI model and it can identify the data link layer encapsulation of the packet only, so you can add the VLAN tag field into the data link layer e...

55 Untagged: The port will be an untagged member of the specific VLAN if you select it. Tagged: The port will be an tagged member of the specific VLAN if you select it. NotMember: The port will not be a member of the specific VLAN if you select it. PVID: Here you can change the PVID of the specific ...

57 Chapter 7 Spanning Tree STP (Spanning Tree Protocol), subject to IEEE 802.1D standard, is to disbranch a ring network in the Data Link layer in a local network. Devices running STP discover loops in the network and block ports by exchanging information, in that way, a ring network can be disbranc...

58 Figure 7-1 Basic STP diagram ¾ STP Timers Hello Time: Hello Time ranges from 1 to 10 seconds. It specifies the interval to send BPDU packets. It is used to test the links. Max. Age: Max. Age ranges from 6 to 40 seconds. It specifies the maximum time the switch can wait without receiving a BPDU be...

63 The following entries are displayed on this screen: ¾ Global Config STP: Select Enable/Disable STP function globally on the switch. Version: Select the desired STP version on the switch. z STP: Spanning Tree Protocol. z RSTP: Rapid Spanning Tree Protocol. z MSTP: Multiple Spanning Tree Protocol. ...

69 Note: The port status of one port in different spanning tree instances can be different. Global configuration Procedure for Spanning Tree function: Step Operation Description 1 Make clear roles the switches play in spanning tree instances: root bridge or designated bridge Preparation. 2 Globally ...

72 Figure 7-11 TC Protect The following entries are displayed on this screen: ¾ TC Protect TC Threshold: Enter a number from 1 to 100. It is the maximum number of the TC-BPDUs received by the switch in a TC Protect Cycle. The default value is 20. TC Protect Cycle: Enter a value from 1 to 10 to speci...

75 ¾ The topology diagram of the two instances after the topology is stable z For Instance 1 (VLAN101, 103 and 105), the red paths in the following figure are connected links; the gray paths are the blocked links. z For Instance 2 (VLAN102, 104 and 106), the blue paths in the following figure are co...

76 Chapter 8 Multicast ¾ Multicast Overview In the network, packets are sent in three modes: unicast, broadcast and multicast. In unicast, the source server sends separate copy information to each receiver. When a large number of users require this information, the server must send many pieces of in...

77 ¾ Multicast Address 1. Multicast IP Address: As specified by IANA (Internet Assigned Numbers Authority), Class D IP addresses are used as destination addresses of multicast packets. The multicast IP addresses range from 224.0.0.0~239.255.255.255. The following table displays the range and descrip...

82 ¾ VLAN Config VLAN ID: Enter the VLAN ID to enable IGMP Snooping for the desired VLAN. Router Port Time: Specify the aging time of the router port. Within this time, if the switch doesn’t receive IGMP query message from the router port, it will consider this port is not a router port any more. Me...

87 Figure 8-9 Static Multicast IP Table The following entries are displayed on this screen: ¾ Create Static Multicast Multicast IP: Enter static multicast IP address. VLAN ID: Enter the VLAN ID of the multicast IP. Forward Port: Enter the forward port of the multicast group. ¾ Search Option Search O...

90 Configuration Procedure: Step Operation Description 1 Configure IP-Range Required. Configure IP-Range to be filtered on Multicast → Multicast Filter → IP-Range page. 2 Configure multicast filter rules for ports Optional. Configure multicast filter rules for ports on Multicast → Multicast Filter →...

92 Chapter 9 QoS QoS (Quality of Service) functions to provide different quality of service for various network applications and requirements and optimize the bandwidth resource distribution so as to provide a network service experience of a better quality. ¾ QoS This switch classifies the ingress p...

93 2. 802.1P Priority Figure 9-2 802.1Q frame As shown in the figure above, each 802.1Q Tag has a Pri field, comprising 3 bits. The 3-bit priority field is 802.1p priority in the range of 0 to 7. 802.1P priority determines the priority of the packets based on the Pri value. On the Web management pag...

99 SP+WRR-Mode: Strict-Priority + Weight Round Robin Mode. In this mode, this switch provides two scheduling groups, SP group and WRR group. Queues in SP group and WRR group are scheduled strictly based on strict-priority mode while the queues inside WRR group follow the WRR mode. In SP+WRR mode, TC...

102 Number OUI Address Vendor 2 00-03-6b-00-00-00 Cisco phone 3 00-04-0d-00-00-00 Avaya phone 4 00-60-b9-00-00-00 Philips/NEC phone 5 00-d0-1e-00-00-00 Pingtel phone 6 00-e0-75-00-00-00 Polycom phone 7 00-e0-bb-00-00-00 3com phone Table 9-1 OUI addresses on the switch ¾ Port Voice VLAN Mode A voice ...

104 VLAN ID: Enter the VLAN ID of the voice VLAN. Aging Time: Specifies the living time of the member port in auto mode after the OUI address is aging out. Priority: Select the priority of the port when sending voice data. 9.3.2 Port Config Before the voice VLAN function is enabled, the parameters o...

105 Security Mode: Configure the security mode for forwarding packets. z Disable: All packets are forwarded. z Enable: Only voice data are forwarded. Member State: Displays the state of the port in the current voice VLAN. LAG: Displays the LAG number which the port belongs to. 9.3.3 OUI Config The s...

106 Configuration Procedure of Voice VLAN: Step Operation Description 1 Configure the link type of the port Required. On VLAN → 802.1Q VLAN → VLAN Config page, configure the link type of ports of the voice device. 2 Create VLAN Required. On VLAN → 802.1Q VLAN → VLAN Config page, click the Create but...

107 Chapter 10 ACL 10.1 ACL Config An ACL may contain a number of rules, and each rule specifies a different package range. Packets are matched in match order. Once a rule is matched, the switch processes the matched packets taking the operation specified in the rule without considering the other ru...

110 Figure 10-5 Create Extend-IP Rule The following entries are displayed on this screen: ¾ Create Extend-IP ACL ACL ID: Select the desired Extend-IP ACL for configuration. Rule ID: Enter the rule ID. Operation: Select the operation for the switch to process packets which match the rules. z Permit: ...

112 Figure 10-8 Action Create The following entries are displayed on this screen: ¾ Create Action Select Policy: Select the name of the policy. Select ACL: Select the ACL for configuration in the policy. 10.3 Policy Binding Policy Binding function can have the policy take its effect on a specific po...

114 The following entries are displayed on this screen: ¾ VLAN-Bind Config Policy Name: Select the name of the policy you want to bind. VLAN ID: Enter the ID of the VLAN you want to bind. ¾ VLAN-Bind Table Index: Displays the index of the binding policy. Policy Name: Displays the name of the binding...

117 Chapter 11 SNMP ¾ SNMP Overview SNMP (Simple Network Management Protocol) has gained the most extensive application on the UDP/IP networks. SNMP provides a management frame to monitor and maintain the network devices. It is used for automatically managing the various network devices no matter th...

118 SNMP v1: SNMP v1 adopts Community Name authentication. The community name is used to define the relation between SNMP Management Station and SNMP Agent. The SNMP packets failing to pass community name authentication are discarded. The community name can limit access to SNMP Agent from SNMP NMS, ...

121 Figure 11-5 SNMP Group The following entries are displayed on this screen: ¾ Group Config Group Name: Enter the SNMP Group name. The Group Name, Security Modeland Security Level compose the identifier of the SNMP Group.The Groups with these three items the same are considered to bethe same. Secu...

130 Figure 11-11 Alarm Config The following entries are displayed on this screen: ¾ Alarm Table Select: Select the desired entry for configuration. Index: Displays the index number of the entry. Variable: Select the alarm variables from the pull-down list. Port: Select the port on which the Alarm en...

132 Chapter 12 Maintenance Maintenance module, assembling the commonly used system tools to manage the switch, provides the convenient method to locate and solve the network problem. （ 1 ） System Monitor: Monitor the utilization status of the memory and the CPU of switch. （ 2 ） Log: View the configu...

133 Click the Monitor button to enable the switch to monitor and display its CPU utilization rate every four seconds. 12.1.2 Memory Monitor Choose the menu Maintenance → System Monitor → Memory Monitor to load the following page. Figure 12-2 Memory Monitor Click the Monitor button to enable the swit...

137 Figure 12-6 Backup Log The following entry is displayed on this screen: ¾ Backup Log Backup Log: Click the Backup Log button to save the log as a file to your computer. Note: It will take a few minutes to backup the log file. Please wait without any operation. 12.3 Device Diagnostics This switch...

138 Length: If the connection status is normal, here displays the length range ofthe cable. Error: If the connection status is close, open or impedance, here displays theerror length of the cable. Note: 1. The interval between two cable tests for one port must be more than 3 seconds. 2. The result i...

140 Figure 12-10 Tracert The following entries are displayed on this screen: ¾ Tracert Config Destination IP: Enter the IP address of the destination device. Max Hop: Specify the maximum number of the route hops the test data can passthrough. Return to CONTENTS

141 Appendix A: Specifications IEEE802.3 10Base-T Ethernet IEEE802.3u 100Base-TX/100Base-FX Fast Ethernet IEEE802.3ab 1000Base-T Gigabit Ethernet IEEE802.3ad Dynamic link aggregation IEEE802.3x Flow Control IEEE802.1p QoS IEEE802.1q VLAN IEEE802.1d Spanning Tree IEEE802.1s Multiple Spanning Tree Sta...

142 Appendix B: Configuring the PCs In this section, we’ll introduce how to install and configure the TCP/IP correctly in Windows 2000. First make sure your Ethernet Adapter is working, refer to the adapter’s manual if necessary. Configure TCP/IP component 1) On the Windows taskbar, click the Start ...

144 Appendix C: Glossary Boot Protocol (BOOTP) BOOTP is used to provide bootup information for network devices, including IP address information, the address of the TFTP server that contains the devices system files, and the name of the boot file. Class of Service (CoS) CoS is supported by prioritiz...

145 IGMP Snooping Listening to IGMP Query and IGMP Report packets transferred between IP Multicast routers and IP Multicast host groups to identify IP Multicast group members. IGMP Query On each subnetwork, one IGMP-capable device will act as the querier — that is, the device that asks all hosts to ...

146 in standard SNMP, and can set alarms on a variety of traffic conditions, including specific error types. Rapid Spanning Tree Protocol (RSTP) RSTP reduces the convergence time for network topology changes to about 10% of that required by the older IEEE 802.1D STP standard. Simple Network Manageme...