ELTEX MES3108 User manual
MES3000
MES3108, MES3108F, MES3116, MES3116F,
MES3124, MES3124F, MES3224, MES3224F
Operation Manual, firmware version 2.5.47
Backbone Switches,
Aggregation Switches
2MES3000 Ethernet switch series
Document version
Issue date
Revisions
Version 1.32
18.09.2017
Changes in chapters:
- 5.1 Basic commands
- 5.4 System management commands
- 5.10 Storm control
- 5.15.5.1 STP, RSTP configuration
- 5.29 ACL configuration (Access Control Lists)
- 5.31 Quality of Services (QOS)
Version 1.31
18.09.2017
Added chapters:
- 5.8.3 Private VLAN configuration
- 5.26 Lightweight DHCPv6 Relay Agent (LDRA)
Changes in chapters:
- 5.6.2 File operation commands
- 5.8 Interface and VLAN configuration
- 5.11 Link Aggregation Group (LAG)
- 5.15.8 G.8032v2 (ERPS) protocol configuration
- 5.15.5 STP family (STP, RSTP, MSTP)
- 5.15.12 Layer 2 Protocol Tunneling (L2PT) configuration
- 5.17.1 Multicast addressing rules
- 5.17.2 IGMP Snooping
- 5.19 Alarm log, SYSLOG protocol
- 5.24.3 DHCP management and Option 82
- 5.25 DHCP Relay features
- 5.27 PPPoE Intermediate Agent configuration
- 5.29 ACL Configuration (Access Control Lists)
- 5.31.1 QoS Configuration
Version 1.30
23.06.2016
Changes in chapters:
- 5.4 System management commands
- 5.8.2 VLAN and interfaces switching modes configuration
-5.8.3 IP interface configuration
- 5.14.1 IPv6 configuration
- 5.15.5 STP family (STP, RSTP, MSTP)
- 5.19 Alarm log, SYSLOG protocol
- 5.27 DHCP server configuration
- 5.28 IPv4 ACL configuration
- 5.30 Quality of Services (QoS)
Version 1.29
10.02.2016
Changes in chapters:
- 5.8 Interface and VLAN configuration
- 5.10 Broadcast storm control
- 5.17 Multicast addressing
- 5.18.4 Simple network management protocol (SNMP)
- 5.24.2 Port-based client authentication (IEEE 802.1x standard)
- 5.24.3 DHCP management and Option 82
- 5.24.4 Client IP address protection (IP Source Guard)
- 5.24.5 ARP management (ARP Inspection)
- 5.24.6 MAC address notification configuration
- 5.28.1 ACL configuration (Access Control Lists)
- 6.2 Software update from TFTP server
Added chapters:
- 5.12.15 Layer 2 Protocol Tunneling (L2PT) configuration
Version 1.28
15.10.2015
Changes in chapters:
- 5.17.5 IGMP Proxy multicast routing
- 5.31.3 OSPF protocol configuration
Version 1.27
1.09.2015
Changes in chapters:
- 2.2.8 Additional functions
- 5.4 System management commands
- 5.8 Interface configuration
- 5.10 Broadcast storm control
- 5.11 Link Agregation Group (LAG)
- 5.15.2 ARP protocol configuration
- 5.15.6 Flex-link function configuration
- 5.17.5 IGMP Proxy multicast routing function
- 5.18.1 ААА mechanism
- 5.20 Port mirroring (monitoring)
- 5.30.1 QoS Configuration
MES3000 Ethernet switch series 3
- 5.31.5 Configuration of Virtual Router Redundancy Protocol (VRRP)
Added chapter:
- 5.23 IP Service Level Agreements (IP SLA)
Version 1.26
03.06.2015
Changes in chapters:
- 5.15.4 Loopback detection mechanism
- 5.15.5 STP protocol family
- 5.18.2 RADIUS protocol
- 5.24.2. Port-based client authentication (802.1x standard)
- 5.23.3 DHCP protocol management and Option 82
- 5.24 DHCP Relay mediation features
Version 1.25
11.03.2015
Changes in chapters:
- 5.8.2 VLAN interface configuration
- 5.10 Broadcast storm control
- 5.17.2 IGMP snooping function
- 5.18.4 Simple network management protocol (SNMP)
- 5.23.2.2 Advanced authentication
Version 1.24
26.01.2015
Changes in chapters:
-5.6.3 Configuration backup commands
-5.24 DHCP Relay mediation features
Added chapters:
-5.15.6 Flex-link function configuration
Version 1.23
25.11.2014
Synchronized with firmware version 2.5.32.
Changes in chapters:
- 5.18.1 AAA mechanism
- 5.30.5 Configuration of Virtual Router Redundancy Protocol (VRRP)
Added chapters:
- 5.14.3 IPv6 RA guard function configuration
- 5.14.4 DHCPv6 guard function configuration
Version 1.23
25.11.2014
Synchronized with firmware version 2.5.32.
Changes in chapters:
- 5.18.1 AAA mechanism
- 5.30.5 Configuration of Virtual Router Redundancy Protocol (VRRP)
Added chapters:
- 5.14.3 IPv6 RA guard function configuration
- 5.14.4 DHCPv6 guard function configuration
Version 1.22
21.10.2014
Synchronized with firmware version 2.5.30.
Changes in chapters:
- 5.8.2 VLAN interface configuration
- 5.10 Broadcast storm control
Version 1.21
13.10.2014
Synchronized with firmware version 2.5.28.
Changes in chapters:
- 5.11 Link Aggregation Groups (LAG)
- 5.15.6 EAPS protocol
Version 1.20
26/08/2014
Synchronized with firmware version 2.5.26.
Changes in chapters:
- 5.4 System management commands
- 5.15.6 EAPS protocol
- 5.24 DHCP Relay mediation features
- 5.30.3 OSPF protocol configuration
- Appendix А: Multicast-tv configuration
Version 1.19
28/07/2014
Synchronized with firmware version 2.5.24.
Changes in chapters:
- 5.12 IPv4 addressing configuration
- 5.18.7.1 Telnet, SSH, HTTP and FTP
Added chapters:
- 5.8.3 IP interface configuration
Version 1.18
29/05/2014
Changes in chapters:
- 5.8.2 VLAN interface configuration
- 5.9 Selective Q-in-Q
- 5.30.3 OSPF protocol configuration
Added chapters:
- 5.30.4 BFD protocol configuration
4MES3000 Ethernet switch series
Version 1.17
29/04/2014
Changes in chapters:
- 5.8.1 Parameters of the Ethernet and Port-Channel interfaces
Version 1.16
01 April 2014
Changes in chapters:
- 5.22.1 Copper-wire cable diagnostics
Version 1.15
29/01/2014
Changes in chapters:
- 5.17.2 IGMP Proxy multicast routing function
Version 1.14
05/12/2013
Changes in chapters:
- 2.2 Switch functionality
Added chapters:
- 5.30.4 Virtual Router Redundancy Protocol (VRRP) configuration
Version 1.13
22/11/2013
Changes in chapters:
- 5.15.5 STP protocol family (STP, RSTP, MSTP)
- 5.8.1 Parameters of the Ethernet and Port-Channel interfaces
- 5.18.2 RADIUS protocol
- 5.20 Mirroring (monitoring) of ports
Added chapters:
- 5.2 Filtering of command line messages
Version 1.12
02/10/2013
Changes in chapters:
- 4.4.2 Switch operation in stackable mode
- 5.6 System time configuration
- 5.16.2 IGMP protocol mediation features (IGMP Snooping)
- 5.29.3 OSPF protocol configuration
Version 1.11
15/08/2013
Changes in chapters:
- 5.26.1 IPv4 ACL configuration
- 5.26.2 IPv6 ACL configuration
- 5.26.3 MAC ACL configuration
Version 1.10
18/06/2013
Added chapters:
- 5.5.3 Configuration backup commands
- 5.14.7 G.8032v2 (ERPS) protocol configuration
- 5.14.9 OAM protocol configuration
- 5.14.10 CFM protocol configuration
Changes in chapters:
- 4.1 Terminal configuration
- 5.9 Broadcast storm control
- 5.17.2 RADIUS protocol
- 5.17.3 TACACS+ protocol
- 5.17.4 SNMP network management protocol
- 5.17.1 ААА mechanism
- 5.17.7.1 Telnet, SSH, HTTP and FTP
- 5.17.7.2 Terminal configuration commands
- 5.21.2 Optical transceiver diagnostics
Version 1.9
20/03/2013
Added chapters:
- 5.17.4 Multicast traffic policing features
Changes in chapters:
- 5.17.2 IGMP protocol mediation features (IGMP Snooping)
- 5.18.1 ААА mechanism
- 5.18.7 Access configuration
- 5.23.3 DHCP protocol management and Option 82
- 5.25 PPPoE Intermediate Agent configuration
Version 1.8
06/03/2013
Changes in chapters:
- 5.3. Added description of the CPU monitoring and protection feature
configuration.
- 5.7.1. Added description of the interface load monitoring feature
configuration.
- 5.7.2. Added description of MAC-based vlan, EtherType configuration
for outgoing packets.
- 5.16.1. Added description of MAC address learning configuration in
VLAN.
- 5.16.2 IGMP protocol mediation features (IGMP Snooping).
- 5.17.4. Added description of SNMP trap messages configuration on
ports.
- 5.19. Added description of remote mirroring configuration.
- 5.22.3. Added description of DHCP Option 82 format configuration.
Added chapters:
- 5.24 PPPoE Intermediate Agent configuration.
MES3000 Ethernet switch series 5
- 5.28.3 OSPF protocol configuration.
- Appendix B. Typical network building schemes based on EAPS
protocol.
- Appendix C. Description of switch processes.
Version 1.7
27/11/2012
Changes in chapters:
- 2.3 Main specifications
- 4.4.2 Switch operation in stackable mode
- 5.10 Link Aggregation Group (LAG)
Version 1.6
10/09/2012
Changes in chapters:
- 5.21 Physical diagnostics functions
Version 1.5
24/08/2012
Added the description of MAC Address Notification function.
Changes in chapters:
- 5.5.2 File operation commands
- 7.2.1 Adding SVLAN
- 7.2.2 CVLAN substitution
Version 1.4
04/07/2012
Support for device operation in stackable mode.
Added description MES3224, MES3224F.
Version 1.3
20/12/2011
Changes in chapters:
- 5.8 Selective Q-in-Q
- 7.2 Selective-qinq configuration
Version 1.2
01/12/2011
Added description of EAPS protocol configuration. Protocol supported
from the version 2.1.12
Version 1.1
30/08/2011
IGMP Proxy function description.
Function is supported from the firmware version 2.1.8
Version 1.0
10/06/2011
First issue.
Firmware version
2.5.47
6MES3000 Ethernet switch series
CONTENTS
1 INTRODUCTION............................................................................................................................. 10
2 PRODUCT DESCRIPTION ................................................................................................................ 11
2.1 Purpose............................................................................................................................................. 11
2.2 Switch functionality .......................................................................................................................... 11
2.2.1 Basic functions ........................................................................................................................ 11
2.2.2 Functions for MAC address processing................................................................................... 11
2.2.3 Second-layer functions of OSI model correspondence........................................................... 12
2.2.4 Third-layer functions of OSI model ......................................................................................... 14
2.2.5 QoS functions.......................................................................................................................... 14
2.2.6 Security functions ................................................................................................................... 14
2.2.7 Switch control functions ......................................................................................................... 15
2.2.8 Additional functions................................................................................................................ 16
2.3 Main specifications ........................................................................................................................... 17
2.4 Design ............................................................................................................................................... 19
2.4.1 Front panel of the device........................................................................................................ 19
2.4.2 Rear panel of the device ......................................................................................................... 21
2.4.3 Side panels of the device ........................................................................................................ 22
2.4.4 Light Indication ....................................................................................................................... 22
2.5 Delivery Package............................................................................................................................... 24
3 INSTALLATION AND CONNECTION ................................................................................................. 25
3.1 Support brackets mounting .............................................................................................................. 25
3.2 Device rack installation..................................................................................................................... 25
3.3 Power module installation................................................................................................................ 27
3.4 Connection to Power Supply ............................................................................................................ 27
3.5 SFP transceiver installation and removal ......................................................................................... 28
4 INITIAL SWITCH CONFIGURATION.................................................................................................. 29
4.1 Configuring the Terminal .................................................................................................................. 29
4.2 Turning on the device ....................................................................................................................... 29
4.3 Startup menu.................................................................................................................................... 30
4.4 Switch operation modes................................................................................................................... 31
4.4.1 Switch operation mode selection ........................................................................................... 31
4.4.2 Switch operation in stackable mode....................................................................................... 31
4.5 Switch function configuration .......................................................................................................... 33
4.5.1 Basic switch configuration ...................................................................................................... 33
4.5.2 Security system configuration ................................................................................................ 36
4.5.3 Banner configuration .............................................................................................................. 37
5 DEVICE MANAGEMENT COMMAND LINE INTERFACE...................................................................... 38
5.1 Basic commands ............................................................................................................................... 38
5.2 Filtering of command line messages ................................................................................................ 40
5.3 Macrocommand configuration......................................................................................................... 41
5.4 System management commands ..................................................................................................... 42
5.5 Commands for configuration of password parameters ................................................................... 46
5.6 File operations .................................................................................................................................. 47
5.6.1 Command parameters description ......................................................................................... 47
5.6.2 File operation commands ....................................................................................................... 48
5.6.3 Configuration backup commands ........................................................................................... 50
5.6.4 Automatic update and configuration commands................................................................... 50
5.7 System time configuration................................................................................................................ 52
5.8 Interface and VLAN configuration .................................................................................................... 55
5.8.1 Ethernet and Port-Channel interface parameters configuration ........................................... 56
5.8.2 VLAN and interfaces switching modes configuration............................................................. 63
5.8.3 Private VLAN configuration..................................................................................................... 70
MES3000 Ethernet switch series 7
5.8.4 IP interface configuration ........................................................................................................73
5.9 Selective Q-in-Q.................................................................................................................................73
5.10 Storm control.....................................................................................................................................75
5.11 Link Aggregation Groups (LAG) .........................................................................................................76
5.11.1 Static link aggregation groups ..............................................................................................77
5.11.2 Link aggregation Control Protocol........................................................................................78
5.12 IPv4 addressing configuration ...........................................................................................................79
5.13 Green Ethernet configuration ...........................................................................................................81
5.14 IPv6 addressing configuration ...........................................................................................................82
5.14.1 IPv6 protocol.........................................................................................................................82
5.14.2 IPv6 protocol tunnelling (ISATAP).........................................................................................85
5.14.3 IPv6 RA guard configuration .................................................................................................87
5.14.4 DHCPv6 guard configuration ................................................................................................87
5.15 Protocol configuration.......................................................................................................................88
5.15.1 DNS protocol configuration ..................................................................................................88
5.15.2 ARP configuration .................................................................................................................89
5.15.3 GVRP protocol configuration................................................................................................91
5.15.4 Loopback detection mechanism (loopback-detection)........................................................93
5.15.5 STP family (STP, RSTP, MSTP) ...............................................................................................94
5.15.6 Flex-link configuration ........................................................................................................100
5.15.7 EAPS protocol .....................................................................................................................101
5.15.8 G.8032v2 (ERPS) protocol configuration ............................................................................102
5.15.9 LLDP protocol configuration ...............................................................................................103
5.15.10OAM protocol configuration...............................................................................................108
5.15.11CFM protocol configuration................................................................................................111
5.15.12Layer 2 Protocol Tunneling (L2PT) function configuration.................................................114
5.16 Voice VLAN ......................................................................................................................................117
5.17 Multicast addressing .......................................................................................................................118
5.17.1 Multicast addressing rules..................................................................................................118
5.17.2 IGMP snooping ...................................................................................................................124
5.17.3 MLD Snooping—multicast traffic control protocol for IPv6 networks...............................127
5.17.4 Multicast traffic restriction functions.................................................................................129
5.17.5 IGMP Proxy multicast routing.............................................................................................131
5.18 Control functions.............................................................................................................................133
5.18.1 AAA mechanism..................................................................................................................133
5.18.2 RADIUS protocol .................................................................................................................137
5.18.3 TACACS+ protocol...............................................................................................................139
5.18.4 Simple network management protocol (SNMP) ................................................................140
5.18.5 Remote network monitoring protocol (RMON) .................................................................144
5.18.6 Access Lists (ACL) for device management.........................................................................150
5.18.7 Access configuration...........................................................................................................152
5.19 Alarm log, SYSLOG protocol.............................................................................................................155
5.20 Port mirroring (monitoring).............................................................................................................157
5.21 SFlow function .................................................................................................................................159
5.22 Physical layer diagnostics functions ................................................................................................160
5.22.1 Copper-wire cable diagnostics............................................................................................160
5.22.2 Optical transceiver diagnostics...........................................................................................162
5.23 IP Service Level Agreements (IP SLA)...............................................................................................165
5.23.1 ICMP Echo operation..........................................................................................................166
5.23.2 UDP Jitter operation ...........................................................................................................167
5.24 Security functions............................................................................................................................170
5.24.1 Port security functions........................................................................................................170
5.24.2 Port-based client authentication (IEEE 802.1x standard)...................................................171
5.24.3 DHCP protocol management and Option 82......................................................................179
8MES3000 Ethernet switch series
5.24.4 Client IP address protection (IP-source Guard) ................................................................. 183
5.24.5 ARP management (ARP Inspection)................................................................................... 185
5.24.6 MAC Address Notification configuration........................................................................... 187
5.25 DHCP Relay mediation features...................................................................................................... 189
5.26 Lightweight DHCPv6 Relay Agent (LDRA) functions ....................................................................... 191
5.27 PPPoE Intermediate Agent configuration....................................................................................... 192
5.28 DHCP server configuration ............................................................................................................. 194
5.29 ACL Configuration (Access Control Lists) ........................................................................................ 197
5.29.1 IPv4 ACL configuration....................................................................................................... 199
5.29.2 IPv6 ACL Configuration ...................................................................................................... 202
5.29.3 MAC ACL Configuration ..................................................................................................... 205
5.30 Configuration of Protection from DoS Attacks ............................................................................... 207
5.31 Quality of Services (QoS) ................................................................................................................ 208
5.31.1 QoS Configuration.............................................................................................................. 208
5.31.2 QoS Statistics ..................................................................................................................... 216
5.32 Configuration of routing protocol .................................................................................................. 217
5.32.1 Static routing configuration............................................................................................... 217
5.32.2 RIP Configuration ............................................................................................................... 219
5.32.3 OSPF Protocol Configuration ............................................................................................. 221
5.32.4 BFD protocol configuration................................................................................................ 223
5.32.5 Configuration of Virtual Router Redundancy Protocol (VRRP).......................................... 224
6 SERVICE MENU, CHANGE OF SOFTWARE.......................................................................................227
6.1 Startup Menu.................................................................................................................................. 227
6.2 Update of software from TFTP server ............................................................................................ 228
6.2.1 System software update ....................................................................................................... 229
6.2.2 Update of loading file of the device (initial loader) .............................................................. 230
APPENDIX A SAMPLES OF USE AND CONFIGURATION OF DEVICE .......................................................232
APPENDIX B TYPICAL NETWORKS TOPOLOGIES BASED ON EAPS.........................................................238
APPENDIX C DESCRIPTION OF SWITCH PROCESSES.............................................................................240
MES3000 Ethernet switch series 9
SYMBOLS
Value
Description
[ ]
In the command line, optional parameters are shown in square brackets;
when entered, they provide additional options.
{}
In the command line, mandatory parameters are shown in curly braces.
Choose one of the listed parameters.
","
"-"
In the description of the command, these signs are used for defining ranges.
"|"
In the description of the command, this sign means 'or'.
"/"
In the description of the command, this sign indicates the default value
Calibri italic
Variables and parameters that should be replaced with the appropriate word
or string are written in Calibri Italic.
Semibold font
Notes and warnings are written in bold font.
<Semibold italic>
Keyboard keys are written in bold italic and enclosed in angle brackets.
Courier New
Examples of command entry are written in Courier New bold.
Courier New
Results of command execution are written in Courier New font in a frame
with the shadow border.
Notes and warnings
Notes contain important information, tips or recommendations on device operation and
setup.
Warnings are used to inform the user about harmful situations for the device and the
user alike, which could cause malfunction or data loss.
10 MES3000 Ethernet switch series
1INTRODUCTION
In the last few years, more and more large-scale projects are utilizing NGN concept for
communication network development. One of the main tasks in implementation of large multiservice
networks is the creation of reliable high-performance transport network, that will serve as a backbone in
multilayer architecture of next-generation networks.
For delivering high transfer rates, Gigabit Ethernet (GE) and 10Gigabit Ethernet (10GE) data transfer
technologies are widely used. High-speed data transmission, especially in large-scale networks, requires a
network topology that will allow flexible distribution of high-speed data flows.
MES3000 series switches could be used in large enterprise networks, SMB networks and operator's
networks. They provide high performance, flexibility, security and multi-tier QoS in conjunction with high
reliability provided by the backup of nodes, that enable fail-over operation—power modules and
ventilation modules.
Design versions of MES3000 series switches:
MES3124 24x10/100/1000Base-T ports, 4x10GBaseX(SFP+) or 1000Base-X(SFP) ports;
MES3124F 20x1000Base-X(SFP) ports, 4x10/100/1000Base-T/1000Base-X (SFP) combo ports,
4x10GBase-X (SFP+) or 1000Base-X (SFP) ports;
MES3116 16x10/100/1000Base-T ports, 2x10GBaseX (SFP+) or 1000Base-X (SFP) ports
MES3116F 12x1000Base-X (SFP) ports, 4x10/100/1000Base-T/1000Base-X (SFP) combo ports,
2x10GBase-X (SFP+) or 1000Base-X (SFP) ports;
MES3108 8x10/100/1000Base-T ports, 2x10GBaseX (SFP+) or 1000Base-X (SFP) ports;
MES3108F 4x1000Base-X (SFP) ports, 4x10/100/1000Base-T/1000Base-X (SFP) combo ports,
2x10GBase-X (SFP+) or 1000Base-X (SFP) ports;
MES3224 24x10/100/1000Base-T ports, 2x10GBaseX (SFP+) or 1000Base-X (SFP) ports,
2x10GBase-LR/ER/ZR (XFP) ports;
MES3224F 20x1000Base-X (SFP) ports, 4x10/100/1000Base-T/1000Base-X (SFP) combo ports,
2x10GBase-X (SFP+) or 1000Base-X (SFP) ports, 2x10GBase-LR/ER/ZR (XFP) ports.
This operation manual describes intended use, specifications, first time setup recommendations,
and the syntax of commands used for configuration, monitoring and firmware update of the switch.
MES3000 Ethernet switch series 11
2PRODUCT DESCRIPTION
2.1 Purpose
MES3000 series devices are the first-class multi-purpose network switches that operate on data-link
and network layers of the OSI model. MES3000 series switches provide high density of electric/optical
Gigabit ports, allow to combine optical and electrical connection in one device by combo interfaces, have
high-speed ports performing with rates up to 1Gbit/s and 10Gbit/s, allowing you to gradually expand the
network performance while moving from 1Gbit/s to 10Gbit/s networks as necessary.
2.2 Switch functionality
2.2.1 Basic functions
Table 2.1 lists the basic administrable functions of MES3000 series devices.
Table 2.1 —Basic device functions
HOL blocking protection
A blocking that appears when device output ports are overloaded with traffic
coming from input ports. It may lead to data transfer delays and packets loss.
Back pressure routing
support
The backpressure routing method is utilized in half-duplex connections for
management of data streams, coming from the opposite devices by collisions
creating. This method allows to avoid buffer overruns and the loss of data.
MDI/MDIX support
Automatic cable type detection—crossed or straight.
–MDI (Media-Dependent Interface—straight)—cable standard for
connection of terminal devices
–MDIX (Media-Dependent Interface with Crossover—crossed)—cable
standard for connection of hubs and switches
Jumbo frames
Enables jumbo frame transmission to minimize the amount of packets used for
data transfer. It allows to reduce service data volumes, processing time and
interrupts.
Flow control
(IEEE 802.3X)
Flow control allows to interconnect the low-speed and the high-speed devices. To
avoid buffer overrun, the low-speed device gains the ability to send PAUSE
packets, that will force the high-speed device to pause the packet transmission.
Operation in device
stack
You can combine multiple switches in a stack. In this case, switches are considered
as a single device with shared settings. There are two stack topologies—ring and
chain. In this mode all port parameters for all stacked devices could be configured
from the 'master' switch. Device stacking allows to reduce network management
efforts.
2.2.2 Functions for MAC address processing
Table 2.2 lists MAC address processing functions of MES3000 series devices.
Table 2.2 —MAC address processing functions
MAC addresses table
The switch creates a look-up table of correspondence between MAC addresses
and switch port nodes.
12 MES3000 Ethernet switch series
Learning mode
When learning is disabled, the data coming to any port will be transmitted to all
other ports of the switch. In learning mode, the switch performs analysis of the
frame, discovers sender's MAC address and adds it to the routing table.
Afterwards, Ethernet frames dedicated to the host, which MAC address has been
already added to the routing table, will be sent only to the port specified in the
table.
MAC multicast support
This function allows to perform one-to-many or many-to-many data distribution.
Thus, the frame addressed to the multicast group will be transmitted to each port
of the group.
Automatic aging for
MAC addresses
If there are no packets from the device with the specific MAC address in the
definite period of time, the record for this address expires and will be removed. It
allows to keep the switch table up to date.
Static MAC entries
Network switch allows you to define static records of MAC address matches, that
will be saved to the routing table.
MAC address
notification
MAC address notification allows to monitor the availability of the network
equipment by saving MAC address learning history.
2.2.3 Second-layer functions of OSI model correspondence
Table 2.3 lists second-layer functions and aspects (OSI Layer 2).
Table 2.3 —Second-layer functions description (OSI Layer 2)
IGMP Snooping
IGMP implementation analyzes the contents of IGMP packets and allows to
discover network devices participating in multicast groups and forward the traffic
to the corresponding ports.
MLD Snooping
MLD protocol implementation allows the device to minimize multicast IPv6 traffic.
MVR
Function that allows to redirect multicast traffic to another VLAN using IGMP
messages and to reduce the load to the uplink port. Used in III-play solutions.
Broadcast Storm Control
Broadcast storm is a multiplication of broadcast messages in each host causing
their exponential growth, that can lead to a network meltdown. MES3000 devices
has a function that restricts the transfer rate for multicast and broadcast frames
received and sent by the switch.
Port Mirroring
Port mirroring allows to duplicate the traffic for monitored ports, sending ingress
and/or egress packets to the controlling port. Switch users can define controlled
and controlling ports and select the type of traffic (ingress or egress) that will be
sent to the controlling port.
Protected ports
This function allows to assign the uplink port to the switch port. This uplink port
will receive all the traffic and provide isolation from other ports (within a single
switch) located in the same broadcast domain (VLAN).
Private VLAN Edge
This function allows to isolate the group of ports (within a single switch) located in
the same broadcast domain from each other, allowing traffic exchange with other
ports located in the same broadcast domain, but not belonging to this group.
Private VLAN
Provides isolation of devices located in the same broadcast domain within L2
network. Following port operation modes are implemented—Promiscuous,
Isolated (isolated ports cannot exchange traffic) and Community (ports can
exchange data with each other and Promiscuous port)
MES3000 Ethernet switch series 13
Spanning Tree Protocol
Spanning Tree Protocol is a network protocol that ensures loop-free network
topology by converting networks with redundant links to the tree-like structure.
Switches exchange configuration messages, using the special format frames, and
selectively enable or disable traffic transmission to ports.
IEEE 802.1w Rapid
Spanning Tree Protocol
Rapid STP (RSTP) is the enhanced version of STP protocol that enables faster
network conversion to the tree-like topology and provides higher stability.
Layer 2 Protocol
Tunneling (L2PT)
Layer 2 Protocol Tunneling (L2PT) allows forwarding L2-Protocol PDU through a
service provider network, that provides transparent connection between client
segments of the network.
EAPS protocol
EAPS (Ethernet Automatic Protection Switching) is a protocol, that allows to avoid
traffic loops in the ring topology networks and enables fast restoration of traffic
flow after the failure in the specific network section. Restoration time provided by
EAPS is far less than in case of Spanning Tree protocols.
Ethernet Ring Protection
Switching
The protocol allows to increase stability and robustness of data network with ring
topology by decreasing the restoration time after the failure. Restoration time
does not exceed 1 second, that is substantially lower than the network
reconstruction in case of spanning tree family of protocols.
VLAN support
VLAN is a group of switch ports, that form a single broadcast area (domain). To
identify packets belonging to the specific VLAN, the switch supports different
means of packet classification.
GVRP (GARP VLAN
registration)
GARP VLAN registration enables dynamic adding/removal of VLAN groups on the
switch ports. If GVRP is enabled, the switch identifies and then distributes the
VLAN inherence data to all ports that form the active topology.
Port-Based VLAN
Distribution to VLAN groups is performed by the inbound ports. This solution
allows to use only one VLAN group on each port.
IEEE 802.1Q support
IEEE 802.1Q is an open standard, that describes the traffic tagging procedure for
transfer of VLAN inherence information. It allows to use multiple VLAN groups on
one port.
Link aggregation with
LACP
LACP enables automatic aggregation of separate links between two devices
(switch-switch or switch-server) in a single data communication channel.
Protocol constantly tries to find ways for link aggregation; in case of link failure in
the aggregated channel, its traffic will be automatically redistributed to
functioning components of the aggregated channel.
LAG creation
MES3000 devices support link group creation. Link aggregation, trunking or IEEE
802.3ad is the technology that enables aggregation of multiple physical links into
one logical link. This technology allows to increase the bandwidth and reliability of
the backbone 'switch-switch' or 'switch-server' channels. There are three types of
balancing—based on MAC addresses, IP addresses and the destination port
(socket).
LAG group contains ports with the same speed, operating in full-duplex mode.
Auto Voice VLAN
support
Allows to identify voice traffic by OUI (Organizationally Unique Identifier—first 24
bits of MAC address). If MAC address with VoIP gateway or IP phone OUI exists in
the MAC table of the switch, this port will be automatically added to voice VLAN
(identification by SIP protocol or destination MAC address is not supported).
Selective Q-in-Q
Allows to assign external VLAN SPVLAN (Service Provider's VLAN) based on
configured filtering rules by internal VLAN numbers (Customer VLAN). Selective
Q-in-Q allows to break down subscriber's traffic into several VLANs, change
SPVLAN tag for the packet in the specific network section.
14 MES3000 Ethernet switch series
2.2.4 Third-layer functions of OSI model
Table 2.4 lists third-layer functions (OSI Layer 3).
Table 2.4 —Third-layer functions description (OSI Layer 3)
BootP and DHCP clients
(Dynamic Host
Configuration Protocol)
MES3000 devices can obtain IP address automatically via BootP/DHCP.
Static IP routes
Administrator of the switch can add or remove static records into/from the
routing table.
ARP
(Address Resolution
Protocol)
ARP establishes match between the IP address and the physical address of the
device. The match is established on the basis of the network host response
analysis; host address is requested with the broadcast packet.
RIP
(Routing Information
Protocol)
Dynamic routing protocol that allows routers to get new routing information from
the neighboring routers. This protocol provides optimum route detection on the
basis of hops count data.
IGMP Proxy
IGMP Proxy is a function for simplified routing of multicast data between
networks. IGMP is used for routing management.
OSPF protocol
Dynamic routing protocol is based on link-state technology and uses Dijkstra's
shortest path algorithm.OSPF protocol distributes information on available routes
between routers in a single stand-alone system.
VRRP
VRRP is designed for reservation of routers acting as a default gateway. This is
performed by aggregation of router group IP interfaces into single virtual
interface, that will be used as a default gateway for computers in the network.
2.2.5 QoS functions
Table 2.5 lists the basic quality of service functions.
Table 2.5 —Basic quality of service functions
Priority queues support
The switch supports outbound traffic prioritization with queues for each port.
Packet distribution to queues may be performed via packet classification by
various fields in packet headers.
IEEE 802.1p class of
service support
IEEE 802.1p standard specifies frame priority definition method and algorithm of
priority usage for timely delivery of delay-critical traffic. 802.1p standard defines 8
priority levels. MES3000 switches can use 802.1p priority value for frame
distribution between priority queues.
2.2.6 Security functions
Table 2.6 —Security functions
DHCP Snooping
Switch function designed for protection from DHCP attacks. Enables filtering of
DHCP messages coming from untrusted ports by building and maintaining DHCP
snooping binding database. DHСP snooping performs firewall function between
untrusted ports and DHCP servers.
MES3000 Ethernet switch series 15
DHCP Option 82
Option that allows to inform DHCP server about DHCP relay and port of incoming
request.
By default, the switch with DHCP snooping function enabled identifies and drops
all DHCP requests with Option 82 if they were received via untrusted port.
UDP relay
Broadcast UDP traffic forwarding to the specified IP address.
DHCP server functions
DHCP server performs centralized management of network addresses and
corresponding configuration parameters and automatically provides them to
subscribers.
IP Source Address Guard
Switch function restricts IP traffic and filters it according to the match table from
DHCP snooping binding database and static configured IP addresses. This function
allows to prevent IP address spoofing.
Dynamic ARP Inspection
(Protection)
Switch function is designed for protection from ARP based attacks. The switch
checks if the IP address in the body of received ARP packet on trusted port
matches the IP address of the sender.
If these addresses do not match, the switch drops this packet.
L2 –L3 –L4 ACL (Access
Control List)
Using information contained in headers of level 2, 3 ,4, the administrator can
configure rules for processing or dropping packets.
Time-Based ACL
Allows to configure the timeperiod for ACL operation.
Blocked ports support
Main function of blocking is to improve the network security; access to the switch
port will be granted only to those devices, whose MAC addresses have been
assigned for this port.
Port-based
authentication (IEEE
802.1x)
IEEE 802.1x authentication mechanism manages access to resources through the
external server. Authorized users will gain access to the selected network
resources.
2.2.7 Switch control functions
Table 2.7 —Switch control functions
Configuration file
download and upload
Device parameters are saved into the configuration file that contains configuration
data for the specific device ports as well as for the whole system.
Trivial File Transfer
Protocol
TFTP protocol is used for file read and write operations. Protocol is based on UDP.
MES3000 devices are able to download and transfer configuration files and
firmware images via this protocol.
SCP (Secure Copy
protocol)
SCP is used for file read and write operations. Protocol is based on SSH network
protocol.
Devices are able to download and transfer configuration files and firmware images
via this protocol.
Remote monitoring
(RMON)
Remote monitoring (RMON)—extension of SNMP, that performs the monitoring of
computer networks. Compatible devices gather diagnostics data using the
network management station. RMON is the standard MIB database that contains
actual and historic MAC level statistics and control objects providing real-time
data.
16 MES3000 Ethernet switch series
SNMP
SNMP is used for monitoring and management of network devices. For system
access control purpose, the community record list is defined, where each record
contains access privileges.
Command line interface
MES3000 switches CLI management is performed locally via serial port RS-232 or
remotely via telnet, SSH. Console command line interface (CLI) is the industrial
standard. CLI interpreter contains the list of commands and keywords that will
help the user and reduce the amount of input data.
SYSLOG
Syslog is a protocol designed for transmission of system event messages and error
notifications to remote servers.
SNTP
(Simple Network Time
Protocol)
SNTP is a network time synchronization protocol; it allows to perform time
synchronization of the network device with the server with accuracy up to 1ms.
Traceroute
Traceroute is a service function that allows to display data transfer routes in IP
networks.
Controlled access
management—privilege
levels
Administrator can define privilege levels for users of the device and settings for
each privilege level (read-only—level 1, full access—level 15).
Management interface
blocking
The switch can block access to each management interface (SNMP, CLI). Blocking
can be set independently for each type of access:
Telnet (CLI over Telnet session)
Secure Shell (CLI over SSH)
SNMP
Local authentication
Passwords can be stored in the switch database for local authentication.
IP address filtering for
SNMP
Access via SNMP is allowed only for specific IP addresses, that are the part of
SNMP community.
RADIUS client
RADIUS protocol is used for authentication, authorization and accounting. RADIUS
server operates with the user database, that contains authentication data for each
user. MES3000 switches contain client part of the RADIUS protocol.
TACACS+
(Terminal Access
Controller Access Control
System)
Device supports client authentication with TACACS+ protocol. TACACS+ protocol
provides centralized security system for authentication of users, gaining access to
the device, and centralized management system, while ensuring compatibility with
RADIUS and other authentication processes.
SSH server
SSH server functionality allows SSH client to establish secure connection to the
device for management purposes.
Macrocommand
support
This function allows to create macrocommands—command sets—and apply them
for device configuration.
2.2.8 Additional functions
Table 2.8 lists the additional device functions.
MES3000 Ethernet switch series 17
Table 2.8 —Additional device functions
Virtual Cable Test
MES3000 network switches are equipped with the hardware and software tools,
that allow them to perform functions of a virtual cable tester—VCT. The tester
allows to determine the condition of the copper-wire communication cable
(ok/break/short-circuit) and to measure the length of the fault-free cable. Test
results are compiled into the report.
Optical transceiver
diagnostics
The device allows to test the optical transceiver. During testing, the device
monitors the current, power voltage and transceiver temperature. To be
implemented, these features should be supported by the transceiver.
Green Ethernet
This mechanism allows the switch to reduce the power consumption by disabling
inactive electric ports.
IP SLA
Active monitoring technology used for measuring network performance and data
transmission quality. Supported operations: ICMP Echo, UDP Jitter.
2.3 Main specifications
Table 2.9 lists main specifications of the switch.
Table 2.9 —Main specifications
General parameters
Packet processor
Marvell 98DX4122
Interfaces
MES3108
8x10/100/1000Base-T
2x(10GBase-X (SFP+)/1000Base-X (SFP)
MES3108F
4x1000 Base-X (SFP)
4xCombo (10/100/1000Base-T/1000Base-X)
2x(10G Base-X (SFP+)/1000Base-X (SFP))
MES3116
16x10/100/1000Base-T
2x(10GBase-X (SFP+)/1000Base-X (SFP)
MES3116F
12x1000 Base-X (SFP)
4xCombo (10/100/1000Base-T/1000Base-X)
2x(10G Base-X (SFP+)/1000Base-X (SFP))
MES3124
24x10/100/1000Base-T
4x(10GBase-X (SFP+)/1000Base-X (SFP))
MES3124F
20x1000 Base-X (SFP)
4xCombo (10/100/1000Base-T/1000Base-X)
4x(10G Base-X (SFP+)/1000Base-X (SFP))
MES3224
24x10/100/1000Base-T,
2x(10GBase-X (SFP+)/1000Base-X (SFP)),
2x(10GBase-LR/ER/ZR (XFP))
MES3224F
20x1000 Base-X(SFP),
4 Combo (10/100/1000 Base-T/1000 Base-X),
2 (10GBase-X(SFP+)/1000Base-X (SFP),
2x(10GBase-LR/ER/ZR (XFP))
Optical transceivers
MES3100
SFP, SFP+
MES3200
SFP, SFP+, XFP
Full-duplex/Half-duplex mode
Full-duplex/half-duplex mode for electric ports, full-duplex mode for
optical ports
Switch performance
128 Gbps
Buffer memory
12 Mb
18 MES3000 Ethernet switch series
Data transfer rate
electric interfaces 10/100/1000 Mbps
optical interfaces 1/10 Gbps
Table of MAC addresses
16,000 records (some MAC addresses are reserved by the system)
TCAM routing volume
for routing: 3272x24В
for the processing of traffic tasks: 2048x24B
SQinQ rules qty
Ingress: 980
Egress: 140
ACL rules qty
1012
VLAN support
up to 4K active VLANs according to IEEE 802.1Q
Quality of Services (QoS)
Traffic priority, 8 tiers
8 output queues with different priorities for each port
Multicast
up to 1024 static multicast groups
ACL quantity
1024
General quantity of rules in ACL
up to 2048
Quantity of L3 interfaces
512
LAG
12 groups, up to 8 ports per group
MSTP instances qty
64
Jumbo frames
Max. packet size 10K
Stacking
Up to 8 devices
Compliance
IEEE 802.3 10BASE-T Ethernet
IEEE 802.3u 100BASE-T Fast Ethernet
IEEE 802.3ab 1000BASE-T Gigabit Ethernet
IEEE 802.3z Fiber Gigabit Ethernet
ANSI/IEEE 802.3 Speed auto detection
IEEE 802.3x Data flow control
IEEE 802.3ad LACP link aggregation
IEEE 802.1p Priority of traffic
IEEE 802.1q VLAN virtual local networks
IEEE 802.1v
IEEE 802.3 ac
IEEE 802.1d STP spanning tree
IEEE 802.1w RSTP rapid spanning tree
IEEE 802.1s MSTP multiple spanning tree
IEEE 802.1x User authentication
Control
Local control
SNMP, CLI
Remote control
TELNET, SSH, WEB
Physical specifications and ambient conditions
Power supply
AC: 220V+-20%, 50Hz
DC: -36 .. - 72V
Power options:
- Single AC or DC power supply
- Two AC or DC power supplies with hot swapping
Power consumption
50W max.
Weight
3.6kg max.
Dimensions
430x44x265mm
Operating temperature range
from -10 to +45оС
Storage temperature range
from -40 to +70оС
Operation relative humidity (non-
condensing)
up to 80%
Storage relative humidity (non-
from 10% to 95%
MES3000 Ethernet switch series 19
condensing)
Average lifetime
20 years
Power supply type is determined at the time of order.
2.4 Design
This section describes the design of devices. Depicted front, rear and side panels of the device,
connectors, LED indicators and controls.
MES3000 series Ethernet switches enclosed in a metal case available for 19” form-factor rack-
mount, case height 1U.
2.4.1 Front panel of the device
Front panel layout MES3108, MES3108F, MES3116, MES3116F, MES3124, MES3124F, MES3224,
MES3224F is depicted in Fig. 1-8.
Fig. 1—MES3108, front panel
Fig. 2—MES3108F, front panel
Fig. 3—MES3116, front panel
The combined ports may have only one active interface at the same time. In case of
simultaneous connections, the interface with SFP transceiver will be active.
20 MES3000 Ethernet switch series
Fig. 4—MES3116F, front panel
Fig. 5—MES3124, front panel
Fig. 6—MES3124F, front panel
Fig. 7—MES3224, front panel
Fig. 8—MES3224F, front panel
Table 2.10 lists sizes, LEDs and controls located on the front panel of the switch.
This manual suits for next models
7
Table of contents
Other ELTEX Switch manuals
Popular Switch manuals by other brands
NETGEAR
NETGEAR GSM7224 - Switch Specifications
NETGEAR
NETGEAR GS748T - ProSafe Smart Switch Software administration manual
Vigitron
Vigitron MaxiiNet Vi32226 Operational manual
Airmar
Airmar SB646 Owner's guide & installation instructions
Targus
Targus ACH112US user guide
Austin Hughes
Austin Hughes Mini IP KVM user manual
