TP-LINK TL-SG2210P User's Guide

TL-SG2210P/TL-SG2216/TL-SG2424/ TL-SG2424P/TL-SG2452 Gigabit Smart Switch REV1.3.0 1910011016

Chapter 1 About this Guide This User Guide contains information for setup and management of TL-SG2210P/TL-SG2216/ TL-SG2424/TL-SG2424P/TL-SG2452 Gig

Application Example for Multicast VLAN:  Network Requirements Multicast source sends multicast streams via the router, and the streams are transmit

 Network Diagram  Configuration Procedure Step Operation Description 1 Create VLANs Create three VLANs with the VLAN ID 3, 4 and 5 respectiv

8.2.1 Multicast IP Table On this page you can view the multicast IP table on the switch. Choose the menu Multicast→Multicast IP→Multicast IP Tabl

Figure 8-9 Static Multicast IP Table The following entries are displayed on this screen:  Create Static Multicast Multicast IP: Enter static mult

port. If the port can be added to the multicast group, it will be added to the multicast address table; if the port can not be added to the multicast

Figure 8-11 Port Filter The following entries are displayed on this screen:  Port Filter Config Port Select: Click the Select button to quick-sel

Step Operation Description 1 Configure IP-Range Required. Configure IP-Range to be filtered on Multicast→Multicast Filter→IP-Range page. 2 Config

Query Packet: Displays the number of query packets the port received. Report Packet (V1): Displays the number of IGMPv1 report packets the port rec

Chapter 9 QoS QoS (Quality of Service) functions to provide different quality of service for various network applications and requirements and optim

2. 802.1P Priority Figure 9-2 802.1Q frame As shown in the figure above, each 802.1Q Tag has a Pri field, comprising 3 bits. The 3-bit priority f

Chapter Introduction Chapter 3 Login to the Switch Introduces how to log on to the Web management page. Chapter 4 System This module is used to co

Figure 9-4 SP-Mode 2. WRR-Mode: Weight Round Robin Mode. In this mode, packets in all the queues are sent in order based on the weight value for ea

4. Equ-Mode: Equal-Mode. In this mode, all the queues occupy the bandwidth equally. The weight value ratio of all the queues is 1:1:1:1. The QoS modu

Configuration Procedure: Step Operation Description 1 Select the port priority Required. On QoS→DiffServ→Port Priority page, configure the port

9.1.2 802.1P/CoS mapping On this page you can configure the mapping relation between the 802.1P priority tag-id/CoS-id and the TC-id. 802.1P gives th

Step Operation Description 2 Select a schedule mode Required. On QoS→DiffServ→Schedule Mode page,, select a schedule mode. 9.1.3 DSCP Priority On

Configuration Procedure: Step Operation Description 1 Configure the mapping relation between the DSCP priority and 802.1P priority Required. On Qo

Configuration Procedure: Step Operation Description 1 Configure the mapping relation between the DSCP priority and 802.1P priority Required. On Qo

9.2 Bandwidth Control Bandwidth function, allowing you to control the traffic rate and broadcast flow on each port to ensure network in working orde

Egress Rate(bps): Configure the bandwidth for sending packets on the port. You can select a rate from the dropdown list or select "Manual"

The following entries are displayed on this screen:  Storm Control Config Port Select: Click the Select button to quick-select the corresponding po

Chapter Introduction Chapter 9 QoS This module is used to configure QoS function to provide different quality of service for various network applic

The following entries are displayed on this screen:  Storm Control Config Port Select: Click the Select button to quick-select the corresponding p

Number OUI Address Vendor 5 00-d0-1e-00-00-00 Pingtel phone 6 00-e0-75-00-00-00 Polycom phone 7 00-e0-bb-00-00-00 3com phone Table 9-1 OUI addres

Security Mode Packet Type Processing Mode UNTAG packet Packet with voice VLAN TAG When the source MAC address of the packet is the OUI address th

9.3.2 Port Config Before the voice VLAN function is enabled, the parameters of the ports in the voice VLAN should be configured on this page. Choose

LAG: Displays the LAG number which the port belongs to. 9.3.3 OUI Config The switch supports OUI creation and adds the MAC address of the special vo

Step Operation Description 2 Create VLAN Required. On VLAN→802.1Q VLAN→VLAN Config page, click the Create button to create a VLAN. 3 Add OUI ad

Chapter 10 ACL 10.1 ACL Config An ACL may contain a number of rules, and each rule specifies a different package range. Packets are matched in match

Figure 10-2 ACL Create The following entries are displayed on this screen:  Create ACL ACL ID: Enter ACL ID of the ACL you want to create. Rule O

D-MAC: Enter the destination MAC address contained in the rule. MASK: Enter MAC address mask. If it is set to 1, it must strictly match the address

Figure 10-5 Create Extend-IP Rule The following entries are displayed on this screen:  Create Extend-IP ACL ACL ID: Select the desired Extend-IP

Chapter Introduction Chapter 14 Maintenance This module is used to assemble the commonly used system tools to manage the switch. Here mainly introd

10.2.1 Policy Summary On this page, you can view the ACL and the corresponding operations in the policy. Choose the menu ACL→Policy Config→Policy Su

10.2.3 Action Create On this page you can add ACLs for the policy. Choose the menu ACL→Policy Config→Action Create to load the following page. Figu

 Policy Bind Table Select: Select the desired entry to delete the corresponding binding policy.Index: Displays the index of the binding policy. P

Figure 10-11 Bind the policy to the VLAN The following entries are displayed on this screen:  VLAN-Bind Config Policy Name: Select the name o

3. The staff of the marketing department can access to the Internet but can not visit the forum. 4. The R&D department and marketing department

Step Operation Description 2 Configure for requirement 2 and 4 On ACL→ACL Config→ACL Create page, create ACL 100. On ACL→ACL Config→Standard-IP A

Chapter 11 PoE Note: Only TL-SG2210P and TL-SG2424P support PoE function. PoE (Power over Ethernet) technology describes a system to transmit electr

When the power exceeds the maximum power limit or the power is inadequate to power the device, the switch may disconnect the power supply to the PD l

Power Limit (0.1w-15.4w): Defines the max power the corresponding port can supply. Class1 represents 4w, Class2 represents 7w and Class3 represents 1

 Port Config Port Select: Click the Select button to quick-select the corresponding entry based on the port number you entered. Select: Select th

Chapter 2 Introduction Thanks for choosing the TL-SG2210P/TL-SG2216/TL-SG2424/TL-SG2424P/TL-SG2452 Gigabit Smart Switch! 2.1 Overview of the Switch

Figure 11-3 Profile Config The following items are displayed on this screen:  Create PoE Profile Profile Name: Enter the name of the profile. P

supply power; configure a week time section to make the port supply based on this time range on the fixed days of the week; configure a holiday secti

Figure 11-5 Time-Range Create Note: To successfully configure time-ranges, please firstly specify time-slices and then time-ranges. The following

Choose the menu PoE→PoE Time-Range→PoE Holiday Create to load the following page. Figure 11-6 Holiday Configuration The following entries are displa

Chapter 12 SNMP  SNMP Overview SNMP (Simple Network Management Protocol) has gained the most extensive application on the UDP/IP networks. SNMP pr

normally. You can select the management mode with proper security level according to your actual application requirement. SNMP v1: SNMP v1 adopts C

3. Create SNMP User The User configured in a SNMP Group can manage the switch via the client program on management station. The specified User Name a

Note: The amount of Engine ID characters must be even. 12.1.2 SNMP View The OID (Object Identifier) of the SNMP packets is used to describe the mana

12.1.3 SNMP Group On this page, you can configure SNMP Group to control the network access by providing the users in various groups with different m

Write View: Select the View to be the Write View. The management access iswriting only and changes can be made to the assigned SNMPView. The View de

The following parts are located on the front panel of TL-SG2210P:  Reset: Press this button for five seconds or above to reset the software setting

The following entries are displayed on this screen:  User Config User Name: Enter the User Name here. User Type: Select the type for the User. 

12.1.5 SNMP Community SNMP v1 and SNMP v2c adopt community name authentication. The community name can limit access to the SNMP agent from SNMP netw

Configuration Procedure:  If SNMPv3 is employed, please take the following steps: Step Operation Description 1 Enable SNMP function globally. Re

12.2 Notification With the Notification function enabled, the switch can initiatively report to the management station about the important events tha

Type: Select the type for the notifications.  Trap: Indicates traps are sent.  Inform: Indicates informs are sent. The Inform type has a higher

RMON Group Function History Group After a history group is configured, the switch collects and records network statistics information periodically,

Status: Select Enable/Disable the corresponding sampling entry. 12.3.2 Event Config On this page, you can configure the RMON events. Choose the men

12.3.3 Alarm Config On this page, you can configure Statistic Group and Alarm Group for RMON. Choose the menu SNMP→RMON→Alarm Config to load the fol

 Rising: When the sampled value exceeds the Rising Threshold, an alarm event is triggered.  Falling: When the sampled value is under the Fallin

Chapter 13 LLDP Note: Only TL-SG2210P and TL-SG2424P support LLDP function. LLDP (Link Layer Discovery Protocol) is a Layer 2 protocol that is used

The front panel of TL-SG2424 is shown as Figure 2-3. Figure 2-3 Front Panel of TL-SG2424 The front panel of TL-SG2424P is shown as Figure 2-4. Fig

or to allow the port to both transmit and receive LLDPDUs. Four LLDP admin statuses are supported by each port.  Tx&Rx: the port can both trans

The following table shows the details about the currently defined TLVs. TLV type TLV Name Description Usage in LLDPDU 0 End of LLDPDU Mark the e

Note: For detailed introduction of TLV, please refer to IEEE 802.1AB standard and ANSI/TIA-1057. In TP-LINK switch, the following LLDP optional TLV

The LLDP module is mainly for LLDP function configuration of the switch, including three submenus: Basic Config, Device Info, Device Statistics and L

Fast Start Times: When the port's LLDP state transforms from Disable (or Rx_Only) to Tx&Rx (or Tx_Only), the fast start mechanism will be e

13.2 Device Info You can view the LLDP information of the local device and its neighbors on the Local Info and Neighbor Info pages respectively. 13.

Refresh Rate: Specify the auto refresh rate.  Local Info Enter the desired port number and click Select to display the information of the corres

Figure 13-5 LLDP Statistic Information The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the auto re

based on the port number you entered. Port: Displays local device's port number. Transmit Total: Displays the number of LLDPDUs sent by this p

Extended Power-Via-MDI TLV The Extended Power-Via-MDI TLV is intended to enable advanced power management between LLDP-MED Endpoint and Network Conne

Name Status Indication On The switch is working abnormally. Flashing The switch is working normally. System Off The switch is working abnor

Figure 13-7 LLDP-MED Port Configuration The following entries are displayed on this screen:  LLDP-MED Port Config Port Select: Select the desired

 Included TLVs Select TLVs to be included in outgoing LLDPDU.  Location Identification Parameters Configure the Location Identification TLV&apos

Figure 13-8 LLDP-MED Local Information The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the auto re

Figure 13-9 LLDP-MED Neighbor Information The following entries are displayed on this screen:  Auto Refresh Auto Refresh: Enable/Disable the auto

Chapter 14 Maintenance Maintenance module, assembling the commonly used system tools to manage the switch, provides the convenient method to locate

14.1.2 Memory Monitor Choose the menu Maintenance→System Monitor→Memory Monitor to load the following page. Figure 14-2 Memory Monitor Click the Mo

Table 14-1 Log Level The Log function is implemented on the Log Table, Local Log, Remote Log and Backup Log pages. 14.2.1 Log Table The switch suppo

14.2.2 Local Log Local Log is the log information saved in switch. By default, all system logs are saved in log buffer and the logs with severities

Figure 14-5 Log Host The following entries are displayed on this screen:  Log Host Index: Displays the index of the log host. The switch supports

 Backup Log Backup Log: Click the Backup Log button to save the log as a file to your computer. Note: It will take a few minutes to backup the l

Name Status Indication On The remaining PoE power≤7W. Flashing The remaining PoE power keeps ≤7W after this LED is on for 2 minutes. PoE Max Off

14.3.2 Loopback Loopback test function, looping the sender and the receiver of the signal, is used to test whether the port of the switch is availab

Figure 14-9 Ping The following entries are displayed on this screen:  Ping Config Destination IP: Enter the IP address of the destination node fo

The following entries are displayed on this screen:  Tracert Config Destination IP: Enter the IP address of the destination device. Max Hop:

Appendix A: Specifications IEEE802.3 10Base-T Ethernet IEEE802.3u 100Base-TX/100Base-FX Fast Ethernet IEEE802.3ab 1000Base-T Gigabit Ethernet IEEE802

Appendix B: Configuring the PCs In this section, we’ll introduce how to install and configure the TCP/IP correctly in Windows 2000. First make sure y

177 5) The following TCP/IP Properties window will display and the IP Address tab is open on this window by default. Figure B-3 6) Select Use the fo

Appendix C: Glossary Boot Protocol (BOOTP) BOOTP is used to provide bootup information for network devices, including IP address information, the add

Internet Group Management Protocol (IGMP) A protocol through which hosts can register with their local router for multicast services. If there is mor

180 Remote Authentication Dial-in User Service (RADIUS) RADIUS is a logon authentication protocol that uses software running on a central server to c

 Power Socket: Connect the female connector of the power cord here, and the male connector to the DC power outlet. Please make sure the voltage of

COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-LINK TECHNOLOGIES CO., LTD. Other

Chapter 3 Login to the Switch 3.1 Login 1) To access the configuration utility, open a web-browser and type in the default address http://192.168.0

Figure 3-3 Main Setup-Menu Note: Clicking Apply can only make the new configurations effective before the switch is rebooted. If you want to keep t

Chapter 4 System The System module is mainly for system configuration of the switch, including four submenus: System Info, User Management, System T

When the cursor moves on the port, the detailed information of the port will be displayed. Figure 4-2 Port Information  Port Info Port: Displays

Figure 4-4 Device Description The following entries are displayed on this screen:  Device Description Device Name: Enter the name of the switch.

 Time Config Manual: When this option is selected, you can set the date and time manually. Get Time from NTP Server: When this option is selected,

Predefined Mode: Select a predefined DST configuration.  USA: Second Sunday in March, 02:00 ~ First Sunday in November, 02:00.  Australia: First

The following entries are displayed on this screen:  IP Config MAC Address: Displays MAC Address of the switch. IP Address Mode: Select the mode

Figure 4-8 User Table 4.2.2 User Config On this page you can configure the access level of the user to log on to the Web management page. The switch

Confirm Password: Retype the password. Password Display Mode:  Simple: Select a simple password display mode.  Cipher: Select a cipher passwor

IV Safety Information  When product has power button, the power button is one of the way to shut off the product; When there is no power button

Note: 1. It will take a few minutes to restore the configuration. Please wait without any operation. 2. To avoid any damage, please don’t power dow

Figure 4-12 Firmware Upgrade Note: 1. Don’t interrupt the upgrade. 2. Please select the proper software version matching with your hardware to upg

Figure 4-14 System Reset Note: After the system is reset, the switch will be reset to the default and all the settings will be cleared. 4.4 Access

The following entries are displayed on this screen:  Access Control Config Control Mode: Select the control mode for users to log on to the Web ma

default the switch has a certificate (self-signed certificate) and a corresponding private key. The Certificate/Key Download function enables the use

4. It may take more time for https connection than that for http connection, because https connection involves authentication, encryption and decryp

Idle Timeout: Specify the idle timeout time. The system will automatically release the connection when the time is up. The default time is 120 secon

2. Click the Open button in the above figure to log on to the switch. Enter the login user name and password, and then you can continue to configure

Note: 1. The key length is in the range of 256 to 3072 bits. 2. During the key generation, randomly moving the mouse quickly can accelerate the key

Note: 1. The key type should accord with the type of the key file. 2. The SSH key downloading can not be interrupted. 4. After the public key and p

CONTENTS Package Contents...1

32 After successful authentication, please enter the login user name. If you log on to the switch without entering password, it indicates that the k

Chapter 5 Switching Switching module is used to configure the basic functions of the switch, including five submenus: Port, LAG, Traffic Monitor, MA

Description: Give a description to the port for identification. Status: Allows you to Enable/Disable the port. When Enable is selected,the port can

The following entries are displayed on this screen.  Mirror Group List Group: Displays the mirror group number. Mirroring: Displays the mirroring

 Mirrored Port Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select t

Figure 5-4 Port Security The following entries are displayed on this screen:  Port Security Select: Select the desired port for Port Security con

5.1.4 Port Isolation Port Isolation provides a method of restricting traffic flow to improve the network security by forbidding the port to forward p

5.1.5 Loopback Detection With loopback detection feature enabled, the switch can detect loops using loopback detection packets. When a loop is detect

 Port Config Port Select: Click the Select button to quick-select the corresponding port based on the port number you entered. Select: Select the

Tips: 1. Calculate the bandwidth for a LAG: If a LAG consists of the four ports in the speed of 1000Mbps Full Duplex, the whole bandwidth of the LA

5.1.1 Port Config ...33 5.1.2 Port Mirror ...

Operation: Allows you to view or modify the information for each LAG.  Edit: Click to modify the settings of the LAG.  Detail: Click to get the

Description: Displays the description of the LAG.  Member Port Member Port: Select the port as the LAG member. Clearing all the ports ofthe LAG w

Figure 5-10 LACP Config The following entries are displayed on this screen:  Global Config System Priority: Specify the system priority for the s

Mode: Specify LACP mode for your selected port. Status: Enable/Disable the LACP feature for your selected port. LAG: Displays the LAG number which

Port: Displays the port number. Packets Rx: Displays the number of packets received on the port. The errorpackets are not counted in. Packets T

 Statistics Port: Enter a port number and click the Select button to view the traffic statistics of the corresponding port. Received: Displays th

switch to reduce broadcast packets and enhance the efficiency of packets forwarding remarkably. The address filtering feature allows the switch to fi

Port: Select the corresponding port number of your desired entry. Type: Select the type of your desired entry.  All: This option allows the addr

The following entries are displayed on this screen:  Create Static Address MAC Address: Enter the static MAC Address to be bound. VLAN ID: En

Figure 5-15 Dynamic Address The following entries are displayed on this screen:  Aging Config Auto Aging: Allows you to Enable/Disable the Auto A

8.1.1 Snooping Config ...86 8.1.2 Port Config ...

Tips: Setting aging time properly helps implement effective MAC address aging. The aging time that is too long or too short results decreases the pe

 Filtering Address Table Select: Select the entry to delete the corresponding filtering address. It is multi-optional. MAC Address: Displays the

Figure 5-17 Network diagram of DHCP For different DHCP clients, DHCP server provides three IP address assigning methods: (1) Manually assign the IP

addresses and replies to the client with DHCP-OFFER packet carrying the IP address and other information. （3） DHCP-REQUEST Stage: In the situation t

56 the network from the DHCP Server Cheating Attack by discarding the DHCP packets on the distrusted port, so as to enhance the network security. Cho

Chapter 6 VLAN The traditional Ethernet is a data network communication technology based on CSMA/CD (Carrier Sense Multiple Access/Collision Detect)

6.1 802.1Q VLAN VLAN tags in the packets are necessary for the switch to identify packets of different VLANs. The switch works at the data link laye

 PVID PVID (Port VLAN ID) is the default VID of the port. When the switch receives an un-VLAN-tagged packet, it will add a VLAN tag to the packet a

Figure 6-3 VLAN Table To ensure the normal communication of the factory switch, the default VLAN of all ports is set to VLAN1. The following entries

Port: Displays the port number. Untagged: The port will be an untagged member of the specific VLAN if you select it. Tagged: The port will b

10.3.2 Port Binding ...124 10.3.3 VLAN Binding...

 Configure Switch B Step Operation Description 1 Configure the Link Type of the ports Required. On VLAN→802.1Q VLAN→VLAN Config page, configure t

Chapter 7 Spanning Tree STP (Spanning Tree Protocol), subject to IEEE 802.1D standard, is to disbranch a ring network in the Data Link layer in a lo

Figure 7-1 Basic STP diagram  STP Timers Hello Time: Hello Time ranges from 1 to 10 seconds. It specifies the interval to send BPDU packets. It

 Comparing BPDUs Each switch sends out configuration BPDUs and receives a configuration BPDU on one of its ports from another switch. The followi

 The condition for the root port to transit its port state rapidly: The old root port of the switch stops forwarding data and the designated port o

Figure 7-2 Basic MSTP diagram  MSTP MSTP divides a network into several MST regions. The CST is generated between these MST regions, and multiple

Figure 7-3 Port roles The Spanning Tree module is mainly for spanning tree configuration of the switch, including four submenus: STP Config, Port Co

The following entries are displayed on this screen:  Global Config STP: Select Enable/Disable STP function globally on the switch. Version: Selec

7.1.2 STP Summary On this page you can view the related parameters for Spanning Tree function. Choose the menu Spanning Tree→STP Config→STP Summary t

Figure 7-6 Port Config The following entries are displayed on this screen:  Port Config Port Select: Click the Select button to quick-select the

VII 14.1 System Monitor...166 14.1.1 CPU Moni

Port Role: Displays the role of the port played in the STP Instance.  Root Port: Indicates the port that has the lowest path cost from this bridge

Figure 7-7 Region Config The following entries are displayed on this screen:  Region Config Region Name: Create a name for MST region identificat

The following entries are displayed on this screen:  Instance Table Instance ID Select: Click the Select button to quick-select the corresponding

Figure 7-9 Instance Port Config The following entries are displayed on this screen:  Port Config Instance ID: Select the desired instance ID for

Step Operation Description 1 Make clear roles the switches play in spanning tree instances: root bridge or designated bridge Preparation. 2 Global

To avoid this, MSTP provides root protect function. Ports with this function enabled can only be set as designated ports in all spanning tree instanc

Figure 7-10 Port Protect The following entries are displayed on this screen:  Port Protect Port Select: Click the Select button to quick-select t

Choose the menu Spanning Tree→STP Security→TC Protect to load the following page. Figure 7-11 TC Protect The following entries are displayed on this

 Configuration Procedure  Configure Switch A: Step Operation Description 1 Configure ports On VLAN→802.1Q VLAN page, configure the link type

 Configure Switch C: Step Operation Description 1 Configure ports On VLAN→802.1Q VLAN page, configure the link type of the related ports as Tagg

Package Contents The following items should be found in your box:  One Gigabit Smart Switch  One power adapter (for TL-SG2210P) One power cord (f

 The topology diagram of the two instances after the topology is stable  For Instance 1 (VLAN101, 103 and 105), the red paths in the following

Chapter 8 Multicast  Multicast Overview In the network, packets are sent in three modes: unicast, broadcast and multicast. In unicast, the source

4. Real time is highly demanded and certain packets drop is allowed.  Multicast Address 1. Multicast IP Address: As specified by IANA (Internet Ass

VLAN ID Multicast IP Port Figure 8-3 Multicast Address Table  IGMP Snooping In the network, the hosts apply to the near router for joining (leavin

it will be added to the multicast address table with its member port time specified; if the receiving port is already a member port, its member port

Figure 8-4 Basic Config The following entries are displayed on this screen:  Global Config IGMP Snooping: Select Enable/Disable IGMP Snooping fun

Figure 8-5 Port Config The following entries are displayed on this screen:  Port Config Port Select: Click the Select button to quick-select the

Figure 8-6 VLAN Config The following entries are displayed on this screen:  VLAN Config VLAN ID: Enter the VLAN ID to enable IGMP Snooping for th

Router Port: Displays the router port of the VLAN. Note: The settings here will be invalid when multicast VLAN is enabled Configuration procedure: S

The following entries are displayed on this screen:  Multicast VLAN Multicast VLAN: Select Enable/Disable Multicast VLAN feature. VLAN ID: Enter