1 of 100

EWS User Manual

EWS Series User Manual

IMPORTANT

To install this device, please refer to the Quick Installation Guide included in the product packaging.

Product Overview

Introduction

The EnGenius EWS Series of wireless management switches is an affordable centralized wired/wireless management system developed specifically for entry-level small-to-medium businesses. This powerful device can be easily deployed and operated by non-tech experts and installed effortlessly and quickly. Any organization with a limited IT team and budget can create a stable and secure wireless network in no time. The system integrates seamlessly with existing routers, switches, firewalls, authentication servers, and other network devices. It can be placed within any network, configured to act as both a wireless controller as well as a Layer 2 gigabit switch, providing robust and centralized management of the whole network through one powerful system. With no additional costs or license purchasing necessary, network administrators can manage and monitor both wired and wireless nodes through a single web interface.

The system can automatically discover any supported EnGenius EWS Series access points connected to the network with a simple click of a mouse, self-configure and become instantly manageable. Simply log into the device via any standard web browser and assign APs into cluster groups. Wireless radio, wireless security, and other wireless related configurations can all be easily applied to multiple APs simultaneously, eliminating the time-consuming process of configuring every wireless access point individually.

The user-friendly GUI provides instant access to a variety of client and network information including managed AP List, Auto Discovered AP List, Cluster Grouping List, and Client List with complete MAC/IP Address, Incoming/Outgoing Traffic, Wireless Output Power and other relevant information. Traffic statistics of APs and clients are automatically converted into easy-to-understand graphs, providing a visual representation of the network traffic.

The topology view feature allows administrators to quickly see the whole wired/wireless network topology in real-time for easier planning, troubleshooting, and monitoring. The Floor Plan View and Map View allow for quickly locating deployed APs, a helpful feature for large scale AP deployment and multi-site management. There's also an Intelligent Diagnostics feature for administrators to check the status of wireless APs and provide easy troubleshooting for offline units and rebooting of APs remotely.

Key Features

10/100/1000 Mbps Gigabit Ethernet Ports
Dedicated SFP / SFP+ slots for longer connectivity via fiber uplinks and for uplink redundancy and failover
IGMP and MLD snooping for advanced multicast filtering
IEEE802.3ad Link Aggregation
STP/RSTP/MSTP
Access Control List/Port Security
IEEE802.1X and RADIUS Authentication
RMON
SNMP v1/v2c/v3
Voice VLAN for fast and reliable deployment of VoIP
Energy Efficient Ethernet (IEEE802.3az) support for better energy saving when more IEEE-compliant end devices are available in the market
Advanced QoS with IPv4/IPv6 ingress traffic filtering (ACLs) and prioritization
Easy to manage via web-based management GUI for switch deployment
Standard-based technology, ensuring interoperability with any standard-based devices in the existing network
Dual firmware images, improving reliability and uptime for your network

System Requirement

The following are the minimum system requirements in order to configure the device:

Computer with an Ethernet interface or wireless network capability
Windows OS (XP, Vista, 7, 8, 10), Mac OS, or Linux-based operating systems
Web-Browsing Application (i.e. Internet Explorer, Firefox, Chrome, Safari, or another similar browser application)

Package Content

The package contains the following items (all items must be in the package to receive a refund):

EWS2908P, EWS2910P

EnGenius Switch
Power Adapter / Power Cord
Rubber Footpads
Wall-mount Kit
Quick Installation Guide

EWS5912FP, EWS7928P, EWS1200-28TFP, EWS7926EFP, EWS7952P, EWS7952FP

EnGenius Switch
Power Cord
RJ-45 Console Cable
Rack-mount Kit
Quick Installation Guide

LED Behavior

EWS1200-28TFPv2/ EWS7928Pv2/ EWS7952FPv3

EWS7952Pv2

Comparison Table

Technical Specification

Wireless Management

Access Point Auto Discovery and Provisioning
Access Point Auto IP Assignment
Access Point Group Management
Visual Topology View
Floor Plan View
Map View
Access Point Status Monitoring
Wireless Client Monitoring
Wireless Traffic & Usage Statistics
Real-time Throughput Monitoring
Bulk Firmware Upgrade Capability
Remote Access Point Rebooting
Fast Roaming
Band Steering
Traffic Shaping
Intelligent Diagnostics
Access Point Device Name Editing
Access Point Radio Settings
RSSI Threshold
Access Point Client Limiting
Wireless Security (WEP, WPA/WPA2 Enterprise, WPA/WPA2 PSK)
VLANs for Access Point- Multiple SSIDs
Guest Network
Secure Control Messaging (SSL Certificate)
Local MAC Address Database
Remote MAC Address Database (RADIUS)
Configuration Import / Export

L2 Features

802.3ad Link Aggregation
- Maximum of 8 groups/8 ports per group
Port Mirroring
- One-to-One
- Many-to-One
Spanning Tree Protocol
- 802.1D Spanning Tree Protocol (STP)
- 802.1w Rapid Spanning Tree Protocol (RSTP)
- 802.1s Multiple Spanning Tree Protocol (MSTP)
MAC Address Table
- 8K entries
Static MAC Address
- 256 entries
802.1ab Link Layer Discovery Protocol
IGMP Snooping
- IGMP v1/v2/v3 Snooping
- Supports 256 IGMP groups
- IGMP per VLAN
- IGMP Snooping Querier
- IGMP Snooping Fast Leave
MLD Snooping
- MDL Snooping v1/v2
- Supports 256 MLD groups
- IGMP per VLAN
Jumbo Frame
- Up to 9216 bytes
802.3x Flow Control
802.3az Energy Efficient Ethernet

VLAN

802.1Q support
VLAN Group
- Max 4094 static VLAN groups
Voice VLAN

QoS

802.1p Quality of Service
- 8 queues per port
Queue Handling
- Strict
- Weighted Round Robin (WRR)
QoS based on:
- 802.1p Priority
- DSCP
Bandwidth Control
- Port-based (Ingress/Egress, 64 Kbps~1000 Mbps)
Broadcast/Unknown Multicast/ Unknown Unicast Storm Control

Access Control List (ACL)

Layer 2/3
- Support maximum 32 entries (ACL)
- Support maximum 256 entries (ACE)
ACL based on:
- MAC address
- VLAN ID
- 802.1p priority
- Ethertype
- IP address
- Protocol type
- DSCP

Security

802.1X
- Guest VLAN
- Port-based Access Control
Supports RADIUS Authentication
Port Security
- Up to 256 MAC Addresses per port
Port Isolation
DoS Attack Prevention
BPDU Attack Prevention

Monitoring

Port Statistics
System Log
RMON

Management

Web Graphical User Interface (GUI)
Command Line Interface (CLI)
BootP/DHCP Client/DHCPv6 Client
SSH Server
Telnet Server
TFTP Client
HTTPS
SNMP
- Supports v1/v2c/v3
SNMP Trap
SNTP
Configuration restore/backup

Diagnostic

Cable Diagnostic
Ping Test
Trace Route

MIB/RFC Standards

RFC1213
RFC1493
RFC1757
RFC2674
RFC 2863

Operating Temperature

0 to 40°C (EWS2910P, EWS2908P)
0 to 50°C (EWS5912FP, EWS7928P, EWS1200-28TFP, EWS7926EFP, EWS7952P, EWS7952FP)

Storage Temperature

-40°C to 70°C

Humidity (Non-condensing)

5% - 95%

Dimensions (W x D x H)

EWS2908P: 240x105x27mm
EWS2910P: 240x105x27mm
EWS5912FP: 330x230x44mm
EWS7928P: 440x260x44mm
EWS1200-28TFP: 440x260x44mm
EWS7926EFP: 440x260x44mm
EWS7952P: 440x310x44mm
EWS7952FP: 440x310x44mm

Getting Started

Management Interface

This section will guide you through the installation process.

The switch features an embedded Web interface for the monitoring and management of your device.

Default credentials to Management GUI

Connecting the Switch

Discovery with a DHCP Server

Use the procedures below to set up the switch within a network that uses DHCP.

Connect the switch to your network (DHCP enabled) and connect the supplied power cord to the switch and plug the other end into an electrical outlet. Verify the power LED indicator is lit on the switch.
Wait for the switch to completely boot up, which might take a minute.
Connect one end of a Category 5/6 Ethernet cable into the Gigabit (10/100/1000Mpbs) Ethernet port on the switch front panel and the other end to the Ethernet port on the computer. Verify that the LED on the Ethernet ports of the switch are Green.
Once your computer is on, ensure that your TCP/IP is set to On or Enabled. Open Network Connections and then click Local Area Connection. Select Internet Protocol Version 4 (TCP/IPv4). Click DHCP under Auto-Configuration and click Apply to save the settings.
On the DHCP server, find and write down the IP address allocated to the device. Use this IP address to access the management interface.
A login screen will appear. By default, the username is admin, and the password is password. Enter the current password of the switch and then click Login. To make access to the web-based management interface more secure, it's highly recommended that you change the password to something more unique.

Discovery without a DHCP Server

This section describes how to set up the switch in a network without a DHCP server. If your network has no DHCP service, you must assign a static IP address to your switch in order to log in to the web-based management interface.

Connect the supplied power cord to the switch and plug the other end into an electrical outlet. Verify the power LED indicator is lit on the switch.
Wait for the switch to completely boot up, which might take a minute.
Connect one end of a Category 5/6 Ethernet cable into the gigabit (10/100/1000Mbps) Ethernet port on the switch front panel and the other end to the Ethernet port on the computer. Verify that the LED lights on the Ethernet ports of the switch are Green.
Once your computer is on, ensure that your TCP/IP is set to On or Enabled. Open Network Connections and then click Local Area Connection. Select Internet Protocol Version 4 (TCP/IPv4).
If your computer is already on a network, ensure that you have set it to a static IP address on the interface (Example: 192.168.0.239 and the subnet mask address as 255.255.255.0).
Open a web browser on your computer. In the address bar of the web browser, enter 192.168.0.239 and press Enter.
A login screen will appear. By default, the username is admin, and the password is password. Enter the current password of the switch and then click Login. To make access to the web-based management interface more secure, change the password to something more unique.
Click IP Settings under the System Menu and select Static IP to configure the IP settings of the management interface.
Enter the IP address, Subnet Mask, and Gateway.
Click Apply to update the system.

Wireless Controller Features

Managing EnSky Access Points

Access points in the network will be automatically discovered by the EWS switch and will be listed under the AP(s) Detected list in the Access Point menu.

Select the access point(s) you wish to manage and click Add.
You will be prompted to assign the IP Address under the IP Assignment screen.
Click Apply and the access point(s) you’ve configured will be moved to the managed list. Note that the status of the AP will change from Connecting to Provisioning to Online. Once the status turns Online, your Access Point(s) have been successfully added to the Managed list.

Device Management

Summary

The Summary page shows general system information for the EWS switch including the Controller Status, the software version, the maximum number of APs the system can manage, MAC Address, IP Address, serial number, and system uptime for the system.

Dashboard

The Dashboard on the upper right corner of the GUI shows the current status of EWS APs that have been managed by the EWS switch.

Controller State

Status: Select whether to Enable or Disable the Controller feature on the switch. ezMaster Address: If you have an ezMaster server running and want to have ezMaster manage this EWS switch directly, enter the IP Address/domain name of the ezMaster server.

Click Apply to save the changes to the system.

System Information

Controller Version: This is the software version of the device.
Max. Managed APs: The maximum number of APs the device can manage.
IP Address: Displays the IP address of the device.
Base MAC Address: Displays universally assigned network address.
Serial Number: Displays the serial number of the device.
System Uptime: Displays the number of days, hours, and minutes since the last system restart.

Access Points

This page displays the status of all EnSky access points that your Controller is currently managing as well as all the EnSky access points in the network that the Controller has discovered. Use this page to add EnSky access points to your EWS switch’s Controller access point list.

The EWS switch can manage supported EnSky Series access points. For the discovery procedure to succeed, the EWS switch and the EnSky access point must be connected in the same network. The EWS switch can discover supported EnSky access points with any IP address and Subnet settings.

Managing Access Points

EnSky access points can either be configured individually or configured as a group.

To manage an access point individually, click on the Device Name field of the access point you wish to configure, and you will be directed to a screen where you can configure settings for the access point.

To manage access points as a group, go to Device Management > AP Groups to create an AP group and add members into the group. Click on the Group field of the AP you wish to configure, and you will be directed to a screen where you can configure settings for the AP group.

Group settings can be overridden by individual AP settings. For example, if you want to set the transmit power to a lower setting for only a few specific APs, leave the Transmit Power at Auto in the Wireless Radio Settings of the AP Group, then click on the Device Name field of the access point (which is already in a group) you wish to configure and you will be directed to a screen where you can configure override settings for the selected access point.

Refresh Countdown Timer

Dashboard

AP(s) Detected List

Remove AP

Reboot AP

Search Bar

Status

This indicates the current status of the managed access point.

Access Point Settings

General Settings

Wireless Radio Settings

WLAN Settings - 2.4GHz/5GHz

Under the WLAN settings, you can create and manage SSID configurations and profiles for the access points to fit your needs. An SSID is basically the name of the wireless network to which a wireless client can connect to. Multiple SSIDs allow administrators to use a single physical network to support multiple applications with different configuration requirements. Up to 8 SSIDs are available per radio. Click on the SSID you wish to make changes to, and you'll be directed to the SSID configuration page.

SSID Config

Prefer 5GHz: All dual-band clients with 5GHz RSSI above the threshold will be connected to the 5GHz band.
Force 5GHz: All dual-band clients will be connected to the 5GHz.
Band Balance: This option automatically balances the number of newly connected clients across both 2.4GHz and 5GHz bands based on configured percentage for 5GHz clients.

Band Steering only defines the action when a wireless client associates with an AP for the first time, and the wireless client must be in both 2.4GHz and 5GHz wireless coverage zone when being authenticated with the AP for the Band Steering algorithm to take effect.

Captive Portal: When enabled, users will see a captive portal page upon connecting to SSID. The captive portal profile can be customized by clicking “Profile Setting” which can also be configured in Hotspot Service from controller settings.

Wireless MAC Filter: This is default disabled and users can select either “Allow MAC in the List” or “Deny MAC in the List” to make this filter as whitelist or backlist for SSID.

Traffic Shaping: This feature regulates the allowed maximum download/upload speed per SSID or per user. Select to enable or disable wireless traffic shaping for this SSID profile with respective download/upload limits per SSID or user.

Download Limit: This specifies the allowed maximum download speed.
Upload Limit: This specifies the allowed maximum upload speed.

Fast Roaming: This feature uses protocols defined in 802.11r to facilitate continuous connectivity for wireless devices roaming from one AP to another. Coupled with 802.11k, wireless devices are able to quickly identify nearby APs that are available for roaming and, once the signal strength of the current AP weakens and your device needs to roam to a new AP, it will already know which AP is best to connect with.

Security: Select the security method (None, WPA2 Enterprise, or WPA2-PSK):

WPA2 Enterprise: WPA2 is the Wi-Fi Alliance IEEE 802.11i standard, which include AES mechanisms.

RADIUS Server: Enter the IP address of the RADIUS server.
RADIUS Port: Enter the port number used for connections to the RADIUS server.
RADIUS Secret: Enter the secret required to connect to the Radius server.
Group Key Update Interval: Specify how often, in seconds, the group key changes. Select 0 to disable.

NAS-ID: This attribute contains a string identifying the NAS originating the Access-Request.
NAS-PORT: This attribute indicates the physical port number of the NAS which is authenticating the user.
NAS-IP: This attribute indicates the identifying IP Address of the NAS which is requesting authentication of the user.
RADIUS Accounting: This can be checked to enables the accounting feature.
RADIUS Accounting Server: Enter the IP address of the RADIUS accounting server.
RADIUS Accounting Port: Enter the port number used for connection to the RADIUS accounting server.
RADIUS Accounting Secret: Enter the secret required to connect to the RADIUS accounting server.
Accounting Group Key Update Interval: Specify how often, in seconds, the accounting data send. The range is from 60~600 seconds.

WPA2-PSK: WPA2 with PSK (Pre-shared key), designed for home and smaller office networks that don't require the complexity of an 802.1X authentication server.

WPA2 Passphrase: Enter the passphrase you wish to use. If you are using the ASCII format, the Key must be between 8~64 characters in length.
Group Key Update Interval: Specify how often, in seconds, the Group Key changes.

Advanced Settings

LED Control: In some environments, the blinking LEDs on APs are not welcomed. This option allows you to enable or disable the device’s LED indicators. Note that only indoor models support this feature.

RSSI Threshold: With this feature enabled, in order to minimize the time the wireless client spends on passively scanning for a new AP to connect to, the AP will send a disassociation request to the wireless client upon detecting the wireless client's RSSI value lower than the specified. The RSSI value can be adjusted to allow for more clients to stay connected to this access point. Note that setting the RSSI threshold value too low may cause sticky wireless clients to reconnect frequently. Disabling this feature is recommended unless you deem it necessary.

Management VLAN: This specific VLAN ID can be used to separate management traffic from regular network traffic.

IMPORTANT INFORMATION

When configuring or updating AP's management VLAN settings, make sure that the same management VLAN settings are applied to the EWS switch as well.

AP Groups

An AP group can be used to define configuration options and apply them to several APs at once. If your wireless network covers a large physical environment and you want to provide wireless services with some common settings and policies to different areas of your environment, you can use AP Groups to do this instead of having to modify the settings of each AP individually. For example, if your wireless network covers two floors and you need to provide wireless access to visitors on the 1st floor, you can simply setup two different AP groups with different settings and policies to suit your application.

Creating a New AP Group

Follow the steps below to create a new AP group.

Click on Add button to create a new AP group.
Enter the name and description of the new AP group.
In the Member Setting section, all managed access points that are not currently assigned to an AP group will be listed in Managed APs list on the left. Users can select the access points from the list and click Add to assign to this group. The access points will be moved to the Group Member list on the right .
Configure Radio, WLAN, and Advanced settings then click on Apply for settings to take effect.
Regarding Mesh AP setting in Advanced settings from AP Group, users can enable this feature to let APs in the group to become mesh members. If this feature is enabled, when mesh AP detects it’s no longer having wired connection to reach other mesh AP, it will then use the mesh link to set up connection to one of the best preferred mesh peer AP for connection. The RF link of either 2.4GHz or 5GHz can be decided by Mesh Profile settings under controller tab on EWS switch’s web management page.

Note: As most settings from above step-4 are the same as mentioned in last section of Access Point Settings, these common settings will apply to all AP members in the group. Depending on your design on applying group settings to APs in deployed WLAN, certain parameters like channel and transmit power may need to be overridden to reduce RF interference or optimize overall WLAN performance.

Please click on the device item to override group settings; the following shows that items like Channel HT Mode, Transmit Power, and Client Limits are eligible to be overridden.

AP Group Management

Use the following tool or buttons in controller web management page for further configuration or management:

Wireless Services

Background Scanning

With Background Scanning enabled, the controller periodically samples RF activity of all surrounding access points including channel utilization and nearby devices in all available channels. Background scanning is the basis for Auto Tx Power and Rogue AP detection, and must be enabled for these features to operate. If you prefer, you may disable it if you feel it's not helpful, or adjust the scanning frequency, if you prefer scanning at greater or fewer intervals.

Note: For latency-sensitive applications such as VoIP, it is recommended to set the background scan interval to a higher value, e.g. 5 or 10 minutes. For regular applications, the recommended value is 30 seconds. This value will also be directly related to how long it takes the AP to scan for rogue devices.

Auto TX Power

Using the information collected by Background Scanning, APs can automatically adjust their transmit power to optimize coverage. When enabled, APs will optimize their transmit power based on the time interval configured for Background Scanning.

Note: Background Scanning must be enabled, and Tx Power of APs must be set to Auto (under Wireless Radio Settings) for this feature to operate.

Monitor

Visualization

From here, users can see a visual view of the topology of all supported devices in the network. The EWS switch automatically maps your network deployment and displays the device relationships across your network infrastructure—an essential feature for troubleshooting network issues that would otherwise require manual mapping, monitoring software, or manually keeping track of MAC address tables.

Use the directional pad and the plus or minus buttons to navigate your topology view of the network. You can also search access points in the network via their IP or MAC address. Check the Show Port Info box to display connected port information.

Topology View

Navigating Tips

Mouse over a device to show information about the device.

Left-click on the switch to bring up a menu where you can redirect to switch or collapse the topology tree.

Left-click on the access point to bring up a menu where you can configure AP settings, remove AP from management list, reboot AP, redirect to the active clients page or redirect to troubleshooting page.

You can search for an access point using the IP Address or MAC address.

Note: The EWS switch can only generate topologies with EnGenius L2 Series switches.

Map View

From here, users can view a geographical representation of access points in the network. Click AP List to display the list of access points managed by the EWS switch and then simply click-and-drag the AP marker to the desired location on the map.

Note: Your browser needs to be able to access the Internet for this function to work.

Navigating Tips

Use the Locate button to pinpoint the map to your current location. Note that the location provided is calculated based on your IP address and results might be inaccurate.
Left-click on the access point marker to bring up a menu from which you can configure AP settings, remove AP from management list, reboot AP, redirect to the active clients page, or redirect to troubleshooting page.

Floor View

The Floor View feature enables an administrator to upload custom floor plans and place AP markers in corresponding locations for better network visualization of a wireless network. Multiple images can be uploaded to visualize access point placement on multiple floors of an office building or different branch offices within an organization.

Floor Plan Image

From here, an administrator can add or delete a custom map or floor plan image. An unlimited number of floor plan images can be imported to the EWS switch. However, the total file size of all imported floor plans is limited to 6MB, and the maximum file size per image is 512KB (a smaller image loads faster). Valid image file formats are .PNG, .GIF or .JPG.

Status Dashboard

Total: This displays the total memory storage space allocated for uploading custom floor plans.

Available: This displays currently available memory storage space.

In Use: Displays the memory storage space that is currently in use.

Floor Plan View

After importing your floor plan image, you can distribute markers that represent the APs to the correct locations by clicking on AP List and dragging each marker icon to its corresponding location on the floor plan. Also, Wireless Coverage Display can be toggled on to indicate the coverage range of each AP, assisting IT managers to plan and deploy wireless networks in any indoor environment easily and accurately. Click on Save Plan when you're done to save settings.

AP Info

RF Coverage

Navigating Tips

Mouse over a device to show information about the device.

Click to reveal a list of APs that the EWS switch is currently managing.

The number in the marker represents the number of wireless clients that are currently connected to the access point.

Left-click on the access point marker to bring up a menu where you can configure AP settings, remove AP from management list, reboot AP, redirect to the active clients page or redirect to troubleshooting page.

Mesh View

The Mesh View feature enables the administrator to view the mesh connection status between APs in the AP Group with mesh setting enabled.

Statistics

Mesh

Maintenance

Ethernet Switch Features

Summary

Management

Monitoring

Diagnostics

STP

The Spanning Tree Algorithm (STA) can be used to detect and disable network loops, and to provide backup links between switches. This allows the switch to interact with other bridging devices in your network to ensure that only one route exists between any two stations on the network and provide backup links which automatically take over when a primary link goes down.

Spanning Tree Protocol (STP) provides a tree topology for the switch. There are different types of Spanning tree versions supported, including Spanning Tree Protocol (STP) IEEE 802.1D, Multiple Spanning Tree Protocol (MSTP) IEEE 802.1w, and Rapid Spanning Tree Protocol (RSTP) IEEE 802.1s. Please note that only one spanning tree can be active on the switch at a time.

Global Settings

Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on switches. Spanning Tree Protocol (STP) allows you to ensure that you do not create loops when you have redundant paths in the network. STP provides a single active path between two devices on a network in order to prevent loops from being formed when the switch is interconnected via multiple paths.

STP uses a distributed algorithm to select a bridging device that serves as the root for the spanning tree network. It does this by selecting a root port on each bridging device to incur the lowest path cost when forwarding a packet from that device to the root device. It then selects a designated bridging device from each LAN which incurs the lowest path cost when forwarding a packet from that LAN to the root device. Next, all ports connected to designated bridging devices are assigned as designated ports. After determining the lowest cost spanning tree, it enables all root ports and designated ports, disabling all other ports. Network packets are therefore only forwarded between root ports and designated ports, eliminating any possible network loops. STP provides a single active path between two devices on a network in order to prevent loops from being formed when the switch is interconnected via multiple paths.

Once a stable network topology has been established, all bridges listen for Hello Bridge Protocol Data Units (BPDUs) transmitted from the Root Bridge of the Spanning Tree. If a bridge does not receive a Hello BPDU after a predefined interval (known as the Maximum Age), the bridge will assume that the link to the Root Bridge is down and unavailable. This bridge then initiates negotiations with other bridges to reconfigure the network to reestablish a valid network topology.

Loops occur when alternate routes exist between hosts. Loops in an extended network can cause the switch to forward traffic indefinitely, resulting in increased traffic and reducing network efficiency. Once the STP is enabled and configured, primary links are established, and duplicated links are blocked automatically. The reactivation of the blocked links is also automatic.

STP provides a tree topology and other Spanning tree versions supported include STP, Multiple Spanning Tree Protocol (MSTP), and Rapid Spanning Tree Protocol (RSTP). Please note that only one spanning tree can be active on the switch at a time. The default setting is RSTP.

Multiple Spanning Tree Protocol (MSTP) defined in IEEE 802.1s, enables multiple VLANs to be mapped to reduce the number of spanning-tree instances needed to support many VLANs. If there is only one VLAN in the network, a single STP works fine.

If the network contains more than one VLAN, however, the logical network configured by a single STP would work, but it becomes more efficient to use the alternate paths available by using an alternate spanning tree for different VLANs or groups of VLANs. MSTP (which is based on RSTP for fast convergence) is designed to support independent spanning trees based on VLAN groups. MSTP provides multiple forwarding paths for data traffic and enables load balancing.

STP and RSTP prevent loops from forming by ensuring that only one path exists between the end nodes in your network. RSTP is designed as a general replacement for the slower, legacy STP. RSTP is also incorporated into MSTP. With STP, convergence can take up to a minute to complete in a larger network. This can result in the loss of communication between various parts of the network during the convergence process so STP can subsequently lose data packets during transmission.

RSTP on the other hand is much faster than STP. It can complete a convergence in seconds, so it greatly diminishes the possible impact the process can have on your network compared to STP. RSTP reduces the number of state changes before active ports start learning, predefining an alternate route that can be used when a node or port fails and retain the forwarding database for ports insensitive to changes in the tree structure when reconfiguration occurs.

Select whether to enable or disable the Spanning Tree function for the switch. Next, select whether you wish to enable STP, RSTP, or MSTP. Again, please note that only one Spanning tree function can be active at a time.

Click Apply to save settings.

Root Bridge

The Root Bridge serves as an administrative point for all Spanning Tree calculations to determine which redundant links to block in order to prevent network loops. From here, you can view all the information regarding the Root Bridge within the STP.

All other decisions in a spanning tree network, such as ports being blocked and ports being put in a forwarding mode, are made regarding a root bridge. The root bridge is the “root” of the constructed “tree” within a spanning tree network. Thus, the root bridge is the bridge with the lowest bridge ID in the spanning tree network. The bridge ID includes two parts: the bridge priority (2 bytes) and the bridge MAC address (6 bytes). The 802.1d default bridge priority is 32768. STP devices exchange Bridge Protocol Data Units (BPDUs) periodically. All bridges “listen” for Hello BPDUs (Bridge Protocol Data Units) transmitted from the root bridge. If a bridge does not get a Hello BPDU after a predefined interval (called the Maximum Age), the bridge assumes that the link to the root bridge is down. The bridge then initiates negotiations with other bridges to reconfigure the network to re-establish a valid network topology.

CIST Instance Settings

The Common Instance Spanning Tree (CIST) protocol is formed by the spanning tree algorithm running among bridges that support the IEEE 802.1w, IEEE 802.1s, and IEEE 802.1D standards. A Common and Internal Spanning Tree (CIST) represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP/RSTP.

The CIST inside a Multiple Spanning Tree instance (MST) region is the same as the CST outside a region. All regions are bound together using a CIST, which is responsible for creating loop-free topology across regions, whereas the MSTI controls topology inside regions. CST instances allow different regions to communicate between themselves. CST is also used for traffic within the region for any VLANs not covered by a MSTI. In an MSTP-enabled network, there is only one CIST that runs between MST regions and single spanning tree devices. A network may contain multiple MST regions and other network segments running RSTP. Multiple regions and other STP bridges are interconnected using a single CST.

Enter the information to set up CIST for the switch:

Click Apply to update the system settings.

CIST Port Settings

Use the CIST Ports Settings page to configure and view STA attributes for interfaces when the spanning tree mode is set to STP or RSTP. You may use a different priority or path cost for ports of the same media type to indicate a preferred path or edge port to indicate if the attached device can support fast forwarding or link type to indicate a point-to-point connection or shared-media connection.

Click Apply to update the system settings.

MST Instance Settings

Multiple Spanning Tree Protocol, or MSTP enables the grouping of multiple VLANs with the same topology requirements into one Multiple Spanning Tree Instance (MSTI). MSTP then builds an Internal Spanning Tree (IST) for the region containing commonly configured MSTP bridges. Instances are not supported in STP or RSTP. Instead, they have the same spanning tree in common within the VLAN. MSTP provides the capability to logically divide a Layer 2 network into regions. Every region can contain multiple instances of spanning trees. In MSTP, all the interconnected bridges that have the same MSTP configuration comprise an MST region.

A Common Spanning Tree (CST) interconnects all adjacent MST regions and acts as a virtual bridge node for communications between STP or RSTP nodes in the global network. MSTP connects all bridges and LAN segments with a single Common and Internal Spanning Tree (CIST). The CIST is formed as a result of the running spanning tree algorithm between switches that support STP, RSTP, and MSTP protocols. Once you specify the VLANs you wish to include in a Multiple Spanning Tree Instance (MSTI), the protocol will automatically build an MSTI tree to maintain connectivity among each of the VLANs. MSTP maintains contact with the global network because each instance is treated as an RSTP node in the Common Spanning Tree (CST).

Click the Edit button to configure the MST settings. Next, enter information for the VLAN List and choose the priority you wish to use from the drop-down list.

MST Port Settings

This page displays the current MSTI configuration information for the switch. From here you can update the port configuration for an MSTI ID. If a loop occurs, the MSTP function will use the port priority to select an interface to put into the forwarding state. Set a higher priority value for ports you wish to be selected for forwarding first. In instances where the priority value is identical, the MSTP function will implement the lowest MAC address into the forwarding state and other interfaces will be blocked. Note that lower priority values mean higher priorities for forwarding packets.

Click Apply to update the system settings.