Moxa EDS-508A series network managed Ethernet switch

Queue scheduling: Supports two modes: "Weight Fair (8:4:2:1 weight)" and "Strict". The default is Weight Fair to avoid low priority traffic from starving;

Industrial adaptation: Supports IEC 61850 QoS and can set GOOSE/SMV/PTP and other power automation protocol messages as high priority to ensure real-time performance.

3. Network isolation: VLAN configuration

(1) VLAN mode and type

Support type:

IEEE 802.1Q VLAN: Label based logical isolation, supporting three port types: Access (single VLAN without labels), Trunk (multi VLAN with labels), and Hybrid (removable egress labels);

Port type VLAN: VLAN is divided based on physical ports, with simple configuration but low flexibility. When enabled, IGMP Snooping will be automatically disabled;

Unaware VLAN: does not check VLAN tags, only transmits all tagged messages transparently, suitable for serial connection in other VLAN networks.

(2) Typical application examples

Scenario: Switch A connects devices A (VLAN5), B/C (VLAN2), D (VLAN3), and E (VLAN4), and is interconnected with switch B through Trunk port 3;

to configure:

Device A port is set to Access, PVID=5;

Set the B/C ports of the device to Trunk, PVID=2, and fixed VLAN (tagged)=3/4;

Set the interconnection port of the switch to Trunk and enable the GVRP protocol to automatically synchronize VLAN information;

Set the corresponding port of switch B to Access, and match PVIDs with VLAN2/3/4/5 to ensure normal cross switch VLAN communication.

4. Multicast filtering: reducing network storms

Core agreement:

IGMP Snooping (IP layer): Supports v1/v2/v3, and only forwards multicast traffic to ports that have joined the group by listening to IGMP report/query messages to avoid flooding;

GMRP (MAC layer): dynamically registers multicast addresses, suitable for devices that do not support IGMP;

Static multicast MAC: Manually add multicast addresses and port bindings, suitable for devices that only support multicast but do not have IGMP/GMRP.

Configuration points: After enabling IGMP Snooping globally, it needs to be enabled separately by VLAN; Support 'Enhanced Mode', only forwarding multicast to member ports to reduce redundant traffic.

5. Bandwidth management and security protection

(1) Bandwidth control

Broadcast storm protection: supports limiting port broadcast/multicast/unknown unicast traffic rates (such as 8M), and can temporarily disable ports when exceeded (default disable for 30 seconds);

Entrance/exit speed limit: Configure the entrance/exit speed according to the port (such as limiting it to 10% of the total bandwidth) to avoid single devices occupying too much bandwidth.

(2) Security protection

User authentication: Supports centralized authentication using TACACS+and Radius, replacing local accounts and suitable for large-scale networking;

Port access control:

Static Port Lock: Bind a specific MAC address to a port and only allow communication with that MAC address;

IEEE 802.1X: Based on the client authentication server (such as Radius) - authenticator (switch) architecture, unauthenticated devices cannot access;

ACL access control list (only supported by layer 3 switches): Filter packets based on IP/MAC address, protocol (TCP/UDP), and port number (such as denying access to 192.168.2.0/24 network segment 192.168.0.1).

6. Alarm and diagnosis: rapid fault location

(1) Auto Warning

Email Alert: Configure SMTP servers (such as enterprise email) and recipient addresses (up to 4), triggering events including switch cold start, port link disconnection, traffic overload, configuration changes, etc;

Relay alarm: supports 2-channel relay output, can be associated with key events such as power failure and Turbo Ring breakage, and trigger external sound and light alarms;

Test verification: After configuration, a test email can be sent to confirm that the alarm channel is normal.

(2) Diagnostic tools

Mirror Port: Copy the inbound/outbound/bidirectional traffic of a specified port (monitored port) to the mirror port, and connect packet capture tools (such as Wireshark) to analyze network issues;

Ping test: initiate Ping requests from the switch (not PC initiated) to detect the connectivity between the switch and the target IP;

LLDP protocol: automatically obtains neighbor device information (such as neighbor IP, port, model), supports MXview software to automatically generate network topology.

(3) Monitoring and Logging

Real time monitoring:

Switch level: View the total traffic of all ports, unicast/multicast/broadcast packet rates;

Port level: View the sending and receiving speed and error packet count of a single port;

SFP monitoring: Check the temperature, voltage, and light emitting and receiving power of the optical module (with an error of ± 3dBm);

Log management: Record events such as cold start, configuration changes, authentication failures, port disconnections, etc. It supports exporting log files or sending them to Syslog servers (up to 3 configured).

EDS Configurator: Batch Management Tool

EDS Configurator is a Windows platform specific GUI tool (available for free download from the Moxa official website) that supports batch operation of multiple switches. Its core functions include: