DP612

The DP612 series presents a 12-port Gigabit Layer 3 Managed Switch tailored for industrial environments requiring PoE Ethernet. Equipped with 8-port gigabit PoE+ Ethernet and 4-port 100/1000M SFP, it supports IEEE 802.3at/at PoE+ with a 24V booster to 54V PoE output, ensuring robust power delivery. Its advanced Layer 3 capabilities include OSPF, RIP, IP/VLAN routing, and VRRP router redundancy, making it adaptable to complex network topologies. Additionally, the switch integrates cybersecurity such as IEEE802.1 x MAB, ACL, DHCP Snooping, IP Source Guard, and Dynamic ARP Inspection, fortifying network defenses. Enhanced redundancy features like ERPSv2 and eRSTP* ensure uninterrupted network operation. Its rugged, wide-temperature and high EMC design guarantees reliability in demanding environments, making it an optimal choice for industrial critical applications.
Related Downloads Inquiry cart

High performance Full Gigabit Switching & Extreme 802.3at.af Booster PoE+

8-port Full Gigabit 802.3at/af compliant PoE+ ports, up to 30W per port.

4-port 100/1000M SFP ports for Fiber uplink, DDM function for fiber connectivity monitoring

Powerful 1.2GHz ARM Cotex-A9 processor

Non-blocking switch fabric with high throughput 24Gbps

Broadcom high performance chipset up to 80Gbps Switching Capacity

Booster PoE design available 24V Power input, maximum 120W power budget at 24V input.

PoE management provides PoE On/Off, Budget control, PoE port mode, scheduling and PD alive check

8 flexible Class of Service(CoS) queues

16K MAC address table

9Kb Jumbo Frame

Energy-Efficient Ethernet for power saving

Optional 4 100M/1000M Copper model for vehicle applications (DP612-4GT-LV)


WoMaster ERPSv2 PLUS Ring Technology
  • Apply Broadcom® CFM Technology for overcoming GbE copper physical limitation and providing minimum 50ms recovery time, seamless restoration time
  • Inter-Operability with 3rd party ITU-T G.8032 v1/v2 ERPS switch and still remain fast recovery time
  • Replace legacy Ring + Chain + Dual Homing

Enhanced RSTP(eRSTP)
  • Enhance the RSTP fault recovery time performance
  • Enhance RSTP performance for large ring network topologies with up to 80 switches

Dynamic Routing with Redundancy Protection
  • RIPv1&v2, OSPFv1&v2 for intra-domain routing within an autonomous system
  • Efficient unicast/multicast static routing
  • VRRP guarantees sustainable routing in a single point of failure

Compliant with IEC62443-4-2 Level 3 / 4 Cyber Security 
  • L2-L7 IPv4/IPv6* Access Control List (ACL)
  • DHCP Snooping, IP Source Guard, Dynamic ARP Inspection
  • 802.1Q VLAN, Private VLAN, Advanced Port Security
  • Multi-Level user passwords
  • HTTPS/SSH/SFTP, 256-bit encryption
  • 802.1X MAB for non-802.1X compliant end devices
  • RADIUS/TACACS+ centralized password authentication
     

Rugged Design for Industrial Critical Network with a Wide Power Input Range 

24~57V wide power range design with redundant

    power input

Available for 12V Low voltage

Excellent heat dissipation design for operating in

    -40~70oC environments

High level EMC protection exceeding traffic control

    and heavy industrial standards’ requirements

IEC 61000-6-2/4 Heavy Industrial Environmen

ITU-T G.8032 ERPSv2 gives ultimate Inter-Operability, Flexibility, and Scalability




G.8032 v.2 ERPS is becoming the most common standard for redundancy on industrial networks and replacing proprietary ring redundancy and standard Ethernet Ring Switching, as it provides stable protection of the entire Ethernet Ring from any loops and open standard for 3rd party devices. The ITU-T G.8032 v2 ERPS recovers the network break within less than 50ms recovery time thus significantly increases network reliability for critical IIoT applications, such as heavy industrial automation (power substation and oil and gas vertical markets), ITS (traffic control, public transportation), railway networks, and other smart city applications concerning public safety.

 








G.8032 v1 only supports single ring topology, whilst G.8032 version 2 additionally features recovery switching for Ethernet traffic in Multiple Ring (ladder) of conjoined Ethernet Rings by one or more interconnections which saves deployment costs by providing wide-area multipoint connectivity with a reduced number of links. Deploying switches with support of G.8032 v2 ERPS ensures highly resilient Ethernet infrastructure whilst simultaneously saving costs, as they can interoperate with third-party switches and still guarantee fast network recovery time without any data loss.



 

√ ITU-T G.8032 ERPSv2 reduces coupling Ring failure recovery time

The G.8032 ERPS v2 technology effectively saves the recovery time for coupling ring link breakdown from 300 sec to less than 50ms by immediately change the topology of both major ring and subring.  
       

 

√ WoMaster ERPS v2 PLUS Technology – Fast Giga Copper Recovery Time

The adaption of Broadcom® CFM Technology can reduce CFM Transmission for link failure within 3.3ms, thus to detect the ring link fault within 11.55ms (3.5 times the CFM Interval) for ERPSv2 mechanism to respond. Once the ring port fails, the ERPS RPL-Owner will forward the backup port and recover the GbE copper within 50ms under the condition that 250pcs nodes in one ring
​.
          

√ Advanced Port Based Security- IEEE802.1 x MAB (MAC Authentication Bypass)​

MAB enables port-based access control by bypassing the MAC address authentication process to TACACS+/Radius Server. Prior to MAB, the endpoint's (ex. PLC) identity is unknown and all traffic is blocked. The switch examines a single packet to learn and authenticate the source MAC address. After MAB succeeds, the endpoint's identity is known and all traffic from that endpoint is allowed. The switch performs source MAC address filtering to help ensure that only the MAB-authenticated endpoint is allowed to send traffic.

        
In addition to MAB, the authentication can also be done by the pre-configured static or auto-learn MAC address table in the switch.
  • MAC address Auto Learning enables the switch to be programmed to learn (and to authorize) a preconfigured number of the first source MAC addresses encountered on a secure port. This enables the capture of the appropriate secure addresses when first configuring MAC address-based authorization on a port. Those MAC addresses are automatically inserted into the Static MAC Address Table and remained there until explicitly removed by the user.
  • The port security is further enhanced by the Sticky MAC setting. If Sticky MAC address is activated, the MACs/Devices authorized on the port 'sticks’ to the port and the switch will not allow them to move to a different port.
  • Port Shutdown Time allows users to specify for the time period to auto shutdown the port if a security violation event occurs.
           

 DHCP Snooping

DHCP snooping acts like a firewall between untrusted hosts and trusted DHCP servers. It performs the following activities:

  • Validates DHCP messages received from untrusted sources and filters out invalid messages.
  • Rate-limits DHCP traffic from trusted and untrusted sources.
  • Builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses.
  • Utilizes the DHCP snooping binding database to validate subsequent requests from untrusted hosts.

DHCP snooping is enabled on a per-VLAN basis. By default, the feature is inactive on all VLANs. You can enable the feature on a single VLAN or a range of VLANs.
cccccccccc



 Dynamic ARP Inspection (DAI)



DAI validates the ARP packets in a network. DAI intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from some man-in-the-middle attacks.

DAI ensures that only valid ARP requests and responses are relayed. The switch performs these activities:
  • Intercepts all ARP requests and responses on untrusted ports
  • Verifies that each of these intercepted packets has a valid IP-to-MAC address binding before updating the local ARP cache or before forwarding the packet to the appropriate destination
  • Drops invalid ARP packets.
DAI determines the validity of an ARP packet based on valid IP-to-MAC address bindings stored in a trusted database, the DHCP snooping binding database. This database is built by DHCP snooping if DHCP snooping is enabled on the VLANs and on the switch. If the ARP packet is received on a trusted interface, the switch forwards the packet without any checks. On untrusted interfaces, the switch forwards the packet only if it is valid.





​√ IP Source Guard


IP source guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host's IP address. The feature uses dynamic DHCP snooping and static IP source binding to match IP addresses to hosts on untrusted Layer 2 access ports.

Initially, all IP traffic on the protected port is blocked except for DHCP packets. After a client receives an IP address from the DHCP server, or after static IP source binding is configured by the administrator, all traffic with that IP source address is permitted from that client.

Traffic from other hosts is denied. This filtering limits a host's ability to attack the network by claiming a neighbor host's IP address.


 


​√
 IPv4/v6 Access Control List (ACL)

Packet filtering limits network traffic and restricts network use by certain users or devices. ACLs filter traffic as it passes through a switch and permits or denies packets crossing specified interfaces. An ACL is a sequential collection of permit and deny conditions that apply to packets. When a packet is received on an interface, the switch compares the fields in the packet against any applied ACLs to verify that the packet has the required permissions to be forwarded, based on the criteria specified in the access lists.

WoMaster supports L2-L7 ACLs, parsing up to 128 bytes/packet and L2-L7 packet classification and filtering IPv4/IPv6 traffic, including TCP, User Datagram Protocol (UDP), Internet Group Management Protocol (IGMP), and Internet Control Message Protocol (ICMP).




 

√ Multi-Level User Passwords

The different centralized authentication server is supported such as RADIUS and TACACS+. Using a central authentication server simplifies account administration, in particular when you have more than one switches in the network.

Authentication Chain is also supported. An authentication chain is an ordered list of authentication methods to handle more advanced authentication scenarios. For example, you can create an authentication chain which first contacts a RADIUS server, and then looks in a local database if the RADIUS server does not respond.

cccc

√ NMS NetMaster Made Easy Deploy and Visualize Large Scale of ERPS Ring and VLAN

It is very time consuming and technical to set up a large group of ERPS v2 ring.  However, NetMaster NMS provides a smart way to configure a group of ERPS ring and visualize ERPS major/subring in purple/yellow color. With VLAN visualization, devices, ports, and links with the VLAN ID will be colored-coded.

             

             

            






 

√ Broadcom®  L3 Routing at wire speed Performance
 

The Layer 3 switch with Broadcom® ASIC (A Dedicated Chip) can perform routing at wire-speed, which is much faster and efficient than software routing by CPU loading.  Compared with a that simply makes routing functions, the Layer 3 switch can handle larger networks with a lot of broadcasts, subnets and/or VLANs that require higher performance.

 

The layer 3 switch also handles complicated routing network topologies involving Inter VLAN routing, Dynamic routing, OSPF v1/2, RIP v1/2, Static routing with broadcast traffic control.


√ Virtual Router Redundancy Protocol (VRRP)

VRRP is a redundancy protocol for connecting redundant WAN gateway routers or layer 3 switches which allows a backup router or layer 3 switch to automatically takes over if the primary (master) router or switch fails. VRRP works by grouping the redundant gateways together into a single virtual router. That virtual router entity has an IP address of its own. Instead of sending traffic to an individual router, the nodes send traffic to the virtual router address (for example, by using the virtual router address as their gateway address). The master router processes traffic that is addressed to the virtual router address and forwards it appropriately. The master router also sends out regular advertisements to the backup router. If the master router goes down, the backup router stops receiving these advertisements. In that case, the backup router takes over as the master router and starts processing traffic. When the original master router comes back up, it takes over as the master router again.

 


√ Open Shortest Path First (OSPF) 

WoMaster Layer 3 Managed Switch designs with the OSPF Version 2 specification. OSPF calculates the shortest route to a destination through the network-based algorithm. When compared with RIP (Routing Information Protocol) which is a distance vector-based routing protocol, OSPF can provide scalable network support and faster convergence time for network routing state by calculating the cost of the route, taking into account bandwidth, delay and load. As a result, OSPF is widely used in large networks such as ISP (Internet Service Provider) backbone and enterprise networks for calculating routes through large and complex local area networks.
 

√ Effective PoE Management (DP612)

 






The Web GUI shows detailed PoE status and the operating status of each PoE Port, including PoE mode, Operation status, and PD class, Power Consumption, Voltage,
 and Current.

The PoE switch can effectively maintain the PD’s status by sending requests to the powered device. If the PoE device does not echo the request, then the PoE port will be shut down to reboot the device. The scheduling can also be configured for better organizing the PoE power forwarding.





                       


 
 
 
Specifications
 Technology
Standard IEEE 802.3 10Base-T Ethernet
IEEE 802.3u 100Base-TX Fast Ethernet 
IEEE 802.3u 100Base-FX Fast Ethernet Fiber
IEEE 802.3ab 1000Base-T Gigabit Ethernet copper
IEEE 802.3z Gigabit Ethernet Fiber
IEEE 802.3x Flow Control and back-pressure 
IEEE 802.1AB Link Layer Discovery Protocol(LLDP)  
IEEE 802.1p Class of Service (CoS) 
IEEE 802.1Q VLAN and GVRP
ITU-T G.8032  version 2 Ethernet ring protection switching(ERPSv2)
IEEE 802.1D-2004 Rapid Spanning Tree Protocol(RSTP) 
IEEE 802.1Q-2005 Multiple Spanning Tree Protocol(MSTP)
IEEE 802.3ad Link Aggregation Control Protocol(LACP)
IEEE 802.1xPort based Network Access Protocol
IEEE 1588 Precision Time Protocol v2

IEEE 802.3af/at Power-over-Ethernet 

 Performance
Switch Technology

Store and Forward Technology with 24Gbps Non-Blocking Switch Fabric

Internal Packet Buffer: 1.5MBytes

Forwarding rate: 41.67Mpps (1,488,000pps/port)

Number of MAC Address 16K
Jumbo Frame 9216 Bytes
VLAN 256 VLANs, VLAN ID 1~4094
IGMP Groups 512
L3 IP Route

64 Hardware entries

L3 IP Multicast

64 Hardware entries

Traffic Prioritize 8 Priority Queues per Port
 Interface
Ethernet Port 8 x 10/100/1000BaseT RJ45, Auto Negotiation
4 x 100/1000Base SFP, DDM
System LED 2 x Power: Green On
1 x System Status: Ready:Green On, Fireware Updating:Green Blinking
1 x DO: Red On
1 x DI: Green On

1 x Ring: Off: Ring disabled, Green On: Ring normal (Not RPL Owner),Green Blinking: Ring normal (RPL Owner), Amber On: Ring abnormal, Amber Blinking:Ring port fail
Giga Ethernet Port LED Link (Green On), Activity (Green Blinking), Speed 1000M(Amber On), Speed 100M(Off)
Giga SFP LED Link (Green On), Activity (Green Blinking), Speed 1000M(Amber On), Speed 100M(Off)
PoE LED

8x PoE: PoE ON (Amber On)

Rsest System Reboot(2-6 Seconds)/Default Settings Reset (over 7 Seconds)
Console 1 x RJ45 based RS232 for System Configuration. Baud Rate: 115200.n.8.1
USB 1 x USB for Configuration/Firmware Update
Power Input, Digital Intput, Digital Output 8-Pin Removable Terminal Block Connector
   4 Pin for Redundant Power 
   4 Pin for DI,DO( Relay Alarm)
1 x Digital Output: Dry Relay Output with 0.5A /24V DC
1 x Digital Input: DI with Photo-Coupler Isolation
   High: DC 11V~30V
   Low: DC 0V~10V
Watchdog Hardware-based 10 seconds timer
 Power Requirement
Input Voltage

24VDC (12~57VDC)

Reverse Polarity Protect Yes
Input Current

0.5A@24V/0.27@48V, not include PoE

Power Consumption

Max. 12W@24V / 12.96W@48V (not include PoE)

Max. 138W@24V includes 120W PoE Full Load, suggest reserving 15% tolerance

 PoE 
Power forwarding mode Alternative A
PoE Power Budget

System: Up to 120W@24V, 60W@12V

Port 1~8: IEEE 802.3at/af, Max. 30W/port

PoE Mode

IEEE 802.3af/at

Management

System/Port Power Budget Control, PoE Scheduling, PD Alive Check, PoE Status

 Software
Management   CGI WebGUI, Command Line Interface (CLI), IPv4/IPv6(RFC2460), Telnet, SNMP v1/v2c/v3, SNMP Trap/Informs*, RMON, DHCP server/client/Option 82, TFTP, System Log, SMTP
Traffic Management Flow Control, Rate Control, CoS, QoS, RFC 2474 DiffServ
Filter

IGMP Snooping v1/v2/v3, IGMP Snooping Fast-Leave/Immediate-Leave, IGMP Query, GMRP, IEEE802.1Q VLAN, QinQ, GVRP, Private VLAN

Security

IEEE 802.1X/RADIUS, TLS v1.2, Access Control List (ACL, MAC/IP/ARP filter), HTTPs/SSH secure login, First login password management

Advanced Security TACACS+, Mutli-user authentication, IEEE802.1x MAB, DHCP Snooping, IP Source Guard, Dynamic ARP inspection, DoS/DDoS*, Adv. Port security*, SFTP
L2/L3 Redundancy
WoMaster ERPSv2 PLUS, STP/RSTP/MSTP, eRSTP, Loop Protection, Port Trunk/801.1AX/802.3ad LACP, Virtual Router Redundancy Protocol (VRRP)
Time Management
NTP, IEEE 1588 Precision Time Protocol v2
L3 Routing
Static/Dynamic IP Routing, VLAN Routing, RIP v1/v2, OSPF v1/v2, Static Multicast Route
Utility ViewMaster, NetMaster
MIB ERPS MIB, MIB-II, Ethernet-like MIB*, P-BRIDGE MIB, Q-BRIDGE MIB, Bridge MIB, RMON MIB Group 1, 2, 3, 9*, WoMaster Private MIB
Diagnostic LLDP, Port Mirror, Ping, Port Statistic, Event Log
 Mechanical
Installation DIN Rail
Enclosure Material Steel Metal with Aluminum
Dimension

73x155x125 (W x H x D) / without DIN Rail Clip

Ingress Protection IP31
Weight 1.31KG
 Environmental
Operating Temperature & Humidity -40°C~70°C , 0%~95% Non-Condensing
Storage Temperature -40°C~85°C
MTBF >300,000 hours
Warranty 5 years
 Standard
EMC EN61000-6-2/EN61000-6-4
EMI CISPR 22, FCC part 15B Class A
EMS EN61000-4-2 ESD, EN61000-4-3 RS, EN61000-4-4 EFT, EN61000-4-5 Surge, 
​EN61000-4-6 CS, EN61000-4-8 Magnetic Field

Ordering Information
 Model Name
DP612-LV

Industrial 12-port Full Gigabit L3 Managed PoE Switch, 8GT PoE+ and 4GSFP, Dual 24VDC Inputs

Package List
1 x Product Unit (Without SFP transceiver)
1 x 8-pin Removable Terminal Connector 
1 x Attached Din Clip
1 x Quick Installation Guide
 
Optional Accessory
 Item
MK-D1-2 Wall-mounting kit with 2 plates and 8 screws
CBL-RJ45F9-1.5M
Serial RS232 console cable RJ45 to DB9 Female 1.5 Meter
SFPGEM05 SFP, 1000Mbps, LC, multi, 550M, 0~70°C
SFPGEM05T SFP, 1000Mbps, LC, multi, 550M, -40~85°C
SFPGEM05D SFP, 1000Mbps, LC, multi, DDM, 550M, 0~70°C
SFPGEM05DT SFP, 1000Mbps, LC, multi, DDM, 550M, -40~85°C
SFPGEM2 SFP, 1000Mbps, LC, multi, 2KM, 0~70°C
SFPGEM2T SFP, 1000Mbps, LC, multi, 2KM, -40~85°C
SFPGEM2D SFP, 1000Mbps, LC, multi, DDM, 2KM, 0~70°C
SFPGEM2DT SFP, 1000Mbps, LC, multi, DDM, 2KM, -40~85°C
SFPGES10 SFP, 1000Mbps, LC, single, 10KM, 0~70°C
SFPGES10T SFP, 1000Mbps, LC, single, 10KM, -40~85°C
SFPGES10D SFP, 1000Mbps, LC, single, DDM, 10KM, 0~70°C
SFPGES30 SFP, 1000Mbps, LC, single, 30KM, 0~70°C
SFPGES30T SFP, 1000Mbps, LC, single, 30KM, -40~85°C
SFPGES30D SFP, 1000Mbps, LC, single, DDM, 30KM, 0~70°C
SFPXGM03D SFP+, 10Gbps, LC, multi, DDM, 300KM, 0~70°C
SFPXGS10D SFP+, 10Gbps, LC, single, DDM, 10KM, 0~70°C
SFPGES10-A SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1310nm RX-1550nm, 0~70°C
SFPGES10-B SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1550m RX-1310nm, 0~70°C
SFPGES10T-A SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1310nm RX-1550nm, -40~85°C
SFPGES10T-B SFP, 1000Mbps, LC, single, 10KM, BiDi TX-1550m RX-1310nm, -40~85°C
SFPGES10D-A SFP, 1000Mbps, LC, single, DDM, 10KM, BiDi TX-1310nm RX-1550nm, 0~70°C
SFPGES10D-B SFP, 1000Mbps, LC, single, DDM, 10KM, BiDi TX-1550m RX-1310nm, 0~70°C
  • As Power Utilities locations are remotely distributed, DCS is usually implemented in a power plant automation system for increasing working productivity as well as for smart energy production with eliminated influence on the environment.

  • The vital role of data communication between various automation components is evident though it brings the problem of data protection from cyber-attacks and network redundancy as it is based on Ethernet and Internet.

  • DP612 features IP31 rugged enclosure, dual redundant 10~60VDC power input, Hi-pot isolation, and operating temperature -40~75°C to ensure overcoming, the high level of electromagnetic interference on power plants.

  • 8 Gigabit Ethernet copper ports can be connected with IP surveillance cameras while 4 Gigabit SFP Combo ports are used for uplink data transmission to Control Center.

  • VRRP function provides gateway backup, keeping network available.