• IDS-509 – Managed Industrial Ethernet Switch
  • 9 port Compact DIN Rail Switch
  • 9 port 10/100/1000Base-T for Gigabit and Fast Ethernet devices
  • Advanced switching, VLAN, encryption and IEEE 1588 PTP
  • Digital inputs for generation of alerts
    PROFINET and Modbus TCP Protocol Support
  • Compact, corrosion resistant case attaches to a standard DIN Rail
  • Redundant dual power input 12/24/48 VDC, 24 VAC
  • Programmable Controller safety and Hazardous Location Certification
  • -40 to 75C industrial operating temperature


The IDS-509 is a 9 port Managed Ethernet Switch that can operate in industrial 10/100/1000-Base-T environments providing advanced performance and enabling real-time deterministic network operation.

Perle Industrial-grade Ethernet Switches are designed to stand up to extreme temperatures, surges, vibrations, and shocks found in industrial automation, government, military, oil and gas, mining and outdoor applications.

Perle’s Fast Setup feature provides simple Plug and Play installation to get your Ethernet devices networked immediately.  CCNA ( Cisco Certified Network Associate ) and CCNP ( Cisco Certified Network Professional ) trained engineers will appreciate the familiar Command Line Interface ( CLI ) via in-band Telnet or the out-band serial console port.

The PRO feature set in the IDS-509 is ideal for enterprise-grade level environments where additional extensive security and network integration functionality is required.

The IDS-509 can be managed with an IPv6 address and supports a comprehensive set of management functions, MRP (IEC62439-2) , PROFINETModbus TCPmanagement VLANQoSRMONN:1 port mirroring and local alert log. In addition, the switch can be managed with an IPv6 address.

Hardened to provide superior reliability in -10 to 60°C, these are rugged fan-less switches. In addition, every component on every industrial (XT) model has been designed and tested to handle operating temperatures between -40 and 75C.

All Perle Industrial Ethernet Switches have a corrosion resistance aluminum case and dual redundant power input with reverse polarity and overload protection.  In addition, all units only use high-end components from the leading chip manufacturers to ensure the highest level of durability and reliability.

For over 35 years Perle has been designing industrial hardware. This expertise was used to design the toughest Ethernet switches on the market.

IDS-509 Industrial Managed DIN Rail Switch Features

Simple deploymentZero-touch discovery using Dynamic Host Control Protocol (DHCP), Perle’s “Fast Setup”  for first time installation, provides simple deployment  in Ethernet environments
Security802.1X, port securitySecure Shell (SSHv2); SNMPv3 provides encrypted administrator traffic during CLI and SNMP sessions; TACACS+ and RADIUS authentication facilitate centralized control and restrict unauthorized users.
  • STP, RSTP and MSTP protocols for fast recovery.
  • MRP ( IEC 62439-2 ) for fast convergence in industrial ring networks. Prevents a switch loop scenario with recovery time of 10 ms or better.
  • Perle’s P-Ring protocol for configuring a ring network using standard spanning tree protocols.
  • Link Standby is a link recovery feature for two links that provides a simple alternative to spanning tree protocols for link redundancy
  • Buffered Real Time Clock backup
  • Web Device Manager, Telnet/SSH, HTTPS access, SNMP and Perle’s PerleView NMS for centralized management
  • Use an IPv4 or IPv6 address
  • In-band management via RJ45 or USB serial port
  • Removable MicroSD flash for configuration files and firmware backup and restoration
Industrial Ethernet Protocol SupportManage Perle IDS-500 switches via PLC, NMS, HMI or SCADA systems using PROFINET or Modbus TCP.
Rugged design for harsh environments
  • Corrosion resistant case
  • Programmable Controller Safety certified
  • Certified for hazardous locations
  • Extended industrial temperature models
Reliable operation
  • Fan-less, no moving parts
  • Dual power input. Connect to separate power sources for redundancy.
    • Reverse polarity protection
    • Overload current protection
  • Handles vibration and shock conditions found in industrial environments
Real-time Ethernet performance
  • Fast wire-speed , store and forward switching
  • Auto-sensing for speed and duplex
  • Auto-mdi/mdix-crossover works with straight and crossover cables


Performance Features
Port Auto-sensingAuto-sensing of port speed and auto-negotiation of duplex on all switch ports for optimizing bandwidth
Auto MDI/MDIXMedium-dependent interface crossover (Auto-MDIX) capability on 10/100 and 10/100/1000 mbps  interfaces that enables the interface to automatically detect the required cable type (straight thru or crossover) and to configure the connection appropriately
802.3x flow controlIEEE 802.3x flow control on all ports. (The switch does not initiate pause frames)
Link Aggregation protocolIncrease port bandwidth through link aggregation. Support is provided for IEEE 802.3ad using Link Aggregation Control Protocol (LACP). Up to eight (8) ports in a single port-channel
Static Link AggregationProvides the ability to operate under a static (manual) link aggregation scenario (where the remote switch peer does not support LACP)
Storm ControlStorm control prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast storm on one of the physical interfaces. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Storm Control enables limits to be placed on broadcast, multicast and unicast traffic
Bandwidth Control MonitoringBandwidth Control provides the ability to monitor the flow rates on a per port basis and the ability to cause an SNMP trap to occur (selectable) and put the port in an “error-disabled” state
Static MAC AddressingThis feature enables the manual configuration of the MAC addresses on a per port basis. Flooding is prevented by retaining MAC entries across a reboot of the switch.
Port BlockingPort Blocking provides the ability to block the flooding of unknown layer 2 unicast and multicast traffic on an Interface
IPV4 IGMP SnoopingInternet Group Management Protocol (IGMP) constrains the flooding of multicast traffic by dynamically configuring Layer 2 interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast devices.

IGMPv1, v2, v3, IGMP snooping querier mode, IGMP report suppression, topology change notification and robustness variable features are supported

IPV6 MLD SnoopingWith Multicast Listener Discovery (MLD) snooping, IPv6 multicast data is selectively forwarded to a list of ports that want to receive the data, instead of being flooded to all ports in a VLAN. This list is constructed by snooping IPv6 multicast control packets
GMRPGARP Multicast Registration Protocol (GMRP) provides a constrained multicast flooding facility similar to IGMP snooping.

GMRP provides a mechanism that allows bridges and end stations to dynamically register group membership information with the MAC bridges attached to the same LAN segment and for that information to be disseminated across all bridges in the Bridged LAN that supports extended filtering services

Port Quick DisconnectIn some network environments, it is desirable to move an Ethernet from one switch port to another and have the device come on-line quickly. The Port Quick Disconnect feature if enabled, provides an immediate age-out of the MAC addresses learned on the port when the port status changes from a link-up to a link-down state
Manageability Features
Web Device ManagerThe Perle Web Device Manager is an embedded Web based application that provides an easy to use browser interface for managing the switch. Operates with both http and secure https streams. Unlike competitive products, Java applet technology is not required or used
Command Line Interface (CLI)A familiar text-based Command Line Interface that is based on accepted industry standard syntax and structure. Ideal for CCNA and CCNP trained engineers, this interface is available via in-band Telnet/SSH or the out-band serial console port
Industrial Ethernet ProtocolsManage Perle IDS-500 switches via PLC, NMS, HMI or SCADA systems using PROFINET or Modbus TCP.
SNMPManage the switch with an SNMP compatible management station that is running platforms such as HP Openview or Perle’s PerleVIEW NMS. SNMP V1, V2C, V3
PerleVIEWPerleVIEW is Perle’s SNMP-based network management system that provides a view of the network with a large scale of Perle networking devices.
IPv6Manage with an IPv4 or IPV6 address
DHCP Client Auto-ConfigurationAutomates configuration of switch information such as IP address, default gateway, hostname and Domain Name System (DNS) as well as TFTP server names. Firmware and configuration file locations are provided through options 54, 66, 67, 125 and 150
DHCP RelayDHCP Relay is used for forwarding requests from DHCP clients when they are not on the same physical subnet. As a DHCP relay agent the switch operates as a Layer 3 device that forwards DHCP packets between clients and servers.
DHCP Option 82 InsertionNormally used in metro or large enterprise deployments DHCP Option 82 insertion is used to provide additional information on “physical attachment” of the client.  As per RFC 3046, option 82 enables additional pre-defined information to be inserted into the DHCP request packet  (for DHCP Servers that support this option)
DHCP ServerFor networks where a central DHCP server is not provided, the switch can provide a DHCP Server function for allocation of IP addresses to the connected devices
DHCP server port-based address allocationWhen Ethernet switches are deployed in the network, they offer connectivity to the directly connected devices. In some environments, such as on a factory floor, if a device fails, the replacement device must be working immediately in the existing network

When configured, the DHCP server port-based address allocation feature ensures that the same IP address is always offered to the same connected port even as the client identifier or client hardware address changes in the DHCP messages received on that port

LLDPLLDP-Link Layer Discovery Protocol as per IEEE 802.1AB is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network. This protocol runs over the data-link layer, which allows two systems running different network layer protocols to learn about each other (via TLVs – Type-Length-Value)
LLDP-MEDLLDP Media Endpoint Discovery is an extension to LLDP that operates between endpoint devices such as IP phones and network devices such as switches. It specifically provides support for voice over IP (VoIP) applications and provides additional TLVs for capabilities discovery, network policy, Power over Ethernet, inventory management and location information
NTPThe switch can provide the time to NTP/SNTP capable client devices (or other switches, etc). You can run the SNTP client and the NTP server concurrently on your system. Therefore you can obtain time from an outside source and serve that time to the devices connected to the switch.
IEEE 1588 – PTP (Precision Time Protocol)
  • IEEE 1588 V1 and V2
  • Boundary Clock V1
  • Boundary Clock V2
  • End-to-End Transparent Clock Sync Two Step Operation
  • End-to-End Transparent Clock Sync One Step Operation
  • Peer-to-Peer Transparent Clock
  • End-to-end Boundary clock
  • Peer-to-peer boundary clock
  • Microsecond accuracy
File DownloadFirmware can be transferred via TFTP, SCP, HTTP, HTTPS, or via insertion of a microSD card. Text-based files that can be created or edited by common text editors.
Secure Copy Protocol (SCP)SCP based on the Secure Shell (SSH) protocol, is a means of securely transferring computer files between a local host and a remote host or between two remote hosts.
Availability and Redundancy Features
Spanning Tree Protocol (STP)IEEE 802.1D now incorporated in IEEE 802.1Q-2014, STP prevents bridge loops and the broadcast radiation that results from them.

Other Spanning Tree features include BPDU guard, Root guard, loop guard, root guard and TCN Guard

Rapid Spanning Tree Protocol (RSTP)Interoperable with STP, RSTP (IEEE 802.1w) takes advantage of point-to-point wiring and provides rapid convergence of the spanning tree. Reconfiguration of the spanning tree can occur in less than 1 second
Multiple Spanning Tree Protocol (MSTP)Originally defined in IEEE 802.1s and now incorporated IEEE 802.1Q-2014, defines an extension to RSTP for use with VLANs. The Multiple Spanning Tree Protocol configures a separate Spanning Tree for each VLAN group and blocks all but one of the possible alternate paths within each Spanning Tree.
MRPMedia Redundancy Protocol (IEC 62439-2).

Fast convergence protocol designed for industrial networks. Recovery time of 10 ms or better in rings composed of up to 14 switches.

Prevents a switch loop scenario in a ring topology.

P-RingP-Ring provides an easy to use method for configuring a ring network using standard spanning tree protocols.

Prevents a switch loop scenario in a ring topology.

Link StandbyA link recovery feature using a primary and backup link. Provides a simple alternative to spanning tree protocols for link redundancy
VLAN Features
VLAN RangeUp to 256 VLANS across a VLAN ID range of 1 to 4000
GVRPGeneric Attribute Registration Protocol (GARP) VLAN Registration Protocol (GVRP) is an application defined in the IEEE 802.1Q standard that allows for the control of VLANs. With GVRP, the switch can exchange VLAN configuration information with other GVRP switches, prune unnecessary broadcast and unknown unicast traffic, and dynamically create and manage VLANs on switches that are connected through 802.1Q trunk ports.
Voice VLANsVoice VLANs enables one to separate, prioritize, and authenticate voice traffic moving through your network, and to avoid the possibility of broadcast storms affecting VoIP (Voice-over-IP) operation. With an IP Phone connected to an access port, a switchport voice VLAN enables the use of one VLAN for voice traffic and another VLAN for data traffic from an Ethernet device attached to the phone
VLAN InterfacesPerle switches provide the ability to configure management VLAN interfaces. This enables network administrators to access the switch’s management interface from separate VLAN networks
Security Features
IEEE 802.1X
  • Provides secure access to switch ports from a central RADIUS server. The switch operating as an authenticator interacting with an 802.1X compliant supplicant (PC or industrial device) through the use of the EAPOL protocol. Authentication will be granted/denied through an external RADIUS server.
  • RADIUS assigned VLAN
    • IETF 64 (Tunnel Type)
    • IETF 65 (Tunnel Medium Type)
    • IETF 81 (Tunnel Private Group ID)
  • Guest VLAN and Restricted VLANs are supported
  • For non-802.1X devices found in industrial applications, the switch can use the client MAC address for authorization through the use if MAB (MAC Authentication Bypass)
  • Switch can also be configured as an 802.1X supplicant (edge switch) with an 802.1x-aware upstream switch
Login Banner and MOTDA login message banner presented during sign-on can be configured by the network administrator.

A Message Of The Day can also be created for presentation to an authenticated user.

Password Strength CheckingMany organizations require stringent management over the strength level of their passwords. When enabled, Perle extends this capability to local passwords stored on the switch enforcing strong passwords to be used.
Port Security – Secure MAC AddressesThis port security feature provides the ability to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port (Access or Trunk) and will take specific actions when violations occur.
Management ACLRestricting access to management functions can be configured by protocol or IP address selection are provided. This enables administrators to allow only specific workstations using particular protocols to be able to access the management functions of the switch
RADIUS Management Access AuthenticationAAA support for RADIUS servers that Authenticate, Authorize and Account management sessions
TACACS+ Management Access AuthenticationAAA support for TACACS+  servers that Authenticate, Authorize and Account management sessions
Secure Socket Layer (SSL)SSL provided for secure browser sessions using HTTPS
Secure Shell (SSH)SSH provided for secure SSH session for CLI and SCP file transfer sessions
SNMPV3Support provided for secure version 3 of SNMP
Quality of Service (QoS) and Class of Service (CoS) Features
ClassificationIP ToS/DSCP and IEEE 802.1p CoS
Congestion AvoidanceWeighted Fair Queuing or Strict Queuing
Egress Queues and scheduling
  • 4 traffic class queues per port
  • output queue mapping
  • DSCP to output queue mapping
Monitoring Features
Port MirroringN:1 Port Mirroring is a method of monitoring network traffic. With port mirroring enabled, the switch sends a copy of one or more ports to a predefined destination port. Selection of Transmit, Receive frames or both can be made
RMONRMON statistics provided for statistics, history, alarms and events for network monitoring and traffic analysis
SyslogFacility for logging systems messages to an external SYSLOG server
Alert LogFacility for logging systems messages locally
TracerouteLayer 2 traceroute to identify the path that a frame takes from source to destination
Virtual cable testA test that enables the detection of potential copper cabling issues such as pair polarity pair swaps and excessive pair skew as well as any opens, shorts or any impedance mismatch. Will report the distance in the cable to the open or short.
Power Supply MonitoringProvides the status of power supplies of the switch
Internal Temperature MonitoringThe internal ambient temperature of the switch can be obtained from the management interfaces
Alarm ProcessingThe switch can monitor global switch conditions as well as individual ports. These alarms can be configured to send messages to ;

  • an internal log file
  • external Syslog server
  • SNMP trap server
  • An external alarm device such as a bell, light or other signaling device via the switch’s built-in dry contact alarm relay

Global Status Monitoring Alarms

  • Dual power supply alarm

Port Status Monitoring Alarms

  • Link Fault Alarm (IE loss of signal)
  • Port not forwarding alarm
  • Port not operating alarm (failure upon start up tests)
  • FCS Bit error rate alarm
Alarm RelayWhen enabled, energizes the built-alarm relay triggering an external alarm circuit such as a bell, light or other signaling device according to alarm conditions set
Management and Standards
IEEE StandardsIEEE 802.3 for 10Base-T
IEEE 802.3u for 100Base-T(X) and 100Base-X
IEEE 802.3ab for 1000Base-T
EEE 802.3z for 1000BaseX
IEEE 802.3x for Flow Control
IEEE 802.1D-2004 for Spanning Tree Protocol
IEEE 802.1w for Rapid STP
EEE 802.1s for Multiple Spanning Tree Protocol
IEEE 802.1Q for VLAN Tagging
IEEE 802.1p for Class of Service
IEEE 802.1X for Authentication
IEEE 802.3ad for Port Trunk with LACP
IEEE 1588v1 PTP Precision Time Protocol
IEEE 1588v2 PTP Precision Time Protocol


Hardware Features & Technical Specifications: IDS-509 Industrial Managed DIN Rail Switch

Dual Power InputBoth inputs draw power simultaneously. If one power source fails, the other live source can, acting as a backup, supply enough power to meet the operational needs of the switch.

12/24/48 VDC Nominal.  (9.6 to 60 VDC)

24 VAC Nominal (18 to 30 VAC)

Power Connector4-Pin Removable Terminal Block.

Grounding screw on metal chassis

Maximum Current Consumption @24 vDC0.68 amps
Maximum Current Power @24 vDC16.3 watts
Overload Current ProtectionFused overload current protection
Reverse polarity protectionThe positive and negative inputs can be reversed providing safe and simple power connectivity.
Access Ports
RJ459 shielded RJ45 ports for 10/100/1000Base-T up to 100 meters (328 ft)


Auto-MDI/MDIX-crossover for use with either crossover over straight-through cable types

Ethernet isolation 1500 V

RJ45 Serial Console portRJ45 DTE
Optional rolled and straight thru RJ45 cables and DB adapters are available
USB Serial Console portMicroUSB Type B female port for serial console management. Used as an alternative port for out of band management connections
Digital InputsTwo Digital Inputs are provided that can be used for generation of alarms (SNMP trap, energizing of on-board Alarm Relay,etc)
  • NC (Normally Closed) or NO (Normally Open) dry contact.
  • 1A @ 24V
Switch Properties
StandardsIEEE 802.3 for 10Base-T

IEEE 802.3u for 100Base-TX

IEEE 802.3ab for 1000Base-T

IEEE 802.3x for Flow Control

Processing TypeStore and Forward
MAC Address Table Size8K
VLAN ID range1 to 4000
IGMP groups1024
Packet Buffer Memory1 Mbit
PowerThis LED is turned on when the appropriate level of voltage is applied to one or both of the power inputs
SystemIndicates whether the switch O/S is operating normally
RJ45 EthernetThese integrated colored LEDs indicate link, activity and speed for each port.
AlarmThe alarm LED (Red) will be turned on under alarm conditions
P-Ring Master LEDStatus of the P-Ring Master
Backup Network CouplingIndicates whether or not the “Backup Network Coupling” feature is enabled (Redundant links connecting two P-Ring networks)
External Configuration DIP Switches
S2When enabled, designates this switch as the Ring Master
S1Activate Backup Coupling between 2 ring networks
Environmental Specifications
MTBF115,756 Hours
Calculation model based on MIL-HDBK-217-FN2 @ 30 °C
Operating Temperature RangesStandard temperature models (Std): -10° C to 60° C (14° F to 140° F).

XT Industrial extended temperature models (Ind) : -40° C to 75° C  (-40 F to 167° F)

Storage Temperature RangeMinimum range of -25° C to 70° C (-13° F to 158° F). -40 C to 85 C (-40 F to 185 F) for industrial extended temperature models
Operating Humidity Range5% to 90% non-condensing
Storage Humidity Range5% to 95% non-condensing
Maximum Heat Output55.7 Btu/hr
Operating AltitudeUp to 3,048 meters (10,000 feet)
ChassisMetal with an IP20 ingress protection rating
Din Rail MountableDIN Rail attachment included. Mounts to standard 35 mm DIN rail in accordance with DIN EN 60175.

Removable to accommodate optional Panel/Wall mount kit

Product Weight and Dimensions
Weight.64kg (1.41lbs)
Dimensions13 x 12.3 x 7.5 cm (5.12 x 4.84 x 2.95 in)
Shipping Weight.94kg (2.07lbs)
Shipping Dimensions20 x 19 x 18 cm (7.87 x 7.48 x 7.09 in)
Standards and Certifications
SafetyIEC 62368-1 (ed 2)

EN 62368-1:2014

UL 60950-1

IEC 60950-1:2005+A1:2009 and

EN 60950-1:2006+A11:2009+A1:2010+A12:2011

CE Mark

UL 61010-1 and UL 61010-2-201 (Standard for Safety for Programmable Controllers)

EmissionsFCC 47 Part 15 Class A

CISPR 22:2008/EN55022:2010 (Class A)

CISPR 24:2010/EN 55024:2010

EMC and Immunity
  • CISPR 24:2010/EN 55024:2010
  • IEC/EN 61000-4-2 (ESD) : Contact discharge +/- 4kv, Air discharge +/- 8kv
  • IEC/EN 61000-4-3 (RS) : 80mhz to 1Ghz ; 10v/m, 1.4Gkz to 2.0ghz ; 5 v/m, 2.0ghz to 2.7 ghz ; 5 v/m
  • IEC/EN 61000-4-4 (EFT) : DC power line +/- 2kv, data line +/- 1kv
  • IEC/EN 61000-4-5 (Surge) : DC power line, Line/Line +/- 1kv, Line/Earth +/- 2kv, data line /earth +/- 2kv
  • IEC/EN 61000-4-6 (CS) :150khz-80Mhz 10vrms
  • IEC/EN 61000-4-8 (Magnetic Field) :30 A/M
  • IEC/EN 61000-6-2 (General Immunity in Industrial Environments)
Industrial SafetyUL 61010-1 and UL 61010-2-201 (Standard for Safety for Programmable Controllers). Formerly known as UL508 (Safety standard for Industrial Control Equipment)
Hazardous Locations (Hazloc)ANSI/ISA 12.12.01, Class 1 Division 2 Groups A-D (formerly known as UL 1604)

ATEX Class 1 Zone 2

EnvironmentalReach, RoHS and WEEE Compliant
OtherECCN: 5A992
HTSUS Number: 8517.62.0020
5 year Warranty
Contents Shipped
  • Industrial Ethernet Switch with DIN Rail attachment
  • Terminal block
  • Installation guide


IDS-509 Industrial Switch Diagram



Software / Firmware / User Guide Downloads

Tech Support FAQ

Technical Notes, Case Studies, and White Papers:

Technical Notes

Case Studies