GS-2724 Ethernet Switch User’s Guide Version 3.70 4/2007 Edition 1 www.zyxel.
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the GS-2724 using the web configurator or via commands. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access.
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. 1 " Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The GS-2724 may be referred to as the “Switch”, the “device”, the “system” or the “product” in this User’s Guide.
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The Switch icon is not an exact representation of your device.
Safety Warnings Safety Warnings 1 For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. • Connect ONLY suitable accessories to the device.
Safety Warnings GS-2724 User’s Guide 7
Safety Warnings 8 GS-2724 User’s Guide
Contents Overview Contents Overview Introduction and Hardware ................................................................................................... 31 Getting to Know Your Switch ..................................................................................................... 33 Hardware Installation and Connection ....................................................................................... 37 Hardware Overview ...................................................................
Contents Overview Access Control ........................................................................................................................ 193 Diagnostic ................................................................................................................................ 205 Syslog ...................................................................................................................................... 207 Cluster Management .............................................
Table of Contents Table of Contents About This User's Guide .......................................................................................................... 3 Document Conventions............................................................................................................ 4 Safety Warnings........................................................................................................................ 6 Contents Overview .......................................................
Table of Contents 3.2.1 Power Connector ....................................................................................................... 44 3.2.2 External Backup Power Supply Connector ............................................................... 44 3.3 LEDs ................................................................................................................................ 44 Part II: Basic Configuration...................................................................
Table of Contents 7.6 IP Setup ............................................................................................................................ 78 7.6.1 IP Interfaces ............................................................................................................... 78 7.7 Port Setup ........................................................................................................................... 80 Part III: Advanced.......................................................
Table of Contents 11.4 Rapid Spanning Tree Protocol Status ........................................................................ 106 11.5 Configure Multiple Rapid Spanning Tree Protocol 11.6 Multiple Rapid Spanning Tree Protocol Status ........................................................ 107 ........................................................... 109 Chapter 12 Bandwidth Control................................................................................................................
Table of Contents 18.3 Viewing and Editing Classifier Configuration ................................................................... 134 18.4 Classifier Example ........................................................................................................... 135 Chapter 19 Policy Rule............................................................................................................................. 137 19.1 Policy Rules Overview ........................................................
Table of Contents 22.7.1 MVR Configuration Example .................................................................................. 162 Part IV: IP Application.......................................................................... 165 Chapter 23 Static Route ........................................................................................................................... 167 23.1 Configuring Static Routing .......................................................................................
Table of Contents Chapter 28 Maintenance .......................................................................................................................... 187 28.1 The Maintenance Screen 28.2 Firmware Upgrade .............................................................................................. 187 ........................................................................................................ 188 28.3 Restore a Configuration File ...............................................
Table of Contents 31.2 Syslog Setup .................................................................................................................. 207 31.3 Syslog Server Setup ....................................................................................................... 208 Chapter 32 Cluster Management............................................................................................................. 211 32.1 Cluster Management Status Overview ........................................
Table of Contents 38.2.1 The Console Port ................................................................................................... 229 38.3 The Login Screen ........................................................................................................... 230 38.4 Command Syntax Conventions ....................................................................................... 230 38.5 Changing the Password .................................................................................
Table of Contents 40.5 no Command Examples .................................................................................................. 273 40.5.1 Disable Commands ............................................................................................... 273 40.5.2 Resetting Commands ............................................................................................. 273 40.5.3 Re-enable commands ............................................................................................
Table of Contents 42.3.1 Set Port VID .......................................................................................................... 291 42.3.2 Set Acceptable Frame Type ................................................................................... 292 42.3.3 Enable or Disable Port GVRP ................................................................................ 292 42.3.4 Modify Static VLAN ...............................................................................................
Table of Contents 22 GS-2724 User’s Guide
List of Figures List of Figures Figure 1 Backbone Application .............................................................................................................. 33 Figure 2 Bridging Application ................................................................................................................ 34 Figure 3 High Performance Switched Workgroup Application ............................................................... 34 Figure 4 Shared Server Using VLAN Example .......................
List of Figures Figure 39 Filtering .................................................................................................................................. 99 Figure 40 MRSTP Network Example ................................................................................................... 103 Figure 41 Spanning Tree Protocol ........................................................................................................ 104 Figure 42 Rapid Spanning Tree Protocol .........................
List of Figures Figure 82 DSCP Setting ....................................................................................................................... 175 Figure 83 DHCP Server Status ............................................................................................................ 178 Figure 84 DHCP Server ........................................................................................................................ 179 Figure 85 DHCP Server Network Example ......................
List of Figures Figure 125 Pop-up Blocker ................................................................................................................... 313 Figure 126 Internet Options .................................................................................................................. 314 Figure 127 Internet Options .................................................................................................................. 315 Figure 128 Pop-up Blocker Settings .....................
List of Tables List of Tables Table 1 Front Panel ............................................................................................................................... 41 Table 2 LEDs ......................................................................................................................................... 44 Table 3 Navigation Panel Sub-links Overview .......................................................................................
List of Tables Table 39 Port Security ......................................................................................................................... 128 Table 40 Classifier ............................................................................................................................... 132 Table 41 Classifier: Summary Table .................................................................................................... 134 Table 42 Common Ethernet Types and Protocol Number .....
List of Tables Table 82 MAC Table ............................................................................................................................ 218 Table 83 IP Table ................................................................................................................................. 220 Table 84 ARP Table ............................................................................................................................. 222 Table 85 Routing Table Status ..................
List of Tables 30 GS-2724 User’s Guide
P ART I Introduction and Hardware Getting to Know Your Switch (33) Hardware Installation and Connection (37) Hardware Overview (41) 31
CHAPTER 1 Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction Your Switch is a stand-alone layer-3 Gigabit Ethernet switch. By integrating router functions, the Switch performs wire-speed layer-3 routing in addition to layer-2 switching. The Switch has 20 Gigabit Ethernet ports and 4 GbE dual personality interfaces for uplink.
Chapter 1 Getting to Know Your Switch 1.1.2 Bridging Example In this example application the Switch connects different company departments (RD and Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the Switch. You can provide a super-fast uplink connection by using a Gigabit Ethernet/mini-GBIC port on the Switch.
Chapter 1 Getting to Know Your Switch 1.1.4 IEEE 802.1Q VLAN Application Examples A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network belong to one group. A station can belong to more than one group. With VLAN, a station cannot directly talk to or hear from stations that are not in the same group(s) unless such traffic first goes through a router. For more information on VLANs, refer to Chapter 8 on page 85. 1.1.4.
Chapter 1 Getting to Know Your Switch 36 GS-2724 User’s Guide
CHAPTER 2 Hardware Installation and Connection This chapter shows you how to install the hardware and make port connections. " Example graphics are shown. 2.1 Freestanding Installation 1 Make sure the Switch is clean and dry. 2 Set the Switch on a smooth, level surface strong enough to support the weight of the Switch and the connected cables. Make sure there is a power outlet nearby.
Chapter 2 Hardware Installation and Connection " " Do NOT block the ventilation holes. Leave space between devices when stacking. For proper ventilation, allow at least 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the Switch. This is especially important for enclosed rack installations. 2.2 Mounting the Switch on a Rack This section lists the rack mounting requirements and precautions and describes the installation steps. 2.2.
Chapter 2 Hardware Installation and Connection Figure 6 Attaching the Mounting Brackets 2 Using a #2 Philips screwdriver, install the M3 flat head screws through the mounting bracket holes into the Switch. 3 Repeat steps 1 and 2 to install the second mounting bracket on the other side of the Switch. 4 You may now mount the Switch on a rack. Proceed to the next section. 2.2.
Chapter 2 Hardware Installation and Connection 40 GS-2724 User’s Guide
CHAPTER 3 Hardware Overview This chapter describes the front panel and rear panel of the Switch and shows you how to make the hardware connections. 3.1 Front Panel Connection The figure below shows the front panel of the Switch. Figure 8 Front Panel The following table describes the port labels on the front panel. Table 1 Front Panel PORT DESCRIPTION MGMT Connect to a computer using an RJ-45 Ethernet cable for local configuration of the Switch.
Chapter 3 Hardware Overview • No parity, 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the console cable to the console port of the Switch. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer. 3.1.2 Gigabit Ethernet Ports The Switch has 10/100/1000 Mbps auto-negotiating, auto-crossover Gigabit Ethernet ports.
Chapter 3 Hardware Overview 3.1.3.1 Transceiver Installation Use the following steps to install a mini-GBIC transceiver (SFP module). 1 Insert the transceiver into the slot with the exposed section of PCB board facing down. Figure 9 Transceiver Installation Example 2 Press the transceiver firmly until it clicks into place. 3 The Switch automatically detects the installed transceiver. Check the LEDs to verify that it is functioning properly. Figure 10 Installed Transceiver 3.1.3.
Chapter 3 Hardware Overview 3.2 Rear Panel The following figures show the rear panels of the AC and DC models. The rear panel contains a connector for backup power supply (BPS) and the power receptacle. For the DC model, it also contains the power switch. Figure 13 Rear Panel: AC Model Figure 14 Rear Panel: DC Model 3.2.1 Power Connector Make sure you are using the correct power source as shown on the panel.
Chapter 3 Hardware Overview Table 2 LEDs (continued) LED COLOR STATUS DESCRIPTION SYS Green Blinking The system is rebooting and performing self-diagnostic tests. On The system is on and functioning properly. Off The power is off or the system is not ready/malfunctioning. On There is a hardware failure. Off The system is functioning normally. Green On The port has a successful 10/1000 Mbps connection. Amber On The port has a successful 100 Mbps connection.
Chapter 3 Hardware Overview 46 GS-2724 User’s Guide
P ART II Basic Configuration The Web Configurator (49) Initial Setup Example (59) System Status and Port Statistics (65) Basic Setting (71) 47
CHAPTER 4 The Web Configurator This section introduces the configuration and functions of the web configurator. 4.1 Introduction The web configurator is an HTML-based management interface that allows easy Switch setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device.
Chapter 4 The Web Configurator Figure 15 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is the first screen that displays when you access the web configurator. The following figure shows the navigating components of a web configurator screen. Figure 16 Web Configurator Home Screen (Status) BC DE A A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window.
Chapter 4 The Web Configurator B - Click this link to save your configuration into the Switch’s nonvolatile memory. Nonvolatile memory is the configuration of your Switch that stays the same even if the Switch’s power is turned off. C - Click this link to go to the status page of the Switch. D - Click this link to logout of the web configurator. E - Click this link to display web help pages. The help pages provide descriptions for all of the configuration screens.
Chapter 4 The Web Configurator The following table lists the various web configurator screens within the sub-links.
Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION VLAN This link takes you to screens where you can configure port-based or 802.1Q VLAN (depending on what you configured in the Switch Setup menu). Static MAC Forwarding This link takes you to screens where you can configure static MAC addresses for a port. These static MAC addresses do not age out. Filtering This link takes you to a screen to set up filtering rules.
Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Syslog This link takes you to screens where you can setup system logs and a system log server. Cluster Management This link takes you to a screen where you can configure clustering management and view its status. MAC Table This link takes you to a screen where you can view the MAC addresses (and types) of devices attached to what ports and VLAN IDs.
Chapter 4 The Web Configurator Click the Save link in the upper right hand corner of the web configurator to save your configuration to nonvolatile memory. Nonvolatile memory refers to the Switch’s storage that remains even if the Switch’s power is turned off. " Use the Save link when you are done with a configuration session. 4.
Chapter 4 The Web Configurator 1 Connect to the console port using a computer with terminal emulation software. See Section 3.1.1 on page 41 for details. 2 Disconnect and reconnect the Switch’s power to begin a session. When you reconnect the Switch’s power, you will see the initial screen. 3 When you see the message “Press any key to enter Debug Mode within 3 seconds ...” press any key to enter debug mode. 4 Type atlc after the “Enter Debug Mode” message.
Chapter 4 The Web Configurator 4.7 Logging Out of the Web Configurator Click Logout in a screen to exit the web configurator. You have to log in with your password again after you log out. This is recommended after you finish a management session for security reasons. Figure 19 Web Configurator: Logout Screen 4.8 Help The web configurator’s online help has descriptions of individual screens and some supplementary information.
Chapter 4 The Web Configurator 58 GS-2724 User’s Guide
CHAPTER 5 Initial Setup Example This chapter shows how to set up the Switch for an example network. 5.1 Overview The following lists the configuration steps for the example network: • • • • • Configure an IP interface Configure DHCP server settings Create a VLAN Set port VLAN ID Enable RIP 5.1.1 Configuring an IP Interface On a layer-3 switch, an IP interface (also known as an IP routing domain) is not bound to a physical port. The default IP address of the Switch is 192.168.1.
Chapter 5 Initial Setup Example 2 Open your web browser and enter 192.168.0.1 (the default MGMT port IP address) in the address bar to access the web configurator. See Section 4.2 on page 49 for more information. 3 Click Basic Setting and IP Setup in the navigation panel. 4 Configure the related fields in the IP Setup screen. For the Sales network, enter 192.168.2.1 as the IP address and 255.255.255.0 as the subnet mask.
Chapter 5 Initial Setup Example 5.1.3 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port(s) belongs. You can do this with port-based VLAN or tagged static VLAN with fixed port members. In this example, you want to configure port 1 as a member of VLAN 2. Figure 21 Initial Setup Network Example: VLAN 1 Click Advanced Application and VLAN in the navigation panel and click the Static VLAN link.
Chapter 5 Initial Setup Example " The VLAN Group ID field in this screen and the VID field in the IP Setup screen refer to the same VLAN ID. 3 Since the VLAN2 network is connected to port 1 on the Switch, select Fixed to configure port 1 to be a permanent member of the VLAN only. 4 To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the Switch to remove VLAN tags before sending.
Chapter 5 Initial Setup Example 1 Click IP Application and RIP in the navigation panel. 2 Select Both in the Direction field to set the Switch to broadcast and receive routing information. 3 In the Version field, select RIP-1 for the RIP packet format that is universally supported. 4 Click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off.
Chapter 5 Initial Setup Example 64 GS-2724 User’s Guide
CHAPTER 6 System Status and Port Statistics This chapter describes the system status (web configurator home page) and port details screens. 6.1 Overview The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details. 6.2 Port Status Summary To view the port statistics, click Status in any web configurator screen to display the Status screen as shown next. Figure 23 Port Status The following table describes the labels in this screen.
Chapter 6 System Status and Port Statistics Table 6 Port Status (continued) LABEL DESCRIPTION Link This field displays the speed (either 10M for 10Mbps, 100M for 100Mbps or 1000M for 1000Mbps) and the duplex (F for full duplex or H for half). It also shows the cable type (Copper or Fiber) for the combo ports. State If STP (Spanning Tree Protocol) is enabled, this field displays the STP state of the port (see Section 11.1 on page 101 for more information).
Chapter 6 System Status and Port Statistics Figure 24 Port Details The following table describes the labels in this screen. Table 7 Port Details LABEL DESCRIPTION Port Info Port NO. This field displays the port number you are viewing. Name This field displays the name of the port. Link This field displays the speed (either 10M for 10Mbps, 100M for 100Mbps or 1000M for 1000Mbps) and the duplex (F for full duplex or H for half duplex). It also shows the cable type (Copper or Fiber).
Chapter 6 System Status and Port Statistics Table 7 Port Details (continued) LABEL Up Time DESCRIPTION This field shows the total amount of time the connection has been up. Tx Packet The following fields display detailed information about packets transmitted. TX Packet This field shows the number of good packets (unicast, multicast and broadcast) transmitted. Multicast This field shows the number of good multicast packets transmitted.
Chapter 6 System Status and Port Statistics Table 7 Port Details (continued) LABEL DESCRIPTION 512-1023 This field shows the number of packets (including bad packets) received that were between 512 and 1023 octets in length. 10241518 This field shows the number of packets (including bad packets) received that were between 1024 and 1518 octets in length. Giant This field shows the number of packets dropped because they were bigger than the maximum frame size.
Chapter 6 System Status and Port Statistics 70 GS-2724 User’s Guide
CHAPTER 7 Basic Setting This chapter describes how to configure the System Info, General Setup, Switch Setup, IP Setup and Port Setup screens. 7.1 Overview The System Info screen displays general information (such as firmware version number) and hardware polling information (such as fan speeds). The General Setup screen allows you to configure general identification information.
Chapter 7 Basic Setting Figure 25 System Info The following table describes the labels in this screen. Table 8 System Info LABEL DESCRIPTION System Name This field displays the descriptive name of the Switch for identification purposes. ZyNOS F/W Version This field displays the version number of the Switch's current firmware including the date created. Ethernet Address This field refers to the Ethernet MAC (Media Access Control) address of the Switch.
Chapter 7 Basic Setting Table 8 System Info (continued) LABEL DESCRIPTION Current This field displays this fan's current speed in Revolutions Per Minute (RPM). MAX This field displays this fan's maximum speed measured in Revolutions Per Minute (RPM). MIN This field displays this fan's minimum speed measured in Revolutions Per Minute (RPM). "<41" is displayed for speeds too small to measure (under 2000 RPM). Threshold This field displays the minimum speed at which a normal fan should work.
Chapter 7 Basic Setting Figure 26 General Setup The following table describes the labels in this screen. Table 9 General Setup 74 LABEL DESCRIPTION System Name Choose a descriptive name for identification purposes. This name consists of up to 64 printable characters; spaces are allowed. Location Enter the geographic location of your Switch. You can use up to 32 printable ASCII characters; spaces are allowed. Contact Person's Name Enter the name of the person in charge of this Switch.
Chapter 7 Basic Setting Table 9 General Setup (continued) LABEL DESCRIPTION Use Time Server when Bootup Enter the time service protocol that your timeserver uses. Not all time servers support all protocols, so you may have to use trial and error to find a protocol that works. The main differences between them are the time format. When you select the Daytime (RFC 867) format, the Switch displays the day, month, year and time with no time zone adjustment.
Chapter 7 Basic Setting VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain. In traditional switched environments, all broadcast packets go to each and every individual port. With VLAN, all broadcasts are confined to a specific broadcast domain. " VLAN is unidirectional; it only governs outgoing traffic. See Chapter 8 on page 85 for information on port-based and 802.1Q tagged VLANs. 7.
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 10 Switch Setup LABEL DESCRIPTION VLAN Type Choose 802.1Q or Port Based. The VLAN Setup screen changes depending on whether you choose 802.1Q VLAN type or Port Based VLAN type in this screen. See Chapter 8 on page 85for more information. Bridge Control Protocol Transparency Select Active to allow the Switch to handle bridging control protocols (STP for example).
Chapter 7 Basic Setting Table 10 Switch Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. 7.
Chapter 7 Basic Setting Figure 28 IP Setup The following table describes the labels in this screen. Table 11 IP Setup LABEL DESCRIPTION Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation, for example 192.168.1.254. Domain Name Server DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. Enter a domain name server IP address in order to be able to use a domain name instead of an IP address.
Chapter 7 Basic Setting Table 11 IP Setup (continued) LABEL DESCRIPTION IP Address Enter the out-of-band management IP address of your Switch in dotted decimal notation. For example, 192.168.0.1. IP Subnet Mask Enter the IP subnet mask of your Switch in dotted decimal notation for example 255.255.255.0. Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation, for example 192.168.0.254 Apply Click Apply to save your changes to the Switch’s run-time memory.
Chapter 7 Basic Setting Figure 29 Port Setup The following table describes the labels in this screen. Table 12 Port Setup LABEL DESCRIPTION Port This is the port index number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them.
Chapter 7 Basic Setting Table 12 Port Setup (continued) 82 LABEL DESCRIPTION Flow Control A concentration of traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses. Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port. The Switch uses IEEE802.3x flow control in full duplex mode and backpressure flow control in half duplex mode. IEEE802.
P ART III Advanced VLAN (85) Static MAC Forward Setup (97) Filtering (99) Spanning Tree Protocol (101) Bandwidth Control (111) Broadcast Storm Control (113) Mirroring (115) Link Aggregation (117) Port Authentication (121) Port Security (127) Classifier (131) Policy Rule (137) Queuing Method (143) VLAN Stacking (147) Multicast (153) 83
CHAPTER 8 VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 8.1 Introduction to IEEE 802.1Q Tagged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created. The VLANs can be created statically by hand or dynamically through GVRP.
Chapter 8 VLAN 8.2 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 8.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and deregister attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP. 8.2.1.1 GARP Timers Switches join VLANs by making a declaration.
Chapter 8 VLAN 8.3 Port VLAN Trunking Enable VLAN Trunking on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices. Refer to the following figure. Suppose you want to create VLAN groups 1 and 2 (V1 and V2) on devices A and B.
Chapter 8 VLAN 8.5 Static VLAN Use a static VLAN to decide whether an incoming frame on a port should be • sent to a VLAN group as normal depending on its VLAN tag. • sent to a group whether it has a VLAN tag or not. • blocked from a VLAN group regardless of its VLAN tag. You can also tag all outgoing frames (that were previously untagged) from a port with the specified VID. 8.5.1 Static VLAN Status See Section 8.1 on page 85 for more information on Static VLAN.
Chapter 8 VLAN 8.5.2 Static VLAN Details Use this screen to view detailed port settings and status of the VLAN group. See Section 8.1 on page 85 for more information on static VLAN. Click on an index number in the VLAN Status screen to display VLAN details. Figure 33 VLAN Detail The following table describes the labels in this screen. Table 15 VLAN Detail LABEL DESCRIPTION VLAN Status Click this to go to the VLAN Status screen.
Chapter 8 VLAN Figure 34 Static VLAN The following table describes the related labels in this screen. Table 16 Static VLAN LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN settings. Name Enter a descriptive name for the VLAN group for identification purposes. VLAN Group ID Enter the VLAN ID for this static entry; the valid range is between 1 and 4094. Port The port number identifies the port you are configuring. * Settings in this row apply to all ports.
Chapter 8 VLAN Table 16 Static VLAN (continued) LABEL DESCRIPTION Add Click Add to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. Clear Click Clear to start configuring the screen again. VID This field displays the ID number of the VLAN group.
Chapter 8 VLAN The following table describes the labels in this screen. Table 17 VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Select this check box to permit VLAN groups beyond the local switch.
Chapter 8 VLAN " " When you activate port-based VLAN, the Switch uses a default VLAN ID of 1. You cannot change it. In screens (such as IP Setup and Filtering) that require a VID, you must enter 1 as the VID. The port-based VLAN setup screen is shown next. The CPU management port forms a VLAN with all Ethernet ports. 8.6.
Chapter 8 VLAN Figure 36 Port Based VLAN Setup (All connected) 94 GS-2724 User’s Guide
Chapter 8 VLAN Figure 37 Port Based VLAN Setup (Port isolation) The following table describes the labels in this screen. Table 18 Port Based VLAN Setup label Description Setting Wizard Choose All connected or Port isolation. All connected means all ports can communicate with each other, that is, there are no virtual LANs. All incoming and outgoing ports are selected. This option is the most flexible but also the least secure.
Chapter 8 VLAN Table 18 Port Based VLAN Setup (continued) 96 label Description Outgoing These are the egress ports; an egress port is an outgoing port, that is, a port through which a data packet leaves. If you wish to allow two subscriber ports to talk to each other, you must define the egress port for both ports. CPU refers to the Switch management port. By default it forms a VLAN with all Ethernet ports.
CHAPTER 9 Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 9.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your network. 9.2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table. Static MAC addresses do not age out. When you set up static MAC address rules, you are setting static MAC addresses for a port.
Chapter 9 Static MAC Forward Setup The following table describes the labels in this screen. Table 19 Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box. Name Enter a descriptive name for identification purposes for this static MAC address forwarding rule. MAC Address Enter the MAC address in valid MAC address format, that is, six hexadecimal character pairs.
CHAPTER 10 Filtering This chapter discusses MAC address port filtering. 10.1 Configure a Filtering Rule Filtering means sifting traffic going through the Switch based on the source and/or destination MAC addresses and VLAN group (ID). Click Advanced Application > Filtering in the navigation panel to display the screen as shown next. Figure 39 Filtering The following table describes the related labels in this screen.
Chapter 10 Filtering Table 20 Filtering (continued) 100 LABEL DESCRIPTION Action Select Discard source to drop frame from the source MAC address (specified in the MAC field). The Switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address). The Switch can still receive frames originating from the MAC address.
CHAPTER 11 Spanning Tree Protocol The Switch supports Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol The Switch also allows you to set up multiple STP configurations (or trees). Ports can then be assigned to the trees. 11.1 STP/RSTP Overview (R)STP detects and breaks network loops and provides backup links between switches, bridges or routers.
Chapter 11 Spanning Tree Protocol Path cost is the cost of transmitting a frame onto a LAN through that port. It is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost.
Chapter 11 Spanning Tree Protocol 11.1.3 STP Port States STP assigns five port states to eliminate packet looping. A bridge port is not allowed to go directly from blocking state to forwarding state so as to eliminate transient loops. Table 22 STP Port States PORT STATE DESCRIPTION Disabled STP is disabled (default). Blocking Only configuration and management BPDUs are received and processed. Listening All BPDUs are received and processed. Learning All BPDUs are received and processed.
Chapter 11 Spanning Tree Protocol 11.2 Spanning Tree Protocol Main Screen The Switch allows you to configure a single RSTP configuration or you can configure multiple configurations. See Section 11.1 on page 101 for more information on RSTP. Click Advanced Application, Spanning Tree Protocol in the navigation panel to choose whether you want to configure multiple or a single Spanning Tree Protocol configuration. " This screen is only available if neither RSTP or MRSTP is active.
Chapter 11 Spanning Tree Protocol Figure 42 Rapid Spanning Tree Protocol The following table describes the labels in this screen. Table 24 Rapid Spanning Tree Protocol LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 43 on page 107). Active Select this check box to activate RSTP. Clear this checkbox to disable RSTP. Bridge Priority Bridge priority is used in determining the root switch, root port and designated port.
Chapter 11 Spanning Tree Protocol Table 24 Rapid Spanning Tree Protocol (continued) LABEL DESCRIPTION Forwarding Delay This is the maximum time (in seconds) a switch will wait before changing states. This delay is required because every switch must receive information about topology changes before it starts to forward frames. In addition, each port needs time to listen for conflicting information that would make it return to a blocking state; otherwise, temporary data loops might result.
Chapter 11 Spanning Tree Protocol Figure 43 Rapid Spanning Tree Protocol Status The following table describes the labels in this screen. Table 25 Rapid Spanning Tree Protocol Status LABEL DESCRIPTION Configuration Click Configuration to configure RSTP settings. Refer to Section 11.3 on page 104. Bridge Root refers to the base of the spanning tree (the root bridge). Our Bridge is this Switch. This Switch may also be the root bridge.
Chapter 11 Spanning Tree Protocol Figure 44 Multiple Rapid Spanning Tree Protocol The following table describes the labels in this screen. Table 26 Multiple Rapid Spanning Tree Protocol 108 LABEL DESCRIPTION Status Click Status to display the MRSTP Status screen (see Figure 43 on page 107). Tree This is a read only index number of the STP trees. Active Select this check box to activate an STP tree. Clear this checkbox to disable an STP tree.
Chapter 11 Spanning Tree Protocol Table 26 Multiple Rapid Spanning Tree Protocol (continued) LABEL DESCRIPTION Forwarding Delay This is the maximum time (in seconds) a switch will wait before changing states. This delay is required because every switch must receive information about topology changes before it starts to forward frames. In addition, each port needs time to listen for conflicting information that would make it return to a blocking state; otherwise, temporary data loops might result.
Chapter 11 Spanning Tree Protocol Figure 45 Multiple Rapid Spanning Tree Protocol Status The following table describes the labels in this screen. Table 27 Multiple Rapid Spanning Tree Protocol Status 110 LABEL DESCRIPTION Configuration Click Configuration to configure MRSTP settings. Refer to Section 11.3 on page 104. Tree Select which STP tree configuration you want to view. Bridge Root refers to the base of the spanning tree (the root bridge). Our Bridge is this Switch.
CHAPTER 12 Bandwidth Control This chapter shows you how you can cap the maximum bandwidth using the Bandwidth Control screen. 12.1 Bandwidth Control Overview Bandwidth control means defining a maximum allowable bandwidth for incoming and/or outgoing traffic flows on a port. 12.1.1 CIR and PIR The Committed Information Rate (CIR) is the guaranteed bandwidth for the incoming traffic flow on a port.
Chapter 12 Bandwidth Control Figure 46 Bandwidth Control The following table describes the related labels in this screen. Table 28 Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the Switch. Port This field displays the port number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
CHAPTER 13 Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 13.1 Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
Chapter 13 Broadcast Storm Control The following table describes the labels in this screen. Table 29 Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature. Port This field displays a port number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports.
CHAPTER 14 Mirroring This chapter discusses port mirroring setup screens. 14.1 Port Mirroring Setup Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. Click Advanced Application > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port.
Chapter 14 Mirroring The following table describes the labels in this screen. Table 30 Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the Switch. Clear this check box to disable the feature. Monitor Port The monitor port is the port you copy the traffic to in order to examine it in more detail without interfering with the traffic flow on the original port(s). Enter the port number of the monitor port. Port This field displays the port number.
CHAPTER 15 Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higherbandwidth link. 15.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link. You may want to trunk ports if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly, single-port link. However, the more ports you aggregate then the fewer available ports you have.
Chapter 15 Link Aggregation 15.2.1 Link Aggregation ID LACP aggregation ID consists of the following information1: Table 31 Link Aggregation ID: Local Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER 0000 0000 00 0000 00-00-00-00-00 Table 32 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER 0000 0000 00 0000 00-00-00-00-00 15.
Chapter 15 Link Aggregation Table 33 Link Aggregation Control Protocol Status (continued) LABEL DESCRIPTION Enabled Port These are the ports you have configured in the Link Aggregation screen to be in the trunk group. Synchronized Ports These are the ports that are currently transmitting data as one logical link in this trunk group. 15.4 Link Aggregation Setup Click Configuration in the Link Aggregation Control Protocol Status screen to display the screen shown next. See Section 15.
Chapter 15 Link Aggregation The following table describes the labels in this screen. Table 34 Link Aggregation LABEL DESCRIPTION Link Aggregation Control Protocol Active Select this checkbox to enable Link Aggregation Control Protocol (LACP). System Priority LACP system priority is a number between 1 and 65,535. The switch with the lowest system priority (and lowest port number if system priority is the same) becomes the LACP “server”. The LACP “server” controls the operation of LACP setup.
CHAPTER 16 Port Authentication This chapter describes the 802.1x authentication method and RADIUS server connection setup. See Section 40.9 on page 278 for information on how to use the commands to configure additional Radius server settings as well as multiple Radius server configuration. 16.1 Port Authentication Overview IEEE 802.
Chapter 16 Port Authentication " Refer to the documentation that comes with your RADIUS server on how to configure a VSA. The following table describes the VSAs supported on the Switch.
Chapter 16 Port Authentication 16.2 Port Authentication Configuration To enable port authentication, first activate IEEE802.1x security (both on the Switch and the port(s)) then configure the RADIUS server settings. Click Advanced Application > Port Authentication in the navigation panel to display the screen as shown. Figure 52 Port Authentication 16.2.1 Configuring RADIUS Server Settings Use this screen to configure your RADIUS server settings. See Section 16.1.
Chapter 16 Port Authentication 16.2.2 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x security. From the Port Authentication screen, click 802.1x to display the configuration screen as shown. Figure 54 802.1x The following table describes the labels in this screen. Table 38 802.1x LABEL DESCRIPTION Active Select this check box to permit 802.1x authentication on the Switch. Note: You must first enable 802.1x authentication on the Switch before configuring it on each port.
Chapter 16 Port Authentication Table 38 802.1x (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields.
Chapter 16 Port Authentication 126 GS-2724 User’s Guide
CHAPTER 17 Port Security This chapter shows you how to set up port security. 17.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. See Appendix A on page 305 for the maximum number of MAC addresses the Switch can learn.
Chapter 17 Port Security Figure 55 Port Security The following table describes the labels in this screen. Table 39 Port Security LABEL DESCRIPTION Active Select this option to enable port security on the Switch. Port This field displays a port number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Chapter 17 Port Security Table 39 Port Security (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields.
Chapter 17 Port Security 130 GS-2724 User’s Guide
CHAPTER 18 Classifier This chapter introduces and shows you how to configure the packet classifier on the Switch. 18.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested.
Chapter 18 Classifier Figure 56 Classifier The following table describes the labels in this screen. Table 40 Classifier LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. Packet Format Specify the format of the packet. Choices are All, 802.3 tagged, 802.3 untagged, Ethernet II tagged and Ethernet II untagged. A value of 802.3 indicates that the packets are formatted according to the IEEE 802.3 standards.
Chapter 18 Classifier Table 40 Classifier (continued) LABEL DESCRIPTION Ethernet Type Select an Ethernet type or select Other and enter the Ethernet type number in hexadecimal value. Refer to Table 42 on page 134 for information. Source MAC Address Select Any to apply the rule to all MAC addresses. To specify a source, select the second choice and type a MAC address in valid MAC address format (six hexadecimal character pairs). Port Type the port number to which the rule should be applied.
Chapter 18 Classifier 18.3 Viewing and Editing Classifier Configuration To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen. To change the settings of a rule, click a number in the Index field. " When two rules conflict with each other, a higher layer rule has priority over lower layer rule. Figure 57 Classifier: Summary Table The following table describes the labels in this screen.
Chapter 18 Classifier Some of the most common IP ports are: Table 43 Common IP Ports PORT NUMBER PORT NAME 21 FTP 23 Telnet 25 SMTP 53 DNS 80 HTTP 110 POP3 18.4 Classifier Example The following screen shows an example where you configure a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. After you have configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow.
Chapter 18 Classifier Figure 58 Classifier: Example 136 GS-2724 User’s Guide
CHAPTER 19 Policy Rule This chapter shows you how to configure policy rules. 19.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria (refer to Chapter 18 on page 131 for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network. 19.1.
Chapter 19 Policy Rule 19.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 18.2 on page 131 for more information. Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown.
Chapter 19 Policy Rule Figure 59 Policy GS-2724 User’s Guide 139
Chapter 19 Policy Rule The following table describes the labels in this screen. Table 44 Policy LABEL DESCRIPTION Active Select this option to enable the policy. Name Enter a descriptive name for identification purposes. Classifier(s) This field displays the active classifier(s) you configure in the Classifier screen. Select the classifier(s) to which this policy rule applies. To select more than one classifier, press [SHIFT] and select the choices at the same time.
Chapter 19 Policy Rule Table 44 Policy (continued) LABEL DESCRIPTION Outgoing Select Send the packet to the mirror port to send the packet to the mirror port. Select Send the packet to the egress port to send the packet to the egress port. Select Send the matching frames (broadcast or DLF, multicast, marked for dropping or to be sent to the CPU) to the egress port to send the broadcast, multicast, DLF, marked-to-drop or CPU frames to the egress port.
Chapter 19 Policy Rule 19.4 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth and discard out-of-profile traffic on a traffic flow classified using the Example classifier (refer to Section 18.4 on page 135).
CHAPTER 20 Queuing Method This chapter introduces the queuing methods supported. 20.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.
Chapter 20 Queuing Method 20.2 Configuring Queuing Click Advanced Application > Queuing Method in the navigation panel. Figure 62 Queuing Method The following table describes the labels in this screen. Table 46 Queuing Method 144 LABEL DESCRIPTION Port This label shows the port you are configuring. Method Select SPQ (Strict Priority Queuing) or WRR (Weighted Round Robin). Strict Priority Queuing (SPQ) services queues based on priority only.
Chapter 20 Queuing Method GS-2724 User’s Guide 145
Chapter 20 Queuing Method 146 GS-2724 User’s Guide
CHAPTER 21 VLAN Stacking This chapter shows you how to configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN 21.1 VLAN Stacking Overview A service provider can use VLAN stacking to allow it to distinguish multiple customers VLANs, even those with the same (customer-assigned) VLAN ID, within its network. Use VLAN stacking to add an outer VLAN tag to the inner IEEE 802.1Q tagged frames that enter the network.
Chapter 21 VLAN Stacking Figure 63 VLAN Stacking Example 21.2 VLAN Stacking Port Roles Each port can have three VLAN stacking “roles”, Normal, Access Port and Tunnel (the latter is for Gigabit ports only). • Select Normal for “regular” (non-VLAN stacking) IEEE 802.1Q frame switching. • Select Access Port for ingress ports on the service provider's edge devices (1 and 2 in the VLAN stacking example figure). The incoming frame is treated as "untagged", so a second VLAN tag (outer VLAN tag) can be added.
Chapter 21 VLAN Stacking 21.3 VLAN Tag Format A VLAN tag (service provider VLAN stacking or customer IEEE 802.1Q) consists of the following three fields. Table 47 VLAN Tag Format Type Priority VID Type is a standard Ethernet type code identifying the frame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provider Tag Protocol Identifier) is the service provider VLAN stacking tag type. Many vendors use 0x8100 or 0x9100.
Chapter 21 VLAN Stacking 21.4 Configuring VLAN Stacking Click Advanced Applications > VLAN Stacking to display the screen as shown. Figure 64 VLAN Stacking The following table describes the labels in this screen. Table 50 VLAN Stacking LABEL DESCRIPTION Active Select this check box to enable VLAN stacking on the Switch. SP TPID SP TPID is a standard Ethernet type code identifying the frame and indicates whether the frame carries IEEE 802.1Q tag information.
Chapter 21 VLAN Stacking Table 50 VLAN Stacking (continued) LABEL DESCRIPTION Role Select Normal to have the Switch ignore frames received (or transmitted) on this port with VLAN stacking tags. Anything you configure in SPVID and Priority are ignored. Select Access Port to have the Switch add the SP TPID tag to all incoming frames received on this port. Select Access Port for ingress ports at the edge of the service provider's network.
Chapter 21 VLAN Stacking 152 GS-2724 User’s Guide
CHAPTER 22 Multicast This chapter shows you how to configure various multicast features. 22.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways-Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network. IGMP (Internet Group Management Protocol) is a network-layer protocol used to establish membership in a multicast group-it is not used to carry user data.
Chapter 22 Multicast The Switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your Switch. 22.2 Multicast Status Click Advanced Applications > Multicast to display the screen as shown. This screen shows the multicast group information. See Section 22.
Chapter 22 Multicast Figure 66 Multicast Setting The following table describes the labels in this screen. Table 52 Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP Snooping. Active Select Active to enable IGMP Snooping to forward group multicast traffic only to ports that are members of that group.
Chapter 22 Multicast Table 52 Multicast Setting (continued) LABEL DESCRIPTION Reserved Multicast Group Multicast addresses (224.0.0.0 to 224.0.0.255) are reserved for the local scope. For examples, 224.0.0.1 is for all hosts in this subnet, 224.0.0.2 is for all multicast routers in this subnet, etc. A router will not forward a packet with the destination IP address within this range. See the IANA web site for more information.
Chapter 22 Multicast Click Advanced Applications > Multicast > Multicast Setting > IGMP Filtering Profile to display the screen as shown. Figure 67 IGMP Filtering Profile The following table describes the labels in this screen. Table 53 IGMP Filtering Profile LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes.
Chapter 22 Multicast 22.5 MVR Overview Multicast VLAN Registration (MVR) is designed for applications (such as Media-on-Demand (MoD)) that use multicast traffic across an Ethernet ring-based service provider network. MVR allows one single multicast VLAN to be shared among different subscriber VLANs on the network. While isolated in different subscriber VLANs, connected devices can subscribe to and unsubscribe from the multicast stream in the multicast VLAN.
Chapter 22 Multicast When the subscriber selects a television channel, computer A sends an IGMP report to the Switch to join the appropriate multicast group. If the IGMP report matches one of the configured MVR multicast group addresses on the Switch, an entry is created in the forwarding table on the Switch. This maps the subscriber VLAN to the list of forwarding destinations for the specified multicast traffic.
Chapter 22 Multicast Figure 70 MVR The following table describes the related labels in this screen. Table 54 MVR 160 LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be shared among different subscriber VLANs on the network. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes. Multicast VLAN ID Enter the VLAN ID (1 to 4094) of the multicast VLAN. 802.
Chapter 22 Multicast Table 54 MVR (continued) LABEL DESCRIPTION * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. Source Port Select this option to set this port as the MVR source port that sends and receives multicast traffic.
Chapter 22 Multicast Figure 71 Group Configuration The following table describes the labels in this screen. Table 55 Group Configuration LABEL DESCRIPTION Multicast VLAN ID Select a multicast VLAN ID (that you configured in the MVR screen) from the dropdown list box. Name Enter a descriptive name for identification purposes. Start Address Enter the starting IP multicast address of the multicast group in dotted decimal notation. Refer to Section 22.1.
Chapter 22 Multicast Figure 72 MVR Configuration Example To configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 73 MVR Configuration Example To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200.
Chapter 22 Multicast Figure 74 MVR Group Configuration Example Figure 75 MVR Group Configuration Example 164 GS-2724 User’s Guide
P ART IV IP Application Static Route (167) RIP (169) IGMP (171) Differentiated Services (173) DHCP (177) 165
CHAPTER 23 Static Route This chapter shows you how to configure static routes. 23.1 Configuring Static Routing Static routes tell the Switch how to forward IP traffic when you configure the TCP/IP parameters manually. Click IP Application > Static Routing in the navigation panel to display the screen as shown. Figure 76 Static Routing The following table describes the related labels you use to create a static route.
Chapter 23 Static Route Table 56 Static Routing (continued) 168 LABEL DESCRIPTION IP Subnet Mask Enter the subnet mask for this destination. Gateway IP Address Enter the IP address of the gateway. The gateway is an immediate neighbor of your Switch that will forward the packet to the destination. The gateway must be a router on the same segment as your Switch. Metric The metric represents the “cost” of transmission for routing purposes.
CHAPTER 24 RIP This chapter shows you how to configure RIP (Routing Information Protocol). 24.1 RIP Overview RIP (Routing Information Protocol allows a routing device to exchange routing information with other routers. The Direction field controls the sending and receiving of RIP packets. When set to: • Both - the Switch will broadcast its routing table periodically and incorporate the RIP information that it receives.
Chapter 24 RIP Figure 77 RIP The following table describes the labels in this screen. Table 57 RIP 170 LABEL DESCRIPTION Active Select this check box to enable RIP on the Switch. Index This field displays the index number of an IP interface. Network This field displays the IP interface configured on the Switch. Refer to the section on IP Setup for more information on configuring IP domains. Direction Select the RIP direction from the drop-down list box.
CHAPTER 25 IGMP This chapter shows you how to configure IGMP. 25.1 IGMP Overview IGMP (Internet Group Management Protocol) is a session-layer protocol used to establish membership in a multicast group - it is not used to carry user data. Refer to RFC 1112 and RFC 2236 for information on IGMP versions 1 and 2 respectively. The Switch supports IGMP version 1 (IGMP-v1), version 2 (IGMP-v2) and version 3 (IGMP-v3). At start up, the Switch queries all directly connected networks to gather group membership.
Chapter 25 IGMP The following table describes the labels in this screen. Table 58 IGMP LABEL DESCRIPTION Active Select this check box to enable IGMP on the Switch. Note: You cannot enable both IGMP snooping and IGMP at the same time. Refer to the section on IGMP snooping. 172 Index This field displays an index number of an entry. Network This field displays the IP domain configured on the Switch. Refer to Section 7.6 on page 78 for more information on configuring IP domains.
CHAPTER 26 Differentiated Services This chapter shows you how to configure Differentiated Services (DiffServ) on the Switch. 26.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Chapter 26 Differentiated Services Figure 80 DiffServ Network Example Switch A marks traffic flowing into the network based on the configured marking rules. Intermediary network devices 1 and 2 allocate network resources (such as bandwidth) by mapping the DSCP values and the associated policies. 26.2 Activating DiffServ Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected port(s). Click IP Application > DiffServ in the navigation panel to display the screen as shown.
Chapter 26 Differentiated Services Table 59 DiffServ (continued) LABEL DESCRIPTION * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. Active Select Active to enable DiffServ on the port. Apply Click Apply to save your changes to the Switch’s run-time memory.
Chapter 26 Differentiated Services The following table describes the labels in this screen. Table 61 DSCP Setting 176 LABEL DESCRIPTION 0 … 63 This is the DSCP classification identification number. To set the IEEE 802.1p priority mapping, select the priority level from the drop-down list box. Apply Click Apply to save your changes to the Switch’s run-time memory.
CHAPTER 27 DHCP This chapter shows you how to configure the DHCP feature. 27.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the Switch as a DHCP server or disable it. When configured as a server, the Switch provides the TCP/IP configuration for the clients.
Chapter 27 DHCP Figure 83 DHCP Server Status The following table describes the labels in this screen. Table 62 DHCP Server Status LABEL DESCRIPTION Index This is the index number. VID This field displays the ID number of the VLAN group to which this DHCP settings apply. Server Status This field displays the starting DHCP client IP address. IP Pool Size This field displays the size of the DHCP client IP address pool.
Chapter 27 DHCP Figure 84 DHCP Server The following table describes the labels in this screen. Table 63 DHCP Server LABEL DESCRIPTION VID Enter the ID number of the VLAN group to which this DHCP settings apply. Client IP Pool Starting Address Specify the first of the contiguous addresses in the IP address pool. Size of Client IP Pool Specify the size, or count of the IP address pool. IP Subnet Mask Enter the subnet mask for the client IP pool.
Chapter 27 DHCP Table 63 DHCP Server (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry. Cancel Click Cancel to clear the Delete check boxes. 27.3.1 DHCP Server Configuration Example The follow figure shows a network example where the Switch is used to assign network information to the DHCP clients in the RD and Sales network. Figure 85 DHCP Server Network Example In the DHCP Server screen, configure two DHCP client IP address pools for the two networks.
Chapter 27 DHCP 27.4 DHCP Relay Configure DHCP relay on the Switch if the DHCP clients and the DHCP server are not in the same subnet. During the initial IP address leasing, the Switch helps to relay network information (such as the IP address and subnet mask) between a DHCP client and a DHCP server. Once the DHCP client obtains an IP address and can connect to the network, network information renewal is done between the DHCP client and the DHCP server without the help of the Switch. 27.4.
Chapter 27 DHCP The following table describes the labels in this screen. Table 64 DHCP Relay LABEL DESCRIPTION Active Select this check box to enable DHCP relay. Remote DHCP Server 1 .. 3 Enter the IP address of a DHCP server in dotted decimal notation. Relay Agent Information Select the Option 82 check box to have the Switch add information (slot number, port number and VLAN ID) to client DHCP requests that it relays to a DHCP server.
Chapter 27 DHCP Figure 89 DHCP Relay Configuration Example GS-2724 User’s Guide 183
Chapter 27 DHCP 184 GS-2724 User’s Guide
P ART V Management Maintenance (187) Access Control (193) Diagnostic (205) Syslog (207) Cluster Management (211) MAC Table (217) IP Table (219) ARP Table (221) Routing Table (223) Configure Clone (225) 185
CHAPTER 28 Maintenance This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 28.1 The Maintenance Screen Use this screen to manage firmware and your configuration files. Click Management > Maintenance in the navigation panel to open the following screen. Figure 90 Maintenance The following table describes the labels in this screen.
Chapter 28 Maintenance Table 65 Maintenance (continued) LABEL DESCRIPTION Save Configuratio n Click Config 1 to save the current configuration settings to Configuration 1 on the Switch. Click Config 2 to save the current configuration settings to Configuration 2 on the Switch. Reboot System Click Config 1 to reboot the system and load Configuration 1 on the Switch. Click Config 2 to reboot the system and load Configuration 2 on the Switch.
Chapter 28 Maintenance Figure 92 Restore Configuration Type the path and file name of the configuration file you wish to restore in the File Path text box or click Browse to display the Choose File screen (below) from which you can locate it. After you have specified the file, click Restore. "config" is the name of the configuration file on the Switch, so your backup configuration file is automatically renamed when you restore using this screen. 28.
Chapter 28 Maintenance 2 Click OK to reset all Switch configurations to the factory defaults. Figure 94 Load Factory Default 3 In the web configurator, click the Save button to make the changes take effect. If you want to access the Switch web configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the Switch’s default IP address (192.168.1.1). 28.
Chapter 28 Maintenance 28.8 FTP Command Line This section shows some examples of uploading to or downloading files from the Switch using FTP commands. First, understand the filename conventions. 28.8.1 Filename Conventions The configuration file (also known as the romfile or ROM) contains the factory default settings in the screens such as password, switch setup, IP Setup, etc. Once you have customized the Switch’s settings, they can be saved back to your computer under a filename of your choosing.
Chapter 28 Maintenance 5 Enter bin to set transfer mode to binary. 6 Use put to transfer files from the computer to the Switch, for example, put firmware.bin ras transfers the firmware on your computer (firmware.bin) to the Switch and renames it to “ras”. Similarly, put config.cfg config transfers the configuration file on your computer (config.cfg) to the Switch and renames it to “config”. Likewise get config config.
CHAPTER 29 Access Control This chapter describes how to control access to the Switch. 29.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share four sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
Chapter 29 Access Control 29.3 About SNMP Simple Network Management Protocol (SNMP) is an application layer protocol used to manage and monitor TCP/IP-based devices. SNMP is used to exchange management information between the network management system (NMS) and a network element (NE). A manager station can manage and monitor the Switch through the network via SNMP version one (SNMPv1) and/or SNMP version 2c. The next figure illustrates an SNMP management operation.
Chapter 29 Access Control 29.3.1 Supported MIBs MIBs let administrators collect statistics and monitor status and performance. The Switch supports the following MIBs: • • • • • • • • SNMP MIB II (RFC 1213) RFC 1157 SNMP v1 RFC 1493 Bridge MIBs RFC 1643 Ethernet MIBs RFC 1155 SMI RFC 2674 SNMPv2, SNMPv2c RFC 1757 RMON SNMPv2, SNMPv2c or later version, compliant with RFC 2011 SNMPv2 MIB for IP, RFC 2012 SNMPv2 MIB for TCP, RFC 2013 SNMPv2 MIB for UDP 29.3.
Chapter 29 Access Control Figure 98 SNMP The following table describes the labels in this screen. Table 70 SNMP LABEL DESCRIPTION Get Community Enter the get community, which is the password for the incoming Get- and GetNextrequests from the management station. Set Community Enter the set community, which is the password for incoming Set- requests from the management station. Trap Community Enter the trap community, which is the password sent with each trap to the SNMP manager.
Chapter 29 Access Control From the Access Control screen, display the Logins screen. You can click Access Control to go back to the Access Control screen. Figure 99 Logins The following table describes the labels in this screen. Table 71 Logins LABEL DESCRIPTION Administrator This is the default administrator account with the “admin” user name. You cannot change the default administrator user name. Only the administrator has read/write access.
Chapter 29 Access Control 29.4 SSH Overview Unlike Telnet or FTP, which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network. Figure 100 SSH Communication Example 29.5 How SSH works The following table summarizes how a secure connection is established between two remote hosts.
Chapter 29 Access Control The client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer. 2 Encryption Method Once the identification is verified, both the client and server must agree on the type of encryption method to use. 3 Authentication and Data Transmission After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server.
Chapter 29 Access Control Figure 102 HTTPS Implementation " If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 29.8 HTTPS Example If you haven’t changed the default HTTPS port on the Switch, then in your browser enter “https://Switch IP Address/” as the web site address where “Switch IP Address” is the IP address or domain name of the Switch you wish to access. 29.8.
Chapter 29 Access Control 29.8.2 Netscape Navigator Warning Messages When you attempt to access the Switch’s HTTPS server, a Website Certified by an Unknown Authority screen pops up asking if you trust the server certificate. Click Examine Certificate if you want to verify that the certificate is from the Switch. If Accept this certificate temporarily for this session is selected, then click OK to continue in Netscape.
Chapter 29 Access Control Figure 106 Example: Lock Denoting a Secure Connection 29.9 Service Port Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later). From the Access Control screen, display the Service Access Control screen. You can click Access Control to go back to the Access Control screen.
Chapter 29 Access Control The following table describes the fields in this screen. Table 72 Service Access Control LABEL DESCRIPTION Services Services you may use to access the Switch are listed here. Active Select this option for the corresponding services that you want to allow to access the Switch. Service Port For Telnet, SSH, FTP, HTTP or HTTPS services, you may change the default service port by typing the new port number in the Server Port field.
Chapter 29 Access Control Table 73 Remote Management (continued) 204 LABEL DESCRIPTION Start Address End Address Configure the IP address range of trusted computers from which you can manage this Switch. The Switch checks if the client IP address of a computer requesting a service or protocol matches the range set here. The Switch immediately disconnects the session if it does not match.
CHAPTER 30 Diagnostic This chapter explains the Diagnostic screen. 30.1 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen. Use this screen to check system logs, ping IP addresses or perform port tests. Figure 109 Diagnostic The following table describes the labels in this screen. Table 74 Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box. Click Clear to empty the text box and reset the syslog entry.
Chapter 30 Diagnostic Table 74 Diagnostic (continued) 206 LABEL DESCRIPTION IP Ping Type the IP address of a device that you want to ping in order to test a connection. Click Ping to have the Switch ping the IP address (in the field to the left). Ethernet Port Test Enter a port number and click Port Test to perform an internal loopback test.
CHAPTER 31 Syslog This chapter explains the syslog screens. 31.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server. Syslog is defined in RFC 3164. The RFC defines the packet format, content and system log related information of syslog messages. Each syslog message has a facility and severity level.
Chapter 31 Syslog Figure 110 Syslog Setup The following table describes the labels in this screen. Table 76 Syslog Setup LABEL DESCRIPTION Syslog Select Active to turn on syslog (system logging) and then configure the syslog setting Logging Type This column displays the names of the categories of logs that the device can generate. Active Select this option to set the device to generate logs for the corresponding category.
Chapter 31 Syslog Figure 111 Syslog Server Setup The following table describes the labels in this screen. Table 77 Syslog Server Setup LABEL DESCRIPTION Active Select this check box to have the device send logs to this syslog server. Clear the check box if you want to create a syslog server entry but not have the device send logs to it (you can edit the entry later). Server Address Enter the IP address of the syslog server.
Chapter 31 Syslog 210 GS-2724 User’s Guide
CHAPTER 32 Cluster Management This chapter introduces cluster management. 32.1 Cluster Management Status Overview Cluster Management allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another. Table 78 ZyXEL Clustering Management Specifications Maximum number of cluster members 24 Cluster Member Models Must be compatible with ZyXEL cluster management implementation.
Chapter 32 Cluster Management Figure 112 Clustering Application Example 32.2 Cluster Management Status Click Management > Cluster Management in the navigation panel to display the following screen. " A cluster can only have one manager.
Chapter 32 Cluster Management The following table describes the labels in this screen. Table 79 Cluster Management Status LABEL DESCRIPTION Status This field displays the role of this Switch within the cluster. Manager Member (you see this if you access this screen in the cluster member switch directly and not via the cluster manager) None (neither a manager nor a member of a cluster) Manager This field displays the cluster manager switch’s hardware MAC address.
Chapter 32 Cluster Management Figure 115 Example: Uploading Firmware to a Cluster Member Switch C:\>ftp 192.168.1.1 Connected to 192.168.1.1. 220 Switch FTP version 1.0 ready at Thu Jan 1 00:58:46 1970 User (192.168.0.
Chapter 32 Cluster Management Figure 116 Clustering Management Configuration The following table describes the labels in this screen. Table 81 Clustering Management Configuration LABEL DESCRIPTION Clustering Manager Active Select Active to have this Switch become the cluster manager switch. A cluster can only have one manager. Other (directly connected) switches that are set to be cluster managers will not be visible in the Clustering Candidates list.
Chapter 32 Cluster Management Table 81 Clustering Management Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields.
CHAPTER 33 MAC Table This chapter introduces the MAC Table screen. 33.1 MAC Table Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’s ports. It shows what device MAC address, belonging to what VLAN group (if any) is forwarded to which port(s) and whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen).
Chapter 33 MAC Table 33.2 Viewing the MAC Table Click Management > MAC Table in the navigation panel to display the following screen. Figure 118 MAC Table The following table describes the labels in this screen. Table 82 MAC Table 218 LABEL DESCRIPTION Sort by Click one of the following buttons to display and arrange the data according to that button type. The information is then displayed in the summary table below. MAC Click this button to display and arrange the data according to MAC address.
CHAPTER 34 IP Table This chapter introduces the IP table. 34.1 IP Table Overview The IP Table screen shows how packets are forwarded or filtered across the Switch’s ports. It shows what device IP address, belonging to what VLAN group (if any) is forwarded to which port(s) and whether the IP address is dynamic (learned by the Switch) or static (belonging to the Switch). The Switch uses the IP table to determine how to forward packets. See the following figure.
Chapter 34 IP Table 34.2 Viewing the IP Table Click Management > IP Table in the navigation panel to display the following screen. Figure 120 IP Table The following table describes the labels in this screen. Table 83 IP Table 220 LABEL DESCRIPTION Sort by Click one of the following buttons to display and arrange the data according to that button type. The information is then displayed in the summary table below. IP Click this button to display and arrange the data according to IP address.
CHAPTER 35 ARP Table This chapter introduces ARP Table. 35.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address. 35.1.
Chapter 35 ARP Table Figure 121 ARP Table The following table describes the labels in this screen. Table 84 ARP Table 222 LABEL DESCRIPTION Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a Switch port with corresponding MAC address below. MAC Address This is the MAC address of the device with corresponding IP address above.
CHAPTER 36 Routing Table This chapter introduces the routing table. 36.1 Overview The routing table contains the route information to the network(s) that the Switch can reach. The Switch automatically updates the routing table with the RIP information received from other Ethernet devices. 36.2 Viewing the Routing Table Use this screen to view routing table information. Click Management > Routing Table in the navigation panel to display the screen as shown.
Chapter 36 Routing Table 224 GS-2724 User’s Guide
CHAPTER 37 Configure Clone This chapter shows you how you can copy the settings of one port onto other ports. 37.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen.
Chapter 37 Configure Clone The following table describes the labels in this screen. Table 86 Configure Clone 226 LABEL DESCRIPTION Source/ Destination Port Enter the source port under the Source label. This port’s attributes are copied. Enter the destination port or ports under the Destination label. These are the ports which are going to have the same attributes as the source port. You can enter individual ports separated by a comma or a range of ports by using a dash.
P ART VI CLI and Troubleshooting Introducing Commands (229) User and Enable Mode Commands (263) Configuration Mode Commands (269) Interface Commands (281) IEEE 802.
CHAPTER 38 Introducing Commands This chapter introduces commands and gives a summary of commands available. 38.1 Overview In addition to the web configurator, you can use commands to configure the Switch. Use commands for advanced diagnosis and troubleshooting. If you have problems with your Switch, customer support may request that you issue some of these commands to assist them in troubleshooting.
Chapter 38 Introducing Commands • • • • • • VT100 terminal emulation 9600 bps No parity 8 data bits 1 stop bit No flow control 38.2.1.1 Initial Screen When you turn on your Switch, it performs several internal tests as well as line initialization. You can view the initialization information using the console port. After the initialization, the login screen displays (refer to Section 38.3 on page 230). Copyright (c) 1994 - 2006 ZyXEL Communications Corp.
Chapter 38 Introducing Commands • The required fields in a command are enclosed in angle brackets <>, for instance, ping means that you must specify an IP number for this command. • The optional fields in a command are enclosed in square brackets [], for instance, configure snmp-server [contact ] [location ] • • • • • • • means that the contact and location fields are optional. “Command” refers to a command used in the command line interface (CI command).
Chapter 38 Introducing Commands Use the following commands to specify privilege levels for login accounts. Syntax: logins username password logins username privilege <0-14> where username = Specifies a new user (up to 32 alphanumeric characters). Enter a user name to change the settings of an existing account. password = Specifies the new password (up to 32 alphanumeric characters) for this user.
Chapter 38 Introducing Commands Table 87 Command Interpreter Mode Summary (continued) .DESCRIPTION MODE HOW TO LOGIN/ ACCESS PROMPT Command modes that follow are sub-modes of the config mode and can only be accessed from within the config mode. Config-vlan This is a sub-mode of the config mode and allows you to configure VLAN settings. Type vlan followed by a number (between 1 to 4094). For example, vlan 10 to configure settings for VLAN 10.
Chapter 38 Introducing Commands 38.8.1 List of Available Commands Enter “help” to display a list of available commands and the corresponding sub commands. sysname> help Commands available: help logout exit history enable show ip show hardware-monitor show system-information ping ping [vlan ][..] ping help traceroute traceroute [vlan ][..
Chapter 38 Introducing Commands Enter ? to display detailed help information about the sub commands and parameters. sysname> ping ? help destination ip address Description of ping help sysname> 38.9 Using Command History The Switch keeps a list of recently used commands available to you for reuse. You can use any commands in the history again by pressing the up (y) or down (z) arrow key to scroll through the previously used commands and press [ENTER].
Chapter 38 Introducing Commands 38.10.1 Configuration File When you configure the Switch using either the CLI (Command Line Interface) or web configurator, the settings are saved as a series of commands in a configuration file on the Switch. You can perform the following with a configuration file: • Back up configuration once the Switch is set up to work in your network. • Restore configuration. • Use the same configuration file to set all Switches (of the same model) in your network to the same settings.
Chapter 38 Introducing Commands Table 88 Command Summary: User Mode (continued) COMMAND DESCRIPTION PRIVILEG E enable Accesses Enable (or privileged) mode. See Section 38.11.2 on page 237. 0 ip Displays IP related information. 0 hardware-monitor Displays current hardware monitor information with the specified temperature unit (Celsius C or Fahrenheit F). 0 system-information Displays general system information. 0 Sends Ping request to an Ethernet device.
Chapter 38 Introducing Commands Table 89 Command Summary: Enable Mode (continued) COMMAND DESCRIPTION PRIVILEG E running-config interface portchannel [bandwidth-limit ....] Copies the specified attributes from one port to other ports. 13 tftp config Restores configuration with the specified filename from the specified TFTP server to the specified configuration file on the router. 13 flash Restores firmware via TFTP.
Chapter 38 Introducing Commands Table 89 Command Summary: Enable Mode (continued) DESCRIPTION PRIVILEG E candidates Displays cluster candidate information. 13 member Displays the MAC address of the cluster member(s). 13 member config Displays the configuration of the cluster member(s). 13 member mac Displays the status of the cluster member(s). 13 relay Displays DHCP relay settings. 13 server Displays DHCP server settings.
Chapter 38 Introducing Commands Table 89 Command Summary: Enable Mode (continued) DESCRIPTION PRIVILEG E igmp-immediateleave Displays the IGMP Immediate Leave setting. 13 igmp-query-mode Displays IGMP query mode for the specified port. 13 COMMAND Displays IP related information. 13 arp Displays the ARP table. 13 igmp DIsplays the IGMP setting. 13 iptable all [IP|VID|PORT] Displays the IP address table. You can sort the table based on the IP address, VLAN ID or the port number.
Chapter 38 Introducing Commands Table 89 Command Summary: Enable Mode (continued) DESCRIPTION PRIVILEG E Displays the specified MVR group settings. 13 Displays all policy related information. 13 Displays the specified policy related information. 13 Displays all port authentication settings. 13 Displays port authentication settings on the specified port(s). 13 Displays all port security settings. 13 Displays port security settings on the specified port(s).
Chapter 38 Introducing Commands Table 89 Command Summary: Enable Mode (continued) DESCRIPTION PRIVILEG E Displays the status of the specified VLAN. 13 Displays VLAN stacking settings. 13 gvrp Displays GVRP settings. 13 port-isolation Displays port isolation settings. 13 Connects to an SSH server with the specified SSH version. 13 Connects to an SSH server with the specified SSH version and addition commands to be executed on the server.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E <[packetformat <802.3untag|802.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E helper-address Sets the IP addresses of up to 3 DHCP servers. 13 information Allows the Switch to add system name to agent information. 13 option Allows the Switch to add DHCP relay agent information.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) COMMAND interface ip DESCRIPTION PRIVILEG E host-timeout <1-16711450> Sets the host timeout value. 13 leave-timeout <1-16711450> Sets the leave timeout value 13 unknown-multicastframe Sets how to treat traffic from unknown multicast group. 13 reservedmulticast-group Sets how to treat traffic belonging to reserved multicast groups.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) COMMAND mac-filter name mac vlan drop inactive mac-forward name mac vlan interface inactive DESCRIPTION PRIVILEG E Configures a static MAC address port filtering rule. 13 Disables a static MAC address port filtering rule. 13 Configures a static MAC address forwarding rule. 13 Disables a static MAC address forwarding rule.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E Disables the classifier. Each classifier has one rule. If you disable a classifier you cannot use policy rule related information. 13 inactive Enables a classifier. 13 Disables cluster management on the Switch. 13 Removes the cluster member. 13 Disables DHCP relay. 13 information Disables the relay agent information option 82.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E name mac vlan drop inactive Enables the specified MAC-filter rule. 13 name mac vlan drop Disables the specified MAC filter rule.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E Clears a secure client set entry from the list of secure clients. 13 service Disables a secure client set entry number from using the selected remote management service. 13 igmp Disables IGMP on the Switch. 13 rip Disable RIP on the Switch. 13 ftp Disables FTP access to the Switch.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E server inactive Enables syslog logging to the specified syslog server. 13 type [type] DIsables syslog logging for the specified log type (sys, link, config, error or report). 13 Disables timeserver settings. 13 Disables the specified trunk group. 13 interface Removes ports from the specified trunk group.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) COMMAND policy classifier < [vlan] [egress-port ] [priority <0-7>] [dscp <0-63>] [tos <0-7>] [bandwidth ] [outgoing-packetformat ] [out-of-profiledscp <0-63>] [forward-action ] [queue-action ] [diffserv-action ] [outgoing-mirror] [outgoing-eport] [outgo
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E Specifies how often a client has to re-enter the username and password to stay connected to the specified port(s). 13 Enables port security on the device. 13 Enables port security on the specified port(s). 13 learn inactive Disables MAC address learning on the specified port(s). 13 address-limit Limits the number of (dynamic) MAC addresses that may be learned on a port.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) DESCRIPTION PRIVILEG E ftp Allows FTP access on the specified service port. 13 http Allows HTTP access on the specified service port and defines the timeout period. 13 https Allows HTTPS access on the specified service port. 13 icmp Allows ICMP management packets. 13 snmp Allows SNMP management.
Chapter 38 Introducing Commands Table 90 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEG E syslog Enables syslog logging. 13 inactive Disables syslog logging to the specified syslog server. 13 level [0 ~ 7] Sets the IP address of the syslog server and the severity level. 13 type facility [local 1 ..7] Sets the log type and the file location on the syslog server. 13 Sets the time in hour, minute and second format.
Chapter 38 Introducing Commands 38.11.4 interface port-channel Commands The following table lists the interface port-channel commands in configuration mode. Use these commands to configure the ports. Table 91 interface port-channel Commands COMMAND DESCRIPTION PRIVILEG E interface portchannel Enables a port or a list of ports for configuration. 13 Enables ingress (pir), cir and egress limits on the port(s).
Chapter 38 Introducing Commands Table 91 interface port-channel Commands (continued) DESCRIPTION PRIVILEG E Choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port. 13 Enables strict priority queuing starting with the specified queue and subsequent higher queues on the Gigabit ports. 13 gvrp Enables this function to permit VLAN groups beyond the local switch.
Chapter 38 Introducing Commands Table 91 interface port-channel Commands (continued) DESCRIPTION PRIVILEG E bandwidth-limit Disables bandwidth limit on the port(s). 13 bandwidth-limit Disables cir bandwidth limits on the port(s). 13 bandwidth-limit Disables pir bandwidth limits on the port(s). 13 bandwidth-limit Disables egress bandwidth limits on the port(s). 13 broadcast-limit Disables broadcast storm control limit on the port(s).
Chapter 38 Introducing Commands Table 91 interface port-channel Commands (continued) DESCRIPTION PRIVILEG E Sets the duplex mode (half or full) and speed (10, 100 or 1000 Mbps) of the connection on the interface. Selecting auto (auto-negotiation) makes one port able to negotiate with a peer automatically to obtain the connection speed and duplex mode that both ends support. 13 Sets the port(s) to use Strict Priority Queuing.
Chapter 38 Introducing Commands Table 92 interface route-domain Commands (continued) DESCRIPTION PRIVILEG E igmp query-interval Sets the igmp query interval on the Switch. This variable specifies the amount of time in seconds between general query messages sent by the router. 13 igmp query-maxresponse-time <1-25> Sets the maximum time that the router waits for a response to an general query message.
Chapter 38 Introducing Commands Table 93 Command Summary: config-vlan Commands (continued) DESCRIPTION PRIVILEG E fixed Sets fixed port(s) to normal port(s). 13 forbidden Sets forbidden port(s) to normal port(s). 13 inactive Enables the specified VLAN. 13 ip address Deletes the IP address and subnet mask from this VLAN. 13 ip address defaultgateway Deletes the default gateway from this VLAN.
Chapter 38 Introducing Commands Table 94 Command Summary: mvr Commands (continued) DESCRIPTION PRIVILEG E receiver-port Disables the receiver port(s).An MVR receiver port can only receive multicast traffic in a multicast VLAN. 13 source-port Disables the source port(s).An MVR source port can send and receive multicast traffic in a multicast VLAN. 13 tagged Sets the port(s) to untag VLAN tags. 13 receiver-port Sets the receiver port(s).
Chapter 38 Introducing Commands 262 GS-2724 User’s Guide
CHAPTER 39 User and Enable Mode Commands This chapter describes some commands which you can perform in the User and Enable modes. 39.1 Overview The following command examples show how you can use User and Enable modes to diagnose and manage your Switch. 39.2 show Commands These are the commonly used show commands. 39.2.1 show system-information Syntax: show system-information This command shows the general system information (such as the firmware version and system up time). An example is shown next.
Chapter 39 User and Enable Mode Commands 39.2.2 show ip Syntax: show ip This command displays the IP related information (such as IP address and subnet mask) on all Switch interfaces. The following figure shows the default interface settings. sysname> show ip Out-of-band Management IP Address = 192.168.0.1 Management IP Address IP[192.168.0.1], Netmask[255.255.255.0], VID[0] IP Interface IP[192.168.1.1], Netmask[255.255.255.0], VID[1] sysname> 39.2.
Chapter 39 User and Enable Mode Commands This command displays statistics of a port. The following example shows that port 2 is up and the related information. sysname# show interface 2 Port Info Port NO.
Chapter 39 User and Enable Mode Commands 39.3 ping Syntax: ping < [in-band|out-of-band|vlan ] [size -> <0-1472>] [-t]> where = The IP address or host name of an Ethernet device. [in-band|out-ofband|vlan ] = Specifies the network interface or the VLAN ID to which the Ethernet device belongs. out-of-band refers to the management port while in-band means the other ports on the Switch. [size <0-1472>] = Specifies the packet size to send.
Chapter 39 User and Enable Mode Commands This command displays information about the route to an Ethernet device. The following example displays route information to an Ethernet device with an IP address of 192.168.1.100. sysname> traceroute 192.168.1.100 traceroute to 192.168.1.100, 30 hops max, 40 byte packet 1:192.168.1.100 (10 ms) (10 ms) (0 ms) traceroute done: sysname> 39.5 Copy Port Attributes Use the copy running-config command to copy attributes of one port to another port or ports.
Chapter 39 User and Enable Mode Commands 39.6.1 Using a Different Configuration File You can store up to two configuration files on the Switch. Only one configuration file is used at a time. By default the Switch uses the first configuration file (with an index number of 1). You can set the Switch to use a different configuration file. There are two ways in which you can set the Switch to use a different configuration file: restart the Switch (cold reboot) and restart the system (warm reboot).
CHAPTER 40 Configuration Mode Commands This chapter describes how to enable and configure your Switch’s features using commands. For more background information, see the feature specific chapters which proceed the commands chapters. 40.1 Change the Out of Band Management IP Address Use the ip address command to change the IP address of the out of band management port on the Switch. Syntax: ip address An example is shown next.
Chapter 40 Configuration Mode Commands Syntax: igmp-snooping igmp-snooping igmp-snooping igmp-snooping igmp-snooping igmp-snooping 8021p-priority <0-7> host-timeout <1-16711450> leave-timeout <1-16711450> unknown-multicast-frame reserved-multicast-group where igmp-snooping = Enables IGMP snooping on the Switch. 8021p-priority = Sets a priority level (0-7) to which the Switch changes the priority in outgoing IGMP control packets.
Chapter 40 Configuration Mode Commands where igmp filtering = Enables IGMP filtering on the Switch profile = Specifies a name (up to 32 alphanumeric characters) for this IGMP profile. If you want to edit an existing IGMP profile enter the existing profile name followed by start-address and end-address parameters. start-address = Specifies the starting multicast IP address for a range of multicast IP addresses that you want to belong to the IGMP filter profile. IP address in the range 224.0.0.
Chapter 40 Configuration Mode Commands where spanning-tree = Enables a specific tree configuration. mrstp priority <0-61440> Enables STP on the Switch. = Specifies the bridge priority for the Switch. The lower the numeric value you assign, the higher the priority for this bridge. Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch.
Chapter 40 Configuration Mode Commands • Enable STP on port 5 with a path cost of 150. • Set the priority for port 5 to 20. sysname(config)# sysname(config)# 15 sysname(config)# sysname(config)# spanning-tree priority 0 spanning-tree hello-time 4 maximum-age 20 forward-delay spanning-tree 5 path-cost 150 spanning-tree 5 priority 20 40.5 no Command Examples These are the commonly used command examples that belong to the no group of commands.
Chapter 40 Configuration Mode Commands where = inactive Re-enables an ip route with the specified IP address and subnet mask. An example is shown next. • Enable the IP route with the IP address of 192.168.11.1 and subnet mask of 255.255.255.0. This ip route must have already been created and made inactive prior to re-enable command being applied. sysname(config)# no ip route 192.168.11.1 255.255.255.0 inactive 40.5.
Chapter 40 Configuration Mode Commands where = Disables port authentication on the Switch. reauthenticate = Disables the re-authentication mechanism on the listed port(s). = Disables authentication on the listed ports. An example is shown next. • Disable authentication on the Switch. • Disable re-authentication on ports one, three, four and five. • Disable authentication on ports one, six and seven.
Chapter 40 Configuration Mode Commands 40.6 Static Route Commands You can create and configure static routes on the Switch by using the ip route command. Syntax: ip route ip route [metric ][name ] --> [inactive] where = Specifies the network IP address of the final destination. = Specifies the subnet mask of this destination. = Specifies the IP address of the gateway.
Chapter 40 Configuration Mode Commands where name = Names the filtering rule. mac = Specifies the MAC address you want to filter. vlan = Specifies which VLAN this rule applies to. drop = Selects the behavior of the rule. • src - drop packets coming from the specified MAC address • dst- drop packets going to the specified MAC address • both - drop packets coming from or going to the specified MAC address An example is shown next.
Chapter 40 Configuration Mode Commands • Enable dynamic link aggregation (LACP) on trunk 1. sysname(config)# trunk t1 sysname(config)# trunk t1 interface 5-8 sysname(config)# trunk t1 lacp 40.9 Enabling Port Authentication To enable a port authentication, you need to specify your RADIUS server details and select the ports which require external authentication. You can set up multiple RADIUS servers and specify how the Switch will process authentication requests. 40.9.
Chapter 40 Configuration Mode Commands radius-server timeout <11000> = Specifies the timeout period (in seconds) the Switch will wait for a response from a RADIUS server. If 2 RADIUS servers are configured, this is the total time the Switch will wait for a response from either server. mode = Specifies the way the Switch will process requests from the clients to the RADIUS server. (Only applicable with multiple RADIUS servers configured.
Chapter 40 Configuration Mode Commands • Specify the timeout period of 30 seconds that the Switch will wait for a response from the RADIUS server. • Enable port authentication on ports 4 to 8. • Activate reauthentication on the ports. • Specify 1800 seconds as the interval for client reauthentication. sysname(config)# --> secretKey sysname(config)# sysname(config)# sysname(config)# sysname(config)# sysname(config)# 280 radius-server host 1 10.10.10.
CHAPTER 41 Interface Commands These are some commonly used configuration commands that belong to the interface group of commands. 41.1 Overview The interface commands allow you to configure the Switch on a port by port basis. 41.2 Interface Command Examples This section provides examples of some frequently used interface commands. 41.2.1 interface port-channel Use this command to enable the specified ports for configuration. Indicate multiple, nonsequential ports separated by a comma.
Chapter 41 Interface Commands where = Type peer to process any BPDUs received on these ports. Type tunnel to forward BPDUs received on these ports. Type discard to drop any BPDUs received on these ports. Type network to process a BPDU with no VLAN tag and forward a tagged BPDU. An example is shown next. • Enable ports 1, 3, 4 and 5 for configuration. • Set the BPDU control to tunnel, to forward BPDUs received on ports one, three, four and five.
Chapter 41 Interface Commands where pir = Sets the maximum bandwidth allowed for incoming traffic. cir = Sets the guaranteed bandwidth allowed for incoming traffic. egress = Sets the maximum bandwidth allowed for outgoing traffic (egress) on the Switch. An example is shown next. • • • • • Enable port one for configuration. Enable bandwidth control. Set the outgoing traffic bandwidth limit to 5000Kbps. Set the guaranteed bandwidth allowed for incoming traffic to 4000Kbps.
Chapter 41 Interface Commands • Enable port mirroring for outgoing traffic. Traffic is copied from ports 1, 4, 5 and 6 to port three in order to examine it in more detail without interfering with the traffic flow on the original ports. sysname(config)# mirror-port sysname(config)# mirror-port 3 sysname(config)# interface port-channel 1,4-6 sysname(config-interface)# mirror sysname(config-interface)# mirror dir egress 41.2.
Chapter 41 Interface Commands where = Choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port. An example is shown next. • Enable ports one, three, four and five for configuration. • Enable ingress checking on the ports. • Enable tagged frame-types on the interface. sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# ingress-check sysname(config-interface)# frame-type tagged 41.2.
Chapter 41 Interface Commands • Set the outgoing traffic ports as the CPU (0), seven (7) and eight (8). sysname(config)# vlan-type port-based sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# egress set 0,7,8 41.2.11 qos priority Syntax: qos priority <0 .. 7> where <0 .. 7> = Sets the quality of service priority for a port. An example is shown next. • Enable ports one, three, four and five for configuration. • Set the IEEE 802.1p quality of service priority as four (4).
Chapter 41 Interface Commands where = Sets the duplex mode (half or full) and speed (10, 100 or 1000 Mbps) of the connection on the port. Selecting auto (autonegotiation) makes one port able to negotiate with a peer automatically to obtain the connection speed and duplex mode that both ends support. An example is shown next. • Enable ports one, three, four and five for configuration. • Set the speed to 100 Mbps in half duplex mode.
Chapter 41 Interface Commands Syntax: no bandwidth-limit An example is shown next: • Disable bandwidth limit on port1 sysname(config)# interface port-channel 1 sysname(config-interface)# no bandwidth-limit 288 GS-2724 User’s Guide
CHAPTER 42 IEEE 802.1Q Tagged VLAN Commands This chapter describes the IEEE 802.1Q Tagged VLAN and associated commands. 42.1 Configuring Tagged VLAN The following procedure shows you how to configure tagged VLAN. 1 Use the IEEE 802.1Q tagged VLAN commands to configure tagged VLAN for the Switch. • Use the vlan command to configure or create a VLAN on the Switch. The Switch automatically enters the config-vlan mode.Use the inactive command to deactivate the VLAN(s).
Chapter 42 IEEE 802.1Q Tagged VLAN Commands 42.2 Global VLAN1Q Tagged VLAN Configuration Commands This section shows you how to configure and monitor the IEEE 802.1Q Tagged VLAN. 42.2.1 GARP Status Syntax: show garp This command shows the Switch’s GARP timer settings, including the join, leave and leave all timers. An example is shown next. sysname# show garp GARP Timer -----------------------Join Timer = 200 Leave Timer = 600 Leave All Timer = 10000 sysname# 42.2.
Chapter 42 IEEE 802.1Q Tagged VLAN Commands The following example sets the Join Timer to 300 milliseconds, the Leave Timer to 800 milliseconds and the Leave All Timer to 11000 milliseconds. sysname (config)# garp join 300 leave 800 leaveall 11000 42.2.3 GVRP Timer Syntax: show vlan1q gvrp This command shows the Switch’s GVRP settings. An example is shown next. sysname# show vlan1q gvrp GVRP Support --------------------gvrpEnable = YES sysname # 42.2.
Chapter 42 IEEE 802.1Q Tagged VLAN Commands The following example sets the default VID to 200 on ports 1 to 5. sysname (config)# interface port-channel 1-5 sysname (config-interface)# pvid 200 42.3.2 Set Acceptable Frame Type Syntax: frame-type where = Specifies all Ethernet frames (tagged and untagged), only tagged Ethernet frames or only untagged Ethernet frames.
Chapter 42 IEEE 802.1Q Tagged VLAN Commands where = The VLAN ID [1 – 4094]. = A name to identify the SVLAN entry. = This is the Switch port list. • Enter fixed to register the to the static VLAN table with . • Enter normal to confirm registration of the to the static VLAN table with . • Enter forbidden to block a from joining the static VLAN table with .
Chapter 42 IEEE 802.1Q Tagged VLAN Commands 42.3.5 Delete VLAN ID Syntax: no vlan where = The VLAN ID [1 – 4094]. This command deletes the specified VLAN ID entry from the static VLAN table. The following example deletes entry 2 in the static VLAN table. sysname (config)# no vlan 2 42.4 Enable VLAN Syntax: vlan This command enables the specified VLAN ID in the SVLAN (Static VLAN) table. 42.
Chapter 42 IEEE 802.1Q Tagged VLAN Commands • The TagCtl section of the last column shows which ports are tagged and which are untagged. sysname# show vlan The Number of VLAN: 3 Idx.
Chapter 42 IEEE 802.
CHAPTER 43 Multicast VLAN Registration Commands This chapter shows you how to use Multicast VLAN Registration (mvr) commands. 43.1 Overview Use the mvr commands in the configuration mode to create and configure multicast VLANs. " If you want to enable IGMP snooping see Section 40.2 on page 269. 43.2 Create Multicast VLAN Use the following commands in the config-mvr mode to configure a multicast VLAN group.
Chapter 43 Multicast VLAN Registration Commands mode = Specifies dynamic (sends IGMP reports to all source ports in the multicast VLAN) or compatible (does not send IGMP reports). group name = A name to identify the MVR IP multicast group. start-address = Specifies the starting IP multicast address of the multicast group in dotted decimal notation. end-address = Specifies the ending IP multicast address of the multicast group in dotted decimal notation.
CHAPTER 44 Routing Domain Command Examples 44.1 interface route-domain Syntax: interface route-domain / where = This is the IP address of the Switch in the routing domain. Specify the IP address is dotted decimal notation. For example, 192.168.1.1. = The number of bits in the subnet mask. Enter the subnet mask number preceded with a “/”. To find the bit number, convert the subnet mask to binary and add all of the 1’s together. Take “255.255.255.
Chapter 44 Routing Domain Command Examples 300 GS-2724 User’s Guide
CHAPTER 45 Troubleshooting This chapter covers potential problems and possible remedies. 45.1 Problems Starting up the Switch Table 95 Troubleshooting the Start-Up of Your Switch PROBLEM CORRECTIVE ACTION None of the LEDs turn on when you turn on the Switch. Check the power connection and make sure the power source is turned on. If the error persists, you may have a hardware problem. In this case, you should contact your vendor. 45.
Chapter 45 Troubleshooting 45.3 Problems with the Password Table 97 Troubleshooting the Password PROBLEM CORRECTIVE ACTION Cannot access the Switch. The password field is case sensitive. Make sure that you enter the correct password using the proper casing. The administrator username is “admin”. The default administrator password is “1234”. The username and password are case-sensitive. Make sure that you enter the correct password and username using the proper casing.
P ART VII Appendices and Index Product Specifications (305) Changing a Fuse (311) Pop-up Windows, JavaScripts and Java Permissions (313) IP Addresses and Subnetting (319) Common Services (329) Legal Information (333) Customer Support (337) Index (341) 303
APPENDIX A Product Specifications This section describes the general software features of the Switch. Table 98 Firmware Features FEATURE DESCRIPTION IP Routing Domain An IP interface (also known as an IP routing domain) is not bound to a physical port. Configure an IP routing domain to allow the Switch to route traffic between different networks. VLAN A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks.
Appendix A Product Specifications Table 98 Firmware Features (continued) FEATURE DESCRIPTION Multicast VLAN Registration (MVR) Multicast VLAN Registration (MVR) is designed for applications (such as Media-on-Demand (MoD)) using multicast traffic across a network. MVR allows one single multicast VLAN to be shared among different subscriber VLANs on the network. This improves bandwidth utilization by reducing multicast traffic in the subscriber VLANs and simplifies multicast group management.
Appendix A Product Specifications The following table lists the product specifications. Table 99 General Product Specifications Interface Layer 2 Features 20 1000Base-Tx ports 4 GbE Dual Personality interfaces (Each interface has one 1000Base-T copper port and one Small Form-Factor Pluggable (SFP) fiber port, with one port active at a time.) One local console, RS-232 One 100Base-Tx port, RJ-45, for out-of-band management Auto-negotiation Auto-MDIX Compliant with IEEE 802.
Appendix A Product Specifications Table 99 General Product Specifications (continued) Layer 3 Features IP Capability IPV4 support 8 IP routing domains 1K IP address table 1K routing entries Wire speed IP forwarding Routing protocols Unicast: RIP-V1/V2 Multicast: IGMP V1/V2 8 Static Routes IP services DHCP server/relay Performance Wire-speed throughput 1488000 pps for 1000Base-T, 64-byte packet 148800 pps for 100Base-TX, 64-byte packet Non-blocking 48-Gbps switching fabric Availability IEEE 802.
Appendix A Product Specifications Table 100 Management Specifications System Control Alarm/Status surveillance Automatic alarm and status report Alarm/event history LED indication for alarm and system status Performance monitoring Line speed Four RMON groups 1, 2, 3, 9 (history, statistics, alarms, and events) for enhanced traffic management, monitoring, and analysis Throughput monitoring Transmit and receive of ICMP packets Port mirroring and aggregation Spanning Tree Protocol IGMP snooping Firmware upgr
Appendix A Product Specifications Table 101 Physical and Environmental Specifications LEDs Per Switch: BPS, PWR, SYS, ALM Per Gigabit Ethernet/mini-GBIC port: 100, 1000/LNK, ACT Per mini-GBIC port: LNK, ACT Per Management port: 10, 100 Dimension Standard 19” rack mountable 438 mm (W) x 300 mm (D) x 44.45 mm (H) Weight 4.
APPENDIX B Changing a Fuse This appendix shows you how to remove and install fuses for the Switch. " If you use a fuse other than the included fuses, make sure it matches the fuse specifications in the appendix on product specifications. Removing a Fuse " Disconnect all power from the Switch before you begin this procedure. 1 Remove the power cord from the Switch. 2 See the product specifications for the location of the fuse. Use a small flat-head screwdriver to carefully pry out the fuse housing.
Appendix B Changing a Fuse 312 GS-2724 User’s Guide
APPENDIX C Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. 45.3.0.1 Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix C Pop-up Windows, JavaScripts and Java Permissions Figure 126 Internet Options 3 Click Apply to save this setting. 45.3.0.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen.
Appendix C Pop-up Windows, JavaScripts and Java Permissions Figure 127 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 128 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 6 Click Apply to save this setting. 45.3.0.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 129 Internet Options 2 3 4 5 6 316 Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default).
Appendix C Pop-up Windows, JavaScripts and Java Permissions Figure 130 Security Settings - Java Scripting 45.3.0.3 Java Permissions 1 2 3 4 5 From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. Click OK to close the window.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 45.3.0.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for
APPENDIX D IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix D IP Addresses and Subnetting Figure 133 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). The term “subnet” is short for “subnetwork”. A subnet mask has 32 bits.
Appendix D IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 104 Subnet Masks BINARY DECIMAL 1ST OCTET 2ND OCTET 3RD OCTET 4TH OCTET 8-bit mask 11111111 00000000 00000000 00000000 255.0.0.0 16-bit mask 11111111 11111111 00000000 00000000 255.255.0.0 24-bit mask 11111111 11111111 11111111 00000000 255.255.255.
Appendix D IP Addresses and Subnetting Table 106 Alternative Subnet Mask Notation (continued) SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.252 /30 1111 1100 252 Subnetting You can use subnetting to divide one network into multiple sub-networks.
Appendix D IP Addresses and Subnetting Figure 135 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.128 is its broadcast address.
Appendix D IP Addresses and Subnetting Table 108 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.64 Lowest Host ID: 192.168.1.65 Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126 Table 109 Subnet 3 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1.
Appendix D IP Addresses and Subnetting Table 111 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 112 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.255.
Appendix D IP Addresses and Subnetting Table 113 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 14 255.255.255.252 (/30) 16384 2 15 255.255.255.254 (/31) 32768 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Appendix D IP Addresses and Subnetting IP Address Conflicts Each device on a network must have a unique IP address. Devices with duplicate IP addresses on the same network will not be able to access the Internet or other resources. The devices may also be unreachable through the network. Conflicting Computer IP Addresses Example More than one device can not use the same IP address.
Appendix D IP Addresses and Subnetting Conflicting Computer and Router IP Addresses Example More than one device can not use the same IP address. In the following example, the computer and the router’s LAN port both use 192.168.1.1 as the IP address. The computer cannot access the Internet. This problem can be solved by assigning a different IP address to the computer or the router’s LAN port.
APPENDIX E Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service.
Appendix E Common Services Table 114 Commonly Used Services (continued) 330 NAME PROTOCOL PORT(S) DESCRIPTION FTP TCP TCP 20 21 File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e-mail. H.323 TCP 1720 NetMeeting uses this protocol. HTTP TCP 80 Hyper Text Transfer Protocol - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secured http session often used in e-commerce.
Appendix E Common Services Table 114 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION RTELNET TCP 107 Remote Telnet. RTSP TCP/UDP 554 The Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. SFTP TCP 115 Simple File Transfer Protocol. SMTP TCP 25 Simple Mail Transfer Protocol is the message-exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another.
Appendix E Common Services 332 GS-2724 User’s Guide
APPENDIX F Legal Information Copyright Copyright © 2007 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix F Legal Information FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This device generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.
Appendix F Legal Information condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions. Note Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser.
Appendix F Legal Information 336 GS-2724 User’s Guide
APPENDIX G Customer Support Please have the following information ready when you contact customer support. Required Information • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. Corporate Headquarters (Worldwide) • • • • • • • Support E-mail: support@zyxel.com.tw Sales E-mail: sales@zyxel.com.tw Telephone: +886-3-578-3942 Fax: +886-3-578-2439 Web Site: www.zyxel.com, www.europe.zyxel.
Appendix G Customer Support Denmark • • • • • • Support E-mail: support@zyxel.dk Sales E-mail: sales@zyxel.dk Telephone: +45-39-55-07-00 Fax: +45-39-55-07-07 Web Site: www.zyxel.dk Regular Mail: ZyXEL Communications A/S, Columbusvej, 2860 Soeborg, Denmark Finland • • • • • • Support E-mail: support@zyxel.fi Sales E-mail: sales@zyxel.fi Telephone: +358-9-4780-8411 Fax: +358-9-4780 8448 Web Site: www.zyxel.
Appendix G Customer Support • • • • Telephone: +7-3272-590-698 Fax: +7-3272-590-689 Web Site: www.zyxel.kz Regular Mail: ZyXEL Kazakhstan, 43, Dostyk ave.,Office 414, Dostyk Business Centre, 050010, Almaty, Republic of Kazakhstan North America • • • • • • • Support E-mail: support@zyxel.com Sales E-mail: sales@zyxel.com Telephone: +1-800-255-4101, +1-714-632-0882 Fax: +1-714-632-0858 Web Site: www.us.zyxel.com FTP Site: ftp.us.zyxel.com Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St.
Appendix G Customer Support • Web Site: www.zyxel.es • Regular Mail: ZyXEL Communications, Arte, 21 5ª planta, 28033 Madrid, Spain Sweden • • • • • • Support E-mail: support@zyxel.se Sales E-mail: sales@zyxel.se Telephone: +46-31-744-7700 Fax: +46-31-744-7701 Web Site: www.zyxel.se Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Ukraine • • • • • • Support E-mail: support@ua.zyxel.com Sales E-mail: sales@ua.zyxel.
Index Index Numerics 802.1P priority 82 A access control limitations 193 login account 196 remote management 203 service port 202 SNMP 194 accounts and modes 232 Address Resolution Protocol (ARP) 221, 225, 226 administrator password 197 aggregator ID 119 aging time 77 alternative subnet mask notation 321 applications backbone 33 bridging 34 IEEE 802.
Index config mode 232 examples 269 configuration 168 change running config 190 file names 191 saving 235 configuration file 55, 236 and commands 236 backup 189 restore 55, 188 saving 190 configuration, saving 54 console port commands 229 settings 41, 229 contact information 337 copying port settings, See port cloning 226 copyright 333 CPU management port 93 current date 75 current time 75 customer support 337 D default gateway 179 DHCP 177 client IP pool 179 modes 177 relay agent 177 server 177 setup 178
Index getting help 57 gigabit Ethernet ports 42 GMT (Greenwich Mean Time) 75 GVRP 86, 92 and port assignment 92 GVRP (GARP VLAN Registration Protocol) 86, 284 H hardware installation 37 hardware monitor 72 hardware overview 41 help in command interpreter 233 history in command interpreter 235 HTTPS 199 certificates 199 implementation 199 public keys, private keys 199 HTTPS example 200 I IANA 326 IEEE 802.1p, priority 77 IEEE 802.1x 121 activate 124 reauthentication 124 IEEE 802.
Index Management Information Base (MIB) 194 management interface, See also CLI 229 management port 96 MIB and SNMP 194 supported MIBs 195 MIB (Management Information Base) 194 mini GBIC ports 42 connection speed 42 connector type 42 transceiver installation 43 transceiver removal 43 mirroring ports 115 modes and accounts 232 in command interpreter 232 monitor port 115, 116 mounting brackets 38 MSA (MultiSource Agreement) 42 MTU (Multi-Tenant Unit) 75 multicast 153 802.
Index Q QoS and classifier 131 Queue priority 144 Queue weight 144 queue weight 143 queuing 143 SPQ 143 WRR 143 queuing algorithm 144 queuing method 143, 144 calculate 144 R RADIUS 121 advantages 121 and port authentication 121 network example 121 server 121 settings 123 RADIUS (Remote Authentication Dial In User Service) 121 Rapid Spanning Tree Protocol (RSTP).
Index bridge priority 105, 108 configuration 104, 107 designated bridge 102 forwarding delay 106, 109 Hello BPDU 102 Hello Time 105, 107, 108, 110 how it works 102 Max Age 105, 107, 108, 110 path cost 102, 106, 109 port priority 106, 109 port state 103 root port 102 status 106, 109 terminology 101 subnet 319 subnet mask 320 subnetting 322 switch lockout 55 switch reset 55 switch setup 76 syntax conventions 4 syslog 207 protocol 207 server setup 208 settings 207 setup 207 severity levels 207 system informat
Index W warranty 334 note 335 web configurator 49 getting help 57 home 50 login 49 logout 57 navigation panel 51 screen summary 52 weight, queuing 143 Weighted Round Robin Scheduling (WRR) 143 WRR (Weighted Round Robin Scheduling) 143 Z ZyNOS (ZyXEL Network Operating System) 191 GS-2724 User’s Guide 347
Index 348 GS-2724 User’s Guide
