Page 1 GS3700/XGS3700 Series GbE L2+ Switch Version 4.20 Edition 1, 1/2015 Quick Start Guide User’s Guide Default Login Details IP Address http://192.168.0.1 (Out- of-band MGMT port) http://192.168.1.1 (In- www.zyxel.com band ports) User Name admin Password 1234 Copyright © 2015 ZyXEL Communications Corporation...
Page 2 IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Note: This guide is a reference for a series of products. Therefore some features or options in this guide may not be available in your product. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system.
Page 3: Table Of Contents
Contents Overview Contents Overview User’s Guide ............................18 Getting to Know Your Switch ........................19 Hardware Installation and Connection ....................24 Hardware Overview ..........................28 The Web Configurator ..........................35 Technical Reference ..........................44 ZON Utility, ZON Neighbor Management and Port Status ..............45 Basic Setting ............................54 VLAN ...............................94 Static MAC Forward Setup ........................
Page 4 Contents Overview Static Route ............................352 Policy Routing ............................356 Differentiated Services ..........................360 DHCP ..............................369 VRRP ..............................384 Load Sharing ............................393 ARP Setup ............................395 Maintenance ............................401 Access Control ............................412 Diagnostic .............................435 Syslog ..............................437 Cluster Management ..........................440 MAC Table .............................446 IP Table ..............................449 ARP Table .............................451 Routing Table ............................453 Path MTU Table ............................454 Configure Clone ............................455...
Page 5: Table Of Contents
Table of Contents Table of Contents Contents Overview ..........................3 Table of Contents ..........................5 Part I: User’s Guide ..................18 Chapter 1 Getting to Know Your Switch......................19 1.1 Introduction ............................19 1.1.1 Bridging Example ........................20 1.1.2 High Performance Switching Example ..................20 1.1.3 Gigabit Ethernet to the Desktop ....................21 1.1.4 IEEE 802.1Q VLAN Application Example ................21 1.1.5 IPv6 Support ..........................22 1.2 Ways to Manage the Switch ......................22...
Page 6 Table of Contents Chapter 4 The Web Configurator ........................35 4.1 Introduction ............................35 4.2 System Login ..........................35 4.3 The Web Configurator Layout ......................36 4.3.1 Change Your Password ......................40 4.4 Saving Your Configuration ........................41 4.5 Switch Lockout ..........................41 4.6 Resetting the Switch ........................41 4.6.1 Reload the Configuration File ....................41 4.7 Logging Out of the Web Configurator ....................42...
Page 7 Table of Contents 6.9.4 IPv6 Interface Setup ........................78 6.9.5 IPv6 Link-Local Address Setup ....................79 6.9.6 IPv6 Global Address Setup .....................80 6.9.7 IPv6 Neighbor Discovery Setup ....................81 6.9.8 IPv6 Router Discovery Setup ....................82 6.9.9 IPv6 Prefix Setup ........................84 6.9.10 IPv6 Neighbor Setup ......................85 6.9.11 DHCPv6 Client Setup ......................86 6.10 Stacking ............................88 6.10.1 Stacking Status ........................89...
Page 8 Table of Contents 9.1 Static Multicast Forwarding Overview .....................120 9.2 Configuring Static Multicast Forwarding ..................121 Chapter 10 Filtering..............................123 10.1 Configure a Filtering Rule ......................123 Chapter 11 Spanning Tree Protocol........................125 11.1 STP/RSTP Overview ........................125 11.1.1 STP Terminology .........................125 11.1.2 How STP Works ........................126 11.1.3 STP Port States ........................126 11.1.4 Multiple RSTP ........................126 11.1.5 Multiple STP .........................127...
Page 9 Table of Contents Chapter 15 Link Aggregation ..........................163 15.1 Link Aggregation Overview ......................163 15.2 Dynamic Link Aggregation ......................163 15.2.1 Link Aggregation ID ......................164 15.3 Link Aggregation Status .......................164 15.4 Link Aggregation Setting ......................165 15.5 Link Aggregation Control Protocol .....................168 15.6 Static Trunking Example .......................171 Chapter 16 Port Authentication ..........................173 16.1 Port Authentication Overview .......................173...
Page 10 Table of Contents 20.1.1 DiffServ ..........................196 20.1.2 DSCP and Per-Hop Behavior ....................196 20.2 Configuring Policy Rules .......................196 20.2.1 Viewing and Editing Policy Configuration ................199 20.3 Policy Example ..........................200 Chapter 21 Queuing Method ..........................202 21.1 Queuing Method Overview ......................202 21.1.1 Strictly Priority ........................202 21.1.2 Weighted Fair Queuing ......................202 21.1.3 Weighted Round Robin Scheduling (WRR) .................203 21.2 Configuring Queuing ........................203...
Page 11 Table of Contents 23.4.4 MLD Snooping-proxy Filtering ....................229 23.4.5 MLD Snooping-proxy Filtering Profile .................231 23.5 MVR Overview ..........................232 23.5.1 Types of MVR Ports ......................233 23.5.2 MVR Modes .........................233 23.5.3 How MVR Works .........................233 23.6 General MVR Configuration ......................234 23.6.1 MVR Group Configuration ....................237 23.6.2 MVR Configuration Example ....................239 Chapter 24 AAA ..............................241...
Page 12 Table of Contents Chapter 26 Loop Guard ............................277 26.1 Loop Guard Overview ........................277 26.2 Loop Guard Setup .........................279 Chapter 27 VLAN Mapping ..........................281 27.1 VLAN Mapping Overview ......................281 27.1.1 VLAN Mapping Example .....................281 27.2 Enabling VLAN Mapping .......................281 27.3 Configuring VLAN Mapping ......................283 Chapter 28 Layer 2 Protocol Tunneling......................285 28.1 Layer 2 Protocol Tunneling Overview ..................285...
Page 13 Table of Contents 31.6 Error-Disable Detect Configuration ....................308 31.7 Error-Disable Recovery Configuration ..................309 Chapter 32 MAC Pinning ............................. 311 32.1 MAC Pinning Overview ........................ 311 32.2 MAC Pinning Configuration ......................311 Chapter 33 Private VLAN .............................314 33.1 Private VLAN Overview ........................314 33.1.1 Configuration ........................316 Chapter 34 Green Ethernet..........................318...
Page 14 Table of Contents 37.1 Policy Route Overview .........................356 37.1.1 Benefits ..........................356 37.2 Configuring Policy Routing Profile ....................356 37.2.1 Policy Routing Rule Configuration ..................357 Chapter 38 Differentiated Services........................360 38.1 DiffServ Overview ........................360 38.1.1 DSCP and Per-Hop Behavior ....................360 38.1.2 DiffServ Network Example ....................360 38.2 Two Rate Three Color Marker Traffic Policing ................361 38.2.1 TRTCM - Color-blind Mode ....................362 38.2.2 TRTCM - Color-aware Mode ....................362...
Page 15 Table of Contents 40.3.1 IP Interface Setup .......................385 40.3.2 VRRP Parameters ......................387 40.3.3 Configuring VRRP Parameters ....................387 40.3.4 Viewing VRRP Summary .....................389 40.4 VRRP Configuration Examples ....................389 40.4.1 One Subnet Network Example ...................389 40.4.2 Two Subnets Example ......................391 Chapter 41 Load Sharing.............................393 41.1 Load Sharing Overview ........................393 41.2 Configuring Load Sharing ......................393...
Page 16 Table of Contents 44.2 The Access Control Main Screen ....................412 44.3 About SNMP ..........................412 44.3.1 SNMP v3 and Security ......................413 44.3.2 Supported MIBs .........................414 44.3.3 SNMP Traps ........................414 44.3.4 Configuring SNMP ......................418 44.3.5 Configuring SNMP Trap Group ..................420 44.3.6 Enabling/Disabling Sending of SNMP Traps on a Port ............421 44.3.7 Configuring SNMP User ....................422 44.4 Setting Up Login Accounts ......................424...
Page 17 Table of Contents Chapter 49 IP Table ..............................449 49.1 IP Table Overview ........................449 49.2 Viewing the IP Table ........................450 Chapter 50 ARP Table ............................451 50.1 ARP Table Overview ........................451 50.1.1 How ARP Works ........................451 50.2 The ARP Table Screen .........................451 Chapter 51 Routing Table ............................453 51.1 Overview ............................453...
Page 18: User's Guide
User’s Guide...
Page 19: Getting To Know Your Switch
H A PT ER Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction Your Switch is a layer 2+, Gigabit Ethernet (GbE) switch with two power slots for hot-swappable RPS300 or RPS600-HP power modules. The Switch provides four SFP or SFP+ slots for uplink. By integrating router functions, the Switch performs wire-speed layer-3 routing in addition to layer-2 switching.
Page 20: Bridging Example
Chapter 1 Getting to Know Your Switch 1.1.1 Bridging Example In this example the Switch connects different company departments (RD and Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the Switch.
Page 21: Gigabit Ethernet To The Desktop
Chapter 1 Getting to Know Your Switch Figure 2 High Performance Switching 10 Gbps Trunk Branch 1.1.3 Gigabit Ethernet to the Desktop The Switch is an ideal solution for small networks which demand high bandwidth for a group of heavy traffic users. You can connect computers and servers directly to the Switch’s port or connect other switches to the Switch.
Page 22: Ipv6 Support
Chapter 1 Getting to Know Your Switch For more information on VLANs, refer to Chapter 7 on page 1.1.4.1 Tag-based VLAN Example Ports in the same VLAN group share the same frame broadcast domain, thus increasing network performance by reducing broadcast traffic. VLAN groups can be modified at any time by adding, moving or changing ports without any re-cabling.
Page 23: Good Habits For Managing The Switch
Chapter 1 Getting to Know Your Switch • Web Configurator. This is recommended for everyday management of the Switch using a (supported) web browser. See Chapter 4 on page • Command Line Interface. Line commands offer an alternative to the Web Configurator and may be necessary to configure advanced features.
Page 24: Hardware Installation And Connection
H A PT ER Hardware Installation and Connection This chapter shows you how to install and connect the Switch. 2.1 Freestanding Installation Make sure the Switch is clean and dry. Set the Switch on a smooth, level surface strong enough to support the weight of the Switch and the connected cables.
Page 25: Mounting The Switch On A Rack
Chapter 2 Hardware Installation and Connection 2.2 Mounting the Switch on a Rack This section lists the rack mounting requirements and precautions and describes the installation steps of how to mount the Switch in a 19-inch rack with the included rack mounting kit. Note: ZyXEL provides extensible rear mounting brackets (RM400) to install the Switch in a 21-inch, 23-inch or 24-inch rack.
Page 26: Mounting The Switch On A Rack
Chapter 2 Hardware Installation and Connection Slide the rear bracket along the rail and set the bracket in place depending on the depth of the rack. The rear brackets can be used with a 19-inch rack. Rear Bracket Sliding Rail Front Bracket You may now mount the Switch on a rack.
Page 27: Power Module Installation
Chapter 2 Hardware Installation and Connection Rear Front 2.6 Power Module Installation There is one power module installed in the first power slot of the Switch by default. See the Power Module Hardware Installation Guide for how to install a second power module or remove the power module.
Page 28: Hardware Overview
This chapter describes the front panel and rear panel of the Switch and shows you how to make the hardware connections. 3.1 Front Panel Connections The figure below shows the front panel of the Switch. Figure 6 Front Panel: GS3700 Series GS3700/XGS3700 Series User’s Guide...
Page 29: Ethernet Ports
Chapter 3 Hardware Overview Figure 7 Front Panel: XGS3700 Series The following table describes the ports. Table 2 Panel Connections CONNECTOR DESCRIPTION 24 or 48 10/ Connect these ports to a computer, a hub, an Ethernet switch or router. 100/1000Base-T RJ-45 Ethernet Ports 4 SFP or SFP+...
Page 30: Sfp/Sfp+ Slots
Chapter 3 Hardware Overview • Speed: Auto • Duplex: Auto • Flow control: Off • Dual Personality Interface: Fiber-optic module first 3.1.2 SFP/SFP+ Slots These are four slots for Small Form-Factor Pluggable (SFP) or SFP+ modules, such as an SFP/SFP+ transceiver.
Page 31: Management Port
Chapter 3 Hardware Overview Figure 9 Installed Transceiver 3.1.2.2 Transceiver Removal Use the following steps to remove a transceiver. Open the transceiver’s latch (latch styles vary). Figure 10 Opening the Transceiver’s Latch Example Pull the transceiver out of the slot. Figure 11 Transceiver Removal Example 3.1.3 Management Port The 100Base-T Ethernet MGMT (management) port is used for local management.
Page 32: Rear Panel
Chapter 3 Hardware Overview • No parity, 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the RS-232 console cable to the console port of the Switch. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer. 3.2 Rear Panel The following figures show the rear panels of the Switch.
Page 33: Leds
Chapter 3 Hardware Overview Disconnect the power cord from the power outlet. Disconnect the power cord from the AC power socket. 3.3 LEDs The following table describes the LEDs. Table 3 LEDs COLOR STATUS DESCRIPTION PWR1 Green The system is receiving power from the power module in the first (Power 1) power slot.
Page 34 Chapter 3 Hardware Overview Table 3 LEDs (continued) COLOR STATUS DESCRIPTION 1-24 or 1- Green Power is supplied to the PoE port. Power is not supplied to the PoE port. POE (Right) 1G SFP Slots 25-28 or Green Blinking The port is receiving or transmitting data at 1 Gbps. 49-52 The port has a successful 1 Gbps connection.
Page 35: The Web Configurator
H A PT ER The Web Configurator This section introduces the configuration and functions of the web configurator. 4.1 Introduction The web configurator is an HTML-based management interface that allows easy Switch setup and management via Internet browser. Supported browsers at the time of writing are: •...
Page 36: The Web Configurator Layout
Chapter 4 The Web Configurator Figure 13 Web Configurator: Login Click OK to view the first web configurator screen. 4.3 The Web Configurator Layout The Status screen is the first screen that displays when you access the web configurator. This guide uses the GS3700-48HP screens as an example.
Page 37 Chapter 4 The Web Configurator B, C, D, E - These are quick links which allow you to perform certain tasks no matter which screen you are currently working in. B - Click this link to save your configuration into the Switch’s nonvolatile memory. Nonvolatile memory is saved in the configuration file from which the Switch booted from and it stays the same even if the Switch’s power is turned off.
Page 38 Chapter 4 The Web Configurator The following table describes the links in the navigation panel. Table 5 Navigation Panel Links LINK DESCRIPTION Basic Settings System Info This link takes you to a screen that displays general system and hardware monitoring information.
Page 39 Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Policy Rule This link takes you to a screen where you can configure the Switch to perform special treatment on the grouped packets. Queuing Method This link takes you to a screen where you can configure queuing with associated queue weights for each port.
Page 40: Change Your Password
Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Access Control This link takes you to screens where you can change the system login password and configure SNMP and remote management. Diagnostic This link takes you to screens where you can view system logs and can test port(s). Syslog This link takes you to screens where you can setup system logs and a system log server.
Page 41: Saving Your Configuration
Chapter 4 The Web Configurator 4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off.
Page 42: Logging Out Of The Web Configurator
Chapter 4 The Web Configurator bit and flow control set to none. The password will also be reset to “1234” and the IP address to 192.168.1.1. To upload the configuration file, do the following: Connect to the console port using a computer with terminal emulation software. See Section 3.2 on page 32 for details.
Page 43: Help
Chapter 4 The Web Configurator Figure 17 Web Configurator: Logout Screen 4.8 Help The web configurator’s online help has descriptions of individual screens and some supplementary information. Click the Help link from a web configurator screen to view an online help description of that screen. GS3700/XGS3700 Series User’s Guide...
Page 44: Technical Reference
Technical Reference...
Page 45: Zon Utility, Zon Neighbor Management And Port Status
H A PT ER ZON Utility, ZON Neighbor Management and Port Status This chapter describes the screens for ZON Utility, ZON Neighbor Management, Port Status and Port Details. 5.1 Overview The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details.
Page 46: Zon Neighbor Management Screen
Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Figure 18 ZON Utility Screen 5.3 ZON Neighbor Management Screen The ZON Neighbor Management screen allows you to view and manage the SwitchSwitch’s neighboring devices more conveniently. It uses Layer Link Discovery Protocol (LLDP) to discover all neighbor devices connected to the SwitchSwitch including non-ZyXEL devices.
Page 47: Status Summary
Chapter 5 ZON Utility, ZON Neighbor Management and Port Status The following table describes the fields in the above screen. Table 6 Status > Neighbor LABEL DESCRIPTION Local Port This shows the port number of the local device in the network. Name This shows the name of the local device in the network.
Page 48: Port Status
Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Figure 20 Status Summary (Stacking) The following table describes the labels in this screen. Table 7 Status Summary (Stacking) LABEL DESCRIPTION System Up This is the boot-up time in hours, minutes and seconds of the master Switch. Time Slot This identifies the Switch in the stack.
Page 49 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Figure 21 Status (Standalone mode) Figure 22 Port Status (Stacking mode) The following table describes the labels in this screen. Table 8 Status (Standalone mode) and Port Status (Stacking mode) LABEL DESCRIPTION Slot (Stacking...
Page 50: Status: Port Details
Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Table 8 Status (Standalone mode) and Port Status (Stacking mode) (continued) LABEL DESCRIPTION State If STP (Spanning Tree Protocol) is enabled, this field displays the STP state of the port. (See Section 11.1.3 on page 126 for more information).
Page 51 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Figure 23 Status: Port Details The following table describes the labels in this screen. Table 9 Status > Port Details LABEL DESCRIPTION Port Info Port NO. This field displays the port number you are viewing. In stacking mode, the first number represents the slot and the second the port number.
Page 52 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Table 9 Status > Port Details (continued) LABEL DESCRIPTION Rx KBs/s This field shows the transmission speed of data received on this port in kilobytes per second. Up Time This field shows the total amount of time the connection has been up. Tx Packet The following fields display detailed information about packets transmitted.
Page 53 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Table 9 Status > Port Details (continued) LABEL DESCRIPTION 512-1023 This field shows the number of packets (including bad packets) received that were between 512 and 1023 octets in length. 1024-1518 This field shows the number of packets (including bad packets) received that were between 1024 and 1518 octets in length.
Page 54: Basic Setting
H A PT ER Basic Setting This chapter describes how to configure the Basic Setting screens. 6.1 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the Switch temperature, fan speeds and voltage in this screen.
Page 55 Chapter 6 Basic Setting Figure 25 Basic Setting > System Info (Stacking Mode) The following table describes the labels in these screens. Table 10 Basic Setting > System Info (Standalone and Stacking Modes) LABEL DESCRIPTION System Name This field displays the descriptive name of the Switch for identification purposes. Product Model This field displays the product model of the Switch.
Page 56: System Information Stacking Hardware Monitor
Chapter 6 Basic Setting Table 10 Basic Setting > System Info (Standalone and Stacking Modes) (continued) LABEL DESCRIPTION Fan Speed A properly functioning fan is an essential component (along with a sufficiently ventilated, (RPM) cool operating environment) in order for the device to stay within the temperature threshold. Each fan has a sensor that is capable of detecting and reporting if the fan speed falls below the threshold shown.
Page 57 Chapter 6 Basic Setting Figure 26 Basic Setting > System Info > Hardware Monitor (Stacking Mode) The following table describes the labels in this screen. Table 11 Basic Setting > System Info > Hardware Monitor (Stacking Mode) LABEL DESCRIPTION SLOT This number identifies the Switch in the stack.
Page 58: General Setup
Chapter 6 Basic Setting Table 11 Basic Setting > System Info > Hardware Monitor (Stacking Mode) (continued) LABEL DESCRIPTION This field displays the maximum voltage measured at this point. This field displays the minimum voltage measured at this point. Threshold This field displays the percentage tolerance of the voltage with which the Switch still works.
Page 59 Chapter 6 Basic Setting Table 12 Basic Setting > General Setup (continued) LABEL DESCRIPTION Use Time Server Type the time service protocol that your timeserver uses. Not all time servers support all when Bootup protocols, so you may have to use trial and error to find a protocol that works. The main differences between them are the time format.
Page 60: Introduction To Vlans
Chapter 6 Basic Setting Table 12 Basic Setting > General Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 61 Chapter 6 Basic Setting Figure 28 Basic Setting > Switch Setup The following table describes the labels in this screen. Table 13 Basic Setting > Switch Setup LABEL DESCRIPTION VLAN Type Choose 802.1Q or Port Based. The VLAN Setup screen changes depending on whether (Standalone you choose 802.1Q VLAN type or Port Based VLAN type in this screen.
Page 62: Ip Setup
Chapter 6 Basic Setting Table 13 Basic Setting > Switch Setup (continued) LABEL DESCRIPTION Leave All Timer Leave All Timer sets the duration of the Leave All Period timer for GVRP in milliseconds. Each port has a single Leave All Period timer. Leave All Timer must be larger than Leave Timer.
Page 63 Chapter 6 Basic Setting You can configure multiple routing domains on the same VLAN as long as the IP address ranges for the domains do not overlap. To change the IP address of the Switch in a routing domain, simply add a new routing domain entry with a different IP address in the same subnet.
Page 64: Port Setup
Chapter 6 Basic Setting Table 14 Basic Setting > IP Setup (continued) LABEL DESCRIPTION IP Address Enter the out-of-band management IP address of your Switch in dotted decimal notation. For example, 192.168.0.1. IP Subnet Enter the IP subnet mask of your Switch in dotted decimal notation, for example, Mask 255.255.255.0.
Page 65 Chapter 6 Basic Setting Figure 30 Basic Setting > Port Setup (GS3700 Series) Figure 31 Basic Setting > Port Setup (XGS3700 Series: Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 66 Chapter 6 Basic Setting Figure 32 Basic Setting > Port Setup (XGS3700 Series: Stacking mode) The following table describes the labels in this screen. Table 15 Basic Setting > Port Setup LABEL DESCRIPTION Port This is the port index number. In stacking mode, the first number is the slot ID and the second is the port number.
Page 67: Poe
Chapter 6 Basic Setting Table 15 Basic Setting > Port Setup (continued) LABEL DESCRIPTION Flow Control A concentration of traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses. Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port.
Page 68 Chapter 6 Basic Setting Figure 33 Powered Device Examples You can also set priorities so that the Switch is able to reserve and allocate power to certain PDs. Note: The PoE devices that supply or receive power and their connected Ethernet cables must all be completely indoors.
Page 69 Chapter 6 Basic Setting Figure 35 Basic Setting > PoE Status (Stacking mode) The following table describes the labels in this screen. Table 16 Basic Setting > PoE Status LABEL DESCRIPTION PoE Status Slot (Stacking mode) This field appears only in stacking mode. Click the drop-down list to choose the slot number of the Switch in a stack.
Page 70: Poe Setup
Chapter 6 Basic Setting Table 16 Basic Setting > PoE Status LABEL DESCRIPTION Class This shows the power classification of the PD. This is a number from 0 to 4, where each value represents a range of power (W) and current (mA) that the PD requires to function.
Page 71 Chapter 6 Basic Setting Figure 36 Basic Setting > PoE Status > PoE Setup (Standalone mode) Figure 37 Basic Setting > PoE Status > PoE Setup (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 72 Chapter 6 Basic Setting The following table describes the labels in this screen. Table 17 Basic Setting > PoE Status > PoE Setup LABEL DESCRIPTION PoE Mode Select the power management mode you want the Switch to use. • Classification - Select this if you want the Switch to reserve the Max Power (mW) to each PD according to the power classification of the PD.
Page 73: Interface Setup
Chapter 6 Basic Setting 6.8 Interface Setup An IPv6 address is configured on a per-interface basis. The interface can be a physical interface (for example, an Ethernet port) or a virtual interface (for example, a VLAN). The Switch supports the VLAN interface type for IPv6 at the time of writing.
Page 74: Ipv6
Chapter 6 Basic Setting 6.9 IPv6 Use this screen to view the IPv6 interface status and configure Switch’s management IPv6 addresses. See Appendix B on page 467 for more information about IPv6. Click Basic Setting > IPv6 in the navigation panel to display the IPv6 status screen as shown next.
Page 75 Chapter 6 Basic Setting Figure 40 Basic Setting > IPv6 Interface Status The following table describes the labels in this screen. Table 20 Basic Setting > IPv6 Interface Status LABEL DESCRIPTION IPv6 Active This field displays whether the IPv6 interface is activated or not. MTU Size This field displays the Maximum Transmission Unit (MTU) size for IPv6 packets on this interface.
Page 76 Chapter 6 Basic Setting Table 20 Basic Setting > IPv6 Interface Status (continued) LABEL DESCRIPTION Stateless This field displays whether the Switch’s interface can automatically generate a link-local Address address via stateless autoconfiguration. Autoconfig Link Local This field displays the Switch’s link-local IP address and prefix generated by the interface. It Address also shows whether the IP address is preferred, which means it is a valid address and can be used as a sender or receiver address.
Page 77: Ipv6 Configuration
Chapter 6 Basic Setting Table 20 Basic Setting > IPv6 Interface Status (continued) LABEL DESCRIPTION Domain List This field displays the address record when the Switch queries the DNS server to resolve domain names. Restart DHCPv6 Click Click Here to send a new DHCP request to the DHCPv6 server and update the IPv6 Client address and DNS information for this interface.
Page 78: Ipv6 Global Setup
Chapter 6 Basic Setting 6.9.3 IPv6 Global Setup Use this screen to configure the global IPv6 settings. Click the link next to IPv6 Global Setup in the IPv6 Configuration screen to display the screen as shown next. Figure 42 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Setup The following table describes the labels in this screen.
Page 79: Ipv6 Link-Local Address Setup
Chapter 6 Basic Setting Figure 43 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Interface Setup The following table describes the labels in this screen. Table 23 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Interface Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure.
Page 80: Ipv6 Global Address Setup
Chapter 6 Basic Setting Figure 44 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Link-Local Address Setup The following table describes the labels in this screen. Table 24 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Link-Local Address Setup LABEL DESCRIPTION Interface...
Page 81: Ipv6 Neighbor Discovery Setup
Chapter 6 Basic Setting Figure 45 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Address Setup The following table describes the labels in this screen. Table 25 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Address Setup LABEL DESCRIPTION Interface...
Page 82: Ipv6 Router Discovery Setup
Chapter 6 Basic Setting Figure 46 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Neighbor Discovery Setup The following table describes the labels in this screen. Table 26 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Neighbor Discovery Setup LABEL DESCRIPTION Interface...
Page 83 Chapter 6 Basic Setting Figure 47 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Router Discovery Setup The following table describes the labels in this screen. Table 27 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Router Discovery Setup LABEL DESCRIPTION Interface...
Page 84: Ipv6 Prefix Setup
Chapter 6 Basic Setting Table 27 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Router Discovery Setup (continued) LABEL DESCRIPTION Flags This field displays whether IPv6 hosts use DHCPv6 to obtain IPv6 stateful addresses (M) and/or additional configuration settings (O). Minimum Interval This field displays the minimum time interval at which the Switch sends router advertisements for this interface.
Page 85: Ipv6 Neighbor Setup
Chapter 6 Basic Setting Table 28 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Prefix Setup (continued) LABEL DESCRIPTION Preferred Lifetime Specify how long (from 0 to 4294967295 seconds) that addresses generated from the prefix via stateless address autoconfiguration remain preferred. The preferred lifetime cannot exceed the valid lifetime.
Page 86: Dhcpv6 Client Setup
Chapter 6 Basic Setting The following table describes the labels in this screen. Table 29 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Neighbor Setup LABEL DESCRIPTION Interface Type Select the type of IPv6 interface for which you want to configure. The Switch supports the VLAN interface type for IPv6 at the time of writing.
Page 87 Chapter 6 Basic Setting Figure 50 Basic Setting > IPv6 > IPv6 Configuration > DHCPv6 Client Setup The following table describes the labels in this screen. Table 30 Basic Setting > IPv6 > IPv6 Configuration > DHCPv6 Client Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure.
Page 88: Stacking
Chapter 6 Basic Setting 6.10 Stacking Stacking is directly connecting Switches to form a larger system that behaves as a single Switch or a virtual chassis with increased port density. Figure 51 Switch Stacking Concept The last two SFP ports of your Switch are dedicated for Switch stacking. These are the Switches that support stacking at the time of writing.
Page 89: Stacking Status
Chapter 6 Basic Setting Figure 52 Stacking Topology 6.10.1 Stacking Status Click Basic Setting > Stacking in the navigation panel to display the Stacking Status screen as shown next. Figure 53 Basic Setting > Stacking Status The following table describes the labels in this screen. Table 32 Basic Setting >...
Page 90: Stacking Slot
Chapter 6 Basic Setting Table 32 Basic Setting > Stacking > Stacking Status (continued) LABEL DESCRIPTION Role This field displays whether the Switch is a master, backup or linecard. There’s only one master and one backup Switch in the stacking model; all others are linecard Switches. Stacking Topology: Ring/Chain Slot No.
Page 91: Stacking Configuration
Chapter 6 Basic Setting Table 33 Basic Setting > Stacking > Stacking Status > Slot number (continued) LABEL DESCRIPTION Priority This field displays the priority level of the Switch. A higher number represents higher priority. Slot ID After This field displays the slot ID of the Switch after a reboot. You can save the slot ID of the Reboot Switch after a reboot by clicking Freeze in the Stacking Configuration screen.
Page 92 Chapter 6 Basic Setting Lowest MAC Address Note: Master election occurs when a stacking port link status changes (up / down). The link status changes when (for example): - a stacking port cable is disconnected - a Switch in the stack reboots (as happens after you change stacking mode to standalone) - you add a Switch to the stack or - a Switch in the stack shuts down.
Page 93 Chapter 6 Basic Setting Figure 55 Basic Setting > Stacking > Configuration The following table describes the labels in this screen. Table 34 Basic Setting > Stacking > Configuration LABEL DESCRIPTION Active Select the Active check box to put the Switch in stacking mode. This will erase the running configuration, config01 and config02.
Page 94: Vlan
H A PT ER VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen which is only available in standalone mode. The Switch does not support port-based VLANs in stacking mode. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 7.1 Introduction to IEEE 802.1Q Tagged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created.
Page 95: Automatic Vlan Registration
Chapter 7 VLAN 7.2 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 7.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and de-register attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP.
Page 96: Port Vlan Trunking
Chapter 7 VLAN 7.3 Port VLAN Trunking Enable VLAN Trunking on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices.
Page 97: Vlan Status
Chapter 7 VLAN 7.5.1 VLAN Status Section 7.1 on page 94 for more information on 802.1Q VLAN. Click Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown next. Figure 58 Advanced Application > VLAN: VLAN Status The following table describes the labels in this screen.
Page 98: Vlan Details
Chapter 7 VLAN 7.5.2 VLAN Details Use this screen to view detailed port settings and status of the VLAN group. See Section 7.1 on page 94 for more information on 802.1Q VLAN. Click on an index number in the VLAN Status screen to display VLAN details.
Page 99: Vlan Configuration
Chapter 7 VLAN Table 37 Advanced Application > VLAN > VLAN Detail (continued) LABEL DESCRIPTION Port List This shows the ports mapped to the private VLAN using the Advanced Application > Private VLAN or Advanced Application > VLAN > Static VLAN screen. Change Pages Click Previous or Next to show the previous/next screen if all status information cannot be seen in one screen.
Page 100 Chapter 7 VLAN Figure 61 Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup The following table describes the related labels in this screen. Table 39 Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN settings.
Page 101: Configure Vlan Port Settings
Chapter 7 VLAN Table 39 Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup (continued) LABEL DESCRIPTION Association VLAN Primary private VLANs can associate with several (secondary) Community private VLANs List and up to one (secondary) Isolated private VLAN. You only configure VLAN Association List for Primary private VLANs.
Page 102 Chapter 7 VLAN Figure 62 Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup: Standalone mode Figure 63 Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup: Stacking mode The following table describes the labels in this screen. Table 40 Advanced Application >...
Page 103: Subnet Based Vlans
Chapter 7 VLAN Table 40 Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup: Standalone/ Stacking mode (continued) LABEL DESCRIPTION Port This field displays the port number of the Switch. In stacking mode, the first number represents the slot and the second the port number. Please note that the default stacking ports (the last two ports of your Switch) cannot be configured.
Page 104 Chapter 7 VLAN For example, an ISP (Internet Service Provider) may divide different types of services it provides to customers into different IP subnets. Traffic for voice services is designated for IP subnet 172.16.1.0/24, video for 192.168.1.0/24 and data for 10.1.1.0/24. The Switch can then be configured to group incoming traffic based on the source IP subnet of incoming frames.
Page 105 Chapter 7 VLAN Figure 65 Advanced Application > VLAN > VLAN Configuration > > Subnet Based VLAN Setup The following table describes the labels in this screen. Table 41 Advanced Application > VLAN > VLAN Configuration > Subnet Based VLAN Setup LABEL DESCRIPTION Active...
Page 106: Protocol Based Vlans
Chapter 7 VLAN Table 41 Advanced Application > VLAN > VLAN Configuration > Subnet Based VLAN Setup LABEL DESCRIPTION Index This is the index number identifying this subnet based VLAN. Click on any of these numbers to edit an existing subnet based VLAN. Active This field shows whether the subnet based VLAN is active or not.
Page 107 Chapter 7 VLAN Figure 67 Advanced Application > VLAN > VLAN Configuration > Protocol Based VLAN Setup The following table describes the labels in this screen. Table 42 Advanced Application > VLAN > VLAN Configuration > Protocol Based VLAN Setup LABEL DESCRIPTION Active...
Page 108 Chapter 7 VLAN Table 42 Advanced Application > VLAN > VLAN Configuration > Protocol Based VLAN Setup LABEL DESCRIPTION Name This field shows the name the protocol based VLAN. Ethernet-type This field shows which Ethernet protocol is part of this protocol based VLAN. This field shows the VLAN ID of the port.
Page 109: View Private Vlan Status
Chapter 7 VLAN Click Add. 7.6.5 View Private VLAN Status Use this screen to view all private VLANs created on the Switch. See also Advanced Application > Private VLAN. Click Private VLAN Status in the VLAN Status screen to display the screen as shown next. Figure 69 Advanced Application >...
Page 110: Configure A Port-Based Vlan
Chapter 7 VLAN Note: When you activate port-based VLAN, the Switch uses a default VLAN ID of 1. You cannot change it. Note: In screens (such as IP Setup and Filtering) that require a VID, you must enter 1 as the VID. The port-based VLAN setup screen is shown next.
Page 111 Chapter 7 VLAN Figure 70 Advanced Application > VLAN > Port Based VLAN Setup (All Connected) The following screen shows users on a port-based, port-isolated VLAN configuration. GS3700/XGS3700 Series User’s Guide...
Page 112 Chapter 7 VLAN Figure 71 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) GS3700/XGS3700 Series User’s Guide...
Page 113: Voice Vlan
Chapter 7 VLAN The following table describes the labels in this screen. Advanced Application > VLAN: Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation. All connected means all ports can communicate with each other, that is, there are no virtual LANs.
Page 114 Chapter 7 VLAN Figure 72 Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup The following table describes the fields in the above screen. Table 44 Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup LABEL DESCRIPTION Voice VLAN Global Setup Voice VLAN...
Page 115: Mac-Based Vlan
Chapter 7 VLAN Table 44 Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup LABEL DESCRIPTION OUI mask This field displays the OUI mask address of the Voice VLAN. Description This field displays the description of the Voice VLAN with OUI address. Delete Click the Delete check box to select Voice VLAN OUI entry you wish to remove.
Page 116 Chapter 7 VLAN Table 45 Advanced Application > VLAN > VLAN Configuration > MAC-based VLAN Setup LABEL DESCRIPTION Priority Type a priority (0-7) for the MAC-based VLAN entry.The higher the numeric value you assign, the higher the priority for this MAC-based VLAN entry. Click Add to save the new MAC-based VLAN entry.
Page 117: Static Mac Forward Setup
H A PT ER Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 8.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your network. 8.2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table.
Page 118 Chapter 8 Static MAC Forward Setup Figure 75 Advanced Application > Static MAC Forwarding (Stacking mode) The following table describes the labels in this screen. Table 46 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box.
Page 119 Chapter 8 Static MAC Forward Setup Table 46 Advanced Application > Static MAC Forwarding (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. GS3700/XGS3700 Series User’s Guide...
Page 120: Static Multicast Forward Setup
H A PT ER Static Multicast Forward Setup Use these screens to configure static multicast address forwarding. 9.1 Static Multicast Forwarding Overview A multicast MAC address is the MAC address of a member of a multicast group. A static multicast address is a multicast MAC address that has been manually entered in the multicast table.
Page 121: Configuring Static Multicast Forwarding
Chapter 9 Static Multicast Forward Setup Figure 78 Static Multicast Forwarding to Multiple Ports 9.2 Configuring Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). Click Advanced Application > Static Multicast Forwarding to display the configuration screen as shown.
Page 122 Chapter 9 Static Multicast Forward Setup Table 47 Advanced Application > Static Multicast Forwarding (continued) LABEL DESCRIPTION Port Enter the port(s) where frames with destination MAC address that matched the entry above are forwarded. You can enter multiple ports separated by (no space) comma (,) or hyphen for a range.
Page 123: Filtering
HAPTER Filtering This chapter discusses MAC address port filtering. 10.1 Configure a Filtering Rule Configure the Switch to filter traffic based on the traffic’s source, destination MAC addresses and/or VLAN group (ID). Click Advanced Application > Filtering in the navigation panel to display the screen as shown next.
Page 124 Chapter 10 Filtering Table 48 Advanced Application > FIltering (continued) LABEL DESCRIPTION Type a MAC address in a valid MAC address format, that is, six hexadecimal character pairs. Type the VLAN group identification number. Click this to create a new entry or to update an existing one. This saves your changes to the Switch’s run-time memory.
Page 125: Spanning Tree Protocol
HAPTER Spanning Tree Protocol The Switch supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol •...
Page 126: How Stp Works
Chapter 11 Spanning Tree Protocol Table 49 STP Path Costs RECOMMENDED RECOMMENDED LINK SPEED ALLOWED RANGE VALUE RANGE Path Cost 1Gbps 3 to 10 1 to 65535 Path Cost 10Gbps 1 to 5 1 to 65535 On each bridge, the bridge communicates with the root through the root port. The root port is the port on this Switch with the lowest path cost to the root (the root path cost).
Page 127: Multiple Stp
Chapter 11 Spanning Tree Protocol In the following example, there are two RSTP instances (MRSTP1 and MRSTP2) on switch A. Figure 81 MRSTP Network Example To set up MRSTP, activate MRSTP on the Switch and specify which port(s) belong to which spanning tree.
Page 128 Chapter 11 Spanning Tree Protocol Figure 82 STP/RSTP Network Example VLAN 1 VLAN 2 With MSTP, VLANs 1 and 2 are mapped to different spanning trees in the network. Thus traffic from the two VLANs travel on different paths. The following figure shows the network example using MSTP.
Page 129: Spanning Tree Protocol Status Screen
Chapter 11 Spanning Tree Protocol 11.1.5.3 MST Instance An MST Instance (MSTI) is a spanning tree instance. VLANs can be configured to run on a specific MSTI. Each created MSTI is identified by a unique number (known as an MST ID) known internally to a region.
Page 130: Spanning Tree Configuration
Chapter 11 Spanning Tree Protocol Figure 86 Advanced Application > Spanning Tree Protocol This screen differs depending on which STP mode (RSTP, MRSTP or MSTP) you configure on the Switch. This screen is described in detail in the section that follows the configuration section for each STP mode.
Page 131: Configure Rapid Spanning Tree Protocol
Chapter 11 Spanning Tree Protocol 11.4 Configure Rapid Spanning Tree Protocol Use this screen to configure RSTP settings, see Section 11.1 on page 125 for more information on RSTP. Click RSTP in the Advanced Application > Spanning Tree Protocol screen. Figure 88 Advanced Application >...
Page 132 Chapter 11 Spanning Tree Protocol Figure 89 Advanced Application > Spanning Tree Protocol > RSTP (Stacking mode) The following table describes the labels in this screen. Table 52 Advanced Application > Spanning Tree Protocol > RSTP LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 90 on page 134).
Page 133: Rapid Spanning Tree Protocol Status
Chapter 11 Spanning Tree Protocol Table 52 Advanced Application > Spanning Tree Protocol > RSTP (continued) LABEL DESCRIPTION Forwarding Delay This is the maximum time (in seconds) a switch will wait before changing states. This delay is required because every switch must receive information about topology changes before it starts to forward frames.
Page 134: Configure Multiple Rapid Spanning Tree Protocol
Chapter 11 Spanning Tree Protocol Figure 90 Advanced Application > Spanning Tree Protocol > Status: RSTP The following table describes the labels in this screen. Table 53 Advanced Application > Spanning Tree Protocol > Status: RSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click RSTP to edit RSTP settings on the Switch.
Page 135 Chapter 11 Spanning Tree Protocol Figure 91 Advanced Application > Spanning Tree Protocol > MRSTP (Standalone mode) Figure 92 Advanced Application > Spanning Tree Protocol > MRSTP (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 136 Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 54 Advanced Application > Spanning Tree Protocol > MRSTP LABEL DESCRIPTION Status Click Status to display the MRSTP Status screen (see Figure 93 on page 137).
Page 137: Multiple Rapid Spanning Tree Protocol Status
Chapter 11 Spanning Tree Protocol Table 54 Advanced Application > Spanning Tree Protocol > MRSTP (continued) LABEL DESCRIPTION Priority Configure the priority for each port here. Priority decides which port should be disabled when more than one port forms a loop in the Switch.
Page 138: Configure Multiple Spanning Tree Protocol
Chapter 11 Spanning Tree Protocol Table 55 Advanced Application > Spanning Tree Protocol > Status: MRSTP (continued) LABEL DESCRIPTION Hello Time This is the time interval (in seconds) at which the root switch transmits a configuration (second) message. The root bridge determines Hello Time, Max Age and Forwarding Delay. Max Age (second) This is the maximum time (in seconds) a switch can wait without receiving a configuration message before attempting to reconfigure.
Page 139 Chapter 11 Spanning Tree Protocol Figure 94 Advanced Application > Spanning Tree Protocol > MSTP (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 140 Chapter 11 Spanning Tree Protocol Figure 95 Advanced Application > Spanning Tree Protocol > MSTP (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 141 Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 56 Advanced Application > Spanning Tree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 98 on page 144).
Page 142: Multiple Spanning Tree Protocol Port Configuration
Chapter 11 Spanning Tree Protocol Table 56 Advanced Application > Spanning Tree Protocol > MSTP (continued) LABEL DESCRIPTION Enabled VLAN(s) This field displays which VLAN(s) are mapped to this MST instance. Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot mode) number of the Switch in a stack.
Page 143 Chapter 11 Spanning Tree Protocol Figure 96 Advanced Application > Spanning Tree Protocol > MSTP > Port (Standalone mode) Figure 97 Advanced Application > Spanning Tree Protocol > MSTP > Port (Stacking mode) The following table describes the labels in this screen. Table 57 Advanced Application >...
Page 144: Multiple Spanning Tree Protocol Status
Chapter 11 Spanning Tree Protocol Table 57 Advanced Application > Spanning Tree Protocol > MSTP > Port (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 145 Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 58 Advanced Application > Spanning Tree Protocol > Status: MSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click MSTP to edit MSTP settings on the Switch.
Page 146: Bandwidth Control
HAPTER Bandwidth Control This chapter shows you how to cap the maximum bandwidth using the Bandwidth Control screen. 12.1 Bandwidth Control Overview Bandwidth control means defining a maximum allowable bandwidth for incoming and/or out-going traffic flows on a port. 12.1.1 CIR and PIR The Committed Information Rate (CIR) is the guaranteed bandwidth for the incoming traffic flow on a port.
Page 147 Chapter 12 Bandwidth Control Figure 99 Advanced Application > Bandwidth Control (Standalone mode) Figure 100 Advanced Application > Bandwidth Control (Stacking mode) The following table describes the related labels in this screen. Table 59 Advanced Application > Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the Switch.
Page 148 Chapter 12 Bandwidth Control Table 59 Advanced Application > Bandwidth Control (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 149: Broadcast Storm Control
HAPTER Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 13.1 Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
Page 150 Chapter 13 Broadcast Storm Control Figure 102 Advanced Application > Broadcast Storm Control (Stacking mode) The following table describes the labels in this screen. Table 60 Advanced Application > Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature.
Page 151: Mirroring
HAPTER Mirroring This chapter discusses port mirroring setup screens. 14.1 Port Mirroring Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. The Switch supports both local port mirroring and remote port mirroring.
Page 152 Chapter 14 Mirroring Single-Destination RMirror If the mirrored traffic is forwarded to one single destination switch, you can disable the reflector port. The Switch adds RMirror VLAN tag and forwards mirrored traffic from the mirroring port to the connected port directly. Source Intermediate Destination...
Page 153 Chapter 14 Mirroring Port Rules in Port Mirroring The following table shows the rule for a port in remote port mirroring. For example, a port on the source device can be a mirroring port in both RMirror VLAN 1 and RMirror VLAN 2. But when the port is the source device’s mirroring port in RMirror VLAN 1, it cannot be the reflector port or monitor port in another RMirror VLAN.
Page 154: Local Port Mirroring
Chapter 14 Mirroring 14.1.1 Local Port Mirroring Click Advanced Application > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 103 Advanced Application >...
Page 155: Remote Port Mirroring
Chapter 14 Mirroring The following table describes the labels in this screen. Table 63 Advanced Application > Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the Switch. Clear this check box to disable the feature. Monitor Port The monitor port is the port you copy the traffic to in order to examine it in more detail without interfering with the traffic flow on the original port(s).
Page 156: Source
Chapter 14 Mirroring The following table describes the labels in this screen. Table 64 Advanced Application > Mirroring > RMirror LABEL DESCRIPTION Active Select the option to enable the VLAN. RMirror VLAN ID Specify the ID number of remote port mirroring (RMirror) VLAN. Apply Click Apply to save your changes to the Switch’s run-time memory.
Page 157 Chapter 14 Mirroring Figure 106 Advanced Application > Mirroring > RMirror > Source (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 158 Chapter 14 Mirroring Figure 107 Advanced Application > Mirroring > RMirror > Source (Stacking mode) The following table describes the labels in this screen. Table 65 Advanced Application > Mirroring > RMirror > Source LABEL DESCRIPTION RMirror VLAN ID Select the RMirror VLAN over which the mirrored traffic is forwarded. Priority Enter the priority of the mirrored traffic.
Page 159: Destination
Chapter 14 Mirroring Table 65 Advanced Application > Mirroring > RMirror > Source (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring.
Page 160: Connected Port
Chapter 14 Mirroring Table 66 Advanced Application > Mirroring > RMirror > Destination (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring.
Page 161 Chapter 14 Mirroring Figure 110 Advanced Application > Mirroring > RMirror > Connected Port (Stacking mode) The following table describes the labels in this screen. Table 67 Advanced Application > Mirroring > RMirror > Connected Port LABEL DESCRIPTION RMirror VLAN ID Select the RMirror VLAN over which the mirrored traffic is forwarded.
Page 162 Chapter 14 Mirroring Table 67 Advanced Application > Mirroring > RMirror > Connected Port (continued) LABEL DESCRIPTION VLAN This field displays the ID number of port mirroring VLAN over which the mirrored traffic is forwarded. Connected Port This field displays the number of port(s) that helps forward mirrored traffic to other connected switches.
Page 163: Link Aggregation
HAPTER Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higher- bandwidth link. 15.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link. You may want to trunk ports if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly, single-port link.
Page 164: Link Aggregation Id
Chapter 15 Link Aggregation Configure trunk groups or LACP before you connect the Ethernet switch to avoid causing network topology loops. 15.2.1 Link Aggregation ID LACP aggregation ID consists of the following information Table 68 Link Aggregation ID: Local Switch SYSTEM MAC ADDRESS PORT PRIORITY...
Page 165: Link Aggregation Setting
Chapter 15 Link Aggregation The following table describes the labels in this screen. Table 70 Advanced Application > Link Aggregation Status LABEL DESCRIPTION Group ID This field displays the group ID to identify a trunk group, that is, one logical link containing multiple ports.
Page 166 Chapter 15 Link Aggregation Figure 112 Advanced Application > Link Aggregation > Link Aggregation Setting (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 167 Chapter 15 Link Aggregation Figure 113 Advanced Application > Link Aggregation > Link Aggregation Setting (Stacking mode) The following table describes the labels in this screen. Table 71 Advanced Application > Link Aggregation > Link Aggregation Setting LABEL DESCRIPTION Link This is the only screen you need to configure to enable static link aggregation.
Page 168: Link Aggregation Control Protocol
Chapter 15 Link Aggregation Table 71 Advanced Application > Link Aggregation > Link Aggregation Setting (continued) LABEL DESCRIPTION Criteria Select the outgoing traffic distribution type. Packets from the same source and/or to the same destination are sent over the same link within the trunk. By default, the Switch uses the src-dst-mac distribution type.
Page 169 Chapter 15 Link Aggregation Figure 114 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 170 Chapter 15 Link Aggregation Figure 115 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (Stacking mode) The following table describes the labels in this screen. Table 72 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP LABEL DESCRIPTION Link...
Page 171: Static Trunking Example
Chapter 15 Link Aggregation Table 72 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (continued) LABEL DESCRIPTION Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. LACP Active Select this option to enable LACP for a trunk. Slot (Stacking This field appears only in stacking mode.
Page 172 Chapter 15 Link Aggregation Configure static trunking - Click Advanced Application > Link Aggregation > Link Aggregation Setting. In this screen activate trunk group T1, select the traffic distribution algorithm used by this group and select the ports that should belong to this group as shown in the figure below.
Page 173: Port Authentication
HAPTER Port Authentication This chapter describes the IEEE 802.1x and MAC authentication methods. 16.1 Port Authentication Overview Port authentication is a way to validate access to ports on the Switch to clients based on an external server (authentication server). The Switch supports the following methods for port authentication: •...
Page 174: Mac Authentication
Chapter 16 Port Authentication Figure 118 IEEE 802.1x Authentication Process New Connection Identity Request Login Credentials Authentication Request Access Challenge Challenge Request Challenge Response Access Request Authentication Reply Session Granted/Denied 16.1.2 MAC Authentication MAC authentication works in a very similar way to IEEE 802.1x authentication. The main difference is that the Switch does not prompt the client for login credentials.
Page 175: Port Authentication Configuration
Chapter 16 Port Authentication Figure 119 MAC Authentication Process New Connection Authentication Request Authentication Reply Session Granted/Denied 16.2 Port Authentication Configuration To enable port authentication, first activate the port authentication method(s) you want to use (both on the Switch and the port(s)), then configure the RADIUS server settings in the AAA > Radius Server Setup screen.
Page 176 Chapter 16 Port Authentication Figure 121 Advanced Application > Port Authentication > 802.1x (Standalone mode) Figure 122 Advanced Application > Port Authentication > 802.1x (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 177: Guest Vlan
Chapter 16 Port Authentication The following table describes the labels in this screen. Table 73 Advanced Application > Port Authentication > 802.1x LABEL DESCRIPTION Active Select this check box to permit 802.1x authentication on the Switch. Note: You must first enable 802.1x authentication on the Switch before configuring it on each port.
Page 178 Chapter 16 Port Authentication Figure 123 Guest VLAN Example VLAN 100 VLAN 102 Internet Use this screen to enable and assign a guest VLAN to a port. In the Port Authentication > 802.1x screen click Guest Vlan to display the configuration screen as shown. Figure 124 Advanced Application >...
Page 179 Chapter 16 Port Authentication Figure 125 Advanced Application > Port Authentication > 802.1x > Guest VLAN (Stacking mode) The following table describes the labels in this screen. Table 74 Advanced Application > Port Authentication > 802.1x > Guest VLAN LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode.
Page 180: Activate Mac Authentication
Chapter 16 Port Authentication 16.2.3 Activate MAC Authentication Use this screen to activate MAC authentication. In the Port Authentication screen click MAC Authentication to display the configuration screen as shown. Figure 126 Advanced Application > Port Authentication > MAC Authentication (Standalone mode) Figure 127 Advanced Application >...
Page 181 Chapter 16 Port Authentication The following table describes the labels in this screen. Table 75 Advanced Application > Port Authentication > MAC Authentication LABEL DESCRIPTION Active Select this check box to permit MAC authentication on the Switch. Note: You must first enable MAC authentication on the Switch before configuring it on each port.
Page 182: Port Security
HAPTER Port Security This chapter shows you how to set up port security. 17.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. The Switch can learn up to 32K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 32K.
Page 183 Chapter 17 Port Security Figure 129 Advanced Application > Port Security (Stacking mode) The following table describes the labels in this screen. Table 76 Advanced Application > Port Security LABEL DESCRIPTION Port List Enter the number of the port(s) (separated by a comma) on which you want to enable port security and disable MAC address learning.
Page 184: Vlan Mac Address Limit
Chapter 17 Port Security Table 76 Advanced Application > Port Security (continued) LABEL DESCRIPTION Limited Number Use this field to limit the number of (dynamic) MAC addresses that may be learned on a of Learned MAC port. For example, if you set this field to "5" on port 2, then only the devices with these Address five learned MAC addresses may access port 2 at any one time.
Page 185 Chapter 17 Port Security Table 77 Advanced Application > Port Security > VLAN MAC Address Limit (continued) LABEL DESCRIPTION Click this to create a new entry or to update an existing one. This saves your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 186: Time Range
HAPTER Time Range This chapter shows you how to set up a time range for time-oriented features on the Switch. 18.1 About Time Range You can set a time range for time-oriented features such as Classifier ACL (Access Control List) rule which categorizes data packets into different network traffic flow.
Page 187 Chapter 18 Time Range The following table describes the labels in this screen. Table 78 Advanced Application > Time Range LABEL DESCRIPTION Name Type a name for this time range rule. Type Select a time range type. Absolute is a fixed time range that has a set start and end date. Periodic is recurrence of a time range.
Page 188: Classifier
HAPTER Classifier This chapter introduces and shows you how to configure the packet classifier on the Switch. 19.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth.
Page 189: Classifier Configuration
Chapter 19 Classifier Figure 132 Advanced Application > Classifier > Classifier Status The following table describes the labels in this screen. Table 79 Advanced Application > Classifier > Classifier Status LABEL DESCRIPTION Index This field displays the index number of the Classifier rule. Active This field displays Yes when the rule is activated and No when it is deactivated.
Page 190 Chapter 19 Classifier Figure 133 Advanced Application > Classifier > Classifier Configuration GS3700/XGS3700 Series User’s Guide...
Page 191 Chapter 19 Classifier The following table describes the labels in this screen. Table 80 Advanced Application > Classifier > Classifier Configuration LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. Weight Enter a number from 0-65535 for the order priority of the Classifier rule.
Page 192: Viewing And Editing Classifier Configuration
Chapter 19 Classifier Table 80 Advanced Application > Classifier > Classifier Configuration (continued) LABEL DESCRIPTION IP Packet Click Any to classify any size of packet length or manually enter a range of number (from/to) Length of packet size in the field provided. DSCP Select Any to classify traffic from any DSCP or select the second option and specify a DSCP (DiffServ Code Point) number between 0 and 63 in the field provided.
Page 193 Chapter 19 Classifier Note: When two rules conflict with each other, a higher layer rule has priority over a lower layer rule. Figure 134 Advanced Application > Classifier > Classifier Configuration: Summary Table The following table describes the labels in this screen. Table 81 Advanced Application >...
Page 194: Classifier Global Setting Configuration
Chapter 19 Classifier Table 83 Common IP Ports PORT NUMBER PORT NAME HTTP POP3 19.4.1 Classifier Global Setting Configuration To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen. To change the settings of a rule, click a number in the Index field. Note: When two rules conflict with each other, a higher layer rule has priority over a lower layer rule.
Page 195 Chapter 19 Classifier Figure 136 Classifier: Example EXAMPLE After you have configured a classifier, you can configure a policy to define action(s) on the classified traffic flow. See Chapter 20 on page 196 for information on configuring a policy rule. GS3700/XGS3700 Series User’s Guide...
Page 196: Policy Rule
HAPTER Policy Rule This chapter shows you how to configure policy rules. 20.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria (refer to Chapter 19 on page 188 for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network.
Page 197 Chapter 20 Policy Rule Click Advanced Application > Policy Rule in the navigation panel to display the screen as shown. Figure 137 Advanced Application > Policy Rule GS3700/XGS3700 Series User’s Guide...
Page 198 Chapter 20 Policy Rule The following table describes the labels in this screen. Table 85 Advanced Application > Policy Rule LABEL DESCRIPTION Active Select this option to enable the policy. Name Enter a descriptive name for identification purposes. Classifier(s) This field displays the active classifier(s) you configure in the Classifier screen. Select the classifier(s) to which this policy rule applies.
Page 199: Viewing And Editing Policy Configuration
Chapter 20 Policy Rule Table 85 Advanced Application > Policy Rule (continued) LABEL DESCRIPTION Diffserv Select No change to keep the TOS and/or DSCP fields in the packets. Select Set the packet’s TOS field to set the TOS field with the value you configure in the TOS field.
Page 200: Policy Example
Chapter 20 Policy Rule Table 86 Policy: Summary Table (continued) LABEL DESCRIPTION Name This field displays the name you have assigned to this policy. Classifier(s) This field displays the name(s) of the classifier to which this policy applies. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes.
Page 201 Chapter 20 Policy Rule Figure 139 Policy Example EXAMPLE GS3700/XGS3700 Series User’s Guide...
Page 202: Queuing Method
HAPTER Queuing Method This chapter introduces the queuing methods supported. 21.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.
Page 203: Weighted Round Robin Scheduling (Wrr)
Chapter 21 Queuing Method 21.1.3 Weighted Round Robin Scheduling (WRR) Round Robin Scheduling services queues on a rotating basis and is activated only when a port has more traffic than it can handle. A queue is given an amount of bandwidth irrespective of the incoming traffic on that port.
Page 204 Chapter 21 Queuing Method Figure 141 Advanced Application > Queuing Method (Stacking mode) The following table describes the labels in this screen. Table 87 Advanced Application > Queuing Method LABEL DESCRIPTION Slot This field appears only in stacking mode. Click the drop-down list to choose the slot number of (Stacking the Switch in a stack.
Page 205 Chapter 21 Queuing Method Table 87 Advanced Application > Queuing Method (continued) LABEL DESCRIPTION Hybrid- This field is applicable only when you select WFQ or WRR. Select a queue (Q0 to Q7) to have the Switch use SPQ to service the subsequent queue(s) after Lowest- and including the specified queue for the 1000Base-T, 1000Base-X and 10 Gigabit Ethernet Queue...
Page 206: Vlan Stacking
HAPTER VLAN Stacking This chapter shows you how to configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN 22.1 VLAN Stacking Overview A service provider can use VLAN stacking to allow it to distinguish multiple customers VLANs, even those with the same (customer-assigned) VLAN ID, within its network.
Page 207: Vlan Stacking Port Roles
Chapter 22 VLAN Stacking Figure 142 VLAN Stacking Example 22.2 VLAN Stacking Port Roles Each port can have three VLAN stacking “roles”, Normal, Access Port and Tunnel Port (the latter is for Gigabit ports only). • Select Normal for “regular” (non-VLAN stacking) IEEE 802.1Q frame switching. •...
Page 208: Frame Format
Chapter 22 VLAN Stacking Type is a standard Ethernet type code identifying the frame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provider Tag Protocol Identifier) is the service provider VLAN stacking tag type. Many vendors use 0x8100 or 0x9100. TPID (Tag Protocol Identifier) is the customer IEEE 802.1Q tag.
Page 209 Chapter 22 VLAN Stacking Figure 143 Advanced Application > VLAN Stacking (Standalone mode) Figure 144 Advanced Application > VLAN Stacking (Stacking mode) The following table describes the labels in this screen. Table 91 Advanced Application > VLAN Stacking LABEL DESCRIPTION Active Select this checkbox to enable VLAN stacking on the Switch.
Page 210: Port-Based Q-In-Q
Chapter 22 VLAN Stacking Table 91 Advanced Application > VLAN Stacking (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 211 Chapter 22 VLAN Stacking Figure 145 Advanced Application > VLAN Stacking > Port-based QinQ (Standalone mode) Figure 146 Advanced Application > VLAN Stacking > Port-based QinQ (Stacking mode) The following table describes the labels in this screen. Table 92 Advanced Application > VLAN Stacking > Port-based QinQ LABEL DESCRIPTION Slot...
Page 212: Selective Q-In-Q
Chapter 22 VLAN Stacking Table 92 Advanced Application > VLAN Stacking > Port-based QinQ (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 213 Chapter 22 VLAN Stacking Table 93 Advanced Application > VLAN Stacking > Selective QinQ (continued) LABEL DESCRIPTION Priority Select a priority level (from 0 to 7). This is the service provider’s priority level that adds to the frames received on this port. "0"...
Page 214: Multicast
HAPTER Multicast This chapter shows you how to configure various multicast features. 23.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.
Page 215: Igmp Snooping
Chapter 23 Multicast 23.1.3 IGMP Snooping The Switch can passively snoop on IGMP packets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP packets passing through it, picks out the group registration information, and configures multicasting accordingly. IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them.
Page 216: Mld Messages
Chapter 23 Multicast one query from a router (X) or MLD Done or Report message from any upstream port, it will be broadcast to all connected upstream ports. Query Report Done 23.1.6 MLD Messages A multicast router or switch periodically sends general queries to MLD hosts to update the multicast forwarding table.
Page 217: Ipv4 Multicast Status
Chapter 23 Multicast The following table describes the labels in this screen. Table 94 Advanced Application > Multicast Setup LABEL DESCRIPTION IPv4 Multicast Click the link to open screens where you can configure IGMP snooping and IGMP filtering for IPv4. IPv6 Multicast Click the link to open screens where you can configure MLD snooping and MLD filtering for IPv6.
Page 218 Chapter 23 Multicast Figure 150 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 219 Chapter 23 Multicast Figure 151 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (Stacking mode) The following table describes the labels in this screen. Table 96 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP snooping.
Page 220 Chapter 23 Multicast Table 96 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (continued) LABEL DESCRIPTION Reserved The IP address range of 224.0.0.0 to 224.0.0.255 are reserved for multicasting on the Multicast Group local network only. For example, 224.0.0.1 is for all hosts on a local network segment and 224.0.0.9 is used to send RIP routing information to all RIP v2 routers on the same network segment.
Page 221: Igmp Snooping Vlan
Chapter 23 Multicast Table 96 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (continued) LABEL DESCRIPTION Throttling IGMP throttling controls how the Switch deals with the IGMP reports when the maximum number of the IGMP groups a port can join is reached. Select Deny to drop any new IGMP join report received on this port until an existing multicast forwarding table entry is aged out.
Page 222 Chapter 23 Multicast Figure 152 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Snooping VLAN The following table describes the labels in this screen. Table 97 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Snooping VLAN LABEL DESCRIPTION...
Page 223: Igmp Filtering Profile
Chapter 23 Multicast Table 97 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Snooping VLAN (continued) LABEL DESCRIPTION Clear Click Clear to reset the fields to the factory defaults. Index This is the index number of the IGMP snooping VLAN entry in the table. Name This field displays the descriptive name for this VLAN group.
Page 224: Ipv6 Multicast Status
Chapter 23 Multicast Table 98 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Filtering Profile (continued) LABEL DESCRIPTION End Address Type the ending multicast IP address for a range of IP addresses that you want to belong to the IGMP filter profile.
Page 225: Mld Snooping-Proxy
Chapter 23 Multicast 23.4.1 MLD Snooping-proxy Click the MLD Snooping-proxy link in the Advanced Application > Multicast > IPv6 Multicast screen to display the screen as shown. See Section 23.1 on page 214 for more information on multicasting. Figure 155 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy The following table describes the labels in this screen.
Page 226 Chapter 23 Multicast Figure 156 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN The following table describes the labels in this screen. Table 101 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN LABEL DESCRIPTION Enter the ID number of the VLAN on which you want to enable MLD snooping-proxy and...
Page 227: Mld Snooping-Proxy Vlan Port Role Setting
Chapter 23 Multicast Table 101 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN LABEL DESCRIPTION Last Member Enter the amount of time (in miliseconds) between the MLD group-specific queries sent Query Interval by an upstream port when an MLD Done message is received. This value should be exactly the same as what’s configured in the connected multicast router.
Page 228 Chapter 23 Multicast Figure 157 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN > Port Role Setting (Standalone mode) Figure 158 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN > Port Role Setting (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 229: Mld Snooping-Proxy Filtering
Chapter 23 Multicast The following table describes the labels in this screen. Table 102 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN > Port Role Setting LABEL DESCRIPTION MLD Snooping- Select the VLAN ID for which you want to configure a port’s MLD snooping-proxy settings. proxy VLAN ID Slot (Stacking This field appears only in stacking mode.
Page 230 Chapter 23 Multicast Figure 159 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering (Standalone mode) Figure 160 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering (Stacking mode) The following table describes the labels in this screen. Table 103 Advanced Application >...
Page 231: Mld Snooping-Proxy Filtering Profile
Chapter 23 Multicast Table 103 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering LABEL DESCRIPTION Port (Standalone This field displays the port number. In stacking mode, the first box field is the slot ID and or stacking mode) the second field is the port number.
Page 232: Mvr Overview
Chapter 23 Multicast The following table describes the labels in this screen. Table 104 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering > Filtering Profile LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes. To configure additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range.
Page 233: Types Of Mvr Ports
Chapter 23 Multicast Figure 162 MVR Network Example VLAN 1 Multicast VLAN VLAN 2 VLAN 3 23.5.1 Types of MVR Ports In MVR, a source port is a port on the Switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic.
Page 234: General Mvr Configuration
Chapter 23 Multicast Figure 163 MVR Multicast Television Example VLAN 1 Multicast VLAN 23.6 General MVR Configuration Use the MVR screen to create multicast VLANs and select the receiver port(s) and a source port for each multicast VLAN. Click Advanced Application > Multicast > Multicast Setup > MVR to display the screen as shown next.
Page 235 Chapter 23 Multicast Figure 164 Advanced Application > Multicast > Multicast Setup > MVR (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 236 Chapter 23 Multicast Figure 165 Advanced Application > Multicast > Multicast Setup > MVR (Stacking mode) The following table describes the related labels in this screen. Table 105 Advanced Application > Multicast > Multicast Setting > MVR LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be shared among different subscriber VLANs on the network.
Page 237: Mvr Group Configuration
Chapter 23 Multicast Table 105 Advanced Application > Multicast > Multicast Setting > MVR (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 238 Chapter 23 Multicast Figure 166 Advanced Application > Multicast > Multicast Setup > MVR > Group Configuration The following table describes the labels in this screen. Table 106 Advanced Application > Multicast > Multicast Setup > MVR > Group Configuration LABEL DESCRIPTION Multicast VLAN...
Page 239: Mvr Configuration Example
Chapter 23 Multicast 23.6.2 MVR Configuration Example The following figure shows a network example where ports 1, 2 and 3 on the Switch belong to VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S.
Page 240 Chapter 23 Multicast Figure 169 MVR Group Configuration Example EXAMPLE Figure 170 MVR Group Configuration Example EXAMPLE GS3700/XGS3700 Series User’s Guide...
Page 241: Aaa
HAPTER This chapter describes how to configure authentication, authorization and accounting settings on the Switch. 24.1 Authentication, Authorization and Accounting (AAA) Authentication is the process of determining who a user is and validating access to the Switch. The Switch can authenticate users who try to log in based on user accounts configured on the Switch itself.
Page 242: Radius And Tacacs
Chapter 24 AAA 24.1.2 RADIUS and TACACS+ RADIUS and TACACS+ are security protocols used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of the device.
Page 243 Chapter 24 AAA Figure 173 Advanced Application > AAA > RADIUS Server Setup The following table describes the labels in this screen. Table 108 Advanced Application > AAA > RADIUS Server Setup LABEL DESCRIPTION Authentication Use this section to configure your RADIUS authentication settings. Server Mode This field only applies if you configure multiple RADIUS servers.
Page 244: Tacacs+ Server Setup
Chapter 24 AAA Table 108 Advanced Application > AAA > RADIUS Server Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 245 Chapter 24 AAA Figure 174 Advanced Application > AAA > TACACS+ Server Setup The following table describes the labels in this screen. Table 109 Advanced Application > AAA > TACACS+ Server Setup LABEL DESCRIPTION Authentication Use this section to configure your TACACS+ authentication settings. Server Mode This field is only valid if you configure multiple TACACS+ servers.
Page 246: Aaa Setup
Chapter 24 AAA Table 109 Advanced Application > AAA > TACACS+ Server Setup (continued) LABEL DESCRIPTION Delete Check this box if you want to remove an existing TACACS+ server entry from the Switch. This entry is deleted when you click Apply. Apply Click Apply to save your changes to the Switch’s run-time memory.
Page 247 Chapter 24 AAA Figure 175 Advanced Application > AAA > AAA Setup The following table describes the labels in this screen. Table 110 Advanced Application > AAA > AAA Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the Switch. Privilege Enable These fields specify which database the Switch should use (first, second and third) to authenticate access privilege level for administrator accounts (users for Switch...
Page 248 Chapter 24 AAA Table 110 Advanced Application > AAA > AAA Setup (continued) LABEL DESCRIPTION Login These fields specify which database the Switch should use (first, second and third) to authenticate administrator accounts (users for Switch management). Configure the local user accounts in the Access Control > Logins screen. The TACACS+ and RADIUS are external servers.
Page 249: Vendor Specific Attribute
Chapter 24 AAA Table 110 Advanced Application > AAA > AAA Setup (continued) LABEL DESCRIPTION Mode The Switch supports two modes of recording login events. Select: • start-stop - to have the Switch send information to the accounting server when a user begins a session, during a user’s session (if it lasts past the Update Period), and when a user ends a session.
Page 250: Tunnel Protocol Attribute
Chapter 24 AAA The following table describes the VSAs supported on the Switch. Note that these attributes only work when you enable authorization (see Section 24.2.3 on page 246). Table 111 Supported VSAs FUNCTION ATTRIBUTE Ingress Bandwidth Vendor-Id = 890 Assignment Vendor-Type = 1 ingress rate (Kbps in decimal format)
Page 251: Attributes Used For Authentication
Chapter 24 AAA Refer to RFC 2865 for more information about RADIUS attributes used for authentication. Refer to RFC 2866 and RFC 2869 for RADIUS attributes used for accounting. This section lists the attributes used by authentication and accounting functions on the Switch. In cases where the attribute has a specific format associated with it, the format is specified.
Page 252 Chapter 24 AAA 24.3.2.1 Attributes Used for Accounting System Events NAS-IP-Address NAS-Identifier Acct-Status-Type Acct-Session-ID - The format of Acct-Session-Id is date+time+8-digit sequential number, for example, 2007041917210300000001. (date: 2007/04/19, time: 17:21:03, serial number: 00000001) Acct-Delay-Time 24.3.2.2 Attributes Used for Accounting Exec Events The attributes are listed in the following table along with the time that they are sent (the difference between Console and Telnet/SSH Exec events is that the Telnet/SSH events utilize the Calling- Station-Id attribute):...
Page 253 Chapter 24 AAA 24.3.2.3 Attributes Used for Accounting IEEE 802.1x Events The attributes are listed in the following table along with the time of the session they are sent: Table 115 RADIUS Attributes - Exec Events via Console ATTRIBUTE START INTERIM-UPDATE STOP User-Name...
Page 254: Ip Source Guard
HAPTER IP Source Guard Use IP source guard to filter unauthorized DHCP and ARP packets in your network. 25.1 IP Source Guard Overview IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in your network. A binding contains these key attributes: •...
Page 255 Chapter 25 IP Source Guard Trusted ports are connected to DHCP servers or other switches. The Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high. The Switch learns dynamic bindings from trusted ports. Note: The Switch will drop all DHCP requests if you enable DHCP snooping and there are no trusted ports.
Page 256: Arp Inspection Overview
Chapter 25 IP Source Guard 25.1.1.3 DHCP Relay Option 82 Information The Switch can add information to DHCP requests that it does not discard. This provides the DHCP server more information about the source of the requests. The Switch can add the following information: •...
Page 257 Chapter 25 IP Source Guard • It pretends to be computer A and responds to computer B. • It pretends to be computer B and sends a message to computer A. As a result, all the communication between computer A and computer B passes through computer X.
Page 258: Ip Source Guard
Chapter 25 IP Source Guard 25.2 IP Source Guard Use this screen to look at the current bindings for DHCP snooping and ARP inspection. Bindings are used by DHCP snooping and ARP inspection to distinguish between authorized and unauthorized packets in the network. The Switch learns the bindings by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings).
Page 259 Chapter 25 IP Source Guard Figure 179 IP Source Guard > Static Binding (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 260 Chapter 25 IP Source Guard Figure 180 IP Source Guard > Static Binding (Stacking mode) The following table describes the labels in this screen. Table 117 IP Source Guard > Static Binding LABEL DESCRIPTION ARP Freeze ARP Freeze allows you to automatically create static bindings from the current ARP entries (either dynamically learned or static ARP entries) until the Switch’s binding table is full.
Page 261: Dhcp Snooping
Chapter 25 IP Source Guard Table 117 IP Source Guard > Static Binding (continued) LABEL DESCRIPTION Port Specify the port(s) in the binding. If this binding has one port, select the first radio button and enter the port number in the field to the right. In stacking mode, the first field is the slot ID and the second field is the port number.
Page 262 Chapter 25 IP Source Guard Figure 181 IP Source Guard > DHCP Snooping The following table describes the labels in this screen. Table 118 IP Source Guard > DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database. You can configure them in the DHCP Snooping Configure screen.
Page 263 Chapter 25 IP Source Guard Table 118 IP Source Guard > DHCP Snooping (continued) LABEL DESCRIPTION Agent running This field displays the status of the current update or access of the DHCP snooping database. none: The Switch is not accessing the DHCP snooping database. read: The Switch is loading dynamic bindings from the DHCP snooping database.
Page 264: Dhcp Snooping Configure
Chapter 25 IP Source Guard Table 118 IP Source Guard > DHCP Snooping (continued) LABEL DESCRIPTION Parse failures This field displays the number of bindings the Switch ignored because the Switch was unable to understand the binding in the DHCP binding database. Expired leases This field displays the number of bindings the Switch ignored because the lease time had already expired.
Page 265 Chapter 25 IP Source Guard Figure 182 IP Source Guard > DHCP Snooping > Configure The following table describes the labels in this screen. Table 119 IP Source Guard > DHCP Snooping > Configure LABEL DESCRIPTION Active Select this to enable DHCP snooping on the Switch. You still have to enable DHCP snooping on specific VLAN and specify trusted ports.
Page 266: Dhcp Snooping Port Configure
Chapter 25 IP Source Guard Table 119 IP Source Guard > DHCP Snooping > Configure (continued) LABEL DESCRIPTION Renew DHCP Enter the location of a DHCP snooping database, and click Renew if you want the Snooping URL Switch to load it. You can use this to load dynamic bindings from a different DHCP snooping database than the one specified in Agent URL.
Page 267: Dhcp Snooping Vlan Configure
Chapter 25 IP Source Guard Figure 184 IP Source Guard > DHCP Snooping Port Configure (Stacking mode) The following table describes the labels in this screen. Table 120 IP Source Guard > DHCP Snooping Port Configure LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode.
Page 268 Chapter 25 IP Source Guard Figure 185 IP Source Guard > DHCP Snooping VLAN Configure The following table describes the labels in this screen. Table 121 IP Source Guard > DHCP Snooping VLAN Configure LABEL DESCRIPTION Show VLAN Use this section to specify the VLANs you want to manage in the section below. Start VID Enter the lowest VLAN ID you want to manage in the section below.
Page 269 Chapter 25 IP Source Guard Figure 186 IP Source Guard > The following table describes the labels in this screen. Table 122 IP Source Guard > LABEL DESCRIPTION Enter the ID number of the VLAN you want to configure here. Port Enter the number of port(s) to which you want to apply the specified DHCP option 82 profile.
Page 270: Arp Inspection Status
Chapter 25 IP Source Guard 25.6 ARP Inspection Status Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unauthorized ARP packet. When the Switch identifies an unauthorized ARP packet, it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet.
Page 271: Arp Inspection Log Status
Chapter 25 IP Source Guard Figure 188 IP Source Guard > ARP Inspection VLAN Status The following table describes the labels in this screen. Table 124 IP Source Guard > ARP Inspection VLAN Status LABEL DESCRIPTION Show VLAN range Use this section to specify the VLANs you want to look at in the section below. Enabled VLAN Select this to look at all the VLANs on which ARP inspection is enabled in the section below.
Page 272 Chapter 25 IP Source Guard Figure 189 IP Source Guard > ARP Inspection Log Status The following table describes the labels in this screen. Table 125 IP Source Guard > ARP Inspection Log Status LABEL DESCRIPTION Clearing log status table Click Apply to remove all the log messages that were generated by ARP packets and that have not been sent to the syslog server yet.
Page 273: Arp Inspection Configure
Chapter 25 IP Source Guard 25.7 ARP Inspection Configure Use this screen to enable ARP inspection on the Switch. You can also configure the length of time the Switch stores records of discarded ARP packets and global settings for the ARP inspection log. To open this screen, click Advanced Application >...
Page 274: Arp Inspection Port Configure
Chapter 25 IP Source Guard Table 126 IP Source Guard > ARP Inspection Configure (continued) LABEL DESCRIPTION Syslog rate Type the maximum number of syslog messages the Switch can send to the syslog server in one batch. This number is expressed as a rate because the batch frequency is determined by the Log Interval.
Page 275 Chapter 25 IP Source Guard Figure 192 IP Source Guard > ARP Inspection Port Configure (Stacking mode) The following table describes the labels in this screen. Table 127 IP Source Guard > ARP Inspection Port Configure LABEL DESCRIPTION Slot (Stacking mode) This field appears only in stacking mode.
Page 276: Arp Inspection Vlan Configure
Chapter 25 IP Source Guard 25.7.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN. To open this screen, click Advanced Application >...
Page 277: Loop Guard
HAPTER Loop Guard This chapter shows you how to configure the Switch to guard against loops on the edge of your network. 26.1 Loop Guard Overview Loop guard allows you to configure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch.
Page 278 Chapter 26 Loop Guard Figure 195 Switch in Loop State The loop guard feature checks to see if a loop guard enabled port is connected to a switch in loop state. This is accomplished by periodically sending a probe packet and seeing if the packet returns on the same port.
Page 279: Loop Guard Setup
Chapter 26 Loop Guard 26.2 Loop Guard Setup Click Advanced Application > Loop Guard in the navigation panel to display the screen as shown. Note: The loop guard feature can not be enabled on the ports that have Spanning Tree Protocol (RSTP, MRSTP or MSTP) enabled.
Page 280 Chapter 26 Loop Guard The following table describes the labels in this screen. Table 129 Advanced Application > Loop Guard LABEL DESCRIPTION Active Select this option to enable loop guard on the Switch. The Switch generates syslog, internal log messages as well as SNMP traps when it shuts down a port via the loop guard feature.
Page 281: Vlan Mapping
HAPTER VLAN Mapping This chapter shows you how to configure VLAN mapping on the Switch. 27.1 VLAN Mapping Overview With VLAN mapping enabled, the Switch can map the VLAN ID and priority level of packets received from a private network to those used in the service provider’s network. The Switch checks incoming traffic from the switch ports (non-management ports) against the VLAN mapping table first, the MAC learning table and then the VLAN table before forwarding them through the Gigabit uplink port.
Page 282 Chapter 27 VLAN Mapping Figure 201 VLAN Mapping (Standalone mode) Figure 202 VLAN Mapping (Stacking mode) The following table describes the labels in this screen. Table 130 VLAN Mapping LABEL DESCRIPTION Active Select this option to enable VLAN mapping on the Switch. Slot (Stacking This field appears only in stacking mode.
Page 283: Configuring Vlan Mapping
Chapter 27 VLAN Mapping Table 130 VLAN Mapping (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 284 Chapter 27 VLAN Mapping The following table describes the labels in this screen. Table 131 VLAN Mapping Configuration LABEL DESCRIPTION Active Check this box to activate this rule. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes. Port Type a port to be included in this rule.
Page 285: Layer 2 Protocol Tunneling
HAPTER Layer 2 Protocol Tunneling This chapter shows you how to configure layer-2 protocol tunneling on the Switch. 28.1 Layer 2 Protocol Tunneling Overview Layer-2 protocol tunneling (L2PT) is used on the service provider's edge devices. L2PT allows edge switches (1 and 2 in the following figure) to tunnel layer-2 STP (Spanning Tree Protocol), CDP (Cisco Discovery Protocol) and VTP (VLAN Trunking Protocol) packets between customer switches (A, B and C in the following figure) connected through the service provider’s network.
Page 286: Layer-2 Protocol Tunneling Mode
Chapter 28 Layer 2 Protocol Tunneling Figure 206 L2PT Network Example Service Provider's Network 28.1.1 Layer-2 Protocol Tunneling Mode Each port can have two layer-2 protocol tunneling modes, Access and Tunnel. • The Access port is an ingress port on the service provider's edge device (1 or 2 in Figure 206 on page 286) and connected to a customer switch (A or B).
Page 287 Chapter 28 Layer 2 Protocol Tunneling Figure 207 Advanced Application > Layer 2 Protocol Tunneling (Standalone mode) Figure 208 Advanced Application > Layer 2 Protocol Tunneling (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 288 Chapter 28 Layer 2 Protocol Tunneling The following table describes the labels in this screen. Table 132 Advanced Application > Layer 2 Protocol Tunneling LABEL DESCRIPTION Active Select this to enable layer-2 protocol tunneling on the Switch. Destination Specify an MAC address with which the Switch uses to encapsulate the layer-2 protocol MAC Address packets by replacing the destination MAC address in the packets.
Page 289 Chapter 28 Layer 2 Protocol Tunneling Table 132 Advanced Application > Layer 2 Protocol Tunneling (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 290: Sflow
HAPTER sFlow This chapter shows you how to configure sFlow to have the Switch monitor traffic in a network and send information to an sFlow collector for analysis. 29.1 sFlow Overview sFlow (RFC 3176) is a standard technology for monitoring switched networks. An sFlow agent embedded on a switch or router gets sample data and packet statistics from traffic forwarded through its ports.
Page 291 Chapter 29 sFlow Figure 210 Advanced Application > sFlow (Standalone mode) Figure 211 Advanced Application > sFlow (Stacking mode) GS3700/XGS3700 Series User’s Guide...
Page 292: Sflow Collector Configuration
Chapter 29 sFlow The following table describes the labels in this screen. Table 133 Advanced Application > sFlow LABEL DESCRIPTION Active Select this to enable the sFlow agent on the Switch. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 293 Chapter 29 sFlow Figure 212 Advanced Application > sFlow > Collector The following table describes the labels in this screen. Table 134 Advanced Application > sFlow > Collector LABEL DESCRIPTION Collector Enter the IP address of the sFlow collector. Address UDP Port Enter a UDP port number the Switch uses to send sFlow datagram to the collector.
Page 294: Pppoe
HAPTER PPPoE This chapter describes how the Switch gives a PPPoE termination server additional information that the server can use to identify and authenticate a PPPoE client. 30.1 PPPoE Intermediate Agent Overview A PPPoE Intermediate Agent (PPPoE IA) is deployed between a PPPoE server and PPPoE clients. It helps the PPPoE server identify and authenticate clients by adding subscriber line specific information to PPPoE discovery packets from clients on a per-port or per-port-per-VLAN basis before forwarding them to the PPPoE server.
Page 295: Port State
Chapter 30 PPPoE Table 137 PPPoE IA Remote ID Sub-option Format SubOpt Length Value 0x02 MAC Address or String (1 byte) (1 byte) (63 bytes) The 1 in the first field identifies this as an Agent Circuit ID sub-option and 2 identifies this as an Agent Remote ID sub-option.
Page 296: The Pppoe Screen
Chapter 30 PPPoE Trusted ports are connected to PPPoE servers. • If a PADO (PPPoE Active Discovery Offer), PADS (PPPoE Active Discovery Session-confirmation), or PADT (PPPoE Active Discovery Terminate) packet is sent from a PPPoE server and received on a trusted port, the Switch forwards it to all other ports. •...
Page 297 Chapter 30 PPPoE Figure 214 Advanced Application > PPPoE > Intermediate Agent The following table describes the labels in this screen. Table 140 Advanced Application > PPPoE > Intermediate Agent LABEL DESCRIPTION Active Select this option to enable the PPPoE intermediate agent globally on the Switch. access-node- Enter up to 20 ASCII characters to identify the PPPoE intermediate agent.
Page 298: Pppoe Ia Per-Port
Chapter 30 PPPoE Table 140 Advanced Application > PPPoE > Intermediate Agent (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 299 Chapter 30 PPPoE Figure 216 Advanced Application > PPPoE > Intermediate Agent > Port (Stacking mode) The following table describes the labels in this screen. Table 141 Advanced Application > PPPoE > Intermediate Agent > Port LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode.
Page 300: Pppoe Ia Per-Port Per-Vlan
Chapter 30 PPPoE Table 141 Advanced Application > PPPoE > Intermediate Agent > Port (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 301: Pppoe Ia For Vlan
Chapter 30 PPPoE The following table describes the labels in this screen. Table 142 Advanced Application > PPPoE > Intermediate Agent > Port > VLAN LABEL DESCRIPTION Show Port Enter a port number to show the PPPoE Intermediate Agent settings for the specified VLAN(s) on the port.
Page 302 Chapter 30 PPPoE Figure 219 Advanced Application > PPPoE > Intermediate Agent > VLAN The following table describes the labels in this screen. Table 143 Advanced Application > PPPoE > Intermediate Agent > VLAN LABEL DESCRIPTION Show VLAN Use this section to specify the VLANs you want to configure in the section below. Start VID Enter the lowest VLAN ID you want to configure in the section below.
Page 303: Error Disable
HAPTER Error Disable This chapter shows you how to configure the rate limit for control packets on a port, and set the Switch to take an action (such as to shut down a port or stop sending packets) on a port when the Switch detects a pre-configured error.
Page 304: Error-Disable Status
Chapter 31 Error Disable Advanced Application > Errdisable Figure 220 31.4 Error-Disable Status Use this screen to view whether the Switch detected that control packets exceeded the rate limit configured for a port and related information. Click the Click here link next to Errdisable Status in the Advanced Application >...
Page 305 Chapter 31 Error Disable Figure 222 Advanced Application > Errdisable > Errdisable Status (Stacking mode) The following table describes the labels in this screen. Table 144 Advanced Application > Errdisable > Errdisable Status LABEL DESCRIPTION Inactive-reason mode reset Port List Enter the number of the port(s) (separated by a comma) on which you want to reset inactive-reason status.
Page 306: Cpu Protection Configuration
Chapter 31 Error Disable Table 144 Advanced Application > Errdisable > Errdisable Status (continued) LABEL DESCRIPTION Mode This field shows the mode of the cause. • inactive-port - The Switch disables the port on which the control packets are received. •...
Page 307 Chapter 31 Error Disable Figure 223 Advanced Application > Errdisable > CPU protection (Standalone mode) Figure 224 Advanced Application > Errdisable > CPU protection (Stacking mode) The following table describes the labels in this screen. Table 145 Advanced Application > Errdisable > CPU protection LABEL DESCRIPTION Reason...
Page 308: Error-Disable Detect Configuration
Chapter 31 Error Disable Table 145 Advanced Application > Errdisable > CPU protection (continued) LABEL DESCRIPTION Rate Limit (pkt/ Enter a number from 0 to 256 to specify how many control packets this port can receive or transmit per second. 0 means no rate limit.
Page 309: Error-Disable Recovery Configuration
Chapter 31 Error Disable Table 146 Advanced Application > Errdisable > Errdisable Detect (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 310 Chapter 31 Error Disable GS3700/XGS3700 Series User’s Guide...
Page 311: Mac Pinning
HAPTER MAC Pinning This chapter shows you how to configure MAC pinning on the Switch. 32.1 MAC Pinning Overview When the Switch obtains a connected device’s MAC address, it adds an entry in the MAC address forwarding table and uses the table to determine how to forward frames. In addition to the source MAC address of a received frame, the Switch also learns the VLAN to which the device belongs and the port on which the frame is received.
Page 312 Chapter 32 MAC Pinning Figure 227 Advanced Application > MAC Pinning (Standalone mode) Figure 228 Advanced Application > MAC Pinning (Stacking mode) The following table describes the labels in this screen. Table 148 Advanced Application > MAC Pinning LABEL DESCRIPTION Active Select this option to turn on the MAC pinning function on the Switch.
Page 313 Chapter 32 MAC Pinning Table 148 Advanced Application > MAC Pinning (continued) LABEL DESCRIPTION Use this row to make the setting the same for all ports. Use this row first and then make adjustments to each port if necessary. Note: Changes in this row are copied to all the ports as soon as you make them. Active Select this check box to enable MAC pinning on this port.
Page 314: Private Vlan
HAPTER Private VLAN 33.1 Private VLAN Overview Use private VLAN if you want you to block traffic between ports in the same VLAN. Community and Isolated VLANs are secondary private VLANs that must be associated with a Primary private VLAN. •...
Page 315 Chapter 33 Private VLAN Table 149 PVLAN Graphic Key (continued) LABEL DESCRIPTION C-VLAN 101 Community private VLAN I-VLAN 102 Isolated private VLAN Tagged Private VLANs can span switches but trunking ports must be VLAN-trunking ports - see Advanced > VLAN > VLAN Port Setting. Table 150 Spanning PVLAN Graphic Key LABEL DESCRIPTION...
Page 316: Configuration
Chapter 33 Private VLAN Note: Isolation in VLAN > VLAN Port Setting (see Section 7.6.2 on page 101) has a higher priority than private VLAN settings, so promiscuous ports with Isolation in VLAN > VLAN Port Setting enabled will not be able to communicate with each other.
Page 317 Chapter 33 Private VLAN Figure 230 Advanced Application > Private VLAN (Stacking mode) The following table describes the labels in this screen. Table 151 Advanced Application > Private VLAN LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot mode) number of the Switch in a stack.
Page 318: Green Ethernet
HAPTER Green Ethernet This chapter shows you how to configure the Switch to reduce the power consumed by switch ports. 34.1 Green Ethernet Overview Green Ethernet reduces switch port power consumption in the following ways. • IEEE 802.3az Energy Efficient Ethernet (EEE) If EEE is enabled, both sides of a link support EEE and there is no traffic, the port enters Low Power Idle (LPI) mode.
Page 319 Chapter 34 Green Ethernet Figure 231 Advanced Application > Green Ethernet (Standalone mode) Figure 232 Advanced Application > Green Ethernet (Stacking mode) The following table describes the labels in this screen. Table 152 Advanced Application > Green Ethernet LABEL DESCRIPTION Select this to activate Energy Efficient Ethernet globally.
Page 320 Chapter 34 Green Ethernet Table 152 Advanced Application > Green Ethernet LABEL DESCRIPTION Slot (Stacking mode) This field appears only in stacking mode. Click the drop-down list to choose the slot number of the Switch in a stack. Port (Standalone or This field displays the port number.
Page 321: Link Layer Discovery Protocol (Lldp)
HAPTER Link Layer Discovery Protocol (LLDP) 35.1 LLDP Overview The LLDP (Link Layer Discovery Protocol) is a layer 2 protocol. It allows a network device to advertise its identity and capabilities on the local network. It also allows the device to maintain and store information from adjacent devices which are directly connected to the network device.
Page 322: Lldp-Med Overview
Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 233 LLDP Overview 35.2 LLDP-MED Overview LLDP-MED (Link Layer Discovery Protocol for Media Endpoint Devices) is an extension to the standard LLDP developed by the Telecommunications Industry Association (TIA) TR-41.4 subcommittee which defines the enhanced discovery capabilities, such as VoIP applications, to enable network administrators manage their network topology application more efficiently.
Page 323: Lldp Screens
Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 234 LLDP-MED Overview 35.3 LLDP Screens Click Advanced Application > LLDP in the navigation panel to display the screen as shown next. Figure 235 Advanced Application > LLDP The following table describes the labels in this screen. Table 153 Advanced Application >...
Page 324: Lldp Local Status
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 153 Advanced Application > LLDP (continued) LABEL DESCRIPTION LLDP Click here to show a screen to configure LLDP parameters. Configuration LLDP-MED LLDP-MED Click here to show a screen to configure LLDP-MED (Link Layer Discovery Protocol for Configuration Media Endpoint Devices) parameters.
Page 325 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 236 Advanced Application > LLDP > LLDP Local Status (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 326 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 237 Advanced Application > LLDP > LLDP Local Status (Stacking mode) The following table describes the labels in this screen. Table 154 Advanced Application > LLDP > LLDP Local Status LABEL DESCRIPTION Basic TLV Chassis ID TLV This displays the chassis ID of the local Switch, that is the Switch you’re configuring.
Page 327: Lldp Local Port Status Detail
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 154 Advanced Application > LLDP > LLDP Local Status LABEL DESCRIPTION Management The Management Address TLV identifies an address associated with the local LLDP agent Address TLV that may be used to reach higher layer entities to assist discovery by network management.
Page 328 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 238 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail (Basic TLV) GS3700/XGS3700 Series User’s Guide...
Page 329 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 239 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail (MED TLV) GS3700/XGS3700 Series User’s Guide...
Page 330 Chapter 35 Link Layer Discovery Protocol (LLDP) The following table describes the labels in this screen. Table 155 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail LABEL DESCRIPTION Basic TLV These are the Basic TLV flags Port ID TLV The port ID TLV identifies the specific port that transmitted the LLDP frame.
Page 331: Lldp Remote Status
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 155 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail LABEL DESCRIPTION Network Policy This displays a network policy for the specified application. • Voice • Voice-Signaling •...
Page 332: Lldp Remote Port Status Detail
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 156 Advanced Application > LLDP > LLDP Remote Status LABEL DESCRIPTION Local Port This is the port number of local Switch that received LLDPDU from the remote device. In stacking mode, the first number represents the slot and the second the port number. Chassis ID This displays the chassis ID of the remote device associated with the transmitting LLDP agent.
Page 333 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 242 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Basic TLV) The following table describes the labels in Basic TLV part of the screen. Table 157 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Basic TLV) LABEL DESCRIPTION...
Page 334 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 157 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Basic TLV) LABEL DESCRIPTION System This displays the system description of the remote device. Description TLV System This displays whether the system capabilities are enabled and supported on the remote Capabilities device.
Page 335 Chapter 35 Link Layer Discovery Protocol (LLDP) The following table describes the labels in the Dot1 and Dot3 parts of the screen. Table 158 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Dot1 and Dot3 TLV) LABEL DESCRIPTION Dot1 TLV...
Page 336 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 244 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) GS3700/XGS3700 Series User’s Guide...
Page 337 Chapter 35 Link Layer Discovery Protocol (LLDP) The following table describes the labels in the MED TLV part of the screen. Table 159 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) LABEL DESCRIPTION MED TLV LLDP Media Endpoint Discovery (MED) is an extension of LLDP that provides additional...
Page 338: Lldp Configuration
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 159 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) (continued) LABEL DESCRIPTION Inventory TLV The majority of IP Phones lack support of management protocols such as SNMP, so LLDP- MED inventory TLVs are used to provide their inventory information to the Network Connectivity Devices such as the Switch.
Page 339 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 245 Advanced Application > LLDP > LLDP Configuration (Standalone mode) GS3700/XGS3700 Series User’s Guide...
Page 340 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 246 Advanced Application > LLDP > LLDP Configuration (Stacking mode) The following table describes the labels in this screen. Table 160 Advanced Application > LLDP > LLDP Configuration LABEL DESCRIPTION Active Select to enable LLDP on the Switch. It is enabled by default. Transmit Interval Enter how many seconds the Switch waits before sending LLDP packets.
Page 341: Lldp Configuration Basic Tlv Setting
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 160 Advanced Application > LLDP > LLDP Configuration LABEL DESCRIPTION Admin Status Select whether LLDP transmission and/or reception is allowed on this port. • Disable - not allowed • Tx-Only - transmit only •...
Page 342: Lldp Configuration Basic Org-Specific Tlv Setting
Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 248 Advanced Application > LLDP > LLDP Configuration> Basic TLV Setting (Stacking mode) The following table describes the labels in this screen. Table 161 Advanced Application > LLDP > LLDP Configuration > Basic TLV Setting LABEL DESCRIPTION Slot (Stacking...
Page 343 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 249 Advanced Application > LLDP > LLDP Configuration> Org-specific TLV Setting (Standalone mode) Figure 250 Advanced Application > LLDP > LLDP Configuration> Org-specific TLV Setting (Stacking mode) The following table describes the labels in this screen. Table 162 Advanced Application >...
Page 344: Lldp-Med Configuration
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 162 Advanced Application > LLDP > LLDP Configuration > Org-specific TLV Setting LABEL DESCRIPTION Port-Protocol Select check box to enable or disable the sending of IEEE 802.1 Port and Protocol VLAN VLAN ID ID TLVs on the port(s).
Page 345 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 251 Advanced Application > LLDP > LLDP-MED Configuration (Standalone mode) Figure 252 Advanced Application > LLDP > LLDP-MED Configuration (Stacking mode) The following table describes the labels in this screen. Table 163 Advanced Application > LLDP > LLDP-MED Configuration LABEL DESCRIPTION Slot (Stacking...
Page 346: Lldp-Med Network Policy
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 163 Advanced Application > LLDP > LLDP-MED Configuration LABEL DESCRIPTION Topology Select to enable LLDP-MED topology change traps on this port. Change MED TLV Setting Location Select to enable transmitting LLDP-MED location TLV. Network Policy Select to enable transmitting LLDP-MED Network Policy TLV.
Page 347 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 254 Advanced Application > LLDP > LLDP-MED Network Policy (Stacking mode) The following table describes the labels in this screen. Table 164 Advanced Application > LLDP > LLDP-MED Network Policy LABEL DESCRIPTION Port Enter the port number to set up the LLDP-MED network policy.
Page 348: Lldp-Med Location
Chapter 35 Link Layer Discovery Protocol (LLDP) Table 164 Advanced Application > LLDP > LLDP-MED Network Policy LABEL DESCRIPTION VLAN This field displays the VLANID of the network policy. Priority This field displays the priority value of the network policy. DSCP This field displays the DSCP value of the network policy.
Page 349 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 256 Advanced Application > LLDP > LLDP-MED Location (Stacking mode) The following table describes the labels in this screen. Table 165 Advanced Application > LLDP > LLDP-MED Location LABEL DESCRIPTION Port Enter the port number you want to set up the location within the LLDP-MED network.For Stacking mode the first field box is the Slot ID, the second field box is the port.
Page 350 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 165 Advanced Application > LLDP > LLDP-MED Location LABEL DESCRIPTION Altitude Enter the altitude information. The value should be from -2097151 to 2097151 in meters or in floors. • meters • floor Datum Select the appropriate geodetic datum used by GPS.
Page 351 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 165 Advanced Application > LLDP > LLDP-MED Location LABEL DESCRIPTION ELIN Number This field shows the Emergency Location Identification Number (ELIN), which is used to identify endpoint devices when they issue emergency call services. The valid length is form 10 characters to 25 characters.
Page 352: Static Route
HAPTER Static Route This chapter shows you how to configure static routes. 36.1 Static Routing Overview The Switch usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Switch send data to devices not reachable through the default gateway, use static routes.
Page 353: Configuring Ipv4 Static Routing
Chapter 36 Static Route Figure 258 IP Application > Static Routing 36.3 Configuring IPv4 Static Routing Click the link next to IPv4 Static Route in the IP Application > Static Routing screen to display the screen as shown. Figure 259 IP Application > Static Routing > IPv4 Static Route The following table describes the related labels you use to create a static route.
Page 354: Configuring Ipv6 Static Routing
Chapter 36 Static Route Table 166 IP Application > Static Routing > IPv4 Static Route (continued) LABEL DESCRIPTION Metric The metric represents the “cost” of transmission for routing purposes. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link.
Page 355 Chapter 36 Static Route Figure 260 IP Application > Static Routing > IPv6 Static Route The following table describes the related labels you use to create a static route. Table 167 IP Application > Static Routing > IPv6 Static Route LABEL DESCRIPTION Route...
Page 356: Policy Routing
HAPTER Policy Routing This chapter shows you how to configure policy routing rules. 37.1 Policy Route Overview Traditionally, routing is based on the destination address only and the Switch takes the shortest path to forward a packet. Policy routing provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator.
Page 357: Policy Routing Rule Configuration
Chapter 37 Policy Routing Figure 261 IP Application > Policy Routing The following table describes the labels in this screen. Table 168 IP Application > Policy Routing LABEL DESCRIPTION Active This field allows you to activate/deactivate this policy routing profile and rules in the profile. Profile Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes.
Page 358 Chapter 37 Policy Routing Click Rule Configuration in the IP Application > Policy Routing screen to display the screen as shown. Figure 262 IP Application > Policy Routing > Rule Configuration The following table describes the labels in this screen. Table 169 IP Application >...
Page 359 Chapter 37 Policy Routing Table 169 IP Application > Policy Routing > Rule Configuration (continued) LABEL DESCRIPTION Click this to create a new entry or to update an existing one. This saves your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 360: Differentiated Services
HAPTER Differentiated Services This chapter shows you how to configure Differentiated Services (DiffServ) on the Switch. 38.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Page 361: Two Rate Three Color Marker Traffic Policing
Chapter 38 Differentiated Services various traffic policies to the traffic flows. For example, one traffic policy would be to give higher drop precedence to one traffic flow over others. In our example packets in the Bronze traffic flow are more likely to be dropped when congestion occurs than the packets in the Platinum traffic flow as they move across the DiffServ network.
Page 362: Trtcm - Color-Blind Mode
Chapter 38 Differentiated Services 38.2.1 TRTCM - Color-blind Mode All packets are evaluated against the PIR. If a packet exceeds the PIR it is marked red. Otherwise it is evaluated against the CIR. If it exceeds the CIR then it is marked yellow. Finally, if it is below the CIR then it is marked green.
Page 363 Chapter 38 Differentiated Services Figure 267 IP Application > DiffServ (Standalone mode) Figure 268 IP Application > DiffServ (Stacking mode) The following table describes the labels in this screen. Table 170 IP Application > DiffServ LABEL DESCRIPTION Active Select this option to enable DiffServ on the Switch. Slot (Stacking This field appears only in stacking mode.
Page 364: Configuring 2-Rate 3 Color Marker Settings
Chapter 38 Differentiated Services Table 170 IP Application > DiffServ (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 365 Chapter 38 Differentiated Services Figure 270 IP Application > DiffServ > 2-rate 3 Color Marker (Stacking mode) The following table describes the labels in this screen. Table 171 IP Application > DiffServ > 2-rate 3 Color Marker LABEL DESCRIPTION Active Select this to activate TRTCM (Two Rate Three Color Marker) on the Switch.
Page 366: Dscp Profile
Chapter 38 Differentiated Services Table 171 IP Application > DiffServ > 2-rate 3 Color Marker (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 367: Dscp-To-Ieee 802.1P Priority Settings
Chapter 38 Differentiated Services Table 172 IP Application > DiffServ > 2-rate 3 Color Marker > DSCP Profile (continued) LABEL DESCRIPTION Delete Profile Select the entry(ies) that you want to remove in the Delete Profile column. Delete Click the Delete button to remove the selected entry(ies) from the table. Cancel Click this to revert the fields to the previous configuration.
Page 368 Chapter 38 Differentiated Services GS3700/XGS3700 Series User’s Guide...
Page 369: Dhcp
HAPTER DHCP This chapter shows you how to configure the DHCP feature. 39.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the Switch as a DHCP server or a DHCP relay agent.
Page 370: Dhcpv4 Status
Chapter 39 DHCP and create option 82 profiles. Click the link next to DHCPv6 to open a screen where you can configure DHCPv6 relay settings. Figure 273 IP Application > DHCP 39.3 DHCPv4 Status Click IP Application > DHCP > DHCPv4 in the navigation panel. The DHCP Status screen displays.
Page 371: Dhcpv4 Relay
Chapter 39 DHCP Figure 275 IP Application > DHCP > DHCPv4 > Server Status Detail The following table describes the labels in this screen. Table 176 IP Application > DHCP > DHCPv4 > Server Status Detail LABEL DESCRIPTION Start IP Address This field displays the starting IP address of the IP address pool configured for this DHCP server instance.
Page 372: Dhcpv4 Relay Agent Information
Chapter 39 DHCP The Switch can be configured as a global DHCP relay. This means that the Switch forwards all DHCP requests from all domains to the same DHCP server. You can also configure the Switch to relay DHCP information based on the VLAN membership of the DHCP clients. 39.4.1 DHCPv4 Relay Agent Information The Switch can add information about the source of client DHCP requests that it relays to a DHCP server by adding Relay Agent Information.
Page 373 Chapter 39 DHCP Figure 276 IP Application > DHCP > DHCPv4 > Option 82 Profile The following table describes the labels in this screen. Table 180 IP Application > DHCP > DHCPv4 > Option 82 Profile LABEL DESCRIPTION Name Enter a descriptive name for the profile for identification purposes. You can use up to 32 ASCII characters.
Page 374: Configuring Dhcpv4 Global Relay
Chapter 39 DHCP Table 180 IP Application > DHCP > DHCPv4 > Option 82 Profile (continued) LABEL DESCRIPTION Click this to create a new entry or to update an existing one. This saves your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 375: Dhcpv4 Global Relay Port Configure
Chapter 39 DHCP Table 181 IP Application > DHCP > DHCPv4 > Global (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 376: Global Dhcp Relay Configuration Example
Chapter 39 DHCP Table 182 IP Application > DHCP > DHCPv4 > Global > Port (continued) LABEL DESCRIPTION Index This field displays a sequential number for each entry. Click an index number to change the settings. Port This field displays the port(s) to which the Switch applies the settings. In stacking mode, the first number represents the slot and the second the port number.
Page 377: Configuring Dhcp Vlan Settings
Chapter 39 DHCP Figure 280 DHCP Relay Configuration Example EXAMPLE 39.5 Configuring DHCP VLAN Settings Use this screen to configure your DHCP settings based on the VLAN domain of the DHCP clients. Click IP Application > DHCP > DHCPv4 in the navigation panel, then click the VLAN link In the DHCP Status screen that displays.
Page 378 Chapter 39 DHCP Figure 281 IP Application > DHCP > DHCPv4 > VLAN The following table describes the labels in this screen. Table 183 IP Application > DHCP > DHCPv4 > VLAN LABEL DESCRIPTION Enter the ID number of the VLAN to which these DHCP settings apply. DHCP Status Select whether the Switch should function as a DHCP Server or Relay for the specified VID.
Page 379: Dhcpv4 Vlan Port Configure
Chapter 39 DHCP Table 183 IP Application > DHCP > DHCPv4 > VLAN (continued) LABEL DESCRIPTION Remote Enter the IP address of a DHCP server in dotted decimal notation. DHCP Server 1 .. 3 Option 82 Profile Select a pre-defined DHCP option 82 profile that the Switch applies to all ports in this VLAN.
Page 380: Example: Dhcp Relay For Two Vlans
Chapter 39 DHCP The following table describes the labels in this screen. Table 184 IP Application > DHCP > DHCPv4 > VLAN > Port LABEL DESCRIPTION Enter the ID number of the VLAN you want to configure here. Port Enter the number of port(s) to which you want to apply the specified DHCP option 82 profile.
Page 381: Dhcpv6 Relay
Chapter 39 DHCP Figure 283 DHCP Relay for Two VLANs DHCP:192.168.1.100 VLAN 1 VLAN 2 DHCP:172.16.10.100 For the example network, configure the VLAN Setting screen as shown. Figure 284 DHCP Relay for Two VLANs Configuration Example EXAMPLE 39.6 DHCPv6 Relay A DHCPv6 relay agent is on the same network as the DHCPv6 clients and helps forward messages between the DHCPv6 server and clients.
Page 382 Chapter 39 DHCP known multicast address to locate a DHCPv6 server on its network, it then needs a DHCPv6 relay agent to send a message to a DHCPv6 server that is not attached to the same network. The DHCPv6 relay agent can add the remote identification (remote-ID) option and the interface-ID option to the Relay-Forward DHCPv6 messages.
Page 383 Chapter 39 DHCP Table 185 IP Application > DHCP > DHCPv6 (continued) LABEL DESCRIPTION Helper Address This field displays the IPv6 address of the remote DHCPv6 server for this VLAN. Interface ID This field displays whether the interface-ID option is added to DHCPv6 requests from clients in this VLAN.
Page 384: Vrrp
HAPTER VRRP This chapter shows you how to configure and monitor the Virtual Router Redundancy Protocol (VRRP) on the Switch. 40.1 VRRP Overview Each host on a network is configured to send packets to a statically configured default gateway (this Switch). The default gateway can become a single point of failure. Virtual Router Redundancy Protocol (VRRP), defined in RFC 2338, allows you to create redundant backup gateways to ensure that the default gateway of a host is always available.
Page 385: Vrrp Status
Chapter 40 VRRP 40.2 VRRP Status Click IP Application > VRRP in the navigation panel to display the VRRP Status screen as shown next. Figure 287 IP Application > VRRP Status The following table describes the labels in this screen. Table 186 IP Application >...
Page 386 Chapter 40 VRRP Click IP Application, VRRP and click the Configuration link to display the VRRP Configuration screen as shown next. Note: You can only configure VRRP on interfaces with unique VLAN IDs. Note: Routing domains with the same VLAN ID are not displayed in the table indicated. Figure 288 IP Application >...
Page 387: Vrrp Parameters
Chapter 40 VRRP Table 187 IP Application > VRRP Configuration: IP Interface (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 388 Chapter 40 VRRP Figure 289 IP Application > VRRP Configuration: VRRP Parameters The following table describes the labels in this screen. Table 188 IP Application > VRRP Configuration: VRRP Parameters LABEL DESCRIPTION Active Select this option to enable this VRRP entry. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes.
Page 389: Viewing Vrrp Summary
Chapter 40 VRRP 40.3.4 Viewing VRRP Summary View the VRRP configuration summary at the bottom of the screen. Figure 290 IP Application > VRRP Configuration: Summary The following table describes the labels in this screen. Table 189 IP Application > VRRP Configuration: Summary LABEL DESCRIPTION Index...
Page 390 Chapter 40 VRRP Figure 291 VRRP Configuration Example: One Virtual Router Network 172.16.1.1 172.16.1.100 172.16.1.10 You want to set switch A as the master router. Configure the VRRP parameters in the VRRP Configuration screens on the switches as shown in the figures below. Figure 292 VRRP Example 1: VRRP Parameter Settings on Switch A EXAMPLE Figure 293 VRRP Example 1: VRRP Parameter Settings on Switch B...
Page 391: Two Subnets Example
Chapter 40 VRRP Figure 294 VRRP Example 1: VRRP Status on Switch A EXAMPLE Figure 295 VRRP Example 1: VRRP Status on Switch B EXAMPLE 40.4.2 Two Subnets Example The following figure depicts an example in which two switches share the network traffic. Hosts in the two network groups use different default gateways.
Page 392 Chapter 40 VRRP Figure 297 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch A EXAMPLE Figure 298 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch B EXAMPLE After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next.
Page 393: Load Sharing
HAPTER Load Sharing 41.1 Load Sharing Overview The Switch learns the next-hop(s) using ARP and determines routing path(s) for a destination. The Switch supports Equal-Cost MultiPath (ECMP) to forward packets destined to the same device (A for example) through different routing paths (1, 2 and 3) of equal path cost. This allows you to balance or share traffic loads between multiple routing paths when the Switch is connected to more than one next-hop.
Page 394 Chapter 41 Load Sharing The following table describes the labels in this screen. Table 190 IP Application > Load Sharing LABEL DESCRIPTION Active Select this option to enable Equal-Cost MultiPath (ECMP) routing on the Switch. Criteria Select the criteria the Switch uses to determine the routing path for a packet. Select src-ip to have the Switch use a hash algorithm to convert a packet’s source IP address into a hash value which acts as an index to a route path.
Page 395: Arp Setup
HAPTER ARP Setup 42.1 ARP Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long.
Page 396 Chapter 42 ARP Setup ICMP reply from host B, it sends out an ARP request to get host A’s MAC address and updates the ARP table with host A’s ARP reply. The Switch then can forward host B’s ICMP reply to host A. ARP Request ARP Reply ICMP Request...
Page 397: Arp Setup
Chapter 42 ARP Setup Therefore in the following example, the Switch can learn host A’s MAC address from the ARP request sent by host A. The Switch then forwards host B’s ICMP reply to host A right after getting host B’s MAC address and ICMP reply. ARP Request ARP Reply ICMP Request...
Page 398 Chapter 42 ARP Setup Figure 303 IP Application > ARP Setup > ARP Learning The following table describes the labels in this screen. Table 191 IP Application > ARP Setup > ARP Learning LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot number mode) of the Switch in a stack.
Page 399: Static Arp
Chapter 42 ARP Setup 42.2.2 Static ARP Use this screen to create static ARP entries that will display in the Management > ARP Table screen and will not age out. Click the link next to Static ARP in the IP Application > ARP Setup screen to display the screen as shown.
Page 400 Chapter 42 ARP Setup Table 192 IP Application > ARP Setup > Static ARP (continued) LABEL DESCRIPTION IP Address This is the IP address of a device connected to a Switch port with the corresponding MAC address below. MAC Address This is the MAC address of the device with the corresponding IP address above.
Page 401: Maintenance
HAPTER Maintenance This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 43.1 The Maintenance Screen Use this screen to manage firmware and your configuration files. Click Management > Maintenance in the navigation panel to open the following screen. Management >...
Page 402: Firmware Upgrade
Chapter 43 Maintenance Table 193 Management > Maintenance (continued) LABEL DESCRIPTION Reboot Click Config 1 to reboot the system and load Configuration 1 on the Switch. System Click Config 2 to reboot the system and load Configuration 2 on the Switch. Click Stacking Default to reboot the system and load stacking configurations on the Switch.
Page 403 Chapter 43 Maintenance Management > Maintenance > Firmware Upgrade (Stacking mode) Figure 307 The top of firmware upgrade screen shows which firmware version is currently running on the Switch. Type the path and file name of the firmware file you wish to upload to the Switch in the File Path text box or click Browse to locate it.
Page 404: Restore A Configuration File
Chapter 43 Maintenance After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. Table 194 Management > Maintenance> Firmware Upgrade LABEL DESCRIPTION Name This is the name of the Switch that you’re configuring. Version The Switch has two firmware sets, Firmware 1 and Firmware 2, residing in flash.
Page 405: Backup A Configuration File
Chapter 43 Maintenance 43.4 Backup a Configuration File Backing up your Switch configurations allows you to create various “snapshots” of your device from which you may restore at a later date. Back up your current Switch configuration to a computer using the Backup Configuration screen. Figure 309 Management >...
Page 406: Save Configuration
Chapter 43 Maintenance 43.6 Save Configuration Click Config 1 to save the current configuration settings permanently to configuration one on the Switch. Click Config 2 to save the current configuration settings to configuration two on the Switch. Alternatively, click Save on the top right-hand corner in any screen to save the configuration changes to the current configuration.
Page 407: Load Factory Default
Chapter 43 Maintenance In the web configurator, click the Save button in the top of the screen to make the changes take effect. If you want to access the Switch web configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the default Switch IP address (192.168.1.1).
Page 408 Chapter 43 Maintenance Figure 314 Management > Maintenance > Tech-Support You may need WordPad or similar software to see the log report correctly. The table below describes the fields in the above screen. Table 195 Management > Maintenance > Tech-Support LABEL DESCRIPTION Type a number ranging from 50 to 100 in the CPU threshold box, and type another...
Page 409: Ftp Command Line
Chapter 43 Maintenance Table 195 Management > Maintenance > Tech-Support LABEL DESCRIPTION Memory Section Click Download to see the memory section log report. This log report is stored in flash memory. Mbuf Click Download to see the Mbuf log report. The log includes Mbuf over threshold information.
Page 410: Ftp Command Line Procedure
Chapter 43 Maintenance This is a sample FTP session showing the transfer of the computer file "firmware.bin" to the Switch. ftp> get config config.cfg This is a sample FTP session saving the current configuration to a file called “config.cfg” on your computer.
Page 411: Ftp Restrictions
Chapter 43 Maintenance Table 197 General Commands for GUI-based FTP Clients (continued) COMMAND DESCRIPTION Initial Remote Directory Specify the default remote directory (path). Initial Local Directory Specify the default local directory (path). 43.9.4 FTP Restrictions FTP will not work when: •...
Page 412: Access Control
HAPTER Access Control This chapter describes how to control access to the Switch. 44.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
Page 413: Snmp V3 And Security
Chapter 44 Access Control SNMP version 3. The next figure illustrates an SNMP management operation. SNMP is only available if TCP/IP is configured. Figure 316 SNMP Management Model An SNMP managed network consists of two main components: agents and a manager. An agent is a management software module that resides in a managed Switch (the Switch).
Page 414: Supported Mibs
Chapter 44 Access Control 44.3.2 Supported MIBs MIBs let administrators collect statistics and monitor status and performance. The Switch supports the following MIBs: • SNMP MIB II (RFC 1213) • RFC 1157 SNMP v1 • RFC 1493 Bridge MIBs • RFC 1643 Ethernet MIBs •...
Page 415 Chapter 44 Access Control Table 200 SNMP System Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION reset zySysMgmtUncontrolledSyste 1.3.6.1.4.1.890.1.15.3.49.2.1 This trap is sent when the Switch mReset automatically resets. zySysMgmtControlledSystem 1.3.6.1.4.1.890.1.15.3.49.2.2 This trap is sent when the Switch resets Reset by an administrator through a management interface.
Page 416 Chapter 44 Access Control Table 201 SNMP Stacking Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION Backup zyStackingNewBackup 1.3.6.1.4.1.890.1.15.3.9 New Backup with correspond slot ID. 7.4.7 zyStackingBackupTakeover 1.3.6.1.4.1.890.1.15.3.9 Replaced master with correspond slot ID. 7.4.8 Master zyStackingNewMasterFromTake 1.3.6.1.4.1.890.1.15.3.9 New master from taking over with correspond over 7.4.9 slot ID.
Page 417 Chapter 44 Access Control Table 202 SNMP InterfaceTraps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION transceiver- zyTransceiverDdmiTemperature 1.3.6.1.4.1.890.1.15.3.84.3.1 This trap is sent when the OutOfRange transceiver temperature is above or below the normal operating range. zyTransceiverDdmiTxPowerOutO 1.3.6.1.4.1.890.1.15.3.84.3.2 This trap is sent when the fRange transmitted optical power is above or below the normal operating range.
Page 418: Configuring Snmp
Chapter 44 Access Control Table 204 SNMP IP Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION ping pingProbeFailed 1.3.6.1.2.1.80.0.1 This trap is sent when a single ping probe fails. pingTestFailed 1.3.6.1.2.1.80.0.2 This trap is sent when a ping test (consisting of a series of ping probes) fails. pingTestCompleted 1.3.6.1.2.1.80.0.3 This trap is sent when a ping test is...
Page 419 Chapter 44 Access Control Figure 317 Management > Access Control > SNMP The following table describes the labels in this screen. Table 206 Management > Access Control > SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) values. Version Select the SNMP version for the Switch.
Page 420: Configuring Snmp Trap Group
Chapter 44 Access Control Table 206 Management > Access Control > SNMP (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 421: Enabling/Disabling Sending Of Snmp Traps On A Port
Chapter 44 Access Control 44.3.6 Enabling/Disabling Sending of SNMP Traps on a Port From the SNMP > Trap Group screen, click Port to view the screen as shown. Use this screen to set whether a trap received on the port(s) would be sent to the SNMP manager. Figure 319 Management >...
Page 422: Configuring Snmp User
Chapter 44 Access Control The following table describes the labels in this screen. Table 208 Management > Access Control > SNMP > Trap Group > Port LABEL DESCRIPTION Option Select the trap type you want to configure here. Slot Select the slot number that represents the Switch in a stack. Port This field displays a port number.
Page 423 Chapter 44 Access Control The following table describes the labels in this screen. Table 209 Management > Access Control > SNMP > User LABEL DESCRIPTION User Information Note: Use the username and password of the login accounts you specify in this screen to create accounts on the SNMP v3 manager.
Page 424: Setting Up Login Accounts
Chapter 44 Access Control Table 209 Management > Access Control > SNMP > User (continued) LABEL DESCRIPTION Privacy This field displays the encryption method used for SNMP communication with this user. Group This field displays the SNMP group to which this user belongs. Delete Click Delete to remove the selected entry from the summary table.
Page 425: Ssh Overview
Chapter 44 Access Control The following table describes the labels in this screen. Table 210 Management > Access Control > Logins LABEL DESCRIPTION Administrator This is the default administrator account with the “admin” user name. You cannot change the default administrator user name.
Page 426: How Ssh Works
Chapter 44 Access Control Figure 323 SSH Communication Example 44.6 How SSH works The following table summarizes how a secure connection is established between two remote hosts. Figure 324 How SSH Works Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key.
Page 427: Ssh Implementation On The Switch
Chapter 44 Access Control Authentication and Data Transmission After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server. The client then sends its authentication information (user name and password) to the server to log in to the server. 44.7 SSH Implementation on the Switch Your Switch supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish).
Page 428: Https Example
Chapter 44 Access Control Figure 325 HTTPS Implementation Note: If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 44.9 HTTPS Example If you haven’t changed the default HTTPS port on the Switch, then in your browser enter “https:// Switch IP Address/”...
Page 429 Chapter 44 Access Control 44.9.1.2 Internet Explorer 7 or 8 When you attempt to access the Switch HTTPS server, a screen with the message "There is a problem with this website's security certificate." may display. If that is the case, click Continue to this website (not recommended) to proceed to the web configurator login screen.
Page 430: Mozilla Firefox Warning Messages
Chapter 44 Access Control Figure 329 Certificate (Internet Explorer 7 or 8) 44.9.2 Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server, a This Connection is Untrusted screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button.
Page 431: The Main Screen
Chapter 44 Access Control Confirm the HTTPS server URL matches. Click Confirm Security Exception to proceed to the web configurator login screen. Figure 331 Security Alert (Mozilla Firefox) EXAMPLE 44.9.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen Internet Explorer appears.
Page 432: Service Access Control
Chapter 44 Access Control Figure 332 Example: Lock Denoting a Secure Connection EXAMPLE 44.10 Service Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later).
Page 433: Remote Management
Chapter 44 Access Control The following table describes the fields in this screen. Table 211 Management > Access Control > Service Access Control LABEL DESCRIPTION Services Services you may use to access the Switch are listed here. Active Select this option for the corresponding services that you want to allow to access the Switch. Service Port For Telnet, SSH, FTP, HTTP or HTTPS services, you may change the default service port by typing the new port number in the Service Port field.
Page 434 Chapter 44 Access Control The following table describes the labels in this screen. Table 212 Management > Access Control > Remote Management LABEL DESCRIPTION Entry This is the client set index number. A “client set” is a group of one or more “trusted computers”...
Page 435: Diagnostic
HAPTER Diagnostic This chapter explains the Diagnostic screen. 45.1 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen. Use this screen to check system logs, ping IP addresses or perform port tests. Figure 335 Management > Diagnostic The following table describes the labels in this screen.
Page 436 Chapter 45 Diagnostic Table 213 Management > Diagnostic (continued) LABEL DESCRIPTION IPv4 Select this option if you want to ping an IPv4 address, and select which traffic flow (in- band or out-of-band) the Switch is to send ping frames. If you select in-band, the Switch sends the frames to all ports except the management port (labelled MGMT).
Page 437: Syslog
HAPTER Syslog This chapter explains the syslog screens. 46.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server.
Page 438: Syslog Server Setup
Chapter 46 Syslog Figure 336 Management > Syslog The following table describes the labels in this screen. Table 215 Management > Syslog LABEL DESCRIPTION Syslog Select Active to turn on syslog (system logging) and then configure the syslog setting Logging Type This column displays the names of the categories of logs that the device can generate.
Page 439 Chapter 46 Syslog Figure 337 Management > Syslog > Server Setup The following table describes the labels in this screen. Table 216 Management > Syslog > Server Setup LABEL DESCRIPTION Active Select this check box to have the device send logs to this syslog server. Clear the check box if you want to create a syslog server entry but not have the device send logs to it (you can edit the entry later).
Page 440: Cluster Management
HAPTER Cluster Management This chapter introduces cluster management. 47.1 Clustering Management Status Overview Cluster Management allows you to manage switches through one Switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
Page 441: Cluster Management Status
Chapter 47 Cluster Management Figure 338 Clustering Application Example 47.2 Cluster Management Status Click Management > Cluster Management in the navigation panel to display the following screen. Note: A cluster can only have one manager. Figure 339 Management > Cluster Management GS3700/XGS3700 Series User’s Guide...
Page 442: Cluster Member Switch Management
Chapter 47 Cluster Management The following table describes the labels in this screen. Table 218 Management > Cluster Management LABEL DESCRIPTION Status This field displays the role of this Switch within the cluster. Manager Member (you see this if you access this screen in the cluster member switch directly and not via the cluster manager) None (neither a manager nor a member of a cluster) Manager...
Page 443 Chapter 47 Cluster Management Figure 340 Cluster Management: Cluster Member Web Configurator Screen EXAMPLE EXAMPLE 47.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example.
Page 444: Clustering Management Configuration
Chapter 47 Cluster Management The following table explains some of the FTP parameters. Table 219 FTP Upload to Cluster Member Example FTP PARAMETER DESCRIPTION Enter “admin”. User The web configurator password default is 1234. Password Enter this command to list the name of cluster member switch’s firmware and configuration file.
Page 445 Chapter 47 Cluster Management The following table describes the labels in this screen. Table 220 Management > Clustering Management > Configuration LABEL DESCRIPTION Clustering Manager Active Select Active to have this Switch become the cluster manager switch. A cluster can only have one manager.
Page 446: Mac Table
HAPTER MAC Table This chapter introduces the MAC Table screen. 48.1 MAC Table Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch, the MAC address of the device is shown on the Switch’s MAC Table.
Page 447: Viewing The Mac Table
Chapter 48 MAC Table 48.2 Viewing the MAC Table Click Management > MAC Table in the navigation panel to display the following screen. Use this screen to search specific MAC addresses. You can also directly add dynamic MAC address(es) into the static MAC forwarding table or MAC filtering table from the MAC table using this screen.
Page 448 Chapter 48 MAC Table Table 221 Management > MAC Table (continued) LABEL DESCRIPTION Index This is the incoming frame index number. MAC Address This is the MAC address of the device from which this incoming frame came. This is the VLAN group to which this frame belongs. Port This is the port from which the above MAC address was learned.
Page 449: Ip Table
HAPTER IP Table This chapter introduces the IP table. 49.1 IP Table Overview The IP Table screen shows how packets are forwarded or filtered across the Switch’s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch, the IP address of the device is shown on the Switch’s IP Table.
Page 450: Viewing The Ip Table
Chapter 49 IP Table 49.2 Viewing the IP Table Click Management > IP Table in the navigation panel to display the following screen. Figure 346 Management > IP Table The following table describes the labels in this screen. Table 222 Management > IP Table LABEL DESCRIPTION Sort by...
Page 451: Arp Table
HAPTER ARP Table This chapter introduces ARP Table. 50.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
Page 452 Chapter 50 ARP Table Figure 347 Management > ARP Table The following table describes the labels in this screen. Table 223 Management > ARP Table LABEL DESCRIPTION Condition Specify how you want the Switch to remove ARP entries when you click Flush. Select All to remove all of the dynamic entries from the ARP table.
Page 453: Routing Table
HAPTER Routing Table This chapter introduces the routing table. 51.1 Overview The routing table contains the route information to the network(s) that the Switch can reach. 51.2 Viewing the Routing Table Status Use this screen to view routing table information. Click Management > Routing Table in the navigation panel to display the screen as shown.
Page 454: Path Mtu Table
HAPTER Path MTU Table This chapter introduces the IPv6 Path MTU table. 52.1 Path MTU Overview The largest size (in bytes) of a packet that can be transferred over a data link is called the maximum transmission unit (MTU). The Switch uses Path MTU Discovery to discover Path MTU (PMTU), that is, the minimum link MTU of all the links in a path to the destination.
Page 455: Configure Clone
HAPTER Configure Clone This chapter shows you how you can copy the settings of one port onto other ports. 53.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports.
Page 456 Chapter 53 Configure Clone Figure 351 Management > Configure Clone (Stacking) The following table describes the labels in this screen. Table 226 Management > Configure Clone LABEL DESCRIPTION Source/ In stacking mode, a port is defined by a slot ID representing the Switch in the stack and a Destination port number.
Page 457 Chapter 53 Configure Clone Table 226 Management > Configure Clone (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 458: Neighbor Table
HAPTER Neighbor Table This chapter introduces the IPv6 neighbor table. 54.1 IPv6 Neighbor Table Overview An IPv6 host is required to have a neighbor table. If there is an address to be resolved or verified, the Switch sends out a neighbor solicitation message. When the Switch receives a neighbor advertisement in response, it stores the neighbor’s link-layer address in the neighbor table.
Page 459 Chapter 54 Neighbor Table Table 227 Management > Neighbor Table (continued) LABEL DESCRIPTION Status This field displays whether the neighbor IPv6 interface is reachable. In IPv6, “reachable” means an IPv6 packet can be correctly forwarded to a neighbor node (host or router) and the neighbor can successfully receive and handle the packet.
Page 460: Troubleshooting
HAPTER Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Switch Access and Login • Switch Configuration 55.1 Power, Hardware Connections, and LEDs The Switch does not turn on.
Page 461: Switch Access And Login
Chapter 55 Troubleshooting One of the LEDs does not behave as expected. Make sure you understand the normal behavior of the LED. See Section 3.3 on page Check the hardware connections. See Section 3.1 on page Inspect your cables for damage. Contact the vendor to replace any damaged cables. Turn the Switch off and on (in DC models or if the DC power supply is connected in AC/DC models).
Page 462 Chapter 55 Troubleshooting • If you changed the IP address, use the new IP address. • If you changed the IP address and have forgotten it, see the troubleshooting suggestions for forgot the IP address for the Switch. Check the hardware connections, and make sure the LEDs are behaving as expected. See Section 3.3 on page Make sure your Internet browser does not block pop-up windows and has JavaScripts and Java...
Page 463: Switch Configuration
Chapter 55 Troubleshooting I cannot see some of Advanced Application submenus at the bottom of the navigation panel. The recommended screen resolution is 1024 by 768 pixels. Adjust the value in your computer and then you should see the rest of Advanced Application submenus at the bottom of the navigation panel.
Page 464: Appendix A Common Services
PP EN D I X Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. •...
Page 465 Appendix A Common Services Table 228 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION HTTPS HTTPS is a secured http session often used in e- commerce. ICMP User-Defined Internet Control Message Protocol is often used for diagnostic or routing purposes. 4000 This is a popular Internet chat program.
Page 466 Appendix A Common Services Table 228 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. TCP/UDP Secure Shell Remote Login Program.
Page 467: Appendix B Ipv6
PP EN D I X IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 10 addresses.
Page 468: Multicast Address
Appendix B IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address.
Page 469 Appendix B IPv6 Table 231 Reserved Multicast Address (continued) MULTICAST ADDRESS FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
Page 470 Appendix B IPv6 combines its interface ID and global and subnet information advertised from the router. This is a routable global IP address. DHCPv6 The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, RFC 3315) is a server-client protocol that allows a DHCP server to assign and pass IPv6 network addresses, prefixes and other configuration information to DHCP clients.
Page 471 Appendix B IPv6 such as the system name. The interface-ID option provides slot number, port information and the VLAN ID to the DHCPv6 server. The remote-ID option (if any) is stripped from the Relay-Reply messages before the relay agent sends the packets to the clients. The DHCP server copies the interface-ID option from the Relay-Forward message into the Relay-Reply message and sends it to the relay agent.
Page 472 Appendix B IPv6 determine whether the destination address is on-link and can be reached directly without passing through a router. If the address is onlink, the address is considered as the next hop. Otherwise, the Switch determines the next-hop from the default router list or routing table. Once the next hop IP address is known, the Switch looks into the neighbor cache to get the link-layer address and sends the packet when the neighbor is reachable.
Page 473 Appendix B IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses.
Page 474 Appendix B IPv6 Click Start and then OK. Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer.
Page 475 Appendix B IPv6 Click Close to exit the Local Area Connection Status screen. Select Start > All Programs > Accessories > Command Prompt. Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection:...
Page 476: Appendix C Customer Support
• Brief description of the problem and the steps you took to solve it. Corporate Headquarters (Worldwide) Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Asia China • ZyXEL Communications (Shanghai) Corp. ZyXEL Communications (Beijing) Corp. ZyXEL Communications (Tianjin) Corp. • http://www.zyxel.cn India • ZyXEL Technology India Pvt Ltd • http://www.zyxel.in Kazakhstan •...
Page 477 • ZyXEL Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Thailand • ZyXEL Thailand Co., Ltd • http://www.zyxel.co.th Vietnam • ZyXEL Communications Corporation-Vietnam Office • http://www.zyxel.com/vn/vi Europe Austria • ZyXEL Deutschland GmbH • http://www.zyxel.de Belarus • ZyXEL BY • http://www.zyxel.by...
Page 478 Appendix C Customer Support Belgium • ZyXEL Communications B.V. • http://www.zyxel.com/be/nl/ Bulgaria • ZyXEL България • http://www.zyxel.com/bg/bg/ Czech • ZyXEL Communications Czech s.r.o • http://www.zyxel.cz Denmark • ZyXEL Communications A/S • http://www.zyxel.dk Estonia • ZyXEL Estonia • http://www.zyxel.com/ee/et/ Finland • ZyXEL Communications •...
Page 479 • ZyXEL Communications Poland • http://www.zyxel.pl Romania • ZyXEL Romania • http://www.zyxel.com/ro/ro Russia • ZyXEL Russia • http://www.zyxel.ru Slovakia • ZyXEL Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • ZyXEL Spain • http://www.zyxel.es Sweden • ZyXEL Communications • http://www.zyxel.se Switzerland •...
Page 480 Ecuador • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Middle East Egypt • ZyXEL Communication Corporation • http://www.zyxel.com/homepage.shtml Middle East • ZyXEL Communication Corporation • http://www.zyxel.com/homepage.shtml North America • ZyXEL Communications, Inc. - North America Headquarters • http://www.us.zyxel.com/ GS3700/XGS3700 Series User’s Guide...
Page 481 Appendix C Customer Support Oceania Australia • ZyXEL Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.za GS3700/XGS3700 Series User’s Guide...
Page 482: Appendix D Legal Information
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved.
Page 483 Appendix D Legal Information List of National Codes COUNTRY ISO 3166 2 LETTER CODE COUNTRY ISO 3166 2 LETTER CODE Austria Malta Belgium Netherlands Cyprus Poland Czech Republic Portugal Denmark Slovakia Estonia Slovenia Finland Spain France Sweden Germany United Kingdom Greece Iceland Hungary...
Page 484 Appendix D Legal Information Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately.
Page 485 Appendix D Legal Information Environmental Product Declaration GS3700/XGS3700 Series User’s Guide...
Page 486 North American products. Trademarks ZyNOS (ZyXEL Network Operating System) and ZON (ZyXEL One Network)are registered trademarks of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 487: Index
Index Index setup Numbers automatic VLAN registration 802.1P priority 802.3az back up, configuration file basic settings binding access control limitations binding table login account building remote management BPDUs (Bridge Protocol Data Units) service port Bridge Protocol Data Units (BPDUs) SNMP accounting setup address learning, MAC...
Page 488 Index network example setup setup DHCP (Dynamic Host Configuration Protocol) specification DHCP relay option 82 status DHCP snooping switch models configuring DHCP relay option 82 web configurator trusted ports cluster manager untrusted ports cluster member DHCP snooping database command interface diagnostics Common and Internal Spanning Tree (CIST) Ethernet port test...
Page 489 Index Ethernet ports and port assignment default settings GVRP (GARP VLAN Registration Protocol) external authentication server hardware installation Fan Module hardware monitor 55, 56, 57 fan speed hardware overview 56, 57 FCC interference statement hello time file transfer using FTP hops command example HTTPS...
Page 490 Index introduction timeout Layer 2 protocol tunneling, see L2PT interface LEDs 62, 385 routing domain limit MAC address learning setup Link Aggregate Control Protocol (LACP) IP source guard link aggregation ARP inspection 254, 256 dynamic DHCP snooping ID information static bindings setup 165, 168 IP table...
Page 491 Index and ARP inspection MST ID MAC freeze MSTI (Multiple Spanning Tree Instance) MAC table MSTP 125, 127 how it works bridge ID viewing configuration 138, 142 configuration digest MAC-based VLAN forwarding delay maintanence Hello Time configuration backup hello time firmware Max Age restoring configuration...
Page 492 Index port security 182, 186 address learning limit MAC address learning other documentation MAC address learning 182, 186 overview 182, 186 setup 182, 186, 279, 286 port setup port status PAGP port VLAN trunking password port-based VLAN administrator all connected Path MTU port isolation settings wizard...
Page 493 Index queuing save configuration 41, 406 Secure Shell See SSH queuing method 202, 204 service access control service port sFlow collector configuration datagram RADIUS overview advantages poll interval and authentication sample rate Network example UDP port server settings sFlow agent setup sFlow collector Rapid Spanning Tree Protocol, See RSTP.
Page 494 Index static MAC address server setup settings static MAC forwarding 104, 106, 117 setup static multicast address severity levels static multicast forwarding system information static route system log overview system reboot static routes static trunking example Static VLAN static VLAN control tagging TACACS+...
Page 495 Index Two Rate Three Color Marker, see TRTCM VLAN (Virtual Local Area Network) Type of Service (ToS) VLAN mapping activating configuration example priority level tagged UDLD traffic flow UniDirectional Link Detection, see UDLD untagged VLAN ID untrusted ports ARP inspection VLAN number DHCP snooping VLAN stacking...
Page 496 Index warranty note web configurator 23, 35 getting help layout login logout navigation panel weight, queuing Weighted Round Robin Scheduling (WRR) WFQ (Weighted Fair Queuing) WRR (Weighted Round Robin Scheduling ZON Neighbor Management ZON Utility ZyNOS (ZyXEL Network Operating System) GS3700/XGS3700 Series User’s Guide...

This manual is also suitable for:

Xg3700 series

ZyXEL Communications GS3700 Series User Manual

Contents Overview

Table of Contents

User's Guide

PART I User's Guide

Chapter 1 Getting to Know Your Switch

Chapter 2 Hardware Installation and Connection

Chapter 3 Hardware Overview

Chapter 4 The Web Configurator

Technical Reference

Part II: Technical Reference

Chapter 5 ZON Utility, ZON Neighbor Management and Port Status

Chapter 6 Basic Setting

Chapter 7 VLAN

Chapter 8 Static MAC Forward Setup

Chapter 9

Static Multicast Forward Setup

Chapter 10 Filtering

Chapter 11 Spanning Tree Protocol

Chapter 12 Bandwidth Control

Chapter 13 Broadcast Storm Control

Chapter 14 Mirroring

Chapter 15 Link Aggregation

Chapter 16 Port Authentication

Chapter 17 Port Security

Chapter 18 Time Range

Chapter 19 Classifier

Chapter 20 Policy Rule

Chapter 21 Queuing Method

Chapter 22 VLAN Stacking

Chapter 23 Multicast

Chapter 24 AAA

Chapter 25 IP Source Guard

Chapter 26 Loop Guard

Chapter 27 VLAN Mapping

Chapter 28 Layer 2 Protocol Tunneling

Chapter 29 Sflow

Chapter 30 Pppoe

Chapter 31 Error Disable

Quick Links

Related Manuals for ZyXEL Communications GS3700 Series

Summary of Contents for ZyXEL Communications GS3700 Series