ZyXEL Communications xg3700 series User Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Network Router
  5. XG3700 Series
  6. User manual
ZyXEL Communications xg3700 series User Manual

ZyXEL Communications xg3700 series User Manual

Hide thumbs Also See for xg3700 series:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
Table of Contents

Advertisement

Quick Links

Download this manual
GS3700/XGS3700 Series
GbE L2+ Switch
Version 4.30
Edition 1, 10/2015
Quick Start Guide
User's Guide
Default Login Details
IP Address
http://192.168.0.1 (Out-
http://192.168.1.1 (In-
www.zyxel.com
User Name
Password
of-band MGMT port)
band ports)
admin
1234
Copyright © 2015 ZyXEL Communications Corporation

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the xg3700 series and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for ZyXEL Communications xg3700 series

Summary of Contents for ZyXEL Communications xg3700 series

  • Page 1 GS3700/XGS3700 Series GbE L2+ Switch Version 4.30 Edition 1, 10/2015 Quick Start Guide User’s Guide Default Login Details IP Address http://192.168.0.1 (Out- of-band MGMT port) http://192.168.1.1 (In- www.zyxel.com band ports) User Name admin Password 1234 Copyright © 2015 ZyXEL Communications Corporation...
  • Page 2 IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Note: This guide is a reference for a series of products. Therefore some features or options in this guide may not be available in your product. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system.

  • Page 3: Table Of Contents

    Contents Overview Contents Overview User’s Guide ............................20 Getting to Know Your Switch ........................21 Hardware Installation and Connection ....................26 Hardware Overview ..........................30 The Web Configurator ..........................37 Technical Reference ..........................46 ZON Utility, ZON Neighbor Management and Port Status ..............47 Basic Setting ............................56 VLAN ..............................101 Static MAC Forward Setup ........................124 Static Multicast Forward Setup ......................127...
  • Page 4 Contents Overview Anti-Arpscan ............................372 BPDU Guard ............................378 OAM ..............................381 ZULD ..............................390 Static Route ............................396 Policy Routing ............................400 Differentiated Services ..........................404 DHCP ..............................413 VRRP ..............................430 Load Sharing ............................439 ARP Setup ............................441 Maintenance ............................447 Access Control ............................458 Diagnostic .............................482 System Log ............................485 Syslog Setup ............................486 Cluster Management ..........................489 MAC Table .............................495...

  • Page 5: Table Of Contents

    Table of Contents Table of Contents Contents Overview ..........................3 Table of Contents ..........................5 Part I: User’s Guide ..................20 Chapter 1 Getting to Know Your Switch......................21 1.1 Introduction ............................21 1.1.1 Bridging Example ........................22 1.1.2 High Performance Switching Example ..................22 1.1.3 Gigabit Ethernet to the Desktop ....................23 1.1.4 IEEE 802.1Q VLAN Application Example ................23 1.1.5 IPv6 Support ..........................24 1.2 Ways to Manage the Switch ......................24...
  • Page 6 Table of Contents Chapter 4 The Web Configurator ........................37 4.1 Introduction ............................37 4.2 System Login ..........................37 4.3 The Web Configurator Layout ......................38 4.3.1 Change Your Password ......................42 4.4 Saving Your Configuration ........................43 4.5 Switch Lockout ..........................43 4.6 Resetting the Switch ........................44 4.6.1 Reload the Configuration File ....................44 4.7 Logging Out of the Web Configurator ....................45...
  • Page 7 Table of Contents 6.9.1 IPv6 Interface Status .......................80 6.9.2 IPv6 Configuration ........................83 6.9.3 IPv6 Global Setup ........................83 6.9.4 IPv6 Interface Setup ........................84 6.9.5 IPv6 Link-Local Address Setup ....................85 6.9.6 IPv6 Global Address Setup .....................86 6.9.7 IPv6 Neighbor Discovery Setup ....................87 6.9.8 IPv6 Router Discovery Setup ....................88 6.9.9 IPv6 Prefix Setup ........................89 6.9.10 IPv6 Neighbor Setup ......................91...
  • Page 8 Table of Contents 8.2 Configuring Static MAC Forwarding ...................124 Chapter 9 Static Multicast Forward Setup .......................127 9.1 Static Multicast Forwarding Overview .....................127 9.2 Configuring Static Multicast Forwarding ..................128 Chapter 10 Filtering..............................130 10.1 Configure a Filtering Rule ......................130 Chapter 11 Spanning Tree Protocol........................132 11.1 STP/RSTP Overview ........................132 11.1.1 STP Terminology .........................132 11.1.2 How STP Works ........................133...
  • Page 9 Table of Contents 14.1.2 Remote Port Mirroring ......................167 14.1.3 Source ..........................168 14.1.4 Destination ...........................170 14.1.5 Connected Port ........................171 Chapter 15 Link Aggregation ..........................175 15.1 Link Aggregation Overview ......................175 15.2 Dynamic Link Aggregation ......................175 15.2.1 Link Aggregation ID ......................176 15.3 Link Aggregation Status .......................176 15.4 Link Aggregation Setting ......................177 15.5 Link Aggregation Control Protocol .....................180...
  • Page 10 Table of Contents 19.5 Classifier Example ........................208 Chapter 20 Policy Rule ............................210 20.1 Policy Rules Overview .........................210 20.1.1 DiffServ ..........................210 20.1.2 DSCP and Per-Hop Behavior ....................210 20.2 Configuring Policy Rules .......................210 20.3 Policy Example ..........................213 Chapter 21 Queuing Method ..........................215 21.1 Queuing Method Overview ......................215 21.1.1 Strictly Priority ........................215 21.1.2 Weighted Fair Queuing ......................215...
  • Page 11 Table of Contents 23.4 IPv6 Multicast Status ........................236 23.4.1 MLD Snooping-proxy ......................237 23.4.2 MLD Snooping-proxy VLAN ....................237 23.4.3 MLD Snooping-proxy VLAN Port Role Setting ..............239 23.4.4 MLD Snooping-proxy Filtering ....................241 23.4.5 MLD Snooping-proxy Filtering Profile .................243 23.5 MVR Overview ..........................244 23.5.1 Types of MVR Ports ......................245 23.5.2 MVR Modes .........................245 23.5.3 How MVR Works .........................245...
  • Page 12 Table of Contents 25.7.1 ARP Inspection VLAN Status ....................280 25.7.2 ARP Inspection Log Status ....................281 25.8 ARP Inspection Configure ......................282 25.8.1 ARP Inspection Port Configure ....................284 25.8.2 ARP Inspection VLAN Configure ..................286 25.9 IPv6 Source Guard Overview .......................287 25.10 IPv6 Source Binding Status ......................287 25.11 IPv6 Static Binding Setup ......................288 25.12 IPv6 Source Guard Policy Setup ....................290 25.13 IPv6 Source Guard Port Setup ....................291...
  • Page 13 Table of Contents 30.1 PPPoE Intermediate Agent Overview ..................316 30.1.1 PPPoE Intermediate Agent Tag Format ................316 30.1.2 Sub-Option Format ......................316 30.1.3 Port State ..........................317 30.2 The PPPoE Screen ........................318 30.3 PPPoE Intermediate Agent ......................318 30.3.1 PPPoE IA Per-Port ......................320 30.3.2 PPPoE IA Per-Port Per-VLAN ....................322 30.3.3 PPPoE IA for VLAN ......................323 Chapter 31 Error Disable .............................325...
  • Page 14 Table of Contents 35.4.1 LLDP Local Port Status Detail ....................348 35.5 LLDP Remote Status ........................352 35.5.1 LLDP Remote Port Status Detail ..................352 35.6 LLDP Configuration ........................358 35.6.1 LLDP Configuration Basic TLV Setting ................361 35.6.2 LLDP Configuration Basic Org-specific TLV Setting ............362 35.7 LLDP-MED Configuration ......................364 35.8 LLDP-MED Network Policy ......................366 35.9 LLDP-MED Location...
  • Page 15 Table of Contents Chapter 40 Static Route ............................396 40.1 Static Routing Overview ......................396 40.2 Static Routing ..........................396 40.3 Configuring IPv4 Static Routing ....................397 40.4 Configuring IPv6 Static Routing ....................398 Chapter 41 Policy Routing...........................400 41.1 Policy Route Overview .........................400 41.1.1 Benefits ..........................400 41.2 Configuring Policy Routing Profile ....................400 41.2.1 Policy Routing Rule Configuration ..................401 Chapter 42...
  • Page 16 Table of Contents 43.5.1 DHCPv4 VLAN Port Configure ...................422 43.5.2 Example: DHCP Relay for Two VLANs ................423 43.6 DHCPv6 Status ..........................424 43.7 DHCPv6 Information ........................425 43.8 DHCPv6 Prefix Delegation ......................426 43.9 DHCPv6 Relay ..........................428 Chapter 44 VRRP..............................430 44.1 VRRP Overview ...........................430 44.2 VRRP Status ..........................431 44.3 VRRP Configuration ........................431 44.3.1 IP Interface Setup .......................431...
  • Page 17 Table of Contents 47.7.1 Load Stacking Default ......................452 47.7.2 Load Factory Default ......................453 47.8 Tech-Support ..........................453 47.9 FTP Command Line ........................455 47.9.1 Filename Conventions ......................455 47.9.2 FTP Command Line Procedure ..................456 47.9.3 GUI-based FTP Clients ......................456 47.9.4 FTP Restrictions .........................457 Chapter 48 Access Control ..........................458 48.1 Access Control Overview...
  • Page 18 Table of Contents Chapter 51 Syslog Setup .............................486 51.1 Syslog Overview ...........................486 51.2 Syslog Setup ..........................486 Chapter 52 Cluster Management ........................489 52.1 Clustering Management Status Overview ..................489 52.2 Cluster Management Status ......................490 52.2.1 Cluster Member Switch Management ................491 52.3 Clustering Management Configuration ..................493 Chapter 53 MAC Table ............................495 53.1 MAC Table Overview ........................495...
  • Page 19 Table of Contents Chapter 59 IPv6 Neighbor Table..........................508 59.1 IPv6 Neighbor Table Overview .....................508 59.2 Viewing the IPv6 Neighbor Table ....................508 Chapter 60 Troubleshooting..........................510 60.1 Power, Hardware Connections, and LEDs ..................510 60.2 Switch Access and Login ......................511 60.3 Switch Configuration ........................513 Appendix A Common Services ......................514 Appendix B IPv6 ..........................517 Appendix C Customer Support ......................526...

  • Page 20: User's Guide

    User’s Guide...

  • Page 21: Getting To Know Your Switch

    H A PT ER Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction Your Switch is a layer 2+, Gigabit Ethernet (GbE) switch with two power slots for hot-swappable RPS300 or RPS600-HP power modules. The Switch provides four SFP or SFP+ slots for uplink. By integrating router functions, the Switch performs wire-speed layer-3 routing in addition to layer-2 switching.

  • Page 22: Bridging Example

    Chapter 1 Getting to Know Your Switch 1.1.1 Bridging Example In this example the Switch connects different company departments (RD and Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the Switch.

  • Page 23: Gigabit Ethernet To The Desktop

    Chapter 1 Getting to Know Your Switch Figure 2 High Performance Switching 10 Gbps Trunk Branch 1.1.3 Gigabit Ethernet to the Desktop The Switch is an ideal solution for small networks which demand high bandwidth for a group of heavy traffic users. You can connect computers and servers directly to the Switch’s port or connect other switches to the Switch.

  • Page 24: Ipv6 Support

    Chapter 1 Getting to Know Your Switch For more information on VLANs, refer to Chapter 7 on page 101. 1.1.4.1 Tag-based VLAN Example Ports in the same VLAN group share the same frame broadcast domain, thus increasing network performance by reducing broadcast traffic. VLAN groups can be modified at any time by adding, moving or changing ports without any re-cabling.

  • Page 25: Good Habits For Managing The Switch

    Chapter 1 Getting to Know Your Switch • Web Configurator. This is recommended for everyday management of the Switch using a (supported) web browser. See Chapter 4 on page • Command Line Interface. Line commands offer an alternative to the Web Configurator and may be necessary to configure advanced features.

  • Page 26: Hardware Installation And Connection

    H A PT ER Hardware Installation and Connection This chapter shows you how to install and connect the Switch. 2.1 Freestanding Installation Make sure the Switch is clean and dry. Set the Switch on a smooth, level surface strong enough to support the weight of the Switch and the connected cables.

  • Page 27: Mounting The Switch On A Rack

    Chapter 2 Hardware Installation and Connection 2.2 Mounting the Switch on a Rack This section lists the rack mounting requirements and precautions and describes the installation steps of how to mount the Switch in a 19-inch rack with the included rack mounting kit. Note: ZyXEL provides extensible rear mounting brackets (RM400) to install the Switch in a 21-inch, 23-inch or 24-inch rack.

  • Page 28: Mounting The Switch On A Rack

    Chapter 2 Hardware Installation and Connection Slide the rear bracket along the rail and set the bracket in place depending on the depth of the rack. The rear brackets can be used with a 19-inch rack. Rear Bracket Sliding Rail Front Bracket You may now mount the Switch on a rack.

  • Page 29: Power Module Installation

    Chapter 2 Hardware Installation and Connection Rear Front 2.6 Power Module Installation There is one power module installed in the first power slot of the Switch by default. See the Power Module Hardware Installation Guide for how to install a second power module or remove the power module.

  • Page 30: Hardware Overview

    H A PT ER Hardware Overview This chapter describes the front panel and rear panel of the Switch and shows you how to make the hardware connections. 3.1 Front Panel Connections The figure below shows the front panel of the Switch. Figure 6 Front Panel: GS3700 Series GS3700/XGS3700 Series User’s Guide...

  • Page 31: Ethernet Ports

    Chapter 3 Hardware Overview Figure 7 Front Panel: XGS3700 Series The following table describes the ports. Table 2 Panel Connections CONNECTOR DESCRIPTION 24 or 48 10/ Connect these ports to a computer, a hub, an Ethernet switch or router. 100/1000Base-T RJ-45 Ethernet Ports 4 SFP or SFP+...

  • Page 32: Sfp/Sfp+ Slots

    Chapter 3 Hardware Overview • Speed: Auto • Duplex: Auto • Flow control: Off • Dual Personality Interface: Fiber-optic module first 3.1.2 SFP/SFP+ Slots These are four slots for Small Form-Factor Pluggable (SFP) or SFP+ modules, such as an SFP/SFP+ transceiver.

  • Page 33: Management Port

    Chapter 3 Hardware Overview Figure 9 Installed Transceiver 3.1.2.2 Transceiver Removal Use the following steps to remove a transceiver. Open the transceiver’s latch (latch styles vary). Figure 10 Opening the Transceiver’s Latch Example Pull the transceiver out of the slot. Figure 11 Transceiver Removal Example 3.1.3 Management Port The 100Base-T Ethernet MGMT (management) port is used for local management.

  • Page 34: Rear Panel

    Chapter 3 Hardware Overview • No parity, 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the RS-232 console cable to the console port of the Switch. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer. 3.2 Rear Panel The following figures show the rear panels of the Switch.

  • Page 35: Leds

    Chapter 3 Hardware Overview Disconnect the power cord from the power outlet. Disconnect the power cord from the AC power socket. 3.3 LEDs The following table describes the LEDs. Table 3 LEDs COLOR STATUS DESCRIPTION PWR1 Green The system is receiving power from the power module in the first (Power 1) power slot.
  • Page 36 Chapter 3 Hardware Overview Table 3 LEDs (continued) COLOR STATUS DESCRIPTION 1-24 or 1- Green Power is supplied to the PoE port. Power is not supplied to the PoE port. POE (Right) 1G SFP Slots 25-28 or Green Blinking The port is receiving or transmitting data at 1 Gbps. 49-52 The port has a successful 1 Gbps connection.

  • Page 37: The Web Configurator

    H A PT ER The Web Configurator This section introduces the configuration and functions of the web configurator. 4.1 Introduction The web configurator is an HTML-based management interface that allows easy Switch setup and management via Internet browser. Supported browsers at the time of writing are: •...

  • Page 38: The Web Configurator Layout

    Chapter 4 The Web Configurator Figure 13 Web Configurator: Login Click OK to view the first web configurator screen. 4.3 The Web Configurator Layout The Status screen is the first screen that displays when you access the web configurator. This guide uses the XGS3700-48HP screens as an example.
  • Page 39 Chapter 4 The Web Configurator C - Click this link to save your configuration into the Switch’s nonvolatile memory. Nonvolatile memory is saved in the configuration file from which the Switch booted from and it stays the same even if the Switch’s power is turned off. See Section 47.6 on page 452 for information on saving your settings to a specific configuration file.
  • Page 40 Chapter 4 The Web Configurator The following table describes the links in the navigation panel. Table 5 Navigation Panel Links LINK DESCRIPTION Basic Settings System Info This link takes you to a screen that displays general system and hardware monitoring information.
  • Page 41 Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Classifier This link takes you to screens where you can configure the Switch to group packets based on the specified criteria. Policy Rule This link takes you to a screen where you can configure the Switch to perform special treatment on the grouped packets.

  • Page 42: Change Your Password

    Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION DiffServ This link takes you to screens where you can enable DiffServ, configure marking rules and set DSCP-to-IEEE802.1p mappings. DHCP This link takes you to screens where you can configure the DHCP settings. VRRP This link takes you to screens where you can configure redundant virtual router for your network.

  • Page 43: Saving Your Configuration

    Chapter 4 The Web Configurator Figure 15 Change Administrator Login Password 4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off.

  • Page 44: Resetting The Switch

    Chapter 4 The Web Configurator Prevent all services from accessing the Switch. Change a service port number but forget it. Note: Be careful not to lock yourself and others out of the Switch. If you do lock yourself out, try using out-of-band management (via the management port) to configure the Switch.

  • Page 45: Logging Out Of The Web Configurator

    Chapter 4 The Web Configurator Figure 16 Resetting the Switch: Via the Console Port Bootbase Version: V1.00 | 12/11/2012 13:49:40 RAM: Size = 524288 Kbytes DRAM POST: Testing: 524288K DRAM Test SUCCESS ! ZyNOS Version: V4.10(AAGF.5)b1 | 6/5/2014 20:10:8 Press any key to enter debug mode within 3 seconds........

  • Page 46: Technical Reference

    Technical Reference...

  • Page 47: Zon Utility, Zon Neighbor Management And Port Status

    H A PT ER ZON Utility, ZON Neighbor Management and Port Status 5.1 Overview This chapter describes the screens for System Status, ZON Utility, ZON Neighbor Management, Port Status and Port Details. 5.2 Status The Status screen displays when you log into the Switch or click Status at the top right corner of the web configurator.
  • Page 48 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status The following table describes the fields in the above screen. Table 6 Status LABEL DESCRIPTION Device Information Device Type This field displays the model name of this Switch. System Name This field displays the name used to identify the Switch on any network.

  • Page 49: Zyxel One Network (Zon) Utility Screen

    Chapter 5 ZON Utility, ZON Neighbor Management and Port Status 5.3 ZyXEL One Network (ZON) Utility Screen ZON Utility is a program designed to help you deploy and manage a network more efficiently. It detects devices automatically and allows you to do basic settings on devices in the network without having to be near it.
  • Page 50 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Status > Neighbor Figure 20 The following table describes the fields in the above screen. Table 7 Status > Neighbor LABEL DESCRIPTION Local Port This shows the port of the Switch, on which the neighboring device is discovered. Desc.

  • Page 51: Port Status

    Chapter 5 ZON Utility, ZON Neighbor Management and Port Status 5.5 Port Status This screen displays a port statistical summary with links to each port showing statistical details. To view the port statistics, click Status in all web configurator screens and then the Port Status link in the Quick Links section of the Status screen to display the Port Status screen as shown next.

  • Page 52: Port Details

    Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Table 8 Port Status LABEL DESCRIPTION Name This is the name you assigned to this port in the Basic Setting > Port Setup screen. Link This field displays the speed (such as 100M for 100 Mbps, 1000M for 1000 Mbps, or 10G for 10 Gbps) and the duplex (F for full duplex).
  • Page 53 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Figure 23 Port Status: Port Details The following table describes the labels in this screen. Table 9 Port Status: Port Details LABEL DESCRIPTION Port Info Port NO. This field displays the port number you are viewing. In stacking mode, the first number represents the slot and the second the port number.
  • Page 54 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Table 9 Port Status: Port Details (continued) LABEL DESCRIPTION RxPkts This field shows the number of received frames on this port Errors This field shows the number of received errors on this port. Tx KBs/s This field shows the transmission speed of data sent on this port in kilobytes per second.
  • Page 55 Chapter 5 ZON Utility, ZON Neighbor Management and Port Status Table 9 Port Status: Port Details (continued) LABEL DESCRIPTION 256 to 511 This field shows the number of packets (including bad packets) received that were between 256 and 511 octets in length. 512 to 1023 This field shows the number of packets (including bad packets) received that were between 512 and 1023 octets in length.

  • Page 56: Basic Setting

    H A PT ER Basic Setting This chapter describes how to configure the Basic Setting screens. 6.1 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the Switch temperature, fan speeds and voltage in this screen.
  • Page 57 Chapter 6 Basic Setting Figure 24 Basic Setting > System Info (Standalone Mode) GS3700/XGS3700 Series User’s Guide...
  • Page 58 Chapter 6 Basic Setting Figure 25 Basic Setting > System Info (Stacking Mode) The following table describes the labels in these screens. Table 10 Basic Setting > System Info (Standalone and Stacking Modes) LABEL DESCRIPTION System Name This field displays the descriptive name of the Switch for identification purposes. Product Model This field displays the product model of the Switch.

  • Page 59: System Information Stacking Hardware Monitor

    Chapter 6 Basic Setting Table 10 Basic Setting > System Info (Standalone and Stacking Modes) (continued) LABEL DESCRIPTION This field displays the minimum temperature measured at this sensor. Threshold This field displays the upper temperature limit at this sensor. Status This field displays Normal for temperatures below the threshold and Error for those above.
  • Page 60 Chapter 6 Basic Setting Figure 26 Basic Setting > System Info > Hardware Monitor (Stacking Mode) The following table describes the labels in this screen. Table 11 Basic Setting > System Info > Hardware Monitor (Stacking Mode) LABEL DESCRIPTION SLOT This number identifies the Switch in the stack.

  • Page 61: General Setup

    Chapter 6 Basic Setting Table 11 Basic Setting > System Info > Hardware Monitor (Stacking Mode) (continued) LABEL DESCRIPTION Voltage (V) The power supply for each voltage has a sensor that is capable of detecting and reporting if the voltage falls out of the tolerance range. Current This is the current voltage reading.
  • Page 62 Chapter 6 Basic Setting Table 12 Basic Setting > General Setup (continued) LABEL DESCRIPTION Contact Person's Type the name of the person in charge of this Switch. You can use up to 32 printable Name ASCII characters; spaces are allowed. Use Time Server Type the time service protocol that your timeserver uses.

  • Page 63: Introduction To Vlans

    Chapter 6 Basic Setting Table 12 Basic Setting > General Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 64 Chapter 6 Basic Setting Figure 28 Basic Setting > Switch Setup The following table describes the labels in this screen. Table 13 Basic Setting > Switch Setup LABEL DESCRIPTION VLAN Type Choose 802.1Q or Port Based. The VLAN Setup screen changes depending on whether (Standalone you choose 802.1Q VLAN type or Port Based VLAN type in this screen.

  • Page 65: Ip Setup

    Chapter 6 Basic Setting Table 13 Basic Setting > Switch Setup (continued) LABEL DESCRIPTION Priority Queue Assignment IEEE 802.1p defines up to eight separate traffic types by inserting a tag into a MAC-layer frame that contains bits to define class of service. Frames without an explicit priority tag are given the default priority of the ingress port.

  • Page 66: Ip Status Details

    Chapter 6 Basic Setting You can configure up to 128 IP domains which are used to access and manage the Switch from the ports belonging to the pre-defined VLAN(s). Note: You must configure a VLAN first. Each VLAN can only have one management IP address.

  • Page 67: Ip Configuration

    Chapter 6 Basic Setting Figure 31 Basic Setting > IP Setup > IP Status Details: DHCP The following table describes the labels in this screen. Table 16 Basic Setting > IP Setup > IP Status Details: DHCP LABEL DESCRIPTION Type This shows whether ths IP address is dynamically assigned from a DHCP server or manually assigned (Static or DHCP).
  • Page 68 Chapter 6 Basic Setting Figure 32 Basic Setting > IP Setup > IP Configuration The following table describes the labels in this screen. Table 17 Basic Setting > IP Setup > IP Configuration LABEL DESCRIPTION Default Gateway Type the IP address of the default outgoing gateway in dotted decimal notation, for example 192.168.1.254.

  • Page 69: Port Setup

    Chapter 6 Basic Setting Table 17 Basic Setting > IP Setup > IP Configuration (continued) LABEL DESCRIPTION Default Enter the IP address of the default outgoing gateway in dotted decimal notation, for Gateway example, 192.168.0.254 Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 70 Chapter 6 Basic Setting Figure 33 Basic Setting > Port Setup (GS3700 Series) Figure 34 Basic Setting > Port Setup (XGS3700 Series: Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 71 Chapter 6 Basic Setting Figure 35 Basic Setting > Port Setup (XGS3700 Series: Stacking mode) The following table describes the labels in this screen. Table 18 Basic Setting > Port Setup LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot number mode) of the Switch in a stack.

  • Page 72: Poe

    Chapter 6 Basic Setting Table 18 Basic Setting > Port Setup (continued) LABEL DESCRIPTION Speed/Duplex Select the speed and the duplex mode of the Ethernet connection on this port. The choices are Auto, 10M/Half Duplex, 10M/Full Duplex, 100M/Half Duplex and 100M/Full Duplex for a 100Base-T connection.
  • Page 73 Chapter 6 Basic Setting The Switch supports both the IEEE 802.3af Power over Ethernet (PoE) and IEEE 802.3at High Power over Ethernet (PoE) standards. The Switch is Power Sourcing Equipment (PSE) because it provides a source of power via its Ethernet ports, and each device that receives power through an Ethernet port is a Powered Device (PD).
  • Page 74 Chapter 6 Basic Setting Figure 38 Basic Setting > PoE Setup (Stacking mode) The following table describes the labels in this screen. Table 19 Basic Setting > PoE Setup LABEL DESCRIPTION PoE Status PoE Mode This field displays the power management mode used by the Switch, whether it is in Classification or Consumption mode.

  • Page 75: Poe Time Range Status

    Chapter 6 Basic Setting Table 19 Basic Setting > PoE Setup LABEL DESCRIPTION Class This shows the power classification of the PD. This is a number from 0 to 4, where each value represents a range of power (W) and current (mA) that the PD requires to function.

  • Page 76: Poe Setup

    Chapter 6 Basic Setting The following table describes the labels in this screen. Table 20 Basic Setting > PoE Setup > PoE Time Range Status LABEL DESCRIPTION Port This is the number of the port on the Switch. Time Range This field displays the name of the schedule which is applied to the port.
  • Page 77 Chapter 6 Basic Setting Figure 41 Basic Setting > PoE Setup > PoE Setup (Stacking mode) The following table describes the labels in this screen. Table 21 Basic Setting > PoE Setup > PoE Setup LABEL DESCRIPTION PoE Mode Select the power management mode you want the Switch to use. •...
  • Page 78 Chapter 6 Basic Setting Table 21 Basic Setting > PoE Setup > PoE Setup (continued) LABEL DESCRIPTION PD Priority This field is not available for the SFP or SFP+ ports. When the total power requested by the PDs exceeds the total PoE power budget on the Switch, you can set the PD priority to allow the Switch to provide power to ports with higher priority.

  • Page 79: Interface Setup

    Chapter 6 Basic Setting Note: The total power available varies by Switch. Use the show pwr command to see the total power available for your Switch. The number of ports that can be powered by PoE is the (total power available) / (maximum power available per port). In Consumption mode the power available per port is from 1 to 33 watts.

  • Page 80: Ipv6

    Chapter 6 Basic Setting Table 22 Basic Setting > Interface Setup (continued) LABEL DESCRIPTION Index This field displays the index number of an entry. Interface Type This field displays the type of interface. Interface ID This field displays the identification number of the interface. Interface This field displays the interface’s descriptive name which is generated automatically by the Switch.
  • Page 81 Chapter 6 Basic Setting Figure 44 Basic Setting > IPv6 Interface Status The following table describes the labels in this screen. Table 24 Basic Setting > IPv6 Interface Status LABEL DESCRIPTION IPv6 Active This field displays whether the IPv6 interface is activated or not. MTU Size This field displays the Maximum Transmission Unit (MTU) size for IPv6 packets on this interface.
  • Page 82 Chapter 6 Basic Setting Table 24 Basic Setting > IPv6 Interface Status (continued) LABEL DESCRIPTION Link Local This field displays the Switch’s link-local IP address and prefix generated by the interface. It Address also shows whether the IP address is preferred, which means it is a valid address and can be used as a sender or receiver address.

  • Page 83: Ipv6 Configuration

    Chapter 6 Basic Setting 6.9.2 IPv6 Configuration Use this screen to configure IPv6 settings on the Switch. Click the IPv6 Configuration link in the Basic Setting > IPv6 screen. The following screen opens. Figure 45 Basic Setting > IPv6 > IPv6 Configuration The following table describes the labels in this screen.

  • Page 84: Ipv6 Interface Setup

    Chapter 6 Basic Setting Figure 46 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Setup The following table describes the labels in this screen. Table 26 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Setup LABEL DESCRIPTION IPv6 Hop Limit Specify the maximum number of hops (from 1 to 255) in router advertisements.

  • Page 85: Ipv6 Link-Local Address Setup

    Chapter 6 Basic Setting The following table describes the labels in this screen. Table 27 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Interface Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure. Active Select this option to enable the interface. Address Autoconfig Select this option to allow the interface to automatically generate a link-local address via stateless autoconfiguration.

  • Page 86: Ipv6 Global Address Setup

    Chapter 6 Basic Setting Table 28 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Link-Local Address Setup (continued) LABEL DESCRIPTION Default Gateway Set the default gateway IPv6 address for the interface. When an interface cannot find a routing information for a frame’s destination, it forwards the packet to the default gateway.

  • Page 87: Ipv6 Neighbor Discovery Setup

    Chapter 6 Basic Setting Table 29 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Global Address Setup (continued) LABEL DESCRIPTION Index This is the interface index number. Click on an index number to change the settings. Interface This is the name of the IPv6 interface you created. IPv6 Global Address/ This field displays the IPv6 global address and prefix length for the interface.

  • Page 88: Ipv6 Router Discovery Setup

    Chapter 6 Basic Setting Table 30 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Neighbor Discovery Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring.

  • Page 89: Ipv6 Prefix Setup

    Chapter 6 Basic Setting The following table describes the labels in this screen. Table 31 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Router Discovery Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure. Flags Select the Managed Config Flag option to have the Switch set the “managed address configuration”...
  • Page 90 Chapter 6 Basic Setting Figure 52 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Prefix Setup The following table describes the labels in this screen. Table 32 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Prefix Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure.

  • Page 91: Ipv6 Neighbor Setup

    Chapter 6 Basic Setting Table 32 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Prefix Setup (continued) LABEL DESCRIPTION Preferred Lifetime This field displays the preferred lifetime of an IPv6 address generated from the prefix. Delete Check the entry(ies) that you want to remove in the Delete column and then click Delete to remove the selected entry(ies) from the summary table.

  • Page 92: Dhcpv6 Client Setup

    Chapter 6 Basic Setting Table 33 Basic Setting > IPv6 > IPv6 Configuration > IPv6 Neighbor Setup (continued) LABEL DESCRIPTION Cancel Click Cancel to begin configuring this screen afresh. Clear Click Clear to reset the fields to the factory defaults. Index This is the interface index number.

  • Page 93: Stacking

    Chapter 6 Basic Setting Table 34 Basic Setting > IPv6 > IPv6 Configuration > DHCPv6 Client Setup (continued) LABEL DESCRIPTION Options Select DNS to have the Switch obtain DNS server IPv6 addresses and/or select Domain-List to have the Switch obtain a list of domain names from the DHCP server. Information Refresh Specify the time interval (from 600 to 4294967295 seconds) at which the Switch Minimum...

  • Page 94: Stacking Status

    Chapter 6 Basic Setting Table 35 Switch Stacking MODELS WITH STACKING SUPPORT XGS3700-48 XGS3700-48HP Note: Up to 8 Switches per stack are allowed. You can manage each Switch in the stack from a master Switch using its web configurator or console.

  • Page 95: Stacking Slot

    Chapter 6 Basic Setting Figure 57 Basic Setting > Stacking Status The following table describes the labels in this screen. Table 36 Basic Setting > Stacking > Stacking Status LABEL DESCRIPTION Slot ‘Slot’ refers to a Switch in the the ‘virtual chassis’ stack. This field displays the slot ID of the stacked Switch.
  • Page 96 Chapter 6 Basic Setting Figure 58 Basic Setting > Stacking > Stacking Status > Slot number The following table describes the labels in this screen. Table 37 Basic Setting > Stacking > Stacking Status > Slot number LABEL DESCRIPTION Slot This field displays the slot ID of the Switch.

  • Page 97: Stacking Configuration

    Chapter 6 Basic Setting 6.10.3 Stacking Configuration A supported Switch can change between stacking and standalone mode by selecting the Active check box in the Basic Setting > Stacking > Configuration screen. Note: When you change modes, all configurations except user accounts, but including running configuration, config01 and config02 will be erased and the Switch will reboot with a new config01.
  • Page 98 Chapter 6 Basic Setting After reboot completes, the master LED will turn on. Configure the Switch stacking priority to a high value, such as 63. Change a second Switch to stacking mode and wait for it to finish rebooting automatically. This master LED will also turn on.

  • Page 99: Dns

    Chapter 6 Basic Setting The following table describes the labels in this screen. Table 38 Basic Setting > Stacking > Configuration LABEL DESCRIPTION Active Select the Active check box to put the Switch in stacking mode. This will erase the running configuration, config01 and config02.
  • Page 100 Chapter 6 Basic Setting Table 39 Basic Setting > DNS (continued) LABEL DESCRIPTION Server Address Enter a domain name server IPv6/IPv4 address in order to be able to use a domain name instead of an IP address. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring.

  • Page 101: Vlan

    H A PT ER VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen which is only available in standalone mode. The Switch does not support port-based VLANs in stacking mode. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 7.1 Introduction to IEEE 802.1Q Tagged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created.

  • Page 102: Automatic Vlan Registration

    Chapter 7 VLAN 7.2 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 7.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and de-register attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP.

  • Page 103: Port Vlan Trunking

    Chapter 7 VLAN 7.3 Port VLAN Trunking Enable VLAN Trunking on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices.

  • Page 104: Vlan Status

    Chapter 7 VLAN 7.5.1 VLAN Status Section 7.1 on page 101 for more information on 802.1Q VLAN. Click Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown next. Figure 63 Advanced Application > VLAN: VLAN Status The following table describes the labels in this screen.

  • Page 105: Vlan Details

    Chapter 7 VLAN 7.5.2 VLAN Details Use this screen to view detailed port settings and status of the VLAN group. See Section 7.1 on page 101 for more information on 802.1Q VLAN. Click on an index number in the VLAN Status screen to display VLAN details.

  • Page 106: Private Vlan Status

    Chapter 7 VLAN Table 42 Advanced Application > VLAN > VLAN Detail (continued) LABEL DESCRIPTION Port List This shows the ports mapped to the private VLAN using the Advanced Application > Private VLAN or Advanced Application > VLAN > Static VLAN screen. Change Pages Click Previous or Next to show the previous/next screen if all status information cannot be seen in one screen.

  • Page 107: Configure A Static Vlan

    Chapter 7 VLAN Figure 66 Advanced Application > VLAN > VLAN Configuration The following table describes the labels in the above screen. Table 44 Advanced Application > VLAN > VLAN Configuration LABEL DESCRIPTION Static VLAN Setup Click Click Here to configure the Static VLAN for the Switch. VLAN Port Setup Click Click Here to configure the VLAN Port for the Switch.
  • Page 108 Chapter 7 VLAN Figure 67 Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup The following table describes the related labels in this screen. Table 45 Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN settings.

  • Page 109: Configure Vlan Port Settings

    Chapter 7 VLAN Table 45 Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup (continued) LABEL DESCRIPTION Port The port number identifies the port you are configuring. In stacking mode, the first number represents the slot and the second the port number. Settings in this row apply to all ports.
  • Page 110 Chapter 7 VLAN Figure 68 Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup: Standalone mode Figure 69 Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup: Stacking mode GS3700/XGS3700 Series User’s Guide...

  • Page 111: Subnet Based Vlans

    Chapter 7 VLAN The following table describes the labels in this screen. Table 46 Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup: Standalone/ Stacking mode LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network.
  • Page 112 Chapter 7 VLAN subnet it came from. The untagged packets from the same IP subnet are then placed in the same subnet based VLAN. One advantage of using subnet based VLANs is that priority can be assigned to traffic from the same IP subnet. Note: Subnet based VLAN applies to un-tagged packets and is applicable only when you use IEEE 802.1Q tagged VLAN.
  • Page 113 Chapter 7 VLAN Figure 71 Advanced Application > VLAN > VLAN Configuration > Subnet Based VLAN Setup The following table describes the labels in this screen. Table 47 Advanced Application > VLAN > VLAN Configuration > Subnet Based VLAN Setup LABEL DESCRIPTION Active...

  • Page 114: Protocol Based Vlans

    Chapter 7 VLAN Table 47 Advanced Application > VLAN > VLAN Configuration > Subnet Based VLAN Setup LABEL DESCRIPTION This field shows the IP address of the subnet for this subnet based VLAN. Mask-Bits This field shows the subnet mask in bit number format for this subnet based VLAN. This field shows the VLAN ID of the frames which belong to this subnet based VLAN.
  • Page 115 Chapter 7 VLAN Figure 73 Advanced Application > VLAN > VLAN Configuration > Protocol Based VLAN Setup The following table describes the labels in this screen. Table 48 Advanced Application > VLAN > VLAN Configuration > Protocol Based VLAN Setup LABEL DESCRIPTION Active...
  • Page 116 Chapter 7 VLAN Table 48 Advanced Application > VLAN > VLAN Configuration > Protocol Based VLAN Setup LABEL DESCRIPTION Priority This field shows the priority which is assigned to frames belonging to this protocol based VLAN. Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries.

  • Page 117: Port-Based Vlan Setup (Standalone Mode)

    Chapter 7 VLAN 7.8 Port-based VLAN Setup (Standalone Mode) Port-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. Port-based VLANs require allowed outgoing ports to be defined for each port. Therefore, if you wish to allow two subscriber ports to talk to each other, for example, between conference rooms in a hotel, you must define the egress (an egress port is an outgoing port, that is, a port through which a data packet leaves) for both ports.
  • Page 118 Chapter 7 VLAN Figure 75 Advanced Application > VLAN > Port Based VLAN Setup (All Connected) The following screen shows users on a port-based, port-isolated VLAN configuration. GS3700/XGS3700 Series User’s Guide...
  • Page 119 Chapter 7 VLAN Figure 76 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) GS3700/XGS3700 Series User’s Guide...

  • Page 120: Voice Vlan

    Chapter 7 VLAN The following table describes the labels in this screen. Table 49 Advanced Application > VLAN: Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation. All connected means all ports can communicate with each other, that is, there are no virtual LANs.
  • Page 121 Chapter 7 VLAN Figure 77 Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup The following table describes the fields in the above screen. Table 50 Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup LABEL DESCRIPTION Voice VLAN Global Setup Voice VLAN...

  • Page 122: Mac Based Vlan

    Chapter 7 VLAN Table 50 Advanced Application > VLAN > VLAN Configuration > Voice VLAN Setup LABEL DESCRIPTION Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Click Delete to remove the selected entry from the summary table.
  • Page 123 Chapter 7 VLAN Table 51 Advanced Application > VLAN > VLAN Configuration > MAC-based VLAN Setup LABEL DESCRIPTION Priority Type a priority (0-7) for the MAC-based VLAN entry.The higher the numeric value you assign, the higher the priority for this MAC-based VLAN entry. Click Add to save the new MAC-based VLAN entry.

  • Page 124: Static Mac Forward Setup

    H A PT ER Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 8.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your network. 8.2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table.
  • Page 125 Chapter 8 Static MAC Forward Setup Figure 80 Advanced Application > Static MAC Forwarding (Stacking mode) The following table describes the labels in this screen. Table 52 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box.
  • Page 126 Chapter 8 Static MAC Forward Setup Table 52 Advanced Application > Static MAC Forwarding (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the check boxes. GS3700/XGS3700 Series User’s Guide...

  • Page 127: Static Multicast Forward Setup

    H A PT ER Static Multicast Forward Setup Use these screens to configure static multicast address forwarding. 9.1 Static Multicast Forwarding Overview A multicast MAC address is the MAC address of a member of a multicast group. A static multicast address is a multicast MAC address that has been manually entered in the multicast table.

  • Page 128: Configuring Static Multicast Forwarding

    Chapter 9 Static Multicast Forward Setup Figure 83 Static Multicast Forwarding to Multiple Ports 9.2 Configuring Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). Click Advanced Application > Static Multicast Forwarding to display the configuration screen as shown.
  • Page 129 Chapter 9 Static Multicast Forward Setup Table 53 Advanced Application > Static Multicast Forwarding (continued) LABEL DESCRIPTION Port Enter the port(s) where frames with destination MAC address that matched the entry above are forwarded. You can enter multiple ports separated by (no space) comma (,) or hyphen for a range.

  • Page 130: Filtering

    HAPTER Filtering This chapter discusses MAC address port filtering. 10.1 Configure a Filtering Rule Configure the Switch to filter traffic based on the traffic’s source, destination MAC addresses and/or VLAN group (ID). Click Advanced Application > Filtering in the navigation panel to display the screen as shown next.
  • Page 131 Chapter 10 Filtering Table 54 Advanced Application > FIltering (continued) LABEL DESCRIPTION Action Select Discard source to drop frames from the source MAC address (specified in the MAC field). The Switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address).

  • Page 132: Spanning Tree Protocol

    HAPTER Spanning Tree Protocol The Switch supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol •...

  • Page 133: How Stp Works

    Chapter 11 Spanning Tree Protocol Table 55 STP Path Costs RECOMMENDED RECOMMENDED LINK SPEED ALLOWED RANGE VALUE RANGE Path Cost 1Gbps 3 to 10 1 to 65535 Path Cost 10Gbps 1 to 5 1 to 65535 On each bridge, the bridge communicates with the root through the root port. The root port is the port on this Switch with the lowest path cost to the root (the root path cost).

  • Page 134: Multiple Stp

    Chapter 11 Spanning Tree Protocol In the following example, there are two RSTP instances (MRSTP1 and MRSTP2) on switch A. Figure 86 MRSTP Network Example To set up MRSTP, activate MRSTP on the Switch and specify which port(s) belong to which spanning tree.
  • Page 135 Chapter 11 Spanning Tree Protocol Figure 87 STP/RSTP Network Example VLAN 1 VLAN 2 With MSTP, VLANs 1 and 2 are mapped to different spanning trees in the network. Thus traffic from the two VLANs travel on different paths. The following figure shows the network example using MSTP.

  • Page 136: Spanning Tree Protocol Status Screen

    Chapter 11 Spanning Tree Protocol 11.1.5.3 MST Instance An MST Instance (MSTI) is a spanning tree instance. VLANs can be configured to run on a specific MSTI. Each created MSTI is identified by a unique number (known as an MST ID) known internally to a region.

  • Page 137: Spanning Tree Configuration

    Chapter 11 Spanning Tree Protocol Figure 91 Advanced Application > Spanning Tree Protocol (Standalone mode) Figure 92 Advanced Application > Spanning Tree Protocol (Stacking mode) This screen differs depending on which STP mode (RSTP, MRSTP or MSTP) you configure on the Switch.

  • Page 138: Configure Rapid Spanning Tree Protocol

    Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 57 Advanced Application > Spanning Tree Protocol > Configuration LABEL DESCRIPTION Spanning Tree You can activate one of the STP modes on the Switch. Mode Select Rapid Spanning Tree, Multiple Rapid Spanning Tree or Multiple Spanning Tree.
  • Page 139 Chapter 11 Spanning Tree Protocol Figure 95 Advanced Application > Spanning Tree Protocol > RSTP (Stacking mode) The following table describes the labels in this screen. Table 58 Advanced Application > Spanning Tree Protocol > RSTP LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 96 on page 141).
  • Page 140 Chapter 11 Spanning Tree Protocol Table 58 Advanced Application > Spanning Tree Protocol > RSTP (continued) LABEL DESCRIPTION Max Age This is the maximum time (in seconds) a switch can wait without receiving a BPDU before attempting to reconfigure. All switch ports (except for designated ports) should receive BPDUs at regular intervals.

  • Page 141: Rapid Spanning Tree Protocol Status

    Chapter 11 Spanning Tree Protocol 11.5 Rapid Spanning Tree Protocol Status Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 11.1 on page 132 for more information on RSTP. Note: This screen is only available after you activate RSTP on the Switch.

  • Page 142: Configure Multiple Rapid Spanning Tree Protocol

    Chapter 11 Spanning Tree Protocol Table 59 Advanced Application > Spanning Tree Protocol > Status: RSTP (continued) LABEL DESCRIPTION Port State This field displays the port state in STP. • Discarding - The port does not forward/process received frames or learn MAC addresses, but still listens for BPDUs.
  • Page 143 Chapter 11 Spanning Tree Protocol Figure 97 Advanced Application > Spanning Tree Protocol > MRSTP (Standalone mode) Figure 98 Advanced Application > Spanning Tree Protocol > MRSTP (Stacking mode) GS3700/XGS3700 Series User’s Guide...
  • Page 144 Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 60 Advanced Application > Spanning Tree Protocol > MRSTP LABEL DESCRIPTION Status Click Status to display the MRSTP Status screen (see Figure 99 on page 145).

  • Page 145: Multiple Rapid Spanning Tree Protocol Status

    Chapter 11 Spanning Tree Protocol Table 60 Advanced Application > Spanning Tree Protocol > MRSTP (continued) LABEL DESCRIPTION Root Guard Select this check box to enable root guard on this port in order to prevent the switch(es) (Standalone attached to the port from becoming the root bridge. mode) With root guard enabled, a port is blocked when the Switch receives a superior BPDU on it.
  • Page 146 Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 61 Advanced Application > Spanning Tree Protocol > Status: MRSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click MRSTP to edit MRSTP settings on the Switch.

  • Page 147: Configure Multiple Spanning Tree Protocol

    Chapter 11 Spanning Tree Protocol Table 61 Advanced Application > Spanning Tree Protocol > Status: MRSTP (continued) LABEL DESCRIPTION Designated Cost This field displays the path cost to the LAN segment to which the port is connected when the port is a designated port. Otherwise, it displays the path cost to the root bridge from the designated port for the LAN segament to which this port is connected.
  • Page 148 Chapter 11 Spanning Tree Protocol Figure 100 Advanced Application > Spanning Tree Protocol > MSTP (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 149 Chapter 11 Spanning Tree Protocol Figure 101 Advanced Application > Spanning Tree Protocol > MSTP (Stacking mode) The following table describes the labels in this screen. Table 62 Advanced Application > Spanning Tree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 104 on page 154).
  • Page 150 Chapter 11 Spanning Tree Protocol Table 62 Advanced Application > Spanning Tree Protocol > MSTP (continued) LABEL DESCRIPTION MaxAge This is the maximum time (in seconds) a switch can wait without receiving a BPDU before attempting to reconfigure. All switch ports (except for designated ports) should receive BPDUs at regular intervals.

  • Page 151: Multiple Spanning Tree Protocol Port Configuration

    Chapter 11 Spanning Tree Protocol Table 62 Advanced Application > Spanning Tree Protocol > MSTP (continued) LABEL DESCRIPTION Active Select this check box to add this port to the MST instance. Priority Configure the priority for each port here. Priority decides which port should be disabled when more than one port forms a loop in the Switch.
  • Page 152 Chapter 11 Spanning Tree Protocol Figure 102 Advanced Application > Spanning Tree Protocol > MSTP > Port (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 153 Chapter 11 Spanning Tree Protocol Figure 103 Advanced Application > Spanning Tree Protocol > MSTP > Port (Stacking mode) The following table describes the labels in this screen. Table 63 Advanced Application > Spanning Tree Protocol > MSTP > Port LABEL DESCRIPTION Slot (Stacking...

  • Page 154: Multiple Spanning Tree Protocol Status

    Chapter 11 Spanning Tree Protocol Table 63 Advanced Application > Spanning Tree Protocol > MSTP > Port (continued) LABEL DESCRIPTION Root Guard Select this check box to enable root guard on this port in order to prevent the switch(es) (Standalone attached to the port from becoming the root bridge.
  • Page 155 Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 64 Advanced Application > Spanning Tree Protocol > Status: MSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click MSTP to edit MSTP settings on the Switch.
  • Page 156 Chapter 11 Spanning Tree Protocol Table 64 Advanced Application > Spanning Tree Protocol > Status: MSTP (continued) LABEL DESCRIPTION Port State This field displays the port state in STP. • Discarding - The port does not forward/process received frames or learn MAC addresses, but still listens for BPDUs.

  • Page 157: Bandwidth Control

    HAPTER Bandwidth Control This chapter shows you how to cap the maximum bandwidth using the Bandwidth Control screen. 12.1 Bandwidth Control Overview Bandwidth control means defining a maximum allowable bandwidth for incoming and/or out-going traffic flows on a port. 12.1.1 CIR and PIR The Committed Information Rate (CIR) is the guaranteed bandwidth for the incoming traffic flow on a port.
  • Page 158 Chapter 12 Bandwidth Control Figure 105 Advanced Application > Bandwidth Control (Standalone mode) Figure 106 Advanced Application > Bandwidth Control (Stacking mode) The following table describes the related labels in this screen. Table 65 Advanced Application > Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the Switch.
  • Page 159 Chapter 12 Bandwidth Control Table 65 Advanced Application > Bandwidth Control (continued) LABEL DESCRIPTION Port This field displays the port number. In stacking mode, the first box field is the slot ID and the (Standalone or second field is the port number. stacking mode) Settings in this row apply to all ports.

  • Page 160: Broadcast Storm Control

    HAPTER Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 13.1 Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
  • Page 161 Chapter 13 Broadcast Storm Control Figure 108 Advanced Application > Broadcast Storm Control (Stacking mode) The following table describes the labels in this screen. Table 66 Advanced Application > Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature.

  • Page 162: Mirroring

    HAPTER Mirroring This chapter discusses port mirroring setup screens. 14.1 Port Mirroring Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. The Switch supports both local port mirroring and remote port mirroring.
  • Page 163 Chapter 14 Mirroring Single-Destination RMirror If the mirrored traffic is forwarded to one single destination switch, you can disable the reflector port. The Switch adds RMirror VLAN tag and forwards mirrored traffic from the mirroring port to the connected port directly. Source Intermediate Destination...
  • Page 164 Chapter 14 Mirroring Port Rules in Port Mirroring The following table shows the rule for a port in remote port mirroring. For example, a port on the source device can be a mirroring port in both RMirror VLAN 1 and RMirror VLAN 2. But when the port is the source device’s mirroring port in RMirror VLAN 1, it cannot be the reflector port or monitor port in another RMirror VLAN.

  • Page 165: Local Port Mirroring

    Chapter 14 Mirroring 14.1.1 Local Port Mirroring Click Advanced Application > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 109 Advanced Application >...
  • Page 166 Chapter 14 Mirroring Figure 110 Advanced Application > Mirroring (Stacking mode) The following table describes the labels in this screen. Table 69 Advanced Application > Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the Switch. Clear this check box to disable the feature.

  • Page 167: Remote Port Mirroring

    Chapter 14 Mirroring Table 69 Advanced Application > Mirroring (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 168: Source

    Chapter 14 Mirroring 14.1.3 Source Use this screen to configure the reflector port and specify the traffic flow to be copied to the monitor port when the Switch is the source device in remote port mirroring. Click the Source link in the RMirror screen. The following screen opens. Figure 112 Advanced Application >...
  • Page 169 Chapter 14 Mirroring Figure 113 Advanced Application > Mirroring > RMirror > Source (Stacking mode) The following table describes the labels in this screen. Table 71 Advanced Application > Mirroring > RMirror > Source LABEL DESCRIPTION RMirror VLAN ID Select the RMirror VLAN over which the mirrored traffic is forwarded. Priority Enter the priority of the mirrored traffic.

  • Page 170: Destination

    Chapter 14 Mirroring Table 71 Advanced Application > Mirroring > RMirror > Source (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.

  • Page 171: Connected Port

    Chapter 14 Mirroring The following table describes the labels in this screen. Table 72 Advanced Application > Mirroring > RMirror > Destination LABEL DESCRIPTION RMirror VLAN ID Select the RMirror VLAN over which the mirrored traffic is forwarded. Monitor Port Specify the port to which you copy the traffic in order to examine it in more detail without interfering with the traffic flow on the original port(s).
  • Page 172 Chapter 14 Mirroring Figure 115 Advanced Application > Mirroring > RMirror > Connected Port (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 173 Chapter 14 Mirroring Figure 116 Advanced Application > Mirroring > RMirror > Connected Port (Stacking mode) The following table describes the labels in this screen. Table 73 Advanced Application > Mirroring > RMirror > Connected Port LABEL DESCRIPTION RMirror VLAN ID Select the RMirror VLAN over which the mirrored traffic is forwarded.
  • Page 174 Chapter 14 Mirroring Table 73 Advanced Application > Mirroring > RMirror > Connected Port (continued) LABEL DESCRIPTION Connected Port When the Switch is a source device in remote port mirroring, select this option to have the port help forward mirrored traffic to the connected port of the intermediate or destination device in the same RMirror VLAN.

  • Page 175: Link Aggregation

    HAPTER Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higher- bandwidth link. 15.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link. You may want to trunk ports if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly, single-port link.

  • Page 176: Link Aggregation Id

    Chapter 15 Link Aggregation Configure trunk groups or LACP before you connect the Ethernet switch to avoid causing network topology loops. 15.2.1 Link Aggregation ID LACP aggregation ID consists of the following information. Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port.

  • Page 177: Link Aggregation Setting

    Chapter 15 Link Aggregation The following table describes the labels in this screen. Table 76 Advanced Application > Link Aggregation Status LABEL DESCRIPTION Group ID This field displays the group ID to identify a trunk group, that is, one logical link containing multiple ports.
  • Page 178 Chapter 15 Link Aggregation Figure 118 Advanced Application > Link Aggregation > Link Aggregation Setting (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 179 Chapter 15 Link Aggregation Figure 119 Advanced Application > Link Aggregation > Link Aggregation Setting (Stacking mode) The following table describes the labels in this screen. Table 77 Advanced Application > Link Aggregation > Link Aggregation Setting LABEL DESCRIPTION Link This is the only screen you need to configure to enable static link aggregation.

  • Page 180: Link Aggregation Control Protocol

    Chapter 15 Link Aggregation Table 77 Advanced Application > Link Aggregation > Link Aggregation Setting (continued) LABEL DESCRIPTION Active Select this option to activate a trunk group. Criteria Select the outgoing traffic distribution type. Packets from the same source and/or to the same destination are sent over the same link within the trunk.
  • Page 181 Chapter 15 Link Aggregation Figure 120 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 182 Chapter 15 Link Aggregation Figure 121 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (Stacking mode) The following table describes the labels in this screen. Table 78 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP LABEL DESCRIPTION Link...

  • Page 183: Static Trunking Example

    Chapter 15 Link Aggregation Table 78 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP (continued) LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot number mode) of the Switch in a stack. Port This field displays the port number.
  • Page 184 Chapter 15 Link Aggregation Figure 123 Trunking Example - Configuration Screen EXAMPLE Your trunk group 1 (T1) configuration is now complete. GS3700/XGS3700 Series User’s Guide...

  • Page 185: Port Authentication

    HAPTER Port Authentication This chapter describes the IEEE 802.1x and MAC authentication methods. 16.1 Port Authentication Overview Port authentication is a way to validate access to ports on the Switch to clients based on an external server (authentication server). The Switch supports the following methods for port authentication: IEEE 802.1x - An authentication server validates access to a port based on a username and password provided by the user.

  • Page 186: Mac Authentication

    Chapter 16 Port Authentication Figure 124 IEEE 802.1x Authentication Process New Connection Identity Request Login Credentials Authentication Request Access Challenge Challenge Request Challenge Response Access Request Authentication Reply Session Granted/Denied 16.1.2 MAC Authentication MAC authentication works in a very similar way to IEEE 802.1x authentication. The main difference is that the Switch does not prompt the client for login credentials.

  • Page 187: Port Authentication Configuration

    Chapter 16 Port Authentication Figure 125 MAC Authentication Process New Connection Authentication Request Authentication Reply Session Granted/Denied 16.2 Port Authentication Configuration To enable port authentication, first activate the port authentication method(s) you want to use (both on the Switch and the port(s)), then configure the RADIUS server settings in the AAA > Radius Server Setup screen.
  • Page 188 Chapter 16 Port Authentication Figure 127 Advanced Application > Port Authentication > 802.1x (Standalone mode) Figure 128 Advanced Application > Port Authentication > 802.1x (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 189: Guest Vlan

    Chapter 16 Port Authentication The following table describes the labels in this screen. Table 79 Advanced Application > Port Authentication > 802.1x LABEL DESCRIPTION Active Select this check box to permit 802.1x authentication on the Switch. Note: You must first enable 802.1x authentication on the Switch before configuring it on each port.
  • Page 190 Chapter 16 Port Authentication Figure 129 Guest VLAN Example VLAN 100 VLAN 102 Internet Use this screen to enable and assign a guest VLAN to a port. In the Port Authentication > 802.1x screen click Guest Vlan to display the configuration screen as shown. Figure 130 Advanced Application >...
  • Page 191 Chapter 16 Port Authentication Figure 131 Advanced Application > Port Authentication > 802.1x > Guest VLAN (Stacking mode) The following table describes the labels in this screen. Table 80 Advanced Application > Port Authentication > 802.1x > Guest VLAN LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode.

  • Page 192: Activate Mac Authentication

    Chapter 16 Port Authentication Table 80 Advanced Application > Port Authentication > 802.1x > Guest VLAN (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 193 Chapter 16 Port Authentication Figure 133 Advanced Application > Port Authentication > MAC Authentication (Stacking mode) The following table describes the labels in this screen. Table 81 Advanced Application > Port Authentication > MAC Authentication LABEL DESCRIPTION Active Select this check box to permit MAC authentication on the Switch. Note: You must first enable MAC authentication on the Switch before configuring it on each port.
  • Page 194 Chapter 16 Port Authentication Table 81 Advanced Application > Port Authentication > MAC Authentication (continued) LABEL DESCRIPTION Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them.

  • Page 195: Port Security

    HAPTER Port Security This chapter shows you how to set up port security. 17.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. The Switch can learn up to 32K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 32K.
  • Page 196 Chapter 17 Port Security Figure 134 Advanced Application > Port Security (Standalone mode) Figure 135 Advanced Application > Port Security (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 197: Vlan Mac Address Limit

    Chapter 17 Port Security The following table describes the labels in this screen. Table 82 Advanced Application > Port Security LABEL DESCRIPTION Port List Enter the number of the port(s) (separated by a comma) on which you want to enable port security and disable MAC address learning.
  • Page 198 Chapter 17 Port Security Figure 136 Advanced Application > Port Security > VLAN MAC Address Limit The following table describes the labels in this screen. Table 83 Advanced Application > Port Security > VLAN MAC Address Limit LABEL DESCRIPTION Active Select this option to activate this rule.

  • Page 199: Time Range

    HAPTER Time Range This chapter shows you how to set up a time range for time-oriented features on the Switch. 18.1 About Time Range You can set a time range for time-oriented features such as Classifier ACL (Access Control List) rule which categorizes data packets into different network traffic flow.
  • Page 200 Chapter 18 Time Range The following table describes the labels in this screen. Table 84 Advanced Application > Time Range LABEL DESCRIPTION Name Type a name for this time range rule. Type Select a time range type. Absolute is a fixed time range that has a set start and end date. Periodic is recurrence of a time range.

  • Page 201: Classifier

    HAPTER Classifier This chapter introduces and shows you how to configure the packet classifier on the Switch. 19.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth.

  • Page 202: Classifier Configuration

    Chapter 19 Classifier Figure 138 Advanced Application > Classifier > Classifier Status The following table describes the labels in this screen. Table 85 Advanced Application > Classifier > Classifier Status LABEL DESCRIPTION Index This field displays the index number of the Classifier rule. Active This field displays Yes when the rule is activated and No when it is deactivated.
  • Page 203 Chapter 19 Classifier Figure 139 Advanced Application > Classifier > Classifier Configuration The following table describes the labels in this screen. Table 86 Advanced Application > Classifier > Classifier Configuration LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes.
  • Page 204 Chapter 19 Classifier Table 86 Advanced Application > Classifier > Classifier Configuration (continued) LABEL DESCRIPTION Weight Enter a number between 0 and 65535 to specify the rule’s weight. When the match order is in manual mode in the Classifier Global Setting screen, a higher weight means a higher priority.
  • Page 205 Chapter 19 Classifier Table 86 Advanced Application > Classifier > Classifier Configuration (continued) LABEL DESCRIPTION MAC Address Select Any to apply the rule to all MAC addresses. To specify a source, select MAC/Mask to enter the source MAC address of the packet in valid MAC address format (six hexadecimal character pairs) and type the mask for the specified MAC address to determine which bits a packet’s MAC address should match.

  • Page 206: Viewing And Editing Classifier Configuration

    Chapter 19 Classifier Table 86 Advanced Application > Classifier > Classifier Configuration (continued) LABEL DESCRIPTION Click this to create a new entry or to update an existing one. This saves your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 207: Classifier Global Setting Configuration

    Chapter 19 Classifier Table 88 Common Ethernet Types and Protocol Number ETHERNET TYPE PROTOCOL NUMBER X.25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 Some of the most common IP ports are: Table 89 Common IP Ports PORT NUMBER PORT NAME...

  • Page 208: Classifier Example

    Chapter 19 Classifier Table 90 Advanced Application > Classifier > Classifier Configuration > Classifier Global Setting LABEL DESCRIPTION Active Select this to allow the Switch to create a log when packets match a classifier rule during a defined time interval. Interval Select the length of the time period (in seconds) to count matched packets for a classifier rule.
  • Page 209 Chapter 19 Classifier Figure 142 Classifier: Example EXAMPLE After you have configured a classifier, you can configure a policy to define action(s) on the classified traffic flow. See Chapter 20 on page 210 for information on configuring a policy rule. GS3700/XGS3700 Series User’s Guide...

  • Page 210: Policy Rule

    HAPTER Policy Rule This chapter shows you how to configure policy rules. 20.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria (refer to Chapter 19 on page 201 for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network.
  • Page 211 Chapter 20 Policy Rule Click Advanced Application > Policy Rule in the navigation panel to display the screen as shown. Figure 143 Advanced Application > Policy Rule The following table describes the labels in this screen. Table 91 Advanced Application > Policy Rule LABEL DESCRIPTION Active...
  • Page 212 Chapter 20 Policy Rule Table 91 Advanced Application > Policy Rule (continued) LABEL DESCRIPTION Parameters Set the fields below for this policy. You only have to set the field(s) that is related to the action(s) you configure in the Action field. General Egress Port Type the number of an outgoing port.

  • Page 213: Policy Example

    Chapter 20 Policy Rule Table 91 Advanced Application > Policy Rule (continued) LABEL DESCRIPTION Metering Select Enable to activate bandwidth limitation on the traffic flow(s) then set the actions to be taken on out-of-profile packets. Out-of-profile Select the action(s) to be performed for out-of-profile traffic. action Select Drop the packet to discard the out-of-profile traffic.
  • Page 214 Chapter 20 Policy Rule Figure 144 Policy Example EXAMPLE GS3700/XGS3700 Series User’s Guide...

  • Page 215: Queuing Method

    HAPTER Queuing Method This chapter introduces the queuing methods supported. 21.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.

  • Page 216: Weighted Round Robin Scheduling (Wrr)

    Chapter 21 Queuing Method 21.1.3 Weighted Round Robin Scheduling (WRR) Round Robin Scheduling services queues on a rotating basis and is activated only when a port has more traffic than it can handle. A queue is given an amount of bandwidth irrespective of the incoming traffic on that port.
  • Page 217 Chapter 21 Queuing Method Figure 146 Advanced Application > Queuing Method (Stacking mode) The following table describes the labels in this screen. Table 92 Advanced Application > Queuing Method LABEL DESCRIPTION Slot This field appears only in stacking mode. Click the drop-down list to choose the slot number of (Stacking the Switch in a stack.
  • Page 218 Chapter 21 Queuing Method Table 92 Advanced Application > Queuing Method (continued) LABEL DESCRIPTION Hybrid- This field is applicable only when you select WFQ or WRR. Select a queue (Q0 to Q7) to have the Switch use SPQ to service the subsequent queue(s) after Lowest- and including the specified queue for the 1000Base-T, 1000Base-X and 10 Gigabit Ethernet Queue...

  • Page 219: Vlan Stacking

    HAPTER VLAN Stacking This chapter shows you how to configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN 22.1 VLAN Stacking Overview A service provider can use VLAN stacking to allow it to distinguish multiple customers VLANs, even those with the same (customer-assigned) VLAN ID, within its network.

  • Page 220: Vlan Stacking Port Roles

    Chapter 22 VLAN Stacking Figure 147 VLAN Stacking Example 22.2 VLAN Stacking Port Roles Each port can have three VLAN stacking “roles”, Normal, Access Port and Tunnel Port (the latter is for Gigabit ports only). • Select Normal for “regular” (non-VLAN stacking) IEEE 802.1Q frame switching. •...

  • Page 221: Frame Format

    Chapter 22 VLAN Stacking Type is a standard Ethernet type code identifying the frame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provider Tag Protocol Identifier) is the service provider VLAN stacking tag type. Many vendors use 0x8100 or 0x9100. TPID (Tag Protocol Identifier) is the customer IEEE 802.1Q tag.
  • Page 222 Chapter 22 VLAN Stacking Figure 148 Advanced Application > VLAN Stacking (Standalone mode) Figure 149 Advanced Application > VLAN Stacking (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 223: Port-Based Q-In-Q

    Chapter 22 VLAN Stacking The following table describes the labels in this screen. Table 96 Advanced Application > VLAN Stacking LABEL DESCRIPTION Active Select this checkbox to enable VLAN stacking on the Switch. Slot This field appears only in stacking mode. Click the drop-down list to choose the slot number of (Stacking the Switch in a stack.
  • Page 224 Chapter 22 VLAN Stacking Figure 150 Advanced Application > VLAN Stacking > Port-based QinQ (Standalone mode) Figure 151 Advanced Application > VLAN Stacking > Port-based QinQ (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 225: Selective Q-In-Q

    Chapter 22 VLAN Stacking The following table describes the labels in this screen. Table 97 Advanced Application > VLAN Stacking > Port-based QinQ LABEL DESCRIPTION Slot This field appears only in stacking mode. Click the drop-down list to choose the slot number of (Stacking the Switch in a stack.
  • Page 226 Chapter 22 VLAN Stacking The following table describes the labels in this screen. Table 98 Advanced Application > VLAN Stacking > Selective QinQ LABEL DESCRIPTION Active Check this box to activate this rule. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes. Port The port number identifies the port you are configuring.

  • Page 227: Multicast

    HAPTER Multicast This chapter shows you how to configure various multicast features. 23.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.

  • Page 228: Igmp Snooping

    Chapter 23 Multicast 23.1.3 IGMP Snooping The Switch can passively snoop on IGMP packets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP packets passing through it, picks out the group registration information, and configures multicasting accordingly. IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them.

  • Page 229: Mld Messages

    Chapter 23 Multicast one query from a router (X) or MLD Done or Report message from any upstream port, it will be broadcast to all connected upstream ports. Query Report Done 23.1.6 MLD Messages A multicast router or switch periodically sends general queries to MLD hosts to update the multicast forwarding table.

  • Page 230: Ipv4 Multicast Status

    Chapter 23 Multicast The following table describes the labels in this screen. Table 99 Advanced Application > Multicast Setup LABEL DESCRIPTION IPv4 Multicast Click the link to open screens where you can configure IGMP snooping and IGMP filtering for IPv4. IPv6 Multicast Click the link to open screens where you can configure MLD snooping and MLD filtering for IPv6.
  • Page 231 Chapter 23 Multicast Figure 155 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (Standalone mode) Figure 156 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (Stacking mode) GS3700/XGS3700 Series User’s Guide...
  • Page 232 Chapter 23 Multicast The following table describes the labels in this screen. Table 101 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP snooping. Active Select Active to enable IGMP Snooping to forward group multicast traffic only to ports that are members of that group.
  • Page 233 Chapter 23 Multicast Table 101 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping (continued) LABEL DESCRIPTION Normal Leave Enter an IGMP normal leave timeout value (from 200 to 6,348,800) in miliseconds. Select this option to have the Switch use this timeout to update the forwarding table for the port. In normal leave mode, when the Switch receives an IGMP leave message from a host on a port, it forwards the message to the multicast router.

  • Page 234: Igmp Snooping Vlan

    Chapter 23 Multicast 23.3.2 IGMP Snooping VLAN Click Advanced Application > Multicast > IPv4 Multicast in the navigation panel. Click the IGMP Snooping link and then the IGMP Snooping VLAN link to display the screen as shown. See Section 23.1.4 on page 228 for more information on IGMP Snooping VLAN.

  • Page 235: Igmp Filtering Profile

    Chapter 23 Multicast Table 102 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Snooping VLAN (continued) LABEL DESCRIPTION Click this to create a new entry or to update an existing one. This saves your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 236: Ipv6 Multicast Status

    Chapter 23 Multicast The following table describes the labels in this screen. Table 103 Advanced Application > Multicast > IPv4 Multicast > IGMP Snooping > IGMP Filtering Profile LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes. To configure additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range.

  • Page 237: Mld Snooping-Proxy

    Chapter 23 Multicast The following table describes the labels in this screen. Table 104 Advanced Application > Multicast > IPv6 Multicast LABEL DESCRIPTION Index This is the index number of the entry. This field displays the multicast VLAN ID. Port This field displays the port number that belongs to the multicast group.
  • Page 238 Chapter 23 Multicast Figure 161 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN The following table describes the labels in this screen. Table 106 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN LABEL DESCRIPTION Enter the ID number of the VLAN on which you want to enable MLD snooping-proxy and...

  • Page 239: Mld Snooping-Proxy Vlan Port Role Setting

    Chapter 23 Multicast Table 106 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN LABEL DESCRIPTION Last Member Enter the amount of time (in miliseconds) between the MLD group-specific queries sent Query Interval by an upstream port when an MLD Done message is received. This value should be exactly the same as what’s configured in the connected multicast router.
  • Page 240 Chapter 23 Multicast Figure 162 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN > Port Role Setting (Standalone mode) Figure 163 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN > Port Role Setting (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 241: Mld Snooping-Proxy Filtering

    Chapter 23 Multicast The following table describes the labels in this screen. Table 107 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > VLAN > Port Role Setting LABEL DESCRIPTION MLD Snooping- Select the VLAN ID for which you want to configure a port’s MLD snooping-proxy settings. proxy VLAN ID Slot (Stacking This field appears only in stacking mode.
  • Page 242 Chapter 23 Multicast Figure 164 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering (Standalone mode) Figure 165 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 243: Mld Snooping-Proxy Filtering Profile

    Chapter 23 Multicast The following table describes the labels in this screen. Table 108 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering LABEL DESCRIPTION Active Select this option to enable MLD filtering on the Switch. Slot (Stacking This field appears only in stacking mode.

  • Page 244: Mvr Overview

    Chapter 23 Multicast The following table describes the labels in this screen. Table 109 Advanced Application > Multicast > IPv6 Multicast > MLD Snooping-proxy > Filtering > Filtering Profile LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes. To configure additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range.

  • Page 245: Types Of Mvr Ports

    Chapter 23 Multicast Figure 167 MVR Network Example VLAN 1 Multicast VLAN VLAN 2 VLAN 3 23.5.1 Types of MVR Ports In MVR, a source port is a port on the Switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic.

  • Page 246: General Mvr Configuration

    Chapter 23 Multicast Figure 168 MVR Multicast Television Example VLAN 1 Multicast VLAN 23.6 General MVR Configuration Use the MVR screen to create multicast VLANs and select the receiver port(s) and a source port for each multicast VLAN. Click Advanced Application > Multicast > MVR to display the screen as shown next.
  • Page 247 Chapter 23 Multicast Figure 170 Advanced Application > Multicast > MVR (Stacking mode) The following table describes the related labels in this screen. Table 110 Advanced Application > Multicast > MVR LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be shared among different subscriber VLANs on the network.

  • Page 248: Mvr Group Configuration

    Chapter 23 Multicast Table 110 Advanced Application > Multicast > MVR (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
  • Page 249 Chapter 23 Multicast Figure 171 Advanced Application > Multicast > MVR > Group Configuration The following table describes the labels in this screen. Table 111 Advanced Application > Multicast > MVR > Group Configuration LABEL DESCRIPTION Multicast VLAN Select a multicast VLAN ID (that you configured in the MVR screen) from the drop-down list box.

  • Page 250: Mvr Configuration Example

    Chapter 23 Multicast Table 111 Advanced Application > Multicast > MVR > Group Configuration (continued) LABEL DESCRIPTION Delete Select the entry(ies) that you want to remove, then click the Delete button to remove the selected entry(ies) from the table. If you delete a multicast VLAN, all multicast groups in this VLAN will also be removed. Cancel Select Cancel to clear the checkbox(es) in the table.
  • Page 251 Chapter 23 Multicast Figure 173 MVR Configuration Example EXAMPLE To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two IPv4 multicast groups (News and Movie) are configured for the multicast VLAN 200. Figure 174 MVR Group Configuration Example EXAMPLE GS3700/XGS3700 Series User’s Guide...
  • Page 252 Chapter 23 Multicast Figure 175 MVR Group Configuration Example EXAMPLE GS3700/XGS3700 Series User’s Guide...

  • Page 253: Aaa

    HAPTER This chapter describes how to configure authentication, authorization and accounting settings on the Switch. 24.1 Authentication, Authorization and Accounting (AAA) Authentication is the process of determining who a user is and validating access to the Switch. The Switch can authenticate users who try to log in based on user accounts configured on the Switch itself.

  • Page 254: Radius And Tacacs

    Chapter 24 AAA 24.1.2 RADIUS and TACACS+ RADIUS and TACACS+ are security protocols used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of the device.
  • Page 255 Chapter 24 AAA Figure 178 Advanced Application > AAA > RADIUS Server Setup The following table describes the labels in this screen. Table 113 Advanced Application > AAA > RADIUS Server Setup LABEL DESCRIPTION Authentication Use this section to configure your RADIUS authentication settings. Server Mode This field only applies if you configure multiple RADIUS servers.

  • Page 256: Tacacs+ Server Setup

    Chapter 24 AAA Table 113 Advanced Application > AAA > RADIUS Server Setup (continued) LABEL DESCRIPTION IP Address Enter the IP address of an external RADIUS accounting server in dotted decimal notation. UDP Port The default port of a RADIUS accounting server for accounting is 1813. You need not change this value unless your network administrator instructs you to do so.

  • Page 257: Aaa Setup

    Chapter 24 AAA The following table describes the labels in this screen. Table 114 Advanced Application > AAA > TACACS+ Server Setup LABEL DESCRIPTION Authentication Use this section to configure your TACACS+ authentication settings. Server Mode This field is only valid if you configure multiple TACACS+ servers. Select index-priority and the Switch tries to authenticate with the first configured TACACS+ server, if the TACACS+ server does not respond then the Switch tries to authenticate with the second TACACS+ server.
  • Page 258 Chapter 24 AAA Figure 180 Advanced Application > AAA > AAA Setup The following table describes the labels in this screen. Table 115 Advanced Application > AAA > AAA Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the Switch. Privilege Enable These fields specify which database the Switch should use (first, second and third) to authenticate access privilege level for administrator accounts (users for Switch...
  • Page 259 Chapter 24 AAA Table 115 Advanced Application > AAA > AAA Setup (continued) LABEL DESCRIPTION Login These fields specify which database the Switch should use (first, second and third) to authenticate administrator accounts (users for Switch management). Configure the local user accounts in the Access Control > Logins screen. The TACACS+ and RADIUS are external servers.

  • Page 260: Vendor Specific Attribute

    Chapter 24 AAA Table 115 Advanced Application > AAA > AAA Setup (continued) LABEL DESCRIPTION Mode The Switch supports two modes of recording login events. Select: • start-stop - to have the Switch send information to the accounting server when a user begins a session, during a user’s session (if it lasts past the Update Period), and when a user ends a session.

  • Page 261: Tunnel Protocol Attribute

    Chapter 24 AAA The following table describes the VSAs supported on the Switch. Note that these attributes only work when you enable authorization (see Section 24.2.3 on page 257). Table 116 Supported VSAs FUNCTION ATTRIBUTE Ingress Bandwidth Vendor-Id = 890 Assignment Vendor-Type = 1 ingress rate (Kbps in decimal format)

  • Page 262: Attributes Used For Authentication

    Chapter 24 AAA Refer to RFC 2865 for more information about RADIUS attributes used for authentication. Refer to RFC 2866 and RFC 2869 for RADIUS attributes used for accounting. This section lists the attributes used by authentication and accounting functions on the Switch. In cases where the attribute has a specific format associated with it, the format is specified.
  • Page 263 Chapter 24 AAA 24.3.2.1 Attributes Used for Accounting System Events NAS-IP-Address NAS-Identifier Acct-Status-Type Acct-Session-ID - The format of Acct-Session-Id is date+time+8-digit sequential number, for example, 2007041917210300000001. (date: 2007/04/19, time: 17:21:03, serial number: 00000001) Acct-Delay-Time 24.3.2.2 Attributes Used for Accounting Exec Events The attributes are listed in the following table along with the time that they are sent (the difference between Console and Telnet/SSH Exec events is that the Telnet/SSH events utilize the Calling- Station-Id attribute):...
  • Page 264 Chapter 24 AAA 24.3.2.3 Attributes Used for Accounting IEEE 802.1x Events The attributes are listed in the following table along with the time of the session they are sent: Table 120 RADIUS Attributes - Exec Events via Console ATTRIBUTE START INTERIM-UPDATE STOP User-Name...

  • Page 265: Ip Source Guard

    HAPTER IP Source Guard 25.1 IP Source Guard Overview IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in your network. A binding contains these key attributes: • MAC address • VLAN ID •...

  • Page 266: What You Need To Know

    Chapter 25 IP Source Guard • Use the DHCP Snooping VLAN Configure screen (Section 25.6.2 on page 277) to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP relay agent option 82 information to DHCP requests that the Switch relays to a DHCP server for each VLAN. •...

  • Page 267: Ip Source Guard

    Chapter 25 IP Source Guard • DHCP snooping. Use this to filter unauthorized DHCP packets on the network and to build the binding table dynamically. • ARP inspection. Use this to filter unauthorized ARP packets on the network. If you want to use dynamic bindings to filter unauthorized ARP packets (typical implementation), you have to enable DHCP snooping before you enable ARP inspection.

  • Page 268: Ipv4 Source Guard Setup

    Chapter 25 IP Source Guard Table 121 IP Source Guard (continued) LABEL DESCRIPTION IPv6 Source Guard Click the link to open a screen where you can apply the configured IPv6 source guard Port Setup policy to a port. (Standalone mode) IPv6 Snooping Policy Click the link to open a screen where you can set up DHCPv6 snooping policies for the Setup (Standalone...

  • Page 269: Ipv4 Source Guard Static Binding

    Chapter 25 IP Source Guard 25.4 IPv4 Source Guard Static Binding Use this screen to manage static bindings for DHCP snooping and ARP inspection. Static bindings are uniquely identified by the MAC address and VLAN ID. Each MAC address and VLAN ID can only be in one static binding.
  • Page 270 Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 123 IP Source Guard > IPv4 Source Guard Setup > Static Binding LABEL DESCRIPTION ARP Freeze ARP Freeze allows you to automatically create static bindings from the current ARP entries (either dynamically learned or static ARP entries) until the Switch’s binding table is full.

  • Page 271: Dhcp Snooping

    Chapter 25 IP Source Guard Table 123 IP Source Guard > IPv4 Source Guard Setup > Static Binding (continued) LABEL DESCRIPTION Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries. Delete Select the entry(ies) that you want to remove, then click the Delete button to remove the selected entry(ies) from the table.
  • Page 272 Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 124 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database. You can configure them in the DHCP Snooping Configure screen.

  • Page 273: Dhcp Snooping Configure

    Chapter 25 IP Source Guard Table 124 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping (continued) LABEL DESCRIPTION Failed writes This field displays the number of times the Switch was unable to update the bindings in the DHCP snooping database. Database detail First successful access This field displays the first time the Switch accessed the DHCP snooping database...
  • Page 274 Chapter 25 IP Source Guard Figure 187 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure The following table describes the labels in this screen. Table 125 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure LABEL DESCRIPTION Active...

  • Page 275: Dhcp Snooping Port Configure

    Chapter 25 IP Source Guard Table 125 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure (continued) LABEL DESCRIPTION Renew DHCP Enter the location of a DHCP snooping database, and click Renew if you want the Snooping URL Switch to load it.
  • Page 276 Chapter 25 IP Source Guard Figure 188 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure> Port (Standalone mode) Figure 189 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure> Port (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 277: Dhcp Snooping Vlan Configure

    Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 126 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure > Port LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot mode) number of the Switch in a stack.

  • Page 278: Dhcp Snooping Vlan Port Configure

    Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 127 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure > VLAN LABEL DESCRIPTION Show VLAN Use this section to specify the VLANs you want to manage in the section below. Start VID Enter the lowest VLAN ID you want to manage in the section below.

  • Page 279: Arp Inspection Status

    Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 128 IP Source Guard > IPv4 Source Guard Setup > DHCP Snooping > Configure > VLAN > Port LABEL DESCRIPTION Enter the ID number of the VLAN you want to configure here. Port Enter the number of port(s) to which you want to apply the specified DHCP option 82 profile.

  • Page 280: Arp Inspection Vlan Status

    Chapter 25 IP Source Guard Figure 192 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection Status The following table describes the labels in this screen. Table 129 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection Status LABEL DESCRIPTION Total number of...

  • Page 281: Arp Inspection Log Status

    Chapter 25 IP Source Guard Figure 193 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > VLAN Status The following table describes the labels in this screen. Table 130 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > VLAN Status LABEL DESCRIPTION Show VLAN range...

  • Page 282: Arp Inspection Configure

    Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 131 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Log Status LABEL DESCRIPTION Clearing log status table Click Apply to remove all the log messages that were generated by ARP packets and that have not been sent to the syslog server yet.
  • Page 283 Chapter 25 IP Source Guard Figure 195 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure The following table describes the labels in this screen. Table 132 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure LABEL DESCRIPTION Active...

  • Page 284: Arp Inspection Port Configure

    Chapter 25 IP Source Guard Table 132 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 285 Chapter 25 IP Source Guard Figure 197 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure > Port (Stacking mode) The following table describes the labels in this screen. Table 133 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure > Port LABEL DESCRIPTION Slot (Stacking mode)

  • Page 286: Arp Inspection Vlan Configure

    Chapter 25 IP Source Guard 25.8.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN. To open this screen, click Advanced Application >...

  • Page 287: Ipv6 Source Guard Overview

    Chapter 25 IP Source Guard 25.9 IPv6 Source Guard Overview The purpose of IPv6 source guard is to distinguish between authorized and unauthorized users by using a binding table that validates the source of IPv6 traffic. The binding table can be manually created or be learned through Dynamic Host Configuration Protocol version 6 snooping (DHCPv6 snooping).

  • Page 288: Ipv6 Static Binding Setup

    Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 135 Advanced Application > IP Source Guard > IPv6 Source Binding Status (Standalone mode) LABEL DESCRIPTION Clear Dynamic Specify how you want the Switch to remove dynamic IPv6 source binding entries when Source Binding you click Flush.
  • Page 289 Chapter 25 IP Source Guard Figure 200 Advanced Application > IP Source Guard > IPv6 Static Binding Setup (Standalone mode) The following table describes the labels in this screen. Table 136 Advanced Application > IP Source Guard > IPv6 Static Binding Setup (Standalone mode) LABEL DESCRIPTION IPv6 Static...

  • Page 290: Ipv6 Source Guard Policy Setup

    Chapter 25 IP Source Guard 25.12 IPv6 Source Guard Policy Setup Use this screen to have IPv6 source guard forward valid IPv6 addresses and/or IPv6 prefixes that are stored in the binding table and allow or block data traffic from all link-local addresses. To open this screen, click Advanced Application >...

  • Page 291: Ipv6 Source Guard Port Setup

    Chapter 25 IP Source Guard Table 137 Advanced Application > IP Source Guard > IPv6 Source Guard Policy Setup (Standalone mode) LABEL DESCRIPTION Validate Prefix This field displays the Validate Prefix status for this IPv6 source guard policy. Link Local This field displays the Link Local traffic status for this IPv6 source guard policy.

  • Page 292: Ipv6 Snooping Policy Setup

    Chapter 25 IP Source Guard Table 138 Advanced Application > IP Source Guard > IPv6 Source Guard Port Setup (Standalone mode) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 293: Ipv6 Snooping Vlan Setup

    Chapter 25 IP Source Guard Table 139 Advanced Application > IP Source Guard > IPv6 Snooping Policy Setup (Standalone mode) LABEL DESCRIPTION Clear Click this to clear the fields above. Index This field displays a sequential number for each IPv6 snooping policy. Name This field displays the descriptive name for identification purposes for this IPv6 source guard policy.

  • Page 294: Ipv6 Dhcp Trust Setup

    Chapter 25 IP Source Guard Table 140 Advanced Application > IP Source Guard > IPv6 Snooping VLAN Setup (Standalone mode) LABEL DESCRIPTION Delete Select an entry checkbox and click Delete to remove the specified entry. Cancel Click this to clear the Delete check boxes above. 25.16 IPv6 DHCP Trust Setup Use this screen to specify which ports are trusted for DHCPv6 snooping.

  • Page 295: Technical Reference

    Chapter 25 IP Source Guard The following table describes the labels in this screen. Table 141 Advanced Application > IP Source Guard > IPv6 DHCP Trust Setup (Standalone mode) LABEL DESCRIPTION Active Select this to specify whether ports are trusted or untrusted ports for DHCP snooping. If you do not select this then IPv6 DHCP Trust is not used and all ports are automatically trusted.
  • Page 296 Chapter 25 IP Source Guard • The source MAC address and source IP address in the packet do not match any of the current bindings. • The packet is a RELEASE or DECLINE packet, and the source MAC address and source port do not match any of the current bindings.

  • Page 297: Arp Inspection Overview

    Chapter 25 IP Source Guard You can configure this setting for each source VLAN. This setting is independent of the DHCP relay settings (Chapter 43 on page 413). 25.17.1.4 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch. Enable DHCP snooping on the Switch.
  • Page 298 Chapter 25 IP Source Guard • They do not use the same space in memory that regular MAC address filters use. • They appear only in the ARP Inspection screens and commands, not in the MAC Address Filter screens and commands. 25.17.2.2 Trusted vs.

  • Page 299: Loop Guard

    HAPTER Loop Guard This chapter shows you how to configure the Switch to guard against loops on the edge of your network. 26.1 Loop Guard Overview Loop guard allows you to configure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch.
  • Page 300 Chapter 26 Loop Guard Figure 209 Switch in Loop State The loop guard feature checks to see if a loop guard enabled port is connected to a switch in loop state. This is accomplished by periodically sending a probe packet and seeing if the packet returns on the same port.

  • Page 301: Loop Guard Setup

    Chapter 26 Loop Guard 26.2 Loop Guard Setup Click Advanced Application > Loop Guard in the navigation panel to display the screen as shown. Note: The loop guard feature can not be enabled on the ports that have Spanning Tree Protocol (RSTP, MRSTP or MSTP) enabled.
  • Page 302 Chapter 26 Loop Guard The following table describes the labels in this screen. Table 142 Advanced Application > Loop Guard LABEL DESCRIPTION Active Select this option to enable loop guard on the Switch. The Switch generates syslog, internal log messages as well as SNMP traps when it shuts down a port via the loop guard feature.

  • Page 303: Vlan Mapping

    HAPTER VLAN Mapping This chapter shows you how to configure VLAN mapping on the Switch. 27.1 VLAN Mapping Overview With VLAN mapping enabled, the Switch can map the VLAN ID and priority level of packets received from a private network to those used in the service provider’s network. The Switch checks incoming traffic from the switch ports (non-management ports) against the VLAN mapping table first, the MAC learning table and then the VLAN table before forwarding them through the Gigabit uplink port.
  • Page 304 Chapter 27 VLAN Mapping Figure 215 VLAN Mapping (Standalone mode) Figure 216 VLAN Mapping (Stacking mode) The following table describes the labels in this screen. Table 143 VLAN Mapping LABEL DESCRIPTION Active Select this option to enable VLAN mapping on the Switch. Slot (Stacking This field appears only in stacking mode.

  • Page 305: Configuring Vlan Mapping

    Chapter 27 VLAN Mapping Table 143 VLAN Mapping (continued) LABEL DESCRIPTION Active Select this check box to enable the VLAN mapping feature on this port. Clear this check box to disable the VLAN mapping feature. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 306 Chapter 27 VLAN Mapping The following table describes the labels in this screen. Table 144 VLAN Mapping Configuration LABEL DESCRIPTION Active Check this box to activate this rule. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes. Port Type a port to be included in this rule.

  • Page 307: Layer 2 Protocol Tunneling

    HAPTER Layer 2 Protocol Tunneling This chapter shows you how to configure layer-2 protocol tunneling on the Switch. 28.1 Layer 2 Protocol Tunneling Overview Layer-2 protocol tunneling (L2PT) is used on the service provider's edge devices. L2PT allows edge switches (1 and 2 in the following figure) to tunnel layer-2 STP (Spanning Tree Protocol), CDP (Cisco Discovery Protocol) and VTP (VLAN Trunking Protocol) packets between customer switches (A, B and C in the following figure) connected through the service provider’s network.

  • Page 308: Layer-2 Protocol Tunneling Mode

    Chapter 28 Layer 2 Protocol Tunneling Figure 220 L2PT Network Example Service Provider's Network 28.1.1 Layer-2 Protocol Tunneling Mode Each port can have two layer-2 protocol tunneling modes, Access and Tunnel. • The Access port is an ingress port on the service provider's edge device (1 or 2 in Figure 220 on page 308) and connected to a customer switch (A or B).
  • Page 309 Chapter 28 Layer 2 Protocol Tunneling Figure 221 Advanced Application > Layer 2 Protocol Tunneling (Standalone mode) Figure 222 Advanced Application > Layer 2 Protocol Tunneling (Stacking mode) GS3700/XGS3700 Series User’s Guide...
  • Page 310 Chapter 28 Layer 2 Protocol Tunneling The following table describes the labels in this screen. Table 145 Advanced Application > Layer 2 Protocol Tunneling LABEL DESCRIPTION Active Select this to enable layer-2 protocol tunneling on the Switch. Destination Specify an MAC address with which the Switch uses to encapsulate the layer-2 protocol MAC Address packets by replacing the destination MAC address in the packets.
  • Page 311 Chapter 28 Layer 2 Protocol Tunneling Table 145 Advanced Application > Layer 2 Protocol Tunneling (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 312: Sflow

    HAPTER sFlow This chapter shows you how to configure sFlow to have the Switch monitor traffic in a network and send information to an sFlow collector for analysis. 29.1 sFlow Overview sFlow (RFC 3176) is a standard technology for monitoring switched networks. An sFlow agent embedded on a switch or router gets sample data and packet statistics from traffic forwarded through its ports.
  • Page 313 Chapter 29 sFlow Figure 224 Advanced Application > sFlow (Standalone mode) Figure 225 Advanced Application > sFlow (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 314: Sflow Collector Configuration

    Chapter 29 sFlow The following table describes the labels in this screen. Table 146 Advanced Application > sFlow LABEL DESCRIPTION Active Select this to enable the sFlow agent on the Switch. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 315 Chapter 29 sFlow Figure 226 Advanced Application > sFlow > Collector The following table describes the labels in this screen. Table 147 Advanced Application > sFlow > Collector LABEL DESCRIPTION Collector Enter the IP address of the sFlow collector. Address UDP Port Enter a UDP port number the Switch uses to send sFlow datagram to the collector.

  • Page 316: Pppoe

    HAPTER PPPoE This chapter describes how the Switch gives a PPPoE termination server additional information that the server can use to identify and authenticate a PPPoE client. 30.1 PPPoE Intermediate Agent Overview A PPPoE Intermediate Agent (PPPoE IA) is deployed between a PPPoE server and PPPoE clients. It helps the PPPoE server identify and authenticate clients by adding subscriber line specific information to PPPoE discovery packets from clients on a per-port or per-port-per-VLAN basis before forwarding them to the PPPoE server.

  • Page 317: Port State

    Chapter 30 PPPoE Table 150 PPPoE IA Remote ID Sub-option Format SubOpt Length Value 0x02 MAC Address or String (1 byte) (1 byte) (63 bytes) The 1 in the first field identifies this as an Agent Circuit ID sub-option and 2 identifies this as an Agent Remote ID sub-option.

  • Page 318: The Pppoe Screen

    Chapter 30 PPPoE Trusted ports are connected to PPPoE servers. • If a PADO (PPPoE Active Discovery Offer), PADS (PPPoE Active Discovery Session-confirmation), or PADT (PPPoE Active Discovery Terminate) packet is sent from a PPPoE server and received on a trusted port, the Switch forwards it to all other ports. •...
  • Page 319 Chapter 30 PPPoE Figure 228 Advanced Application > PPPoE > Intermediate Agent The following table describes the labels in this screen. Table 153 Advanced Application > PPPoE > Intermediate Agent LABEL DESCRIPTION Active Select this option to enable the PPPoE intermediate agent globally on the Switch. access-node- Enter up to 20 ASCII characters to identify the PPPoE intermediate agent.

  • Page 320: Pppoe Ia Per-Port

    Chapter 30 PPPoE 30.3.1 PPPoE IA Per-Port Use this screen to specify whether individual ports are trusted or untrusted ports and have the Switch add extra information to PPPoE discovery packets from PPPoE clients on a per-port basis. Note: The Switch will drop all PPPoE packets if you enable the PPPoE Intermediate Agent on the Switch and there are no trusted ports.
  • Page 321 Chapter 30 PPPoE Figure 230 Advanced Application > PPPoE > Intermediate Agent > Port (Stacking mode) The following table describes the labels in this screen. Table 154 Advanced Application > PPPoE > Intermediate Agent > Port LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode.

  • Page 322: Pppoe Ia Per-Port Per-Vlan

    Chapter 30 PPPoE Table 154 Advanced Application > PPPoE > Intermediate Agent > Port (continued) LABEL DESCRIPTION Remote-id Enter a string of up to 63 ASCII characters that the Switch adds into the Agent Remote ID sub-option for PPPoE discovery packets received on this port. Spaces are allowed. If you do not specify a string here or in the Remote-id field for a VLAN on a port, the Switch automatically uses the PPPoE client’s MAC address.

  • Page 323: Pppoe Ia For Vlan

    Chapter 30 PPPoE The following table describes the labels in this screen. Table 155 Advanced Application > PPPoE > Intermediate Agent > Port > VLAN LABEL DESCRIPTION Show Port Enter a port number to show the PPPoE Intermediate Agent settings for the specified VLAN(s) on the port.
  • Page 324 Chapter 30 PPPoE Figure 233 Advanced Application > PPPoE > Intermediate Agent > VLAN The following table describes the labels in this screen. Table 156 Advanced Application > PPPoE > Intermediate Agent > VLAN LABEL DESCRIPTION Show VLAN Use this section to specify the VLANs you want to configure in the section below. Start VID Enter the lowest VLAN ID you want to configure in the section below.

  • Page 325: Error Disable

    HAPTER Error Disable 31.1 Error Disable Overview This chapter shows you how to configure the rate limit for control packets on a port, and set the Switch to take an action (such as to shut down a port or stop sending packets) on a port when the Switch detects a pre-configured error.

  • Page 326: The Error Disable Screen

    Chapter 31 Error Disable 31.2 The Error Disable Screen Use this screen to configure error disable related settings. Click Advanced Application > Errdisable in the navigation panel to open the following screen. Advanced Application > Errdisable Figure 234 The following table describes the labels in this screen. Table 157 Advanced Application >...
  • Page 327 Chapter 31 Error Disable Figure 235 Advanced Application > Errdisable > Errdisable Status (Standalone mode) Figure 236 Advanced Application > Errdisable > Errdisable Status (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 328: Cpu Protection Configuration

    Chapter 31 Error Disable The following table describes the labels in this screen. Table 158 Advanced Application > Errdisable > Errdisable Status LABEL DESCRIPTION Inactive-reason mode reset Port List Enter the number of the port(s) (separated by a comma) on which you want to reset inactive-reason status.
  • Page 329 Chapter 31 Error Disable Note: After you configure this screen, make sure you also enable error detection for the specific control packets in the Advanced Application > Errdisable > Errdisable Detect screen. Figure 237 Advanced Application > Errdisable > CPU protection (Standalone mode) Figure 238 Advanced Application >...

  • Page 330: Error-Disable Detect Configuration

    Chapter 31 Error Disable The following table describes the labels in this screen. Table 159 Advanced Application > Errdisable > CPU protection LABEL DESCRIPTION Reason Select the type of control packet you want to configure here. Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot mode) number of the Switch in a stack.

  • Page 331: Error-Disable Recovery Configuration

    Chapter 31 Error Disable The following table describes the labels in this screen. Table 160 Advanced Application > Errdisable > Errdisable Detect LABEL DESCRIPTION Cause This field displays the types of control packet that may cause CPU overload. Use this row to make the setting the same for all entries. Use this row first and then make adjustments to each entry if necessary.
  • Page 332 Chapter 31 Error Disable Figure 241 Advanced Application > Errdisable > Errdisable Recovery (Stacking Mode) The following table describes the labels in this screen. Table 161 Advanced Application > Errdisable > Errdisable Recovery LABEL DESCRIPTION Active Select this option to turn on the error-disable recovery function on the Switch. Reason This field displays the supported features that allow the Switch to shut down a port or discard packets on a port according to the feature requirements and what action you...

  • Page 333: Mac Pinning

    HAPTER MAC Pinning This chapter shows you how to configure MAC pinning on the Switch. 32.1 MAC Pinning Overview When the Switch obtains a connected device’s MAC address, it adds an entry in the MAC address forwarding table and uses the table to determine how to forward frames. In addition to the source MAC address of a received frame, the Switch also learns the VLAN to which the device belongs and the port on which the frame is received.
  • Page 334 Chapter 32 MAC Pinning Figure 242 Advanced Application > MAC Pinning (Standalone mode) Figure 243 Advanced Application > MAC Pinning (Stacking mode) GS3700/XGS3700 Series User’s Guide...
  • Page 335 Chapter 32 MAC Pinning The following table describes the labels in this screen. Table 162 Advanced Application > MAC Pinning LABEL DESCRIPTION Active Select this option to turn on the MAC pinning function on the Switch. Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot number mode) of the Switch in a stack.

  • Page 336: Private Vlan

    HAPTER Private VLAN 33.1 Private VLAN Overview Use private VLAN if you want you to block traffic between ports in the same VLAN. Community and Isolated VLANs are secondary private VLANs that must be associated with a Primary private VLAN. •...

  • Page 337: Configuration

    Chapter 33 Private VLAN Tagged Private VLANs can span switches but trunking ports must be VLAN-trunking ports - see Advanced > VLAN > VLAN Port Setting. Table 164 Spanning PVLAN Graphic Key LABEL DESCRIPTION Uplink promiscuous port VLAN-trunking ports S1, S2 Switch 1, Switch 2 P-VLAN 100 Primary private VLAN with VLAN ID tag of 100...
  • Page 338 Chapter 33 Private VLAN Click Advanced Application > Private VLAN to display the following screen. Figure 244 Advanced Application > Private VLAN (Standalone mode) Figure 245 Advanced Application > Private VLAN (Stacking mode) GS3700/XGS3700 Series User’s Guide...
  • Page 339 Chapter 33 Private VLAN The following table describes the labels in this screen. Table 165 Advanced Application > Private VLAN LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot mode) number of the Switch in a stack.

  • Page 340: Green Ethernet

    HAPTER Green Ethernet This chapter shows you how to configure the Switch to reduce the power consumed by switch ports. 34.1 Green Ethernet Overview Green Ethernet reduces switch port power consumption in the following ways. • IEEE 802.3az Energy Efficient Ethernet (EEE) If EEE is enabled, both sides of a link support EEE and there is no traffic, the port enters Low Power Idle (LPI) mode.
  • Page 341 Chapter 34 Green Ethernet Figure 246 Advanced Application > Green Ethernet (Standalone mode) Figure 247 Advanced Application > Green Ethernet (Stacking mode) GS3700/XGS3700 Series User’s Guide...
  • Page 342 Chapter 34 Green Ethernet The following table describes the labels in this screen. Table 166 Advanced Application > Green Ethernet LABEL DESCRIPTION Select this to activate Energy Efficient Ethernet globally. Auto Power Down Select this to activate Auto Power Down globally. Short Reach Select this to activate Short Reach globally.

  • Page 343: Link Layer Discovery Protocol (Lldp)

    HAPTER Link Layer Discovery Protocol (LLDP) 35.1 LLDP Overview The LLDP (Link Layer Discovery Protocol) is a layer 2 protocol. It allows a network device to advertise its identity and capabilities on the local network. It also allows the device to maintain and store information from adjacent devices which are directly connected to the network device.

  • Page 344: Lldp-Med Overview

    Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 248 LLDP Overview 35.2 LLDP-MED Overview LLDP-MED (Link Layer Discovery Protocol for Media Endpoint Devices) is an extension to the standard LLDP developed by the Telecommunications Industry Association (TIA) TR-41.4 subcommittee which defines the enhanced discovery capabilities, such as VoIP applications, to enable network administrators manage their network topology application more efficiently.

  • Page 345: Lldp Screens

    Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 249 LLDP-MED Overview 35.3 LLDP Screens Click Advanced Application > LLDP in the navigation panel to display the screen as shown next. Figure 250 Advanced Application > LLDP The following table describes the labels in this screen. Table 167 Advanced Application >...

  • Page 346: Lldp Local Status

    Chapter 35 Link Layer Discovery Protocol (LLDP) Table 167 Advanced Application > LLDP (continued) LABEL DESCRIPTION LLDP-MED LLDP-MED Click here to show a screen to configure LLDP-MED (Link Layer Discovery Protocol for Configuration Media Endpoint Devices) parameters. LLDP-MED Click here to show a screen to configure LLDP-MED (Link Layer Discovery Protocol for Network Policy Media Endpoint Devices) network policy parameters.
  • Page 347 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 252 Advanced Application > LLDP > LLDP Local Status (Stacking mode) The following table describes the labels in this screen. Table 168 Advanced Application > LLDP > LLDP Local Status LABEL DESCRIPTION Basic TLV Chassis ID TLV This displays the chassis ID of the local Switch, that is the Switch you’re configuring.

  • Page 348: Lldp Local Port Status Detail

    Chapter 35 Link Layer Discovery Protocol (LLDP) Table 168 Advanced Application > LLDP > LLDP Local Status LABEL DESCRIPTION Management The Management Address TLV identifies an address associated with the local LLDP agent Address TLV that may be used to reach higher layer entities to assist discovery by network management.
  • Page 349 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 253 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail (Basic TLV) GS3700/XGS3700 Series User’s Guide...
  • Page 350 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 254 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail (MED TLV) The following table describes the labels in this screen. Table 169 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail LABEL DESCRIPTION Basic TLV...
  • Page 351 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 169 Advanced Application > LLDP > LLDP Local Status > LLDP Local Port Status Detail LABEL DESCRIPTION Port-Protocol This displays the IEEE 802.1 Port Protocol VLAN ID TLVs, which indicates whether the VLAN ID TLV VLAN is enabled and supported.

  • Page 352: Lldp Remote Status

    Chapter 35 Link Layer Discovery Protocol (LLDP) 35.5 LLDP Remote Status This screen displays a summary of LLDP status for each LLDP connection to a neighboring Switch. Click Advanced Application > LLDP > LLDP Remote Status to display the screen as shown next.
  • Page 353 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 257 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Basic TLV) The following table describes the labels in Basic TLV part of the screen. Table 171 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Basic TLV) LABEL DESCRIPTION...
  • Page 354 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 171 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Basic TLV) LABEL DESCRIPTION System Name This displays the system name of the remote device. System This displays the system description of the remote device. Description TLV System This displays whether the system capabilities are enabled and supported on the remote...
  • Page 355 Chapter 35 Link Layer Discovery Protocol (LLDP) The following table describes the labels in the Dot1 and Dot3 parts of the screen. Table 172 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (Dot1 and Dot3 TLV) LABEL DESCRIPTION Dot1 TLV...
  • Page 356 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 259 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) GS3700/XGS3700 Series User’s Guide...
  • Page 357 Chapter 35 Link Layer Discovery Protocol (LLDP) The following table describes the labels in the MED TLV part of the screen. Table 173 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) LABEL DESCRIPTION MED TLV LLDP Media Endpoint Discovery (MED) is an extension of LLDP that provides additional...

  • Page 358: Lldp Configuration

    Chapter 35 Link Layer Discovery Protocol (LLDP) Table 173 Advanced Application > LLDP > LLDP Remote Status > LLDP Remote Port Status Detail (MED TLV) (continued) LABEL DESCRIPTION Inventory TLV The majority of IP Phones lack support of management protocols such as SNMP, so LLDP- MED inventory TLVs are used to provide their inventory information to the Network Connectivity Devices such as the Switch.
  • Page 359 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 260 Advanced Application > LLDP > LLDP Configuration (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 360 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 261 Advanced Application > LLDP > LLDP Configuration (Stacking mode) The following table describes the labels in this screen. Table 174 Advanced Application > LLDP > LLDP Configuration LABEL DESCRIPTION Active Select to enable LLDP on the Switch. It is enabled by default. Transmit Interval Enter how many seconds the Switch waits before sending LLDP packets.

  • Page 361: Lldp Configuration Basic Tlv Setting

    Chapter 35 Link Layer Discovery Protocol (LLDP) Table 174 Advanced Application > LLDP > LLDP Configuration LABEL DESCRIPTION Admin Status Select whether LLDP transmission and/or reception is allowed on this port. • Disable - not allowed • Tx-Only - transmit only •...

  • Page 362: Lldp Configuration Basic Org-Specific Tlv Setting

    Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 263 Advanced Application > LLDP > LLDP Configuration> Basic TLV Setting (Stacking mode) The following table describes the labels in this screen. Table 175 Advanced Application > LLDP > LLDP Configuration > Basic TLV Setting LABEL DESCRIPTION Slot (Stacking...
  • Page 363 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 264 Advanced Application > LLDP > LLDP Configuration> Org-specific TLV Setting (Standalone mode) Figure 265 Advanced Application > LLDP > LLDP Configuration> Org-specific TLV Setting (Stacking mode) The following table describes the labels in this screen. Table 176 Advanced Application >...

  • Page 364: Lldp-Med Configuration

    Chapter 35 Link Layer Discovery Protocol (LLDP) Table 176 Advanced Application > LLDP > LLDP Configuration > Org-specific TLV Setting LABEL DESCRIPTION Port-Protocol Select the check box(es) to enable or disable the sending of IEEE 802.1 Port and Protocol VLAN ID VLAN ID TLVs on the port(s).
  • Page 365 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 266 Advanced Application > LLDP > LLDP-MED Configuration (Standalone mode) Figure 267 Advanced Application > LLDP > LLDP-MED Configuration (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 366: Lldp-Med Network Policy

    Chapter 35 Link Layer Discovery Protocol (LLDP) The following table describes the labels in this screen. Table 177 Advanced Application > LLDP > LLDP-MED Configuration LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot mode) number of the Switch in a stack.
  • Page 367 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 269 Advanced Application > LLDP > LLDP-MED Network Policy (Stacking mode) The following table describes the labels in this screen. Table 178 Advanced Application > LLDP > LLDP-MED Network Policy LABEL DESCRIPTION Port Enter the port number to set up the LLDP-MED network policy.

  • Page 368: Lldp-Med Location

    Chapter 35 Link Layer Discovery Protocol (LLDP) Table 178 Advanced Application > LLDP > LLDP-MED Network Policy LABEL DESCRIPTION DSCP This field displays the DSCP value of the network policy. Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries.
  • Page 369 Chapter 35 Link Layer Discovery Protocol (LLDP) Figure 271 Advanced Application > LLDP > LLDP-MED Location (Stacking mode) The following table describes the labels in this screen. Table 179 Advanced Application > LLDP > LLDP-MED Location LABEL DESCRIPTION Port Enter the port number you want to set up the location within the LLDP-MED network.For Stacking mode the first field box is the Slot ID, the second field box is the port.
  • Page 370 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 179 Advanced Application > LLDP > LLDP-MED Location LABEL DESCRIPTION Datum Select the appropriate geodetic datum used by GPS. • WGS84 • NAD83-NAVD88 • NAD83-MLLW Civic Address Enter the Civic Address by providing information such as Country, State, County, City, Street, Number, ZIP code and other additional information.
  • Page 371 Chapter 35 Link Layer Discovery Protocol (LLDP) Table 179 Advanced Application > LLDP > LLDP-MED Location LABEL DESCRIPTION Delete Check the locations that you want to remove, then click the Delete button. Cancel Click Cancel to clear the selected check boxes. GS3700/XGS3700 Series User’s Guide...

  • Page 372: Anti-Arpscan

    HAPTER Anti-Arpscan 36.1 Anti-Arpscan Overview Address Resolution Protocol (ARP), RFC 826, is a protocol used to convert a network-layer IP address to a link-layer MAC address. ARP scan is used to scan the network of a certain interface for alive hosts. It shows the IP address and MAC addresses of all hosts found. Hackers could use ARP scan to find targets in your network.

  • Page 373: Anti-Arpscan Status

    Chapter 36 Anti-Arpscan • Go to Basic Setting > Port Setup. Clear Active and click Apply. Then select Active and click Apply again. • Go to Application > Errdiable > Errdisable Recovery and set the interval for Anti- arpscan. After the interval expires, the closed port(s) will become active and start receiving packets again.

  • Page 374: Anti-Arpscan Host Status

    Chapter 36 Anti-Arpscan 36.3 Anti-Arpscan Host Status Use this screen to view blocked hosts and unblock ones connected to certain ports. To open this screen, click Advanced Application > Anti-Arpscan > Host Status. Figure 273 Advanced Application > Anti-Arpscan > Host Status The following table describes the fields in the above screen.

  • Page 375: Anti-Arpscan Configure

    Chapter 36 Anti-Arpscan Figure 274 Advanced Application > Anti-Arpscan > Trust Host The following table describes the fields in the above screen. Table 182 Advanced Application > Anti-Arpscan > Trust Host LABEL DESCRIPTION Name Type a descriptive name of up to 32 printable ASCII characters to identify this host. Host IP Type the IP address of the host.
  • Page 376 Chapter 36 Anti-Arpscan Figure 275 Advanced Application > Anti-Arpscan > Configure The following table describes the fields in the above screen. Table 183 Advanced Application > Anti-Arpscan > Configure LABEL DESCRIPTION Active Select this to enable Anti-arpscan on the Switch. Port Threshold A port threshold is determined by the number of packets received per second on the port.
  • Page 377 Chapter 36 Anti-Arpscan Table 183 Advanced Application > Anti-Arpscan > Configure LABEL DESCRIPTION Trusted State Select Untrusted or Trusted for the associated port. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 378: Bpdu Guard

    HAPTER BPDU Guard 37.1 BPDU Guard Overview A BPDU (Bridge Protocol Data Units) is a data frame that contains information about STP. STP- aware switches exchange BPDUs periodically. The BPDU guard feature allows you to prevent any new STP-aware switch from connecting to an existing network and causing STP topology changes in the network.

  • Page 379: Bpdu Guard Configuration

    Chapter 37 BPDU Guard Figure 276 Advanced Application > BPDU Guard Staus The following table describes the fields in the above screen. Table 184 Advanced Application > BPDU Guard Staus LABEL DESCRIPTION BPDU guard globally This field displays whether BPDU guard is activated on the Switch. configuration Port This is the number of the port on the Switch.
  • Page 380 Chapter 37 BPDU Guard Figure 277 Advanced Application > BPDU Guard > BPDU Guard Configuration The following table describes the fields in the above screen. Table 185 Advanced Application > BPDU Guard > BPDU Guard Configuration LABEL DESCRIPTION Active Select this option to enable BPDU guard on the Switch. Port This field displays the Switch’s port number Use this row to make the setting the same for all ports.

  • Page 381: Oam

    HAPTER 38.1 OAM Overview Link layer Ethernet OAM (Operations, Administration and Maintenance) as described in IEEE 802.3ah is a link monitoring protocol. It utilizes OAM Protocol Data Units or OAM PDUs to transmit link status information between directly connected Ethernet devices. Both devices must support IEEE 802.3ah.
  • Page 382 Chapter 38 OAM Figure 278 Advanced Application > OAM Status (Standalone mode) Figure 279 Advanced Application > OAM Status (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 383: Oam Details

    Chapter 38 OAM The following table describes the fields in the above screen. Table 186 Advanced Application > OAM Status LABEL DESCRIPTION Slot (Stacking mode) This field appears only in stacking mode. Click the drop-down list to choose the slot number of the Switch in a stack.
  • Page 384 Chapter 38 OAM Figure 280 Advanced Application > OAM Status > OAM Details The following table describes the fields in the above screen. Table 187 Advanced Application > OAM Status > OAM Details LABEL DESCRIPTION Discovery This section displays OAM configuration details and operational status of the port on the Switch and/or the remote device.
  • Page 385 Chapter 38 OAM Table 187 Advanced Application > OAM Status > OAM Details LABEL DESCRIPTION Mode This field displays the OAM mode. The device in active mode (typically the service provider's device) controls the device in passive mode (typically the subscriber's device).
  • Page 386 Chapter 38 OAM Table 187 Advanced Application > OAM Status > OAM Details LABEL DESCRIPTION Discovery This field indicates the state in the OAM discovery process. OAM-enabled devices use state this process to detect each other and to exchange information about their OAM configuration and capabilities.

  • Page 387: Oam Configuration

    Chapter 38 OAM 38.3 OAM Configuration Use this screen to turn on Ethernet OAM on the Switch and port(s) and configure the related settings. In the OAM Status screen click Configuration to display the configuration screen as shown. Figure 281 Advanced Application > OAM > OAM Configuration (Standalone mode) GS3700/XGS3700 Series User’s Guide...
  • Page 388 Chapter 38 OAM Figure 282 Advanced Application > OAM > OAM Configuration (Stacking mode) The following table describes the fields in the above screen. Table 188 Advanced Application > OAM > OAM Configuration LABEL DESCRIPTION Active Select this option to enable Ethernet OAM on the Switch. Slot (Stacking mode) This field appears only in stacking mode.

  • Page 389: Oam Remote Loopback

    Chapter 38 OAM Table 188 Advanced Application > OAM > OAM Configuration LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 390: Zuld

    HAPTER ZULD 39.1 ZULD Overview A unidirectional link is a connection where the link is up on both ends, but only one end can receive packets. This may happen if OAM was initially enabled but then disabled, there are misconfigured transmitting or receiving lines or the hardware is malfunctioning.

  • Page 391: Zuld Status

    Chapter 39 ZULD • Ports advertise their unidirectional link detection capability using OAMPDUs, so all connected devices must support OAM as well as ZULD. You need to enable OAM on the Switch by going to Advanced Application > OAM > Configuration and selecting Active. OAM must be enabled on other connected devices too.
  • Page 392 Chapter 39 ZULD Figure 285 Advanced Application > ZULD Status The following table describes the fields in the above screen. Table 190 Advanced Application > ZULD Status LABEL DESCRIPTION ZULD is..This shows whether ZULD is enabled or disabled on the Switch. Port This field displays the port number of the Switch.

  • Page 393: Zuld Configuration

    Chapter 39 ZULD Table 190 Advanced Application > ZULD Status LABEL DESCRIPTION Link State This field shows the following link states: • Linkdown: This is an initialization state, where the port is not yet up. • Probe: This indicates that ZULD is discovering the connected device on this link. •...
  • Page 394 Chapter 39 ZULD Figure 286 Advanced Application > ZULD > Configuration The following table describes the fields in the above screen. Table 191 Advanced Application > ZULD > Configuration LABEL DESCRIPTION Active Select this to enable ZULD on the Switch. Port Use port * to configure all ports to have the same settings.
  • Page 395 Chapter 39 ZULD Table 191 Advanced Application > ZULD > Configuration LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 396: Static Route

    HAPTER Static Route This chapter shows you how to configure static routes. 40.1 Static Routing Overview The Switch usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Switch send data to devices not reachable through the default gateway, use static routes.

  • Page 397: Configuring Ipv4 Static Routing

    Chapter 40 Static Route Figure 288 IP Application > Static Routing 40.3 Configuring IPv4 Static Routing Click the link next to IPv4 Static Route in the IP Application > Static Routing screen to display the screen as shown. Figure 289 IP Application > Static Routing > IPv4 Static Route The following table describes the related labels you use to create a static route.

  • Page 398: Configuring Ipv6 Static Routing

    Chapter 40 Static Route Table 192 IP Application > Static Routing > IPv4 Static Route (continued) LABEL DESCRIPTION Click Add to insert a new static route to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
  • Page 399 Chapter 40 Static Route The following table describes the related labels you use to create a static route. Table 193 IP Application > Static Routing > IPv6 Static Route LABEL DESCRIPTION Route Enter the IPv6 address of the final destination. Destination Prefix Length Enter the prefix length number of up to 64 for this destination.

  • Page 400: Policy Routing

    HAPTER Policy Routing This chapter shows you how to configure policy routing rules. 41.1 Policy Route Overview Traditionally, routing is based on the destination address only and the Switch takes the shortest path to forward a packet. Policy routing provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator.

  • Page 401: Policy Routing Rule Configuration

    Chapter 41 Policy Routing The following table describes the labels in this screen. Table 194 IP Application > Policy Routing LABEL DESCRIPTION Active This field allows you to activate/deactivate this policy routing profile and rules in the profile. Profile Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes.
  • Page 402 Chapter 41 Policy Routing Figure 292 IP Application > Policy Routing > Rule Configuration The following table describes the labels in this screen. Table 195 IP Application > Policy Routing > Rule Configuration LABEL DESCRIPTION Profile Name This field displays the policy routing profile(s) you configure in the IP Application > Policy Routing screen.
  • Page 403 Chapter 41 Policy Routing Table 195 IP Application > Policy Routing > Rule Configuration (continued) LABEL DESCRIPTION This field displays the rule index number that you configure in the Sequence field. Click an index number to change the rule’s Statement. State This field displays permit when the rule action is activated and deny when is it deactivated.

  • Page 404: Differentiated Services

    HAPTER Differentiated Services This chapter shows you how to configure Differentiated Services (DiffServ) on the Switch. 42.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.

  • Page 405: Two Rate Three Color Marker Traffic Policing

    Chapter 42 Differentiated Services various traffic policies to the traffic flows. For example, one traffic policy would be to give higher drop precedence to one traffic flow over others. In our example packets in the Bronze traffic flow are more likely to be dropped when congestion occurs than the packets in the Platinum traffic flow as they move across the DiffServ network.

  • Page 406: Trtcm - Color-Blind Mode

    Chapter 42 Differentiated Services 42.2.1 TRTCM - Color-blind Mode All packets are evaluated against the PIR. If a packet exceeds the PIR it is marked red. Otherwise it is evaluated against the CIR. If it exceeds the CIR then it is marked yellow. Finally, if it is below the CIR then it is marked green.
  • Page 407 Chapter 42 Differentiated Services Figure 297 IP Application > DiffServ (Standalone mode) Figure 298 IP Application > DiffServ (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 408: Configuring 2-Rate 3 Color Marker Settings

    Chapter 42 Differentiated Services The following table describes the labels in this screen. Table 196 IP Application > DiffServ LABEL DESCRIPTION Active Select this option to enable DiffServ on the Switch. Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot number mode) of the Switch in a stack.
  • Page 409 Chapter 42 Differentiated Services Figure 299 IP Application > DiffServ > 2-rate 3 Color Marker (Standalone mode) Figure 300 IP Application > DiffServ > 2-rate 3 Color Marker (Stacking mode) GS3700/XGS3700 Series User’s Guide...

  • Page 410: Dscp Profile

    Chapter 42 Differentiated Services The following table describes the labels in this screen. Table 197 IP Application > DiffServ > 2-rate 3 Color Marker LABEL DESCRIPTION Active Select this to activate TRTCM (Two Rate Three Color Marker) on the Switch. The Switch evaluates and marks the packets based on the TRTCM settings.

  • Page 411: Dscp-To-Ieee 802.1P Priority Settings

    Chapter 42 Differentiated Services Figure 301 IP Application > DiffServ > 2-rate 3 Color Marker > DSCP Profile The following table describes the labels in this screen. Table 198 IP Application > DiffServ > 2-rate 3 Color Marker > DSCP Profile LABEL DESCRIPTION Profile Name...

  • Page 412: Configuring Dscp Settings

    Chapter 42 Differentiated Services The following table shows the default DSCP-to-IEEE802.1p mapping. Table 199 Default DSCP-IEEE 802.1p Mapping DSCP VALUE 0 – 7 8 – 15 16 – 23 24 – 31 32 – 39 40 – 47 48 – 55 56 –...

  • Page 413: Dhcp

    HAPTER DHCP This chapter shows you how to configure the DHCP feature. 43.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the Switch as a DHCP server or a DHCP relay agent.

  • Page 414: Dhcpv4 Status

    Chapter 43 DHCP and create option 82 profiles. Click the link next to DHCPv6 to open screens where you can configure DHCPv6 settings. Figure 303 IP Application > DHCP 43.3 DHCPv4 Status Click IP Application > DHCP > DHCPv4 in the navigation panel. The DHCP Status screen displays.

  • Page 415: Dhcpv4 Relay

    Chapter 43 DHCP Figure 305 IP Application > DHCP > DHCPv4 > Server Status Detail The following table describes the labels in this screen. Table 202 IP Application > DHCP > DHCPv4 > Server Status Detail LABEL DESCRIPTION Start IP Address This field displays the starting IP address of the IP address pool configured for this DHCP server instance.

  • Page 416: Dhcpv4 Relay Agent Information

    Chapter 43 DHCP The Switch can be configured as a global DHCP relay. This means that the Switch forwards all DHCP requests from all domains to the same DHCP server. You can also configure the Switch to relay DHCP information based on the VLAN membership of the DHCP clients. 43.4.1 DHCPv4 Relay Agent Information The Switch can add information about the source of client DHCP requests that it relays to a DHCP server by adding Relay Agent Information.
  • Page 417 Chapter 43 DHCP Figure 306 IP Application > DHCP > DHCPv4 > Option 82 Profile The following table describes the labels in this screen. Table 206 IP Application > DHCP > DHCPv4 > Option 82 Profile LABEL DESCRIPTION Name Enter a descriptive name for the profile for identification purposes. You can use up to 32 ASCII characters.

  • Page 418: Configuring Dhcpv4 Global Relay

    Chapter 43 DHCP Table 206 IP Application > DHCP > DHCPv4 > Option 82 Profile (continued) LABEL DESCRIPTION Profile Name This field displays the descriptive name of the profile. Click the name to change the settings. Circuit-ID Enable This field displays whether the Circuit ID sub-option is added to client DHCP requests. Field This field displays the information that is included in the Circuit ID sub-option.
  • Page 419 Chapter 43 DHCP Figure 308 IP Application > DHCP > DHCPv4 > Global > Port The following table describes the labels in this screen. Table 208 IP Application > DHCP > DHCPv4 > Global > Port LABEL DESCRIPTION Port Enter the number of port(s) to which you want to apply the specified DHCP option 82 profile.

  • Page 420: Global Dhcp Relay Configuration Example

    Chapter 43 DHCP 43.4.5 Global DHCP Relay Configuration Example The follow figure shows a network example where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server that services the DHCP clients in both domains.
  • Page 421 Chapter 43 DHCP Figure 311 IP Application > DHCP > DHCPv4 > VLAN The following table describes the labels in this screen. Table 209 IP Application > DHCP > DHCPv4 > VLAN LABEL DESCRIPTION Enter the ID number of the VLAN to which these DHCP settings apply. DHCP Status Select whether the Switch should function as a DHCP Server or Relay for the specified VID.

  • Page 422: Dhcpv4 Vlan Port Configure

    Chapter 43 DHCP Table 209 IP Application > DHCP > DHCPv4 > VLAN (continued) LABEL DESCRIPTION Relay Use this section if you want to configure the Switch to function as a DHCP relay for this VLAN. Remote Enter the IP address of a DHCP server in dotted decimal notation. DHCP Server 1 ..

  • Page 423: Example: Dhcp Relay For Two Vlans

    Chapter 43 DHCP The following table describes the labels in this screen. Table 210 IP Application > DHCP > DHCPv4 > VLAN > Port LABEL DESCRIPTION Enter the ID number of the VLAN you want to configure here. Port Enter the number of port(s) to which you want to apply the specified DHCP option 82 profile.

  • Page 424: Dhcpv6 Status

    Chapter 43 DHCP Figure 313 DHCP Relay for Two VLANs DHCP:192.168.1.100 VLAN 1 VLAN 2 DHCP:172.16.10.100 For the example network, configure the VLAN Setting screen as shown. Figure 314 DHCP Relay for Two VLANs Configuration Example EXAMPLE 43.6 DHCPv6 Status Click IP Application >...

  • Page 425: Dhcpv6 Information

    Chapter 43 DHCP Figure 315 IP Application > DHCP > DHCPv6 The following table describes the labels in this screen. Table 211 IP Application > DHCP > DHCPv6 LABEL DESCRIPTION Server Status This section displays configuration settings related to the Switch’s DHCP server mode. Index The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, RFC 3315) is a server-client protocol that allows a DHCP server to assign and pass IPv6 network addresses, prefixes...

  • Page 426: Dhcpv6 Prefix Delegation

    Chapter 43 DHCP The following table describes the labels in this screen. Table 212 IP Application > DHCP > DHCPv6 > Information LABEL DESCRIPTION Active Select this check box to enable the Switch to get DHCPv6 and DNS server settings. Enter the ID number of the VLAN to which the DHCPv6 server belongs here.
  • Page 427 Chapter 43 DHCP Figure 317 IP Application > DHCP > DHCPv6 > Prefix Delegation The following table describes the labels in this screen. Table 213 IP Application > DHCP > DHCPv6 > Prefix Delegation LABEL DESCRIPTION Client DUID Each DHCP client and server has a unique DHCP Unique IDentifier (DUID), which is used for identification when they are exchanging DHCPv6 messages.

  • Page 428: Dhcpv6 Relay

    Chapter 43 DHCP 43.9 DHCPv6 Relay A DHCPv6 relay agent is on the same network as the DHCPv6 clients and helps forward messages between the DHCPv6 server (that’s in another network) and the DHCPv6 clients. The DHCPv6 relay agent can add the remote identification (remote-ID) option and the interface-ID option to the Relay-Forward DHCPv6 messages.
  • Page 429 Chapter 43 DHCP Table 214 IP Application > DHCP > DHCPv6> DHCPv6 Relay (continued) LABEL DESCRIPTION Interface ID Select this option to have the Switch add the interface-ID option in the DHCPv6 requests from the clients in the specified VLAN before the Switch forwards them to a DHCPv6 server. Remote ID Enter a string of up to 64 printable characters to be carried in the remote-ID option.

  • Page 430: Vrrp

    HAPTER VRRP This chapter shows you how to configure and monitor the Virtual Router Redundancy Protocol (VRRP) on the Switch. 44.1 VRRP Overview Each host on a network is configured to send packets to a statically configured default gateway (this Switch). The default gateway can become a single point of failure. Virtual Router Redundancy Protocol (VRRP), defined in RFC 2338, allows you to create redundant backup gateways to ensure that the default gateway of a host is always available.

  • Page 431: Vrrp Status

    Chapter 44 VRRP 44.2 VRRP Status Click IP Application > VRRP in the navigation panel to display the VRRP Status screen as shown next. Figure 320 IP Application > VRRP Status The following table describes the labels in this screen. Table 215 IP Application >...
  • Page 432 Chapter 44 VRRP Click IP Application, VRRP and click the Configuration link to display the VRRP Configuration screen as shown next. Note: You can only configure VRRP on interfaces with unique VLAN IDs. Note: Routing domains with the same VLAN ID are not displayed in the table indicated. Figure 321 IP Application >...

  • Page 433: Vrrp Parameters

    Chapter 44 VRRP 44.3.2 VRRP Parameters This section describes the VRRP parameters. 44.3.2.1 Advertisement Interval The master router sends out Hello messages to let the other backup routers know that it is still up and running. The time interval between sending the Hello messages is the advertisement interval. By default, a Hello message is sent out every second.

  • Page 434: Viewing Vrrp Summary

    Chapter 44 VRRP The following table describes the labels in this screen. Table 217 IP Application > VRRP Configuration: VRRP Parameters LABEL DESCRIPTION Active Select this option to enable this VRRP entry. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes.

  • Page 435: Vrrp Configuration Examples

    Chapter 44 VRRP Table 218 IP Application > VRRP Configuration: Summary (continued) LABEL DESCRIPTION Name This field displays a descriptive name of an entry. Network This field displays the IP address and subnet mask of an interface. VRID This field displays the ID number of a virtual router. Primary VIP This field displays the IP address of the primary virtual router.

  • Page 436: Two Subnets Example

    Chapter 44 VRRP Figure 325 VRRP Example 1: VRRP Parameter Settings on Switch A EXAMPLE Figure 326 VRRP Example 1: VRRP Parameter Settings on Switch B EXAMPLE After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next.
  • Page 437 Chapter 44 VRRP Figure 329 VRRP Configuration Example: Two Virtual Router Network 172.16.1.1 172.16.1.100 172.16.1.10 You need to configure the VRRP Configuration screen for virtual router VR2 on each switch, while keeping the VRRP configuration in example 1 for virtual router VR1 (refer to Section 44.4.2 on page 436).
  • Page 438 Chapter 44 VRRP Figure 332 VRRP Example 2: VRRP Status on Switch A EXAMPLE Figure 333 VRRP Example 2: VRRP Status on Switch B EXAMPLE GS3700/XGS3700 Series User’s Guide...

  • Page 439: Load Sharing

    HAPTER Load Sharing 45.1 Load Sharing Overview The Switch learns the next-hop(s) using ARP and determines routing path(s) for a destination. The Switch supports Equal-Cost MultiPath (ECMP) to forward packets destined to the same device (A for example) through different routing paths (1, 2 and 3) of equal path cost. This allows you to balance or share traffic loads between multiple routing paths when the Switch is connected to more than one next-hop.
  • Page 440 Chapter 45 Load Sharing The following table describes the labels in this screen. Table 219 IP Application > Load Sharing LABEL DESCRIPTION Active Select this option to enable Equal-Cost MultiPath (ECMP) routing on the Switch. Criteria Select the criteria the Switch uses to determine the routing path for a packet. Select src-ip to have the Switch use a hash algorithm to convert a packet’s source IP address into a hash value which acts as an index to a route path.

  • Page 441: Arp Setup

    HAPTER ARP Setup 46.1 ARP Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long.
  • Page 442 Chapter 46 ARP Setup ICMP reply from host B, it sends out an ARP request to get host A’s MAC address and updates the ARP table with host A’s ARP reply. The Switch then can forward host B’s ICMP reply to host A. ARP Request ARP Reply ICMP Request...

  • Page 443: Arp Setup

    Chapter 46 ARP Setup Therefore in the following example, the Switch can learn host A’s MAC address from the ARP request sent by host A. The Switch then forwards host B’s ICMP reply to host A right after getting host B’s MAC address and ICMP reply. ARP Request ARP Reply ICMP Request...
  • Page 444 Chapter 46 ARP Setup Figure 336 IP Application > ARP Setup > ARP Learning The following table describes the labels in this screen. Table 220 IP Application > ARP Setup > ARP Learning LABEL DESCRIPTION Slot (Stacking This field appears only in stacking mode. Click the drop-down list to choose the slot number mode) of the Switch in a stack.

  • Page 445: Static Arp

    Chapter 46 ARP Setup 46.2.2 Static ARP Use this screen to create static ARP entries that will display in the Management > ARP Table screen and will not age out. Click the link next to Static ARP in the IP Application > ARP Setup screen to display the screen as shown.
  • Page 446 Chapter 46 ARP Setup Table 221 IP Application > ARP Setup > Static ARP (continued) LABEL DESCRIPTION Port This field displays the port to which the device connects. Select an entry’s check box to select a specific entry. Otherwise, select the check box in the table heading row to select all entries.

  • Page 447: Maintenance

    HAPTER Maintenance This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 47.1 The Maintenance Screen Use this screen to manage firmware and your configuration files. Click Management > Maintenance in the navigation panel to open the following screen. Management >...

  • Page 448: Firmware Upgrade

    Chapter 47 Maintenance Table 222 Management > Maintenance (continued) LABEL DESCRIPTION Reboot Click Config 1 to reboot the system and load Configuration 1 on the Switch. System Click Config 2 to reboot the system and load Configuration 2 on the Switch. Click Stacking Default to reboot the system and load stacking configurations on the Switch.
  • Page 449 Chapter 47 Maintenance Management > Maintenance > Firmware Upgrade (Stacking mode) Figure 340 The top of firmware upgrade screen shows which firmware version is currently running on the Switch. Type the path and file name of the firmware file you wish to upload to the Switch in the File Path text box or click Browse to locate it.

  • Page 450: Restore A Configuration File

    Chapter 47 Maintenance Table 223 Management > Maintenance> Firmware Upgrade (continued) LABEL DESCRIPTION Version The Switch has two firmware sets, Firmware 1 and Firmware 2, residing in flash. • Running shows the version number (and model code) and MM/DD/YYYY creation date of the firmware currently in use on the Switch (Firmware 1 or Firmware 2).

  • Page 451: Backup A Configuration File

    Chapter 47 Maintenance 47.4 Backup a Configuration File Backing up your Switch configurations allows you to create various “snapshots” of your device from which you may restore at a later date. Back up your current Switch configuration to a computer using the Backup Configuration screen. Figure 342 Management >...

  • Page 452: Save Configuration

    Chapter 47 Maintenance In the web configurator, click the Save button in the top of the screen to make the changes take effect. If you want to access the Switch web configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the default Switch IP address (192.168.1.1).

  • Page 453: Load Factory Default

    Chapter 47 Maintenance In the click the Stacking Default button to clear all Switch configuration information you configured and return to the stacking defaults. Click OK to reset all Switch configurations to the stacking defaults. Figure 345 Load Stacking Default: Start In the web configurator, click the Save button in the top of the screen to make the changes take effect.
  • Page 454 Chapter 47 Maintenance Figure 347 Management > Maintenance > Tech-Support You may need WordPad or similar software to see the log report correctly. The table below describes the fields in the above screen. Table 224 Management > Maintenance > Tech-Support LABEL DESCRIPTION Type a number ranging from 50 to 100 in the CPU threshold box, and type another...

  • Page 455: Ftp Command Line

    Chapter 47 Maintenance Table 224 Management > Maintenance > Tech-Support LABEL DESCRIPTION Mbuf Click Download to see the Mbuf log report. The log includes Mbuf over threshold information. This log report is stored in flash memory. Click Download to see the Read Only Memory (ROM) log report. This report is stored in flash memory.

  • Page 456: Ftp Command Line Procedure

    Chapter 47 Maintenance This is a sample FTP session saving the current configuration to a file called “config.cfg” on your computer. If your (T)FTP client does not allow you to have a destination filename different than the source, you will need to rename them as the Switch only recognizes “config”, “ras-0”, and “ras-1”. Be sure you keep unaltered copies of both files for later use.

  • Page 457: Ftp Restrictions

    Chapter 47 Maintenance 47.9.4 FTP Restrictions FTP will not work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediately. GS3700/XGS3700 Series User’s Guide...

  • Page 458: Access Control

    HAPTER Access Control This chapter describes how to control access to the Switch. 48.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.

  • Page 459: About Snmp

    Chapter 48 Access Control Figure 348 Management > Access Control The following table describes the labels in this screen. Table 228 Management > Access Control LABEL DESCRIPTION SNMP Click this link to configure your SNMP settings. Logins Click this link to assign which users can access the Switch via web configurator at any one time.

  • Page 460: Snmp V3 And Security

    Chapter 48 Access Control network management functions. It executes applications that control and monitor managed devices. The managed devices contain object variables/managed objects that define each piece of information to be collected about a Switch. Examples of variables include number of packets received, node port status and so on.

  • Page 461: Snmp Traps

    Chapter 48 Access Control 48.3.3 SNMP Traps The Switch sends traps to an SNMP manager when an event occurs. The following tables outline the SNMP traps by category. An OID (Object ID) that begins with “1.3.6.1.4.1.890.1.15” is defined in private MIBs. Otherwise, it is a standard MIB OID.
  • Page 462 Chapter 48 Access Control Table 230 SNMP System Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION errdisable zyErrdisableDetect 1.3.6.1.4.1.890.1.15.3.24.4.1 This trap is sent when an error is detected on a port, such as a loop occurs or the rate limit for specific control packets is exceeded.
  • Page 463 Chapter 48 Access Control Table 231 SNMP Stacking Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION Change zyStackingSlotChangeIndex 1.3.6.1.4.1.890.1.15.3.9 Stacking change slot index. 7.4.13 zyStackingPriorityChange 1.3.6.1.4.1.890.1.15.3.9 Staking prority change. 7.4.14 zyStackingTopologyChange 1.3.6.1.4.1.890.1.15.3.9 Staking topology change. 7.4.15 Table 232 SNMP InterfaceTraps OPTION OBJECT LABEL OBJECT ID DESCRIPTION...
  • Page 464 Chapter 48 Access Control Table 232 SNMP InterfaceTraps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION zuld zyZuldUnidirectionalDetected 1.3.6.1.4.1.890.1.15.3.110.3.1 This trap is sent when a unidirectional link is detected. zyZuldBidirectionalRecovered 1.3.6.1.4.1.890.1.15.3.110.3.2 This trap is sent when the port which is shut down by ZULD becomes active again.

  • Page 465: Configuring Snmp

    Chapter 48 Access Control Table 235 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION STPNewRoot 1.3.6.1.2.1.17.0.1 This trap is sent when the STP root switch changes. zyMrstpNewRoot 1.3.6.1.4.1.890.1.15.3.52.3.1 This trap is sent when the MRSTP root switch changes. zyMstpNewRoot 1.3.6.1.4.1.890.1.15.3.53.3.1 This trap is sent when the MSTP root switch changes.

  • Page 466: Configuring Snmp Trap Group

    Chapter 48 Access Control The following table describes the labels in this screen. Table 236 Management > Access Control > SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) values. Version Select the SNMP version for the Switch. The SNMP version on the Switch must match the version on the SNMP manager.

  • Page 467: Enabling/Disabling Sending Of Snmp Traps On A Port

    Chapter 48 Access Control Figure 351 Management > Access Control > SNMP > Trap Group The following table describes the labels in this screen. Table 237 Management > Access Control > SNMP > Trap Group LABEL DESCRIPTION Trap Destination Select one of your configured trap destination IP addresses. These are the IP addresses of the SNMP managers.
  • Page 468 Chapter 48 Access Control Figure 352 Management > Access Control > SNMP > Trap Group > Port (Standalone mode) Figure 353 Management > Access Control > SNMP > Trap Group > Port (Stacking mode) The following table describes the labels in this screen. Table 238 Management >...

  • Page 469: Configuring Snmp User

    Chapter 48 Access Control Table 238 Management > Access Control > SNMP > Trap Group > Port (continued) LABEL DESCRIPTION Port This field displays a port number. In stacking mode, the first number represents the slot and the second the port number. Settings in this row apply to all ports for the Switch represented by the slot ID (in stacking mode).
  • Page 470 Chapter 48 Access Control Table 239 Management > Access Control > SNMP > User (continued) LABEL DESCRIPTION Security Level Select whether you want to implement authentication and/or encryption for SNMP communication from this user. Choose: • noauth -to use the username as the password string to send to the SNMP manager. This is equivalent to the Get, Set and Trap Community in SNMP v2c.

  • Page 471: Setting Up Login Accounts

    Chapter 48 Access Control Table 239 Management > Access Control > SNMP > User (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to begin configuring this screen afresh. 48.4 Setting Up Login Accounts Up to five people (one administrator and four non-administrators) may access the Switch via web configurator at any one time.

  • Page 472: Ssh Overview

    Chapter 48 Access Control Table 240 Management > Access Control > Logins (continued) LABEL DESCRIPTION New Password Enter your new system password. Retype to Retype your new system password for confirmation confirm Edit Logins You may configure passwords for up to four users. These users have read-only access. You can give users higher privileges via the CLI.

  • Page 473: How Ssh Works

    Chapter 48 Access Control 48.6 How SSH works The following table summarizes how a secure connection is established between two remote hosts. Figure 357 How SSH Works Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key.

  • Page 474: Ssh Implementation On The Switch

    Chapter 48 Access Control 48.7 SSH Implementation on the Switch Your Switch supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the Switch for remote management and file transfer on port 22.

  • Page 475: Https Example

    Chapter 48 Access Control Note: If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 48.9 HTTPS Example If you haven’t changed the default HTTPS port on the Switch, then in your browser enter “https:// Switch IP Address/”...
  • Page 476 Chapter 48 Access Control Figure 360 Security Certificate Warning (Internet Explorer 7 or 8) After you log in, you will see the red address bar with the message Certificate Error. Click on Certificate Error next to the address bar and click View certificates. Figure 361 Certificate Error (Internet Explorer 7 or 8) EXAMPLE Click Install Certificate...

  • Page 477: Mozilla Firefox Warning Messages

    Chapter 48 Access Control Figure 362 Certificate (Internet Explorer 7 or 8) 48.9.2 Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server, a This Connection is Untrusted screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button.

  • Page 478: The Main Screen

    Chapter 48 Access Control Confirm the HTTPS server URL matches. Click Confirm Security Exception to proceed to the web configurator login screen. Figure 364 Security Alert (Mozilla Firefox) EXAMPLE 48.9.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears.

  • Page 479: Service Access Control

    Chapter 48 Access Control Figure 365 Example: Lock Denoting a Secure Connection EXAMPLE 48.10 Service Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later).

  • Page 480: Remote Management

    Chapter 48 Access Control The following table describes the fields in this screen. Table 241 Management > Access Control > Service Access Control LABEL DESCRIPTION Services Services you may use to access the Switch are listed here. Active Select this option for the corresponding services that you want to allow to access the Switch. Service Port For Telnet, SSH, FTP, HTTP or HTTPS services, you may change the default service port by typing the new port number in the Service Port field.
  • Page 481 Chapter 48 Access Control The following table describes the labels in this screen. Table 242 Management > Access Control > Remote Management LABEL DESCRIPTION Entry This is the client set index number. A “client set” is a group of one or more “trusted computers”...

  • Page 482: Diagnostic

    HAPTER Diagnostic This chapter explains the Diagnostic screen. You can use this screen to help you identify problems. 49.1 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen. Use this screen to check system logs, ping IP addresses or perform port tests. Figure 368 Management >...
  • Page 483 Chapter 49 Diagnostic The following table describes the labels in this screen. Table 243 Management > Diagnostic LABEL DESCRIPTION Ping Test IPv4 Select this option if you want to ping an IPv4 address, and select which traffic flow (in- band or out-of-band) the Switch is to send ping frames. If you select in-band, the Switch sends the frames to all ports except the management port (labelled MGMT).
  • Page 484 Chapter 49 Diagnostic Table 243 Management > Diagnostic (continued) LABEL DESCRIPTION Pair status Ok: The physical connection between the wire-pair is okay. Open: There is no physical connection (an open circuit detected) between the wire-pair. Short: There is an short circuit detected between the wire-pair. Unknown: The Switch failed to run cable diagnostics on the cable connected this port.

  • Page 485: System Log

    HAPTER System Log 50.1 Overview A log message stores the information for viewing. 50.2 System Log Click Management > System Log in the navigation panel to open this screen. Use this screen to check current system logs. Note: When a log reaches the maximum number of log messages, new log messages automatically overwrite existing log messages, starting with the oldest existing log message first.

  • Page 486: Syslog Setup

    HAPTER Syslog Setup This chapter explains the syslog screens. 51.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server.
  • Page 487 Chapter 51 Syslog Setup Figure 370 Management > Syslog Setup The following table describes the labels in this screen. Table 245 Management > Syslog Setup LABEL DESCRIPTION Syslog Select Active to turn on syslog (system logging) and then configure the syslog setting Logging Type This column displays the names of the categories of logs that the device can generate.
  • Page 488 Chapter 51 Syslog Setup Table 245 Management > Syslog Setup LABEL DESCRIPTION Click Add to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 489: Cluster Management

    HAPTER Cluster Management This chapter introduces cluster management. 52.1 Clustering Management Status Overview Cluster Management allows you to manage switches through one Switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.

  • Page 490: Cluster Management Status

    Chapter 52 Cluster Management Figure 371 Clustering Application Example 52.2 Cluster Management Status Click Management > Cluster Management in the navigation panel to display the following screen. Note: A cluster can only have one manager. Figure 372 Management > Cluster Management GS3700/XGS3700 Series User’s Guide...

  • Page 491: Cluster Member Switch Management

    Chapter 52 Cluster Management The following table describes the labels in this screen. Table 247 Management > Cluster Management LABEL DESCRIPTION Status This field displays the role of this Switch within the cluster. Manager Member (you see this if you access this screen in the cluster member switch directly and not via the cluster manager) None (neither a manager nor a member of a cluster) Manager...

  • Page 492: Uploading Firmware To A Cluster Member Switch

    Chapter 52 Cluster Management Figure 373 Cluster Management: Cluster Member Web Configurator Screen EXAMPLE EXAMPLE 52.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example.

  • Page 493: Clustering Management Configuration

    Chapter 52 Cluster Management The following table explains some of the FTP parameters. Table 248 FTP Upload to Cluster Member Example FTP PARAMETER DESCRIPTION Enter “admin”. User The web configurator password default is 1234. Password Enter this command to list the name of cluster member switch’s firmware and configuration file.
  • Page 494 Chapter 52 Cluster Management The following table describes the labels in this screen. Table 249 Management > Clustering Management > Configuration LABEL DESCRIPTION Clustering Manager Active Select Active to have this Switch become the cluster manager switch. A cluster can only have one manager.

  • Page 495: Mac Table

    HAPTER MAC Table This chapter introduces the MAC Table screen. 53.1 MAC Table Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch, the MAC address of the device is shown on the Switch’s MAC Table.

  • Page 496: Viewing The Mac Table

    Chapter 53 MAC Table 53.2 Viewing the MAC Table Click Management > MAC Table in the navigation panel to display the following screen. Use this screen to search specific MAC addresses. You can also directly add dynamic MAC address(es) into the static MAC forwarding table or MAC filtering table from the MAC table using this screen.
  • Page 497 Chapter 53 MAC Table Table 250 Management > MAC Table (continued) LABEL DESCRIPTION Cancel Click this to begin configuring the search criteria afresh. Index This is the incoming frame index number. MAC Address This is the MAC address of the device from which this incoming frame came. This is the VLAN group to which this frame belongs.

  • Page 498: Ip Table

    HAPTER IP Table This chapter introduces the IP table. 54.1 IP Table Overview The IP Table screen shows how packets are forwarded or filtered across the Switch’s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch, the IP address of the device is shown on the Switch’s IP Table.

  • Page 499: Viewing The Ip Table

    Chapter 54 IP Table 54.2 Viewing the IP Table Click Management > IP Table in the navigation panel to display the following screen. Figure 379 Management > IP Table The following table describes the labels in this screen. Table 251 Management > IP Table LABEL DESCRIPTION Sort by...

  • Page 500: Arp Table

    HAPTER ARP Table This chapter introduces ARP Table. 55.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
  • Page 501 Chapter 55 ARP Table Figure 380 Management > ARP Table The following table describes the labels in this screen. Table 252 Management > ARP Table LABEL DESCRIPTION Condition Specify how you want the Switch to remove ARP entries when you click Flush. Select All to remove all of the dynamic entries from the ARP table.

  • Page 502: Routing Table

    HAPTER Routing Table This chapter introduces the routing table. 56.1 Overview The routing table contains the route information to the network(s) that the Switch can reach. 56.2 Viewing the Routing Table Status Use this screen to view routing table information. Click Management > Routing Table in the navigation panel to display the screen as shown.

  • Page 503: Path Mtu Table

    HAPTER Path MTU Table This chapter introduces the IPv6 Path MTU table. 57.1 Path MTU Overview The largest size (in bytes) of a packet that can be transferred over a data link is called the maximum transmission unit (MTU). The Switch uses Path MTU Discovery to discover Path MTU (PMTU), that is, the minimum link MTU of all the links in a path to the destination.

  • Page 504: Configure Clone

    HAPTER Configure Clone This chapter shows you how you can copy the settings of one port onto other ports. 58.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports.
  • Page 505 Chapter 58 Configure Clone Figure 383 Management > Configure Clone (Standalone) GS3700/XGS3700 Series User’s Guide...
  • Page 506 Chapter 58 Configure Clone Figure 384 Management > Configure Clone (Stacking) The following table describes the labels in this screen. Table 255 Management > Configure Clone LABEL DESCRIPTION Source/ In stacking mode, a port is defined by a slot ID representing the Switch in the stack and a Destination port number.
  • Page 507 Chapter 58 Configure Clone Table 255 Management > Configure Clone (continued) LABEL DESCRIPTION Advanced Select which port settings (configured in the Advanced Application menus) should be Application copied to the destination ports. Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.

  • Page 508: Ipv6 Neighbor Table

    HAPTER IPv6 Neighbor Table This chapter introduces the IPv6 neighbor table. 59.1 IPv6 Neighbor Table Overview An IPv6 host is required to have a neighbor table. If there is an address to be resolved or verified, the Switch sends out a neighbor solicitation message. When the Switch receives a neighbor advertisement in response, it stores the neighbor’s link-layer address in the neighbor table.
  • Page 509 Chapter 59 IPv6 Neighbor Table Table 256 Management > IPv6 Neighbor Table (continued) LABEL DESCRIPTION Status This field displays whether the neighbor IPv6 interface is reachable. In IPv6, “reachable” means an IPv6 packet can be correctly forwarded to a neighbor node (host or router) and the neighbor can successfully receive and handle the packet.

  • Page 510: Troubleshooting

    HAPTER Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Switch Access and Login • Switch Configuration 60.1 Power, Hardware Connections, and LEDs The Switch does not turn on.

  • Page 511: Switch Access And Login

    Chapter 60 Troubleshooting One of the LEDs does not behave as expected. Make sure you understand the normal behavior of the LED. See Section 3.3 on page Check the hardware connections. See Section 3.1 on page Inspect your cables for damage. Contact the vendor to replace any damaged cables. Turn the Switch off and on (in DC models or if the DC power supply is connected in AC/DC models).
  • Page 512 Chapter 60 Troubleshooting • If you changed the IP address, use the new IP address. • If you changed the IP address and have forgotten it, see the troubleshooting suggestions for forgot the IP address for the Switch. Check the hardware connections, and make sure the LEDs are behaving as expected. See Section 3.3 on page Make sure your Internet browser does not block pop-up windows and has JavaScripts and Java...

  • Page 513: Switch Configuration

    Chapter 60 Troubleshooting I cannot see some of Advanced Application submenus at the bottom of the navigation panel. The recommended screen resolution is 1024 by 768 pixels. Adjust the value in your computer and then you should see the rest of Advanced Application submenus at the bottom of the navigation panel.

  • Page 514: Appendix A Common Services

    PP EN D I X Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. •...
  • Page 515 Appendix A Common Services Table 257 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION HTTPS HTTPS is a secured http session often used in e- commerce. ICMP User-Defined Internet Control Message Protocol is often used for diagnostic or routing purposes. 4000 This is a popular Internet chat program.
  • Page 516 Appendix A Common Services Table 257 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. TCP/UDP Secure Shell Remote Login Program.

  • Page 517: Appendix B Ipv6

    PP EN D I X IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 10 addresses.

  • Page 518: Global Address

    Appendix B IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address.
  • Page 519 Appendix B IPv6 Table 260 Reserved Multicast Address (continued) MULTICAST ADDRESS FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).

  • Page 520: Dhcp Relay Agent

    Appendix B IPv6 combines its interface ID and global and subnet information advertised from the router. This is a routable global IP address. DHCPv6 The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, RFC 3315) is a server-client protocol that allows a DHCP server to assign and pass IPv6 network addresses, prefixes and other configuration information to DHCP clients.
  • Page 521 Appendix B IPv6 such as the system name. The interface-ID option provides slot number, port information and the VLAN ID to the DHCPv6 server. The remote-ID option (if any) is stripped from the Relay-Reply messages before the relay agent sends the packets to the clients. The DHCP server copies the interface-ID option from the Relay-Forward message into the Relay-Reply message and sends it to the relay agent.
  • Page 522 Appendix B IPv6 determine whether the destination address is on-link and can be reached directly without passing through a router. If the address is onlink, the address is considered as the next hop. Otherwise, the Switch determines the next-hop from the default router list or routing table. Once the next hop IP address is known, the Switch looks into the neighbor cache to get the link-layer address and sends the packet when the neighbor is reachable.
  • Page 523 Appendix B IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses.
  • Page 524 Appendix B IPv6 Click Start and then OK. Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer.
  • Page 525 Appendix B IPv6 Click Close to exit the Local Area Connection Status screen. Select Start > All Programs > Accessories > Command Prompt. Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection:...

  • Page 526: Appendix C Customer Support

    • Brief description of the problem and the steps you took to solve it. Corporate Headquarters (Worldwide) Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Asia China • ZyXEL Communications (Shanghai) Corp. ZyXEL Communications (Beijing) Corp. ZyXEL Communications (Tianjin) Corp. • http://www.zyxel.cn India • ZyXEL Technology India Pvt Ltd • http://www.zyxel.in Kazakhstan •...
  • Page 527 • ZyXEL Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com/tw/zh/ Thailand • ZyXEL Thailand Co., Ltd • http://www.zyxel.co.th Vietnam • ZyXEL Communications Corporation-Vietnam Office • http://www.zyxel.com/vn/vi Europe Austria • ZyXEL Deutschland GmbH • http://www.zyxel.de GS3700/XGS3700 Series User’s Guide...
  • Page 528 • http://www.zyxel.by Belgium • ZyXEL Communications B.V. • http://www.zyxel.com/be/nl/ • http://www.zyxel.com/be/fr/ Bulgaria • ZyXEL България • http://www.zyxel.com/bg/bg/ Czech Republic • ZyXEL Communications Czech s.r.o • http://www.zyxel.cz Denmark • ZyXEL Communications A/S • http://www.zyxel.dk Estonia • ZyXEL Estonia • http://www.zyxel.com/ee/et/ Finland •...
  • Page 529 • http://www.zyxel.pl Romania • ZyXEL Romania • http://www.zyxel.com/ro/ro Russia • ZyXEL Russia • http://www.zyxel.ru Slovakia • ZyXEL Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • ZyXEL Communications ES Ltd • http://www.zyxel.es Sweden • ZyXEL Communications GS3700/XGS3700 Series User’s Guide...
  • Page 530 Appendix C Customer Support • http://www.zyxel.se Switzerland • Studerus AG • http://www.zyxel.ch/ Turkey • ZyXEL Turkey A.S. • http://www.zyxel.com.tr • ZyXEL Communications UK Ltd. • http://www.zyxel.co.uk Ukraine • ZyXEL Ukraine • http://www.ua.zyxel.com Latin America Argentina • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Brazil •...
  • Page 531 Appendix C Customer Support • http://www.zyxel.com/me/en/ North America • ZyXEL Communications, Inc. - North America Headquarters • http://www.zyxel.com/us/en/ Oceania Australia • ZyXEL Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.za GS3700/XGS3700 Series User’s Guide...
  • Page 532 Appendix C Customer Support GS3700/XGS3700 Series User’s Guide...

  • Page 533: Appendix D Legal Information

    The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved.
  • Page 534 Appendix D Legal Information List of National Codes COUNTRY ISO 3166 2 LETTER CODE COUNTRY ISO 3166 2 LETTER CODE Austria Liechtenstein Belgium Lithuania Bulgaria Luxembourg Croatia Malta Cyprus Netherlands Czech Republic Norway Denmark Poland Estonia Portugal Finland Romania France Serbia Germany Slovakia...
  • Page 535 Appendix D Legal Information Environment Statment European Union - Disposal and Recycling Information WEEE Directive The symbol below means that according to local regulations your product and/or its battery shall be disposed of separately from domestic waste. If this product is end of life, take it to a recycling station designated by local authorities. At the time of disposal, the separate collection of your product and/or its battery will help save natural resources and ensure that the environment is sustainable development.
  • Page 536 Appendix D Legal Information Environmental Product Declaration GS3700/XGS3700 Series User’s Guide...

  • Page 537: Zyxel Limited Warranty

    North American products. Trademarks ZyNOS (ZyXEL Network Operating System) and ZON (ZyXEL One Network)are registered trademarks of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
  • Page 538 Appendix D Legal Information Open Source Licenses This product contains in part some free software distributed under GPL license terms and/or GPL like licenses. Open source licenses are provided with the firmware package. You can download the latest firmware at www.zyxel.com. To obtain the source code covered under those Licenses, please contact support@zyxel.com.tw to get it.

  • Page 539: Index

    Index Index ARP scan Numbers authentication and RADIUS 802.1P priority setup 802.3az authorization privilege levels setup automatic VLAN registration access control limitations login account remote management back up, configuration file service port SNMP basic settings accounting binding setup binding table address learning, MAC building 112, 114...
  • Page 540 Index and QoS editing 206, 207 example daylight saving time overview default gateway setup 201, 205, 206, 207 default IP address viewing 206, 207 DHCP cloning a port See port cloning client IP pool cluster management configuration options and switch passwords modes cluster manager 489, 494...
  • Page 541 Index DUID 25, 455 file transfer procedure dynamic link aggregation restrictions over WAN GARP egress port GARP (Generic Attribute Registration Protocol) Energy Efficient Ethernet GARP terminology error disable detect 326, 330 GARP timer 64, 102 error disable recovery general setup configuration overview getting help...
  • Page 542 Index IGMP filtering profile profiles 231, 237, 238, 241, 242 L2PT IGMP leave timeout access port fast mormal configuration IGMP snooping encapsulation LACP MAC address IGMP throttling mode ingress port overview Installation PAgP Rack-mounting point to point installation freestanding tunnel port precautions UDLD Installing the Fan Module...
  • Page 543 Index loop guard Memory Buffer how it works MGMT port port shut down probe packet and SNMP loop guard, vs STP supported MIBs MIB (Management Information Base) mini GBIC ports connection speed connector type transceiver installation MAC (Media Access Control) transceiver removal MAC address 58, 441, 500...
  • Page 544 Index Multiple Spanning Tree Protocol policy routing benefits Multiple Spanning Tree Protocol, See MSTP. cost savings Multiple STP load sharing Multiple STP, see MSTP overview policy-based routing configuration Port Aggregation Protocol, see PAgP group configuration port authentication network example and RADIUS MVR (Multicast VLAN Registration) IEEE802.1x 187, 192, 256...
  • Page 545 Index trusted ports trusted computers untrusted ports remote port mirroring 162, 167 priority level Removing the Fan Module priority, queue assignment resetting 44, 451, 452, 453 product registration to factory default settings 451, 452, 453 protocol based VLAN restoring configuration 44, 450 and IEEE 802.1Q tagging RFC 3164...
  • Page 546 Index protocol operations Hello Time 139, 141, 144, 146 security how it works setup Max Age 140, 141, 144, 146 traps path cost 132, 140, 145 users port priority 140, 145 version 3 and security port state versions supported root port status SNMP traps 141, 145, 154...
  • Page 547 Index traps acceptable frame type destination automatic registration TRTCM ingress filtering and bandwidth control introduction and DiffServ number of VLANs color-aware mode port number color-blind mode port settings setup port-based VLAN trunk group port-based, all connected trunking port-based, isolation example port-based, wizard trusted ports static VLAN...
  • Page 548 Index master router network example 430, 435 parameters preempt mode 433, 434 priority 433, 434 status uplink gateway uplink status Virtual Router Virtual Router ID VRID warranty note web configurator 25, 37 getting help layout login logout navigation panel weight, queuing Weighted Round Robin Scheduling (WRR) WFQ (Weighted Fair Queuing) WRR (Weighted Round Robin Scheduling...

This manual is also suitable for:

Gs3700 seriesXgs4600 series

Table of Contents