Page 1 GS-2724 Ethernet Switch User’s Guide Version 3.70 4/2007 Edition 1 www.zyxel.com...
Page 3: About This User's Guide
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the GS-2724 using the web configurator or via commands. You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Page 4: Document Conventions
Syntax Conventions • The GS-2724 may be referred to as the “Switch”, the “device”, the “system” or the “product” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
Page 5 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The Switch icon is not an exact representation of your device. Switch Computer Notebook computer Server DSLAM Firewall Telephone Switch Router GS-2724 User’s Guide...
Page 6: Safety Warnings
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device. • The length of exposed (bare) power wire should not exceed 7mm. This product is recyclable. Dispose of it properly. GS-2724 User’s Guide...
Page 7 Safety Warnings GS-2724 User’s Guide...
Page 8 Safety Warnings GS-2724 User’s Guide...
Page 9: Table Of Contents
Queuing Method ........................143 VLAN Stacking ......................... 147 Multicast ..........................153 IP Application ........................165 Static Route ..........................167 RIP ............................169 IGMP ............................171 Differentiated Services ......................173 DHCP ............................177 Management ......................... 185 Maintenance ..........................187 GS-2724 User’s Guide...
Page 10 User and Enable Mode Commands ..................263 Configuration Mode Commands ....................269 Interface Commands ....................... 281 IEEE 802.1Q Tagged VLAN Commands ................. 289 Multicast VLAN Registration Commands ................297 Routing Domain Command Examples ..................299 Troubleshooting ........................301 Appendices and Index ......................303 GS-2724 User’s Guide...
Page 11: Table Of Contents
2.2.3 Mounting the Switch on a Rack .................. 39 Chapter 3 Hardware Overview......................... 41 3.1 Front Panel Connection ...................... 41 3.1.1 Console Port ......................41 3.1.2 Gigabit Ethernet Ports ....................42 3.1.3 SFP Slots ........................42 3.2 Rear Panel .......................... 44 GS-2724 User’s Guide...
Page 12 6.2.1 Status: Port Details ....................66 Chapter 7 Basic Setting .......................... 71 7.1 Overview ..........................71 7.2 System Information ......................71 7.3 General Setup ......................... 73 7.4 Introduction to VLANs ......................75 7.5 Switch Setup Screen ......................76 GS-2724 User’s Guide...
Page 13 11.1.1 STP Terminology ....................101 11.1.2 How STP Works ....................102 11.1.3 STP Port States ..................... 103 11.1.4 Multiple RSTP ...................... 103 11.2 Spanning Tree Protocol Main Screen ................104 11.3 Configure Rapid Spanning Tree Protocol ..............104 GS-2724 User’s Guide...
Page 14 ................124 Chapter 17 Port Security.......................... 127 17.1 About Port Security ......................127 17.2 Port Security Setup ......................127 Chapter 18 Classifier..........................131 18.1 About the Classifier and QoS ..................131 18.2 Configuring the Classifier ....................131 GS-2724 User’s Guide...
Page 15 22.4 IGMP Filtering Profile ..................... 156 22.5 MVR Overview ........................ 158 22.5.1 Types of MVR Ports ....................158 22.5.2 MVR Modes ......................158 22.5.3 How MVR Works ....................158 22.6 General MVR Configuration .................... 159 22.7 MVR Group Configuration ....................161 GS-2724 User’s Guide...
Page 16 27.3 Configuring DHCP Server ....................178 27.3.1 DHCP Server Configuration Example ..............180 27.4 DHCP Relay ........................181 27.4.1 DHCP Relay Agent Information ................181 27.4.2 Configuring DHCP Relay ..................181 27.4.3 DHCP Relay Configuration Example ..............182 Part V: Management................185 GS-2724 User’s Guide...
Page 17 29.8.2 Netscape Navigator Warning Messages ..............201 29.8.3 The Main Screen ....................201 29.9 Service Port Access Control ..................202 29.10 Remote Management ....................203 Chapter 30 Diagnostic..........................205 30.1 Diagnostic ........................205 Chapter 31 Syslog ............................ 207 31.1 Syslog Overview ......................207 GS-2724 User’s Guide...
Page 18 36.2 Viewing the Routing Table ....................223 Chapter 37 Configure Clone ........................225 37.1 Configure Clone ......................225 Part VI: CLI and Troubleshooting ............227 Chapter 38 Introducing Commands....................... 229 38.1 Overview .......................... 229 38.2 Accessing the CLI ......................229 GS-2724 User’s Guide...
Page 19 39.6.2 Resetting to the Factory Default ................268 Chapter 40 Configuration Mode Commands ..................269 40.1 Change the Out of Band Management IP Address ............269 40.2 Enabling IGMP Snooping ....................269 40.3 Configure IGMP Filter ...................... 270 40.4 Enabling STP ........................271 GS-2724 User’s Guide...
Page 20 42.2 Global VLAN1Q Tagged VLAN Configuration Commands ..........290 42.2.1 GARP Status ......................290 42.2.2 GARP Timer ......................290 42.2.3 GVRP Timer ......................291 42.2.4 Enable GVRP ......................291 42.2.5 Disable GVRP ......................291 42.3 Port VLAN Commands ....................291 GS-2724 User’s Guide...
Page 21 Appendix C Pop-up Windows, JavaScripts and Java Permissions ........313 Appendix D IP Addresses and Subnetting ................319 Appendix E Common Services..................... 329 Appendix F Legal Information ....................333 Appendix G Customer Support .................... 337 Index............................341 GS-2724 User’s Guide...
Page 22 Table of Contents GS-2724 User’s Guide...
Page 23: List Of Figures
Figure 34 Static VLAN .......................... 90 Figure 35 VLAN Port Setting ......................... 91 Figure 36 Port Based VLAN Setup (All connected) ................94 Figure 37 Port Based VLAN Setup (Port isolation) ................95 Figure 38 Static MAC Forwarding ......................97 GS-2724 User’s Guide...
Page 24 Figure 75 MVR Group Configuration Example ..................164 Figure 76 Static Routing ........................167 Figure 77 RIP ............................170 Figure 78 IGMP ........................... 171 Figure 79 DiffServ: Differentiated Service Field ..................173 Figure 80 DiffServ Network Example ....................174 Figure 81 DiffServ ..........................174 GS-2724 User’s Guide...
Page 25 Figure 119 IP Table Flowchart ......................219 Figure 120 IP Table ..........................220 Figure 121 ARP Table ......................... 222 Figure 122 Routing Table Status ......................223 Figure 123 Configure Clone ........................ 225 Figure 124 no port-access-authenticator Command Example ............275 GS-2724 User’s Guide...
Page 26 Figure 135 Subnetting Example: After Subnetting ................323 Figure 136 Conflicting Computer IP Addresses Example ..............327 Figure 137 Conflicting Computer IP Addresses Example ..............327 Figure 138 Conflicting Computer and Router IP Addresses Example ..........328 GS-2724 User’s Guide...
Page 27: List Of Tables
Table 33 Link Aggregation Control Protocol Status ................118 Table 34 Link Aggregation ........................120 Table 35 Supported VSA ........................122 Table 36 Supported Tunnel Protocol Attribute ..................122 Table 37 RADIUS ..........................123 Table 38 802.1x ........................... 124 GS-2724 User’s Guide...
Page 28 Table 77 Syslog Server Setup ......................209 Table 78 ZyXEL Clustering Management Specifications ..............211 Table 79 Cluster Management Status ....................213 Table 80 FTP Upload to Cluster Member Example ................214 Table 81 Clustering Management Configuration ................. 215 GS-2724 User’s Guide...
Page 29 Table 110 Subnet 4 ..........................324 Table 111 Eight Subnets ........................324 Table 112 24-bit Network Number Subnet Planning ................325 Table 113 16-bit Network Number Subnet Planning ................325 Table 114 Commonly Used Services ....................329 GS-2724 User’s Guide...
Page 30 List of Tables GS-2724 User’s Guide...
Page 31: Introduction And Hardware
Introduction and Hardware Getting to Know Your Switch (33) Hardware Installation and Connection (37) Hardware Overview (41)
Page 33: Getting To Know Your Switch
Switch’s port or connect other switches to the Switch. In this example, all computers can share high-speed applications on the server. To expand the network, simply add more networking devices such as switches, routers, computers, print servers etc. Figure 1 Backbone Application GS-2724 User’s Guide...
Page 34: Bridging Example
ATM at much lower cost while still being able to use existing adapters and switches. Moreover, the current LAN structure can be retained as all ports can freely communicate with each other. Figure 3 High Performance Switched Workgroup Application GS-2724 User’s Guide...
Page 35: Ieee 802.1Q Vlan Application Examples
Shared resources such as a server can be used by all ports in the same VLAN as the server. In the following figure only ports that need access to the server need to be part of VLAN 1. Ports can belong to other VLAN groups too. Figure 4 Shared Server Using VLAN Example GS-2724 User’s Guide...
Page 36 Chapter 1 Getting to Know Your Switch GS-2724 User’s Guide...
Page 37: Hardware Installation And Connection
5 Attach the rubber feet to each corner on the bottom of the Switch. These rubber feet help protect the Switch from shock or vibration and ensure space between devices when stacking. Figure 5 Attaching Rubber Feet GS-2724 User’s Guide...
Page 38: Mounting The Switch On A Rack
2.2.2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the Switch, lining up the four screw holes on the bracket with the screw holes on the side of the Switch. GS-2724 User’s Guide...
Page 39: Mounting The Switch On A Rack
Figure 7 Mounting the Switch on a Rack 2 Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. 3 Repeat steps to attach the second mounting bracket on the other side of the rack. GS-2724 User’s Guide...
Page 40 Chapter 2 Hardware Installation and Connection GS-2724 User’s Guide...
Page 41: Hardware Overview
Ethernet switches (see Section 3.1.3 on page 42 for instructions). 3.1.1 Console Port For local management, you can use a computer with terminal emulation software configured to the following parameters: • VT100 terminal emulation • 9600 bps GS-2724 User’s Guide...
Page 42: Gigabit Ethernet Ports
Ethernet switches with different types of fiber-optic connectors. • Type: SFP connection interface • Connection speed: 1 Gigabit per second (Gbps) To avoid possible eye injury, do NOT look into an operating fiber-optic module’s connectors. GS-2724 User’s Guide...
Page 43: Figure 9 Transceiver Installation Example
Use the following steps to remove a mini-GBIC transceiver (SFP module). 1 Open the transceiver’s latch (latch styles vary). Figure 11 Opening the Transceiver’s Latch Example 2 Pull the transceiver out of the slot. Figure 12 Transceiver Removal Example GS-2724 User’s Guide...
Page 44: Rear Panel
The system is receiving power from the backup power supply. The backup power supply is connected and active. The backup power supply is not ready or not active. Green The system is turned on. The system is off. GS-2724 User’s Guide...
Page 45 The link to a 10/1000 Mbps Ethernet network is down. Amber Blinking The port is sending/receiving data. The link to a 100 Mbps Ethernet network is up. The link to a 100 Mbps Ethernet network is down. GS-2724 User’s Guide...
Page 46 Chapter 3 Hardware Overview GS-2724 User’s Guide...
Page 47: Basic Configuration
Basic Configuration The Web Configurator (49) Initial Setup Example (59) System Status and Port Statistics (65) Basic Setting (71)
Page 49: The Web Configurator
3 The login screen appears. The default username is admin and associated default password is 1234. The date and time display as shown if you have not configured a time server nor manually entered a time and date in the General Setup screen. GS-2724 User’s Guide...
Page 50: The Status Screen
A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window. B, C, D, E - These are quick links which allow you to perform certain tasks no matter which screen you are currently working in. GS-2724 User’s Guide...
Page 51: Table 3 Navigation Panel Sub-Links Overview
E - Click this link to display web help pages. The help pages provide descriptions for all of the configuration screens. In the navigation panel, click a main link to reveal a list of submenu links. Table 3 Navigation Panel Sub-links Overview ADVANCED BASIC SETTING IP APPLICATION MANAGEMENT APPLICATION GS-2724 User’s Guide...
Page 52: Table 4 Web Configurator Screen Sub-Links Details
(necessary for Switch management) and DNS (domain name server) and set up to 64 IP routing domains. Port Setup This link takes you to screens where you can configure settings for individual Switch ports. Advanced Application GS-2724 User’s Guide...
Page 53 Access Control This link takes you to screens where you can change the system login password and configure SNMP and remote management. Diagnostic This link takes you to screens where you can view system logs and test port(s). GS-2724 User’s Guide...
Page 54: Change Your Password
4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. GS-2724 User’s Guide...
Page 55: Switch Lockout
9600 bps with 8 data bits, no parity, one stop bit and flow control set to none. The password will also be reset to “1234” and the IP address to 192.168.1.1. To upload the configuration file, do the following: GS-2724 User’s Guide...
Page 56: Figure 18 Resetting The Switch: Via The Console Port
(Compressed) Version: GS-2724, start: 500e9030 Length: A37326, Checksum: 2411 Compressed Length: 22F7C8, Checksum: CA3C Copyright (c) 1994 - 2006 ZyXEL Communications Corp. initialize mgmt, ethernet address: 00:19:cb:00:11:f9 initialize switch, ethernet address: 00:19:cb:00:11:fa Initializing switch unit 0... Initializing switch unit 1...
Page 57: Logging Out Of The Web Configurator
Figure 19 Web Configurator: Logout Screen 4.8 Help The web configurator’s online help has descriptions of individual screens and some supplementary information. Click the Help link from a web configurator screen to view an online help description of that screen. GS-2724 User’s Guide...
Page 58 Chapter 4 The Web Configurator GS-2724 User’s Guide...
Page 59: Initial Setup Example
Switch to route traffic between the RD and Sales networks. Figure 20 Initial Setup Network Example: IP Interface 1 Connect your computer to the MGMT port that is used only for management. Make sure your computer is in the same subnet as the MGMT port. GS-2724 User’s Guide...
Page 60: Configuring Dhcp Server Settings
IP address pool, subnet mask, default gateway address and the DNS server address(es). 3 Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. GS-2724 User’s Guide...
Page 61: Creating A Vlan
1 Click Advanced Application and VLAN in the navigation panel and click the Static VLAN link. 2 In the Static VLAN screen, select ACTIVE, enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network. GS-2724 User’s Guide...
Page 62: Setting Port Vid
Settings in the run-time memory are lost when the Switch’s power is turned off. 5.1.5 Enabling RIP To exchange routing information with other routing devices across different routing domains, enable RIP (Routing Information Protocol) in the RIP screen. GS-2724 User’s Guide...
Page 63 3 In the Version field, select RIP-1 for the RIP packet format that is universally supported. 4 Click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. GS-2724 User’s Guide...
Page 64 Chapter 5 Initial Setup Example GS-2724 User’s Guide...
Page 65: System Status And Port Statistics
This identifies the Ethernet port. Click a port number to display the Port Details screen (refer to Figure 24 on page 67). Name This is the name you assigned to this port in the Basic Setting, Port Setup screen. GS-2724 User’s Guide...
Page 66: Status: Port Details
6.2.1 Status: Port Details Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the Switch. GS-2724 User’s Guide...
Page 67: Figure 24 Port Details
This field shows the number of received errors on this port. Tx KB/s This field shows the number kilobytes per second transmitted on this port. Rx KB/s This field shows the number of kilobytes per second received on this port. GS-2724 User’s Guide...
Page 68 This field shows the number of packets (including bad packets) received that were between 128 and 255 octets in length. 256-511 This field shows the number of packets (including bad packets) received that were between 256 and 511 octets in length. GS-2724 User’s Guide...
Page 69 This field shows the number of packets (including bad packets) received that were 1518 between 1024 and 1518 octets in length. Giant This field shows the number of packets dropped because they were bigger than the maximum frame size. GS-2724 User’s Guide...
Page 70 Chapter 6 System Status and Port Statistics GS-2724 User’s Guide...
Page 71: Basic Setting
7.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the Switch’s temperature, fan speeds and voltage in this screen. GS-2724 User’s Guide...
Page 72: Figure 25 System Info
(RPM) ventilated, cool operating environment) in order for the device to stay within the temperature threshold. Each fan has a sensor that is capable of detecting and reporting if the fan speed falls below the threshold shown. GS-2724 User’s Guide...
Page 73: General Setup
Error is displayed. 7.3 General Setup Use this screen to configure general settings such as the system name and time. Click Basic Setting > General Setup in the navigation panel to display the screen as shown. GS-2724 User’s Guide...
Page 74: Figure 26 General Setup
Switch then checks the user database on the specified RADIUS server. You need to configure Port Authentication Radius first. Select RADIUS Only to have the Switch just check the user database on the specified RADIUS server for a login username, password and the access privilege. GS-2724 User’s Guide...
Page 75: Introduction To Vlans
When properly configured, VLAN prevents one subscriber from accessing the network resources of another on the same LAN, thus a user will not see the printers and hard disks of another user in the same building. GS-2724 User’s Guide...
Page 76: Switch Setup Screen
Click Basic Setting > Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN. Figure 27 Switch Setup GS-2724 User’s Guide...
Page 77: Table 10 Switch Setup
This is for “spare bandwidth”. Level 1 This is typically used for non-critical “background” traffic such as bulk transfers that are allowed but that should not affect other applications and users. Level 0 Typically used for best-effort traffic. GS-2724 User’s Guide...
Page 78: Ip Setup
You can configure multiple routing domains on the same VLAN as long as the IP address ranges for the domains do not overlap. To change the IP address of the Switch in a routing domain, simply add a new routing domain entry with a different IP address in the same subnet. GS-2724 User’s Guide...
Page 79: Figure 28 Ip Setup
Select In-Band to have the Switch send the packets to all ports except the management port (labelled MGMT) to which connected device(s) do not receive these packets. Management Use these fields to set the settings for the out-of-band management port. IP Address GS-2724 User’s Guide...
Page 80: Port Setup
Note: Deleting all IP subnets locks you out from the Switch. Cancel Click Cancel to clear the Delete check boxes. 7.7 Port Setup Use this screen to configure the Switch’s port settings. Click Basic Setting > Port Setup in the navigation panel to display the configuration screen. GS-2724 User’s Guide...
Page 81: Figure 29 Port Setup
When the Switch’s auto-negotiation is turned off, a port uses the pre- configured speed and duplex mode when making a connection, thus requiring you to make sure that the settings of the peer port are the same in order to connect. GS-2724 User’s Guide...
Page 82 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 83: Advanced
Advanced VLAN (85) Static MAC Forward Setup (97) Filtering (99) Spanning Tree Protocol (101) Bandwidth Control (111) Broadcast Storm Control (113) Mirroring (115) Link Aggregation (117) Port Authentication (121) Port Security (127) Classifier (131) Policy Rule (137) Queuing Method (143) VLAN Stacking (147) Multicast (153)
Page 85: Vlan
A broadcast frame (or a multicast frame for a multicast group that is known by the system) is duplicated only on ports that are members of the VID (except the ingress port itself), thus confining the broadcast to a specific domain. GS-2724 User’s Guide...
Page 86: Automatic Vlan Registration
You may choose to accept both tagged and untagged Type incoming frames, just tagged incoming frames or just untagged incoming frames on a port. Ingress filtering If set, the Switch discards incoming frames for VLANs that do not have this port as a member GS-2724 User’s Guide...
Page 87: Port Vlan Trunking
VLAN group tags 1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s). Figure 30 Port VLAN Trunking 8.4 Select the VLAN Type Select a VLAN type in the Switch Setup screen. Figure 31 Switch Setup: Select VLAN Type GS-2724 User’s Guide...
Page 88: Static Vlan
Multicast VLAN Registration (MVR). Change Pages Click Previous or Next to show the previous/next screen if all status information cannot be seen in one screen. GS-2724 User’s Guide...
Page 89: Static Vlan Details
Use this screen to configure and view 802.1Q VLAN parameters for the Switch. See Section 8.1 on page 85 for more information on static VLAN. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. GS-2724 User’s Guide...
Page 90: Figure 34 Static Vlan
Select Fixed for the port to be a permanent member of this VLAN group. Select Forbidden if you want to prohibit the port from joining this VLAN group. Tagging Select TX Tagging if you want the port to tag all outgoing frames transmitted with this VLAN Group ID. GS-2724 User’s Guide...
Page 91: Configure Vlan Port Settings
Use the VLAN Port Setting screen to configure the static VLAN (IEEE 802.1Q) settings on a port. See Section 8.1 on page 85 for more information on static VLAN. Click the VLAN Port Setting link in the VLAN Status screen. Figure 35 VLAN Port Setting GS-2724 User’s Guide...
Page 92: Port-Based Vlan Setup
(an egress port is an outgoing port, that is, a port through which a data packet leaves) for both ports. Port-based VLANs are specific only to the switch on which they were created. GS-2724 User’s Guide...
Page 93: Configure A Port-Based Vlan
Ethernet ports. 8.6.1 Configure a Port-based VLAN Select Port Based as the VLAN Type in the Switch Setup screen and then click Advanced Application > VLAN from the navigation panel to display the next screen. GS-2724 User’s Guide...
Page 94: Figure 36 Port Based Vlan Setup (All Connected)
Chapter 8 VLAN Figure 36 Port Based VLAN Setup (All connected) GS-2724 User’s Guide...
Page 95: Figure 37 Port Based Vlan Setup (Port Isolation)
CPU refers to the Switch management port. By default it forms a VLAN with all Ethernet ports. If it does not form a VLAN with a particular port then the Switch cannot be managed from that port. GS-2724 User’s Guide...
Page 96 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 97: Static Mac Forward Setup
Switch. See Chapter 17 on page 127 for more information on port security. Click Advanced Applications > Static MAC Forwarding in the navigation panel to display the configuration screen as shown. Figure 38 Static MAC Forwarding GS-2724 User’s Guide...
Page 98: Table 19 Static Mac Forwarding
This field displays the port where the MAC address shown in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. GS-2724 User’s Guide...
Page 99: Filtering
Make sure to select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by deselecting this check box. Name Type a descriptive name (up to 32 printable ASCII characters) for this rule. This is for identification only. GS-2724 User’s Guide...
Page 100 This field displays the VLAN group identification number. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. GS-2724 User’s Guide...
Page 101: Spanning Tree Protocol
Both RSTP and STP flush unwanted learned addresses from the filtering database. In RSTP, the port states are Discarding, Learning, and Forwarding. In this user’s guide, “STP” refers to both STP and RSTP. 11.1.1 STP Terminology The root bridge is the base of the spanning tree. GS-2724 User’s Guide...
Page 102: How Stp Works
BPDU after a predefined interval (Max Age), the bridge assumes that the link to the root bridge is down. This bridge then initiates negotiations with other bridges to reconfigure the network to re-establish a valid network topology. GS-2724 User’s Guide...
Page 103: Stp Port States
In the following example, there are two RSTP instances (MRSTP 1 and MRSTP2) on switch To set up MRSTP, activate MRSTP on the Switch and specify which port(s) belong to which spanning tree. Each port can belong to one STP tree only. Figure 40 MRSTP Network Example GS-2724 User’s Guide...
Page 104: Spanning Tree Protocol Main Screen
Section 11.5 on page 107. 11.3 Configure Rapid Spanning Tree Protocol Use this screen to configure RSTP settings, see Section 11.1 on page 101 for more information on RSTP. Click RSTP in the Advanced Application > Spanning Tree Protocol screen. GS-2724 User’s Guide...
Page 105: Figure 42 Rapid Spanning Tree Protocol
(provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the Switch ports attached to the network. The allowed range is 6 to 40 seconds. GS-2724 User’s Guide...
Page 106: Rapid Spanning Tree Protocol Status
Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 11.1 on page 101 for more information on RSTP. This screen is only available after you activate RSTP on the Switch. GS-2724 User’s Guide...
Page 107: Configure Multiple Rapid Spanning Tree Protocol
This is the time since the spanning tree was last reconfigured. Change 11.5 Configure Multiple Rapid Spanning Tree Protocol To configure MRSTP, select MRSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 11.1 on page 101 for more information on MRSTP. GS-2724 User’s Guide...
Page 108: Figure 44 Multiple Rapid Spanning Tree Protocol
(provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the Switch ports attached to the network. The allowed range is 6 to 40 seconds. GS-2724 User’s Guide...
Page 109: Multiple Rapid Spanning Tree Protocol Status
Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 11.1 on page 101 for more information on MRSTP. This screen is only available after you activate MRSTP on the Switch. GS-2724 User’s Guide...
Page 110: Figure 45 Multiple Rapid Spanning Tree Protocol Status
Spanning Tree. Topology This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change GS-2724 User’s Guide...
Page 111: Bandwidth Control
The CIR should be less than the PIR. The sum of CIRs cannot be greater than or equal to the uplink bandwidth. 12.2 Bandwidth Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. GS-2724 User’s Guide...
Page 112: Figure 46 Bandwidth Control
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 113: Broadcast Storm Control
DLF packets in your network. You can specify limits for each packet type on each port. Click Advanced Application > Broadcast Storm Control in the navigation panel to display the screen as shown next. Figure 47 Broadcast Storm Control GS-2724 User’s Guide...
Page 114: Table 29 Broadcast Storm Control
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 115: Mirroring
Click Advanced Application > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 48 Mirroring GS-2724 User’s Guide...
Page 116: Table 30 Mirroring
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 117: Link Aggregation
• All ports in the same trunk group must have the same media type, speed, duplex mode and flow control settings. Configure trunk groups or LACP before you connect the Ethernet switch to avoid causing network topology loops. GS-2724 User’s Guide...
Page 118: Link Aggregation Id
Refer to Section 15.2.1 on page 118 for more information on this field. Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port. GS-2724 User’s Guide...
Page 119: Link Aggregation Setup
15.4 Link Aggregation Setup Click Configuration in the Link Aggregation Control Protocol Status screen to display the screen shown next. See Section 15.1 on page 117 for more information on link aggregation. Figure 50 Link Aggregation GS-2724 User’s Guide...
Page 120: Table 34 Link Aggregation
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 121: Port Authentication
At the time of writing, only Windows XP of the Microsoft operating systems supports it. See the Microsoft web site for information on other Windows operating system support. For other operating systems, see its documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. GS-2724 User’s Guide...
Page 122: Table 35 Supported Vsa
Switch to a VLAN (fixed, untagged). This will also set the port’s VID. Refer to RFC 3580 for more information. Table 36 Supported Tunnel Protocol Attribute FUNCTION ATTRIBUTE VLAN Assignment Tunnel-Type = VLAN(13) Tunnel-Medium-Type = 802(6) Tunnel-Private-Group-ID = VLAN ID Note: You must also create a VLAN with the specified VID on the Switch. GS-2724 User’s Guide...
Page 123: Port Authentication Configuration
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 124: Activate Ieee 802.1X Security
Specify if a subscriber has to periodically re-enter his or her username and password to stay connected to the port. Reauthenticatio Specify how often a client has to re-enter his or her username and password to stay n Timer connected to the port. GS-2724 User’s Guide...
Page 125 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 126 Chapter 16 Port Authentication GS-2724 User’s Guide...
Page 127: Port Security
MAC address learning as this will result in many broadcasts. By default, MAC address learning is still enabled even though the port security is not activated. 17.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. GS-2724 User’s Guide...
Page 128: Figure 55 Port Security
MAC addresses aged out. MAC address aging out time can be set in the Switch Setup screen. The valid range is from “0” to “16384”. “0” means this feature is disabled. GS-2724 User’s Guide...
Page 129 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 130 Chapter 17 Port Security GS-2724 User’s Guide...
Page 131: Classifier
(or policy) to act upon the traffic that matches the rules. To configure policy rules, refer to Chapter 19 on page 137. Click Advanced Application > Classifier in the navigation panel to display the configuration screen as shown. GS-2724 User’s Guide...
Page 132: Figure 56 Classifier
Select Any to classify traffic from any VLAN or select the second option and specify the source VLAN ID in the field provided. Priority Select Any to classify traffic from any priority level or select the second option and specify a priority level in the field provided. GS-2724 User’s Guide...
Page 133 Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to reset the fields back to your previous configuration. Clear Click Clear to set the above fields back to the factory defaults. GS-2724 User’s Guide...
Page 134: Viewing And Editing Classifier Configuration
ETHERNET TYPE PROTOCOL NUMBER IP ETHII 0800 X.75 Internet 0801 NBS Internet 0802 ECMA Internet 0803 Chaosnet 0804 X.25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 GS-2724 User’s Guide...
Page 135: Classifier Example
The following screen shows an example where you configure a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. After you have configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow. GS-2724 User’s Guide...
Page 136: Figure 58 Classifier: Example
Chapter 18 Classifier Figure 58 Classifier: Example GS-2724 User’s Guide...
Page 137: Policy Rule
DiffServ network. Based on the marking rule, different kinds of traffic can be marked for different kinds of forwarding. Resources can then be allocated according to the DSCP values and the configured policies. GS-2724 User’s Guide...
Page 138: Configuring Policy Rules
19.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 18.2 on page 131 for more information. Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown. GS-2724 User’s Guide...
Page 139: Figure 59 Policy
Chapter 19 Policy Rule Figure 59 Policy GS-2724 User’s Guide...
Page 140: Table 44 Policy
Select Replace the IP TOS with the 802.1 priority value to replace the TOS field with the value you configure in the Priority field. Select Set the Diffserv Codepoint field in the frame to set the DSCP field with the value you configure in the DSCP field. GS-2724 User’s Guide...
Page 141: Viewing And Editing Policy Configuration
This field displays the name you have assigned to this policy. Classifier(s) This field displays the name(s) of the classifier to which this policy applies. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. GS-2724 User’s Guide...
Page 142: Policy Example
The figure below shows an example Policy screen where you configure a policy to limit bandwidth and discard out-of-profile traffic on a traffic flow classified using the Example classifier (refer to Section 18.4 on page 135). Figure 61 Policy: Example GS-2724 User’s Guide...
Page 143: Queuing Method
Queues with larger weights get more service than queues with smaller weights. This queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues and returns to queues that have not yet emptied. GS-2724 User’s Guide...
Page 144: Configuring Queuing
Cancel Click Cancel to begin configuring this screen afresh. Calculate Click Calculate to make sure the WFQ queuing weights total to 100%; if not an error message is displayed. GS-2724 User’s Guide...
Page 145 Chapter 20 Queuing Method GS-2724 User’s Guide...
Page 146 Chapter 20 Queuing Method GS-2724 User’s Guide...
Page 147: Vlan Stacking
VLANs within its network by adding tag 37 to distinguish customer A and tag 48 to distinguish customer B at edge device 1 and then stripping those tags at edge device 2 as the data frames leave the network. GS-2724 User’s Guide...
Page 148: Vlan Stacking Port Roles
All VLANs belonging to a customer can be aggregated into a single service provider's VLAN (using the outer VLAN tag defined by SP VID). Static VLAN Tx Tagging MUST be enabled on a port where you choose Tunnel Port. GS-2724 User’s Guide...
Page 149: Vlan Tag Format
FCS Double-tagged Etype frame Table 49 802.1Q Frame Destination Address Priority 802.1p Priority Source Address Len/ Length and type of Ethernet frame Etype (SP)TPID (Service Provider) Tag Protocol IDentifier Data Frame data VLAN ID Frame Check Sequence GS-2724 User’s Guide...
Page 150: Configuring Vlan Stacking
Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. GS-2724 User’s Guide...
Page 151 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS-2724 User’s Guide...
Page 152 Chapter 21 VLAN Stacking GS-2724 User’s Guide...
Page 153: Multicast
IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP packets passing through it, picks out the group registration information, and configures multicasting accordingly. IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them. GS-2724 User’s Guide...
Page 154: Multicast Status
Multicast Group This field displays IP multicast group addresses. 22.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 22.1 on page 153 for more information on multicasting. GS-2724 User’s Guide...
Page 155: Figure 66 Multicast Setting
Select Active to enable IGMP filtering to control which IGMP groups a subscriber on a port can join. Unknown Specify the action to perform when the Switch receives an unknown multicast Multicast Frame frame. Select Drop to discard the frame(s). Select Flooding to send the frame(s) to all ports. GS-2724 User’s Guide...
Page 156: Igmp Filtering Profile
Section 22.3 on page 154). Clients connected to those ports are then permitted to join the multicast groups specified in the profile. Each port can be assigned a single profile only. A profile can be assigned to multiple ports. GS-2724 User’s Guide...
Page 157: Figure 67 Igmp Filtering Profile
Delete Profile column, then click the Delete button. To delete a rule(s) from a profile, select the rule(s) that you want to remove in the Delete Rule column, then click the Delete button. Cancel Click Cancel to clear the Delete Profile/Delete Rule check boxes. GS-2724 User’s Guide...
Page 158: Mvr Overview
The following figure shows a multicast television example where a subscriber device (such as a computer) in VLAN 1 receives multicast traffic from the streaming media server, S, via the Switch. Multiple subscriber devices can connect through a port configured as the receiver on the Switch. GS-2724 User’s Guide...
Page 159: General Mvr Configuration
You can create up to three multicast VLANs and up to 256 multicast rules on the Switch. Your Switch automatically creates a static VLAN (with the same VID) when you create a multicast VLAN in this screen. GS-2724 User’s Guide...
Page 160: Figure 70 Mvr
Specify the MVR mode on the Switch. Choices are Dynamic and Compatible. Select Dynamic to send IGMP reports to all MVR source ports in the multicast VLAN. Select Compatible to set the Switch not to send IGMP reports. Port This field displays the port number on the Switch. GS-2724 User’s Guide...
Page 161: Mvr Group Configuration
Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. GS-2724 User’s Guide...
Page 162: Mvr Configuration Example
VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S. Computers A, B and C in VLAN are able to receive the traffic. GS-2724 User’s Guide...
Page 163: Figure 72 Mvr Configuration Example
To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. GS-2724 User’s Guide...
Page 164: Figure 74 Mvr Group Configuration Example
Chapter 22 Multicast Figure 74 MVR Group Configuration Example Figure 75 MVR Group Configuration Example GS-2724 User’s Guide...
Page 165: Ip Application
IP Application Static Route (167) RIP (169) IGMP (171) Differentiated Services (173) DHCP (177)
Page 167: Static Route
If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID. GS-2724 User’s Guide...
Page 168 Switch that will forward the packet to the destination. Metric This field displays the cost of transmission for routing purposes. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. GS-2724 User’s Guide...
Page 169: Rip
Click IP Application > RIP in the navigation panel to display the screen as shown. You cannot manually configure a new entry. Each entry in the table is automatically created when you configure a new IP domain in the IP Setup screen (refer to Section 7.6 on page 78). GS-2724 User’s Guide...
Page 170: Figure 77 Rip
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring the fields again. GS-2724 User’s Guide...
Page 171: Igmp
Click IP Application > IGMP in the navigation panel to display the screen as shown next. Each entry in the table is automatically created when you configure a new IP domain in the IP Setup screen (refer to Section 7.6 on page 78). Figure 78 IGMP GS-2724 User’s Guide...
Page 172: Table 58 Igmp
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring the fields again. GS-2724 User’s Guide...
Page 173: Differentiated Services
Resources can then be allocated according to the DSCP values and the configured policies. 26.1.2 DiffServ Network Example The following figure depicts a simple DiffServ network consisting of a group of contiguous DiffServ-compliant network devices. GS-2724 User’s Guide...
Page 174: Activating Diffserv
The following table describes the labels in this screen. Table 59 DiffServ LABEL DESCRIPTION Active Select this option to enable DiffServ on the Switch. Port This field displays the index number of a port on the Switch. GS-2724 User’s Guide...
Page 175: Dscp-To-Ieee 802.1P Priority Settings
48 – 55 56 – 63 IEEE 802.1p 26.3.1 Configuring DSCP Settings To change the DSCP-IEEE 802.1p mapping, click the DSCP Setting link in the DiffServ screen to display the screen as shown next. Figure 82 DSCP Setting GS-2724 User’s Guide...
Page 176: Table 61 Dscp Setting
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. GS-2724 User’s Guide...
Page 177: Dhcp
Ethernet device (the DHCP server) for the necessary IP information, and then relays the assigned information back to the computer. 27.2 DHCP Server Status Click IP Application > DHCP in the navigation panel. The DHCP Server Status screen displays. GS-2724 User’s Guide...
Page 178: Configuring Dhcp Server
Set Interval. Stop Click Stop to end status polling. 27.3 Configuring DHCP Server Use this screen to configure your DHCP server settings. Click IP Application > DHCP > Server to display the DHCP Server Status screen. GS-2724 User’s Guide...
Page 179: Figure 84 Dhcp Server
This field displays the ID number of the VLAN group to which this DHCP settings apply. Type This field displays Server for the DHCP mode. DHCP Status This field displays the starting and the size of DHCP client IP address. GS-2724 User’s Guide...
Page 180: Dhcp Server Configuration Example
DHCP clients in the RD and Sales network. Figure 85 DHCP Server Network Example In the DHCP Server screen, configure two DHCP client IP address pools for the two networks. The following shows an example. Figure 86 DHCP Server Configuration Example GS-2724 User’s Guide...
Page 181: Dhcp Relay
• System name (up to 32 bytes, this is optional) 27.4.2 Configuring DHCP Relay Configure DHCP relay in the DHCP Relay screen. Click IP Application > DHCP > Relay to display the screen as shown. Figure 87 DHCP Relay GS-2724 User’s Guide...
Page 182: Dhcp Relay Configuration Example
Switch to send additional information (such as the VLAN ID) together with the DHCP requests to the DHCP server. This allows the DHCP server to assign the appropriate IP address according to the VLAN ID. GS-2724 User’s Guide...
Page 183: Figure 89 Dhcp Relay Configuration Example
Chapter 27 DHCP Figure 89 DHCP Relay Configuration Example GS-2724 User’s Guide...
Page 184 Chapter 27 DHCP GS-2724 User’s Guide...
Page 185: Management
Management Maintenance (187) Access Control (193) Diagnostic (205) Syslog (207) Cluster Management (211) MAC Table (217) IP Table (219) ARP Table (221) Routing Table (223) Configure Clone (225)
Page 187: Maintenance
Click Click Here to go to the Restore Configuration screen. Configuratio Backup Click Click Here to go to the Backup Configuration screen. Configuratio Load Click Click Here to reset the configuration to the factory default settings. Factory Default GS-2724 User’s Guide...
Page 188: Firmware Upgrade
After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. 28.3 Restore a Configuration File Restore a previously saved configuration from your computer to the Switch using the Restore Configuration screen. GS-2724 User’s Guide...
Page 189: Backup A Configuration File
Follow the steps below to reset the Switch back to the factory defaults. 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear all Switch configuration information you configured and return to the factory defaults. GS-2724 User’s Guide...
Page 190: Save Configuration
2 Click OK again and then wait for the Switch to restart. This takes up to two minutes. This does not affect the Switch’s configuration. Click Config 2 and follow steps 1 to 2 to reboot and load configuration two on the Switch. GS-2724 User’s Guide...
Page 191: Ftp Command Line
1 Launch the FTP client on your computer. 2 Enter , followed by a space and the IP address of your Switch. open 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234”). GS-2724 User’s Guide...
Page 192: Gui-Based Ftp Clients
• FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the Telnet session immediately. GS-2724 User’s Guide...
Page 193: Access Control
Section 38.11.2 on page 237 for more information on disabling multi-login. 29.2 The Access Control Main Screen Click Management > Access Control in the navigation panel to display the main screen as shown. Figure 96 Access Control GS-2724 User’s Guide...
Page 194: About Snmp
Get operation, followed by a series of GetNext operations. Allows the manager to set values for object variables within an agent. Trap Used by the agent to inform the manager of some events. GS-2724 User’s Guide...
Page 195: Supported Mibs
1.3.6.1.2.1.17.0.2 This trap is sent when the STP root switch changes. 29.3.3 Configuring SNMP From the Access Control screen, display the SNMP screen. You can click Access Control to go back to the Access Control screen. GS-2724 User’s Guide...
Page 196: Setting Up Login Accounts
Administrator is always admin. The default administrator password is 1234. It is highly recommended that you change the default administrator password (1234). • A non-administrator (username is something other than admin) is someone who can view but not configure settings. GS-2724 User’s Guide...
Page 197: Figure 99 Logins
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 198: Ssh Overview
The SSH client sends a connection request to the SSH server. The server identifies itself with a host key. The client encrypts a randomly generated session key with the host key and server key and sends the result back to the server. GS-2724 User’s Guide...
Page 199: Ssh Implementation On The Switch
1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the Switch’s WS (web server). 2 HTTP connection requests from a web browser go to port 80 (by default) on the Switch’s WS (web server). GS-2724 User’s Guide...
Page 200: Https Example
You see the following Security Alert screen in Internet Explorer. Select Yes to proceed to the web configurator login screen; if you select No, then web configurator access is blocked. Figure 103 Security Alert Dialog Box (Internet Explorer) GS-2724 User’s Guide...
Page 201: Netscape Navigator Warning Messages
29.8.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar denotes a secure connection. GS-2724 User’s Guide...
Page 202: Service Port Access Control
Remote Management screen (discussed later). From the Access Control screen, display the Service Access Control screen. You can click Access Control to go back to the Access Control screen. Figure 107 Service Access Control GS-2724 User’s Guide...
Page 203: Remote Management
Switch. Active Select this check box to activate this secured client set. Clear the check box if you wish to temporarily disable the set without deleting it. GS-2724 User’s Guide...
Page 204 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 205: Diagnostic
The following table describes the labels in this screen. Table 74 Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box. Click Clear to empty the text box and reset the syslog entry. GS-2724 User’s Guide...
Page 206 Type the IP address of a device that you want to ping in order to test a connection. Click Ping to have the Switch ping the IP address (in the field to the left). Ethernet Port Test Enter a port number and click Port Test to perform an internal loopback test. GS-2724 User’s Guide...
Page 207: Syslog
Debug: The message is intended for debug-level purposes. 31.2 Syslog Setup Click Management > Syslog in the navigation panel to display this screen. The syslog feature sends logs to an external syslog server. Use this screen to configure the device’s system logging settings. GS-2724 User’s Guide...
Page 208: Syslog Server Setup
Cancel Click Cancel to reset the fields. 31.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to open the following screen. Use this screen to configure a list of external syslog servers. GS-2724 User’s Guide...
Page 209: Figure 111 Syslog Server Setup
This field displays the severity level of the logs that the device is to send to this syslog server. Delete Select an entry’s Delete check box and click Delete to remove the entry. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 210 Chapter 31 Syslog GS-2724 User’s Guide...
Page 211: Cluster Management
Cluster Members The switches being managed by the cluster manager switch. In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. GS-2724 User’s Guide...
Page 212: Cluster Management Status
Chapter 32 Cluster Management Figure 112 Clustering Application Example 32.2 Cluster Management Status Click Management > Cluster Management in the navigation panel to display the following screen. A cluster can only have one manager. Figure 113 Cluster Management Status GS-2724 User’s Guide...
Page 213: Cluster Member Switch Management
Figure 114 Cluster Management: Cluster Member Web Configurator Screen 32.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. GS-2724 User’s Guide...
Page 214: Clustering Management Configuration
This is the cluster member switch’s configuration file name as seen in the cluster manager switch. 32.3 Clustering Management Configuration Use this screen to configure clustering management. Click Configuration from the Cluster Management screen to display the next screen. GS-2724 User’s Guide...
Page 215: Figure 116 Clustering Management Configuration
All switches must be directly connected and in the same VLAN group to belong to the same cluster. Switches that are not in the same VLAN group are not visible in the Clustering Candidates list. This field is ignored if the Clustering Manager is using Port-based VLAN. GS-2724 User’s Guide...
Page 216 This is the cluster member switch’s System Name. Model This is the cluster member switch’s model name. Remove Select this checkbox and then click the Remove button to remove a cluster member switch from the cluster. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 217: Mac Table
• If the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 117 MAC Table Flowchart GS-2724 User’s Guide...
Page 218: Viewing The Mac Table
This is the VLAN group to which this frame belongs. Port This is the port from which the above MAC address was learned. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). GS-2724 User’s Guide...
Page 219: Ip Table
• If the Switch has already learned the port for this IP address, but the destination port is the same as the port it came in on, then it filters the packet. Figure 119 IP Table Flowchart GS-2724 User’s Guide...
Page 220: Viewing The Ip Table
This is the port from which the above IP address was learned. This field displays CPU to indicate the IP address belongs to the Switch. Type This shows whether the IP address is dynamic (learned by the Switch) or static (belonging to the Switch). GS-2724 User’s Guide...
Page 221: Arp Table
ARP Table for future reference and then sends the packet to the MAC address that replied. 35.2 Viewing the ARP Table Click Management > ARP Table in the navigation panel to open the following screen. Use the ARP table to view IP-to-MAC address mapping(s). GS-2724 User’s Guide...
Page 222: Figure 121 Arp Table
MAC Address This is the MAC address of the device with corresponding IP address above. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). GS-2724 User’s Guide...
Page 223: Routing Table
This field displays the IP address of the gateway device. Interface This field displays the IP address of the Interface. Metric This field displays the cost of the route. Type This field displays the method used to learn the route. GS-2724 User’s Guide...
Page 224 Chapter 36 Routing Table GS-2724 User’s Guide...
Page 225: Configure Clone
37.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen. Figure 123 Configure Clone GS-2724 User’s Guide...
Page 226: Table 86 Configure Clone
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. GS-2724 User’s Guide...
Page 227: Cli And Troubleshooting
CLI and Troubleshooting Introducing Commands (229) User and Enable Mode Commands (263) Configuration Mode Commands (269) Interface Commands (281) IEEE 802.1Q Tagged VLAN Commands (289) Multicast VLAN Registration Commands (297) Routing Domain Command Examples (299) Troubleshooting (301)
Page 229: Introducing Commands
Console port access has higher priority. 38.2.1 The Console Port Connect to the Switch’s console port using a terminal emulation software configured to the following settings: GS-2724 User’s Guide...
Page 230: The Login Screen
You can view the initialization information using the console port. After the initialization, the login screen displays (refer to Section 38.3 on page 230). Copyright (c) 1994 - 2006 ZyXEL Communications Corp. initialize mgmt, ethernet address: 00:13:49:00:00:01 initialize switch, ethernet address: 00:13:49:00:00:02 Initializing switch unit 0...
Page 231: Changing The Password
If you use an external RADIUS server to authenticate users, you can use a VSA (Vendor Specific Attribute) to configure a privilege level for an account on the RADIUS server. See Section 16.1.1.1 on page 121 for more information. GS-2724 User’s Guide...
Page 232: Command Modes
12) need to type the takes you to config mode. enable command and enter enable mode password. Config Commands available in this mode Type config sysname(config)# allow you to configure settings that enable mode. affect the Switch globally. GS-2724 User’s Guide...
Page 233: Getting Help
38.8 Getting Help The system includes a help facility to provide you with the following information about the commands: • List of available commands under a command group. • Detailed descriptions of the commands. GS-2724 User’s Guide...
Page 234: List Of Available Commands
SSH client traceroute Exec traceroute sysname> Enter to display detailed sub commands and parameters. <command> help sysname> ping help Commands available: ping <ip|host-name> < [ in-band|out-of-band|vlan <vlan-id> ] [ size <0-1472> ] [ -t ] > sysname> GS-2724 User’s Guide...
Page 235: Using Command History
User mode. write memory You must save your changes after each CLI session. All unsaved configuration changes are lost once you restart the Switch. sysname# write memory GS-2724 User’s Guide...
Page 236: Configuration File
COMMAND DESCRIPTION Displays help information. help Exits from the CLI. logout Logs out from the CLI. exit Displays a list of previously command(s) that you history have executed. The Switch stores up to 256 commands in history. GS-2724 User’s Guide...
Page 237: Enable Mode
242. Backs up running configuration to copy running-config the specified TFTP server with the tftp <ip> specified file name. <remote-file> Clones (copies) the attributes running-config from the specified port to other interface port- ports. channel <port> <port-list> GS-2724 User’s Guide...
Page 238 VLAN(s). id>][..] Restarts the system and use the reload config <index> specified configuration file. Displays all classifier related show classifier information. Displays the specified classifier [name] related information. Displays cluster management cluster status. GS-2724 User’s Guide...
Page 239 <port- list> Displays current interface interfaces config configuration. <port-list> Displays bandwidth control bandwidth-control settings. Displays broadcast storm control bstorm-control settings. Displays outgoing port egress information. Displays IGMP filtering settings. igmp-filtering Displays the IGMP group limit. igmp-group- limited GS-2724 User’s Guide...
Page 240 Displays MAC learning aging mac-aging-time time. Displays the count of MAC mac-count addresses learnt. Displays multiple rapid spanning mrstp <tree- tree configuration for the specified index> tree. Displays multicast settings. multicast Displays multi-login information multi-login DIsplays all MVR settings. GS-2724 User’s Guide...
Page 241 <rsa1|rsa|dsa> Displays current SSH session(s). session Displays general system system- information. information Displays current system time and time date. Displays time server information. timesync Displays link aggregation trunk information. Displays the status of all VLANs. vlan GS-2724 User’s Guide...
Page 242: General Configuration Mode
The following table lists the commands in Configuration (or Config) mode. Table 90 Command Summary: Configuration Mode PRIVILEG COMMAND DESCRIPTION Changes the administrator admin- <pw-string> password. password <confirm-string> Enables bandwidth control. bandwidth- control Enables Bridge Control Protocol bcp- (BCP) transparency. transparenc GS-2724 User’s Guide...
Page 243 Sets a descriptive name for the name <cluster cluster. name> Logs into the CLI of the specified rcommand <mac- cluster member. address> Specifies through which traffic default- <in-band|out-of- flow the Switch is to send management band> packets. Enables DHCP relay. dhcp relay GS-2724 User’s Guide...
Page 244 Enables IGMP filtering on the igmp- Switch. filtering Sets the range of multicast profile <name> address(es) in a profile. start-address <ip> end-address <ip> Enables IGMP snooping. igmp- snooping Sets the 802.1p priority for 8021p-priority <0-7> outgoing igmp snooping packets. GS-2724 User’s Guide...
Page 245 Configures up to four read-only logins username <name> login accounts. password <pwd> Assigns a privilege level to user username <name> privilege <0- accounts. 14> Exits from the CLI. logout Sets learned MAC aging time. mac-aging- <10-3000> time GS-2724 User’s Guide...
Page 246 Displays the detailed help for the help mrstp command. Enables multi-login. multi-login Enters the MVR (Multicast VLAN <vlan-id> Registration) configuration mode. Refer to Section 38.12 on page for more information. Disable bandwidth control on the bandwidth-control Switch. bcp-transparency GS-2724 User’s Guide...
Page 247 Removes a specified IP static route <ip> route. <mask> Enables a specified IP static route <ip> route. <mask> inactive Disables the link aggregation lacp control protocol (dynamic trunking) on the Switch. Disables login access to the logins <name> specified name. GS-2724 User’s Guide...
Page 248 Disables port security on the port-security device. Disables port security on the <port-list> specified ports. Enables MAC address learning <port-list> on the specified ports. learn inactive Disables the use of radius-server <index> authentication from the specified RADIUS server. GS-2724 User’s Guide...
Page 249 Removes remote known hosts known-hosts with the specified public key <host-ip> (1024-bit RSA1, RSA or DSA). [1024|ssh- rsa|ssh-dsa] Disables broadcast storm storm-control control. Disables syslog logging. syslog Disables syslog logging to the server <ip- specified syslog server. address> GS-2724 User’s Guide...
Page 250 Disables LACP in the specified <T1|T2|T3|T4|T5 trunk group. |T6> lacp Deletes the static VLAN entry. vlan <vlan-id> Disables GVRP on the Switch. vlan1q gvrp Disables port isolation. port-isolation Disables VLAN stacking. vlan-stacking Change the password for Enable password mode. GS-2724 User’s Guide...
Page 251 Enables 802.1x authentication port- on the Switch. access- authenticat Enables 802.1x authentication <port-list> on the specified port(s). Sets a subscriber to periodically reauthenticate re-enter his or her username and password to stay connected to a specified port. GS-2724 User’s Guide...
Page 252 Sets the Switch into a non- non-querier querier mode. It will not send igmp query messages. Disables non-querier mode on no non-querier the Switch. Enables and enters the RIP configuration mode. Leaves the RIP configuration exit mode. GS-2724 User’s Guide...
Page 253 Sets the bridge priority of the priority <0-61440> Switch. Adds a remote host to which the known-hosts <host- Switch can access using SSH ip> <1024|ssh- service. rsa|ssh-dsa> <key> Enables broadcast storm control storm- on the Switch. control GS-2724 User’s Guide...
Page 254 259 for more information. Enables GVRP. vlan1q gvrp Enables port-isolation. port-isolation Enables VLAN stacking on the vlan- Switch. stacking Sets the SP TPID (Service <SPTPID> Provider Tag Protocol Identifier). Specifies the VLAN type. vlan-type <802.1q|port- based> GS-2724 User’s Guide...
Page 255: Interface Port-Channel Commands
Sets the outgoing traffic port list egress set <port- for a port-based VLAN. list> Exits from the interface port- exit channel command mode. Enables interface flow control. flow-control Flow control regulates transmissions to match the bandwidth of the receiving port. GS-2724 User’s Guide...
Page 256: Table 91 Interface Port-Channel Commands
Enables the port(s) multicast limit. multicast-limit Sets how many multicast packets <pkt/s> the port(s) receives per second. Sets a name for the port(s). Enter name <port-name- a descriptive name (up to nine string> printable ASCII characters). GS-2724 User’s Guide...
Page 257 The default PVID is VLAN 1 for all pvid <vlan-id> ports. Sets a PVID in the range 1 to 4094 for the specified interface. Sets the quality of service priority priority <0 .. 7> for an interface. GS-2724 User’s Guide...
Page 258: Interface Route-Domain Commands
Exits from the interface routing- exit domain command mode. Enables IGMP in this routing igmp <v1|v2> domain. Sets the igmp robustness igmp robustness- variable on the Switch. This variable <2-255> variable specifies how susceptible the subnet is to lost packets. GS-2724 User’s Guide...
Page 259: Config-Vlan Commands
Sets the IP address of the <ip-address> <mask> Switch in the VLAN and allow manageable remote management to this IP address. Sets the default gateway IP default-gateway <ip- address in this VLAN. address> Specifies a name for name <name-str> identification purposes. GS-2724 User’s Guide...
Page 260: Mvr Commands
Sets the MVR mode (dynamic mode <dynamic| or compatible). compatible> Sets the MVR name for name <name-str> identification purposes. Disables all MVR group group settings. Disables the specified MVR group <name-str> group setting. Enables MVR. inactive GS-2724 User’s Guide...
Page 261 MVR source port can send and <port-list> receive multicast traffic in a multicast VLAN. Sets the port(s) to tag VLAN tagged <port- tags. list> Sets the 802.1p priority for the 8021p-priority packets belonging to this VLAN group. GS-2724 User’s Guide...
Page 262 Chapter 38 Introducing Commands GS-2724 User’s Guide...
Page 263: User And Enable Mode Commands
Ethernet Address : 00:19:cb:00:11:fa ZyNOS F/W Version : V3.70(AYC.0)b0 | 03/08/2007 RomRasSize : 2721784 System up Time 94:49:25 (208e20f ticks) Bootbase Version : V3.1 | 03/08/2007 ZyNOS CODE : RAS Mar 8 2007 11:23:31 Product Model : GS-2724 GS-2724 User’s Guide...
Page 264: Show Ip
1 00:00:04 1970 PP05 -WARN SNMP TRAP 3: link up Clear Error Log (y/n): If you clear a log (by entering at the prompt), you Clear Error Log (y/n): cannot view it again. 39.2.4 show interface Syntax: show interface [port-number] GS-2724 User’s Guide...
Page 265: Show Mac Address-Table
= Specifies the sorting criteria (MAC, VID or port). <sort> This command displays the MAC address(es) stored in the Switch. The following example shows the static MAC address table. sysname# show mac address-table static Port VLAN ID MAC Address Type 00:a0:c5:01:23:46 Static sysname# GS-2724 User’s Guide...
Page 266: Ping
Specifies the network interface or the VLAN ID to which the [in-band|out-of- band|vlan <vlan- Ethernet device belongs. id>] Specifies the Time To Live (TTL) period. [ttl <1-255>] Specifies the time period to wait. [wait <1-60>] Specifies how many tries the Switch performs the traceroute [queries <1-10>] function. GS-2724 User’s Guide...
Page 267: Copy Port Attributes
• Copy selected attributes (active, bandwidth limit and STP settings) to ports 5-8 sysname# copy running-config interface port-channel 1 2 sysname# copy running-config interface port-channel 1 5-8 active bandwidth-limit spanning-tree 39.6 Configuration File Maintenance The following sections show how to manage the configuration files. GS-2724 User’s Guide...
Page 268: Using A Different Configuration File
The following example resets both configuration files to the factory default settings. sysname# erase running-config sysname# write memory sysname# write memory 2 GS-2724 User’s Guide...
Page 269: Configuration Mode Commands
IP address for the Switch. 40.2 Enabling IGMP Snooping To enable IGMP snooping on the Switch. Enter and press [ENTER]. You igmp-snooping can also set how to treat traffic from an unknown multicast group by typing the unknown- parameter. multicast-frame GS-2724 User’s Guide...
Page 270: Configure Igmp Filter
30 sysname(config)# igmp-snooping leave-timeout 30 sysname(config)# igmp-snooping unknown-multicast-frame drop 40.3 Configure IGMP Filter Use the following commands in the config mode to configure IGMP filtering profiles. Syntax: igmp-filtering igmp-filtering profile <name> start-address <ip> end-address <ip> GS-2724 User’s Guide...
Page 271: Enabling Stp
<port-list> priority <0-255> mrstp <treeIndex> <cr> mrstp <treeIndex> priority <0-61440> mrstp <treeIndex> hello-time <1-10> maximum-age <6-40> forward-delay -> <4-30> mrstp interface <port-list> <cr> mrstp interface <port-list> path-cost <1-65535> mrstp interface <port-list> priority <0-255> mrstp interface <port-list> treeIndex <1-4> GS-2724 User’s Guide...
Page 272 • Enable STP on the Switch. • Set the bridge priority of the Switch to 0. • Set the Hello Time to 4, Maximum Age to 20 and Forward Delay to 15 on the Switch. GS-2724 User’s Guide...
Page 273: No Command Examples
An example is shown next. The session timeout is reset to 300 seconds. sysname(config)# no https timeout Cache timeout 300 40.5.3 Re-enable commands The no command can also be used to re-enable features which have been disabled. Syntax: no ip route <ip> <mask> inactive GS-2724 User’s Guide...
Page 274: Other Examples Of No Commands
• Remove ports one, three, four and five from trunk two (T2). sysname(config)# no trunk T1 sysname(config)# no trunk T3 lacp sysname(config)# no trunk T2 interface 1,3-5 40.5.4.2 no port-access-authenticator Syntax: no port-access-authenticator no port-access-authenticator <port-list> reauthenticate no port-access-authenticator <port-list> GS-2724 User’s Guide...
Page 275: Figure 124 No Port-Access-Authenticator Command Example
• Remove the remote host with IP address 172.165.1.9 and with an SSH-RSA encryption key from the list of known hosts. sysname(config)# no ssh key rsa1 sysname(config)# no ssh known-hosts 172.165.1.8 sysname(config)# no ssh known-hosts 172.165.1.9 ssh-rsa GS-2724 User’s Guide...
Page 276: Static Route Commands
172.21.1.104 255.255.0.0 192.168.1.2 name route1 40.7 Enabling MAC Filtering You can create a filter to drop packets based on the MAC address of the source or the destination. Syntax: mac-filter name <name> mac <mac-addr> vlan <vlan-id> drop <src/dst/both> GS-2724 User’s Guide...
Page 277: Enabling Trunking
Enables the trunk. <T1|T2|T3|T4|T5|T6> Places ports in the trunk. <T1|T2|T3|T4|T5|T6> interface <port-list> Enables LACP in the trunk. <T1|T2|T3|T4|T5|T6> lacp An example is shown next. • Create trunk 1 on the Switch. • Place ports 5-8 in trunk 1. GS-2724 User’s Guide...
Page 278: Enabling Port Authentication
Changes the UDP port of the RADIUS server from [acct-port <socket-number>] the default (1812). Specifies a password (up to 32 alphanumeric [key <key-string>] characters) as the key to be shared between the RADIUS server and the Switch. GS-2724 User’s Guide...
Page 279: Port Authentication Settings
An example is shown next. • Specify RADIUS server 1 with IP address 10.10.10.1, port 1890 and the string secretKey as the password. See Section 40.9.1 on page 278 for more information on RADIUS server commands. GS-2724 User’s Guide...
Page 280 • Specify 1800 seconds as the interval for client reauthentication. sysname(config)# radius-server host 1 10.10.10.1 acct-port 1890 key --> secretKey sysname(config)# radius-server timeout 30 sysname(config)# port-access-authenticator sysname(config)# port-access-authenticator 4-8 sysname(config)# port-access-authenticator 4-8 reauthenticate sysname(config)# port-access-authenticator 4-8 reauth-period 1800 GS-2724 User’s Guide...
Page 281: Interface Commands
An example is shown next. • Enter the configuration mode. • Enable ports 1, 3, 4 and 5 for configuration. • Begin configuring for those ports. sysname# config sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# 41.2.2 bpdu-control Syntax: bpdu-control <peer|tunnel|discard|network> GS-2724 User’s Guide...
Page 282: Broadcast-Limit
• Set how many broadband packets the interface receives per second. sysname(config)# interface port-channel 1 sysname(config-interface)# broadcast-limit sysname(config-interface)# broadcast-limit 21 41.2.4 bandwidth-limit command enables bandwidth control on the Switch. bandwidth-limit Syntax: bandwidth-limit bandwidth-limit pir <Kbps> bandwidth-limit cir <Kbps> bandwidth-limit egress <Kbps> GS-2724 User’s Guide...
Page 283: Mirror
An example is shown next. • Enable port mirroring. • Enable the monitor port 3. • Enable ports 1, 4, 5 and 6 for configuration. • Enable port mirroring on the ports. GS-2724 User’s Guide...
Page 284: Gvrp
Syntax: ingress-check An example is shown next. • Enable ports 1, 3, 4 and 5 for configuration. • Enable ingress checking on the interface. sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# ingress-check 41.2.8 frame-type Syntax: frame-type <all|tagged|untagged> GS-2724 User’s Guide...
Page 285: Weight
<port-list> where Sets the outgoing traffic port list for a port-based VLAN. <port-list> An example is shown next. • Enable port-based VLAN tagging on the Switch. • Enable ports one, three, four and five for configuration. GS-2724 User’s Guide...
Page 286: Qos Priority
Sets a name for your port interface. An example is shown next. • Enable port one for configuration. • Set a name for the port. sysname(config)# interface port-channel 1 sysname(config-interface)# name Test 41.2.13 speed-duplex Syntax: speed-duplex <auto|10-half|10-full|100-half|100-full|1000-full> GS-2724 User’s Guide...
Page 287: Test
Interface sub mode also disable certain features. In this mode, however, this takes place on a port by port basis. 41.3.1 no bandwidth-limit You can disable bandwidth limit on port 1 simply by placing the command in front of the command. bandwidth-limit GS-2724 User’s Guide...
Page 288 Chapter 41 Interface Commands Syntax: no bandwidth-limit An example is shown next: • Disable bandwidth limit on port1 sysname(config)# interface port-channel 1 sysname(config-interface)# no bandwidth-limit GS-2724 User’s Guide...
Page 289: Ieee 802.1Q Tagged Vlan Commands
VLAN (VID 3 in this example) for vlan <vlan-id> managing the Switch, and the Switch will activate the new management VLAN. • Use the command to disable the new management VLAN. inactive sysname (config)# vlan 3 sysname (config-vlan)# inactive GS-2724 User’s Guide...
Page 290: Global Vlan1Q Tagged Vlan Configuration Commands
Switches join VLANs by making a declaration. A declaration is made by issuing a Join message using GARP. Declarations are withdrawn by issuing a Leave message. A Leave All message terminates all registrations. GARP timers set declaration timeout values. GS-2724 User’s Guide...
Page 291: Gvrp Timer
You must configure the Switch’s port VLAN settings in config-interface mode. 42.3.1 Set Port VID Syntax: pvid <VID> where Specifies the VLAN number between 1 and 4094. <VID> This command sets the default VLAN ID on the port(s). GS-2724 User’s Guide...
Page 292: Set Acceptable Frame Type
42.3.4 Modify Static VLAN Use the following commands in the config-vlan mode to configure the static VLAN table. Syntax: vlan <vlan-id> fixed <port-list> forbidden <port-list> name <name-str> normal <port-list> untagged <port-list> no fixed <port-list> no forbidden <port-list> no untagged <port-list> GS-2724 User’s Guide...
Page 293 The Switch also does not forward frames to “forbidden” ports. 4 If after looking at the SVLAN, the Switch does not have any ports to which it will send the frame, it won’t check the port filter. GS-2724 User’s Guide...
Page 294: Delete Vlan Id
This command shows the IEEE 802.1Q Tagged SVLAN (Static VLAN) table. An example is shown next. • VID is the VLAN identification number. • Status shows whether the VLAN is static or active. • Elap-Time is the time since the VLAN was created on the Switch. GS-2724 User’s Guide...
Page 295 TagCtl untagged. sysname# show vlan The Number of VLAN: Idx. VID Status Elap-Time TagCtl ---- ---- -------- ------------ ------------------------ Static 0:12:13 Untagged :1-2 Tagged Static 0:00:17 Untagged : Tagged :1-4 Static 0:00:07 Untagged :1-2 Tagged :3-8 GS-2724 User’s Guide...
Page 296 Chapter 42 IEEE 802.1Q Tagged VLAN Commands GS-2724 User’s Guide...
Page 297: Multicast Vlan Registration Commands
The VLAN ID [1 – 4094]. <vlan-id> Specifies the MVR source ports which send and receive multicast source-port <port-list> traffic. Specifies the MVR receiving ports which only receive multicast receiver-port <port-list> traffic. A name to identify the multicast VLAN group. name <name-str> GS-2724 User’s Guide...
Page 298: Chapter 43 Multicast Vlan Registration Commands
• Configure MVR multicast group addresses by the name of ipgroup. • Exit MVR mode. See the following example. sysname(config)# mvr 3 name multivlan sysname(config-mvr)# source-port 2,3,5 receiver-port 6-8 sysname(config-mvr)# mode dynamic sysname(config-mvr)# group ipgroup start-address 224.0.0.1 end-address --> 224.0.0.255 sysname(config-mvr)# exit GS-2724 User’s Guide...
Page 299: Routing Domain Command Examples
An example is shown next. • Enter the configuration mode. • Enable default routing domain (the 192.168.1.1 subnet) for configuration. • Begin configuring for this domain. sysname# config sysname(config)# interface route-domain 192.168.1.1/24 cmd interface route domain 192.168.1.1 255.255.255.0 sysname(config-if)# GS-2724 User’s Guide...
Page 300: Chapter 44 Routing Domain Command Examples
Chapter 44 Routing Domain Command Examples GS-2724 User’s Guide...
Page 301: Troubleshooting
IP address, your computer’s IP address must match it. Refer to Chapter 29 on page 193 for details. Your computer’s and the Switch’s IP addresses must be on the same subnet. Appendix C on page 313 to check that pop-up windows, JavaScripts and Java permissions are allowed. GS-2724 User’s Guide...
Page 302: Problems With The Password
If you have changed the password and have now forgotten it, you will need to upload the default configuration file. This restores all of the factory defaults including the password. See Section 4.6.1 on page GS-2724 User’s Guide...
Page 303: Appendices And Index
Appendices and Index Product Specifications (305) Changing a Fuse (311) Pop-up Windows, JavaScripts and Java Permissions (313) IP Addresses and Subnetting (319) Common Services (329) Legal Information (333) Customer Support (337) Index (341)
Page 305: Appendix A Product Specifications
(the port you copy the traffic to) without interference. Static Route Static routes tell the Switch how to forward IP traffic when you configure the TCP/IP parameters manually. Port Cloning Port cloning allows you to copy attributes from one port to another port or ports. GS-2724 User’s Guide...
Page 306 Cluster management (also known as iStacking) allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another. GS-2724 User’s Guide...
Page 307: Table 99 General Product Specifications
Supports IEEE 802.3ad; static and dynamic (LACP) port trunking Aggregation Six groups (up to 8 ports each) Port mirroring All ports support port mirroring Support port mirroring per IP/TCP/UDP Bandwidth Supports rate limiting at 64K increment control GS-2724 User’s Guide...
Page 308 Wire speed rate limiting per MAC/IP/TCP/UDP Wire speed mirroring per MAC/IP/TCP/UDP Access Control List (ACL) Based on Port Based on MAC+VLAN ID Based on IP Address (Source/Destination) Based on L3 Protocol category Based on TCP/UDP port number GS-2724 User’s Guide...
Page 309: Table 100 Management Specifications
RMON groups (history, statistics, alarms and events) RFC1155 SMI RFC1157 SNMP v1 RFC1213 MIB II RFC2011 IP MIP RFC2012 TCP MIB RFC2013 UDP MIB RFC1493 Bridge MIB RFC1643 Ethernet MIB RFC1757 Four groups of RMON RFC2674 Bridge MIB extension, SNMP v2, SNMP v2c GS-2724 User’s Guide...
Page 310: Table 101 Physical And Environmental Specifications
100-240 VAC 50/60 Hz, 1.5 A max. -48 VDC ~ -60 VDC, 2.2 A max. Backup power supply into 12 VDC Fuse: T2A250Vac To reduce the risk of fire, replace the fuse only with a fuse of the same type and rating. GS-2724 User’s Guide...
Page 311: Appendix B Changing A Fuse
2 Push the replacement fuse into the fuse housing until you hear a click. 3 Push the fuse housing back into the Switch until you hear a click. 4 Plug the power cord back into the unit. GS-2724 User’s Guide...
Page 312 Appendix B Changing a Fuse GS-2724 User’s Guide...
Page 313: Appendix C Pop-Up Windows, Javascripts And Java Permissions
You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. GS-2724 User’s Guide...
Page 314: Figure 126 Internet Options
Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen. GS-2724 User’s Guide...
Page 315: Figure 127 Internet Options
3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 128 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. GS-2724 User’s Guide...
Page 316: Figure 129 Internet Options
3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window. GS-2724 User’s Guide...
Page 317: Figure 130 Security Settings - Java Scripting
2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window. Figure 131 Security Settings - Java GS-2724 User’s Guide...
Page 318: Figure 132 Java (Sun)
1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Figure 132 Java (Sun) GS-2724 User’s Guide...
Page 319: Appendix D Ip Addresses And Subnetting
Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. GS-2724 User’s Guide...
Page 320: Figure 133 Network Number And Host Id
Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. GS-2724 User’s Guide...
Page 321: Table 104 Subnet Masks
For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask 255.255.255.128. The following table shows some possible subnet masks using both notations. Table 106 Alternative Subnet Mask Notation ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.0 0000 0000 255.255.255.128 1000 0000 GS-2724 User’s Guide...
Page 322: Figure 134 Subnetting Example: Before Subnetting
The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. The following figure shows the company network after subnetting. There are now two sub- networks, A and B. GS-2724 User’s Guide...
Page 323: Figure 135 Subnetting Example: After Subnetting
Table 107 Subnet 1 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address (Decimal) 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 00000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.1 192.168.1.0 Broadcast Address: Highest Host ID: 192.168.1.62 192.168.1.63 GS-2724 User’s Guide...
Page 324: Table 108 Subnet 2
Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet. Table 111 Eight Subnets SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS GS-2724 User’s Guide...
Page 325: Table 112 24-Bit Network Number Subnet Planning
SUBNET 255.255.128.0 (/17) 32766 255.255.192.0 (/18) 16382 255.255.224.0 (/19) 8190 255.255.240.0 (/20) 4094 255.255.248.0 (/21) 2046 255.255.252.0 (/22) 1022 255.255.254.0 (/23) 255.255.255.0 (/24) 255.255.255.128 (/25) 255.255.255.192 (/26) 1024 255.255.255.224 (/27) 2048 255.255.255.240 (/28) 4096 255.255.255.248 (/29) 8192 GS-2724 User’s Guide...
Page 326: Configuring Ip Addresses
Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space. GS-2724 User’s Guide...
Page 327: Figure 136 Conflicting Computer Ip Addresses Example
LAN and WAN addresses must be on different subnets. In the following example, the LAN and WAN are on the same subnet. The LAN computers cannot access the Internet because the router cannot route between networks. Figure 137 Conflicting Computer IP Addresses Example GS-2724 User’s Guide...
Page 328: Figure 138 Conflicting Computer And Router Ip Addresses Example
LAN port both use 192.168.1.1 as the IP address. The computer cannot access the Internet. This problem can be solved by assigning a different IP address to the computer or the router’s LAN port. Figure 138 Conflicting Computer and Router IP Addresses Example GS-2724 User’s Guide...
Page 329: Appendix E Common Services
IP numbers. User-Defined The IPSEC ESP (Encapsulation Security (IPSEC_TUNNEL) Protocol) tunneling protocol uses this service. FINGER Finger is a UNIX or Internet related command that can be used to find out if a user is logged on. GS-2724 User’s Guide...
Page 330 This is the data channel. RCMD Remote Command Service. REAL_AUDIO 7070 A streaming audio service that enables real time sound over the web. REXEC Remote Execution Daemon. RLOGIN Remote Login. GS-2724 User’s Guide...
Page 331 TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. GS-2724 User’s Guide...
Page 332 Appendix E Common Services GS-2724 User’s Guide...
Page 334: Zyxel Limited Warranty
ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating GS-2724 User’s Guide...
Page 335 Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. GS-2724 User’s Guide...
Page 336 Appendix F Legal Information GS-2724 User’s Guide...
Page 337: Appendix G Customer Support
• Regular Mail: ZyXEL Costa Rica, Plaza Roble Escazú, Etapa El Patio, Tercer Piso, San José, Costa Rica Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 • Fax: +420-241-091-359 • Web Site: www.zyxel.cz • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 - Modrany, Ceská Republika GS-2724 User’s Guide...
Page 338 • Support E-mail: support@zyxel.fi • Sales E-mail: sales@zyxel.fi • Telephone: +358-9-4780-8411 • Fax: +358-9-4780 8448 • Web Site: www.zyxel.fi • Regular Mail: ZyXEL Communications Oy, Malminkaari 10, 00700 Helsinki, Finland France • E-mail: info@zyxel.fr • Telephone: +33-4-72-52-97-97 • Fax: +33-4-72-52-19-20 •...
Page 339 • Sales E-mail: sales@zyxel.com • Telephone: +1-800-255-4101, +1-714-632-0882 • Fax: +1-714-632-0858 • Web Site: www.us.zyxel.com • FTP Site: ftp.us.zyxel.com • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no •...
Page 340 Appendix G Customer Support • Web Site: www.zyxel.es • Regular Mail: ZyXEL Communications, Arte, 21 5ª planta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • Telephone: +46-31-744-7700 • Fax: +46-31-744-7701 • Web Site: www.zyxel.se • Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Ukraine •...
Page 341: Index
BPDUs (Bridge Protocol Data Units) interface Bridge Protocol Data Units (BPDUs) logging in modes modes summary static VLAN table example summary syntax conventions user mode details certifications using history notices VLAN GS-2724 User’s Guide...
Page 342 DS field replacement DSCP DSCP-to-IEEE802.1p mapping network example disclaimer double-tagged frames GARP DS (Differentiated Services) GARP (Generic Attribute Registration Protocol) DSCP DSCP-to-IEEE802.1p mapping GARP terminology service level GARP timer 77, 86 what it does general setup GS-2724 User’s Guide...
Page 343 77, 97, 128 specify limit install fuse MAC table how it works installation viewing freestanding precautions maintenance rack-mounting configuration backup current configuration interface commands firmware Internet Assigned Numbers Authority, See also IANA main screen restoring configuration introduction management GS-2724 User’s Guide...
Page 344 (NMS) power no commands examples backup power supply connector NTP (RFC-1305) voltage power status priority level priority, queue assignment product registration product specification password PVID 85, 92 administrator PVID (Priority Frame) PHB (Per-Hop Behavior) ping, test connection GS-2724 User’s Guide...
Page 345 50, 65 overview version link aggregation port RIP (Routing Information Protocol) port details Round Robin Scheduling power routing domain 106, 109 routing table VLAN RSTP See also STP bridge ID 107, 110 GS-2724 User’s Guide...
Page 346 VLAN number time zone VLAN stacking 147, 149 Time (RFC-868) configuration time server example time service protocol frame format format port roles 148, 151 priority trademarks 121, 122 transceiver and port authentication installation removal traps, SNMP destination GS-2724 User’s Guide...
Page 347 Index warranty note web configurator getting help home login logout navigation panel screen summary weight, queuing Weighted Round Robin Scheduling (WRR) WRR (Weighted Round Robin Scheduling) ZyNOS (ZyXEL Network Operating System) GS-2724 User’s Guide...
Page 348 Index GS-2724 User’s Guide...

ZyXEL Communications GS-2724 User Manual

Chapter 1 Getting to Know Your Switch

Chapter 2 Hardware Installation and Connection

Chapter 3 Hardware Overview

Chapter 4 The Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Statistics

Chapter 7 Basic Setting

Chapter 8 VLAN

Chapter 9 Static MAC Forward Setup

Chapter 10 Filtering

Chapter 11 Spanning Tree Protocol

Chapter 12 Bandwidth Control

Chapter 13 Broadcast Storm Control

Chapter 14 Mirroring

Chapter 15 Link Aggregation

Chapter 16 Port Authentication

Chapter 17 Port Security

Chapter 18 Classifier

Chapter 19 Policy Rule

Chapter 20 Queuing Method

Chapter 21 VLAN Stacking

Chapter 22 Multicast

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications GS-2724

Summary of Contents for ZyXEL Communications GS-2724