Page 1 GS-3012/GS-3012F Series Gigabit Ethernet Switch User’s Guide Version 3.70 11/2006 Edition 1 www.zyxel.com...
Page 3: About This User's Guide
Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
Page 4: Warnings And Notes
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 5 Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The switch icon is not an exact representation of your device. The switch Server Telephone GS-3012/GS-3012F User’s Guide Computer Notebook computer DSLAM Firewall Switch Router Document Conventions...
Page 6: Safety Warnings
Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 Safety Warnings This product is recyclable. Dispose of it properly. GS-3012/GS-3012F User’s Guide...
Page 8 Safety Warnings GS-3012/GS-3012F User’s Guide...
Page 9: Table Of Contents
Introduction and Hardware Overview ... 31 Getting to Know Your Switch ... 33 Hardware Installation and Connection ... 39 Hardware Overview ... 43 Basic Settings ... 51 Introducing the Web Configurator Initial Setup Example ... 61 System Status and Port Details ... 65 Basic Setting ...
Page 10 Contents Overview Configure Clone ... 203 Commands and Troubleshooting ... 205 Introducing the Commands ... 207 Command Examples ... 239 IEEE 802.1Q Tagged VLAN Commands ... 257 Troubleshooting ... 265 Appendices and Index ... 267 GS-3012/GS-3012F User’s Guide...
Page 11: Table Of Contents
About This User's Guide ... 3 Document Conventions... 4 Safety Warnings... 6 Contents Overview ... 9 Table of Contents... 11 List of Figures ... 21 List of Tables... 27 Part I: Introduction and Hardware Overview ... 31 Chapter 1 Getting to Know Your Switch... 33 1.1 Introduction ...
Page 12 Table of Contents 3.1.2 Gigabit Ports ... 44 3.1.3 Mini-GBIC Slots ... 45 3.1.4 Management Port ... 47 3.2 Rear Panel ... 47 3.2.1 Power Connector ... 47 3.3 LEDs ... 48 3.4 Configuring the Switch ... 49 Part II: Basic Settings ... 51 Chapter 4 Introducing the Web Configurator 4.1 Introduction ...
Page 13 7.5 Switch Setup Screen ... 75 7.6 IP Setup ... 77 7.6.1 Management IP Addresses ... 77 7.7 Port Setup ... 80 Part III: Advanced Settings ... 83 Chapter 8 VLAN ... 85 8.1 Introduction to IEEE 802.1Q Tagged VLAN 8.1.1 Forwarding Tagged and Untagged Frames ...
Page 14 Table of Contents 11.2 Spanning Tree Protocol Main Screen ... 106 11.3 Configure Rapid Spanning Tree Protocol 11.4 Rapid Spanning Tree Protocol Status 11.5 Configure Multiple Rapid Spanning Tree Protocol 11.6 Multiple Rapid Spanning Tree Protocol Status Chapter 12 Bandwidth Control... 113 12.1 Introduction to Bandwidth Control ...113 12.1.1 CIR and PIR ...113 12.1.2 Bandwidth Control Setup ...113...
Page 15 Chapter 18 Classifier ... 133 18.1 About the Classifier and QoS ... 133 18.2 Configuring the Classifier ... 133 18.3 Viewing and Editing Classifier Configuration ... 136 18.4 Classifier Example ... 137 Chapter 19 Policy Rule... 139 19.1 About Policy Rules ... 139 19.1.1 DiffServ ...
Page 16 Table of Contents 22.1.1 DHCP “Relay Agent Information Option” ... 161 22.1.2 DHCP Relay Agent Circuit ID Sub-option Format ... 161 22.2 DHCP Relay Configuration ... 161 Part IV: Static Routing and Management ... 163 Chapter 23 Routing Protocol ... 165 23.1 Static Route Overview ...
Page 17 25.7.3 Netscape Navigator Warning Messages ... 182 25.7.4 Login Screen ... 183 25.8 Service Access Control ... 184 25.9 Remote Management ... 185 Chapter 26 Diagnostic... 187 26.1 Diagnostic ... 187 Chapter 27 Syslog ... 189 27.1 Syslog ... 189 27.2 Syslog Setup ...
Page 18 Table of Contents 32.1 Overview ... 207 32.1.1 Switch Configuration File ... 207 32.2 Accessing the CLI ... 207 32.2.1 Access Priority ... 208 32.2.2 The Console Port ... 208 32.2.3 Telnet ... 208 32.3 The Login Screen ... 209 32.4 Command Syntax Conventions ...
Page 19 33.7.1 no mirror-port ... 247 33.7.2 no trunk ... 247 33.7.3 no port-access-authenticator ... 248 33.7.4 no ssh ... 248 33.8 interface Commands ... 249 33.8.1 interface port-channel ... 249 33.8.2 bpdu-control ... 249 33.8.3 broadcast-limit ... 250 33.8.4 bandwidth-limit ... 250 33.8.5 mirror ...
Page 20 Table of Contents Part VI: Appendices and Index ... 267 Appendix A Product Specifications... 269 Appendix B Browser Setup ... 273 Appendix C IP Addresses and Subnetting ... 279 Appendix D Legal Information ... 287 Appendix E Customer Support... 291 Index...
Page 21: List Of Figures
List of Figures List of Figures Figure 1 Backbone Application ... 34 Figure 2 Bridging Application ... 34 Figure 3 High Performance Switched Application ... 35 Figure 4 Tag-based VLAN Application ... 36 Figure 5 Shared Server Using VLAN Example ... 36 Figure 6 Attaching Rubber Feet ...
Page 22 List of Figures Figure 39 802.1Q VLAN Port Settings ... 89 Figure 40 802.1Q Static VLAN ... 91 Figure 41 Static VLAN: Summary Table ... 92 Figure 42 VID1 Example Screen ... 93 Figure 43 Port Based VLAN Setup (All Connected) ... 94 Figure 44 Port Based VLAN Setup (Port isolation) ...
Page 23 List of Figures Figure 82 MVR Configuration Example ... 160 Figure 83 DHCP Relay ... 162 Figure 84 Static Routing ... 165 Figure 85 Static Routing: Summary Table ... 166 Figure 86 Maintenance ... 167 Figure 87 Firmware Upgrade ... 168 Figure 88 Restore Configuration ...
Page 24 List of Figures Figure 125 CLI: History Command Example ... 213 Figure 126 CLI: write memory ... 213 Figure 127 show system-information Command Example ... 239 Figure 128 how hardware-monitor Command Example ... 240 Figure 129 show ip Command Example ... 240 Figure 130 show logging Command Example ...
Page 25 List of Figures Figure 168 Pop-up Blocker ... 273 Figure 169 Internet Options ... 274 Figure 170 Internet Options ... 275 Figure 171 Pop-up Blocker Settings ... 275 Figure 172 Internet Options ... 276 Figure 173 Security Settings - Java Scripting ... 277 Figure 174 Security Settings - Java ...
Page 26 List of Figures GS-3012/GS-3012F User’s Guide...
Page 27: List Of Tables
List of Tables List of Tables Table 1 Front Panel Connections ... 44 Table 2 LED Descriptions ... 48 Table 3 Navigation Panel Sub-links Overview ... 54 Table 4 Web Configurator Screen Sub-links Details ... 55 Table 5 Navigation Panel Sub-link Descriptions ... 55 Table 6 Port Status ...
Page 28 List of Tables Table 39 Supported Tunnel Protocol Attribute ... 124 Table 40 Port Authentication: RADIUS ... 125 Table 41 Port Authentication: 802.1x ... 126 Table 42 Port Security ... 130 Table 43 Classifier ... 134 Table 44 Classifier: Summary Table ... 136 Table 45 Common Ethernet Types and Protocol Number ...
Page 29 List of Tables Table 82 Command Summary: Enable Mode ... 215 Table 83 Command Summary: Configure Mode ... 220 Table 84 Command Summary: config-vlan Commands ... 232 Table 85 Command Summary: Interface ... 233 Table 86 Command Summary: mvr Commands ... 236 Table 87 Troubleshooting the Start-Up of Your Switch ...
Page 30 List of Tables GS-3012/GS-3012F User’s Guide...
Page 31: Introduction And Hardware Overview
Introduction and Hardware Overview Getting to Know Your Switch (33) Hardware Installation and Connection (39) Hardware Overview (43)
Page 33: Getting To Know Your Switch
H A P T E R Getting to Know Your Switch This chapter describes the key features, benefits and applications of the switch. 1.1 Introduction The GS-3012 and GS-3012F are layer 2 stand-alone Gigabit Ethernet switches. The GS-3012 has 12 100/1000Mbps ports and four mini-GBIC slots for optical uplinking. There are two GS-3012 models.
Page 34: Bridging Example
Chapter 1 Getting to Know Your Switch Figure 1 Backbone Application 1.1.2 Bridging Example In this example application the switch is the ideal solution for different company departments to connect to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks.
Page 35: High Performance Switched Workgroup Example
1.1.3 High Performance Switched Workgroup Example The switch is ideal for connecting two power workgroups that need high bandwidth. In the following example, use trunking to connect these two power workgroups. Switching to higher-speed LANs such as FDDI or ATM is not feasible for most people due to the expense of replacing all existing Ethernet cables and adapter cards, restructuring your network and complex maintenance.
Page 36: Ways To Manage The Switch
Chapter 1 Getting to Know Your Switch Figure 4 Tag-based VLAN Application 1.1.4.2 VLAN Shared Server Example Shared resources such as a server can be used by all ports in the same VLAN as the server, as shown in the following example. In this example, only ports that need access to the server need belong to VLAN 1 while they can belong to other VLAN groups too.
Page 37: Chapter 2
• SNMP. The switch can be monitored by an SNMP manager. See 176. • Cluster Management. Cluster Management allows you to manage multiple switches through one switch, called the cluster manager. See 1.3 Good Habits for Managing the switch Do the following things regularly to make the switch more secure and to manage the switch more effectively.
Page 38 Chapter 1 Getting to Know Your Switch GS-3012/GS-3012F User’s Guide...
Page 39: Hardware Installation And Connection
H A P T E R Hardware Installation and This chapter shows you how to install and connect the switch. 2.1 Installation Scenarios The switch can be placed on a desktop or rack-mounted on a standard EIA rack. Use the rubber feet in a desktop installation and the brackets in a rack-mounted installation.
Page 40: Mounting The Switch On A Rack
Chapter 2 Hardware Installation and Connection Figure 6 Attaching Rubber Feet Do NOT block the ventilation holes. Leave space between devices when stacking. 2.3 Mounting the Switch on a Rack The switch can be mounted on an EIA standard size, 19-inch rack or in a wiring closet with other equipment.
Page 41: Mounting The Switch On A Rack
Figure 7 Attaching the Mounting Brackets 2 Using a #2 Philips screwdriver, install the M3 flat head screws through the mounting bracket holes into the switch. 3 Repeat steps switch. 4 You may now mount the switch on a rack. Proceed to the next section. 2.3.3 Mounting the Switch on a Rack 1 Position a mounting bracket (that is already attached to the switch) on one side of the rack, lining up the two screw holes on the bracket with the screw holes on the side of the...
Page 42 Chapter 2 Hardware Installation and Connection GS-3012/GS-3012F User’s Guide...
Page 43: Hardware Overview
H A P T E R This chapter describes the front panel and rear panel of the switch and shows you how to make the hardware connections. 3.1 Front Panel The following figure shows the front panel of the GS-3012. The front panel contains the switch LEDs, 8 RJ-45 gigabit ports, four dual personality interfaces each consisting of a mini- GBIC slot and an RJ-45 gigabit port as well as a console and management port for local management.
Page 44: Console Port
Chapter 3 Hardware Overview The following table describes the port labels on the front panel. Table 1 Front Panel Connections LABEL DESCRIPTION 8 100/1000 Connect these 1Gbps Electrical Ethernet ports to high-bandwidth backbone network Mbps RJ-45 Ethernet switches or use them to daisy-chain other switches. Ethernet Ports (GS-3012) 8 Mini-GBIC...
Page 45: Default Ethernet Negotiation Settings
When auto-negotiation is turned on, a Gigabit port negotiates with the peer automatically to determine the connection speed and duplex mode. If the peer Ethernet port does not support auto-negotiation or turns off this feature, the switch determines the connection speed by detecting the signal on the cable and using half duplex mode.
Page 46: Figure 11 Transceiver Installation Example
Chapter 3 Hardware Overview 3.1.3.1 Transceiver Installation Use the following steps to install a mini-GBIC transceiver (SFP module). 1 Insert the transceiver into the slot with the exposed section of PCB board facing down. 2 Press the transceiver firmly until it clicks into place. 3 The switch automatically detects the installed transceiver.
Page 47: Management Port
Figure 15 Transceiver Removal Example 3.1.4 Management Port The MGMT (management) port is used for local management. Connect directly to this port using an Ethernet cable. You can configure the switch via Telnet or the web configurator. The default IP address of the management port is 192.168.0.1 with a subnet mask of 255.255.255.0.
Page 48: Leds
Chapter 3 Hardware Overview To connect the power to the AC power model, insert the female end of power cord to the power receptacle on the rear panel. Connect the other end of the supplied power cord to a 100~240VAC/1.5A power outlet. Make sure that no objects obstruct the airflow of the fans (located on the side of the unit).
Page 49: Configuring The Switch
Table 2 LED Descriptions (continued) COLOR STATUS 1000 Green Blinking (GS- 3012F) 100 (GS- Amber Blinking 3012F) MGMT Green Blinking Amber Blinking 3.4 Configuring the Switch You may use the embedded web configurator or command line interface to configure the switch.
Page 50 Chapter 3 Hardware Overview GS-3012/GS-3012F User’s Guide...
Page 51: Basic Settings
Basic Settings Introducing the Web Configurator (53) Initial Setup Example (61) System Status and Port Details (65) Basic Setting (71)
Page 53: Introducing The Web Configurator
H A P T E R This section introduces the configuration and functions of the web configurator. 4.1 Introduction The embedded web configurator allows you to manage the switch from anywhere through a standard browser such as Microsoft Internet Explorer or Netscape Navigator. Use Internet Explorer 5.5 and later or Netscape Navigator 6 and later versions.
Page 54: Status Screen
Chapter 4 Introducing the Web Configurator 4.3 Status Screen The Status screen is the first web configurator screen you see after you log in. The following figure shows the navigating components of a web configurator screen. Figure 21 Web Configurator Home Screen (Status) In the navigation panel, click a main link to reveal a list of submenu links.
Page 55: Table 4 Web Configurator Screen Sub-Links Details
The following table lists the various web configurator screens within the sub-links. Table 4 Web Configurator Screen Sub-links Details ADVANCED BASIC SETTING APPLICATION System Info VLAN Status General Setup Switch Setup IP Setup Port Setup Static MAC Forwarding Filtering Spanning Tree Protocol Bandwidth Control Broadcast Storm Control Mirroring...
Page 56 Chapter 4 Introducing the Web Configurator Table 5 Navigation Panel Sub-link Descriptions (continued) LABEL Port Setup Advanced Application VLAN Static MAC Forwarding Filtering Spanning Tree Protocol Bandwidth Control Broadcast Storm Control Mirroring Link Aggregation Port Authentication Port Security Classifier Policy Rule Queuing Method Multicast DHCP Relay...
Page 57: Change Your Password
Table 5 Navigation Panel Sub-link Descriptions (continued) LABEL DESCRIPTION MAC Table This link takes you to a screen where you can view the MAC addresses (and types) of devices attached to what ports and VLAN IDs. ARP Table This link takes you to a screen where you can view the MAC addresses – IP address resolution table.
Page 58: Resetting The Switch
Chapter 4 Introducing the Web Configurator 5 Assigning minimum bandwidth to the CPU port. If you limit bandwidth to the CPU port, you may find that the switch performs sluggishly or not at all. Be careful not to lock yourself and others out of the switch. If you do lock yourself out, try using out-of-band management (via the management port) to configure the switch.
Page 59: Logging Out Of The Web Configurator
Figure 23 Resetting the Switch: Via Console Port Bootbase Version: V3.00 | 01/14/2005 22:06:52 RAM:Size = 32 Mbytes DRAM POST: Testing: 32768K OK DRAM Test SUCCESS ! FLASH: Intel 32M ZyNOS Version: V3.70(LR.0)b0 | 10/20/2006 14:53:11 Press any key to enter debug mode within 3 seconds. Enter Debug Mode sysname>...
Page 60 Chapter 4 Introducing the Web Configurator GS-3012/GS-3012F User’s Guide...
Page 61: Initial Setup Example
H A P T E R This chapter shows how to set up the switch for an example network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID •...
Page 62: Setting Port Vid
Chapter 5 Initial Setup Example 1 Click Advanced Application and VLAN in the navigation panel and click the Static VLAN link. 2 In the Static VLAN screen, select ACTIVE, enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network.
Page 63: Configuring Switch Management Ip Address
Figure 26 Initial Setup Network Example: Port VID 1 Click Advanced Applications and VLAN in the navigation panel. Then click the VLAN Port Setting link. 2 Enter 2 in the PVID field for port 1 and click Apply to save your changes back to the run- time memory.
Page 64 Chapter 5 Initial Setup Example 1 Connect your computer to any Ethernet port on the switch. Make sure your computer is in the same subnet as the switch. 2 Open your web browser and enter 192.168.1.1 (the default IP address) in the address bar to access the web configurator.
Page 65: System Status And Port Details
H A P T E R System Status and Port Details This chapter describes the system status (web configurator home page) and port details screens. 6.1 About System Statistics and Information The status screen of the web configurator displays a port statistical summary with links to each port showing statistical details.
Page 66: Port Details
Chapter 6 System Status and Port Details The following table describes the labels in this screen. Table 6 Port Status LABEL DESCRIPTION Port This identifies the Gigabit port. Click a port number to display the Port Details screen (refer to Name This field displays the port name you configured in the Port Setup screen.
Page 67: Figure 29 Status: Port Details
Figure 29 Status: Port Details The following table describes the labels in this screen. Table 7 Status: Port Details LABEL DESCRIPTION Port Info Port NO. This field identifies the Gigabit port described in this screen. Name This field displays the port name you configured in the Port Setup screen. Link This field shows whether the port connection is down, and the speed/duplex mode.
Page 68 Chapter 6 System Status and Port Details Table 7 Status: Port Details (continued) LABEL DESCRIPTION TxPkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on this port Errors This field shows the number of received errors on this port.
Page 69 Table 7 Status: Port Details (continued) LABEL DESCRIPTION 65-127 This field shows the number of packets (including bad packets) received that were between 65 and 127 octets in length. 128-255 This field shows the number of packets (including bad packets) received that were between 128 and 255 octets in length.
Page 70 Chapter 6 System Status and Port Details GS-3012/GS-3012F User’s Guide...
Page 71: Basic Setting
H A P T E R This chapter describes how to configure the System Info, General Setup, Switch Setup, IP Setup and Port Setup screens. 7.1 Introducing the Basic Setting Screens The System Info screen displays general switch information (such as firmware version number) and hardware polling information (such as fan speeds).
Page 72: Figure 30 System Info
Chapter 7 Basic Setting Figure 30 System Info The following table describes the labels in this screen. Table 8 System Info LABEL DESCRIPTION System Name This field displays the switch's model name. ZyNOS F/W This field displays the version number of the switch’s current firmware including the Version date created.
Page 73: General Setup
Table 8 System Info (continued) LABEL DESCRIPTION This field displays this fan's maximum speed measured in Revolutions Per Minute (RPM). This field displays this fan's minimum speed measured in Revolutions Per Minute (RPM). Threshold This field displays the minimum speed at which a normal fan should work. Status Normal indicates that this fan is functioning above the minimum speed.
Page 74: Table 9 General Setup
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 9 General Setup LABEL DESCRIPTION System Name Choose a descriptive name for identification purposes. This name consists of up to 64 printable characters; spaces are allowed. Location Enter the geographic location (up to 32 characters) of your switch.
Page 75: Introduction To Vlans
7.4 Introduction to VLANs A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one group. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s);...
Page 76: Table 10 Switch Setup
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 10 Switch Setup LABEL DESCRIPTION VLAN Type Choose 802.1Q or Port Based. The VLAN Setup screen changes depending on whether you choose 802.1Q VLAN Type or Port Based VLAN Type in this screen. VLANs.
Page 77: Ip Setup
Table 10 Switch Setup (continued) LABEL DESCRIPTION Level 0 Typically used for best-effort traffic. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 78: Figure 33 Ip Setup
Chapter 7 Basic Setting Figure 33 IP Setup The following table describes the labels in this screen. Table 11 IP Setup LABEL Domain Name Server Default Management In-Band Management IP Address DESCRIPTION DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa.
Page 79 Table 11 IP Setup (continued) LABEL DESCRIPTION DHCP Client Select this option if you have a DHCP server that can assign the switch an IP address, subnet mask, a default gateway IP address and a domain name server IP address automatically. Static IP Address Select this option if you don’t have a DHCP server or if you wish to assign static IP address information to the switch.
Page 80: Port Setup
Chapter 7 Basic Setting Table 11 IP Setup (continued) LABEL IP Subnet Mask Default Gateway Delete Cancel 7.7 Port Setup Click Basic Setting and then Port Setup in the navigation panel to enter the port configuration screen. Use this screen to configure switch port settings. Figure 34 Port Setup The following table describes the fields in this screen.
Page 81 Table 12 Port Setup (continued) LABEL DESCRIPTION Name Enter a descriptive name that identifies this port. You can enter up to 64 alphanumeric characters. Note: Due to space limitation, the port name may be truncated in some web configurator screens. Type This field displays 10/100/1000M (Gigabit) or 1000M (GBIC).
Page 82 Chapter 7 Basic Setting GS-3012/GS-3012F User’s Guide...
Page 83: Advanced Settings
Advanced Settings VLAN (85) Static MAC Forward Setup (97) Filtering (101) Spanning Tree Protocol (103) Bandwidth Control (113) Broadcast Storm Control (115) Mirroring (117) Link Aggregation (119) Port Authentication (123) Port Security (129) Classifier (133) Policy Rule (139) Queuing Method (145) Multicast (149) DHCP Relay (161)
Page 85: Vlan
H A P T E R The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. See the General, Switch and IP Setup chapter for more information. 8.1 Introduction to IEEE 802.1Q Tagged VLAN Tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were...
Page 86: Automatic Vlan Registration
Chapter 8 VLAN 8.1.2 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 8.1.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and de- register attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP.
Page 87: Select The Vlan Type
Refer to the following figure. Suppose you want to create VLAN groups 1 and 2 (V1 and V2) on devices A and B. Without VLAN Trunking, you must configure VLAN groups 1 and 2 on all intermediary switches C, D and E; otherwise they will drop frames with unknown VLAN group tags.
Page 88: Q Vlan Detail
Chapter 8 VLAN Figure 37 802.1Q VLAN Status The following table describes the labels in this screen. Table 14 802.1Q VLAN Status LABEL DESCRIPTION The Number of This is the number of VLANs configured on the switch. VLAN Index This is the VLAN index number. This is the VLAN identification number.
Page 89: Q Vlan Port Settings
The following table describes the labels in this screen. Table 15 802.1Q VLAN Detail LABEL DESCRIPTION VLAN Status Click this to go to the VLAN Status screen. This is the VLAN identification number. Port Number This column displays the ports that are participating in a VLAN. A tagged port is marked as T, an untagged port is marked as U and ports not participating in a VLAN in marked as “–“.
Page 90: Q Static Vlan
Chapter 8 VLAN The following table describes the labels in this screen. Table 16 802.1Q VLAN Port Settings LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to dynamically register necessary VLAN members on ports across the network.
Page 91: Figure 40 802.1Q Static Vlan
Figure 40 802.1Q Static VLAN The following table describes the labels in this screen. Table 17 802.1Q Static VLAN LABEL DESCRIPTION Active Select this check box to enable the VLAN. Name Enter a descriptive name for this VLAN group for identification purposes. VLAN Group Enter the VLAN ID for this static VLAN entry;...
Page 92: Viewing And Editing Vlan Settings
Chapter 8 VLAN Table 17 802.1Q Static VLAN (continued) LABEL DESCRIPTION Click Add to insert the entry in the summary table below and save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 93: Introduction To Port-Based Vlans
8.3.4.1 VID1 Example Screen Figure 42 VID1 Example Screen 8.4 Introduction to Port-based VLANs Port-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. Port-based VLANs require allowed outgoing ports to be defined for each port. Therefore, if you wish to allow two subscriber ports to talk to each other, for example, between conference rooms in a hotel, you must define the egress (an egress port is an outgoing port, that is, a port through which a data packet leaves) for both ports.
Page 94: Configuring A Port-Based Vlan
Chapter 8 VLAN 8.4.1 Configuring a Port-based VLAN Select Port Based as the VLAN Type in the Switch Setup screen under Basic Setting and then click VLAN under Advanced Application to display the next screen. Figure 43 Port Based VLAN Setup (All Connected) Figure 44 Port Based VLAN Setup (Port isolation) GS-3012/GS-3012F User’s Guide...
Page 95: Table 19 Port Based Vlan Setup
The following table describes the labels in this screen. Table 19 Port Based VLAN Setup LABEL DESCRIPTION Setting Choose from All connected or Port isolation. Wizard All connected means all ports can communicate with each other, that is, there are no virtual LANs.
Page 96 Chapter 8 VLAN GS-3012/GS-3012F User’s Guide...
Page 97: Static Mac Forward Setup
H A P T E R Static MAC Forward Setup Use these screens to configure forwarding rules based on MAC addresses of devices on your network. 9.1 Introduction to Static MAC Forward Setup A static MAC address is an address that has been manually entered in the MAC address table. Static MAC addresses do not age out.
Page 98: Viewing And Editing Static Mac Forwarding Rules
Chapter 9 Static MAC Forward Setup The following table describes the labels in this screen. Table 20 Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box. Name Enter a descriptive name for identification purposes for this static MAC address forwarding rule.
Page 99 Table 21 Static MAC Forwarding: Summary Table (continued) LABEL DESCRIPTION Delete Check the rule(s) that you want to remove in the Delete column, then click the Delete button. Cancel Click Cancel to clear the selected checkboxes in the Delete column. GS-3012/GS-3012F User’s Guide Chapter 9 Static MAC Forward Setup...
Page 100 Chapter 9 Static MAC Forward Setup GS-3012/GS-3012F User’s Guide...
Page 101: Filtering
H A P T E R This chapter discusses static IP and MAC address port filtering. 10.1 Introduction to Filtering Filtering means sifting traffic going through the switch based on the source and/or destination MAC addresses and VLAN group (ID). 10.2 Configuring a Filtering Rule Click Advanced Application and Filtering to display the screen as shown next.
Page 102: Viewing And Editing Filter Rules
Chapter 10 Filtering Table 22 Filtering (continued) LABEL DESCRIPTION Action Select Discard source to drop frame from the source MAC address (specified in the MAC field). The switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address).
Page 103: Spanning Tree Protocol
H A P T E R Spanning Tree Protocol The switch supports Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol The switch also allows you to set up multiple STP configurations (or trees).
Page 104: How Stp Works
Chapter 11 Spanning Tree Protocol Path cost is the cost of transmitting a frame onto a LAN through that port. It is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost.
Page 105: Stp Port States
11.1.3 STP Port States STP assigns five port states to eliminate packet looping. A bridge port is not allowed to go directly from blocking state to forwarding state so as to eliminate transient loops. Table 25 STP Port States PORT STATE DESCRIPTION Disabled STP is disabled (default).
Page 106: Spanning Tree Protocol Main Screen
Chapter 11 Spanning Tree Protocol 11.2 Spanning Tree Protocol Main Screen The switch allows you to configure a single RSTP configuration or you can configure multiple configurations. See Application, Spanning Tree Protocol in the navigation panel to choose whether you want to configure multiple or a single Spanning Tree Protocol configuration.
Page 107: Figure 51 Rstp: Configuration
Figure 51 RSTP: Configuration The following table describes the labels in this screen. Table 27 RSTP: Configuration LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Active Select this check box to activate RSTP. Clear this checkbox to disable RSTP. Bridge Priority Bridge priority is used in determining the root switch, root port and designated port.
Page 108: Rapid Spanning Tree Protocol Status
Chapter 11 Spanning Tree Protocol Table 27 RSTP: Configuration (continued) LABEL DESCRIPTION Max Age This is the maximum time (in seconds) a switch can wait without receiving a BPDU before attempting to reconfigure. All switch ports (except for designated ports) should receive BPDUs at regular intervals.
Page 109: Configure Multiple Rapid Spanning Tree Protocol
Figure 52 Rapid Spanning Tree Protocol: Status The following table describes the labels in this screen. Table 28 Rapid Spanning Tree Protocol: Status LABEL DESCRIPTION Configuration Click Configuration to configure RSTP settings. Refer to 106. Bridge Root refers to the base of the spanning tree (the root bridge). Our Bridge is this switch.
Page 110: Figure 53 Mrstp: Configuration
Chapter 11 Spanning Tree Protocol Figure 53 MRSTP: Configuration The following table describes the labels in this screen. Table 29 MRSTP: Configuration LABEL DESCRIPTION Status Click Status to display the MRSTP Status screen (see Tree This is a read only index number of the STP trees. Active Select this check box to activate an STP tree.
Page 111: Multiple Rapid Spanning Tree Protocol Status
Table 29 MRSTP: Configuration (continued) LABEL DESCRIPTION Forwarding Delay This is the maximum time (in seconds) a switch will wait before changing states. This delay is required because every switch must receive information about topology changes before it starts to forward frames. In addition, each port needs time to listen for conflicting information that would make it return to a blocking state;...
Page 112: Figure 54 Mrstp: Status
Chapter 11 Spanning Tree Protocol Figure 54 MRSTP: Status The following table describes the labels in this screen. Table 30 Spanning Tree Protocol: Status LABEL Configuration Tree Bridge Bridge ID Hello Time (second) Max Age (second) Forwarding Delay (second) Cost to Bridge Port ID Topology Changed Times...
Page 113: Bandwidth Control
H A P T E R This chapter shows you how you can set the maximum bandwidth allowed for traffic flows on a port using the Bandwidth Control setup screens. 12.1 Introduction to Bandwidth Control Bandwidth control means defining a maximum allowable bandwidth for incoming and/or out- going traffic flows on a port.
Page 114: Figure 55 Bandwidth Control
Chapter 12 Bandwidth Control Figure 55 Bandwidth Control The following table describes the labels in this screen. Table 31 Bandwidth Control LABEL DESCRIPTION Active Select this check box to activate bandwidth control. Port This field displays the port number. Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports.
Page 115: Broadcast Storm Control
H A P T E R Broadcast Storm Control 13.1 Introducing Broadcast Storm Control Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
Page 116: Table 32 Broadcast Storm Control
Chapter 13 Broadcast Storm Control The following table describes the labels in this screen. Table 32 Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the switch. Port This field displays a port number. Settings in this row apply to all ports.
Page 117: Mirroring
H A P T E R This chapter discusses the Mirror setup screens. 14.1 Introduction to Port Mirroring Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. 14.2 Port Mirroring Configuration Click Advanced Application, Mirroring in the navigation panel to display the Mirroring screen.
Page 118: Table 33 Mirroring
Chapter 14 Mirroring The following table describes the related labels in this screen. Table 33 Mirroring LABEL DESCRIPTION Active Clear this check box to deactivate port mirroring on the switch. Monitor The monitor port is the port you copy the traffic to in order to examine it in more detail Port without interfering with the traffic flow on the original port(s).
Page 119: Link Aggregation
H A P T E R This chapter shows you how to logically aggregate physical links to form one logical, higher- bandwidth link. 15.1 Introduction to Link Aggregation Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link.
Page 120: Link Aggregation Id
Chapter 15 Link Aggregation 15.1.2 Link Aggregation ID LACP aggregation ID consists of the following information: Table 34 Link Aggregation ID: Local Switch SYSTEM PRIORITY MAC ADDRESS 0000 Table 35 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS 0000 15.2 Link Aggregation Protocol Status Click Advanced Application, Link Aggregation in the navigation panel to display the Link Aggregation Protocol Status screen.
Page 121: Link Aggregation Setup
15.3 Link Aggregation Setup Click Configuration in the Link Aggregation Protocol Status screen to display the screen shown next. You can configure up to six link aggregation groups and each group can aggregate up to eight ports. Figure 59 Link Aggregation: Configuration The following table describes the labels in this screen.
Page 122 Chapter 15 Link Aggregation Table 37 Link Aggregation: Configuration (continued) LABEL DESCRIPTION System LACP system priority is a number between 1 and 65,535. The switch with the lowest Priority system priority (and lowest port number if system priority is the same) becomes the LACP “server”.
Page 123: Port Authentication
H A P T E R This chapter describes the 802.1x authentication method and RADIUS server connection setup. 16.1 Introduction to Authentication IEEE 802.1x is an extended authentication protocol Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile management on a network RADIUS server.
Page 124: Table 38 Supported Vsa
Chapter 16 Port Authentication Refer to the documentation that comes with your RADIUS server on how to configure a VSA. The following table describes the VSAs supported on the switch. Table 38 Supported VSA FUNCTION Ingress Bandwidth Assignment Egress Bandwidth Assignment Privilege Assignment 16.1.1.2 Tunnel Protocol Attribute...
Page 125: Configuring Port Authentication
16.2 Configuring Port Authentication To enable port authentication, first activate IEEE802.1x security (both on the switch and the port(s)) then configure the RADIUS server settings. Click Port Authentication under Advanced Application in the navigation panel to display the screen as shown. Figure 61 Port Authentication 16.2.1 Configuring RADIUS Server Settings Use this screen to configure your RADIUS server settings.
Page 126: Configuring Ieee802.1X
Chapter 16 Port Authentication 16.2.2 Configuring IEEE802.1x Use this screen to activate IEEE 802.1x security. From the Port Authentication screen, click 802.1x to display the configuration screen as shown. Figure 63 Port Authentication: 802.1x The following table describes the labels in this screen. Table 41 Port Authentication: 802.1x LABEL Active...
Page 127 Table 41 Port Authentication: 802.1x (continued) LABEL DESCRIPTION Reauthentication Specify how often a client has to re-enter his or her username and password to Timer stay connected to the port. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 128 Chapter 16 Port Authentication GS-3012/GS-3012F User’s Guide...
Page 129: Port Security
H A P T E R This chapter shows you how to set up port security. 17.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the switch. The switch can learn up to 16K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 16K.
Page 130: Figure 64 Port Security
Chapter 17 Port Security Figure 64 Port Security The following table describes the labels in this screen. Table 42 Port Security LABEL DESCRIPTION Active Select this check box to enable the port security feature on the switch. Port This field displays a port number. Settings in this row apply to all ports.
Page 131 Table 42 Port Security (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 132 Chapter 17 Port Security GS-3012/GS-3012F User’s Guide...
Page 133: Classifier
H A P T E R This chapter introduces and shows you how to configure the packet classifier on the switch. 18.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth.
Page 134: Figure 65 Classifier
Chapter 18 Classifier Figure 65 Classifier The following table describes the labels in this screen. Table 43 Classifier LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. Packet Format Specify the format of the packet.
Page 135 Table 43 Classifier (continued) LABEL DESCRIPTION Ethernet Type Select an Ethernet type or select Others and enter the Ethernet type number in hexadecimal value. Refer to Source MAC Address Select Any to apply the rule to all MAC addresses. To specify a source, select the second choice and type a MAC address in valid MAC address format (six hexadecimal character pairs).
Page 136: Viewing And Editing Classifier Configuration
Chapter 18 Classifier 18.3 Viewing and Editing Classifier Configuration To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen. To change the settings of a rule, click a number in the Index field.
Page 137: Classifier Example
Some of the most common IP ports are: Table 46 Common IP Ports PORT NUMBER PORT NAME Telnet SMTP HTTP POP3 18.4 Classifier Example The following figure shows an example where you configure a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. After you have configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow.
Page 138: Figure 67 Classifier: Example
Chapter 18 Classifier Figure 67 Classifier: Example GS-3012/GS-3012F User’s Guide...
Page 139: Policy Rule
H A P T E R This chapter shows you how to configure policy rules. 19.1 About Policy Rules A classifier distinguishes traffic into flows based on the configured criteria (refer to 18 on page 133 for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network.
Page 140: Configuring Policy Rules
Chapter 19 Policy Rule 19.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to 18 on page 133 Click Advanced Applications and then Policy Rule in the navigation panel to display the screen as shown. Figure 68 Policy for more information.
Page 141: Table 47 Policy
The following table describes the labels in this screen. Table 47 Policy LABEL DESCRIPTION Active Select this option to enable the policy. Name Enter a descriptive name for identification purposes. Classifier(s) This field displays the active classifier(s) you configure in the Classifier screen (refer Chapter 18 on page Select the classifier(s) to which this policy rule applies.
Page 142: Viewing And Editing Policy Configuration
Chapter 19 Policy Rule Table 47 Policy (continued) LABEL DESCRIPTION DiffServ Select No change to keep the TOS and/or DSCP fields in the packets. Select Set the packet’s TOS field to set the TOS field with the value you configure in the TOS field.
Page 143: Policy Example
The following table describes the labels in this screen. Table 48 Policy: Summary Table LABEL DESCRIPTION Index This field displays the policy index number. Click an index number to edit the policy. Active This field displays Yes when policy is activated and No when it is deactivated. Name This field displays the descriptive name for this policy.
Page 144: Figure 70 Policy Example
Chapter 19 Policy Rule Figure 70 Policy Example GS-3012/GS-3012F User’s Guide...
Page 145: Queuing Method
H A P T E R This chapter introduces SPQ and WFQ. 20.1 Introduction to Queuing Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.
Page 146: Weighted Round Robin Scheduling (Wrr)
Chapter 20 Queuing Method 20.1.2 Weighted Round Robin Scheduling (WRR) Round Robin Scheduling services queues on a rotating basis and is activated only when a port has more traffic than it can handle. A queue is given an amount of bandwidth irrespective of the incoming traffic on that port.
Page 147: Figure 71 Queuing Method
Figure 71 Queuing Method The following table describes the labels in this screen. Table 50 Queuing Method LABEL DESCRIPTION Port This label shows the port you are configuring. Method Select SPQ (Strict Priority Queuing) or WRR (Weighted Round Robin) scheduling. Strict Priority Queuing (SPQ) services queues based on priority only.
Page 148 Chapter 20 Queuing Method GS-3012/GS-3012F User’s Guide...
Page 149: Multicast
H A P T E R This chapter shows you how to configure various multicast features. 21.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.
Page 150: Multicast Status
Chapter 21 Multicast The switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your switch.
Page 151: Figure 73 Multicast Setting
Figure 73 Multicast Setting The following table describes the labels in this screen. Table 52 Multicast Setting LABEL DESCRIPTION IGMP Snooping Active Select Active to enable IGMP snooping to forward group multicast traffic only to ports that are members of that group. Host Timeout Specify the time (from 1 to 16,711,450) in seconds that elapses before the switch removes an IGMP group membership entry if it does not receive report messages...
Page 152 Chapter 21 Multicast Table 52 Multicast Setting (continued) LABEL Unknown Multicast Frame Reserved Multicast Group Port Immed. Leave Group Limited Select this option to limit the number of multicast groups this port is allowed to join. Max Group Num. IGMP Filtering Profile IGMP Querier Mode...
Page 153: Igmp Filtering Profile
21.4 IGMP Filtering Profile IGMP filter profiles allow you to control access to IGMP multicast groups. This allows you to have a service available to a specific IGMP multicast group. You can configure an IGMP filter profile for an IGMP multicast group that has access to a service (like a SIP server for example).
Page 154: Mvr Overview
Chapter 21 Multicast Table 53 Multicast: IGMP Filtering Profile (continued) LABEL DESCRIPTION Delete To delete the profile(s) and all the accompanying rules, select the profile(s) that you want to remove in the Delete Profile column, then click the Delete button. To delete a rule(s) from a profile, select the rule(s) that you want to remove in the Delete Rule column, then click the Delete button.
Page 155: How Mvr Works
In dynamic mode, the switch sends IGMP leave and join reports to the other multicast devices (such as multicast routers or servers) in the multicast VLAN. This allows the multicast devices to update the multicast forwarding table to forward or not forward multicast traffic to the receiver ports.
Page 156: Figure 77 Mvr
Chapter 21 Multicast Your switch automatically creates a static VLAN (with the same VID) when you create a multicast VLAN in this screen. Figure 77 MVR The following table describes the related labels in this screen. Table 54 MVR LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be...
Page 157: Mvr Group Configuration
Table 54 MVR (continued) LABEL DESCRIPTION Mode Specify the MVR mode on the switch. Choices are Dynamic and Compatible. Select Dynamic to send IGMP reports to all MVR source ports in the multicast VLAN. Select Compatible to set the switch not to send IGMP reports. Port This field displays the port number on the switch.
Page 158: Figure 78 Mvr Group Configuration
Chapter 21 Multicast A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. Figure 78 MVR Group Configuration The following table describes the labels in this screen. Table 55 MVR Group Configuration LABEL DESCRIPTION Multicast VLAN...
Page 159: Mvr Configuration Example
Table 55 MVR Group Configuration (continued) LABEL DESCRIPTION Delete Select Delete All and click Delete to remove all entries from the table. Select Delete Group and click Delete to remove the selected entry(ies) from the table. Cancel Select Cancel to clear the checkbox(es) in the table. 21.7.1 MVR Configuration Example The following figure shows a network example where ports 1, 2 and 3 on the switch belong to VLAN 1.
Page 160: Figure 81 Mvr Configuration Example
Chapter 21 Multicast To set the switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. Figure 81 MVR Configuration Example Figure 82 MVR Configuration Example GS-3012/GS-3012F User’s Guide...
Page 161: Dhcp Relay
H A P T E R This chapter describes the DHCP relay and shows you how to configure the DHCP Relay screen. 22.1 DHCP Relay Overview DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a DHCP server. You can configure the switch to relay client DHCP requests to a DHCP server and the server’s responses back to the clients.
Page 162: Figure 83 Dhcp Relay
Chapter 22 DHCP Relay Figure 83 DHCP Relay The following table describes the labels in this screen. Table 56 DHCP Relay LABEL DESCRIPTION Active Select this check box to enable DHCP relay. Remote Enter the IP address of a DHCP server in dotted decimal notation. DHCP Server 1 ..
Page 163: Static Routing And Management
Static Routing and Management Routing Protocol (165) Maintenance (167) Access Control (175) Diagnostic (187) Syslog (189) Cluster Management (193) MAC Table (199) ARP Table (201) Configure Clone (203)
Page 165: Routing Protocol
H A P T E R This chapter shows you how to configure the routing functions. 23.1 Static Route Overview Static routes tell the switch how to forward IP traffic when you configure the TCP/IP parameters manually. Click Routing Protocol in the navigation panel and then Static Routing to display the screen as shown.
Page 166: Figure 85 Static Routing: Summary Table
Chapter 23 Routing Protocol Table 57 Static Routing (continued) LABEL DESCRIPTION Gateway IP Enter the IP address of the gateway. The gateway is an immediate neighbor of your Address switch that will forward the packet to the destination. The gateway must be a router on the same segment as your switch.
Page 167: Firmware Upgrade
H A P T E R This chapter explains how to configure the maintenance screens. The links on the upper right of the Maintenance screen lead to different screens that let you maintain the firmware and configuration files. 24.1 Maintenance Click Management and then Maintenance in the navigation panel to open the following screen.
Page 168: Load Factory Defaults
Chapter 24 Maintenance Table 59 Maintenance (continued) LABEL DESCRIPTION Save Click Config 1 to save the current configuration settings to Configuration 1 on the Configuration switch. Click Config 2 to save the current configuration settings to Configuration 2 on the switch.
Page 169: Figure 89 Backup Configuration
Alternatively, click Save on the top right-hand corner in any screen to save the configuration changes to the current configuration. Clicking the Apply or Add button does NOT save the changes permanently. All unsaved changes are erased after you reboot the switch. 24.4 Reboot System Reboot System allows you to restart the switch without physically turning the power off.
Page 170: Restore A Configuration File
Chapter 24 Maintenance Figure 90 Firmware Upgrade Type the path and file name of the firmware file you wish to upload to the switch in the File Path text box or click Browse to locate it. After you have specified the file, click Upgrade. The system does not restart automatically after you upload the firmware.
Page 171: Reboot System
Figure 92 Backup Configuration Follow the steps below to back up the current switch configuration to your computer in this screen. 1 Click Backup. 2 Click Save to display the Save As screen. 3 Choose a location to save the file on your computer from the Save in drop-down list box and type a descriptive name for it in the File name list box.
Page 172: Ftp Command Line Procedure
Chapter 24 Maintenance ZyNOS (ZyXEL Network Operating System sometimes referred to as the “ras” file) is the system firmware and has a “bin” filename extension. Table 60 Filename Conventions INTERNAL FILE TYPE NAME Configuration config File Firmware 24.8.1.1 Example FTP Commands ftp>...
Page 173: Gui-Based Ftp Clients
24.8.3 GUI-based FTP Clients The following table describes some of the commands that you may see in GUI-based FTP clients. Table 61 General Commands for GUI-based FTP Clients COMMAND Host Address Login Type Transfer Type Initial Remote Directory Initial Local Directory 24.8.4 FTP Restrictions FTP will not work when: •...
Page 174 Chapter 24 Maintenance GS-3012/GS-3012F User’s Guide...
Page 175: Access Control
H A P T E R This chapter describes how to control access to the switch. 25.1 About Access Control Click Advanced Application, Access Control from the navigation panel to display the screen as shown. From this screen you can configure SNMP, up to four web configurator administrators, enable/disable remote service access and configure trusted computers for remote access.
Page 176: About Snmp
Chapter 25 Access Control Figure 94 Console Port Priority “Local administrator is configuring this device now!!! Connection to host lost.” 25.3 About SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network switches. SNMP is a member of TCP/IP protocol suite. A manager station can manage and monitor the switch through the network via SNMP version one (SNMPv1) and/or SNMP version 2c.
Page 177: Supported Mibs
Table 63 SNMP Commands (continued) COMMAND DESCRIPTION Allows the manager to set values for object variables within an agent. Trap Used by the agent to inform the manager of some events. 25.3.1 Supported MIBs MIBs let administrators collect statistics and monitor status and performance. The switch supports the following MIBs: •...
Page 178: Setting Up Login Accounts
Chapter 25 Access Control Figure 96 Access Control: SNMP The following table describes the labels in this screen. Table 65 Access Control: SNMP LABEL DESCRIPTION Enter the get community, which is the password for the incoming Get- and GetNext- Community requests from the management station.
Page 179: Figure 97 Access Control: Logins
Click Access Control from the navigation panel and then click Logins from this screen. Figure 97 Access Control: Logins The following table describes the labels in this screen. Table 66 Access Control: Logins LABEL DESCRIPTION Administrator This is the default administrator account with the “admin” user name. You cannot change the default administrator user name.
Page 180: Ssh Overview
Chapter 25 Access Control 25.4 SSH Overview Unlike Telnet or FTP, which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network. Figure 98 SSH Communication Example 25.5 How SSH works The following table summarizes how a secure connection is established between two remote...
Page 181: Ssh Implementation
25.6 SSH Implementation Your switch supports SSH versions 1 and 2 using RSA and DSA authentication and five encryption methods (AES, 3DES, RC4, Blowfish and CAST). The SSH server is implemented on the switch for remote management and file transfer on port 22 (by default). Up to four SSH connections are allowed at a time.
Page 182: Https Example
Chapter 25 Access Control 25.7.1 HTTPS Example If you haven’t changed the default HTTPS port on the switch, then in your browser enter “https://switch IP Address/” as the web site address where “switch IP Address” is the IP address or domain name of the switch you wish to access. The HTTPS proxy server listens on port 443 by default.
Page 183: Login Screen
Figure 102 Security Certificate 1 (Netscape) Figure 103 Security Certificate 2 (Netscape) 25.7.4 Login Screen After you accept the certificate and login in, the switch main screen appears. The lock displayed in the bottom of the browser status bar denotes a secure connection. GS-3012/GS-3012F User’s Guide Chapter 25 Access Control...
Page 184: Service Access Control
Chapter 25 Access Control Figure 104 Example: Lock Denoting a Secure Connection 25.8 Service Access Control Service access control allows you to decide what services you may use to access the switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later).
Page 185: Remote Management
The following table describes the fields in this screen. Table 67 Access Control: Service Access Control LABEL DESCRIPTION Services Services you may use to access the switch are listed here. Active Select this option for the corresponding services that you want to allow to access the switch.
Page 186 Chapter 25 Access Control Table 68 Access Control: Remote Management (continued) LABEL Start Address End Address Telnet/FTP/HTTP/ ICMP /SNMP/SSH/ HTTPS Apply Cancel DESCRIPTION Configure the IP address range of trusted computers from which you can manage this switch. The switch checks if the client IP address of a computer requesting a service or protocol matches the range set here.
Page 187: Diagnostic
H A P T E R This chapter explains the Diagnostic screens. 26.1 Diagnostic Click Management and then Diagnostic in the navigation panel to display this screen. Use this screen to check system logs, ping IP addresses or perform loopback tests on a port. Figure 107 Diagnostic The following table describes the labels in this screen.
Page 188 Chapter 26 Diagnostic GS-3012/GS-3012F User’s Guide...
Page 189: Syslog
H A P T E R This chapter explains the syslog screens. 27.1 Syslog The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server.
Page 190: Syslog Server Setup
Chapter 27 Syslog Figure 108 Syslog Setup The following table describes the labels in this screen. Table 71 Syslog Setup LABEL DESCRIPTION Syslog Select this check box to turn on syslog (system logging) and then configure the syslog settings. Logging type This column displays the names of the categories of logs that the device can generate.
Page 191: Figure 109 Syslog Server Setup
Figure 109 Syslog Server Setup The following table describes the labels in this screen. Table 72 Syslog Server Setup LABEL DESCRIPTION Active Select this check box to have the device send logs to this syslog server. Clear the check box if you want to create a syslog server entry but not have the device send logs to it (you can edit the entry later).
Page 192 Chapter 27 Syslog GS-3012/GS-3012F User’s Guide...
Page 193: Cluster Management
H A P T E R This chapter introduces cluster management. 28.1 Introduction to Cluster Management Cluster Management allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
Page 194: Cluster Management Status
Chapter 28 Cluster Management 28.2 Cluster Management Status Click Management in the navigation panel and then Cluster Management to display the following screen. Figure 111 Cluster Management Status The following table describes the labels in this screen. Table 74 Cluster Management Status LABEL Status Manager...
Page 195: Figure 112 Cluster Member Web Configuration Screen
Figure 112 Cluster Member Web Configuration Screen 28.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. Figure 113 Example: Uploading Firmware to a Cluster Member Switch C:\>...
Page 196: Clustering Management Configuration
Chapter 28 Cluster Management Table 75 FTP Upload to Cluster member Example (continued) FTP PARAMETER config-00-13-49-00-00- 370LR0.bin 28.3 Clustering Management Configuration Click Configuration from the Cluster Management screen to display the next screen. Refer Section 28.1 on page 193 Figure 114 Configuring Cluster Management DESCRIPTION The cluster member switch’s configuration file name as seen in the cluster manager switch.
Page 197: Table 76 Configuring Cluster Management
The following table describes the labels in this screen. Table 76 Configuring Cluster Management LABEL DESCRIPTION Clustering Manager Active Select Active to have this switch become the cluster manager switch. A cluster can only have one manager. Other (directly connected) switches that are set to be cluster managers will not be visible in the Clustering Candidates list.
Page 198 Chapter 28 Cluster Management GS-3012/GS-3012F User’s Guide...
Page 199: Mac Table
H A P T E R This chapter introduces MAC Table. 29.1 Introduction to MAC Table The MAC table shows how frames are forwarded or filtered across the switch’s ports. It shows what device MAC address, belonging to what VLAN group (if any) is forwarded to which port(s) and whether the MAC address is dynamic (learned by the switch) or static (manually entered in Static MAC Forwarding).
Page 200: Viewing Mac Table
Chapter 29 MAC Table 29.2 Viewing MAC Table Click Management in the navigation panel and then MAC Table to display the following screen. The MAC Table can hold up to 16K entries. Figure 116 MAC Table The following table describes the labels in this screen. Table 77 MAC Table LABEL DESCRIPTION...
Page 201: Arp Table
H A P T E R This chapter introduces the ARP Table. 30.1 Introduction to ARP Table Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
Page 202: Figure 117 Arp Table
Chapter 30 ARP Table Figure 117 ARP Table The following table describes the labels in this screen. Table 78 ARP Table LABEL DESCRIPTION Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below.
Page 203: Configure Clone
H A P T E R This chapter shows you how you can copy the settings of one port onto other ports. 31.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports.
Page 204: Table 79 Configure Clone
Chapter 31 Configure Clone The following table describes the labels in this screen. Table 79 Configure Clone LABEL DESCRIPTION Source/ Enter the source port under the Source label. This port’s attributes are copied. Destination Enter the destination port or ports under the Destination label. These are the ports Port which are going to have the same attributes as the source port.
Page 205: Commands And Troubleshooting
Commands and Troubleshooting Introducing the Commands (207) Command Examples (239) IEEE 802.1Q Tagged VLAN Commands (257) Troubleshooting (265)
Page 207: Introducing The Commands
H A P T E R Introducing the Commands This chapter introduces the commands and gives a summary of commands available. 32.1 Overview In addition to the web configurator, you can use line commands to configure the switch. Use line commands for advanced switch diagnosis and troubleshooting. If you have problems with your switch, customer support may request that you issue some of these commands to assist them in troubleshooting.
Page 208: Access Priority
You can view the initialization information using the console port. After the initialization, the login screen displays (refer to Figure 119 Initial Console Port Screen Copyright (c) 1994 - 2006 ZyXEL Communications Corp. initialize mgmt, ethernet address: 00:13:49:18:00:30 initialize switch, ethernet address: 00:13:49:18:00:31 Initializing switch unit 0...
Page 209: The Login Screen
1 For local management, connect your computer to the RJ-45 management port (labeled MGMT) on the switch. 2 Make sure your computer IP address and the switch IP address are on the same subnet. In Windows, click Start (usually in the bottom left corner), Run and then type “ ”...
Page 210: Getting Help
Chapter 32 Introducing the Commands 32.5 Getting Help The system includes a help facility to provide you with the following information about the commands: • List of available commands under a command group. • Detailed descriptions of the commands. 32.5.1 List of Available Commands Enter “...
Page 211: Privilege Levels
Enter to display detailed help information about the sub commands and <command> ? parameters. Figure 123 CLI Help: Detailed Command Information: Example 1 sysname> ping help Commands available: ping <ip|host-name> < [ in-band|out-of-band|vlan <vlan-id> ] [ size <0-1472> ] [ -t ] >...
Page 212: Table 80 Command Interpreter Mode Summary
Chapter 32 Introducing the Commands To enter Enable (or privileged) mode, type when prompted (the default is 1234). When you enter Enable mode, the command prompt changes to the pound sign ( (admin) you automatically enter Enable mode. The following table describes command interpreter modes and how to access them. Table 80 Command Interpreter Mode Summary MODE...
Page 213: Using Command History
32.8 Using Command History The switch keeps a list of commands you have entered for the current CLI session. You can use any commands in the history again by pressing the up ( ) or down ( ) arrow key to scroll through the previously used commands and press [ENTER].
Page 214: Command Summary
Chapter 32 Introducing the Commands 32.10 Command Summary The following sections summarize the commands available in the switch together with a brief description of each command. Commands listed in the tables are in alphabetical order. See the related section in the User’s Guide for more background information. 32.10.1 User Mode The following table describes the commands available for User mode.
Page 215: Enable Mode
32.10.2 Enable Mode The following table describes the commands available for Enable mode. Table 82 Command Summary: Enable Mode COMMAND baudrate <1|2|3|4|5> boot config <index> cable- <port-list> diagnosti configure copy running-config interface port- channel <port> <port-list> running-config tftp <ip> <remote- file>...
Page 216 Chapter 32 Introducing the Commands Table 82 Command Summary: Enable Mode (continued) COMMAND exit help history igmp- flush kick tcp <Session ID> logout mac-flush <port-num> interface <port- number> logging ping <ip|host-name> [<in-band|out-of- band|vlan <vlan- id>] [size <0-1472>] [-t] DESCRIPTION Resets to the factory default interface port- settings on a per port basis.
Page 217 Table 82 Command Summary: Enable Mode (continued) COMMAND reload config <index> show alarm-status classifier cluster garp hardware-monitor <C|F> https igmp-filtering profile igmp-snooping interfaces <port- list> interfaces config <port-list> GS-3012/GS-3012F User’s Guide Chapter 32 Introducing the Commands DESCRIPTION Restarts the system with the specified configuration file.
Page 218 Chapter 32 Introducing the Commands Table 82 Command Summary: Enable Mode (continued) COMMAND lacp logging loginPrecedence logins mac-aging-time mrstp <tree- index> multicast multi-login policy port-access- authenticator DESCRIPTION Displays IGMP group settings. igmp-group- limited Displays IGMP immediate leave igmp-immediate- settings. leave Displays IGMP query mode igmp-query-mode settings on the port(s).
Page 219 Table 82 Command Summary: Enable Mode (continued) COMMAND port-security radius-server remote-management running-config service-control snmp-server spanning-tree GS-3012/GS-3012F User’s Guide Chapter 32 Introducing the Commands DESCRIPTION Displays port authentication <port-list> settings on the specified port(s). Displays all port security settings. Displays port security settings on <port-list>...
Page 220: Configure Mode
Chapter 32 Introducing the Commands Table 82 Command Summary: Enable Mode (continued) COMMAND system- information time timesync trunk vlan vlan1q <1|2> <[user@]dest-ip> tracerout <ip|host-name> [in-band|out-of- band|vlan <vlan- id>] [ttl <1-255>] [wait <1-60>] [queries <1-10>] write memory 32.10.3 Configure Mode The following table lists the commands in Configuration (or Config) mode. Table 83 Command Summary: Configure Mode COMMAND admin-...
Page 221 Table 83 Command Summary: Configure Mode (continued) COMMAND classifier <name> <[packet-format <802.3untag|802.3t EtherIIuntag|Ether IItag>] [priority <0-7>] [vlan <vlan-id>] [ethernet-type <ether-num|ip|ipx| arp|rarp| appletalk|decnet| sna|netbios|dlc>] [source-mac <src- mac-addr>] [source-port <port-num>] [destination-mac <dest-mac-addr>] [dscp <0-63> ] [ip-protocol <protocol- num|tcp|udp|icmp|e gp|ospf|rsvp|igmp| igp|pim|ipsec> [establish-only]] [source-ip <src- ip-addr>...
Page 222 Chapter 32 Introducing the Commands Table 83 Command Summary: Configure Mode (continued) COMMAND helper-address <svr_ip> [svr2_ip] [svr3_ip] information option exit garp join <100-65535> leave <msec> leaveall <msec> help history hostname <name_string> https cert-regeneration <rsa|dsa> igmp- filtering profile <name> start-address <ip> end-address <ip>...
Page 223 Table 83 Command Summary: Configure Mode (continued) COMMAND unknown-multicast- frame <drop|flooding> interface port-channel <port-list> address address default- gateway name-server route lacp system-priority loginPreceden <LocalOnly | LocalRADIUS | RADIUSOnly> logins username <name> password <pwd> username <name> privilege <0-14> logout mac-aging- <10-3000> time mac-filter name <name>...
Page 224 Chapter 32 Introducing the Commands Table 83 Command Summary: Configure Mode (continued) COMMAND mac-forward name <name> mac <mac-addr> vlan <vlan-id> interface <interface-id> name <name> mac <mac-addr> vlan <vlan-id> interface <interface-id> inactive mirror-port <port-num> mode zynos mrstp <tree- index> hello-time <1-10> maximum-age <6-40>...
Page 225 Table 83 Command Summary: Configure Mode (continued) COMMAND cluster dhcp-relay igmp-filtering igmp-snooping lacp logins mac-filter mac-forward mirror-port GS-3012/GS-3012F User’s Guide Chapter 32 Introducing the Commands DESCRIPTION Enables a classifier. <name> inactive Disables cluster management on the switch. Removes the cluster member <mac- member.
Page 226 Chapter 32 Introducing the Commands Table 83 Command Summary: Configure Mode (continued) COMMAND mrstp mrstp interface multi-login policy port-access- authenticator port-security radius-server remote-management service-control DESCRIPTION Disables the specified STP <tree-index> configuration. tree-index: Disables the STP assignment <port-list> from the specified port(s). Disables another administrator from logging into Telnet or the CLI.
Page 227 Table 83 Command Summary: Configure Mode (continued) COMMAND snmp-server spanning-tree storm-control syslog timesync trunk vlan vlan1q GS-3012/GS-3012F User’s Guide Chapter 32 Introducing the Commands DESCRIPTION Disables SSH (Secure Shell) server access to the switch. Disables telnet access to the telnet switch.
Page 228 Chapter 32 Introducing the Commands Table 83 Command Summary: Configure Mode (continued) COMMAND password <password> policy <name> classifier <classifier-list> <[vlan<vlan-id>] [egress-port <port-num>] [priority <0-7>] [dscp <0-63>] [tos <0-7>] [bandwidth <bandwidth>] [outgoing-packet- format <tagged|untagged>] [out-of-profile- dscp <0-63>] [forward-action <drop|forward>] [queue-action <prio-set|prio- queue|prio- replace-tos>] [diffserv-action...
Page 229 Table 83 Command Summary: Configure Mode (continued) COMMAND <port-list> reauth-period <reauth-period> port-security <port-list> <port-list> address-limit <number> <port-list> learn inactive <port-list> MAC- freeze queue priority <0-7> level <0-7> radius-server host <index> <ip> mode <priority|round- robin> timeout <1-1000> remote- <index> management <index> start-addr <ip>...
Page 230 Chapter 32 Introducing the Commands Table 83 Command Summary: Configure Mode (continued) COMMAND service- ftp <socket- control number> http <socket- number> <timeout> https <socket- number> icmp snmp ssh <socket- number> telnet <socket- number> snmp-server [contact <system contact>] [location <system location>] get-community <property>...
Page 231 Table 83 Command Summary: Configure Mode (continued) COMMAND server <ip> type <system, interface, switch, authentication, ip> type <system, interface, switch, authentication, ip> time <Hour:Min:Sec> date <month/day/ year> timezone <- 1200|...|1200> timesync <daytime|time|ntp> server <ip> trunk <T1|T2|T3|T4|T5|T6 > <T1|T2|T3|T4|T5|T6 >interface <port- list>...
Page 232: Config-Vlan Commands
Chapter 32 Introducing the Commands 32.10.4 config-vlan Commands The following table lists the Table 84 Command Summary: config-vlan Commands COMMAND vlan <1-4094> exit fixed <port- list> forbidden <port-list> help inactive ip address name <name- str> commands in configuration mode. vlan DESCRIPTION Creates a new VLAN group.
Page 233: Interface Port-Channel Commands
Table 84 Command Summary: config-vlan Commands (continued) COMMAND normal <port- list> untagged <port-list> 32.10.5 interface port-channel Commands The following table lists the Use these commands to configure the ports. Table 85 Command Summary: Interface COMMAND interfac e port- channel <port- list>...
Page 234 Chapter 32 Introducing the Commands Table 85 Command Summary: Interface (continued) COMMAND egress set exit flow-control frame-type gvrp help igmp-filtering profile <name> igmp-group- limited igmp-group- limited number <number> igmp-immediate- leave igmp-querier- mode <auto|fixed|edge > inactive ingress-check intrusion-lock mirror multicast-limit DESCRIPTION Sets the outgoing traffic port list for a <port-list>...
Page 235 Table 85 Command Summary: Interface (continued) COMMAND name pvid qos priority speed-duplex GS-3012/GS-3012F User’s Guide Chapter 32 Introducing the Commands DESCRIPTION Sets a name for your interface. Enter a <port-name- descriptive name (up to nine printable string> ASCII characters). Disables CIR bandwidth limits on the bandwidth-limit port(s).
Page 236: Mvr Commands
Chapter 32 Introducing the Commands Table 85 Command Summary: Interface (continued) COMMAND test vlan-trunking 32.10.6 mvr Commands The following table lists the Table 86 Command Summary: mvr Commands COMMAND mvr <1-4094> 8021p-priority <0 - 7> exit group <name-str> start-address <ip> end-address <ip>...
Page 237 Table 86 Command Summary: mvr Commands (continued) COMMAND receiver-port <port- list> source-port <port- list> tagged <port-list> GS-3012/GS-3012F User’s Guide Chapter 32 Introducing the Commands DESCRIPTION Sets the receiver port(s). An MVR receiver port can only receive multicast traffic in a multicast VLAN. Sets the source port(s).
Page 238 Chapter 32 Introducing the Commands GS-3012/GS-3012F User’s Guide...
Page 239: Command Examples
H A P T E R This chapter describes some commands in more detail. 33.1 Overview These are commands that you may use frequently in maintaining your switch. 33.2 show Commands These are the commonly used 33.2.1 show system-information Syntax: show system-information This command shows the general system information (such as the firmware version and system up time).
Page 240: Show Hardware-Monitor
Chapter 33 Command Examples 33.2.2 show hardware-monitor Syntax: show hardware-monitor [c|f] This command displays the current hardware status (such as temperature and voltage levels). Figure 128 how hardware-monitor Command Example sysname> show hardware-monitor c Temperature Unit : (c) Temperature(%c) --------------- FAN Speed(RPM) -------------- FAN1...
Page 241: Show Logging
33.2.4 show logging This command is not available in User mode. Syntax: show logging This command displays the system logs. The following figure shows an example. Figure 130 show logging Command Example sysname# show logging 57 Thu Jan 1 00:00:05 1970 PINI 58 Thu Jan 1 00:00:02 1970 PP0c -WARN 59 Thu Jan...
Page 242: Show Mac Address-Table
Chapter 33 Command Examples Figure 131 show interface Command Example sysname# show interface 2 Port Info TX Packet RX Packet TX Collison Error Packet Distribution sysname# 33.2.6 show mac address-table Syntax: show mac address-table <all <sort>|static> where <sort> This command displays the MAC address(es) stored in the switch. The following example shows a static MAC address table.
Page 243: Ping
Figure 132 show mac address-table Command Example sysname# show mac address-table static Port VLAN ID sysname# 33.3 ping Syntax: ping <ip> < [in-band|out-of-band|vlan <vlan-id> ] [ size <0-8024> ] [ -t ]> where <ip> [in-band|out-of- band|vlan <vlan- id> ] [ size <0-8024> ] [ -t ] This command sends Ping packets to an Ethernet device.
Page 244: Enabling Rstp
Chapter 33 Command Examples [in-band|out-of- band|vlan <vlan- id> ] [ttl <1-255>] [wait <1-60>] [queries <1-10>] This command displays information about the route to an Ethernet device. The following example displays route information to an Ethernet device with an IP address of 192.168.1.100. Figure 134 traceroute Command Example sysname>...
Page 245: Restoring Configuration
This command backs up the current configuration file on a TFTP server. The following example backs up the current configuration to a file ( 172.23.19.96 Figure 136 CLI: Backup Configuration Example sysname# copy running-config tftp 172.23.19.96 test.cfg Backuping (599)Bytes Done! sysname# 33.6.2 Restoring Configuration This command allows you to restore a configuration file to the currently running configuration...
Page 246: Using A Different Configuration File
Chapter 33 Command Examples 33.6.3 Using a Different Configuration File You can store up to two configuration files on the switch. Only one configuration file is used at a time. By default the switch uses the first configuration file (with an index number of 1). You can set the switch to use a different configuration file.
Page 247: Example No Commands
33.7 Example no Commands These are the commonly used command examples that belong to the “no” group of commands. 33.7.1 no mirror-port Syntax: no mirror-port Disables port mirroring on the switch. An example is shown next. Figure 141 no mirror-port Command Example sysname(config)# no mirror-port 33.7.2 no trunk Syntax:...
Page 248: No Port-Access-Authenticator
Chapter 33 Command Examples 33.7.3 no port-access-authenticator Syntax: no port-access-authenticator no port-access-authenticator no port-access-authenticator where <port-list> reauthenticate <port-list> An example is shown next. • Disable authentication on the switch. • Disable re-authentication on ports one, three, four and five. • Disable authentication on ports one, six and seven. Figure 143 no port-access-authenticator Command Example sysname(config)# no port-access-authenticator sysname(config)# no port-access-authenticator 1,3-5 reauthenticate...
Page 249: Interface Commands
• Remove the remote host with IP address 172.165.1.9 and with an SSH-RSA encryption key from the list of known hosts. Figure 144 no ssh Command Example sysname(config)# no ssh key rsa1 sysname(config)# no ssh known-hosts 172.165.1.8 sysname(config)# no ssh known-hosts 172.165.1.9 ssh-rsa 33.8 interface Commands These are some commonly used commands that belong to the interface group of commands.
Page 250: Broadcast-Limit
Chapter 33 Command Examples • Enable ports one, three, four and five for configuration. • Set the BPDU control to tunnel, to forward BPDUs received on ports one, three, four and five. Figure 146 interface bpdu-control Command Example sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# bpdu-control tunnel sysname(config-interface)# 33.8.3 broadcast-limit...
Page 251: Mirror
• Enable port one for configuration. • Enable bandwidth control. • Set the outgoing traffic bandwidth limit to 5000Kbps. • Set the guaranteed bandwidth allowed for incoming traffic to 4000Kbps. • Set the maximum bandwidth allowed for incoming traffic to 8000Kbps. Figure 148 bandwidth-limit Command Example sysname(config)# interface port-channel 1 sysname(config-interface)# bandwidth-limit...
Page 252: Ingress-Check
Chapter 33 Command Examples GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Enable this function to permit VLANs groups beyond the local switch. An example is shown next.
Page 253: Weight
33.8.9 weight Syntax: weight <wt1> <wt2> ... <wt8> where <wt1> <wt2> ... <wt8> An example is shown next. • Enable port two and ports six to eight for configuration. • Set the queue weights from Q0 to Q7. Figure 153 weight Command Example sysname# configure sysname(config)# interface port-channel 2,6-8 sysname(config-interface)# weight 8 7 6 5 4 3 2 1...
Page 254: Name
Chapter 33 Command Examples An example is shown next. • Enable ports one, three, four and five for configuration. • Set the IEEE 802.1p quality of service priority as four (4). Figure 155 qos priority Command Example sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# qos priority 4 33.8.12 name Syntax:...
Page 255: Figure 157 Speed-Duplex Command Example
Chapter 33 Command Examples Figure 157 speed-duplex Command Example sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# speed-duplex 10-half GS-3012/GS-3012F User’s Guide...
Page 256 Chapter 33 Command Examples GS-3012/GS-3012F User’s Guide...
Page 257: Ieee 802.1Q Tagged Vlan Commands
H A P T E R IEEE 802.1Q Tagged VLAN This chapter describes the IEEE 802.1Q Tagged VLAN and associated commands. 34.1 IEEE 802.1Q Tagged VLAN Overview See the VLAN chapter for more information on VLANs. There are two kinds of tagging: 1 Explicit Tagging A VLAN identifier is added to the frame header that identifies the source VLAN.
Page 258: Configuring Tagged Vlan
Chapter 34 IEEE 802.1Q Tagged VLAN Commands 34.3 Configuring Tagged VLAN The following procedure shows you how to configure tagged VLAN. 1 Use the IEEE 802.1Q tagged VLAN commands to configure tagged VLAN for the switch. 2 Use the vlan <vlan-id> switch automatically enters the 3 Use the exit...
Page 259: Garp Status
34.4.1 GARP Status Syntax: show garp This command shows the switch’s GARP timer settings, including the join, leave and leave all timers. An example is shown next. Figure 160 garp status Command Example sysname# show garp GARP Timer ------------------------ Join Timer :200 Leave Timer...
Page 260: Show Gvrp
Chapter 34 IEEE 802.1Q Tagged VLAN Commands 34.4.3 Show GVRP Syntax: show vlan1q gvrp This command shows the switch’s GVRP settings. An example is shown next. Figure 161 show gvrp Command Example sysname# show vlan1q gvrp GVRP Support --------------------- gvrpEnable = YES 34.4.4 Enable GVRP Syntax: vlan1q gvrp...
Page 261: Set Acceptable Frame Type
Figure 162 port default vid Command Example sysname(config)# interface port-channel 1-5 sysname(config-interface)# pvid 200 34.5.2 Set Acceptable Frame Type Syntax: frame-type <all|tagged> where <all|tagged> This command sets the specified port to accept all Ethernet frames or only those with an IEEE 802.1Q VLAN tag.
Page 262: Figure 165 Modifying Static Vlan Example
Chapter 34 IEEE 802.1Q Tagged VLAN Commands Syntax: vlan <vlan-id> fixed <port-list> forbidden <port-list> name <name-str> normal <port-list> untagged <port-list> no fixed <port-list> no forbidden <port-list> no untagged <port-list> where <vlan-id> <name-str> <port-list> = • Enter to register the fixed •...
Page 263: Delete Vlan Id
Untagged Frames 1 An untagged frame comes in from the LAN. 2 The switch checks the PVID table and assigns a temporary VID of 1. 3 The switch ignores the port from which the frame came, because the switch does not send a frame to the port from which it came.
Page 264: Figure 167 Show Vlan Command Example
Chapter 34 IEEE 802.1Q Tagged VLAN Commands An example is shown next. For the section of the last column, “-“ is a port set to normal, “x” is a forbidden port AdCtl and “F” is a fixed port. For the section of the last column, “T“...
Page 265: Troubleshooting
H A P T E R This chapter covers potential problems and possible remedies. Problems Starting Up the Switch Table 87 Troubleshooting the Start-Up of Your Switch PROBLEM CORRECTIVE ACTION None of the LEDs Check the power connection and make sure the power source is turned on. turn on when you If the error persists, you may have a hardware problem.
Page 266: Problems With The Password
Chapter 35 Troubleshooting Problems with the Password Table 89 Troubleshooting the Password PROBLEM Cannot access the switch. CORRECTIVE ACTION The password field is case sensitive. Make sure that you enter the correct password using the proper casing. The administrator username is “admin”. The default administrator password is “1234”.
Page 267: Appendices And Index
Appendices and Index Product Specifications (269) Browser Setup (273) IP Addresses and Subnetting (279) Legal Information (287) Customer Support (291) Index (295)
Page 269: Appendix A Product Specifications
P P E N D I X Product Specifications These are the GS-3012 and GS-3012F product specifications. Table 90 General Product Specifications Standards IEEE802.3 10BASE-T Ethernet (twisted-pair copper) IEEE802.3u 100BASE-TX Fast Ethernet (twisted-pair copper) ANSI/IEEE802.3 Auto-negotiation IEEE802.3x Flow Control IEEE802.1p Priority Queues IEEE802.1q VLAN IEEE802.1d Spanning Tree IEEE 802.1x Authentication...
Page 270: Table 91 Performance And Management Specifications
Appendix A Product Specifications Table 91 Performance and Management Specifications Back plane 12.8 Gbps Packet Forwarding Rate 148800 PPS for 100BASE-TX 1488000PPS for 1000Base-X Uplink packet forwarding rate depends on the uplink module used (see your module manual) Switching Method Store-and-forward MAC Address Table 16 K entries...
Page 271: Table 92 Physical And Environmental Specifications
Table 92 Physical and Environmental Specifications Weight GS-3012 Main switch: 4 Kg GS-3012F Main switch: 3.1 Kg Main switch: PWR, SYS, ALM Per Port: LNK/ACT, FDX (GS-3012) Per Port: 1000, 100 (GS-3012F) Per GBIC Slot: LNK, ACT Per Management Port: 10, 100 Dimensions Main switch: GS-3012: 438(W) x 300(D) x 45(H) mm...
Page 272 Appendix A Product Specifications Table 93 Firmware Features FEATURE DESCRIPTION Classifier and Policy You can create a policy to define actions to be performed on a traffic flow grouped by a classifier according to specific criteria such as the IP address, port number or protocol type, etc.
Page 273: Appendix B Browser Setup
P P E N D I X This appendix helps you configure your browser for working with the web configurator. Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. •...
Page 274: Figure 169 Internet Options
Appendix B Browser Setup 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 169 Internet Options 3 Click Apply to save this setting.
Page 275: Figure 170 Internet Options
Figure 170 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 171 Pop-up Blocker Settings GS-3012/GS-3012F User’s Guide Appendix B Browser Setup...
Page 276: Figure 172 Internet Options
Appendix B Browser Setup 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 172 Internet Options 2 Click the Custom Level...
Page 277: Figure 173 Security Settings - Java Scripting
Figure 173 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
Page 278: Figure 175 Java (Sun)
Appendix B Browser Setup JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Figure 175 Java (Sun) GS-3012/GS-3012F User’s Guide...
Page 279: Introduction To Ip Addresses
P P E N D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 280: Figure 176 Network Number And Host Id
Appendix C IP Addresses and Subnetting Figure 176 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 281: Table 95 Subnet Masks
Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 95 Subnet Masks BINARY OCTET 8-bit mask 11111111 16-bit mask 11111111 24-bit mask 11111111...
Page 282: Figure 177 Subnetting Example: Before Subnetting
Appendix C IP Addresses and Subnetting Table 97 Alternative Subnet Mask Notation (continued) SUBNET MASK 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons.
Page 283: Figure 178 Subnetting Example: After Subnetting
Figure 178 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 284: Table 99 Subnet 2
Appendix C IP Addresses and Subnetting Table 99 Subnet 2 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.64 Broadcast Address: 192.168.1.127 Table 100 Subnet 3 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.128 Broadcast Address:...
Page 285: Table 103 24-Bit Network Number Subnet Planning
Table 102 Eight Subnets (continued) SUBNET SUBNET ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 103 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS The following table is a summary for subnet planning on a network with a 16-bit network number.
Page 286: Configuring Ip Addresses
Appendix C IP Addresses and Subnetting Table 104 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” HOST BITS Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Page 288: Zyxel Limited Warranty
Appendix D Legal Information FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This device generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.
Page 289 condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Page 290 Appendix D Legal Information GS-3012/GS-3012F User’s Guide...
Page 291: Appendix E Customer Support
José, Costa Rica Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 • Fax: +420-241-091-359 • Web Site: www.zyxel.cz • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 - Modrany, Ceská Republika GS-3012/GS-3012F User’s Guide Customer Support...
Page 292 • Support E-mail: support@zyxel.fi • Sales E-mail: sales@zyxel.fi • Telephone: +358-9-4780-8411 • Fax: +358-9-4780 8448 • Web Site: www.zyxel.fi • Regular Mail: ZyXEL Communications Oy, Malminkaari 10, 00700 Helsinki, Finland France • E-mail: info@zyxel.fr • Telephone: +33-4-72-52-97-97 • Fax: +33-4-72-52-19-20 •...
Page 293 • Sales E-mail: sales@zyxel.com • Telephone: +1-800-255-4101, +1-714-632-0882 • Fax: +1-714-632-0858 • Web Site: www.us.zyxel.com • FTP Site: ftp.us.zyxel.com • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no •...
Page 294 Appendix E Customer Support • Web Site: www.zyxel.es • Regular Mail: ZyXEL Communications, Arte, 21 5ª planta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • Telephone: +46-31-744-7700 • Fax: +46-31-744-7701 • Web Site: www.zyxel.se • Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Ukraine •...
Page 295: Index
Numerics 802.1Q VLAN type acceptable frame type access control address learning Address Resolution Protocol (ARP) aging time airflow all connected ALM LED alternative subnet mask notation how it works learned IP addresses viewing entries ARP (Address Resolution Protocol) ARP table auto-crossover back plane backup configuration...
Page 296 Index data buffer Daytime (RFC 867) default Ethernet settings default IP address Destination Lookup Failure (DLF) DHCP diagnostics DiffServ (Differentiated Services) DiffServ Code Point (DSCP) DiffServ marking rule dimensions disclaimer DS (Differentiated Services) DS field DVLAN table dynamic link aggregation egress port error packet Ethernet address...
Page 297 rack-mounting transceivers installation scenarios Internet Assigned Numbers Authority, See also IANA IP address IP interface IP Ports IP setup 71, 77 IP subnet mask iStacking join timer LACP timeout LACP status leave all timer leave timer LEDs Link Aggregate Control Protocol (LACP), link aggregation link aggregation ID link aggregation setup...
Page 298 Index password default PHB (Per-Hop Behavior) ping policy actions example metering view summary policy rules port authentication and VSA port based VLAN type port cloning 203, 204 advanced settings 203, 204 basic settings 203, 204 port details 66, 67 port isolation port mirroring port mirroring, CLI port security...
Page 299 SNMP (Simple Network Management Protocol) SNMP traps source MAC address Spanning Tree Protocol (STP) speed/duplex SSH (Secure Shell) SSH implementation standards static MAC address static MAC forward setup static MAC forwarding static route setup static VLAN control tagging status 108, 111 bridge ID 109, 112 bridge priority...
Page 300 Index ID (VID) implicit tagging introduction port-based priority frame registration information tag control tagged VLAN type types of VLAN (Virtual Local Area Network) VLAN databases VLAN group VLAN ID 79, 85 maximum number of VLAN Identifier VLAN port settings VLAN status VLAN type vlan1q port accept, command vlan1q port gvrp, command...

This manual is also suitable for:

Gs-3012f series

ZyXEL Communications GS-3012 Series User Manual

Chapter 1 Getting to Know Your Switch

Chapter 2

Chapter 3 Hardware Overview

Chapter 4 Introducing the Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Details

Chapter 7 Basic Setting

Chapter 8 VLAN

Chapter 9 Static MAC Forward Setup

Chapter 10 Filtering

Chapter 11 Spanning Tree Protocol

Chapter 12 Bandwidth Control

Chapter 13 Broadcast Storm Control

Chapter 14 Mirroring

Chapter 15 Link Aggregation

Chapter 16 Port Authentication

Chapter 17 Port Security

Chapter 18 Classifier

Chapter 19 Policy Rule

Chapter 20 Queuing Method

Chapter 21 Multicast

Quick Links

Troubleshooting

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for ZyXEL Communications GS-3012 Series

Summary of Contents for ZyXEL Communications GS-3012 Series