Page 1 ES-2108 Series Ethernet Switch User’s Guide Version 3.70 10/2006 Edition 2...
Page 3: Copyright
Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
Page 4: Certifications
FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This device generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.
Page 5 ES-2108 Series User’s Guide 2 Select your product from the drop-down list box on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page. Certifications...
Page 6: Safety Warnings
ES-2108 Series User’s Guide For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 ES-2108 Series User’s Guide This product is recyclable. Dispose of it properly. Safety Warnings...
Page 8: Zyxel Limited Warranty
Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Page 9: Customer Support
+7-3272-590-689 1-800-255-4101 www.us.zyxel.com +1-714-632-0882 +1-714-632-0858 ftp.us.zyxel.com ES-2108 Series User’s Guide REGULAR MAIL ZyXEL Communications Corp. 6 Innovation Road II Science Park Hsinchu 300 Taiwan ZyXEL Costa Rica Plaza Roble Escazú Etapa El Patio, Tercer Piso San José, Costa Rica ZyXEL Communications Czech s.r.o.
Page 10 +46-31-744-7701 www.ua.zyxel.com +380-44-494-49-32 +44-1344 303044 www.zyxel.co.uk 08707 555779 (UK only) +44-1344 303034 ftp.zyxel.co.uk REGULAR MAIL ZyXEL Communications A/S Nils Hansens vei 13 0667 Oslo Norway ZyXEL Communications ul. Okrzei 1A 03-715 Warszawa Poland ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279...
Page 11: Table Of Contents
Copyright ... 3 Certifications ... 4 Safety Warnings ... 6 ZyXEL Limited Warranty... 8 Customer Support... 9 Table of Contents ... 11 List of Figures ... 21 List of Tables ... 25 Preface ... 29 Chapter 1 Getting to Know Your Switch ... 31 1.1 Introduction ...31...
Page 12 Initial Setup Example ... 59 5.1 Overview ...59 5.1.1 Creating a VLAN ...59 5.1.2 Setting Port VID ...60 5.1.3 Configuring Switch Management IP Address ...61 Chapter 6 System Status and Port Statistics ... 63 6.1 Port Status Overview 6.1.1 Status: Port Details Chapter 7 Basic Setting ...
Page 13 7.2 System Information 7.3 General Setup 7.4 Introduction to VLANs ...75 7.5 Switch Setup Screen 7.6 IP Setup 7.6.1 Management IP Addresses ...78 7.7 Port Setup Chapter 8 VLAN ... 83 8.1 Introduction to IEEE 802.1Q Tagged VLAN 8.1.1 Forwarding Tagged and Untagged Frames ...83 8.2 Automatic VLAN Registration ...84...
Page 14 ES-2108 User’s Guide Chapter 12 Bandwidth Control ... 107 12.1 Bandwidth Control Setup ...107 Chapter 13 Broadcast Storm Control... 109 13.1 Broadcast Storm Control Setup ...109 Chapter 14 Mirroring ...111 14.1 Port Mirroring Setup ... 111 Chapter 15 Link Aggregation... 113 15.1 Link Aggregation Overview ...113 15.2 Dynamic Link Aggregation ...113 15.2.1 Link Aggregation ID ...114...
Page 15 Chapter 19 Multicast... 127 19.1 Multicast Overview ...127 19.1.1 IP Multicast Addresses ...127 19.1.2 IGMP Filtering ...127 19.1.3 IGMP Snooping ...127 19.2 Multicast Status ...128 19.3 Multicast Setting ...128 19.4 IGMP Filtering Profile ...130 19.5 MVR Overview ...132 19.5.1 Types of MVR Ports ...132 19.5.2 MVR Modes ...132 19.5.3 How MVR Works ...133 19.6 General MVR Configuration ...133...
Page 16 Chapter 26 Cluster Management ... 171 26.1 Clustering Management Status Overview ...171 26.2 Clustering Management Status ...172 26.2.1 Cluster Member Switch Management ...173 26.2.1.1 Uploading Firmware to a Cluster Member Switch ...173 26.3 Clustering Management Configuration ...174 ...151 ...152 ...153 ...154...
Page 17 30.8 Getting Help ...187 30.8.1 List of Available Commands ...188 30.9 Using Command History ...189 30.10 Saving Your Configuration ...189 30.10.1 Switch Configuration File ...189 30.10.2 Logging Out ...190 30.11 Command Summary ...190 30.11.1 User Mode ...190 30.11.2 Enable Mode ...191 30.11.3 General Configuration Mode ...196...
Page 18 ES-2108 User’s Guide 31.2 show Commands ...213 31.2.1 show system-information ...213 31.2.2 show ip ...214 31.2.3 show logging ...214 31.2.4 show interface ...214 31.2.5 show mac address-table ...215 31.3 ping ...216 31.4 traceroute ...216 31.5 Copy Port Attributes ...217 31.5.1 Resetting to the Factory Default ...218 Chapter 32 Configuration Mode Commands...
Page 19 35.1 Overview ...247 35.2 Create Multicast VLAN ...247 Chapter 36 Troubleshooting ... 249 36.1 Problems Starting Up the Switch ...249 36.2 Problems Accessing the Switch ...249 36.2.1 Pop-up Windows, JavaScripts and Java Permissions ...250 36.2.1.1 Internet Explorer Pop-up Blockers ...250 36.2.1.2 JavaScripts ...253...
Page 20 ES-2108 User’s Guide Appendix A Product Specifications ... 257 Appendix B IP Addresses and Subnetting ... 261 Index... 271 Table of Contents...
Page 21: List Of Figures
Figure 19 Web Configurator Home Screen (Status) ... 52 Figure 20 Change Administrator Login Password ... 56 Figure 21 Resetting the Switch: Via the Console Port ... 58 Figure 22 Web Configurator: Logout Screen ... 58 Figure 23 Initial Setup Network Example: VLAN ... 59 Figure 24 Initial Setup Network Example: Port VID ...
Page 22 ES-2108 Series User’s Guide Figure 39 VLAN: VLAN Status ... 86 Figure 40 Static VLAN Details ... 87 Figure 41 VLAN: Static VLAN ... 88 Figure 42 VLAN: VLAN Port Setting ... 90 Figure 43 Port Based VLAN Setup (All Connected) ... 92 Figure 44 Port Based VLAN Setup (Port Isolation) ...
Page 23 Figure 100 Clustering Management: Status ... 172 Figure 101 Cluster Management: Cluster Member Web Configurator Screen ... 173 Figure 102 Example: Uploading Firmware to a Cluster Member Switch ... 174 Figure 103 Clustering Management Configuration ... 175 Figure 104 MAC Table Flowchart ... 177 Figure 105 MAC Table ...
Page 24 ES-2108 Series User’s Guide List of Figures...
Page 25: List Of Tables
Table 26 Bandwidth Control ... 107 Table 27 Broadcast Storm Control ... 109 Table 28 Mirroring ... 111 Table 29 Link Aggregation ID: Local Switch ... 114 Table 30 Link Aggregation ID: Peer Switch ... 114 Table 31 Link Aggregation Control Protocol Status ... 114 Table 32 Link Aggregation Control Protocol: Configuration ...
Page 26 Table 61 Syslog Severity Levels ... 167 Table 62 Syslog ... 168 Table 63 Syslog: Server Setup ... 169 Table 64 ZyXEL Clustering Management Specifications ... 171 Table 65 Clustering Management: Status ... 172 Table 66 FTP Upload to Cluster Member Example ... 174 Table 67 Clustering Management Configuration ...
Page 27 ES-2108 Series User’s Guide Table 82 Management Specifications ... 258 Table 83 Physical and Environmental Specifications ... 259 Table 84 Subnet Mask - Identifying Network Number ... 262 Table 85 Subnet Masks ... 263 Table 86 Maximum Host Numbers ... 263 Table 87 Alternative Subnet Mask Notation ...
Page 28 ES-2108 Series User’s Guide List of Tables...
Page 29: Preface
Settings and then click Control Panel. • “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”. • The ES-2108 Series may be referred to as “the ES-2108”, “the switch”, or “the device” in this User’s Guide.
Page 30: User Guide Feedback
User Guide Feedback Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Page 31: Getting To Know Your Switch
Ethernet Ports Fan-less design With its built-in web configurator, managing and configuring the switch is easy. In addition, the switch can also be managed via Telnet, SSH (Secure SHell), any terminal emulator program on the console port, or third-party SNMP management.
Page 32: Dhcp Client
TCP/IP configuration at start-up from a server. You can configure the switch as a DHCP client to obtain TCP/IP information (such as the IP address and subnet mask) from a DHCP server. If you disable the DHCP service, you must manually enter the TCP/IP information.
Page 33: Hardware Features
(R)STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a switch to interact with other (R)STP -compliant switches in your network to ensure that only one path exists between any two stations on the network.
Page 34: Applications
This section shows a few examples of using the switch in various network environments. 1.4.1 Backbone Application In this application, the switch is an ideal solution for small networks where rapid growth can be expected in the near future. The switch can be used standalone for a group of heavy traffic users. You can connect computers directly to the switch’s port or connect other switches to the switch.
Page 35: Bridging Example
Figure 2 Bridging Application 1.4.3 High Performance Switched Example The switch is ideal for connecting two networks that need high bandwidth. In the following example, use trunking to connect these two networks. Chapter 1 Getting to Know Your Switch...
Page 36: Ieee 802.1Q Vlan Application Examples
Ethernet cables and adapter cards, restructuring your network and complex maintenance. The switch can provide the same bandwidth as ATM at much lower cost while still being able to use existing adapters and switches.
Page 37: Vlan Shared Server Example
In this example, only ports that need access to the server need belong to VLAN 1. Ports can belong to other VLAN groups too. Figure 5 Shared Server Using VLAN Example Chapter 1 Getting to Know Your Switch ES-2108 Series User’s Guide...
Page 38 ES-2108 Series User’s Guide Chapter 1 Getting to Know Your Switch...
Page 39: Hardware Installation And Connection
4 Remove the adhesive backing from the rubber feet. 5 Attach the rubber feet to each corner on the bottom of the switch. These rubber feet help protect the switch from shock or vibration and ensure space between devices when stacking.
Page 40: Mounting The Switch On A Rack
2.2.2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the switch, lining up the four screw holes on the bracket with the screw holes on the side of the switch.
Page 41: Wall-Mounting Installation
4 Make sure the screws are snugly fastened to the wall. They need to hold the weight of the switch with the connection cables. 5 Align the holes on the back of the switch with the screws on the wall. Hang the switch on the screws.
Page 42 ES-2108 Series User’s Guide Chapter 2 Hardware Installation and Connection...
Page 43: Chapter 3 Hardware Overview
This chapter describes the front panel and rear panel of the switch and shows you how to make the hardware connections. 3.1 Front Panel Connection The figure below shows the front panel of the switch. Figure 9 Front Panel: ES-2108...
Page 44: Figure 12 Front Panel: Es-2108-Lc
DESCRIPTION All Models CONSOLE Only connect this port if you want to configure the switch using the command line interface (CLI) via the console port. Eight 10/100 Connect these ports to a computer, a hub, an Ethernet switch or router.
Page 45: Console Port
• No parity, 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the console cable to the console port of the switch. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer.
Page 46: Mini-Gbic Slot
This is a slot for mini-GBIC (Gigabit Interface Converter) transceivers. A transceiver is a single unit that houses a transmitter and a receiver. The switch does not come with transceivers. You must use transceivers that comply with the SFP Transceiver MultiSource Agreement (MSA).
Page 47: Transceiver Removal
3 The switch automatically detects the installed transceiver. Check the LEDs to verify that it is functioning properly. Figure 14 Installed Transceiver 3.1.4.2 Transceiver Removal Use the following steps to remove a mini GBIC transceiver (SFP module). 1 Open the transceiver’s latch (latch styles vary).
Page 48: Rear Panel
ES-2108 Series User’s Guide 3.2 Rear Panel The following figure shows the rear panel of the switch. The power receptacle is on the rear panel. Figure 17 Rear Panel 3.2.1 Power Connector Make sure you are using the correct power source as shown on the panel.
Page 49 DESCRIPTION The switch is supplying power to the connected device that supports PoE. No device is connected to this port or the switch is not supplying power via the Ethernet cable. Blinking The system is transmitting/receiving to/from a 10/100 Mbps Ethernet network.
Page 50 ES-2108 Series User’s Guide Chapter 3 Hardware Overview...
Page 51: The Web Configurator
4.2 System Login 1 Start your web browser. 2 Type “http://” and the IP address of the switch (for example, the default is 192.168.1.1) in the Location or Address field. Press 3 The login screen appears. The default username is admin and associated default password is 1234.
Page 52: The Status Screen
ES-2108 Series User’s Guide Figure 18 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is the first screen that displays when you access the web configurator. The following figure shows the navigating components of a web configurator screen. Figure 19 Web Configurator Home Screen (Status) A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window.
Page 53: Table 4 Navigation Panel Sub-Links Overview
B - Click this link to save your configuration into the switch’s nonvolatile memory. Nonvolatile memory is the configuration of your switch that stays the same even if the switch’s power is turned off. C - Click this link to go to the status page of the switch.
Page 54: Table 5 Web Configurator Screen Sub-Links Details
This link takes you to a screen that displays general system and hardware monitoring information (on the ES-2108PWR). General Setup This link takes you to a screen where you can configure general identification information about the switch. ADVANCED IP APPLICATION APPLICATION...
Page 55 LINK DESCRIPTION Switch Setup This link takes you to a screen where you can set up global switch parameters such as VLAN type, MAC address learning, GARP and priority queues. IP Setup This link takes you to a screen where you can configure the management IP address, subnet mask (necessary for switch management) and DNS (domain name server).
Page 56: Change Your Password
4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the switch’s power is turned off. Chapter 4 The Web Configurator...
Page 57: Switch Lockout
Note: Be careful not to lock yourself and others out of the switch. 4.6 Resetting the Switch If you lock yourself (and others) from the switch or forget the switch password, you will need to reload the factory-default configuration file or reset the switch back to the factory defaults.
Page 58: Logging Out Of The Web Configurator
262144 bytes received. Erasing.. ras> atgo The switch is now re initialized with the factory-default configuration file including the default password of “1234”. 4.7 Logging Out of the Web Configurator Click Logout in a screen to exit the web configurator. You have to log in with your password again after you log out.
Page 59: Initial Setup Example
This chapter shows how to set up the switch for an example network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the switch IP management address 5.1.1 Creating a VLAN...
Page 60: Setting Port Vid
VLAN only. 4 To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the switch to remove VLAN tags before sending. 5 Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the switch’s power is turned off.
Page 61: Configuring Switch Management Ip Address
5.1.3 Configuring Switch Management IP Address The default management IP address of the switch is 192.168.1.1. You can configure another IP address in a different subnet for management purposes. The following figure shows an example.
Page 62: Figure 25 Initial Setup Example: Management Ip Address
ES-2108 Series User’s Guide Figure 25 Initial Setup Example: Management IP Address 1 Connect your computer to any Ethernet port on the switch. Make sure your computer is in the same subnet as the switch. 2 Open your web browser and enter 192.168.1.1 (the default IP address) in the address bar to access the web configurator.
Page 63: System Status And Port Statistics
System Status and Port This chapter describes the system status (web configurator home page) and port details screens. 6.1 Port Status Overview The home screen of the web configurator displays a port statistical summary table with links to each port showing statistical details. To view the port statistics, click Status in all web configurator screens to display the Status screen as shown next.
Page 64: Figure 27 Status (Es-2108-G)
ES-2108 Series User’s Guide Figure 27 Status (ES-2108-G) The following table describes the labels in this screen. Table 7 Status LABEL DESCRIPTION Port This identifies the Ethernet port. Click a port number to display the Port Details screen (refer to Name This field displays the name of the port.
Page 65: Status: Port Details
Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the switch. Note: The ES-2108PWR screen is different from the other models covered in this UG.
Page 66: Figure 28 Status: Port Details (Es-2108Pwr)
ES-2108 Series User’s Guide Figure 28 Status: Port Details (ES-2108PWR) Chapter 6 System Status and Port Statistics...
Page 67: Figure 29 Status: Port Details (Es-2108-G)
Figure 29 Status: Port Details (ES-2108-G) The following table describes the labels in this screen. Table 8 Status: Port Details LABEL DESCRIPTION Port Info Name This field shows the name of the port. Link This field shows whether the Ethernet connection is down, and the speed/duplex mode.
Page 68 This field is only available on the ES-2108PWR but not available for the Gigabit and MaxCurrent mini-GBIC ports. (mA) This field shows the maximum current a powered device can get from the switch. If the (ES-2108PWR powered device’s power consumption exceeds the maximum power offered by the Only) switch, the switch stops sending power.
Page 69 Table 8 Status: Port Details (continued) LABEL DESCRIPTION Error Packet RX CRC This field shows the number of packets received with CRC (Cyclic Redundant Check) error(s). Runt This field shows the number of packets received that were too short (shorter than 64 octets), including the ones with CRC errors.
Page 70 ES-2108 Series User’s Guide Chapter 6 System Status and Port Statistics...
Page 71: Chapter 7 Basic Setting
The real time is then displayed in the switch logs. The Switch Setup screen allows you to set up and configure global switch features. The IP Setup screen allows you to configure a switch IP address, subnet mask(s) and DNS (domain name server) for management purposes.
Page 72: Figure 30 System Info (Es-2108Pwr)
DESCRIPTION System Name This field displays the descriptive name of the switch for identification purposes. ZyNOS F/W This field displays the version number of the switch 's current firmware including the Version date created. Ethernet This field refers to the Ethernet MAC (Media Access Control) address of the switch.
Page 73: General Setup
You may choose the temperature unit (Centigrade or Fahrenheit) in this field. Temperature CPU, MAC and LOCAL refer to the location of the temperature sensors on the switch printed circuit board. Current This field displays the current temperature measured at this sensor.
Page 74: Figure 32 General Setup
Location Enter the geographic location (up to 32 characters) of your switch. Contact Person's Enter the name (up to 32 characters) of the person in charge of this switch. Name Login Use this drop-down list box to select which database the switch should use (first) to Precedence authenticate an administrator (user for switch management).
Page 75: Introduction To Vlans
2000-1-1 0:0. Time Server IP Enter the IP address of your timeserver. The switch searches for the timeserver for Address up to 60 seconds. If you select a timeserver that is unreachable, then this screen will appear locked for 60 seconds.
Page 76: Switch Setup Screen
Chapter 8 on page 83 7.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN.
Page 77: Ip Setup
Use the next two fields to configure the priority level-to-physical queue mapping. The switch has four physical queues that you can map to the 8 priority levels. On the switch, traffic assigned to higher index queues gets through faster while traffic in lower index queues is dropped if the network is congested.
Page 78: Management Ip Addresses
ES-2108 Series User’s Guide 7.6.1 Management IP Addresses The switch needs an IP address for it to be managed over the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address.
Page 79 If a port is not a member of this VLAN, then users on that port cannot access the device. To access the switch make sure the port that you are connected to is a member of Management VLAN.
Page 80: Port Setup
Ethernet port are the same in order to connect. Use this screen to configure switch port settings. Click Basic Setting and then Port Setup in the navigation panel to enter the port configuration screen.
Page 81: Figure 36 Port Setup (Es-2108-G)
Figure 36 Port Setup (ES-2108-G) The following table describes the labels in this screen. Table 13 Port Setup LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 82 (ES-2108PWR Only) A powered device (PD) is a device such as an access point or a switch, that supports PoE (Power over Ethernet) so that it can receive power from another device through a 10/100Mbps Ethernet port. Select the check box to allow a powered device (connected to the port) to receive power from the switch.
Page 83: Chapter 8 Vlan
The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 8.1 Introduction to IEEE 802.1Q Tagged VLAN A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created.
Page 84: Automatic Vlan Registration
GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Enable this function to permit VLANs groups beyond the local switch. Please refer to the following table for common GARP terminology.
Page 85: Port Vlan Trunking
C, D and E; otherwise they will drop frames with unknown VLAN group tags. However, with VLAN Trunking enabled on a port(s) in each intermediary switch you only need to create VLAN groups in the end devices (A and B). C, D and E automatically allow frames with VLAN group tags 1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s).
Page 86: Static Vlan
The following table describes the labels in this screen. Table 15 VLAN: VLAN Status LABEL DESCRIPTION The Number of This is the number of VLANs configured on the switch. VLAN Index This is the VLAN index number. Click on this to view port settings for the specified VLAN.
Page 87: Static Vlan Details
This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up. Status This field shows how this VLAN was added to the switch; dynamic - using GVRP, static - added as a permanent entry or it shows other - added using Multicast VLAN Registration (MVR).
Page 88: Figure 41 Vlan: Static Vlan
Select TX Tagging if you want the port to tag all outgoing frames transmitted with this VLAN Group ID. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 89: Configure Vlan Port Settings
Table 17 VLAN: Static VLAN (continued) LABEL DESCRIPTION Cancel Click Cancel to reset the fields. Clear Click Clear to start configuring the screen again. This field displays the ID number of the VLAN group. Click the number to edit the VLAN settings.
Page 90: Figure 42 Vlan: Vlan Port Setting
GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Select this check box to permit VLAN groups beyond the local switch. Port Isolation Port Isolation allows each port to communicate only with the CPU management port and the uplink ports but not communicate with each other.
Page 91: Port Based Vlan Setup
Port-based VLANs are specific only to the switch on which they were created. Note: When you activate port-based VLAN, the switch uses a default VLAN ID of 1. You cannot change it.
Page 92: Figure 43 Port Based Vlan Setup (All Connected)
ES-2108 Series User’s Guide Figure 43 Port Based VLAN Setup (All Connected) Chapter 8 VLAN...
Page 93: Figure 44 Port Based Vlan Setup (Port Isolation)
(its outgoing port). CPU refers to the switch management port. By default it forms a VLAN with all Ethernet ports. If it does not form a VLAN with a particular port then the switch cannot be managed from that port.
Page 94 DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 95: Static Mac Forwarding
MAC addresses for a port. This may reduce the need for broadcasting. Static MAC address forwarding together with port security allow only computers in the MAC address table on a port to access the switch. See on port security.
Page 96: Figure 45 Static Mac Forwarding
After you set the fields above, click Add to insert a new rule. Clicking Add saves your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 97 Table 20 Static MAC Forwarding (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. Chapter 9 Static MAC Forwarding ES-2108 Series User’s Guide...
Page 98 ES-2108 Series User’s Guide Chapter 9 Static MAC Forwarding...
Page 99: Chapter 10 Filtering
This chapter discusses MAC address port filtering. 10.1 Configure a Filtering Rule Filtering means sifting traffic going through the switch based on the source MAC addresses and VLAN group (ID). Click Advanced Application and Filtering in the navigation panel to display the screen as shown next.
Page 100 LABEL DESCRIPTION Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 101: Spanning Tree Protocol
(R)STP detects and breaks network loops and provides backup links between switches, bridges or routers. It allows a switch to interact with other (R)STP -compliant switches in your network to ensure that only one path exists between any two stations on the network.
Page 102: How Stp Works
On each bridge, the root port is the port through which this bridge communicates with the root. It is the port on this switch with the lowest path cost to the root (the root path cost). If there is no root port, then this switch has been accepted as the root bridge of the spanning tree network.
Page 103: Figure 47 Spanning Tree Protocol: Status
This switch may also be the root bridge. Bridge ID This is the unique identifier for this bridge, consisting of bridge priority plus MAC address. This ID is the same for Root and Our Bridge if the switch is the root switch. Hello Time...
Page 104: Configure Rapid Spanning Tree Protocol
STP tree. Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch. If all switches have the same priority, the switch with the lowest MAC address will then become the root switch.
Page 105 (provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the switch ports attached to the network. The allowed range is 6 to 40 seconds.
Page 106 ES-2108 Series User’s Guide Chapter 11 Spanning Tree Protocol...
Page 107: Chapter 12 Bandwidth Control
The following table describes the related labels in this screen. Table 26 Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the switch. Port This field displays the port number. Chapter 12 Bandwidth Control ES-2108 Series User’s Guide...
Page 108 64. If you enter a number between 1729 and 1999, the rate is fixed at 1792. If you enter a number between 2000 and 103999, the switch rounds the number down to the nearest multiple of 1000.
Page 109: Broadcast Storm Control
Broadcast storm control limits the number of broadcast frames that can be stored in the switch buffer or sent out from the switch. Broadcast frames that arrive when the buffer is full are discarded. Enable this feature to reduce broadcast traffic coming into your network.
Page 110 64. If you enter a number between 1729 and 1999, the rate is fixed at 1792. If you enter a number between 2000 and 103999, the switch rounds the number down to the nearest multiple of 1000.
Page 111: Chapter 14 Mirroring
Table 28 Mirroring LABEL DESCRIPTION Active Clear this check box to deactivate port mirroring on the switch. Monitor The monitor port is the port you copy the traffic to in order to examine it in more detail Port without interfering with the traffic flow on the original port(s). Select this port from this drop-down list box.
Page 112 (incoming) and Both. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 113: Chapter 15 Link Aggregation
“standby” ports become operational without user intervention. Please note that: • You must connect all ports point-to-point to the same Ethernet switch and configure the ports for LACP trunking.
Page 114: Link Aggregation Id
ES-2108 Series User’s Guide 15.2.1 Link Aggregation ID LACP aggregation ID consists of the following information Table 29 Link Aggregation ID: Local Switch SYSTEM PRIORITY MAC ADDRESS 0000 Table 30 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS 0000 15.3 Link Aggregation Control Protocol Status...
Page 115: Link Aggregation Setup
Select this checkbox to enable Link Aggregation Control Protocol (LACP). System LACP system priority is a number between 1 and 65,535. The switch with the lowest Priority system priority (and lowest port number if system priority is the same) becomes the LACP “server”.
Page 116 Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 117: Chapter 16 Port Authentication
16.1.1.1 Vendor Specific Attribute A Vendor Specific Attribute (VSA) is an attribute-value pair that is sent between a RADIUS server and the switch. Configure VSAs on the RADIUS server to set the switch to perform the following actions on an authenticated user: •...
Page 118: Tunnel Protocol Attribute
16.1.1.2 Tunnel Protocol Attribute You can configure tunnel protocol attributes on the RADIUS server to assign a port on the switch to a VLAN (fixed, untagged). This will also set the port’s VID. Refer to RFC 3580 for more information.
Page 119: Configuring Radius Server Settings
16.2.1 Configuring RADIUS Server Settings From the Port Authentication screen, click RADIUS to display the configuration screen as shown. You can configure two RADIUS servers on the switch. Use this screen to configure the first RADIUS server. Note: Use the CLI to configure the first or second RADIUS server.
Page 120: Figure 57 Port Authentication: 802.1X
Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 121: Chapter 17 Port Security
For maximum port security, enable this feature, disable MAC address learning and configure static MAC address(es) for a port. Functionally the switch allows for three possible outcomes with port security. You can configure the ports to: • Forward all packets and learn all MAC addresses.
Page 122: Figure 58 Port Security
MAC addresses aged out. MAC address aging out time can be set in the Switch Setup screen. The valid range is from “0” to “8192”. “0” means that the limiting of learned addresses is disabled.
Page 123: Port Security Example
17.3 Port Security Example The following example demonstrates the various settings and results associated with different port security configurations. Ports 1 to 5 are configured to: • Port 1 - Forward all packets and learn all MAC addresses. • Port 2 - Forward all packets and learn all MAC addresses. •...
Page 124 ES-2108 Series User’s Guide Table 38 Port Security Example (continued) ACTIVATE PORT PORT SECURITY SETTINGS ACTIVATE LIMIT NO. OF ADDRESS LEARNED MAC LEARNING ADDRESSES 0 (disables limits) Drop all packets from unknown MAC addresses, do not learn MAC addresses. Drop all packets from unknown MAC addresses, do not learn MAC addresses.
Page 125: Chapter 18 Queuing Method
Strict Priority Queuing (SPQ) services queues based on priority only. As traffic comes into the switch, traffic on the highest priority queue, Q3 is transmitted first. When that queue empties, traffic on the next highest-priority queue, Q2 is transmitted until Q2 empties, and then traffic is transmitted on Q1 and so on.
Page 126: Configuring Queuing Method
Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 127: Chapter 19 Multicast
This allows you to control the distribution of multicast services (such as content information distribution) based on service plans and types of subscription. You can set the switch to filter the multicast group join reports on a per-port basis by configuring an IGMP filtering profile and associating the profile to a port.
Page 128: Multicast Status
ES-2108 Series User’s Guide The switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your switch.
Page 129: Figure 62 Multicast Setting
Select Active to enable IGMP Snooping to forward group multicast traffic only to ports that are members of that group. Host Timeout Specify the time (from 1 to 16,711,450) in seconds that elapses before the switch removes an IGMP group membership entry if it does not receive report messages from the port.
Page 130: Igmp Filtering Profile
(or server). The switch forwards IGMP join or leave packets to an IGMP query port. Select Auto to have the switch use the port as an IGMP query port if the port receives IGMP query packets. Select Fixed to have the switch always use the port as an IGMP query port. Select this when you connect an IGMP multicast server to the port.
Page 131: Figure 63 Multicast: Igmp Filtering Profile
If you want to add a single multicast IP address, enter it in both the Start Address and End Address fields. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 132: Mvr Overview
Figure 64 MVR Network Example 19.5.1 Types of MVR Ports In MVR, a source port is a port on the switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast data. Once configured, the switch maintains a forwarding table that matches the multicast stream to the associated multicast group.
Page 133: How Mvr Works
When the subscriber changes the channel or turns off the computer, an IGMP leave message is sent to the switch to leave the multicast group. The switch sends a query to VLAN 1 on the receiver port (in this case, a DSL port on the switch). If there is another subscriber device connected to this port in the same subscriber VLAN, the receiving port will still be on the list of forwarding destination for the multicast traffic.
Page 134: Figure 66 Mvr
Multicast VLAN Enter the VLAN ID (1 to 4094) of the multicast VLAN. 802.1p Priority Select a priority level (0-7) with which the switch replaces the priority in outgoing IGMP control packets (belonging to this multicast VLAN). Mode Specify the MVR mode on the switch. Choices are Dynamic and Compatible.
Page 135: Mvr Group Configuration
Select this checkbox if you want the port to tag the VLAN ID in all outgoing frames transmitted. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 136: Figure 67 Mvr: Group Configuration
IP address for a multicast group. Refer to Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 137: Mvr Configuration Example
19.7.1 MVR Configuration Example The following figure shows a network example where ports 1, 2 and 3 on the switch belong to VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S. Computers A, B and C in VLAN 1 are able to receive the traffic.
Page 138: Figure 70 Mvr Group Configuration Example
ES-2108 Series User’s Guide Figure 70 MVR Group Configuration Example Figure 71 MVR Group Configuration Example Chapter 19 Multicast...
Page 139: Chapter 20 Static Route
Enter the IP address of the gateway. The gateway is an immediate neighbor of your Address switch that will forward the packet to the destination. The gateway must be a router on the same segment as your switch. Chapter 20 Static Route ES-2108 Series User’s Guide...
Page 140 Click Add to insert a new static route. Clicking Add saves your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 141: Differentiated Services
Differentiated Services This chapter shows you how to configure Differentiated Services (DiffServ) on the switch. 21.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Page 142: Activating Diffserv
ES-2108 Series User’s Guide Figure 74 DiffServ Network Example Switch A marks traffic flowing into the network based on the configured marking rules. Intermediary network devices 1 and 2 allocate network resources (such as bandwidth) by mapping the DSCP values and the associated policies.
Page 143: Dscp-To-Ieee802.1P Priority Mapping Settings
Click Cancel to start configuring this screen again. 21.3 DSCP-to-IEEE802.1p Priority Mapping Settings You can configure the DSCP to IEEE802.1p mapping to allow the switch to prioritize all traffic based on the incoming DSCP value according to the DiffServ to IEEE802.1p mapping table.
Page 144: Figure 76 Diffserv: Dscp Setting
To set the IEEE802.1p priority mapping, select the priority level from the drop-down list box. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 145: Chapter 22 Maintenance
This field displays the configuration file (Configuration 1) the switch is currently using. Firmware Access this screen to upload new firmware. Upgrade Restore Access this screen to upload a previously saved configuration file to the switch. Configuration Backup Access this screen to back up the current switch configuration. Configuration Load Factory...
Page 146: Load Factory Default
3 In the web configurator, click the Save button to make the changes take effect. If you want to access the switch web configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the default switch IP address (192.168.1.1).
Page 147: Reboot System
Figure 79 Firmware Upgrade Type the path and file name of the firmware file you wish to upload to the switch in the File Path text box or click Browse to locate it. After you have specified the file, click Upgrade.
Page 148: Backup Configuration File
Back up your current switch configuration to a computer using the Backup Configuration screen. Figure 81 Backup Configuration Follow the steps below to back up the current switch configuration to your computer in this screen. 1 Click Backup. 2 Click Save to display the Save As screen.
Page 149: Filename Conventions
Setup, etc. Once you have customized the switch's settings, they can be saved (as a plain text file) back to your computer under a filename of your choosing. ZyNOS (ZyXEL Network Operating System sometimes referred to as the “ras” file) is the system firmware and has a “bin” filename extension.
Page 150: Gui-Based Ftp Clients
• FTP service is disabled in the Access Control screen. • The IP address(es) in the Secured Client Set in the Remote Management screen does not match the client IP address. If it does not match, the switch will disconnect the Telnet session immediately.
Page 151: Chapter 23 Access Control
This chapter describes how to control access to the switch. 23.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share four sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
Page 152: About Snmp
An SNMP managed network consists of two main components: agents and a manager. An agent is a management software module that resides in a managed switch (the switch). An agent translates the local management information from the managed switch into a form compatible with SNMP.
Page 153: Supported Mibs
• RFC 2674 SNMPv2, SNMPv2c • RFC 1757 RMON • Private MIBs 23.3.2 SNMP Traps The switch sends traps to an SNMP manager when an event occurs. SNMP traps supported are outlined in the following table. Table 55 SNMP Traps OBJECT LABEL...
Page 154: Setting Up Login Accounts
Enter the IP addresses of up to four stations to send your SNMP traps to. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 155: Ssh Overview
Set a user name (up to 30 characters long). Enter your new system password. Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 156: How Ssh Works
ES-2108 Series User’s Guide Figure 86 SSH Communication Example 23.6 How SSH works The following table summarizes how a secure connection is established between two remote hosts. Figure 87 How SSH Works 1 Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key.
Page 157: Ssh Implementation On The Switch
SSH. 23.7.2 SSH Login Example You can use an SSH client program to access the switch. The following figure shows an example using a text-based SSH client program. Refer to the documentation that comes with your SSH program for information on using it.
Page 158: Introduction To Https
(you know if data has been changed). It relies upon certificates, public keys, and private keys. HTTPS on the switch is used so that you may securely access the switch using the web configurator. The SSL protocol specifies that the SSL server (the switch) must always...
Page 159: Https Example
1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the switch’s WS (web server). 2 HTTP connection requests from a web browser go to port 80 (by default) on the switch’s WS (web server).
Page 160: Netscape Navigator Warning Messages
Figure 90 Security Alert Dialog Box (Internet Explorer) 23.9.2 Netscape Navigator Warning Messages When you attempt to access the switch HTTPS server, a Website Certified by an Unknown Authority screen pops up asking if you trust the server certificate. Click Examine Certificate if you want to verify that the certificate is from the switch.
Page 161: The Main Screen
Figure 93 Example: Lock Denoting a Secure Connection 23.10 Service Port Access Control Service Access Control allows you to decide what services you may use to access the switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later).
Page 162: Remote Management
From the Access Control screen, display the Remote Management screen as shown next. You can specify a group of one or more “trusted computers” from which an administrator may use a service to manage the switch. Click Access Control to return to the Access Control screen.
Page 163: Figure 95 Access Control: Remote Management
Configure the IP address range of trusted computers from which you can manage this switch. End Address The switch checks if the client IP address of a computer requesting a service or protocol matches the range set here. The switch immediately disconnects the session if it does not match.
Page 164 ES-2108 Series User’s Guide Chapter 23 Access Control...
Page 165: Chapter 24 Diagnostic
Type the IP address of a device that you want to ping in order to test a connection. Click Ping to have the switch ping the IP address (in the field to the left). Ethernet Port Test Type a port number and click Port Test to perform internal loopback test.
Page 166 ES-2108 Series User’s Guide Chapter 24 Diagnostic...
Page 167: Chapter 25 Syslog
This chapter explains the syslog screens. 25.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server. Syslog is defined in RFC 3164.
Page 168: Syslog Server Setup
Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 169: Figure 98 Syslog: Server Setup
The lower the number, the more critical the logs are. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 170 ES-2108 Series User’s Guide Chapter 25 Syslog...
Page 171: Chapter 26 Cluster Management
Cluster Member Models Cluster Manager Cluster Members In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. Figure 99 Clustering Application Example Chapter 26 Cluster Management...
Page 172: Clustering Management Status
This field displays the role of this switch within the cluster. Manager Member (you see this if you access this screen in the cluster member switch directly and not via the cluster manager) None (neither a manager nor a member of a cluster) Manager This field displays the cluster manager switch’s hardware MAC address.
Page 173: Cluster Member Switch Management
Go to the Clustering Management Status screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web configurator home page. This cluster member web configurator home page and the home page that you'd see if you accessed it directly are different.
Page 174: Clustering Management Configuration
User Password 350du1.bin fw-00-a0-c5-d4-88-bf config-00-a0-c5-d4-88-bf This is the cluster member switch’s configuration file name as seen 26.3 Clustering Management Configuration Click Configuration from the Cluster Management screen to display the next screen. Use this screen to configure cluster management. 1 00:47:52 1970...
Page 175: Figure 103 Clustering Management Configuration
Type a name to identify the Clustering Manager. You may use up to 32 printable characters (spaces are allowed). This is the VLAN ID and is only applicable if the switch is set to 802.1Q VLAN. All switches must be directly connected and in the same VLAN group to belong to the same cluster.
Page 176 Then enter their common web configurator password. Click Add to save your settings to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 177: Chapter 27 Mac Table
2 The switch checks to see if the frame's destination MAC address matches a source MAC address already learned in the MAC table. • If the switch has already learned the port for this MAC address, then it forwards the frame to that port.
Page 178: Viewing The Mac Table
This field displays drop if you configure a filter rule for the MAC address in the Filtering screen. Type This shows whether the MAC address is dynamic (learned by the switch) or static (manually entered in the Static MAC Forwarding screen). Chapter 27 MAC Table...
Page 179: Chapter 28 Arp Table
If no entry is found for the IP address, ARP broadcasts the request to all the devices on the LAN. The switch fills in its own MAC and IP address in the sender address fields, and puts the known IP address of the target in the target IP address field. In addition, the switch puts all ones in the target MAC field (FF.FF.FF.FF.FF.FF is the Ethernet broadcast address).
Page 180: Figure 106 Arp Table
Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below. MAC Address This is the MAC address of the device with corresponding IP address above.
Page 181: Chapter 29 Configure Clone
This chapter shows you how you can copy the settings of one port onto other ports. 29.1 Configure Clone Settings Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management, Configure Clone to open the following screen. Figure 107 Configure Clone The following table describes the labels in this screen.
Page 182 DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 183: Chapter 30 Introducing Commands
This chapter introduces commands and gives a summary of commands available. 30.1 Overview In addition to the web configurator, you can use commands to configure the switch. Use commands for advanced switch diagnosis and troubleshooting. If you have problems with your switch, customer support may request that you issue some of these commands to assist them in troubleshooting.
Page 184: Initial Screen
Use the following steps to telnet into your switch. 1 Make sure your computer IP address and the switch IP address are on the same subnet. 2 In Windows, click Start (usually in the bottom left corner), Run and then type (the default management IP address) and click OK.
Page 185: Changing The Password
• Use the up or down arrow key to scroll through the command history list. • You may enter a unique part of a command and press [TAB] to have the switch automatically display the full command. For example, if you enter “...
Page 186: Command Modes
ES-2108 Series User’s Guide Syntax: logins username <username> password <password> logins username <username> privilege <0-14> where username <username> password <password> privilege <0-14> 30.7 Command Modes There are three command modes: User, Enable and Configure. The modes (and commands) available to you depend on what level of privilege your account has. See for more information on setting up privilege levels.
Page 187: Getting Help
DESCRIPTION Config Commands available in this mode allow you to configure settings that affect the switch globally. Command modes that follow are sub-modes of the config mode and can only be accessed from within the config mode. Config-vlan This is a sub-mode of the config mode and allows you to configure VLAN settings.
Page 188: List Of Available Commands
ES-2108 Series User’s Guide 30.8.1 List of Available Commands Enter “ ” to display a list of available commands and the corresponding sub commands. help sysname> help Commands available: help logout exit history enable show ip <cr> show hardware-monitor <C|F> show system-information ping <ip|host-name>...
Page 189: Using Command History
30.9 Using Command History The switch keeps a list of recently used commands available to you for reuse. You can use any commands in the history again by pressing the up ( ) or down ( ) arrow key to scroll through the previously used commands and press of commands.
Page 190: Logging Out
30.11 Command Summary The following sections summarize the commands available in the switch together with a brief description and privilege level of each command. Commands listed in the tables are in the same order as they are displayed in the CLI. See the related section in the User’s Guide for more background information.
Page 191: Enable Mode
Table 72 Command Summary: User Mode (continued) COMMAND <IP|host-name> [vlan <vlan-id>] [size <0-1472>] [-t] help traceroute <ip|host-name> <ip|host-name> [vlan <vlan-id>] [ttl <1-255>] [wait <1-60>] [queries <1-10>] help <1|2> <[user@]dest-ip> 30.11.2 Enable Mode The following table describes the commands available for Enable mode. Table 73 Command Summary: Enable Mode COMMAND help...
Page 192: Route Static
ES-2108 Series User’s Guide Table 73 Command Summary: Enable Mode (continued) COMMAND hardware-monitor <C|F> system- information vlan1q spanning-tree lacp trunk radius-server port-access- authenticator port-security snmp-server logins service-control remote- management interface <port- list> interfaces config <port- list> DESCRIPTION Displays IP static route route static information.
Page 193 Table 73 Command Summary: Enable Mode (continued) COMMAND vlan running-config timesync time garp loginPrecedence logging https Chapter 30 Introducing Commands DESCRIPTION Displays bandwidth control bandwidth- settings on the port(s). control Displays outgoing port information egress on the port(s). Displays broadcast storm control bstorm-control settings on the port(s).
Page 194 DIsplays specified MVR <vlan-id> information. Displays DiffServ settings on the switch. Displays PoE (Power over Ethernet settings on the switch). Only available on the ES- 2108PWR model). Removes all IGMP information. Resets a TCP connection. Use show ip tcp get the Session ID.
Page 195 Restarts the system with the specified configuration file. Restarts the system and use the specified configuration file. Saves current configuration to the configuration file the switch is currently using. Saves current configuration to the <index> specified configuration file on the switch.
Page 196: General Configuration Mode
Removes a specified IP static route <ip> route. <mask> Enables a specified IP static route <ip> route. <mask> inactive Clears the IGMP filtering settings on the switch. Deletes the IGMP filtering profile <name> profile. Chapter 30 Introducing Commands LEVEL PRIVILEG...
Page 197 <T1|T2> specified trunk group. interface <port-list> Disables storm control on the switch. Disable bandwidth control on the switch. Disables GVRP on the switch. 13 gvrp Disables port isolation. port-isolation Disable ingress checking on ingress-check the switch. Disables STP. Disables STP on listed ports.
Page 198 Disables FTP access to the switch. Disables web browser control http to the switch. Disables SSH (Secure Shell) server access to the switch. Disables secure web browser https access to the switch. Disables ICMP access to the icmp switch such as pinging and tracerouting.
Page 199: Cluster Member
300 seconds. Disables another administrator from logging into Telnet. Disables cluster management on the switch. Removes the cluster member. 13 <mac-address> Disables MVR on the switch. <vlan-id> Disables syslog logging. Disables syslog logging to the server <ip- specified syslog server. address>...
Page 200 Sets the leave timeout value <1-16711450> Sets how to treat traffic from unknown multicast group. Enables IGMP filtering on the switch. Sets the range of multicast address(es) in a profile. Enables a port or a list of ports for configuration. See 30.11.4 on page 206...
Page 201 Table 74 Command Summary: Configuration Mode (continued) COMMAND mac-filter name <name> mac <mac-addr> vlan <vlan-id> drop <src/dst/both> mirror-port <port-num> mirror- ingress filter egress lacp system-priority trunk <T1|T2> <T1|T2> lacp <T1|T2> interface <port- list> interface <port- list> timeout <lacp-timeout> cluster <vlan-id> name <cluster name>...
Page 202 <port-list> port- security <port-list> DESCRIPTION Sets the cluster member switch's hardware MAC address and password. Logs into a cluster member switch. Specifies the IP address of RADIUS server 1 or RADIUS server 2 (index =1 or index =2).
Page 203 Enables GVRP. Enables port-isolation. Enables ingress checking on the switch. Configures GARP time settings. Enables STP on the switch. Sets the bridge priority of the switch. Sets Hello Time, Maximum Age and Forward Delay. Enables STP on a specified port.
Page 204 DESCRIPTION Sets the time server protocol. Sets the IP address of your time server. Select which database the switch should use (first) to authenticate a user. Sets the priority level-to- physical queue mapping. Enables broadcast storm control on the switch.
Page 205 Enables a specified secured client set. Specifies a group of trusted computer(s) from which an administrator may use a service to manage the switch. Changes the administrator password. Enables syslog logging on the switch. Enables syslog logging on the specified syslog server.
Page 206: Interface Port-Channel Commands
Ethernet) on the specified ports. Sets the percentage of power usage which initiates mib traps. Enables mib traps on the switch. Traps are initiated when the usage reaches the limit set up by the usagethreshold command. commands in configuration mode.
Page 207 Sets a PVID in the range 1 to 4094 for the specified interface. Enables this function to permit VLAN groups beyond the local switch. Choose to accept both tagged and untagged incoming frames or just tagged incoming frames on a port.
Page 208 Disables bandwidth limit on the port(s). bandwidth- limit Disables broadcast storm limits on the bmstorm-limit switch. Enables the port(s) on the switch. inactive Disables intrusion-lock on a port so that a intrusion- port can be connected again after you lock disconnected the cable.
Page 209: Config-Vlan Commands
Sets the default in-band interface to use ip address a static IP address in this VLAN. default- management The switch will use the default IP address of 0.0.0.0 if you do not configure a static dhcp-bootp IP address. Deletes the IP address and subnet mask ip address from this VLAN.
Page 210: Mvr Commands
<ip-address> <mask> Sets the management IP address and <ip-address> subnet mask of the switch in the <mask> specified VLAN. manageable Sets the IP address and subnet mask of <ip-address> the switch in the specified VLAN. <mask>...
Page 211 Sets the multicast group range for the MVR. Exist from the MVR configuration mode. 13 Sets a priority level (0-7) to which the switch changes the priority in outgoing IGMP control packets. Disables the source port(s). An MVR source port can send and receive multicast traffic in a multicast VLAN.
Page 212 ES-2108 Series User’s Guide Chapter 30 Introducing Commands...
Page 213: User And Enable Mode Commands
This chapter describes some commands which you can perform in the User and Enable modes. 31.1 Overview The following command examples show how you can use User and Enable modes to diagnose and manage your switch. 31.2 show Commands These are the commonly used 31.2.1 show system-information...
Page 214: Show Ip
ES-2108 Series User’s Guide 31.2.2 show ip Syntax: show ip This command displays the IP related information (such as IP address and subnet mask) on all switch interfaces. The following figure shows the default interface settings. sysname> show IP Interface IP[192.168.1.1], Netmask[255.255.255.0], VID[1] sysname>...
Page 215: Show Mac Address-Table
This command displays statistics of a port. The following example shows that port 2 is up and the related information. sysname# show interface 2 Port Info Port NO. Link Status LACP TxPkts RxPkts Errors Tx KBs/s Rx KBs/s Up Time TX Packet Tx Packets Multicast...
Page 216: Ping
ES-2108 Series User’s Guide This command displays the MAC address(es) stored in the switch. The following example shows the static MAC address table. sysname# show mac address-table static Port VLAN ID sysname# 31.3 ping Syntax: ping <ip|host-name> <vlan <vlan-id> where <ip|host-name>...
Page 217: Copy Port Attributes
This command displays information about the route to an Ethernet device. The following example displays route information to an Ethernet device with an IP address of 192.168.1.100 sysname> traceroute 192.168.1.100 traceroute to 192.168.1.100, 30 hops max, 40 byte packet 1:192.168.1.100 (10 ms) (10 ms) (0 ms) traceroute done: sysname>...
Page 218: Resetting To The Factory Default
ES-2108 Series User’s Guide 31.5.1 Resetting to the Factory Default Follow the steps below to reset the switch back to the factory defaults. 1 Enter erase running config 2 Enter write memory The following example resets the configuration file to the factory default settings.
Page 219: Configuration Mode Commands
Configuration Mode Commands This chapter describes how to enable and configure your switch’s features using commands. For more background information, see the feature specific chapters which proceed the commands chapters. 32.1 Enabling IGMP Snooping To enable IGMP snooping on the switch. Enter...
Page 220: Configure Igmp Filter
ES-2108 Series User’s Guide • Set the switch to drop packets from unknown multicast groups. sysname(config)# igmp-snooping sysname(config)# igmp-snooping host-timeout 30 sysname(config)# igmp-snooping leave-timeout 30 sysname(config)# igmp-snooping unknown-multicast-frame drop 32.2 Configure IGMP Filter Use the following commands in the config mode to configure IGMP filtering profiles.
Page 221: Enabling Stp
(provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the switch ports attached to the network. Specifies the maximum time (in seconds) a switch will wait before changing states.
Page 222: No Command Examples
• Set the bridge priority of the switch to 0. • Set the Hello Time to 4, Maximum Age to 20 and Forward Delay to 15 on the switch. • Enable STP on port 8 with a path cost of 150.
Page 223: Resetting Commands
32.4.2 Resetting Commands Use the command to reset switch settings to their default values. Syntax: no https timeout Resets the https session timeout to default. An example is shown next. The session timeout is reset to 300 seconds. sysname(config)# no https timeout Cache timeout 300 32.4.3 Re-enable commands...
Page 224: No Trunk
<port-list> reauthenticate <port-list> An example is shown next. • Disable authentication on the switch. • Disable re-authentication on ports one, three, four and five. • Disable authentication on ports one, six and seven. = Disables the trunk group. = Disables LACP in the trunk group.
Page 225: No Ssh
172.165.1.9 ssh-rsa 32.5 Queuing Method Commands You can use the queuing method commands to configure queuing for outgoing traffic on the switch. You can only select one queuing method for the switch. Syntax: wrr <wt1> <wt2> <wt3> <wt4>...
Page 226: Static Route Commands
• Set the weights for queues 1 to 4 with the values 10, 8, 6 and 4 sysname(config)# wrr sysname(config)# wrr 10 8 6 4 32.6 Static Route Commands You can create and configure static routes on the switch by using the Syntax: ip route <ip> <mask> <next-hop-ip> ip route <ip> <mask> <next-hop-ip> [metric <metric>][name <name>] ->...
Page 227: Enabling Mac Filtering
• Create a static route with the destination IP address of 172.21.1.104, subnet mask of 255.255.0.0 and the gateway IP address of 192.168.1.2. • Assigns a metric value of 2 to the static route and the name “route1” to the static route. sysname(config)# ip route 172.21.1.104 255.255.0.0 192.168.1.2 sysname(config)# ip route 172.21.1.104 255.255.0.0 192.168.1.2 metric 2 name ->...
Page 228: Enabling Trunking
To enable a port authentication, you need to specify your RADIUS server details and select the ports which require external authentication. You can set up multiple RADIUS servers and specify how the switch will process authentication requests. 32.9.1 RADIUS Server Settings Configuring multiple RADIUS servers is only available via the command interpreter mode.
Page 229: Port Authentication Settings
RADIUS server. If 2 RADIUS servers are configured, this is the total time the switch will wait for a response from either server. Specifies the way the switch will process requests from the clients to the RADIUS server. (Only applicable with multiple RADIUS servers configured.)
Page 230 • Specify RADIUS server 1 with IP address 10.10.10.1, port 1890 and the string secretKey as the password. See commands. • Specify the timeout period of 30 seconds that the switch will wait for a response from the RADIUS server. • Enable port authentication on ports 4 to 8.
Page 231: Chapter 33 Interface Commands
These are some commonly used configuration commands that belong to the group of commands. 33.1 Overview The interface commands allow you to configure the switch on a port by port basis. 33.2 Interface Command Examples This section provides examples of some frequently used interface commands.
Page 232: Bandwidth-Limit
An example is shown next. • Enable port one for configuration. • Enable bandwidth limits for outgoing traffic on port 1. Enables broadcast/multicast storm control limit on the switch. Limits how much broadcast/multicast traffic the interface receives in kilobytes per second.
Page 233: Mirror
• Set the outgoing traffic bandwidth limit to 5000Kbps.. sysname(config)# interface port-channel 1 sysname(config-interface)# bandwidth-limit egress sysname(config-interface)# bandwidth-limit egress 5000 33.2.4 mirror command enables port mirroring on the interface. mirror Syntax: mirror mirror dir <ingress|egress|both> where <ingress|egress|both> An example is shown next. •...
Page 234: Frame-Type
GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Enable this function to permit VLAN groups beyond the local switch. An example is shown next.
Page 235: Qos Priority
• Enable port-based VLAN tagging on the switch. • Enable ports one, three, four and five for configuration. • Set the outgoing traffic ports as the CPU (0), seven (7) and eight (8). sysname(config)# vlan-type port-based sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# egress set 0,7,9 33.2.8 qos priority...
Page 236: Speed-Duplex
ES-2108 Series User’s Guide 33.2.10 speed-duplex Syntax: speed-duplex <auto|10-half|10-full|100-half|100-full|1000-full> where <auto|10-half|10- full|100-half|100- full|1000-full> An example is shown next. • Enable ports one, three, four and five for configuration. • Set the speed to 100 Mbps in half duplex mode. sysname(config)# interface port-channel 1,3-5 sysname(config-interface)# speed-duplex 100-half 33.2.11 test You can perform an interface loopback test on specified ports.
Page 237: Interface No Command Examples
33.3 Interface no Command Examples Similar to the no commands in the Enable and Config modes, the no commands for the Interface sub mode also disable certain features. In this mode, however, this takes place on a port by port basis. 33.3.1 no bandwidth-limit You can disable bandwidth limit on port 1 simply by placing the bandwidth-limit...
Page 238 ES-2108 Series User’s Guide Chapter 33 Interface Commands...
Page 239: Ieee 802.1Q Tagged Vlan Commands
(config-interface)# pvid 2000 sysname (config-interface)# exit 2 Configure your management VLAN. • Use the vlan <vlan-id> managing the switch, and the switch will activate the new management VLAN. • Use the inactive sysname (config)# vlan 3 sysname (config-vlan)# inactive Chapter 34 IEEE 802.1Q Tagged VLAN Commands...
Page 240: Global Vlan1Q Tagged Vlan Configuration Commands
This section shows you how to configure and monitor the IEEE 802.1Q Tagged VLAN. 34.2.1 GARP Status Syntax: show garp This command shows the switch’s GARP timer settings, including the join, leave and leave all timers. An example is shown next. sysname# show garp...
Page 241: Gvrp Timer
This command turns on GVRP in order to propagate VLAN information beyond the switch. 34.2.5 Disable GVRP Syntax: no vlan1q gvrp This command turns off GVRP so that the switch does not propagate VLAN information to other switches. 34.3 Port VLAN Commands You must configure the switch port VLAN settings in config-interface mode.
Page 242: Set Port Vid
ES-2108 Series User’s Guide 34.3.1 Set Port VID Syntax: pvid <VID> where Specifies the VLAN number between 1 and 4094. <VID> This command sets the default VLAN ID on the port(s). The following example sets the default VID to 200 on ports 1 to 5. sysname(config)# interface port-channel 1-5 sysname(config-interface)# pvid 200 34.3.2 Set Acceptable Frame Type...
Page 243: Modify Static Vlan
34.3.4.2 Forwarding Process Example 34.3.4.2.1 Tagged Frames 1 First the switch checks the VLAN ID (VID) of tagged frames or assigns temporary VIDs to untagged frames. 2 The switch then checks the VID in a frame’s tag against the SVLAN table.
Page 244: Delete Vlan Id
The switch also does not forward frames to “forbidden” ports. 4 If after looking at the SVLAN, the switch does not have any ports to which it will send the frame, it won’t check the port filter.
Page 245: Disable Vlan
• VID is the VLAN identification number. • Status shows whether the VLAN is static or active. • Elap-Time is the time since the VLAN was created on the switch. • The section of the last column shows which ports are tagged and which are TagCtl untagged.
Page 246 ES-2108 Series User’s Guide Chapter 34 IEEE 802.1Q Tagged VLAN Commands...
Page 247: Multicast Vlan Registration Commands
Multicast VLAN Registration This chapter shows you how to use Multicast VLAN Registration (mvr) commands. 35.1 Overview Use the mvr commands in the configuration mode to create and configure multicast VLANs. Note: If you want to enable IGMP snooping see 35.2 Create Multicast VLAN Use the following commands in the config-mvr mode to configure a multicast VLAN group.
Page 248 ES-2108 Series User’s Guide group name <name-str> start-address <ip> end-address <ip> • Enter MVR mode. Create a multicast VLAN with the name multiVlan and the VLAN ID of 3. • Specify source ports 2, 3, 5 and receiver ports 6-8. •...
Page 249: Chapter 36 Troubleshooting
This chapter covers potential problems and possible remedies. 36.1 Problems Starting Up the Switch Table 78 Troubleshooting the Start-Up of Your Switch PROBLEM CORRECTIVE ACTION None of the LEDs Check the power connection and make sure the power source is turned on.
Page 250: Pop-Up Windows, Javascripts And Java Permissions
IP address, your computer’s IP address must match it. Refer to the chapter on access control for details. Your computer’s and the switch’s IP addresses must be on the same subnet. See the following section to check that pop-up windows, JavaScripts and Java permissions are allowed.
Page 251: Figure 109 Pop-Up Blocker
Figure 109 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled.
Page 252: Figure 111 Internet Options
ES-2108 Series User’s Guide Figure 111 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 112 Pop-up Blocker Settings Chapter 36 Troubleshooting...
Page 253: Javascripts
5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 36.2.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 113 Internet Options 2 Click the Custom Level...
Page 254: Java Permissions
ES-2108 Series User’s Guide Figure 114 Security Settings - Java Scripting 36.2.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
Page 255: Problems With The Password
Figure 116 Java (Sun) 36.3 Problems with the Password Table 80 Troubleshooting the Password PROBLEM Cannot access the switch. Chapter 36 Troubleshooting CORRECTIVE ACTION The password field is case sensitive. Make sure that you enter the correct password using the proper casing.
Page 256 ES-2108 Series User’s Guide Chapter 36 Troubleshooting...
Page 257: Table 81 General Product Specifications
Corrupted packet forwarding prevention IEEE 802.1d spanning tree protocol IEEE 802.1w, rapid reconfiguration to recover network failure IEEE 802.1p Four priority queues with SP/WRR by switch Supports RFC 2475 DiffServ, DSCP to IEEE 802.1p priority mapping Security IEEE 802.1x port-based authentication...
Page 258: Table 82 Management Specifications
RMON groups (history, statistics, alarms and events) RFC1213 MIB II RFC1493 Bridge MIB RFC1643 Ethernet MIB RFC1757 Four groups of RMON RFC 1155 SMI RFC2674 Bridge MIB extension (for IEEE 802.1Q) ZyXEL Private MIBs for ES-2108 series Appendix A Product Specifications...
Page 259: Table 83 Physical And Environmental Specifications
Table 83 Physical and Environmental Specifications LEDs Per switch: PWR (Green), SYS (Green), ALM (Red) Per Ethernet port: LNK/ACT (Amber/Green) 1000Base-T RJ45: SPD (Amber/Green), LNK/ACT (Green) SFP: LNK (Green), ACT (Green) 100FX: LNK (Green), ACT (Green) Dimensions ES-2108/ES-2108-LC/ES-2108-G/ES-2108-F: 250mm (W) x 135mm (D) x 35mm (H) ES-2108PWR: 250mm (W) x 234.8mm (D) x 44.45mm (H)
Page 260 ES-2108 Series User’s Guide Appendix A Product Specifications...
Page 261: Appendix B Ip Addresses And Subnetting
IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network.
Page 262: Figure 117 Network Number And Host Id
ES-2108 Series User’s Guide Figure 117 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 263: Table 85 Subnet Masks
Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. Subnet masks are expressed in dotted decimal notation just like IP addresses.
Page 264: Table 87 Alternative Subnet Mask Notation
ES-2108 Series User’s Guide For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask 255.255.255.128. The following table shows some possible subnet masks using both notations. Table 87 Alternative Subnet Mask Notation ALTERNATIVE SUBNET MASK NOTATION 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240...
Page 265: Figure 118 Subnetting Example: Before Subnetting
ES-2108 Series User’s Guide Figure 118 Subnetting Example: Before Subnetting You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate sub-networks. The subnet mask is now 25 bits (255.255.255.128 or /25). The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25.
Page 266: Figure 119 Subnetting Example: After Subnetting
ES-2108 Series User’s Guide Figure 119 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 267: Table 88 Subnet 1
Table 88 Subnet 1 (continued) IP/SUBNET MASK Subnet Address: 192.168.1.0 Broadcast Address: 192.168.1.63 Table 89 Subnet 2 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.64 Broadcast Address: 192.168.1.127 Table 90 Subnet 3 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address:...
Page 268: Table 92 Eight Subnets
ES-2108 Series User’s Guide Example: Eight Subnets Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet. Table 92 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS Subnet Planning...
Page 269: Table 94 16-Bit Network Number Subnet Planning
The following table is a summary for subnet planning on a network with a 16-bit network number. Table 94 16-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Page 270 ES-2108 Series User’s Guide Private IP Addresses Every machine on the Internet must have a unique address. If your networks are isolated from the Internet (running only between two branch offices, for example) you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks: •...
Page 271: Index
33, 171 manager 171, 175 member 171, 175 member firmware upgrade network example setup specification status switch models web configurator Command Line Interface accessing introduction Command Line Interface (CLI) commands accessing and configuration file and interfaces and multicasting...
Page 272 ES-2108 Series User’s Guide syntax conventions user mode details using history vlan mode details commands interface mode details configuration restore saving 56, 189 configuration file 57, 189 and commands backup restore 57, 147 configuration, default console port commands reset settings 45, 183 copying port settings, See port cloning copyright...
Page 273 hardware by model freestanding installation front panel mounting brackets overview power connector precautions rack-mounting rubber feet transceiver installation transceiver removal ventilation wall-mounting hardware installation freestanding precautions rack-mounting wall-mounting help in command interpreter help, web configurator history in command interpreter HTTPS example IANA IEEE 802.1p...
Page 274 ES-2108 Series User’s Guide mirroring modes and accounts in command interpreter mounting brackets MSA (MultiSource Agreement) 45, 46 MTU (Multi-Tenant Unit) multicast multicast group multicast settings multicast VLAN multicasting 802.1 priority addresses setup configuration configuration example group configuration how it works modes network example ports...
Page 275 STP (Spanning Tree Protocol) Strict Priority Queuing (SPQ) subnet subnet mask subnetting switch lockout switch reset switch setup syntax conventions sys commands examples 213, 222 sys log disp sys sw mac list syslog...
Page 276 ES-2108 Series User’s Guide tagged VLAN Telnet commands logging in management time current time zone timeserver Time (RFC-868) time service protocol time format time zone timeserver trademarks traffic priority transceiver installation removal traps destination traps, SNMP trunk group trunking 33, 113 tunnel protocol attribute Type of Service (ToS) UTC (Universal Time Coordinated)
Page 277 ES-2108 Series User’s Guide ZyNOS (ZyXEL Network Operating System) Index...

This manual is also suitable for:

Dimension es-2108-g Dimension es-2108-lc Dimension es-2108pwr Es-2108 series

ZyXEL Communications Dimension ES-2108 User Manual

Chapter 1 Getting to Know Your Switch

Chapter 2 Hardware Installation and Connection

Chapter 3 Hardware Overview

Chapter 4 The Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Statistics

Chapter 7 Basic Setting

Chapter 8 VLAN

Chapter 9 Static MAC Forwarding

Chapter 10 Filtering

Chapter 11 Spanning Tree Protocol

Chapter 12 Bandwidth Control

Chapter 13 Broadcast Storm Control

Chapter 14 Mirroring

Chapter 15 Link Aggregation

Chapter 16 Port Authentication

Chapter 17 Port Security

Chapter 18 Queuing Method

Chapter 19 Multicast

Chapter 20 Static Route

Chapter 21 Differentiated Services

Chapter 22 Maintenance

Quick Links

Troubleshooting

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for ZyXEL Communications Dimension ES-2108

Summary of Contents for ZyXEL Communications Dimension ES-2108