ZyXEL Communications XGS4700-48F Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Network Router
  5. XGS4700-48F
  6. Manual
ZyXEL Communications XGS4700-48F Manual

ZyXEL Communications XGS4700-48F Manual

Layer 3 managed stackable gigabit ethernet switch
Hide thumbs Also See for XGS4700-48F:
1
2
3
4
5
6
7
8
Table Of Contents
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
Table of Contents

Advertisement

Quick Links

Download this manual
XGS4700-48F
Layer 3 Managed Stackable Gigabit Ethernet Switch
Default Login Details
IP Address
http://192.168.0.1
http://192.168.1.1
(In-band ports)
User Name
Password
www.zyxel.com
Firmware Version 4.00
Edition 1, 04/2011
www.zyxel.com
(Out-of-band
MGMT port)
admin
1234
Copyright © 2011
ZyXEL Communications Corporation

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the XGS4700-48F and is the answer not in the manual?

Questions and answers

Related Manuals for ZyXEL Communications XGS4700-48F

Summary of Contents for ZyXEL Communications XGS4700-48F

  • Page 1 XGS4700-48F Layer 3 Managed Stackable Gigabit Ethernet Switch Default Login Details IP Address http://192.168.0.1 (Out-of-band MGMT port) http://192.168.1.1 (In-band ports) User Name admin Password 1234 www.zyxel.com Firmware Version 4.00 Edition 1, 04/2011 www.zyxel.com Copyright © 2011 ZyXEL Communications Corporation...

  • Page 3: About This User's Guide

    • Support Disc Refer to the included CD for support documents. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan.
  • Page 4 • Knowledge Base If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products. • Forum This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well.

  • Page 5: Document Conventions

    Syntax Conventions • The XGS4700-48F may be referred to as the “Switch”, the “device”, the “system” or the “product” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
  • Page 6 Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The Switch icon is not an exact representation of your device. The Switch Computer Notebook computer Server DSLAM Firewall Telephone Switch Router XGS4700-48F User’s Guide...

  • Page 7: Safety Warnings

    Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. XGS4700-48F User’s Guide...
  • Page 8 Safety Warnings XGS4700-48F User’s Guide...

  • Page 9: Table Of Contents

    IP Source Guard ........................261 Loop Guard ..........................285 VLAN Mapping ........................289 Layer 2 Protocol Tunneling ...................... 293 sFlow ............................297 PPPoE ............................. 301 Error Disable ..........................311 Static Route ..........................317 Policy Routing .......................... 321 RIP ............................325 XGS4700-48F User’s Guide...
  • Page 10 Diagnostic ..........................421 Syslog ............................423 Cluster Management ....................... 427 MAC Table ..........................435 IP Table ............................ 439 ARP Table ..........................443 Routing Table ........................... 445 Configure Clone ........................447 Troubleshooting ........................449 Product Specifications ......................455 XGS4700-48F User’s Guide...

  • Page 11: Table Of Contents

    2.3 Connecting the Frame Ground .................... 35 2.4 Power Module Installation ....................36 2.4.1 Installing a Power Module ..................36 2.4.2 Removing a Power Module ..................38 Chapter 3 Hardware Overview......................... 41 3.1 Front Panel Connections ....................41 XGS4700-48F User’s Guide...
  • Page 12 5.1.5 Enabling RIP ......................70 Chapter 6 Tutorials ........................... 71 6.1 How to Use DHCP Snooping on the Switch ................ 71 6.2 How to Use DHCP Relay on the Switch ................75 6.2.1 DHCP Relay Tutorial Introduction ................75 XGS4700-48F User’s Guide...
  • Page 13 8.7 Port Setup ..........................115 Chapter 9 VLAN ............................119 9.1 Introduction to IEEE 802.1Q Tagged VLANs ..............119 9.1.1 Forwarding Tagged and Untagged Frames ...............119 9.2 Automatic VLAN Registration ................... 120 9.2.1 GARP ........................120 9.2.2 GVRP ........................120 XGS4700-48F User’s Guide...
  • Page 14 13.3 Spanning Tree Configuration ..................155 13.4 Configure Rapid Spanning Tree Protocol ..............156 13.5 Rapid Spanning Tree Protocol Status ................158 13.6 Configure Multiple Rapid Spanning Tree Protocol ............160 13.7 Multiple Rapid Spanning Tree Protocol Status ............162 XGS4700-48F User’s Guide...
  • Page 15 ................192 18.2.2 Guest VLAN ......................193 18.2.3 Activate MAC Authentication ................. 196 Chapter 19 Port Security.......................... 199 19.1 About Port Security ......................199 19.2 Port Security Setup ......................200 19.3 VLAN MAC Address Limit ....................201 XGS4700-48F User’s Guide...
  • Page 16 Chapter 24 Multicast ..........................229 24.1 Multicast Overview ......................229 24.1.1 IP Multicast Addresses ................... 229 24.1.2 IGMP Filtering ......................229 24.1.3 IGMP Snooping ..................... 230 24.1.4 IGMP Snooping and VLANs ................... 230 24.2 Multicast Status ......................230 XGS4700-48F User’s Guide...
  • Page 17 26.6 ARP Inspection Status ..................... 276 26.6.1 ARP Inspection VLAN Status ................. 277 26.6.2 ARP Inspection Log Status ..................278 26.7 ARP Inspection Configure ....................279 26.7.1 ARP Inspection Port Configure ................281 26.7.2 ARP Inspection VLAN Configure ................282 XGS4700-48F User’s Guide...
  • Page 18 31.3.3 PPPoE IA for VLAN ....................309 Chapter 32 Error Disable ......................... 311 32.1 CPU Protection Overview ....................311 32.2 Error-Disable Recovery Overview ..................311 32.3 The Error Disable Screen ....................312 32.4 CPU Protection Configuration ..................312 32.5 Error-Disable Detect Configuration ................. 313 XGS4700-48F User’s Guide...
  • Page 19 36.5 Configuring OSPF Redistribution ................... 337 36.6 Configuring OSPF Interfaces ..................339 36.7 OSPF Virtual-Links ....................... 341 Chapter 37 IGMP............................343 37.1 IGMP Overview ....................... 343 37.1.1 How IGMP Works ....................344 37.2 Port-based IGMP ......................345 37.3 Configuring IGMP ......................346 XGS4700-48F User’s Guide...
  • Page 20 40.5.1 Example: DHCP Relay for Two VLANs ..............367 Chapter 41 VRRP ............................369 41.1 VRRP Overview ......................369 41.2 VRRP Status ........................370 41.3 VRRP Configuration ....................... 371 41.3.1 IP Interface Setup ....................371 41.3.2 VRRP Parameters ....................373 XGS4700-48F User’s Guide...
  • Page 21 45.2 The Access Control Main Screen ..................395 45.3 About SNMP ........................396 45.3.1 SNMP v3 and Security ................... 397 45.3.2 Supported MIBs ....................397 45.3.3 SNMP Traps ......................398 45.3.4 Configuring SNMP ....................402 45.3.5 Configuring SNMP Trap Group ................404 XGS4700-48F User’s Guide...
  • Page 22 49.1 MAC Table Overview ...................... 435 49.2 Viewing the MAC Table ....................436 Chapter 50 IP Table ..........................439 50.1 IP Table Overview ......................439 50.2 Viewing the IP Table ......................440 Chapter 51 ARP Table ..........................443 XGS4700-48F User’s Guide...
  • Page 23 54.1 Power, Hardware Connections, and LEDs ..............449 54.2 Switch Access and Login ....................450 54.3 Switch Configuration ......................453 Chapter 55 Product Specifications ......................455 Appendix A Common Services..................... 465 Appendix B Legal Information ....................469 Index............................475 XGS4700-48F User’s Guide...
  • Page 24 Table of Contents XGS4700-48F User’s Guide...

  • Page 25: User's Guide

    User’s Guide...

  • Page 27: Getting To Know Your Switch

    In this example the Switch connects different company departments (RD and Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the Switch. You can provide a XGS4700-48F User’s Guide...

  • Page 28: High Performance Switching Example

    Trunking can be used if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly, single-port link. Figure 2 High Performance Switching 10 Gbps Trunk Branch XGS4700-48F User’s Guide...

  • Page 29: Gigabit Ethernet To The Desktop

    Ports in the same VLAN group share the same frame broadcast domain, thus increasing network performance by reducing broadcast traffic. VLAN groups can be modified at any time by adding, moving or changing ports without any re- cabling. XGS4700-48F User’s Guide...

  • Page 30: Ipv6 Support

    • DHCPv6 client and relay • Multicast Listener Discovery (MLD) snooping and proxy For more information on IPv6, refer to the CLI Reference Guide. 1.2 Ways to Manage the Switch Use any of the following methods to manage the Switch. XGS4700-48F User’s Guide...

  • Page 31: Good Habits For Managing The Switch

    If you forget your password, you will have to reset the Switch to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Switch. You could simply restore your last configuration. XGS4700-48F User’s Guide...
  • Page 32 Chapter 1 Getting to Know Your Switch XGS4700-48F User’s Guide...

  • Page 33: Hardware Installation And Connection

    Remove the adhesive backing from the rubber feet. Attach the rubber feet to each corner on the bottom of the Switch. These rubber feet help protect the Switch from shock or vibration and ensure space between devices when stacking. Figure 5 Attaching Rubber Feet XGS4700-48F User’s Guide...

  • Page 34: Mounting The Switch On A Rack

    2.2.2 Attaching the Mounting Brackets to the Switch Position a mounting bracket on one side of the Switch, lining up the four screw holes on the bracket with the screw holes on the side of the Switch. Figure 6 Attaching the Mounting Brackets XGS4700-48F User’s Guide...

  • Page 35: Mounting The Switch On A Rack

    Repeat steps to attach the second mounting bracket on the other side of the rack. 2.3 Connecting the Frame Ground Note: See Chapter 55 on page 455 for the ground wire gauge. XGS4700-48F User’s Guide...

  • Page 36: Power Module Installation

    Use a screwdriver to loosen the screw on the power slot cover and remove it. Grab the handle of the front panel of the power module with one hand and place the other hand under the power module to support it. XGS4700-48F User’s Guide...
  • Page 37 Insert the power module halfway into the slot and push the lever leftward. Slide the power module into the slot until it makes contact with the backplane. Push the lever rightward until it is perpendicular to the ground. Tighten the screw. XGS4700-48F User’s Guide...

  • Page 38: Removing A Power Module

    Use the following procedure to remove a power module from the Switch. 2.4.2.1 AC Power Module Refer to Section 3.3.4 on page 51 to disconnect the power before you begin. Use a screwdriver to loosen the screw on the front panel of the power module. XGS4700-48F User’s Guide...

  • Page 39: Dc Power Module

    Grab the handle and slide the power module out. 2.4.2.2 DC Power Module Refer to Section 3.3.4 on page 51 to disconnect the power before you begin. Use a screwdriver to loosen the screw on the front panel of the power module. XGS4700-48F User’s Guide...
  • Page 40 Chapter 2 Hardware Installation and Connection Grab the handle and slide the power module out. XGS4700-48F User’s Guide...

  • Page 41: Hardware Overview

    Use a transceiver to connect a fiber-optic cable to the Switch. The Switch does not come with transceivers. You must use transceivers that comply with the Small Form- XGS4700-48F User’s Guide...

  • Page 42: Transceiver Installation

    Press the transceiver firmly until it clicks into place. The Switch automatically detects the installed transceiver. Check the LEDs to verify that it is functioning properly. Figure 11 Installed Transceiver 3.1.1.2 Transceiver Removal Use the following steps to remove a mini GBIC transceiver (SFP module). XGS4700-48F User’s Guide...

  • Page 43: Console Port

    The Signal slot (fitted with the signal connector) allows you to connect devices to the Switch, such as sensors or other ZyXEL switches which support the external alarm feature. This feature is in addition to the system alarm, which detects abnormal temperatures, voltage levels and fan speeds on the Switch.
  • Page 44 • The Signal slot can send an external alarm on to another device. By daisy- chaining the signal sensor cables from one Switch to another ZyXEL switch which supports this feature, the external alarm alert (but not the system alarm) is received on each Switch.
  • Page 45 (1,2) or (2,3) on the Signal connector. You can also daisy-chain the external alarm to another ZyXEL Switch which supports the external alarm feature. If daisy-chaining to a ZyXEL switch that is a different model, check your switch’s documentation for the correct pin assignments.

  • Page 46: Rear Panel

    • A connector for the power receptacle (G) • A power switch (H) (DC power module only) Figure 16 Rear Panel with an AC Power Module Installed Figure 17 Rear Panel with a DC Power Module Installed XGS4700-48F User’s Guide...

  • Page 47: Removing And Installing The Fan Module

    Loosen the thumbscrew on the front of the fan module. Figure 18 Fan Module Thumbscrews Slide out the fan module. Figure 19 Removing the Fan Module Figure 20 Fan Module Removed Use a different fan module from the manufacturer. XGS4700-48F User’s Guide...

  • Page 48: Uplink Module

    Section 3.1.1.1 on page 42 Section 3.1.1.2 on page 42 for information on installing and removing transceivers. • For EM-412 connection: Use 10GBase-CX4 cables to connect to these ports. See the EM-422 and EM-412 User’s Guides for more information. XGS4700-48F User’s Guide...

  • Page 49: Management Port

    Chapter 55 on page 455, and make sure you are using an appropriate power source. Observe the following before you start: • See Chapter 55 on page 455 for the gauge of wire to use for the Switch power connections. XGS4700-48F User’s Guide...

  • Page 50: Ac Power Connections

    Connect one end of a power wire to the Switch’s RTN (return) pin and tighten the captive screw. Connect the other end of the power wire to the positive terminal on the power supply. Connect one end of a power wire to the Switch’s -48V (input) pin and tighten the captive screw. XGS4700-48F User’s Guide...

  • Page 51: Procedure To Turn On The Switch Power

    Turn off the power supply to which the DC power input is connected. Use a screwdriver to loosen the screws on the top of the terminal block. Remove the power wires which are connected to the RTN and -48V terminals. XGS4700-48F User’s Guide...

  • Page 52: Leds

    The system is transmitting or receiving to/from an Ethernet device at 100 Mbps through the MGMT port. The MGMT port is connected at 100 Mbps. The MGMT port is not connected at 100 Mbps or to an Ethernet device. Mini-GBIC (SFP) Slots XGS4700-48F User’s Guide...
  • Page 53 The Switch is not connected to other switches through an uplink module in SLOT 1. 51-52 Blue The Switch is connected to other switches through an uplink module in SLOT 2. The Switch is not connected to other switches through an uplink module in SLOT 2. XGS4700-48F User’s Guide...
  • Page 54 Chapter 3 Hardware Overview XGS4700-48F User’s Guide...

  • Page 55: The Web Configurator

    Type “http://” and the IP address of the Switch (for example, the default management IP address is 192.168.1.1 through an in-band (non-MGMT) port and 192.168.0.1 through the MGMT port) in the Location or Address field. Press [ENTER]. XGS4700-48F User’s Guide...

  • Page 56: The Web Configurator Layout

    General Setup screen. Figure 24 Web Configurator: Login Click OK to view the first web configurator screen. 4.3 The Web Configurator Layout The Status screen is the first screen that displays when you access the web configurator. XGS4700-48F User’s Guide...
  • Page 57 C - Click this link to go to the status page of the Switch. D - Click this link to log out of the web configurator. E - Click this link to display web help pages. The help pages provide descriptions for all of the configuration screens. XGS4700-48F User’s Guide...
  • Page 58 (necessary for Switch management) and DNS (domain name server) and set up to 64 IP routing domains. Port Setup This link takes you to screens where you can configure speed, flow control and priority settings for individual Switch ports. Advanced Application XGS4700-48F User’s Guide...
  • Page 59 This link takes you to screens where you can configure filtering of Guard unauthorized DHCP and ARP packets in your network. Loop Guard This link takes you to a screen where you can configure protection against network loops that occur on the edge of your network. XGS4700-48F User’s Guide...
  • Page 60 SNMP and remote management. Diagnostic This link takes you to screens where you can view system logs and can test port(s). Syslog This link takes you to screens where you can setup system logs and a system log server. XGS4700-48F User’s Guide...

  • Page 61: Change Your Password

    4.3.1 Change Your Password After you log in for the first time, it is recommended you change the default administrator password. Click Management > Access Control > Logins to display the next screen. Figure 26 Change Administrator Login Password XGS4700-48F User’s Guide...

  • Page 62: Saving Your Configuration

    Switch. 4.6 Resetting the Switch If you lock yourself (and others) from the Switch or forget the administrator password, you will need to reload the factory-default configuration file or reset the Switch back to the factory defaults. XGS4700-48F User’s Guide...

  • Page 63: Reload The Configuration File

    Press any key to enter debug mode within 3 seconds........Enter Debug Mode ras> atlc Starting XMODEM upload (CRC mode)..CCCCCCCCCCCCCCCC Total 393216 bytes received. Erasing..............ras> atgo The Switch is now reinitialized with a default configuration file including the default password of “1234”. XGS4700-48F User’s Guide...

  • Page 64: Logging Out Of The Web Configurator

    Figure 28 Web Configurator: Logout Screen 4.8 Help The web configurator’s online help has descriptions of individual screens and some supplementary information. Click the Help link from a web configurator screen to view an online help description of that screen. XGS4700-48F User’s Guide...

  • Page 65: Initial Setup Example

    In the example network, since the RD network is already in the same IP interface as the Switch, you don’t need to create an IP interface for it. However, if you want to have the Sales network on a different routing domain, you need to create a XGS4700-48F User’s Guide...
  • Page 66 Click Basic Setting and IP Setup in the navigation panel. Configure the related fields in the IP Setup screen. EXAMPLE For the Sales network, enter 192.168.2.1 as the IP address and 255.255.255.0 as the subnet mask. XGS4700-48F User’s Guide...

  • Page 67: Configuring Dhcp Server Settings

    Switch’s power is turned off. 5.1.3 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port(s) belongs. You can do this with port-based VLAN or tagged static VLAN with fixed port members. XGS4700-48F User’s Guide...
  • Page 68 Name field and enter 2 in the VLAN Group ID field for the VLAN2 network. EXAMPLE Note: The VLAN Group ID field in this screen and the VID field in the IP Setup screen refer to the same VLAN ID. XGS4700-48F User’s Guide...

  • Page 69: Setting Port Vid

    Setting link. Enter 2 in the PVID field for port 1 and click Apply to save your changes back to the run-time EXAMPLE memory. Settings in the run-time memory are lost when the Switch’s power is turned off. XGS4700-48F User’s Guide...

  • Page 70: Enabling Rip

    In the Version field, select RIP-1 for the RIP packet format that is universally EXAMPLE supported. Click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. XGS4700-48F User’s Guide...

  • Page 71: Tutorials

    VLAN 100. Create a VLAN containing ports 5, 6 and 7. Connect a computer M to the Switch’s MGMT port. Figure 32 Tutorial: DHCP Snooping Tutorial Overview VLAN 100 Note: For related information about DHCP snooping, see Section 26.1 on page 261. XGS4700-48F User’s Guide...
  • Page 72 Go to Advanced Application > VLAN > Static VLAN, and create a VLAN with ID of 100. Add ports 5, 6 and 7 in the VLAN by selecting Fixed in the Control field as shown. Deselect Tx Tagging because you don’t want outgoing traffic to contain this VLAN tag. Click Add. XGS4700-48F User’s Guide...
  • Page 73 7 with the tag 100. Go to Advanced Application > IP Source Guard > DHCP snooping > Configure, activate and specify VLAN 100 as the DHCP VLAN as shown. Click Apply. Click the Port link at the top right corner. XGS4700-48F User’s Guide...
  • Page 74 VLAN ID or system name, you can also select the Option82 and Information fields in the entry. See Section 26.1.1.3 on page 263. Click Save at the top right corner of the web configurator to save the configuration permanently. XGS4700-48F User’s Guide...

  • Page 75: How To Use Dhcp Relay On The Switch

    DHCP requests. 6.2.1 DHCP Relay Tutorial Introduction In this example, you have configured your DHCP server (192.168.2.3) and want to have it assign a specific IP address (say 172.16.1.18) and gateway information to XGS4700-48F User’s Guide...

  • Page 76: Creating A Vlan

    Follow the steps below to configure port 2 as a member of VLAN 102. Access the web configurator through the Switch’s management port. Go to Basic Setting > Switch Setup and set the VLAN type to 802.1Q. Click Apply to save the settings to the run-time memory. XGS4700-48F User’s Guide...
  • Page 77 Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending. Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. XGS4700-48F User’s Guide...
  • Page 78 VLAN group that the tag defines. 10 Click Apply to save your changes back to the run-time memory. 11 Click the Save link in the upper right corner of the web configurator to save your configuration permanently. XGS4700-48F User’s Guide...

  • Page 79: Configuring Dhcp Relay

    Check the client A’s IP address. If it did not receive the IP address 172.16.1.18, make sure: Client A is connected to the Switch’s port 2 in VLAN 102. You configured the correct VLAN ID, port number and system name for DHCP relay on both the DHCP server and the Switch. XGS4700-48F User’s Guide...

  • Page 80: How To Use Pppoe Ia On The Switch

    Table 7 Settings in this Tutorial PORT PPPOE IA PORT SWITCH VLAN CIRCUIT-ID REMOTE-ID CONNECTED TRUSTED Port 5 (to C) userC 00134900000A Untrusted Port 12 (to B) Trusted Port 11 (to A) Trusted Port 12 (to S) Trusted XGS4700-48F User’s Guide...

  • Page 81: Configuring Switch A

    Select Untrusted for port 5 and enter userC as Circuit-id and 00134900000A as Remote-id. Select Trusted for port 12 and then leave the other fields empty. Click Apply. Then Click Intermediate Agent on the top of the screen. XGS4700-48F User’s Guide...
  • Page 82 The Intermediate Agent screen appears. Click VLAN on the top of the screen. Enter 1 for both Start VID and End VID since both the Switch and PPPoE server are in VLAN 1 in this example. Click Apply. XGS4700-48F User’s Guide...

  • Page 83: Configuring Switch B

    Remote-id to allow the Switch to add these two strings to frames tagged with VLAN 1 and pass to the PPPoE server. Click Apply. 6.3.2 Configuring Switch B The example uses another XGS4700-48F as switch B. Click Advanced Application > PPPoE > Intermediate Agent. Select Active then click Apply.
  • Page 84 Chapter 6 Tutorials Select Trusted for ports 11 and 12 and then click Apply. Then Click Intermediate Agent on the top of the screen. The Intermediate Agent screen appears. Click VLAN on the top of the screen. XGS4700-48F User’s Guide...

  • Page 85: How To Use Error Disable And Recovery On The Switch

    6.4 How to Use Error Disable and Recovery on the Switch This tutorial shows you how to shut down a port when: • there is a loop occurred • too many ARP requests (over 100 packets per second) received on a port XGS4700-48F User’s Guide...
  • Page 86 First, click Advanced Application > Loop Guard. Select the Active option in the first section to enable loop guard on the Switch. Then select the Active option of the first entry (port *) to enable loop guard for all ports. Click Apply. XGS4700-48F User’s Guide...
  • Page 87 100 as the rate limit (packets per second) for the first entry (port *) to apply the setting to all ports. Then click Apply. Click Advanced Application > Errdisable > Errdisable Detect, select Active for cause ARP and inactive-port as the mode. Then click Apply. XGS4700-48F User’s Guide...

  • Page 88: How To Set Up A Guest Vlan

    Internet through the default gateway attached to port 10, but are not allowed to access other network resources, such as the mail server or local data base. VLAN 1 Internet Guest VLAN 200 Ports 1, 2, 3 and 10 XGS4700-48F User’s Guide...

  • Page 89: Creating A Guest Vlan

    Select Fixed to configure ports 1, 2, 3 and 10 to be permanent members of this VLAN. Clear the TX Tagging check box to set the Switch to remove VLAN tags before sending frames out of these ports. XGS4700-48F User’s Guide...
  • Page 90 Enter 200 in the PVID field for ports 1, 2, 3 and 10 to add a tag to incoming untagged frames received on these ports so that the frames are forwarded to the VLAN group that the tag defines. XGS4700-48F User’s Guide...

  • Page 91: Enabling Ieee 802.1X Port Authentication

    6.5.2 Enabling IEEE 802.1x Port Authentication Follow the steps below to enable port authentication to validate access to ports 1~8 to clients based on a RADIUS server. Click Advanced Application > Port Authentication and then the Click Here link for 802.1x. XGS4700-48F User’s Guide...

  • Page 92: Enabling Guest Vlan

    Select the first Active checkbox to enable 802.1x authentication on the Switch. Select the Active checkboxes for ports 1 to 8 to turn on 802.1x authentication on the selected ports. Click Apply. 6.5.3 Enabling Guest VLAN Click the Guest Vlan link in the 802.1x screen. XGS4700-48F User’s Guide...

  • Page 93: How To Configure Routing Policy

    (R2) for special treatment. The layer-3 classifier groups packets marked with DSCP value 58 into a flow. Packets marked with different DSCP values, such as 13 are forwarded to the default gateway. The Switch applies policy-based routing rules to incoming packets prior to the normal routing. XGS4700-48F User’s Guide...

  • Page 94: Create A Layer-3 Classifier

    Access the web configurator through the Switch’s management port. Go to Advanced Application > Classifier and select Active. Enter a descriptive name (“DSCP58” in this example). Select the second option of DSCP and enter 58 in the field provided. XGS4700-48F User’s Guide...

  • Page 95: Create A Policy Routing Rule

    DSCP58 to gateway R2. Click IP Application > Policy Routing. Select Active and enter a descriptive name for this profile (“To_R2” for example). Click Add to save the settings to the run-time memory. XGS4700-48F User’s Guide...
  • Page 96 Enter the IP address of gateway R2 in the Next Hop field (“10.1.2.3” in this example). Click Add to save the settings to the run-time memory. Click the Save link in the upper right corner of the web configurator to save your configuration permanently. XGS4700-48F User’s Guide...

  • Page 97: Technical Reference

    Technical Reference...

  • Page 99: System Status And Port Statistics

    The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details. 7.2 Port Status Summary To view the port statistics, click Status in all web configurator screens to display the Status screen as shown next. Figure 35 Status XGS4700-48F User’s Guide...
  • Page 100 This field shows the total amount of time in hours, minutes and seconds the port has been up. Clear Counter Type a port number, select Port and then click Clear Counter to erase the recorded statistical information for that port, or select Any to clear statistics for all ports. XGS4700-48F User’s Guide...

  • Page 101: Status: Port Details

    If STP (Spanning Tree Protocol) is enabled, this field displays the STP state of the port (see Section 13.1.3 on page 151 for more information). If STP is disabled, this field displays FORWARDING if the link is up, otherwise, it displays STOP. XGS4700-48F User’s Guide...
  • Page 102 RX CRC This field shows the number of packets received with CRC (Cyclic Redundant Check) error(s). Length This field shows the number of packets received with a length that was out of range. XGS4700-48F User’s Guide...
  • Page 103 This field shows the number of packets (including bad packets) received that were between 1519 octets and the maximum frame size. The maximum frame size varies depending on your switch model. See Chapter 55 on page 455. XGS4700-48F User’s Guide...
  • Page 104 Chapter 7 System Status and Port Statistics XGS4700-48F User’s Guide...

  • Page 105: Basic Setting

    DNS (domain name server) for management purposes. The Port Setup screen allows you to enable or disable a port on the Switch and configure the port settings, such as the speed and duplex mode. XGS4700-48F User’s Guide...

  • Page 106: System Information

    This field displays the descriptive name of the Switch for identification Name purposes. Product This field displays the model number of the Switch. Model ZyNOS F/W This field displays the version number of the Switch 's current firmware Version including the date created. XGS4700-48F User’s Guide...
  • Page 107 This field displays the minimum voltage measured at this point. Threshold This field displays the percentage tolerance of the voltage with which the Switch still works. Status Normal indicates that the voltage is within an acceptable operating range at this point; otherwise Error is displayed. XGS4700-48F User’s Guide...

  • Page 108: General Setup

    Type the geographic location of your Switch. You can use up to 32 printable ASCII characters; spaces are allowed. Contact Type the name of the person in charge of this Switch. You can use up to Person's Name 32 printable ASCII characters; spaces are allowed. XGS4700-48F User’s Guide...
  • Page 109 European Union you would select Last, Sunday, March and the last field depends on your time zone. In Germany for instance, you would select 2:00 because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). XGS4700-48F User’s Guide...

  • Page 110: Introduction To Vlans

    With VLAN, all broadcasts are confined to a specific broadcast domain. Note: VLAN is unidirectional; it only governs outgoing traffic. Chapter 9 on page 119 for information on port-based and 802.1Q tagged VLANs. XGS4700-48F User’s Guide...

  • Page 111: Switch Setup Screen

    Join message using GARP. Declarations are withdrawn by issuing a Leave message. A Leave All message terminates all registrations. GARP timers set declaration timeout values. See Chapter 9 on page 119 for more background information. XGS4700-48F User’s Guide...
  • Page 112 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 113: Ip Setup

    To change the IP address of the Switch in a routing domain, simply add a new routing domain entry with a different IP address in the same subnet. Figure 40 Basic Setting > IP Setup XGS4700-48F User’s Guide...
  • Page 114 Cancel Click Cancel to reset the fields to your previous configuration. Index This field displays the index number of an entry. IP Address This field displays IP address of the Switch in the IP domain. XGS4700-48F User’s Guide...

  • Page 115: Port Setup

    Click Cancel to clear the Delete check boxes. 8.7 Port Setup Use this screen to configure Switch port settings. Click Basic Setting > Port Setup in the navigation panel to display the configuration screen. Figure 41 Basic Setting > Port Setup XGS4700-48F User’s Guide...
  • Page 116 Back Pressure flow control is typically used in half duplex mode to send a "collision" signal to the sending port (mimicking a state of packet collision) causing the sending port to temporarily stop sending signals and resend later. Select Flow Control to enable it. XGS4700-48F User’s Guide...
  • Page 117 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 118 Chapter 8 Basic Setting XGS4700-48F User’s Guide...

  • Page 119: Vlan

    3 Bits 1 Bit 12 bits 9.1.1 Forwarding Tagged and Untagged Frames Each port on the Switch is capable of passing tagged or untagged frames. To forward a frame from an 802.1Q VLAN-aware switch to an 802.1Q VLAN-unaware XGS4700-48F User’s Guide...

  • Page 120: Automatic Vlan Registration

    Please refer to the following table for common IEEE 802.1Q VLAN terminology. Table 15 IEEE 802.1Q VLAN Terminology VLAN TERM DESCRIPTION PARAMETER VLAN Type Permanent VLAN This is a static VLAN created manually. Dynamic VLAN This is a VLAN configured by a GVRP registration/ deregistration process. XGS4700-48F User’s Guide...

  • Page 121: Port Vlan Trunking

    VLAN group tags. However, with VLAN Trunking enabled on a port(s) in each intermediary switch you only need to create VLAN groups in the end devices (A and B). C, D and E automatically XGS4700-48F User’s Guide...

  • Page 122: Select The Vlan Type

    • sent to a group whether it has a VLAN tag or not. • blocked from a VLAN group regardless of its VLAN tag. You can also tag all outgoing frames (that were previously untagged) from a port with the specified VID. XGS4700-48F User’s Guide...

  • Page 123: Vlan Status

    GVRP, static - added as a permanent entry or other - added in another way such as via Multicast VLAN Registration (MVR). Change Pages Click Previous or Next to show the previous/next screen if all status information cannot be seen in one screen. XGS4700-48F User’s Guide...

  • Page 124: Vlan Details

    Multicast VLAN Registration (MVR). 9.5.3 Configure a Static VLAN Use this screen to configure and view 802.1Q VLAN parameters for the Switch. Section 9.1 on page 119 for more information on static VLAN. To configure a XGS4700-48F User’s Guide...
  • Page 125 Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...

  • Page 126: Configure Vlan Port Settings

    See Section 9.1 on page 119 for more information on static VLAN. Click the VLAN Port Setting link in the VLAN Status screen. Figure 47 Advanced Application > VLAN > VLAN Port Setting XGS4700-48F User’s Guide...
  • Page 127 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 128: Subnet Based Vlans

    That is, video services receive the highest priority and data the lowest. Figure 48 Subnet Based VLAN Application Example Tagged Frames Internet Untagged Frames 10.1.1.0/24 172.16.1.0/24 192.168.1.0/24 VID = 300 VID = 100 VID = 200 XGS4700-48F User’s Guide...

  • Page 129: Configuring Subnet Based Vlan

    Select this check box to activate the IP subnet VLAN you are creating or editing. Name Enter up to 32 alphanumeric characters to identify this subnet based VLAN. Enter the IP address of the subnet for which you want to configure this subnet based VLAN. XGS4700-48F User’s Guide...

  • Page 130: Protocol Based Vlans

    IEEE 802.1Q tagged VLAN. For example, ports 1, 2, 3 and 4 belong to static VLAN 100, and ports 4, 5, 6, 7 belong to static VLAN 120. You can configure a protocol based VLAN A with priority XGS4700-48F User’s Guide...

  • Page 131: Configuring Protocol Based Vlan

    Figure 50 Protocol Based VLAN Application Example 9.9 Configuring Protocol Based VLAN Click Protocol Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. Figure 51 Advanced Application > VLAN > VLAN Port Setting > Protocol Based VLAN XGS4700-48F User’s Guide...
  • Page 132 This field shows the priority which is assigned to frames belonging to this protocol based VLAN. Delete Click this to delete the protocol based VLANs which you marked for deletion. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 133: Create An Ip-Based Vlan Example

    To add more ports to this protocol based VLAN. Click the index number of the protocol based VLAN entry. Click 1 Change the value in the Port field to the next port you want to add. Click Add. XGS4700-48F User’s Guide...

  • Page 134: Port-Based Vlan Setup

    Connected or Port Isolated from the drop-down list depending on your VLAN and VLAN security requirements. If VLAN members need to communicate directly with each other, then select All Connected. Select Port Isolated if you want to restrict users from communicating directly. Click Apply to save your settings. XGS4700-48F User’s Guide...
  • Page 135 Chapter 9 VLAN The following screen shows users on a port-based, all-connected VLAN configuration. Figure 53 Advanced Application > VLAN > Port Based VLAN Setup (All Connected) XGS4700-48F User’s Guide...
  • Page 136 Chapter 9 VLAN The following screen shows users on a port-based, port-isolated VLAN configuration. Figure 54 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) XGS4700-48F User’s Guide...
  • Page 137 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 138 Chapter 9 VLAN XGS4700-48F User’s Guide...

  • Page 139: Static Mac Forward Setup

    Static MAC address forwarding together with port security allows only computers in the MAC address table on a port to access the Switch. See Chapter 19 on page for more information on port security. XGS4700-48F User’s Guide...
  • Page 140 MAC address-forwarding rule. MAC Address This field displays the MAC address that will be forwarded and the VLAN identification number to which the MAC address belongs. This field displays the ID number of the VLAN group. XGS4700-48F User’s Guide...
  • Page 141 This field displays the port where the MAC address shown in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...
  • Page 142 Chapter 10 Static MAC Forward Setup XGS4700-48F User’s Guide...

  • Page 143: Static Multicast Forward Setup

    24.3 on page 231). Figure 56 shows such unknown multicast frames flooded to all ports. With static multicast forwarding, you can forward these multicasts to port(s) within a VLAN group. Figure 57 shows frames being forwarded to devices XGS4700-48F User’s Guide...

  • Page 144: Configuring Static Multicast Forwarding

    Figure 57 Static Multicast Forwarding to A Single Port Figure 58 Static Multicast Forwarding to Multiple Ports 11.2 Configuring Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). XGS4700-48F User’s Guide...
  • Page 145 Click Cancel to reset the fields to their last saved values. Clear Click Clear to reset the fields to the factory defaults. Index Click an index number to modify a static multicast MAC address rule for port(s). XGS4700-48F User’s Guide...
  • Page 146 This field displays the port(s) within a identified VLAN group to which frames containing the specified multicast MAC address will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 147: Filtering

    Make sure to select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by deselecting this check box. Name Type a descriptive name (up to 32 printable ASCII characters) for this rule. This is for identification only. XGS4700-48F User’s Guide...
  • Page 148 This field displays the VLAN group identification number. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. XGS4700-48F User’s Guide...

  • Page 149: Spanning Tree Protocol

    Both RSTP and STP flush unwanted learned addresses from the filtering database. In RSTP, the port states are Discarding, Learning, and Forwarding. Note: In this user’s guide, “STP” refers to both STP and RSTP. 13.1.1 STP Terminology The root bridge is the base of the spanning tree. XGS4700-48F User’s Guide...

  • Page 150: How Stp Works

    Hello BPDU after a predefined interval (Max Age), the bridge assumes that the link to the root bridge is down. This bridge then initiates negotiations with other bridges to reconfigure the network to re-establish a valid network topology. XGS4700-48F User’s Guide...

  • Page 151: Stp Port States

    13.1.4 Multiple RSTP MRSTP (Multiple RSTP) is ZyXEL’s proprietary feature that is compatible with RSTP and STP. With MRSTP, you can have more than one spanning tree on your Switch and assign port(s) to each tree. Each spanning tree operates independently with its own bridge information.

  • Page 152: Multiple Stp

    If the switches are using STP or RSTP, the link for VLAN 2 will be blocked as STP and RSTP allow only one link in the network and block the redundant link. Figure 62 STP/RSTP Network Example VLAN 1 VLAN 2 XGS4700-48F User’s Guide...

  • Page 153: Mst Region

    An MST Instance (MSTI) is a spanning tree instance. VLANs can be configured to run on a specific MSTI. Each created MSTI is identified by a unique number (known as an MST ID) known internally to a region. Thus an MSTI does not span across MST regions. XGS4700-48F User’s Guide...
  • Page 154 MSTP-enabled network, there is only one CIST that runs between MST regions and single spanning tree devices. A network may contain multiple MST regions and other network segments running RSTP. Figure 65 MSTP and Legacy RSTP Network Example XGS4700-48F User’s Guide...

  • Page 155: Spanning Tree Protocol Status Screen

    13.3 Spanning Tree Configuration Use the Spanning Tree Configuration screen to activate one of the STP modes on the Switch. Click Configuration in the Advanced Application > Spanning Tree Protocol. Figure 67 Advanced Application > Spanning Tree Protocol > Configuration XGS4700-48F User’s Guide...

  • Page 156: Configure Rapid Spanning Tree Protocol

    Use this screen to configure RSTP settings, see Section 13.1 on page 149 for more information on RSTP. Click RSTP in the Advanced Application > Spanning Tree Protocol screen. Figure 68 Advanced Application > Spanning Tree Protocol > RSTP XGS4700-48F User’s Guide...
  • Page 157 Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...

  • Page 158: Rapid Spanning Tree Protocol Status

    Click Cancel to begin configuring this screen afresh. 13.5 Rapid Spanning Tree Protocol Status Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 149 more information on RSTP. XGS4700-48F User’s Guide...
  • Page 159 Switch must communicate with the root of the Spanning Tree. Topology This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change XGS4700-48F User’s Guide...

  • Page 160: Configure Multiple Rapid Spanning Tree Protocol

    Select this check box to activate an STP tree. Clear this checkbox to disable an STP tree. Note: You must also activate Multiple Rapid Spanning Tree in the Advanced Application > Spanning Tree Protocol > Configuration screen to enable MRSTP on the Switch. XGS4700-48F User’s Guide...
  • Page 161 Note: An edge port becomes a non-edge port as soon as it receives a Bridge Protocol Data Unit (BPDU). XGS4700-48F User’s Guide...

  • Page 162: Multiple Rapid Spanning Tree Protocol Status

    See Section 13.1 on page 149 more information on MRSTP. Note: This screen is only available after you activate MRSTP on the Switch. Figure 71 Advanced Application > Spanning Tree Protocol > Status: MRSTP XGS4700-48F User’s Guide...
  • Page 163 Switch must communicate with the root of the Spanning Tree. Topology This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change XGS4700-48F User’s Guide...

  • Page 164: Configure Multiple Spanning Tree Protocol

    13.8 Configure Multiple Spanning Tree Protocol To configure MSTP, click MSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 13.1.5 on page 152 for more information on MSTP. Figure 72 Advanced Application > Spanning Tree Protocol > MSTP XGS4700-48F User’s Guide...
  • Page 165 Click Cancel to begin configuring this screen afresh. Instance Use this section to configure MSTI (Multiple Spanning Tree Instance) settings. Instance Enter the number you want to use to identify this MST instance on the Switch. The Switch supports instance numbers 0-16. XGS4700-48F User’s Guide...
  • Page 166 This field displays the ID of an MST instance. VLAN This field displays the VID (or VID ranges) to which the MST instance is mapped. Active Port This field display the ports configured to participate in the MST instance. XGS4700-48F User’s Guide...

  • Page 167: Multiple Spanning Tree Protocol Port Configuration

    Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...

  • Page 168: Multiple Spanning Tree Protocol Status

    See Section 13.1.5 on page 152 more information on MSTP. Note: This screen is only available after you activate MSTP on the Switch. Figure 74 Advanced Application > Spanning Tree Protocol > Status: MSTP XGS4700-48F User’s Guide...
  • Page 169 This Switch may also be the root bridge. Bridge ID This is the unique identifier for this bridge, consisting of bridge priority plus MAC address. This ID is the same for Root and Our Bridge if the Switch is the root switch. XGS4700-48F User’s Guide...
  • Page 170 This is the path cost from the root port in this MST instance to the regional root switch. Port ID This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the MST instance. XGS4700-48F User’s Guide...

  • Page 171: Bandwidth Control

    CIR will be marked for drop. Note: The CIR should be less than the PIR. Note: The sum of CIRs cannot be greater than or equal to the uplink bandwidth. XGS4700-48F User’s Guide...

  • Page 172: Bandwidth Control Setup

    The sum of commit rates cannot be greater than or equal to the uplink bandwidth. Active Select this check box to activate peak rate limits on this port. Peak Specify the maximum bandwidth allowed in kilobits per second (Kbps) for Rate the incoming traffic flow on a port. XGS4700-48F User’s Guide...
  • Page 173 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 174 Chapter 14 Bandwidth Control XGS4700-48F User’s Guide...

  • Page 175: Broadcast Storm Control

    DLF packets in your network. You can specify limits for each packet type on each port. Click Advanced Application > Broadcast Storm Control in the navigation panel to display the screen as shown next. Figure 76 Advanced Application > Broadcast Storm Control XGS4700-48F User’s Guide...
  • Page 176 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 177: Mirroring

    Click Advanced Application > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 77 Advanced Application > Mirroring XGS4700-48F User’s Guide...
  • Page 178 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 179: Link Aggregation

    The Switch adheres to the IEEE 802.3ad standard for static and dynamic (LACP) port trunking. The Switch supports the link aggregation IEEE802.3ad standard. This standard describes the Link Aggregation Control Protocol (LACP), which is a protocol that dynamically creates and manages trunk groups. XGS4700-48F User’s Guide...

  • Page 180: Link Aggregation Id

    Table 40 Link Aggregation ID: Peer Switch SYSTEM PORT PORT MAC ADDRESS PRIORITY PRIORITY NUMBER 0000 00-00-00-00-00-00 0000 0000 Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port. XGS4700-48F User’s Guide...

  • Page 181: Link Aggregation Status

    Refer to Section 17.2.1 on page 180 for more information on this field. The ID displays only when there is a port belonging to this trunk group and LACP is also enabled for this group. XGS4700-48F User’s Guide...
  • Page 182 This field displays how these ports were added to the trunk group. It displays: • Static - if the ports are configured as static members of a trunk group. • LACP - if the ports are configured to join a trunk group via LACP. XGS4700-48F User’s Guide...

  • Page 183: Link Aggregation Setting

    This is the only screen you need to configure to enable static link Aggregation aggregation. Setting Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. Active Select this option to activate a trunk group. XGS4700-48F User’s Guide...
  • Page 184 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 185: Link Aggregation Control Protocol

    Click in the Advanced Application > Link Aggregation > Link Aggregation Setting > LACP to display the screen shown next. See Section 17.2 on page 179 for more information on dynamic link aggregation. Figure 80 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP XGS4700-48F User’s Guide...

  • Page 186: Static Trunking Example

    Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 17.6 Static Trunking Example This example shows you how to create a static port trunk group for ports 2-5. XGS4700-48F User’s Guide...
  • Page 187 Click Apply when you are done. Figure 82 Trunking Example - Configuration Screen EXAMPLE Your trunk group 1 (T1) configuration is now complete. XGS4700-48F User’s Guide...
  • Page 188 Chapter 17 Link Aggregation XGS4700-48F User’s Guide...

  • Page 189: Port Authentication

    When the client provides the login At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. XGS4700-48F User’s Guide...

  • Page 190: Mac Authentication

    MAC authentication works in a very similar way to IEEE 802.1x authentication. The main difference is that the Switch does not prompt the client for login credentials. The login credentials are based on the source MAC address of the XGS4700-48F User’s Guide...

  • Page 191: Port Authentication Configuration

    AAA > Radius Server Setup screen. To activate a port authentication method, click Advanced Application > Port Authentication in the navigation panel. Select a port authentication method in the screen that appears. Figure 85 Advanced Application > Port Authentication XGS4700-48F User’s Guide...

  • Page 192: Activate Ieee 802.1X Security

    Note: Changes in this row are copied to all the ports as soon as you make them. Active Select this checkbox to permit 802.1x authentication on this port. You must first allow 802.1x authentication on the Switch before configuring it on each port. XGS4700-48F User’s Guide...

  • Page 193: Guest Vlan

    VLAN. That is, unauthenticated users can have access to limited network resources in the same guest VLAN, such as the Internet. The XGS4700-48F User’s Guide...
  • Page 194 Use this screen to enable and assign a guest VLAN to a port. In the Port Authentication > 802.1x screen click Guest Vlan to display the configuration screen as shown. Figure 88 Advanced Application > Port Authentication > 802.1x > Guest VLAN XGS4700-48F User’s Guide...
  • Page 195 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 196: Activate Mac Authentication

    If you leave this field blank, then only the MAC address of the client is forwarded to the RADIUS server. Password Type the password the Switch sends along with the MAC address of a client for authentication with the RADIUS server. You can enter up to 32 printable ASCII characters. XGS4700-48F User’s Guide...
  • Page 197 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 198 Chapter 18 Port Authentication XGS4700-48F User’s Guide...

  • Page 199: Port Security

    MAC address(es) for a port. It is not recommended you disable port security together with MAC address learning as this will result in many broadcasts. By default, MAC address learning is still enabled even though the port security is not activated. XGS4700-48F User’s Guide...

  • Page 200: Port Security Setup

    Use this row only if you want to make some of the settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...

  • Page 201: Vlan Mac Address Limit

    Use this screen to set the MAC address learning limit on per-port and per-VLAN basis. Click VLAN MAC Address Limit in the Advanced Application > Port Security screen to display the screen as shown. Figure 91 Advanced Application > Port Security > VLAN MAC Address Limit XGS4700-48F User’s Guide...
  • Page 202 This is the maximum number of MAC addresses which a port can learn in a VLAN. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. XGS4700-48F User’s Guide...

  • Page 203: Classifier

    You can also configure policy routing to forward a classified traffic flow to a different gateway for cost savings and load sharing. See Chapter 35 on page 303 for how to configure policy routing. XGS4700-48F User’s Guide...

  • Page 204: Configuring The Classifier

    Figure 92 Advanced Application > Classifier The following table describes the labels in this screen. Table 49 Advanced Application > Classifier LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. XGS4700-48F User’s Guide...
  • Page 205 Switch will pick out the packets that are sent to establish TCP connections. Source Enter a source IP address in dotted decimal notation. Address/ Specify the address prefix by entering the number of ones in the subnet mask. Address Prefix XGS4700-48F User’s Guide...

  • Page 206: Viewing And Editing Classifier Configuration

    Classifier screen. To change the settings of a rule, click a number in the Index field. Note: When two rules conflict with each other, a higher layer rule has priority over a lower layer rule. Figure 93 Advanced Application > Classifier: Summary Table XGS4700-48F User’s Guide...
  • Page 207 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 Some of the most common IP ports are: Table 52 Common IP Ports PORT PORT NAME NUMBER Telnet SMTP HTTP POP3 XGS4700-48F User’s Guide...

  • Page 208: Classifier Example

    Figure 94 Classifier: Example EXAMPLE After you have configured a classifier, you can configure a policy to define action(s) on the classified traffic flow. See Chapter 21 on page 209 for information on configuring a policy rule. XGS4700-48F User’s Guide...

  • Page 209: Policy Rule

    DS field. DSCP is backward compatible with the three precedence bits in the ToS octet so that non-DiffServ compliant, ToS-enabled network device will not conflict with the DSCP mapping. DSCP (6 bits) Unused (2 bits) XGS4700-48F User’s Guide...

  • Page 210: Configuring Policy Rules

    DSCP values and the configured policies. 21.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 20.2 on page 204 for more information. XGS4700-48F User’s Guide...
  • Page 211 Figure 95 Advanced Application > Policy Rule The following table describes the labels in this screen. Table 53 Advanced Application > Policy Rule LABEL DESCRIPTION Active Select this option to enable the policy. Name Enter a descriptive name for identification purposes. XGS4700-48F User’s Guide...
  • Page 212 Select Replace the IP TOS with the 802.1p priority value to replace the TOS field with the value you configure in the Priority field. Select Set the Diffserv Codepoint field in the frame to set the DSCP field with the value you configure in the DSCP field. XGS4700-48F User’s Guide...

  • Page 213: Viewing And Editing Policy Configuration

    To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Policy screen. To change the settings of a rule, click a number in the Index field. Figure 96 Advanced Application > Policy Rule: Summary Table XGS4700-48F User’s Guide...
  • Page 214 This field displays the name you have assigned to this policy. Classifier(s) This field displays the name(s) of the classifier to which this policy applies. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 215: Policy Example

    The figure below shows an example Policy screen where you configure a policy to limit bandwidth and discard out-of-profile traffic on a traffic flow classified using the Example classifier (refer to Section 20.4 on page 208). Figure 97 Policy Example EXAMPLE XGS4700-48F User’s Guide...
  • Page 216 Chapter 21 Policy Rule XGS4700-48F User’s Guide...

  • Page 217: Queuing Method

    By default, the weight for Q0 is 1, for Q1 is 2, for Q2 is 3, and so on. The weights range from 1 to 15 and the actual guaranteed bandwidth is calculated as follows: XGS4700-48F User’s Guide...

  • Page 218: Weighted Round Robin Scheduling (Wrr)

    Queues with larger weights get more service than queues with smaller weights. This queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues and returns to queues that have not yet emptied. XGS4700-48F User’s Guide...

  • Page 219: Configuring Queuing

    Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...
  • Page 220 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 221: Vlan Stacking

    (SPN) customers with VPN tunnels between their head offices and branch offices respectively. Both have an identical VLAN tag for their VLAN group. The service provider can separate these two VLANs within its network by adding tag 37 to XGS4700-48F User’s Guide...

  • Page 222: Vlan Stacking Port Roles

    VLAN (using the outer VLAN tag defined by the Service Provider’s (SP) VLAN ID (VID)). Note: Static VLAN Tx Tagging MUST be enabled on a port where you choose Tunnel Port. XGS4700-48F User’s Guide...

  • Page 223: Vlan Tag Format

    VID is the VLAN ID. SP VID is the VID for the second (service provider’s) VLAN tag. 23.3.1 Frame Format The frame format for an untagged Ethernet frame, a single-tagged 802.1Q frame (customer) and a “double-tagged” 802.1Q frame (service provider) is shown next. XGS4700-48F User’s Guide...

  • Page 224: Configuring Vlan Stacking

    (SP)TPI (Service Provider) Tag Protocol Data Frame data IDentifier VLAN ID Frame Check Sequence 23.4 Configuring VLAN Stacking Click Advanced Applications > VLAN Stacking to display the screen as shown. Figure 100 Advanced Application > VLAN Stacking XGS4700-48F User’s Guide...

  • Page 225: Port-Based Q-In-Q

    23.4.1 Port-based Q-in-Q Port-based Q-in-Q lets the Switch treat all frames received on the same port as the same VLAN flows and add the same outer VLAN tag to them, even they have different customer VLAN IDs. XGS4700-48F User’s Guide...

  • Page 226: Selective Q-In-Q

    Click Cancel to begin configuring this screen afresh. 23.4.2 Selective Q-in-Q Selective Q-in-Q is VLAN-based. It allows the Switch to add different outer VLAN tags to the incoming frames received on one port according to their inner VLAN tags. XGS4700-48F User’s Guide...
  • Page 227 Click Cancel to begin configuring this screen afresh. Index This is the number of the selective VLAN stacking rule. Active This shows whether this rule is activated or not. Name This is the descriptive name for this rule. XGS4700-48F User’s Guide...
  • Page 228 This is the service provider’s priority level in the packets. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 229: Multicast

    (such as content information distribution) based on service plans and types of subscription. You can set the Switch to filter the multicast group join reports on a per-port basis by configuring an IGMP filtering profile and associating the profile to a port. XGS4700-48F User’s Guide...

  • Page 230: Igmp Snooping

    This is the index number of the entry. This field displays the multicast VLAN ID. Port This field displays the port number that belongs to the multicast group. Multicast Group This field displays IP multicast group addresses. XGS4700-48F User’s Guide...

  • Page 231: Multicast Setting

    Switch removes an IGMP group membership entry if it does not receive report messages from the port. 802.1p Priority Select a priority level (0-7) to which the Switch changes the priority in outgoing IGMP control packets. Otherwise, select No-Change to not replace the priority. XGS4700-48F User’s Guide...
  • Page 232 IGMP reports from hosts to update the forwarding table. This defines how many seconds the Switch waits for an IGMP report before removing an IGMP snooping membership entry when an IGMP leave message is received on this port from a host. XGS4700-48F User’s Guide...
  • Page 233 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 234: Igmp Snooping Vlan

    Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. XGS4700-48F User’s Guide...

  • Page 235: Igmp Filtering Profile

    (in the Multicast Setting screen). Clients connected to those ports are then able to join the multicast groups specified in the profile. Each port can be assigned a single profile. A profile can be assigned to multiple ports. XGS4700-48F User’s Guide...
  • Page 236 Click Clear to reset the fields to the factory defaults. Profile Name This field displays the descriptive name of the profile. Start Address This field displays the start of the multicast address range. End Address This field displays the end of the multicast address range. XGS4700-48F User’s Guide...

  • Page 237: Mvr Overview

    VLAN 3 24.6.1 Types of MVR Ports In MVR, a source port is a port on the Switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic. XGS4700-48F User’s Guide...

  • Page 238: Mvr Modes

    VLAN, the receiving port will still be on the list of forwarding destination for the multicast traffic. Otherwise, the Switch removes the receiver port from the forwarding table. Figure 108 MVR Multicast Television Example VLAN 1 Multicast VLAN XGS4700-48F User’s Guide...

  • Page 239: General Mvr Configuration

    VLANs on the network. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes. Multicast VLAN Enter the VLAN ID (1 to 4094) of the multicast VLAN. XGS4700-48F User’s Guide...
  • Page 240 This field displays the priority level. Delete To delete a multicast VLAN(s), select the rule(s) that you want to remove in the Delete column, then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 241: Mvr Group Configuration

    Enter the same IP address as the Start Address field if you want to configure only one IP address for a multicast group. Refer to Section 24.1.1 on page 229 for more information on IP multicast addresses. XGS4700-48F User’s Guide...

  • Page 242: Mvr Configuration Example

    VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S. Computers A, B and C in VLAN 1 are able to receive the traffic. Figure 111 MVR Configuration Example News: 224.1.4.10 ~ 224.1.4.50 Movie: 230.1.2.50 ~230.1.2.60 VLAN 1 Multicast VID 200 XGS4700-48F User’s Guide...
  • Page 243 Figure 112 MVR Configuration Example EXAMPLE To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The XGS4700-48F User’s Guide...
  • Page 244 Chapter 24 Multicast following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. Figure 113 MVR Group Configuration Example EXAMPLE Figure 114 MVR Group Configuration Example EXAMPLE XGS4700-48F User’s Guide...

  • Page 245: Aaa

    The external servers that perform authentication, authorization and accounting functions are known as AAA servers. The Switch supports RADIUS (Remote Authentication Dial-In User Service, see Section 25.1.2 on page 246) and TACACS+ (Terminal Access Controller Access-Control System Plus, see Section XGS4700-48F User’s Guide...

  • Page 246: Local User Accounts

    The AAA screens allow you to enable authentication, authorization, accounting or all of them on the Switch. First, configure your authentication and accounting server settings (RADIUS, TACACS+ or both) and then set up the authentication priority, activate authorization and configure accounting settings. XGS4700-48F User’s Guide...

  • Page 247: Radius Server Setup

    RADIUS attributes utilized by the authentication and accounting features on the Switch. Click on the RADIUS Server Setup link in the AAA screen to view the screen as shown. Figure 117 Advanced Application > AAA > RADIUS Server Setup XGS4700-48F User’s Guide...
  • Page 248 Enter the IP address of an external RADIUS accounting server in dotted decimal notation. UDP Port The default port of a RADIUS accounting server for accounting is 1813. You need not change this value unless your network administrator instructs you to do so. XGS4700-48F User’s Guide...

  • Page 249: Tacacs+ Server Setup

    246 for more information on TACACS+ servers. Click on the TACACS+ Server Setup link in the Authentication and Accounting screen to view the screen as shown. Figure 118 Advanced Application > AAA > TACACS+ Server Setup XGS4700-48F User’s Guide...
  • Page 250 Enter the IP address of an external TACACS+ accounting server in dotted decimal notation. TCP Port The default port of a TACACS+ accounting server is 49. You need not change this value unless your network administrator instructs you to do XGS4700-48F User’s Guide...

  • Page 251: Aaa Setup

    Use this screen to configure authentication, authorization and accounting settings on the Switch. Click on the AAA Setup link in the AAA screen to view the screen as shown. Figure 119 Advanced Application > AAA > AAA Setup XGS4700-48F User’s Guide...
  • Page 252 Select radius to have the Switch check the administrator accounts configured via the RADIUS Server. Select tacacs+ to have the Switch check the administrator accounts configured via the TACACS+ Server. Authorization Use this section to configure authorization settings on the Switch. XGS4700-48F User’s Guide...
  • Page 253 This field is only configurable for Commands type of event. Select the threshold command privilege level for which the Switch should send accounting information. The Switch will send accounting information when commands at the level you specify and higher are executed on the Switch. XGS4700-48F User’s Guide...

  • Page 254: Vendor Specific Attribute

    The VSAs are composed of the following: • Vendor-ID: An identification number assigned to the company by the IANA (Internet Assigned Numbers Authority). ZyXEL’s vendor ID is 890. • Vendor-Type: A vendor specified attribute, identifying the setting you want to modify.

  • Page 255: Tunnel Protocol Attribute

    Tunnel-Type = VLAN(13) Tunnel-Medium-Type = 802(6) Tunnel-Private-Group-ID = VLAN ID Note: You must also create a VLAN with the specified VID on the Switch. Note: The bolded values in this table are fixed values as defined in RFC 3580. XGS4700-48F User’s Guide...

  • Page 256: Supported Radius Attributes

    - the format of the User-Name attribute is $enab#$, where # is the privilege level (1-14) User-Password NAS-Identifier NAS-IP-Address 25.3.1.2 Attributes Used to Login Users User-Name User-Password NAS-Identifier NAS-IP-Address 25.3.1.3 Attributes Used by the IEEE 802.1x Authentication User-Name NAS-Identifier NAS-IP-Address NAS-Port NAS-Port-Type XGS4700-48F User’s Guide...

  • Page 257: Attributes Used For Accounting

    User-Name    NAS-Identifier    NAS-IP-Address    Service-Type    Acct-Status-Type    Acct-Delay-Time    Acct-Session-Id    Acct-Authentic    Acct-Session-Time   Acct-Terminate-Cause  XGS4700-48F User’s Guide...
  • Page 258 NAS-Port-Type    Acct-Status-Type    Acct-Delay-Time    Acct-Session-Id    Acct-Authentic    Acct-Input-Octets   Acct-Output-Octets   Acct-Session-Time   Acct-Input-Packets   Acct-Output-Packets   Acct-Terminate-Cause  XGS4700-48F User’s Guide...
  • Page 259 Chapter 25 AAA Table 76 RADIUS Attributes - Exec Events via Console ATTRIBUTE START INTERIM-UPDATE STOP Acct-Input-Gigawords   Acct-Output-   Gigawords XGS4700-48F User’s Guide...
  • Page 260 Chapter 25 AAA XGS4700-48F User’s Guide...

  • Page 261: Ip Source Guard

    • ARP inspection. Use this to filter unauthorized ARP packets on the network. If you want to use dynamic bindings to filter unauthorized ARP packets (typical implementation), you have to enable DHCP snooping before you enable ARP inspection. XGS4700-48F User’s Guide...

  • Page 262: Dhcp Snooping Overview

    The DHCP snooping database maintains the dynamic bindings for DHCP snooping and ARP inspection in a file on an external TFTP server. If you set up the DHCP snooping database, the Switch can reload the dynamic bindings from the DHCP snooping database after the Switch restarts. XGS4700-48F User’s Guide...

  • Page 263: Configuring Dhcp Snooping

    (Chapter 40 on page 359). 26.1.1.4 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch. Enable DHCP snooping on the Switch. Enable DHCP snooping on each VLAN, and configure DHCP relay option 82. XGS4700-48F User’s Guide...

  • Page 264: Arp Inspection Overview

    These MAC address filters are different than regular MAC address filters (Chapter 12 on page 147). • They are stored only in volatile memory. • They do not use the same space in memory that regular MAC address filters use. XGS4700-48F User’s Guide...

  • Page 265: Ip Source Guard

    Use this screen to look at the current bindings for DHCP snooping and ARP inspection. Bindings are used by DHCP snooping and ARP inspection to distinguish between authorized and unauthorized packets in the network. The Switch learns XGS4700-48F User’s Guide...

  • Page 266: Ip Source Guard Static Binding

    Static bindings are uniquely identified by the MAC address and VLAN ID. Each MAC address and VLAN ID can only be in one static binding. If you try to create a static binding with the same MAC address and VLAN ID as an existing static binding, the XGS4700-48F User’s Guide...
  • Page 267 This binding was learned from information provided manually by an administrator. VLAN This field displays the source VLAN ID in the binding. Port This field displays the port number in the binding. If this field is blank, the binding applies to all ports. XGS4700-48F User’s Guide...

  • Page 268: Dhcp Snooping

    Click this to clear the Delete check boxes above. 26.4 DHCP Snooping Use this screen to look at various statistics about the DHCP snooping database. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping. Figure 124 DHCP Snooping XGS4700-48F User’s Guide...
  • Page 269 DHCP snooping database for any reason. Startup failures This field displays the number of times the Switch could not create or read the DHCP snooping database when the Switch started up or a new URL is configured for the DHCP snooping database. XGS4700-48F User’s Guide...
  • Page 270 Switch already had a binding with the same MAC address and VLAN ID. Invalid interfaces This field displays the number of bindings the Switch has ignored because the port number was a trusted interface or does not exist anymore. XGS4700-48F User’s Guide...

  • Page 271: Dhcp Snooping Configure

    TFTP server so that they are still available after a restart. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure. Figure 125 DHCP Snooping Configure XGS4700-48F User’s Guide...
  • Page 272 The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. XGS4700-48F User’s Guide...

  • Page 273: Dhcp Snooping Port Configure

    You can also specify the maximum number for DHCP packets that each port (trusted or untrusted) can receive each second. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > Port. Figure 126 DHCP Snooping Port Configure XGS4700-48F User’s Guide...

  • Page 274: Dhcp Snooping Vlan Configure

    Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP relay agent option 82 information (Chapter 40 on page 359) to DHCP requests that the Switch relays to a DHCP server for each VLAN. To XGS4700-48F User’s Guide...
  • Page 275 The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. XGS4700-48F User’s Guide...

  • Page 276: Arp Inspection Status

    Delete Select this and click Delete to remove the specified entry. Delete Click this to remove the selected entries. Cancel Click this to clear the Delete check boxes above. XGS4700-48F User’s Guide...

  • Page 277: Arp Inspection Vlan Status

    This field displays the total number of ARP packets the Switch forwarded for the VLAN since the Switch last restarted. Dropped This field displays the total number of ARP packets the Switch discarded for the VLAN since the Switch last restarted. XGS4700-48F User’s Guide...

  • Page 278: Arp Inspection Log Status

    The Switch consolidates identical log messages generated by ARP packets in the log consolidation interval into one log message. You can configure this interval in the ARP Inspection Configure screen. See Section 26.7 on page 279. XGS4700-48F User’s Guide...

  • Page 279: Arp Inspection Configure

    Switch stores records of discarded ARP packets and global settings for the ARP inspection log. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure. Figure 131 ARP Inspection Configure XGS4700-48F User’s Guide...
  • Page 280 The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. XGS4700-48F User’s Guide...

  • Page 281: Arp Inspection Port Configure

    Rate and Burst Interval settings have no effect on trusted ports. Rate (pps) Specify the maximum rate (1-2048 packets per second) at which the Switch receives ARP packets from each port. The Switch discards any additional ARP packets. Enter 0 to disable this limit. XGS4700-48F User’s Guide...

  • Page 282: Arp Inspection Vlan Configure

    Click this to display the specified range of VLANs in the section below. This field displays the VLAN ID of each VLAN in the range specified above. If you configure the * VLAN, the settings are applied to all VLANs. XGS4700-48F User’s Guide...
  • Page 283 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. XGS4700-48F User’s Guide...
  • Page 284 Chapter 26 IP Source Guard XGS4700-48F User’s Guide...

  • Page 285: Loop Guard

    If a switch (not in loop state) connects to a switch in loop state, then it will be affected by the switch in loop state in the following way: • It will receive broadcast messages sent out from the switch in loop state. XGS4700-48F User’s Guide...
  • Page 286 The following figure illustrates three switches forming a loop. A sample path of the loop guard probe packet is also shown. In this example, the probe packet is sent from port N and returns on another port. As long as loop guard is enabled on XGS4700-48F User’s Guide...

  • Page 287: Loop Guard Setup

    Click Advanced Application > Loop Guard in the navigation panel to display the screen as shown. Note: The loop guard feature can not be enabled on the ports that have Spanning Tree Protocol (RSTP, MRSTP or MSTP) enabled. Figure 138 Advanced Application > Loop Guard XGS4700-48F User’s Guide...
  • Page 288 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 289: Vlan Mapping

    VLAN ID from 12 into 123 before forwarding the packets. Any packets carrying a VLAN tag other than 12 (such as 10) and received on port 3 will be dropped. Figure 139 VLAN mapping example Service Provider Network Port 3 XGS4700-48F User’s Guide...

  • Page 290: Enabling Vlan Mapping

    Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 291: Configuring Vlan Mapping

    Click Cancel to reset the fields to your previous configuration. Index This is the number of the VLAN mapping entry in the table. Active This shows whether this entry is activated or not. Name This is the descriptive name for this rule. XGS4700-48F User’s Guide...
  • Page 292 This is the priority level that replaces the customer priority level in the tagged packets. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 293: Layer 2 Protocol Tunneling

    B, C and D. Topology change information can be propagated throughout the service provider’s network. To emulate a point-to-point topology between two customer switches at different sites, such as A and B, you can enable protocol tunneling on edge switches 1 and XGS4700-48F User’s Guide...

  • Page 294: Layer-2 Protocol Tunneling Mode

    • The Tunnel port is an egress port at the edge of the service provider's network and connected to another service provider’s switch. Incoming encapsulated layer-2 protocol packets received on a tunnel port are decapsulated and sent to an access port. XGS4700-48F User’s Guide...

  • Page 295: Configuring Layer 2 Protocol Tunneling

    Note: All the edge switches in the service provider’s network should be set to use the same MAC address for encapsulation. Port This field displays the port number. XGS4700-48F User’s Guide...
  • Page 296 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 297: Sflow

    For example, you can use it to know which IP address or which type of traffic caused network congestion. Figure 145 sFlow Application sFlow Agent sFlow Collector XGS4700-48F User’s Guide...

  • Page 298: Sflow Port Configuration

    Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...

  • Page 299: Sflow Collector Configuration

    Click Cancel to begin configuring this screen afresh. 30.2.1 sFlow Collector Configuration Click the Collector link in the sFlow screen to display the screen as shown. You can configure up to four sFlow collectors in this screen. You may want to configure XGS4700-48F User’s Guide...
  • Page 300 This field displays port number the Switch uses to send sFlow datagram to the collector. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 301: Pppoe

    Tag_Len indicates the length of Value, i1 and i2. The Value is the 32-bit number 0x00000DE9, which stands for the “ADSL Forum” IANA entry. i1 and i2 are PPPoE intermediate agent sub-options, which contain additional information about the PPPoE client. XGS4700-48F User’s Guide...

  • Page 302: Sub-Option Format

    Table 98 PPPoE IA Circuit ID Sub-option Format: Using Identifier String and Variables SubOpt Length Value 0x01 Identifier delimiter Slot ID delimiter Port No delimiter VLAN ID String (1 byte) (1 byte) (1 byte) (1 byte) (1 byte) (2 byte) (1 byte) (4 bytes) (53 byte) XGS4700-48F User’s Guide...

  • Page 303: Port State

    Switch adds a vendor-specific tag to the packet and then forwards it to the trusted port(s). • The Switch discards PADO and PADS packets which are sent from a PPPoE server but received on an untrusted port. XGS4700-48F User’s Guide...

  • Page 304: The Pppoe Screen

    PPPoE client. Click Advanced Application > PPPoE > Intermediate Agent in the navigation panel to display the screen as shown. Figure 149 Advanced Application > PPPoE > Intermediate Agent XGS4700-48F User’s Guide...

  • Page 305: Pppoe Ia Per-Port

    Click Cancel to begin configuring this screen afresh. 31.3.1 PPPoE IA Per-Port Use this screen to specify whether individual ports are trusted or untrusted ports and have the Switch add extra information to PPPoE discovery packets from PPPoE clients on a per-port basis. XGS4700-48F User’s Guide...
  • Page 306 Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. XGS4700-48F User’s Guide...

  • Page 307: Pppoe Ia Per-Port Per-Vlan

    Cancel Click Cancel to begin configuring this screen afresh. 31.3.2 PPPoE IA Per-Port Per-VLAN Use this screen to configure PPPoE IA settings that apply to a specific VLAN on a port. XGS4700-48F User’s Guide...
  • Page 308 Enter a string of up to 63 ASCII characters that the Switch adds into the Agent Circuit ID sub-option for this VLAN on the specified port. Spaces are allowed. The Circuit ID you configure here has the highest priority. XGS4700-48F User’s Guide...

  • Page 309: Pppoe Ia For Vlan

    Switch appends the Circuit ID and/or Remote ID to PPPoE discovery packets from a specific VLAN. Click the VLAN link in the Intermediate Agent screen to display the screen as shown. Figure 152 Advanced Application > PPPoE > Intermediate Agent > VLAN XGS4700-48F User’s Guide...
  • Page 310 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 311: Error Disable

    With error-disable recovery, you can set the disabled port(s) to become active or start receiving the packets again after the time interval you specify. XGS4700-48F User’s Guide...

  • Page 312: The Error Disable Screen

    Note: After you configure this screen, make sure you also enable error detection for the specific control packets in the Advanced Application > Errdisable > Errdisable Detect screen. Figure 154 Advanced Application > Errdisable > CPU protection XGS4700-48F User’s Guide...

  • Page 313: Error-Disable Detect Configuration

    Click the Click Here link next to Errdisable Detect link in the Advanced Application > Errdisable screen to display the screen as shown. Figure 155 Advanced Application > Errdisable > Errdisable Detect XGS4700-48F User’s Guide...
  • Page 314 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 315: Error-Disable Recovery Configuration

    Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 316 Chapter 32 Error Disable XGS4700-48F User’s Guide...

  • Page 317: Static Route

    (R1). You create one static route to connect to services offered by your ISP behind router R2. You create another static route to communicate with a separate network behind a router R3 connected to the Switch. Figure 157 Example of Static Routing Topology Internet XGS4700-48F User’s Guide...

  • Page 318: Configuring Static Routing

    Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. Clear Click Clear to set the above fields back to the factory defaults. XGS4700-48F User’s Guide...
  • Page 319 Switch that will forward the packet to the destination. Metric This field displays the cost of transmission for routing purposes. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...
  • Page 320 Chapter 33 Static Route XGS4700-48F User’s Guide...

  • Page 321: Policy Routing

    • Cost Savings – Policy routing allows organizations to distribute interactive traffic on high-bandwidth, high-cost paths while using low-cost paths for batch traffic. • Load Sharing – Network administrators can use policy routing to distribute traffic among multiple paths. XGS4700-48F User’s Guide...

  • Page 322: Configuring Policy Routing Profile

    Profile Name This field displays the descriptive name for this profile. This is for identification purposes only. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 323: Policy Routing Rule Configuration

    The Switch does not perform normal routing on packets that match any of the policy routes. Click Rule Configuration in the IP Application > Policy Routing screen to display the screen as shown. Figure 160 IP Application > Policy Routing > Rule Configuration XGS4700-48F User’s Guide...
  • Page 324 This field displays the name of the classifier to which this policy applies. Rule Delete Select the policy routing rule(s) that you want to remove. Delete Click Delete to remove the selected entry(ies) from the summary table. Cancel Click Cancel to clear the Rule Delete check boxes. XGS4700-48F User’s Guide...

  • Page 325: Rip

    The lower the administrative distance value is, the more preferable the routing protocol is. If two routes have the same administrative distance value, the Switch XGS4700-48F User’s Guide...

  • Page 326: Configuring Rip

    See Section 35.1.1 on page 325 for more information about administrative distance. Note: You cannot set two routing protocols to have the same administrative distance. Index This field displays the index number of an IP interface. XGS4700-48F User’s Guide...
  • Page 327 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 328 Chapter 35 RIP XGS4700-48F User’s Guide...

  • Page 329: Ospf

    (also known as area 0). The backbone is the transit area to route packets between two areas. A stub area, at the edge of an AS is not a transit area since there is only one connection to the stub area. XGS4700-48F User’s Guide...

  • Page 330: How Ospf Works

    LSAs (Link State Advertisements). 36.1.3 Interfaces and Virtual Links An OSPF interface is a link between a layer-3 device and an OSPF network. An interface has state information, an IP address and subnet mask associated with it. XGS4700-48F User’s Guide...

  • Page 331: Ospf And Router Elections

    DR or BDR and assign a priority of 1 to router A to make sure that it does become the DR. 36.1.5 Configuring OSPF To configure OSPF on the Switch, do the following tasks: Enable OSPF XGS4700-48F User’s Guide...

  • Page 332: Ospf Status

    This field displays whether OSPF is activated (Running) or not (Down). Interface The text box displays the OSPF status of the interface(s) on the Switch. Neighbor The text box displays the status of the neighboring router participating in the OSPF network. XGS4700-48F User’s Guide...
  • Page 333 This field displays the MAC address of a device. Link State Database Link ID This field displays the ID of a router or subnet. ADV Router This field displays the IP address of the layer-3 device that sends the LSAs. XGS4700-48F User’s Guide...

  • Page 334: Ospf Configuration

    OSPF is disabled by default. Select this option to enable it. Router ID Router ID uniquely identifies the Switch in an OSPF. Enter a unique ID (that uses the format of an IP address in dotted decimal notation) for the Switch. XGS4700-48F User’s Guide...

  • Page 335: Configure Ospf Areas

    The OSPF supports three levels of authentication: • None – no authentication is used. • Simple – authenticate link state updates using an 8 printable ASCII character password. • MD5 – authenticate link state updates using a 16 printable ASCII character password. XGS4700-48F User’s Guide...
  • Page 336 Specify a cost (between 0 and 16777215) used to add a default route into Route a stub area for routes which are external to an OSPF domain. If you do not Cost set a route cost, no default route is added. XGS4700-48F User’s Guide...

  • Page 337: View Ospf Area Information Table

    RIP routing protocol and/or static routes need to exchange routing information with the Switch using OSPF routing protocol. A summary address is used to cover more than one routing entries in order to reduce the routing table size. XGS4700-48F User’s Guide...
  • Page 338 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 339: Configuring Ospf Interfaces

    OSPF interface entry is automatically created. See Section 36.1 on page 329 for more information on OSPF. In the OSPF Configuration screen, click Interface to display the OSPF Interface screen. Figure 169 IP Application > OSPF Configuration > OSPF Interface XGS4700-48F User’s Guide...
  • Page 340 This field displays the area ID (in an IP address format with dotted decimal notation) of an area to associate the interface to that area. Authenticati This field displays the authentication method used (Same-as-Area, None, Simple or MD5). XGS4700-48F User’s Guide...

  • Page 341: Ospf Virtual-Links

    Area ID Select the area ID (in an IP address format with dotted decimal notation) of an area to associate the interface to that area. Peer Router Enter the ID of a peer border router. XGS4700-48F User’s Guide...
  • Page 342 When the Authentication field displays MD5, this field displays the identification number of the key used. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 343: Igmp

    Multicast groups are identified by IP addresses in the Class D range (224.0.0.0 to 239.255.255.255). A multicast server sends packets addressed to a particular multicast group (multicast IP address). XGS4700-48F User’s Guide...

  • Page 344: How Igmp Works

    IGMP report from any members, it stops sending multicast traffic to that group. This change helps shorten the leave convergence time, in other words, the amount of time that a multicast router believes that there are group members XGS4700-48F User’s Guide...

  • Page 345: Port-Based Igmp

    The Switch sends IGMP Query packets to all ports. The Switch then listens for IGMP Report packets, and it records which port the messages came from. It then delivers multicast traffic to only those ports from which it received a request to join a multicast group. XGS4700-48F User’s Guide...

  • Page 346: Configuring Igmp

    Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 347: Dvmrp

    DVMRP-enabled Layer-3 devices that do not have any hosts in their networks that belong to this multicast group send back a prune message (“P”). If hosts later join the multicast group, a graft message (“G”) to undo the prune is sent to the parent. XGS4700-48F User’s Guide...

  • Page 348: Dvmrp Terminology

    Configure DVMRP on the Switch when you wish it to act as a multicast router (“mrouter”). Click IP Application > DVMRP in the navigation panel to display the screen as shown. Figure 177 IP Application > DVMRP XGS4700-48F User’s Guide...

  • Page 349: Dvmrp Configuration Error Messages

    You must have IGMP enabled when you enable DVMRP; otherwise you see the screen as in the next figure. Figure 178 DVMRP: IGMP Not Set Error When you disable IGMP, but DVMRP is still active you also see another warning screen. Figure 179 DVMRP: Unable to Disable IGMP Error XGS4700-48F User’s Guide...

  • Page 350: Default Dvmrp Timer Values

    DEFAULT VALUE Probe interval 10 sec Report interval 35 sec Route expiration time 140 sec Prune lifetime Variable (less than two hours) Prune retransmission 3 sec with exponential back time Graft retransmission 5 sec with exponential back time XGS4700-48F User’s Guide...

  • Page 351: Differentiated Services

    ToS-enabled network device will not conflict with the DSCP mapping. The DSCP value determines the PHB (Per-Hop Behavior), that each packet gets as it is forwarded across the DiffServ network. Based on the marking rule different XGS4700-48F User’s Guide...

  • Page 352: Diffserv Network Example

    Two Rate Three Color Marker (TRTCM, defined in RFC 2698) is a type of traffic policing that identifies packets by comparing them to two user-defined rates: the Committed Information Rate (CIR) and the Peak Information Rate (PIR). The CIR XGS4700-48F User’s Guide...

  • Page 353: Trtcm - Color-Blind Mode

    High Packet Medium Packet Loss Loss 39.2.2 TRTCM - Color-aware Mode In color-aware mode the evaluation of the packets uses the existing packet loss priority. TRTCM can increase a packet loss priority of a packet but it cannot XGS4700-48F User’s Guide...

  • Page 354: Activating Diffserv

    39.3 Activating DiffServ Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected port(s). Click IP Application > DiffServ in the navigation panel to display the screen as shown. Figure 185 IP Application > DiffServ XGS4700-48F User’s Guide...

  • Page 355: Configuring 2-Rate 3 Color Marker Settings

    Click Cancel to begin configuring this screen afresh. 39.3.1 Configuring 2-Rate 3 Color Marker Settings Use this screen to configure TRTCM settings. Click the 2-rate 3 Color Marker link in the DiffServ screen to display the screen as shown next. XGS4700-48F User’s Guide...
  • Page 356 Note: Changes in this row are copied to all the ports as soon as you make them. Active Select this to activate TRTCM on the port. XGS4700-48F User’s Guide...

  • Page 357: Dscp-To-Ieee 802.1P Priority Settings

    The following table shows the default DSCP-to-IEEE802.1p mapping. Table 127 Default DSCP-IEEE 802.1p Mapping DSCP VALUE 0 – 7 8 – 15 16 – 23 24 – 31 32 – 39 40 – 47 48 – 55 56 – 63 IEEE 802.1p XGS4700-48F User’s Guide...

  • Page 358: Configuring Dscp Settings

    Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 359: Dhcp

    The screen you should use for configuration depends on the DHCP services you want to offer the DHCP clients on your network. Choose the configuration screen based on the following criteria: • Global - The Switch forwards all DHCP requests to the same DHCP server. XGS4700-48F User’s Guide...

  • Page 360: Dhcp Status

    VLAN(s). 40.3 DHCP Server Status Detail Click IP Application > DHCP in the navigation panel and then click an existing index number of a DHCP server configuration to view the screen as shown. Use XGS4700-48F User’s Guide...
  • Page 361 This field displays the MAC address of the DHCP client. Address It may also display SELF OCCUPIED ADDRESS if the IP address cannot be used for DHCP because it is already assigned to the Switch itself. Hostname This field displays the system name of the client. XGS4700-48F User’s Guide...

  • Page 362: Dhcp Relay

    (1 byte) This is the port that the DHCP client is connected to. VLAN ID (2 bytes) This is the VLAN that the port belongs to. Information (up to 64 bytes) This optional, read-only field is set according to system name set in Basic Settings > General Setup. XGS4700-48F User’s Guide...

  • Page 363: Configuring Dhcp Global Relay

    Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 364: Global Dhcp Relay Configuration Example

    Switch to send additional information (such as the VLAN ID) together with the DHCP requests to the DHCP server. This allows the DHCP server to assign the appropriate IP address according to the VLAN ID. Figure 192 DHCP Relay Configuration Example EXAMPLE XGS4700-48F User’s Guide...

  • Page 365: Configuring Dhcp Vlan Settings

    Enter the ID number of the VLAN to which these DHCP settings apply. DHCP Status Select whether the Switch should function as a DHCP Server or Relay for the specified VID. If you select Server then fields related to DHCP relay configuration are grayed out and vice versa. XGS4700-48F User’s Guide...
  • Page 366 For DHCP relay configuration, this field displays the first remote DHCP server IP address. Delete Select the configuration entries you want to remove and click Delete to remove them. Cancel Click Cancel to clear the Delete check boxes. XGS4700-48F User’s Guide...

  • Page 367: Example: Dhcp Relay For Two Vlans

    IP address of 192.168.1.100. Requests from the academic buildings (VLAN 2) are sent to the other DHCP server with an IP address of 172.23.10.100. Figure 194 DHCP Relay for Two VLANs DHCP:192.168.1.100 VLAN 1 VLAN 2 DHCP:172.23.10.100 XGS4700-48F User’s Guide...
  • Page 368 Chapter 40 DHCP For the example network, configure the VLAN Setting screen as shown. Figure 195 DHCP Relay for Two VLANs Configuration Example EXAMPLE XGS4700-48F User’s Guide...

  • Page 369: Vrrp

    The following figure shows a VRRP network example with the switches (A and B) implementing one virtual router VR1 to ensure the link between the host X and the uplink gateway G. Host X is configured to use VR1 (192.168.1.20) as the XGS4700-48F User’s Guide...

  • Page 370: Vrrp Status

    This field displays the index number of a rule. Network This field displays the IP address and the subnet mask bits of an IP routing domain that is associated to a virtual router. VRID This field displays the ID number of the virtual router. XGS4700-48F User’s Guide...

  • Page 371: Vrrp Configuration

    Section 8.6 on page 113 for more information). Click IP Application, VRRP and click the Configuration link to display the VRRP Configuration screen as shown next. Note: You can only configure VRRP on interfaces with unique VLAN IDs. XGS4700-48F User’s Guide...
  • Page 372 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to discard all changes made in this table. XGS4700-48F User’s Guide...

  • Page 373: Vrrp Parameters

    Disable preempt mode to prevent this from happening. By default, a layer 3 device with the same IP address as the virtual router will become the master router regardless of the preempt mode. XGS4700-48F User’s Guide...

  • Page 374: Configuring Vrrp Parameters

    Enter the IP address of the primary virtual router in dotted decimal notation. Secondary Virtual This field is optional. Enter the IP address of a secondary virtual router in dotted decimal notation. This field is ignored when you enter 0.0.0.0. XGS4700-48F User’s Guide...

  • Page 375: Configuring Vrrp Parameters

    This field displays the priority level (1 to 255) of the entry. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. 41.4 VRRP Configuration Examples The following sections show two VRRP configuration examples on the Switch. XGS4700-48F User’s Guide...

  • Page 376: One Subnet Network Example

    VRRP Configuration screens on the switches as shown in the figures below. Figure 202 VRRP Example 1: VRRP Parameter Settings on Switch A EXAMPLE Figure 203 VRRP Example 1: VRRP Parameter Settings on Switch B EXAMPLE XGS4700-48F User’s Guide...

  • Page 377: Two Subnets Example

    Figure 206 VRRP Configuration Example: Two Virtual Router Network 172.21.1.1 172.21.1.100 172.21.1.10 You need to configure the VRRP Configuration screen for virtual router VR2 on each switch, while keeping the VRRP configuration in example 1 for virtual router XGS4700-48F User’s Guide...
  • Page 378 After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next. Figure 209 VRRP Example 2: VRRP Status on Switch A EXAMPLE Figure 210 VRRP Example 2: VRRP Status on Switch B EXAMPLE XGS4700-48F User’s Guide...

  • Page 379: Arp Learning

    ARP updates the ARP Table for future reference and then sends the packet to the MAC address that replied. 42.1.2 ARP Learning Mode The Switch supports three ARP learning modes: ARP-Reply, Gratuitous-ARP, and ARP-Request. XGS4700-48F User’s Guide...
  • Page 380 MAC address field is set to the broadcast address. There will be no reply to a gratuitous ARP request. A device may send a gratuitous ARP packet to detect IP collisions. If a device restarts or its MAC address is changed, it can also use gratuitous ARP to inform XGS4700-48F User’s Guide...
  • Page 381 ARP request sent by host A. The Switch then forwards host B’s ICMP reply to host A right after getting host B’s MAC address and ICMP reply. ARP Request ARP Reply ICMP Request ARP Request ARP Reply ICMP Request ICMP Reply ICMP Reply XGS4700-48F User’s Guide...

  • Page 382: Configuring Arp Learning

    Select Gratuitous-ARP to have the Switch update its ARP table with either an ARP reply or a gratuitous ARP request. Select ARP-Request to have the Switch update the ARP table with both ARP replies, gratuitous ARP requests and ARP requests. XGS4700-48F User’s Guide...
  • Page 383 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 384 Chapter 42 ARP Learning XGS4700-48F User’s Guide...

  • Page 385: Load Sharing

    With ECMP, packets are routed through the paths of equal cost according to the hash algorithm output. 43.2 Configuring Load Sharing Click IP Application > Load Sharing in the navigation panel to display the screen as shown next. Figure 212 IP Application > Load Sharing XGS4700-48F User’s Guide...
  • Page 386 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 387: Maintenance

    Click Click Here to go to the Restore Configuration screen. Configurati Backup Click Click Here to go to the Backup Configuration screen. Configurati Load Click Click Here to reset the configuration to the factory default settings. Factory Default XGS4700-48F User’s Guide...

  • Page 388: Load Factory Default

    IP address of your computer to be in the same subnet as that of the default Switch IP address (192.168.1.1). 44.3 Save Configuration Click Config 1 to save the current configuration settings permanently to configuration one on the Switch. XGS4700-48F User’s Guide...

  • Page 389: Reboot System

    Make sure you have downloaded (and unzipped) the correct model firmware and version to your computer before uploading to the device. Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device. XGS4700-48F User’s Guide...

  • Page 390: Restore A Configuration File

    Path text box or click Browse to display the Choose File screen from which you can locate it. After you have specified the file, click Restore. "config" is the name of the configuration file on the Switch, so your backup configuration file is automatically renamed when you restore using this screen. XGS4700-48F User’s Guide...

  • Page 391: Backup A Configuration File

    The configuration file (also known as the romfile or ROM) contains the factory default settings in the screens such as password, Switch setup, IP Setup, and so on. Once you have customized the Switch’s settings, they can be saved back to your computer under a filename of your choosing. XGS4700-48F User’s Guide...

  • Page 392: Example Ftp Commands

    Chapter 44 Maintenance ZyNOS (ZyXEL Network Operating System, sometimes referred to as the “ras” file) is the system firmware and has a “bin” filename extension. Table 141 Filename Conventions INTERNA EXTERNA FILE TYPE DESCRIPTION L NAME L NAME Configuration config .cfg...

  • Page 393: Ftp Command Line Procedure

    Transfer files in either ASCII (plain text format) or in binary mode. Configuration and firmware files should be transferred in binary mode. Initial Remote Specify the default remote directory (path). Directory Initial Local Specify the default local directory (path). Directory XGS4700-48F User’s Guide...

  • Page 394: Ftp Restrictions

    • FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediately. XGS4700-48F User’s Guide...

  • Page 395: Access Control

    See the Ethernet Switch CLI Reference Guide for more information on disabling multi-login. 45.2 The Access Control Main Screen Click Management > Access Control in the navigation panel to display the main screen as shown. Figure 219 Management > Access Control XGS4700-48F User’s Guide...

  • Page 396: About Snmp

    Switch. Examples of variables include number of packets received, node port status and so on. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. XGS4700-48F User’s Guide...

  • Page 397: Snmp V3 And Security

    • RFC 1155 SMI • RFC 2674 SNMPv2, SNMPv2c • RFC 1757 RMON • SNMPv2, SNMPv2c or later version, compliant with RFC 2011 SNMPv2 MIB for IP, RFC 2012 SNMPv2 MIB for TCP, RFC 2013 SNMPv2 MIB for UDP XGS4700-48F User’s Guide...

  • Page 398: Snmp Traps

    Switch automatically resets. ControlledResetEventOn 1.3.6.1.4.1.890.1.5.8.54.3 This trap is sent when the 1.2.1 Switch resets by an administrator through a management interface. RebootEvent 1.3.6.1.4.1.890.1.5.1.1.2 This trap is sent when the Switch reboots by an administrator through a management interface. XGS4700-48F User’s Guide...
  • Page 399 1.3.6.1.4.1.890.1.5.8.54.31 This trap is sent when an .2.1 Ethernet interface fails to auto-negotiate with the peer Ethernet interface. AutonegotiationFailedEven 1.3.6.1.4.1.890.1.5.8.54.31 This trap is sent when an tClear .2.2 Ethernet interface auto- negotiates with the peer Ethernet interface. XGS4700-48F User’s Guide...
  • Page 400 RADIUSNotReachableEve 1.3.6.1.4.1.890.1.5.8.54.3 This trap is sent when there is ntOn 1.2.1 no response message from the RADIUS server. RADIUSNotReachableEve 1.3.6.1.4.1.890.1.5.8.54.3 This trap is sent when the ntClear 1.2.2 RADIUS server can be reached. XGS4700-48F User’s Guide...
  • Page 401 STPTopologyChange 1.3.6.1.2.1.17.0.2 This trap is sent when the STP topology changes. MRSTPTopologyChange 1.3.6.1.4.1.890.1.5.8.54.4 This trap is sent when the 2.2.2 MRSTP topology changes. MSTPTopologyChange 1.3.6.1.4.1.890.1.5.8.54.1 This trap is sent when the MSTP 07.70.2 root switch changes. XGS4700-48F User’s Guide...

  • Page 402: Configuring Snmp

    Switch detects a connectivity fault. 45.3.4 Configuring SNMP From the Access Control screen, display the SNMP screen. You can click Access Control to go back to the Access Control screen. Figure 221 Management > Access Control > SNMP XGS4700-48F User’s Guide...
  • Page 403 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 404: Configuring Snmp Trap Group

    Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 405: Configuring Snmp User

    Switch. Authentication Select an authentication algorithm. MD5 (Message Digest 5) and SHA (Secure Hash Algorithm) are hash algorithms used to authenticate SNMP data. SHA authentication is generally considered stronger than MD5, but is slower. XGS4700-48F User’s Guide...
  • Page 406 This field displays the encryption method used for SNMP communication with this user. Group This field displays the SNMP group to which this user belongs. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 407: Setting Up Login Accounts

    Only the administrator has read/write access. Old Password Type the existing system password (1234 is the default password when shipped). New Password Enter your new system password. Retype to Retype your new system password for confirmation confirm XGS4700-48F User’s Guide...

  • Page 408: Ssh Overview

    Unlike Telnet or FTP, which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network. Figure 225 SSH Communication Example XGS4700-48F User’s Guide...

  • Page 409: How Ssh Works

    Encryption Method Once the identification is verified, both the client and server must agree on the type of encryption method to use. XGS4700-48F User’s Guide...

  • Page 410: Ssh Implementation On The Switch

    SSL-client must send the Switch a certificate. You must apply for a certificate for the browser from a Certificate Authority (CA) that is a trusted CA on the Switch. Please refer to the following figure. XGS4700-48F User’s Guide...

  • Page 411: Https Example

    Address” is the IP address or domain name of the Switch you wish to access. 45.9.1 Internet Explorer Warning Messages 45.9.1.1 Internet Explorer 6 When you attempt to access the Switch HTTPS server, a Windows dialog box pops up asking if you trust the server certificate. XGS4700-48F User’s Guide...
  • Page 412 "There is a problem with this website's security certificate." may display. If that is the case, click Continue to this website (not recommended) to proceed to the web configurator login screen. Figure 229 Security Certificate Warning (Internet Explorer 7 or 8) XGS4700-48F User’s Guide...
  • Page 413 Error. Click on Certificate Error next to the address bar and click View certificates. Figure 230 Certificate Error (Internet Explorer 7 or 8) EXAMPLE Click Install Certificate... and follow the on-screen instructions to install the certificate in your browser. Figure 231 Certificate (Internet Explorer 7 or 8) XGS4700-48F User’s Guide...

  • Page 414: Mozilla Firefox Warning Messages

    When you attempt to access the Switch HTTPS server, a This Connection is Unstructed screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button. Figure 232 Security Alert (Mozilla Firefox) XGS4700-48F User’s Guide...

  • Page 415: The Main Screen

    Figure 233 Security Alert (Mozilla Firefox) EXAMPLE 45.9.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser XGS4700-48F User’s Guide...

  • Page 416: Service Port Access Control

    Figure 234 Example: Lock Denoting a Secure Connection EXAMPLE 45.10 Service Port Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure “trusted XGS4700-48F User’s Guide...

  • Page 417: Remote Management

    Cancel Click Cancel to begin configuring this screen afresh. 45.11 Remote Management From the Access Control screen, display the Remote Management screen as shown next. XGS4700-48F User’s Guide...
  • Page 418 The Switch immediately disconnects the session if it does not match. Telnet/FTP/ Select services that may be used for managing the Switch from the HTTP/ICMP/ specified trusted computers. SNMP/SSH/ HTTPS XGS4700-48F User’s Guide...
  • Page 419 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 420 Chapter 45 Access Control XGS4700-48F User’s Guide...

  • Page 421: Diagnostic

    The following table describes the labels in this screen. Table 156 Management > Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box. Click Clear to empty the text box and reset the syslog entry. XGS4700-48F User’s Guide...
  • Page 422 Type the IP address of a device that you want to ping in order to test a connection. Click Ping to have the Switch ping the IP address (in the field to the left). Ethernet Port Enter a port number and click Port Test to perform an internal Test loopback test. XGS4700-48F User’s Guide...

  • Page 423: Syslog

    Error: There is an error condition on the system. Warning: There is a warning condition on the system. Notice: There is a normal but significant condition on the system. Informational: The syslog contains an informational message. Debug: The message is intended for debug-level purposes. XGS4700-48F User’s Guide...

  • Page 424: Syslog Setup

    The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 425: Syslog Server Setup

    This field displays the severity level of the logs that the device is to send to this syslog server. Delete Select an entry’s Delete check box and click Delete to remove the entry. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 426 Chapter 47 Syslog XGS4700-48F User’s Guide...

  • Page 427: Cluster Management

    Cluster Management allows you to manage switches through one Switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another. Table 160 ZyXEL Clustering Management Specifications Maximum number of cluster members...

  • Page 428: Cluster Management Status

    Figure 240 Clustering Application Example 48.2 Cluster Management Status Click Management > Cluster Management in the navigation panel to display the following screen. Note: A cluster can only have one manager. Figure 241 Management > Cluster Management XGS4700-48F User’s Guide...

  • Page 429: Cluster Member Switch Management

    Go to the Clustering Management Status screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web configurator home page. This cluster member web XGS4700-48F User’s Guide...
  • Page 430 Chapter 48 Cluster Management configurator home page and the home page that you'd see if you accessed it directly are different. Figure 242 Cluster Management: Cluster Member Web Configurator Screen EXAMPLE EXAMPLE XGS4700-48F User’s Guide...

  • Page 431: Uploading Firmware To A Cluster Member Switch

    This is the cluster member switch’s firmware name as seen fw-00-a0-c5-01-23-46 in the cluster manager switch. config-00-a0-c5-01-23-46 This is the cluster member switch’s configuration file name as seen in the cluster manager switch. XGS4700-48F User’s Guide...

  • Page 432: Clustering Management Configuration

    VLAN group to belong to the same cluster. Switches that are not in the same VLAN group are not visible in the Clustering Candidates list. This field is ignored if the Clustering Manager is using Port- based VLAN. XGS4700-48F User’s Guide...
  • Page 433 Model This is the cluster member switch’s model name. Remove Select this checkbox and then click the Remove button to remove a cluster member switch from the cluster. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...
  • Page 434 Chapter 48 Cluster Management XGS4700-48F User’s Guide...

  • Page 435: Mac Table

    • If the Switch has already learned the port for this MAC address, then it forwards the frame to that port. • If the Switch has not already learned the port for this MAC address, then the frame is flooded to all ports. Too much port flooding leads to network congestion. XGS4700-48F User’s Guide...

  • Page 436: Viewing The Mac Table

    Use this screen to search specific MAC addresses. You can also directly add dynamic MAC address(es) into the static MAC forwarding table or MAC filtering table from the MAC table using this screen. Figure 246 Management > MAC Table XGS4700-48F User’s Guide...
  • Page 437 This is the VLAN group to which this frame belongs. Port This is the port from which the above MAC address was learned. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). XGS4700-48F User’s Guide...
  • Page 438 Chapter 49 MAC Table XGS4700-48F User’s Guide...

  • Page 439: Ip Table

    • If the Switch has already learned the port for this IP address, then it forwards the packet to that port. • If the Switch has not already learned the port for this IP address, then the packet is flooded to all ports. Too much port flooding leads to network congestion. XGS4700-48F User’s Guide...

  • Page 440: Viewing The Ip Table

    Port Click this button to display and arrange the data according to port number. Index This field displays the index number. IP Address This is the IP address of the device from which the incoming packets came. XGS4700-48F User’s Guide...
  • Page 441 This is the port from which the above IP address was learned. This field displays CPU to indicate the IP address belongs to the Switch. Type This shows whether the IP address is dynamic (learned by the Switch) or static (belonging to the Switch). XGS4700-48F User’s Guide...
  • Page 442 Chapter 50 IP Table XGS4700-48F User’s Guide...

  • Page 443: Arp Table

    MAC address, swaps the sender and target pairs, and unicasts the answer directly back to the requesting machine. ARP updates the ARP Table for future reference and then sends the packet to the MAC address that replied. XGS4700-48F User’s Guide...

  • Page 444: The Arp Table Screen

    This field displays the port to which the device connects. CPU means this learned IP address is the Switch’s management IP address. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). XGS4700-48F User’s Guide...

  • Page 445: Routing Table

    This field displays the cost of the route. Type This field displays the method used to learn the route; OSPF - added as an OSPF interface, RIP - learned from incoming RIP packets or STATIC - added as a static entry. XGS4700-48F User’s Guide...
  • Page 446 Chapter 52 Routing Table XGS4700-48F User’s Guide...

  • Page 447: Configure Clone

    53.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen. Figure 251 Management > Configure Clone XGS4700-48F User’s Guide...
  • Page 448 Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. XGS4700-48F User’s Guide...

  • Page 449: Troubleshooting

    Disconnect and re-connect the power adaptor or cord to the Switch (in AC models or if the AC power supply is connected in AC/DC models). If the problem continues, contact the vendor. The ALM LED is on. XGS4700-48F User’s Guide...

  • Page 450: Switch Access And Login

    Use the MGMT port to log in to the Switch, the default IP address of the MGMT port is 192.168.0.1. If this does not work, you have to reset the device to its factory defaults. See Section 4.6 on page XGS4700-48F User’s Guide...
  • Page 451 • Try to access the Switch using another service, such as Telnet. If you can access the Switch, check the remote management settings to find out why the Switch does not respond to HTTP. I can see the Login screen, but I cannot log in to the Switch. XGS4700-48F User’s Guide...
  • Page 452 Management > Access Control > Remote Management screen for telnet, HTTP and SSH (see Section 45.11 on page 417). Computers not belonging to the secured client set cannot get permission to access the Switch. XGS4700-48F User’s Guide...

  • Page 453: Switch Configuration

    Switch’s nonvolatile memory each time you make changes. Click Save at the top right corner of the web configurator to save the configuration permanently. See also Section 44.3 on page 388 for more information about how to save your configuration. XGS4700-48F User’s Guide...
  • Page 454 Chapter 54 Troubleshooting XGS4700-48F User’s Guide...

  • Page 455: Product Specifications

    Humidity: 10 ~ 90% (non-condensing) Storage Environment Temperature: -10º C ~ 70º C (-13º F ~ 158º F) Humidity: 10 ~ 90% (non-condensing) Ground Wire Gauge 18 AWG or larger Power Wire Gauge 18 AWG or larger XGS4700-48F User’s Guide...
  • Page 456 DNS servers to computers on your network. IGMP Snooping The Switch supports IGMP snooping enabling group multicast traffic to be only forwarded to ports that are members of that group; thus allowing you to significantly reduce multicast traffic passing through your Switch. XGS4700-48F User’s Guide...
  • Page 457 3 switch that runs both the IPv4 protocol (with IP Multicast support) and the IGMP protocol. VRRP Virtual Router Redundancy Protocol (VRRP), defined in RFC 2338, allows you to create redundant backup gateways to ensure that the default gateway of a host is always available. XGS4700-48F User’s Guide...
  • Page 458 The Switch can generate syslog messages and send it to a syslog server. Firmware Upgrade Download new firmware (when available) from the ZyXEL web site and use the web configurator, CLI or an FTP/TFTP tool to put it on the Switch.
  • Page 459 You can configure the Switch to update the ARP table with with an ARP reply or a gratuitous ARP request and/or an APR request. Load Sharing Load sharing allows the Switch to forward packets destined to the same device through different routing paths of equal path cost. XGS4700-48F User’s Guide...
  • Page 460 Supports IEEE 802.3ad; static and dynamic (LACP) port trunking Aggregation 24 groups (up to 8 ports each) Port All ports support port mirroring mirroring Support port mirroring per IP/TCP/UDP Bandwidth Supports rate limiting at 64K increment control Supports CIR/PIR for ingress bandwidth control XGS4700-48F User’s Guide...
  • Page 461 Support L2 MAC filtering, L3 IP filtering, Layer 4 TCP/UDP socket Multicast IGMP snooping (IGMP v1/v2/v3, 16 VLAN maximum-user configurable) IGMP filtering 5 MVR entries IGMP timer Multicast reserve group Static multicast IGMP snooping fast-leave IGMP snooping immediate-leave IGMP snooping statistics IGMP throttling Support RADIUS and TACACS+ XGS4700-48F User’s Guide...
  • Page 462 Ethernet II Encapsulation RFC 1058 RIP-1 (Routing Information Protocol) RFC 1112 IGMP v1 RFC 1155 RFC 1157 SNMPv1: Simple Network Management Protocol version 1 RFC 1213 SNMP MIB II RFC 1305 Network Time Protocol (NTP version 3) XGS4700-48F User’s Guide...
  • Page 463 Flow Control IEEE 802.3z 1000BASE-X For optical fiber link 1000BASE-SX/LX. RFC 2516 A method for transmitting PPP over Ethernet (PPPoE) RFC 3176 sFlow RFC 3415 View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP) XGS4700-48F User’s Guide...
  • Page 464 Chapter 55 Product Specifications XGS4700-48F User’s Guide...

  • Page 465: Appendix A Common Services

    Border Gateway Protocol. BOOTP_CLIENT DHCP Client. BOOTP_SERVER DHCP Server. CU-SEEME 7648 A popular videoconferencing solution from White Pines Software. 24032 TCP/UDP Domain Name Server, a service that matches web names (for example www.zyxel.com) to IP numbers. XGS4700-48F User’s Guide...
  • Page 466 Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service. PING User-Defined Packet INternet Groper is a protocol that sends out ICMP echo requests to test whether or not a remote host is reachable. XGS4700-48F User’s Guide...
  • Page 467 TCP/UDP Secure Shell Remote Login Program. STRM WORKS 1558 Stream Works Protocol. SYSLOG Syslog allows you to send system logs to a UNIX server. TACACS Login Host Protocol used for (Terminal Access Controller Access Control System). XGS4700-48F User’s Guide...
  • Page 468 TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. XGS4700-48F User’s Guide...

  • Page 469: Appendix B Legal Information

    Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice.
  • Page 470 Cet appareil numérique de la classe A est conforme à la norme NMB-003 du Canada. CLASS 1 LASER PRODUCT APPAREIL A LASER DE CLASS 1 PRODUCT COMPLIES WITH 21 CFR 1040.10 AND 1040.11. PRODUIT CONFORME SELON 21 CFR 1040.10 ET 1040.11. XGS4700-48F User’s Guide...

  • Page 471: Zyxel Limited Warranty

    (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.
  • Page 472 Data (aaaa/mm/gg): 2011/1/24 Datum(jjjj/mm/dd): 2011/1/24 SVENSKA Miljödeklaration RoHS Direktiv 2002/95/EC WEEE Direktiv 2002/96/EC (WEEE: hantering av elektriskt och elektroniskt avfall) 2008/34/EC Deklaration undertecknad av: Namn/Titel: Raymond Huang / Quality & Customer Service Division Assistant VP Datum (åååå/mm/dd): 2011/1/24 XGS4700-48F User’s Guide...
  • Page 473 Appendix B Legal Information XGS4700-48F User’s Guide...
  • Page 474 Appendix B Legal Information XGS4700-48F User’s Guide...

  • Page 475: Index

    ARP (Address Resolution Protocol) 379, 443 ARP inspection 261, 264 certifications and MAC filter notices configuring viewing syslog messages CFI (Canonical Format Indicator) trusted ports changing the password AS Boundary Router Cisco Discovery Protocol, see CDP authentication CIST and OSPF XGS4700-48F User’s Guide...
  • Page 476 See port cloning double-tagged frames copyright DR (Designated Router) CPU management port DS (Differentiated Services) CPU protection DSCP configuration DSCP-to-IEEE802.1p mapping overview service level current date what it does current time DSCP (DiffServ Code Point) XGS4700-48F User’s Guide...
  • Page 477 GVRP (GARP VLAN Registration Protocol) Fan Module fan speed FCC interference statement hardware installation file transfer using FTP mounting command example hardware monitor filename convention, configuration hardware overview configuration file names hello time filtering hops XGS4700-48F User’s Guide...
  • Page 478 Layer 2 protocol tunneling, see L2PT Installing the Fan Module layer 3 features interface LEDs and OSPF limit MAC address learning interface, and OSPF Link Aggregate Control Protocol (LACP) Internal Router (IR) link aggregation Internet Protocol version 6, see IPv6 dynamic XGS4700-48F User’s Guide...
  • Page 479 MSTI (Multiple Spanning Tree Instance) MAC freeze MSTP 149, 152 MAC table bridge ID how it works configuration 164, 167 viewing configuration digest maintanence forwarding delay configuration backup Hello Time firmware hello time restoring configuration Max Age maintenance max age XGS4700-48F User’s Guide...
  • Page 480 NTP (RFC-1305) viewing policy configuration policy routing benefits cost savings OSPF load sharing advantages overview area 329, 335 policy-based routing Area 0 Port Aggregation Protocol, see PAgP area ID port authentication authentication 335, 336 and RADIUS autonomous system XGS4700-48F User’s Guide...
  • Page 481 Rapid Spanning Tree Protocol, See RSTP. current rating reboot disconnecting load configuration power wire reboot system power specification redistribute route power status reducing routing table size Power Wires registration PPPoE IA product trusted ports untrusted ports related documentation priority level remote management XGS4700-48F User’s Guide...
  • Page 482 Static VLAN sample rate static VLAN UDP port control sFlow agent tagging sFlow collector status XGS4700-48F User’s Guide...
  • Page 483 Turn on the Power settings tutorials setup DHCP snooping severity levels Error Disable system information PPPoE IA system log Two Rate Three Color Marker (TRTCM) system reboot Two Rate Three Color Marker, see TRTCM Type of Service (ToS) XGS4700-48F User’s Guide...
  • Page 484 VLAN Virtual Router port-based, all connected Virtual Router ID port-based, isolation VRID port-based, wizard static VLAN status 123, 124 tagged trunking 121, 127 type 111, 122 VLAN (Virtual Local Area Network) VLAN mapping warranty activating note XGS4700-48F User’s Guide...
  • Page 485 Index web configurator 31, 55 getting help layout login logout navigation panel weight, queuing Weighted Round Robin Scheduling (WRR) WFQ (Weighted Fair Queuing) WRR (Weighted Round Robin Scheduling ZyNOS (ZyXEL Network Operating System) XGS4700-48F User’s Guide...

This manual is also suitable for:

Xgs4700 series

Table of Contents