Page 1 GS-2024 Layer 2 Ethernet Switch User’s Guide Version 3.80 06/2008 Edition 1 DEFAULT LOGIN IP Address http://192.168.0.1 (Out-of-band MGMT port) http://192.168.1.1 (In-band ports) User Name admin Password 1234 www.zyxel.com...
Page 3: About This User's Guide
• Supporting Disc Refer to the included CD for support documents. • ZyXEL Web Site Please refer to www.zyxel.com for additional support documentation and product certifications. User Guide Feedback Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead.
Page 4: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 5 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The Switch icon is not an exact representation of your device. The Switch Computer Notebook computer Server DSLAM Firewall Telephone Switch Router GS-2024 User’s Guide...
Page 6: Safety Warnings
Safety Warnings Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 Safety Warnings This product is recyclable. Dispose of it properly. GS-2024 User’s Guide...
Page 8 Safety Warnings GS-2024 User’s Guide...
Page 9: Table Of Contents
Contents Overview Contents Overview Introduction ..........................27 Getting to Know Your Switch ..................... 29 Hardware Installation and Connection ..................33 Hardware Overview ........................37 Basic Configuration ....................... 43 The Web Configurator ....................... 45 Initial Setup Example ......................... 53 System Status and Port Statistics ....................57 Basic Setting ..........................
Page 10 Contents Overview MAC Table ..........................211 ARP Table ..........................213 Configure Clone ........................215 Troubleshooting & Product Specifications ............... 217 Troubleshooting ........................219 Product Specifications ......................223 Appendices and Index ......................231 GS-2024 User’s Guide...
Page 11: Table Of Contents
Table of Contents Table of Contents About This User's Guide ......................3 Document Conventions......................4 Safety Warnings........................6 Contents Overview ........................9 Table of Contents........................11 List of Figures ......................... 19 List of Tables........................... 23 Part I: Introduction................. 27 Chapter 1 Getting to Know Your Switch....................
Page 12 Table of Contents 3.1.3 Console Port ......................40 3.1.4 Management Port ....................... 40 3.2 Rear Panel ........................... 40 3.2.1 Power Connector ....................... 41 3.3 LEDs ..........................41 Part II: Basic Configuration..............43 Chapter 4 The Web Configurator ......................45 4.1 Introduction .......................... 45 4.2 System Login ........................
Page 13 Table of Contents 7.6 IP Setup ..........................69 7.6.1 IP Interfaces ....................... 69 7.7 Port Setup ........................... 72 Part III: Advanced Setup................ 75 Chapter 8 VLAN ............................77 8.1 Introduction to IEEE 802.1Q Tagged VLANs ..............77 8.1.1 Forwarding Tagged and Untagged Frames ..............77 8.2 Automatic VLAN Registration .....................
Page 14 Table of Contents Chapter 11 Bandwidth Control........................ 105 11.1 Bandwidth Control Overview ..................105 11.2 Bandwidth Control Setup ....................105 Chapter 12 Broadcast Storm Control ..................... 107 12.1 Broadcast Storm Control Setup ..................107 Chapter 13 Mirroring ..........................109 13.1 Port Mirroring Setup ....................... 109 Chapter 14 Link Aggregation ........................
Page 15 Table of Contents Chapter 18 Multicast ..........................125 18.1 Multicast Overview ......................125 18.1.1 IP Multicast Addresses ................... 125 18.1.2 IGMP Filtering ......................125 18.1.3 IGMP Snooping ..................... 125 18.1.4 IGMP Snooping and VLANs ................... 126 18.2 Multicast Status ......................126 18.3 Multicast Setting ......................
Page 16 Table of Contents Chapter 21 Static Route ........................... 159 21.1 Static Routing Overview ....................159 21.2 Configuring Static Routing ..................... 159 Chapter 22 Differentiated Services ......................163 22.1 DiffServ Overview ......................163 22.1.1 DSCP and Per-Hop Behavior ................163 22.1.2 DiffServ Network Example ..................164 22.2 DSCP-to-IEEE 802.1p Priority Settings ..............
Page 17 Table of Contents 24.8.4 FTP Restrictions ....................180 Chapter 25 Access Control........................181 25.1 Access Control Overview .................... 181 25.2 The Access Control Main Screen ..................181 25.3 About SNMP ........................182 25.3.1 SNMP v3 and Security ................... 183 25.3.2 Supported MIBs ....................
Page 18 Table of Contents 29.1 MAC Table Overview .......................211 29.2 Viewing the MAC Table ....................212 Chapter 30 ARP Table ..........................213 30.1 ARP Table Overview ....................... 213 30.1.1 How ARP Works ....................213 30.2 Viewing the ARP Table ....................213 Chapter 31 Configure Clone ........................
Page 19: List Of Figures
List of Figures List of Figures Figure 1 Backbone Application ......................29 Figure 2 Bridging Application ......................... 30 Figure 3 High Performance Switched Workgroup Application ............... 30 Figure 4 Shared Server Using VLAN Example ..................31 Figure 5 Attaching Rubber Feet ......................33 Figure 6 Attaching the Mounting Brackets .....................
Page 20 List of Figures Figure 39 MSTP Network Example ......................94 Figure 40 MSTIs in Different Regions ....................95 Figure 41 MSTP and Legacy RSTP Network Example ................. 95 Figure 42 Advanced Application > Spanning Tree Protocol ..............96 Figure 43 Advanced Application > Spanning Tree Protocol > Configuration ......... 96 Figure 44 Advanced Application >...
Page 21 List of Figures Figure 82 Advanced Application > Loop Guard ..................155 Figure 83 Static Routing Overview ...................... 159 Figure 84 IP Application > Static Routing .................... 160 Figure 85 DiffServ: Differentiated Service Field ..................163 Figure 86 DiffServ Network ......................... 164 Figure 87 IP Application >...
Page 22 List of Figures Figure 125 Management > ARP Table ....................214 Figure 126 Management > Configure Clone ..................215 Figure 127 Console/Dial Backup Port Pin Layout ................228 Figure 128 Pop-up Blocker ........................233 Figure 129 Internet Options: Privacy ....................234 Figure 130 Internet Options: Privacy ....................
Page 23: List Of Tables
List of Tables List of Tables Table 1 Front Panel Connections ......................37 Table 2 LED Descriptions ........................41 Table 3 Navigation Panel Sub-links Overview ..................47 Table 4 Web Configurator Screen Sub-links Details ................48 Table 5 Navigation Panel Links ......................48 Table 6 Status ............................
Page 24 Table 77 Syslog Severity Levels ......................201 Table 78 Management > Syslog ......................202 Table 79 Management > Syslog > Server Setup ................. 203 Table 80 ZyXEL Clustering Management Specifications ..............205 Table 81 Management > Cluster Management ..................207 GS-2024 User’s Guide...
Page 25 List of Tables Table 82 FTP Upload to Cluster Member Example ................208 Table 83 Management > Clustering Management > Configuration ............. 209 Table 84 Management > MAC Table ....................212 Table 85 Management > ARP Table ....................214 Table 86 Management > Configure Clone ................... 216 Table 87 Hardware Specifications .......................
Page 26 List of Tables GS-2024 User’s Guide...
Page 27: Introduction
Introduction Getting to Know Your Switch (29) Hardware Installation and Connection (33) Hardware Overview (37)
Page 29: Getting To Know Your Switch
H A P T E R Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction Your Switch is a stand-alone, layer-2, Ethernet switch with 24 100/1000 Mbps Ethernet ports, two mini-GBIC (SFP, Small Form-factor Pluggable) slots, and one 10/100 Mbps Ethernet port for out-of-band management.
Page 30: Bridging Example
Chapter 1 Getting to Know Your Switch 1.1.2 Bridging Example In this example application the Switch connects different company departments (RD and Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the Switch.
Page 31: Ieee 802.1Q Vlan Application Examples
Chapter 1 Getting to Know Your Switch 1.1.4 IEEE 802.1Q VLAN Application Examples A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network belong to one group. A station can belong to more than one group.
Page 32: Good Habits For Managing The Switch
Chapter 1 Getting to Know Your Switch 1.3 Good Habits for Managing the Switch Do the following things regularly to make the Switch more secure and to manage the Switch more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
Page 33: Hardware Installation And Connection
H A P T E R Hardware Installation and Connection This chapter shows you how to install and connect the Switch. 2.1 Freestanding Installation 1 Make sure the Switch is clean and dry. 2 Set the Switch on a smooth, level surface strong enough to support the weight of the Switch and the connected cables.
Page 34: Mounting The Switch On A Rack
Chapter 2 Hardware Installation and Connection For proper ventilation, allow at least 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the Switch. This is especially important for enclosed rack installations. 2.2 Mounting the Switch on a Rack This section lists the rack mounting requirements and precautions and describes the installation steps.
Page 35: Mounting The Switch On A Rack
Chapter 2 Hardware Installation and Connection 3 Repeat steps to install the second mounting bracket on the other side of the Switch. 4 You may now mount the Switch on a rack. Proceed to the next section. 2.2.3 Mounting the Switch on a Rack 1 Position a mounting bracket (that is already attached to the Switch) on one side of the rack, lining up the two screw holes on the bracket with the screw holes on the side of the rack.
Page 36 Chapter 2 Hardware Installation and Connection GS-2024 User’s Guide...
Page 37: Hardware Overview
H A P T E R Hardware Overview This chapter describes the front panel and rear panel of the Switch and shows you how to make the hardware connections. 3.1 Front Panel Connections The figure below shows the front panel of the Switch. Figure 8 Front Panel Console Port 100/1000 Mbps Ethernet Ports...
Page 38: 1000Base-T Ports
Chapter 3 Hardware Overview 3.1.1 1000Base-T Ports The Switch has 24 1000Base-T auto-negotiating, auto-crossover Ethernet ports. In 100/1000 Mbps Gigabit Ethernet, the speed can be 100 Mbps or 1000 Mbps. The duplex mode can be both half or full duplex at 100 Mbps and full duplex only at 1000 Mbps. An auto-negotiating port can detect and adjust to the optimum Ethernet speed (100/1000 Mbps) and duplex mode (full duplex or half duplex) of the connected device.
Page 39: Figure 9 Transceiver Installation Example
Chapter 3 Hardware Overview 3.1.2.1 Mini-GBIC Slots These are slots for Small Form-Factor Pluggable (SFP) transceivers. A transceiver is a single unit that houses a transmitter and a receiver. Use a transceiver to connect a fiber-optic cable to the Switch. The Switch does not come with transceivers. You must use transceivers that comply with the Small Form-Factor Pluggable (SFP) Transceiver MultiSource Agreement (MSA).
Page 40: Console Port
Chapter 3 Hardware Overview Figure 11 Opening the Transceiver’s Latch Example 2 Pull the transceiver out of the slot. Figure 12 Transceiver Removal Example 3.1.3 Console Port For local management, you can use a computer with terminal emulation software configured to the following parameters: •...
Page 41: Power Connector
Chapter 3 Hardware Overview Figure 13 Rear Panel 3.2.1 Power Connector Make sure you are using the correct power source as shown on the panel. Make sure you are using the correct power source as shown on the panel. To connect the power to the Switch, insert the female end of power cord to the power receptacle on the rear panel.
Page 42 Chapter 3 Hardware Overview Table 2 LED Descriptions (continued) COLOR STATUS DESCRIPTION Green Blinking This port is receiving or transmitting data. MGMT Green Blinking The system is transmitting/receiving to/from an Ethernet device. The port is connected at 10Mbps. The port is not connected at 10Mbps or to an Ethernet device. Amber Blinking The system is transmitting/receiving to/from an Ethernet device.
Page 43: Basic Configuration
Basic Configuration The Web Configurator (45) Initial Setup Example (53) System Status and Port Statistics (57) Basic Setting (63)
Page 45: The Web Configurator
H A P T E R The Web Configurator This section introduces the configuration and functions of the web configurator. 4.1 Introduction The web configurator is an HTML-based management interface that allows easy Switch setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions.
Page 46: The Status Screen
Chapter 4 The Web Configurator Figure 14 Web Configurator: Login 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is the first screen that displays when you access the web configurator. The following figure shows the navigating components of a web configurator screen. Figure 15 Web Configurator Home Screen (Status) A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window.
Page 47: Table 3 Navigation Panel Sub-Links Overview
Chapter 4 The Web Configurator B - Click this link to save your configuration into the Switch’s nonvolatile memory. Nonvolatile memory is saved in the configuration file from which the Switch booted from and it stays the same even if the Switch’s power is turned off. See Section 24.3 on page 176 information on saving your settings to a specific configuration file.
Page 48: Table 4 Web Configurator Screen Sub-Links Details
Chapter 4 The Web Configurator The following table lists the various web configurator screens within the sub-links. Table 4 Web Configurator Screen Sub-links Details BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT System Info VLAN Status Static Routing Maintenance General Setup VLAN Port Setting DiffServ Firmware Upgrade...
Page 49 Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION VLAN This link takes you to screens where you can configure port-based or 802.1Q VLAN (depending on what you configured in the Switch Setup menu). Static MAC This link takes you to screens where you can configure static MAC addresses for a Forwarding port.
Page 50: Change Your Password
Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION ARP Table This link takes you to a screen where you can view the MAC address – IP address resolution table. Configure Clone This link takes you to a screen where you can copy attributes of one port to (an)other port(s).
Page 51: Switch Lockout
Chapter 4 The Web Configurator 4.5 Switch Lockout You could block yourself (and all others) from using in-band-management (managing through the data ports) if you do one of the following: 1 Delete the management VLAN (default is VLAN 1). 2 Delete all port-based VLANs with the CPU port as a member. The “CPU port” is the management port of the Switch.
Page 52: Logging Out Of The Web Configurator
Chapter 4 The Web Configurator Figure 17 Resetting the Switch: Via the Console Port Bootbase Version: V0.6 | 05/18/2004 15:28:28 AM:Size = 32 Mbytes DRAM POST: Testing: 32768K OK DRAM Test SUCCESS ! FLASH: Intel 32M ZyNOS Version: V3.60(LT.0)b3 | 06/21/2005 17:00:44 Press any key to enter debug mode within 3 seconds.
Page 53: Initial Setup Example
H A P T E R Initial Setup Example This chapter shows how to set up the switch for an example network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID •...
Page 54: Setting Port Vid
Chapter 5 Initial Setup Example 2 In the Static VLAN screen, select ACTIVE, enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network. The VLAN Group ID field in this screen and the VID field in the IP Setup screen refer to the same VLAN ID.
Page 55: Configuring Switch Management Ip Address
Chapter 5 Initial Setup Example 1 Click Advanced Applications and VLAN in the navigation panel. Then click the VLAN Port Setting link. 2 Enter 2 in the PVID field for port 10 and click Apply to save the settings. 5.1.3 Configuring Switch Management IP Address The default management IP address of the switch is 192.168.1.1.
Page 56 Chapter 5 Initial Setup Example 3 Click Basic Setting and IP Setup in the navigation panel. 4 Configure the related fields in the IP Setup screen. For the VLAN2 network, enter 192.168.2.1 as the IP address and 255.255.255.0 as the subnet mask.
Page 57: System Status And Port Statistics
H A P T E R System Status and Port Statistics This chapter describes the system status (web configurator home page) and port details screens. 6.1 Overview The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details.
Page 58: Status: Port Details
Chapter 6 System Status and Port Statistics Table 6 Status (continued) LABEL DESCRIPTION Link This field displays the speed (either 10M for 10 Mbps, 100M for 100 Mbps, 1000M for 1000 Mbps, and 10G for 10 Gbps) and the duplex (F for full duplex or H for half). It also shows the cable type (Copper or SFP) for the combo ports.
Page 59: Figure 23 Status: Port Details
Chapter 6 System Status and Port Statistics Figure 23 Status: Port Details The following table describes the labels in this screen. Table 7 Status > Port Details LABEL DESCRIPTION Port Info Port NO. This field displays the port number you are viewing. Name This field displays the name of the port.
Page 60 Chapter 6 System Status and Port Statistics Table 7 Status > Port Details (continued) LABEL DESCRIPTION Rx KB/s This field shows the transmission speed of data received on this port in kilobytes per second. Up Time This field shows the total amount of time the connection has been up. Tx Packet The following fields display detailed information about packets transmitted.
Page 61 Chapter 6 System Status and Port Statistics Table 7 Status > Port Details (continued) LABEL DESCRIPTION 256-511 This field shows the number of packets (including bad packets) received that were between 256 and 511 octets in length. 512-1023 This field shows the number of packets (including bad packets) received that were between 512 and 1023 octets in length.
Page 62 Chapter 6 System Status and Port Statistics GS-2024 User’s Guide...
Page 63: Basic Setting
H A P T E R Basic Setting This chapter describes how to configure the System Info, General Setup, Switch Setup, IP Setup and Port Setup screens. 7.1 Overview The System Info screen displays general Switch information (such as firmware version number) and hardware polling information (such as fan speeds).
Page 64: Figure 24 Basic Setting > System Info
Chapter 7 Basic Setting Figure 24 Basic Setting > System Info The following table describes the labels in this screen. Table 8 Basic Setting > System Info LABEL DESCRIPTION System Name This field displays the descriptive name of the Switch for identification purposes. ZyNOS F/W This field displays the version number of the Switch 's current firmware including the Version...
Page 65: General Setup
Chapter 7 Basic Setting Table 8 Basic Setting > System Info (continued) LABEL DESCRIPTION This field displays this fan's minimum speed measured in RPM. “<41" is displayed for speeds too small to measure (under 2000 RPM). Threshold This field displays the minimum speed at which a normal fan should work. Status Normal indicates that this fan is functioning above the minimum speed.
Page 66: Table 9 Basic Setting > General Setup
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 9 Basic Setting > General Setup LABEL DESCRIPTION System Name Type a descriptive name for identification purposes. This name consists of up to 64 printable characters; spaces are allowed. Location Type the geographic location of your Switch.
Page 67: Introduction To Vlans
Chapter 7 Basic Setting Table 9 Basic Setting > General Setup (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Daylight Saving Time. The time field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the last Sunday of October.
Page 68: Figure 26 Basic Setting > Switch Setup
Chapter 7 Basic Setting Figure 26 Basic Setting > Switch Setup The following table describes the labels in this screen. Table 10 Basic Setting > Switch Setup LABEL DESCRIPTION VLAN Type Choose 802.1Q or Port Based. The VLAN Setup screen changes depending on whether you choose 802.1Q VLAN type or Port Based VLAN type in this screen.
Page 69: Ip Setup
Chapter 7 Basic Setting Table 10 Basic Setting > Switch Setup (continued) LABEL DESCRIPTION Priority Level (The following descriptions are based on the traffic types defined in the IEEE 802.1d standard (which incorporates the 802.1p). Level 7 Typically used for network control traffic such as router configuration messages. Level 6 Typically used for voice traffic that is especially sensitive to jitter (jitter is the variations in delay).
Page 70: Figure 27 Basic Setting > Ip Setup
Chapter 7 Basic Setting Figure 27 Basic Setting > IP Setup GS-2024 User’s Guide...
Page 71: Table 11 Basic Setting > Ip Setup
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 11 Basic Setting > IP Setup LABEL DESCRIPTION Domain This field is enabled if Static IP Address is selected. Name Server DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa.
Page 72: Port Setup
Chapter 7 Basic Setting Table 11 Basic Setting > IP Setup (continued) LABEL DESCRIPTION IP Address Enter the IP address for managing the Switch by the members of the VLAN specified in the VID field below. IP Subnet Enter the IP subnet mask in dotted decimal notation. Mask Type the VLAN group identification number.
Page 73: Table 12 Basic Setting > Port Setup
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 12 Basic Setting > Port Setup LABEL DESCRIPTION Port This is the port index number. Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 74 Chapter 7 Basic Setting GS-2024 User’s Guide...
Page 75: Advanced Setup
Advanced Setup VLAN (77) Static MAC Forward Setup (89) Spanning Tree Protocol (91) Bandwidth Control (105) Broadcast Storm Control (107) Mirroring (109) Link Aggregation (111) Port Authentication (117) Port Security (121) Queuing Method (123) Multicast (125) Authentication & Accounting (139) Loop Guard (153)
Page 77: Vlan
H A P T E R VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 8.1 Introduction to IEEE 802.1Q Tagged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created.
Page 78: Automatic Vlan Registration
Chapter 8 VLAN 8.2 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 8.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and de- register attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP.
Page 79: Port Vlan Trunking
Chapter 8 VLAN 8.3 Port VLAN Trunking Enable VLAN Trunking on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices.
Page 80: Static Vlan Status
Chapter 8 VLAN 8.5.1 Static VLAN Status Section 8.1 on page 77 for more information on Static VLAN. Click Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown next. Figure 31 Advanced Application > VLAN: VLAN Status The following table describes the labels in this screen.
Page 81: Configure A Static Vlan
Chapter 8 VLAN The following table describes the labels in this screen. Table 15 Advanced Application > VLAN > VLAN Detail LABEL DESCRIPTION VLAN Status Click this to go to the VLAN Status screen. This is the VLAN identification number that was configured in the Static VLAN screen.
Page 82: Configure Vlan Port Settings
Chapter 8 VLAN The following table describes the related labels in this screen. Table 16 Advanced Application > VLAN > Static VLAN LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN settings. Name Enter a descriptive name for the VLAN group for identification purposes. This name consists of up to 64 printable characters;...
Page 83: Figure 34 Advanced Application > Vlan > Vlan Port Setting
Chapter 8 VLAN Figure 34 Advanced Application > VLAN > VLAN Port Setting The following table describes the labels in this screen. Table 17 Advanced Application > VLAN > VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network.
Page 84: Port-Based Vlan Setup
Chapter 8 VLAN Table 17 Advanced Application > VLAN > VLAN Port Setting (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 85: Figure 35 Advanced Application > Vlan > Port Based Vlan Setup (All Connected)
Chapter 8 VLAN Figure 35 Advanced Application > VLAN > Port Based VLAN Setup (All Connected) The following screen shows users on a port-based, port-isolated VLAN configuration. GS-2024 User’s Guide...
Page 86: Figure 36 Advanced Application > Vlan: Port Based Vlan Setup (Port Isolation)
Chapter 8 VLAN Figure 36 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) The following table describes the labels in this screen. Table 18 Advanced Application > VLAN: Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation. All connected means all ports can communicate with each other, that is, there are no virtual LANs.
Page 87 Chapter 8 VLAN Table 18 Advanced Application > VLAN: Port Based VLAN Setup (continued) LABEL DESCRIPTION Outgoing These are the egress ports. An egress port is an outgoing port, that is, a port through which a data packet leaves. If you wish to allow two subscriber ports to talk to each other, you must define the egress port for both ports.
Page 88 Chapter 8 VLAN GS-2024 User’s Guide...
Page 89: Static Mac Forward Setup
H A P T E R Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 9.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your network. 9.2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table.
Page 90: Table 19 Advanced Application > Static Mac Forwarding
Chapter 9 Static MAC Forward Setup The following table describes the labels in this screen. Table 19 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box.
Page 91: Spanning Tree Protocol
H A P T E R Spanning Tree Protocol The Switch supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol •...
Page 92: How Stp Works
Chapter 10 Spanning Tree Protocol Path cost is the cost of transmitting a frame onto a LAN through that port. The recommended cost is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost.
Page 93: Multiple Stp
Chapter 10 Spanning Tree Protocol Table 21 STP Port States PORT STATE DESCRIPTION Listening All BPDUs are received and processed. Note: The listening state does not exist in RSTP. Learning All BPDUs are received and processed. Information frames are submitted to the learning process but not forwarded.
Page 94: Figure 39 Mstp Network Example
Chapter 10 Spanning Tree Protocol With MSTP, VLANs 1 and 2 are mapped to different spanning trees in the network. Thus traffic from the two VLANs travel on different paths. The following figure shows the network example using MSTP. Figure 39 MSTP Network Example VLAN 1 VLAN 2 10.1.4.2 MST Region...
Page 95: Spanning Tree Protocol Status Screen
Chapter 10 Spanning Tree Protocol Figure 40 MSTIs in Different Regions 10.1.4.4 Common and Internal Spanning Tree (CIST) A CIST represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP/RSTP. The CIST is the default MST instance (MSTID 0). Any VLANs that are not members of an MST instance are members of the CIST.
Page 96: Spanning Tree Configuration
Chapter 10 Spanning Tree Protocol Figure 42 Advanced Application > Spanning Tree Protocol This screen differs depending on which STP mode (RSTP or MSTP) you configure on the Switch. This screen is described in detail in the section that follows the configuration section for each STP mode.
Page 97: Figure 44 Advanced Application > Spanning Tree Protocol > Rstp
Chapter 10 Spanning Tree Protocol Figure 44 Advanced Application > Spanning Tree Protocol > RSTP The following table describes the labels in this screen. Table 23 Advanced Application > Spanning Tree Protocol > RSTP LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 45 on page 99).
Page 98: Rapid Spanning Tree Protocol Status
Chapter 10 Spanning Tree Protocol Table 23 Advanced Application > Spanning Tree Protocol > RSTP (continued) LABEL DESCRIPTION MAX Age This is the maximum time (in seconds) a switch can wait without receiving a BPDU before attempting to reconfigure. All switch ports (except for designated ports) should receive BPDUs at regular intervals.
Page 99: Configure Multiple Spanning Tree Protocol
Chapter 10 Spanning Tree Protocol Figure 45 Advanced Application > Spanning Tree Protocol > Status: RSTP The following table describes the labels in this screen. Table 24 Advanced Application > Spanning Tree Protocol > Status: RSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click RSTP to edit RSTP settings on the Switch.
Page 100: Figure 46 Advanced Application > Spanning Tree Protocol > Mstp
Chapter 10 Spanning Tree Protocol Figure 46 Advanced Application > Spanning Tree Protocol > MSTP GS-2024 User’s Guide...
Page 101: Table 25 Advanced Application > Spanning Tree Protocol > Mstp
Chapter 10 Spanning Tree Protocol The following table describes the labels in this screen. Table 25 Advanced Application > Spanning Tree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 47 on page 103).
Page 102: Multiple Spanning Tree Protocol Status
Chapter 10 Spanning Tree Protocol Table 25 Advanced Application > Spanning Tree Protocol > MSTP (continued) LABEL DESCRIPTION VLAN Range Enter the start of the VLAN ID range that you want to add or remove from the VLAN range edit area in the Start field. Enter the end of the VLAN ID range that you want to add or remove from the VLAN range edit area in the End field.
Page 103: Figure 47 Advanced Application > Spanning Tree Protocol > Status: Mstp
Chapter 10 Spanning Tree Protocol Figure 47 Advanced Application > Spanning Tree Protocol > Status: MSTP The following table describes the labels in this screen. Table 26 Advanced Application > Spanning Tree Protocol > Status: MSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you want to activate. Click MSTP to edit MSTP settings on the Switch.
Page 104 Chapter 10 Spanning Tree Protocol Table 26 Advanced Application > Spanning Tree Protocol > Status: MSTP (continued) LABEL DESCRIPTION Port ID This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. Configuration This field displays the configuration name for this MST region.
Page 105: Bandwidth Control
H A P T E R Bandwidth Control This chapter shows you how you can cap the maximum bandwidth using the Bandwidth Control screen. 11.1 Bandwidth Control Overview Bandwidth control means defining a maximum allowable bandwidth for incoming traffic flows on a port. 11.2 Bandwidth Control Setup Click Advanced Application >...
Page 106: Table 27 Advanced Application > Bandwidth Control
Chapter 11 Bandwidth Control The following table describes the related labels in this screen. Table 27 Advanced Application > Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the Switch. You may temporarily deactivate bandwidth control without deleting the rules configured by clearing this check box.
Page 107: Broadcast Storm Control
H A P T E R Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 12.1 Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast, multicast and DLF (destination lookup failure) packets the Switch receives per second on the ports.
Page 108: Table 28 Advanced Application > Broadcast Storm Control
Chapter 12 Broadcast Storm Control The following table describes the labels in this screen. Table 28 Advanced Application > Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature.
Page 109: Mirroring
H A P T E R Mirroring This chapter discusses port mirroring setup screens. 13.1 Port Mirroring Setup Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the mirrored port without interference. Click Advanced Application >...
Page 110 Chapter 13 Mirroring GS-2024 User’s Guide...
Page 111: Link Aggregation
H A P T E R Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higher- bandwidth link. 14.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link.
Page 112: Link Aggregation Id
Chapter 14 Link Aggregation • LACP only works on full-duplex links. • All ports in the same trunk group must have the same media type, speed, duplex mode and flow control settings. Configure trunk groups or LACP before you connect the Ethernet switch to avoid causing network topology loops.
Page 113: Link Aggregation Setting
Chapter 14 Link Aggregation Table 32 Advanced Application > Link Aggregation Status (continued) LABEL DESCRIPTION Aggregator ID Link Aggregator ID consists of the following: system priority, MAC address, key, port priority and port number. Refer to Section 14.2.1 on page 112 for more information on this field.
Page 114: Link Aggregation Control Protocol
Chapter 14 Link Aggregation Table 33 Advanced Application > Link Aggregation > Link Aggregation Setting (continued) LABEL DESCRIPTION Active Select this option to activate a trunk group. Port This field displays the port number. Group Select the trunk group to which a port belongs. Apply Click Apply to save your changes to the Switch’s run-time memory.
Page 115: Static Trunking Example
Chapter 14 Link Aggregation The following table describes the labels in this screen. Table 34 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP LABEL DESCRIPTION Link Note: Do not configure this screen unless you want to enable Aggregation dynamic link aggregation.
Page 116: Figure 54 Trunking Example - Physical Connections
Chapter 14 Link Aggregation Figure 54 Trunking Example - Physical Connections 2 Configure static trunking - Click Advanced Application > Link Aggregation > Link Aggregation Setting. In this screen activate trunking group T1 and select the ports that should belong to this group as shown in the figure below. Click Apply when you are done.
Page 117: Port Authentication
H A P T E R Port Authentication This chapter describes the IEEE 802.1x and MAC authentication methods. 15.1 Port Authentication Overview Port authentication is a way to validate access to ports on the Switch to clients based on an external server (authentication server).
Page 118: Port Authentication Configuration
Chapter 15 Port Authentication Figure 56 IEEE 802.1x Authentication Process New Connection Login Info Request Login Credentials Authentication Request Authentication Reply Session Granted/Denied 15.2 Port Authentication Configuration To enable port authentication, first activate the port authentication method(s) you want to use (both on the Switch and the port(s)), then configure the RADIUS server settings in the Auth and Acct >...
Page 119: Figure 58 Advanced Application > Port Authentication > 802.1X
Chapter 15 Port Authentication Figure 58 Advanced Application > Port Authentication > 802.1x The following table describes the labels in this screen. Table 35 Advanced Application > Port Authentication > 802.1x LABEL DESCRIPTION Active Select this check box to permit 802.1x authentication on the Switch. Note: You must first enable 802.1x authentication on the Switch before configuring it on each port.
Page 120 Chapter 15 Port Authentication GS-2024 User’s Guide...
Page 121: Port Security
H A P T E R Port Security This chapter shows you how to set up port security. 16.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. The Switch can learn up to 16K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 16K.
Page 122: Figure 59 Advanced Application > Port Security
Chapter 16 Port Security Figure 59 Advanced Application > Port Security The following table describes the labels in this screen. Table 36 Advanced Application > Port Security LABEL DESCRIPTION Active Select this option to enable port security on the Switch. Port This field displays a port number.
Page 123: Queuing Method
H A P T E R Queuing Method This chapter introduces the queuing methods supported. 17.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.
Page 124: Configuring Queuing
Chapter 17 Queuing Method 17.2 Configuring Queuing Click Advanced Application > Queuing Method in the navigation panel. Figure 60 Advanced Application > Queuing Method The following table describes the labels in this screen. Table 37 Advanced Application > Queuing Method LABEL DESCRIPTION Method...
Page 125: Multicast
H A P T E R Multicast This chapter shows you how to configure various multicast features. 18.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.
Page 126: Igmp Snooping And Vlans
Chapter 18 Multicast The Switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your Switch.
Page 127: Figure 62 Advanced Application > Multicast > Multicast Setting
Chapter 18 Multicast Figure 62 Advanced Application > Multicast > Multicast Setting The following table describes the labels in this screen. Table 39 Advanced Application > Multicast > Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP Snooping. Active Select Active to enable IGMP Snooping to forward group multicast traffic only to ports that are members of that group.
Page 128: Igmp Snooping Vlan
Chapter 18 Multicast Table 39 Advanced Application > Multicast > Multicast Setting (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by- port basis.
Page 129: Figure 63 Advanced Application > Multicast > Multicast Setting > Igmp Snooping Vlan
Chapter 18 Multicast Figure 63 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN The following table describes the labels in this screen. Table 40 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN LABEL DESCRIPTION Mode Select auto to have the Switch learn multicast group membership information of any VLANs automatically.
Page 130: Igmp Filtering Profile
Chapter 18 Multicast Table 40 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN LABEL DESCRIPTION Clear Click this to clear the fields. Index This is the number of the IGMP snooping VLAN entry in the table. Name This field displays the descriptive name for this VLAN group.
Page 131: Mvr Overview
Chapter 18 Multicast Table 41 Advanced Application > Multicast > Multicast Setting > IGMP Filtering Profile LABEL DESCRIPTION Click Add to save the profile to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 132: Mvr Modes
Chapter 18 Multicast 18.6.2 MVR Modes You can set your Switch to operate in either dynamic or compatible mode. In dynamic mode, the Switch sends IGMP leave and join reports to the other multicast devices (such as multicast routers or servers) in the multicast VLAN. This allows the multicast devices to update the multicast forwarding table to forward or not forward multicast traffic to the receiver ports.
Page 133: Figure 67 Advanced Application > Multicast > Multicast Setting > Mvr
Chapter 18 Multicast Your Switch automatically creates a static VLAN (with the same VID) when you create a multicast VLAN in this screen. Figure 67 Advanced Application > Multicast > Multicast Setting > MVR The following table describes the related labels in this screen. Table 42 Advanced Application >...
Page 134: Mvr Group Configuration
Chapter 18 Multicast Table 42 Advanced Application > Multicast > Multicast Setting > MVR (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 135: Mvr Configuration Example
Chapter 18 Multicast Figure 68 Advanced Application > Multicast > Multicast Setting > MVR: Group Configuration The following table describes the labels in this screen. Table 43 Advanced Application > Multicast > Multicast Setting > MVR: Group Configuration LABEL DESCRIPTION Multicast Select a multicast VLAN ID (that you configured in the MVR screen) from the drop- VLAN ID...
Page 136: Figure 69 Mvr Configuration Example
Chapter 18 Multicast Figure 69 MVR Configuration Example To configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 70 MVR Configuration Example example To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen.
Page 137: Figure 71 Mvr Group Configuration Example
Chapter 18 Multicast Figure 71 MVR Group Configuration Example example Figure 72 MVR Group Configuration Example example GS-2024 User’s Guide...
Page 138 Chapter 18 Multicast GS-2024 User’s Guide...
Page 139: Authentication & Accounting
H A P T E R Authentication & Accounting This chapter describes how to configure authentication and accounting settings on the Switch. 19.1 Authentication, Authorization and Accounting Authentication is the process of determining who a user is and validating access to the Switch. The Switch can authenticate users who try to log in based on user accounts configured on the Switch itself.
Page 140: Radius And Tacacs
Chapter 19 Authentication & Accounting 19.1.2 RADIUS and TACACS+ RADIUS and TACACS+ are security protocols used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of the device.
Page 141: Figure 75 Advanced Application > Auth And Acct > Radius Server Setup
Chapter 19 Authentication & Accounting Figure 75 Advanced Application > Auth and Acct > RADIUS Server Setup The following table describes the labels in this screen. Table 45 Advanced Application > Auth and Acct > RADIUS Server Setup LABEL DESCRIPTION Authentication Use this section to configure your RADIUS authentication settings.
Page 142: Tacacs+ Server Setup
Chapter 19 Authentication & Accounting Table 45 Advanced Application > Auth and Acct > RADIUS Server Setup (continued) LABEL DESCRIPTION Delete Check this box if you want to remove an existing RADIUS server entry from the Switch. This entry is deleted when you click Apply. Apply Click Apply to save your changes to the Switch’s run-time memory.
Page 143: Figure 76 Advanced Application > Auth And Acct > Tacacs+ Server Setup
Chapter 19 Authentication & Accounting Figure 76 Advanced Application > Auth and Acct > TACACS+ Server Setup The following table describes the labels in this screen. Table 46 Advanced Application > Auth and Acct > TACACS+ Server Setup LABEL DESCRIPTION Authentication Use this section to configure your TACACS+ authentication settings.
Page 144: Authentication And Accounting Setup
Chapter 19 Authentication & Accounting Table 46 Advanced Application > Auth and Acct > TACACS+ Server Setup (continued) LABEL DESCRIPTION Shared Secret Specify a password (up to 32 alphanumeric characters) as the key to be shared between the external TACACS+ server and the Switch. This key is not sent over the network.
Page 145: Figure 77 Advanced Application > Auth And Acct > Auth And Acct Setup
Chapter 19 Authentication & Accounting Figure 77 Advanced Application > Auth and Acct > Auth and Acct Setup The following table describes the labels in this screen. Table 47 Advanced Application > Auth and Acct > Auth and Acct Setup LABEL DESCRIPTION Authentication...
Page 146 Chapter 19 Authentication & Accounting Table 47 Advanced Application > Auth and Acct > Auth and Acct Setup (continued) LABEL DESCRIPTION Login These fields specify which database the Switch should use (first, second and third) to authenticate administrator accounts (users for Switch management). Configure the local user accounts in the Access Control >...
Page 147: Vendor Specific Attribute
The VSAs are composed of the following: • Vendor-ID: An identification number assigned to the company by the IANA (Internet Assigned Numbers Authority). ZyXEL’s vendor ID is 890. • Vendor-Type: A vendor specified attribute, identifying the setting you want to modify.
Page 148: Tunnel Protocol Attribute
Chapter 19 Authentication & Accounting Table 48 Supported VSAs FUNCTION ATTRIBUTE Egress Bandwidth Vendor-Id = 890 Assignment Vendor-Type = 2 Vendor-data = egress rate (Kbps in decimal format) Privilege Assignment Vendor-ID = 890 Vendor-Type = 3 Vendor-Data = "shell:priv-lvl=N" Vendor-ID = 9 (CISCO) Vendor-Type = 1 (CISCO-AVPAIR)
Page 149: Attributes Used For Authentication
Chapter 19 Authentication & Accounting 19.3.1 Attributes Used for Authentication The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication. 19.3.1.1 Attributes Used for Authenticating Privilege Access User-Name - The format of the User-Name attribute is $enab#$, where # is the privilege level (1~14) User-Password NAS-Identifier...
Page 150: Table 50 Radius Attributes - Exec Events Via Console
Chapter 19 Authentication & Accounting 19.3.2.2 Attributes Used for Accounting Exec Events The attributes are listed in the following table along with the time that they are sent (the difference between Console and Telnet/SSH Exec events is that the Telnet/SSH events utilize the Calling-Station-Id attribute): Table 50 RADIUS Attributes - Exec Events via Console ATTRIBUTE...
Page 151 Chapter 19 Authentication & Accounting Table 52 RADIUS Attributes - Exec Events via Console ATTRIBUTE START INTERIM-UPDATE STOP NAS-Port-Type Acct-Status-Type Acct-Delay-Time Acct-Session-Id Acct-Authentic Acct-Input-Octets Acct-Output-Octets Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Input-Gigawords Acct-Output-Gigawords GS-2024 User’s Guide...
Page 152 Chapter 19 Authentication & Accounting GS-2024 User’s Guide...
Page 153: Loop Guard
H A P T E R Loop Guard This chapter shows you how to configure the Switch to guard against loops on the edge of your network. 20.1 Loop Guard Overview Loop guard allows you to configure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch.
Page 154: Figure 79 Switch In Loop State
Chapter 20 Loop Guard The following figure shows port N on switch A connected to switch B. Switch B is in loop state. When broadcast or multicast packets leave port N and reach switch B, they are sent back to port N on A as they are rebroadcast from B. Figure 79 Switch in Loop State The loop guard feature checks to see if a loop guard enabled port is connected to a switch in loop state.
Page 155: Loop Guard Setup
Chapter 20 Loop Guard After resolving the loop problem on your network you can re-activate the disabled port via the web configurator (see Section 7.7 on page 72) or via commands (see the CLI reference guide 20.2 Loop Guard Setup Click Advanced Application >...
Page 156 Chapter 20 Loop Guard Table 53 Advanced Application > Loop Guard (continued) LABEL DESCRIPTION Active Select this check box to enable the loop guard feature on this port. The Switch sends probe packets from this port to check if the Switch it is connected to is in loop state. If the Switch that this port is connected is in loop state the Switch will shut down this port.
Page 157: Ip Application
IP Application Static Route (159) Differentiated Services (163) DHCP (167)
Page 159: Static Route
H A P T E R Static Route 21.1 Static Routing Overview This chapter shows you how to configure static routes. The Switch uses IP for communication with management computers, for example using HTTP, telnet, SSH, or SNMP. Use IP static routes to have the Switch respond to remote management stations that are not reachable through the default gateway.
Page 160: Figure 84 Ip Application > Static Routing
Chapter 21 Static Route Figure 84 IP Application > Static Routing The following table describes the related labels you use to create a static route. Table 54 IP Application > Static Routing LABEL DESCRIPTION Active This field allows you to activate/deactivate this static route. Name Enter a descriptive name (up to 10 printable ASCII characters) for identification purposes.
Page 161 Chapter 21 Static Route Table 54 IP Application > Static Routing (continued) LABEL DESCRIPTION Gateway This field displays the IP address of the gateway. The gateway is the immediate Address neighbor of your Switch that will forward the packet to the destination. Metric This field displays the cost of transmission for routing purposes.
Page 162 Chapter 21 Static Route GS-2024 User’s Guide...
Page 163: Differentiated Services
H A P T E R Differentiated Services This chapter shows you how to configure Differentiated Services (DiffServ) on the Switch. 22.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Page 164: Diffserv Network Example
Chapter 22 Differentiated Services 22.1.2 DiffServ Network Example The following figure depicts a DiffServ network consisting of a group of directly connected DiffServ-compliant network devices. The boundary node (A in Figure 86) in a DiffServ network classifies (marks with a DSCP value) the incoming packets into different traffic flows (Platinum, Gold, Silver, Bronze) based on the configured marking rules.
Page 165: Figure 87 Ip Application > Diffserv
Chapter 22 Differentiated Services Figure 87 IP Application > DiffServ The following table describes the labels in this screen. Table 56 IP Application > DiffServ LABEL DESCRIPTION Active Select this option to enable DiffServ on the Switch. DSCP to 802.1p Mapping 0 …...
Page 166 Chapter 22 Differentiated Services GS-2024 User’s Guide...
Page 167: Dhcp
H A P T E R DHCP This chapter shows you how to configure the DHCP feature. 23.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the Switch as a DHCP server or a DHCP relay agent.
Page 168: Dhcp Relay
Chapter 23 DHCP Figure 88 IP Application > DHCP Status The following table describes the labels in this screen. Table 57 IP Application > DHCP Status LABEL DESCRIPTION Relay Status This section displays configuration settings related to the Switch’s DHCP relay mode.
Page 169: Configuring Dhcp Global Relay
Chapter 23 DHCP Table 58 Relay Agent Information FIELD LABELS DESCRIPTION VLAN ID (2 bytes) This is the VLAN that the port belongs to. Information (up to 64 bytes) This optional, read-only field is set according to system name set in Basic Settings > General Setup. 23.3.2 Configuring DHCP Global Relay Configure global DHCP relay in the DHCP Relay screen.
Page 170: Global Dhcp Relay Configuration Example
Chapter 23 DHCP 23.3.3 Global DHCP Relay Configuration Example The follow figure shows a network example where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server that services the DHCP clients in both domains.
Page 171: Figure 92 Ip Application > Dhcp > Vlan
Chapter 23 DHCP You must set up a management IP address for each VLAN that you want to configure DHCP settings for on the Switch. See Section 7.6 on page 69 information on how to do this. Figure 92 IP Application > DHCP > VLAN The following table describes the labels in this screen.
Page 172: Example: Dhcp Relay For Two Vlans
Chapter 23 DHCP Table 60 IP Application > DHCP > VLAN (continued) LABEL DESCRIPTION Delete Select the configuration entries you want to remove and click Delete to remove them. Cancel Click Cancel to clear the Delete check boxes. 23.4.1 Example: DHCP Relay for Two VLANs The following example displays two VLANs (VIDs 1 and 2) for a campus network.
Page 173: Management
Management Maintenance (175) Access Control (181) Diagnostic (199) Syslog (201) Cluster Management (205) MAC Table (211) ARP Table (213) Configure Clone (215)
Page 175: Maintenance
H A P T E R Maintenance This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 24.1 The Maintenance Screen Use this screen to manage firmware and your configuration files. Click Management > Maintenance in the navigation panel to open the following screen.
Page 176: Load Factory Default
Chapter 24 Maintenance Table 61 Management > Maintenance (continued) LABEL DESCRIPTION Save Click Config 1 to save the current configuration settings to Configuration 1 on the Configuration Switch. Click Config 2 to save the current configuration settings to Configuration 2 on the Switch.
Page 177: Reboot System
Chapter 24 Maintenance 24.4 Reboot System Reboot System allows you to restart the Switch without physically turning the power off. It also allows you to load configuration one (Config 1) or configuration two (Config 2) when you reboot. Follow the steps below to reboot the Switch. 1 In the Maintenance screen, click the Config 1 button next to Reboot System to reboot and load configuration one.
Page 178: Restore A Configuration File
Chapter 24 Maintenance 24.6 Restore a Configuration File Restore a previously saved configuration from your computer to the Switch using the Restore Configuration screen. Figure 99 Management > Maintenance > Restore Configuration Type the path and file name of the configuration file you wish to restore in the File Path text box or click Browse to locate it.
Page 179: Ftp Command Line
Switch’s settings, they can be saved back to your computer under a filename of your choosing. ZyNOS (ZyXEL Network Operating System, sometimes referred to as the “ras” file) is the system firmware and has a “bin” filename extension.
Page 180: Gui-Based Ftp Clients
Chapter 24 Maintenance 5 Enter to set transfer mode to binary. 6 Use to transfer files from the computer to the Switch, for example, transfers the firmware on your computer (firmware.bin) to the firmware.bin ras Switch and renames it to “ras”. Similarly, transfers the put config.cfg config configuration file on your computer (config.cfg) to the Switch and renames it to...
Page 181: Access Control
H A P T E R Access Control This chapter describes how to control access to the Switch. 25.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
Page 182: About Snmp
Chapter 25 Access Control 25.3 About SNMP Simple Network Management Protocol (SNMP) is an application layer protocol used to manage and monitor TCP/IP-based devices. SNMP is used to exchange management information between the network management system (NMS) and a network element (NE). A manager station can manage and monitor the Switch through the network via SNMP version one (SNMPv1), SNMP version 2c or SNMP version 3.
Page 183: Snmp V3 And Security
Chapter 25 Access Control 25.3.1 SNMP v3 and Security SNMP v3 enhances security for SNMP management. SNMP managers can be required to authenticate with agents before conducting SNMP management sessions. Security can be further enhanced by encrypting the SNMP messages sent from the managers. Encryption protects the contents of the SNMP messages.
Page 184: Table 67 Snmp Interface Traps
Chapter 25 Access Control Table 66 SNMP System Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION voltage VoltageEventOn 1.3.6.1.4.1.890.1.5.8.15.28.2.1 This trap is sent when the voltage goes above or below the normal operating range. VoltageEventClear 1.3.6.1.4.1.890.1.5.8.15.28.2.2 This trap is sent when the voltage returns to the normal operating range.
Page 185: Table 68 Aaa Traps
Chapter 25 Access Control Table 68 AAA Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION authentication authenticationFailure 1.3.6.1.6.3.1.1.5.5 This trap is sent when authentication fails due to incorrect user name and/or password. AuthenticationFailureEventO 1.3.6.1.4.1.890.1.5.8.15.28.2. This trap is sent when authentication fails due to incorrect user name and/or password.
Page 186: Configuring Snmp
Chapter 25 Access Control Table 70 SNMP Switch Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION mactable MacTableFullEventOn 1.3.6.1.4.1.890.1.5.8.15.28.2.1 This trap is sent when more than 99% of the MAC table is used. MacTableFullEventClear 1.3.6.1.4.1.890.1.5.8.15.28.2.2 This trap is sent when less than 95% of the MAC table is used.
Page 187: Table 71 Management > Access Control > Snmp
Chapter 25 Access Control The following table describes the labels in this screen. Table 71 Management > Access Control > SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) values. Version Select the SNMP version for the Switch. The SNMP version on the Switch must match the version on the SNMP manager.
Page 188: Configuring Snmp Trap Group
Chapter 25 Access Control Table 71 Management > Access Control > SNMP (continued) LABEL DESCRIPTION Security Level Select whether you want to implement authentication and/or encryption for SNMP communication from this user. Choose: • noauth -to use the username as the password string to send to the SNMP manager.
Page 189: Setting Up Login Accounts
Chapter 25 Access Control The following table describes the labels in this screen. Table 72 Management > Access Control > SNMP > Trap Group LABEL DESCRIPTION Trap Destination Select one of your configured trap destination IP addresses. These are the IP addresses of the SNMP managers.
Page 190: Figure 105 Management > Access Control > Logins
Chapter 25 Access Control Figure 105 Management > Access Control > Logins The following table describes the labels in this screen. Table 73 Management > Access Control > Logins LABEL DESCRIPTION Administrator This is the default administrator account with the “admin” user name. You cannot change the default administrator user name.
Page 191: Ssh Overview
Chapter 25 Access Control 25.4 SSH Overview Unlike Telnet or FTP, which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network. Figure 106 SSH Communication Example 25.5 How SSH works The following table summarizes how a secure connection is established between two remote...
Page 192: Ssh Implementation On The Switch
Chapter 25 Access Control 2 Encryption Method Once the identification is verified, both the client and server must agree on the type of encryption method to use. 3 Authentication and Data Transmission After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server.
Page 193: Https Example
Chapter 25 Access Control Figure 108 HTTPS Implementation If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 25.8 HTTPS Example If you haven’t changed the default HTTPS port on the Switch, then in your browser enter “https://Switch IP Address/”...
Page 194: Netscape Navigator Warning Messages
Chapter 25 Access Control 25.8.2 Netscape Navigator Warning Messages When you attempt to access the Switch HTTPS server, a Website Certified by an Unknown Authority screen pops up asking if you trust the server certificate. Click Examine Certificate if you want to verify that the certificate is from the Switch. If Accept this certificate temporarily for this session is selected, then click OK to continue in Netscape.
Page 195: Service Port Access Control
Chapter 25 Access Control Figure 112 Example: Lock Denoting a Secure Connection 25.9 Service Port Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later).
Page 196: Remote Management
Chapter 25 Access Control The following table describes the fields in this screen. Table 74 Management > Access Control > Service Access Control LABEL DESCRIPTION Services Services you may use to access the Switch are listed here. Active Select this option for the corresponding services that you want to allow to access the Switch.
Page 197 Chapter 25 Access Control Table 75 Management > Access Control > Remote Management (continued) LABEL DESCRIPTION Telnet/FTP/ Select services that may be used for managing the Switch from the specified trusted HTTP/ICMP/ computers. SNMP/SSH/ HTTPS Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 198 Chapter 25 Access Control GS-2024 User’s Guide...
Page 199: Diagnostic
H A P T E R Diagnostic This chapter explains the Diagnostic screen. 26.1 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen. Use this screen to check system logs, ping IP addresses or perform port tests. Figure 115 Management >...
Page 200 Chapter 26 Diagnostic GS-2024 User’s Guide...
Page 201: Syslog
H A P T E R Syslog This chapter explains the syslog screens. 27.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server.
Page 202: Syslog Server Setup
Chapter 27 Syslog Figure 116 Management > Syslog The following table describes the labels in this screen. Table 78 Management > Syslog LABEL DESCRIPTION Syslog Select Active to turn on syslog (system logging) and then configure the syslog setting Logging Type This column displays the names of the categories of logs that the device can generate.
Page 203: Figure 117 Management > Syslog > Server Setup
Chapter 27 Syslog Figure 117 Management > Syslog > Server Setup The following table describes the labels in this screen. Table 79 Management > Syslog > Server Setup LABEL DESCRIPTION Active Select this check box to have the device send logs to this syslog server. Clear the check box if you want to create a syslog server entry but not have the device send logs to it (you can edit the entry later).
Page 204 Chapter 27 Syslog GS-2024 User’s Guide...
Page 205: Cluster Management
Table 80 ZyXEL Clustering Management Specifications Maximum number of cluster members Cluster Member Models Cluster member models must be compatible with ZyXEL cluster management implementation. Cluster Manager The cluster manager is the Switch through which you manage the cluster member switches.
Page 206: Cluster Management Status
Chapter 28 Cluster Management Figure 118 Clustering Application Example 28.2 Cluster Management Status Click Management > Cluster Management in the navigation panel to display the following screen. A cluster can only have one manager. Figure 119 Management > Cluster Management GS-2024 User’s Guide...
Page 207: Cluster Member Switch Management
Chapter 28 Cluster Management The following table describes the labels in this screen. Table 81 Management > Cluster Management LABEL DESCRIPTION Status This field displays the role of this Switch within the cluster. Manager Member (you see this if you access this screen in the cluster member switch directly and not via the cluster manager) None (neither a manager nor a member of a cluster) Manager...
Page 208: Clustering Management Configuration
Chapter 28 Cluster Management 28.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. Figure 121 Example: Uploading Firmware to a Cluster Member Switch C:\>ftp 192.168.1.1 Connected to 192.168.1.1.
Page 209: Figure 122 Management > Clustering Management > Configuration
Chapter 28 Cluster Management Figure 122 Management > Clustering Management > Configuration The following table describes the labels in this screen. Table 83 Management > Clustering Management > Configuration LABEL DESCRIPTION Clustering Manager Active Select Active to have this Switch become the cluster manager switch. A cluster can only have one manager.
Page 210 Chapter 28 Cluster Management Table 83 Management > Clustering Management > Configuration (continued) LABEL DESCRIPTION Clustering The following fields relate to the switches that are potential cluster members. Candidate List A list of suitable candidates found by auto-discovery is shown here. The switches must be directly connected.
Page 211: Mac Table
H A P T E R MAC Table This chapter introduces the MAC Table screen. 29.1 MAC Table Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch, the MAC address of the device is shown on the Switch’s MAC Table.
Page 212: Viewing The Mac Table
Chapter 29 MAC Table Figure 123 MAC Table Flowchart 29.2 Viewing the MAC Table Click Management > MAC Table in the navigation panel to display the following screen. Figure 124 Management > MAC Table The following table describes the labels in this screen. Table 84 Management >...
Page 213: Arp Table
H A P T E R ARP Table This chapter introduces ARP Table. 30.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
Page 214: Figure 125 Management > Arp Table
Chapter 30 ARP Table Figure 125 Management > ARP Table The following table describes the labels in this screen. Table 85 Management > ARP Table LABEL DESCRIPTION Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a Switch port with the corresponding MAC address below.
Page 215: Configure Clone
H A P T E R Configure Clone This chapter shows you how you can copy the settings of one port onto other ports. 31.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports.
Page 216: Table 86 Management > Configure Clone
Chapter 31 Configure Clone The following table describes the labels in this screen. Table 86 Management > Configure Clone LABEL DESCRIPTION Source/ Enter the source port under the Source label. This port’s attributes are copied. Destination Enter the destination port or ports under the Destination label. These are the ports Port which are going to have the same attributes as the source port.
Page 217: Troubleshooting & Product Specifications
Troubleshooting & Product Specifications Troubleshooting (219) Product Specifications (223)
Page 219: Troubleshooting
H A P T E R Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Switch Access and Login 32.1 Power, Hardware Connections, and LEDs The Switch does not turn on.
Page 220: Switch Access And Login
Chapter 32 Troubleshooting 32.2 Switch Access and Login I forgot the IP address for the Switch. 1 The default IP address is 192.168.1.1. 2 Use the console port to log in to the Switch. 3 Use the management port to log in to the Switch. 4 If this does not work, you have to reset the device to its factory defaults.
Page 221 Chapter 32 Troubleshooting I can see the Login screen, but I cannot log in to the Switch. 1 Make sure you have entered the user name and password correctly. The default user name is admin, and the default password is 1234. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Page 222 Chapter 32 Troubleshooting GS-2024 User’s Guide...
Page 223: Product Specifications
H A P T E R Product Specifications The following tables summarize the Switch’s hardware and firmware features. Table 87 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions 438(W) x 270(D) x 44.45(H) mm (17.2(W) x 10.6(D) x 1.75(H) inches), 19-inch rack-mount width, 1 U height Weight 3.8 kg Power Specification...
Page 224: Table 88 Firmware Specifications
Chapter 33 Product Specifications Table 87 Hardware Specifications Safety UL 60950-1 CSA 60950-1 EN 60950-1 IEC 60950-1 FCC Part 15 (Class A) CE EMC (Class A) Table 88 Firmware Specifications FEATURE DESCRIPTION Default IP Address In band: 192.168.1.1 Out of band (Management port): 192.168.0.1 Default Subnet Mask 255.255.255.0 (24 bits) Administrator User Name...
Page 225 The Switch can generate syslog messages and send it to a syslog server. Firmware Upgrade Download new firmware (when available) from the ZyXEL web site and use the web configurator, CLI or an FTP/TFTP tool to put it on the Switch.
Page 226: Table 89 Switching Specifications
Chapter 33 Product Specifications Table 89 Switching Specifications Layer 2 Bridging 8K MAC addresses (hashed) Features Static MAC address forwarding: 256 entries Broadcast storm control in frames/sec Automatic address learning and aging Aging time: 14bits resolution in (1s/10ms/1min/5min), default 300 secs Switching Switching fabric: 48 Gbps, non-blocking Store and forward...
Page 227: Table 90 Standards Supported
Chapter 33 Product Specifications Table 89 Switching Specifications (continued) Security Static MAC forwarding, 64 entries Block unresolved address forwarding/Port security 802.1x port based authentication with RADIUS support SSH v1/v2 Intrusion Lock Multiple RADIUS servers Multiple TACACS+ servers 802.1X VLAN and bandwidth assignment. Management Configuration by console/Telnet/web Firmware upgrade by FTP/web/console...
Page 228: Figure 127 Console/Dial Backup Port Pin Layout
Chapter 33 Product Specifications Table 90 Standards Supported (continued) STANDARD DESCRIPTION RFC 1757 RMON RFC 1901 SNMPv2c Simple Network Management Protocol version 2c RFC 2138 RADIUS (Remote Authentication Dial In User Service) RFC 2139 RADIUS Accounting RFC 2236 Internet Group Management Protocol, Version 2. RFC 2865 RADIUS - Vendor Specific Attribute RFC 2674...
Page 229: Table 91 Console/Dial Backup Port Pin Assignments
Chapter 33 Product Specifications Table 91 Console/Dial Backup Port Pin Assignments CONSOLE Port RS – 232 (Female) DB-9F DIAL BACKUP RS – 232 (Male) DB-9M (Not on all models) Pin 1 = NON Pin 1 = NON Pin 2 = DCE-TXD Pin 2 = DTE-RXD Pin 3 = DCE –RXD Pin 3 = DTE-TXD...
Page 230 Chapter 33 Product Specifications GS-2024 User’s Guide...
Page 231: Appendices And Index
Appendices and Index Pop-up Windows, JavaScripts and Java Permissions (233) IP Addresses and Subnetting (241) Legal Information (249) Customer Support (253) Index (259)
Page 233: Appendix A Pop-Up Windows, Javascripts And Java Permissions
P P E N D I X Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Internet Explorer 6 screens are used here.
Page 234: Figure 129 Internet Options: Privacy
Appendix A Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 129 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps.
Page 235: Figure 130 Internet Options: Privacy
Appendix A Pop-up Windows, JavaScripts and Java Permissions Figure 130 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 131 Pop-up Blocker Settings GS-2024 User’s Guide...
Page 236: Figure 132 Internet Options: Security
Appendix A Pop-up Windows, JavaScripts and Java Permissions 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Page 237: Figure 133 Security Settings - Java Scripting
Appendix A Pop-up Windows, JavaScripts and Java Permissions Figure 133 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Page 238: Figure 135 Java (Sun)
Appendix A Pop-up Windows, JavaScripts and Java Permissions JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Figure 135 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here.
Page 239: Figure 136 Mozilla Firefox: Tools > Options
Appendix A Pop-up Windows, JavaScripts and Java Permissions Figure 136 Mozilla Firefox: Tools > Options Click Content to show the screen below. Select the check boxes as shown in the following screen. Figure 137 Mozilla Firefox Content Security GS-2024 User’s Guide...
Page 240 Appendix A Pop-up Windows, JavaScripts and Java Permissions GS-2024 User’s Guide...
Page 241: Appendix B Ip Addresses And Subnetting
P P E N D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 242: Figure 138 Network Number And Host Id
Appendix B IP Addresses and Subnetting Figure 138 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 243: Table 94 Subnet Masks
Appendix B IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 94 Subnet Masks BINARY DECIMAL 4TH OCTET OCTET...
Page 244: Figure 139 Subnetting Example: Before Subnetting
Appendix B IP Addresses and Subnetting Table 96 Alternative Subnet Mask Notation (continued) ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.192 1100 0000 255.255.255.224 1110 0000 255.255.255.240 1111 0000 255.255.255.248 1111 1000 255.255.255.252 1111 1100 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons.
Page 245: Figure 140 Subnetting Example: After Subnetting
Appendix B IP Addresses and Subnetting Figure 140 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 246: Table 98 Subnet 2
Appendix B IP Addresses and Subnetting Table 98 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.65 192.168.1.64 Broadcast Address: Highest Host ID: 192.168.1.126 192.168.1.127 Table 99 Subnet 3...
Page 247: Table 102 24-Bit Network Number Subnet Planning
Appendix B IP Addresses and Subnetting Table 101 Eight Subnets (continued) SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 102 24-bit Network Number Subnet Planning NO.
Page 248: Configuring Ip Addresses
Appendix B IP Addresses and Subnetting Table 103 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.255.252 (/30) 16384 255.255.255.254 (/31) 32768 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Page 249: Appendix C Legal Information
Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
Page 250: Zyxel Limited Warranty
3 Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During...
Page 251 Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Page 252 Appendix C Legal Information GS-2024 User’s Guide...
Page 253: Appendix D Customer Support
• Sales E-mail: sales@zyxel.co.cr • Telephone: +506-2017878 • Fax: +506-2015098 • Web: www.zyxel.co.cr • FTP: ftp.zyxel.co.cr • Regular Mail: ZyXEL Costa Rica, Plaza Roble Escazú, Etapa El Patio, Tercer Piso, San José, Costa Rica Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 •...
Page 254 • E-mail: info@zyxel.fr • Telephone: +33-4-72-52-97-97 • Fax: +33-4-72-52-19-20 • Web: www.zyxel.fr • Regular Mail: ZyXEL France, 1 rue des Vergers, Bat. 1 / C, 69760 Limonest, France Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • Telephone: +49-2405-6909-69 •...
Page 255 • Sales E-mail: sales@zyxel.in • Telephone: +91-11-30888144 to +91-11-30888153 • Fax: +91-11-30888149, +91-11-26810715 • Web: http://www.zyxel.in • Regular Mail: India - ZyXEL Technology India Pvt Ltd., II-Floor, F2/9 Okhla Phase -1, New Delhi 110020, India Japan • Support E-mail: support@zyxel.co.jp •...
Page 256 • Support E-mail: support@zyxel.com.sg • Sales E-mail: sales@zyxel.com.sg • Telephone: +65-6899-6678 • Fax: +65-6899-8887 • Web: http://www.zyxel.com.sg • Regular Mail: ZyXEL Singapore Pte Ltd., No. 2 International Business Park, The Strategy #03-28, Singapore 609930 Spain • Support E-mail: support@zyxel.es • Sales E-mail: sales@zyxel.es •...
Page 257 • Support E-mail: support@zyxel.co.th • Sales E-mail: sales@zyxel.co.th • Telephone: +662-831-5315 • Fax: +662-831-5395 • Web: http://www.zyxel.co.th • Regular Mail: ZyXEL Thailand Co., Ltd., 1/1 Moo 2, Ratchaphruk Road, Bangrak-Noi, Muang, Nonthaburi 11000, Thailand. Ukraine • Support E-mail: support@ua.zyxel.com • Sales E-mail: sales@ua.zyxel.com •...
Page 258 Appendix D Customer Support GS-2024 User’s Guide...
Page 259: Index
Index Index Numerics BPDUs (Bridge Protocol Data Units) Bridge Protocol Data Units (BPDUs) bridging 802.1P priority certifications access control notices limitations viewing login account CFI (Canonical Format Indicator) remote management changing the password service port SNMP CIST accounting CIST (Common and Internal Spanning Tree) Address Resolution Protocol (ARP) 213, 215, 216 Class of Service (CoS)
Page 260 Index CPU management port current date current time fan speed customer support FCC interference statement feature summary file transfer using FTP command example filename convention, configuration filtering database, MAC table daylight saving time firmware default IP address upgrade 177, 208 DHCP flow control configuration options...
Page 261 Index implementation Link Aggregation Control Protocol (LACP) public keys, private keys lockout HTTPS example humidity login password login account Administrator non-administrator login accounts configuring via web configurator IANA multiple IEEE 802.1p, priority number of IEEE 802.1x login password activate 118, 142, 144 loop guard reauthentication how it works...
Page 262 Index supported MIBs MIB (Management Information Base) mini GBIC ports connection speed network management system (NMS) connector type NTP (RFC-1305) transceiver installation transceiver removal mirroring ports monitor port mounting brackets MSA (MultiSource Agreement) password MST Instance, See MSTI administrator MST region PHB (Per-Hop Behavior) MSTI ping, test connection...
Page 263 Index PVID (Priority Frame) security PWR LED service access control service port Simple Network Management Protocol, see SNMP SNMP 31, 182 agent and MIB authentication queue weight communities queuing management model manager network components object variables queuing method 123, 124 protocol operations security setup...
Page 264 Index Max Age 98, 99 example path cost 92, 98 Tunnel Protocol Attribute, and RADIUS port priority Type of Service (ToS) port state root port status 98, 102 terminology vs loop guard subnet user profiles subnet mask subnetting switch lockout switch reset switch setup switching...
Page 265 Index weight, queuing Weighted Round Robin Scheduling (WRR) WFQ (Weighted Fair Queuing) WRR (Weighted Round Robin Scheduling ZyNOS (ZyXEL Network Operating System) GS-2024 User’s Guide...
Page 266 Index GS-2024 User’s Guide...

ZyXEL Communications Dimension GS-2024 User Manual

Chapter 1 Getting to Know Your Switch

Chapter 2 Hardware Installation and Connection

Chapter 3 Hardware Overview

Chapter 4 The Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Statistics

Chapter 7 Basic Setting

Chapter 8 VLAN

Chapter 9 Static MAC Forward Setup

Chapter 10 Spanning Tree Protocol

Chapter 11 Bandwidth Control

Chapter 12 Broadcast Storm Control

Chapter 13 Mirroring

Chapter 14 Link Aggregation

Chapter 15 Port Authentication

Chapter 16 Port Security

Chapter 17 Queuing Method

Chapter 18 Multicast

Chapter 19 Authentication & Accounting

Chapter 20 Loop Guard

Quick Links

Troubleshooting

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for ZyXEL Communications Dimension GS-2024

Summary of Contents for ZyXEL Communications Dimension GS-2024