Page 1 MS-7206 Modular Ethernet Switch System User’s Guide Version 3.79 11/2008 Edition 1 www.zyxel.com...
Page 3: About This User's Guide
It is recommended you use the web configurator to configure the MM-7201. Related Documentation • MS-7206 Hardware Installation Guide Hardware guide for the MS-7206 system, including the MS-7206S, MI-7248, MI- 7248PWR, MI-7248TF, MF-7201, MP-7201, MPC-7202, MP-7202, and MP-7203. • Command Line Interface (CLI) Reference Guide Line commands offer an alternative to the web configurator and in some cases are necessary to configure advanced features.
Page 4: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 5 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The MS-7206 icon is not an exact representation of your device. MS-7206 Computer Notebook computer Server DSLAM Firewall Telephone Switch Router MS-7206 User’s Guide...
Page 6: Safety Warnings
Safety Warnings Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 Safety Warnings MS-7206 User’s Guide...
Page 8 Safety Warnings MS-7206 User’s Guide...
Page 9: Table Of Contents
Contents Overview Contents Overview Introduction ..........................29 Introducing the MM-7201 ......................31 Hardware ..........................35 Front Panel ..........................37 Installing Cards .......................... 39 Basic ............................43 The Web Configurator ....................... 45 Initial Setup Example ......................... 53 System Status and Port Statistics ....................57 System Info ..........................
Page 10 Contents Overview IP ............................169 Static Route ..........................171 RIP ............................173 OSPF ............................175 IGMP ............................187 DVMRP ............................ 189 Differentiated Services ......................193 DHCP ............................197 VRRP ............................205 Manage ..........................213 Maintenance ..........................215 Access Control ........................223 Diagnostic ..........................
Page 11: Table Of Contents
Table of Contents Table of Contents About This User's Guide ......................3 Document Conventions......................4 Safety Warnings........................6 Contents Overview ........................9 Table of Contents........................11 List of Figures ......................... 21 List of Tables........................... 25 Part I: Introduction................. 29 Chapter 1 Introducing the MM-7201......................
Page 12 Table of Contents 3.1.2 Add a Management Card (System Is On) ..............39 3.1.3 Remove a Management Card ..................40 3.2 Interface Modules ........................ 40 3.2.1 Add an Interface Module (System Is Off) ..............40 3.2.2 Add an Interface Module (System Is On) ..............40 3.2.3 Remove an Interface Module ..................
Page 13 Table of Contents 8.1 General Setup ........................67 Chapter 9 Switch Setup ........................... 71 9.1 Switch Setup ........................71 Chapter 10 IP Setup............................ 73 10.1 IP Interfaces ........................73 10.2 IP Setup ..........................73 Chapter 11 Slot Setup ..........................77 11.1 Slot Setup ..........................
Page 14 Table of Contents 15.1 Filtering ..........................93 Chapter 16 Spanning Tree Protocol......................95 16.1 STP/RSTP Overview ......................95 16.1.1 STP Terminology ..................... 95 16.1.2 How STP Works ...................... 96 16.1.3 STP Port States ....................... 97 16.1.4 Multiple RSTP ......................97 16.2 Spanning Tree Protocol Status Screen ................
Page 15 Table of Contents Chapter 22 Port Security.......................... 121 22.1 Port Security ........................121 Chapter 23 Classifier..........................123 23.1 Packet Classifier and QoS ....................123 23.2 Classifier ......................... 123 23.3 Classifier Example ......................126 Chapter 24 Policy Rule..........................129 24.1 Policy Rules Overview ....................129 24.1.1 DiffServ ........................
Page 16 Table of Contents 27.3 Multicast Setting ......................146 27.4 IGMP Snooping VLAN ....................148 27.5 IGMP Filtering Profile ..................... 150 27.6 MVR Overview ......................... 151 27.6.1 Types of MVR Ports ....................152 27.6.2 MVR Modes ......................152 27.6.3 How MVR Works ....................152 27.7 MVR ..........................
Page 17 Table of Contents 31.2 OSPF Status ......................... 177 31.3 OSPF Configuration ....................... 179 31.4 OSPF Interface ....................... 182 31.5 OSPF Virtual-Link ......................184 Chapter 32 IGMP............................187 32.1 IGMP ..........................187 Chapter 33 DVMRP ........................... 189 33.1 DVMRP Overview ......................189 33.2 How DVMRP Works ......................
Page 18 Table of Contents 36.2 VRRP Status ........................206 36.2.1 VRRP Configuration ....................207 36.3 VRRP Configuration Examples ..................209 36.3.1 One Subnet Network Example ................209 36.3.2 Two Subnets Example ....................211 Part VI: Manage ..................213 Chapter 37 Maintenance .......................... 215 37.1 Maintenance ........................
Page 19 Table of Contents Chapter 40 Syslog ............................ 243 40.1 Syslog Overview ......................243 40.2 Syslog Setup ........................243 40.2.1 Syslog Server Setup ..................... 244 Chapter 41 Cluster Management......................247 41.1 Cluster Management Status Overview ................247 41.2 Clustering Management Status ..................248 41.2.1 Cluster Member Switch Management ..............
Page 20 Table of Contents 47.1 Power, Hardware Connections, and LEDs ..............265 47.2 MM-7201 Access and Login .................... 266 Chapter 48 Product Specifications ......................269 Part VIII: Appendices and Index ............277 Appendix A IP Addresses and Subnetting ................279 Appendix B Pop-up Windows, JavaScripts and Java Permissions ........287 Appendix C Legal Information ....................
Page 21: List Of Figures
List of Figures List of Figures Figure 1 Applications: Enterprise ......................31 Figure 2 LEDs ............................33 Figure 3 Front Panel ..........................37 Figure 4 ALARM Pins Layout ......................... 38 Figure 5 Slot Setup (Uninstall) ........................ 41 Figure 6 Slot Setup (Install) ........................42 Figure 7 Web Configurator: Login ......................
Page 22 List of Figures Figure 39 Bandwidth Control ....................... 108 Figure 40 Broadcast Storm Control ..................... 109 Figure 41 Mirroring ..........................111 Figure 42 Link Aggregation Control Protocol Status ................114 Figure 43 Advanced Application > Link Aggregation > Link Aggregation Setting ........115 Figure 44 Link Aggregation Control Protocol ..................116 Figure 45 Port Authentication .......................119 Figure 46 802.1x ..........................
Page 23 List of Figures Figure 82 IGMP ........................... 187 Figure 83 How DVMRP Works ......................190 Figure 84 DVMRP ..........................190 Figure 85 DVMRP: IGMP Not Set Error ....................191 Figure 86 DVMRP: Unable to Disable IGMP Error ................191 Figure 87 DVMRP: Duplicate VID Error Message ................192 Figure 88 DiffServ: Differentiated Service Field ..................
Page 24 List of Figures Figure 125 Security Certificate 1 (Netscape) ..................236 Figure 126 Security Certificate 2 (Netscape) ..................236 Figure 127 Example: Lock Denoting a Secure Connection ..............237 Figure 128 Service Access Control ...................... 237 Figure 129 Remote Management ......................238 Figure 130 Diagnostic ..........................
Page 25: List Of Tables
List of Tables List of Tables Table 1 LEDs ............................33 Table 2 Front Panel ..........................37 Table 3 Navigation Panel Menu Overview ..................... 47 Table 4 Navigation Panel Menu Description ..................47 Table 5 Status ............................57 Table 6 Port Status ..........................58 Table 7 Port Details ..........................
Page 26 List of Tables Table 39 Classifier ..........................124 Table 40 Common Ethernet Types and Protocol Number ..............126 Table 41 Common IP Ports ........................126 Table 42 Policy ............................ 131 Table 43 Queuing Method ........................137 Table 44 VLAN Tag Format ......................... 141 Table 45 Single and Double Tagged 802.1Q Frame Format ...............
Page 27 List of Tables Table 82 Filename Conventions ......................219 Table 83 General Commands for GUI-based FTP Clients ..............220 Table 84 SNMP Commands ........................ 224 Table 85 SNMP System Traps ......................225 Table 86 SNMP Interface Traps ......................226 Table 87 AAA Traps ..........................227 Table 88 SNMP IP Traps ........................
Page 28 List of Tables Table 125 Subnet 4 ..........................284 Table 126 Eight Subnets ........................284 Table 127 Class C Subnet Planning ....................284 Table 128 Class B Subnet Planning ....................285 MS-7206 User’s Guide...
Page 29: Introduction
Introduction Introducing the MM-7201 (31)
Page 31: Introducing The Mm-7201
• If you install two MM-7201s, the MS-7206 system has a switching capability of 192 Gbps full duplex, the equivalent of four MI-7248 interface modules. In addition, the two MM- 7201s provide switching and management redundancy. If one MM-7201 becomes unavailable, the other one takes over.
Page 32: Ways To Manage The Mm-7201
Chapter 1 Introducing the MM-7201 • Switch A provides access to the servers in the data center. The MS-7206 system uses link aggregation (trunking) to create a high-speed connection with switch A. • Switches B and C are connected to users in different departments via wired or wireless networks.
Page 33: Leds
Chapter 1 Introducing the MM-7201 1.4 LEDs Figure 2 LEDs Table 1 LEDs COLOR STATUS DESCRIPTION Green The MM-7201 is receiving power from one of the MS- 7206 power modules. The MM-7201 is not receiving power from any of the MS-7206 power modules.
Page 34 Chapter 1 Introducing the MM-7201 MS-7206 User’s Guide...
Page 35: Hardware
Hardware Front Panel (37) Installing Cards (39)
Page 37: Front Panel
H A P T E R Front Panel This chapter describes the front panel of and connections to the MM-7201. 2.1 Front Panel This section introduces the ports on the front panel of the MM-7201. See Section 1.4 on page for a description of LEDs.
Page 38: Console Port
Chapter 2 Front Panel 2.2.2 CONSOLE Port For local management through the command line interface (CLI), use a computer with terminal emulation software configured to the following parameters: • VT100 terminal emulation • 9600 bps • No parity, 8 data bits, 1 stop bit •...
Page 39: Installing Cards
H A P T E R Installing Cards This chapter describes how to add, remove, and hot-swap management cards and interface modules in the system. 3.1 Management Cards This section describes the steps required to add and remove management cards. If you want to hot-swap management cards, follow the steps below to remove the existing management card and add the new management card.
Page 40: Remove A Management Card
Chapter 3 Installing Cards If there is another management card in the system, the new management card automatically becomes the standby management card. If the firmware version of the new management card is different than the firmware version of the existing management card, the new management card does not function in the system.
Page 41: Figure 5 Slot Setup (Uninstall)
Chapter 3 Installing Cards Figure 5 Slot Setup (Uninstall) 2 Remove the interface module from the system (if necessary). 3 Insert the interface module in slot 3, slot 4, slot 5, or slot 6. 4 Open the Slot Setup screen, and install the new type of interface module in the slot. MS-7206 User’s Guide...
Page 42: Remove An Interface Module
Chapter 3 Installing Cards Figure 6 Slot Setup (Install) 3.2.3 Remove an Interface Module Remove the interface module from the MS-7206 chassis. MS-7206 User’s Guide...
Page 43: Basic
Basic The Web Configurator (45) Initial Setup Example (53) System Status and Port Statistics (57) System Info (63) General Setup (67) Switch Setup (71) IP Setup (73) Slot Setup (77) Port Setup (79)
Page 45: The Web Configurator
H A P T E R The Web Configurator This section introduces the configuration and functions of the web configurator. 4.1 Introduction The web configurator is an HTML-based management interface that allows easy setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions.
Page 46: The Status Screen
Chapter 4 The Web Configurator Figure 7 Web Configurator: Login You may configure the time in the General Setup screen. See Chapter 8 on page 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is the first screen that displays when you access the web configurator. The following figure shows the navigating components of a web configurator screen.
Page 47: Table 3 Navigation Panel Menu Overview
Chapter 4 The Web Configurator B - Click this link to save your configuration into the MM-7201’s nonvolatile memory. Nonvolatile memory is the configuration of your MM-7201 that stays the same even if the MM-7201’s power is turned off. C - Click this link to go to the status page of the system. D - Click this link to log out of the web configurator.
Page 48 Chapter 4 The Web Configurator Table 4 Navigation Panel Menu Description (continued) LINK DESCRIPTION Advanced Application VLAN Configure VLAN settings. Static MAC Configure static MAC addresses for a port. These static MAC addresses do not age Forwarding out. Filtering Set up filtering rules. Spanning Tree Configure RSTP/MRSTP to prevent network loops.
Page 49: Change Your Password
Chapter 4 The Web Configurator Table 4 Navigation Panel Menu Description (continued) LINK DESCRIPTION DiffServ Use this to enable DiffServ, configure marking rules and set DSCP-to-IEEE802.1p mappings. DHCP DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. Use this screen to configure the switch as a DHCP server or a DHCP relay.
Page 50: Saving Your Configuration
Chapter 4 The Web Configurator Figure 9 Change Administrator Login Password 4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the MM-7201’s power is turned off.
Page 51: Resetting The Switch
Chapter 4 The Web Configurator 8 Change a service port number but forget it. Be careful not to lock yourself and others out of the switch. If you do lock yourself out, try using out-of-band management (via the management port or console port) to configure the MM-7201.
Page 52: Logging Out Of The Web Configurator
Chapter 4 The Web Configurator The switch is now reinitialized with a default configuration file including the default password of “1234”. 4.7 Logging Out of the Web Configurator Click Logout in a screen to exit the web configurator. You have to log in with your password again after you log out.
Page 53: Initial Setup Example
H A P T E R Initial Setup Example This chapter explains how to complete the following steps for an example network. • Configure an IP interface • Configure DHCP server settings • Create a VLAN • Set port VLAN ID •...
Page 54: Configuring Dhcp Server Settings
Chapter 5 Initial Setup Example 3 Click Basic Setting > IP Setup. 4 Configure the related fields in the IP Setup screen. For the Sales network, Enter 192.168.2.1 in the IP Address field. Enter 255.255.255.0 in the IP Subnet Mask field. In the VID field, enter 2, the ID of the VLAN group to which you want this IP interface to belong.
Page 55: Creating A Vlan
Chapter 5 Initial Setup Example 5.3 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port(s) belongs. You can do this with port-based VLAN or tagged static VLAN with fixed port members. In this example, you want to configure port 1 in slot 3 as a member of VLAN 2. Figure 13 Initial Setup Network Example: VLAN Slot 3, Port 1 1 Click Advanced Application >...
Page 56: Setting Port Vid
Chapter 5 Initial Setup Example 5.4 Setting Port VID Use PVID to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines. In the example network, configure 2 as the port VID on port 1 in slot 3 so that any untagged frames received on that port get sent to VLAN 2.
Page 57: System Status And Port Statistics
H A P T E R System Status and Port Statistics This chapter describes the system status (web configurator home page), port status, and port details screens. 6.1 Status Use this screen to look at a summary of each slot and whatever card may be in each slot. To view the summary, click Status in any web configurator screen.
Page 58: Chapter 6 System Status And Port Statistics
Chapter 6 System Status and Port Statistics 6.1.1 Port Status Use this screen to look at the status of each port in the selected slot. You can also clear the port counters for each port in the slot. To open this screen, click Status in any web configurator screen, and then click the number of the slot.
Page 59: Port Details
Chapter 6 System Status and Port Statistics 6.1.2 Port Details Use this screen to look at detailed statistics for a specific port. You can clear the statistics that are based on counters in the Port Status screen. See Section 6.1.1 on page 58.
Page 60: Table 7 Port Details
Chapter 6 System Status and Port Statistics The following table describes the labels in this screen. Table 7 Port Details LABEL DESCRIPTION Port Info Port NO This field displays the slot number and the port number. Name This is the name assigned to this port. You can configure this in the Port Setup screen.
Page 61 Chapter 6 System Status and Port Statistics Table 7 Port Details (continued) LABEL DESCRIPTION Multiple This field shows the number of times 2-15 collisions occurred before a frame could be transmitted successfully on this port. Excessive This field shows the number of times 16 collisions occurred while the switch tried to transmit a frame on this port.
Page 62 Chapter 6 System Status and Port Statistics MS-7206 User’s Guide...
Page 63: System Info
H A P T E R System Info 7.1 System Info Use this screen to look at basic information about the MM-7201 and to monitor the system hardware, including temperature, fan speed, voltage, and power. To open this screen, click Basic Setting >...
Page 64: Table 8 System Info
Chapter 7 System Info The following table describes the labels in this screen. Table 8 System Info LABEL DESCRIPTION System Name This field displays the descriptive name of the MM-7201 for identification purposes. Click Basic Setting > General Setup to change this. See Chapter 8 on page ZyNOS F/W This field displays the version number of the MM-7201's current firmware including...
Page 65: Hardware Monitor
Chapter 7 System Info Table 8 System Info (continued) LABEL DESCRIPTION Threshold This field displays the minimum speed at which a normal fan should work. Status This field displays the overall status of the fan. Normal: This fan is functioning above the minimum speed. Error: This fan is functioning below the minimum speed.
Page 66 Chapter 7 System Info Table 9 Hardware Monitor (continued) LABEL DESCRIPTION This field displays the maximum voltage measured at this point. This field displays the minimum voltage measured at this point. Threshold This field displays the percentage tolerance of the voltage with which the card still works.
Page 67: General Setup
H A P T E R General Setup 8.1 General Setup Use this screen to configure the system name, login precedence, time, and other general settings for the system. To open this screen, click Basic Setting > General Setup. Figure 20 General Setup The following table describes the labels in this screen.
Page 68 Chapter 8 General Setup Table 10 General Setup (continued) LABEL DESCRIPTION Use Time Server Enter the time service protocol that your timeserver uses. Not all time servers when Bootup support all protocols, so you may have to use trial and error to find a protocol that works.
Page 69 Chapter 8 General Setup Table 10 General Setup (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Daylight Saving Time. The time field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the first Sunday of November.
Page 70 Chapter 8 General Setup MS-7206 User’s Guide...
Page 71: Switch Setup
H A P T E R Switch Setup 9.1 Switch Setup Use this screen to configure MAC address learning, declaration timeout values for GARP, and priority queues. You can also control whether or not the switch handles bridge control protocols, such as STP. To open this screen, click Basic Setting > Switch Setup. Figure 21 Switch Setup The following table describes the labels in this screen.
Page 72 Chapter 9 Switch Setup Table 11 Switch Setup (continued) LABEL DESCRIPTION GARP Timer: Switches join VLANs by making a declaration. A declaration is made by issuing a Join message using GARP. Declarations are withdrawn by issuing a Leave message. A Leave All message terminates all registrations. GARP timers set declaration timeout values.
Page 73: Ip Setup
H A P T E R IP Setup This chapter introduces IP interfaces and then describes the IP Setup screen. 10.1 IP Interfaces The switch needs an IP address for it to be managed over the network. The factory default IP address is 192.168.0.1.
Page 74: Figure 22 Ip Setup
Chapter 10 IP Setup Figure 22 IP Setup The following table describes the labels in this screen. Table 12 IP Setup LABEL DESCRIPTION Default Enter the IP address of the default outgoing gateway in dotted decimal notation, for Gateway example 192.168.0.254. Domain Name DNS (Domain Name System) is for mapping a domain name to its corresponding IP Server...
Page 75 Chapter 10 IP Setup Table 12 IP Setup (continued) LABEL DESCRIPTION IP Address Enter the out-of-band management IP address of your switch in dotted decimal notation. For example, 192.168.0.1. IP Subnet Enter the IP subnet mask of your switch in dotted decimal notation for example Mask 255.255.255.0.
Page 76 Chapter 10 IP Setup MS-7206 User’s Guide...
Page 77: Slot Setup
H A P T E R Slot Setup 11.1 Slot Setup Use this screen to control the power to the each slot or to change what type of card is in the slot without restarting the system. To open this screen, click Basic Setting > Slot Setup. Figure 23 Slot Setup The following table describes the labels in this screen.
Page 78 Chapter 11 Slot Setup Table 13 Slot Setup (continued) LABEL DESCRIPTION Cancel Click Cancel to reset the fields. Install Use this section to change what type of card is in the slot without restarting the system. Follow this procedure. • In this section, uninstall the old type of card.
Page 79: Port Setup
H A P T E R Port Setup 12.1 Port Setup Use this screen to configure basic port settings, such as speed, duplex, and flow control. You can also configure the default 802.1p priority and the way bridge protocol data units (BPDU) are handled.
Page 80 Chapter 12 Port Setup Table 14 Port Setup (continued) LABEL DESCRIPTION Name Enter a descriptive name that identifies this port. You can enter up to 64 alpha- numerical characters. Note: Due to space limitation, the port name may be truncated in some web configurator screens.
Page 81: Advanced
Advanced VLAN (83) Static MAC Forward Setup (91) Filtering (93) Spanning Tree Protocol (95) Bandwidth Control (107) Broadcast Storm Control (109) Mirroring (111) Link Aggregation (113) Port Authentication (119) Port Security (121) Classifier (123) Policy Rule (129) Queuing Method (135) VLAN Stacking (139) Multicast (145) Authentication and Accounting (159)
Page 83: Vlan
H A P T E R VLAN This chapter introduces VLANs and then describes the screens you use to configure VLAN settings. 13.1 Introduction to VLANs A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks.
Page 84: Forwarding Tagged And Untagged Frames
Chapter 13 VLAN The CFI (Canonical Format Indicator) is a single-bit flag, always set to zero for Ethernet switches. If a frame received at an Ethernet port has a CFI set to 1, then that frame should not be forwarded as it is to an untagged port. The remaining twelve bits define the VLAN ID, giving a possible maximum number of 4,096 VLANs.
Page 85: Port Vlan Trunking
Chapter 13 VLAN Please refer to the following table for common IEEE 802.1Q VLAN terminology. Table 15 IEEE 802.1Q VLAN Terminology VLAN PARAMETER TERM DESCRIPTION VLAN Type Permanent VLAN This is a static VLAN created manually. Dynamic VLAN This is a VLAN configured by a GVRP registration/ deregistration process.
Page 86: Static Vlan
Chapter 13 VLAN 13.5 Static VLAN Use a static VLAN to decide whether an incoming frame on a port should be • sent to a VLAN group as normal depending on its VLAN tag. • sent to a group whether it has a VLAN tag or not. •...
Page 87: Vlan Detail
Chapter 13 VLAN 13.6.1 VLAN Detail Use this screen to look at detailed port settings for a VLAN. See Section 13.2 on page 83 background information about VLAN. To open this screen, click Advanced Application > VLAN, and then click on the index number of the VLAN. Figure 27 VLAN Detail The following table describes the labels in this screen.
Page 88: Figure 28 Static Vlan
Chapter 13 VLAN Figure 28 Static VLAN The following table describes the related labels in this screen. Table 18 Static VLAN LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN settings. Name Enter a descriptive name for the VLAN group for identification purposes. VLAN Group ID Enter the VLAN ID for this static entry;...
Page 89: Vlan Port Setting
Chapter 13 VLAN Table 18 Static VLAN (continued) LABEL DESCRIPTION Control Select Normal for the port to dynamically join this VLAN group using GVRP. This is the default selection. Select Fixed for the port to be a permanent member of this VLAN group. Select Forbidden if you want to prohibit the port from joining this VLAN group.
Page 90: Table 19 Vlan Port Setting
Chapter 13 VLAN The following table describes the labels in this screen. Table 19 VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network.
Page 91: Static Mac Forward Setup
H A P T E R Static MAC Forward Setup 14.1 Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table. Static MAC addresses do not age out. When you set up static MAC address rules, you are setting static MAC addresses for a port.
Page 92 Chapter 14 Static MAC Forward Setup Table 20 Static MAC Forwarding (continued) LABEL DESCRIPTION MAC Address Enter the MAC address in valid MAC address format, that is, six hexadecimal character pairs. Note: Static MAC addresses do not age out. Enter the VLAN identification number. Port Select the slot and enter the port where the MAC address entered in the previous field will be automatically forwarded.
Page 93: Filtering
H A P T E R Filtering 15.1 Filtering Use this screen to drop frames based on the source MAC address, destination MAC address, and/or VLAN ID. To open this screen, click Advanced Application > Filtering. Figure 31 Filtering The following table describes the related labels in this screen. Table 21 Filtering LABEL DESCRIPTION...
Page 94 Chapter 15 Filtering Table 21 Filtering (continued) LABEL DESCRIPTION Type a MAC address in valid MAC address format, that is, six hexadecimal character pairs. Type the VLAN group identification number. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 95: Spanning Tree Protocol
H A P T E R Spanning Tree Protocol The switch supports Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol The switch also allows you to set up multiple STP configurations (or trees).
Page 96: How Stp Works
Chapter 16 Spanning Tree Protocol Path cost is the cost of transmitting a frame onto a LAN through that port. It is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost.
Page 97: Stp Port States
Chapter 16 Spanning Tree Protocol 16.1.3 STP Port States STP assigns five port states to eliminate packet looping. A bridge port is not allowed to go directly from blocking state to forwarding state so as to eliminate transient loops. Table 23 STP Port States PORT STATE DESCRIPTION Disabled STP is disabled (default).
Page 98: Spanning Tree Protocol Status Screen
Chapter 16 Spanning Tree Protocol 16.2 Spanning Tree Protocol Status Screen The Spanning Tree Protocol status screen changes depending on what standard you choose to implement on your network. Click Advanced Application > Spanning Tree Protocol to see the screen as shown. Figure 33 Advanced Application >...
Page 99: Rapid Spanning Tree Protocol
Chapter 16 Spanning Tree Protocol Table 24 Advanced Application > Spanning Tree Protocol > Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 100 Chapter 16 Spanning Tree Protocol Table 25 Rapid Spanning Tree Protocol (continued) LABEL DESCRIPTION Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch.
Page 101: Rapid Spanning Tree Protocol Status
Chapter 16 Spanning Tree Protocol 16.5 Rapid Spanning Tree Protocol Status Use this screen to look at the status of RSTP on the switch. See Section 16.1 on page 95 background information about RSTP. To open this screen, click Advanced Application > Spanning Tree Protocol.
Page 102: Multiple Rapid Spanning Tree Protocol
Chapter 16 Spanning Tree Protocol Table 26 Rapid Spanning Tree Protocol Status (continued) LABEL DESCRIPTION Topology This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change 16.6 Multiple Rapid Spanning Tree Protocol Use this screen to configure MRSTP on the switch.
Page 103 Chapter 16 Spanning Tree Protocol Table 27 Multiple Rapid Spanning Tree Protocol (continued) LABEL DESCRIPTION Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch.
Page 104: Multiple Rapid Spanning Tree Protocol Status
Chapter 16 Spanning Tree Protocol 16.7 Multiple Rapid Spanning Tree Protocol Status Use this screen to look at the status of MRSTP on the switch. See Section 16.1 on page 95 background information about MRSTP. To open this screen, click Advanced Application > Spanning Tree Protocol.
Page 105 Chapter 16 Spanning Tree Protocol Table 28 Multiple Rapid Spanning Tree Protocol Status (continued) LABEL DESCRIPTION Topology This is the number of times the spanning tree has been reconfigured. Changed Times Time Since Last This is the time since the spanning tree was last reconfigured. Change MS-7206 User’s Guide...
Page 106 Chapter 16 Spanning Tree Protocol MS-7206 User’s Guide...
Page 107: Bandwidth Control
H A P T E R Bandwidth Control This chapter introduces Committed Information Rate (CIR) and Peak Information Rate (PIR) and then shows you how to configure the maximum allowable bandwidth for incoming (ingress) and outgoing (egress) traffic flows on a port. 17.1 CIR and PIR The Committed Information Rate (CIR) is the guaranteed bandwidth for the incoming traffic flow on a port.
Page 108: Figure 39 Bandwidth Control
Chapter 17 Bandwidth Control Figure 39 Bandwidth Control The following table describes the related labels in this screen. Table 29 Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the switch. Slot Select the slot at whose settings you want to look. Port This field displays the slot number and port number.
Page 109: Broadcast Storm Control
H A P T E R Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 18.1 Broadcast Storm Control Use this screen to limit the number of broadcast, multicast and destination lookup failure (DLF) packets the switch receives per second on the ports.
Page 110: Table 30 Broadcast Storm Control
Chapter 18 Broadcast Storm Control The following table describes the labels in this screen. Table 30 Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the switch. Clear this check box to disable this feature. Slot Select the slot at whose settings you want to look.
Page 111: Mirroring
H A P T E R Mirroring 19.1 Mirroring Use this screen to copy (“mirror”) traffic from one or more ports to a specified monitor port. You can examine the traffic on the monitor port without interfering with regular traffic flow. To open this screen, click Advanced Application >...
Page 112 Chapter 19 Mirroring Table 31 Mirroring (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them.
Page 113: Link Aggregation
H A P T E R Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higher- bandwidth link. 20.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link.
Page 114: Link Aggregation Id
Chapter 20 Link Aggregation 20.2.1 Link Aggregation ID LACP aggregation ID consists of the following information Table 32 Link Aggregation ID: Local Switch SYSTEM PRIORITY MAC ADDRESS PORT PRIORITY PORT NUMBER 0000 00-00-00-00-00-00 0000 0000 Table 33 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS PORT PRIORITY PORT NUMBER...
Page 115: Link Aggregation Setting
Chapter 20 Link Aggregation 20.4 Link Aggregation Setting Use this screen to configure trunk groups on the switch. Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 20.1 on page 113 for more information on link aggregation.
Page 116: Link Aggregation Control Protocol
Chapter 20 Link Aggregation Table 35 Advanced Application > Link Aggregation > Link Aggregation Setting (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 117: Table 36 Link Aggregation Control Protocol
Chapter 20 Link Aggregation The following table describes the labels in this screen. Table 36 Link Aggregation Control Protocol LABEL DESCRIPTION Active Select this to enable Link Aggregation Control Protocol (LACP). System LACP system priority is a number between 1 and 65,535. The switch with the lowest Priority system priority (and lowest port number if system priority is the same) becomes the LACP “server”.
Page 118 Chapter 20 Link Aggregation MS-7206 User’s Guide...
Page 119: Port Authentication
H A P T E R Port Authentication This chapter describes the 802.1x authentication method. 21.1 Port Authentication Overview Port authentication is a way to validate access to ports on the switch to clients based on an external server (authentication server). IEEE 802.1x is an extended authentication protocol that allows support of RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a network RADIUS server.
Page 120: Figure 46 802.1X
Chapter 21 Port Authentication Figure 46 802.1x The following table describes the labels in this screen. Table 37 802.1x LABEL DESCRIPTION Active Select this check box to permit 802.1x authentication on the switch. Note: You must first enable 802.1x authentication on the switch before configuring it on each port.
Page 121: Port Security
H A P T E R Port Security 22.1 Port Security Use this screen to allow only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the switch. See Chapter 48 on page for the maximum number of MAC addresses the switch can learn.
Page 122 Chapter 22 Port Security Table 38 Port Security (continued) LABEL DESCRIPTION Port This field displays the slot number and port number. Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 123: Classifier
H A P T E R Classifier This chapter introduces the packet classifier and shows you how to configure it. 23.1 Packet Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth.
Page 124: Figure 48 Classifier
Chapter 23 Classifier Figure 48 Classifier The following table describes the labels in this screen. Table 39 Classifier LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. Packet Specify the format of the packet.
Page 125 Chapter 23 Classifier Table 39 Classifier (continued) LABEL DESCRIPTION VLAN Select Any to classify traffic from any VLAN or select the second option and specify the source VLAN ID in the field provided. Priority Select Any to classify traffic from any priority level or select the second option and specify a priority level in the field provided.
Page 126: Classifier Example
Chapter 23 Classifier Table 39 Classifier (continued) LABEL DESCRIPTION Cancel Click Cancel to reset the fields back to your previous configuration. Clear Click Clear to set the above fields back to the factory defaults. Index This field displays the index number of the rule. Click an index number to edit the rule. Active This field displays Yes when the rule is activated and No when it is deactivated.
Page 127: Figure 49 Example: Configuring A Classifier
Chapter 23 Classifier Figure 49 Example: Configuring a Classifier The resulting entry in the summary table is shown below. Figure 50 Example: Looking at the Classifier in the Summary Table After you have configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow.
Page 128 Chapter 23 Classifier MS-7206 User’s Guide...
Page 129: Policy Rule
H A P T E R Policy Rule This chapter introduces policy rules and shows you how to configure them. 24.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria. A policy rule ensures that a traffic flow gets the requested treatment in the network. See Chapter 23 on page for more information about classifiers.
Page 130: Configuring Policy Rules
Chapter 24 Policy Rule 24.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. See Chapter 23 on page 123 for more information about classifiers. Use this screen to configure policy rules for classified traffic. To open this screen, click Advanced Applications >...
Page 131: Figure 51 Policy
Chapter 24 Policy Rule Figure 51 Policy The following table describes the labels in this screen. Table 42 Policy LABEL DESCRIPTION Active Select this option to enable the policy. Name Enter a descriptive name for identification purposes. MS-7206 User’s Guide...
Page 132 Chapter 24 Policy Rule Table 42 Policy (continued) LABEL DESCRIPTION Classifier(s) This field displays the active classifier(s) you configure in the Classifier screen. Select the classifier(s) to which this policy rule applies. To select more than one classifier, press [SHIFT] or [CTRL] and select the choices at the same time. Parameters Set the fields below for this policy.
Page 133: Policy Example
Chapter 24 Policy Rule Table 42 Policy (continued) LABEL DESCRIPTION Out-of-profile Select the action(s) to be performed for out-of-profile traffic. action Select Drop the packet to discard the out-of-profile traffic. Select Change the DSCP value to replace the DSCP field with the value specified in the Out of profile DSCP field.
Page 134: Figure 52 Example: Policy
Chapter 24 Policy Rule Figure 52 Example: Policy The resulting entry in the summary table is shown below. Figure 53 Example: Looking at the Classifier in the Summary Table MS-7206 User’s Guide...
Page 135: Queuing Method
H A P T E R Queuing Method This chapter introduces the queuing methods supported and then explains the screen for configuring them. 25.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic.
Page 136: Weighted Fair Queuing
Chapter 25 Queuing Method 25.1.3 Weighted Fair Queuing Weighted Fair Queuing (WFQ) is used to guarantee each queue’s minimum bandwidth based on its bandwidth weight (portion) when there is traffic congestion. WFQ is activated only when a port has more traffic than it can handle. Queues with larger weights get more guaranteed bandwidth than queues with smaller weights.
Page 137: Table 43 Queuing Method
Chapter 25 Queuing Method The following table describes the labels in this screen. Table 43 Queuing Method LABEL DESCRIPTION Slot Select the slot at whose settings you want to look. Port This field displays the slot number and port number. Method Select SPQ (Strict Priority Queuing, WFQ, or WRR (Weighted Round Robin).
Page 138 Chapter 25 Queuing Method MS-7206 User’s Guide...
Page 139: Vlan Stacking
H A P T E R VLAN Stacking This chapter shows you how to configure VLAN stacking on your switch. See Chapter 13 on page 83 for background information about VLANs. 26.1 VLAN Stacking Overview A service provider can use VLAN stacking to allow it to distinguish multiple customers VLANs, even those with the same (customer-assigned) VLAN ID, within its network.
Page 140: Vlan Stacking Port Roles
Chapter 26 VLAN Stacking Figure 55 VLAN Stacking Example 26.2 VLAN Stacking Port Roles Each port can have these VLAN stacking “roles”: Access Port and Tunnel (the latter is for Gigabit ports only). • Select Access Port for ingress ports on the service provider's edge devices (1 and 2 in the VLAN stacking example figure).
Page 141: Vlan Tag Format
Chapter 26 VLAN Stacking 26.3 VLAN Tag Format A VLAN tag (service provider VLAN stacking or customer IEEE 802.1Q) consists of the following three fields. Table 44 VLAN Tag Format Type Priority Type is a standard Ethernet type code identifying the frame and indicates that whether the frame carries IEEE 802.1Q tag information.
Page 142: Vlan Stacking
Chapter 26 VLAN Stacking Table 46 802.1Q Frame (SP)TPID (Service Provider) Tag Protocol IDentifier Data Frame data VLAN ID Frame Check Sequence 26.4 VLAN Stacking Use this screen to add an outer VLAN tag to the inner IEEE 802.1Q tagged frames that enter the network.
Page 143: Table 47 Vlan Stacking
Chapter 26 VLAN Stacking The following table describes the labels in this screen. Table 47 VLAN Stacking LABEL DESCRIPTION Active Select this to enable VLAN stacking on the switch. SP TPID SP TPID is a standard Ethernet type code identifying the frame and indicates whether the frame carries IEEE 802.1Q tag information.
Page 144 Chapter 26 VLAN Stacking MS-7206 User’s Guide...
Page 145: Multicast
H A P T E R Multicast This chapter shows you how to configure various multicast features. 27.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.
Page 146: Igmp Snooping And Vlans
Chapter 27 Multicast The switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your switch.
Page 147: Figure 58 Multicast Setting
Chapter 27 Multicast Figure 58 Multicast Setting The following table describes the labels in this screen. Table 49 Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP Snooping. Active Select Active to enable IGMP Snooping to forward group multicast traffic only to ports that are members of that group.
Page 148: Igmp Snooping Vlan
Chapter 27 Multicast Table 49 Multicast Setting (continued) LABEL DESCRIPTION Reserved The IP address range of 224.0.0.0 to 224.0.0.255 are reserved for multicasting on Multicast Group the local network only. For example, 224.0.0.1 is for all hosts on a local network segment and 224.0.0.9 is used to send RIP routing information to all RIP v2 routers on the same network segment.
Page 149: Figure 59 Igmp Snooping Vlan
Chapter 27 Multicast Figure 59 IGMP Snooping VLAN The following table describes the labels in this screen. Table 50 IGMP Snooping VLAN LABEL DESCRIPTION Mode Select auto to have the switch learn multicast group membership information of any VLANs automatically. Select fixed to have the switch only learn multicast group membership information of the VLAN(s) that you specify below.
Page 150: Igmp Filtering Profile
Chapter 27 Multicast Table 50 IGMP Snooping VLAN (continued) LABEL DESCRIPTION Cancel Click Cancel to reset the fields to your previous configuration. Clear Click this to clear the fields. Index This is the number of the IGMP snooping VLAN entry in the table. Name This field displays the descriptive name for this VLAN group.
Page 151: Mvr Overview
Chapter 27 Multicast The following table describes the labels in this screen. Table 51 IGMP Filtering Profile LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes. To configure additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range.
Page 152: Types Of Mvr Ports
Chapter 27 Multicast Figure 61 MVR Network Example 27.6.1 Types of MVR Ports In MVR, a source port is a port on the switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic. Once configured, the switch maintains a forwarding table that matches the multicast stream to the associated multicast group.
Page 153: Mvr
Chapter 27 Multicast Figure 62 MVR Multicast Television Example 27.7 MVR Use this screen to create multicast VLANs and to select the receiver port(s) and a source port for each multicast VLAN. See Section 27.6 on page 151 for background information about MVR.
Page 154: Figure 63 Mvr
Chapter 27 Multicast Figure 63 MVR The following table describes the related labels in this screen. Table 52 MVR LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be shared among different subscriber VLANs on the network. Name Enter a descriptive name (up to 32 printable English keyboard characters) for identification purposes.
Page 155: Group Configuration
Chapter 27 Multicast Table 52 MVR (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 156: Mvr Configuration Example
Chapter 27 Multicast Figure 64 Group Configuration The following table describes the labels in this screen. Table 53 Group Configuration LABEL DESCRIPTION Multicast Select a multicast VLAN ID (that you configured in the MVR screen) from the drop- VLAN ID down list box.
Page 157: Figure 65 Mvr Configuration Example
Chapter 27 Multicast Figure 65 MVR Configuration Example To configure the MVR settings on the switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 66 MVR Configuration Example To set the switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen.
Page 158: Figure 67 Mvr Group Configuration Example
Chapter 27 Multicast Figure 67 MVR Group Configuration Example Figure 68 MVR Group Configuration Example MS-7206 User’s Guide...
Page 159: Authentication And Accounting
H A P T E R Authentication and Accounting This chapter describes how to configure authentication and accounting settings on the switch. 28.1 Authentication, Authorization and Accounting (AAA) Authentication is the process of determining who a user is and validating access to the switch. The switch can authenticate users who try to log in based on user accounts configured on the switch itself.
Page 160: Radius And Tacacs
Chapter 28 Authentication and Accounting 28.1.2 RADIUS and TACACS+ RADIUS and TACACS+ are security protocols used to authenticate users by means of an external server instead of (or in addition to) an internal device user database that is limited to the memory capacity of the device.
Page 161: Figure 71 Radius Server Setup
Chapter 28 Authentication and Accounting Figure 71 RADIUS Server Setup The following table describes the labels in this screen. Table 55 RADIUS Server Setup LABEL DESCRIPTION Authentication Use this section to configure your RADIUS authentication settings. Server Mode This field is only valid if you configure multiple RADIUS servers. Select index-priority and the switch tries to authenticate with the first configured RADIUS server, if the RADIUS server does not respond then the switch tries to authenticate with the second RADIUS server.
Page 162: Tacacs+ Server Setup
Chapter 28 Authentication and Accounting Table 55 RADIUS Server Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 163: Figure 72 Tacacs+ Server Setup
Chapter 28 Authentication and Accounting Figure 72 TACACS+ Server Setup The following table describes the labels in this screen. Table 56 TACACS+ Server Setup LABEL DESCRIPTION Authentication Use this section to configure your TACACS+ authentication settings. Server Mode This field is only valid if you configure multiple TACACS+ servers. Select index-priority and the switch tries to authenticate with the first configured TACACS+ server, if the TACACS+ server does not respond then the switch tries to authenticate with the second TACACS+ server.
Page 164: Authentication And Accounting Setup
Chapter 28 Authentication and Accounting Table 56 TACACS+ Server Setup (continued) LABEL DESCRIPTION Delete Check this box if you want to remove an existing TACACS+ server entry from the switch. This entry is deleted when you click Apply. Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 165: Figure 73 Auth And Acct Setup
Chapter 28 Authentication and Accounting Figure 73 Auth and Acct Setup The following table describes the labels in this screen. Table 57 Auth and Acct Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the switch.
Page 166 Chapter 28 Authentication and Accounting Table 57 Auth and Acct Setup (continued) LABEL DESCRIPTION Login These fields specify which database the switch should use (first, second and third) to authenticate administrator accounts (users for switch management). Configure the local user accounts in the Access Control > Logins screen. The TACACS+ and RADIUS are external servers.
Page 167: Vendor Specific Attribute
Chapter 28 Authentication and Accounting Table 57 Auth and Acct Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 168: Tunnel Protocol Attribute
Chapter 28 Authentication and Accounting 28.2.5 Tunnel Protocol Attribute You can configure tunnel protocol attributes on the RADIUS server to assign a port on the switch to a VLAN (fixed, untagged). This will also set the port’s VID. Refer to RFC 3580 for more information.
Page 169: Part V: Ip
Static Route (171) RIP (173) OSPF (175) IGMP (187) DVMRP (189) Differentiated Services (193) DHCP (197) VRRP (205)
Page 171: Static Route
H A P T E R Static Route 29.1 Static Routing Use this screen to tell the switch how to forward IP traffic when you configure the TCP/IP parameters manually. To open this screen, click IP Application > Static Routing. Figure 74 Static Routing The following table describes the related labels you use to create a static route.
Page 172 Chapter 29 Static Route Table 60 Static Routing (continued) LABEL DESCRIPTION Metric The metric represents the “cost” of transmission for routing purposes. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks.
Page 173: Rip
H A P T E R 30.1 RIP RIP (Routing Information Protocol) allows a routing device to exchange routing information with other routers. Use this screen to configure RIP on the switch. To open this screen, click IP Application > RIP. You cannot manually configure a new entry. Each entry in the table is automatically created when you configure a new IP domain in the IP Setup screen.
Page 174 Chapter 30 RIP Table 61 RIP (continued) LABEL DESCRIPTION Version Select the RIP version from the drop-down list box. Choices are RIP-1, RIP-2B and RIP- The Version field controls the format and the broadcasting method of the RIP packets that the switch sends (it recognizes both formats when receiving).
Page 175: Ospf
H A P T E R OSPF This chapter describes the OSPF (Open Shortest Path First) routing protocol and shows you how to configure OSPF. 31.1 OSPF Overview OSPF (Open Shortest Path First) is a link-state protocol designed to distribute routing information within an autonomous system (AS).
Page 176: How Ospf Works
Chapter 31 OSPF The following figure depicts an OSPF network example. The backbone is area 0 with a backbone router. The internal routers are in area 1 and 2. The area border routers connect area 1 and 2 to the backbone. Figure 76 OSPF Network Example 31.1.2 How OSPF Works Layer 3 devices exchange routing information to build synchronized link state database within...
Page 177: Configuring Ospf
Chapter 31 OSPF Figure 77 OSPF Router Election Example You can assign a priority to an interface which determines whether this router will be elected to be a DR or BDR. The router with the highest priority becomes the DR, while a router with a priority of 0 does not participate in router elections.
Page 178: Figure 78 Ospf Status
Chapter 31 OSPF Figure 78 OSPF Status The following table describes the labels in this screen. Table 64 OSPF Status LABEL DESCRIPTION OSPF This field displays whether OSPF is activated (Running) or not (Down). Interface The text box displays the OSPF status of the interface(s) on the switch. Neighbor The text box displays the status of the neighboring router participating in the OSPF network.
Page 179: Ospf Configuration
Chapter 31 OSPF Table 65 OSPF Status: Common Output Fields (continued) FIELD DESCRIPTION Backup This field displays the router ID of a backup designated router. Designated Router Time Intervals This field displays the time intervals (in seconds) configured. Configured Neighbor Count This field displays the number of neighbor routers.
Page 180: Figure 79 Ospf Configuration
Chapter 31 OSPF Figure 79 OSPF Configuration The follow table describes the related labels in this screen. Table 66 OSPF Configuration LABEL DESCRIPTION Use this section to activate OSPF and to configure general settings for it. Active OSPF is disabled by default. Select this option to enable it. Router ID Router ID uniquely identifies the switch in an OSPF.
Page 181 Chapter 31 OSPF Table 66 OSPF Configuration (continued) LABEL DESCRIPTION Metric Value Enter a route cost (between 0 and 16777214). Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 182: Ospf Interface
Chapter 31 OSPF Table 66 OSPF Configuration (continued) LABEL DESCRIPTION Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. 31.4 OSPF Interface Use this screen to configure an OSPF interface. See Section 31.1 on page 175 for more information on OSPF.
Page 183 Chapter 31 OSPF Table 67 OSPF Interface (continued) LABEL DESCRIPTION Authentication Note: OSPF Interface(s) must use the same authentication method within the same area. Select an authentication method. Choices are Same-as-Area, None (default), Simple and MD5. To participate in an OSPF network, you must set the authentication method and/or password the same as the associated area.
Page 184: Ospf Virtual-Link
Chapter 31 OSPF 31.5 OSPF Virtual-Link Use this screen to configure and view virtual link settings. See Section 31.1 on page 175 more information on OSPF. To open this screen, click IP Application > OSPF > Configuration > Virtual-Link. Figure 81 OSPF Virtual-Link The following table describes the related labels in this screen.
Page 185 Chapter 31 OSPF Table 68 OSPF Virtual-Link (continued) LABEL DESCRIPTION When you select Simple in the Authentication field, enter a password eight- character long. When you select MD5 in the Authentication field, enter a password 16-character long. Click Add to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 186 Chapter 31 OSPF MS-7206 User’s Guide...
Page 187: Igmp
H A P T E R IGMP 32.1 IGMP IGMP (Internet Group Multicast Protocol) is a session-layer protocol used to establish membership in a multicast group. It is not used to carry user data. See RFC 1112 and RFC 2236 for information on IGMP versions 1 and 2, respectively. To open this screen, click IP Application >...
Page 188 Chapter 32 IGMP Table 69 IGMP (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 189: Dvmrp
H A P T E R DVMRP This chapter introduces DVMRP and tells you how to configure it. 33.1 DVMRP Overview DVMRP (Distance Vector Multicast Routing Protocol) is a protocol used for routing multicast data within an autonomous system (AS). This DVMRP implementation is based on draft-ietf- idmr-dvmrp-v3-10.
Page 190: Dvmrp Terminology
Chapter 33 DVMRP Figure 83 How DVMRP Works 33.2.1 DVMRP Terminology DVMRP probes are used to discover other DVMRP Neighbors on a network. DVMRP reports are used to exchange DVMRP source routing information. These packets are used to build the DVMRP multicast routing table that is used to build source trees and also perform Reverse Path Forwarding (RPF) checks on incoming multicast packets.
Page 191: Dvmrp Configuration Error Messages
Chapter 33 DVMRP The following table describes the labels in this screen. Table 70 DVMRP LABEL DESCRIPTION Active Select this to enable DVMRP on the switch. You should do this if you want the switch to act as a multicast router. Threshold Threshold is the maximum time to live (TTL) value.
Page 192: Default Dvmrp Timer Values
Chapter 33 DVMRP Figure 87 DVMRP: Duplicate VID Error Message 33.4 Default DVMRP Timer Values Chapter 48 on page 269 for default DVMRP timer values. These may be changed using line commands. Please see the commands chapter later in this User's Guide for more information.
Page 193: Differentiated Services
H A P T E R Differentiated Services This chapter shows you how to configure Differentiated Services (DiffServ) on the switch. 34.1 DiffServ Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Page 194: Diffserv
Chapter 34 Differentiated Services Figure 89 DiffServ Network Example Switch A marks traffic flowing into the network based on the configured marking rules. Intermediary network devices 1 and 2 allocate network resources (such as bandwidth) by mapping the DSCP values and the associated policies. 34.2 DiffServ Use this screen to activate DiffServ and to apply marking rules and IEEE 802.1p priority mapping on the selected port(s).
Page 195: Dscp Setting
Chapter 34 Differentiated Services Table 71 Diffserv (continued) LABEL DESCRIPTION Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis.
Page 196: Table 73 Dscp Setting
Chapter 34 Differentiated Services The following table describes the labels in this screen. Table 73 DSCP Setting LABEL DESCRIPTION 0 … 63 This is the DSCP classification identification number. To set the IEEE802.1p priority mapping, select the priority level from the drop-down list box. Apply Click Apply to save your changes to the switch’s run-time memory.
Page 197: Dhcp
H A P T E R DHCP This chapter shows you how to configure the DHCP feature. 35.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the switch as a DHCP server or disable it.
Page 198: Dhcp Relay
Chapter 35 DHCP Figure 92 DHCP Status The following table describes the labels in this screen. Table 74 DHCP Status LABEL DESCRIPTION Index This is the index number. This field displays the ID number of the VLAN group to which this DHCP settings apply.
Page 199: Configuring Dhcp Global Relay
Chapter 35 DHCP Relay Agent Information can include the System Name of the switch if you select this option. You can change the System Name in Basic Settings > General Setup. The following describes the DHCP relay information that the switch sends to the DHCP server: Table 75 Relay Agent Information FIELD LABELS...
Page 200: Global Dhcp Relay Configuration Example
Chapter 35 DHCP Table 76 DHCP Relay (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 201: Configuring Dhcp Vlan Settings
Chapter 35 DHCP Figure 95 DHCP Relay Configuration Example 35.4 Configuring DHCP VLAN Settings Use this screen to configure your DHCP settings based on the VLAN domain of the DHCP clients. Click IP Application > DHCP in the navigation panel, then click the VLAN link In the DHCP Status screen that displays.
Page 202: Figure 96 Dhcp Vlan Setting
Chapter 35 DHCP Figure 96 DHCP VLAN Setting The following table describes the labels in this screen. Table 77 DHCP VLAN Setting LABEL DESCRIPTION Enter the ID number of the VLAN group to which this DHCP settings apply. DHCP Status Select Sever to set the switch to act as a DHCP server.
Page 203: Dhcp Vlan Setting Example
Chapter 35 DHCP Table 77 DHCP VLAN Setting (continued) LABEL DESCRIPTION Primary/ Enter the IP addresses of the DNS servers. The DNS servers are passed to the Secondary DHCP clients along with the IP address and the subnet mask. DNS Server Relay The fields are editable when you select Relay in the DHCP Status field.
Page 204: Figure 98 Dhcp Vlan Setting Example
Chapter 35 DHCP In the DHCP VLAN Setting screen, set the DHCP Status to Server and configure two DHCP client IP address pools for the two networks. The following shows an example. Figure 98 DHCP VLAN Setting Example MS-7206 User’s Guide...
Page 205: Vrrp
H A P T E R VRRP This chapter shows you how to configure and monitor the Virtual Router Redundancy Protocol (VRRP) on the switch. 36.1 VRRP Overview Each host on a network is configured to send packets to a statically configured default gateway (this switch).
Page 206: Vrrp Parameters
Chapter 36 VRRP If switch A (the master router) is unavailable, switch B takes over. Traffic is then processed by switch B. 36.1.1 VRRP Parameters This section describes some VRRP parameters. 36.1.1.1 Advertisement Interval The master router sends out Hello messages to let the other backup routers know that it is still up and running.
Page 207: Vrrp Configuration
Chapter 36 VRRP The following table describes the labels in this screen. Table 78 VRRP Status LABEL DESCRIPTION Index This field displays the index number of a rule. Network This field displays the IP address and the subnet mask bits of an IP routing domain that is associated to a virtual router.
Page 208: Figure 101 Vrrp Configuration
Chapter 36 VRRP Figure 101 VRRP Configuration The following table describes the labels in this screen. Table 79 VRRP Configuration LABEL DESCRIPTION Index This field displays the index number of an entry. Network This field displays the IP address and number of subnet mask bit of an IP domain. Authentication Select None to disable authentication.
Page 209: Vrrp Configuration Examples
Chapter 36 VRRP Table 79 VRRP Configuration (continued) LABEL DESCRIPTION Advertisement Specify the number of seconds between Hello message transmissions. Interval Preempt Mode Select this option to activate preempt mode. Priority Enter a number (between 1 and 254) to set the priority level. The bigger the number, the higher the priority.
Page 210: Figure 102 Vrrp Configuration Example: One Virtual Router Network
Chapter 36 VRRP Figure 102 VRRP Configuration Example: One Virtual Router Network 172.21.1.1 172.21.1.100 172.21.1.10 You want to set switch A as the master router. Configure the VRRP parameters in the VRRP Configuration screens on the switches as shown in the figures below. Figure 103 VRRP Example 1: VRRP Parameter Settings on Switch A Figure 104 VRRP Example 1: VRRP Parameter Settings on Switch B MS-7206 User’s Guide...
Page 211: Two Subnets Example
Chapter 36 VRRP After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next. Figure 105 VRRP Example 1: VRRP Status on Switch A Figure 106 VRRP Example 1: VRRP Status on Switch B 36.3.2 Two Subnets Example The following figure depicts an example in which two switches share the network traffic.
Page 212: Figure 108 Vrrp Example 2: Vrrp Parameter Settings For Vr2 On Switch A
Chapter 36 VRRP Figure 108 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch A Figure 109 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch B After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next.
Page 213: Manage
Manage Maintenance (215) Access Control (223) Diagnostic (241) Syslog (243) Cluster Management (247) MAC Table (253) IP Table (255) ARP Table (257) Routing Table (259) Configure Clone (261)
Page 215: Maintenance
H A P T E R Maintenance This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 37.1 Maintenance Use this screen to manage firmware and the configuration. To open this screen, click Management >...
Page 216: Firmware Upgrade
Chapter 37 Maintenance Table 80 Maintenance (continued) LABEL DESCRIPTION Save Click Config 1 to save the current configuration settings permanently to Configuration Configuration 1 on the switch. Click Config 2 to save the current configuration settings permanently to Configuration 2 on the switch. Alternatively, click Save on the top right-hand corner in any screen to save the configuration changes to the current configuration.
Page 217: Figure 113 Firmware Upgrade
Chapter 37 Maintenance Figure 113 Firmware Upgrade The following table describes the labels in this screen. Table 81 Firmware Upgrade LABEL DESCRIPTION Maintenance Click this to return to the previous screen. Slot This field displays the slot number. Name This is the model name of the card in the slot. It is blank if there is no card in the slot. Status This field displays the status of the card in the slot.
Page 218: Restore Configuration
Chapter 37 Maintenance 37.1.2 Restore Configuration Use this screen to restore a previously saved configuration from your computer to the switch. To open this screen, click Management > Maintenance > Restore Configuration. Figure 114 Restore Configuration Type the path and file name of the configuration file you wish to restore in the File Path text box or click Browse to locate it.
Page 219: Filename Conventions
*.bin This is the ZyNOS firmware for the interface module in slot 6. fw-MI-7248 *.bin This is the ZyNOS firmware on any MI-7248 interface modules in the switch. This is overridden by ZyNOS firmware for a specific slot. fw-MI-7248PWR *.bin...
Page 220: Ftp Command Line Procedure
Chapter 37 Maintenance 37.2.1.1 Example FTP Commands ftp> put firmware.bin ras This is a sample FTP session showing the transfer of the computer file "firmware.bin" to the switch. ftp> get config config.cfg This is a sample FTP session saving the current configuration to a file called “config.cfg” on your computer.
Page 221: Ftp Restrictions
Chapter 37 Maintenance Table 83 General Commands for GUI-based FTP Clients (continued) COMMAND DESCRIPTION Transfer Type Transfer files in either plain text format (ASCII) or in binary mode. Configuration and firmware files should be transferred in binary mode. Initial Remote Specify the default remote directory (path).
Page 222 Chapter 37 Maintenance MS-7206 User’s Guide...
Page 223: Access Control
H A P T E R Access Control This chapter describes how to control access to the switch. 38.1 Access Control Use this screen to control access to the switch. A console port access control session and Telnet access control session cannot coexist when multi-login is disabled. See the CLI Reference Guide for more information on disabling multi-login.
Page 224: Snmp V3 And Security
Chapter 38 Access Control Figure 117 SNMP Management Model A SNMP managed network consists of two main components: agents and a manager. An agent is a management software module that resides in a managed switch (the switch). An agent translates the local management information from the managed switch into a form compatible with SNMP.
Page 225: Supported Mibs
Chapter 38 Access Control 38.2.2 Supported MIBs MIBs let administrators collect statistics and monitor status and performance. The switch supports the following MIBs: • SNMP MIB II (RFC 1213) • RFC 1157 SNMP v1 • RFC 1493 Bridge MIBs • RFC 1643 Ethernet MIBs •...
Page 226: Table 86 Snmp Interface Traps
Chapter 38 Access Control Table 85 SNMP System Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION reset UncontrolledResetEventOn 1.3.6.1.4.1.890.1.5.8.34.27.2.1 This trap is sent when the MM-7201 automatically resets. ControlledResetEventOn 1.3.6.1.4.1.890.1.5.8.34.27.2.1 This trap is sent when the MM-7201 resets by an administrator through a management interface.
Page 227: Table 87 Aaa Traps
Chapter 38 Access Control Table 87 AAA Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION authentication authenticationFailure 1.3.6.1.6.3.1.1.5.5 This trap is sent when authentication fails due to incorrect user name and/or password. AuthenticationFailureEventO 1.3.6.1.4.1.890.1.5.8.34.27.2.1 This trap is sent when authentication fails due to incorrect user name and/or password.
Page 228: Snmp
Chapter 38 Access Control Table 89 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION STPNewRoot 1.3.6.1.2.1.17.0.1 This trap is sent when the STP root switch changes. MRSTPNewRoot 1.3.6.1.4.1.890.1.5.8.34.36.2.1 This trap is sent when the MRSTP root switch changes. MSTPNewRoot 1.3.6.1.4.1.890.1.5.8.34.107.70.1 This trap is sent when the MSTP root switch changes.
Page 229: Figure 118 Snmp
Chapter 38 Access Control Figure 118 SNMP The following table describes the labels in this screen. Table 90 SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) values. Version Select the SNMP version for the switch. The SNMP version on the MM-7201 must match the version on the SNMP manager.
Page 230: Configuring Snmp Trap Group
Chapter 38 Access Control Table 90 SNMP (continued) LABEL DESCRIPTION Port Enter the port number upon which the manager listens for SNMP traps. Username Enter the username to be sent to the SNMP manager along with the SNMP v3 trap. Note: This username must match an existing account on the switch (configured in Management >...
Page 231: Logins
Chapter 38 Access Control Figure 119 SNMP Trap Group The following table describes the labels in this screen. Table 91 SNMP Trap Group LABEL DESCRIPTION Trap Destination Select one of your configured trap destination IP addresses. These are the IP addresses of the SNMP managers.
Page 232: Figure 120 Logins
Chapter 38 Access Control • A non-administrator (username is something other than admin) is someone who can view but not configure switch settings. Use this screen to change the administrator password and to manage non-administrator accounts. To open this screen, click Management > Access Control > Logins. Figure 120 Logins The following table describes the labels in this screen.
Page 233: Ssh Overview
Chapter 38 Access Control 38.4 SSH Overview Unlike Telnet or FTP, which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network. Figure 121 SSH Communication Example 38.4.1 How SSH works The following table summarizes how a secure connection is established between two remote...
Page 234: Ssh Implementation On The Switch
Chapter 38 Access Control Once the identification is verified, both the client and server must agree on the type of encryption method to use. 3 Authentication and Data Transmission After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server.
Page 235: Https Example
Chapter 38 Access Control Figure 123 HTTPS Implementation If you disable HTTP in the Service Access Control screen, then the switch blocks all HTTP connection attempts. 38.5.1 HTTPS Example If you haven’t changed the default HTTPS port on the switch, then in your browser enter “https://switch IP Address/”...
Page 236: Figure 125 Security Certificate 1 (Netscape)
Chapter 38 Access Control 38.5.1.2 Netscape Navigator Warning Messages When you attempt to access the switch HTTPS server, a Website Certified by an Unknown Authority screen pops up asking if you trust the server certificate. Click Examine Certificate if you want to verify that the certificate is from the switch. If Accept this certificate temporarily for this session is selected, then click OK to continue in Netscape.
Page 237: Service Access Control
Chapter 38 Access Control Figure 127 Example: Lock Denoting a Secure Connection 38.6 Service Access Control Use this screen to decide what services can be used to access the switch. You may also change the default service port. To open this screen, click Management > Access Control > Service Access Control.
Page 238: Remote Management
Chapter 38 Access Control The following table describes the fields in this screen. Table 93 Service Access Control LABEL DESCRIPTION Services Services you may use to access the switch are listed here. Active Select this option for the corresponding services that you want to allow to access the switch.
Page 239 Chapter 38 Access Control Table 94 Remote Management (continued) LABEL DESCRIPTION Telnet/FTP/ Select services that may be used for managing the switch from the specified trusted HTTP/ICMP/ computers. SNMP/SSH/ HTTPS Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 240 Chapter 38 Access Control MS-7206 User’s Guide...
Page 241: Diagnostic
H A P T E R Diagnostic This chapter explains the Diagnostic screen. 39.1 Diagnostic Use this screen to check system logs, ping IP addresses or perform port tests. To open this screen, click Management > Diagnostic. Figure 130 Diagnostic The following table describes the labels in this screen.
Page 242 Chapter 39 Diagnostic MS-7206 User’s Guide...
Page 243: Syslog
H A P T E R Syslog This chapter explains the syslog screens. 40.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server.
Page 244: Syslog Server Setup
Chapter 40 Syslog Figure 131 Syslog Setup The following table describes the labels in this screen. Table 97 Syslog Setup LABEL DESCRIPTION Syslog Select Active to turn on syslog (system logging) and then configure the syslog setting Logging Type This column displays the names of the categories of logs that the system can generate.
Page 245: Figure 132 Syslog Server Setup
Chapter 40 Syslog Figure 132 Syslog Server Setup The following table describes the labels in this screen. Table 98 Syslog Server Setup LABEL DESCRIPTION Active Select this check box to have the system send logs to this syslog server. Clear the check box if you want to create a syslog server entry but not have the system send logs to it (you can edit the entry later).
Page 246 Chapter 40 Syslog MS-7206 User’s Guide...
Page 247: Cluster Management
H A P T E R Cluster Management This chapter introduces cluster management. 41.1 Cluster Management Status Overview Cluster Management allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
Page 248: Clustering Management Status
Chapter 41 Cluster Management 41.2 Clustering Management Status Use this screen to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
Page 249: Cluster Member Switch Management
Chapter 41 Cluster Management 41.2.1 Cluster Member Switch Management Use this screen to open the web configurator of a cluster member. The web configurator that you access through cluster management and the web configurator you access using regular HTTP/HTTPS are different. To open this screen, click Management > Cluster Management, and click the index number of the cluster member.
Page 250: Clustering Management Configuration
Chapter 41 Cluster Management Figure 136 Example: Uploading Firmware to a Cluster Member Switch C:\>ftp 192.168.1.1 Connected to 192.168.1.1. 220 MM-7201 FTP version 1.0 ready at Thu Jan 1 00:58:46 1970 User (192.168.0.1:(none)): admin 331 Enter PASS command Password: 230 Logged in ftp>...
Page 251: Figure 137 Clustering Management Configuration
Chapter 41 Cluster Management Figure 137 Clustering Management Configuration The following table describes the labels in this screen. Table 102 Clustering Management Configuration LABEL DESCRIPTION Clustering Manager Active Select Active to have this switch become the cluster manager switch. A cluster can only have one manager.
Page 252 Chapter 41 Cluster Management Table 102 Clustering Management Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 253: Mac Table
H A P T E R MAC Table This chapter introduces the MAC table in the switch and then explains the MAC table screen. 42.1 MAC Table Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the switch’s ports.
Page 254: Mac Table
Chapter 42 MAC Table 42.2 MAC Table Use this screen to look at the MAC table in the switch. To open this screen, click Management > MAC Table. Figure 139 MAC Table The following table describes the labels in this screen. Table 103 MAC Table LABEL DESCRIPTION...
Page 255: Ip Table
H A P T E R IP Table This chapter introduces the IP table in the switch and then explains the IP table screen. 43.1 IP Table Overview The IP Table screen shows how packets are forwarded or filtered across the switch’s ports. It shows what device IP address, belonging to what VLAN group (if any) is forwarded to which port(s) and whether the IP address is dynamic (learned by the switch) or static (belonging to the switch).
Page 256: Ip Table
Chapter 43 IP Table 43.2 IP Table Use this screen to look at the IP table in the switch. To open this screen, click Management > IP Table. Figure 141 IP Table The following table describes the labels in this screen. Table 104 IP Table LABEL DESCRIPTION...
Page 257: Arp Table
H A P T E R ARP Table This chapter introduces the ARP table in the switch and then explains the ARP table screen. 44.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
Page 258: Figure 142 Arp Table
Chapter 44 ARP Table Figure 142 ARP Table The following table describes the labels in this screen. Table 105 ARP Table LABEL DESCRIPTION Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below.
Page 259: Routing Table
H A P T E R Routing Table This chapter introduces the routing table. 45.1 Routing Table Status Use this screen to view routing table information. The routing table contains the route information to the network(s) that the switch can reach. The switch automatically updates the routing table with the RIP/OSPF information received from other Ethernet devices.
Page 260 Chapter 45 Routing Table MS-7206 User’s Guide...
Page 261: Configure Clone
H A P T E R Configure Clone This chapter shows you how to copy settings from one port or card to other ports or cards. 46.1 Configure Clone Use this screen to copy basic or advanced settings from a source port or source card to one or more destination ports or cards.
Page 262: Table 107 Configure Clone
Chapter 46 Configure Clone The following table describes the labels in this screen. Table 107 Configure Clone LABEL DESCRIPTION Source/ You can copy attributes from one port to one or more ports (first radio button) or from Destination one card to one or more cards (second radio button). Select the appropriate radio button.
Page 263: Troubleshooting And Product Specifications
Troubleshooting and Product Specifications Troubleshooting (265) Product Specifications (269)
Page 265: Troubleshooting
H A P T E R Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • MM-7201 Access and Login 47.1 Power, Hardware Connections, and LEDs The MM-7201 does not turn on.
Page 266: Mm-7201 Access And Login
Chapter 47 Troubleshooting 47.2 MM-7201 Access and Login I forgot the IP address for the MM-7201. 1 The default IP address is 192.168.0.1. 2 Use the console port to log in to the MM-7201. I forgot the password. 1 The default password is 1234. 2 If this does not work, you have to reset the device to its factory defaults.
Page 267 Chapter 47 Troubleshooting I can see the Login screen, but I cannot log in to the MM-7201. 1 Make sure you have entered the user name and password correctly. These fields are case- sensitive, so make sure [Caps Lock] is not on. 2 You cannot log in to the web configurator while someone is using the console port to access the MM-7201.
Page 268 Chapter 47 Troubleshooting MS-7206 User’s Guide...
Page 269: Product Specifications
H A P T E R Product Specifications The following tables summarize the MM-7201’s hardware and firmware features. Table 108 Hardware Specifications HARDWARE SPECIFICATION Dimensions (L x W x H) 276 x 396.6 x 42.5 mm Device Weight 1.7 kg Power Specification Dual AC power supply (100-240 V, 50-60 Hz) into 24 VDC Dual 48 V DC power supply (36-72 V) into 24 VDC...
Page 270: Table 109 Feature Descriptions
Chapter 48 Product Specifications Table 109 Feature Descriptions FEATURE DESCRIPTION IP Routing Domain An IP interface (also known as an IP routing domain) is not bound to a physical port. Configure an IP routing domain to allow the switch to route traffic between different networks.
Page 271: Table 110 General Specifications
Chapter 48 Product Specifications Table 109 Feature Descriptions (continued) FEATURE DESCRIPTION OSPF OSPF (Open Shortest Path First) is a link-state protocol designed to distribute routing information within an autonomous system (AS). An autonomous system is a collection of networks using a common routing protocol to exchange routing information.
Page 272 Chapter 48 Product Specifications Table 110 General Specifications (continued) CHARACTERISTIC SPECIFICATION Bridging 16K MAC addresses Static MAC address filtering by source/destination Broadcast storm control Static MAC address forwarding Switching Max. Frame size: 1522 bytes Forwarding frame: IEEE 802.3, IEEE 802.1q, Ethernet II, PPPoE Prevent the forwarding of corrupted packets IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) Multiple Rapid Spanning Tree capability (4 configurable trees)
Page 273: Table 111 Management Specifications
Chapter 48 Product Specifications Table 111 Management Specifications FEATURE SPECIFICATION System Control Alarm/Status surveillance LED indication for alarm and system status Performance monitoring Line speed Four RMON groups (history, statistics, alarms, and events) Throughput monitoring Port mirroring and aggregation Spanning Tree Protocol IGMP snooping Firmware upgrade and download through FTP/TFTP DHCP server/relay...
Page 274 Chapter 48 Product Specifications Table 112 Supported Standards (continued) STANDARD DESCRIPTION RFC 1155 Simple Network Management Protocol (SNMP) RFC 1157 RFC 1213 RFC 1493 RFC 1643 RFC 1757 RFC 2011 RFC 2012 RFC 2013 RFC 2674 RFC 2131 Dynamic Host Configuration Protocol (DHCP) RFC 2132 RFC 3046 RFC 2138...
Page 275: Figure 145 Console/Dial Backup Port Pin Layout
Chapter 48 Product Specifications Figure 145 Console/Dial Backup Port Pin Layout Table 113 Console Port Pin Assignments ASSIGNMENT DCE-TXD DCE –RXD DCE –DSR DCE –DTR DCE –CTS DCE –RTS Table 114 Ethernet Cable Pin Assignments ETHERNET CABLE PIN LAYOUT Straight-through Crossover (Switch) (Adapter) (Switch)
Page 276 Chapter 48 Product Specifications MS-7206 User’s Guide...
Page 277: Appendices And Index
VIII Appendices and Index IP Addresses and Subnetting (279) Pop-up Windows, JavaScripts and Java Permissions (287) Legal Information (293) Customer Support (297) Index (303)
Page 279: Appendix A Ip Addresses And Subnetting
P P E N D I X IP Addresses and Subnetting This appendix introduces IP addresses, IP address classes and subnet masks. You use subnet masks to subdivide a network into smaller logical networks. Introduction to IP Addresses An IP address has two parts: the network number and the host ID. Routers use the network number to send packets to the correct network, while the host ID identifies a single device on the network.
Page 280: Table 116 Allowed Ip Address Range By Class
Appendix A IP Addresses and Subnetting Table 115 Classes of IP Addresses (continued) IP ADDRESS OCTET 1 OCTET 2 OCTET 3 OCTET 4 Class B Network number Network number Host ID Host ID Class C Network number Network number Network number Host ID An IP address with host IDs of all zeros is the IP address of the network (192.168.1.0 for example).
Page 281: Table 117 "Natural" Masks
Appendix A IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The “natural” masks for class A, B and C IP addresses are as follows. Table 117 “Natural” Masks CLASS NATURAL MASK 255.0.0.0 255.255.0.0 255.255.255.0 Subnetting...
Page 282: Table 119 Two Subnets Example
Appendix A IP Addresses and Subnetting Example: Two Subnets As an example, you have a class “C” address 192.168.1.0 with subnet mask of 255.255.255.0. Table 119 Two Subnets Example IP/SUBNET MASK NETWORK NUMBER HOST ID IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001.
Page 283: Table 122 Subnet 1
Appendix A IP Addresses and Subnetting Table 121 Subnet 2 (continued) IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE Subnet Address: Lowest Host ID: 192.168.1.129 192.168.1.128 Broadcast Address: Highest Host ID: 192.168.1.254 192.168.1.255 Host IDs of all zeros represent the subnet itself and host IDs of all ones are the broadcast address for that subnet, so the actual number of hosts available on each subnet in the example above is 2 –...
Page 284: Table 124 Subnet 3
Appendix A IP Addresses and Subnetting Table 124 Subnet 3 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 10000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.129 192.168.1.128 Broadcast Address: Highest Host ID: 192.168.1.190 192.168.1.191 Table 125 Subnet 4...
Page 285: Table 128 Class B Subnet Planning
Appendix A IP Addresses and Subnetting Table 127 Class C Subnet Planning (continued) NO. “BORROWED” HOST NO. HOSTS PER SUBNET MASK NO. SUBNETS BITS SUBNET 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) Subnetting With Class A and Class B Networks. For class “A”...
Page 286 Appendix A IP Addresses and Subnetting MS-7206 User’s Guide...
Page 287: Appendix B Pop-Up Windows, Javascripts And Java Permissions
P P E N D I X Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Internet Explorer 6 screens are used here.
Page 288: Figure 147 Internet Options
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 147 Internet Options 3 Click Apply to save this setting. 48.0.0.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps.
Page 289: Figure 148 Internet Options
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 148 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 149 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen.
Page 290: Figure 150 Internet Options
Appendix B Pop-up Windows, JavaScripts and Java Permissions 6 Click Apply to save this setting. 48.0.0.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 150 Internet Options 2 Click the Custom Level...
Page 291: Figure 151 Security Settings - Java Scripting
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 151 Security Settings - Java Scripting 48.0.0.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Page 292: Figure 153 Java (Sun)
Appendix B Pop-up Windows, JavaScripts and Java Permissions 48.0.0.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Figure 153 Java (Sun) MS-7206 User’s Guide...
Page 294 Appendix C Legal Information FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This device generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.
Page 295 Appendix C Legal Information Note Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser.
Page 296 Appendix C Legal Information MS-7206 User’s Guide...
Page 297: Appendix D Customer Support
• Sales E-mail: sales@zyxel.com.tw • Telephone: +886-3-578-3942 • Fax: +886-3-578-2439 • Web: www.zyxel.com • Regular Mail: ZyXEL Communications Corp., 6 Innovation Road II, Science Park, Hsinchu 300, Taiwan China - ZyXEL Communications (Beijing) Corp. • Support E-mail: cso.zycn@zyxel.cn • Sales E-mail: sales@zyxel.cn •...
Page 298 Czech Republic • E-mail: info@cz.zyxel.com • Telephone: +420-241-091-350 • Fax: +420-241-091-359 • Web: www.zyxel.cz • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 - Modrany, Ceská Republika Denmark • Support E-mail: support@zyxel.dk • Sales E-mail: sales@zyxel.dk •...
Page 299 Appendix D Customer Support Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • Telephone: +49-2405-6909-69 • Fax: +49-2405-6909-99 • Web: www.zyxel.de • Regular Mail: ZyXEL Deutschland GmbH., Adenauerstr. 20/A2 D-52146, Wuerselen, Germany Hungary • Support E-mail: support@zyxel.hu • Sales E-mail: info@zyxel.hu •...
Page 300 • Support Telephone: +1-800-978-7222 • Sales E-mail: sales@zyxel.com • Sales Telephone: +1-714-632-0882 • Fax: +1-714-632-0858 • Web: www.zyxel.com • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no •...
Page 301 • Support E-mail: support@zyxel.es • Sales E-mail: sales@zyxel.es • Telephone: +34-902-195-420 • Fax: +34-913-005-345 • Web: www.zyxel.es • Regular Mail: ZyXEL Communications, Arte, 21 5ª planta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • Telephone: +46-31-744-7700 •...
Page 302 • Sales E-mail: sales@zyxel.co.uk • Telephone: +44-1344-303044, 0845 122 0301 (UK only) • Fax: +44-1344-303034 • Web: www.zyxel.co.uk • Regular Mail: ZyXEL Communications UK Ltd., 11 The Courtyard, Eastern Road, Bracknell, Berkshire RG12 2XB, United Kingdom (UK) MS-7206 User’s Guide...
Page 303: Index
Index Index Numerics 802.1P priority back up, configuration file Backbone Router, see BR backbone, routing Backup Designated Router, see BDR basic settings and OSPF BPDU access control login account Bridge Protocol Data Unit, see BPDU remote management service port SNMP accounting setup Address Resolution Protocol, see ARP...
Page 304 Index configuration file DVMRP backup Autonomous System restore 51, 218 default timer setting saving error message graft configuration, saving how it works contact information implementation copying port settings, See port cloning probe copyright prune report setup current date terminology current time threshold customer support Dynamic Host Configuration Protocol, see DHCP...
Page 305 Index IP table how it works GARP GARP terminology GARP timer 72, 84 general setup Generic Attribute Registration Protocol, see GARP getting help LACP GMT (Greenwich Mean Time) system priority GVRP 84, 90 timeout and port assignment LEDs GVRP (GARP VLAN Registration Protocol) limit MAC address learning Link Aggregate Control Protocol, see LACP link aggregation...
Page 306 Index managing the device backbone good habits configuration steps using FTP. See FTP. general settings using HTTP/HTTPS. See web configurator. how it works using SNMP. See SNMP. interface 176, 178, 182 using Telnet. See command interface. link state database 176, 178 using the command interface.
Page 307 Index port VLAN trunking service trusted computers ports diagnostics resetting 51, 215 mirroring to factory default settings speed/duplex restoring configuration 51, 218 standby Reverse Path Forwarding, see RPF power Reverse Path Multicasting , see RPM voltage RFC 3164 power status RFC 3580 priority frame priority level...
Page 308 Index setup server setup supported 225, 226, 228 settings setup Spanning Tree Protocol (STP) severity levels SPQ (Strict Priority Queuing) system information 63, 65 system log encryption methods how it works implementation SSH (Secure Shell) SSL (Secure Socket Layer) standby ports static MAC address TACACS+ 159, 160...
Page 309 Index Virtual Router getting help status home login Virtual Router (VR) logout Virtual Router Redundancy Protocol (VRRP) navigation panel VLAN weight, queuing acceptable frame type Weighted Fair Queuing automatic registration Weighted Round Robin Scheduling (WRR) IGMP snooping WFQ (Weighted Fair Queuing) ingress filtering WRR (Weighted Round Robin Scheduling) introduction...
Page 310 Index MS-7206 User’s Guide...

This manual is also suitable for:

Mp-7201 Mi-7248pwr Mi-7248tf Ms-7206

ZyXEL Communications MI-7248 User Manual

About this User's Guide

Document Conventions

Safety Warnings

Contents Overview

Table of Contents

List of Figures

List of Tables

Introduction

PART I Introduction

Chapter 1 Introducing the MM-7201

Hardware

Part II: Hardware

Chapter 2 Front Panel

Chapter 3 Installing Cards

Basic

Part III: Basic

Chapter 4 The Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Statistics

Chapter 7 System Info

Chapter 8 General Setup

Chapter 9 Switch Setup

Chapter 10 IP Setup

Chapter 11 Slot Setup

Chapter 12 Port Setup

Part IV: Advanced

Advanced

Chapter 13 VLAN

Chapter 14 Static MAC Forward Setup

Chapter 15 Filtering

Chapter 16 Spanning Tree Protocol

Chapter 17 Bandwidth Control

Chapter 18

Broadcast Storm Control

Chapter 19 Mirroring

Chapter 20 Link Aggregation

Chapter 21 Port Authentication

Chapter 22 Port Security

Chapter 23 Classifier

Chapter 24 Policy Rule

Chapter 25 Queuing Method

Chapter 26 VLAN Stacking

Chapter 27 Multicast

Chapter 28 Authentication and Accounting

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications MI-7248

Summary of Contents for ZyXEL Communications MI-7248