Download Print this page

ZyXEL Communications VES1724-56 User Manual

ZyXEL Communications VES1724-56 User Manual

24-port temperature-hardened vdsl2 box dslam

Hide thumbs Also See for VES1724-56:

User manual (400 pages)

,

User manual (477 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

VES1724-56

24-port Temperature-Hardened VDSL2 Box DSLAM

Version 3.80

Edition 1, 9/2013

Quick Start Guide

User's Guide

Default Login Details

LAN IP Address

User Name

Password

www.zyxel.com

http://192.168.1.1

admin

1234

Copyright © 2013 ZyXEL Communications Corporation

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the VES1724-56 and is the answer not in the manual?

Questions and answers

Summary of Contents for ZyXEL Communications VES1724-56

Page 1 VES1724-56 24-port Temperature-Hardened VDSL2 Box DSLAM Version 3.80 Edition 1, 9/2013 Quick Start Guide User’s Guide Default Login Details LAN IP Address http://192.168.1.1 User Name admin Password 1234 www.zyxel.com Copyright © 2013 ZyXEL Communications Corporation...
Page 2 Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • Support Disc Refer to the included CD for support documents. VES1724-56 User’s Guide...
Page 3: Table Of Contents
Multicast ...........................217 Authentication and Accounting ....................236 IP Source Guard ........................249 Loop Guard ..........................270 CFM ............................274 VLAN Mapping .........................278 Layer 2 Protocol Tunneling ......................282 DoS Prevention ........................286 PPPoE IA ..........................288 Static Route ..........................301 Differentiated Services ......................304 DHCP ............................311 VES1724-56 User’s Guide...
Page 4 Contents Overview Maintenance ..........................327 Access Control .........................334 Diagnostic ..........................356 Syslog ............................358 Loop Diagnostic ........................361 MAC Table ..........................365 ARP Table ..........................367 Hardware Information .......................369 CFM Action ..........................370 IPv6 Cache ..........................372 Troubleshooting ........................377 Product Specifications ......................381 VES1724-56 User’s Guide...
Page 5: Table Of Contents
3.1 Front Panel ..........................26 3.1.1 Power Connector ......................26 3.1.2 Gigabit Ethernet Ports ....................27 3.1.3 Mini-GBIC Slots ......................28 3.1.4 Management Port .......................29 3.1.5 Console Port .......................30 3.1.6 ALARM Slot ........................30 3.2 LEDs ...........................31 Chapter 4 The Web Configurator ......................33 VES1724-56 User’s Guide...
Page 6 7.1 Overview ..........................53 7.2 Port Status Summary ......................53 7.2.1 VDSL Port Status Change ..................54 7.2.2 VDSL Port Details .......................55 7.2.3 Bonding Group Details ....................65 7.2.4 VDSL Summary ......................66 7.2.5 Port Details .........................67 Chapter 8 Basic Setting .......................... 70 VES1724-56 User’s Guide...
Page 7 9.3.3 VDSL Line Profile Setup > MIB PSD Mask .............. 111 9.3.4 VDSL Line Profile Setup > DPBO ................112 9.3.5 VDSL Line Profile Setup > RFI Band ................ 113 9.3.6 VDSL Line Profile Setup > Virtual Noise ..............115 9.3.7 VDSL Channel Profile Setup ..................116 VES1724-56 User’s Guide...
Page 8 10.13 VLAN Counter ........................150 Chapter 11 Static MAC Forward Setup....................152 11.1 Overview ..........................152 11.2 Configuring Static MAC Forwarding ................152 Chapter 12 Static Multicast Forward Setup ................... 154 12.1 Static Multicast Forwarding Overview ................154 12.2 Configuring Static Multicast Forwarding ................155 VES1724-56 User’s Guide...
Page 9 17.3 Link Aggregation Status ....................181 17.4 Link Aggregation Setting ....................182 17.5 Link Aggregation Control Protocol ................183 17.6 Static Trunking Example ....................184 Chapter 18 Port Authentication ......................186 18.1 Port Authentication Overview ..................186 18.1.1 IEEE 802.1x Authentication ..................186 VES1724-56 User’s Guide...
Page 10 VLAN Stacking ........................208 23.1 VLAN Stacking Overview ....................208 23.1.1 VLAN Stacking Example ..................208 23.2 VLAN Stacking Port Roles ....................209 23.3 VLAN Tag Format ......................210 23.3.1 Frame Format ......................210 23.4 Configuring VLAN Stacking ....................211 23.4.1 Port-based Q-in-Q ....................212 VES1724-56 User’s Guide...
Page 11 25.2.4 Vendor Specific Attribute ..................244 25.3 Supported RADIUS Attributes ..................245 25.3.1 Attributes Used for Authentication ................245 25.3.2 Attributes Used for Accounting ................246 Chapter 26 IP Source Guard........................249 26.1 IP Source Guard Overview ....................249 26.1.1 DHCP Snooping Overview ..................249 VES1724-56 User’s Guide...
Page 12 30.1 Layer 2 Protocol Tunneling Overview ................282 30.1.1 Layer 2 Protocol Tunneling Mode ................283 30.2 Configuring Layer 2 Protocol Tunneling ................284 Chapter 31 DoS Prevention ........................286 31.1 DoS Prevention Overview ....................286 31.2 Configuring DoS Prevention .....................286 VES1724-56 User’s Guide...
Page 13 35.1.1 DHCP Modes ......................311 35.1.2 DHCP Configuration Options .................. 311 35.2 DHCP Status ........................311 35.3 DHCP Port Tel ........................312 35.4 DHCP Relay ........................313 35.4.1 DHCP Relay Agent Information ................313 35.4.2 DHCP Relay Agent Information Format ..............313 VES1724-56 User’s Guide...
Page 14 37.4 SSH Overview ........................346 37.5 How SSH works .......................346 37.6 SSH Implementation on the Switch ..................347 37.6.1 Requirements for Using SSH ..................347 37.7 Introduction to HTTPS ......................347 37.8 HTTPS Example ......................348 37.8.1 Internet Explorer Warning Messages ..............348 VES1724-56 User’s Guide...
Page 15 42.1.1 How ARP Works .....................367 42.2 Viewing the ARP Table .....................367 Chapter 43 Hardware Information......................369 43.1 Hardware Information .......................369 Chapter 44 CFM Action..........................370 44.1 CFM Action ........................370 Chapter 45 IPv6 Cache..........................372 45.1 Overview ..........................372 45.2 Neighbor Cache .......................373 VES1724-56 User’s Guide...
Page 16 46.1 Power, Hardware Connections, and LEDs ...............377 46.2 Switch Access and Login ....................378 46.3 Switch Configuration ......................380 Chapter 47 Product Specifications ......................381 Appendix A Common Services .................... 397 Appendix B Legal Information....................401 Index ............................403 VES1724-56 User’s Guide...
Page 17: User's Guide
User’s Guide...
Page 19: Getting To Know Your Switch
1.2.1 MTU Application The following diagram depicts a typical application of the switch with the VDSL modems, in a large residential building, or multiple tenant unit (MTU), that leverages existing phone line wiring to VES1724-56 User’s Guide...
Page 20: Curbside Application
1.2.2 Curbside Application The switch can also be used by an Internet Service Provider (ISP) in a street cabinet to form a “mini POP (Point-of-Presence)” to provide broadband services to residential areas that are too far away VES1724-56 User’s Guide...
Page 21: Ways To Manage The Switch
Switch to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Switch. You could simply restore your last configuration. VES1724-56 User’s Guide...
Page 22 Chapter 1 Getting to Know Your Switch VES1724-56 User’s Guide...
Page 23: Hardware Installation And Connection
Remove the adhesive backing from the rubber feet. Attach the rubber feet to each corner on the bottom of the Switch. These rubber feet help protect the Switch from shock or vibration and ensure space between devices when stacking. Figure 3 Attaching Rubber Feet VES1724-56 User’s Guide...
Page 24: Mounting The Switch On A Rack
Using a #2 Philips screwdriver, install the M3 flat head screws through the mounting bracket holes into the Switch. Repeat steps to install the second mounting bracket on the other side of the Switch. You may now mount the Switch on a rack. Proceed to the next section. VES1724-56 User’s Guide...
Page 25: Mounting The Switch On A Rack
Connect the frame ground on the front panel using an M4 x 6mm machine screw with 2 suitable lock washers to a building’s protective earthing terminals. Use a 18 AWG or larger green-and-yellow frame ground wire. Connect the frame ground before you connect any other cables or wiring. Figure 6 Frame Ground Frame Ground VES1724-56 User’s Guide...
Page 26: Hardware Overview
This port is for alarm. MGMT Connect to a computer using an RJ-45 Ethernet cable for local configuration of the Switch. 3.1.1 Power Connector Note: Make sure you are using the correct power source as shown on the panel. VES1724-56 User’s Guide...
Page 27: Gigabit Ethernet Ports
Ethernet port are the same in order to connect. 3.1.2.1 Default Ethernet Negotiation Settings The factory default negotiation settings for the Gigabit ports on the Switch are: • Speed: Auto • Duplex: Auto • Flow control: Off • Link Aggregation: Disabled VES1724-56 User’s Guide...
Page 28: Mini-Gbic Slots
Insert the transceiver into the slot with the exposed section of PCB board facing down. Press the transceiver firmly until it clicks into place. The Switch automatically detects the installed transceiver. Check the LEDs to verify that it is functioning properly. Close the transceiver’s latch (latch styles vary). VES1724-56 User’s Guide...
Page 29: Management Port
Figure 12 Transceiver Removal Example 3.1.4 Management Port The MGMT (management) port is used for local management. Connect directly to this port using an Ethernet cable. You can configure the Switch via Telnet or the Web Configurator. VES1724-56 User’s Guide...
Page 30: Console Port
An open circuit for pins 4 and 8 indicates no alarm status. A closed circuit indicates an alarm status. Pin 5 and Pin 9 An open circuit for pins 5 and 9 indicates no alarm status. A closed circuit indicates an alarm status. VES1724-56 User’s Guide...
Page 31: Leds
The Gigabit port is negotiating in half-duplex mode. MGMT Green Blinking The system is transmitting/receiving to/from an Ethernet device. The port is connected at 10 Mbps. The port is not connected at 10 Mbps or to an Ethernet device. VES1724-56 User’s Guide...
Page 32 Table 3 LED Descriptions (continued) COLOR STATUS DESCRIPTION Amber Blinking The system is transmitting/receiving to/from an Ethernet device. The port is connected at 100 Mbps. The port is not connected at 100 Mbps or to an Ethernet device. VES1724-56 User’s Guide...
Page 33: The Web Configurator
Type "http://" and the IP address of the Switch (for example, the default management IP address is 192.168.0.1 through the MGMT port) in the Location or Address field. Press [ENTER]. The login screen appears. The default username is admin and associated default password is 1234. VES1724-56 User’s Guide...
Page 34: The Port Status Screen
MGMT) port. The default in-band management IP address is 192.168.1.1. Figure 14 Web Configurator: Login Click OK to view the first Web Configurator screen. 4.3 The Port Status Screen The Port Status screen is the first screen that displays when you access the Web Configurator. VES1724-56 User’s Guide...
Page 35 C - Click this link to go to the status page of the Switch. D - Click this link to logout of the Web Configurator. E - Click this link to display web help pages. The help pages provide descriptions for all of the configuration screens. VES1724-56 User’s Guide...
Page 36 This link takes you to a screen where you can configure the IPv6 settings. SFP Threshold This link takes you to a screen where you can configure warning or alarm thresholds for the Setup SFP slots of the Switch. VES1724-56 User’s Guide...
Page 37 This link takes you to screens where you can configure filtering of unauthorized DHCP and ARP packets in your network. Loop Guard This link takes you to a screen where you can configure protection against network loops that occur on the edge of your network. VES1724-56 User’s Guide...
Page 38 CPU, packet buffer, memory utilization. CFM Action This link takes you to a screen where you can perform connectivity tests and see testing reports. IPv6 Cache This link takes you to screens where you can view IPv6 caches. VES1724-56 User’s Guide...
Page 39: Change Your Password
Delete the management VLAN (default is VLAN 1). Delete all port-based VLANs with the CPU port as a member. The “CPU port” is the management port of the Switch. Filter all traffic to the CPU port. VES1724-56 User’s Guide...
Page 40: Resetting The Switch
When you see the message “Press any key to enter Debug Mode within 3 seconds ...” press any key to enter debug mode. Type atlc after the “Enter Debug Mode” message. Wait for the “Starting XMODEM upload” message before activating XMODEM upload on your terminal. VES1724-56 User’s Guide...
Page 41: Logging Out Of The Web Configurator
Figure 18 Web Configurator: Logout Screen 4.8 Help The Web Configurator’s online help has descriptions of individual screens and some supplementary information. Click the Help link from a Web Configurator screen to view an online help description of that screen. VES1724-56 User’s Guide...
Page 42: Initial Setup Example
Connect your computer to an in-band Ethernet port on the Switch. Make sure your computer is in the same subnet as the Switch. Open your web browser and enter 192.168.1.1 (the default IP address) in the address bar to access the Web Configurator. See Section 4.2 on page 33 for more information. VES1724-56 User’s Guide...
Page 43: Creating A Vlan
VLAN or tagged static VLAN with fixed port members. In this example, you want to configure port 1 and port 2 as members of VLAN 2. Figure 20 Initial Setup Network Example: VLAN Internet port1 192.168.1.x 192.168.1.x VLAN1 VLAN2 VES1724-56 User’s Guide...
Page 44: Setting Port Vid
Switch’s power is turned off. 5.2.2 Setting Port VID Use PVID to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines. VES1724-56 User’s Guide...
Page 45 VLAN Port Setting link. Enter 2 in the PVID field for port 1 and click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch’s power is turned off. VES1724-56 User’s Guide...
Page 46: Tutorials
DHCP Server PVID=102 172.16.1.18 Port 18 PVID=102 192.168.2.3 6.1.2 Creating a VLAN Follow the steps below to configure ports 2 and 18 as a member of VLAN 102. Access the Web Configurator through the Switch’s management port. VES1724-56 User’s Guide...
Page 47 Select Fixed to configure ports 2 and 18 to be a permanent member of this VLAN. To ensure the VLAN-unaware devices, such as computers can receive frames properly, clear the Tx Tagging check box for port 2 to have the Switch remove VLAN tags before sending. Click Add. Figure 24 Tutorial: Create a Static VLAN VES1724-56 User’s Guide...
Page 48: Configuring Management Ip Address
IEEE 802.1Q VLAN-aware layer-3 switch or router that helps forward DHCP packets to the DHCP server. Click Basic Setting > IP Setup. For the VLAN 102 network, enter 192.168.2.1 as the IP address and 255.255.255.0 as the subnet mask. VES1724-56 User’s Guide...
Page 49: Configuring Dhcp Vlan Settings
Switch to add relay agent information (such as the VLAN ID) to DHCP requests. Note: Make sure you have disabled global DHCP relay in the IP Application > DHCP > Global screen before you configure DHCP relay per VLAN settings. VES1724-56 User’s Guide...
Page 50: Testing The Connection
The Switch can then forward the DHCP packets between the clients and DHCP server in VLAN 102. 6.1.5 Testing the Connection Check the client A's IP address. If it did not receive the IP address 192.168.2.3, make sure the devices are connected and configured properly. VES1724-56 User’s Guide...
Page 51: Technical Reference
Technical Reference...
Page 53: System Status And Port Statistics
This is the name you assigned to this port in the Basic Setting > Port Setup screen. Group This is the name of the VDSL port bonding group if the port is a member of one. Click the link to view more information about the group. VES1724-56 User’s Guide...
Page 54: Vdsl Port Status Change
VDSL connection is up. It brings the connection down right away and takes several minutes to complete the whole test before re-negotiating the connection. Figure 30 VDSL Port Status change Showtime Handshake Training Idle Perform DELT Test LD_DONE LD_TEST VES1724-56 User’s Guide...
Page 55: Vdsl Port Details
Click a VDSL port's index number in the Port column of the Port Status screen to display individual port statistics. Use this screen to check status and detailed performance data for an individual port on the Switch. VES1724-56 User’s Guide...
Page 56 Chapter 7 System Status and Port Statistics Note: This screen refreshes automatically every several minutes if the port is in any status other than in "Showtime". Figure 31 Status: VDSL Port Details VES1724-56 User’s Guide...
Page 57 Chapter 7 System Status and Port Statistics VES1724-56 User’s Guide...
Page 58 Switch transmitter and the CPE receiver or by the CPE transmitter and the Switch receiver. SNR Margin This field displays the upstream/downstream SNR (Signal-to-Noise Rate) margin. Signal This field displays the upstream/downstream loss of power (in dB) traveling along the Attenuation line. VES1724-56 User’s Guide...
Page 59 Reed-Solomon redundancy bytes. The Reed-Solomon code has the capability to correct errors by adding redundancy bytes. The longer the Reed-Solomon redundancy bytes the higher the error correction capability. LSYMB LSYMB refers to Latency SYMbol Bit. This field displays the actual number of bits per symbol. VES1724-56 User’s Guide...
Page 60 2: There is an additional 8-bit CRC inserted at the end of the DTU. 3: An 8-bit CRC is inserted as the first octet of the DTU. 4: An 8-bit CRC is inserted as the first byte of the DTU. VES1724-56 User’s Guide...
Page 61 (UAS). Refer to ITU-T G997.1 chapter 7.2.1.1.5 for more detailed information. Code Violation This field displays the number of code words containing one or more anomalies. Corrected This field displays the number of code words containing one or more error blocks that have been corrected. VES1724-56 User’s Guide...
Page 62 Select GainAlloc to display the gain allocated to each tone. Normally, each tone gets a different gain value allocated to avoid interference. Direction Select Downstream or Upstream for the direction. Select Both for both downstream and upstream directions. VES1724-56 User’s Guide...
Page 63 Click Stop to stop refreshing this screen. The following figures show you examples of each graph type that can be displayed when you click Show in the VDSL sub-carrier status section. Downstream information is in blue and upstream in red. VES1724-56 User’s Guide...
Page 64 Chapter 7 System Status and Port Statistics Figure 32 Graph Examples Hlog BitAlloc GainAlloc VES1724-56 User’s Guide...
Page 65: Bonding Group Details
The size of all data fragments should be the same and it is negotiated by the Switch and individual VDSL CPEs. This shows the number of data fragments this group dropped due to being smaller than the negotiated size.. VES1724-56 User’s Guide...
Page 66: Vdsl Summary
7.2.4 VDSL Summary To view VDSL statistics, click VDSL Summary in the Status screen. Click Clear next to an entry to reset that connection. All values for that connection will be reset to 0. Figure 34 Status: VDSL Summary VES1724-56 User’s Guide...
Page 67: Port Details
VDSL Port Details Click this link to take you to a screen where you can view VDSL transmission statistics for the selected port. Port Info Port NO. This field displays the port number you are viewing. Name This field displays the name of the port. VES1724-56 User’s Guide...
Page 68 You can configure the limit setting in the Management > Policy Rule screen. 0 displays if you did not configure the bandwidth limit in the associated policy or traffic amount is under the desired limit so far. VES1724-56 User’s Guide...
Page 69 This field shows the number of packets (including bad packets) received that were between 1519 octets and the maximum frame size. The maximum frame size varies depending on your switch model. See Chapter 47 on page 381. VES1724-56 User’s Guide...
Page 70: Basic Setting
In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the Switch temperature, fan speeds and voltage in this screen. Note that the fan speed information in the Hardware Monitor table is not available for this model. VES1724-56 User’s Guide...
Page 71 This field displays the maximum temperature measured at this sensor. This field displays the minimum temperature measured at this sensor. Threshold This field displays the upper temperature limit at this sensor. Status This field displays Normal for temperatures below the threshold and Error for those above. VES1724-56 User’s Guide...
Page 72: General Setup
Use this screen to configure general settings such as the system name and time. Click Basic Setting > General Setup in the navigation panel to display the screen as shown. Figure 37 Basic Setting > General Setup VES1724-56 User’s Guide...
Page 73 A.M. GMT or UTC). So in the European Union you would select Last, Sunday, March and the last field depends on your time zone. In Germany for instance, you would select 2:00 because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). VES1724-56 User’s Guide...
Page 74: Introduction To Vlans
With VLAN, all broadcasts are confined to a specific broadcast domain. Note: VLAN is unidirectional; it only governs outgoing traffic. Chapter 10 on page 129 for information on port-based and 802.1Q tagged VLANs. VES1724-56 User’s Guide...
Page 75: Switch Setup Screen
Join Timer sets the duration of the Join Period timer for GVRP in milliseconds. Each port has a Join Period timer. The allowed Join Time range is between 100 and 65535 milliseconds; the default is 200 milliseconds. See the chapter on VLAN setup for more background information. VES1724-56 User’s Guide...
Page 76: Ipv6 Introduction
The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted. So 2001:0db8:1a2b:0015:0000:0000:1a2f:0000 can be written as 2001:db8:1a2b:15:0:0:1a2f:0. VES1724-56 User’s Guide...
Page 77: Ipv6 Prefix And Prefix Length
8.6.6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. The global address format as follows. VES1724-56 User’s Guide...
Page 78: Unspecified
Switch, it generates another address which combines its interface ID and global and subnet information advertised from the router. This is a routable global IP address. In IPv6, all network interfaces can be associated with several addresses. VES1724-56 User’s Guide...
Page 79: Ip Setup
You can configure up to 64 IP addresses which are used to access and manage the Switch from the ports belonging to the pre-defined VLAN(s). Note: You must configure a VLAN first. Figure 39 Basic Setting > IP Setup VES1724-56 User’s Guide...
Page 80 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring the fields again. VES1724-56 User’s Guide...
Page 81: External Alarm Switch
Click Cancel to clear the selected check boxes in the Delete column. 8.8 External Alarm Switch Use this screen to view the status of the external alarm inputs and configure their settings. Figure 40 Basic Setting > External Alarm Switch VES1724-56 User’s Guide...
Page 82: Port Setup
Note: Changes in this row are copied to all the ports as soon as you make them. Active Select this check box to enable a port. The factory default for all ports is enabled. A port must be enabled for data transmission to occur. VES1724-56 User’s Guide...
Page 83 Select Flow Control to enable it. This field is available for an Ethernet port only. 802.1p Priority This priority value is added to incoming frames without a (802.1p) priority queue tag. See Priority Queue Assignment in Table 12 on page 75 for more information. VES1724-56 User’s Guide...
Page 84: Rate Limit Profile Setup
Rate limit profiles define ingress and egress data rate limits for the Switch port(s). Click Basic Setting and Rate Limit Profile Setup in the navigation panel to display the screen as shown. Figure 42 Rate Limit Profile Setup VES1724-56 User’s Guide...
Page 85: Per Queue Ratelimit Profile
Click Cancel to clear the selected checkboxes in the Delete column. 8.10.1 Per Queue Ratelimit Profile You can also use per queue rate limit profiles to define ingress and egress data rate limits for each queue on the Switch. VES1724-56 User’s Guide...
Page 86 You can apply a rate limit profile to a port in the Port Setup screen. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkboxes in the Delete column. VES1724-56 User’s Guide...
Page 87: Hardware Alarm Profile
Actual NDR This field displays the actual upstream/downstream net data rate in Mbps. US/DS(Mbps) Model This field displays the model name of the CPE device connected to this port. NA displays if it is not available. VES1724-56 User’s Guide...
Page 88: Ipv6 Setup
Use this screen to configure Switch’s management IPv6 addresses. Click Basic Setting > IP Setup > IPv6 Setup to display the configuration screen. See Section 8.6 on page 76 for more information about IPv6. Figure 46 Basic Setting > IPv6 Setup VES1724-56 User’s Guide...
Page 89 Click the Click Here link to configure additional IPv6 settings for this interface. Delete Select entries to remove in the Delete column and then click the Delete button to remove them. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. VES1724-56 User’s Guide...
Page 90: Ipv6 Setup: Configuration
Static IPv6 Addresses section above so you can view and modify the settings. Delete Select entries to remove in the Delete column and then click the Delete button to remove them. Cancel Click Cancel to clear the selected checkboxes in the Delete column. VES1724-56 User’s Guide...
Page 91: Ipv6 Nd Setup
Use this screen to configure a static entry in the IPv6 neighbor discovery cache, which lists the MAC addresses of the Switch’s interfaces and neighboring devices. This cache table is similar to a MAC address table in IPv4. You can only configure static entries on an IPv6-enabled interface. VES1724-56 User’s Guide...
Page 92 This field displays the name of the interface the Switch uses to reach the neighboring interface. IPv6 Address This field displays the IPv6 address of the neighboring interface. MAC Address This field displays the MAC address of the neighboring interface. VES1724-56 User’s Guide...
Page 93: Sfp Threshold Setup
Switch's SFP slots. You can also set thresholds for sending traps based on the SFP module's operating parameters such as transceiver temperature, laser bias current, transmitted optical power, received optical power and transceiver supply voltage. N/A displays if the Switch does not detect a mini-GBIC transceiver in an SFP slot. VES1724-56 User’s Guide...
Page 94 Select an SFP slot of the Switch for which you want to configure the thresholds. Type This is the type of device operating parameters. Current This shows the current value of each parameter measured for the installed transceiver. VES1724-56 User’s Guide...
Page 95 This value does not reflect the condition of the cable. Refer to this number to monitor the laser’s health. Rx Power(dBm) This field displays the amount of light (in dBm) currently being received from the fiber optic cable. VES1724-56 User’s Guide...
Page 96 Chapter 8 Basic Setting VES1724-56 User’s Guide...
Page 97: Vdsl Setup
FREQUENCY BAND G.993.2 Annex A EU-32 D-32 = 25 ~ 138 kHz G.993.2 Annex A EU-36 D-48 = 25 ~ 155.25 kHz G.993.2 Annex A EU-40 D-48 = 25 ~ 172.5 kHz G.993.2 Annex A ..= ... VES1724-56 User’s Guide...
Page 98 An example is shown below. Line 1 and Line 2 are in the same cable binder. Crosstalk occurs when the signal flows and is near to CPE (A)’s location. Besides, higher Line 1 PSD causes higher VES1724-56 User’s Guide...
Page 99 An example is shown next. VDSL Line 1 and ADSL Line 2 are in the same binder. Crosstalk occurs when the ADSL signal flows from CO (B) and is near to CO (A)’s ONU (Optical Network Unit) location. Besides, higher Line 1 PSD causes higher interference to the Line 2. CPE (B) receives VES1724-56 User’s Guide...
Page 100 SOS is a system for realizing emergency rate reduction. In a DSL system, especially in VDSL2 that uses wider frequency bandwidth and is deployed in the shorter loop than ADSL, far-end crosstalk (FEXT) may cause bursts of CRC errors and force CPE devices to retrain. SOS efficiently removes or VES1724-56 User’s Guide...
Page 101: Vdsl Profile Example
VDSL Setup > VDSL Profile > VDSL Line Profile and VDSL Channel Profile screens. For example, you have 3 VDSL line profiles (LinProfile-1, LinProfile-2 and LinProfile-3) and 3 channel profiles (ChanProfile-1, ChanProfile-2 and ChanProfile-3). VES1724-56 User’s Guide...
Page 102: Primary And Fallback Vdsl Templates Example
• A lower transmission rate is allowed. • Has higher tolerance against noise. • Uses a wider band for US0 mask. • Using F can get higher bandwidth for upstream traffic when the line has poor quality or in a long distance. VES1724-56 User’s Guide...
Page 103: Vdsl Line Setup
(alarm) when a parameter value is over one of the pre-defined thresholds on the line. Apply Click this to save the settings to the Switch. Cancel Click Cancel to clear the selected checkboxes in the Delete column. VES1724-56 User’s Guide...
Page 104: Vdsl Template Setup
This field displays the descriptive name for each configured VDSL template. Line Profile This field displays the line profile name configured in each VDSL template. Channel Profile This field displays the channel profile name configured in each VDSL template. VES1724-56 User’s Guide...
Page 105 You can apply templates to VDSL ports in the VDSL Setup > VDSL Line Setup screen. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkboxes in the Delete column. VES1724-56 User’s Guide...
Page 106: Vdsl Line Profile Setup
Table 34 VDSL Line Profile Setup LABEL DESCRIPTION Name Enter a descriptive name for identification purposes. VDSL2 Profile Specify the VDSL2 profile you want to apply to this template. See VDSL2 Profiles page 98 for more information. VES1724-56 User’s Guide...
Page 107 Specify 40~80.95 (dBm/Hz) for parameter A which defines the original band shape. 1 ~ 4 Specify 0~40.95 for parameter B which defines the power back-off degree. PM Mode Select allowTransitionsToIdle to have the Switch or CPE devices autonomously enter an idle state for power management (PM). VES1724-56 User’s Guide...
Page 108 This field displays the descriptive name for this profile. Click a profile name in this field to edit that profile. VDSL2 Profile This field displays the VDSL2 profile(s) applied to a VDSL line profile. SNR Margin This field displays the configured upstream and downstream signal to noise ration in decibels. VES1724-56 User’s Guide...
Page 109: Vdsl Line Profile Setup > Rate Adaptive
Figure 56 VDSL Rate Adaptive Setup The following table describes the labels in this screen. Table 35 VDSL Rate Adaptive Setup LABEL DESCRIPTION DownStream Configure the following settings for the Switch-to-CPEs direction. UpStream Configure the following settings for the CPEs-to-the-Switch direction. VES1724-56 User’s Guide...
Page 110 SNR margin is going to reach this specified value, a robust overhead channel is negotiated for reliable transmission. ROC min INP Specify the level of impulse noise (burst) protection for a robust overhead channel. Select a number between 0 and 16. VES1724-56 User’s Guide...
Page 111: Vdsl Line Profile Setup > Mib Psd Mask
A tone is a sub-channel of VDSL band. DMT divides VDSL bands into many 4.3125 kHz tones. Enter an increased number (than previous row) from 0 to 4096 in this field that is also the horizontal of the MIB PSD Mask graph. VES1724-56 User’s Guide...
Page 112: Vdsl Line Profile Setup > Dpbo
Click the Modify link next to the DPBO field in the VDSL Line Profile Setup screen to open the screen as shown next. Use this screen to configure Downstream Power Back-Off (DPBO) settings. DPBO page Figure 58 VDSL DPBO Setup VES1724-56 User’s Guide...
Page 113: Vdsl Line Profile Setup > Rfi Band
Click the Modify link next to the RFI BAND field in the VDSL Line Profile Setup screen to open the screen as shown next. Use this screen to specify the RFI bands through which the Switch and VES1724-56 User’s Guide...
Page 114 Click this to save the settings to the Switch and return to the previous screen. Cancel Click Cancel to reset the fields to your previous configuration. Clear Click Clear to clear the fields to the factory defaults. VES1724-56 User’s Guide...
Page 115: Vdsl Line Profile Setup > Virtual Noise
Note: For a poor quality subscriber line, you should enable this and configure virtual noise on tones where noise may occur. Note: The higher the virtual noise, the lower the line speed. Break Point This index number identifies each incremental break point. VES1724-56 User’s Guide...
Page 116: Vdsl Channel Profile Setup
The following table describes the labels in this screen. Table 40 VDSL Channel Profile Setup LABEL DESCRIPTION Name Enter a descriptive name for identification purposes. DownStream The parameters in this column relate to downstream transmissions. Upstream The parameters in this column relate to upstream transmissions. VES1724-56 User’s Guide...
Page 117 This field displays the VDSL port number(s) to which this profile is applied. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkboxes in the Delete column. VES1724-56 User’s Guide...
Page 118: Vdsl G.inp Setup
Specify the maximum delay (from 1 to 63 in ms) that is added to the retransmission delay caused by retransmissions. Min Delay Specify the minimum delay (from 0 to 63 in ms) that is added to the retransmission delay caused by retransmissions. Min INP Specify the minimum level of impulse noise (burst) protection. VES1724-56 User’s Guide...
Page 119: Vdsl Inm Profile Setup
Use this screen to view, add, modify and delete VDSL INM profiles. An INM profile defines the control parameters used to generate the Equivalent INP (Eq INP or INP_Eq) and Inter-Arrival Time (IAT) histograms. The IAT represents the number of data symbols from the start of one cluster to VES1724-56 User’s Guide...
Page 120 This provides the best estimate of the required INP level. INMCC Specify the cluster continuation value (0 to 64 DMT symbols) used for INM cluster indication. VES1724-56 User’s Guide...
Page 121: Vdsl Alarm Template Setup
Click Cancel to clear the selected checkboxes in the Delete column. 9.4 VDSL Alarm Template Setup Alarm profiles define VDSL port alarm thresholds. The device sends an alarm trap and generates a syslog entry when the thresholds of the alarm profile are exceeded. VES1724-56 User’s Guide...
Page 122: Vdsl Line Alarm Profile Setup
9.4.1 VDSL Line Alarm Profile Setup Click the LineAlarmProfile link at the top-right corner of the VDSL Alarm Template Setup screen to display the screen as shown. Use this screen to view, add, edit, or delete a VDSL line alarm profile. VES1724-56 User’s Guide...
Page 123 Enter the number of times a Loss of PoweR Seconds (LPRS) is permitted to occur within 15 Threshold minutes. 15 Minute Enter the number of times a full initialization is allowed to fail within 15 minutes. FailedFullInt Threshold VES1724-56 User’s Guide...
Page 124: Vdsl Channel Alarm Profile Setup
Use this screen to view, add, edit, modify a VDSL channel alarm profile. The device sends an alarm trap and generates a syslog entry when the thresholds of the alarm profile are exceeded. Figure 67 VDSL Channel Alarm Profile Setup VES1724-56 User’s Guide...
Page 125: Vdsl Bonding Setup
The next figure shows a subscriber using port bonding on two DSL lines between a CPE that supports VDSL bonding (A) (using a Y-connector) and the Switch to connect to the Internet. Figure 68 VDSL Port Bonding Example INTERNET VES1724-56 User’s Guide...
Page 126 Active This field displays whether this group is enabled (Yes) or not (No). Port This field displays the port numbers in this group. Protocol This field displays the transmission mode protocol (PTM or ATM) this group uses. VES1724-56 User’s Guide...
Page 127 This field displays the name of the template applied to this group. Delete Select the groups to remove in the Delete column and then click the Delete button to remove them. Cancel Click Cancel to clear the selected checkboxes in the Delete column. VES1724-56 User’s Guide...
Page 128 Chapter 9 VDSL Setup VES1724-56 User’s Guide...
Page 129: Vlan
A broadcast frame (or a multicast frame for a multicast group that is known by the system) is duplicated only on ports that are members of the VID (except the ingress port itself), thus confining the broadcast to a specific domain. VES1724-56 User’s Guide...
Page 130: Vlan Tagging Priority
Normal Registration Ports dynamically join a VLAN using GVRP. VLAN Tag Control Tagged Ports belonging to the specified VLAN tag all outgoing frames transmitted. Untagged Ports belonging to the specified VLAN don't tag all outgoing frames transmitted. VES1724-56 User’s Guide...
Page 131: Port Vlan Trunking
1 and 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s). Figure 70 Port VLAN Trunking V1 V2 10.4 Select the VLAN Type Select a VLAN type in the Basic Setting > Switch Setup screen. Figure 71 Switch Setup > Select VLAN Type VES1724-56 User’s Guide...
Page 132: Static Vlan
This is the VLAN identification number that was configured in the Static VLAN screen. Elapsed Time This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up. VES1724-56 User’s Guide...
Page 133: Vlan Details
This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up. Status This field shows how this VLAN was added to the Switch. dynamic: using GVRP static: added as a permanent entry other: added in another way such as via Multicast VLAN Registration (MVR) VES1724-56 User’s Guide...
Page 134: Configure A Static Vlan
Select a VLAN profile in which you can specify the action the Switch takes on incoming unknown multicast frames and whether to enable MAC address learning for this VLAN. Port The port number identifies the port you are configuring. VES1724-56 User’s Guide...
Page 135: Configure A Vlan Profile
Click the VLAN Profile link at the top-right corner of the Static VLAN screen to open the screen shown below. Use this screen to view, add, modify and delete VLAN profiles. Figure 75 VLAN > Static VLAN > VLAN Profile VES1724-56 User’s Guide...
Page 136 This field displays the action the Switch takes on an unknown multicast frame received for Multicast the VLAN. Delete Check the profile(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. VES1724-56 User’s Guide...
Page 137: Configure Vlan Port Settings
A Port VLAN ID (PVID) is a tag that the Switch adds to incoming untagged frames received on a port so that the frames are forwarded to the VLAN group that the tag defines. Enter a number between 1 and 4094 as the port VLAN ID. VES1724-56 User’s Guide...
Page 138: Subnet Based Vlans
172.16.1.0/24 (voice services). You also have a subnet based VLAN with priority 5 and VID of 200 for traffic received from IP subnet 192.168.1.0/24 (video services). Lastly, you configure VLAN with priority 3 and VID of 300 for traffic received from IP subnet 10.1.1.0/24 (data services). All VES1724-56 User’s Guide...
Page 139: Configuring Subnet Based Vlan
Internet Untagged Frames 172.16.1.0/24 192.168.1.0/24 10.1.1.0/24 VID = 100 VID = 200 VID = 300 10.7 Configuring Subnet Based VLAN Click Subnet Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. VES1724-56 User’s Guide...
Page 140 Enter the ID of a VLAN with which the untagged frames from the IP subnet specified in this subnet based VLAN are tagged. This must be an existing VLAN which you defined in the Advanced Application > VLAN screens. Priority Select the priority level that the Switch assigns to frames belonging to this VLAN. VES1724-56 User’s Guide...
Page 141: Protocol Based Vlans
3. You also have a protocol based VLAN B with priority 2 for Apple Talk traffic received on port 6 and 7. All upstream ARP traffic from port 1, 2 and 3 will be grouped together, and all upstream Apple VES1724-56 User’s Guide...
Page 142: Configuring Protocol Based Vlan
Click Protocol Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. Note: Protocol-based VLAN applies to un-tagged packets and is applicable only when you use IEEE 802.1Q tagged VLAN. Figure 80 Advanced Application > VLAN > VLAN Port Setting > Protocol Based VLAN VES1724-56 User’s Guide...
Page 143: Create An Ip-Based Vlan Example
Activate this protocol based VLAN. Type the port number you want to include in this protocol based VLAN. Type 1. Give this protocol-based VLAN a descriptive name. Type IP-VLAN. Select the protocol. Leave the default value IP. VES1724-56 User’s Guide...
Page 144: Configuring Mac Based Vlan
MAC based VLAN. One advantage of using MAC based VLANs is that priority can be assigned to traffic from the same MAC address(es). Click MAC Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. VES1724-56 User’s Guide...
Page 145 Click Cancel to begin configuring this screen afresh. Paging Select Prev or Next to show the previous/next screen or select a page number from the drop-down list box to display a specific page if all entries cannot be seen in one screen. VES1724-56 User’s Guide...
Page 146: Port Based Vlan Setup
Note: In screens (such as IP Setup and Filtering) that require a VID, you must enter 1 as the VID. The port based VLAN setup screen is shown next. The CPU management port forms a VLAN with all Ethernet ports. VES1724-56 User’s Guide...
Page 147: Configure A Port Based Vlan
Select Port Based as the VLAN Type in the Basic Setting > Switch Setup screen and then click Advanced Application > VLAN from the navigation panel to display the next screen. Figure 83 Port Based VLAN Setup (All Connected) VES1724-56 User’s Guide...
Page 148 Chapter 10 VLAN Figure 84 Port Based VLAN Setup (Port Isolation) VES1724-56 User’s Guide...
Page 149 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 150: Vlan Counter
This field displays the VLAN ID you are viewing. System up This field shows the total amount of time the Switch has been up. time Port Info Port number This field displays the port number you are viewing. Direction VES1724-56 User’s Guide...
Page 151 This field shows the number of packets (including bad packets) transmitted and received that were between 1519 octets and the maximum frame size. The maximum frame size varies depending on your switch model. See Chapter 47 on page 381. VES1724-56 User’s Guide...
Page 152: Static Mac Forward Setup
Chapter 19 on page 191 for more information about MAC limit. Click Advanced Application > Static MAC Forwarding in the navigation panel to display the configuration screen as shown. Figure 86 Advanced Application > Static MAC Forwarding VES1724-56 User’s Guide...
Page 153 Click Cancel to clear the Delete check boxes. Paging Select Prev or Next to show the previous/next screen or select a page number from the drop-down list box to display a specific page if all entries cannot be seen in one screen. VES1724-56 User’s Guide...
Page 154: Static Multicast Forward Setup
You can configure this in the Advanced Application > Multicast > Multicast Setting screen (see Section 24.3 on page 224). Figure 87 shows such unknown multicast frames flooded to all ports. With static multicast forwarding, you can forward these multicast frames to VES1724-56 User’s Guide...
Page 155: Configuring Static Multicast Forwarding
Figure 88 Static Multicast Forwarding to A Single Port Figure 89 Static Multicast Forwarding to Multiple Ports 12.2 Configuring Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames, such as streaming or control frames, to specific port(s). VES1724-56 User’s Guide...
Page 156 This field displays the ID number of a VLAN group to which frames containing the specified multicast MAC address will be forwarded. Port This field displays the port(s) within a identified VLAN group to which frames containing the specified multicast MAC address will be forwarded. VES1724-56 User’s Guide...
Page 157 Click this to show the next screen if all entries cannot be seen in one screen. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 158: Filtering
Select Discard destination to drop the frames to the destination MAC address (specified in the MAC address). The Switch can still receive frames originating from the MAC address. Select Discard source and Discard destination to block traffic to/from the MAC address specified in the MAC field. VES1724-56 User’s Guide...
Page 159 This field displays the filtering action. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the selected checkbox(es) in the Delete column. VES1724-56 User’s Guide...
Page 160: Spanning Tree Protocol
ALLOWED RANGE Path Cost 4Mbps 100 to 1000 1 to 65535 Path Cost 10Mbps 50 to 600 1 to 65535 Path Cost 16Mbps 40 to 400 1 to 65535 Path Cost 100Mbps 10 to 60 1 to 65535 VES1724-56 User’s Guide...
Page 161: How Stp Works
Note: The listening state does not exist in RSTP. Learning All BPDUs are received and processed. Information frames are submitted to the learning process but not forwarded. Forwarding All BPDUs are received and processed. All information frames are received and forwarded. VES1724-56 User’s Guide...
Page 162: Multiple Rstp
• A VLAN can be mapped to a specific Multiple Spanning Tree Instance (MSTI). MSTI allows multiple VLANs to use the same spanning tree. • Load-balancing is possible as traffic from different VLANs can use distinct paths in a region. VES1724-56 User’s Guide...
Page 163 Each MSTP-enabled device can only belong to one MST region. When BPDUs enter an MST region, external path cost (of paths outside this region) is increased by one. Internal path cost (of paths within this region) is increased by one when BPDUs traverse the region. VES1724-56 User’s Guide...
Page 164 MST instance are members of the CIST. In an MSTP-enabled network, there is only one CIST that runs between MST regions and single spanning tree devices. A network may contain multiple MST regions and other network segments running RSTP. Figure 96 MSTP and Legacy RSTP Network Example VES1724-56 User’s Guide...
Page 165: Spanning Tree Protocol Status Screen
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 166: Configure Rapid Spanning Tree Protocol
BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the Switch ports attached to the network. The allowed range is 6 to 40 seconds. VES1724-56 User’s Guide...
Page 167: Rapid Spanning Tree Protocol Status
See Section 14.1 on page 160 for more information on RSTP. Note: This screen is only available after you activate RSTP on the Switch. Figure 100 Advanced Application > Spanning Tree Protocol > Status: RSTP VES1724-56 User’s Guide...
Page 168: Configure Multiple Rapid Spanning Tree Protocol
14.6 Configure Multiple Rapid Spanning Tree Protocol To configure MRSTP, click MRSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 14.1 on page 160 for more information on MRSTP. Figure 101 Advanced Application > Spanning Tree Protocol > MRSTP VES1724-56 User’s Guide...
Page 169 The slower the media, the higher the cost-see Table 61 on page 160 for more information. Tree Select which STP tree configuration this port should participate in. VES1724-56 User’s Guide...
Page 170: Multiple Rapid Spanning Tree Protocol Status
This is the time (in seconds) the root switch will wait before changing states (that is, (second) listening to learning to forwarding). Note: The listening state does not exist in RSTP. Cost to Bridge This is the path cost from the root port on this Switch to the root switch. VES1724-56 User’s Guide...
Page 171: Configure Multiple Spanning Tree Protocol
14.8 Configure Multiple Spanning Tree Protocol To configure MSTP, click MSTP in the Advanced Application > Spanning Tree Protocol screen. Section 14.1.5 on page 162 for more information on MSTP. Figure 103 Advanced Application > Spanning Tree Protocol > MSTP VES1724-56 User’s Guide...
Page 172 Remove - to remove this range of VLAN(s) from being mapped to the MST instance. • Clear - to remove all VLAN(s) from being mapped to this MST instance. Enabled VLAN(s) This field displays which VLAN(s) are mapped to this MST instance. VES1724-56 User’s Guide...
Page 173: Multiple Spanning Tree Protocol Status
Click Cancel to begin configuring this screen afresh. 14.9 Multiple Spanning Tree Protocol Status Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section 14.1.5 on page 162 for more information on MSTP. VES1724-56 User’s Guide...
Page 174 This is the path cost from the root port on this Switch to the root switch. Port ID This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. VES1724-56 User’s Guide...
Page 175 This is the path cost from the root port in this MST instance to the regional root switch. Port ID This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the MST instance. VES1724-56 User’s Guide...
Page 176: Broadcast Storm Control
Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. VES1724-56 User’s Guide...
Page 177 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. VES1724-56 User’s Guide...
Page 178: Mirroring
Click Advanced Application > Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 106 Advanced Application > Mirroring VES1724-56 User’s Guide...
Page 179 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. VES1724-56 User’s Guide...
Page 180: Link Aggregation
• You must connect all ports point-to-point to the same Ethernet switch and configure the ports for LACP trunking. • LACP only works on full-duplex links. • All ports in the same trunk group must have the same media type, speed, duplex mode and flow control settings. VES1724-56 User’s Guide...
Page 181: Link Aggregation Id
Static - if the ports are configured as static members of a trunk group. • LACP - if the ports are configured to join a trunk group via LACP. Port Priority and Port Number are 0 as it is the aggregator ID for the trunk group, not the individual port. VES1724-56 User’s Guide...
Page 182: Link Aggregation Setting
The field identifies the link aggregation group, that is, one logical link containing multiple ports. Active Select this option to activate a trunk group. Port This field displays the port number. Group Select the trunk group to which a port belongs. VES1724-56 User’s Guide...
Page 183: Link Aggregation Control Protocol
Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports. LACP Active Select this option to enable LACP for a trunk. Port This field displays the port number. VES1724-56 User’s Guide...
Page 184: Static Trunking Example
Make your physical connections - make sure that the ports that you want to belong to the trunk group are connected to the same destination. The following figure shows ports 25-26 on switch A connected to switch B. Figure 110 Trunking Example - Physical Connections VES1724-56 User’s Guide...
Page 185 Click Apply when you are done. Figure 111 Trunking Example - Configuration Screen Your trunk group 1 (T1) configuration is now complete; you do not need to go to any additional screens. VES1724-56 User’s Guide...
Page 186: Port Authentication
When the client provides the login credentials, the Switch sends an At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. VES1724-56 User’s Guide...
Page 187: Mac Authentication
MAC address of the client connecting to a port on the Switch along with a password configured specifically for MAC authentication on the Switch. Figure 113 MAC Authentication Process New Connection Authentication Request Authentication Reply Session Granted/Denied VES1724-56 User’s Guide...
Page 188: Port Authentication Configuration
Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. VES1724-56 User’s Guide...
Page 189: Activate Mac Authentication
If you leave this field blank, then only the MAC address of the client is forwarded to the RADIUS server. Password Type the password the Switch sends along with the MAC address of a client for authentication with the RADIUS server. You can enter up to 32 printable ASCII characters. VES1724-56 User’s Guide...
Page 190 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 191: Mac Limit
For maximum port security, enable this feature, disable MAC address learning and Note: configure static MAC address(es) for a port. It is not recommended to disable both Port Security and MAC address learning as this will result in many broadcasts. Figure 117 Advanced Application > MAC Limit VES1724-56 User’s Guide...
Page 192: Mac Limit: Vlan Security
Figure 118 MAC Limit: VLAN Security The following table describes the labels in this screen. Table 80 MAC Limit: VLAN Security LABEL DESCRIPTION Active Select this to limit the number of MAC addresses the Switch can dynamically learn on individual VLANs. VES1724-56 User’s Guide...
Page 193 Basic Setting > Switch Setup screen. The valid range is from 0 to 16K (16384 bytes). “0” means this feature is disabled, so the switch will learn MAC addresses up to the global limit of 16K. VES1724-56 User’s Guide...
Page 194: Classifier
Use the Classifier screen to define the classifiers. After you define the classifier, you can specify actions (or policy) to act upon the traffic that matches the rules. To configure policy rules, refer to Chapter 21 on page 200. VES1724-56 User’s Guide...
Page 195 Ethernet II untagged. A value of 802.3 indicates that the packets are formatted according to the IEEE 802.3 standards. A value of Ethernet II indicates that the packets are formatted according to RFC 894, Ethernet II encapsulation. VES1724-56 User’s Guide...
Page 196 Number numbers. Select Any to apply the rule to all TCP/UDP protocol port numbers or select the second option and enter a TCP/UDP protocol port number. Refer to Table 85 on page 198 for more information. Destination VES1724-56 User’s Guide...
Page 197: Viewing And Editing Classifier Configuration
This field displays the descriptive name for this rule. This is for identification purpose only. Rule This field displays a summary of the classifier rule’s settings. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 198 Some of the most common TCP and UDP port numbers are: Table 85 Common TCP and UDP Port Numbers PROTOCOL NAME TCP/UDP PORT NUMBER Telnet SMTP HTTP POP3 Appendix A on page 397 for information on commonly used port numbers. VES1724-56 User’s Guide...
Page 199: Classifier Example
The following screen shows an example where you configure a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. After you have configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow. Figure 121 Classifier: Example VES1724-56 User’s Guide...
Page 200: Policy Rule
Resources can then be allocated according to the DSCP values and the configured policies. 21.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 20.2 on page 194 more information. VES1724-56 User’s Guide...
Page 201 Chapter 21 Policy Rule Click Advanced Application > Policy Rule in the navigation panel to display the screen as shown. Figure 122 Advanced Application > Policy Rule VES1724-56 User’s Guide...
Page 202 Select Replace the IP TOS with the 802.1 priority value to replace the TOS field with the value you configure in the Priority field. Select Set the Diffserv Codepoint field in the frame to set the DSCP field with the value you configure in the DSCP field. VES1724-56 User’s Guide...
Page 203 This field displays the name you have assigned to this policy. Classifier(s) This field displays the name(s) of the classifier to which this policy applies. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 204: Policy Example
The figure below shows an example Policy screen where you configure a policy to limit bandwidth and discard out-of-profile traffic on a traffic flow classified using the Example classifier (refer to Section 20.4 on page 199). Figure 123 Policy Example VES1724-56 User’s Guide...
Page 205: Queuing Method
(the number you configure in the queue Weight field) rather than a fixed amount of bandwidth. WRR is activated only when a port has more traffic than it can handle. Queues with larger weights get more service than queues with VES1724-56 User’s Guide...
Page 206: Configuring Queuing
This queuing mechanism is highly efficient in that it divides any available bandwidth across the different traffic queues and returns to queues that have not yet emptied. 22.2 Configuring Queuing Click Advanced Application > Queuing Method in the navigation panel. Figure 124 Advanced Application > Queuing Method VES1724-56 User’s Guide...
Page 207 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 208: Vlan Stacking
In the following example figure, both A and B are Service Provider’s Network (SPN) customers with VPN tunnels between their head offices and branch offices respectively. Both have an identical VLAN tag for their VLAN group. The service provider can separate these two VLANs within its network by VES1724-56 User’s Guide...
Page 209: Vlan Stacking Port Roles
All VLANs belonging to a customer can be aggregated into a single service provider's VLAN (using the outer VLAN tag defined by SP VID). Note: Static VLAN Tx Tagging MUST be enabled on a port where you choose Tunnel Port. VES1724-56 User’s Guide...
Page 210: Vlan Tag Format
Table 90 802.1Q Frame Destination Address Priority 802.1p Priority Source Address Len/Etype Length and type of Ethernet frame Tunnel TPID Tag Protocol IDentifier added on a tunnel port Data Frame data VLAN ID Frame Check Sequence VES1724-56 User’s Guide...
Page 211: Configuring Vlan Stacking
Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. VES1724-56 User’s Guide...
Page 212: Port-Based Q-In-Q
23.4.1 Port-based Q-in-Q Port-based Q-in-Q lets the Switch treat all frames received on the same port as the same VLAN flows and add the same outer VLAN tag to them, even they have different customer VLAN IDs. VES1724-56 User’s Guide...
Page 213 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 214: Selective Q-In-Q
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. Index This is the number of the selective VLAN stacking rule. VES1724-56 User’s Guide...
Page 215: Port-Based Innerq
VLAN tag (the outer tag) and forwarding them out. This feature is not applicable on a tunnel port. Click Port-based InnerQ in the Advanced Application > VLAN Stacking screen to display the screen as shown. Figure 129 VLAN Stacking > Port-based InnerQ VES1724-56 User’s Guide...
Page 216 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 217: Multicast
The Switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your Switch. VES1724-56 User’s Guide...
Page 218: Igmp Snooping And Vlans
Done message to the router or switch. If the leave mode is not set to immediate, the router or switch sends a group-specific query to the port on which the Done message is received to determine if other devices connected to this port should remain in the group. VES1724-56 User’s Guide...
Page 219: Multicast Status
24.2 Multicast Status Click Advanced Application > Multicast to display the screen as shown. This screen shows the multicast group information. See Section 24.1 on page 217 for more information on multicasting. Figure 130 Advanced Application > Multicast Status VES1724-56 User’s Guide...
Page 220 Client IP This field displays an IP address which is a member in this multicast group. In IPTV, this means the IP address of a set-top box connected to this port. VES1724-56 User’s Guide...
Page 221 IGMP counters. Join This field displays the number of multicast groups in Join messages this port has received. Leave This field displays the number of multicast groups in Leave messages this port has received. VES1724-56 User’s Guide...
Page 222 IGMP Per VLAN Specific Counter This section displays multicast traffic statistics per VLAN network. Total GroupNum This field displays the total number of multicast groups this VLAN network has learned since the last start up or clearing of the IGMP counters. VES1724-56 User’s Guide...
Page 223 The index number of an entry in this table. Port The number of a port which has received multicast queries. The VLAN ID to which the received multicast queries belong. Querier Source IP The IP address of the device which sent the multicast queries. VES1724-56 User’s Guide...
Page 224: Multicast Setting
IGMP leave message is received from a host. 802.1p Priority Select a priority level (0-7) to which the Switch changes the priority in outgoing IGMP control packets. Otherwise, select No-Change to not replace the priority. VES1724-56 User’s Guide...
Page 225 Select Edge to stop the Switch from using the port as an IGMP query port. The Switch will not keep any record of an IGMP router being connected to this port. The Switch does not forward IGMP join or leave packets to this port. VES1724-56 User’s Guide...
Page 226: Igmp Snooping Vlan
Click Apply to save your changes to the Switch’s run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. VES1724-56 User’s Guide...
Page 227: Igmp Filtering Profile
Profiles are assigned to ports (in the Multicast Setting screen). Clients connected to those ports are then able to join the multicast groups specified in the profile. Each port can be assigned a single profile. A profile can be assigned to multiple ports. VES1724-56 User’s Guide...
Page 228 Delete Profile column, then click the Delete button. To delete a rule(s) from a profile, select the rule(s) that you want to remove in the Delete Rule column, then click the Delete button. Cancel Click Cancel to clear the Delete Profile/Delete Rule check boxes. VES1724-56 User’s Guide...
Page 229: Mvr Overview
The following figure shows a multicast television example where a subscriber device (such as a computer) in VLAN 1 receives multicast traffic from the streaming media server, S, via the Switch. Multiple subscriber devices can connect through a port configured as the receiver on the Switch. VES1724-56 User’s Guide...
Page 230: General Mvr Configuration
VLAN. Click Advanced Application > Multicast > Multicast Setting > MVR link to display the screen as shown next. Note: You can create up to three multicast VLANs and up to 256 multicast rules on the Switch. VES1724-56 User’s Guide...
Page 231 Multicast VLAN Enter the VLAN ID (1 to 4094) of the multicast VLAN. 802.1p Priority Select a priority level (0-7) with which the Switch replaces the priority in outgoing IGMP control packets (belonging to this multicast VLAN). VES1724-56 User’s Guide...
Page 232: Mvr Group Configuration
All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group. Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. VES1724-56 User’s Guide...
Page 233 Select Delete Group and click Delete to remove the selected entry(ies) from the table. Select Delete All next to a multicast VLAN ID and click Delete to remove all multicast groups for that multicast VLAN from the table. Cancel Select Cancel to clear the checkbox(es) in the table. VES1724-56 User’s Guide...
Page 234: Mvr Configuration Example
News: 224.1.4.10 ~ 224.1.4.50 Movie: 230.1.2.50 ~ 230.1.2.60 Multicast VLAN 200 To configure the MVR settings on the Switch, create a multicast group in the MVR screen and set the receiver and source ports. Figure 139 MVR Configuration Example VES1724-56 User’s Guide...
Page 235 Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. Figure 140 MVR Group Configuration Example Figure 141 MVR Group Configuration Example VES1724-56 User’s Guide...
Page 236: Authentication And Accounting
By storing user profiles locally on the Switch, your Switch is able to authenticate and authorize users without interacting with a network authentication server. However, there is a limit on the number of users you may authenticate in this way (See Chapter 36 on page 327). VES1724-56 User’s Guide...
Page 237: Radius And Tacacs
25.2.1 RADIUS Server Setup Use this screen to configure your RADIUS server settings. See Section 25.1.2 on page 237 for more information on RADIUS servers and Section 25.3 on page 245 for RADIUS attributes utilized by the VES1724-56 User’s Guide...
Page 238 Enter the IPv4 or IPv6 address of an external RADIUS server in dotted decimal notation. UDP Port The default port of a RADIUS server for authentication is 1812. You need not change this value unless your network administrator instructs you to do so. VES1724-56 User’s Guide...
Page 239 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 240: Tacacs+ Server Setup
Enter the IPv4 or IPv6 address of an external TACACS+ server in dotted decimal notation. TCP Port The default port of a TACACS+ server for authentication is 49. You need not change this value unless your network administrator instructs you to do so. VES1724-56 User’s Guide...
Page 241 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 242: Authentication And Accounting Setup
Method 2 and Method 3 fields. Select local to have the Switch check the access privilege configured for local authentication. Select radius or tacacs+ to have the Switch check the access privilege via the external servers. VES1724-56 User’s Guide...
Page 243 Switch send information to the accounting server only when a user ends a session. Method Select whether you want to use RADIUS or TACACS+ for accounting of specific types of events. TACACS+ is the only method for recording Commands type of event. VES1724-56 User’s Guide...
Page 244: Vendor Specific Attribute
Table 105 Supported VSAs FUNCTION ATTRIBUTE Ingress Bandwidth Vendor-Id = 890 Assignment Vendor-Type = 1 Vendor-data = ingress rate (Kbps in decimal format) Egress Bandwidth Vendor-Id = 890 Assignment Vendor-Type = 2 Vendor-data = egress rate (Kbps in decimal format) VES1724-56 User’s Guide...
Page 245: Supported Radius Attributes
This section lists the attributes used by authentication functions on the Switch. In cases where the attribute has a specific format associated with it, the format is specified. 25.3.1 Attributes Used for Authentication The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication. VES1724-56 User’s Guide...
Page 246: Attributes Used For Accounting
The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication. 25.3.2.1 Attributes Used for Accounting System Events NAS-IP-Address NAS-Identifier Acct-Status-Type Acct-Session-ID - The format of Acct-Session-Id is date+time+8-digit sequential number, for example, 2007041917210300000001. (date: 2007/04/19, time: 17:21:03, serial number: 00000001) Acct-Delay-Time VES1724-56 User’s Guide...
Page 247 25.3.2.3 Attributes Used for Accounting IEEE 802.1x Events The attributes are listed in the following table along with the time of the session they are sent: Table 109 RADIUS Attributes-Exec Events via 802.1x ATTRIBUTE START INTERIM-UPDATE STOP User-Name NAS-IP-Address NAS-Port Class Called-Station-Id VES1724-56 User’s Guide...
Page 248 Chapter 25 Authentication and Accounting Table 109 RADIUS Attributes-Exec Events via 802.1x ATTRIBUTE START INTERIM-UPDATE STOP Calling-Station-Id NAS-Identifier NAS-Port-Type Acct-Status-Type Acct-Delay-Time Acct-Session-Id Acct-Authentic Acct-Input-Octets Acct-Output-Octets Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Input-Gigawords Acct-Output-Gigawords VES1724-56 User’s Guide...
Page 249: Ip Source Guard
Every port is either a trusted port or an untrusted port for DHCP snooping. This setting is independent of the trusted/untrusted setting for ARP inspection. You can also specify the maximum number for DHCP packets that each port (trusted or untrusted) can receive each second. VES1724-56 User’s Guide...
Page 250 Each binding consists of 72 bytes, a space, and another checksum that is used to validate the binding when it is read. If the calculated checksum is not equal to the checksum in the file, that binding and all others after it are ignored. VES1724-56 User’s Guide...
Page 251: Arp Inspection Overview
In this example, computer B tries to establish a connection with computer A. Computer X is in the same broadcast domain as computer A and intercepts the ARP request for computer A. Then, computer X does the following things: VES1724-56 User’s Guide...
Page 252 ARP inspection so that the Switch has enough time to build the binding table. Enable ARP inspection on each VLAN. Configure trusted and untrusted ports, and specify the maximum number of ARP packets that each port can receive per second. VES1724-56 User’s Guide...
Page 253: Ip Source Guard
MAC address and VLAN ID. Each MAC address and VLAN ID can only be in one static binding. If you try to create a static binding with the same MAC address and VLAN VES1724-56 User’s Guide...
Page 254 This field displays the port number in the binding. If this field is blank, the binding applies to all ports. Delete Select this, and click Delete to remove the specified entry. Cancel Click this to clear the Delete check boxes above. VES1724-56 User’s Guide...
Page 255: Dhcp Snooping
Chapter 26 IP Source Guard 26.4 DHCP Snooping Use this screen to look at various statistics about the DHCP snooping database. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping. Figure 151 DHCP Snooping VES1724-56 User’s Guide...
Page 256 This field displays the number of times the Switch was unable to read bindings from the DHCP snooping database. Successful writes This field displays the number of times the Switch updated the bindings in the DHCP snooping database successfully. VES1724-56 User’s Guide...
Page 257: Dhcp Snooping Configure
Use this screen to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and configure the DHCP snooping database. The DHCP snooping database stores the current bindings on a secure, external TFTP server so that they are VES1724-56 User’s Guide...
Page 258 Enter the location of the DHCP snooping database. The location should be expressed like this: tftp://{domain name or IP address}/directory, if applicable/file name; for example, tftp://192.168.10.1/database.txt. Timeout Enter how long (10-65535 seconds) the Switch tries to complete a specific update in the interval DHCP snooping database before it gives up. VES1724-56 User’s Guide...
Page 259: Dhcp Snooping Port Configure
You can also specify the maximum number for DHCP packets that each port (trusted or untrusted) can receive each second. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > Port. Figure 153 DHCP Snooping Port Configure VES1724-56 User’s Guide...
Page 260: Dhcp Snooping Vlan Configure
311) to DHCP requests that the Switch relays to a DHCP server for each VLAN. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN. Figure 154 DHCP Snooping VLAN Configure VES1724-56 User’s Guide...
Page 261: Arp Inspection Status
Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unauthorized ARP packet. When the Switch identifies an unauthorized ARP packet, it automatically creates a MAC address filter to block traffic from the source MAC address VES1724-56 User’s Guide...
Page 262 Select this, and click Delete to remove the specified entry. Cancel Click this to clear the Delete check boxes above. Change Pages Click Previous Page or Next Page to show the previous/next screen if all status information cannot be seen in one screen. VES1724-56 User’s Guide...
Page 263: Arp Inspection Vlan Status
This field displays the total number of ARP packets the Switch forwarded for the VLAN since the Switch last restarted. Dropped This field displays the total number of ARP packets the Switch discarded for the VLAN since the Switch last restarted. VES1724-56 User’s Guide...
Page 264: Arp Inspection Log Status
In the ARP Inspection VLAN Configure screen, you can configure the Switch to generate log messages when ARP packets are discarded or forwarded based on the VLAN ID of the ARP packet. See Section 26.7.2 on page 268. Time This field displays when the log message was generated. VES1724-56 User’s Guide...
Page 265: Arp Inspection Configure
Click Clearing log status table in the ARP Inspection Log Status screen to clear the log and reset this counter. See Section 26.6.2 on page 264. VES1724-56 User’s Guide...
Page 266: Arp Inspection Port Configure
26.7.1 ARP Inspection Port Configure Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. You can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port. To VES1724-56 User’s Guide...
Page 267 These settings have no effect on trusted ports. Rate (pps) Specify the maximum rate (1-2048 packets per second) at which the Switch receives ARP packets from each port. The Switch discards any additional ARP packets. Enter 0 to disable this limit. VES1724-56 User’s Guide...
Page 268: Arp Inspection Vlan Configure
This field displays the VLAN ID of each VLAN in the range specified above. If you configure the * VLAN, the settings are applied to all VLANs. Enabled Select Yes to enable ARP inspection on the VLAN. Select No to disable ARP inspection on the VLAN. VES1724-56 User’s Guide...
Page 269 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. VES1724-56 User’s Guide...
Page 270: Loop Guard
The following figure shows port N on the Switch A connected to another switch B. Switch B has mistakenly two ports, x and y, connected to each other. It forms a loop. When switch B receives VES1724-56 User’s Guide...
Page 271 A sample path of the loop guard probe packet is also shown. In this example, the probe packet is sent from an xDSL port 1 and returns also on port 1. As long as loop guard is enabled on VES1724-56 User’s Guide...
Page 272: Loop Guard Setup
Click Advanced Application > Loop Guard in the navigation panel to display the screen as shown. Note: The loop guard feature can not be enabled on the ports that have Spanning Tree Protocol (RSTP, MRSTP or MSTP) enabled. Figure 165 Advanced Application > Loop Guard VES1724-56 User’s Guide...
Page 273 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 274: Cfm
•MEP port - has the ability to send Connectivity Check Messages (CCMs) and get other MEP ports information from neighbor switches’ CCMs within an MA. •MIP port - forwards the CCMs, Loop Back Messages (LBMs) and Link Trace Messages (LTMs). CFM provides two tests to discover connectivity faults. VES1724-56 User’s Guide...
Page 275: Cfm Ma
Click Advanced Application and CFM to open this screen. Use this screen to create an MA (Maintenance Association) under an MD level. You have to specify a name, a VLAN ID and its member ports. Refer to Section 28.1 on page 274 for more information about CFM. VES1724-56 User’s Guide...
Page 276 Click Add to add the settings as a new entry in the summary table below. Cancel Click Cancel to reset the fields. Clear Click Clear to start configuring the screen again. Index This field displays the index number for the record in this summary table. VES1724-56 User’s Guide...
Page 277: Cfm Md
This field displays the level number of the MD. Delete Check the rule(s) that you want to remove in the Delete column and then click the Delete button. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 278: Vlan Mapping
Any incoming packets carrying a VLAN tag other than 12 (such as 10) and received on port 3 will be dropped if you select to drop the packets that do not match the mapping rule (Drop Miss). Figure 170 VLAN mapping example Service Provider Network Port 3 VES1724-56 User’s Guide...
Page 279: Enabling Vlan Mapping
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 280: Configuring Vlan Mapping
This is the customer VLAN ID in the incoming packets. Translated VID This is the VLAN ID that replaces the customer VLAN ID in the tagged packets. Priority This is the priority level that replaces the customer priority level in the tagged packets. VES1724-56 User’s Guide...
Page 281 Click Cancel to clear the Delete check boxes. Paging Select Prev or Next to show the previous/next screen or select a page number from the drop-down list box to display a specific page if all entries cannot be seen in one screen. VES1724-56 User’s Guide...
Page 282: Layer 2 Protocol Tunneling
In the following example, if you enable L2PT for STP, you can have switches A, B, C and D in the same spanning tree, even though switch A is not directly connected to switches B, C and D. Topology change information can be propagated throughout the service provider’s network. VES1724-56 User’s Guide...
Page 283: Layer 2 Protocol Tunneling Mode
• The Tunnel port is an egress port at the edge of the service provider's network and connected to another service provider’s switch. Incoming encapsulated layer 2 protocol packets received on a tunnel port are decapsulated and sent to an access port. VES1724-56 User’s Guide...
Page 284: Configuring Layer 2 Protocol Tunneling
Note: Changes in this row are copied to all the ports as soon as you make them. Select this option to have the Switch tunnel CDP (Cisco Discovery Protocol) packets so that other Cisco devices can be discovered through the service provider’s network. VES1724-56 User’s Guide...
Page 285 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 286: Dos Prevention
Switch can use filtering actions to determine when to start dropping packets that may potentially be associated with a DoS attack. 31.2 Configuring DoS Prevention Click Advanced Application > DoS Prevention in the navigation panel to display the screen as shown. Figure 176 DoS Prevention VES1724-56 User’s Guide...
Page 287 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 288: Pppoe Ia
Value, i1 and i2. The Value is the 32-bit number 0x00000DE9, which stands for the “ADSL Forum” IANA entry. i1 and i2 are PPPoE intermediate agent sub-options, which contain additional information about the PPPoE client. VES1724-56 User’s Guide...
Page 289: Sub-Option Format
• Global: The Switch adds the same subscriber line specific information to all PPPoE discovery packets it receives. • VLAN: The Switch is configured on a per-VLAN basis. The Switch can be configured to add different subscriber line specific information to PPPoE discovery packets in different VLANs. VES1724-56 User’s Guide...
Page 290: The Pppoe Ia Status Screen
IA option 82 tags. See more information in the Advanced Application > PPPoE IA Configuration > Global (see Section 32.4 on page 291) or Advanced Application > PPPoE IA Configuration > VLAN screen (see Section 32.5 on page 293). Figure 178 Advanced Application > PPPoE IA Configuration > Port Tel VES1724-56 User’s Guide...
Page 291: Pppoe Ia Global Configuration
You can additionally configure whether to add/replace PPPoE IA option 82 tags on a per-port basis in the Basic Setting > Port Setup screen (see Section 8.9 on page 82). Figure 179 Advanced Application > PPPoE IA Configuration > Global VES1724-56 User’s Guide...
Page 292 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 293: Pppoe Ia Vlan Configuration
Enter a string of up to 63 ASCII characters that the Switch adds into the Agent Circuit ID Information sub-option for PPPoE discovery packets with the specified VLAN tag. Spaces are allowed. Otherwise, select the second option to have the Switch use its host name. VES1724-56 User’s Guide...
Page 294 This field displays whether the Switch adds a string to the Agent Remote ID sub-option (Enable) or not (Disable). Delete Select the configuration entries you want to remove and click Delete to remove them. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 295: Adsl Fallback
Enter the VPI (Virtual Path Indicator) from 0 to 255 for a channel on a port. The VPI and VCI identify a channel. Enter the VCI (Virtual Channel Indicator) from 32 to 65535 for a channel on a port. VES1724-56 User’s Guide...
Page 296 Click Cancel to clear the Delete check boxes. Paging Select Prev or Next to show the previous/next screen or select a page number from the drop-down list box to display a specific page if all entries cannot be seen in one screen. VES1724-56 User’s Guide...
Page 297: Ippvc Configuration
Assign a default IEEE 802.1p default priority (0 to 7). This is the priority value to add to incoming frames without a (IEEE 802.1p) priority tag. Subnet IP Enter the subscriber’s IP address to which the Switch forwards the downstream traffic on this channel. VES1724-56 User’s Guide...
Page 298 Click Cancel to clear the Delete check boxes. Paging Select Prev or Next to show the previous/next screen or select a page number from the drop-down list box to display a specific page if all entries cannot be seen in one screen. VES1724-56 User’s Guide...
Page 299: Paepvc Configuration
Cancel Click Cancel to reset the above fields to your previous configuration. Index This is the index number of the channel on this port. Click a number to edit that channel. VES1724-56 User’s Guide...
Page 300 Click Cancel to clear the Delete check boxes. Paging Select Prev or Next to show the previous/next screen or select a page number from the drop-down list box to display a specific page if all entries cannot be seen in one screen. VES1724-56 User’s Guide...
Page 301: Static Route
R1 which routes it back to the manager’s computer. The Switch needs a static route to tell it to use router R2 to send traffic to an SNMP trap server on network N2. Figure 184 Static Routing Overview Telnet SNMP VES1724-56 User’s Guide...
Page 302: Configuring Static Routing
This field displays the descriptive name for this route. This is for identification purposes only. Destination This field displays the IP network address of the final destination. Address Subnet Mask This field displays the subnet mask for this destination. VES1724-56 User’s Guide...
Page 303 Switch that will forward the packet to the destination. Metric This field displays the cost of transmission for routing purposes. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 304: Differentiated Services
The boundary node (A in Figure 187) in a DiffServ network classifies (marks with a DSCP value) the incoming packets into different traffic flows (Platinum, Gold, Silver, Bronze) based on the configured marking rules. A network administrator can then apply VES1724-56 User’s Guide...
Page 305: Two Rate Three Color Marker Traffic Policing
PIR and CIR regardless of if they have previously been marked or not. In the color-aware mode, packets are marked based on both existing color and evaluation against the PIR and CIR. If the packets do not match any of colors, then the packets proceed unchanged. VES1724-56 User’s Guide...
Page 306: Trtcm-Color-Blind Mode
Low Packet Red? Yellow? Loss PIR? CIR? Medium Packet High Packet High Packet Medium Packet Loss Loss Loss Loss 34.3 Activating DiffServ Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected port(s). VES1724-56 User’s Guide...
Page 307: Configuring 2-Rate 3 Color Marker Settings
Click Cancel to begin configuring this screen afresh. 34.3.1 Configuring 2-Rate 3 Color Marker Settings Use this screen to configure TRTCM settings. Click the 2-rate 3 Color Marker link in the DiffServ screen to display the screen as shown next. VES1724-56 User’s Guide...
Page 308 Rate Peak Specify the Peak Information Rate (PIR) for this port. Rate DSCP Use this section to specify the DSCP values that you want to assign to packets based on the color they are marked via TRTCM. VES1724-56 User’s Guide...
Page 309: Dscp-To-Ieee 802.1P Priority Settings
Table 144 IP Application > DiffServ > DSCP Setting LABEL DESCRIPTION 0 … 63 This is the DSCP classification identification number. To set the IEEE 802.1p priority mapping, select the priority level from the drop-down list box. VES1724-56 User’s Guide...
Page 310 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 311: Dhcp
DHCP requests to different DHCP servers for clients in different VLAN. 35.2 DHCP Status Click IP Application > DHCP in the navigation panel. The DHCP Status screen displays. Figure 193 IP Application > DHCP > DHCP Status VES1724-56 User’s Guide...
Page 312: Dhcp Port Tel
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 313: Dhcp Relay
Figure 196 DHCP Relay Agent Circuit ID Sub-option Format SubOpt Length Value String or System Name (1 byte) (1 byte) Figure 197 DHCP Relay Agent Remote ID Sub-option Format SubOpt Length Value String or Port Name (1 byte) (1 byte) VES1724-56 User’s Guide...
Page 314: Configuring Dhcp Global Relay
VLAN. You can additionally configure whether to add/replace DHCP relay option 82 tags on a per-port basis in the Basic Setting > Port Setup screen (see Section 8.9 on page 82). VES1724-56 User’s Guide...
Page 315 82 old format (slot-port-VLAN) in binary. The Switch uses a zero for the slot value in the DHCP requests. An example of the port number is 1 if you select private while it is 31 in ASCII code if you select SP, SV or SPV. VES1724-56 User’s Guide...
Page 316 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 317: Global Dhcp Relay Configuration Example
Switch to send additional information (such as the VLAN ID) together with the DHCP requests to the DHCP server. This allows the DHCP server to assign the appropriate IP address according to the VLAN ID. Figure 200 DHCP Relay Configuration Example VES1724-56 User’s Guide...
Page 318: Configuring Dhcp Vlan Settings
You can additionally configure whether to add/replace DHCP relay option 82 tags on a per-port basis in the Basic Setting > Port Setup screen (see Section 8.9 on page 82). Figure 201 IP Application > DHCP > VLAN VES1724-56 User’s Guide...
Page 319 For DHCP relay configuration, this field displays the first remote DHCP server IP address. Delete Select the configuration entries you want to remove and click Delete to remove them. Cancel Click Cancel to clear the Delete check boxes. VES1724-56 User’s Guide...
Page 320: Example: Dhcp Relay For Two Vlans
DHCP Server X 192.168.2.100 192.168.2.1 VID 2 172.16.1.1 VID 3 VLAN 2 DHCP Server Y VLAN 3 172.16.1.100 For the example network, configure the VLAN Setting screen as shown. Figure 203 DHCP Relay for Two VLANs Configuration Example VES1724-56 User’s Guide...
Page 321: Dhcpv6 Ldra
DHCPv6 server. This information helps in authenticating the source of the requests. You can also specify additional information for the system to add to the DHCPv6 requests that it relays to the DHCPv6 server. Figure 204 DHCPv6 LDRA VES1724-56 User’s Guide...
Page 322 ID if the port has joined a group, for example, 22-B01 where B01 is port 22’s group ID. A star (*) displays next to the group ID if the port is the main port in that group. VES1724-56 User’s Guide...
Page 323 Select an entry’s Delete check box and click the Delete button to remove the entry or click Modify to edit the entry. Delete Click Delete to remove the selected entries. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 324: Dhcpv6 Counter
Click the Snooping Configure link in the IP Application > DHCPv6 LDRA screen to display the screen shown next. Use this screen to configure an acceptable rate for receiving DHCPv6 packets on each port. A port dropped additional DHCP packets after the receiving rate reaches the VES1724-56 User’s Guide...
Page 325 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 326 Chapter 35 DHCP VES1724-56 User’s Guide...
Page 327: Maintenance
System Click Config 2 to reboot the system and load Configuration 2 on the Switch. Note: Make sure to click the Save button in any screen to save your settings to the current configuration on the Switch. VES1724-56 User’s Guide...
Page 328: Firmware Upgrade
Switch and apply the new firmware immediately. (Firmware upgrades are only applied after a reboot.) Click Upgrade to load the new firmware. After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. VES1724-56 User’s Guide...
Page 329: Restore A Configuration File
Switch currently uses (in the Current Boot Image field). The following figure shows an example in which the Switch is set to use the second firmware image (ras-1). VES1724-56# show system-information Product Model : VES1724-56...
Page 330: Backup A Configuration File
If you click the Click Here button and want to access the Switch Web Configurator again, you may need to change the IP address of your computer to be in the same subnet as that of the default Switch IP address (192.168.1.1). VES1724-56 User’s Guide...
Page 331: Save Configuration
The configuration file (also known as the romfile or ROM) contains the factory default settings in the screens such as password, Switch setup, IP Setup, and so on. Once you have customized the Switch’s settings, they can be saved back to your computer under a filename of your choosing. VES1724-56 User’s Guide...
Page 332: Ftp Command Line Procedure
36.8.2 FTP Command Line Procedure Launch the FTP client on your computer. Enter open, followed by a space and the IP address of your Switch. Press [ENTER] when prompted for a username. Enter your password as requested (the default is “1234”). VES1724-56 User’s Guide...
Page 333: Gui-Based Ftp Clients
• FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the FTP session immediately. VES1724-56 User’s Guide...
Page 334: Access Control
TCP/IP-based devices. SNMP is used to exchange management information between the network management system (NMS) and a network element (NE). A manager station can manage and monitor the Switch through the network via SNMP version one (SNMPv1), SNMP version 2c or VES1724-56 User’s Guide...
Page 335: Snmp V3 And Security
Security can be further enhanced by encrypting the SNMP messages sent from the managers. Encryption protects the contents of the SNMP messages. When the contents of the SNMP messages are encrypted, only the intended recipients can read them. VES1724-56 User’s Guide...
Page 336: Supported Mibs
Otherwise, it is a standard MIB OID. Table 157 SNMP System Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION coldstart coldStart 1.3.6.1.6.3.1.1.5.1 This trap is sent when the Switch is turned on. warmstart warmStart 1.3.6.1.6.3.1.1.5.2 This trap is sent when the Switch restarts. VES1724-56 User’s Guide...
Page 337 ExternalAlarmEventOn 1.3.6.1.4.1.890.1.5.12.46.45.2. This trap is sent when the external alarm is received. ExternalAlarmEventClear 1.3.6.1.4.1.890.1.5.12.46.45.2. This trap is sent when the external alarm stops sending an alert. LPREventOn 1.3.6.1.4.1.890.1.5.12.46.27.2. This trap is sent when the system loses power. VES1724-56 User’s Guide...
Page 338 DdmiTemperatureAlarmEve 1.3.6.1.4.1.890.1.5.12.46.45.2 This trap is sent when a transceiver’s ntOn 7.2.1 temperature goes over the “high alarm” threshold. DdmiTxPowerAlarmEventOn 1.3.6.1.4.1.890.1.5.12.46.45.2 This trap is sent when a transceiver’s 7.2.1 transmitted optical power goes over the “high alarm” threshold. VES1724-56 User’s Guide...
Page 339 DdmiTxPowerWarnEventCle 1.3.6.1.4.1.890.1.5.12.46.45.2 This trap is sent when a transceiver’s ared 7.2.2 transmitted optical power falls down below the high warning threshold and is back to the normal range. VES1724-56 User’s Guide...
Page 340 This trap is sent when the MSTP root switch changes. STPTopologyChange 1.3.6.1.2.1.17.0.2 This trap is sent when the STP topology changes. MRSTPTopologyChange 1.3.6.1.4.1.890.1.5.12.46.45.36.2. This trap is sent when the MRSTP topology changes. MSTPTopologyChange 1.3.6.1.4.1.890.1.5.12.46.45.107.7 This trap is sent when the MSTP root switch changes. VES1724-56 User’s Guide...
Page 341 This trap is sent when the number of tionsThreshXtur coding violations in CPE side exceeds the threshold. xdsl2LinePerfCorrectedT 1.3.6.1.2.1.10.251.0.13 This trap is sent when the Switch detects hreshXtuc that the number of corrected blocks (FEC events) exceeds the threshold. VES1724-56 User’s Guide...
Page 342: Configuring Snmp
Select the SNMP version for the Switch. The SNMP version on the Switch must match the version on the SNMP manager. Choose SNMP version 2c (v2c), SNMP version 3 (v3) or both (v3v2c). Note: SNMP version 2c is backwards compatible with SNMP version 1. VES1724-56 User’s Guide...
Page 343 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 344: Configuring Snmp Trap Group
Up to five people (one administrator and four non-administrators) may access the Switch via Web Configurator at any one time. • An administrator is someone who can both view and configure Switch changes. The username for the Administrator is always admin. The default administrator password is 1234. VES1724-56 User’s Guide...
Page 345 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 346: Ssh Overview
The client encrypts a randomly generated session key with the host key and server key and sends the result back to the server. The client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer. VES1724-56 User’s Guide...
Page 347: Ssh Implementation On The Switch
Switch a certificate. You must apply for a certificate for the browser from a CA that is a trusted CA on the Switch. Please refer to the following figure. HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the Switch’s WS (web server). VES1724-56 User’s Guide...
Page 348: Https Example
You see the following Security Alert screen in Internet Explorer. Select Yes to proceed to the web configurator login screen; if you select No, then web configurator access is blocked. Figure 221 Security Alert Dialog Box (Internet Explorer 6) VES1724-56 User’s Guide...
Page 349 After you log in, you will see the red address bar with the message Certificate Error. Click on Certificate Error next to the address bar and click View certificates. Figure 223 Certificate Error (Internet Explorer 7 or 8) EXAMPLE VES1724-56 User’s Guide...
Page 350 Chapter 37 Access Control Click Install Certificate... and follow the on-screen instructions to install the certificate in your browser. Figure 224 Certificate (Internet Explorer 7 or 8) VES1724-56 User’s Guide...
Page 351: Mozilla Firefox Warning Messages
When you attempt to access the Switch HTTPS server, a This Connection is Unstructed screen may display. If that is the case, click I Understand the Risks and then the Add Exception... button. Figure 225 Security Alert (Mozilla Firefox) VES1724-56 User’s Guide...
Page 352: The Main Screen
37.8.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar (in Internet Explorer 6 or VES1724-56 User’s Guide...
Page 353: Service Port Access Control
37.9 Service Port Access Control Service Access Control allows you to decide what services you may use to access the Switch. You may also change the default service port and configure “trusted computer(s)” for each service in VES1724-56 User’s Guide...
Page 354: Remote Management
Cancel Click Cancel to begin configuring this screen afresh. 37.10 Remote Management Click Management > Access Control > Remote Management to view the screen as shown next. VES1724-56 User’s Guide...
Page 355 Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 356: Diagnostic
Select to ping an IPv4 or IPv6 address, and the interface to send IP ping packets (default- management, inband-vlan, inband-default, out-of-band). When you select inband-vlan in the Outgoing interface field, you have to also specify a VLAN ID for the ping conditions. VES1724-56 User’s Guide...
Page 357 From the Port drop-down list box, select a port number and click Internal Test to perform an internal loopback test or click External Test (on a VDSL port) to perform a loopback test to the a remote CPE device. A successful or fail test result displays then. VES1724-56 User’s Guide...
Page 358: Syslog
Error: There is an error condition on the system. Warning: There is a warning condition on the system. Notice: There is a normal but significant condition on the system. Informational: The syslog contains an informational message. Debug: The message is intended for debug-level purposes. VES1724-56 User’s Guide...
Page 359: Syslog Setup
Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 360: Syslog Server Setup
This field displays the severity level of the logs that the device is to send to this syslog server. Delete Select an entry’s Delete check box and click Delete to remove the entry. Cancel Click Cancel to begin configuring this screen afresh. VES1724-56 User’s Guide...
Page 361: Loop Diagnostic
This button appears when a port’s status is “Showtime”. Click DELT Start to start the dual- end loop test between the Switch and the remote devices. Note: It takes several minutes to complete whole test. Before it’s completed, the status stays at “LD_Testing”. VES1724-56 User’s Guide...
Page 362 Select SNR-ps (Signal-to-Noise-Ratio per sub-carrier) to see the line’s signal strength level by calculating the ratio between the received signal power and the received noise power for that sub-carrier. Select Hlin-ps to see the line’s capability against attenuation. Direction Select Downstream or Upstream for the direction. VES1724-56 User’s Guide...
Page 363: Single-End Loop Test (Selt)
Progress” when you perform a SELT or calibration. It also displays the time you started the test task and how long the test has been processed. Show Status Select a port number from the drop-down list box and click Show Status to display the test result in the table below. VES1724-56 User’s Guide...
Page 364 This field displays an indicator of the error in the attenuation fields. Termination This field displays the phase jump at the line termination. A value of 0 indicates a shortcut termination. A value of 1 indicates an open termination. VES1724-56 User’s Guide...
Page 365: Mac Table
• If the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 236 MAC Table Flowchart VES1724-56 User’s Guide...
Page 366: Viewing The Mac Table
This is the VLAN group to which this frame belongs. Port This is the port from which the above MAC address was learned. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). VES1724-56 User’s Guide...
Page 367: Arp Table
MAC address that replied. 42.2 Viewing the ARP Table Click Management > ARP Table in the navigation panel to open the following screen. Use the ARP table to view IP-to-MAC address mapping(s). Figure 238 Management > ARP Table VES1724-56 User’s Guide...
Page 368 This is the ID number of the VLAN to which the MAC address belongs. Type This shows whether the MAC address is dynamic (learned by the Switch) or static. Age(s) This shows how long (in second) the entry remains valid. Zero means the entry is always valid. VES1724-56 User’s Guide...
Page 369: Hardware Information
CPU is currently used. Packet Buffer Select this and then click Display to see detailed packet buffer usage. Memory Usage Select this and then click Display to see detailed memory usage. Clear Click this to clear this screen. VES1724-56 User’s Guide...
Page 370: Cfm Action
Select this to perform a loopback test on this link. Level Select an MD level (0-7). Type an MA VLAN ID (0-4096) under the MD level. MEPID Type an MEP ID to specify which MEP port on the device initiates the action. VES1724-56 User’s Guide...
Page 371 Select a level, type a VID and MEPID and click this to display the result for a test. Examples of connectivity test reports are shown next. Figure 241 Connectivity Test Report Examples LoopBack Report Link Trace Report Show Detail Report VES1724-56 User’s Guide...
Page 372: Ipv6 Cache
If the Switch cannot find an entry in the neighbor cache or the state for the neighbor is not reachable, it starts the address resolution process. This helps reduce the number of IPv6 solicitation and advertisement messages. VES1724-56 User’s Guide...
Page 373: Neighbor Cache
Unknown: The status of the neighboring interface cannot be determined. Incomplete: Address resolution is in progress and the link-layer address of the neighbor has not yet been determined (see RFC 4861). The interface of the neighboring device did not give a complete response. VES1724-56 User’s Guide...
Page 374: Router
Select an interface from the drop-down list box to view the router advertisement information the interface has received. Interface Name This field displays the name of the interface. Item This field displays the name of an item carried by router advertisements. Status This field displays the item’s status details. VES1724-56 User’s Guide...
Page 375: Path Mtu
Click the Path MTU link in the Management > IPv6 Cache screen to open the following screen. Use this screen to check IPv6 path MTU sizes. In IPv6, packets can be fragmented only by the source device from which the packets are sent. The source device must adjust the MTU size if it VES1724-56 User’s Guide...
Page 376 This is the index number of an entry. Destination Address This is the IPv6 address of a destination host. This is the maximum transmission unit used for data transmission to the destination host. Expire This is the remaining time before the entry expires. VES1724-56 User’s Guide...
Page 377: Troubleshooting
Turn the Switch off and on (in DC models or if the DC power supply is connected in AC/DC models). Disconnect and re-connect the power adaptor or cord to the Switch (in AC models or if the AC power supply is connected in AC/DC models). If the problem continues, contact the vendor. VES1724-56 User’s Guide...
Page 378: Switch Access And Login
If this does not work, you have to reset the device to its factory defaults. See Section 4.6 on page I cannot see or access the Login screen in the Web Configurator. Make sure you are using the correct IP address. VES1724-56 User’s Guide...
Page 379 If this does not work, you have to reset the device to its factory defaults. See Section 4.6 on page Pop-up Windows, JavaScripts and Java Permissions In order to use the Web Configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). VES1724-56 User’s Guide...
Page 380: Switch Configuration
Click Save at the top right corner of the Web Configurator to save the configuration permanently. See also Section 36.6 on page 331 for more information about how to save your configuration. VES1724-56 User’s Guide...
Page 381: Product Specifications
At the time of writing, ZyXEL P-870H-51, P-870HA, P-870HW-51, P873 and P874 are the compatible CPE device models. Device Model Performance and Management Specifications VDSL Fixed Rate, Rate Adaptive and dynamic mode. Upstream and Downstream Power back off (UPBO, DPBO) Interleave delay setting RFI configuration Resynchronization VES1724-56 User’s Guide...
Page 382 IEEE 802.1s Multiple Spanning Tree Protocol IEEE 802.1p SPQ, WRR, WFQ, SPQ/WRR or SPQ/WFQ combination capable Eight priority queues per port Rule-based bandwidth control (ingress traffic metering/dropping 64Kb stepping) Port-based egress traffic shaping Rule-based traffic mirroring IGMP snooping TRTCM VES1724-56 User’s Guide...
Page 383 DHCP client DHCP relay VLAN-based DHCP relay Filtering Support L2 MAC filtering, L3 IP filtering, Layer 4 TCP/UDP socket Multicast IGMP snooping (IGMP v1/v2/v3, 16 VLAN maximum-user configurable) MLD v1/v2 IGMP filtering IGMP timer Multicast reserve group VES1724-56 User’s Guide...
Page 384 18 AWG or larger Table 182 Firmware Specifications FEATURE DESCRIPTION Number of Login Accounts 4 management accounts configured on the Switch. Configurable on the Switch Authentication via RADIUS and TACACS+ also available. Maximum Frame Size 9 K (9216 bytes) VES1724-56 User’s Guide...
Page 385 Media-on-Demand (MoD)) using multicast traffic across a network. MVR allows one single multicast VLAN to be shared among different subscriber VLANs on the network. This improves bandwidth utilization by reducing multicast traffic in the subscriber VLANs and simplifies multicast group management. VES1724-56 User’s Guide...
Page 386 Address Resolution Protocol (ARP) RFC 867 Daytime Protocol RFC 868 Time Protocol RFC 894 Ethernet II Encapsulation RFC 1112 IGMP v1 RFC 1155 RFC 1157 SNMPv1: Simple Network Management Protocol version 1 RFC 1213 SNMP MIB II VES1724-56 User’s Guide...
Page 387 CSA 60950-1 EN 60950-1 IEC 60950-1 FCC Part 15 (Class A) CE EMC (Class A) Splitter Board Specifications The following table lists the splitter board specifications. Table 184 CO Impedance Splitter Board Specifications COUNTRY POTS Taiwan 900 VES1724-56 User’s Guide...
Page 388 Hardware Telco-50 Connector Pin Assignments Use Telco-50 cables to connect the VDSL LINE port to the user equipment (VDSL modem) and the POTS LINE port to the central office switch or PBX (Private Branch Exchange). In this switch, both VES1724-56 User’s Guide...
Page 389 Chapter 47 Product Specifications VDSL and POTS use same pin assignments.The following table and diagram show the pin assignments of the Telco-50 connectors on the Switch. Table 185 Hardware Telco-50 Pin Assignments (VES1724-56) VDSL POTS PIN1 NULL PIN26 NULL PIN1...
Page 390 5, 30 6, 31 7, 32 8, 33 9, 34 10, 35 11, 36 12, 37 13, 38 14, 39 15, 40 16, 41 17, 42 18, 43 19, 44 20, 45 21, 46 22, 47 23, 48 VES1724-56 User’s Guide...
Page 391 Pin 2 = DCE-TXD Pin 3 = DCE –RXD Pin 4 = DCE –DSR Pin 5 = GND Pin 6 = DCE –DTR Pin 7 = DCE –CTS Pin 8 = DCE –RTS PIN 9 = NON VES1724-56 User’s Guide...
Page 392 An open circuit for pins 4 and 8 indicates no alarm status. A closed circuit indicates an alarm status. Pin 5 and Pin 9 An open circuit for pins 5 and 9 indicates no alarm status. A closed circuit indicates an alarm status. VES1724-56 User’s Guide...
Page 393 Figure 248 Twisted-Pair 1000BASE-T Ethernet Cable Schematic Switch Switch 1 TP0+ 1 TP0+ 2 TP0- 2 TP0- 3 TP1+ 3 TP1+ 6 TP1- 6 TP1- 4 TP2+ 4 TP2+ 5 TP2- 5 TP2- 7 TP3+ 7 TP3+ 8 TP3- 8 TP3- VES1724-56 User’s Guide...
Page 394 Gray White Blue Orange Green Brown Gray Blue Black Orange Black Green Black Brown Black Gray Black Blue Yellow Orange Yellow Green Yellow Brown Yellow Gray Yellow Blue Purple Orange Purple Green Purple Brown Purple Gray Purple VES1724-56 User’s Guide...
Page 395 Table 192 Telco-50 Cable Structure OUTER WIRE INSULATION CABLE ALUMINUM STRIP FINAL DIAMETER SHEATH NUMBER OF DIAMETER THICKNESS DIAMETER LAMINATE OF THE ROUND THICKNESS PAIRS (P) (MM) (MM) (MM) THICKNESS (MM) CABLE (MM) (MM) 0.50 11.8°”1.0 Figure 249 Telco-50 Cable Structure VES1724-56 User’s Guide...
Page 396 OUTER WIRE INSULATION CABLE ALUMINUM STRIP FINAL DIAMETER SHEATH NUMBER OF DIAMETER THICKNESS DIAMETER LAMINATE OF THE ROUND THICKNESS PAIRS (P) (MM) (MM) (MM) THICKNESS (MM) CABLE (MM) (MM) 0.515 11.0 13.0°”1.0 Figure 250 Telco-50 Cable Structure VES1724-56 User’s Guide...
Page 397: Appendix A Common Services
File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e- mail. H.323 1720 NetMeeting uses this protocol. HTTP Hyper Text Transfer Protocol - a client/server protocol for the world wide web. VES1724-56 User’s Guide...
Page 398 Traps for use with the SNMP (RFC:1215). SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. TCP/UDP Secure Shell Remote Login Program. VES1724-56 User’s Guide...
Page 399 TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. VES1724-56 User’s Guide...
Page 400 Appendix A Common Services VES1724-56 User’s Guide...
Page 401: Appendix B Legal Information
This publication is subject to change without notice. Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 402 Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. VES1724-56 User’s Guide...
Page 403: Index
98, 107 application notices curbside viewing CFI (Canonical Format Indicator) how it works actions ARP (Address Resolution Protocol) CFM,how it works ARP inspection 249, 251 Connectivity Check and MAC filter Connectivity Fault configuring link trace test syslog messages VES1724-56 User’s Guide...
Page 404 VDSL templates for ports Differentiated Service (DiffServ) configuring VDSL alarm template for ports DiffServ configuring VDSL templates activate and TRTCM console cable pin assignments DS field console port DSCP settings DSCP-to-IEEE802.1p mapping copper wire network example copyright VES1724-56 User’s Guide...
Page 405 Ethernet port details G.997.1 example GARP MIP and MEP GARP terminology primary and fallback VDSL template GARP timer 75, 130 settings gauge of telephone wire VDSL profile settings general setup external authentication server Generic Attribute Registration Protocol, see GARP VES1724-56 User’s Guide...
Page 406 188, 189, 240, 242 port authentication IPv6 reauthentication addressing IGMP EUI-64 version global address global ID IGMP (Internet Group Management Protocol) interface ID IGMP filtering link-local address profile profiles neighbor cache IGMP per port counter 221, 222 prefix VES1724-56 User’s Guide...
Page 407 71, 367 MAC address learning 75, 139 limit mask in VDSL MAC authentication Limit PSD Mask aging time fine tune example limiting broadcast, multicast, DLF packets setup line attenuation MAC based VLANs Link Aggregate Control Protocol (LACP) VES1724-56 User’s Guide...
Page 408 MIB PSD Mask Multiple Rapid Spanning Tree Protocol graph Multiple RSTP mini-GBIC transceivers Multiple Spanning Tree Protocol, See MSTP installation Multiple Spanning Tree Protocol, see MSTP MultiSource Agreement Multiple STP removal Multiple Tenant Unit, see MTU VES1724-56 User’s Guide...
Page 409 PAE PVC power connector PAGP power consumption password power management password change for administrator power specification PHB (Per-Hop Behavior) Power Spectral Density, see PSD PhyR power status pin assignment power voltage console cable VES1724-56 User’s Guide...
Page 410 VDSL template, line profiles, channel profiles, and ports remote management service queuing method 205, 207 trusted computers Quiet Line Noise, see QLN resetting 40, 330 to factory default settings restoring configuration 40, 329 RFC 3164 VES1724-56 User’s Guide...
Page 411 Single-End Loop Test, see SELT static MAC address Small Form-factor Pluggable, see SFP static MAC forwarding 139, 152 SNMP static multicast address agent static multicast forwarding and MIB static routes and security static trunking example authentication Static VLAN communities VES1724-56 User’s Guide...
Page 412 SYS LED traps syslog 252, 358 destination protocol troubleshooing for DHCP relay tutorial server setup settings TRTCM setup and bandwidth control severity levels and DiffServ color-aware mode system information color-blind mode system log VES1724-56 User’s Guide...
Page 413 VDSL channel alarm profile viewing maximum transmission data rate VDSL channel profile viewing xDSL sub-carrier status PhyR Virtual Noise 108, 115 VDSL INM profile VLAN 74, 129 VDSL line alarm profile acceptable frame type VDSL line profile automatic registration VES1724-56 User’s Guide...
Page 414 209, 212 port-based inner Q port-based Q-in-Q priority selective Q-in-Q TPID Tunnel TPID VLAN tag format VLAN tag format VLAN Trunking Protocol, see VTP VLAN, protocol based, see protocol based VLAN VES1724-56 User’s Guide...