Page 1 ONU-2024 Series User’s Guide Version 1 11/2008 Edition 1 DEFAULT LOGIN IP Address http://192.168.1.1 User Name admin Password 1234 www.zyxel.com...
Page 3: About This User's Guide
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ONU using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation •...
Page 4: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 5 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ONU icon is not an exact representation of your device. Computer Notebook computer Server DSLAM Firewall Telephone Switch Router ONU User’s Guide...
Page 6: Safety Warnings
Safety Warnings Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 Safety Warnings This product is recyclable. Dispose of it properly. ONU User’s Guide...
Page 8 Safety Warnings ONU User’s Guide...
Page 9: Table Of Contents
Contents Overview Contents Overview Introduction ..........................29 Getting to Know Your Device ..................... 31 Hardware Installation and Connection ..................35 Hardware Connections ......................39 Basic Configuration ....................... 45 The Web Configurator ....................... 47 Initial Setup Example ......................... 55 System Status and Port Statistics ....................59 Basic Setting ..........................
Page 10 Contents Overview Syslog ............................219 Cluster Management ....................... 223 MAC Table ..........................229 ARP Table ..........................231 Configure Clone ........................233 Appendices and Index ......................235 ONU User’s Guide...
Page 11: Table Of Contents
Table of Contents Table of Contents About This User's Guide ......................3 Document Conventions......................4 Safety Warnings........................6 Contents Overview ........................9 Table of Contents........................11 List of Figures ......................... 21 List of Tables........................... 25 Part I: Introduction................. 29 Chapter 1 Getting to Know Your Device....................
Page 12 Table of Contents 3.2.1 Console Port ......................40 3.2.2 Ethernet Ports ......................40 3.2.3 Mini-GBIC Slot ......................40 3.2.4 GEPON Uplink Port ....................42 3.3 Rear Panel ........................... 42 3.3.1 Power Connector ....................... 42 3.4 LEDs ............................ 43 Part II: Basic Configuration..............45 Chapter 4 The Web Configurator ......................
Page 13 Table of Contents 7.1 Overview ..........................65 7.1.1 What You Can Do in the Basic Setting Screens ............65 7.1.2 What You Need to Know About the Basic Setting Screens ........65 7.2 System Information ......................67 7.3 General Setup .........................
Page 14 Table of Contents 11.1.1 What You Can Do in the STP Screens ..............95 11.1.2 What You Need to Know About the STP Screens ............ 96 11.2 Spanning Tree Configuration Screen ................100 11.3 Configure Rapid Spanning Tree Protocol ..............100 11.4 Rapid Spanning Tree Protocol Status ................
Page 15 Table of Contents 17.1 Overview ......................... 125 17.2 Port Security Setup ......................126 17.3 Port Security Example ..................... 127 Chapter 18 Queuing Method........................129 18.1 Overview ......................... 129 18.1.1 What You Need to Know About the Queuing Method Screen ........ 129 18.2 The Queuing Method Screen ..................
Page 16 Table of Contents 21.1.1 What You Can Do in the IP Source Guard Screens ..........159 21.1.2 What You Need to Know About the IP Source Guard Screens ......160 21.2 IP Source Guard ......................161 21.3 IP Source Guard Static Binding ..................162 21.4 ARP Inspection Status .....................
Page 17 Table of Contents 25.4 Configuring DHCP VLAN Settings ................188 25.4.1 Example: DHCP Relay for Two VLANs ..............190 Part V: Management................191 Chapter 26 Maintenance .......................... 193 26.1 Overview .......................... 193 26.1.1 What You Can Do in the Maintenance Screens ............. 193 26.2 The Maintenance Screen ....................
Page 18 Table of Contents 27.8.2 The Main Screen ....................213 27.9 Service Port Access Control ..................214 27.10 Remote Management ....................215 Chapter 28 Diagnostic..........................217 28.1 Overview .......................... 217 28.2 Diagnostic ........................217 Chapter 29 Syslog ............................ 219 29.1 Overview .......................... 219 29.1.1 What You Can Do in the Syslog Screens ...............
Page 19 Table of Contents Appendix A Product Specifications..................237 Appendix B IP Addresses and Subnetting ................243 Appendix C Legal Information ....................251 Appendix D Customer Support..................... 255 Index............................261 ONU User’s Guide...
Page 20 Table of Contents ONU User’s Guide...
Page 21: List Of Figures
List of Figures List of Figures Figure 1 Backbone Application ......................31 Figure 2 Bridging Application ........................ 32 Figure 3 High Performance Switched Workgroup Application ............... 33 Figure 4 Shared Server Using VLAN Example ..................33 Figure 5 Attaching Rubber Feet ......................35 Figure 6 Attaching the Mounting Brackets .....................
Page 22 List of Figures Figure 39 STP/RSTP Network Example ....................98 Figure 40 MSTP Network Example ......................98 Figure 41 MSTIs in Different Regions ....................99 Figure 42 MSTP and Legacy RSTP Network Example ................. 99 Figure 43 Advanced Application > Spanning Tree Protocol ..............100 Figure 44 Advanced Application >...
Page 23 List of Figures Figure 82 ARP Inspection Status ......................163 Figure 83 ARP Inspection Log Status ....................164 Figure 84 ARP Inspection Configure ....................165 Figure 85 ARP Inspection Port Configure .................... 167 Figure 86 ARP Inspection VLAN Configure ..................168 Figure 87 Loop Guard vs.
Page 24 List of Figures Figure 125 Management > Syslog > Server Setup ................221 Figure 126 Clustering Application Example ..................223 Figure 127 Management > Cluster Management ................224 Figure 128 Cluster Management: Cluster Member Web Configurator Screen ........225 Figure 129 Example: Uploading Firmware to a Cluster Member Switch ..........226 Figure 130 Management >...
Page 25: List Of Tables
List of Tables List of Tables Table 1 Front Panel ..........................39 Table 2 LEDs ............................43 Table 3 Navigation Panel Sub-links Overview ..................49 Table 4 Web Configurator Screen Sub-links Details ................50 Table 5 Navigation Panel Links ......................51 Table 6 Status ............................
Page 26 List of Tables Table 39 Advanced Application > Queuing Method ................130 Table 40 Multicast Status ........................132 Table 41 Advanced Application > Multicast > Multicast Setting ............133 Table 42 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN ....135 Table 43 Advanced Application >...
Page 27 List of Tables Table 82 Management > Access Control > SNMP > Trap Group ............207 Table 83 Management > Access Control > Logins ................208 Table 84 Management > Access Control > Service Access Control ........... 214 Table 85 Management > Access Control > Remote Management ............215 Table 86 Management >...
Page 28 List of Tables ONU User’s Guide...
Page 29: Introduction
Introduction Getting to Know Your Device (31) Hardware Installation and Connection (35) Hardware Connections (39)
Page 31: Getting To Know Your Device
H A P T E R Getting to Know Your Device 1.1 Introduction This chapter introduces the main features and applications of the ONU. An Optical Network Unit (ONU) is a fiber optic modem that allows very high-speed Internet access over a passive optical network (PON). It extends fiber optic cables from the service provider to the premises, such as an office building or residence, and requires no additional power to maintain between the origin and end points.
Page 32: Bridging Example
Chapter 1 Getting to Know Your Device 1.1.2 Bridging Example In this example application the ONU connects different company departments (RD and Sales) to the corporate backbone. It can alleviate bandwidth contention and eliminate server and network bottlenecks. All users that need high bandwidth can connect to high-speed department servers via the ONU.
Page 33: Ieee 802.1Q Vlan Application Examples
Chapter 1 Getting to Know Your Device Figure 3 High Performance Switched Workgroup Application 1.1.4 IEEE 802.1Q VLAN Application Examples A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network belong to one group. A station can belong to more than one group.
Page 34: Ways To Manage The Onu
Chapter 1 Getting to Know Your Device 1.2 Ways to Manage the ONU Use any of the following methods to manage the ONU: • The Web Configurator. This is recommended for everyday management of the ONU using a (supported) web browser. See Chapter 4 on page •...
Page 35: Hardware Installation And Connection
H A P T E R Hardware Installation and Connection 2.1 Overview This chapter shows you how to install and connect the ONU. 2.2 Freestanding Installation 1 Make sure the ONU is clean and dry. 2 Set the ONU on a smooth, level surface strong enough to support the weight of the ONU and the connected cables.
Page 36: Mounting The Onu On A Rack
Chapter 2 Hardware Installation and Connection Do NOT block the ventilation holes. Leave space between devices when stacking. For proper ventilation, allow at least 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the ONU. This is especially important for enclosed rack installations.
Page 37: Mounting The Onu On A Rack
Chapter 2 Hardware Installation and Connection 2 Using a #2 Philips screwdriver, install the M3 flat head screws through the mounting bracket holes into the ONU. 3 Repeat steps to install the second mounting bracket on the other side of the ONU.
Page 38 Chapter 2 Hardware Installation and Connection ONU User’s Guide...
Page 39: Hardware Connections
H A P T E R Hardware Connections 3.1 Overview This chapter describes the front panel and rear panel of the ONU and shows you how to make the hardware connections. 3.2 Front Panel Connection The figure below shows the front panel of the device. Figure 8 Front Panel Console Port Gigabit Ethernet/...
Page 40: Console Port
Chapter 3 Hardware Connections 3.2.1 Console Port For local management, you can use a computer with terminal emulation software configured to the following parameters: • VT100 terminal emulation • 9600 bps • No parity, 8 data bits, 1 stop bit •...
Page 41: Figure 9 Transceiver Installation Example
Chapter 3 Hardware Connections To avoid possible eye injury, do not look into an operating fiber-optic module’s connectors. 3.2.3.1 Transceiver Installation Use the following steps to install a mini GBIC transceiver (SFP module). 1 Insert the transceiver into the slot with the exposed section of PCB board facing down. Figure 9 Transceiver Installation Example 2 Press the transceiver firmly until it clicks into place.
Page 42: Gepon Uplink Port
Chapter 3 Hardware Connections 3.2.4 GEPON Uplink Port The ONU has 1 GEPON (Passive Optical Network) uplink port to which you can connect a networking fiber optic cable. To avoid possible eye injury, do not look into an operating GEPON uplink port’s connector.
Page 43: Leds
Chapter 3 Hardware Connections 3.4 LEDs The following table describes the LEDs located on the front panel. Table 2 LEDs COLOR STATUS DESCRIPTION Green The system is turned on. The system is off. Green Blinking The system is rebooting and performing self-diagnostic tests. The system is on and functioning properly.
Page 44 Chapter 3 Hardware Connections ONU User’s Guide...
Page 45: Basic Configuration
Basic Configuration The Web Configurator (47) Initial Setup Example (55) System Status and Port Statistics (59) Basic Setting (65)
Page 47: The Web Configurator
H A P T E R The Web Configurator 4.1 Overview This section introduces the configuration and functions of the web configurator. The web configurator is an HTML-based management interface that allows easy ONU setup and management via Internet browser, such as Internet Explorer 6.0 and higher. The recommended screen resolution is 1024 x 768 pixels.
Page 48: The Status Screen
Chapter 4 The Web Configurator 4.3 The Status Screen The Status screen is the first screen that displays when you access the web configurator. The following figure shows the navigating components of a web configurator screen. Figure 16 Web Configurator Home Screen (Status) B C D E A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window.
Page 49: Table 3 Navigation Panel Sub-Links Overview
Chapter 4 The Web Configurator In the navigation panel, click a main link to reveal a list of submenu links. Table 3 Navigation Panel Sub-links Overview ADVANCED BASIC SETTING IP APPLICATION MANAGEMENT APPLICATION These settings in the Web Configurator can only be configured for the Ethernet ports, not the GEPON port.
Page 50: Table 4 Web Configurator Screen Sub-Links Details
Chapter 4 The Web Configurator The following table lists the various web configurator screens within the sub-links. Table 4 Web Configurator Screen Sub-links Details ADVANCED BASIC SETTING IP APPLICATION MANAGEMENT APPLICATION System Info VLAN Status Static Routing Maintenance General Setup VLAN Port Setting DiffServ Firmware Upgrade...
Page 51: Table 5 Navigation Panel Links
Chapter 4 The Web Configurator The following table describes the links in the navigation panel. Table 5 Navigation Panel Links LINK DESCRIPTION Basic Settings System Info This link takes you to a screen that displays general system and hardware monitoring information. General Setup This link takes you to a screen where you can configure general identification information about the ONU.
Page 52: Change Your Password
Chapter 4 The Web Configurator Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Static Route This link takes you to screens where you can configure static routes. A static route defines how the ONU should forward traffic by configuring the TCP/IP parameters manually.
Page 53: Saving Your Configuration
Chapter 4 The Web Configurator 4.4 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the ONU’s power is turned off.
Page 54: Reload The Configuration File
Chapter 4 The Web Configurator 4.6.1 Reload the Configuration File Uploading the factory-default configuration file replaces the current configuration file with the factory-default configuration file. This means that you will lose all previous configurations and the speed of the console port will be reset to the default of 9600 bps with 8 data bits, no parity, one stop bit and flow control set to none.
Page 55: Initial Setup Example
H A P T E R Initial Setup Example 5.1 Overview This chapter shows you how to set up the ONU for an example network. 5.1.1 What You Can Do in this Chapter The following lists the configuration steps you can take for the initial setup: •...
Page 56: Creating A Vlan
Chapter 5 Initial Setup Example 5.1.3 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port(s) belongs. You can do this with port-based VLAN or tagged static VLAN with fixed port members. In this example, you want to configure port 10 as a member of VLAN 2. Figure 19 Initial Setup Network Example: VLAN 1 Click Advanced Application and VLAN in the navigation...
Page 57: Setting Port Vid
Chapter 5 Initial Setup Example 3 Since the VLAN2 network is connected to port 10 on the ONU, select Fixed to configure port 10 to be a permanent member of the VLAN only. 4 To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the ONU to remove VLAN tags before sending.
Page 58: Configuring Onu Management Ip Address
Chapter 5 Initial Setup Example 5.1.5 Configuring ONU Management IP Address The default management IP address of the ONU is 192.168.1.1. You can configure another IP address in a different subnet for management purposes. The following figure shows an example. Figure 21 Initial Setup Example: Management IP Address 1 Click Basic Setting and IP Setup in the navigation panel.
Page 59: System Status And Port Statistics
H A P T E R System Status and Port Statistics 6.1 Overview This chapter describes the system status and port details screens. The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details. 6.1.1 What You Can Do in this Status Screens •...
Page 60 Chapter 6 System Status and Port Statistics Table 6 Status (continued) LABEL DESCRIPTION Link This field displays the speed (either 10M for 10Mbps, 100M for 100Mbps or 1000M for 1000Mbps) and the duplex (F for full duplex or H for half). It also shows the cable type (Copper or Fiber) for the combo ports.
Page 61: Status: Port Details
Chapter 6 System Status and Port Statistics 6.2.1 Status: Port Details Click a number in the Port column in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the ONU.
Page 62 Chapter 6 System Status and Port Statistics Table 7 Status > Port Details (continued) LABEL DESCRIPTION LACP This field shows if LACP is enabled on this port or not. This field displays N/A for the GEPON uplink port. TxPkts This field shows the number of transmitted frames on this port. RxPkts This field shows the number of received frames on this port.
Page 63 Chapter 6 System Status and Port Statistics Table 7 Status > Port Details (continued) LABEL DESCRIPTION Error Packet The following fields display detailed information about packets received that were in error. RX CRC This field shows the number of packets received with CRC (Cyclic Redundant Check) error(s).
Page 64 Chapter 6 System Status and Port Statistics ONU User’s Guide...
Page 65: Basic Setting
H A P T E R Basic Setting 7.1 Overview This chapter describes how to configure the System Info, General Setup, Switch Setup, IP Setup and Port Setup screens. 7.1.1 What You Can Do in the Basic Setting Screens • The System Info screen displays general ONU information and hardware polling information (Section 7.2 on page 67).
Page 66 Chapter 7 Basic Setting A Passive Optical Network (PON) sends fiber optical cables from a service provider to the premises. "Passive" means that no power is required once the data, which is transmitted as light, enters the cables. In a PON, an Optical Network Unit (ONU) is a fiber optical modem that allows a subscriber or client to receive very high-speed Internet access over an optical network.
Page 67: System Information
Chapter 7 Basic Setting 7.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the ONU temperature, fan speeds and voltage in this screen. Figure 24 Basic Setting >...
Page 68: Table 9 Basic Setting > General Setup
Chapter 7 Basic Setting The following table describes the labels in this screen. Table 9 Basic Setting > General Setup LABEL DESCRIPTION System Name Choose a descriptive name for identification purposes. This name consists of up to 64 printable characters; spaces are allowed. Location Enter the geographic location of your ONU.
Page 69: Introduction To Vlans
Chapter 7 Basic Setting Table 9 Basic Setting > General Setup (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Daylight Saving Time. The time field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the first Sunday of November.
Page 70: Switch Setup Screen
Chapter 7 Basic Setting 7.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN. Figure 26 Basic Setting >...
Page 71 Chapter 7 Basic Setting Table 10 Basic Setting > Switch Setup (continued) LABEL DESCRIPTION Priority Queue Assignment IEEE 802.1p defines up to eight separate traffic types by inserting a tag into a MAC-layer frame that contains bits to define class of service. Frames without an explicit priority tag are given the default priority of the ingress port.
Page 72: Ip Setup
Chapter 7 Basic Setting 7.6 IP Setup Use the IP Setup screen to configure the default gateway device, the default domain name server and add IP domains. 7.6.1 IP Interfaces The ONU needs an IP address for it to be managed over the network. The factory default IP address is 192.168.1.1.
Page 73 Chapter 7 Basic Setting Table 11 Basic Setting > IP Setup (continued) LABEL DESCRIPTION DHCP Client Select this option if you have a DHCP server that can assign the ONU an IP address and subnet mask, a default gateway IP address and a domain name server IP address.
Page 74: Port Setup
Chapter 7 Basic Setting 7.7 Port Setup Use this screen to configure ONU port settings. Click Basic Setting > Port Setup in the navigation panel to display the configuration screen. The fields for the GEPON uplink port are not configurable. Figure 28 Basic Setting >...
Page 75 Chapter 7 Basic Setting Table 12 Basic Setting > Port Setup (continued) LABEL DESCRIPTION Speed/Duplex Select the speed and the duplex mode of the Ethernet connection on this port. Choices are Auto, 10M/Half Duplex, 10M/Full Duplex, 100M/Half Duplex, 100M/ Full Duplex and 1000M/Full Duplex (for Gigabit ports only). Selecting Auto (auto-negotiation) allows one port to negotiate with a peer port automatically to obtain the connection speed and duplex mode that both ends support.
Page 76 Chapter 7 Basic Setting ONU User’s Guide...
Page 77: Advanced Setup
Advanced Setup VLAN (79) Static MAC Forward Setup (91) Filtering (93) Spanning Tree Protocol (95) Bandwidth Control (109) Broadcast Storm Control (111) Mirroring (113) Link Aggregation (115) Port Authentication (121) Port Security (125) Queuing Method (129) Multicast (131) Authentication & Accounting (145) IP Source Guard (159) Loop Guard (169) The settings described in this part of the User’s Guide can only be configured...
Page 79: Vlan
H A P T E R VLAN 8.1 Overview The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 8.1.1 What You Can Do in the VLAN Screens •...
Page 80: Table 13 Ieee 802.1Q Vlan Terminology
Chapter 8 VLAN priority frame, meaning that only the priority level is significant and the default VID of the ingress port is given as the VID of the frame. Of the 4096 possible VIDs, a VID of 0 is used to identify priority frames and value 4095 (FFF) is reserved, so the maximum possible VLAN configurations are 4,094.
Page 81: Figure 29 Port Vlan Trunking
Chapter 8 VLAN Table 13 IEEE 802.1Q VLAN Terminology (continued) VLAN PARAMETER TERM DESCRIPTION VLAN Administrative Registration Fixed Fixed registration ports are permanent VLAN members. Control Registration Ports with registration forbidden are forbidden to join the Forbidden specified VLAN. Normal Registration Ports dynamically join a VLAN using GVRP.
Page 82: Select The Vlan Type
Chapter 8 VLAN 8.2 Select the VLAN Type Select a VLAN type in the Basic Setting > Switch Setup screen. Figure 30 Switch Setup: Select VLAN Type 8.3 Static VLAN Status Use a static VLAN to decide whether an incoming frame on a port should be: •...
Page 83: Static Vlan Details
Chapter 8 VLAN Table 14 Advanced Application > VLAN: VLAN Status (continued) LABEL DESCRIPTION Status This field shows how this VLAN was added to the ONU; Dynamic - using GVRP, Static - added as a permanent entry or Other - added in another way such as via Multicast VLAN Registration (MVR).
Page 84: Configure A Static Vlan
Chapter 8 VLAN 8.3.2 Configure a Static VLAN Use this screen to configure and view 802.1Q VLAN parameters for the ONU. See Section on page 79 for more information on static VLAN. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 33 Advanced Application >...
Page 85: Configure Vlan Port Settings
Chapter 8 VLAN Table 16 Advanced Application > VLAN > Static VLAN (continued) LABEL DESCRIPTION Tagging Select TX Tagging if you want the port to tag all outgoing frames transmitted with this VLAN Group ID. Click Add to save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 86: Table 17 Advanced Application > Vlan > Vlan Port Setting
Chapter 8 VLAN The following table describes the labels in this screen. Table 17 Advanced Application > VLAN > VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network.
Page 87: Port-Based Vlan Setup
Chapter 8 VLAN 8.4 Port-based VLAN Setup Port-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. Port-based VLANs require allowed outgoing ports to be defined for each port. Therefore, if you wish to allow two subscriber ports to talk to each other, for example, between conference rooms in a hotel, you must define the egress (an egress port is an outgoing port, that is, a port through which a data packet leaves) for both ports.
Page 88: Configure A Port-Based Vlan
Chapter 8 VLAN 8.4.1 Configure a Port-based VLAN Select Port Based as the VLAN Type in the Switch Setup screen and then click VLAN from the navigation panel to display the next screen. Figure 35 Advanced Application > VLAN: Port Based VLAN Setup (All Connected) ONU User’s Guide...
Page 89: Figure 36 Advanced Application > Vlan: Port Based Vlan Setup (Port Isolation)
Chapter 8 VLAN Figure 36 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) ONU User’s Guide...
Page 90: Table 18 Advanced Application > Vlan: Port Based Vlan Setup
Chapter 8 VLAN The following table describes the labels in this screen. Table 18 Advanced Application > VLAN: Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation. All connected means all ports can communicate with each other, that is, there are no virtual LANs.
Page 91: Static Mac Forward Setup
H A P T E R Static MAC Forward Setup 9.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of devices on your network. 9.1.1 What You Can Do in the MAC Forwarding Screen The Static MAC Forwarding screen lets you configure a list of static MAC addresses that will be allowed to use the network (Section 9.2 on page 91).
Page 92: Figure 37 Advanced Application > Static Mac Forwarding
Chapter 9 Static MAC Forward Setup Figure 37 Advanced Application > Static MAC Forwarding The following table describes the labels in this screen. Table 19 Advanced Application > Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box.
Page 93: Filtering
H A P T E R Filtering 10.1 Overview This chapter discusses MAC address port filtering. 10.2 Configure a Filtering Rule Filtering means sifting traffic going through the ONU based on the MAC addresses and VLAN group (ID). Click Advanced Application > Filtering in the navigation panel to display the screen as shown next.
Page 94 Chapter 10 Filtering Table 20 Advanced Application > Filtering (continued) LABEL DESCRIPTION Click Add to save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 95: Spanning Tree Protocol
H A P T E R Spanning Tree Protocol 11.1 Overview The ONU supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol •...
Page 96: What You Need To Know About The Stp Screens
Chapter 11 Spanning Tree Protocol 11.1.2 What You Need to Know About the STP Screens The following terms and concepts may help as you read through this chapter. STP Terminology The root bridge is the base of the spanning tree. Path cost is the cost of transmitting a frame onto a LAN through that port.
Page 97: Table 22 Stp Port States
Chapter 11 Spanning Tree Protocol STP Port States STP assigns five port states to eliminate packet looping. A bridge port is not allowed to go directly from blocking state to forwarding state so as to eliminate transient loops. Table 22 STP Port States PORT STATE DESCRIPTION Disabled STP is disabled (default).
Page 98: Figure 39 Stp/Rstp Network Example
Chapter 11 Spanning Tree Protocol MSTP Network Example The following figure shows a network example where two VLANs are configured on the two switches. If the switches are using STP or RSTP, the link for VLAN 2 will be blocked as STP and RSTP allow only one link in the network and block the redundant link.
Page 99: Figure 41 Mstis In Different Regions
Chapter 11 Spanning Tree Protocol Devices that belong to the same MST region are configured to have the same MSTP configuration identification settings. These include the following parameters: • Name of the MST region • Revision level as the unique number for the MST region •...
Page 100: Spanning Tree Configuration Screen
Chapter 11 Spanning Tree Protocol 11.2 Spanning Tree Configuration Screen Use this screen to select the STP mode for the ONU. To open this screen, click Advanced Application > Spanning Tree Protocol > Configuration. Figure 43 Advanced Application > Spanning Tree Protocol Select the STP mode you want to configure on the ONU.
Page 101: Table 23 Advanced Application > Spanning Tree Protocol > Rstp
Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 23 Advanced Application > Spanning Tree Protocol > RSTP LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 45 on page 102).
Page 102: Rapid Spanning Tree Protocol Status
Chapter 11 Spanning Tree Protocol 11.4 Rapid Spanning Tree Protocol Status Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. This screen is only available after you activate RSTP on the ONU. Figure 45 Advanced Application >...
Page 103: Configure Multiple Spanning Tree Protocol
Chapter 11 Spanning Tree Protocol 11.5 Configure Multiple Spanning Tree Protocol To configure MSTP, click MSTP in the Advanced Application > Spanning Tree Protocol screen. See Section on page 97 for more information on MSTP. Figure 46 Advanced Application > Spanning Tree Protocol > MSTP ONU User’s Guide...
Page 104: Table 25 Advanced Application > Spanning Tree Protocol > Mstp
Chapter 11 Spanning Tree Protocol The following table describes the labels in this screen. Table 25 Advanced Application > Spanning Tree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 47 on page 106).
Page 105 Chapter 11 Spanning Tree Protocol Table 25 Advanced Application > Spanning Tree Protocol > MSTP (continued) LABEL DESCRIPTION Port This field displays the port number. Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by- port basis.
Page 106: Multiple Spanning Tree Protocol Status
Chapter 11 Spanning Tree Protocol 11.6 Multiple Spanning Tree Protocol Status Click Advanced Application > Spanning Tree Protocol in the navigation panel to display the status screen as shown next. See Section on page 97 for more information on MSTP. This screen is only available after you activate MSTP on the ONU.
Page 107 Chapter 11 Spanning Tree Protocol Table 26 Advanced Application > Spanning Tree Protocol > Status: MSTP (continued) LABEL DESCRIPTION Bridge ID This is the unique identifier for this bridge, consisting of bridge priority plus MAC address. This ID is the same for Root and Our Bridge if the ONU is the root switch.
Page 108 Chapter 11 Spanning Tree Protocol ONU User’s Guide...
Page 109: Bandwidth Control
H A P T E R Bandwidth Control 12.1 Overview This chapter shows you how you can cap the maximum bandwidth using the Bandwidth Control screen. 12.2 Bandwidth Control Setup Bandwidth control means defining a maximum allowable bandwidth for incoming and/or out- going traffic flows on a port.
Page 110: Table 27 Advanced Application > Bandwidth Control
Chapter 12 Bandwidth Control The following table describes the related labels in this screen. Table 27 Advanced Application > Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the ONU. Port This field displays the port number. Settings in this row apply to all ports.
Page 111: Broadcast Storm Control
H A P T E R Broadcast Storm Control 13.1 Overview This chapter introduces and shows you how to configure the broadcast storm control feature. 13.2 Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the ONU receives per second on the ports.
Page 112: Table 28 Advanced Application > Broadcast Storm Control
Chapter 13 Broadcast Storm Control The following table describes the labels in this screen. Table 28 Advanced Application > Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the ONU. Clear this check box to disable this feature.
Page 113: Mirroring
H A P T E R Mirroring 14.1 Overview This chapter discusses port mirroring setup screens. 14.2 Port Mirroring Setup Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. Click Advanced Application >...
Page 114: Table 29 Advanced Application > Mirroring
Chapter 14 Mirroring The following table describes the labels in this screen. Table 29 Advanced Application > Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the ONU. Clear this check box to disable the feature. Monitor The monitor port is the port you copy the traffic to in order to examine it in more detail Port...
Page 115: Link Aggregation
H A P T E R Link Aggregation 15.1 Overview This chapter shows you how to logically aggregate physical links to form one logical, higher- bandwidth link. Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link.
Page 116: What You Need To Know About The Link Aggregation Screens
Chapter 15 Link Aggregation 15.1.2 What You Need to Know About the Link Aggregation Screens The following terms and concepts may help as you read through this chapter. Dynamic Link Aggregation The ONU adheres to the IEEE 802.3ad standard for static and dynamic (LACP) port trunking. The ONU supports the link aggregation IEEE802.3ad standard.
Page 117: Link Aggregation Setting
Chapter 15 Link Aggregation The following table describes the labels in this screen. Table 32 Advanced Application > Link Aggregation Status LABEL DESCRIPTION Index This field displays the trunk ID to identify a trunk group, that is, one logical link containing multiple ports.
Page 118: Link Aggregation Control Protocol
Chapter 15 Link Aggregation The following table describes the labels in this screen. Table 33 Advanced Application > Link Aggregation > Link Aggregation Setting LABEL DESCRIPTION Link Aggregation Setting Group ID The field identifies the link aggregation group, that is, one logical link containing multiple ports.
Page 119: Table 34 Advanced Application > Link Aggregation > Link Aggregation Setting > Lacp
Chapter 15 Link Aggregation The following table describes the labels in this screen. Table 34 Advanced Application > Link Aggregation > Link Aggregation Setting > LACP LABEL DESCRIPTION Link Note: Do not configure this screen unless you want to enable Aggregation dynamic link aggregation.
Page 120: Technical Reference
Chapter 15 Link Aggregation 15.5 Technical Reference The following section contains additional technical information about the ONU features described in this chapter. Static Trunking Example This example shows you how to create a static port trunk group for ports 2-5. 1 Make your physical connections - make sure that the ports that you want to belong to the trunk group are connected to the same destination.
Page 121: Port Authentication
H A P T E R Port Authentication 16.1 Overview This chapter describes the IEEE 802.1x methods. Port authentication is a way to validate access to ports on the ONU to clients based on an external server (authentication server). The ONU supports IEEE 802.1x authentication, in which an authentication server validates access to a port based on a username and password provided by the user.
Page 122: Port Authentication Configuration
Chapter 16 Port Authentication Figure 56 IEEE 802.1x Authentication Process New Connection Login Info Request Login Credentials Authentication Request Authentication Reply Session Granted/Denied 16.2 Port Authentication Configuration To enable port authentication, first activate the port authentication method(s) you want to use (both on the ONU and the port(s)) then configure the RADIUS server settings in the Auth and Acct >...
Page 123: Activate Ieee 802.1X Security
Chapter 16 Port Authentication 16.2.1 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x security. In the Port Authentication screen click 802.1x to display the configuration screen as shown. Figure 58 Advanced Application > Port Authentication > 802.1x The following table describes the labels in this screen.
Page 124 Chapter 16 Port Authentication Table 35 Advanced Application > Port Authentication > 802.1x (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 125: Port Security
H A P T E R Port Security 17.1 Overview This chapter shows you how to set up port security. Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the ONU. See Chapter 9 on page 91 information on configuring static MAC address forwarding.
Page 126: Port Security Setup
Chapter 17 Port Security 17.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. Figure 59 Advanced Application > Port Security The following table describes the labels in this screen. Table 36 Advanced Application >...
Page 127: Port Security Example
Chapter 17 Port Security Table 36 Advanced Application > Port Security (continued) LABEL DESCRIPTION Limited Number Use this field to limit the number of (dynamic) MAC addresses that may be learned of Learned on a port. For example, if you set this field to "5" on port 2, then only the devices with MAC Address these five learned MAC addresses may access port 2 at any one time.
Page 128: Table 37 Port Security Example
Chapter 17 Port Security The following table is a summary of configuration and results of this example. Table 37 Port Security Example SETTINGS PORT ACTIVATE ACTIVATE LIMIT NO. OF RESULT PORT ADDRESS LEARNED MAC SECURITY LEARNING ADDRESSES 0 (disables limits) Forward all packets, learn all MAC addresses.
Page 129: Queuing Method
H A P T E R Queuing Method 18.1 Overview This chapter introduces the queuing methods supported. Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.
Page 130: The Queuing Method Screen
Chapter 18 Queuing Method Weighted Round Robin Scheduling (WRR) uses the same algorithm as round robin scheduling, but services queues based on their priority and queue weight (the number you configure in the queue Weight field) rather than a fixed amount of bandwidth. WRR is activated only when a port has more traffic than it can handle.
Page 131: Multicast
H A P T E R Multicast 19.1 Overview This chapter shows you how to configure various multicast features. Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.
Page 132: Multicast Status
Chapter 19 Multicast IGMP Filtering With the IGMP filtering feature, you can control which IGMP groups a subscriber on a port can join. This allows you to control the distribution of multicast services (such as content information distribution) based on service plans and types of subscription. You can set the ONU to filter the multicast group join reports on a per-port basis by configuring an IGMP filtering profile and associating the profile to a port.
Page 133: Multicast Setting
Chapter 19 Multicast 19.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 19.1 on page 131 for more information on multicasting. Figure 63 Advanced Application > Multicast > Multicast Setting The following table describes the labels in this screen.
Page 134 Chapter 19 Multicast Table 41 Advanced Application > Multicast > Multicast Setting (continued) LABEL DESCRIPTION IGMP Filtering Select Active to enable IGMP filtering to control which IGMP groups a subscriber on a port can join. Note: If you enable IGMP filtering, you must create and assign IGMP filtering profiles for the ports that you want to allow to join multicast groups.
Page 135: Igmp Snooping Vlan
Chapter 19 Multicast 19.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See Section on page 132 for more information on IGMP Snooping VLAN. Figure 64 Advanced Application >...
Page 136: Igmp Filtering Profile
Chapter 19 Multicast Table 42 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN LABEL DESCRIPTION Click Add to insert the entry in the summary table below and save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 137: Mvr Overview
Chapter 19 Multicast The following table describes the labels in this screen. Table 43 Advanced Application > Multicast > Multicast Setting > IGMP Filtering Profile LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes. To configure additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range.
Page 138: Types Of Mvr Ports
Chapter 19 Multicast Figure 66 MVR Network Example 19.6.1 Types of MVR Ports In MVR, a source port is a port on the ONU that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic. Once configured, the ONU maintains a forwarding table that matches the multicast stream to the associated multicast group.
Page 139: General Mvr Configuration
Chapter 19 Multicast Figure 67 MVR Multicast Television Example 19.7 General MVR Configuration Use the MVR screen to create multicast VLANs and select the receiver port(s) and a source port for each multicast VLAN. Click Advanced Applications > Multicast > Multicast Setting >...
Page 140: Figure 68 Advanced Application > Multicast > Multicast Setting > Mvr
Chapter 19 Multicast Figure 68 Advanced Application > Multicast > Multicast Setting > MVR The following table describes the related labels in this screen. Table 44 Advanced Application > Multicast > Multicast Setting > MVR LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be shared among different subscriber VLANs on the network.
Page 141: Mvr Group Configuration
Chapter 19 Multicast Table 44 Advanced Application > Multicast > Multicast Setting > MVR (continued) LABEL DESCRIPTION Source Port Select this option to set this port as the MVR source port that sends and receives multicast traffic. All source ports must belong to a single multicast VLAN. Receiver Port Select this option to set this port as a receiver port that only receives multicast traffic.
Page 142: Figure 69 Advanced Application > Multicast > Multicast Setting > Mvr: Group Configuration
Chapter 19 Multicast Figure 69 Advanced Application > Multicast > Multicast Setting > MVR: Group Configuration The following table describes the labels in this screen. Table 45 Advanced Application > Multicast > Multicast Setting > MVR: Group Configuration LABEL DESCRIPTION Multicast Select a multicast VLAN ID (that you configured in the MVR screen) from the drop- VLAN ID...
Page 143: Mvr Configuration Example
Chapter 19 Multicast 19.8.1 MVR Configuration Example The following figure shows a network example where ports 1, 2 and 3 on the ONU belong to VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S.
Page 144: Figure 72 Mvr Group Configuration Example
Chapter 19 Multicast To set the ONU to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. Figure 72 MVR Group Configuration Example Figure 73 MVR Group Configuration Example ONU User’s Guide...
Page 145: Authentication & Accounting
H A P T E R Authentication & Accounting 20.1 Overview This chapter describes how to configure authentication and accounting settings on the ONU. Authentication is the process of determining who a user is and validating access to the ONU. The ONU can authenticate users who try to log in based on user accounts configured on the ONU itself.
Page 146: What You Need To Know About These Screens
Chapter 20 Authentication & Accounting 20.1.2 What You Need to Know About these Screens The following terms and concepts may help as you read through this chapter. Local User Accounts By storing user profiles locally on the ONU, your ONU is able to authenticate and authorize users without interacting with a network AAA server.
Page 147: Radius Server Setup
Chapter 20 Authentication & Accounting 20.1.3 RADIUS Server Setup Use this screen to configure your RADIUS server settings. See Section on page 146 for more information on RADIUS servers. Click on the RADIUS Server Setup link in the Authentication and Accounting screen to view the screen as shown. Figure 76 Advanced Application >...
Page 148 Chapter 20 Authentication & Accounting Table 47 Advanced Application > Auth and Acct > RADIUS Server Setup (continued) LABEL DESCRIPTION IP Address Enter the IP address of an external RADIUS server in dotted decimal notation. UDP Port The default port of a RADIUS server for authentication is 1812. You need not change this value unless your network administrator instructs you to do so.
Page 149: Tacacs+ Server Setup
Chapter 20 Authentication & Accounting 20.1.4 TACACS+ Server Setup Use this screen to configure your TACACS+ server settings. See Section on page 146 more information on TACACS+ servers. Click on the TACACS+ Server Setup link in the Authentication and Accounting screen to view the screen as shown. Figure 77 Advanced Application >...
Page 150 Chapter 20 Authentication & Accounting Table 48 Advanced Application > Auth and Acct > TACACS+ Server Setup (continued) LABEL DESCRIPTION IP Address Enter the IP address of an external TACACS+ server in dotted decimal notation. TCP Port The default port of a TACACS+ server for authentication is 49. You need not change this value unless your network administrator instructs you to do so.
Page 151: Authentication And Accounting Setup
Chapter 20 Authentication & Accounting 20.1.5 Authentication and Accounting Setup Use this screen to configure authentication and accounting settings on the ONU. Click on the Auth and Acct Setup link in the Authentication and Accounting screen to view the screen as shown.
Page 152 Chapter 20 Authentication & Accounting Table 49 Advanced Application > Auth and Acct > Auth and Acct Setup (continued) LABEL DESCRIPTION Login These fields specify which database the ONU should use (first, second and third) to authenticate administrator accounts (users for ONU management). Configure the local user accounts in the Access Control >...
Page 153: Vendor Specific Attribute
Chapter 20 Authentication & Accounting Table 49 Advanced Application > Auth and Acct > Auth and Acct Setup (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 154: Supported Radius Attributes
Chapter 20 Authentication & Accounting Table 50 Supported VSAs FUNCTION ATTRIBUTE Egress Bandwidth Vendor-Id = 890 Assignment Vendor-Type = 2 Vendor-data = egress rate (Kbps in decimal format) Privilege Assignment Vendor-ID = 890 Vendor-Type = 3 Vendor-Data = "shell:priv-lvl=N" Vendor-ID = 9 (CISCO) Vendor-Type = 1 (CISCO-AVPAIR)
Page 155: Attributes Used For Authentication
Chapter 20 Authentication & Accounting 20.2.1 Attributes Used for Authentication The following sections list the attributes sent from the ONU to the RADIUS server when performing authentication. 20.2.1.1 Attributes Used for Authenticating Privilege Access User-Name - the format of the User-Name attribute is $enab#$, where # is the privilege level (1- User-Password NAS-Identifier NAS-IP-Address...
Page 156: Table 52 Radius Attributes - Exec Events Via Console
Chapter 20 Authentication & Accounting 20.2.2.2 Attributes Used for Accounting Exec Events The attributes are listed in the following table along with the time that they are sent (the difference between Console and Telnet/SSH Exec events is that the Telnet/SSH events utilize the Calling-Station-Id attribute): Table 52 RADIUS Attributes - Exec Events via Console ATTRIBUTE...
Page 157 Chapter 20 Authentication & Accounting Table 54 RADIUS Attributes - Exec Events via Console (continued) ATTRIBUTE START INTERIM-UPDATE STOP NAS-Port-Type Acct-Status-Type Acct-Delay-Time Acct-Session-Id Acct-Authentic Acct-Input-Octets Acct-Output-Octets Acct-Session-Time Acct-Input-Packets Acct-Output-Packets Acct-Terminate-Cause Acct-Input-Gigawords Acct-Output-Gigawords ONU User’s Guide...
Page 158 Chapter 20 Authentication & Accounting ONU User’s Guide...
Page 159: Ip Source Guard
H A P T E R IP Source Guard 21.1 Overview Use IP source guard to filter unauthorized ARP packets in your network. IP source guard uses a binding table to distinguish between authorized and unauthorized ARP packets in your network. A binding contains these key attributes: •...
Page 160: Chapter 21 Ip Source Guard
Chapter 21 IP Source Guard • The ARP Inspection VLAN Configure screen lets you enable ARP inspection on each VLAN and to specify when the ONU generates log messages for receiving ARP packets from each VLAN (Section 21.5.2 on page 168).
Page 161: Ip Source Guard
Chapter 21 IP Source Guard Trusted vs. Untrusted Ports Every port is either a trusted port or an untrusted port for ARP inspection. The ONU does not discard ARP packets on trusted ports for any reason. The ONU discards ARP packets on untrusted ports if the sender’s information in the ARP packet does not match any of the current bindings.
Page 162: Ip Source Guard Static Binding
Chapter 21 IP Source Guard Table 55 IP Source Guard (continued) LABEL DESCRIPTION This field displays the source VLAN ID in the binding. Port This field displays the port number in the binding. If this field is blank, the binding applies to all ports. 21.3 IP Source Guard Static Binding Use this screen to manage static bindings for ARP inspection.
Page 163: Arp Inspection Status
Chapter 21 IP Source Guard Table 56 IP Source Guard Static Binding (continued) LABEL DESCRIPTION Index This field displays a sequential number for each binding. MAC Address This field displays the source MAC address in the binding. IP Address This field displays the IP address assigned to the MAC address in the binding.
Page 164: Arp Inspection Log Status
Chapter 21 IP Source Guard Table 57 ARP Inspection Status (continued) LABEL DESCRIPTION Reason This field displays the reason the ARP packet was discarded. MAC+VLAN: The MAC address and VLAN ID were not in the binding table. IP: The MAC address and VLAN ID were in the binding table, but the IP address was not valid.
Page 165: Arp Inspection Configure
Chapter 21 IP Source Guard Table 58 ARP Inspection Log Status (continued) LABEL DESCRIPTION Reason This field displays the reason the log message was generated. static deny: An ARP packet was discarded because it violated a static binding with the same MAC address and VLAN ID. deny: An ARP packet was discarded because there were no bindings with the same MAC address and VLAN ID.
Page 166: Table 59 Arp Inspection Configure
Chapter 21 IP Source Guard The following table describes the labels in this screen. Table 59 ARP Inspection Configure LABEL DESCRIPTION Active Select this to enable ARP inspection on the ONU. You still have to enable ARP inspection on specific VLAN and specify trusted ports. Filter Aging Time Filter aging time This setting has no effect on existing MAC address filters.
Page 167: Arp Inspection Port Configure
Chapter 21 IP Source Guard 21.5.1 ARP Inspection Port Configure Use this screen to specify whether ports are trusted or untrusted ports for ARP inspection. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure >...
Page 168: Arp Inspection Vlan Configure
Chapter 21 IP Source Guard 21.5.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the ONU generates log messages for receiving ARP packets from each VLAN. To open this screen, click Advanced Application >...
Page 169: Loop Guard
H A P T E R Loop Guard 22.1 Overview This chapter shows you how to configure the ONU to guard against loops on the edge of your network. Loop guard allows you to configure the ONU to shut down a port if it detects that packets sent out on that port loop back to the ONU.
Page 170: What You Need To Know About The Loop Guard Screens
Chapter 22 Loop Guard 22.1.2 What You Need to Know About the Loop Guard Screens The following terms and concepts may help as you read through this chapter. Network Loop Issues Loop guard is designed to handle loop problems on the edge of your network. This can occur when a port is connected to a ONU that is in a loop state.
Page 171: Figure 89 Loop Guard - Probe Packet
Chapter 22 Loop Guard Figure 89 Loop Guard - Probe Packet The ONU also shuts down port N if the probe packet returns to switch A on any other port. In other words loop guard also protects against standard network loops. The following figure illustrates three switches forming a loop.
Page 172: Loop Guard Setup
Chapter 22 Loop Guard 22.2 Loop Guard Setup Click Advanced Application > Loop Guard in the navigation panel to display the screen as shown. This is where you can enable the ONU’s loop guard feature, as well as configure the loop guard feature on an individual port-by-port basis.
Page 173 Chapter 22 Loop Guard Table 62 Advanced Application > Loop Guard (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 174 Chapter 22 Loop Guard ONU User’s Guide...
Page 175: Ip Application
IP Application Static Route (177) Differentiated Services (181) DHCP (185)
Page 177: Static Route
H A P T E R Static Route 23.1 Overview The ONU uses IP for communication with management computers, for example using HTTP, telnet, SSH, or SNMP. Use IP static routes to have the ONU respond to remote management stations that are not reachable through the default gateway. The ONU can also use static routes to send data to a server or device that is not reachable through the default gateway, for example when sending SNMP traps or using ping to test IP connectivity.
Page 178: Configuring Static Routing
Chapter 23 Static Route 23.2 Configuring Static Routing Click IP Application > Static Routing in the navigation panel to display the screen as shown. Figure 93 IP Application > Static Routing The following table describes the related labels you use to create a static route. Table 63 IP Application >...
Page 179 Chapter 23 Static Route Table 63 IP Application > Static Routing (continued) LABEL DESCRIPTION Destination This field displays the IP network address of the final destination. Address Subnet Mask This field displays the subnet mask for this destination. Gateway This field displays the IP address of the gateway. The gateway is an immediate Address neighbor of your ONU that will forward the packet to the destination.
Page 180 Chapter 23 Static Route ONU User’s Guide...
Page 181: Differentiated Services
H A P T E R Differentiated Services 24.1 Overview Quality of Service (QoS) is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority. You can use CoS (class of service) to give different priorities to different packet types.
Page 182: Figure 95 Diffserv Network
Chapter 24 Differentiated Services The DSCP value determines the PHB (Per-Hop Behavior), that each packet gets as it is forwarded across the DiffServ network. Based on the marking rule different kinds of traffic can be marked for different priorities of forwarding. Resources can then be allocated according to the DSCP values and the configured policies.
Page 183: Activating Diffserv
Chapter 24 Differentiated Services 24.2 Activating DiffServ Activate DiffServ to apply marking rules or IEEE 802.1p priority mapping on the selected port(s). Click IP Application > DiffServ in the navigation panel to display the screen. Figure 96 IP Application > DiffServ The following table describes the labels in this screen.
Page 184: Dscp Setting
Chapter 24 Differentiated Services 24.3 DSCP Setting You can configure the DSCP to IEEE 802.1p mapping to allow the ONU to prioritize all traffic based on the incoming DSCP value according to the DiffServ to IEEE 802.1p mapping table. The following table shows the default DSCP-to-IEEE802.1p mapping. Table 65 Default DSCP-IEEE 802.1p Mapping DSCP VALUE 0 –...
Page 185: Dhcp
H A P T E R DHCP 25.1 Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server. You can configure the ONU as a DHCP relay agent. If you configure the ONU as a relay agent, then the ONU forwards DHCP requests to DHCP server on your network.
Page 186: Dhcp Status
Chapter 25 DHCP 25.2 DHCP Status Click IP Application > DHCP in the navigation panel. The DHCP Status screen displays. Figure 98 IP Application > DHCP Status The following table describes the labels in this screen. Table 67 IP Application > DHCP Status LABEL DESCRIPTION Relay Status...
Page 187: Configuring Dhcp Global Relay
Chapter 25 DHCP The following describes the DHCP relay information that the ONU sends to the DHCP server: Table 68 Relay Agent Information FIELD LABELS DESCRIPTION Slot ID (1 byte) This value is always 0 for stand-alone switches. Port ID (1 byte) This is the port that the DHCP client is connected to.
Page 188: Configuring Dhcp Vlan Settings
Chapter 25 DHCP Figure 100 Global DHCP Relay Network Example DHCP Server: 192.168.1.100 VLAN2 VLAN1 Configure the DHCP Relay screen as shown. Make sure you select the Option 82 check box to set the ONU to send additional information (such as the VLAN ID) together with the DHCP requests to the DHCP server.
Page 189: Figure 102 Ip Application > Dhcp > Vlan
Chapter 25 DHCP Figure 102 IP Application > DHCP > VLAN The following table describes the labels in this screen. Table 70 IP Application > DHCP > VLAN LABEL DESCRIPTION Enter the ID number of the VLAN to which these DHCP settings apply. Remote DHCP Enter the IP address of a DHCP server in dotted decimal notation.
Page 190: Example: Dhcp Relay For Two Vlans
Chapter 25 DHCP 25.4.1 Example: DHCP Relay for Two VLANs The following example displays two VLANs (VIDs 1 and 2) for a campus network. Two DHCP servers are installed to serve each VLAN. The system is set up to forward DHCP requests from the dormitory rooms (VLAN 1) to the DHCP server with an IP address of 192.168.1.100.
Page 191: Management
Management Maintenance (193) Access Control (199) Diagnostic (217) Syslog (219) Cluster Management (223) MAC Table (229) ARP Table (231) Configure Clone (233)
Page 193: Maintenance
H A P T E R Maintenance 26.1 Overview This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 26.1.1 What You Can Do in the Maintenance Screens • The Maintenance screen lets you manage your firmware and configuration files (Section 26.2 on page 193).
Page 194: Load Factory Default
Chapter 26 Maintenance The following table describes the labels in this screen. Table 71 Management > Maintenance LABEL DESCRIPTION Current This field displays which configuration (Configuration 1) is currently operating on the ONU. Firmware Click Click Here to go to the Firmware Upgrade screen. Upgrade Restore Click Click Here to go to the Restore Configuration screen.
Page 195: Reboot System
Chapter 26 Maintenance Clicking the Apply or Add button does NOT save the changes permanently. All unsaved changes are erased after you reboot the ONU. 26.5 Reboot System Reboot System allows you to restart the ONU without physically turning the power off. The ONU loads configuration one (Config 1) when you reboot.
Page 196: Restore A Configuration File
Chapter 26 Maintenance Type the path and file name of the firmware file you wish to upload to the ONU in the File Path text box or click Browse to locate it. Select the Rebooting check box if you want to reboot the ONU and apply the new firmware immediately.
Page 197: Ftp Command Line
Chapter 26 Maintenance 1 Click Backup. 2 Click Save to display the Save As screen. 3 Choose a location to save the file on your computer from the Save in drop-down list box and type a descriptive name for it in the File name list box. Click Save to save the configuration file to your computer.
Page 198: Ftp Command Line Procedure
Chapter 26 Maintenance 26.9.2 FTP Command Line Procedure 1 Launch the FTP client on your computer. 2 Enter , followed by a space and the IP address of your ONU. open 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is “1234”). 5 Enter to set transfer mode to binary.
Page 199: Access Control
H A P T E R Access Control 27.1 Overview A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
Page 200: The Access Control Main Screen
Chapter 27 Access Control 27.2 The Access Control Main Screen Click Management > Access Control in the navigation panel to display the main screen. Figure 111 Management > Access Control 27.3 SNMP Simple Network Management Protocol (SNMP) is an application layer protocol used to manage and monitor TCP/IP-based devices.
Page 201: Snmp V3 And Security
Chapter 27 Access Control SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations: Table 75 SNMP Commands COMMAND DESCRIPTION Allows the manager to retrieve an object variable from the agent. GetNext Allows the manager to retrieve the next object variable from a table or list within an agent.
Page 202: Table 76 Snmp System Traps
Chapter 27 Access Control An OID (Object ID) that begins with “1.3.6.1.4.1.890.1.5.8.16” is defined in private MIBs. Otherwise, it is a standard MIB OID. Table 76 SNMP System Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION coldstart coldStart 1.3.6.1.6.3.1.1.5.1 This trap is sent when the ONU is turned on.
Page 203: Table 77 Snmp Interface Traps
Chapter 27 Access Control Table 77 SNMP Interface Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION linkup linkUp 1.3.6.1.6.3.1.1.5.4 This trap is sent when the Ethernet link is up. LinkDownEventClear 1.3.6.1.4.1.890.1.5.8.16.27.2.2 This trap is sent when the Ethernet link is up. 1.3.6.1.4.1.890.1.5.8.27.27.2.2 linkdown linkDown...
Page 204: Table 80 Snmp Switch Traps
Chapter 27 Access Control Table 79 SNMP IP Traps (continued) OPTION OBJECT LABEL OBJECT ID DESCRIPTION traceroute traceRouteTestFailed 1.3.6.1.2.1.81.0.2 This trap is sent when a traceroute test fails. traceRouteTestCompleted 1.3.6.1.2.1.81.0.3 This trap is sent when a traceroute test is completed. Table 80 SNMP Switch Traps OPTION OBJECT LABEL...
Page 205: Configuring Snmp
Chapter 27 Access Control 27.3.4 Configuring SNMP From the Access Control screen, display the SNMP screen. You can click Access Control to go back to the Access Control screen. Figure 113 Management > Access Control > SNMP The following table describes the labels in this screen. Table 81 Management >...
Page 206 Chapter 27 Access Control Table 81 Management > Access Control > SNMP (continued) LABEL DESCRIPTION Version Specify the version of the SNMP trap messages. Enter the IP addresses of up to four managers to send your SNMP traps to. Port Enter the port number upon which the manager listens for SNMP traps.
Page 207: Configuring The Snmp Trap Group
Chapter 27 Access Control 27.3.5 Configuring the SNMP Trap Group From the SNMP screen, click Trap Group to view the screen as shown. Use the Trap Group screen to specify the types of SNMP traps that should be sent to each SNMP manager. Figure 114 Management >...
Page 208: Figure 115 Management > Access Control > Logins
Chapter 27 Access Control It is highly recommended that you change the default administrator password (1234). • A non-administrator (username is something other than admin) is someone who can view but not configure ONU settings. Click Management > Access Control > Logins to view the screen as shown. Figure 115 Management >...
Page 209: Ssh Overview
Chapter 27 Access Control Table 83 Management > Access Control > Logins (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the ONU’s run-time memory. The ONU loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring.
Page 210: How Ssh Works
Chapter 27 Access Control 27.5 How SSH works The following table summarizes how a secure connection is established between two remote hosts. Figure 117 How SSH Works 1 Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key.
Page 211: Ssh Implementation On The Onu
Chapter 27 Access Control 27.6 SSH Implementation on the ONU Your ONU supports SSH version 2 using RSA authentication and three encryption methods (DES, 3DES and Blowfish). The SSH server is implemented on the ONU for remote management and file transfer on port 22. Only one SSH connection is allowed at a time. 27.6.1 Requirements for Using SSH You must install an SSH client program on a client computer (Windows or Linux operating system) that is used to connect to the ONU over SSH.
Page 212: Https Example
Chapter 27 Access Control If you disable HTTP in the Service Access Control screen, then the ONU blocks all HTTP connection attempts. 27.8 HTTPS Example If you haven’t changed the default HTTPS port on the ONU, then in your browser enter “https://ONU IP Address/”...
Page 213: The Main Screen
Chapter 27 Access Control 27.8.2 The Main Screen After you accept the certificate and enter the login username and password, the ONU main screen appears. The lock displayed in the bottom right of the browser status bar denotes a secure connection. Figure 120 Example: Lock Denoting a Secure Connection ONU User’s Guide...
Page 214: Service Port Access Control
Chapter 27 Access Control 27.9 Service Port Access Control Service Access Control allows you to decide what services you may use to access the ONU. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later). Click Access Control to go back to the main Access Control screen.
Page 215: Remote Management
Chapter 27 Access Control 27.10 Remote Management From the Access Control screen, display the Remote Management screen as shown next. You can specify a group of one or more “trusted computers” from which an administrator may use a service to manage the ONU. Click Access Control to return to the Access Control screen.
Page 216 Chapter 27 Access Control ONU User’s Guide...
Page 217: Diagnostic
H A P T E R Diagnostic 28.1 Overview This chapter explains the Diagnostic screen. 28.2 Diagnostic Click Management > Diagnostic in the navigation panel to open this screen. Use this screen to check system logs, ping IP addresses or perform port tests. Figure 123 Management >...
Page 218: Table 86 Management > Diagnostic
Chapter 28 Diagnostic The following table describes the labels in this screen. Table 86 Management > Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box. Click Clear to empty the text box and reset the syslog entry. IP Ping Type the IP address of a device that you want to ping in order to test a connection.
Page 219: Syslog
H A P T E R Syslog 29.1 Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server. Syslog is defined in RFC 3164.
Page 220: Syslog Setup
Chapter 29 Syslog 29.2 Syslog Setup Click Management > Syslog in the navigation panel to display this screen. The syslog feature sends logs to an external syslog server. Use this screen to configure the device’s system logging settings. Figure 124 Management > Syslog The following table describes the labels in this screen.
Page 221: Syslog Server Setup
Chapter 29 Syslog 29.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to open the following screen. Use this screen to configure a list of external syslog servers. Figure 125 Management > Syslog > Server Setup The following table describes the labels in this screen. Table 89 Management >...
Page 222 Chapter 29 Syslog ONU User’s Guide...
Page 223: Cluster Management
H A P T E R Cluster Management 30.1 Overview Cluster Management allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
Page 224: What You Can Do In These Screens
Chapter 30 Cluster Management 30.1.1 What You Can Do in these Screens • The Clustering Management Status screen lets you to manage switches through one switch (Section 30.2 on page 224). • The Clustering Management Configuration screen lets you set the ONU as a cluster manager and then sets it management properties (Section 30.3 on page 227).
Page 225: Cluster Member Switch Management
Chapter 30 Cluster Management Table 91 Management > Cluster Management (continued) LABEL DESCRIPTION Model This field displays the model name. Status This field displays: Online (the cluster member switch is accessible) Error (for example the cluster member switch password was changed or the switch was set as the manager and so left the member list, etc.) Offline (the switch is disconnected - Offline shows approximately 1.5 minutes after the link between cluster member and manager goes down)
Page 226: Figure 129 Example: Uploading Firmware To A Cluster Member Switch
Chapter 30 Cluster Management 30.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example. Figure 129 Example: Uploading Firmware to a Cluster Member Switch C:\>ftp 192.168.1.1 Connected to 192.168.1.1.
Page 227: Clustering Management Configuration
Chapter 30 Cluster Management 30.3 Clustering Management Configuration Use this screen to configure clustering management. Click Configuration from the Cluster Management screen to display the next screen. Figure 130 Management > Clustering Management > Configuration The following table describes the labels in this screen. Table 93 Management >...
Page 228 Chapter 30 Cluster Management Table 93 Management > Clustering Management > Configuration (continued) LABEL DESCRIPTION This is the VLAN ID and is only applicable if the ONU is set to 802.1Q VLAN. All switches must be directly connected and in the same VLAN group to belong to the same cluster.
Page 229: Mac Table
H A P T E R MAC Table 31.1 Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the ONU’s ports. It shows what device MAC address, belonging to what VLAN group (if any) is forwarded to which port(s) and whether the MAC address is dynamic (learned by the ONU) or static (manually entered in the Static MAC Forwarding screen).
Page 230: Viewing The Mac Table
Chapter 31 MAC Table 31.2 Viewing the MAC Table Click Management > MAC Table in the navigation panel to display the following screen. Figure 132 Management > MAC Table The following table describes the labels in this screen. Table 94 Management > MAC Table LABEL DESCRIPTION Sort by...
Page 231: Arp Table
H A P T E R ARP Table 32.1 Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long.
Page 232: Viewing The Arp Table
Chapter 32 ARP Table 32.2 Viewing the ARP Table Click Management > ARP Table in the navigation panel to open the following screen. Use the ARP table to view IP-to-MAC address mapping(s). Figure 133 Management > ARP Table The following table describes the labels in this screen. Table 95 Management >...
Page 233: Configure Clone
H A P T E R Configure Clone 33.1 Overview This chapter shows you how you can copy the settings of one port onto other ports. 33.2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports.
Page 234: Table 96 Management > Configure Clone
Chapter 33 Configure Clone The following table describes the labels in this screen. Table 96 Management > Configure Clone LABEL DESCRIPTION Source/ Enter the source port under the Source label. This port’s attributes are copied. Destination Enter the destination port or ports under the Destination label. These are the ports Port which are going to have the same attributes as the source port.
Page 235: Appendices And Index
Appendices and Index Product Specifications (237) IP Addresses and Subnetting (243) Legal Information (251) Customer Support (255) Index (261)
Page 237: Appendix A Product Specifications
P P E N D I X Product Specifications The following tables summarize the ONU’s hardware and firmware features. Table 97 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Standard 19” rack mountable 38 mm (W) x 173 mm (D) x 44.5 mm (H) Weight 2.2 kg AC Model Power...
Page 238: Table 98 Feature Descriptions
Appendix A Product Specifications Table 98 Feature Descriptions FEATURE DESCRIPTION VLAN A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one group. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s);...
Page 239: Table 99 Firmware Specifications
Appendix A Product Specifications Table 98 Feature Descriptions (continued) FEATURE DESCRIPTION Device Management Use the web configurator or commands to easily configure the rich range of features on the ONU. Port Cloning Use the port cloning feature to copy the settings you configure on one port to another port or ports.
Page 240 Appendix A Product Specifications Table 99 Firmware Specifications (continued) FEATURE SPECIFICATION Spanning Tree 802.1D/802.1w spanning tree protocol 802.1s MSTP Gigabit Ethernet port and GEPON port cannot support STP/ RSTP/MSTP VLAN Port based VLAN 802.1Q VLAN Maximum number of VLAN: 4K, 256 static VLAN GVRP for dynamic group registration VLAN ingress filtering Acceptable frame type for tagged only and all frames...
Page 241: Table 100 Standards Supported
Appendix A Product Specifications Table 99 Firmware Specifications (continued) FEATURE SPECIFICATION Clustering Act as clustering slave or master 24 slaves can be managed in a cluster at most System management Configuration by console/Telnet/web Firmware upgrade by FTP/web/console Configuration backup and restore by FTP/web/console System management access control System clock by manual setup or NTP SNMP v2c / v3...
Page 242 Appendix A Product Specifications Table 100 Standards Supported (continued) STANDARD DESCRIPTION RFC 2865 RADIUS - Vendor Specific Attribute RFC 3046 DHCP Relay RFC 3164 Syslog RFC 3376 Internet Group Management Protocol, Version 3 RFC 3414 User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMP v3) RFC 3580 RADIUS - Tunnel Protocol Attribute...
Page 243: Appendix B Ip Addresses And Subnetting
P P E N D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 244: Figure 135 Network Number And Host Id
Appendix B IP Addresses and Subnetting Figure 135 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 245: Table 102 Subnet Masks
Appendix B IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 102 Subnet Masks BINARY DECIMAL 4TH OCTET OCTET...
Page 246: Figure 136 Subnetting Example: Before Subnetting
Appendix B IP Addresses and Subnetting Table 104 Alternative Subnet Mask Notation (continued) ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.192 1100 0000 255.255.255.224 1110 0000 255.255.255.240 1111 0000 255.255.255.248 1111 1000 255.255.255.252 1111 1100 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons.
Page 247: Figure 137 Subnetting Example: After Subnetting
Appendix B IP Addresses and Subnetting Figure 137 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 248: Table 106 Subnet 2
Appendix B IP Addresses and Subnetting Table 106 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.65 192.168.1.64 Broadcast Address: Highest Host ID: 192.168.1.126 192.168.1.127 Table 107 Subnet 3...
Page 249: Table 110 24-Bit Network Number Subnet Planning
Appendix B IP Addresses and Subnetting Table 109 Eight Subnets (continued) SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 110 24-bit Network Number Subnet Planning NO.
Page 250: Configuring Ip Addresses
Appendix B IP Addresses and Subnetting Table 111 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.255.252 (/30) 16384 255.255.255.254 (/31) 32768 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Page 252: Zyxel Limited Warranty
Appendix C Legal Information FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This device generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications.
Page 253 Appendix C Legal Information condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Page 254 Appendix C Legal Information ONU User’s Guide...
Page 255: Appendix D Customer Support
• Sales E-mail: sales@zyxel.com.tw • Telephone: +886-3-578-3942 • Fax: +886-3-578-2439 • Web: www.zyxel.com, www.europe.zyxel.com • FTP: ftp.zyxel.com, ftp.europe.zyxel.com • Regular Mail: ZyXEL Communications Corp., 6 Innovation Road II, Science Park, Hsinchu 300, Taiwan Costa Rica • Support E-mail: soporte@zyxel.co.cr • Sales E-mail: sales@zyxel.co.cr •...
Page 256 Appendix D Customer Support • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 - Modrany, Ceská Republika Denmark • Support E-mail: support@zyxel.dk • Sales E-mail: sales@zyxel.dk • Telephone: +45-39-55-07-00 • Fax: +45-39-55-07-07 • Web: www.zyxel.dk • Regular Mail: ZyXEL Communications A/S, Columbusvej, 2860 Soeborg, Denmark Finland •...
Page 257 Appendix D Customer Support India • Support E-mail: support@zyxel.in • Sales E-mail: sales@zyxel.in • Telephone: +91-11-30888144 to +91-11-30888153 • Fax: +91-11-30888149, +91-11-26810715 • Web: http://www.zyxel.in • Regular Mail: India - ZyXEL Technology India Pvt Ltd., II-Floor, F2/9 Okhla Phase -1, New Delhi 110020, India Japan •...
Page 258 Appendix D Customer Support • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no • Telephone: +47-22-80-61-80 • Fax: +47-22-80-61-81 • Web: www.zyxel.no • Regular Mail: ZyXEL Communications A/S, Nils Hansens vei 13, 0667 Oslo, Norway Poland •...
Page 259 • Sales E-mail: sales@zyxel.co.uk • Telephone: +44-1344-303044, 08707-555779 (UK only) • Fax: +44-1344-303034 • Web: www.zyxel.co.uk • FTP: ftp.zyxel.co.uk • Regular Mail: ZyXEL Communications UK Ltd., 11 The Courtyard, Eastern Road, Bracknell, Berkshire RG12 2XB, United Kingdom (UK) ONU User’s Guide...
Page 260 Appendix D Customer Support ONU User’s Guide...
Page 261: Index
Index Index Numerics 802.1P priority back up, configuration file bandwidth control egress rate ingress rate basic settings binding binding table about the device building access control BPDUs (Bridge Protocol Data Units) limitations login account Bridge Protocol Data Units (BPDUs) remote management service port SNMP accounting...
Page 262 Index backup restore 54, 196 saving egress port configuration, saving Ethernet broadcast address connect power Ethernet port console port auto-crossover connector auto-negotiating default setting default setting copying port settings, See also port cloning Ethernet port test copyright Ethernet ports CPU management port external authentication server current date current time...
Page 263 Index transceiver removal setup general setup IP address definition Gigabit Ethernet port IP source guard Gigabit Interface Converter See GBIC ARP inspection 159, 160 Gigabit/GBIC combo port static bindings GMT (Greenwich Mean Time) GVRP 80, 86 and port assignment GVRP (GARP VLAN Registration Protocol) LACP system priority timeout...
Page 264 Index maintenance and IGMP configuration backup IP addresses current configuration overview firmware setup main screen multicast group restoring configuration multicast VLAN Management Information Base (MIB) Multiple Spanning Tree Instance, See MSTI. management IP address Multiple Spanning Tree Protocol, See MSTP. DHCP setup Multiple STP, see MSTP management port...
Page 265 Index port status resetting 53, 194 to factory default settings port VLAN trunking restoring configuration 53, 196 port-based VLAN all connected RFC 3164 port isolation RSTP settings wizard ports “standby” diagnostics mirroring speed/duplex safety warnings power connector save configuration 53, 194 power supply screen summary priority level...
Page 266 Index tagging time current status 48, 59 time zone link aggregation Time (RFC-868) port time server port details time service protocol 102, 106 format VLAN trademarks Transceiver MultiSource Agreement See MSA bridge ID traps bridge priority destination configuration 100, 103 trunk group designated bridge forwarding delay...
Page 267 Index status 82, 83 tagged trunking 81, 86 type 70, 82 VLAN (Virtual Local Area Network) warranty note web configurator 34, 47 getting help home login logout navigation panel screen summary Weighted Round Robin Scheduling (WRR) WRR (Weighted Round Robin Scheduling) ONU User’s Guide...
Page 268 Index ONU User’s Guide...

ZyXEL Communications ONU-2024 Series User Manual

About this User's Guide

Document Conventions

Safety Warnings

Contents Overview

Table of Contents

List of Figures

List of Tables

Introduction

PART I Introduction

Chapter 1 Getting to Know Your Device

Chapter 2 Hardware Installation and Connection

Chapter 3 Hardware Connections

Basic Configuration

Part II: Basic Configuration

Chapter 4 The Web Configurator

Chapter 5 Initial Setup Example

Chapter 6 System Status and Port Statistics

Chapter 7 Basic Setting

Advanced Setup

Part III: Advanced Setup

Chapter 8 VLAN

Chapter 9 Static MAC Forward Setup

Chapter 10 Filtering

Chapter 11 Spanning Tree Protocol

Chapter 12 Bandwidth Control

Chapter 13 Broadcast Storm Control

Chapter 14 Mirroring

Chapter 15 Link Aggregation

Chapter 16 Port Authentication

Chapter 17 Port Security

Chapter 18 Queuing Method

Chapter 19 Multicast

Chapter 20 Authentication & Accounting

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for ZyXEL Communications ONU-2024 Series

Summary of Contents for ZyXEL Communications ONU-2024 Series