manualshive.com logo in svg

ZyXEL Communications Dimension ES-3148, User Manual, Page: 133 / 282

Share
Download
ZyXEL Communications Dimension ES-3148 User Manual Download Page 133

Dimension ES-3148 User’s Guide

Chapter 18 Access Control

131

The client automatically saves any new server public keys. In subsequent connections, 
the server public key is checked against the saved version on the client computer.

2

Encryption Method

Once the identification is verified, both the client and server must agree on the type of 
encryption method to use.

3

Authentication and Data Transmission

After the identification is verified and data encryption activated, a secure tunnel is 
established between the client and the server. The client then sends its authentication 
information (user name and password) to the server to log in to the server.

18.6  SSH Implementation on the Switch

Your switch supports SSH version 2 using RSA authentication and three encryption methods 
(DES, 3DES and Blowfish). The SSH server is implemented on the switch for remote 
management and file transfer on port 22. Only one SSH connection is allowed at a time.

18.6.1  Requirements for Using SSH

You must install an SSH client program on a client computer (Windows or Linux operating 
system) that is used to connect to the switch over SSH.

18.7  Introduction to HTTPS

HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web 
protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-
level protocol that enables secure transactions of data by ensuring confidentiality (an 
unauthorized party cannot read the transferred data), authentication (one party can identify the 
other party) and data integrity (you know if data has been changed). 

It relies upon certificates, public keys, and private keys.

HTTPS on the switch is used so that you may securely access the switch using the web 
configurator. The SSL protocol specifies that the SSL server (the switch) must always 
authenticate itself to the SSL client (the computer which requests the HTTPS connection with 
the switch), whereas the SSL client only should authenticate itself when the SSL server 
requires it to do so. Authenticating client certificates is optional and if selected means the SSL-
client must send the switch a certificate. You must apply for a certificate for the browser from 
a CA that is a trusted CA on the switch.

Please refer to the following figure. 

1

HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) 
on the switch’s WS (web server).

Summary of Contents for Dimension ES-3148

Page 1: ...Dimension ES 3148 Intelligent Layer 2 Switch User s Guide Version 3 60 12 2005...

Page 2: ......

Page 3: ...l photocopying manual or otherwise without the prior written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not...

Page 4: ...frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is lik...

Page 5: ...use the device if the power supply is damaged as it might cause electrocution If the power supply is damaged remove it from the power outlet Do NOT attempt to repair the power supply Contact your loca...

Page 6: ...acement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability o...

Page 7: ...mark sales zyxel dk 45 39 55 07 07 FINLAND support zyxel fi 358 9 4780 8411 www zyxel fi ZyXEL Communications Oy Malminkaari 10 00700 Helsinki Finland sales zyxel fi 358 9 4780 8448 FRANCE info zyxel...

Page 8: ...upport zyxel se 46 31 744 7700 www zyxel se ZyXEL Communications A S Sj porten 4 41764 G teborg Sweden sales zyxel se 46 31 744 7701 UKRAINE support ua zyxel com 380 44 247 69 78 www ua zyxel com ZyXE...

Page 9: ...4 3 High Performance Switched Example 32 1 4 4 IEEE 802 1Q VLAN Application Examples 33 1 4 4 1 Tag based VLAN Example 33 1 4 4 2 VLAN Shared Server Example 34 Chapter 2 Hardware Installation and Conn...

Page 10: ...ng the Switch 51 4 5 1 Reload the Configuration File 51 4 5 2 Reset to the Factory Defaults 52 4 6 Logging Out of the Web Configurator 53 4 7 Help 53 Chapter 5 Initial Setup Example 55 5 1 Overview 55...

Page 11: ...3 Configure VLAN Port Settings 83 8 6 Port based VLAN Setup 85 8 6 1 Configure a Port based VLAN 86 Chapter 9 Static MAC Forwarding 89 9 1 Overview 89 9 2 Configuring Static MAC Forwarding 89 Chapter...

Page 12: ...p 113 Chapter 16 Port Authentication 117 16 1 Introduction to Authentication 117 16 1 1 RADIUS 117 16 2 Port Authentication Configuration 117 16 2 1 Configuring RADIUS Server Settings 118 16 2 2 Activ...

Page 13: ...39 19 2 Configuring Queuing 140 Chapter 20 Classifier 143 20 1 About the Classifier and QoS 143 20 2 Configuring the Classifier 143 20 3 Viewing and Editing Classifier Configuration 146 20 4 Classifie...

Page 14: ...MVR Configuration Example 171 Chapter 24 DHCP Relay 175 24 1 DHCP Relay Overview 175 24 1 1 DHCP Relay Agent Information 175 24 2 DHCP Relay Configuration 175 Chapter 25 Static Route 177 25 1 Configu...

Page 15: ...Overview 195 30 1 1 How ARP Works 195 30 2 Viewing the ARP Table 195 Chapter 31 Introducing the Commands 197 31 1 Overview 197 31 1 1 Switch Configuration File 197 31 2 Accessing the CLI 197 31 2 1 A...

Page 16: ...5 Enabling RSTP 229 32 6 Configuration File Maintenance 230 32 6 1 Using a Different Configuration File 230 32 6 2 Resetting to the Factory Default 230 32 7 no Command Examples 231 32 7 1 no mirror po...

Page 17: ...247 33 5 2 Set Acceptable Frame Type 247 33 5 3 Enable or Disable Port GVRP 248 33 5 4 Modify Static VLAN 248 33 5 4 1 Modify a Static VLAN Table Example 249 33 5 4 2 Forwarding Process Example 249 33...

Page 18: ...Dimension ES 3148 User s Guide 16...

Page 19: ...urator Login 46 Figure 16 Web Configurator Home Screen Status 46 Figure 17 Change Administrator Login Password 50 Figure 18 Example Xmodem Upload 51 Figure 19 Reload the Configuration file Via Console...

Page 20: ...55 SNMP Management Model 126 Figure 56 Access Control SNMP 128 Figure 57 Access Control Logins 129 Figure 58 SSH Communication Example 130 Figure 59 How SSH Works 130 Figure 60 HTTPS Implementation 1...

Page 21: ...Configurator Screen 189 Figure 101 Example Uploading Firmware to a Cluster Member Switch 190 Figure 102 Clustering Management Configuration 191 Figure 103 MAC Table Flowchart 193 Figure 104 MAC Table...

Page 22: ...9 Figure 139 egress set Command Example 240 Figure 140 qos priority Command Example 240 Figure 141 name Command Example 241 Figure 142 speed duplex Command Example 241 Figure 143 Tagged VLAN Configura...

Page 23: ...ng 85 Table 17 Port Based VLAN Setup 88 Table 18 Static MAC Forwarding 90 Table 19 FIltering 92 Table 20 STP Path Costs 93 Table 21 STP Port States 94 Table 22 Spanning Tree Protocol Status 95 Table 2...

Page 24: ...70 Table 57 DHCP Relay 176 Table 58 Static Routing 177 Table 59 Filename Conventions 182 Table 60 Diagnostic 185 Table 61 ZyXEL Clustering Management Specifications 187 Table 62 Cluster Management Sta...

Page 25: ...ble 82 Alternative Subnet Mask Notation 269 Table 83 Two Subnets Example 269 Table 84 Subnet 1 270 Table 85 Subnet 2 270 Table 86 Subnet 1 271 Table 87 Subnet 2 271 Table 88 Subnet 3 271 Table 89 Subn...

Page 26: ...Dimension ES 3148 User s Guide 24...

Page 27: ...ite Please refer to www zyxel com for an online glossary of networking terms and additional support documentation Syntax Conventions Enter means for you to type one or more characters Select or Choose...

Page 28: ...ted comments questions or suggestions for improvement to techwriters zyxel com tw or send regular mail to The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Indust...

Page 29: ...ch DHCP Client DHCP Dynamic Host Configuration Protocol RFC 2131 and RFC 2132 allows individual computers to obtain TCP IP configuration at start up from a server You can configure the switch as a DHC...

Page 30: ...e shared among different subscriber VLANs on the network This improves bandwidth utilization by reducing multicast traffic in the subscriber VLANs and simplifies multicast group management STP Spannin...

Page 31: ...The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another Configuration and Firmware Maintenance You can backup or restore the switch confi...

Page 32: ...Service Eight queues so you can ensure mission critical data gets delivered on time Follows the IEEE 802 1p priority setting standard based on source destination MAC addresses 1 3 Hardware Features Th...

Page 33: ...tion of the switch in even poorly ventilated rooms or basements 1 4 Applications This section shows a few examples of using the switch in various network environments 1 4 1 Backbone Application In thi...

Page 34: ...that need high bandwidth can connect to high speed department servers via the switch You can provide a super fast uplink connection by using a Gigabit Ethernet mini GBIC port on the switch Moreover th...

Page 35: ...EE 802 1Q VLAN Application Examples This section shows a workgroup and a shared server example using 802 1Q tagged VLANs A VLAN Virtual Local Area Network allows a physical network to be partitioned i...

Page 36: ...VLAN Shared Server Example Shared resources such as a server can be used by all ports in the same VLAN as the server as shown in the following example In this example only ports that need access to t...

Page 37: ...enough clearance around the switch to allow air circulation and the attachment of cables and the power cord 4 Remove the adhesive backing from the rubber feet 5 Attach the rubber feet to each corner o...

Page 38: ...top heavy Take all necessary precautions to anchor the rack securely before installing the unit 2 2 2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the swi...

Page 39: ...and Connection 37 Figure 8 Mounting the Switch on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack 3 Repeat steps 1 and 2 to att...

Page 40: ...Dimension ES 3148 User s Guide 38 Chapter 2 Hardware Installation and Connection...

Page 41: ...ble describes the ports on the panels 10 100 Mbps Ethernet Ports LEDs RJ 45 Gigabit Mini GBIC Combo Ports for uplink Console Port Management Port RJ 45 Gigabit Ports for Stacking BPS Port for External...

Page 42: ...Gigabit port are connected at the same time the Gigabit port will be disabled The speed of the Gigabit Ethernet mini GBIC ports can be 100Mbps or 1000Mbps and the duplex mode can be half duplex at 100...

Page 43: ...port are connected at the same time the Gigabit port will be disabled You can change transceivers while the switch is operating You can use different transceivers to connect to Ethernet switches with...

Page 44: ...e transceiver out of the slot Figure 14 Transceiver Removal Example 3 1 4 Power Connector Make sure you are using the correct power source as shown on the panel To connect the power to the switch inse...

Page 45: ...operly Off The power is off or the system is not ready malfunctioning ALM Red On There is a hardware failure Off The system is functioning normally 10 Green Blinking The system is transmitting receivi...

Page 46: ...DX Amber On The Gigabit port is negotiating in full duplex mode Off The Gigabit port is negotiating in half duplex mode and no collisions are occurring MGMT 10 Green Blinking The system is transmittin...

Page 47: ...igurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled...

Page 48: ...nfigurator screen 4 3 The Status Screen The Status screen is the first screen that displays when you access the web configurator The following figure shows the navigating components of a web configura...

Page 49: ...Details BASIC SETTING ADVANCED APPLICATION ROUTING PROTOCOL MANAGEMENT System Info General Setup Switch Setup IP Setup Port Setup VLAN VLAN Status VLAN Port Setting Static VLAN Static MAC Forwarding F...

Page 50: ...general system and hardware monitoring information General Setup This link takes you to a screen where you can configure general identification information about the switch Switch Setup This link tak...

Page 51: ...MAC addresses Access Control This link takes you to screens where you can change the system login password and configure SNMP and remote management Queuing Method This link takes you to a screen where...

Page 52: ...others from accessing the switch through the web configurator if you do one of the following 1 Deleting the management VLAN default is VLAN 1 2 Deleting all port based VLANs with the CPU port as a me...

Page 53: ...68 1 1 To upload the configuration file do the following 1 Connect to the console port using a computer with terminal emulation software See Section 3 1 1 on page 40 for details 2 Disconnect and recon...

Page 54: ...tails 2 Disconnect and reconnect the switch s power to begin a session When you reconnect the switch s power you will see the initial screen 3 When you see the message Press any key to enter Debug Mod...

Page 55: ...and so as you don t lock out other switch administrators Figure 21 Web Configurator Logout Screen 4 7 Help The web configurator s online help has descriptions of individual screens and some supplement...

Page 56: ...Dimension ES 3148 User s Guide 54 Chapter 4 The Web Configurator...

Page 57: ...iguration steps for the initial setup Create a VLAN Set port VLAN ID Configure the switch IP management address 5 1 1 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port...

Page 58: ...for the VLAN2 network Note The VLAN Group ID field in this screen and the VID field in the IP Setup screen refer to the same VLAN ID 3 Since the VLAN2 network is connected to port 10 on the switch sel...

Page 59: ...o the VLAN group that the tag defines In the example network configure 2 as the port VID on port 10 so that any untagged frames received on that port get sent to VLAN 2 Figure 23 Initial Setup Network...

Page 60: ...b browser and enter 192 168 1 1 the default IP address in the address bar to access the web configurator See Section 4 2 on page 45 for more information 3 Click Basic Setting and IP Setup in the navig...

Page 61: ...stem status web configurator home page and port details screens 6 1 Overview The home screen of the web configurator displays a port statistical summary table with links to each port showing statistic...

Page 62: ...ort Click a port number to display the Port Details screen refer to Figure 26 on page 62 Link This field displays the speed either 10M for 10Mbps 100M for 100Mbps or 1000M for 1000Mbps and the duplex...

Page 63: ...rt Tx KB s This field shows the number of kilobytes per second transmitted on this port Rx KB s This field shows the number of kilobytes per second received on this port Up Time This field shows the t...

Page 64: ...fo Link This field shows whether the Ethernet connection is down and the speed duplex mode It also shows the cable type Copper or Fiber for the combo ports Status This field shows the training state o...

Page 65: ...s field shows the number of good multicast packets received Broadcast This field shows the number of good broadcast packets received Pause This field shows the number of 802 3x Pause packets received...

Page 66: ...ved that were between 256 and 511 octets in length 512 1023 This field shows the number of packets including bad packets received that were between 512 and 1023 octets in length 1024 1518 This field s...

Page 67: ...General Setup screen also allows you to set the system time manually or get the current time and date from an external server when you turn on your switch The real time is then displayed in the switc...

Page 68: ...re Unit The switch has temperature sensors that are capable of detecting and reporting if the temperature rises above the threshold You may choose the temperature unit Centigrade or Fahrenheit in this...

Page 69: ...ld displays the minimum speed at which a normal fan should work Status Normal indicates that this fan is functioning above the minimum speed Error indicates that this fan is functioning below the mini...

Page 70: ...which database the switch should use first to authenticate an administrator user for switch management Configure the local user accounts in the Access Control Logins screen The RADIUS is an external s...

Page 71: ...hem are the time format When you select the Daytime RFC 867 format the switch displays the day month year and time with no time zone adjustment When you use this format it is recommended that you use...

Page 72: ...TION VLAN Type Choose 802 1Q or Port Based The VLAN Setup screen changes depending on whether you choose 802 1Q VLAN type or Port Based VLAN type in this screen See Chapter 8 on page 77 for more infor...

Page 73: ...ntains bits to define class of service Frames without an explicit priority tag are given the default priority of the ingress port Use the next two fields to configure the priority level to physical qu...

Page 74: ...he factory default IP address is 192 168 1 1 The subnet mask specifies the network number portion of an IP address The factory default subnet mask is 255 255 255 0 You can configure up to 64 IP addres...

Page 75: ...net mask of your switch in dotted decimal notation for example 255 255 255 0 Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 1 254 V...

Page 76: ...he bottom of the screen Cancel Click Cancel to reset the fields to your previous configuration Index This field displays the index number of an entry Click an index number to edit the rule IP Address...

Page 77: ...ibes the labels in this screen Table 12 Port Setup LABEL DESCRIPTION Port This is the port index number Active Select this check box to enable a port The factory default for all ports is enabled A por...

Page 78: ...ds and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The switch uses IEEE802 3x flow control in full duplex mode and backpressure f...

Page 79: ...rame received at an Ethernet port has a CFI set to 1 then that frame should not be forwarded as it is to an untagged port The remaining twelve bits define the VLAN ID giving a possible maximum number...

Page 80: ...ARP VLAN Registration Protocol is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network Enable this function to permit VLANs groups bey...

Page 81: ...VLAN Trunking enabled on a port s in each intermediary switch you only need to create VLAN groups in the end devices A and B C D and E automatically allow frames with VLAN group tags 1 and 2 VLAN gro...

Page 82: ...p as normal depends on its VLAN tag sent to a group whether it has a VLAN tag or not blocked from a VLAN group regardless of its VLAN tag You can also tag all outgoing frames that were previously unta...

Page 83: ...pating in a VLAN A tagged port is marked as T an untagged port is marked as U and ports not participating in a VLAN are marked as Elapsed Time This field shows how long it has been since a normal VLAN...

Page 84: ...Dimension ES 3148 User s Guide 82 Chapter 8 VLAN Figure 35 VLAN Static VLAN...

Page 85: ...up using GVRP This is the default selection Select Fixed for the port to be a permanent member of this VLAN group Select Forbidden if you want to prohibit the port from joining this VLAN group Tagging...

Page 86: ...Dimension ES 3148 User s Guide 84 Chapter 8 VLAN Figure 36 VLAN VLAN Port Setting...

Page 87: ...to permit VLAN groups beyond the local switch Port Isolation Port Isolation allows each port 1 to 26 to communicate only with the CPU management port but not communicate with each other All incoming p...

Page 88: ...e CPU management port forms a VLAN with all Ethernet ports 8 6 1 Configure a Port based VLAN Select Port Based as the VLAN Type in the Switch Setup screen see Figure 33 on page 80 and then click VLAN...

Page 89: ...Dimension ES 3148 User s Guide Chapter 8 VLAN 87 Figure 38 Port Based VLAN Setup Port Isolation...

Page 90: ...t the bottom of the screen Incoming These are the ingress ports an ingress port is an incoming port that is a port through which a data packet enters If you wish to allow two subscriber ports to talk...

Page 91: ...et up static MAC address rules you are setting static MAC addresses for a port This may reduce the need for broadcasting Static MAC address forwarding together with port security allow only computers...

Page 92: ...the fields above click Add to insert a new rule Cancel Click Cancel to reset the fields Clear Click Clear to begin configuring this screen afresh Index Click an index number to modify a static MAC ad...

Page 93: ...ort filtering 10 1 Introduction to Filtering Filtering means sifting traffic going through the switch based on the source and or destination MAC addresses and VLAN group ID 10 2 Configure a Filtering...

Page 94: ...a MAC address in valid MAC address format that is six hexadecimal character pairs VID Type the VLAN group identification number Add Click Add to save the new rule to the switch It then displays in th...

Page 95: ...ge In STP a longer delay is required as the device that causes a topology change first notifies the root bridge that then notifies the network Both RSTP and STP flush unwanted learned addresses from t...

Page 96: ...cted Once a stable network topology has been established all bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root bridge If a bridge does not get a Hello BPDU after a pr...

Page 97: ...tch is the root switch Hello Time second This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines Hello Time Max Age and Forwarding De...

Page 98: ...anning Tree Protocol screen as shown next Polling Interval The text box displays how often in seconds this screen refreshes You may change the refresh interval by typing a new number in the text box a...

Page 99: ...Dimension ES 3148 User s Guide Chapter 11 Spanning Tree Protocol 97 Figure 42 Spanning Tree Protocol Configuration...

Page 100: ...r intervals Any port that ages out STP information provided in the last BPDU becomes the designated port for the attached LAN If it is a root port a new root port is selected from among the switch por...

Page 101: ...a port The Peak Information Rate PIR is the maximum bandwidth allowed for the incoming traffic flow on a port when there is no network congestion The CIR and PIR should be set for all ports that use t...

Page 102: ...Control Figure 43 Bandwidth Control The following table describes the related labels in this screen Table 24 Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth contro...

Page 103: ...ic flow on a port The commit rate should be less than the peak rate The sum of commit rates cannot be greater than or equal to the uplink bandwidth Peak Rate Specify the maximum bandwidth allowed in k...

Page 104: ...Dimension ES 3148 User s Guide 102 Chapter 12 Bandwidth Control...

Page 105: ...ookup failure DLF packets the switch receives per second on the ports When the maximum number of allowable broadcast multicast and or DLF packets is reached per second the subsequent packets are disca...

Page 106: ...Dimension ES 3148 User s Guide 104 Chapter 13 Broadcast Storm Control Figure 44 Broadcast Storm Control...

Page 107: ...feature Port This field displays a port number Broadcast pkt s Select this option and specify how many broadcast packets the port receives per second Multicast pkt s Select this option and specify how...

Page 108: ...Dimension ES 3148 User s Guide 106 Chapter 13 Broadcast Storm Control...

Page 109: ...ou to copy a traffic flow to a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference 14 2 Port Mirroring Setup Click Advanc...

Page 110: ...Dimension ES 3148 User s Guide 108 Chapter 14 Mirroring Figure 45 Mirroring...

Page 111: ...py the traffic to in order to examine it in more detail without interfering with the traffic flow on the original port s Select a port from the drop down list box Port This field displays the port num...

Page 112: ...Dimension ES 3148 User s Guide 110 Chapter 14 Mirroring...

Page 113: ...adheres to the IEEE 802 3ad standard for static and dynamic LACP port trunking The switch supports the link aggregation IEEE802 3ad standard This standard describes the Link Aggregate Control Protoco...

Page 114: ...rol Protocol Status screen displays by default Figure 46 Link Aggregation Control Protocol Status Table 27 Link Aggregation ID Local Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER 00...

Page 115: ...at is one logical link containing multiple ports Aggregator ID Refer to Section 15 2 1 on page 112 for more information on this field Enabled Port These are the ports you have configured in the Link A...

Page 116: ...Dimension ES 3148 User s Guide 114 Chapter 15 Link Aggregation Figure 47 Link Aggregation Configuration...

Page 117: ...rity level Group ID The field identifies the link aggregation group that is one logical link containing multiple ports Active Select this option to activate a trunk group Dynamic LACP Select this chec...

Page 118: ...Dimension ES 3148 User s Guide 116 Chapter 15 Link Aggregation...

Page 119: ...to an internal device user database that is limited to the memory capacity of the device In essence RADIUS authentication allows you to validate an unlimited number of users from a central location F...

Page 120: ...n RADIUS LABEL DESCRIPTION Authentication Server IP Address Enter the IP address of the external RADIUS server in dotted decimal notation UDP Port The default port of the RADIUS server for authenticat...

Page 121: ...Dimension ES 3148 User s Guide Chapter 16 Port Authentication 119 Figure 51 Port Authentication 802 1x...

Page 122: ...isplays a port number Active Select this checkbox to permit 802 1x authentication on this port You must first allow 802 1x authentication on the switch before configuring it on each port Reauthenticat...

Page 123: ...resses in total with no limit on individual ports other than the sum cannot exceed 16K For maximum port security enable this feature disable MAC address learning and configure static MAC address es fo...

Page 124: ...Dimension ES 3148 User s Guide 122 Chapter 17 Port Security Figure 52 Port Security...

Page 125: ...ddress Learning MAC address learning reduces outgoing broadcast traffic For MAC address learning to occur on a port the port itself must be active with address learning enabled Limited Number of Learn...

Page 126: ...Dimension ES 3148 User s Guide 124 Chapter 17 Port Security...

Page 127: ...console port or Telnet session can coexist with one FTP session up to five Web sessions five different usernames and passwords and or limitless SNMP access control sessions 18 2 The Access Control Ma...

Page 128: ...le through which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed obje...

Page 129: ...ed are outlined in the following table 18 3 3 Configuring SNMP From the Access Control screen display the SNMP screen You can click Access Control to go back to the Access Control screen Set Allows th...

Page 130: ...rname is something other than admin is someone who can view but not configure switch settings Click Access Control from the navigation panel and then click Logins from this screen Table 37 Access Cont...

Page 131: ...Old Password Type the existing system password 1234 is the default password when shipped New Password Enter your new system password Retype to confirm Retype your new system password for confirmation...

Page 132: ...on between two hosts over an unsecured network Figure 58 SSH Communication Example 18 5 How SSH works The following table summarizes how a secure connection is established between two remote hosts Fig...

Page 133: ...sed to connect to the switch over SSH 18 7 Introduction to HTTPS HTTPS HyperText Transfer Protocol over Secure Socket Layer or HTTP over SSL is a web protocol that encrypts and decrypts web pages Secu...

Page 134: ...in your browser enter https switch IP Address as the web site address where switch IP Address is the IP address or domain name of the switch you wish to access 18 8 1 Internet Explorer Warning Message...

Page 135: ...tified by an Unknown Authority screen pops up asking if you trust the server certificate Click Examine Certificate if you want to verify that the certificate is from the switch If Accept this certific...

Page 136: ...tificate 2 Netscape 18 8 3 The Main Screen After you accept the certificate and enter the login username and password the switch main screen appears The lock displayed in the bottom right of the brows...

Page 137: ...cess Control Service Access Control allows you to decide what services you may use to access the switch You may also change the default service port and configure trusted computer s for each service i...

Page 138: ...witch are listed here Active Select this option for the corresponding services that you want to allow to access the switch Service Port For Telnet SSH FTP HTTP or HTTPS services you may change the def...

Page 139: ...lient set Clear the check box if you wish to temporarily disable the set without deleting it Start Address End Address Configure the IP address range of trusted computers from which you can manage thi...

Page 140: ...Dimension ES 3148 User s Guide 138 Chapter 18 Access Control...

Page 141: ...ity queue Q6 is transmitted until Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empty then traffic on lower priority queues never gets sent SP does not aut...

Page 142: ...Dimension ES 3148 User s Guide 140 Chapter 19 Queuing Method 19 2 Configuring Queuing Click Advanced Application Queuing Method in the navigation panel Figure 68 Queuing Method...

Page 143: ...Q Enable This field is applicable only when you select Weighted Fair Scheduling Select a queue Q0 to Q7 to have the switch use Strictly Priority to service the subsequent queue s after and including t...

Page 144: ...Dimension ES 3148 User s Guide 142 Chapter 19 Queuing Method...

Page 145: ...s source port number destination port number or incoming port number For example you can configure a classifier to select traffic from the same protocol port such as Telnet to form a flow Configure Qo...

Page 146: ...for this rule for identifying purposes Packet Format Specify the format of the packet Choices are All 802 3 tagged 802 3 untagged Ethernet II tagged and Ethernet II untagged A value of 802 3 indicates...

Page 147: ...ion and specify a DSCP DiffServ Code Point number between 0 and 63 in the field provided IP Protocol Select an IP protocol type or select Other and enter the protocol number in decimal value Refer to...

Page 148: ...to your previous configuration Clear Click Clear to set the above fields back to the factory defaults Table 42 Classifier continued LABEL DESCRIPTION Table 43 Classifier Summary Table LABEL DESCRIPTI...

Page 149: ...classifier that identifies all traffic from MAC address 00 50 ba ad 4f 81 on port 2 Chaosnet 0804 X 25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3...

Page 150: ...Dimension ES 3148 User s Guide 148 Chapter 20 Classifier Figure 71 Classifier Example...

Page 151: ...code points without the need to negotiate paths or remember state information for every flow In addition applications do not have to request a particular service or give advanced notice of where the...

Page 152: ...Configuring Policy Rules You must first configure a classifier in the Classifier screen Refer to Chapter 20 on page 143 for more information Click Advanced Applications and then Policy Rule in the na...

Page 153: ...priority level Metering You can configure the desired bandwidth available to a traffic flow Traffic that exceeds the maximum bandwidth allocated in cases where the network is congested is called out o...

Page 154: ...roadcast or DLF multicast marked for dropping or to be sent to the CPU to the egress port to send the broadcast multicast DLF marked to drop or CPU frames to the egress port Select Set the packet s VL...

Page 155: ...e 147 Table 47 Policy Summary Table LABEL DESCRIPTION Index This field displays the policy index number Click an index number to edit the policy Active This field displays Yes when policy is activated...

Page 156: ...Dimension ES 3148 User s Guide 154 Chapter 21 Policy Rule Figure 74 Policy Example...

Page 157: ...ervice based on specific VLANs for many different customers A service provider s customers may require a range of VLANs to handle multiple applications A service provider s customers can assign their...

Page 158: ...eated as untagged so a second VLAN tag outer VLAN tag can be added Note Static VLAN Tx Tagging MUST be disabled on a port where you choose Normal or Access Port Select Tunnel available for Gigabit por...

Page 159: ...ot add the tag Priority refers to the IEEE 802 1p standard that allows the service provider to prioritize traffic based on the class of service CoS the customer has paid for On the switch configure pr...

Page 160: ...ES 3148 User s Guide 158 Chapter 22 VLAN Stacking 22 4 Configuring VLAN Stacking Click Advanced Applications and then VLAN Stacking in the navigation panel to display the screen as shown Figure 76 VLA...

Page 161: ...configure in SPVID and Priority are ignored Select Access Port to have the switch add the SP TPID tag to all incoming frames received on this port Select Access Port for ingress ports at the edge of...

Page 162: ...Dimension ES 3148 User s Guide 160 Chapter 22 VLAN Stacking...

Page 163: ...the Class D range 224 0 0 0 to 239 255 255 255 are used for IP multicasting Certain IP multicast numbers are reserved by IANA for special purposes see the IANA web site for more information 23 1 2 IG...

Page 164: ...cast Status Click Advanced Applications and Multicast to display the screen as shown This screen shows the multicast group information The following table describes the labels in this screen 23 3 Mult...

Page 165: ...Dimension ES 3148 User s Guide Chapter 23 Multicast 163 Figure 77 Multicast Setting...

Page 166: ...up IGMP Filtering Select Active to enable IGMP filtering to control which IGMP groups a subscriber on a port can join Unknown Multicast Frame Specify the action to perform when the switch receives an...

Page 167: ...esses that you want to belong to the IGMP filter profile If you want to add a single multicast IP address enter it in both the Start Address and End Address fields Add Click Add to save the settings t...

Page 168: ...ows a network example The subscriber VLAN 1 2 and 3 information is hidden from the streaming media server S In addition the multicast VLAN information is only visible to the switch and S Figure 79 MVR...

Page 169: ...s off the computer an IGMP leave message is sent to the switch to leave the multicast group The switch sends a query to VLAN 1 on the receiver port in this case a DSL port on the switch If there is an...

Page 170: ...Dimension ES 3148 User s Guide 168 Chapter 23 Multicast Figure 81 MVR...

Page 171: ...ch Source Port This field is applicable for Ethernet ports Select this option to set this port as the MVR source port that sends and receives multicast traffic All source ports must belong to a single...

Page 172: ...dresses End Address Enter the ending IP multicast address of the multicast group in dotted decimal notation Enter the same IP address as the Start Address field if you want to configure only one IP ad...

Page 173: ...1 In addition port 17 belongs to the multicast group with VID 200 to receive multicast traffic the News and Movie channels from the remote streaming media server S Computers A B and C in VLAN are able...

Page 174: ...tion Example To set the switch to forward the multicast group traffic to the subscribers configure multicast group settings in the Group Configuration screen The following figure shows an example wher...

Page 175: ...Dimension ES 3148 User s Guide Chapter 23 Multicast 173 Figure 85 MVR Group Configuration Example Figure 86 MVR Group Configuration Example...

Page 176: ...Dimension ES 3148 User s Guide 174 Chapter 23 Multicast...

Page 177: ...tion about the source of the requests You can also specify additional information for the switch to add to the client DHCP requests that it relays to the DHCP server Please refer to RFC 3046 for more...

Page 178: ...gent Information Select the Option 82 check box to have the switch add information slot number port number and VLAN ID to client DHCP requests that it relays to a DHCP server Information This read onl...

Page 179: ...TCP IP parameters manually Click IP Application Static Routing in the navigation panel to display the screen as shown Figure 88 Static Routing The following table describes the related labels you use...

Page 180: ...between 1 and 15 In practice 2 or 3 is usually a good number Add Click Add to insert a new static route Cancel Click Cancel to reset the above fields to your previous configuration Clear Click Clear...

Page 181: ...ntenance in the navigation panel to open the following screen Figure 89 Maintenance 26 2 Firmware Upgrade Make sure you have downloaded and unzipped the correct model firmware and version to your comp...

Page 182: ...gure 91 Restore Configuration Type the path and file name of the configuration file you wish to restore in the File Path text box or click Browse to display the Choose File screen below from which you...

Page 183: ...ch configuration information you configured and return to the factory defaults The following message appears Figure 93 Load Factory Default Conformation 2 Click OK to display the screen shown next Fig...

Page 184: ...he factory default settings in the screens such as password switch setup IP Setup etc Once you have customized the switch s settings they can be saved back to your computer under a filename of your ch...

Page 185: ...irmware may damage your device 26 7 2 FTP Command Line Procedure 1 Launch the FTP client on your computer 2 Enter open followed by a space and the IP address of your switch 3 Press ENTER when prompted...

Page 186: ...mmands for GUI based FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server Login Type Anonymous This is when a user I D and password is automatically supplied to the server...

Page 187: ...ing table describes the labels in this screen Table 60 Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi line text box Click Clear to empty the text box and...

Page 188: ...Dimension ES 3148 User s Guide 186 Chapter 27 Diagnostic...

Page 189: ...icate with one another In the following example switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members Figure 98 Clustering Appl...

Page 190: ...ardware MAC address The Number of Member This field displays the number of switches that make up this cluster The following fields describe the cluster member switches Index You can manage cluster mem...

Page 191: ...to go to that cluster member switch s web configurator home page This cluster member web configurator home page and the home page that you d see if you accessed it directly are different Figure 100 Cl...

Page 192: ...r group 0 Jul 01 12 00 config 00 a0 c5 01 23 46 226 File sent OK ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 360lt0 bin fw 00 a0 c5 01 23 46 200 Port comman...

Page 193: ...a switch that was previously a cluster member is later set to become a cluster manager then its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the m...

Page 194: ...ed from the Cluster Manager Its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the member summary list below If multiple devices have the same passw...

Page 195: ...o determine how to forward frames See the following figure 1 The switch examines a received frame and learns the port on which this source MAC address came 2 The switch checks to see if the frame s de...

Page 196: ...ble below MAC Click this button to display and arrange the data according to MAC address VID Click this button to display and arrange the data according to VLAN group Port Click this button to display...

Page 197: ...s it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The switch fills in its own MAC and IP address in the sender address fields and puts...

Page 198: ...This is the ARP Table entry number IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below MAC Address This is the MAC address of the dev...

Page 199: ...onfigure the switch using either the CLI Command Line Interface or web configurator the settings are saved as a series of commands in a configuration file on the switch You can perform the following w...

Page 200: ...ntrol 31 2 2 1 Initial Screen When you turn on your switch it performs several internal tests as well as line initialization You can view the initialization information using the console port After th...

Page 201: ...brackets for instance configure snmp server contact system contact location system location means that the contact and location fields are optional Command refers to a command used in the command line...

Page 202: ...ands Enter help to display a list of available commands and the corresponding sub commands Enter to display a list of commands you can use Figure 108 CLI Help List of Commands Example 1 ras help Comma...

Page 203: ...es User Enable and Configure When you first log into the CLI the initial command mode is the User mode The User mode commands are a subset of the Enable mode commands The User mode command prompt ends...

Page 204: ...ort channel followed by a port number For example interface port channel 10 To enter MVR mode enter mvr followed by a VLAN ID between 1 and 4094 For example enter mvr 2 to configure multicast settings...

Page 205: ...formation 31 9 1 User Mode The following table describes the commands available for User mode ras write memory Table 67 Command Summary User Mode COMMAND DESCRIPTION help Displays help information log...

Page 206: ...nable or privileged mode exit Exits Enable or privileged mode history Displays a list of command s that you have previously executed enable Accesses Enable or privileged mode disable Exits Enable or p...

Page 207: ...erver Displays SNMP settings logins Displays login account information service control Displays service control settings remote management Displays all secured client information index Displays the sp...

Page 208: ...H public and private key information session Displays current SSH session s https Displays the HTTPS information session Displays current HTTPS session s certificate Displays the HTTPS certificates ke...

Page 209: ...tion to the specified configuration file on the switch copy tftp flash ip remote file Restores firmware via TFTP tftp config index ip remote file Restores configuration with the specified filename fro...

Page 210: ...ask inactive Enables a specified IP static route igmp filtering Clears the IGMP filtering settings on the switch profile name Deletes the IGMP filtering profile profile name start address ip end addre...

Page 211: ...rt list Disables STP on listed ports timesync Disables timeserver settings radius server Disables the use of authentication from the RADIUS server port access authenticator Disables port authenticatio...

Page 212: ...e policy rule related information name inactive Enables a classifier policy name Deletes the policy A policy sets actions for classifier traffic name inactive Enables a policy vlan vlan id Deletes the...

Page 213: ...treat traffic from unknown multicast group igmp filtering Enables IGMP filtering on the switch profile name start address ip end address ip Sets the range of multicast address es in a profile interfac...

Page 214: ...roring port num Sets a monitor port the port to which traffic is copied for analysis lacp Enables Link Aggregation Control Protocol LACP system priority 1 65535 Sets the priority of an active port usi...

Page 215: ...3 ip protocol protocol num tcp udp icmp egp ospf rsvp igmp igp pim ipsec establish only source ip src ip addr mask bits mask bits source socket socket num destination ip dest ip addr mask bits mask bi...

Page 216: ...assifier distinguishes traffic into flows based on the configured criteria A policy rule ensures that a traffic flow gets the requested treatment in the network radius server host ip acct port socket...

Page 217: ...s GARP time settings spanning tree Enables STP on the switch priority 0 61440 Sets the bridge priority of the switch hello time 1 10 maximum age 6 40 forward delay 4 30 Sets Hello Time Maximum Age and...

Page 218: ...the trap community trap destination ip Sets the IP addresses of up to four stations to send your SNMP traps to contact system contact location system location Sets the geographic location and the name...

Page 219: ...switch is to send packets ssh known hosts host ip 1024 ssh rsa ssh dsa key Adds a remote host to which the switch can access using SSH service https cert regeneration rsa dsa Re generates a certificat...

Page 220: ...GMP filtering profile for this port igmp group limited Limits the number of multicast groups igmp group limited number number Sets the number of multicast groups this port is allowed to join igmp quer...

Page 221: ...fic on the port s cir Kbps Sets the guaranteed bandwidth allowed for incoming traffic on the port s pir Kbps Sets the maximum bandwidth allowed for incoming traffic on the port s egress Kbps Sets the...

Page 222: ...es the outgoing traffic port list for a port based VLAN igmp immediate leave Disables IGMP immediate leave on the port igmp filtering profile Disables IGMP filtering on the port igmp group limited Dis...

Page 223: ...he port good or not open intrusion lock Enables intrusion lock on a port and a port cannot be connected again after you disconnected the cable test Performs an interface loopback test Table 70 interfa...

Page 224: ...mask from this VLAN ip address default gateway Deletes the default gateway from this VLAN exit Leaves the VLAN configuration mode ip address inband default dhcp bootp Sets the dynamic in band IP addre...

Page 225: ...mode dynamic compatible Sets the MVR mode dynamic or compatible name name str Sets the MVR name for identification purposes tagged port list Sets the port s to tag VLAN tags group name str start addr...

Page 226: ...Dimension ES 3148 User s Guide 224 Chapter 31 Introducing the Commands...

Page 227: ...ation Syntax show system information This command shows the general system information such as the firmware version and system up time An example is shown next Figure 114 show system information Comma...

Page 228: ...gement IP Address IP 192 168 0 1 Netmask 255 255 255 0 VID 0 IP Interface IP 192 168 1 1 Netmask 255 255 255 0 VID 1 ras ras show logging 1 Thu Jan 1 00 02 08 1970 PP05 WARN SNMP TRAP 3 link up 2 Thu...

Page 229: ...show mac address table all sort static ras show interface 2 Port Info Port NO 2 Link 100M F Status FORWARDING LACP Disabled TxPkts 0 RxPkts 63 Errors 0 Tx KBs s 0 0 Rx KBs s 0 0 Up Time 0 02 33 TX Pa...

Page 230: ...llowing example sends Ping requests to and displays the replies from an Ethernet device with an IP address of 192 168 1 100 ras show mac address table static Port VLAN ID MAC Address Type CPU 1 00 a0...

Page 231: ...rt number and press ENTER An example is shown next ras ping 192 168 1 100 sent rcvd rate rtt avg mdev max min reply from 1 1 100 0 0 0 0 0 192 168 1 100 2 2 100 0 0 0 0 0 192 168 1 100 3 3 100 0 0 0 0...

Page 232: ...the boot config command to restart the switch and use a different configuration file if specified The following example restarts the switch to use the second configuration file Figure 122 CLI boot con...

Page 233: ...24 CLI Reset to the Factory Default Example 32 7 no Command Examples These are the commonly used command examples that belong to the no group of commands 32 7 1 no mirror port Syntax no mirror port Di...

Page 234: ...two T2 Figure 127 no trunk Command Example 32 7 4 no port access authenticator Syntax no port access authenticator no port access authenticator port list reauthenticate no port access authenticator p...

Page 235: ...nown hosts Remove the remote host with IP address 172 165 1 9 and with an SSH RSA encryption key from the list of known hosts port list reauthenticate Disables the re authentication mechanism on the l...

Page 236: ...e multiple ports or port ranges separated by a comma Ranges of port numbers are typed separated by a dash An example is shown next Enter the configuration mode Enable ports one three four and five for...

Page 237: ...e for configuration Enable broadcast control Set the broadband packet traffic the interface receives per second peer tunnel discard network Type peer to process any BPDUs received on these ports Type...

Page 238: ...et the maximum bandwidth allowed for incoming traffic to 8000Kbps Figure 133 bandwidth limit Command Example 32 8 5 mirror Syntax mirror mirror dir ingress egress both ras config interface port channe...

Page 239: ...rotocol that defines a way for switches to register necessary VLAN members on ports across the network Enable this function to permit VLANs groups beyond the local switch An example is shown next Enab...

Page 240: ...the interface Figure 136 ingress check Command Example 32 8 8 frame type Syntax frame type all tagged where An example is shown next Enable ports one three four and five for configuration Enable ingr...

Page 241: ...shown next Enable port based VLAN tagging on the switch Enable ports one three four and five for configuration Set the outgoing traffic ports as the CPU 0 seven 7 eight 8 and nine 9 ras config interf...

Page 242: ...4 Figure 140 qos priority Command Example 32 8 12 name Syntax name port name string where An example is shown next Enable ports one three four and five for configuration Set a name for the ports ras c...

Page 243: ...plex mode Figure 142 speed duplex Command Example ras config interface port channel 1 3 5 ras config interface name Test auto 10 half 10 full 100 half 100 full 1000 full Sets the duplex mode half or f...

Page 244: ...Dimension ES 3148 User s Guide 242 Chapter 32 Command Examples...

Page 245: ...802 1Q Tagged VLAN uses both explicit and implicit tagging Whether to tag an outgoing frame depends on the setting of the egress port on a per LAN per port basis recall that a port can belong to mult...

Page 246: ...ly enters the config vlan mode Use the inactive command to deactivate the VLAN s Use the interface port channel port list command to enter the config interface mode to set the VLAN settings on a port...

Page 247: ...ARP timer settings including the join leave and leave all timers An example is shown next Figure 145 GARP STATUS Command Example 33 4 2 GARP Timer Syntax garp join msec leave msec leaveall msec where...

Page 248: ...nds Figure 146 GARP Timer Command Example 33 4 3 GVRP Timer Syntax show vlan1q gvrp This command shows the switch s GVRP settings An example is shown next Figure 147 GVRP Status Command Example 33 4 4...

Page 249: ...re the switch port VLAN settings in config interface mode 33 5 1 Set Port VID Syntax pvid VID where This command sets the default VLAN ID on the port s The following example sets the default VID to 20...

Page 250: ...33 5 4 Modify Static VLAN Use the following commands in the config vlan mode to configure the static VLAN table Syntax vlan vlan id fixed port list forbidden port list name name str normal port list u...

Page 251: ...says that is the SVLAN tells the switch whether or not to forward a frame and if the forwarded frames should have tags 4 Then the switch applies the port filter to finish the forwarding decision This...

Page 252: ...VLAN ID in the SVLAN Static VLAN table 33 7 Disable VLAN Syntax vlan vlan id inactive This command disables the specified VLAN ID in the SVLAN Static VLAN table 33 8 Show VLAN Setting Syntax show vlan...

Page 253: ...VLAN Commands 251 Figure 153 show vlan Command Example ras show vlan 802 1Q VLAN Static Entry idx Name VID Active AdCtl TagCtl 0 1 1 active FFFFFFFFFFFFFFFFFFFFFFFF UUUUUUUUUUUUUUUUUUUUUUUU 2 test2 2...

Page 254: ...Dimension ES 3148 User s Guide 252 Chapter 33 IEEE 802 1Q Tagged VLAN Commands...

Page 255: ...ng again later Check that you have enabled Telnet service access If you have configured a secured client IP address your computer s IP address must match it Refer to the chapter on access control for...

Page 256: ...pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address...

Page 257: ...o save this setting 34 2 1 1 2 Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select Tool...

Page 258: ...Troubleshooting Figure 156 Internet Options 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 1 1 4 Click Add to mov...

Page 259: ...s 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting 34 2 1 2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer check that JavaScr...

Page 260: ...ure 158 Internet Options 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure t...

Page 261: ...ings Java Scripting 34 2 1 3 Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java...

Page 262: ...Troubleshooting Figure 160 Security Settings Java 34 2 1 3 1 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 make sure that Use Java 2 for applet under Java...

Page 263: ...e that you enter the correct password using the proper casing The administrator username is admin The default administrator password is 1234 The username and password are case sensitive Make sure that...

Page 264: ...Dimension ES 3148 User s Guide 262 Chapter 34 Troubleshooting...

Page 265: ...port Switching Switching fabric 17 6Gbps non blocking Max Frame size 1522 bytes Forwarding frame IEEE 802 3 IEEE 802 1q Ethernet II PPPoE Prevent the forwarding of corrupted packets STP IEEE 802 1d s...

Page 266: ...e Self diagnostics FLASH memory Network Management CLI through console port and telnet Web based management Clustering up to 24 switches can be manage by one IP SNMP RMON groups history statistics ala...

Page 267: ...3148 User s Guide Appendix A Product Specifications 265 Safety ANS UL 60950 1 CSA 60950 1 EN 60950 1 IEC 60950 1 EMC FCC Part 15 Class A CE EMC Class A Table 78 Physical and Environmental Specificatio...

Page 268: ...Dimension ES 3148 User s Guide 266 Appendix A Product Specifications...

Page 269: ...ddress the first two octets make up the network number and the two remaining octets make up the host ID Class C addresses begin starting from the left with 1 1 0 In a class C address the first three o...

Page 270: ...the host ID Subnet masks are expressed in dotted decimal notation just as IP addresses are The natural masks for class A B and C IP addresses are as follows Subnetting With subnetting the class arrang...

Page 271: ...ddress 192 168 1 0 with subnet mask of 255 255 255 0 The first three octets of the address make up the network number class C You want to have two separate networks Divide the network 192 168 1 0 into...

Page 272: ...255 255 255 128 is the directed broadcast address for the first subnet Therefore the lowest IP address that can be assigned to an actual host for the first subnet is 192 168 1 1 and the highest is 19...

Page 273: ...1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 0 Lowest Host ID 192 168 1 1 Broadcast Address 192 168 1 63 H...

Page 274: ...111 11111111 11111111 11000000 Subnet Address 192 168 1 192 Lowest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 Table 90 Eight Subnets SUBNET SUBNET ADDRESS FIRS...

Page 275: ...or subnetting The following table is a summary for class B subnet planning Table 92 Class B Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 128 0 17 2 32766...

Page 276: ...Dimension ES 3148 User s Guide 274 Appendix B IP Subnetting...

Page 277: ...nt 3 Basic setting 65 BPDUs Bridge Protocol Data Units 94 Bridge Protocol Data Units BPDUs 94 C Cables Connecting 3 CFI Canonical Format Indicator 77 Change password 50 Changes or Modifications 2 CI C...

Page 278: ...17 External authentication server 117 F FCC Compliance 2 Feature Hardware 30 File Transfer using FTP command example 183 Filename convention 182 Filtering 91 Filtering database 193 Finland Contact Inf...

Page 279: ...sword 50 Login account 128 Administrator 128 Non administrator 128 Number of 128 Login password 129 M MAC Media Access Control 66 MAC address 66 195 Maximum number per port 123 MAC address learning 28...

Page 280: ...User Service 117 RADIUS server 117 Advantages 117 Network example 117 Settings 118 Rapid Spanning Tree Protocol 93 Regular Mail 5 Related Documentation 25 Remote management 136 Service 137 Trusted co...

Page 281: ...information 65 System log 185 System reboot 181 System up time 60 T Tagged VLAN 77 Telecommunication Line Cord 3 Telephone 5 Thunderstorm 3 Time Current 69 Time zone 69 Timeserver 69 Time RFC 868 69...

Page 282: ...svlan delentry 249 vlan1q svlan inactive 250 vlan1q svlan list 250 vlan1q svlan setentry 248 Voltage Supply 3 Voltage High 3 W Wall Mount 3 Warnings 3 Water 3 Water Pipes 3 Web configuration Screen su...

Reviews:

No comments