manualshive.com logo in svg

ZyXEL Communications Dimension ES-4124, User Manual

The ZyXEL Communications Dimension ES-4124 is a high-performance Ethernet switch ideal for small to medium-sized businesses. For detailed setup instructions and troubleshooting tips, make sure to download the free User Manual from our website. Get the manual at manualshive.com and unleash the full potential of your device.

Share
Download
background image

ES-4124

Intelligent Layer 3+ Switch

User’s Guide

Version 3.70

8/2006

Summary of Contents for Dimension ES-4124

Page 1: ...ES 4124 Intelligent Layer 3 Switch User s Guide Version 3 70 8 2006...

Page 2: ......

Page 3: ...L Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it conve...

Page 4: ...y and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this device in a residential area is likely to cause harmf...

Page 5: ...ES 4124 User s Guide Certifications 3 2 Select your product from the drop down list box on the ZyXEL home page to go to that product s page 3 Select the certification you wish to view from this page...

Page 6: ...ct the power adaptor or cord to the right supply voltage for example 110V AC in North America or 230V AC in Europe Do NOT allow anything to rest on the power adaptor or cord and do NOT place the produ...

Page 7: ...ES 4124 User s Guide Safety Warnings 5 This product is recyclable Dispose of it properly...

Page 8: ...nt as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fit...

Page 9: ...rany Cesk Republika info cz zyxel com 420 241 091 359 DENMARK support zyxel dk 45 39 55 07 00 www zyxel dk ZyXEL Communications A S Columbusvej 2860 Soeborg Denmark sales zyxel dk 45 39 55 07 07 FINLA...

Page 10: ...zyxel es 34 902 195 420 www zyxel es ZyXEL Communications Arte 21 5 planta 28033 Madrid Spain sales zyxel es 34 913 005 345 SWEDEN support zyxel se 46 31 744 7700 www zyxel se ZyXEL Communications A S...

Page 11: ...Example 32 1 1 3 High Performance Switching Example 32 1 1 4 IEEE 802 1Q VLAN Application Examples 33 1 1 4 1 Tag based VLAN Example 33 Chapter 2 Hardware Installation and Connection 35 2 1 Freestand...

Page 12: ...ing Your Configuration 53 4 5 Switch Lockout 53 4 6 Resetting the Switch 54 4 6 1 Reload the Configuration File 54 4 7 Logging Out of the Web Configurator 55 4 8 Help 55 Chapter 5 Initial Setup Exampl...

Page 13: ...Static VLAN Details 85 8 5 3 Configure a Static VLAN 85 8 5 4 Configure VLAN Port Settings 87 8 6 Protocol Based VLANs 88 8 7 Configuring Protocol Based VLAN 89 8 8 Create an IP based VLAN Example 91...

Page 14: ...pter 14 Mirroring 117 14 1 Port Mirroring Setup 117 Chapter 15 Link Aggregation 119 15 1 Link Aggregation Overview 119 15 2 Dynamic Link Aggregation 119 15 2 1 Link Aggregation ID 120 15 3 Link Aggreg...

Page 15: ...er 20 Queuing Method 149 20 1 Queuing Method Overview 149 20 1 1 Strictly Priority 149 20 1 2 Weighted Fair Queuing 149 20 1 3 Weighted Round Robin Scheduling WRR 150 20 2 Configuring Queuing 150 Chap...

Page 16: ...1 OSPF Autonomous Systems and Areas 175 25 1 2 How OSPF Works 176 25 1 3 Interfaces and Virtual Links 176 25 1 4 OSPF and Router Elections 176 25 1 5 Configuring OSPF 177 25 2 OSPF Status 177 25 3 OS...

Page 17: ...P modes 199 30 2 DHCP Server Status 199 30 3 Configuring DHCP Server 200 30 3 1 DHCP Server Configuration Example 202 30 4 DHCP Relay 202 30 4 1 DHCP Relay Agent Information 203 30 4 2 Configuring DHC...

Page 18: ...trictions 220 Chapter 33 Access Control 221 33 1 Access Control Overview 221 33 2 The Access Control Main Screen 221 33 3 About SNMP 222 33 3 1 Supported MIBs 223 33 3 2 SNMP Traps 223 33 3 3 Configur...

Page 19: ...ch 244 36 3 Clustering Management Configuration 245 Chapter 37 MAC Table 249 37 1 MAC Table Overview 249 37 2 Viewing the MAC Table 250 Chapter 38 IP Table 251 38 1 IP Table Overview 251 38 2 Viewing...

Page 20: ...Configuration Mode 273 42 11 4 interface port channel Commands 289 42 11 5 interface route domain Commands 292 42 11 6 config vlan Commands 294 42 12 mvr Commands 295 Chapter 43 User and Enable Mode...

Page 21: ...t Authentication Settings 316 Chapter 45 Interface Commands 319 45 1 Overview 319 45 2 Interface Command Examples 319 45 2 1 interface port channel 319 45 2 2 bpdu control 319 45 2 3 broadcast limit 3...

Page 22: ...VLAN 333 46 6 Show VLAN Setting 333 Chapter 47 Multicast VLAN Registration Commands 335 47 1 Overview 335 47 2 Create Multicast VLAN 335 Chapter 48 Routing Domain Command Examples 337 48 0 1 interface...

Page 23: ...Configurator Home Screen Status 48 Figure 17 Change Administrator Login Password 53 Figure 18 Resetting the Switch Via the Console Port 55 Figure 19 Web Configurator Logout Screen 55 Figure 20 Initial...

Page 24: ...e 56 Port Authentication RADIUS 127 Figure 57 Port Authentication 802 1x 128 Figure 58 Port Security 132 Figure 59 Classifier 136 Figure 60 Classifier Summary Table 138 Figure 61 Classifier Example 14...

Page 25: ...le 202 Figure 104 DHCP Relay 203 Figure 105 DHCP Relay Network Example 204 Figure 106 DHCP Relay Configuration Example 204 Figure 107 VRRP Example 1 206 Figure 108 VRRP Status 207 Figure 109 VRRP Conf...

Page 26: ...ure 141 Diagnostic 235 Figure 142 Syslog 238 Figure 143 Syslog Server Setup 239 Figure 144 Clustering Application Example 242 Figure 145 Cluster Management Status 243 Figure 146 Cluster Management Clu...

Page 27: ...l Based VLAN Setup 90 Table 19 Port Based VLAN Setup 95 Table 20 Static MAC Forwarding 98 Table 21 FIltering 99 Table 22 STP Path Costs 101 Table 23 STP Port States 102 Table 24 Spanning Tree Protocol...

Page 28: ...able 57 Static Routing 171 Table 58 RIP 174 Table 59 OSPF vs RIP 175 Table 60 OSPF Router Types 175 Table 61 OSPF Status 178 Table 62 OSPF Status Common Output Fields 178 Table 63 OSPF Configuration A...

Page 29: ...e Status 255 Table 103 Configure Clone 257 Table 104 Command Interpreter Mode Summary 262 Table 105 Command Summary User Mode 266 Table 106 Command Summary Enable Mode 267 Table 107 Command Summary Co...

Page 30: ...of Tables Table 125 Subnet 2 359 Table 126 Subnet 1 359 Table 127 Subnet 2 360 Table 128 Subnet 3 360 Table 129 Subnet 4 360 Table 130 Eight Subnets 361 Table 131 Class C Subnet Planning 361 Table 132...

Page 31: ...xel com for additional support documentation Syntax Conventions Enter means for you to type one or more characters Select or Choose means for you to use one of the predefined choices Command and arrow...

Page 32: ...omments questions or suggestions for improvement to techwriters zyxel com tw or send regular mail to The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial...

Page 33: ...managing and configuring the switch is easy In addition the switch can also be managed via Telnet any terminal emulator program on the console port or third party SNMP management See Appendix A on pa...

Page 34: ...network managers to centralize multiple servers at a single location Figure 2 Bridging Application 1 1 3 High Performance Switching Example The switch is ideal for connecting two networks that need h...

Page 35: ...same group s unless such traffic first goes through a router For more information on VLANs refer to Chapter 8 on page 81 1 1 4 1 Tag based VLAN Example Ports in the same VLAN group share the same fra...

Page 36: ...ES 4124 User s Guide 34 Chapter 1 Getting to Know Your Switch...

Page 37: ...h clearance around the switch to allow air circulation and the attachment of cables and the power cord 4 Remove the adhesive backing from the rubber feet 5 Attach the rubber feet to each corner on the...

Page 38: ...eavy Take all necessary precautions to anchor the rack securely before installing the unit 2 2 2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the switch l...

Page 39: ...Connection 37 Figure 7 Mounting the Switch on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack 3 Repeat steps 1 and 2 to attach t...

Page 40: ...ES 4124 User s Guide 38 Chapter 2 Hardware Installation and Connection...

Page 41: ...ctions CONNECTOR DESCRIPTION 24 10 100 Mbps RJ 45 Ethernet Ports Connect these ports to a computer a hub an Ethernet switch or router Two 100 1000 Mbps RJ 45 Gigabit Ports Connect these Gigabit Ethern...

Page 42: ...eans that if a mini GBIC port and the corresponding Gigabit port are connected at the same time the Gigabit port will be disabled The speed of the Gigabit Ethernet mini GBIC ports can be 100Mbps or 10...

Page 43: ...nected at the same time the Gigabit port will be disabled You can change transceivers while the switch is operating You can use different transceivers to connect to Ethernet switches with different ty...

Page 44: ...latch latch styles vary Figure 11 Opening the Transceiver s Latch Example 2 Pull the transceiver out of the slot Figure 12 Transceiver Removal Example 3 2 Rear Panel The following figures show the re...

Page 45: ...pply input of 48V DC to 60V DC 1 5A Max no tolerance To connect the power to the unit insert one end of the supplied power cord to the power receptacle on the rear panel and the other end to a power o...

Page 46: ...Mbps Ethernet network is up Amber Blinking The system is transmitting receiving to from a 100 Mbps Ethernet network On The link to a 100 Mbps Ethernet network is up Off The link to an Ethernet networ...

Page 47: ...The port is connected at 10 Mbps Off The port is not connected at 10 Mbps or to an Ethernet device 100 Amber Blinking The system is transmitting receiving to from an Ethernet device On The port is con...

Page 48: ...ES 4124 User s Guide 46 Chapter 3 Hardware Overview...

Page 49: ...e web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permission...

Page 50: ...re quick links which allow you to perform certain tasks no matter which screen you are currently working in B Click this link to save your configuration into the switch s nonvolatile memory Nonvolatil...

Page 51: ...de Chapter 4 The Web Configurator 49 In the navigation panel click a main link to reveal a list of submenu links Table 3 Navigation Panel Sub links Overview BASIC SETTING ADVANCED APPLICATION IP APPLI...

Page 52: ...ulticast Setting Multicast Status IGMP Filtering Profile MVR Group Configuration Static Routing RIP OSPF Status OSPF Configuration OSPF Interface OSPF Virtual Link IGMP DVMRP IP Multicast DiffServ DSC...

Page 53: ...traffic from the first port without interference Link Aggregation This link takes you to a screen where you can logically aggregate physical links to form one logical higher bandwidth link Port Authen...

Page 54: ...o screens where you can perform firmware and configuration file maintenance as well as reboot the system Access Control This link takes you to screens where you can change the system login password an...

Page 55: ...witch s storage that remains even if the switch s power is turned off Note Use the Save link when you are done with a configuration session 4 5 Switch Lockout You could block yourself and all others f...

Page 56: ...us configurations and the speed of the console port will be reset to the default of 9600bps with 8 data bit no parity one stop bit and flow control set to none The password will also be reset to 1234...

Page 57: ...finish a management session for security reasons Figure 19 Web Configurator Logout Screen 4 8 Help The web configurator s online help has descriptions of individual screens and some supplementary info...

Page 58: ...ES 4124 User s Guide 56 Chapter 4 The Web Configurator...

Page 59: ...is not bound to a physical port The default IP address of the switch is 192 168 1 1 with a subnet mask of 255 255 255 0 In the example network since the RD network is already in the same IP interface...

Page 60: ...save the settings to the run time memory Settings in the run time memory are lost when the switch s power is turned off 5 1 2 Configuring DHCP Server Settings You can set the switch to assign network...

Page 61: ...ple you want to configure port 1 as a member of VLAN 2 Figure 21 Initial Setup Network Example VLAN 1 Click Advanced Application and VLAN in the navigation panel and click the Static VLAN link 2 In th...

Page 62: ...eceived on that port so that the frames are forwarded to the VLAN group that the tag defines In the example network configure 2 as the port VID on port 1 so that any untagged frames received on that p...

Page 63: ...set the switch to broadcast and receive routing information 3 In the Version field select RIP 1 for the RIP packet format that is universally supported 4 Click Apply to save your changes back to the...

Page 64: ...ES 4124 User s Guide 62 Chapter 5 Initial Setup Example...

Page 65: ...tatus in all web configurator screens to display the Status screen as shown next Figure 23 Status The following table describes the labels in this screen Table 6 Status LABEL DESCRIPTION Port This ide...

Page 66: ...ther LACP Link Aggregation Control Protocol has been enabled on the port TxPkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on...

Page 67: ...bps and the duplex F for full duplex or H for half duplex It also shows the cable type Copper or Fiber Status If STP Spanning Tree Protocol is enabled this field displays the STP state of the port see...

Page 68: ...those with CRC error but it does not include the 802 3x Pause packets TX Collision The following fields display information on collisions while transmitting Single This is a count of successfully tra...

Page 69: ...ed that were between 256 and 511 octets in length 512 1023 This field shows the number of packets including bad packets received that were between 512 and 1023 octets in length 1024 1518 This field sh...

Page 70: ...ES 4124 User s Guide 68 Chapter 6 System Status and Port Statistics...

Page 71: ...creen also allows you to set the system time manually or get the current time and date from an external server when you turn on your switch The real time is then displayed in the switch logs The Switc...

Page 72: ...The switch has temperature sensors that are capable of detecting and reporting if the temperature rises above the threshold You may choose the temperature unit Centigrade or Fahrenheit in this field...

Page 73: ...n s minimum speed measured in Revolutions Per Minute RPM 41 is displayed for speeds too small to measure under 2000 RPM Threshold This field displays the minimum speed at which a normal fan should wor...

Page 74: ...switch should use first to authenticate an administrator user for switch management Configure the local user accounts in the Access Control Logins screen The RADIUS is an external server Before you sp...

Page 75: ...adjustment When you use this format it is recommended that you use a Daytime timeserver within your geographical time zone Time RFC 868 format displays a 4 byte integer giving the total number of seco...

Page 76: ...VLAN type in this screen See Chapter 8 on page 81 for more information Bridge Control Protocol Transparency Select Active to allow the switch to handle bridging control protocols STP for example You a...

Page 77: ...to the 8 priority levels On the switch traffic assigned to higher index queues gets through faster while traffic in lower index queues is dropped if the network is congested Priority Level The followi...

Page 78: ...t bound to any physical ports Since each IP address on the switch must be in a separate subnet the configured IP address is also known as IP interface or routing domain In addition this allows routing...

Page 79: ...Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 0 254 Apply Click Apply to save your changes to the switch s run time memory The sw...

Page 80: ...switch Cancel Click Cancel to clear the Delete check boxes Table 11 IP Setup continued LABEL DESCRIPTION Table 12 Port Setup LABEL DESCRIPTION Port This is the port index number Settings in this row...

Page 81: ...and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The switch uses IEEE802 3x flow control in full duplex mode and backpressure flo...

Page 82: ...ES 4124 User s Guide 80 Chapter 7 Basic Setting...

Page 83: ...d port The remaining twelve bits define the VLAN ID giving a possible maximum number of 4 096 VLANs Note that user priority and VLAN ID are independent of each other A frame with VID VLAN Identifier o...

Page 84: ...LAN Registration Protocol is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network Enable this function to permit VLANs groups beyond t...

Page 85: ...led on a port s in each intermediary switch you only need to create VLAN groups in the end devices A and B C D and E automatically allow frames with VLAN group tags 1 and 2 VLAN groups that are unknow...

Page 86: ...ee Section 8 1 on page 81 for more information on Static VLAN Click Advanced Application VLAN from the navigation panel to display the VLAN Status screen as shown next Figure 32 VLAN VLAN Status The f...

Page 87: ...atic added as a permanent entry or other added using Multicast VLAN Registration MVR Change Pages Click Previous or Next to show the previous next screen if all status information cannot be seen in on...

Page 88: ...ntifies the port you are configuring Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings an...

Page 89: ...r so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields Clear Click Clear to start conf...

Page 90: ...orts Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Ingress Check If this...

Page 91: ...for Apple Talk traffic received on port 6 and 7 All upstream ARP traffic from port 1 2 and 3 will be grouped together and all upstream Apple Talk traffic from port 6 and 7 will be in another group and...

Page 92: ...r range of 0x0000 to 0x05ff are not allowed to be used for protocol based VLANs VID Enter the ID of a VLAN to which the port belongs This must be an existing VLAN which you defined in the Advanced App...

Page 93: ...ated a static VLAN with an ID of 5 Type 5 6 Leave the priority set to 0 and click Add Figure 38 Protocol Based VLAN Configuration Example To add more ports to this protocol based VLAN 1 Click the inde...

Page 94: ...ort is an outgoing port that is a port through which a data packet leaves for both ports Port based VLANs are specific only to the switch on which they were created Note When you activate port based V...

Page 95: ...ES 4124 User s Guide Chapter 8 VLAN 93 Figure 39 Port Based VLAN Setup All Connected...

Page 96: ...ES 4124 User s Guide 94 Chapter 8 VLAN Figure 40 Port Based VLAN Setup Port Isolation...

Page 97: ...port through which a data packet enters If you wish to allow two subscriber ports to talk to each other you must define the ingress port for both ports The numbers in the top row denote the incoming...

Page 98: ...ES 4124 User s Guide 96 Chapter 8 VLAN...

Page 99: ...ss that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address rules you are setting static MAC addresses for a port This may reduce...

Page 100: ...s turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields Clear...

Page 101: ...k Advanced Application and Filtering in the navigation panel to display the screen as shown next Figure 42 Filtering The following table describes the related labels in this screen Table 21 FIltering...

Page 102: ...e Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to your previous configuration Clear Click...

Page 103: ...ng backwards compatible with STP only aware bridges In RSTP topology change information is directly propagated throughout the network from the device that generates the topology change In STP a longer...

Page 104: ...LAN topology changes a new spanning tree is constructed Once a stable network topology has been established all bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root brid...

Page 105: ...Figure 43 MRSTP Network Example 11 2 Spanning Tree Protocol Main Screen The switch allows you to configure a single RSTP configuration or you can configure multiple configurations Click Advanced Appli...

Page 106: ...re RSTP settings see Section 11 1 on page 101 for more information on RSTP Click RSTP in the Advanced Application Spanning Tree Protocol screen Table 24 Spanning Tree Protocol Status LABEL DESCRIPTION...

Page 107: ...ES 4124 User s Guide Chapter 11 Spanning Tree Protocol 105 Figure 45 RSTP Configuration...

Page 108: ...r the attached LAN If it is a root port a new root port is selected from among the switch ports attached to the network The allowed range is 6 to 40 seconds Forwarding Delay This is the maximum time i...

Page 109: ...onfiguring Cancel Click Cancel to reset the fields Table 25 RSTP Configuration continued LABEL DESCRIPTION Table 26 Rapid Spanning Tree Protocol Status LABEL DESCRIPTION Configuration Click Configurat...

Page 110: ...ill wait before changing states that is listening to learning to forwarding Cost to Bridge This is the path cost from the root port on this switch to the root switch Port ID This is the priority and n...

Page 111: ...the attached LAN If it is a root port a new root port is selected from among the switch ports attached to the network The allowed range is 6 to 40 seconds Forwarding Delay This is the maximum time in...

Page 112: ...non volatile memory when you are done configuring Cancel Click Cancel to reset the fields Table 27 MRSTP Configuration continued LABEL DESCRIPTION Table 28 Spanning Tree Protocol Status LABEL DESCRIPT...

Page 113: ...istening to learning to forwarding Cost to Bridge This is the path cost from the root port on this switch to the root switch Port ID This is the priority and number of the port on the switch through w...

Page 114: ...ES 4124 User s Guide 112 Chapter 11 Spanning Tree Protocol...

Page 115: ...t The Peak Information Rate PIR is the maximum bandwidth allowed for the incoming traffic flow on a port when there is no network congestion The CIR and PIR should be set for all ports that use the sa...

Page 116: ...anteed bandwidth allowed in kilobits per second Kbps for the incoming traffic flow on a port The commit rate should be less than the peak rate The sum of commit rates cannot be greater than or equal t...

Page 117: ...icast and destination lookup failure DLF packets the switch receives per second on the ports When the maximum number of allowable broadcast multicast and or DLF packets is reached per second the subse...

Page 118: ...ustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Broadcast pkt s Select this option and specify how many broadcast packets the port receiv...

Page 119: ...ows you to copy a traffic flow to a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference Click Advanced Application Mirror...

Page 120: ...Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are...

Page 121: ...to the IEEE 802 3ad standard for static and dynamic LACP port trunking The switch supports the link aggregation IEEE802 3ad standard This standard describes the Link Aggregate Control Protocol LACP w...

Page 122: ...Control Protocol Status screen displays by default See Section 15 1 on page 119 for more information Table 32 Link Aggregation ID Local Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER...

Page 123: ...regation Control Protocol Status LABEL DESCRIPTION Index This field displays the trunk ID to identify a trunk group that is one logical link containing multiple ports Aggregator ID Link Aggregator ID...

Page 124: ...ority is a number between 1 and 65 535 The switch with the lowest system priority and lowest port number if system priority is the same becomes the LACP server The LACP server controls the operation o...

Page 125: ...n order to check that the peer port in the trunk group is still up If a port does not respond after three tries then it is deemed to be down and is removed from the trunk Set a short timeout one secon...

Page 126: ...ES 4124 User s Guide 124 Chapter 15 Link Aggregation...

Page 127: ...ns of an external server instead of or in addition to an internal device user database that is limited to the memory capacity of the device In essence RADIUS authentication allows you to validate an u...

Page 128: ...ATTRIBUTE Ingress Bandwidth Assignment Vendor Id 890 ZyXEL Vendor Type 1 Vendor data ingress rate decimal Egress Bandwidth Assignment Vendor Id 890 ZyXEL Vendor Type 2 Vendor data egress rate decimal...

Page 129: ...Server IP Address Enter the IP address of the external RADIUS server in dotted decimal notation UDP Port The default port of the RADIUS server for authentication is 1812 You need not change this valu...

Page 130: ...ication on the switch before configuring it on each port Port This field displays a port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for...

Page 131: ...the port Apply Click Apply to save your changes to the switch s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to sa...

Page 132: ...ES 4124 User s Guide 130 Chapter 16 Port Authentication...

Page 133: ...s in total with no limit on individual ports other than the sum cannot exceed 16K For maximum port security enable this feature disable MAC address learning and configure static MAC address es for a p...

Page 134: ...C address es is in the MAC address table on this port Packets with no matching MAC address es are dropped Clear this check box to disable the port security feature The switch forwards all packets on t...

Page 135: ...s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done...

Page 136: ...ES 4124 User s Guide 134 Chapter 17 Port Security...

Page 137: ...ce port number destination port number or incoming port number For example you can configure a classifier to select traffic from the same protocol port such as Telnet to form a flow Configure QoS on t...

Page 138: ...t of the packet Choices are All 802 3 tagged 802 3 untagged Ethernet II tagged and Ethernet II untagged A value of 802 3 indicates that the packets are formatted according to the IEEE 802 3 standards...

Page 139: ...er to Table 44 on page 139 for more information You may select Establish Only for TCP protocol type This means that the switch will pick out the packets that are sent to establish TCP connections Sour...

Page 140: ...vious configuration Clear Click Clear to set the above fields back to the factory defaults Table 41 Classifier continued LABEL DESCRIPTION Table 42 Classifier Summary Table LABEL DESCRIPTION Index Thi...

Page 141: ...d 4f 81 on port 2 After you have configured a classifier you can configure a policy in the Policy screen to define action s on the classified traffic flow X 25 Level 3 0805 XNS Compat 0807 Banyan Syst...

Page 142: ...ES 4124 User s Guide 140 Chapter 18 Classifier Figure 61 Classifier Example...

Page 143: ...e points without the need to negotiate paths or remember state information for every flow In addition applications do not have to request a particular service or give advanced notice of where the traf...

Page 144: ...2 Configuring Policy Rules You must first configure a classifier in the Classifier screen Refer to Section 18 2 on page 135 for more information Click Advanced Applications and then Policy Rule in th...

Page 145: ...TION Active Select this option to enable the policy Name Enter a descriptive name for identification purposes Classifier s This field displays the active classifier s you configure in the Classifier s...

Page 146: ...tion Specify the action s the switch takes on the associated classified traffic flow Forwarding Select No change to forward the packets Select Discard the packet to drop the packets Select Do not drop...

Page 147: ...ic Select Drop the packet to discard the out of profile traffic Select Change the DSCP value to replace the DSCP field with the value specified in the Out of profile DSCP field Select Set Out Drop Pre...

Page 148: ...a policy to limit bandwidth and discard out of profile traffic on a traffic flow classified using the Example classifier refer to Section 18 4 on page 139 Delete Click Delete to remove the selected en...

Page 149: ...ES 4124 User s Guide Chapter 19 Policy Rule 147 Figure 64 Policy Example...

Page 150: ...ES 4124 User s Guide 148 Chapter 19 Policy Rule...

Page 151: ...y queue Q6 is transmitted until Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empty then traffic on lower priority queues never gets sent SP does not autom...

Page 152: ...ed This works in a looping fashion until a queue is empty Weighted Round Robin Scheduling WRR uses the same algorithm as round robin scheduling but services queues based on their priority and queue we...

Page 153: ...ES 4124 User s Guide Chapter 20 Queuing Method 151 Figure 65 Queuing Method...

Page 154: ...ports For example if you select Q5 the switch services traffic on Q5 Q6 and Q7 using Strictly Priority Select None to always use WFQ or WRR for the 10 100 Mbps Ethernet ports Port This label shows the...

Page 155: ...ervice based on specific VLANs for many different customers A service provider s customers may require a range of VLANs to handle multiple applications A service provider s customers can assign their...

Page 156: ...ntagged so a second VLAN tag outer VLAN tag can be added Note Static VLAN Tx Tagging MUST be disabled on a port where you choose Normal or Access Port Select Tunnel Port available for Gigabit ports on...

Page 157: ...add the tag Priority refers to the IEEE 802 1p standard that allows the service provider to prioritize traffic based on the class of service CoS the customer has paid for On the switch configure prio...

Page 158: ...tes whether the frame carries IEEE 802 1Q tag information Choose 0x8100 or 0x9100 from the drop down list box or select Others and then enter a four digit hexadecimal number from 0x0000 to 0xFFFF 0x d...

Page 159: ...1526 Bytes 1522 Bytes 4 Bytes for the second tag to pass through it SPVID SPVID is the service provider s VLAN ID the outer VLAN tag Enter the service provider ID from 1 to 4094 for frames received o...

Page 160: ...ES 4124 User s Guide 158 Chapter 21 VLAN Stacking...

Page 161: ...the Class D range 224 0 0 0 to 239 255 255 255 are used for IP multicasting Certain IP multicast numbers are reserved by IANA for special purposes see the IANA web site for more information 22 1 2 IG...

Page 162: ...his screen shows the multicast group information See Section 22 1 on page 159 for more information on multicasting Figure 68 Multicast Status The following table describes the labels in this screen 22...

Page 163: ...the port Leave Timeout Enter an IGMP leave timeout value from 1 to 16 711 450 in seconds This defines how many seconds the switch waits for an IGMP report before removing an IGMP snooping membership...

Page 164: ...is allowed to join Max Group Num Enter the number of multicast groups this port is allowed to join Once a port is registered in the specified number of multicast groups any new IGMP join report frame...

Page 165: ...scriptive name for the profile for identification purposes To configure additional rule s for a profile that you have already added enter the profile name and specify a different IP multicast address...

Page 166: ...ure shows a network example The subscriber VLAN 1 2 and 3 information is hidden from the streaming media server S In addition the multicast VLAN information is only visible to the switch and S Figure...

Page 167: ...ses on the switch an entry is created in the forwarding table on the switch This maps the subscriber VLAN to the list of forwarding destinations for the specified multicast traffic When the subscriber...

Page 168: ...llow one single multicast VLAN to be shared among different subscriber VLANs on the network Name Enter a descriptive name up to 32 printable ASCII characters for identification purposes Multicast VLAN...

Page 169: ...set this port as a receiver port that only receives multicast traffic None Select this option to set the port not to participate in MVR No MVR multicast traffic is sent or received on this port Taggi...

Page 170: ...ddress field if you want to configure only one IP address for a multicast group Refer to Section 22 1 1 on page 159 for more information on IP multicast addresses Add Click Add to save your changes to...

Page 171: ...rver S Computers A B and C in VLAN are able to receive the traffic Figure 75 MVR Configuration Example To configure the MVR settings on the switch create a multicast group in the MVR screen and set th...

Page 172: ...ES 4124 User s Guide 170 Chapter 22 Multicast Figure 77 MVR Group Configuration Example Figure 78 MVR Group Configuration Example...

Page 173: ...ows you to activate deactivate this static route Name Enter a descriptive name up to 32 printable ASCII characters for identification purposes Destination IP Address This parameter specifies the IP ne...

Page 174: ...ear Click Clear to set the above fields back to the factory defaults Index This field displays the index number of the route Click a number to edit the static route entry Active This field displays Ye...

Page 175: ...ived None the switch will not send any RIP packets and will ignore any RIP packets received The Version field controls the format and the broadcasting method of the RIP packets that the switch sends i...

Page 176: ...more information on configuring IP domains Direction Select the RIP direction from the drop down list box Choices are Outgoing Incoming Both and None Version Select the RIP version from the drop down...

Page 177: ...areas Each area represents a group of adjacent networks All areas are connected to a backbone also known as area 0 The backbone is the transit area to route packets between two areas A stub area at t...

Page 178: ...d path costs Each device can then use the link state database and Dijkstra algorithm to compute the least cost paths to network destinations 25 1 3 Interfaces and Virtual Links An OSPF interface is a...

Page 179: ...DR The router with the highest priority becomes the DR while a router with a priority of 0 does not participate in router elections In Figure 82 on page 177 you can assign a priority of 0 to routers B...

Page 180: ...x displays the status of the neighboring router participating in the OSPF network Link State Database The text box displays information in the link state database which contains data in the LSAs Poll...

Page 181: ...hbor Count This field displays the number of neighbor routers Adjacent Neighbor Count This field displays the number of neighbor router s that is adjacent to the switch Neighbor Neighbor ID This field...

Page 182: ...route redistribution for routes learn through the selected protocol Type Select 1 for routing protocols such as RIP whose external metrics are directly comparable to the internal OSPF cost When select...

Page 183: ...CII character password To configure an area set the related fields in the OSPF Configuration screen Figure 85 OSPF Configuration Area Setup The following table describes the related labels in this scr...

Page 184: ...t route into a stub area for routes which are external to an OSPF domain If you do not set a route cost no default route is added Add Click Add to save your changes to the switch s run time memory The...

Page 185: ...the interface to that area Authentication Note OSPF Interface s must use the same authentication method within the same area Select an authentication method Choices are Same as Area None default Simpl...

Page 186: ...the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to start configuring the above fields again Clear Click Cle...

Page 187: ...me as Area to use the same authentication method within the area and set the related fields when necessary Select None to disable authentication This is the default setting Select Simple to authentica...

Page 188: ...uses the format of an IP address in dotted decimal notation of a peer border router Authentication This field displays the authentication method used Same as Area None Simple or MD5 Key ID When the A...

Page 189: ...onnected networks to gather group membership After that the switch periodically updates this information 26 2 Configuring IGMP Click IP Application IGMP in the navigation panel to display the screen a...

Page 190: ...the drop down list box Choices are IGMP v1 IGMP v2 and None Apply Click Apply to save your changes to the switch s run time memory The switch loses these changes if it is turned off or loses power so...

Page 191: ...VMRP otherwise you see the screen as in Figure 92 on page 191 27 2 How DVMRP Works DVMRP uses the Reverse Path Multicasting RPM algorithm to generate an IP Multicast delivery tree Multicast packets ar...

Page 192: ...erform Reverse Path Forwarding RPF checks on incoming multicast packets RPF checks prevent duplicate packets being filtered when loops exist in the network topology DVMRP prunes trim the multicast del...

Page 193: ...ulticast traffic This applies only to multicast traffic this switch sends out Index Index is the DVMRP configuration for the IP routing domain defined under Network The maximum number of DVMRP configu...

Page 194: ...hanged using line commands Please see the commands chapter later in this User s Guide Table 70 DVMRP Default Timer Values DVMRP FIELD DEFAULT VALUE Probe interval 10 sec Report interval 35 sec Route e...

Page 195: ...the network IP Multicast is a third way to deliver IP packets to a group of hosts on the network not everybody You can configure the switch to untag remove the VLAN tags from IP multicast packets that...

Page 196: ...you make them IP Multicast Egress Untag Vlan ID The switch removes the VLAN tag from IP multicast packets belonging to the specified VLAN before transmission on this port Enter a VLAN group ID in thi...

Page 197: ...dition applications do not have to request a particular service or give advanced notice of where the traffic is going 29 1 1 DSCP and Per Hop Behavior DiffServ defines a new DS Differentiated Services...

Page 198: ...sociated policies 29 2 Activating DiffServ Activate DiffServ to allow the switch to enable DiffServ and apply marking rules and IEEE802 1p priority mapping on the selected port s Click IP Application...

Page 199: ...want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports a...

Page 200: ...n number To set the IEEE802 1p priority mapping select the priority level from the drop down list box Apply Click Apply to save your changes to the switch s run time memory The switch loses these chan...

Page 201: ...the computer must be manually configured 30 1 1 DHCP modes The switch can be configured as a DHCP server or DHCP relay agent If you configure the switch as a DHCP server it will maintain the pool of a...

Page 202: ...e 75 DHCP DHCP Server Status LABEL DESCRIPTION Index This is the index number VID This field displays the ID number of the VLAN group to which this DHCP settings apply Server Status This field display...

Page 203: ...NS servers are passed to the DHCP clients along with the IP address and the subnet mask Add Click Add to save your changes to the switch s run time memory The switch loses these changes if it is turne...

Page 204: ...tworks The following shows an example Figure 103 DHCP Server Configuration Example 30 4 DHCP Relay Configure DHCP relay on the switch if the DHCP clients and the DHCP server are not in the same subnet...

Page 205: ...rt ID 1 byte VLAN ID 2 bytes System name up to 32 bytes this is optional 30 4 2 Configuring DHCP Relay Configure DHCP relay in the DHCP Relay screen Click IP Application DHCP in the navigation panel a...

Page 206: ...nd additional information such as the VLAN ID together with the DHCP requests to the DHCP server This allows the DHCP server to assign the appropriate IP address according to the VLAN ID Figure 106 DH...

Page 207: ...f physical layer 3 devices An IP address is associated with the virtual router A layer 3 device having the same IP address is the preferred master router while the other Layer 3 devices are the backup...

Page 208: ...mple 1 If switch A the master router is unavailable switch B takes over Traffic is then processed by switch B 31 2 VRRP Status Click IP Application VRRP in the navigation panel to display the VRRP Sta...

Page 209: ...router VR Status This field displays the status of the virtual router This field is Master indicating that this switch functions as the master router This field is Backup indicating that this switch f...

Page 210: ...ng table describes the labels in this screen Table 79 VRRP Configuration IP Interface LABEL DESCRIPTION Index This field displays the index number of an entry Network This field displays the IP addres...

Page 211: ...l take over The priority of the VRRP router that owns the IP address es associated with the virtual router is 255 31 3 2 3 Preempt Mode If the master router is unavailable a backup router assumes the...

Page 212: ...t is 1 Preempt Mode Select this option to activate preempt mode Priority Enter a number between 1 and 254 to set the priority level The bigger the number the higher the priority This field is 100 by d...

Page 213: ...81 VRRP Configuring VRRP Parameters LABEL DESCRIPTION Index This field displays the index number of an entry Active This field shows whether a VRRP entry is enabled Yes or disabled No Name This field...

Page 214: ...VRRP parameters in the VRRP Configuration screens on the switches as shown in the figures below Figure 113 VRRP Example 1 VRRP Parameter Settings on Switch A Figure 114 VRRP Example 1 VRRP Parameter...

Page 215: ...ter using VRRP You wish to configure switch A as the master router for virtual router VR1 and as a backup for virtual router VR2 On the other hand switch B is the master for VR2 and a backup for VR1 F...

Page 216: ...VR2 on Switch A Figure 119 VRRP Example 2 VRRP Parameter Settings for VR2 on Switch B After configuring and saving the VRRP configuration the VRRP Status screens for both switches are shown next Figur...

Page 217: ...Figure 122 Maintenance The following table describes the labels in this screen Table 82 Maintenance LABEL DESCRIPTION Current This field displays which configuration Configuration 1 or Configuration...

Page 218: ...nt configuration settings permanently to Configuration 1 on the switch Click Config 2 to save the current configuration settings to Configuration 2 on the switch Alternatively click Save on the top ri...

Page 219: ...e switch s configuration Click Config 2 and follow steps 1 to 2 to reboot and load configuration two on the switch 32 5 Firmware Upgrade Make sure you have downloaded and unzipped the correct model fi...

Page 220: ...fied the file click Restore config is the name of the configuration file on the switch so your backup configuration file is automatically renamed when you restore using this screen 32 7 Backup a Confi...

Page 221: ...32 8 1 1 Example FTP Commands ftp put firmware bin ras This is a sample FTP session showing the transfer of the computer file firmware bin to the switch ftp get config config cfg This is a sample FTP...

Page 222: ...pt 32 8 3 GUI based FTP Clients The following table describes some of the commands that you may see in GUI based FTP clients 32 8 4 FTP Restrictions FTP will not work when FTP service is disabled in t...

Page 223: ...P access control sessions are allowed A console port access control session and Telnet access control session cannot coexist when multi login is disabled See Section 42 11 2 on page 267 for more infor...

Page 224: ...rough which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects t...

Page 225: ...o set values for object variables within an agent Trap Used by the agent to inform the manager of some events Table 85 SNMP Commands COMMAND DESCRIPTION Table 86 SNMP Traps OBJECT LABEL OBJECT ID DESC...

Page 226: ...hat you change the default administrator password 1234 Table 87 Access Control SNMP LABEL DESCRIPTION Get Community Enter the get community which is the password for the incoming Get and GetNext reque...

Page 227: ...cannot change the default administrator user name Only the administrator has read write access Old Password Type the existing system password 1234 is the default password when shipped New Password En...

Page 228: ...igure 132 SSH Communication Example 33 5 How SSH works The following table summarizes how a secure connection is established between two remote hosts Apply Click Apply to save your changes to the swit...

Page 229: ...yption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identification is verif...

Page 230: ...sed so that you may securely access the switch using the web configurator The SSL protocol specifies that the SSL server the switch must always authenticate itself to the SSL client the computer which...

Page 231: ...the switch You see the following Security Alert screen in Internet Explorer Select Yes to proceed to the web configurator login screen if you select No then web configurator access is blocked Figure 1...

Page 232: ...ate 1 Netscape Figure 137 Security Certificate 2 Netscape 33 8 3 The Main Screen After you accept the certificate and enter the login username and password the switch main screen appears The lock disp...

Page 233: ...ort Access Control Service Access Control allows you to decide what services you may use to access the switch You may also change the default service port and configure trusted computer s for each ser...

Page 234: ...llow to access the switch Service Port For Telnet SSH FTP HTTP or HTTPS services you may change the default service port by typing the new port number in the Server Port field If you change the defaul...

Page 235: ...Address End Address Configure the IP address range of trusted computers from which you can manage this switch The switch checks if the client IP address of a computer requesting a service or protocol...

Page 236: ...ES 4124 User s Guide 234 Chapter 33 Access Control...

Page 237: ...c The following table describes the labels in this screen Table 91 Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi line text box Click Clear to empty the...

Page 238: ...ES 4124 User s Guide 236 Chapter 34 Diagnostic...

Page 239: ...er to the documentation of your syslog program for details The following table describes the syslog severity levels 35 2 Syslog Setup Click Management and then Syslog in the navigation panel to displa...

Page 240: ...he syslog setting Logging Type This column displays the names of the categories of logs that the device can generate Active Select this option to set the device to generate logs for the corresponding...

Page 241: ...s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done...

Page 242: ...ES 4124 User s Guide 240 Chapter 35 Syslog...

Page 243: ...oup so as to be able to communicate with one another In the following example switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster mem...

Page 244: ...er 36 Cluster Management Figure 144 Clustering Application Example 36 2 Cluster Management Status Click Management Cluster Management in the navigation panel to display the following screen Note A clu...

Page 245: ...a manager nor a member of a cluster Manager This field displays the cluster manager switch s hardware MAC address The Number of Member This field displays the number of switches that make up this clu...

Page 246: ...Figure 146 Cluster Management Cluster Member Web Configurator Screen 36 2 1 1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cl...

Page 247: ...23 46 rw rw rw 1 owner group 0 Jul 01 12 00 config 00 a0 c5 01 23 46 226 File sent OK ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 370lt0 bin fw 00 a0 c5 01...

Page 248: ...itch that was previously a cluster member is later set to become a cluster manager then its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the membe...

Page 249: ...cannot be managed from the Cluster Manager Its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the member summary list below If multiple devices hav...

Page 250: ...ES 4124 User s Guide 248 Chapter 36 Cluster Management...

Page 251: ...o determine how to forward frames See the following figure 1 The switch examines a received frame and learns the port on which this source MAC address came 2 The switch checks to see if the frame s de...

Page 252: ...elow MAC Click this button to display and arrange the data according to MAC address VID Click this button to display and arrange the data according to VLAN group Port Click this button to display and...

Page 253: ...lowing figure 1 The switch examines a received packet and learns the port on which this source IP address came 2 The switch checks to see if the packet s destination IP address matches a source IP add...

Page 254: ...utton to display and arrange the data according to IP address VID Click this button to display and arrange the data according to VLAN group Port Click this button to display and arrange the data accor...

Page 255: ...s it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The switch fills in its own MAC and IP address in the sender address fields and puts...

Page 256: ...is the ARP Table entry number IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below MAC Address This is the MAC address of the device w...

Page 257: ...Table in the navigation panel to display the screen as shown Figure 154 Routing Table Status The following table describes the labels in this screen Table 102 Routing Table Status LABEL DESCRIPTION I...

Page 258: ...ES 4124 User s Guide 256 Chapter 40 Routing Table...

Page 259: ...le 103 Configure Clone LABEL DESCRIPTION Source Destination Port Enter the source port under the Source label This port s attributes are copied Enter the destination port or ports under the Destinatio...

Page 260: ...estination ports Apply Click Apply to save your changes to the switch s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation pan...

Page 261: ...2 Accessing the CLI You can use a direct console connection or Telnet to access the command interpreter on the switch Note The switch automatically logs you out of the management interface after five...

Page 262: ...stablished a connection to the switch using a direct console connection or Telnet a login screen displays as shown below For your first login enter the default administrator login username admin and p...

Page 263: ...Changing the Password This command is used to change the password for Enable mode By default the same password is used to enter the command line interface CLI and Enable and Config modes of the CLI Th...

Page 264: ...describes command interpreter modes and how to access them username username Specifies a new user up to 32 alphanumeric characters Enter a user name to change the settings of an existing account pass...

Page 265: ...vlan This is a sub mode of the config mode and allows you to configure VLAN settings Type vlan followed by a number between 1 to 4094 For example vlan 10 to configure settings for VLAN 10 sysname con...

Page 266: ...nformation ping ip host name cr ping ip host name vlan vlan id ping help traceroute ip host name cr traceroute ip host name vlan vlan id traceroute help ssh 1 2 user dest ip cr ssh 1 2 user dest ip co...

Page 267: ...e memory command to save the changes permanently Note The write memory command is not available in User mode You must save your changes after each CLI session All unsaved configuration changes are los...

Page 268: ...ommand Commands listed in the tables are in the same order as they are displayed in the CLI See the related section in the User s Guide for more background information 42 11 1 User Mode The following...

Page 269: ...ION PRIVILEGE Table 106 Command Summary Enable Mode COMMAND DESCRIPTION PRIVILEGE baudrate 1 2 3 4 5 Changes the console port speed Choices are 1 9600 2 19200 3 38400 4 57600 and 5 115200 13 boot conf...

Page 270: ...ied TCP session 13 logout Exits Enable or privileged mode 13 mac flush Clears the MAC address table 13 port num Removes all learned MAC address on the specified port s 13 no logging Disables syslog lo...

Page 271: ...a Displays the HTTPS key 13 session Displays current HTTPS session s 13 timeout Displays the HTTPS session timeout 13 igmp filtering profile name Displays IGMP filtering profile settings 13 igmp snoop...

Page 272: ...s 13 ospf neighbor Displays OSPF neighbor information 13 protocol based vlan Displays protocol based VLAN settings on the port s 13 route Displays IP routing information 13 route static Displays IP st...

Page 273: ...cified port s 13 radius server Displays RADIUS server settings 13 remote management Displays all secured client information 13 index Displays the specified secured client information 13 router dvmrp D...

Page 274: ...formation 13 trunk Displays link aggregation information 13 vlan Displays the status of all VLANs 13 vlan id Displays the status of the specified VLAN 13 vlan stacking Displays VLAN stacking settings...

Page 275: ...ntly using 13 index Saves current configuration to the specified configuration file on the switch 13 Table 106 Command Summary Enable Mode continued COMMAND DESCRIPTION PRIVILEGE Table 107 Command Sum...

Page 276: ...ip addr mask bits mask bits destination socket socket num inactive Configures a classifier A classifier groups traffic into data flows according to specific criteria such as the source address destin...

Page 277: ...1q mappings 13 exit Exits from the CLI 13 fe spq q0 q1 q7 Sets the switch to use SPQ to service the subsequent queue s after and including the specified queue for the 10 100 Mbps Ethernet ports 13 ga...

Page 278: ...or more details 13 ip address ip mask Sets the IP address and subnet mask of the out of band management port 13 default gateway ip Sets the default gateway s IP address for the out of band management...

Page 279: ...ied port 13 mode zynos Changes the CLI mode to the ZyNOS format 13 mrstp treeIndex Activates the specified STP configuration 13 interface port list Activates STP on the specified ports 13 path cost 1...

Page 280: ...y dns Disables DHCP primary DNS server settings 13 secondary dns Disables DHCP server secondary DNS settings 13 diffserv Disables the DiffServ settings 13 fe spq Disables Strict Priority Queuing on th...

Page 281: ...ed MAC address belonging to a VLAN group if any forwarded through an interface s 13 mirror port Disables port mirroring on the switch 13 mrstp treeIndex Disables the specified STP configuration tree 1...

Page 282: ...s IGMP on the switch 13 ospf Disables OSPF on the switch 13 rip Disable RIP on the switch 13 vrrp network ip address mask bits vr id 1 7 Deletes VRRP settings 13 service control ftp Disables FTP acces...

Page 283: ...syslog server 13 server ip address inactive Enables syslog logging to the specified syslog server 13 type type DIsables syslog logging for the specified log type sys link config error or report 13 ti...

Page 284: ...utgoing set vlan metering out of profile action change dscp drop forward set drop precedence inactive Configures a policy A classifier distinguishes traffic into flows based on the configured criteria...

Page 285: ...s the port number and key of the external RADIUS server 13 timeout 1 1000 Specifies the RADIUS server timeout value 13 mode priority roun d robin Specifies the mode for RADIUS server selection 13 remo...

Page 286: ...ntication and sets the authentication key for the specified virtual link in the area 13 area area id virtual link router id authentication same as area Sets the virtual link to use the same authentica...

Page 287: ...hentication same as area Resets the authentication settings on this virtual area 13 no area area id virtual link router id Deletes the virtual link from the area 13 no network ip addr bits Deletes the...

Page 288: ...e Activates this VRRP 13 no preempt Disables VRRP preemption mode 13 no primary virtual ip Resets the network to use the default primary virtual gateway interface IP address 13 no secondary virtual ip...

Page 289: ...tations to send your SNMP traps to 13 spanning tree Enables STP on the switch 13 port list Enables STP on a specified port 13 port list path cost 1 65535 Sets the STP path cost for a specified port 13...

Page 290: ...ress of your time server 13 trunk T1 T2 T3 T4 T5 T 6 Activates a trunk group 13 T1 T2 T3 T4 T5 T 6 lacp Enables LACP for a trunk group 13 T1 T2 T3 T4 T5 T 6 interface port list Adds a port s to the sp...

Page 291: ...the port s 13 pir Kbps Sets the maximum bandwidth allowed for incoming traffic on the port s 13 egress Enables bandwidth limits allowed for outgoing traffic on the port s 13 egress Kbps Sets the maxi...

Page 292: ...the IGMP immediate leave function 13 igmp querier mode auto fixed edg e Sets the IGMP query mode for the port 13 inactive Disables the specified port s on the switch 13 ingress check Enables the devic...

Page 293: ...set port list Disables the egress port setting 13 flow control Disables flow control on the port s 13 ge spq Disables strict priority queuing on the Gigabit ports 13 gvrp Disable GVRP on the port s 1...

Page 294: ...000 Mbps of the connection on the interface Selecting auto auto negotiation makes one port able to negotiate with a peer automatically to obtain the connection speed and duplex mode that both ends sup...

Page 295: ...essages sent by the router 13 igmp query max response time 1 25 Sets the maximum time that the router waits for a response to an general query message 13 igmp last member query interval 1 25 Sets the...

Page 296: ...ty Resets the OSPF priority for the interface 13 ip vrrp authentication key Resets the VRRP authentication settings 13 Table 109 interface route domain Commands continued COMMAND DESCRIPTION PRIVILEG...

Page 297: ...untagged port list Specifies the port s you want to tag all outgoing frames transmitted with this VLAN Group ID 13 normal port list Specifies the port s to dynamically join this VLAN group using GVRP...

Page 298: ...13 source port port list Disables the source port s An MVR source port can send and receive multicast traffic in a multicast VLAN 13 tagged port list Sets the port s to untag VLAN tags 13 receiver po...

Page 299: ...age your switch 43 2 show Commands These are the commonly used show commands 43 2 1 show system information Syntax show system information This command shows the general system information such as the...

Page 300: ...etmask 255 255 255 0 VID 0 IP Interface IP 192 168 1 1 Netmask 255 255 255 0 VID 1 sysname sysname show logging 1 Thu Jan 1 00 02 08 1970 PP05 WARN SNMP TRAP 3 link up 2 Thu Jan 1 00 03 14 1970 INFO a...

Page 301: ...a MAC VID or port sysname show interface 2 Port Info Port NO 2 Link 100M F Status FORWARDING LACP Disabled TxPkts 0 RxPkts 63 Errors 0 Tx KBs s 0 0 Rx KBs s 0 0 Up Time 0 02 33 TX Packet Tx Packets 0...

Page 302: ...ttl 1 255 wait 1 60 queries 1 10 sysname show mac address table static Port VLAN ID MAC Address Type CPU 1 00 a0 c5 01 23 46 Static sysname ip host name The IP address or host name of an Ethernet dev...

Page 303: ...control intrusion lock vlan1q vlan1q member bandwidth limit vlan stacking port security broadcast storm control mirroring port access authenticator queuing method igmp filtering spanning tree mrstp p...

Page 304: ...o restart the switch and use a different configuration file if specified The following example restarts the switch to use the second configuration file Use the reload config command to restart the sys...

Page 305: ...onfig to reset the current running configuration 2 Enter write memory to save the changes to the current configuration file If you want to reset the second configuration file use the write memory comm...

Page 306: ...ES 4124 User s Guide 304 Chapter 43 User and Enable Mode Commands...

Page 307: ...ables IGMP snooping on the switch 8021p priority Sets a priority level 0 7 to which the switch changes the priority in outgoing IGMP control packets host timeout 1 16711450 Specifies the time out peri...

Page 308: ...g igmp snooping leave timeout 30 sysname config igmp snooping unknown multicast frame drop igmp filtering Enables IGMP filtering on the switch profile name Specifies a name up to 32 alphanumeric chara...

Page 309: ...interface port list path cost 1 65535 mrstp interface port list priority 0 255 mrstp interface port list treeIndex 1 2 where spanning tree Enables STP on the switch mrstp treeIndex Enables a specific...

Page 310: ...h will wait before changing states This delay is required because every switch must receive information about topology changes before it starts to forward frames In addition each port needs time to li...

Page 311: ...on shows some uses of these commands 44 4 1 Disable Commands Use the no command to disable features on the switch Syntax no spanning tree no mirror port Disables STP on the switch Disables port mirror...

Page 312: ...ntax no trunk T1 T2 T3 T4 T5 T6 no trunk T1 T2 T3 T4 T5 T6 lacp no trunk T1 T2 T3 T4 T5 T6 interface port list where An example is shown next Disable trunk one T1 Disable LAPC on trunk three T3 Remove...

Page 313: ...s host ip 1024 ssh rsa ssh dsa where An example is shown next Disables port authentication on the switch port list reauthenticate Disables the re authentication mechanism on the listed port s port lis...

Page 314: ...hown next Set the queueing method to SPQ 44 6 Static Route Commands You can create and configure static routes on the switch by using the ip route command sysname config no ssh key rsa1 sysname config...

Page 315: ...destination next hop ip Specifies the IP address of the gateway The gateway is an immediate neighbor of your switch that will forward the packet to the destination The gateway must be a router on the...

Page 316: ...is shown next name name Names the filtering rule mac mac addr Specifies the MAC address you want to filter vlan vlan id Specifies which VLAN this rule applies to drop src dst both Selects the behavio...

Page 317: ...DIUS servers is only available via the command interpreter mode Use the radius server command to set up your RADIUS server settings Syntax radius server host index ip radius server host index ip acct...

Page 318: ...cable with multiple RADIUS servers configured priority When a client sends an authentication request through the switch to the RADIUS server The switch will forward the request to the RADIUS server If...

Page 319: ...ch will wait for a response from the RADIUS server Enable port authentication on ports 4 to 8 Activate reauthentication on the ports Specify 1800 seconds as the interval for client reauthentication sy...

Page 320: ...ES 4124 User s Guide 318 Chapter 44 Configuration Mode Commands...

Page 321: ...frequently used interface commands 45 2 1 interface port channel Use this command to enable the specified ports for configuration Indicate multiple non sequential ports separated by a comma Use a das...

Page 322: ...mit command enables bandwidth control on the switch peer tunnel discard network Type peer to process any BPDUs received on these ports Type tunnel to forward BPDUs received on these ports Type discard...

Page 323: ...ss egress both where An example is shown next Enable port mirroring Enable the monitor port 3 pir Kbps Sets the maximum bandwidth allowed for incoming traffic cir Kbps Sets the guaranteed bandwidth al...

Page 324: ...ermit VLAN groups beyond the local switch An example is shown next Enable the IEEE 802 1Q tagged VLAN command to configure tagged VLAN for the switch Enable ports one three four and five for configura...

Page 325: ...is shown next Enable WFQ queuing on the switch Enable port 2 and ports 6 to 8 for configuration sysname config interface port channel 1 3 5 sysname config interface ingress check all tagged u ntagged...

Page 326: ...xample is shown next Enable ports one three four and five for configuration Set the IEEE 802 1p quality of service priority as four 4 sysname configure sysname config wfq sysname config interface port...

Page 327: ...14 test You can perform an interface loopback test on specified ports The test returns Passed or Failed port name string Sets a name for your port interface s sysname config interface port channel 1...

Page 328: ...an disable bandwidth limit on port 1 simply by placing the no command in front of the bandwidth limit command Syntax no bandwidth limit An example is shown next Disable bandwidth limit on port1 sysnam...

Page 329: ...ter the config interface mode to set the VLAN settings on a port then use the pvid vlan id command to set the VLAN ID you created for the port list to that specific port in the PVID table Use the exit...

Page 330: ...name show garp GARP Timer Join Timer 200 Leave Timer 600 Leave All Timer 10000 sysname join msec This sets the duration of the Join Period timer for GVRP in milliseconds Each port has a Join Period ti...

Page 331: ...ave All Timer to 11000 milliseconds 46 2 3 GVRP Timer Syntax show vlan1q gvrp This command shows the switch s GVRP settings An example is shown next 46 2 4 Enable GVRP Syntax vlan1q gvrp This command...

Page 332: ...ts ports 1 to 5 to accept only tagged frames 46 3 3 Enable or Disable Port GVRP Use the gvrp command to enable GVRP on the port s Use the no gvrp command to disable GVRP The following example turns of...

Page 333: ...ning the static VLAN table with vlan id Enter no fixed or no forbidden to change port list to normal status Enter untagged to send outgoing frames without a tag Enter no untagged to tag outgoing frame...

Page 334: ...omes in from the LAN 2 The switch checks the PVID table and assigns a temporary VID of 1 3 The switch ignores the port from which the frame came because the switch does not send a frame to the port fr...

Page 335: ...Static VLAN table An example is shown next VID is the VLAN identification number Status shows whether the VLAN is static or active Elap Time is the time since the VLAN was created on the switch The Ta...

Page 336: ...ES 4124 User s Guide 334 Chapter 46 IEEE 802 1Q Tagged VLAN Commands...

Page 337: ...vlan id mvr vlan id source port port list mvr vlan id receiver port port list mvr vlan id inactive mvr vlan id mode dynamic compatible mvr vlan id name name str mvr vlan id tagged port list mvr vlan i...

Page 338: ...fy the MVR IP multicast group start address ip Specifies the starting IP multicast address of the multicast group in dotted decimal notation end address ip Specifies the ending IP multicast address of...

Page 339: ...this domain ip address This is the IP address of the switch in the routing domain Specify the IP address is dotted decimal notation For example 192 168 1 1 mask bits The number of bits in the subnet...

Page 340: ...ES 4124 User s Guide 338 Chapter 48 Routing Domain Command Examples...

Page 341: ...ecured client IP address your computer s IP address must match it Refer to the chapter on access control for details I cannot access the web configurator The administrator username is admin The defaul...

Page 342: ...p blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address 49 2...

Page 343: ...e this setting 49 2 1 1 2 Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select Tools Int...

Page 344: ...bleshooting Figure 159 Internet Options 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 1 1 4 Click Add to move the...

Page 345: ...lick Close to return to the Privacy screen 6 Click Apply to save this setting 49 2 1 2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer check that JavaScripts...

Page 346: ...61 Internet Options 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure that E...

Page 347: ...Java Scripting 49 2 1 3 Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java perm...

Page 348: ...leshooting Figure 163 Security Settings Java 49 2 1 3 1 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 make sure that Use Java 2 for applet under Java Sun i...

Page 349: ...at you enter the correct password using the proper casing The administrator username is admin The default administrator password is 1234 The username and password are case sensitive Make sure that you...

Page 350: ...ES 4124 User s Guide 348 Chapter 49 Troubleshooting...

Page 351: ...is feature to have the switch assign IP addresses an IP default gateway and DNS servers to computers on your network IGMP Snooping The switch supports IGMP snooping enabling group multicast traffic to...

Page 352: ...at the default gateway of a host is always available STP Spanning Tree Protocol RSTP Rapid STP R STP detects and breaks network loops and provides backup links between switches bridges or routers It a...

Page 353: ...estination Broadcast storm control Static MAC address forwarding Switching Switching fabric 12 8Gbps non blocking Max Frame size 1522 bytes Forwarding frame IEEE 802 3 IEEE 802 1q Ethernet II PPPoE Pr...

Page 354: ...and system status Performance monitoring Line speed Four RMON groups history statistics alarms and events Throughput monitoring Port mirroring and aggregation IGMP snooping Firmware upgrade and downlo...

Page 355: ...d 19 rack mountable 438 mm W x 270 mm D x 44 45 mm H Weight 3 6 Kg Temperature Operating 0 C 45 C 32 F 113 F Storage 10 C 70 C 13 F 158 F Humidity 10 90 non condensing Power Supply AC 100 240V 50 60Hz...

Page 356: ...ES 4124 User s Guide 354 Appendix A Product Specifications...

Page 357: ...ry number Therefore each octet has a possible range of 00000000 to 11111111 in binary or 0 to 255 in decimal There are several classes of IP addresses The first network number 192 in the above example...

Page 358: ...it Class B addresses have a 1 in the leftmost bit and a 0 in the next leftmost bit Class C addresses start with 1 1 0 in the first three leftmost bits Class D addresses begin with 1 1 1 0 Class D addr...

Page 359: ...ork number bits By convention subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask followed by a continuous sequence of zeros for a total number of...

Page 360: ...t octet bit values indicate host ID bits borrowed to make network ID bits The number of borrowed host ID bits determines the number of subnets you can have The remaining number of host ID bits after b...

Page 361: ...d to borrow two host ID bits to give four possible combinations 00 01 10 and 11 The subnet mask is 26 bits 11111111 11111111 11111111 11000000 or 255 255 255 192 Each subnet contains 6 host ID bits gi...

Page 362: ...168 1 127 Highest Host ID 192 168 1 126 Table 128 Subnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mas...

Page 363: ...ts available for subnetting and a class A address has three host ID octets see Table 119 on page 356 available for subnetting Table 130 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS B...

Page 364: ...1 255 255 128 0 17 2 32766 2 255 255 192 0 18 4 16382 3 255 255 224 0 19 8 8190 4 255 255 240 0 20 16 4094 5 255 255 248 0 21 32 2046 6 255 255 252 0 22 64 1022 7 255 255 254 0 23 128 510 8 255 255 2...

Page 365: ...175 Autonomous System AS 175 189 B back up configuration file 218 Backbone Router BR 175 backbone routing 175 Backup Designated Router BDR and OSPF 176 bandwidth control 351 basic settings 69 BDR Back...

Page 366: ...t gateway 201 Designated Router DR and OSPF 176 DHCP 199 client IP pool 201 modes 199 relay agent 199 server 199 setup 200 DHCP Dynamic Host Configuration Protocol 199 diagnostics 235 Ethernet port te...

Page 367: ...ocol 82 322 H hardware installation 35 mounting 36 hardware monitor 70 hardware overview 39 help in command interpreter 263 history in command interpreter 265 HTTPS 228 certificates 228 implementation...

Page 368: ...on 218 maintenance 215 current configuration 215 main screen 215 management 259 Management Information Base MIB 222 management interface See also CLI management port 95 metric 180 MIB and SNMP 222 sup...

Page 369: ...icy configuration 145 pop up Windows allowing 340 port authentication 125 and RADIUS 125 127 and VSA 126 IEEE802 1x 128 port based VLAN type 74 port cloning 257 advanced settings 257 basic settings 25...

Page 370: ...tocol 173 Round Robin Scheduling 150 router ID 180 routing domain 76 207 routing protocols 180 352 routing table 255 RSTP 101 See also STP rubber feet 35 S safety certifications 353 safety warnings 4...

Page 371: ...69 system log 235 system reboot 217 T tagged VLAN 81 Telnet commands 260 logging in 260 management 260 temperature indicator 70 time current 73 time zone 73 Time RFC 868 73 time server 73 time servic...

Page 372: ...outer ID 207 VRRP 205 advertisement interval 209 authentication 208 backup router 205 configuration example 211 Hello message 209 how it works 205 interface setup 207 master router 205 network example...

Reviews:

No comments

Related manuals for Dimension ES-4124

N-Tron 700 Series User Manual & Installation Manual preview
700 Series
Brand: N-Tron Pages: 101
IBM 2210 Installation And Initial Configuration Manual preview
2210
Brand: IBM Pages: 72
D-Link Express Ethernetwork DI-704P Datasheet preview
Express Ethernetwork DI-704P
Brand: D-Link Pages: 2
D-Link Express Ethernetwork DI-704P Quick Install Manual preview
Express Ethernetwork DI-704P
Brand: D-Link Pages: 17
D-Link DSL-2750U Quick Start Manual preview
DSL-2750U
Brand: D-Link Pages: 2
D-Link DVG-7022S Quick Installation Manual preview
DVG-7022S
Brand: D-Link Pages: 7
D-Link DIR-878 Quick Installation Manual preview
DIR-878
Brand: D-Link Pages: 41
D-Link DES-1228/ME User Manual preview
DES-1228/ME
Brand: D-Link Pages: 267
D-Link Air DCS-1000W Setting-Up Manual preview
Air DCS-1000W
Brand: D-Link Pages: 13
Watchguard AP200 Setup Manual preview
AP200
Brand: Watchguard Pages: 40
D-Link AirPlus DWL-810 Owner'S Manual preview
AirPlus DWL-810
Brand: D-Link Pages: 25
D-Link AirPlus DWL-810 Quick Installation Manual preview
AirPlus DWL-810
Brand: D-Link Pages: 8
D-Link DSL-500 Quick Start Manual preview
DSL-500
Brand: D-Link Pages: 11
D-Link DHP-601AV Quick Installation Manual preview
DHP-601AV
Brand: D-Link Pages: 84
D-Link Verizon DSL-2750B Connection Instructions preview
Verizon DSL-2750B
Brand: D-Link Pages: 2
D-Link DVA-2800 Quick Start Manual preview
DVA-2800
Brand: D-Link Pages: 4
D-Link AirPlus G DWL-G710 Troubleshooting preview
AirPlus G DWL-G710
Brand: D-Link Pages: 5
D-Link AC750 Quick Install Manual preview
AC750
Brand: D-Link Pages: 12

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

ABB AEG Acer Asus Beko Black & Decker Bosch Brother Candy Canon Cisco Craftsman D-Link DeWalt Dell Electrolux Emerson Epson Frigidaire Fujitsu GE HP Haier Hitachi Honeywell Huawei Husqvarna JVC Kenmore Kenwood KitchenAid LG Lenovo Makita Miele Mitsubishi Electric Motorola NEC Nikon Nokia Panasonic Philips Pioneer Samsung Sanyo Sharp Siemens Sony TP-Link Toshiba Whirlpool Xiaomi Yamaha Zanussi Load more brands