ZyXEL Communications GS1920-48HPv2 User Manual Download Page 256 | Manualshive

Page: 256 / 432

background image

Chapter 26 IP Source Guard

GS1920v2 Series User’s Guide

256

26.11.1.3 DHC P Re la y O ptio n 82 Info rm a tio n

The Switch can add information to DHCP requests that it does not discard. This provides the DHCP server
more information about the source of the requests. The Switch can add the following information:

• Slot ID (1 byte), port ID (1 byte), and source VLAN ID (2 bytes)

• System name (up to 32 bytes)

This information is stored in an Agent Information field in the option 82 field of the DHCP headers of client
DHCP request frames. See

Chapter 37 on page 323

for more information about DHCP relay option 82.

When the DHCP server responds, the Switch removes the information in the Agent Information field
before forwarding the response to the original source.

You can configure this setting for each source VLAN. This setting is independent of the DHCP relay
settings (

Chapter 37 on page 323

).

26.11.1.4 C o nfig uring DHC P Sno o ping

Follow these steps to configure DHCP snooping on the Switch.

1

Enable DHCP snooping on the Switch.

2

Enable DHCP snooping on each VLAN, and configure DHCP relay option 82.

3

Configure trusted and untrusted ports, and specify the maximum number of DHCP packets that each
port can receive per second.

4

Configure static bindings.

26.11.2 ARP Inspe c tio n O ve rvie w

Use ARP inspection to filter unauthorized ARP packets on the network. This can prevent many kinds of
man-in-the-middle attacks, such as the one in the following example.

Fig ure 183

Example: Man-in-the-middle Attack

In this example, computer

B

tries to establish a connection with computer

A

. Computer

X

is in the same

broadcast domain as computer

A

and intercepts the ARP request for computer

A

. Then, computer

X

does the following things:

• It pretends to be computer

A

and responds to computer

B

.

«
...
254
255
256
257
258
...
»

Summary of Contents for GS1920-48HPv2

Page 1: ...r s Guide GS1920v2 Series 8 24 48 port GbE Smart Managed Switch Copyright 2018 Zyxel Communications Corporation LAN IP Address http DHCP assigned IP or 192 168 1 1 User Name admin Password 1234 Versio...

Page 2: ...ting system Every effort has been made to ensure that the information in this manual is accurate Re late d Doc ume ntation Quick Start Guide The Quick Start Guide shows how to connect the Switch Onlin...

Page 3: ...abels screen names field labels and field choices are all in bold font A right angle bracket within a screen name denotes a mouse click For example Basic Se tting Swtic h Se tup Se le c t VL AN T ype...

Page 4: ...107 Static MAC Forwarding 127 Static Multicast Forwarding 129 Filtering 133 Spanning Tree Protocol 135 Bandwidth Control 156 Broadcast Storm Control 158 Mirroring 160 Link Aggregation 162 Port Authent...

Page 5: ...rvices 319 DHCP 323 ARP Setup 335 Maintenance 339 Access Control 348 Diagnostic 368 System Log 371 Syslog Setup 372 Cluster Management 375 MAC Table 381 ARP Table 384 Path MTU Table 386 Configure Clon...

Page 6: ...EE 802 1Q VLAN Application Examples 25 1 3 Ways to Manage the Switch 26 1 4 Good Habits for Managing the Switch 27 Cha pte r 2 Ha rdwa re Insta lla tion a nd Conne c tion 28 2 1 Installation Scenarios...

Page 7: ...c hnic a l Re fe re nc e 43 Cha pte r 4 T he We b Configurator 44 4 1 Overview 44 4 2 System Login 44 4 3 The Status Screen 48 4 3 1 Change Your Password 52 4 4 Saving Your Configuration 53 4 5 Switc...

Page 8: ...en 75 Cha pte r 8 Ba sic Se tting 77 8 1 Overview 77 8 1 1 What You Can Do 77 8 2 System Information 77 8 3 General Setup 79 8 4 Introduction to VLANs 81 8 5 Switch Setup 82 8 6 IP Setup 83 8 6 1 Mana...

Page 9: ...9 7 Protocol Based VLANs 118 9 7 1 Configuring Protocol Based VLAN 119 9 8 Voice VLAN 120 9 9 MAC Based VLAN 121 9 10 Port Based VLAN Setup 122 9 10 1 Configure a Port Based VLAN 123 9 11 Technical Re...

Page 10: ...e Protocol 146 13 8 1 Multiple Spanning Tree Protocol Port Configuration 149 13 9 Multiple Spanning Tree Protocol Status 150 13 10 Technical Reference 153 13 10 1 MSTP Network Example 153 13 10 2 MST...

Page 11: ...ate IEEE 802 1x Security 172 18 3 1 Guest VLAN 173 18 4 Activate MAC Authentication 175 18 5 Technical Reference 177 18 5 1 IEEE 802 1x 177 18 5 2 RADIUS 177 18 5 3 EAP Extensible Authentication Proto...

Page 12: ...24 1 1 What You Can Do 201 24 1 2 What You Need to Know 201 24 2 Multicast Setup 205 24 3 IPv4 Multicast Status 205 24 3 1 IGMP Snooping 206 24 3 2 IGMP Snooping VLAN 208 24 3 3 IGMP Filtering Profile...

Page 13: ...nfigure 242 26 6 1 DHCP Snooping Port Configure 244 26 6 2 DHCP Snooping VLAN Configure 245 26 6 3 DHCP Snooping VLAN Port Configure 246 26 7 ARP Inspection Status 248 26 8 ARP Inspection VLAN Status...

Page 14: ...Error Disable Recovery Overview 274 30 1 3 What You Can Do 274 30 2 Error Disable Screen 275 30 3 Error Disable Status 275 30 4 CPU Protection Configuration 277 30 5 Error Disable Detect Configuratio...

Page 15: ...Loopback 314 Cha pte r 35 Static Route 316 35 1 Static Routing Overview 316 35 1 1 What You Can Do 316 35 2 Static Routing 316 35 3 IPv4 Static Route 317 Cha pte r 36 Diffe re ntiate d Se rvic e s 319...

Page 16: ...Overview 339 39 1 1 What You Can Do 339 39 2 The Maintenance Screen 339 39 2 1 Erase Running Configuration 340 39 2 2 Save Configuration 341 39 2 3 Reboot System 341 39 3 Firmware Upgrade 342 39 4 Re...

Page 17: ...te r 42 Syste m L og 371 42 1 Overview 371 42 2 System Log 371 Cha pte r 43 Syslog Se tup 372 43 1 Syslog Overview 372 43 1 1 What You Can Do 372 43 2 Syslog Setup 372 Cha pte r 44 Cluste r Manage me...

Page 18: ...e Clone 387 Cha pte r 49 IPv6 Ne ighbor T able 390 49 1 IPv6 Neighbor Table Overview 390 49 2 Viewing the IPv6 Neighbor Table 390 Cha pte r 50 Port Status 392 50 1 Overview 392 50 2 Port Status 392 50...

Page 19: ...19 PA RT I Use r s Guide...

Page 20: ...r direct standalone or cloud mode not both at the same time The Nebula Control Center NCC is an alternative cloud based network management system that allows you to remotely manage and monitor the Swi...

Page 21: ...fferences between standalone and Nebula cloud management modes You can find the Switch s datasheet at the Zyxel website See the NCC Nebula Control Center User s Guide for how to configure the Switch u...

Page 22: ...e Status screen or the device back label on the Switch Use the Zyxe l Ne bula Mobile App to Re giste r the Switc h 1 Download and open the Zyxel Nebula Mobile app in your mobile device Click Sign Up t...

Page 23: ...S1920 48HPv2 where 4 50 is the firmware trunk version ABMK identifies the GS1920 48HPv2 and 0 is the first release of trunk version 4 50 1 1 4 PoE The GS1920 8HPv2 GS1920 24HPv2 and GS1920 48HPv2 come...

Page 24: ...the network simply add more networking devices such as switches routers computers print servers etc Figure 1 Backbone Application 1 2 2 Bridg ing Exa mple In this example the Switch connects different...

Page 25: ...an provide the same bandwidth as ATM at much lower cost while still being able to use existing adapters and switches Moreover the current LAN structure can be retained as all ports can freely communic...

Page 26: ...d for everyday management of the Switch using a supported web browser See Chapter 4 on page 44 FTP Use FTP for firmware upgrades and configuration backup restore See Section 39 7 1 on page 346 SNMP Th...

Page 27: ...pes of characters such as numbers and letters Write down the password and put it in a safe place Back up the configuration and make sure you know how to restore it Restoring an earlier working configu...

Page 28: ...o use the prope r sc re ws may damage the unit See Table 1 on page 20 for the comparison table of the hardware installation methods for each model To start using the Switch simply connect the power ca...

Page 29: ...and the power cord Note Make sure that you meet the requirements of clearance when you use the Switch for stacking It s recommended to only use the Switch with Fans in a stack See Table 1 on page 20 t...

Page 30: ...side of the Switch Figure 6 Attaching the Mounting Brackets 2 Using a 2 Philips screwdriver install the M3 flat head screws through the mounting bracket holes into the Switch 3 Repeat steps 1 and 2 t...

Page 31: ...ilips screwdriver Two screw anchors optional 1 Select a position free of obstructions on a wall strong enough to hold the weight of the Switch 2 Mark two holes on the wall at the appropriate distance...

Page 32: ...allow ventilation WARNING T he Switc h should be wall mounte d horizontally and make sure the front pane l is fac ing down T he Switc h s side pane ls with ve ntilation slots should not be fac ing up...

Page 33: ...securely before installing the unit 2 5 3 Attac hing the Mounting Bra c ke ts to the Switc h 1 Position a mounting bracket on one side of the Switch lining up the four screw holes on the bracket with...

Page 34: ...h on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack Note Make sure you tighten all the four screws to prevent the Switch from g...

Page 35: ...0 Front Panel GS1920 8HPv2 Figure 11 Front Panel GS1920 24v2 Figure 12 Front Panel GS1920 24HPv2 Figure 13 Front Panel GS1920 48v2 Figure 14 Front Panel GS1920 48HPv2 3 1 1 Gigabit Ethe rne t Ports Th...

Page 36: ...lt negotiation settings for the Gigabit ports on the Switch are Speed Auto Duplex Auto Flow control Off Link Aggregation Disabled 3 1 1 2 Auto c rossove r All ports are auto crossover that is auto MDI...

Page 37: ...cally detects the installed transceiver Check the LEDs to verify that it is functioning properly 4 Close the transceiver s latch latch styles vary 5 Connect the fiber optic cables to the transceiver F...

Page 38: ...w the L ink ACTLED works Each Ethernet port s LED is changed to act as a PoE Mode LED by pushing the PoE MODE button on the front panel Each Ethernet port s LED is changed back to act as a L ink ACTLE...

Page 39: ...ur ZyXEL Device which may not be covered by it s warranty 1 Remove the M4 ground screw from the Switch s rear panel 2 Secure a green yellow ground cable 16 AWG or smaller to the Switch s rear panel us...

Page 40: ...om the power module in the power slot SYS Green On The Switch is on and functioning properly Blinking The Switch is rebooting and performing self diagnostic tests Red On The Switch is functioning abno...

Page 41: ...ent power supplied budget Ethernet Ports and PoE LNK ACT 1 8 GS1920 8HPv2 1 24 GS1920 24v2 24HPv2 and 1 48 GS1920 48v2 48HPv2 Green Blinking The Switch is transmitting receiving to from a 1000 Mbps Et...

Page 42: ...inking The Switch is transmitting receiving data 100 Mbps Off There is no link or port the uplink port is shut down SFP Slots 49 50 GS1920 48v2 48HPv2 Green On The uplink port is linking at 1000 Mbps...

Page 43: ...43 PA RT II T e c hnic al Re fe re nc e...

Page 44: ...w Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled by default 4 2 Syste m L...

Page 45: ...enter NCC login page in a new tab or window The NCC is an alternative cloud based network management system that allows you to remotely manage and monitor the Switch see Section 1 1 1 on page 20 Figur...

Page 46: ...e app from the Google Play store for Android devices or the App Store for iOS devices and create an organization and site at NCC Figure 29 Web Configurator Message You may also access this screen at B...

Page 47: ...d 1234 is the default password when shipped New Password Enter your new system password Retype to confirm Retype your new system password for confirmation General Setting Use this section to specify t...

Page 48: ...ng which is the password for the incoming Set requests from the management station The Se t Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community Enter the T ra...

Page 49: ...ration of your Switch that stays the same even if the Switch s power is turned off D Click this link to go to the status page of the Switch E Click this link to log out of the web configurator F Click...

Page 50: ...itch Setup This link takes you to a screen where you can set up global Switch parameters such as VLAN type GARP and priority queues IP Setup This link takes you to a screen where you can configure the...

Page 51: ...to another port in order that you can examine the traffic from the first port without interference Link Aggregation This link takes you to screens where you can logically aggregate physical links to...

Page 52: ...e the DHCP settings ARP Setup This link takes you to screens where you can configure the ARP learning settings for each port Management Maintenance This link takes you to screens where you can perform...

Page 53: ...ation to nonvolatile memory Nonvolatile memory refers to the Switch s storage that remains even if the Switch s power is turned off Note Use the Sa ve link when you are done with a configuration sessi...

Page 54: ...tomatically reboot and restore the factory default file See Section 3 3 on page 40 for more information about the LED behavior 4 6 2 Re store Custom De fault Press the REST ORE button for three to sev...

Page 55: ...ries User s Guide 55 4 8 He lp The web configurator s online help has descriptions of individual screens and some supplementary information Click the He lp link from a web configurator screen to view...

Page 56: ...g Port VID Configuring Switch Management IP Address 5 1 1 Cre a ting a VL AN VLANs confine broadcast frames to the VLAN group in which the port s belongs You can do this with port based VLAN or tagged...

Page 57: ...nent member of the VLAN only 4 To ensure that VLAN unaware devices such as computers and hubs can receive frames properly clear the T X T agging check box to set the Switch to remove VLAN tags before...

Page 58: ...in the PVID field for port 2 and click Apply to save your changes back to the run time memory Settings in the run time memory are lost when the Switch s power is turned off 5 1 3 Config uring Switc h...

Page 59: ...n 4 2 on page 44 for more information 3 Click Basic Se tting IP Se tup in the navigation panel 4 Configure the related fields in the IP Se tup screen 5 For the VL AN2 network enter 192 168 2 1 as the...

Page 60: ...network V Create a VLAN containing ports 5 6 and 7 Connect a computer M to the Switch for management Figure 38 Tutorial DHCP Snooping Tutorial Overview Note For related information about DHCP snoopin...

Page 61: ...in the Control field as shown Deselect T x T agging because you don t want outgoing traffic to contain this VLAN tag Click Add Figure 39 Tutorial Create a VLAN and Add Ports to It 3 Go to Advanc e d...

Page 62: ...shown Click Apply Figure 41 Tutorial Specify DHCP VLAN 5 Click the Port link at the top right corner 6 The DHCP Snooping Port Configure screen appears Select T ruste d in the Se rve rT ruste d state f...

Page 63: ...o either port 6 or 7 The computer should be able to get an IP address from the DHCP server If you put the DHCP server on port 6 or 7 the computer will not able to get an IP address 10 To check if DHCP...

Page 64: ...e VLAN ID and port number in the DHCP request Client A connects to the Switch s port 2 in VLAN 102 Figure 45 Tutorial DHCP Relay Scenario 6 3 2 Cre a ting a VL AN Follow the steps below to configure p...

Page 65: ...gs before sending 7 Click Add to save the settings to the run time memory Settings in the run time memory are lost when the Switch s power is turned off Figure 47 Tutorial Create a Static VLAN 8 Click...

Page 66: ...P Applic ation DHCP DHCPv4 and then the Global link to open the DHCP Re lay screen 2 Select the Ac tive check box 3 Enter the DHCP server s IP address 192 168 2 3 in this example in the Re mote DHCP S...

Page 67: ...it did not receive the IP address 172 16 1 18 make sure 1 Client A is connected to the Switch s port 2 in VLAN 102 2 You configured the correct VLAN ID port number and system name for DHCP relay on b...

Page 68: ...ation system status and IP addresses You can also display other status screens for more information Use the ZON Utility screen Section 7 3 on page 70 to deploy and manage network devices Use the Ne ig...

Page 69: ...in the UAG The format is mm dd yyyy hh mm ss Hardware Version This field displays the hardware version number of the Switch The integer is the model version and the decimal is the version of the hardw...

Page 70: ...play Disc onne c te d or Unre g iste re d In c loud mode the status will display Conne c te d or Disc onne c te d Conne c te d The Switch is registered with and connected to the NCC Disc onne c te d T...

Page 71: ...ur Windows operating system version right click on My Compute r Prope rtie s You should see this information in the Ge ne ra l tab Hardware Here are the minimum hardware requirements to use the ZON Ut...

Page 72: ...information about ZON icon in the upper right hand corner of the screen Then select the Supporte d mode l and firmware ve rsion link If your device is not listed here see the device release notes for...

Page 73: ...twork Figure 55 Discovery 5 The ZON Utility screen shows the devices discovered Figure 56 ZON Utility Screen 6 Select a device and then use the icons to perform actions Some functions may not be avail...

Page 74: ...the Zyxel website to your computer and unzipped it in advance 8 Change Password Use this icon to change the admin password of the selected device You must know the current admin password before chang...

Page 75: ...device have been done successfully As the Switch does not support IP Configura tion Re ne w IP a ddre ss and Fla sh L oc a tor L ED this field displays Update failed Not support Renew IP address and...

Page 76: ...Click the Cyc le button to turn OFF the power of the neighbor device and turn it back ON again A count down button from 5 to 0 starts Note The Switch must support power sourcing PSE or the network dev...

Page 77: ...reen Section 8 7 on page 85 to configure Switch port settings Use the PoEStatus screens Section 8 8 on page 87 to view the current amount of power that PDs are receiving from the Switch and set the pr...

Page 78: ...hernet MAC Media Access Control address of the Switch CPU Utilization CPU utilization quantifies how busy the system is Curre nt displays the current percentage of CPU utilization Memory Utilization M...

Page 79: ...an speed falls below the threshold shown Current This field displays this fan s current speed in Revolutions Per Minute RPM MAX This field displays this fan s maximum speed measured in Revolutions Per...

Page 80: ...is recommended that you use a Daytime timeserver within your geographical time zone T ime RFC 868 format displays a 4 byte integer giving the total number of seconds since 2016 1 1 at 0 0 0 NT P RFC 1...

Page 81: ...e United States on the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States you would select Se c ond Sunda y Ma rc...

Page 82: ...60 to 1000000 seconds This is how long dynamically learned ARP entries remain in the ARP table before they age out and must be relearned The setting here applies to ARP entries which are newly added i...

Page 83: ...queues is dropped if the network is congested Priority Level The following descriptions are based on the traffic types defined in the IEEE 802 1d standard which incorporates the 802 1p To map a prior...

Page 84: ...witch in dotted decimal notation for example 255 255 255 0 Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 1 254 VID Enter the VLAN...

Page 85: ...insert the entry to the summary table below and save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top nav...

Page 86: ...field displays the capacity that the port can support Speed Duplex Select the speed and the duplex mode of the Ethernet connection on this port The choices are 10M Ha lf Duple x 100M Ha lf Duple x 10...

Page 87: ...me losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The Switch uses IEEE802 3x flow control in full duplex mode and backpressure flow contro...

Page 88: ...PoE Sta tus Sc re e n To view the current amount of power that PDs are receiving from the Switch click Basic Se tting PoE Se tup Figure 65 Basic Setting PoE Setup Table 18 Temperature and Action T EM...

Page 89: ...ber State This field shows which ports can receive power from the Switch You can set this in Section 8 8 3 on page 90 Disa ble The PD connected to this port cannot get power supply Ena ble The PD conn...

Page 90: ...Click the PoE Se tup link in the Basic Se tting PoE Se tup screen The following screen opens Table 20 Basic Setting PoE Setup PoE Time Range Status L ABEL DESCRIPT ION Port This is the number of the p...

Page 91: ...ect this to have the Switch pre allocate power to each port based on the classification of the PD device Dual Detection Select this to have the Switch run another detecting procedure between the detec...

Page 92: ...PD is NOT performing Layer 2 power classification using Link Layer Discovery Protocol LLDP 802 3a t the Switch supports the IEEE 802 3at High Power over Ethernet standard and can supply power of up t...

Page 93: ...properly you should configure a static VLAN with the same ID number in the Adva nc e d Applic a tion VL AN screens Add Click this to create a new entry This saves your changes to the Switch s run time...

Page 94: ...tion Click an interface index number in the Basic Se tting IPv6 screen The following screen opens Figure 70 Basic Setting IPv6 IPv6 Interface Status Table 23 Basic Setting IPv6 L ABEL DESCRIPT ION Ind...

Page 95: ...Discovery ND Duplicate Address Detection DAD is enabled on the interface Number of DAD Attempts This field displays the number of consecutive neighbor solicitations the Switch sends for this interfac...

Page 96: ...r Preferred Lifetime This field displays how long in seconds that the global address remains preferred Valid Lifetime This field displays how long in seconds that the global address is valid DNS This...

Page 97: ...EL DESCRIPT ION Table 26 Basic Setting IPv6 IPv6 Configuration IPv6 Global Setup L ABEL DESCRIPT ION IPv6 Hop Limit Specify the maximum number of hops from 1 to 255 in router advertisements This is th...

Page 98: ...n screen to display the screen as shown next Table 27 Basic Setting IPv6 IPv6 Configuration IPv6 Interface Setup L ABEL DESCRIPT ION Interface Select the IPv6 interface you want to configure Active Se...

Page 99: ...the interface Default Gateway Set the default gateway IPv6 address for the interface When an interface cannot find a routing information for a frame s destination it forwards the packet to the default...

Page 100: ...ically using the EUI 64 format Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top nav...

Page 101: ...this interface Enter 0 to turn off DAD NS Interval Specify the time interval from 1000 to 3600000 milliseconds at which neighbor solicitations are re sent for this interface Reachable Time Specify how...

Page 102: ...an be reached through the interface MAC Specify the MAC address of the neighboring device which can be reached through the interface Add Click this to create a new entry or to update an existing one T...

Page 103: ...967295 seconds at which the Switch exchanges other configuration information with a DHCPv6 server again Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these ch...

Page 104: ...has been registered in the NCC Table 33 Basic Setting DNS L ABEL DESCRIPT ION Static Domain Name Server Preference This is the priority of the DNS server address Server Address Enter a domain name ser...

Page 105: ...e Switch If the Switch has Internet access and has been registered in the NCC it will go into cloud management mode In cloud management mode then NCC will first check if the firmware on the Switch nee...

Page 106: ...witch Registration This screen has a QR code containing the Switch s serial number and MAC address for handy NCC registration of the Switch using the Nebula Mobile app First download the app from the...

Page 107: ...voice traffic separately from data traffic to ensure the sound quality does not deteriorate Use the MAC Base d VL AN Se tup screen Section 9 9 on page 121 to set up VLANs that allow you to group untag...

Page 108: ...cides where to forward the frame and then inserts a VLAN tag reflecting the ingress port s default VID The default PVID is VLAN 1 for all ports but this can be changed A broadcast frame or a multicast...

Page 109: ...rt s Figure 83 Port VLAN Trunking 9 1 2 3 Se le c t the VL AN T ype Select a VLAN type in the Basic Se tting Switc h Se tup screen Table 34 IEEE 802 1Q VLAN Terminology VL AN PARAMET ER T ERM DESCRIPT...

Page 110: ...m the navigation panel to display the VL AN Status screen as shown next Figure 85 Advanced Application VLAN VLAN Status The following table describes the labels in this screen Table 35 Advanced Applic...

Page 111: ...on MAC ba se d manually added as MAC based VLAN Change Pages Click Pre vious or Ne xt to show the previous next screen if all status information cannot be seen in one screen Table 35 Advanced Applicat...

Page 112: ...k in the VL AN Configuration screen to display the screen as shown next Table 37 Advanced Application VLAN VLAN Configuration L ABEL DESCRIPT ION Static VLAN Setup Click Clic k He re to configure the...

Page 113: ...e is between 1 and 4094 Port The port number identifies the port you are configuring Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports...

Page 114: ...ne configuring Cancel Click Ca nc e l to change the fields back to their last saved values Clear Click Cle a r to start configuring the screen again VID This field displays the ID number of the VLAN g...

Page 115: ...you make them Ingress Check If this check box is selected the Switch discards incoming frames on a port for VLANs that do not include this port in its member set Clear this check box to disable ingres...

Page 116: ...1 0 24 video services Lastly you configure VLAN with priority 3 and VID of 300 for traffic received from IP subnet 10 1 1 0 24 data services All untagged incoming frames will be classified based on th...

Page 117: ...a numeric characters to identify this subnet based VLAN IP Enter the IP address of the subnet for which you want to configure this subnet based VLAN Mask Bits Enter the bit number of the subnet mask T...

Page 118: ...pstream ARP traffic from port 1 2 and 3 will be grouped together and all upstream Apple Talk traffic from port 6 and 7 will be in another group and have higher priority than ARP traffic when they go t...

Page 119: ...down list box to select a predefined protocol to be included in this protocol based VLAN or select Othe rs and type the protocol number in hexadecimal notation For example the IP protocol in hexadecim...

Page 120: ...ation screen as shown Figure 94 Advanced Application VLAN VLAN Configuration Voice VLAN Setup Port This field shows which port belongs to this protocol based VLAN Name This field shows the name the pr...

Page 121: ...ault setting is 5 The higher the numeric value you assign the higher the priority for this Voice VLAN Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these chan...

Page 122: ...entry This is the source MAC address of the data packet that is looked up when untagged packets arrive at the Switch VID Type an ID from 1 to 4094 for the VLAN ID that is associated with the MAC based...

Page 123: ...d Filte ring that require a VID you must enter 1 as the VID The port based VLAN setup screen is shown next The CPU management port forms a VLAN with all Ethernet ports 9 10 1 Configure a Port Ba se d...

Page 124: ...Chapter 9 VLAN GS1920v2 Series User s Guide 124 Figure 97 Advanced Application VLAN Port Based VLAN Setup Port Isolation...

Page 125: ...secure After you make your selection click Apply top right of screen to display the screens as mentioned above You can still customize these settings by adding deleting incoming or outgoing ports but...

Page 126: ...Figure 98 Protocol Based VLAN Configuration Example To add more ports to this protocol based VLAN 1 Click the index number of the protocol based VLAN entry Click 1 2 Change the value in the Port fiel...

Page 127: ...0 2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address...

Page 128: ...anel to save your changes to the non volatile memory when you are done configuring Cancel Click Ca nc e l to reset the fields to their last saved values Clear Click Cle a r to begin configuring this s...

Page 129: ...a member of a multicast group A static multicast address is a multicast MAC address that has been manually entered in the multicast table Static multicast addresses do not age out Static multicast fo...

Page 130: ...cast Forwarding to Multiple Ports 11 2 Configuring Static Multic ast Forwarding Use this screen to configure rules to forward specific multicast frames such as streaming or control frames to specific...

Page 131: ...iple ports separated by no space comma or hyphen For example enter 3 5 for ports 3 4 and 5 Enter 3 5 7 for ports 3 5 and 7 Add Click Add to save your rule to the Switch s run time memory The Switch lo...

Page 132: ...1920v2 Series User s Guide 132 Delete Click De le te to remove the selected entry from the summary table Cancel Click Ca nc e l to clear the check boxes Table 46 Advanced Application Static Multicast...

Page 133: ...destination MAC addresses and VLAN group ID 12 1 1 Wha t You Ca n Do Use the Filte ring screen Section 12 2 on page 133 to create rules for traffic going through the Switch 12 2 Configure a Filte rin...

Page 134: ...ur changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile...

Page 135: ...s screen Section 13 5 on page 141 to view the RSTP status Use the Multiple Rapid Spanning T re e Protoc ol screen Section 13 6 on page 142 to configure MRSTP Use the Multiple Rapid Spanning T re e Pro...

Page 136: ...e lowest cost to the root among the bridges connected to the LAN How ST P Works After a bridge determines the lowest cost spanning tree with STP it enables the root port and the ports that are the des...

Page 137: ...P Multiple Spanning Tree Protocol IEEE 802 1s is backward compatible with STP RSTP and addresses the limitations of existing spanning tree protocols STP and RSTP in networks to include the following...

Page 138: ...n Figure 106 Advanced Application Spanning Tree Protocol This screen differs depending on which STP mode RSTP MRSTP or MSTP you configure on the Switch This screen is described in detail in the sectio...

Page 139: ...Application Spanning Tree Protocol Configuration L ABEL DESCRIPT ION Spanning Tree Mode You can activate one of the STP modes on the Switch Select Ra pid Spa nning T re e Multiple Ra pid Spanning T r...

Page 140: ...range is 6 to 40 seconds Forwarding Delay This is the maximum time in seconds the Switch will wait before changing states This delay is required because every switch must receive information about to...

Page 141: ...uration Click Config ura tion to specify which STP mode you want to activate Click RST P to edit RSTP settings on the Switch Bridge Root refers to the base of the spanning tree the root bridge Our Bri...

Page 142: ...d bridge has the lowest path cost to the root bridge among the bridges connected to the LAN segment All the ports on a root bridge root switch are designated ports Alte rna te A blocked port which has...

Page 143: ...ic value becomes the STP root switch If all switches have the same priority the switch with the lowest MAC address will then become the root switch Select a value from the drop down list box The lower...

Page 144: ...ge Select this check box to configure a port as an edge port when it is directly attached to a computer An edge port changes its initial STP port state from blocking state to forwarding state immediat...

Page 145: ...second This is the maximum time in seconds the Switch can wait without receiving a configuration message before attempting to reconfigure Forwarding Delay second This is the time in seconds the root...

Page 146: ...forwarding state when the designated port for the LAN segment fails Bac kup A blocked port which has a backup redundant path to a LAN segment where a designated port is already connected when a switc...

Page 147: ...Chapter 13 Spanning Tree Protocol GS1920v2 Series User s Guide 147 Figure 112 Advanced Application Spanning Tree Protocol MSTP...

Page 148: ...orward Delay 1 Max Age 2 Hello Time 1 Maximum hops Enter the number of hops between 1 and 255 in an MSTP region before the BPDU is discarded and the port information is aged Configuration Name Enter a...

Page 149: ...The allowed range is between 0 and 255 and the default value is 128 Path Cost Path cost is the cost of transmitting a frame on to a LAN through that port It is recommended to assign this value accordi...

Page 150: ...first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Edge Select this check box to configur...

Page 151: ...e for Root and Our Bridg e if the Switch is the root switch Hello Time second This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines...

Page 152: ...erating normally It learns MAC addresses processes BPDUs and forwards received frames Port Role This field displays the role of the port in STP Root A forwarding port on a non root bridge which has th...

Page 153: ...are configured on the two switches If the switches are using STP or RSTP the link for VLAN 2 will be blocked as STP and RSTP allow only one link in the network and block the redundant link Figure 115...

Page 154: ...stance mapping 13 10 3 MSTInstanc e An MST Instance MSTI is a spanning tree instance VLANs can be configured to run on a specific MSTI Each created MSTI is identified by a unique number known as an MS...

Page 155: ...Chapter 13 Spanning Tree Protocol GS1920v2 Series User s Guide 155 Figure 118 MSTP and Legacy RSTP Network Example...

Page 156: ...ining a maximum allowable bandwidth for incoming and or out going traffic flows on a port 14 1 1 Wha t You Ca n Do Use the Bandwidth Control screen Section 14 2 on page 156 to limit the bandwidth for...

Page 157: ...as you make them Active Select this check box to activate ingress rate limits on this port Ingress Rate Specify the maximum bandwidth allowed in kilobits per second Kbps for the incoming traffic flow...

Page 158: ...multicast and or DLF packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast and or DLF packets in your network You can specify limits for...

Page 159: ...settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Broadcast pkt s Select this option and specify how many broadca...

Page 160: ...c from the monitor port without interference 16 1 1 Wha t You Ca n Do Use the Mirroring screen Section 16 2 on page 160 to select a monitor port and specify the traffic flow to be copied to the monito...

Page 161: ...ts Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row a...

Page 162: ...L ink Aggre gation Se tting screen Section 17 3 on page 164 to configure to enable static link aggregation Use the L ink Aggre gation Control Protoc ol screen Section 17 3 1 on page 166 to enable Link...

Page 163: ...of the following information1 17 2 L ink Aggre gation Status Click Advanc e d Applic ation L ink Aggre gation in the navigation panel The L ink Aggre gation Status screen displays by default See Secti...

Page 164: ...Link Aggregation ID on page 163 for more information on this field The ID displays only when there is a port belonging to this trunk group and LACP is also enabled for this group Criteria This shows...

Page 165: ...s in this screen Table 64 Advanced Application Link Aggregation Link Aggregation Setting L ABEL DESCRIPT ION Link Aggregation Setting This is the only screen you need to configure to enable static lin...

Page 166: ...ination MAC address Select src dst ma c to distribute traffic based on a combination of the packet s source and destination MAC addresses Select src ip to distribute traffic based on the packet s sour...

Page 167: ...following table describes the labels in this screen Table 65 Advanced Application Link Aggregation Link Aggregation Setting LACP L ABEL DESCRIPT ION Link Aggregation Control Protocol Note Do not confi...

Page 168: ...LACP Active Select this option to enable LACP for a trunk Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same...

Page 169: ...nk Aggre gation Se tting In this screen activate trunk group T 1 select the traffic distribution algorithm used by this group and select the ports that should belong to this group as shown in the figu...

Page 170: ...EEE 802 1x authentication first If a user fails to authenticate via the IEEE 802 1x method then access to the port is denied 18 1 1 Wha t You Ca n Do Use the Port Authe ntic ation screen Section 18 2...

Page 171: ...ials The login credentials are based on the source MAC address of the client connecting to a port on the Switch along with a password configured specifically for MAC authentication on the Switch Figur...

Page 172: ...own Select a port authentication method s link in the screen that appears Figure 129 Advanced Application Port Authentication 18 3 Ac tivate IEEE 802 1x Se c urity Use this screen to activate IEEE 802...

Page 173: ...mit 802 1x authentication on this port You must first allow 802 1x authentication on the Switch before configuring it on each port Max Req Specify the number of times the Switch tries to authenticate...

Page 174: ...uthentication 802 1x Guest VLAN The following table describes the labels in this screen Table 67 Advanced Application Port Authentication 802 1x Guest VLAN L ABEL DESCRIPT ION Port This field displays...

Page 175: ...ulti Host to authenticate only the first user that connects to this port If the first user enters the correct credential any other users are allowed to access the port without authentication If the fi...

Page 176: ...ed to the RADIUS server Password Type the password the Switch sends along with the MAC address of a client for authentication with the RADIUS server You can enter up to 32 printable ASCII characters T...

Page 177: ...erver The RADIUS server handles the following tasks Authentication Determines the identity of the users Authorization Determines the network services available to authenticated users once they are con...

Page 178: ...know The key is not sent over the network In addition to the shared key password information exchanged is also encrypted to protect the network from unauthorized access 18 5 3 EAP Exte nsible Authe nt...

Page 179: ...server The exchange of certificates is done in the open before a secured tunnel is created This makes user identity vulnerable to passive attacks A digital certificate is an electronic ID card that au...

Page 180: ...um port security enable this feature disable MAC address learning and configure static MAC address es for a port It is not recommended you disable port security together with MAC address learning as t...

Page 181: ...ck boxes and clear the Addre ss L e a rning check boxes only for the ports specified in the Port list Active Select this option to enable port security on the Switch Port This field displays the port...

Page 182: ...ccess port 2 at any one time A sixth device would have to wait until one of the five learned MAC addresses aged out MAC address aging out time can be set in the Switc h Se tup screen The valid range i...

Page 183: ...dules One time schedules are effective only once while recurring schedules usually repeat Both types of schedules are based on the current date and time in the Switch 20 1 1 Wha t You Ca n Do Use the...

Page 184: ...d minute when the schedule begins and ends respectively Select the second option if you want to define a recurring schedule for multiple non consecutive time periods You need to select each day of the...

Page 185: ...ha t You Ne e d to Know Quality of Service QoS refers to both a network s ability to deliver data with minimum delay and the networking methods used to control the use of bandwidth Without QoS all tra...

Page 186: ...s shown Table 71 Advanced Application Classifier Classifier Status L ABEL DESCRIPT ION Index This field displays the index number of the rule Click an index number to edit the rule Active This field d...

Page 187: ...Chapter 21 Classifier GS1920v2 Series User s Guide 187 Figure 137 Advanced Application Classifier Classifier Configuration...

Page 188: ...ion and specify a priority level in the field provided Ethernet Type Select an Ethernet type or select Othe r and enter the Ethernet type number in hexadecimal value Refer to Table 74 on page 190 for...

Page 189: ...source IP address in dotted decimal notation Specify the address prefix by entering the number of ones in the subnet mask A subnet mask can be represented in a 32 bit notation For example the subnet m...

Page 190: ...CRIPT ION Table 73 Advanced Application Classifier Classifier Configuration Summary Table L ABEL DESCRIPT ION Index This field displays the index number of the rule Click an index number to edit the r...

Page 191: ...Se tting Use this screen to configure the match order and enable logging on the Switch In the Cla ssifie r Config ura tion screen click Cla ssifie r Globa l Se tting to display the configuration scree...

Page 192: ...g to the layer of the item configured in the rule Layer 4 items have the highest priority and layer 2 items has the lowest priority For example you configure a layer 2 item VLAN ID in classifier A and...

Page 193: ...GS1920v2 Series User s Guide 193 Figure 140 Classifier Example...

Page 194: ...cy rule ensures that a traffic flow gets the requested treatment in the network 22 1 1 Wha t You Ca n Do Use the Polic y Rule screen Section 22 2 on page 194 to enable the policy and display the activ...

Page 195: ...oses Classifier s This field displays the active classifier s you configure in the Cla ssifie r screen Select the classifier s to which this policy rule applies To select more than one classifier pres...

Page 196: ...rop the packets Policy 2 applies to Class 2 and the action is to enable bandwidth limitation the Switch will discard the packets immediately If Policy 1 applies to Class 1 and the action is to forward...

Page 197: ...to limit bandwidth on a traffic flow classified using the Example classifier refer to Section 21 5 on page 192 Figure 142 Policy Example Delete Click De le te to remove the selected entry from the su...

Page 198: ...smitted first When that queue empties traffic on the next highest priority queue Q6 is transmitted until Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empt...

Page 199: ...rather than a fixed amount of bandwidth WRR is activated only when a port has more traffic than it can handle Queues with larger weights get more service than queues with smaller weights This queuing...

Page 200: ...field Queues with larger weights get more guaranteed bandwidth than queues with smaller weights Weighted Round Robin Scheduling services queues on a rotating basis based on their queue weight the numb...

Page 201: ...reen Section 24 3 1 on page 206 to enable IGMP snooping to forward group multicast traffic only to ports that are members of that group Use the IPv6 Multic ast Status screen Section 24 4 on page 211 t...

Page 202: ...VLANs that IGMP snooping should be performed on This is referred to as fixed mode In fixed mode the Switch does not learn multicast group membership of any VLANs other than those explicitly added as...

Page 203: ...ain in the group MVR Ove rvie w Multicast VLAN Registration MVR is designed for applications such as Media on Demand MoD that use multicast traffic across an Ethernet ring based service provider netwo...

Page 204: ...lowing figure shows a multicast television example where a subscriber device such as a computer in VLAN 1 receives multicast traffic from the streaming media server S via the Switch Multiple subscribe...

Page 205: ...e d Applic ation Multic a st IPv4 Multic ast to display the screen as shown This screen shows the IPv4 multicast group information See Section 24 1 on page 201 for more information on multicasting Fig...

Page 206: ...Multicast IPv4 Multicast L ABEL DESCRIPT ION Index This is the index number of the entry VID This field displays the multicast VLAN ID Port This field displays the port number that belongs to the mult...

Page 207: ...nd then make adjustments on a port by port basis Changes in this row are copied to all the ports as soon as you make them Immed Leave Select this option to set the Switch to remove this port from the...

Page 208: ...fault to prohibit the port from joining any multicast group You can create IGMP filtering profiles in the Multic a st IPv4 Multic a st IGMP Snooping IGMP Filte ring Profile screen IGMP Querier Mode Th...

Page 209: ...changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile mem...

Page 210: ...D This field displays the ID number of the VLAN group Select an entry s check box to select a specific entry Otherwise select the check box in the table heading row to select all entries Delete Check...

Page 211: ...lticast address range End Address This field displays the end of the multicast address range Delete Profile Select a profile s check box to select a specific profile Otherwise select the check box in...

Page 212: ...ced Application Multicast IPv6 Multicast MLD Snooping proxy L ABEL DESCRIPT ION MLD Snooping proxy Use these settings to configure MLD snooping proxy Active Select Active to enable MLD snooping proxy...

Page 213: ...ria ble Robustness Variable Enter the number of queries A multicast address entry learned only on an upstream port by snooping is removed from the forwarding table when there is no response to the co...

Page 214: ...D Snooping proxy Port Role Setting Index This is the index number of the MLD snooping proxy VLAN entry in the table Click on an index number to view more details or change the settings VID This field...

Page 215: ...ulticast router Otherwise select None if the port is not joining a multicast group or does not belong to this VLAN Leave Mode Select the leave mode for the specified downstream port s in this VLAN Thi...

Page 216: ...his option to limit the number of multicast groups this port is allowed to join Max Group Num Enter the number of multicast groups this port is allowed to join Once a port is registered in the specifi...

Page 217: ...specify a different IP multicast address range Start Address Type the starting multicast IPv6 address for a range of multicast IPv6 addresses that you want to belong to the MLD filtering profile End...

Page 218: ...c VLAN with the same VID when you create a multicast VLAN in this screen To delete the profile s and all the accompanying rules select the profile s that you want to remove then click the De le te but...

Page 219: ...up to 32 printable ASCII characters for identification purposes Multicast VLAN ID Enter the VLAN ID 1 to 4094 of the multicast VLAN 802 1p Priority Select a priority level 0 7 with which the Switch r...

Page 220: ...is sent or received on this port Tagging Select this checkbox if you want the port to tag the VLAN ID in all outgoing frames transmitted Add Click this to create a new entry or to update an existing o...

Page 221: ...cast group Refer to IP Multicast Addresses on page 201 for more information on IP multicast addresses Add Click this to create a new entry This saves your changes to the Switch s run time memory The S...

Page 222: ...VLAN 1 are able to receive the traffic Figure 159 MVR Configuration Example To configure the MVR settings on the Switch create a multicast VLAN in the MVR screen and set the receiver and source ports...

Page 223: ...forward the multicast group traffic to the subscribers configure multicast group settings in the Group Configuration screen The following figure shows an example where two IPv4 multicast groups Ne ws...

Page 224: ...Chapter 24 Multicast GS1920v2 Series User s Guide 224 Figure 162 MVR Group Configuration Example 2 EXAMPLE...

Page 225: ...Se rve r Se tup screen Section 25 4 on page 228 to configure your TACACS authentication settings Use the AAA Se tup screen Section 25 5 on page 230 to configure authentication authorization and accou...

Page 226: ...ber of users from a central location The following table describes some key differences between RADIUS and TACACS 25 2 AAA Sc re e ns The AAA screens allow you to enable authentication and authorizati...

Page 227: ...ts for an authentication request response from the RADIUS server If you are using inde x priority for your authentication and you are using two RADIUS servers then the timeout value is divided between...

Page 228: ...decimal notation UDP Port The default port of a RADIUS accounting server for accounting is 1813 You need not change this value unless your network administrator instructs you to do so Shared Secret S...

Page 229: ...its for an authentication request response from the TACACS server If you are using inde x priority for your authentication and you are using two TACACS servers then the timeout value is divided betwee...

Page 230: ...l notation TCP Port The default port of a TACACS accounting server is 49 You need not change this value unless your network administrator instructs you to do so Shared Secret Specify a password up to...

Page 231: ...ent access privilege level assigned via the external server Dot1x Allow an IEEE 802 1x client to have different bandwidth limit or VLAN ID assigned via the external server Active Select this to activa...

Page 232: ...ng you want to modify Ve ndor data A value you want to assign to the setting Note Refer to the documentation that comes with your RADIUS server on how to configure VSAs for users authenticating via th...

Page 233: ...for authentication This section lists the attributes used by authentication functions on the Switch In cases where the attribute has a specific format associated with it the format is specified Table...

Page 234: ...s User Name The format of the User Name attribute is e nab where is the privilege level 1 14 User Password NAS Identifier NAS IP Address 25 6 3 2 Attribute s Use d to L ogin Use rs User Name User Pass...

Page 235: ...Guard Static Binding screen Section 26 4 on page 237 to manage static bindings for DHCP snooping and ARP inspection Use the DHCP Snooping screen Section 26 5 on page 239 to look at various statistics...

Page 236: ...Know The Switch builds the binding table by snooping DHCP packets dynamic bindings and from information provided manually by administrators static bindings IP source guard consists of the following fe...

Page 237: ...C address and VLAN ID as an existing static binding the new static binding replaces the original one To open this screen click Advanc e d Applic ation IP Sourc e Guard IPv4 Sourc e Guard Se tup Static...

Page 238: ...ct this and enter the number of the port s separated by a comma ARP entries learned on the specified port s are added to the static bindings table after you click ARP Fre e ze VL AN L ist Select this...

Page 239: ...id Type This field displays how the Switch learned the binding sta tic This binding was learned from information provided manually by an administrator VLAN This field displays the source VLAN ID in th...

Page 240: ...rce Guard Setup DHCP Snooping L ABEL DESCRIPT ION Database Status This section displays the current settings for the DHCP snooping database You can configure them in the DHCP Snooping Config ure scree...

Page 241: ...mber of times the Switch successfully or unsuccessfully read or updated the DHCP snooping database Total attempts This field displays the number of times the Switch has tried to access the DHCP snoopi...

Page 242: ...red Unsupported vlans This field displays the number of bindings the Switch ignored because the VLAN ID does not exist anymore Last ignored time This field displays the last time the Switch ignored an...

Page 243: ...HCP requests from different VLAN Select Disa ble if you do not want the Switch to forward DHCP packets to a specific VLAN Database If T ime out inte rva l is greater than Write de la y inte rva l it i...

Page 244: ...u want the Switch to load it You can use this to load dynamic bindings from a different DHCP snooping database than the one specified in Ag e nt URL When the Switch loads dynamic bindings from a DHCP...

Page 245: ...a trusted port T ruste d or an untrusted port Untruste d Trusted ports are connected to DHCP servers or other switches and the Switch discards DHCP packets from trusted ports only if the rate at which...

Page 246: ...This field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings are applied to all VLANs Enabled Select Ye s to enable DHCP snooping on the VLAN You st...

Page 247: ...nfig ure screen see Section 26 6 on page 242 The profile you select here has priority over the one you select in the DHCP Snooping Config ure VL AN screen Add Click this to create a new entry or to up...

Page 248: ...l number for each MAC address filter MAC Address This field displays the source MAC address in the MAC address filter VID This field displays the source VLAN ID in the MAC address filter Port This fie...

Page 249: ...Ns you want to look at in the section below Enabled VLAN Select this to look at all the VLANs on which ARP inspection is enabled in the section below Selected VLAN Select this to look at all the VLANs...

Page 250: ...acket Sender IP This field displays the source IP address of the ARP packet Num Pkts This field displays the number of ARP packets that were consolidated into this log message The Switch consolidates...

Page 251: ...fic VLAN and specify trusted ports Filter Aging Time Filter aging time This setting has no effect on existing MAC address filters Enter how long 1 2147483647 seconds the MAC address filter remains in...

Page 252: ...syslog server The relationship between Syslog rate and L og inte rva l is illustrated in the following examples 4 invalid ARP packets per second Syslog ra te is 5 L og inte rva l is 1 the Switch sends...

Page 253: ...Switch discards ARP packets on untrusted ports in the following situations The sender s information in the ARP packet does not match any of the current bindings The rate at which ARP packets arrive is...

Page 254: ...elow Apply Click this to display the specified range of VLANs in the section below VID This field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings...

Page 255: ...gs The rate at which DHCP packets arrive is too high 26 11 1 2 DHCP Snooping Database The Switch stores the binding table in volatile memory If the Switch restarts it loads static bindings from perman...

Page 256: ...each source VLAN This setting is independent of the DHCP relay settings Chapter 37 on page 323 26 11 1 4 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch 1 Enable...

Page 257: ...rt for ARP inspection This setting is independent of the trusted untrusted setting for DHCP snooping You can also specify the maximum rate at which the Switch receives ARP packets on untrusted ports T...

Page 258: ...Wha t You Ca n Do Use the L oop Guard screen Section 27 2 on page 260 to enable loop guard on the Switch and in specific ports 27 1 2 Wha t You Ne e d to Know Loop guard is designed to handle loop pro...

Page 259: ...guard enabled port N on switch A sending a probe packet P to switch B Since switch B is in loop state the probe packet P returns to port N on A The Switch then shuts down port N to ensure that the re...

Page 260: ...nal log messages as well as SNMP traps when it shuts down a port via the loop guard feature Port This field displays the port number Settings in this row apply to all ports Use this row only if you wa...

Page 261: ...he Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel...

Page 262: ...used on the service provider s edge devices L2PT allows edge switches 1 and 2 in the following figure to tunnel layer 2 STP Spanning Tree Protocol CDP Cisco Discovery Protocol and VTP VLAN Trunking Pr...

Page 263: ...c e ss port is an ingress port on the service provider s edge device 1 or 2 in Figure 190 on page 263 and connected to a customer switch A or B Incoming layer 2 protocol packets received on an access...

Page 264: ...exist in the address table of a switch on the service provider s network Note All the edge switches in the service provider s network should be set to use the same MAC address for encapsulation Port...

Page 265: ...e the Switch send UDLD packets to a peer s port it connected to monitor the physical status of a link Mode Select Ac c e ss to have the Switch encapsulate the incoming layer 2 protocol packets and for...

Page 266: ...he PPPoE Intermediate Agent on the Switch Use the PPPoE IA Pe r Port screen Section 29 3 1 on page 270 to set the port state and configure PPPoE intermediate agent sub options on a per port basis Use...

Page 267: ...ds the user defined identifier string and variables into the Agent Circuit ID Sub option The variables can be the slot ID of the PPPoE client the port number of the PPPoE client and or the VLAN ID on...

Page 268: ...on a trusted port the Switch forwards it to other trusted port s Note The Switch will drop all PPPoE discovery packets if you enable the PPPoE intermediate agent and there are no trusted ports Untrust...

Page 269: ...or for a specific VLAN on a port in the Adva nc e d Applic a tion PPPoE Inte rme dia te Ag e nt Port VL AN screen has priority over this That means if you also want to configure PPPoE IA Per Port or P...

Page 270: ...describes the labels in this screen Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the...

Page 271: ...packets which are sent from a PPPoE server but received on an untrusted port Circuit id Enter a string of up to 63 ASCII characters that the Switch adds into the Agent Circuit ID sub option for PPPoE...

Page 272: ...This field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings are applied to all VLANs Use this row to make the setting the same for all VLANs Use th...

Page 273: ...ettings are applied to all VLANs Use this row to make the setting the same for all VLANs Use this row first and then make adjustments on a VLAN by VLAN basis Changes in this row are copied to all the...

Page 274: ...ures such as loop guard or CPU protection allow the Switch to shut down a port or discard specific packets on a port when an error is detected on the port For example if the Switch detects that packet...

Page 275: ...Status in the Advanc e d Applic ation Errdisable screen to display the screen as shown Table 124 Advanced Application Errdisable L ABEL DESCRIPT ION Errdisable Status Click this link to view whether...

Page 276: ...port on which you want to configure Errdisable Status Cause This displays the type of the control packet received on the port or the feature enabled on the port and causing the Switch to take the spec...

Page 277: ...e c t screen Figure 199 Advanced Application Errdisable CPU protection Status This field displays the errdisable status Forwa rding The Switch is forwarding packets Rate limitation mode is always in F...

Page 278: ...oon as you make them Rate Limit pkt s Enter a number from 0 to 256 to specify how many control packets this port can receive or transmit per second 0 means no rate limit You can configure the action t...

Page 279: ...loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Ca n...

Page 280: ...loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Ca...

Page 281: ...ds other ports in this VLAN to the isolated port list and blocks traffic between the isolated ports A promiscuous port can communicate with any port in the same VLAN An isolated port can communicate w...

Page 282: ...le below and save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes t...

Page 283: ...e sent a WAKE signal is sent to the link partner to return the link to active mode Auto Powe r Down Auto Powe r Down turns off almost all functions of the port s physical layer functions when the link...

Page 284: ...e same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them EEE Select this to activate Energy...

Page 285: ...nits in the form of TLV Type Length Value Device information carried in the received LLDPDUs is stored in the standard MIB The Switch supports these basic management TLVs End of LLDPDU mandatory Chass...

Page 286: ...s and easy trouble shooting for misconfigured IP addresses There are three classes of endpoint devices that the LLDP MED supports Class I IP Communications Controllers or other communication related s...

Page 287: ...vanced Application LLDP The following table describes the labels in this screen Table 131 Advanced Application LLDP L ABEL DESCRIPT ION LLDP LLDP Local Status Click here to show a screen with the Swit...

Page 288: ...LLDP MED LLDP MED Configuration Click here to show a screen to configure LLDP MED Link Layer Discovery Protocol for Media Endpoint Devices parameters LLDP MED Network Policy Click here to show a scree...

Page 289: ...Syste m Ca pa bilitie s Supporte d Bridge Syste m Ca pa bilitie s Ena ble d Bridge Management Address TLV The Management Address TLV identifies an address associated with the local LLDP agent that may...

Page 290: ...Chapter 33 Link Layer Discovery Protocol LLDP GS1920v2 Series User s Guide 290 Figure 209 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail...

Page 291: ...es not support auto negotiation AN Ena ble d The current auto negotiation status of the port AN Adve rtise d Ca pa bility The auto negotiation capabilities of the port Ope r MAU T ype The current Medi...

Page 292: ...EL IN Emergency Location Identifier Number Table 133 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail L ABEL DESCRIPT ION Table 134 Advanced Application LLDP LLDP Remote Stat...

Page 293: ...next Figure 211 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail Basic TLV The following table describes the labels in Basic TLV part of the screen Table 135 Advanced Appli...

Page 294: ...This displays the remote port description System Name TLV This displays the system name of the remote device System Description TLV This displays the system description of the remote device System Ca...

Page 295: ...lication LLDP LLDP Remote Status LLDP Remote Port Status Detail Dot1 and Dot3 TLV L ABEL DESCRIPT ION Dot1 TLV Port VLAN ID TLV This displays the VLAN ID of this port on the remote device Port Protoco...

Page 296: ...gotiation capabilities of the port Ope r MAU T ype The current Medium Attachment Unit MAU type of the port Link Aggregation TLV The Link Aggregation TLV indicates whether the link is capable of being...

Page 297: ...Chapter 33 Link Layer Discovery Protocol LLDP GS1920v2 Series User s Guide 297 Figure 213 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail MED TLV...

Page 298: ...a te ba se L CI latitude and longitude coordinates of the Location Configuration Information LCI Civic L CI IETF Geopriv Civic Address based Location Configuration Information EL IN Emergency Location...

Page 299: ...mit Hold Enter the time to live TTL multiplier of LLDP frames The device information on the neighboring devices ages out and is discarded when its corresponding TTL expires The TTL value is to multipl...

Page 300: ...eption is allowed on this port Disable not allowed Tx Only transmit only Rx Only receive only Tx Rx transmit and receive Notification Select whether LLDP notification is enabled on this port Apply Cli...

Page 301: ...the sending of System Description TLVs on the port s System Name Select the check box es to enable or to disable the sending of System Name TLVs on the port s Apply Click Apply to save your changes t...

Page 302: ...the port s All check boxes in this column are enabled by default Max Frame Size Select the check box es to enable or disable the sending of IEEE 802 3 Max Frame Size TLVs on the port s Power Via MDI...

Page 303: ...etting the same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them Notification Topology Chan...

Page 304: ...hrough 63 with the 0 representing use of the default DSCP value Priority Enter the priority value for the network policy Add Click Add after finish entering the network policy information A summary ta...

Page 305: ...Location Coordinates The LLDP MED uses geographical coordinates and Civic Address to set the location information of the remote device Geographical based coordinates includes latitude longitude altitu...

Page 306: ...ber Enter a numerical digit string corresponding to the ELIN identifier which is used during emergency call setup to a traditional CAMA or ISDN trunk based PSAP The valid length is from 10 to 25 chara...

Page 307: ...lect a specific entry Otherwise select the check box in the table heading row to select all entries Delete Check the locations that you want to remove then click the De le te button Cancel Click Ca nc...

Page 308: ...t network connection problems The Switch supports the following IEEE 802 3ah features Discovery this identifies the devices on each end of the Ethernet link and their OAM configuration Remote Loopback...

Page 309: ...ch Mode This field displays the operational state of the port when OAM is enabled on the port Ac tive Allows the port to issue and respond to Ethernet OAM commands Pa ssive Allows the port to respond...

Page 310: ...e following table describes the labels in this screen Table 145 Advanced Application OAM Status OAM Details L ABEL DESCRIPT ION Discovery This section displays OAM configuration details and operationa...

Page 311: ...are sent in event notification PDUs and indicate when the number of errors in a given interval time number of frames number of symbols or number of errored frame seconds exceeds a specified threshold...

Page 312: ...ernet device that is connected to the Switch Vendor oui This field displays the Organizationally Unique Identifiers OUI representing the vendor of the IEEE 802 3ah enabled remote Ethernet device that...

Page 313: ...AMPDU Rx This field displays the number of unsupported OAM PDUs received on the port Table 145 Advanced Application OAM Status OAM Details continued L ABEL DESCRIPT ION Table 146 Advanced Application...

Page 314: ...ore Rx Select this check box to set the Switch to process loopback commands received on the port Otherwise clear the check box to have the Switch ignore loopback commands received on the port Apply Cl...

Page 315: ...ends loopback control PDUs to initiate or terminate a remote loopack test Start Click Sta rt to initiate a remote loopback test from the specified port by sending Enable Loopback Control PDUs to the r...

Page 316: ...ending SNMP traps or using ping to test IP connectivity This figure shows a T e lne t session coming in from network N1 The Switch sends reply traffic to default gateway R1 which routes it back to the...

Page 317: ...L DESCRIPT ION Active This field allows you to activate deactivate this static route Name Enter a descriptive name up to 10 printable ASCII characters for identification purposes Destination IP Addres...

Page 318: ...s field displays the index number of the route Click a number to edit the static route entry Active This field displays Ye s when the static route is activated and NO when it is deactivated Name This...

Page 319: ...Do Use the DiffSe rv screen Section 36 2 on page 320 to activate DiffServ to apply marking rules or IEEE 802 1p priority mapping on the Switch Use the DSCP Se tting screen Section 36 3 1 on page 322...

Page 320: ...ed marking rules A network administrator can then apply various traffic policies to the traffic flows An example traffic policy is to give higher drop precedence to one traffic flow over others In our...

Page 321: ...e index number of a port on the switch Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings...

Page 322: ...apping DSCP VALUE 0 7 8 15 16 23 24 31 32 39 40 47 48 55 56 63 IEEE 802 1p 0 1 2 3 4 5 6 7 Table 151 IP Application DiffServ DSCP Setting L ABEL DESCRIPT ION 0 63 This is the DSCP classification ident...

Page 323: ...ed on the VLAN domain of the DHCPv4 clients Use the DHCPv6 Re lay screen Section 37 5 on page 333 to enable and configure DHCPv6 relay 37 1 2 Wha t You Ne e d to Know Read on for concepts on DHCP that...

Page 324: ...on the Switch if the DHCP clients and the DHCP server are not in the same broadcast domain During the initial IP address leasing the Switch helps to relay network information such as the IP address a...

Page 325: ...is option You can change the Syste m Name in Basic Se ttings Ge ne ra l Se tup The following describes the DHCP relay agent information that the Switch sends to the DHCP server 37 4 1 1 DHCPv4 Re lay...

Page 326: ...157 IP Application DHCP DHCPv4 Option 82 Profile L ABEL DESCRIPT ION Name Enter a descriptive name for the profile for identification purposes You can use up to 32 ASCII characters Spaces are allowed...

Page 327: ...e This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Sa ve link on the top navigation panel to save your changes to th...

Page 328: ...off or loses power so use the Sa ve link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Canc e l to begin configuring this scree...

Page 329: ...AN ID Cancel Click this to reset the values above based on the last selected entry or if not applicable to clear the fields above Clear Click Cle a r to reset the fields to the factory defaults Index...

Page 330: ...the Switch See Section 5 1 3 on page 58 for information on how to do this Figure 238 IP Application DHCP DHCPv4 VLAN The following table describes the labels in this screen EXAMPLE Table 160 IP Appli...

Page 331: ...the VLAN group to which this DHCP settings apply Type This field displays Re la y for the DHCP mode DHCP Status For DHCP server configuration this field displays the starting IP address and the size...

Page 332: ...sting one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your change...

Page 333: ...tion and the interface ID option to the Relay Forward DHCPv6 messages The remote ID option carries a user defined string such as the system name The interface ID option provides slot number port infor...

Page 334: ...ves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non vola...

Page 335: ...adcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in the sender address fields and puts the known IP address of the target in the target IP address field...

Page 336: ...ous ARP A gratuitous ARP is an ARP request in which both the source and destination IP address fields are set to the IP address of the device that sends this request and the destination MAC address fi...

Page 337: ...and ICMP reply 38 2 ARP Se tup Click IP Applic a tion ARP Se tup in the navigation panel to display the screen as shown Click the link next to ARP L e arning to open a screen where you can set the ARP...

Page 338: ...arning Mode Select the ARP learning mode the Switch uses on the port Select ARP Re ply to have the Switch update the ARP table only with the ARP replies to the ARP requests sent by the Switch Select G...

Page 339: ...firmware Use the Re store Config ura tion screen Section 39 4 on page 343 to upload a stored device configuration file Use the Bac kup Configuration screen Section 39 5 on page 344 to save your confi...

Page 340: ...Configuration Click Clic k He re to reset the configuration to the Zyxel default configuration settings Save Configuration Click Config 1 to save the current configuration settings to Config ura tion...

Page 341: ...l unsaved changes are erased after you reboot the Switch 39 2 3 Re boot Syste m Re boot Syste m allows you to restart the Switch without physically turning the power off It also allows you to load con...

Page 342: ...Switch You should see V2 x in the Hardware Ve rsion field The integer 2 identifies the GS1920v2 Series See Section 7 2 on page 68 for more information about the Hardware Ve rsion field Go to the Zyxe...

Page 343: ...a re 1 shows its version number and model code and MM DD YYYY creation date Firmwa re 2 shows its version number and model code and MM DD YYYY creation date Current Boot Image This displays which firm...

Page 344: ...dialog box pops up asking whether you want to open or save the file click Save or Save File to download it to the default downloads folder on your computer If a Save As screen displays after you click...

Page 345: ...he Mbuf log report is stored in flash permanent memory For example Mbuf 50 means a log will be created when the Mbuf utilization is over 50 The higher the Mbuf threshold number the fewer logs will be...

Page 346: ...file firmware bin to the Switch ftp get config config cfg This is a sample FTP session saving the current configuration to a file called config cfg on your computer If your T FTP client does not allo...

Page 347: ...ion on filename conventions 7 Enter quit to exit the ftp prompt 39 7 4 GUI ba se d FT P Clie nts The following table describes some of the commands that you may see in GUI based FTP clients 39 7 5 FT...

Page 348: ...ach SNMP manager Use the Use r Information screen Section 40 3 3 on page 352 to create SNMP users for authentication with managers using SNMP v3 and associate them to SNMP groups Use the L ogins scree...

Page 349: ...253 Management Access Control SNMP Table 169 Management Access Control L ABEL DESCRIPT ION SNMP Click this link to configure your SNMP settings Logins Click this link to assign which users can access...

Page 350: ...r the Se t Community which is the password for incoming Set requests from the management station The Se t Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community E...

Page 351: ...h sends to that SNMP manager Type Select the categories of SNMP traps that the Switch is to send to the SNMP manager Options Select the individual SNMP traps that the Switch is to send to the SNMP sta...

Page 352: ...same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Changes in this row are copied to all the ports as soon as you make them Active Selec...

Page 353: ...ich SNMP group this user is a dmin Members of this group can perform all types of system configuration including the management of administrator accounts re a dwrite Members of this group have read an...

Page 354: ...age me nt Ac c e ss Control L ogins to view the screen as shown Figure 257 Management Access Control Logins The following table describes the labels in this screen Table 174 Management Access Control...

Page 355: ...login accounts SNMP user accounts the authentication method sequence and authorization settings multiple logins and administrator and enable passwords and display configuration information Users can...

Page 356: ...e port by typing the new port number in the Se rvic e Port field If you change the default port number then you will have to let people who wish to use the service know the new port number for that se...

Page 357: ...nt L ABEL DESCRIPT ION Entry This is the client set index number A client set is a group of one or more trusted computers from which an administrator may use a service to manage the Switch Active Sele...

Page 358: ...ement SNMP managers can be required to authenticate with agents before conducting SNMP management sessions Security can be further enhanced by encrypting the SNMP messages sent from the managers Encry...

Page 359: ...rap is sent when the usage power is above the usage indication threshold pethMainPowerUsageOffNo tification 1 3 6 1 2 1 105 0 3 This trap is sent when the usage power is below the usage indication thr...

Page 360: ...iled 1 3 6 1 2 1 80 0 2 This trap is sent when a ping test consisting of a series of ping probes fails pingTestCompleted 1 3 6 1 2 1 80 0 3 This trap is sent when a ping test is completed traceroute t...

Page 361: ...yption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identification is verif...

Page 362: ...itch must always authenticate itself to the SSL client the computer which requests the HTTPS connection with the Switch whereas the SSL client only should authenticate itself when the SSL server requi...

Page 363: ...access is blocked Figure 264 Security Alert Dialog Box Internet Explorer 6 Inte rne t Explore r 7 or 8 When you attempt to access the Switch HTTPS server a screen with the message There is a problem w...

Page 364: ...n screen instructions to install the certificate in your browser Figure 267 Certificate Internet Explorer 7 or 8 Mozilla Fire fox Warning Me ssage s When you attempt to access the Switch HTTPS server...

Page 365: ...eries User s Guide 365 Figure 268 Security Alert Mozilla Firefox Confirm the HTTPS server URL matches Click Confirm Se c urity Exc e ption to proceed to the web configurator login screen Figure 269 Se...

Page 366: ...e case click Advanc e d and then Proc e e d to x x x x unsafe to proceed to the web configurator login screen Figure 270 Security Alert Google Chrome 58 0 3029 110 40 7 4 1 T he Main Sc re e n After y...

Page 367: ...Chapter 40 Access Control GS1920v2 Series User s Guide 367 Figure 271 Example Lock Denoting a Secure Connection EXAMPLE...

Page 368: ...the Diagnostic screen You can use this screen to help you identify problems 41 2 Diagnostic Click Manage me nt Diagnostic in the navigation panel to open this screen Use this screen to ping IP address...

Page 369: ...the Switch perform the traceroute function This determines the path a packet takes to the specified device TTL Enter the Time To Live TTL value for the ICMP Echo Request packets This is to set the ma...

Page 370: ...to show the cable length Distance to fault This displays the distance between the port and the location where the cable is open or shorted This shows N A if the Pa ir sta tus is Ok This shows Unsuppo...

Page 371: ...g reaches the maximum number of log messages new log messages automatically overwrite existing log messages starting with the oldest existing log message first Figure 273 Management System Log The sum...

Page 372: ...g severity levels 43 1 1 Wha t You Ca n Do Use the Syslog Se tup screen Section 43 2 on page 372 to configure the device s system logging settings and configure a list of external syslog servers 43 2...

Page 373: ...tation of your syslog program for more details Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save...

Page 374: ...ex This is the index number of a syslog server entry Click this number to edit the entry Active This field displays Ye s if the device is to send logs to the syslog server No displays if the device is...

Page 375: ...the other switches on the upper floors of the building are cluster members Figure 275 Clustering Application Example 44 1 1 Wha t You Ca n Do Use the Cluste r Manage me nt screen Section 44 2 on page...

Page 376: ...not via the cluster manager None neither a manager nor a member of a cluster Manager This field displays the cluster manager switch s hardware MAC address The Number of Member This field displays the...

Page 377: ...mber is later set to become a cluster manager then its Sta tus is displayed as Error in the Cluste rMa na g e me nt Sta tus screen and a warning icon appears in the member summary list below Name Type...

Page 378: ...r changes the web configurator password afterwards then it cannot be managed from the Cluste r Ma na g e r Its Sta tus is displayed as Error in the Cluste r Ma na g e me nt Sta tus screen If multiple...

Page 379: ...gure 278 Cluster Management Cluster Member Web Configurator Screen 44 4 1 1 Uploading Firmware to a Cluste r Me mbe r Switc h You can use FTP to upload firmware to a cluster member switch through the...

Page 380: ...ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 430AAHW0 bin fw 00 a0 c5 01 23 46 200 Port command okay 150 Opening data connection for STOR fw 00 a0 c5 01 23 4...

Page 381: ...hether the MAC address is dynamic or static 45 1 2 Wha t You Ne e d to Know The Switch uses the MAC table to determine how to forward frames See the following figure 1 The Switch examines a received f...

Page 382: ...82 Figure 280 MAC Table Flowchart 45 2 Vie wing the MAC T able Use this screen to check whether the MAC address is dynamic or static Click Manage me nt MAC T able in the navigation panel to display th...

Page 383: ...data according to port number Transfer Type Select Dyna mic to MAC forwa rding and click the T ra nsfe r button to change all dynamically learned MAC address entries in the summary table below into s...

Page 384: ...if it finds the address it sends it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address in th...

Page 385: ...you specified Cancel Click Ca nc e l to return the fields to the factory defaults Index This is the ARP table entry number IP Address This is the IP address of a device connected to a Switch port with...

Page 386: ...able Use this screen to view IPv6 path MTU information on the Switch Click Manage me nt Path MT U T able in the navigation panel to display the screen as shown Figure 283 Management Path MTU Table The...

Page 387: ...w This chapter shows you how you can copy the settings of one port onto other ports 48 2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination...

Page 388: ...Chapter 48 Configure Clone GS1920v2 Series User s Guide 388 Figure 284 Management Configure Clone...

Page 389: ...that ports 2 4 and 6 are the destination ports 2 6 indicates that ports 2 through 6 are the destination ports Basic Setting Select which port settings you configured in the Ba sic Se tting menus shou...

Page 390: ...ind an entry in the neighbor table or the state for the neighbor is not reachable it starts the address resolution process This helps reduce the number of IPv6 solicitation and advertisement messages...

Page 391: ...o determine reachability probe P The Switch is sending request packets and waiting for the neighbor s response invalid IV The neighbor address is with an invalid IPv6 address unknown The status of the...

Page 392: ...tatus to see the following screen Figure 286 Port Status for PoE model s The following table describes the labels in this screen Table 195 Port Status L ABEL DESCRIPT ION Port This identifies the Ethe...

Page 393: ...ered device PD is allowed to receive power from the Switch on this port LACP This fields displays whether LACP Link Aggregation Control Protocol has been enabled on the port TxPkts This field shows th...

Page 394: ...nfo Port NO This field displays the port number you are viewing Name This field displays the name of the port Link This field displays the speed either 10M for 10Mbps 100M for 100Mbps 1000M for 1000Mb...

Page 395: ...f good broadcast packets transmitted Pause This field shows the number of 802 3x Pause packets transmitted Rx Packet The following fields display detailed information about packets received Unicast Th...

Page 396: ...27 This field shows the number of packets including bad packets received that were between 65 and 127 octets in length 128 255 This field shows the number of packets including bad packets received tha...

Page 397: ...the cable type Coppe r or Fibe r for the combo ports This field displays Down if the port is not connected to any device Tx kB s This field shows the transmission speed of data sent on this port in ki...

Page 398: ...itch 2 Make sure the power adaptor or cord is connected to the Switch and plugged in to an appropriate power source Make sure the power source is turned on 3 Disconnect and re connect the power adapto...

Page 399: ...username is admin and the default password is 1234 2 If this does not work you have to reset the device to its factory defaults See Section 4 6 on page 54 I cannot see or access the L og in screen in...

Page 400: ...witch 4 If this does not work you have to reset the device to its factory defaults See Section 4 6 on page 54 Pop up Windows JavaScripts and Java Permissions In order to use the web configurator you n...

Page 401: ...e web configurator to save the configuration permanently See also Section 39 2 2 on page 341 for more information about how to save your configuration I accidentally unplugged the Switch I m not sure...

Page 402: ...st information Please have the following information ready when you contact an office Re quire d Information Product model and serial number Warranty Information Date that you received your device Bri...

Page 403: ...om pk Philippine s Zyxel Philippines http www zyxel com ph Singapore Zyxel Singapore Pte Ltd http www zyxel com sg T aiwan Zyxel Communications Corporation http www zyxel com tw zh T hailand Zyxel Tha...

Page 404: ...Re public Zyxel Communications Czech s r o http www zyxel cz De nmark Zyxel Communications A S http www zyxel dk Estonia Zyxel Estonia http www zyxel com ee et Finland Zyxel Communications http www z...

Page 405: ...nelux http www zyxel nl Norwa y Zyxel Communications http www zyxel no Poland Zyxel Communications Poland http www zyxel pl Romania Zyxel Romania http www zyxel com ro ro Russia Zyxel Russia http www...

Page 406: ...ine http www ua zyxel com L atin Ame ric a Arge ntina Zyxel Communication Corporation http www zyxel com ec es Bra zil Zyxel Communications Brasil Ltda https www zyxel com br pt Ec uador Zyxel Communi...

Page 407: ...r s Guide 407 North Ame ric a USA Zyxel Communications Inc North America Headquarters http www zyxel com us en Oc e ania Australia Zyxel Communications Corporation http www zyxel com au en Afric a Sou...

Page 408: ...situations in which this service is used Table 198 Commonly Used Services NAME PROT OCOL PORT S DESCRIPT ION AH IPSEC_TUNNEL User Defined 51 The IPSEC AH Authentication Header tunneling protocol uses...

Page 409: ...t sends out ICMP echo requests to test whether or not a remote host is reachable POP3 TCP 110 Post Office Protocol version 3 lets a client computer get e mail from a POP3 server through a temporary co...

Page 410: ...UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments...

Page 411: ...a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Pre fix and Pre fix L e ngth Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length spe...

Page 412: ...llowing table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group Table 200 Prede...

Page 413: ...uely and automatically generated Unlike DHCPv6 Dynamic Host Configuration Protocol version six which is used in IPv6 stateful autoconfiguration the owner and status of addresses don t need to be maint...

Page 414: ...ble server S2 For an IA_TA the client may send a Renew or Rebind message at the client s discretion DHCP Re lay Age nt A DHCP relay agent is on the same network as the DHCP clients and helps forward m...

Page 415: ...tes its IPv6 caches constantly using the information from response messages In IPv6 the Switch configures a link local address automatically and then sends a neighbor solicitation message to check if...

Page 416: ...for IP address assignment you have to additionally install a DHCPv6 client software on your Windows XP Note If you use static IP addresses or Router Advertisement for IPv6 address assignment in your n...

Page 417: ...le Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer To enable IPv6 in Windows 7 1 Select Control Pane l Ne twork and Sh...

Page 418: ...ck your dynamic IPv6 address This example shows a global address 2001 b021 2d 1000 obtained from a DHCP server C ipconfig Windows IP Configuration Ethernet adapter Local Area Connection Connection spe...

Page 419: ...ct to the following two conditions 1 This device may not cause harmful interference 2 This device must accept any interference received including interference that may cause undesired operations Chang...

Page 420: ...n incorrect type dispose of used batteries according to the instruction Dispose them at the applicable collection point for the recycling of electrical and electronic device For detailed information a...

Page 421: ...l ll velo a un punto limpio Cuando llegue el momento de desechar el producto la recogida por separado ste y o su bater a ayudar a salvar los recursos naturales y a proteger la salud humana y medioambi...

Page 422: ...not apply if the product has been modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the...

Page 423: ...ks 335 learning mode 335 overview 335 setup 337 ARP Address Resolution Protocol 384 ARP inspection 236 256 ARP Reply 335 ARP Request 336 authentication setup 230 authentication authorization and accou...

Page 424: ...nt port 123 CPU protection 274 current date 80 current time 80 customer support 402 D daylight saving time 81 default Ethernet settings 36 default IP 83 DHCP configuration options 323 Dynamic Host Con...

Page 425: ...ng 133 rules 133 filtering database MAC table 381 firmware 78 upgrade 342 379 flow control back pressure 87 IEEE802 3x 87 forwarding delay 148 frames tagged 115 untagged 115 front panel 35 FTP 346 fil...

Page 426: ...y Protocol 411 neighbor table 390 ping 411 prefix 411 prefix length 411 stateless autoconfiguration 413 unspecified address 412 IPv6 interface 93 DHCPv6 client 102 enable 98 global address 99 global u...

Page 427: ...ng 382 MAC based VLAN 121 maintanence configuration backup 344 firmware 342 restoring configuration 343 maintenance 339 current configuration 340 main screen 340 Management Information Base MIB 358 ma...

Page 428: ...me schedule 183 Operations Administration and Maintenance 308 Option 82 325 P PAGP 265 password 52 administrator 47 354 Path MTU 386 Path MTU Discovery 386 Per Hop Behavior 319 PHB 319 ping test conne...

Page 429: ...118 and IEEE 802 1Q tagging 118 application example 118 configuration example 125 isolate traffic 118 priority 119 setup 119 un tagged packets 118 PVID 108 Q QoS 319 and classifier 185 Quality of Serv...

Page 430: ...c bindings 236 static MAC address 127 static MAC forwarding 127 static multicast address 129 static multicast forwarding 129 static route enable 317 metric 318 static routes 316 static VLAN 112 contro...

Page 431: ...g 255 PPPoE IA 268 user name 45 default 45 user profiles 226 V Vendor Specific Attribute See VSA 232 ventilation holes 29 VID 111 number of possible VIDs 108 priority frame 108 VID VLAN Identifier 108...

Page 432: ...55 home 48 login 44 logout 54 navigation panel 49 weight queuing 199 Weighted Round Robin Scheduling WRR 199 WRR Weighted Round Robin Scheduling 198 Z ZDP 70 ZON neighbor management 75 ZON Utility 70...

Reviews:

No comments

Related manuals for GS1920-48HPv2

Brand: Makita Pages: 2

Brand: 4RF Pages: 7

Brand: Magnadyne Pages: 13

Brand: T&D Pages: 122

Brand: Ubiquiti Pages: 3

Barricade SMC7901WBRA2

Brand: SMC Networks Pages: 2

Brand: XMOS Pages: 6

Brand: EVOC Pages: 57

Brand: ICP DAS USA Pages: 8

Brand: Nilox Pages: 66

Brand: BHU NETWORKS Pages: 75

Brand: Perle Pages: 491

Brand: XtendLan Pages: 21

Brand: Ariesys Pages: 10

Brand: VideoWave Pages: 12

Brand: Alcatel-Lucent Pages: 60

Airborne M2M ABDN-er-DP55 Series

Brand: B+B SmartWorx Pages: 120

Brand: Vista Pages: 93

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands