ZyXEL Communications GS2220-10 User Manual Download

Page: 546 / 556

Index

GS2220 Series User’s Guide

546

customer support

522

date

current

daylight saving time

DDMI Details screen

DDMI screen

DES (Data Encryption Standard)

509

DHCP

configuration options

371

Dynamic Host Configuration Protocol

370

modes

370

Relay Agent Information format

372

setup

371

DHCP Option 82 Profile screen

373

DHCP relay

configure

tutorial

DHCP relay agent

DHCP relay option 82

DHCP Relay screen

DHCP screen

DHCP snooping

configure

DHCP relay option 82

trusted ports

untrusted ports

DHCP snooping database

271

DHCP Snooping Port Configure screen

DHCP Status screen

371

DHCP Unique IDentifier (DUID)

533

DHCP-assigned IP

519

DHCPv4

global relay

global relay example

Option 82

option 82 profiles

Relay Agent Information

372

DHCPv4 relay

372

DHCPv6

enable in Windows XP

536

DHCPv6 client

DHCPv6 Client Setup screen

DHCPv6 relay

interface-ID

remote-ID

DHCPv6 Relay screen

diagnostics

Ethernet port test

ping

Differentiated Service (DiffServ)

DiffServ

activate

DS field

DSCP

network example

PHB

service level

DiffServ Code Points

Digital Diagnostics Monitoring Interface

454

disclaimer

539

disposal and recycling information

541

DS (Differentiated Services)

DSCP

what it does

dual firmware images

dual personality interface

duplex mode

dust plug

Dynamic Host Configuration Protocol for IPv6

(DHCPv6)

533

dynamic link aggregation

187

egress port

153

electrical inspection authority

electrician

electrostatic discharge (ESD)

Environment Statement

541

Errdisable Detect screen

312

Errdisable Recovery screen

Errdisable screen

errdisable status

error disable

Summary of Contents for GS2220-10

Page 1: ...th 2 4 Dual Personality GbE Uplinks 8 24 44 Port GbE L2 PoE Switch with 2 4 Dual Personality GbE Uplinks Copyright 2020 Zyxel Communications Corporation Management IP Address http DHCP assigned IP or...

Page 2: ...y effort has been made to ensure that the information in this manual is accurate Related Documentation CLI Reference Guide This guide explains how to use the Command Line Interface CLI to configure th...

Page 3: ...field labels and field choices are all in bold font A right angle bracket within a screen name denotes a mouse click For example Basic Setting IP Setup IP Configuration Network Proxy Configuration me...

Page 4: ...c MAC Forwarding 154 Static Multicast Forwarding 156 Filtering 159 Spanning Tree Protocol 161 Bandwidth Control 181 Broadcast Storm Control 183 Mirroring 185 Link Aggregation 187 Port Authentication 1...

Page 5: ...s 366 DHCP 370 ARP Setup 383 Maintenance 387 Access Control 401 Diagnostic 426 System Log 429 Syslog Setup 430 Cluster Management 433 MAC Table 439 ARP Table 442 Path MTU Table 444 Configure Clone 445...

Page 6: ...xample Application 29 1 2 3 Bridging or Fiber Uplink Example Application 30 1 2 4 High Performance Switching Example 30 1 2 5 IEEE 802 1Q VLAN Application Examples 31 1 2 6 IPv6 Support 31 1 3 Ways to...

Page 7: ...rt II Technical Reference 49 Chapter 4 Web Configurator 50 4 1 Overview 50 4 2 System Login 50 4 3 Zyxel One Network ZON Utility 54 4 3 1 Requirements 54 4 3 2 Run the ZON Utility 55 4 4 Networked AV...

Page 8: ...ration through a DHCP Server on the Switch 92 Chapter 7 Status 95 7 1 Overview 95 7 1 1 What You Can Do 95 7 2 Status 95 7 2 1 Neighbor Screen 97 7 2 2 Neighbor Detail 99 Chapter 8 Basic Setting 101 8...

Page 9: ...hat You Can Do 133 9 1 2 What You Need to Know 134 9 2 Introduction to IEEE 802 1Q Tagged VLANs 134 9 3 VLAN Status 137 9 3 1 VLAN Details 138 9 4 VLAN Configuration 139 9 5 Configure a Static VLAN 13...

Page 10: ...ing Tree Protocol 166 13 6 Configure Multiple Spanning Tree Protocol 168 13 6 1 Multiple Spanning Tree Protocol Port Configuration 171 13 7 Multiple Spanning Tree Protocol Status 172 13 8 Configure Mu...

Page 11: ...18 1 Port Authentication Overview 194 18 1 1 What You Can Do 194 18 1 2 What You Need to Know 195 18 1 3 MAC Authentication 195 18 2 Port Authentication Configuration 196 18 3 Activate IEEE 802 1x Se...

Page 12: ...You Can Do 220 23 1 2 What You Need to Know 220 23 2 Configuring Queuing 221 Chapter 24 Multicast 223 24 1 Multicast Overview 223 24 1 1 What You Can Do 223 24 1 2 What You Need to Know 223 24 2 Multi...

Page 13: ...1 2 What You Need to Know 258 26 2 IP Source Guard 259 26 3 IPv4 Source Guard Setup 260 26 4 IPv4 Source Guard Static Binding 260 Chapter 27 DHCP Snooping 263 27 1 DHCP Snooping Overview 263 27 1 1 W...

Page 14: ...289 29 2 Loop Guard Setup 291 Chapter 30 VLAN Mapping 292 30 1 VLAN Mapping Overview 292 30 1 1 VLAN Mapping Example 292 30 1 2 What You Can Do 292 30 2 Enable VLAN Mapping 293 30 2 1 VLAN Mapping Co...

Page 15: ...Chapter 35 Green Ethernet 316 35 1 Green Ethernet Overview 316 35 2 Configuring Green Ethernet 316 Chapter 36 Link Layer Discovery Protocol LLDP 318 36 1 LLDP Overview 318 36 2 LLDP MED Overview 319...

Page 16: ...You Can Do 347 39 2 OAM Status 347 39 2 1 OAM Details 348 39 3 OAM Configuration 351 39 4 OAM Remote Loopback 353 Chapter 40 ZULD 354 40 1 ZULD Overview 354 40 1 1 What You Can Do 354 40 1 2 What You...

Page 17: ...Agent Information 372 44 4 2 DHCPv4 Option 82 Profile 373 44 4 3 Configuring DHCPv4 Global Relay 374 44 4 4 Configure DHCPv4 Global Relay Port 375 44 4 5 Global DHCP Relay Configuration Example 376 4...

Page 18: ...9 46 9 4 GUI based FTP Clients 400 46 9 5 FTP Restrictions 400 Chapter 47 Access Control 401 47 1 Access Control Overview 401 47 1 1 What You Can Do 401 47 2 Access Control Main Settings 401 47 3 Conf...

Page 19: ...on 435 51 4 Technical Reference 436 51 4 1 Cluster Member Switch Management 436 Chapter 52 MAC Table 439 52 1 MAC Table Overview 439 52 1 1 What You Can Do 439 52 1 2 What You Need to Know 439 52 2 Vi...

Page 20: ...457 Chapter 59 System 460 59 1 What You Can Do 460 59 2 System Information 460 59 3 General Setup 461 59 4 Cloud Management 463 Chapter 60 Port 465 60 1 What You Can Do 465 60 2 PoE Status 465 60 3 P...

Page 21: ...63 1 1 What You Can Do 499 63 2 Set Up Login Accounts 499 63 3 Remote Management 501 63 4 Configure SNMP 503 63 5 Configure SNMP Trap Group 505 63 6 Enable or Disable Sending of SNMP Traps on a Port...

Page 22: ...ide 22 65 1 Power Hardware Connections and LEDs 518 65 2 Switch Access and Login 519 65 3 Switch Configuration 520 Appendix A Customer Support 522 Appendix B Common Services 528 Appendix C IPv6 531 Ap...

Page 23: ...23 PART I User s Guide...

Page 24: ...Switch is in standalone mode it can be configured and managed by the Web Configurator through Telnet any terminal emulator program using the Command Line Interface CLI or through third party SNMP man...

Page 25: ...management system that allows you to remotely manage and monitor the Switch You may also access a minimized version of the Web Configurator in cloud mode Nebula Cloud Management To have Nebula manage...

Page 26: ...ight corner of the Switch s Web Configurator 2 Click Login in the Nebula web portal Enter your myZyxel account information You will be redirected to another screen where you can sign up for a myZyxel...

Page 27: ...ion Zyxel offers a proprietary software program called Zyxel One Network ZON Utility it is a utility tool that assists you to set up and maintain network devices in a more simple and efficient way You...

Page 28: ...HP and GS2220 50HP See Section 8 8 on page 114 for more details on the total PoE budget 1 2 Example Applications This section shows a few examples of using the Switch in various network environments N...

Page 29: ...in the near future The Switch can be used standalone for a group of heavy traffic users You can connect computers and servers directly to the Switch s port or connect other switches to the Switch In...

Page 30: ...nnecting two networks that need high bandwidth In the following example use link aggregation trunking to connect these two networks Switching to higher speed LANs such as ATM Asynchronous Transmission...

Page 31: ...In the following figure only ports that need access to the server need to be part of VLAN 1 Ports can belong to other VLAN groups too Figure 7 Shared Server Using VLAN Example 1 2 6 IPv6 Support IPv6...

Page 32: ...witch can be monitored and or managed by an SNMP manager See Section 47 7 1 on page 411 Cluster Management Cluster Management allows you to manage multiple switches through one switch called the clust...

Page 33: ...of the Switch and at least 5 cm of clearance on all four sides of the Switch This allows air circulation for cooling Do NOT block the ventilation holes nor store cables or power cords on the Switch A...

Page 34: ...les Make sure there is a power outlet nearby Cautions Avoid stacking fanless Switches to prevent overheating Ensure enough clearance around the Switch to allow air circulation for cooling Do NOT remov...

Page 35: ...nto the wall Push the anchors into the full depth of the holes then insert the screws into the anchors Do NOT insert the screws all the way in leave a small gap of about 0 5 cm If not using screw anch...

Page 36: ...be facing up or down as this position is less safe 2 5 Mounting the Switch on a Rack The Switch can be mounted on an EIA standard size 19 inch rack or in a wiring closet with other equipment Follow t...

Page 37: ...g the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the Switch lining up the four screw holes on the bracket with the screw holes on the side of the Switch Figure 9 Atta...

Page 38: ...1 Mounting the Switch on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack Note Make sure you tighten all the four screws to preve...

Page 39: ...hows you how to make the hardware connections 3 1 Front Panel Connections The following figures show the front panels of the Switch Figure 12 Front Panel GS2220 10 Figure 13 Front Panel GS2220 10HP Fi...

Page 40: ...ual Personality Interfaces Each interface has one 10 100 1000Base T copper RJ 45 port and one SFP slot with one port active at a time 10 100 1000Base T Ports Connect these ports to a computer an Ether...

Page 41: ...lly sense whether they need to function as crossover or straight ports so crossover cables can connect both computers and switches or hubs 3 1 2 PoE GS2220 10HP GS2220 28HP and GS2220 50HP The Switch...

Page 42: ...e the latch is in the lock position latch styles vary then insert the transceiver into the slot with the exposed section of PCB board facing down 4 Press the transceiver firmly until it clicks into pl...

Page 43: ...on both sides of the transceiver with a slight up or down motion and carefully slide it out of the slot If unsuccessful contact Zyxel Support to prevent damage to your Switch and transceiver 5 Insert...

Page 44: ...of the Switch Connect the female end to a serial port COM1 COM2 or other COM port of your computer You can use a computer with terminal emulation software configured to the following parameters VT100...

Page 45: ...separate from AC power lines To avoid electric surge and electromagnetic interference use a different electrical conduit or raceway tube trough or enclosed conduit for protecting electric wiring that...

Page 46: ...arth resistance of less than 10 ohms or according to your country s electrical regulations Figure 33 Connecting to the Building s Main Grounding Electrode If you are uncertain that suitable grounding...

Page 47: ...Nebula Control Center Discovery is disabled in Basic Cloud Management Nebula Control Center Discovery in the Switch s Web Configurator LOCATOR Blue On The Switch is uploading firmware While the Switc...

Page 48: ...n PoE Mode GS2220 10HP GS2220 28HP and GS2220 50HP Green On Power supplied to all PoE Ethernet ports meets the IEEE 802 3at standard Amber On Power supplied to all PoE Ethernet ports meets the IEEE 80...

Page 49: ...49 PART II Technical Reference...

Page 50: ...up windows from your device JavaScript enabled by default Java permissions enabled by default 4 2 System Login 1 Start your web browser 2 The Switch is a DHCP client by default Type http DHCP assigne...

Page 51: ...iated default password is 1234 5 The following screen appears Figure 35 Select Mode 6 Select the Web Configurator in Standard Mode that has a complete set of configuration for network installation Or...

Page 52: ...k aggregation across switches Once you click the Finish button the settings configured in the Setup Wizard screen will overwrite the existing settings Otherwise click the Exit button If you want to op...

Page 53: ...assword Enter your new system password Up to 32 characters are allowed for the new password except space or Retype to confirm Retype your new system password for confirmation General Setting Use this...

Page 54: ...th Windows 7 both 32 bit 64 bit versions Windows 8 both 32 bit 64 bit versions Windows 8 1 both 32 bit 64 bit versions Windows 10 both 32 bit 64 bit versions Note To check for your Windows operating s...

Page 55: ...the ZON Utility Click the OK button to close this screen Figure 39 Supported Devices and Versions If you want to check the supported models and firmware versions later you can click the Show informat...

Page 56: ...ity Screen 3 Select a network adapter to which your supported devices are connected Figure 41 Network Adapter 4 Click the Go button for the ZON Utility to discover all supported devices in your networ...

Page 57: ...enew IP Address Update a DHCP assigned dynamic IP address 3 Reboot Device Use this icon to restart the selected devices This may be useful when troubleshooting or upgrading new firmware 4 Reset Config...

Page 58: ...the ZON utility is installed and the utility language Table 7 ZON Utility Fields LABEL DESCRIPTION Type This field displays an icon of the kind of device discovered Model This field displays the mode...

Page 59: ...tion Use the Advanced Settings when you need to specify the VLAN for networked AV service and configure the port s role manually 4 4 1 Basic Settings In Basic Settings you can set up IP or DNS set up...

Page 60: ...tatic IP Interface when the Switch is NOT connected to a router or you want to assign it a fixed IP address VID This field displays the VLAN ID IP Address The Switch needs an IP address for it to be m...

Page 61: ...ersion on the Switch must match the version on the SNMP manager Choose SNMP version 2c v2c SNMP version 3 v3 or both v3v2c Note SNMP version 2c is backwards compatible with SNMP version 1 Get Communit...

Page 62: ...the check box and follow the diagram for connecting RJ45 ports to audio and video equipment The Inter switch Connection is for connecting to another switch Note Use the Wizard Advanced Settings Step...

Page 63: ...dress Default Gateway This field displays the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 1 254 DNS Server This field displays the DNS Domain Name System...

Page 64: ...GMP Snooping Querier This field displays Active when the Switch is allowed to send IGMP General Query messages to the VLANs with the multicast hosts attached Otherwise it displays Inactive Unknown Mul...

Page 65: ...Static IP Interface when the Switch is NOT connected to a router or you want to assign it a fixed IP address VID This field displays the VLAN ID IP Address The Switch needs an IP address for it to be...

Page 66: ...ows a manager station to manage and monitor the Switch through the network Select Disabled to turn this feature off Version Select the SNMP version for the Switch The SNMP version on the Switch must m...

Page 67: ...g Table 15 Wizard Advanced Settings Step 3 Networked AV LABEL DESCRIPTION Allocate networked AV service to a VLAN Networked AV VLAN Enter a number between 1 and 4094 to create a VLAN for the AVoIP net...

Page 68: ...ecting to other switches Click Management to assign the ports for connecting to non Audio Video equipment for example computer and NAS See Table 11 on page 62 for the default settings based on the por...

Page 69: ...ty This field displays the Set Community string Trap Community This field displays the Trap Community string Networked AV Advanced Settings Networked AV VLAN This field displays the VLAN ID for the AV...

Page 70: ...creen you are viewing currently C Click this link to save your configuration into the Switch s non volatile memory Non volatile memory is the configuration of your Switch that stays the same even if t...

Page 71: ...l Links Standard Mode LINK DESCRIPTION Basic Setting System Info This link takes you to a screen that displays general system information General Setup This link takes you to a screen where you can co...

Page 72: ...ontrol This link takes you to a screen where you can configure bandwidth limits on the Switch Broadcast Storm Control This link takes you to a screen to set up broadcast filters Mirroring This link ta...

Page 73: ...the configuration of ports on which Ethernet OAM is enabled and perform remote loopback tests ZULD This link takes you to screens where you can enable ZULD on a port and configure related settings Au...

Page 74: ...This screen displays the Switch s front panel port status connected ports used power Nebula Cloud Control status and Networked AV status SYSTEM System Information This link takes you to a screen that...

Page 75: ...hich an administrator may use a service to manage the Switch SNMP This link takes you to screens where you can specify the SNMP version and community password values configure where to send SNMP traps...

Page 76: ...memory refers to the Switch s storage that remains even if the Switch s power is turned off Note Use the Save link when you are done with a configuration session 4 7 Switch Lockout You could block yo...

Page 77: ...vior See also Table 3 on page 40 to see how to use the RESTORE button to restore the factory default file 4 8 2 Restore Custom Default Press the RESTORE button for 3 to 7 seconds to have the Switch au...

Page 78: ...GS2220 Series User s Guide 78 Click the Help link from a Web Configurator screen to view an online help description of that screen...

Page 79: ...et Port VID Configure Switch Management IP Address 5 1 1 Create a VLAN VLANs confine broadcast frames to the VLAN group in which the ports belongs You can do this with port based VLAN or tagged static...

Page 80: ...in the IP Setup screen refer to the same VLAN ID 3 Since the VLAN2 network is connected to port 1 on the Switch select Fixed to configure port 1 to be a permanent member of the VLAN only 4 To ensure t...

Page 81: ...mple network configure 2 as the port VID on port 1 so that any untagged frames received on that port get sent to VLAN 2 Figure 58 Initial Setup Network Example Port VID 1 Click Advanced Application VL...

Page 82: ...subnet for management purposes The following figure shows an example Figure 59 Initial Setup Example Management IP Address 1 Connect your computer to any Ethernet port on the Switch Make sure your co...

Page 83: ...IP address and 255 255 255 0 as the subnet mask 6 In the VID field enter the ID of the VLAN group to which you want this management IP address to belong This is the same as the VLAN ID you configure i...

Page 84: ...A connected to port 4 to assign IP addresses to all devices in VLAN network V Create a VLAN containing ports 4 5 and 6 Connect a computer M to the Switch for management Figure 60 Tutorial DHCP Snoopi...

Page 85: ...ng Fixed in the Control field as shown De select Tx Tagging because you do not want outgoing traffic to contain this VLAN tag Click Add Figure 61 Tutorial Create a VLAN and Add Ports to It 3 Go to Adv...

Page 86: ...ate and specify VLAN 100 as the DHCP VLAN as shown Click Apply Figure 63 Tutorial Specify DHCP VLAN 5 Click the Port link at the top right corner 6 The DHCP Snooping Port Configure screen appears Sele...

Page 87: ...source VLAN ID or system name you can also select an Option82 Profile in the entry Figure 65 Tutorial Enable DHCP Snooping on this VLAN 8 Click Save at the top right corner of the Web Configurator to...

Page 88: ...you have configured your DHCP server 192 168 2 3 and want to have it assign a specific IP address say 172 16 1 18 to DHCP client A based on the system name VLAN ID and port number in the DHCP request...

Page 89: ...IVE enter a descriptive name VLAN 102 for example in the Name field and enter 102 in the VLAN Group ID field 5 Select Fixed to configure port 2 to be a permanent member of this VLAN 6 Clear the TX Tag...

Page 90: ...and then the VLAN Port Setup link in the VLAN Configuration screen Figure 70 Tutorial Click the VLAN Port Setting Link 9 Enter 102 in the PVID field for port 2 to add a tag to incoming untagged frames...

Page 91: ...P Application DHCP DHCPv4 and then the Global link to open the DHCP Relay screen 2 Select the Active check box 3 Enter the DHCP server s IP address 192 168 2 3 in this example in the Remote DHCP Serve...

Page 92: ...s on a DHCP server and TFTP server first to use auto configuration Setting up a DHCP Server 1 Set up a dynamic IP addresses pool so the DHCP server will assign an IP address to the Switch in that rang...

Page 93: ...torial Enable Auto Configuration 3 You need to save the current configuration in a configuration file so the Switch will load the auto configuration file from the TFTP server automatically when reboot...

Page 94: ...see if auto configuration was performed successfully Figure 76 Tutorial Log 6 Check the screens to see if it is the configuration file you want to load If it is not go through the steps above to check...

Page 95: ...also display other status screens for more information Use the Neighbor screen Section 7 2 1 on page 97 to view a summary and manage Switch s neighbor devices Use the Neighbor Detail screen Section 7...

Page 96: ...m ss Hardware Version This field displays the hardware version number of the Switch The integer is the generation number of the Switch series and the decimal is the version of the hardware change For...

Page 97: ...PoE Usage This field displays the amount of power the Switch is currently supplying to the connected PoE enabled devices and the total power the Switch can provide to the connected PDs It also shows...

Page 98: ...ication Auto PD Recovery screen It will wait until the configured Resume Polling Interval sec has lapsed Link This shows the speed either 10M for 10 Mbps 100M for 100 Mbps or 1G for 1 Gbps and the dup...

Page 99: ...screen Figure 80 Status Neighbor Neighbor Detail Reset to Default Click the Reset button to reset the neighboring device to its factory default settings A warning message Are you sure you want to loa...

Page 100: ...ice is a powered device PD Remote System Name This shows the system name of the neighbor device Model This shows the model name of the neighbor device This field will show for devices that do not supp...

Page 101: ...ess default gateway device management VLAN ID and proxy server Use the Port Setup screen Section 8 7 on page 112 to configure Switch port settings Use the PoE Setup screens Section 8 8 on page 114 to...

Page 102: ...itch s current firmware including the date created Ethernet Address This field refers to the Ethernet MAC Media Access Control address of the Switch CPU Utilization CPU utilization quantifies how busy...

Page 103: ...e to stay within the temperature threshold Each fan has a sensor that is capable of detecting and reporting if the fan speed falls below the threshold shown Current This field displays this fan s curr...

Page 104: ...aytime RFC 867 format the Switch displays the day month year and time with no time zone adjustment When you use this format it is recommended that you use a Daytime timeserver within your geographical...

Page 105: ...24 hour format Here are a couple of examples Daylight Saving Time starts in most parts of the United States on the second Sunday of March Each time zone in the United States starts using Daylight Sav...

Page 106: ...ey age out and must be relearned ARP Aging Time Aging Time Enter a time from 60 to 1000000 seconds This is how long dynamically learned ARP entries remain in the ARP table before they age out and must...

Page 107: ...e 802 1p To map a priority level to a physical queue select a physical queue from the drop down menu on the right Priority 7 Typically used for network control traffic such as router configuration mes...

Page 108: ...ber of an entry IP Address This field displays the IP address of the Switch in the IP domain IP Subnet Mask This field displays the subnet mask of the Switch in the IP domain VID This field displays t...

Page 109: ...use the current dynamic IP address from the DHCP server Renew Time This displays the length of time from the lease start that the Switch will request to renew its current dynamic IP address from the D...

Page 110: ...entifier on the DHCP server The Switch adds it in the initial DHCP discovery message that a DHCP client broadcasts in search of an IP address The DHCP server can assign different IP addresses or optio...

Page 111: ...of your Switch in dotted decimal notation for example 255 255 255 0 VID Enter the VLAN identification number to which an IP routing domain belongs Default Gateway Enter the IP address of the default o...

Page 112: ...the host name up to 128 alphanumeric characters are allowed for the Server including special characters inside the square quotes _ Port Enter the port number of the proxy server 1 65535 Authentication...

Page 113: ...ated in some Web Configurator screens Speed Duplex Select the speed and the duplex mode of the Ethernet connection on this port Choices are Auto 10 an 10M auto negotiation 10M Half Duplex 10M Full Dup...

Page 114: ...ily stop sending signals when the receiving port memory buffers fill Back Pressure flow control is typically used in half duplex mode to send a collision signal to the sending port mimicking a state o...

Page 115: ...r the Switch can supply When PoE usage reaches 100 the Switch will shut down PDs one by one according to the PD priority which you configured in Basic Setting PoE Setup PoE Usage Threshold This field...

Page 116: ...7 W can be extended to 9 W Class 3 default 0 44 W to 15 4 W can be extended to 17 8 W Class 4 default 0 44 W to 30 W can be extended to 32 8 W Priority When the total power requested by the PDs excee...

Page 117: ...o provide power on the port To select more than one schedule press SHIFT and select the choices at the same time Apply Click Apply to save your changes to the Switch s run time memory The Switch loses...

Page 118: ...Class 4 or 22 W IEEE 802 3af Classes 0 to 3 PoE Usage Threshold Enter a number ranging from 1 to 99 to set the threshold The Switch will generate a trap and or log when the actual PoE usage is higher...

Page 119: ...mW Specify the maximum amount of power the PD could use from the Switch on this port If you leave this field blank the Switch refers to the standard or default maximum power for each class Note The s...

Page 120: ...interface To have IPv6 function properly you should configure a static VLAN with the same ID number in the Advanced Application VLAN screens Add Click this to create a new entry This saves your chang...

Page 121: ...status and detailed information Click an interface index number in the Basic Setting IPv6 screen The following screen opens Table 38 Basic Setting IPv6 LABEL DESCRIPTION IPv6 Status Domain Name Serve...

Page 122: ...If the bucket is full subsequent error messages are suppressed ICMPv6 Rate Limit Error Interval This field displays the time period in milliseconds during which ICMPv6 error messages of up to the buck...

Page 123: ...AID and associated IP information T1 This field displays the DHCPv6 T1 timer After T1 the Switch sends the DHCPv6 server a Renew message An IA_NA option contains the T1 and T2 fields but an IA_TA opti...

Page 124: ...Switch IPv6 Interface Setup Click the link to go to a screen where you can enable an IPv6 interface on the Switch IPv6 Addressing IPv6 Link Local Address Setup Click the link to go to a screen where...

Page 125: ...o the bucket size can be transmitted 0 means no limit Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use th...

Page 126: ...LABEL DESCRIPTION Table 43 Basic Setting IPv6 IPv6 Configuration IPv6 Link Local Address Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure Link Local Address Manually...

Page 127: ...me Server values in this screen to their last saved values Interface Select the IPv6 interface you want to configure IPv6 Global Address Manually configure a static IPv6 global address for the interfa...

Page 128: ...ou want to configure DAD Attempts The Switch uses Duplicate Address Detection DAD with neighbor solicitation and advertisement messages to check whether an IPv6 address is already in use before assign...

Page 129: ...supports the VLAN interface type for IPv6 at the time of writing Interface ID Specify a unique identification number from 1 to 4094 for the interface A static IPv6 neighbor entry displays in the Mana...

Page 130: ...hbor Setup continued LABEL DESCRIPTION Table 47 Basic Setting IPv6 IPv6 Configuration DHCPv6 Client Setup LABEL DESCRIPTION Interface Select the IPv6 interface you want to configure IA Type Select IA...

Page 131: ...Nebula Center Control Discovery Click Basic Setting Cloud Management Nebula Control Center Discovery to display this screen Cancel Click Cancel to begin configuring this screen afresh Clear Click Cle...

Page 132: ...hedule for the Switch on the NCC Below is the process for upgrading firmware 1 Download firmware through the NCC 2 Upgrade the firmware and reboot Note While the Switch is rebooting do NOT turn off th...

Page 133: ...on 9 7 on page 142 to set up VLANs that allow you to group traffic into logical VLANs based on the source IP subnet you specify Use the Protocol Based VLAN Setup screen Section 9 8 on page 145 to set...

Page 134: ...only the priority level is significant and the default VID of the ingress port is given as the VID of the frame Of the 4096 possible VIDs a VID of 0 is used to identify priority frames and value 4095...

Page 135: ...VLAN group tags However with VLAN Trunking enabled on ports in each intermediary switch you only need to create VLAN groups in the end devices A and B C D and E automatically allow frames with VLAN gr...

Page 136: ...e VLAN rules in sequence The sequence priority of the VLANs is 1 Vendor ID Based VLAN 2 Voice VLAN 3 Subnet Based VLAN 4 Protocol Based VLAN 5 MAC Based VLAN If the packet matches a VLAN rule that has...

Page 137: ...the labels in this screen Table 49 Advanced Application VLAN VLAN Status LABEL DESCRIPTION VLAN Search by VID Enter an existing VLAN ID numbers use a comma to separate individual VLANs or a dash to in...

Page 138: ...o show the previous or next screen if all status information cannot be seen in one screen Table 49 Advanced Application VLAN VLAN Status continued LABEL DESCRIPTION Table 50 Advanced Application VLAN...

Page 139: ...the screen as shown next Table 51 Advanced Application VLAN VLAN Configuration LABEL DESCRIPTION Static VLAN Setup Click Click Here to configure the Static VLAN for the Switch VLAN Port Setup Click Cl...

Page 140: ...rt number identifies the port you are configuring Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the commo...

Page 141: ...done configuring Cancel Click Cancel to begin configuring this screen afresh Clear Click Clear to start configuring the screen again VID This field displays the ID number of the VLAN group Click the...

Page 142: ...x is selected the Switch discards incoming frames on a port for VLANs that do not include this port in its member set Clear this check box to disable ingress filtering PVID A PVID Port VLAN ID is a ta...

Page 143: ...received from IP subnet 172 16 1 0 24 voice services You also have a subnet based VLAN with priority 5 and VID of 200 for traffic received from IP subnet 192 168 1 0 24 video services Lastly you conf...

Page 144: ...nter the IP address of the subnet for which you want to configure this subnet based VLAN Mask Bits Enter the bit number of the subnet mask To find the bit number convert the subnet mask to binary form...

Page 145: ...rouped together and all upstream Apple Talk traffic from port 6 and 7 will be in another group and have higher priority than ARP traffic when they go through the uplink port to a backbone switch C Fig...

Page 146: ...VLAN which you defined in the Advanced Application VLAN screens Priority Select the priority level that the Switch will assign to frames belonging to this VLAN Add Click this to create a new entry or...

Page 147: ...when the incoming port and VLAN tag belongs to a voice VLAN It then checks the source packet s MAC address against an OUI list If a match is found the packet is considered as a voice packet You can s...

Page 148: ...Click Clear to reset the fields to default settings Voice VLAN OUI Setup OUI address Enter the IP phone manufacturer s OUI MAC address The first 3 byes is the manufacturer identifier the last 3 bytes...

Page 149: ...ss that is bind to the MAC based VLAN entry This is the source MAC address of the data packet that is looked up when untagged packets arrive at the Switch VID Type an ID from 1 to 4094 for the VLAN th...

Page 150: ...above screen Table 58 Advanced Application VLAN VLAN Configuration Vendor ID Based VLAN Setup LABEL DESCRIPTION Name Type a name up to 32 alpha numeric characters for the vendor ID based VLAN entry MA...

Page 151: ...in the Basic Setting Switch Setup screen and then click Advanced Application VLAN from the navigation panel to display the next screen Cancel Click Cancel to clear the fields in the vendor ID based V...

Page 152: ...Chapter 9 VLAN GS2220 Series User s Guide 152 Figure 123 Advanced Application VLAN Port Based VLAN Setup All Connected Figure 124 Advanced Application VLAN Port Based VLAN Setup Port Isolation...

Page 153: ...hat is a port through which a data packet enters If you wish to allow two subscriber ports to talk to each other you must define the ingress port for both ports The numbers in the top row denote the i...

Page 154: ...Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address rules you are s...

Page 155: ...the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to their last saved values Clear Click Clear to begin con...

Page 156: ...roup A static multicast address is a multicast MAC address that has been manually entered in the multicast table Static multicast addresses do not age out Static multicast forwarding allows you the ad...

Page 157: ...rwarding to Multiple Ports 11 2 Configure Static Multicast Forwarding Use this screen to configure rules to forward specific multicast frames such as streaming or control frames to specific ports Clic...

Page 158: ...5 and 7 Add Click this to create a new entry or to update an existing one This saves your rule to the Switch s run time memory The Switch loses this rule if it is turned off or loses power so use the...

Page 159: ...rce and or destination MAC addresses and VLAN group ID 12 1 1 What You Can Do Use the Filtering screen Section 12 2 on page 159 to create rules for traffic going through the Switch 12 2 Configure a Fi...

Page 160: ...an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your...

Page 161: ...rotocol Status screen Section 13 4 on page 165 to view the RSTP status Use the Rapid Spanning Tree Protocol screen Section 13 5 on page 166 to configure RSTP settings Use the Multiple Spanning Tree Pr...

Page 162: ...e is selected This bridge has the lowest cost to the root among the bridges connected to the LAN How STP Works After a bridge determines the lowest cost spanning tree with STP it enables the root port...

Page 163: ...s of existing spanning tree protocols STP and RSTP in networks to include the following features One Common and Internal Spanning Tree CIST that represents the entire network s connectivity Grouping o...

Page 164: ...on Use the Spanning Tree Configuration screen to activate one of the STP modes on the Switch Click Configuration in the Advanced Application Spanning Tree Protocol Figure 133 Advanced Application Span...

Page 165: ...ID This is the unique identifier for this bridge consisting of bridge priority plus MAC address This ID is the same for Root and Our Bridge if the Switch is the root switch Hello Time second This is...

Page 166: ...s different from using the root port The port moves to the forwarding state when the designated port for the LAN segment fails Backup A blocked port which has a backup or redundant path to a LAN segme...

Page 167: ...same priority the Switch with the lowest MAC address will then become the root switch Select a value from the drop down list box The lower the numeric value you assign the higher the priority for this...

Page 168: ...istening and learning states right after the port is configured as an edge port or when its link status changes Note An edge port becomes a non edge port as soon as it receives a Bridge Protocol Data...

Page 169: ...Spanning Tree Protocol MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen Port Click Port to display the MSTP Port screen Active Select this check box to activate MSTP on the...

Page 170: ...ng Cancel Click Cancel to begin configuring this screen afresh Instance Use this section to configure MSTI Multiple Spanning Tree Instance settings Instance Enter the number you want to use to identif...

Page 171: ...ncel to begin configuring this screen afresh Instance This field displays the ID of an MST instance VLAN This field displays the VID or VID ranges to which the MST instance is mapped Active Port This...

Page 172: ...ecomes a non edge port as soon as it receives a Bridge Protocol Data Unit BPDU Root Guard Select this check box to enable root guard on this port in order to prevent the switches attached to the port...

Page 173: ...r Root and Our Bridge if the Switch is the root switch Hello Time second This is the time interval in seconds at which the root switch transmits a configuration message The root bridge determines Hell...

Page 174: ...TP Root A forwarding port on a non root bridge which has the lowest path cost and is the best port from the non root bridge to the root bridge A root bridge does not have a root port Designated A forw...

Page 175: ...The switch with the highest priority lowest numeric value becomes the STP root switch If all switches have the same priority the switch with the lowest MAC address will then become the root switch Se...

Page 176: ...ing state immediately without going through listening and learning states right after the port is configured as an edge port or when its link status changes Note An edge port becomes a non edge port a...

Page 177: ...d This is the maximum time in seconds the Switch can wait without receiving a configuration message before attempting to reconfigure Forwarding Delay second This is the time in seconds the root switch...

Page 178: ...g state when the designated port for the LAN segment fails Backup A blocked port which has a backup or redundant path to a LAN segment where a designated port is already connected when a switch has tw...

Page 179: ...on is increased by one Internal path cost of paths within this region is increased by one when BPDUs traverse the region Devices that belong to the same MST region are configured to have the same MSTP...

Page 180: ...t is equivalent to a spanning tree in an STP RSTP The CIST is the default MST instance MSTID 0 Any VLANs that are not members of an MST instance are members of the CIST In an MSTP enabled network ther...

Page 181: ...ining a maximum allowable bandwidth for incoming and or out going traffic flows on a port 14 1 1 What You Can Do Use the Bandwidth Control screen Section 14 2 on page 181 to limit the bandwidth for tr...

Page 182: ...djustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Active Select this check box to activate ingress rate limits on this port Ingress Rate...

Page 183: ...and or DLF packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast and or DLF packets in your network You can specify limits for each packe...

Page 184: ...ments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Broadcast pkt s Select this option and specify how many broadcast packets the port receives...

Page 185: ...o a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference 16 2 Port Mirroring Setup Click Advanced Application Mirroring in...

Page 186: ...ts Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row a...

Page 187: ...transmitting data as one logical link in the trunk group and so on Use the Link Aggregation Setting screen Section 17 3 on page 189 to configure static link aggregation Use the Link Aggregation Contro...

Page 188: ...ology loops Link Aggregation ID LACP aggregation ID consists of the following information1 17 2 Link Aggregation Status Click Advanced Application Link Aggregation in the navigation panel The Link Agg...

Page 189: ...ty and port number The ID displays only when there is a port belonging to this trunk group and LACP is also enabled for this group Criteria This shows the outgoing traffic distribution algorithm used...

Page 190: ...uter the packet s destination or source MAC address will be changed In this case set the Switch to distribute traffic based on its IP address to make sure port trunking can work properly Select src ma...

Page 191: ...you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 79 Advanced Application Link Aggregation Link Aggregation Setting continued LABEL DESCRIPTION Table 80 Advanc...

Page 192: ...for a trunk Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the co...

Page 193: ...Chapter 17 Link Aggregation GS2220 Series User s Guide 193 Figure 152 Trunking Example Configuration Screen Your trunk group 1 T1 configuration is now complete...

Page 194: ...thentication Strict The client authenticates using both IEEE 802 1x authentication and MAC Authentication Note All types of authentication use the RADIUS Remote Authentication Dial In User Service RFC...

Page 195: ...Switch prompts the client for login information in the form of a user name and password after the client responds to its identity request When the client provides the login credentials the Switch send...

Page 196: ...the RADIUS server settings in the AAA RADIUS Server Setup screen Click Advanced Application Port Authentication in the navigation panel to display the screen as shown Select a port authentication meth...

Page 197: ...ant to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as...

Page 198: ...on exchange Tx period secs Specify the number of seconds the Switch waits for client s response before re sending an identity request to the client Supp Timeout secs Specify the number of seconds the...

Page 199: ...th the MAC address of a client for authentication with the RADIUS server You can enter up to 32 printable ASCII characters except or Timeout Specify the amount of time before the Switch allows a clien...

Page 200: ...Figure 158 Guest VLAN Example Use this screen to enable and assign a guest VLAN to a port In the Port Authentication screen click Guest Vlan to display the configuration screen as shown Figure 159 Adv...

Page 201: ...o access limited network resources through the Switch You must also enable IEEE 802 1x authentication on the Switch and the associated ports Enter the number that identifies the guest VLAN Make sure t...

Page 202: ...basis Changes in this row are copied to all the ports as soon as you make them Compound Authentication Mode Specify how the Switch authenticates clients for network access Select Strict to allow netw...

Page 203: ...vidual ports other than the sum cannot exceed 32K For maximum port security enable this feature disable MAC address learning and configure static MAC addresses for a port It is not recommended you dis...

Page 204: ...ck box to enable the port security feature on this port The Switch forwards packets whose MAC addresses is in the MAC address table on this port Packets with no matching MAC addresses are dropped Clea...

Page 205: ...ules One time schedules are effective only once while recurring schedules usually repeat Both types of schedules are based on the current date and time in the Switch 20 1 1 What You Can Do Use the Tim...

Page 206: ...the week hour and minute when the schedule begins and ends respectively Select the second option if you want to define a recurring schedule for multiple non consecutive time periods You need to select...

Page 207: ...Need to Know Quality of Service QoS refers to both a network s ability to deliver data with minimum delay and the networking methods used to control the use of bandwidth Without QoS all traffic data i...

Page 208: ...umber of the rule Click an index number to edit the rule Active This field displays Yes when the rule is activated and No when it is deactivated Weight This field displays the rule s weight This is to...

Page 209: ...88 Advanced Application Classifier Classifier Configuration LABEL DESCRIPTION Active Select this option to enable this rule Name Enter a descriptive name for this rule for identifying purposes Weight...

Page 210: ...enter the source MAC address of the packet in valid MAC address format six hexadecimal character pairs and type the mask for the specified MAC address to determine which bits a packet s MAC address sh...

Page 211: ...e number of ones in the subnet mask A subnet mask can be represented in a 32 bit notation For example the subnet mask 255 255 255 0 can be represented as 11111111 11111111 11111111 00000000 and counti...

Page 212: ...dex number of the rule Click an index number to edit the rule Active This field displays Yes when the rule is activated and No when it is deactivated Weight The field displays the priority of the rule...

Page 213: ...able 91 Common IP Protocol Types and Protocol Numbers PROTOCOL TYPE PROTOCOL NUMBER ICMP 1 TCP 6 UDP 17 EGP 8 L2TP 115 Table 92 Common TCP and UDP Port Numbers PROTOCOL NAME TCP UDP PORT NUMBER FTP 21...

Page 214: ...f the time period in seconds to count matched packets for a classifier rule Enter an integer from 0 65535 0 means that no logging is done Apply Click Apply to save your changes to the Switch s run tim...

Page 215: ...assifier GS2220 Series User s Guide 215 Figure 167 Classifier Example After you have configured a classifier you can configure a policy in the Policy screen to define actions on the classified traffic...

Page 216: ...iffServ compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state information for every flow In addition applicatio...

Page 217: ...ed Application Policy Rule LABEL DESCRIPTION Active Select this option to enable the policy Name Enter a descriptive name for identification purposes Classifier s This field displays the active classi...

Page 218: ...on port 3 If Policy 1 applies to Class 1 and the action is to drop the packets Policy 2 applies to Class 2 and the action is to forward the packets to the egress port the Switch will forward the pack...

Page 219: ...ex This field displays the policy index number Click an index number to edit the policy Active This field displays Yes when policy is activated and No when is it deactivated Name This field displays t...

Page 220: ...Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empty then traffic on lower priority queues never gets sent SPQ does not automatically adapt to changing net...

Page 221: ...traffic than it can handle Queues with larger weights get more service than queues with smaller weights This queuing mechanism is highly efficient in that it divides any available bandwidth across the...

Page 222: ...in the Weight field Queues with larger weights get more guaranteed bandwidth than queues with smaller weights Weighted Round Robin Scheduling services queues on a rotating basis based on their queue w...

Page 223: ...een Section 24 3 on page 227 to view IPv4 multicast group information Use the IGMP Snooping screen Section 24 3 1 on page 228 to enable IGMP snooping to forward group multicast traffic only to ports t...

Page 224: ...any VLANs The Switch then performs IGMP snooping on the first 16 VLANs that send IGMP packets This is referred to as auto mode Alternatively you can specify the VLANs that IGMP snooping should be perf...

Page 225: ...signed for applications such as Media on Demand MoD that use multicast traffic across an Ethernet ring based service provider network MVR allows one single multicast VLAN to be shared among different...

Page 226: ...ng figure shows a multicast television example where a subscriber device such as a computer in VLAN 1 receives multicast traffic from the streaming media server S through the Switch Multiple subscribe...

Page 227: ...Application Multicast IPv4 Multicast to display the screen as shown This screen shows the IPv4 multicast group information See Section 24 1 on page 223 for more information on multicasting Figure 174...

Page 228: ...cribes the labels in this screen Table 97 Advanced Application Multicast IPv4 Multicast LABEL DESCRIPTION Index This is the index number of the entry VID This field displays the multicast VLAN ID Port...

Page 229: ...0 7 to which the Switch changes the priority in outgoing IGMP control packets Otherwise select No Change to not replace the priority IGMP Filtering Select Active to enable IGMP filtering to control wh...

Page 230: ...ut an IGMP Group Specific Query GSQ message to determine whether other hosts connected to the port should remain in the specific multicast group The Switch forwards the query message to all hosts conn...

Page 231: ...MP multicast router or server The Switch forwards IGMP join or leave packets to an IGMP query port Select Auto to have the Switch use the port as an IGMP query port if the port receives IGMP query pac...

Page 232: ...ping in the Multicast IPv4 Multicast IGMP Snooping screen first Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power...

Page 233: ...a new entry This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your chan...

Page 234: ...ys the multicast VLAN ID Port This field displays the port number that belongs to the multicast group Multicast Group This field displays IP multicast group addresses Group Timeout This field displays...

Page 235: ...e is used to calculate the amount of time an MLD snooping membership entry learned only on the upstream port can remain in the forwarding table When an MLD Report message is received the Switch sets t...

Page 236: ...essage is received When an MLD Done message is received the Switch sets the entry s lifetime to be the product of Last Member Query Interval and Robustness Variable Downstream Query Interval Enter the...

Page 237: ...es in this row are copied to all the ports as soon as you make them Port Role A port on the Switch can be either a Downstream port or Upstream port in MLD A downstream port connects to MLD hosts and a...

Page 238: ...from a host Fast Leave Timeout Enter the fast leave timeout in milliseconds for the specified downstream ports This defines how many seconds the Switch waits for an MLD report before removing an MLD s...

Page 239: ...mber of multicast groups this port is allowed to join Max Group Num Enter the number of multicast groups this port is allowed to join Once a port is registered in the specified number of multicast gro...

Page 240: ...ss Type the ending multicast IPv6 address for a range of IPv6 addresses that you want to belong to the MLD filtering profile If you want to add a single multicast IPv6 address enter it in both the Sta...

Page 241: ...iority Select a priority level 0 7 with which the Switch replaces the priority in outgoing IGMP or MLD control packets belonging to this multicast VLAN Mode Specify the MVR mode on the Switch Choices...

Page 242: ...his to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on...

Page 243: ...ges if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin confi...

Page 244: ...S Computers A B and C in VLAN 1 are able to receive the traffic Figure 186 MVR Configuration Example To configure the MVR settings on the Switch create a multicast VLAN in the MVR screen and set the r...

Page 245: ...Chapter 24 Multicast GS2220 Series User s Guide 245 Figure 188 MVR Group Configuration Example 1 Figure 189 MVR Group Configuration Example 2 EXAMPLE EXAMPLE...

Page 246: ...TACACS authentication settings Use the AAA Setup screen Section 25 5 on page 251 to configure authentication authorization and accounting settings such as the methods used to authenticate users acces...

Page 247: ...to validate an unlimited number of users from a central location The following table describes some key differences between RADIUS and TACACS 25 2 AAA Screens The AAA screens allow you to enable auth...

Page 248: ...e RADIUS servers that it sends authentication requests to Timeout Specify the amount of time in seconds that the Switch waits for an authentication request response from the RADIUS server If you are u...

Page 249: ...dotted decimal notation UDP Port The default port of a RADIUS accounting server for accounting is 1813 You need not change this value unless your network administrator instructs you to do so Shared S...

Page 250: ...ication and you are using two TACACS servers then the timeout value is divided between the two TACACS servers For example if you set the timeout value to 30 seconds then the Switch waits for a respons...

Page 251: ...our network administrator instructs you to do so Shared Secret Specify a password up to 32 alphanumeric characters except or as the key to be shared between the external TACACS accounting server and t...

Page 252: ...set up the corresponding database correctly first You can specify up to three methods for the Switch to authenticate administrator accounts The Switch checks the methods in the order you configure th...

Page 253: ...pecified event types Broadcast Select this to have the Switch send accounting information to all configured accounting servers at the same time If you do not select this and you have two accounting se...

Page 254: ...attributes on the RADIUS server refer to your RADIUS server documentation to assign a port on the Switch to a VLAN based on IEEE 802 1x authentication The port VLAN settings are fixed and untagged Thi...

Page 255: ...following sections list the attributes sent from the Switch to the RADIUS server when performing authentication 25 6 3 1 Attributes Used for Authenticating Privilege Access User Name The format of the...

Page 256: ...0000001 date 2007 04 19 time 17 21 03 serial number 00000001 Acct Delay Time 25 6 4 2 Attributes Used for Accounting Exec Events The attributes are listed in the following table along with the time th...

Page 257: ...Cause Table 116 RADIUS Attributes Exec Events through Telnet SSH continued ATTRIBUTE START INTERIM UPDATE STOP Table 117 RADIUS Attributes Exec Events through Console ATTRIBUTE START INTERIM UPDATE S...

Page 258: ...e following features Static bindings Use this to create static bindings in the binding table DHCP snooping Use this to filter unauthorized DHCP packets on the network and to build the binding table dy...

Page 259: ...tic bindings configure DHCP snooping or ARP inspection and look at various statistics IPv6 Source Binding Status Click the link to open a screen where you can view the current IPv6 dynamic and static...

Page 260: ...LAN ID as an existing static binding the new static binding replaces the original one To open this screen click Advanced Application IP Source Guard IPv4 Source Guard Setup Static Binding Table 119 Ad...

Page 261: ...comma ARP entries learned on the specified ports are added to the static bindings table after you click ARP Freeze VLAN List Select this and enter the ID number of the VLANs separated by a comma ARP e...

Page 262: ...ss This field displays the source MAC address in the binding Port This field displays the port number Lease This field displays how long the binding is valid Type This field displays how the Switch le...

Page 263: ...tics about the DHCP snooping database Use this DHCP Snooping Configure screen Section 27 3 on page 266 to enable DHCP snooping on the Switch not on specific VLAN specify the VLAN where the default DHC...

Page 264: ...the DHCP snooping database You can configure them in the DHCP Snooping Configure screen Agent URL This field displays the location of the DHCP snooping database Write delay timer This field displays h...

Page 265: ...ad the DHCP snooping database when the Switch started up or a new URL is configured for the DHCP snooping database Successful transfers This field displays the number of times the Switch read bindings...

Page 266: ...plays the last time the Switch ignored any bindings for any reason from the DHCP binding database Total ignored bindings counters This section displays the reasons the Switch has ignored bindings any...

Page 267: ...o occur before the current update has finished successfully or timed out In this case the Switch waits to start the next update until it completes the current one Agent URL Enter the location of the D...

Page 268: ...connected to DHCP servers or other switches and the Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high Untrusted ports are connected to subscribe...

Page 269: ...AN in the range specified above If you configure the VLAN the settings are applied to all VLANs Enabled Select Yes to enable DHCP snooping on the VLAN You still have to enable DHCP snooping on the Swi...

Page 270: ...CP VLAN if specified or VLAN You can specify the DHCP VLAN in the DHCP Snooping Configure screen Note The profile you select here has priority over the one you select in the DHCP Snooping Configure VL...

Page 271: ...ER ACK or NACK The source MAC address and source IP address in the packet do not match any of the current bindings The packet is a RELEASE or DECLINE packet and the source MAC address and source port...

Page 272: ...ce VLAN ID 2 bytes System name up to 32 bytes This information is stored in an Agent Information field in the option 82 field of the DHCP headers of client DHCP request frames When the DHCP server res...

Page 273: ...s LABEL DESCRIPTION Total number of filters This field displays the current number of MAC address filters that were created because the Switch identified unauthorized ARP packets Index This field disp...

Page 274: ...icates a range of VLANs For example 3 4 or 3 9 Search Click this to display the specified range of VLANs in the section below The Number of VLAN This is the number of VLANs that match the searching cr...

Page 275: ...log message Port This field displays the source port of the ARP packet VID This field displays the source VLAN ID of the ARP packet Sender MAC This field displays the source MAC address of the ARP pa...

Page 276: ...ber of log messages in the Switch exceeds this number the Switch stops recording log messages and simply starts counting the number of entries that were dropped due to unavailable buffer Click Clearin...

Page 277: ...itch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click...

Page 278: ...al settings have no effect on trusted ports Rate pps Specify the maximum rate 1 2048 packets per second at which the Switch receives ARP packets from each port The Switch discards any additional ARP p...

Page 279: ...ou want to manage in the section below Use a comma to separate individual VLANs or a dash to indicates a range of VLANs For example 3 4 or 3 9 Search Click this to display the specified range of VLANs...

Page 280: ...refix address to remove the dynamic entries snooped with the specified Prefix address Flush Click this to remove dynamic IPv6 source binding entries according to your selections Cancel Click this to r...

Page 281: ...g If this binding does not check this field select Any Note You cannot choose Any for all three of MAC Address VLAN and Port You must fill in at least one VLAN Enter the source VLAN ID in the binding...

Page 282: ...screen Select an entry s check box to select a specific entry Otherwise select the check box in the table heading row to select all entries Delete Select an entry check box and click Delete to remove...

Page 283: ...for this IPv6 source guard policy Link Local This field displays the Link Local traffic status for this IPv6 source guard policy Select an entry s check box to select a specific entry Otherwise select...

Page 284: ...configuring Cancel Click this to reset the values in this screen to their last saved values Table 135 Advanced Application IP Source Guard IPv6 Source Guard Port Setup LABEL DESCRIPTION Table 136 Adva...

Page 285: ...specified entry Cancel Click this to clear the Delete check boxes above Table 136 Advanced Application IP Source Guard IPv6 Snooping Policy Setup continued LABEL DESCRIPTION Table 137 Advanced Applica...

Page 286: ...ed ports for DHCP snooping If you do not select this then IPv6 DHCP Trust is not used and all ports are automatically trusted Port Setting Port This field displays the port number Settings in this row...

Page 287: ...through computer X Computer X can read and alter the information passed between them 28 11 1 1 ARP Inspection and MAC Address Filters When the Switch identifies an unauthorized ARP packet it automati...

Page 288: ...e sender s information in the ARP packet does not match any of the current bindings The rate at which ARP packets arrive is too high 28 11 1 3 Syslog The Switch can send syslog messages to the specifi...

Page 289: ...n the edge of your network This can occur when a port is connected to a Switch that is in a loop state Loop state occurs as a result of human error It happens when two ports on a switch are connected...

Page 290: ...eturns to port N on A The Switch then shuts down port N to ensure that the rest of the network is not affected by the switch in loop state Figure 220 Loop Guard Probe Packet The Switch also shuts down...

Page 291: ...his row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copie...

Page 292: ...t uplink port If the incoming packets are untagged or tagged but do not match an entry in the VLAN mapping table the Switch does not translate the existing VLAN ID and uses the MAC table and or VLAN t...

Page 293: ...ch Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common sett...

Page 294: ...s to the untagged packets Add Click this to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off o...

Page 295: ...5 Delete Check the rules that you want to remove in the Delete column and then click the Delete button Cancel Click Cancel to clear the Delete check boxes Table 141 Advanced Application VLAN Mapping V...

Page 296: ...packets 31 1 2 What You Need to Know Layer 2 protocol tunneling L2PT is used on the service provider s edge devices L2PT allows edge switches 1 and 2 in the following figure to tunnel layer 2 STP Span...

Page 297: ...ing Mode Each port can have two layer 2 protocol tunneling modes Access and Tunnel The Access port is an ingress port on the service provider s edge device 1 or 2 in Figure 227 on page 297 and connect...

Page 298: ...ld displays the port number means all ports Use this row to make the setting the same for all ports Use this row first and then make adjustments on a port by port basis Note Changes in this row are co...

Page 299: ...of a link Mode Select Access to have the Switch encapsulate the incoming layer 2 protocol packets and forward them to the tunnel ports Select Access for ingress ports at the edge of the service provi...

Page 300: ...n PPPoE screen Use the Intermediate Agent screen Section 32 3 on page 303 to enable the PPPoE Intermediate Agent on the Switch Use the PPPoE IA Per Port screen Section 32 3 1 on page 304 to set the po...

Page 301: ...cuit ID Syntax with Identifier String and Variables If you do not configure a Circuit ID string for a VLAN on a specific port or for a specific port the Switch adds the user defined identifier string...

Page 302: ...erminate packet is sent from a PPPoE server and received on a trusted port the Switch forwards it to all other ports If a PADI or PADR packet is sent from a PPPoE client but received on a trusted port...

Page 303: ...N on a port in the Advanced Application PPPoE Intermediate Agent Port VLAN screen has priority over this That means if you also want to configure PPPoE IA Per Port or Per Port Per VLAN setting leave t...

Page 304: ...s the labels in this screen Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top nav...

Page 305: ...PADO and PADS packets which are sent from a PPPoE server but received on an untrusted port Circuit id Enter a string of up to 63 ASCII characters that the Switch adds into the Agent Circuit ID sub op...

Page 306: ...is field displays the VLAN ID of each VLAN in the range specified above If you configure the VLAN the settings are applied to all VLANs Use this row to make the setting the same for all VLANs Use this...

Page 307: ...ettings are applied to all VLANs Use this row to make the setting the same for all VLANs Use this row first and then make adjustments on a VLAN by VLAN basis Changes in this row are copied to all the...

Page 308: ...p guard or CPU protection allow the Switch to shut down a port or discard specific packets on a port when an error is detected on the port For example if the Switch detects that packets sent out the p...

Page 309: ...Errdisable Status in the Advanced Application Errdisable screen to display the screen as shown Table 152 Advanced Application Errdisable LABEL DESCRIPTION Errdisable Status Click this link to view wh...

Page 310: ...want to configure Errdisable Status Cause This displays the type of the control packet received on the port or the feature enabled on the port and causing the Switch to take the specified action Activ...

Page 311: ...Status This field displays the errdisable status Forwarding The Switch is forwarding packets Rate limitation mode is always in Forwarding status Err disable The Switch disables the port on which the c...

Page 312: ...r loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh...

Page 313: ...LABEL DESCRIPTION Active Select this option to turn on the error disable recovery function on the Switch Reason This field displays the supported features that allow the Switch to shut down a port or...

Page 314: ...her ports in this VLAN to the isolated port list and blocks traffic between the isolated ports A promiscuous port can communicate with any port in the same VLAN An isolated port can communicate with t...

Page 315: ...ary table below and save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your ch...

Page 316: ...sent a WAKE signal is sent to the link partner to return the link to active mode Auto Power Down Auto Power Down turns off almost all functions of the port s physical layer functions when the link is...

Page 317: ...e same for all ports Use this row first and then make adjustments to each port if necessary Changes in this row are copied to all the ports as soon as you make them EEE Select this to activate Energy...

Page 318: ...e form of TLV Type Length Value Device information carried in the received LLDPDUs is stored in the standard MIB The Switch supports these basic management TLVs End of LLDPDU mandatory Chassis ID mand...

Page 319: ...d easy trouble shooting for mis configured IP addresses There are three classes of endpoint devices that the LLDP MED supports Class I IP Communications Controllers or other communication related serv...

Page 320: ...next Figure 244 Advanced Application LLDP The following table describes the labels in this screen Table 159 Advanced Application LLDP LABEL DESCRIPTION LLDP LLDP Local Status Click here to show a scre...

Page 321: ...D LLDP MED Configuration Click here to show a screen to configure LLDP MED Link Layer Discovery Protocol for Media Endpoint Devices parameters LLDP MED Network Policy Click here to show a screen to co...

Page 322: ...Supported Bridge System Capabilities Enabled Bridge Management Address TLV The Management Address TLV identifies an address associated with the local LLDP agent that may be used to reach higher layer...

Page 323: ...Chapter 36 Link Layer Discovery Protocol LLDP GS2220 Series User s Guide 323 Figure 246 Advanced Application LLDP LLDP Local Status LLDP Local Port Status Detail...

Page 324: ...e port supports or does not support auto negotiation AN Enabled The current auto negotiation status of the port AN Advertised Capability The auto negotiation capabilities of the port Oper MAU Type The...

Page 325: ...n Information LCI Civic LCI IETF Geopriv Civic Address based Location Configuration Information ELIN Emergency Location Identifier Number Table 161 Advanced Application LLDP LLDP Local Status LLDP Loc...

Page 326: ...us continued LABEL DESCRIPTION Table 163 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail Basic TLV LABEL DESCRIPTION Local Port This displays the number of the Switch s por...

Page 327: ...e system name of the remote device System Description TLV This displays the system description of the remote device System Capabilities TLV This displays whether the system capabilities are enabled an...

Page 328: ...vertises the current duplex and bit rating of the sending node Lastly it advertises whether these setting were the result of auto negotiation during link initiation or manual override AN Supported Dis...

Page 329: ...Chapter 36 Link Layer Discovery Protocol LLDP GS2220 Series User s Guide 329 Figure 250 Advanced Application LLDP LLDP Remote Status LLDP Remote Port Status Detail MED TLV...

Page 330: ...se LCI latitude and longitude coordinates of the Location Configuration Information LCI Civic LCI IETF Geopriv Civic Address based Location Configuration Information ELIN Emergency Location Identifier...

Page 331: ...ed when its corresponding TTL expires The TTL value is to multiply the TTL multiplier by the LLDP packets transmitting interval Transmit Delay Enter the delay in seconds between successive LLDPDU tran...

Page 332: ...igation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 166 Advanced Application LLDP LLDP Configu...

Page 333: ...on Basic TLV Setting continued LABEL DESCRIPTION Table 168 Advanced Application LLDP LLDP Configuration Org specific TLV Setting LABEL DESCRIPTION Port This displays the Switch s port number Use this...

Page 334: ...s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done...

Page 335: ...urned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this sc...

Page 336: ...policy Click an index number to edit the rule Port This field displays the port number of the network policy Application Type This field displays the application type of the network policy Tag This f...

Page 337: ...es and Civic Address to set the location information of the remote device Geographical based coordinates includes latitude longitude altitude and datum Civic Address includes Country State County City...

Page 338: ...g the location information Cancel Click Cancel to begin entering the location information afresh Index This lists the index number of the location configuration Click an index number to view or edit t...

Page 339: ...utomatically after the MAC aging time expires Note A port based threshold must be larger than the host based threshold or the host based threshold will not work 37 1 1 What You Can Do Use the Anti Arp...

Page 340: ...lication Anti Arpscan Figure 257 Advanced Application Anti Arpscan Status The following table describes the fields in the above screen 37 3 Anti Arpscan Host Status Use this screen to view blocked hos...

Page 341: ...lear Filtered host A filtered host is a blocked IP address Port List Type a port number or a series of port numbers separated by commas and spaces and then click Clear to unblock all hosts connected t...

Page 342: ...host Mask A trusted host may consist of a subnet of IP addresses Type a subnet mask to create a single host or a subnet of hosts Add Click this to create the trusted host Cancel Click this to reset th...

Page 343: ...r the MAC aging time expires Type the maximum number of ARP request packets allowed by a host before it is blocked Note The allowed range is 2 to 100 ARP request packets per second Note The port based...

Page 344: ...disables the ports automatically You can then enable the ports manually in the Basic Setting Port Setup screen or use the Errdisable Recovery screen see Section 33 6 on page 313 to have the ports bec...

Page 345: ...le describes the fields in the above screen Table 176 Advanced Application BPDU Guard Status LABEL DESCRIPTION BPDU guard globally configuration This field displays whether BPDU guard is activated on...

Page 346: ...he BPDU guard feature on this port The Switch shuts down this port if there is any BPDU received on the port Clear this check box to disable the BPDU guard feature Apply Click Apply to save your chang...

Page 347: ...t network connection problems The Switch supports the following IEEE 802 3ah features Discovery this identifies the devices on each end of the Ethernet link and their OAM configuration Remote Loopback...

Page 348: ...This field displays the operational state of the port when OAM is enabled on the port Active Allows the port to issue and respond to Ethernet OAM commands Passive Allows the port to respond to Ethern...

Page 349: ...ons Mode This field displays the OAM mode The device in active mode typically the service provider s device controls the device in passive mode typically the subscriber s device Active The port initia...

Page 350: ...The port is in loopback mode Discard The port is discarding non OAM PDUs because it is trying to or has put the remote device into loopback mode Discovery state This field indicates the state in the O...

Page 351: ...d on the port Loopback Control OAMPDU Tx This field displays the number of loopback control OAM PDUs sent on the port Loopback Control OAMPDU Rx This field displays the number of loopback control OAM...

Page 352: ...ck box to disable Ethernet OAM on the port Mode Specify the OAM mode on the port Select Active to allow the port to issue and respond to Ethernet OAM commands Select Passive to allow the port to respo...

Page 353: ...e Switch performs a remote loopback test Number of Packet Define the allowable packet number of the loopback test frames Packet Size Define the allowable packet size of the loopback test frames Test C...

Page 354: ...or communication malfunction In the figure below S1 A is a bidirectional link as both ends can send packets to each other S1 B is unidirectional as B cannot send packets to S1 although the S1 B link...

Page 355: ...lowing Go to Basic Setting Port Setup Clear Active and click Apply Then select Active and click Apply again Go to Advanced Application Errdisable Errdisable Recovery and set the interval for ZULD Afte...

Page 356: ...is an initialization state where the port is not yet up Probe This indicates that ZULD is discovering the connected device on this link Bidirectional Traffic sent by the Switch is received by the con...

Page 357: ...essive In Normal mode ZULD only sends a syslog and trap when it detects a unidirectional link In Aggressive mode ZULD shuts down the port puts it into an ErrDisable state as well as sends a syslog and...

Page 358: ...nd configure automatic PD recovery on the Switch 41 2 Auto PD Recovery This screen lets you turn on automatic PD recovery on the Switch and its Ethernet ports You can configure whether the Switch uses...

Page 359: ...e Auto PD Recovery on the ports Mode Select LLDP to have the Switch passively monitor current status of the connected PD by reading LLDP packets from the PD on the port The Switch also sends out LLDP...

Page 360: ...ppears from the Switch s LLDP table and the PD Health status LED will turn to yellow in the Status Neighbor screen Select Alarm to have the Switch send an SNMP trap and generate a log message Resume P...

Page 361: ...Chapter 41 Auto PD Recovery GS2220 Series User s Guide 361 Figure 272 Auto PD Recovery Ping Mode Figure 273 Auto PD Recovery LLDP Mode 2 Select the desired ports in the Active column 3 Select the Mode...

Page 362: ...l restart the connecting port is detected as link down When restarting the PD entry disappears from the Switch s LLDP table and the PD Health status LED will turn to yellow in the Status Neighbor scre...

Page 363: ...route outbound traffic from computers on the LAN to the Internet To have the Switch send data to devices not reachable through the default gateway use static routes For example the next figure shows...

Page 364: ...n as shown Click the link next to IPv4 Static Route to open a screen where you can create IPv4 static routing rules Figure 275 IP Application Static Routing 42 3 IPv4 Static Route Click the link next...

Page 365: ...it must be between 1 and 15 In practice 2 or 3 is usually a good number Add Click Add to insert a new static route to the Switch s run time memory The Switch loses these changes if it is turned off o...

Page 366: ...give advanced notice of where the traffic is going 43 1 1 What You Can Do Use the DiffServ screen Section 43 2 on page 367 to activate DiffServ to apply marking rules or IEEE 802 1p priority mapping o...

Page 367: ...Silver Bronze based on the configured marking rules A network administrator can then apply various traffic policies to the traffic flows An example traffic policy is to give higher drop precedence to...

Page 368: ...to enable DiffServ on the Switch Port This field displays the index number of a port on the Switch Settings in this row apply to all ports Use this row only if you want to make some settings the same...

Page 369: ...classification identification number To set the IEEE 802 1p priority mapping select the priority level from the drop down list box Apply Click Apply to save your changes to the Switch s run time memo...

Page 370: ...figure global DHCPv4 relay Use the DHCPv4 Global Relay Port screen Section 44 4 4 on page 375 to apply a different DHCP option 82 profile to certain ports on the Switch Use the VLAN Setting screen Sec...

Page 371: ...e and configure DHCPv4 relay settings and create option 82 profiles Click the link next to DHCPv6 to open a screen where you can configure DHCPv6 relay settings Click the link next to DHCP Server Guar...

Page 372: ...s based on this information Please refer to RFC 3046 for more details The DHCP Relay Agent Information feature adds an Agent Information field also known as the Option 82 field to DHCP requests The Op...

Page 373: ...DHCPv4 Option 82 Profile The following table describes the labels in this screen Table 192 DHCP Relay Agent Circuit ID Sub option Format SubOpt Code Length Value 1 1 byte N 1 byte Slot ID Port ID VLA...

Page 374: ...d Add Click this to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the...

Page 375: ...ox to enable DHCPv4 relay Remote DHCP Server 1 3 Enter the IP address of a DHCPv4 server in dotted decimal notation Option 82 Profile Select a pre defined DHCPv4 option 82 profile that the Switch appl...

Page 376: ...over the one you select in the DHCP DHCPv4 Global screen Add Click this to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses the...

Page 377: ...HCP server This allows the DHCP server to assign the appropriate IP address according to the VLAN ID Figure 287 DHCP Relay Configuration Example 44 4 6 DHCPv4 VLAN Setting Use this screen to configure...

Page 378: ...a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navig...

Page 379: ...the profile to DHCP requests that it relays to a DHCP server The profile you select here has priority over the one you select in the DHCP DHCPv4 VLAN screen Add Click this to create a new entry or to...

Page 380: ...to a DHCPv6 server that is not attached to the same network The DHCPv6 relay agent can add the remote identification remote ID option and the interface ID option to the Relay Forward DHCPv6 messages...

Page 381: ...ards them to a DHCPv6 server Add Click this to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned of...

Page 382: ...some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you...

Page 383: ...le and if it finds the address it sends it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address...

Page 384: ...us ARP A gratuitous ARP is an ARP request in which both the source and destination IP address fields are set to the IP address of the device that sends this request and the destination MAC address fie...

Page 385: ...y the screen as shown Click the link next to ARP Learning to open a screen where you can set the ARP learning mode for each port Figure 294 IP Application ARP Setup 45 2 1 ARP Learning Use this screen...

Page 386: ...earning Mode Select the ARP learning mode the Switch uses on the port Select ARP Reply to have the Switch update the ARP table only with the ARP replies to the ARP requests sent by the Switch Select G...

Page 387: ...in the Switch s RAM Use the Erase Running Configuration screen Section 46 2 1 on page 389 to reset the configuration to the Zyxel default configuration settings Use the Save Configuration screen Sect...

Page 388: ...ngs to a customized default file on the Switch This file can be used instead of the Zyxel factory default configuration file Reboot System Click Config 1 to reboot the Switch and load Configuration 1...

Page 389: ...These configurations are set up according to your network environment Click Config 2 to save the current configuration settings permanently to Configuration 2 on the Switch These configurations are se...

Page 390: ...file was not saved clicking Custom Default loads the factory default configuration on the Switch 46 2 4 Factory Default Follow the steps below to reset the Switch back to the factory defaults 1 Click...

Page 391: ...vice Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device Click Management Maintenance Firmware Upgrade to view the screen as shown next Figure 300...

Page 392: ...ting Firmware 1 shows its version number and model code and MM DD YYYY creation date Firmware 2 shows its version number and model code and MM DD YYYY creation date Current Boot Image This displays wh...

Page 393: ...you can click File Save As to save the file to a specific place If a dialog box pops up asking whether you want to open or save the file click Save or Save File to download it to the default download...

Page 394: ...last time the Switch rebooted It shows None if auto configuration was not enabled or not executed successfully Use this section to enable auto configuration and select the mode that you want to use fo...

Page 395: ...The Mbuf log report is stored in flash permanent memory For example Mbuf 50 means a log will be created when the Mbuf utilization is over 50 The higher the Mbuf threshold number the fewer logs will b...

Page 396: ...figurator See Section 47 7 3 on page 420 for more information about HTTPS Certificates are based on public private key pairs A certificate contains the certificate owner s identity and public key Cert...

Page 397: ...uter to the Switch Service This field displays the service type that this certificate is for Subject This field displays identifying information about the certificate s owner such as CN Common Name OU...

Page 398: ...ing files from the Switch using FTP commands First understand the filename conventions 46 9 2 Filename Conventions The configuration file also known as the romfile or ROM contains the Zyxel factory de...

Page 399: ...username 4 Enter your password as requested the default is 1234 5 Enter bin to set transfer mode to binary 6 Use put to transfer files from the computer to the Switch for example put firmware bin ras...

Page 400: ...ommands for GUI based FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server Login Type Anonymous This is when a user I D and password is automatically supplied to the serve...

Page 401: ...on page 403 to specify the types of SNMP traps that should be sent to each SNMP manager Use the User Information screen Section 47 3 3 on page 405 to create SNMP users for authentication with manager...

Page 402: ...nagement Access Control SNMP Table 210 Management Access Control LABEL DESCRIPTION SNMP Click this link to configure your SNMP settings Logins Click this link to assign which users can access the Swit...

Page 403: ...the password for incoming Set requests from the management station The Set Community string is only used by SNMP managers using SNMP version 2c or lower Trap Community Enter the Trap Community string...

Page 404: ...which traps the Switch sends to that SNMP manager Type Select the categories of SNMP traps that the Switch is to send to the SNMP manager Options Select the individual SNMP traps that the Switch is t...

Page 405: ...ll ports Use this row only if you want to make some of the settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Changes in th...

Page 406: ...ication and encryption for SNMP messages sent by this user This is the highest security level Note The settings on the SNMP manager must be set at the same security level or higher than the security l...

Page 407: ...ing the user can collect information from the Switch Add Click this to create a new entry or to update an existing one This saves your changes to the Switch s run time memory The Switch loses these ch...

Page 408: ...ong Password Enter your new system password Up to 32 characters are allowed for the new password except space or Retype to confirm Retype your new system password for confirmation Privilege Type the p...

Page 409: ...u may use to access the Switch are listed here Active Select this option for the corresponding services that you want to allow to access the Switch Service Port For Telnet SSH FTP HTTP or HTTPS servic...

Page 410: ...non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen afresh Table 216 Management Access Control Service Access Control continued LABEL DESCRIPTION Tab...

Page 411: ...P The manager is the console through which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain obj...

Page 412: ...h RFC 2011 SNMPv2 MIB for IP RFC 2012 SNMPv2 MIB for TCP RFC 2013 SNMPv2 MIB for UDP SNMP Traps The Switch sends traps to an SNMP manager when an event occurs The following tables outline the SNMP tra...

Page 413: ...or through a management interface zySysMgmtBootImageIncons istence 1 3 6 1 4 1 890 1 15 3 49 2 3 This trap is sent when the index number of image which is loaded when the Switch starts up is different...

Page 414: ...d 1 3 6 1 4 1 890 1 15 3 59 4 5 This trap is sent when the port is turned on to recover from an overloaded state zyPoePowerPortShortCircuitR ecovered 1 3 6 1 4 1 890 1 15 3 59 4 6 This trap is sent wh...

Page 415: ...3 97 4 9 This trap is sent when a new master Switch takes over from a former master zyStackingSyncConfFail 1 3 6 1 4 1 890 1 15 3 97 4 10 This trap is sent when a configuration sync fails zyStackingSy...

Page 416: ...84 3 5 This trap is sent when the transmitter laser bias current is above or below the normal operating range zyTransceiverDdmiTemperature OutOfRangeRecovered 1 3 6 1 4 1 890 1 15 3 84 3 6 This trap i...

Page 417: ...15 3 71 2 2 This trap is sent when there is no response message from the RADIUS accounting server zyTacacsServerAccountingServer Unreachable 1 3 6 1 4 1 890 1 15 3 83 2 2 This trap is sent when there...

Page 418: ...5 3 5 2 3 2 This trap is sent when the MRSTP topology changes zyMstpTopologyChange 1 3 6 1 4 1 890 1 15 3 5 3 3 2 This trap is sent when the MSTP root switch changes mactable zyMacForwardingTableFull...

Page 419: ...ryption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identification is veri...

Page 420: ...must always authenticate itself to the SSL client the computer which requests the HTTPS connection with the Switch whereas the SSL client only should authenticate itself when the SSL server requires...

Page 421: ...cked Figure 320 Security Alert Dialog Box Internet Explorer 6 Internet Explorer 7 later version When you attempt to access the Switch HTTPS server a screen with the message There is a problem with thi...

Page 422: ...e on screen instructions to install the certificate in your browser Figure 323 Certificate Internet Explorer 11 Mozilla Firefox Warning Messages When you attempt to access the Switch HTTPS server a Yo...

Page 423: ...Series User s Guide 423 Figure 324 Security Alert Mozilla Firefox Confirm the HTTPS server URL matches Click Confirm Security Exception to proceed to the Web Configurator login screen Figure 325 Secur...

Page 424: ...Advanced and then Proceed to x x x x unsafe to proceed to the Web Configurator login screen Figure 326 Security Alert Google Chrome 58 0 3029 110 47 7 4 1 Main Settings After you accept the certificat...

Page 425: ...Chapter 47 Access Control GS2220 Series User s Guide 425 Figure 327 Example Lock Denoting a Secure Connection EXAMPLE...

Page 426: ...c screen You can use this screen to help you identify problems 48 2 Diagnostic Click Management Diagnostic in the navigation panel to open this screen Use this screen to ping IP addresses run a tracer...

Page 427: ...an IPv6 address IP Address Host Name Enter the IP address or host name of a device to which you want to perform a traceroute Click Trace Route to have the Switch perform the traceroute function This d...

Page 428: ...witch chipset supports this feature This shows N A if the Pair status is Open or Short Check the Distance to fault This shows Unsupported if the Switch chipset does not support to show the cable lengt...

Page 429: ...hes the maximum number of log messages new log messages automatically overwrite existing log messages starting with the oldest existing log message first Figure 329 Management System Log The summary t...

Page 430: ...everity levels 50 1 1 What You Can Do Use the Syslog Setup screen Section 50 2 on page 430 to configure the device s system logging settings and configure a list of external syslog servers 50 2 Syslog...

Page 431: ...hanges to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memor...

Page 432: ...r to edit the entry Active This field displays Yes if the device is to send logs to the syslog server No displays if the device is not to send logs to the syslog server IP Address This field displays...

Page 433: ...communicate with one another In the following example switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members Figure 331 Clusteri...

Page 434: ...tus The following table describes the labels in this screen Table 228 Management Cluster Management Status LABEL DESCRIPTION Status This field displays the role of this Switch within the cluster Manag...

Page 435: ...nk between cluster member and manager goes down Table 228 Management Cluster Management Status continued LABEL DESCRIPTION Table 229 Management Cluster Management Configuration LABEL DESCRIPTION Clust...

Page 436: ...g Candidate list Switches that are not in the same management VLAN group will not be visible in the Clustering Candidate list Password Each cluster member s password is its Web Configurator password S...

Page 437: ...igure 334 Cluster Management Cluster Member Web Configurator Screen 51 4 1 1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the clu...

Page 438: ...received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 460ABPI0 bin fw 00 a0 c5 01 23 46 200 Port command okay 150 Opening data connection for STOR fw 00 a0 c5 01 23 46 226 File rec...

Page 439: ...now The Switch uses the MAC Table to determine how to forward frames See the following figure 1 The Switch examines a received frame and learns the port on which this source MAC address came 2 The Swi...

Page 440: ...creen to search specific MAC addresses You can also directly add dynamic MAC addresses into the static MAC forwarding table or MAC filtering table from the MAC table using this screen Click Management...

Page 441: ...rding to VLAN group Select PORT to display and arrange the data according to port number Transfer Type Select Dynamic to MAC forwarding and click the Transfer button to change all dynamically learned...

Page 442: ...le and if it finds the address it sends it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The Switch fills in its own MAC and IP address...

Page 443: ...according to the condition you specified Cancel Click Cancel to return the fields to the factory defaults Index This is the ARP table entry number IP Address This is the IP address of a device connec...

Page 444: ...Use this screen to view IPv6 path MTU information on the Switch Click Management Path MTU Table in the navigation panel to display the screen as shown Figure 339 Management Path MTU Table The followin...

Page 445: ...5 1 Overview This chapter shows you how you can copy the settings of one port onto other ports 55 2 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a d...

Page 446: ...Chapter 55 Configure Clone GS2220 Series User s Guide 446 Figure 340 Management Configure Clone...

Page 447: ...ndicates that ports 2 through 6 are the destination ports Basic Setting Select to apply all settings to the port Use this first to select the common settings and then remove the settings you do not wa...

Page 448: ...layer address and sends the packet when the neighbor is reachable If the Switch cannot find an entry in the neighbor table or the state for the neighbor is not reachable it starts the address resoluti...

Page 449: ...nding request packets for a short to give upper layer protocols a chance to determine reachability probe P The Switch is sending request packets and waiting for the neighbor s response invalid IV The...

Page 450: ...le 236 Management Port Status LABEL DESCRIPTION Port This identifies the Ethernet port Click a port number to display the Port Details screen Name This is the name you assigned to this port in the Bas...

Page 451: ...Pkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on this port Errors This field shows the number of received errors on this por...

Page 452: ...for the combo ports This field displays Down if the port is not connected to any device State If STP Spanning Tree Protocol is enabled this field displays the STP state of the port If STP is disabled...

Page 453: ...one collision Multiple This is a count of successfully transmitted packets for which transmission was inhibited by more than one collision Excessive This is a count of packets for which transmission f...

Page 454: ...rating parameters on the SFP port The parameters include for example transmitting and receiving power and module temperature Click a number in the Port column in the DDMI screen to view current transc...

Page 455: ...er was manufactured Transceiver This displays details about the type of transceiver installed in the SFP slot Calibration This field is available only when an SFP transceiver is inserted into the SFP...

Page 456: ...lue Low Warn Threshold This displays the low value warning threshold for each monitored DDMI parameter A warning signal is reported to the Switch if the monitored DDMI parameter reaches this value Low...

Page 457: ...refox or Google Chrome The recommended screen resolution is 1024 by 768 pixels The following sections introduces the configuration and functions of the Web Configurator In Networked AV mode Click Netw...

Page 458: ...IP routing domains IGMP Snooping VLAN This displays the ID number of the VLAN group upon which the Switch is to perform IGMP snooping IGMP Snooping This displays Active when IGMP snooping is enabled t...

Page 459: ...sage on this port as a percentage of the Link Speed IGMP Leave Mode This displays immediate when the Switch receives IGMP leave packets the Switch will close the multicast stream immediately without a...

Page 460: ...igure general settings such as the system name and time Use the Cloud Management screen Section 59 4 on page 463 to display links to Nebula Control Center Discovery and Nebula Switch Registration scre...

Page 461: ...tion Memory utilization shows how much DRAM memory is available and in use It also displays the current percentage of memory utilization Name This field displays the name of memory pool Total byte Thi...

Page 462: ...The main differences between them are the time format When you select the Daytime RFC 867 format the Switch displays the day month year and time with no time zone adjustment When you use this format i...

Page 463: ...s of the United States on the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States you would select Second Sunday Ma...

Page 464: ...e on the Switch needs to be upgraded If it does the Switch will upgrade the firmware immediately If the firmware does not need to be upgraded but there is newer firmware available for the Switch then...

Page 465: ...on page 469 to configure Switch port settings 60 2 PoE Status A powered device PD is a device such as an access point or a switch that supports PoE Power over Ethernet so that it can receive power fro...

Page 466: ...PoE Setup Consuming Power W This field displays the amount of power the Switch is currently supplying to the connected PoE enabled devices Allocated Power W This field displays the total amount of po...

Page 467: ...W Class 2 default 0 44 W to 7 W can be extended to 9 W Class 3 default 0 44 W to 15 4 W can be extended to 17 8 W Class 4 default 0 44 W to 30 W can be extended to 32 8 W Priority When the total power...

Page 468: ...the port Select High to set the Switch to assign the remaining power to the port after all critical priority ports are served Select Low to set the Switch to assign the remaining power to the port aft...

Page 469: ...d current to be out of the standard range LLDP Power Via MDI Select this to have the Switch negotiate PoE power with the PD connected to the port by transmitting LLDP Power Via MDI TLV frames This hel...

Page 470: ...cting the signal on the cable and using half duplex mode When the Switch s auto negotiation is turned off a port uses the pre configured speed and duplex mode when making a connection thereby requirin...

Page 471: ...emory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring C...

Page 472: ...nd on the ports When the maximum number of allowable broadcast multicast and or DLF packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast...

Page 473: ...e trunk group and so on Table 247 Security Broadcast Storm Control LABEL DESCRIPTION Active Set this switch to ON to enable traffic storm control on the Switch Otherwise select OFF to disable this fea...

Page 474: ...ation Status The following table describes the labels in this screen Table 248 Switching Link Aggregation Link Aggregation Status LABEL DESCRIPTION Group ID This field displays the group ID to identif...

Page 475: ...destination are sent over the same link within the trunk src mac means the Switch distributes traffic based on the packet s source MAC address dst mac means the Switch distributes traffic based on the...

Page 476: ...this screen Table 249 Switching Link Aggregation Link Aggregation Setting LABEL DESCRIPTION Link Aggregation Setting This is the only screen you need to configure to enable static link aggregation Gro...

Page 477: ...he packet s source MAC address Select dst mac to distribute traffic based on the packet s destination MAC address Select src dst mac to distribute traffic based on a combination of the packet s source...

Page 478: ...ggregation Control Protocol LACP System Priority LACP system priority is a number between 1 and 65535 The switch with the lowest system priority and lowest port number if system priority is the same b...

Page 479: ...st to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them LACP Timeout Timeout is the time interval...

Page 480: ...t be forwarded as it is to an untagged port The remaining twelve bits define the VLAN ID giving a possible maximum number of 4 096 VLANs Note that user priority and VLAN ID are independent of each oth...

Page 481: ...n is made by issuing a Join message using GARP Declarations are withdrawn by issuing a Leave message A Leave All message terminates all registrations GARP timers set declaration timeout values GVRP GV...

Page 482: ...frames with VLAN group tags 1 and 2 VLAN groups that are unknown to those switches to pass through their VLAN trunking ports Figure 363 Port VLAN Trunking 61 7 VLAN Status Use this screen to view and...

Page 483: ...Ns that match the searching criteria and display in the list below This field displays only when you use the Search button to look for certain VLANs Index This is the VLAN index number Click on an ind...

Page 484: ...static VLAN status for the Switch Click Switching VLAN Static VLAN to display the screen as shown next Table 253 Switching VLAN VLAN Status VLAN Detail LABEL DESCRIPTION VLAN Status Click this to go t...

Page 485: ...DESCRIPTION Select an entry s check box to select a specific entry Otherwise select the check box in the table heading row to select all entries VID This field displays the ID number of the VLAN grou...

Page 486: ...tings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Control Select Normal for the port to dynamically join this VLAN g...

Page 487: ...is a tag that adds to incoming untagged frames received on a port so that the frames are forwarded to the VLAN group that the tag defines Enter a number between 1 and 4094 as the port VLAN ID Accepta...

Page 488: ...snooping to forward group multicast traffic only to ports that are members of that group Use the IGMP Snooping VLAN screen Section 61 13 on page 493 to perform IGMP snooping on up to 16 VLANs Use the...

Page 489: ...em The Switch forwards multicast traffic destined for multicast groups that it has learned from IGMP snooping or that you have manually configured to ports that are members of that group IGMP snooping...

Page 490: ...multicast router is NOT required But without an IP multicast router on the VLAN you must configure the Switch as the IGMP Snooping Querier so that it can send queries Select this option to allow the...

Page 491: ...VLANs For example 51 53 includes 51 52 and 53 but 51 53 does not include 52 Unknown Multicast Frame to Querier Port Specify the action to perform when Unknown Multicast Frame is set to Drop Select Dr...

Page 492: ...is port is allowed to join Once a port is registered in the specified number of multicast groups any new IGMP join report frames is dropped on this port Throttling IGMP throttling controls how the Swi...

Page 493: ...elect fixed to have the Switch only learn multicast group membership information of the VLANs that you specify below In either auto or fixed mode the Switch can learn up to 16 VLANs The Switch drops a...

Page 494: ...dd Edit Click Add to create a new entry or Edit to update an existing one This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so u...

Page 495: ...o create a new entry This saves your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save...

Page 496: ...263 Switching Multicast IGMP Filtering Profile Add Rule LABEL DESCRIPTION Profile Name Select the profile name to add a rule To configure additional rules for a profile that you have already added sel...

Page 497: ...This section shows you how to configure the default gateway device the default domain name server and add IP domains 62 1 IP Setup Use the IP Setup screen to configure the default gateway device the d...

Page 498: ...Click Cancel to reset the fields to your previous configuration Domain Name Server Use these fields to add edit or delete the IP address of the DNS server Select an entry s check box to select a speci...

Page 499: ...may use a service to manage the Switch Use the SNMP screen Section 63 4 on page 503 to configure your SNMP settings Use the Service Access Control screen Section 63 8 on page 510 to decide what servic...

Page 500: ...re allowed for the new password except space or Retype to confirm Retype your new system password for confirmation Edit Logins You may configure passwords for up to four users These users can have rea...

Page 501: ...nformation display 14 Configure login accounts SNMP user accounts the authentication method sequence and authorization settings multiple logins and administrator and enable passwords and display confi...

Page 502: ...Address End Address Configure the IP address range of trusted computers from which you can manage this Switch The Switch checks if the client IP address of a computer requesting a service or protocol...

Page 503: ...object variables or managed objects that define each piece of information to be collected about a Switch Examples of variables include number of packets received node port status and so on A Manageme...

Page 504: ...wards compatible with SNMP version 1 Get Community Enter the Get Community string which is the password for the incoming Get and GetNext requests from the management station The Get Community string i...

Page 505: ...SNMP traps Username Enter the user name to be sent to the SNMP manager along with the SNMP v3 trap This user name must match an existing account on the Switch configured in the Security Access Control...

Page 506: ...lect the following Categories of SNMP traps that the Switch is to send to the SNMP manager Individual SNMP traps that the Switch is to send to the SNMP station The traps are grouped by category Select...

Page 507: ...ts Use this row first to set the common settings and then make adjustments on a port by port basis Changes in this row are copied to all the ports as soon as you make them Active Set this switch to ON...

Page 508: ...k box to select a specific entry Otherwise select the check box in the table heading row to select all entries Index This is a read only number identifying a login account on the Switch Click an index...

Page 509: ...or SNMP user authentication Privacy Specify the encryption method for SNMP communication from this user You can choose one of the following DES Data Encryption Standard is a widely used but breakable...

Page 510: ...et people who wish to use the service know the new port number for that service Timeout Enter how many minutes from 1 to 255 a management session can be left idle before the session times out After it...

Page 511: ...d device configuration file Use the Save Configuration screen Section 64 6 on page 514 to save the current configuration settings to a specific configuration file on the Switch Use the Tech Support sc...

Page 512: ...e you wish to upload to the Switch Firmware upgrades are only applied after a reboot Click Upgrade to load the new firmware After the firmware upgrade process is complete see the System Info screen to...

Page 513: ...n next to Reboot System with to reboot and load that configuration file The following screen displays If you select Current Configuration make sure to save the Switch settings as the current configura...

Page 514: ...computer Click Maintenance Maintenance Restore Configuration to display the screen as shown next Use this screen to restore a previously saved configuration from your computer Figure 392 Maintenance...

Page 515: ...rt in obtaining reports and it is also available in CLI command by typing Show tech support command Click Maintenance Maintenance Tech Support to see the following screen Figure 395 Maintenance Mainte...

Page 516: ...ys the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjust...

Page 517: ...517 PART III Troubleshooting and Appendices...

Page 518: ...2 Make sure the power adapter or cord is connected to the Switch and plugged in to an appropriate power source Make sure the power source is turned on 3 Disconnect and re connect the power adapter or...

Page 519: ...DHCP assigned IP when connecting to a DHCP server or 192 168 1 1 If you changed the IP address use the new IP address If you changed the IP address and have forgotten it see the troubleshooting sugge...

Page 520: ...Permissions In order to use the Web Configurator you need to allow Web browser pop up windows from your device JavaScripts enabled by default Java permissions enabled by default There is unauthorized...

Page 521: ...ot sure which configuration file will be loaded If you plug the power cable back to the Switch it will reboot and load the configuration file that was used the last time For example if Config 1 was us...

Page 522: ...on Please have the following information ready when you contact an office Required Information Product model and serial number Warranty Information Date that you received your device Brief description...

Page 523: ...lippines Zyxel Philippines http www zyxel com ph Singapore Zyxel Singapore Pte Ltd http www zyxel com sg Taiwan Zyxel Communications Corporation https www zyxel com tw zh Thailand Zyxel Thailand Co Lt...

Page 524: ...Zyxel Communications A S https www zyxel com dk da Estonia Zyxel Estonia https www zyxel com ee et Finland Zyxel Communications https www zyxel com fi fi France Zyxel France https www zyxel fr German...

Page 525: ...and Zyxel Communications Poland https www zyxel com pl pl Romania Zyxel Romania https www zyxel com ro ro Russia Zyxel Russia https www zyxel com ru ru Slovakia Zyxel Communications Czech s r o organi...

Page 526: ...erica Argentina Zyxel Communications Corporation https www zyxel com co es Brazil Zyxel Communications Brasil Ltda https www zyxel com br pt Colombia Zyxel Communications Corporation https www zyxel c...

Page 527: ...nications Corporation https www zyxel com me en North America USA Zyxel Communications Inc North America Headquarters https www zyxel com us en Oceania Australia Zyxel Communications Corporation https...

Page 528: ...ons in which this service is used Table 278 Commonly Used Services NAME PROTOCOL PORT S DESCRIPTION AH IPSEC_TUNNEL User Defined 51 The IPSEC AH Authentication Header tunneling protocol uses this serv...

Page 529: ...hat sends out ICMP echo requests to test whether or not a remote host is reachable POP3 TCP 110 Post Office Protocol version 3 lets a client computer get e mail from a POP3 server through a temporary...

Page 530: ...UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments...

Page 531: ...1a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Prefix and Prefix Length Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length specif...

Page 532: ...wing table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and cannot be assigned to a multicast group Table 280 Predefine...

Page 533: ...ng UDP Each DHCP client and server has a unique DHCP Unique IDentifier DUID which is used for identification when they are exchanging DHCPv6 messages The DUID is generated from the MAC address time ve...

Page 534: ...uplink router for its LAN The Switch uses the received IPv6 prefix for example 2001 db2 48 to generate its LAN IP address Through sending Router Advertisements RAs regularly by multicast the Switch p...

Page 535: ...as the next hop Otherwise the Switch determines the next hop from the default router list or routing table Once the next hop IP address is known the Switch looks into the neighbor cache to get the lin...

Page 536: ...DHCPv6 for IP address assignment you have to additionally install a DHCPv6 client software on your Windows XP Note If you use static IP addresses or Router Advertisement for IPv6 address assignment in...

Page 537: ...Example Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer To enable IPv6 in Windows 7 1 Select Control Panel Network and...

Page 538: ...dynamic IPv6 address This example shows a global address 2001 b021 2d 1000 obtained from a DHCP server C ipconfig Windows IP Configuration Ethernet adapter Local Area Connection Connection specific D...

Page 539: ...C rules Operation is subject to the following two conditions 1 This device may not cause harmful interference 2 This device must accept any interference received including interference that may cause...

Page 540: ...formation about recycling of this product please contact your local city office your household waste disposal service or the store where you purchased the product Use ONLY power wires of the appropria...

Page 541: ...den rtlichen Bestimmungen getrennt vom Hausm ll entsorgt werden muss Wenden Sie sich an eine Recyclingstation wenn dieses Produkt das Ende seiner Lebensdauer erreicht hat Zum Zeitpunkt der Entsorgung...

Page 542: ...ymbols Various symbols are used in this product to ensure correct usage to prevent danger to the user and others and to prevent property damage The meaning of these symbols are described below It is i...

Page 543: ...ng conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any impl...

Page 544: ...blocked hosts 340 host threshold 342 status 340 trusted hosts 341 applications backbone 29 bridging 30 fiber uplink 30 IEEE 802 1Q VLAN 31 PoE 28 switched workgroup 30 ARP how it works 383 learning mo...

Page 545: ...212 example 214 logging 213 match order 213 overview 207 setup 208 212 status 208 viewing 212 clearance Switch installation 33 cloning a port see port cloning Cloud Management screen 464 cluster manag...

Page 546: ...s 373 Relay Agent Information 372 DHCPv4 relay 372 DHCPv6 enable in Windows XP 536 DHCPv6 client 31 DHCPv6 Client Setup screen 130 DHCPv6 relay 31 380 interface ID 380 remote ID 380 DHCPv6 Relay scree...

Page 547: ...re upgrade 512 Firmware Upgrade screen 391 flow control back pressure 114 470 IEEE802 3x 114 470 forwarding delay 170 frames tagged 142 487 untagged 142 487 freestanding installation precautions 34 pr...

Page 548: ...e IPv6 IP configuration 109 status 108 IP address 108 109 Switch management 82 IP setup 497 IP Setup screen 83 107 497 IP source guard 258 ARP inspection 258 287 DHCP snooping 258 static bindings 258...

Page 549: ...trunk group 187 link aggregation trunking 475 example 30 Link Aggregation Control Protocol LACP 187 Link Aggregation Control Protocol screen 477 Link Aggregation Setting screen 475 Link Aggregation St...

Page 550: ...using FTP see FTP 32 using SNMP 32 Web Configurator 32 ZON Utility 32 man in the middle attacks 287 max age 170 hops 170 maximum transmission unit 444 Maximum Transmission Unit MTU 122 Mbuf Memory Bu...

Page 551: ...347 353 one time schedule 205 Operations Administration and Maintenance 347 Option 82 372 Organizationally Unique Identifiers OUI 147 Org specific TLV Setting screen 333 overheating prevention 33 P PA...

Page 552: ...agnostics 427 428 mirroring 185 515 speed duplex 470 standby 188 power voltage 103 power connections 46 power connector 46 Power Sourcing Equipment PSE 28 power status 103 powered device PD 28 114 PPP...

Page 553: ...ors using 35 Secure Shell see SSH service access control 409 510 service port 409 510 Service Access Control screen 510 Setup Wizard parts 59 Setup Wizard screen 52 SFP SFP slot 41 SHA Secure Hash Alg...

Page 554: ...tatus 164 165 terminology 162 vs loop guard 289 STP Path Cost 162 straight through Ethernet cable 40 subnet based VLANs 142 subnet masking 533 Summary screen 457 Switch DHCP client 50 fanless type usa...

Page 555: ...4 480 VID VLAN Identifier 134 480 View based Access Control Model VACM 509 Virtual Local Area Network 105 VLAN 105 acceptable frame type 142 487 and IGMP snooping 224 automatic registration 134 481 cr...

Page 556: ...Robin Scheduling 220 Z ZDP 54 ZON Zyxel One Network 543 ZON Utility 54 compatible OS 54 fields description 58 icon description 57 installation requirements 54 introduction 27 minimum hardware requirem...

Search results

Summary of Contents for GS2220-10

Reviews:

Related manuals for GS2220-10

Brands by name

Popular brands

ZyXEL Communications GS2220-10, User Manual

Search results

Summary of Contents for GS2220-10

Reviews:

Related manuals for GS2220-10

Brands by name

Popular brands