manualshive.com logo in svg

ZyXEL Communications ZyXEL Dimension ES-2724, User Manual, Page: 3 / 341

Share
Download
ZyXEL Communications ZyXEL Dimension ES-2724 User Manual Download Page 3

ES-2724 User’s Guide

Copyright

1

Copyright

Copyright © 2006 by ZyXEL Communications Corporation.

The contents of this publication may not be reproduced in any part or as a whole, transcribed, 
stored in a retrieval system, translated into any language, or transmitted in any form or by any 
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or 
otherwise, without the prior written permission of ZyXEL Communications Corporation.

Published by ZyXEL Communications Corporation. All rights reserved.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or 
software described herein. Neither does it convey any license under its patent rights nor the 
patent rights of others. ZyXEL further reserves the right to make changes in any products 
described herein without notice. This publication is subject to change without notice.

Trademarks

ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL 
Communications, Inc. Other trademarks mentioned in this publication are used for 
identification purposes only and may be properties of their respective owners.

Summary of Contents for ZyXEL Dimension ES-2724

Page 1: ...ES 2724 Intelligent Layer 3 Switch User s Guide Version 3 70 9 2006...

Page 2: ......

Page 3: ...L Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it conve...

Page 4: ...y and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this device in a residential area is likely to cause harmf...

Page 5: ...ES 2724 User s Guide Certifications 3 2 Select your product from the drop down list box on the ZyXEL home page to go to that product s page 3 Select the certification you wish to view from this page...

Page 6: ...ct the power adaptor or cord to the right supply voltage for example 110V AC in North America or 230V AC in Europe Do NOT allow anything to rest on the power adaptor or cord and do NOT place the produ...

Page 7: ...ES 2724 User s Guide Safety Warnings 5 This product is recyclable Dispose of it properly...

Page 8: ...nt as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fit...

Page 9: ...rany Cesk Republika info cz zyxel com 420 241 091 359 DENMARK support zyxel dk 45 39 55 07 00 www zyxel dk ZyXEL Communications A S Columbusvej 2860 Soeborg Denmark sales zyxel dk 45 39 55 07 07 FINLA...

Page 10: ...zyxel es 34 902 195 420 www zyxel es ZyXEL Communications Arte 21 5 planta 28033 Madrid Spain sales zyxel es 34 913 005 345 SWEDEN support zyxel se 46 31 744 7700 www zyxel se ZyXEL Communications A S...

Page 11: ...Example 32 1 1 3 High Performance Switching Example 32 1 1 4 IEEE 802 1Q VLAN Application Examples 33 1 1 4 1 Tag based VLAN Example 33 Chapter 2 Hardware Installation and Connection 35 2 1 Freestand...

Page 12: ...ing Your Configuration 53 4 5 Switch Lockout 53 4 6 Resetting the Switch 54 4 6 1 Reload the Configuration File 54 4 7 Logging Out of the Web Configurator 55 4 8 Help 55 Chapter 5 Initial Setup Exampl...

Page 13: ...Static VLAN Details 85 8 5 3 Configure a Static VLAN 85 8 5 4 Configure VLAN Port Settings 87 8 6 Protocol Based VLANs 88 8 7 Configuring Protocol Based VLAN 89 8 8 Create an IP based VLAN Example 91...

Page 14: ...pter 14 Mirroring 117 14 1 Port Mirroring Setup 117 Chapter 15 Link Aggregation 119 15 1 Link Aggregation Overview 119 15 2 Dynamic Link Aggregation 119 15 2 1 Link Aggregation ID 120 15 3 Link Aggreg...

Page 15: ...Queuing Method Overview 147 20 1 1 Strictly Priority 147 20 1 2 Weighted Fair Queuing 147 20 1 3 Weighted Round Robin Scheduling WRR 148 20 2 Configuring Queuing 148 Chapter 21 VLAN Stacking 151 21 1...

Page 16: ...IGMP 173 Chapter 26 IP Multicast 175 26 1 IP Multicast Overview 175 26 2 Configuring Multicast 175 Chapter 27 Differentiated Services 177 27 1 DiffServ Overview 177 27 1 1 DSCP and Per Hop Behavior 1...

Page 17: ...GUI based FTP Clients 194 29 8 4 FTP Restrictions 194 Chapter 30 Access Control 195 30 1 Access Control Overview 195 30 2 Access Control Main Screen 195 30 3 About SNMP 196 30 3 1 Supported MIBs 197...

Page 18: ...ch 218 33 3 Clustering Management Configuration 219 Chapter 34 MAC Table 223 34 1 MAC Table Overview 223 34 2 Viewing the MAC Table 224 Chapter 35 IP Table 225 35 1 IP Table Overview 225 35 2 Viewing...

Page 19: ...Configuration Mode 246 39 11 4 interface port channel Commands 259 39 11 5 interface route domain Commands 262 39 11 6 config vlan Commands 263 39 12 mvr Commands 264 Chapter 40 User and Enable Mode...

Page 20: ...t Authentication Settings 286 Chapter 42 Interface Commands 289 42 1 Overview 289 42 2 Interface Command Examples 289 42 2 1 interface port channel 289 42 2 2 bpdu control 289 42 2 3 broadcast limit 2...

Page 21: ...VLAN 303 43 6 Show VLAN Setting 303 Chapter 44 Multicast VLAN Registration Commands 305 44 1 Overview 305 44 2 Create Multicast VLAN 305 Chapter 45 Routing Domain Command Examples 307 45 0 1 interface...

Page 22: ...ES 2724 User s Guide 20 Table of Contents...

Page 23: ...Configurator Home Screen Status 48 Figure 17 Change Administrator Login Password 53 Figure 18 Resetting the Switch Via the Console Port 55 Figure 19 Web Configurator Logout Screen 55 Figure 20 Initial...

Page 24: ...27 Figure 56 Port Authentication RADIUS 127 Figure 57 Port Authentication 802 1x 128 Figure 58 Port Security 132 Figure 59 Classifier 136 Figure 60 Classifier Summary Table 138 Figure 61 Classifier Ex...

Page 25: ...re 102 Access Control SNMP 198 Figure 103 Access Control Logins 199 Figure 104 SSH Communication Example 200 Figure 105 How SSH Works 201 Figure 106 HTTPS Implementation 202 Figure 107 Security Alert...

Page 26: ...igure 128 no port access authenticator Command Example 281 Figure 129 Pop up Blocker 310 Figure 130 Internet Options 311 Figure 131 Internet Options 312 Figure 132 Pop up Blocker Settings 313 Figure 1...

Page 27: ...l Based VLAN Setup 90 Table 19 Port Based VLAN Setup 95 Table 20 Static MAC Forwarding 98 Table 21 FIltering 99 Table 22 STP Path Costs 101 Table 23 STP Port States 102 Table 24 Spanning Tree Protocol...

Page 28: ...p Configuration 166 Table 57 Static Routing 169 Table 58 RIP 172 Table 59 IGMP 173 Table 60 IP Multicast 176 Table 61 DiffServ 178 Table 62 Default DSCP IEEE802 1p Mapping 179 Table 63 DiffServ DSCP S...

Page 29: ...Command Summary mvr Commands 265 Table 97 Troubleshooting the Start Up of Your Switch 309 Table 98 Troubleshooting Accessing the Switch 309 Table 99 Troubleshooting the Password 317 Table 100 Firmware...

Page 30: ...ES 2724 User s Guide 28 List of Tables...

Page 31: ...xel com for additional support documentation Syntax Conventions Enter means for you to type one or more characters Select or Choose means for you to use one of the predefined choices Command and arrow...

Page 32: ...comments questions or suggestions for improvement to techwriters zyxel com tw or send regular mail to The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial...

Page 33: ...managing and configuring the switch is easy In addition the switch can also be managed via Telnet any terminal emulator program on the console port or third party SNMP management See Appendix A on pa...

Page 34: ...network managers to centralize multiple servers at a single location Figure 2 Bridging Application 1 1 3 High Performance Switching Example The switch is ideal for connecting two networks that need h...

Page 35: ...same group s unless such traffic first goes through a router For more information on VLANs refer to Chapter 8 on page 81 1 1 4 1 Tag based VLAN Example Ports in the same VLAN group share the same fra...

Page 36: ...ES 2724 User s Guide 34 Chapter 1 Getting to Know Your Switch...

Page 37: ...h clearance around the switch to allow air circulation and the attachment of cables and the power cord 4 Remove the adhesive backing from the rubber feet 5 Attach the rubber feet to each corner on the...

Page 38: ...eavy Take all necessary precautions to anchor the rack securely before installing the unit 2 2 2 Attaching the Mounting Brackets to the Switch 1 Position a mounting bracket on one side of the switch l...

Page 39: ...Connection 37 Figure 7 Mounting the Switch on a Rack 2 Using a 2 Philips screwdriver install the M5 flat head screws through the mounting bracket holes into the rack 3 Repeat steps 1 and 2 to attach t...

Page 40: ...ES 2724 User s Guide 38 Chapter 2 Hardware Installation and Connection...

Page 41: ...ctions CONNECTOR DESCRIPTION 24 10 100 Mbps RJ 45 Ethernet Ports Connect these ports to a computer a hub an Ethernet switch or router Two 100 1000 Mbps RJ 45 Gigabit Ports Connect these Gigabit Ethern...

Page 42: ...eans that if a mini GBIC port and the corresponding Gigabit port are connected at the same time the Gigabit port will be disabled The speed of the Gigabit Ethernet mini GBIC ports can be 100Mbps or 10...

Page 43: ...nected at the same time the Gigabit port will be disabled You can change transceivers while the switch is operating You can use different transceivers to connect to Ethernet switches with different ty...

Page 44: ...latch latch styles vary Figure 11 Opening the Transceiver s Latch Example 2 Pull the transceiver out of the slot Figure 12 Transceiver Removal Example 3 2 Rear Panel The following figures show the re...

Page 45: ...pply input of 48V DC to 60V DC 1 5A Max no tolerance To connect the power to the unit insert one end of the supplied power cord to the power receptacle on the rear panel and the other end to a power o...

Page 46: ...Mbps Ethernet network is up Amber Blinking The system is transmitting receiving to from a 100 Mbps Ethernet network On The link to a 100 Mbps Ethernet network is up Off The link to an Ethernet networ...

Page 47: ...The port is connected at 10 Mbps Off The port is not connected at 10 Mbps or to an Ethernet device 100 Amber Blinking The system is transmitting receiving to from an Ethernet device On The port is con...

Page 48: ...ES 2724 User s Guide 46 Chapter 3 Hardware Overview...

Page 49: ...e web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permission...

Page 50: ...re quick links which allow you to perform certain tasks no matter which screen you are currently working in B Click this link to save your configuration into the switch s nonvolatile memory Nonvolatil...

Page 51: ...de Chapter 4 The Web Configurator 49 In the navigation panel click a main link to reveal a list of submenu links Table 3 Navigation Panel Sub links Overview BASIC SETTING ADVANCED APPLICATION IP APPLI...

Page 52: ...olicy Rule Queuing Method VLAN Stacking Multicast Multicast Setting Multicast Status IGMP Filtering Profile MVR Group Configuration Static Routing RIP IGMP IP Multicast DiffServ DSCP Setting DHCP Serv...

Page 53: ...raffic from the first port without interference Link Aggregation This link takes you to a screen where you can logically aggregate physical links to form one logical higher bandwidth link Port Authent...

Page 54: ...re you can change the system login password and configure SNMP and remote management Diagnostic This link takes you to screens where you can view system logs and test port s Syslog This link takes you...

Page 55: ...witch s storage that remains even if the switch s power is turned off Note Use the Save link when you are done with a configuration session 4 5 Switch Lockout You could block yourself and all others f...

Page 56: ...us configurations and the speed of the console port will be reset to the default of 9600bps with 8 data bit no parity one stop bit and flow control set to none The password will also be reset to 1234...

Page 57: ...finish a management session for security reasons Figure 19 Web Configurator Logout Screen 4 8 Help The web configurator s online help has descriptions of individual screens and some supplementary info...

Page 58: ...ES 2724 User s Guide 56 Chapter 4 The Web Configurator...

Page 59: ...is not bound to a physical port The default IP address of the switch is 192 168 1 1 with a subnet mask of 255 255 255 0 In the example network since the RD network is already in the same IP interface...

Page 60: ...save the settings to the run time memory Settings in the run time memory are lost when the switch s power is turned off 5 1 2 Configuring DHCP Server Settings You can set the switch to assign network...

Page 61: ...ple you want to configure port 1 as a member of VLAN 2 Figure 21 Initial Setup Network Example VLAN 1 Click Advanced Application and VLAN in the navigation panel and click the Static VLAN link 2 In th...

Page 62: ...eceived on that port so that the frames are forwarded to the VLAN group that the tag defines In the example network configure 2 as the port VID on port 1 so that any untagged frames received on that p...

Page 63: ...set the switch to broadcast and receive routing information 3 In the Version field select RIP 1 for the RIP packet format that is universally supported 4 Click Apply to save your changes back to the...

Page 64: ...ES 2724 User s Guide 62 Chapter 5 Initial Setup Example...

Page 65: ...tatus in all web configurator screens to display the Status screen as shown next Figure 23 Status The following table describes the labels in this screen Table 6 Status LABEL DESCRIPTION Port This ide...

Page 66: ...ther LACP Link Aggregation Control Protocol has been enabled on the port TxPkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on...

Page 67: ...bps and the duplex F for full duplex or H for half duplex It also shows the cable type Copper or Fiber Status If STP Spanning Tree Protocol is enabled this field displays the STP state of the port see...

Page 68: ...those with CRC error but it does not include the 802 3x Pause packets TX Collision The following fields display information on collisions while transmitting Single This is a count of successfully tra...

Page 69: ...ed that were between 256 and 511 octets in length 512 1023 This field shows the number of packets including bad packets received that were between 512 and 1023 octets in length 1024 1518 This field sh...

Page 70: ...ES 2724 User s Guide 68 Chapter 6 System Status and Port Statistics...

Page 71: ...creen also allows you to set the system time manually or get the current time and date from an external server when you turn on your switch The real time is then displayed in the switch logs The Switc...

Page 72: ...The switch has temperature sensors that are capable of detecting and reporting if the temperature rises above the threshold You may choose the temperature unit Centigrade or Fahrenheit in this field...

Page 73: ...n s minimum speed measured in Revolutions Per Minute RPM 41 is displayed for speeds too small to measure under 2000 RPM Threshold This field displays the minimum speed at which a normal fan should wor...

Page 74: ...the switch should use first to authenticate an administrator user for switch management Configure the local user accounts in the Access Control Logins screen The RADIUS is an external server Before y...

Page 75: ...adjustment When you use this format it is recommended that you use a Daytime timeserver within your geographical time zone Time RFC 868 format displays a 4 byte integer giving the total number of seco...

Page 76: ...VLAN type in this screen See Chapter 8 on page 81 for more information Bridge Control Protocol Transparency Select Active to allow the switch to handle bridging control protocols STP for example You a...

Page 77: ...to the 8 priority levels On the switch traffic assigned to higher index queues gets through faster while traffic in lower index queues is dropped if the network is congested Priority Level The followi...

Page 78: ...t bound to any physical ports Since each IP address on the switch must be in a separate subnet the configured IP address is also known as IP interface or routing domain In addition this allows routing...

Page 79: ...Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation for example 192 168 0 254 Apply Click Apply to save your changes to the switch s run time memory The sw...

Page 80: ...switch Cancel Click Cancel to clear the Delete check boxes Table 11 IP Setup continued LABEL DESCRIPTION Table 12 Port Setup LABEL DESCRIPTION Port This is the port index number Settings in this row...

Page 81: ...and frame losses Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port The switch uses IEEE802 3x flow control in full duplex mode and backpressure flo...

Page 82: ...ES 2724 User s Guide 80 Chapter 7 Basic Setting...

Page 83: ...d port The remaining twelve bits define the VLAN ID giving a possible maximum number of 4 096 VLANs Note that user priority and VLAN ID are independent of each other A frame with VID VLAN Identifier o...

Page 84: ...LAN Registration Protocol is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network Enable this function to permit VLANs groups beyond t...

Page 85: ...N Trunking enabled on a port s in each intermediary switch you only need to create VLAN groups in the end devices A and B C D and E automatically allow frames with VLAN group tags 1 and 2 VLAN groups...

Page 86: ...ee Section 8 1 on page 81 for more information on Static VLAN Click Advanced Application VLAN from the navigation panel to display the VLAN Status screen as shown next Figure 32 VLAN VLAN Status The f...

Page 87: ...nent entry or other added in another way such as via Multicast VLAN Registration MVR Change Pages Click Previous or Next to show the previous next screen if all status information cannot be seen in on...

Page 88: ...ntifies the port you are configuring Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings an...

Page 89: ...so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields Clear Click Clear to start config...

Page 90: ...s Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row ar...

Page 91: ...for Apple Talk traffic received on port 6 and 7 All upstream ARP traffic from port 1 2 and 3 will be grouped together and all upstream Apple Talk traffic from port 6 and 7 will be in another group and...

Page 92: ...r range of 0x0000 to 0x05ff are not allowed to be used for protocol based VLANs VID Enter the ID of a VLAN to which the port belongs This must be an existing VLAN which you defined in the Advanced App...

Page 93: ...ated a static VLAN with an ID of 5 Type 5 6 Leave the priority set to 0 and click Add Figure 38 Protocol Based VLAN Configuration Example To add more ports to this protocol based VLAN 1 Click the inde...

Page 94: ...ort is an outgoing port that is a port through which a data packet leaves for both ports Port based VLANs are specific only to the switch on which they were created Note When you activate port based V...

Page 95: ...ES 2724 User s Guide Chapter 8 VLAN 93 Figure 39 Port Based VLAN Setup All Connected...

Page 96: ...ES 2724 User s Guide 94 Chapter 8 VLAN Figure 40 Port Based VLAN Setup Port Isolation...

Page 97: ...port through which a data packet enters If you wish to allow two subscriber ports to talk to each other you must define the ingress port for both ports The numbers in the top row denote the incoming...

Page 98: ...ES 2724 User s Guide 96 Chapter 8 VLAN...

Page 99: ...ss that has been manually entered in the MAC address table Static MAC addresses do not age out When you set up static MAC address rules you are setting static MAC addresses for a port This may reduce...

Page 100: ...s turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields Clear...

Page 101: ...k Advanced Application and Filtering in the navigation panel to display the screen as shown next Figure 42 Filtering The following table describes the related labels in this screen Table 21 FIltering...

Page 102: ...e Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields to your previous configuration Clear Click...

Page 103: ...ning tree than STP while also being backwards compatible with STP only aware bridges In RSTP topology change information is directly propagated throughout the network from the device that generates th...

Page 104: ...LAN topology changes a new spanning tree is constructed Once a stable network topology has been established all bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root brid...

Page 105: ...le 11 2 Spanning Tree Protocol Main Screen The switch allows you to configure a single RSTP configuration or you can configure multiple configurations See Section 11 1 on page 101 for more information...

Page 106: ...re RSTP settings see Section 11 1 on page 101 for more information on RSTP Click RSTP in the Advanced Application Spanning Tree Protocol screen Table 24 Spanning Tree Protocol Status LABEL DESCRIPTION...

Page 107: ...ES 2724 User s Guide Chapter 11 Spanning Tree Protocol 105 Figure 45 RSTP Configuration...

Page 108: ...r the attached LAN If it is a root port a new root port is selected from among the switch ports attached to the network The allowed range is 6 to 40 seconds Forwarding Delay This is the maximum time i...

Page 109: ...onfiguring Cancel Click Cancel to reset the fields Table 25 RSTP Configuration continued LABEL DESCRIPTION Table 26 Rapid Spanning Tree Protocol Status LABEL DESCRIPTION Configuration Click Configurat...

Page 110: ...ill wait before changing states that is listening to learning to forwarding Cost to Bridge This is the path cost from the root port on this switch to the root switch Port ID This is the priority and n...

Page 111: ...the attached LAN If it is a root port a new root port is selected from among the switch ports attached to the network The allowed range is 6 to 40 seconds Forwarding Delay This is the maximum time in...

Page 112: ...non volatile memory when you are done configuring Cancel Click Cancel to reset the fields Table 27 MRSTP Configuration continued LABEL DESCRIPTION Table 28 Spanning Tree Protocol Status LABEL DESCRIPT...

Page 113: ...istening to learning to forwarding Cost to Bridge This is the path cost from the root port on this switch to the root switch Port ID This is the priority and number of the port on the switch through w...

Page 114: ...ES 2724 User s Guide 112 Chapter 11 Spanning Tree Protocol...

Page 115: ...t The Peak Information Rate PIR is the maximum bandwidth allowed for the incoming traffic flow on a port when there is no network congestion The CIR and PIR should be set for all ports that use the sa...

Page 116: ...anteed bandwidth allowed in kilobits per second Kbps for the incoming traffic flow on a port The commit rate should be less than the peak rate The sum of commit rates cannot be greater than or equal t...

Page 117: ...icast and destination lookup failure DLF packets the switch receives per second on the ports When the maximum number of allowable broadcast multicast and or DLF packets is reached per second the subse...

Page 118: ...rt basis Note Changes in this row are copied to all the ports as soon as you make them Broadcast pkt s Select this option and specify the maximum number of broadcast packets the port can receive per s...

Page 119: ...ows you to copy a traffic flow to a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference Click Advanced Application Mirror...

Page 120: ...Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are...

Page 121: ...to the IEEE 802 3ad standard for static and dynamic LACP port trunking The switch supports the link aggregation IEEE802 3ad standard This standard describes the Link Aggregate Control Protocol LACP w...

Page 122: ...Control Protocol Status screen displays by default See Section 15 1 on page 119 for more information Table 32 Link Aggregation ID Local Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER...

Page 123: ...regation Control Protocol Status LABEL DESCRIPTION Index This field displays the trunk ID to identify a trunk group that is one logical link containing multiple ports Aggregator ID Link Aggregator ID...

Page 124: ...ority is a number between 1 and 65 535 The switch with the lowest system priority and lowest port number if system priority is the same becomes the LACP server The LACP server controls the operation o...

Page 125: ...n order to check that the peer port in the trunk group is still up If a port does not respond after three tries then it is deemed to be down and is removed from the trunk Set a short timeout one secon...

Page 126: ...ES 2724 User s Guide 124 Chapter 15 Link Aggregation...

Page 127: ...ns of an external server instead of or in addition to an internal device user database that is limited to the memory capacity of the device In essence RADIUS authentication allows you to validate an u...

Page 128: ...ATTRIBUTE Ingress Bandwidth Assignment Vendor Id 890 ZyXEL Vendor Type 1 Vendor data ingress rate decimal Egress Bandwidth Assignment Vendor Id 890 ZyXEL Vendor Type 2 Vendor data egress rate decimal...

Page 129: ...Server IP Address Enter the IP address of the external RADIUS server in dotted decimal notation UDP Port The default port of the RADIUS server for authentication is 1812 You need not change this valu...

Page 130: ...ication on the switch before configuring it on each port Port This field displays a port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for...

Page 131: ...the port Apply Click Apply to save your changes to the switch s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to sa...

Page 132: ...ES 2724 User s Guide 130 Chapter 16 Port Authentication...

Page 133: ...s in total with no limit on individual ports other than the sum cannot exceed 16K For maximum port security enable this feature disable MAC address learning and configure static MAC address es for a p...

Page 134: ...C address es is in the MAC address table on this port Packets with no matching MAC address es are dropped Clear this check box to disable the port security feature The switch forwards all packets on t...

Page 135: ...s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done...

Page 136: ...ES 2724 User s Guide 134 Chapter 17 Port Security...

Page 137: ...ce port number destination port number or incoming port number For example you can configure a classifier to select traffic from the same protocol port such as Telnet to form a flow Configure QoS on t...

Page 138: ...t of the packet Choices are All 802 3 tagged 802 3 untagged Ethernet II tagged and Ethernet II untagged A value of 802 3 indicates that the packets are formatted according to the IEEE 802 3 standards...

Page 139: ...er to Table 44 on page 139 for more information You may select Establish Only for TCP protocol type This means that the switch will pick out the packets that are sent to establish TCP connections Sour...

Page 140: ...vious configuration Clear Click Clear to set the above fields back to the factory defaults Table 41 Classifier continued LABEL DESCRIPTION Table 42 Classifier Summary Table LABEL DESCRIPTION Index Thi...

Page 141: ...d 4f 81 on port 2 After you have configured a classifier you can configure a policy in the Policy screen to define action s on the classified traffic flow X 25 Level 3 0805 XNS Compat 0807 Banyan Syst...

Page 142: ...ES 2724 User s Guide 140 Chapter 18 Classifier Figure 61 Classifier Example...

Page 143: ...ntiated Services is a class of service CoS model that marks packets so that they receive specific per hop treatment at DiffServ compliant network devices along the route based on the application types...

Page 144: ...TION Active Select this option to enable the policy Name Enter a descriptive name for identification purposes Classifier s This field displays the active classifier s you configure in the Classifier s...

Page 145: ...tion Specify the action s the switch takes on the associated classified traffic flow Forwarding Select No change to forward the packets Select Discard the packet to drop the packets Select Do not drop...

Page 146: ...ic Select Drop the packet to discard the out of profile traffic Select Change the DSCP value to replace the DSCP field with the value specified in the Out of profile DSCP field Select Set Out Drop Pre...

Page 147: ...a policy to limit bandwidth and discard out of profile traffic on a traffic flow classified using the Example classifier refer to Section 18 4 on page 139 Delete Click Delete to remove the selected en...

Page 148: ...ES 2724 User s Guide 146 Chapter 19 Policy Rule Figure 64 Policy Example...

Page 149: ...y queue Q6 is transmitted until Q6 empties and then traffic is transmitted on Q5 and so on If higher priority queues never empty then traffic on lower priority queues never gets sent SP does not autom...

Page 150: ...ed This works in a looping fashion until a queue is empty Weighted Round Robin Scheduling WRR uses the same algorithm as round robin scheduling but services queues based on their priority and queue we...

Page 151: ...ES 2724 User s Guide Chapter 20 Queuing Method 149 Figure 65 Queuing Method...

Page 152: ...ports For example if you select Q5 the switch services traffic on Q5 Q6 and Q7 using Strictly Priority Select None to always use WFQ or WRR for the 10 100 Mbps Ethernet ports Port This label shows the...

Page 153: ...ervice based on specific VLANs for many different customers A service provider s customers may require a range of VLANs to handle multiple applications A service provider s customers can assign their...

Page 154: ...ntagged so a second VLAN tag outer VLAN tag can be added Note Static VLAN Tx Tagging MUST be disabled on a port where you choose Normal or Access Port Select Tunnel Port available for Gigabit ports on...

Page 155: ...add the tag Priority refers to the IEEE 802 1p standard that allows the service provider to prioritize traffic based on the class of service CoS the customer has paid for On the switch configure prio...

Page 156: ...tes whether the frame carries IEEE 802 1Q tag information Choose 0x8100 or 0x9100 from the drop down list box or select Others and then enter a four digit hexadecimal number from 0x0000 to 0xFFFF 0x d...

Page 157: ...1526 Bytes 1522 Bytes 4 Bytes for the second tag to pass through it SPVID SPVID is the service provider s VLAN ID the outer VLAN tag Enter the service provider ID from 1 to 4094 for frames received o...

Page 158: ...ES 2724 User s Guide 156 Chapter 21 VLAN Stacking...

Page 159: ...the Class D range 224 0 0 0 to 239 255 255 255 are used for IP multicasting Certain IP multicast numbers are reserved by IANA for special purposes see the IANA web site for more information 22 1 2 IG...

Page 160: ...his screen shows the multicast group information See Section 22 1 on page 157 for more information on multicasting Figure 68 Multicast Status The following table describes the labels in this screen 22...

Page 161: ...the port Leave Timeout Enter an IGMP leave timeout value from 1 to 16 711 450 in seconds This defines how many seconds the switch waits for an IGMP report before removing an IGMP snooping membership...

Page 162: ...is allowed to join Max Group Num Enter the number of multicast groups this port is allowed to join Once a port is registered in the specified number of multicast groups any new IGMP join report frame...

Page 163: ...scriptive name for the profile for identification purposes To configure additional rule s for a profile that you have already added enter the profile name and specify a different IP multicast address...

Page 164: ...ure shows a network example The subscriber VLAN 1 2 and 3 information is hidden from the streaming media server S In addition the multicast VLAN information is only visible to the switch and S Figure...

Page 165: ...ses on the switch an entry is created in the forwarding table on the switch This maps the subscriber VLAN to the list of forwarding destinations for the specified multicast traffic When the subscriber...

Page 166: ...printable ASCII characters for identification purposes Multicast VLAN ID Enter the VLAN ID 1 to 4094 of the multicast VLAN 802 1p Priority Select a priority level 0 7 with which the switch replaces t...

Page 167: ...port that only receives multicast traffic None Select this option to set the port not to participate in MVR No MVR multicast traffic is sent or received on this port Tagging Select this checkbox if y...

Page 168: ...ddress field if you want to configure only one IP address for a multicast group Refer to Section 22 1 1 on page 157 for more information on IP multicast addresses Add Click Add to save your changes to...

Page 169: ...rver S Computers A B and C in VLAN are able to receive the traffic Figure 75 MVR Configuration Example To configure the MVR settings on the switch create a multicast group in the MVR screen and set th...

Page 170: ...ES 2724 User s Guide 168 Chapter 22 Multicast Figure 77 MVR Group Configuration Example Figure 78 MVR Group Configuration Example...

Page 171: ...ows you to activate deactivate this static route Name Enter a descriptive name up to 10 printable ASCII characters for identification purposes Destination IP Address This parameter specifies the IP ne...

Page 172: ...ear Click Clear to set the above fields back to the factory defaults Index This field displays the index number of the route Click a number to edit the static route entry Active This field displays Ye...

Page 173: ...ived None the switch will not send any RIP packets and will ignore any RIP packets received The Version field controls the format and the broadcasting method of the RIP packets that the switch sends i...

Page 174: ...more information on configuring IP domains Direction Select the RIP direction from the drop down list box Choices are Outgoing Incoming Both and None Version Select the RIP version from the drop down...

Page 175: ...onnected networks to gather group membership After that the switch periodically updates this information 25 2 Configuring IGMP Click IP Application IGMP in the navigation panel to display the screen a...

Page 176: ...the drop down list box Choices are IGMP v1 IGMP v2 and None Apply Click Apply to save your changes to the switch s run time memory The switch loses these changes if it is turned off or loses power so...

Page 177: ...the network IP Multicast is a third way to deliver IP packets to a group of hosts on the network not everybody You can configure the switch to untag remove the VLAN tags from IP multicast packets that...

Page 178: ...you make them IP Multicast Egress Untag Vlan ID The switch removes the VLAN tag from IP multicast packets belonging to the specified VLAN before transmission on this port Enter a VLAN group ID in thi...

Page 179: ...dition applications do not have to request a particular service or give advanced notice of where the traffic is going 27 1 1 DSCP and Per Hop Behavior DiffServ defines a new DS Differentiated Services...

Page 180: ...sociated policies 27 2 Activating DiffServ Activate DiffServ to allow the switch to enable DiffServ and apply marking rules and IEEE802 1p priority mapping on the selected port s Click IP Application...

Page 181: ...want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports a...

Page 182: ...n number To set the IEEE802 1p priority mapping select the priority level from the drop down list box Apply Click Apply to save your changes to the switch s run time memory The switch loses these chan...

Page 183: ...the computer must be manually configured 28 1 1 DHCP modes The switch can be configured as a DHCP server or DHCP relay agent If you configure the switch as a DHCP server it will maintain the pool of a...

Page 184: ...64 DHCP DHCP Server Status LABEL DESCRIPTION Index This is the index number VID This field displays the ID number of the VLAN group to which this DHCP settings apply Server Status This field displays...

Page 185: ...S servers are passed to the DHCP clients along with the IP address and the subnet mask Add Click Add to save your changes to the switch s run time memory The switch loses these changes if it is turned...

Page 186: ...tworks The following shows an example Figure 90 DHCP Server Configuration Example 28 4 DHCP Relay Configure DHCP relay on the switch if the DHCP clients and the DHCP server are not in the same subnet...

Page 187: ...rt ID 1 byte VLAN ID 2 bytes System name up to 32 bytes this is optional 28 4 2 Configuring DHCP Relay Configure DHCP relay in the DHCP Relay screen Click IP Application DHCP in the navigation panel a...

Page 188: ...o set the switch to send additional information such as the VLAN ID together with the DHCP requests to the DHCP server This allows the DHCP server to assign the appropriate IP address according to the...

Page 189: ...ES 2724 User s Guide Chapter 28 DHCP 187 Figure 93 DHCP Relay Configuration Example...

Page 190: ...ES 2724 User s Guide 188 Chapter 28 DHCP...

Page 191: ...Figure 94 Maintenance The following table describes the labels in this screen Table 67 Maintenance LABEL DESCRIPTION Current This field displays which configuration Configuration 1 or Configuration 2...

Page 192: ...t configuration settings permanently to Configuration 1 on the switch Click Config 2 to save the current configuration settings to Configuration 2 on the switch Alternatively click Save on the top rig...

Page 193: ...e switch s configuration Click Config 2 and follow steps 1 to 2 to reboot and load configuration two on the switch 29 5 Firmware Upgrade Make sure you have downloaded and unzipped the correct model fi...

Page 194: ...fied the file click Restore config is the name of the configuration file on the switch so your backup configuration file is automatically renamed when you restore using this screen 29 7 Backup a Confi...

Page 195: ...29 8 1 1 Example FTP Commands ftp put firmware bin ras This is a sample FTP session showing the transfer of the computer file firmware bin to the switch ftp get config config cfg This is a sample FTP...

Page 196: ...pt 29 8 3 GUI based FTP Clients The following table describes some of the commands that you may see in GUI based FTP clients 29 8 4 FTP Restrictions FTP will not work when FTP service is disabled in t...

Page 197: ...NMP access control sessions are allowed A console port access control session and Telnet access control session cannot coexist when multi login is disabled See Section 39 11 2 on page 241 for more inf...

Page 198: ...rough which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects t...

Page 199: ...o set values for object variables within an agent Trap Used by the agent to inform the manager of some events Table 70 SNMP Commands COMMAND DESCRIPTION Table 71 SNMP Traps OBJECT LABEL OBJECT ID DESC...

Page 200: ...hat you change the default administrator password 1234 Table 72 Access Control SNMP LABEL DESCRIPTION Get Community Enter the get community which is the password for the incoming Get and GetNext reque...

Page 201: ...cannot change the default administrator user name Only the administrator has read write access Old Password Type the existing system password 1234 is the default password when shipped New Password En...

Page 202: ...igure 104 SSH Communication Example 30 5 How SSH works The following table summarizes how a secure connection is established between two remote hosts Apply Click Apply to save your changes to the swit...

Page 203: ...yption Method Once the identification is verified both the client and server must agree on the type of encryption method to use 3 Authentication and Data Transmission After the identification is verif...

Page 204: ...sed so that you may securely access the switch using the web configurator The SSL protocol specifies that the SSL server the switch must always authenticate itself to the SSL client the computer which...

Page 205: ...the switch You see the following Security Alert screen in Internet Explorer Select Yes to proceed to the web configurator login screen if you select No then web configurator access is blocked Figure 1...

Page 206: ...ate 1 Netscape Figure 109 Security Certificate 2 Netscape 30 8 3 The Main Screen After you accept the certificate and enter the login username and password the switch main screen appears The lock disp...

Page 207: ...ort Access Control Service Access Control allows you to decide what services you may use to access the switch You may also change the default service port and configure trusted computer s for each ser...

Page 208: ...llow to access the switch Service Port For Telnet SSH FTP HTTP or HTTPS services you may change the default service port by typing the new port number in the Server Port field If you change the defaul...

Page 209: ...Address End Address Configure the IP address range of trusted computers from which you can manage this switch The switch checks if the client IP address of a computer requesting a service or protocol...

Page 210: ...ES 2724 User s Guide 208 Chapter 30 Access Control...

Page 211: ...c The following table describes the labels in this screen Table 76 Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi line text box Click Clear to empty the...

Page 212: ...ES 2724 User s Guide 210 Chapter 31 Diagnostic...

Page 213: ...er to the documentation of your syslog program for details The following table describes the syslog severity levels 32 2 Syslog Setup Click Management and then Syslog in the navigation panel to displa...

Page 214: ...he syslog setting Logging Type This column displays the names of the categories of logs that the device can generate Active Select this option to set the device to generate logs for the corresponding...

Page 215: ...s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done...

Page 216: ...ES 2724 User s Guide 214 Chapter 32 Syslog...

Page 217: ...oup so as to be able to communicate with one another In the following example switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster mem...

Page 218: ...er 33 Cluster Management Figure 116 Clustering Application Example 33 2 Cluster Management Status Click Management Cluster Management in the navigation panel to display the following screen Note A clu...

Page 219: ...a manager nor a member of a cluster Manager This field displays the cluster manager switch s hardware MAC address The Number of Member This field displays the number of switches that make up this clu...

Page 220: ...Figure 118 Cluster Management Cluster Member Web Configurator Screen 33 2 1 1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cl...

Page 221: ...23 46 rw rw rw 1 owner group 0 Jul 01 12 00 config 00 a0 c5 01 23 46 226 File sent OK ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 370lt0 bin fw 00 a0 c5 01...

Page 222: ...itch that was previously a cluster member is later set to become a cluster manager then its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the membe...

Page 223: ...cannot be managed from the Cluster Manager Its Status is displayed as Error in the Cluster Management Status screen and a warning icon appears in the member summary list below If multiple devices hav...

Page 224: ...ES 2724 User s Guide 222 Chapter 33 Cluster Management...

Page 225: ...o determine how to forward frames See the following figure 1 The switch examines a received frame and learns the port on which this source MAC address came 2 The switch checks to see if the frame s de...

Page 226: ...elow MAC Click this button to display and arrange the data according to MAC address VID Click this button to display and arrange the data according to VLAN group Port Click this button to display and...

Page 227: ...lowing figure 1 The switch examines a received packet and learns the port on which this source IP address came 2 The switch checks to see if the packet s destination IP address matches a source IP add...

Page 228: ...tton to display and arrange the data according to IP address VID Click this button to display and arrange the data according to VLAN group Port Click this button to display and arrange the data accord...

Page 229: ...s it to the device If no entry is found for the IP address ARP broadcasts the request to all the devices on the LAN The switch fills in its own MAC and IP address in the sender address fields and puts...

Page 230: ...is the ARP Table entry number IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below MAC Address This is the MAC address of the device w...

Page 231: ...anagement Routing Table in the navigation panel to display the screen as shown Figure 126 Routing Table Status The following table describes the labels in this screen Table 87 Routing Table Status LAB...

Page 232: ...ES 2724 User s Guide 230 Chapter 37 Routing Table...

Page 233: ...ble 88 Configure Clone LABEL DESCRIPTION Source Destination Port Enter the source port under the Source label This port s attributes are copied Enter the destination port or ports under the Destinatio...

Page 234: ...estination ports Apply Click Apply to save your changes to the switch s run time memory The switch loses these changes if it is turned off or loses power so use the Save link on the top navigation pan...

Page 235: ...2 Accessing the CLI You can use a direct console connection or Telnet to access the command interpreter on the switch Note The switch automatically logs you out of the management interface after five...

Page 236: ...stablished a connection to the switch using a direct console connection or Telnet a login screen displays as shown below For your first login enter the default administrator login username admin and p...

Page 237: ...Changing the Password This command is used to change the password for Enable mode By default the same password is used to enter the command line interface CLI and Enable and Config modes of the CLI Th...

Page 238: ...describes command interpreter modes and how to access them username username Specifies a new user up to 32 alphanumeric characters Enter a user name to change the settings of an existing account pass...

Page 239: ...vlan This is a sub mode of the config mode and allows you to configure VLAN settings Type vlan followed by a number between 1 to 4094 For example vlan 10 to configure settings for VLAN 10 sysname con...

Page 240: ...nformation ping ip host name cr ping ip host name vlan vlan id ping help traceroute ip host name cr traceroute ip host name vlan vlan id traceroute help ssh 1 2 user dest ip cr ssh 1 2 user dest ip co...

Page 241: ...e memory command to save the changes permanently Note The write memory command is not available in User mode You must save your changes after each CLI session All unsaved configuration changes are los...

Page 242: ...ommand Commands listed in the tables are in the same order as they are displayed in the CLI See the related section in the User s Guide for more background information 39 11 1 User Mode The following...

Page 243: ...ION PRIVILEGE Table 91 Command Summary Enable Mode COMMAND DESCRIPTION PRIVILEGE baudrate 1 2 3 4 5 Changes the console port speed Choices are 1 9600 2 19200 3 38400 4 57600 and 5 115200 13 boot confi...

Page 244: ...ied TCP session 13 logout Exits Enable or privileged mode 13 mac flush Clears the MAC address table 13 port num Removes all learned MAC address on the specified port s 13 no logging Disables syslog lo...

Page 245: ...TTPS key 13 session Displays current HTTPS session s 13 timeout Displays the HTTPS session timeout 13 igmp filtering profile name Displays IGMP filtering profile settings 13 igmp snooping Displays glo...

Page 246: ...mac vid port Displays MAC address table You can sort by MAC address VID or port 13 address table static Displays static MAC address table 13 mac aging time Displays MAC learning aging time 13 mac cou...

Page 247: ...MP settings 13 spanning tree config Displays Spanning Tree Protocol STP settings 13 ssh Displays general SSH settings 13 known hosts Displays known SSH hosts information 13 key rsa1 rsa dsa Displays i...

Page 248: ...kes to a device 13 help Displays help information for this command 13 write memory Saves current configuration to the configuration file the switch is currently using 13 index Saves current configurat...

Page 249: ...p addr mask bits mask bits destination socket socket num inactive Configures a classifier A classifier groups traffic into data flows according to specific criteria such as the source address destinat...

Page 250: ...1q mappings 13 exit Exits from the CLI 13 fe spq q0 q1 q7 Sets the switch to use SPQ to service the subsequent queue s after and including the specified queue for the 10 100 Mbps Ethernet ports 13 ga...

Page 251: ...or more details 13 ip address ip mask Sets the IP address and subnet mask of the out of band management port 13 default gateway ip Sets the default gateway s IP address for the out of band management...

Page 252: ...fied port 13 mode zynos Changes the CLI mode to the ZyNOS format 13 mrstp treeIndex Activates the specified STP configuration 13 interface port list Activates STP on the specified ports 13 path cost 1...

Page 253: ...y dns Disables DHCP primary DNS server settings 13 secondary dns Disables DHCP server secondary DNS settings 13 diffserv Disables the DiffServ settings 13 fe spq Disables Strict Priority Queuing on th...

Page 254: ...ied MAC address belonging to a VLAN group if any forwarded through an interface s 13 mirror port Disables port mirroring on the switch 13 mrstp treeIndex Disables the specified STP configuration tree...

Page 255: ...FTP access to the switch 13 http Disables web browser control to the switch 13 https Disables secure web browser access to the switch 13 icmp Disables ICMP access to the switch such as pinging and tr...

Page 256: ...es syslog logging for the specified log type sys link config error or report 13 timesync Disables timeserver settings 13 trunk T1 T2 T3 T4 T 5 T6 Disables the specified trunk group 13 T1 T2 T3 T4 T 5...

Page 257: ...utgoing set vlan metering out of profile action change dscp drop forward set drop precedence inactive Configures a policy A classifier distinguishes traffic into flows based on the configured criteria...

Page 258: ...number and key of the external RADIUS server 13 timeout 1 1000 Specifies the RADIUS server timeout value 13 mode priority roun d robin Specifies the mode for RADIUS server selection 13 remote manageme...

Page 259: ...stations to send your SNMP traps to 13 spanning tree Enables STP on the switch 13 port list Enables STP on a specified port 13 port list path cost 1 65535 Sets the STP path cost for a specified port 1...

Page 260: ...dress of your time server 13 trunk T1 T2 T3 T4 T5 T 6 Activates a trunk group 13 T1 T2 T3 T4 T5 T 6 lacp Enables LACP for a trunk group 13 T1 T2 T3 T4 T5 T 6 interface port list Adds a port s to the s...

Page 261: ...the port s 13 pir Kbps Sets the maximum bandwidth allowed for incoming traffic on the port s 13 egress Enables bandwidth limits allowed for outgoing traffic on the port s 13 egress Kbps Sets the maxi...

Page 262: ...uto fixed edg e Sets the IGMP query mode for the port 13 inactive Disables the specified port s on the switch 13 ingress check Enables the device to discard incoming frames for VLANs that are not incl...

Page 263: ...l Disables flow control on the port s 13 ge spq Disables strict priority queuing on the Gigabit ports 13 gvrp Disable GVRP on the port s 13 igmp filtering profile Disables IGMP filtering 13 igmp group...

Page 264: ...on the interface Selecting auto auto negotiation makes one port able to negotiate with a peer automatically to obtain the connection speed and duplex mode that both ends support 13 spq Sets the port...

Page 265: ...13 igmp query interval Sets the igmp query interval on the switch This variable specifies the amount of time in seconds between general query messages sent by the router 13 igmp query max response ti...

Page 266: ...VLAN 13 name name str Specifies a name for identification purposes 13 no fixed port list Sets fixed port s to normal port s 13 forbidden port list Sets forbidden port s to normal port s 13 inactive E...

Page 267: ...VR group settings 13 group name str Disables the specified MVR group setting 13 inactive Enables MVR 13 receiver port port list Disables the receiver port s An MVR receiver port can only receive multi...

Page 268: ...ES 2724 User s Guide 266 Chapter 39 Introducing Commands...

Page 269: ...used show commands 40 2 1 show system information Syntax show system information This command shows the general system information such as the firmware version and system up time An example is shown...

Page 270: ...etmask 255 255 255 0 VID 0 IP Interface IP 192 168 1 1 Netmask 255 255 255 0 VID 1 sysname sysname show logging 1 Thu Jan 1 00 02 08 1970 PP05 WARN SNMP TRAP 3 link up 2 Thu Jan 1 00 03 14 1970 INFO a...

Page 271: ...a MAC VID or port sysname show interface 2 Port Info Port NO 2 Link 100M F Status FORWARDING LACP Disabled TxPkts 0 RxPkts 63 Errors 0 Tx KBs s 0 0 Rx KBs s 0 0 Up Time 0 02 33 TX Packet Tx Packets 0...

Page 272: ...ttl 1 255 wait 1 60 queries 1 10 sysname show mac address table static Port VLAN ID MAC Address Type CPU 1 00 a0 c5 01 23 46 Static sysname ip host name The IP address or host name of an Ethernet dev...

Page 273: ...control intrusion lock vlan1q vlan1q member bandwidth limit vlan stacking port security broadcast storm control mirroring port access authenticator queuing method igmp filtering spanning tree mrstp p...

Page 274: ...o restart the switch and use a different configuration file if specified The following example restarts the switch to use the second configuration file Use the reload config command to restart the sys...

Page 275: ...onfig to reset the current running configuration 2 Enter write memory to save the changes to the current configuration file If you want to reset the second configuration file use the write memory comm...

Page 276: ...ES 2724 User s Guide 274 Chapter 40 User and Enable Mode Commands...

Page 277: ...ables IGMP snooping on the switch 8021p priority Sets a priority level 0 7 to which the switch changes the priority in outgoing IGMP control packets host timeout 1 16711450 Specifies the time out peri...

Page 278: ...g igmp snooping leave timeout 30 sysname config igmp snooping unknown multicast frame drop igmp filtering Enables IGMP filtering on the switch profile name Specifies a name up to 32 alphanumeric chara...

Page 279: ...interface port list path cost 1 65535 mrstp interface port list priority 0 255 mrstp interface port list treeIndex 1 2 where spanning tree Enables STP on the switch mrstp treeIndex Enables a specific...

Page 280: ...h will wait before changing states This delay is required because every switch must receive information about topology changes before it starts to forward frames In addition each port needs time to li...

Page 281: ...on shows some uses of these commands 41 4 1 Disable Commands Use the no command to disable features on the switch Syntax no spanning tree no mirror port Disables STP on the switch Disables port mirror...

Page 282: ...ntax no trunk T1 T2 T3 T4 T5 T6 no trunk T1 T2 T3 T4 T5 T6 lacp no trunk T1 T2 T3 T4 T5 T6 interface port list where An example is shown next Disable trunk one T1 Disable LAPC on trunk three T3 Remove...

Page 283: ...s host ip 1024 ssh rsa ssh dsa where An example is shown next Disables port authentication on the switch port list reauthenticate Disables the re authentication mechanism on the listed port s port lis...

Page 284: ...hown next Set the queueing method to SPQ 41 6 Static Route Commands You can create and configure static routes on the switch by using the ip route command sysname config no ssh key rsa1 sysname config...

Page 285: ...destination next hop ip Specifies the IP address of the gateway The gateway is an immediate neighbor of your switch that will forward the packet to the destination The gateway must be a router on the...

Page 286: ...is shown next name name Names the filtering rule mac mac addr Specifies the MAC address you want to filter vlan vlan id Specifies which VLAN this rule applies to drop src dst both Selects the behavio...

Page 287: ...DIUS servers is only available via the command interpreter mode Use the radius server command to set up your RADIUS server settings Syntax radius server host index ip radius server host index ip acct...

Page 288: ...cable with multiple RADIUS servers configured priority When a client sends an authentication request through the switch to the RADIUS server The switch will forward the request to the RADIUS server If...

Page 289: ...ch will wait for a response from the RADIUS server Enable port authentication on ports 4 to 8 Activate reauthentication on the ports Specify 1800 seconds as the interval for client reauthentication sy...

Page 290: ...ES 2724 User s Guide 288 Chapter 41 Configuration Mode Commands...

Page 291: ...frequently used interface commands 42 2 1 interface port channel Use this command to enable the specified ports for configuration Indicate multiple non sequential ports separated by a comma Use a das...

Page 292: ...mit command enables bandwidth control on the switch peer tunnel discard network Type peer to process any BPDUs received on these ports Type tunnel to forward BPDUs received on these ports Type discard...

Page 293: ...ss egress both where An example is shown next Enable port mirroring Enable the monitor port 3 pir Kbps Sets the maximum bandwidth allowed for incoming traffic cir Kbps Sets the guaranteed bandwidth al...

Page 294: ...ermit VLAN groups beyond the local switch An example is shown next Enable the IEEE 802 1Q tagged VLAN command to configure tagged VLAN for the switch Enable ports one three four and five for configura...

Page 295: ...An example is shown next Enable WFQ queuing on the switch Enable port 2 and ports 6 to 8 for configuration sysname config interface port channel 1 3 5 sysname config interface ingress check all tagged...

Page 296: ...xample is shown next Enable ports one three four and five for configuration Set the IEEE 802 1p quality of service priority as four 4 sysname configure sysname config wfq sysname config interface port...

Page 297: ...14 test You can perform an interface loopback test on specified ports The test returns Passed or Failed port name string Sets a name for your port interface s sysname config interface port channel 1...

Page 298: ...an disable bandwidth limit on port 1 simply by placing the no command in front of the bandwidth limit command Syntax no bandwidth limit An example is shown next Disable bandwidth limit on port1 sysnam...

Page 299: ...ter the config interface mode to set the VLAN settings on a port then use the pvid vlan id command to set the VLAN ID you created for the port list to that specific port in the PVID table Use the exit...

Page 300: ...name show garp GARP Timer Join Timer 200 Leave Timer 600 Leave All Timer 10000 sysname join msec This sets the duration of the Join Period timer for GVRP in milliseconds Each port has a Join Period ti...

Page 301: ...ave All Timer to 11000 milliseconds 43 2 3 GVRP Timer Syntax show vlan1q gvrp This command shows the switch s GVRP settings An example is shown next 43 2 4 Enable GVRP Syntax vlan1q gvrp This command...

Page 302: ...wing example sets ports 1 to 5 to accept only tagged frames 43 3 3 Enable or Disable Port GVRP Use the gvrp command to enable GVRP on the port s Use the no gvrp command to disable GVRP The following e...

Page 303: ...ning the static VLAN table with vlan id Enter no fixed or no forbidden to change port list to normal status Enter untagged to send outgoing frames without a tag Enter no untagged to tag outgoing frame...

Page 304: ...omes in from the LAN 2 The switch checks the PVID table and assigns a temporary VID of 1 3 The switch ignores the port from which the frame came because the switch does not send a frame to the port fr...

Page 305: ...Static VLAN table An example is shown next VID is the VLAN identification number Status shows whether the VLAN is static or active Elap Time is the time since the VLAN was created on the switch The Ta...

Page 306: ...ES 2724 User s Guide 304 Chapter 43 IEEE 802 1Q Tagged VLAN Commands...

Page 307: ...vlan id mvr vlan id source port port list mvr vlan id receiver port port list mvr vlan id inactive mvr vlan id mode dynamic compatible mvr vlan id name name str mvr vlan id tagged port list mvr vlan i...

Page 308: ...fy the MVR IP multicast group start address ip Specifies the starting IP multicast address of the multicast group in dotted decimal notation end address ip Specifies the ending IP multicast address of...

Page 309: ...this domain ip address This is the IP address of the switch in the routing domain Specify the IP address is dotted decimal notation For example 192 168 1 1 mask bits The number of bits in the subnet...

Page 310: ...ES 2724 User s Guide 308 Chapter 45 Routing Domain Command Examples...

Page 311: ...cured client IP address your computer s IP address must match it Refer to the chapter on access control for details I cannot access the web configurator The administrator username is admin The default...

Page 312: ...p blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address 46 2...

Page 313: ...e this setting 46 2 1 1 2 Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select Tools Int...

Page 314: ...bleshooting Figure 131 Internet Options 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 1 1 4 Click Add to move the...

Page 315: ...lick Close to return to the Privacy screen 6 Click Apply to save this setting 46 2 1 2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer check that JavaScripts...

Page 316: ...33 Internet Options 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure that E...

Page 317: ...Java Scripting 46 2 1 3 Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java perm...

Page 318: ...leshooting Figure 135 Security Settings Java 46 2 1 3 1 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 make sure that Use Java 2 for applet under Java Sun i...

Page 319: ...t you enter the correct password using the proper casing The administrator username is admin The default administrator password is 1234 The username and password are case sensitive Make sure that you...

Page 320: ...ES 2724 User s Guide 318 Chapter 46 Troubleshooting...

Page 321: ...is feature to have the switch assign IP addresses an IP default gateway and DNS servers to computers on your network IGMP Snooping The switch supports IGMP snooping enabling group multicast traffic to...

Page 322: ...ree Link Aggregation Link aggregation trunking is the grouping of physical ports into one logical higher capacity link You may want to trunk ports if for example it is cheaper to use multiple lower sp...

Page 323: ...estination Broadcast storm control Static MAC address forwarding Switching Switching fabric 12 8Gbps non blocking Max Frame size 1522 bytes Forwarding frame IEEE 802 3 IEEE 802 1q Ethernet II PPPoE Pr...

Page 324: ...status Performance monitoring Line speed Four RMON groups history statistics alarms and events Throughput monitoring Port mirroring and aggregation IGMP snooping Firmware upgrade and download through...

Page 325: ...d 19 rack mountable 438 mm W x 270 mm D x 44 45 mm H Weight 3 6 Kg Temperature Operating 0 C 45 C 32 F 113 F Storage 10 C 70 C 13 F 158 F Humidity 10 90 non condensing Power Supply AC 100 240V 50 60Hz...

Page 326: ...ES 2724 User s Guide 324 Appendix A Product Specifications...

Page 327: ...ry number Therefore each octet has a possible range of 00000000 to 11111111 in binary or 0 to 255 in decimal There are several classes of IP addresses The first network number 192 in the above example...

Page 328: ...it Class B addresses have a 1 in the leftmost bit and a 0 in the next leftmost bit Class C addresses start with 1 1 0 in the first three leftmost bits Class D addresses begin with 1 1 1 0 Class D addr...

Page 329: ...ork number bits By convention subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask followed by a continuous sequence of zeros for a total number of...

Page 330: ...t octet bit values indicate host ID bits borrowed to make network ID bits The number of borrowed host ID bits determines the number of subnets you can have The remaining number of host ID bits after b...

Page 331: ...d to borrow two host ID bits to give four possible combinations 00 01 10 and 11 The subnet mask is 26 bits 11111111 11111111 11111111 11000000 or 255 255 255 192 Each subnet contains 6 host ID bits gi...

Page 332: ...168 1 127 Highest Host ID 192 168 1 126 Table 113 Subnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mas...

Page 333: ...ts available for subnetting and a class A address has three host ID octets see Table 104 on page 326 available for subnetting Table 115 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS B...

Page 334: ...1 255 255 128 0 17 2 32766 2 255 255 192 0 18 4 16382 3 255 255 224 0 19 8 8190 4 255 255 240 0 20 16 4094 5 255 255 248 0 21 32 2046 6 255 255 252 0 22 64 1022 7 255 255 254 0 23 128 510 8 255 255 2...

Page 335: ...tion 310 C certifications 2 viewing 2 CFI Canonical Format Indicator 81 changing the password 52 Class of Service CoS 177 classifier 135 137 and QoS 135 editing 138 example 139 overview 135 setup 135...

Page 336: ...178 DS field 177 DSCP 177 DSCP to IEEE802 1p mapping 179 network example 177 PHB 177 dimensions 322 disclaimer 1 double tagged frames 151 DS Differentiated Services 177 DSCP DSCP to IEEE802 1p mapping...

Page 337: ...157 173 IGMP Internet Group Multicast Protocol 157 IGMP filtering 157 profile 161 profiles 159 IGMP snooping 157 MVR 162 ingress port 95 Installation Rack mounting 36 installation freestanding 35 prec...

Page 338: ...nd IGMP 157 and VLAN 175 configuration 175 IP addresses 157 overview 157 175 setup 158 159 vs unicast 175 vs broadcast 175 multicast group 161 multicast VLAN 165 Multiple Spanning Tree Protocol 103 Mu...

Page 339: ...ethod 147 150 R RADIUS 125 advantages 125 and port authentication 125 Network example 125 server 125 settings 127 RADIUS Remote Authentication Dial In User Service 125 Rapid Spanning Tree Protocol RST...

Page 340: ...106 109 Hello BPDU 102 Hello Time 106 107 109 110 how it works 102 Max Age 106 107 109 111 path cost 101 106 109 port priority 106 109 port state 102 root port 102 status 107 110 terminology 101 subne...

Page 341: ...wizard 95 static VLAN 85 status 84 85 tagged 81 trunking 83 88 type 74 83 VLAN Virtual Local Area Network 73 VLAN commands examples 297 VLAN number 77 VLAN stacking 151 153 configuration 154 example 1...

Reviews:

No comments