ZyXEL Communications GS2200-24P Series Скачать руководство пользователя страница 109 | Manualshive

Страница: 109 / 360

ZyXEL Communications GS2200-24P Series Скачать руководство пользователя страница 109

Chapter 9 VLAN

GS2200-24/24P User’s Guide

109

9.7.1 Configure a Port-based VLAN

Select Port Based as the VLAN Type in the Basic Setting > Switch Setup
screen and then click Advanced Application > VLAN from the navigation panel
to display the next screen.

Figure 57

Port Based VLAN Setup (All Connected)

«
...
107
108
109
110
111
...
»

Содержание GS2200-24P Series

Страница 1: ...ntelligent Layer 2 GbE Switch Intelligent Layer 2 GbE Switch with PoE Copyright 2010 ZyXEL Communications Corporation Firmware Version 3 90 Edition 1 2 2010 Default Login Details IP Address http 192 1...

Страница 2: ......

Страница 3: ...e the Switch Web Configurator Online Help The embedded Web Help contains descriptions of individual screens and supplementary information Note It is recommended you use the web configurator to configu...

Страница 4: ...tions about ZyXEL products Forum This contains discussions on ZyXEL products Learn from others who use ZyXEL products and share your experiences as well Customer Support Should problems arise that can...

Страница 5: ...eld choices are all in bold font A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more...

Страница 6: ...s Guide 6 Icons Used in Figures Figures in this User s Guide may use the following generic icons The Switch icon is not an exact representation of your device The Switch Computer Notebook computer Ser...

Страница 7: ...your device Connect it to the right supply voltage for example 110V AC in North America or 230V AC in Europe Use ONLY power wires of the appropriate wire gauge see Chapter 40 on page 333 for details f...

Страница 8: ...Safety Warnings GS2200 24 User s Guide 8...

Страница 9: ...Statistics 67 Basic Setting 73 Advanced 91 VLAN 93 Static MAC Forward Setup 113 Static Multicast Forward Setup 117 Filtering 121 Spanning Tree Protocol 123 Bandwidth Control 145 Broadcast Storm Contro...

Страница 10: ...gement 273 Maintenance 275 Access Control 283 Diagnostic 305 Syslog 307 Cluster Management 311 MAC Table 319 ARP Table 323 Configure Clone 325 Troubleshooting Product Specifications 327 Troubleshootin...

Страница 11: ...5 1 1 4 IEEE 802 1Q VLAN Application Examples 25 1 2 Ways to Manage the Switch 26 1 3 Good Habits for Managing the Switch 26 Chapter 2 Hardware Installation and Connection 29 2 1 Installation Scenario...

Страница 12: ...e Web Configurator 51 4 8 Help 51 Chapter 5 Initial Setup Example 53 5 1 Overview 53 5 1 1 Creating a VLAN 53 5 1 2 Setting Port VID 55 5 2 Configuring Switch Management IP Address 56 Chapter 6 Tutori...

Страница 13: ...2 What You Need to Know 93 9 2 VLAN Status 97 9 2 1 VLAN Details 98 9 3 Configure a Static VLAN 99 9 4 Configure VLAN Port Settings 101 9 5 Subnet Based VLANs 102 9 5 1 Configuring Subnet Based VLAN 1...

Страница 14: ...nning Tree Protocol 128 13 5 Rapid Spanning Tree Protocol Status 130 13 6 Configure Multiple Rapid Spanning Tree Protocol 132 13 7 Multiple Rapid Spanning Tree Protocol Status 134 13 8 Configure Multi...

Страница 15: ...hentication 167 18 1 Overview 167 18 1 1 What You Can Do 167 18 1 2 What You Need to Know 167 18 2 Port Authentication Configuration 168 18 3 Activate IEEE 802 1x Security 169 Chapter 19 Port Security...

Страница 16: ...95 23 4 IGMP Snooping VLAN 198 23 5 IGMP Filtering Profile 199 23 6 The MVR Screen 201 23 6 1 MVR Group Configuration 203 23 6 2 MVR Configuration Example 205 Chapter 24 AAA 209 24 1 Overview 209 24 1...

Страница 17: ...2 ARP Inspection VLAN Configure 240 25 10 Technical Reference 241 25 10 1 DHCP Snooping Overview 241 25 10 2 ARP Inspection Overview 244 Chapter 26 Loop Guard 247 26 1 Overview 247 26 1 1 What You Can...

Страница 18: ...g DHCP VLAN Settings 269 30 4 1 Example DHCP Relay for Two VLANs 271 Part V Management 273 Chapter 31 Maintenance 275 31 1 Overview 275 31 1 1 What You Can Do 275 31 2 The Maintenance Screen 275 31 2...

Страница 19: ...verview 305 33 2 Diagnostic 305 Chapter 34 Syslog 307 34 1 Overview 307 34 1 1 What You Can Do 307 34 2 Syslog Setup 308 34 3 Syslog Server Setup 309 Chapter 35 Cluster Management 311 35 1 Overview 31...

Страница 20: ...one 325 Part VI Troubleshooting Product Specifications 327 Chapter 39 Troubleshooting 329 39 1 Power Hardware Connections and LEDs 329 39 2 Switch Access and Login 330 39 3 Switch Configuration 332 Ch...

Страница 21: ...21 PART I Introduction and Hardware Getting to Know Your Switch 23 Hardware Installation and Connection 29 Hardware Panels 33...

Страница 22: ...22...

Страница 23: ...hernet PoE feature Both switches are referred to as the Switch in this guide With its built in web configurator managing and configuring the Switch is easy In addition the Switch can also be managed v...

Страница 24: ...witch connects different company departments RD and Sales to the corporate backbone It can alleviate bandwidth contention and eliminate server and network bottlenecks All users that need high bandwidt...

Страница 25: ...ure can be retained as all ports can freely communicate with each other Figure 3 High Performance Switched Workgroup Application 1 1 4 IEEE 802 1Q VLAN Application Examples A VLAN Virtual Local Area N...

Страница 26: ...e Line commands offer an alternative to the web configurator and in some cases are necessary to configure advanced features See the CLI Reference Guide FTP Use FTP for firmware upgrades and configurat...

Страница 27: ...how to restore it Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes If you forget your password you will have to reset the Switch to its factory...

Страница 28: ...Chapter 1 Getting to Know Your Switch GS2200 24 24P User s Guide 28...

Страница 29: ...itch This is especially important for enclosed rack installations 2 2 Desktop Installation Procedure 1 Make sure the Switch is clean and dry 2 Set the Switch on a smooth level surface strong enough to...

Страница 30: ...does not make the rack unstable or top heavy Take all necessary precautions to anchor the rack securely before installing the unit 2 3 2 Attaching the Mounting Brackets to the Switch 1 Position a mou...

Страница 31: ...o the Switch on one side of the rack lining up the two screw holes on the bracket with the screw holes on the side of the rack Figure 6 Mounting the Switch on a Rack 2 Using a 2 Philips screwdriver in...

Страница 32: ...Chapter 2 Hardware Installation and Connection GS2200 24 24P User s Guide 32...

Страница 33: ...his chapter describes the front panel and rear panel and shows you how to make the hardware connections 3 2 Front Panels The following figure shows the front panel of the Switch Figure 7 Front Panel G...

Страница 34: ...called a mini GBIC slot with one port or transceiver active at a time Note The ports change to fiber mode directly when inserting the fiber module Four 100 1000 Mbps RJ 45 Ports Connect these ports t...

Страница 35: ...st to the optimum Ethernet speed 10 100 1000 Mbps and duplex mode full duplex or half duplex of the connected device An auto crossover auto MDI MDI X port automatically works with a straight through o...

Страница 36: ...ings of the peer Ethernet port are the same in order to connect 3 2 2 1 Default Ethernet Negotiation Settings The factory default negotiation settings for the Gigabit ports on the Switch are Speed Aut...

Страница 37: ...of PCB board facing down 2 Press the transceiver firmly until it clicks into place 3 The Switch automatically detects the installed transceiver Check the LEDs to verify that it is functioning properly...

Страница 38: ...of the power cord to the AC power receptacle on the front panel Connect the other end of the supplied power cord to a power outlet Make sure that no objects obstruct the airflow of the fans located o...

Страница 39: ...rnet network On The link to a 10 Mbps or a 1000 Mbps Ethernet network is up Amber Blinking The system is transmitting receiving to from a 100 Mbps Ethernet network On The link to a 100 Mbps Ethernet n...

Страница 40: ...Chapter 3 Hardware Panels GS2200 24 24P User s Guide 40...

Страница 41: ...41 PART II Basic Configuration The Web Configurator 43 Initial Setup Example 53 System Status and Port Statistics 67 Basic Setting 73...

Страница 42: ...42...

Страница 43: ...and later Mozilla Firefox 3 0 and later versions The recommended screen resolution is 1024 by 768 pixels In order to use the web configurator you need to allow Web browser pop up windows from your de...

Страница 44: ...me server nor manually entered a time and date in the General Setup screen Figure 14 Web Configurator Login 4 Click OK to view the first web configurator screen 4 3 The Status Screen The Status screen...

Страница 45: ...rtain tasks no matter which screen you are currently working in B Click this link to save your configuration into the Switch s nonvolatile memory Nonvolatile memory is the configuration of your Switch...

Страница 46: ...p This link takes you to a screen where you can configure general identification information about the Switch Switch Setup This link takes you to a screen where you can set up global Switch parameters...

Страница 47: ...ort Authentication This link takes you to a screen where you can configure IEEE 802 1x port authentication for clients communicating via the Switch Port Security This link takes you to screens where y...

Страница 48: ...Control This link takes you to screens where you can change the system login password and configure SNMP and remote management Diagnostic This link takes you to a screen where you can view system logs...

Страница 49: ...Your Configuration When you are done modifying the settings in a screen click Apply to save your changes back to the run time memory Settings in the run time memory are lost when the Switch s power i...

Страница 50: ...out of the Switch 4 6 Resetting the Switch If you lock yourself and others from the Switch or forget the administrator password you will need to reload the factory default configuration file or reset...

Страница 51: ...configuration file upload type atgo to restart the Switch The Switch is now reinitialized with a default configuration file including the default password of 1234 4 7 Logging Out of the Web Configura...

Страница 52: ...Chapter 4 The Web Configurator GS2200 24 24P User s Guide 52...

Страница 53: ...r the initial setup Create a VLAN Set port VLAN ID Configure the Switch IP management address 5 1 1 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port s belongs You can...

Страница 54: ...this screen and the VID field in the IP Setup screen refer to the same VLAN ID 3 Since the VLAN2 network is connected to port 1 on the Switch select Fixed to configure port 1 to be a permanent member...

Страница 55: ...network configure 2 as the port VID on port 1 so that any untagged frames received on that port get sent to VLAN 2 Figure 20 Initial Setup Network Example Port VID 1 Click Advanced Applications VLAN i...

Страница 56: ...eb browser and enter 192 168 1 1 the default IP address in the address bar to access the web configurator See Section 4 2 on page 43 for more information 3 Click Basic Setting IP Setup in the navigati...

Страница 57: ...ant DHCP server A connected to port 5 to assign IP addresses to all devices in VLAN network V Create a VLAN containing ports 5 6 and 7 Connect a computer M to the Switch for management Figure 22 Tutor...

Страница 58: ...VLAN and create a VLAN with ID of 100 Add ports 5 6 and 7 in the VLAN by selecting Fixed in the Control field as shown Deselect Tx Tagging because you don t want outgoing traffic to contain this VLAN...

Страница 59: ...ID of the ports 5 6 and 7 to 100 This tags untagged incoming frames on ports 5 6 and 7 with the tag 100 Figure 24 Tutorial Tag Untagged Frames 4 Go to Advanced Application IP Source Guard DHCP snoopin...

Страница 60: ...al Set the DHCP Server Port to Trusted 7 Go to Advanced Application IP Source Guard DHCP snooping Configure VLAN show VLAN 100 by entering 100 in the Start VID and End VID fields and click Apply Then...

Страница 61: ...If DHCP Snooping Works You can also telnet or log into the Switch s console Use the command show dhcp snooping binding to see the DHCP snooping binding table as shown next 6 3 How to Use DHCP Relay on...

Страница 62: ...Scenario 6 3 2 Creating a VLAN Follow the steps below to configure port 2 as a member of VLAN 102 1 Access the web configurator through the Switch s management port 2 Go to Basic Setting Switch Setup...

Страница 63: ...he Name field and enter 102 in the VLAN Group ID field 5 Select Fixed to configure port 2 to be a permanent member of this VLAN 6 Clear the TX Tagging check box to set the Switch to remove VLAN tags b...

Страница 64: ...s screen Figure 32 Tutorial Click the VLAN Port Setting Link 9 Enter 102 in the PVID field for port 2 to add a tag to incoming untagged frames received on that port so that the frames are forwarded to...

Страница 65: ...creen 2 Select the Active check box 3 Enter the DHCP server s IP address 192 168 2 3 in this example in the Remote DHCP Server 1 field 4 Select the Option 82 and the Information check boxes 5 Click Ap...

Страница 66: ...Client A is connected to the Switch s port 2 in VLAN 102 2 You configured the correct VLAN ID port number and system name for DHCP relay on both the DHCP server and the Switch 3 You clicked the Save l...

Страница 67: ...page port details and PoE status The home screen of the web configurator displays a port statistical summary with links to each port showing statistical details 7 1 1 What You Can Do Use the Port Sta...

Страница 68: ...tatistics GS2200 24 24P User s Guide 68 7 2 Port Status Summary To view the port statistics click Status in all web configurator screens to display the Status screen as shown next Figure 35 Status GS2...

Страница 69: ...field displays FORWARDING if the link is up otherwise it displays STOP PD for GS2200 24P only This field displays whether or not a powered device PD is allowed to receive power from the Switch on this...

Страница 70: ...vidual port on the Switch Figure 37 Status Port Details The following table describes the labels in this screen Table 8 Status Port Details LABEL DESCRIPTION Port Info Port NO This field displays the...

Страница 71: ...ld shows the number of 802 3x Pause packets transmitted Rx Packet The following fields display detailed information about packets received RX Packets This field shows the number of good packets unicas...

Страница 72: ...received that were between 128 and 255 octets in length 256 511 This field shows the number of packets including bad packets received that were between 256 and 511 octets in length 512 1023 This field...

Страница 73: ...ch routing domain subnet mask s and DNS domain name server for management purposes 8 1 1 What You Can Do Use the System Info screen Section 8 2 on page 74 to check the firmware version number Use the...

Страница 74: ...e 74 8 2 System Information In the navigation panel click Basic Setting System Info to display the screen as shown You can check the firmware version number Figure 38 Basic Setting System Info GS2200...

Страница 75: ...easured at this sensor Threshold This field displays the upper temperature limit at this sensor Status This field displays Normal for temperatures below the threshold and Error for those above Fan Spe...

Страница 76: ...atus Normal indicates that the voltage is within an acceptable operating range at this point otherwise Error is displayed Table 9 Basic Setting System Info continued LABEL DESCRIPTION Table 10 Basic S...

Страница 77: ...isplays the date you open this menu New Date yyyy mm dd Enter the new date in year month and day format The new date then appears in the Current Date field after you click Apply Time Zone Select the t...

Страница 78: ...e Chapter 9 on page 93 for information on port based and 802 1Q tagged VLANs End Date Configure the day and time when Daylight Saving Time ends if you selected Daylight Saving Time The time field uses...

Страница 79: ...r 9 on page 93 for more information GARP Timer Switches join VLANs by making a declaration A declaration is made by issuing a Join message using GARP Declarations are withdrawn by issuing a Leave mess...

Страница 80: ...llowing descriptions are based on the traffic types defined in the IEEE 802 1d standard which incorporates the 802 1p Level 7 Typically used for network control traffic such as router configuration me...

Страница 81: ...y default IP address is 192 168 1 1 The subnet mask specifies the network number portion of an IP address The factory default subnet mask is 255 255 255 0 You can configure up to 64 IP addresses which...

Страница 82: ...nagement only The default is 1 All ports by default are fixed members of this management VLAN in order to manage the device from any port If a port is not a member of this VLAN then users on that port...

Страница 83: ...the configuration screen Figure 43 Basic Setting Port Setup Default Gateway This field displays the IP address of the default gateway Delete Check the management IP addresses that you want to remove...

Страница 84: ...atically to obtain the connection speed and duplex mode that both ends support When auto negotiation is turned on a port on the Switch negotiates with the peer automatically to determine the connectio...

Страница 85: ...0 provides additional external PoE power budget on top of the internal power budget of the GS2200 24P Refer to the User s Guide of the PPS250 for more information Note The POE Power over Ethernet devi...

Страница 86: ...can provide to the connected PoE enabled devices on the PoE ports Consuming Power W This field displays the amount of power the Switch is currently supplying to the connected PoE enabled devices Alloc...

Страница 87: ...49 Class 3 Optional 6 49 to 12 95 Class 4 Reserved PSEs classify as Class 0 PD Priority When the total power requested by the PDs exceeds the total PoE power budget on the Switch you can set the PD pr...

Страница 88: ...e Max Power mW to each PD according to the priority level If the total power supply runs out PDs with lower priority do not get power to function Consumption Select this if you want the Switch to mana...

Страница 89: ...igh to set the Switch to assign the remaining power to the port after all critical priority ports are served Select Low to set the Switch to assign the remaining power to the port after all critical a...

Страница 90: ...Chapter 8 Basic Setting GS2200 24 24P User s Guide 90...

Страница 91: ...ing Tree Protocol 123 Bandwidth Control 145 Broadcast Storm Control 149 Mirroring 153 Link Aggregation 157 Port Authentication 167 Port Security 171 Classifier 175 Policy Rule 181 Queuing Method 187 1...

Страница 92: ...92...

Страница 93: ...Ns that allow you to group traffic into logical VLANs based on the source IP subnet you specify Use the Port Based VLAN screen Section 9 7 on page 108 to set up VLANs where the packet forwarding decis...

Страница 94: ...of passing tagged or untagged frames To forward a frame from an 802 1Q VLAN aware switch to an 802 1Q VLAN unaware switch the Switch first decides where to forward the frame and then strips off the VL...

Страница 95: ...roups on intermediary devices Table 16 IEEE 802 1Q VLAN Terminology VLAN PARAMETER TERM DESCRIPTION VLAN Type Permanent VLAN This is a static VLAN created manually Dynamic VLAN This is a VLAN configur...

Страница 96: ...nd E automatically allow frames with VLAN group tags 1 and 2 VLAN groups that are unknown to those switches to pass through their VLAN trunking port s Figure 47 Port VLAN Trunking 9 1 2 3 Select the V...

Страница 97: ...N This is the number of VLANs configured on the Switch The Number of Search Results This is the number of VLANs that match the searching criteria and display in the list below This field displays only...

Страница 98: ...ESCRIPTION VLAN Status Click this to go to the VLAN Status screen VID This is the VLAN identification number that was configured in the Static VLAN screen Port Number This column displays the ports th...

Страница 99: ...VLAN Static VLAN The following table describes the related labels in this screen Table 19 Advanced Application VLAN Static VLAN LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN sett...

Страница 100: ...ansmitted with this VLAN Group ID Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top n...

Страница 101: ...Table 20 Advanced Application VLAN VLAN Port Setting LABEL DESCRIPTION GVRP GVRP GARP VLAN Registration Protocol is a registration protocol that defines a way for switches to register necessary VLAN m...

Страница 102: ...ck box to allow GVRP on this port Acceptable Frame Type Specify the type of frames allowed on a port Choices are All Tag Only and Untag Only Select All from the drop down list box to accept all untagg...

Страница 103: ...e services You also have a subnet based VLAN with priority 5 and VID of 200 for traffic received from IP subnet 192 168 1 0 24 video services Lastly you configure VLAN with priority 3 and VID of 300 f...

Страница 104: ...s IP subnet to obtain their IP addresses through the DHCP VLAN Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power...

Страница 105: ...st be an existing VLAN which you defined in the Advanced Applications VLAN screens Priority Select the priority level that the Switch assigns to frames belonging to this VLAN Add Click Add to save you...

Страница 106: ...switch C Figure 55 Protocol Based VLAN Application Example 9 6 1 Configuring Protocol Based VLAN Click Protocol Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown...

Страница 107: ...an existing VLAN which you defined in the Advanced Applications VLAN screens Priority Select the priority level that the Switch will assign to frames belonging to this VLAN Add Click Add to save your...

Страница 108: ...or example between conference rooms in a hotel you must define the egress an egress port is an outgoing port that is a port through which a data packet leaves for both ports Port based VLANs are speci...

Страница 109: ...7 1 Configure a Port based VLAN Select Port Based as the VLAN Type in the Basic Setting Switch Setup screen and then click Advanced Application VLAN from the navigation panel to display the next scree...

Страница 110: ...Chapter 9 VLAN GS2200 24 24P User s Guide 110 Figure 58 Port Based VLAN Setup Port Isolation...

Страница 111: ...lick Apply at the bottom of the screen Incoming These are the ingress ports an ingress port is an incoming port that is a port through which a data packet enters If you wish to allow two subscriber po...

Страница 112: ...protocol Leave the default value IP 5 Type the VLAN ID of an existing VLAN In our example we already created a static VLAN with an ID of 5 Type 5 6 Leave the priority set to 0 and click Add Figure 59...

Страница 113: ...assign static MAC addresses for a port 10 2 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table Static MAC addresses do not ag...

Страница 114: ...where the MAC address entered in the previous field will be automatically forwarded Add Click Add to save your rule to the Switch s run time memory The Switch loses this rule if it is turned off or lo...

Страница 115: ...isplays the port where the MAC address shown in the next field will be forwarded Delete Click Delete to remove the selected entry from the summary table Cancel Click Cancel to clear the Delete check b...

Страница 116: ...Chapter 10 Static MAC Forward Setup GS2200 24 24P User s Guide 116...

Страница 117: ...f a multicast group A static multicast address is a multicast MAC address that has been manually entered in the multicast table Static multicast addresses do not age out Static multicast forwarding al...

Страница 118: ...3 within VLAN group 4 Figure 61 No Static Multicast Forwarding Figure 62 Static Multicast Forwarding to A Single Port Figure 63 Static Multicast Forwarding to Multiple Ports 11 2 Configuring Static M...

Страница 119: ...t pair 00000001 is 01 and 00000011 is 03 in hexadecimal so 01 00 5e 00 00 0A and 03 00 5e 00 00 27 are valid multicast MAC addresses VID You can forward frames with matching destination MAC address to...

Страница 120: ...This field displays the multicast MAC address that identifies a multicast group VID This field displays the ID number of a VLAN group to which frames containing the specified multicast MAC address wi...

Страница 121: ...ination MAC addresses and VLAN group ID 12 1 1 What You Can Do Use the Filtering screen Section 12 2 on page 121 to create rules for traffic going through the Switch 12 2 Configure a Filtering Rule Us...

Страница 122: ...is six hexadecimal character pairs VID Type the VLAN group identification number Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off...

Страница 123: ...fferent STP modes RSTP MRSTP or MSTP you can configure on the Switch Use the Spanning Tree Configuration screen Section 13 3 on page 127 to activate one of the STP modes on the Switch Use the Rapid Sp...

Страница 124: ...ed addresses from the filtering database In RSTP the port states are Discarding Learning and Forwarding Note In this user s guide STP refers to both STP and RSTP STP Terminology The root bridge is the...

Страница 125: ...umes that the link to the root bridge is down This bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology STP Port States STP assigns...

Страница 126: ...s backward compatible with STP RSTP and addresses the limitations of existing spanning tree protocols STP and RSTP in networks to include the following features One Common and Internal Spanning Tree C...

Страница 127: ...Protocol This screen differs depending on which STP mode RSTP MRSTP or MSTP you configure on the Switch This screen is described in detail in the section that follows the configuration section for ea...

Страница 128: ...ed Application Spanning Tree Protocol Configuration LABEL DESCRIPTION Spanning Tree Mode You can activate one of the STP modes on the Switch Select Rapid Spanning Tree Multiple Rapid Spanning Tree or...

Страница 129: ...generations by the root switch The allowed range is 1 to 10 seconds Max Age This is the maximum time in seconds the Switch can wait without receiving a BPDU before attempting to reconfigure All Switc...

Страница 130: ...a loop in a switch Ports with a higher priority numeric value are disabled first The allowed range is between 0 and 255 and the default value is 128 Path Cost Path cost is the cost of transmitting a f...

Страница 131: ...l in seconds at which the root switch transmits a configuration message The root bridge determines Hello Time Max Age and Forwarding Delay Max Age second This is the maximum time in seconds the Switch...

Страница 132: ...The following table describes the labels in this screen Table 32 Advanced Application Spanning Tree Protocol MRSTP LABEL DESCRIPTION Status Click Status to display the MRSTP Status screen see Figure...

Страница 133: ...e maximum time in seconds the Switch will wait before changing states This delay is required because every switch must receive information about topology changes before it starts to forward frames In...

Страница 134: ...off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to begin configuring this screen a...

Страница 135: ...nds the root switch will wait before changing states that is listening to learning to forwarding Note The listening state does not exist in RSTP Cost to Bridge This is the path cost from the root port...

Страница 136: ...Guide 136 13 8 Configure Multiple Spanning Tree Protocol To configure MSTP click MSTP in the Advanced Application Spanning Tree Protocol screen See Section on page 126 for more information on MSTP Fig...

Страница 137: ...Delay This is the maximum time in seconds the Switch will wait before changing states This delay is required because every switch must receive information about topology changes before it starts to fo...

Страница 138: ...common settings and then make adjustments on a port by port basis Note Changes in this row are copied to all the ports as soon as you make them Active Select this check box to add this port to the MS...

Страница 139: ...tion on page 126 for more information on MSTP Note This screen is only available after you activate MSTP on the Switch Figure 74 Advanced Application Spanning Tree Protocol Status MSTP Delete Check th...

Страница 140: ...ost from the root port on this Switch to the root switch Port ID This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree...

Страница 141: ...es are using STP or RSTP the link for VLAN 2 will be blocked as STP and RSTP allow only one link in the network and block the redundant link Figure 75 STP RSTP Network Example Internal Cost This is th...

Страница 142: ...gion external path cost of paths outside this region is increased by one Internal path cost of paths within this region is increased by one when BPDUs traverse the region Devices that belong to the sa...

Страница 143: ...ST represents the connectivity of the entire network and it is equivalent to a spanning tree in an STP RSTP The CIST is the default MST instance MSTID 0 Any VLANs that are not members of an MST instan...

Страница 144: ...Chapter 13 Spanning Tree Protocol GS2200 24 24P User s Guide 144...

Страница 145: ...he maximum bandwidth using the Bandwidth Control screen Bandwidth control means defining a maximum allowable bandwidth for incoming and or out going traffic flows on a port 14 1 1 What You Can Do Use...

Страница 146: ...rol on the Switch Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row first to set...

Страница 147: ...ime memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configur...

Страница 148: ...Chapter 14 Bandwidth Control GS2200 24 24P User s Guide 148...

Страница 149: ...d on the ports When the maximum number of allowable broadcast multicast and or DLF packets is reached per second the subsequent packets are discarded Enable this feature to reduce broadcast multicast...

Страница 150: ...ck box to disable this feature Port This field displays the port number Settings in this row apply to all ports Use this row only if you want to make some settings the same for all ports Use this row...

Страница 151: ...ime memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configur...

Страница 152: ...Chapter 15 Broadcast Storm Control GS2200 24 24P User s Guide 152...

Страница 153: ...g allows you to copy a traffic flow to a monitor port the port you copy the traffic to in order that you can examine the traffic from the monitor port without interference 16 1 1 What You Can Do Use t...

Страница 154: ...this check box to activate port mirroring on the Switch Clear this check box to disable the feature Monitor Port The monitor port is the port you copy the traffic to in order to examine it in more de...

Страница 155: ...are Egress outgoing Ingress incoming and Both Apply Click Apply to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save l...

Страница 156: ...Chapter 16 Mirroring GS2200 24 24P User s Guide 156...

Страница 157: ...ed to form a trunk group 17 1 1 What You Can Do Use the Link Aggregation Status screen Section 17 2 on page 159 to view ports you have configured to be in the trunk group ports that are currently tran...

Страница 158: ...must connect all ports point to point to the same Ethernet switch and configure the ports for LACP trunking LACP only works on full duplex links All ports in the same trunk group must have the same m...

Страница 159: ...a trunk group that is one logical link containing multiple ports Enabled Ports These are the ports you have configured in the Link Aggregation screen to be in the trunk group The port number s display...

Страница 160: ...ic based on a combination of the packet s source and destination MAC addresses src ip means the Switch distributes traffic based on the packet s source IP address dst ip means the Switch distributes t...

Страница 161: ...dvanced Application Link Aggregation Link Aggregation Setting The following table describes the labels in this screen Table 42 Advanced Application Link Aggregation Link Aggregation Setting LABEL DESC...

Страница 162: ...n MAC addresses Select src ip to distribute traffic based on the packet s source IP address Select dst ip to distribute traffic based on the packet s destination IP address Select src dst ip to distri...

Страница 163: ...n dynamic link aggregation Figure 84 Advanced Application Link Aggregation Link Aggregation Setting LACP The following table describes the labels in this screen Table 43 Advanced Application Link Aggr...

Страница 164: ...orts Use this row only if you want to make some settings the same for all ports Use this row first to set the common settings and then make adjustments on a port by port basis Note Changes in this row...

Страница 165: ...h B Figure 85 Trunking Example Physical Connections 2 Configure static trunking Click Advanced Application Link Aggregation Link Aggregation Setting In this screen activate trunk group T1 select the t...

Страница 166: ...Chapter 17 Link Aggregation GS2200 24 24P User s Guide 166...

Страница 167: ...69 to activate IEEE 802 1x security 18 1 2 What You Need to Know IEEE 802 1x authentication uses the RADIUS Remote Authentication Dial In User Service RFC 2138 2139 protocol to validate users See Sect...

Страница 168: ...authentication first activate the port authentication method both on the Switch and the port s then configure the RADIUS server settings in the Auth and Acct Radius Server Setup screen Click Advanced...

Страница 169: ...nced Application Port Authentication 802 1x LABEL DESCRIPTION Active Select this check box to permit 802 1x authentication on the Switch Note You must first enable 802 1x authentication on the Switch...

Страница 170: ...e port Reauthenticati on Timer Specify how often a client has to re enter his or her username and password to stay connected to the port Apply Click Apply to save your changes to the Switch s run time...

Страница 171: ...r than the sum cannot exceed 16K For maximum port security enable this feature disable MAC address learning and configure static MAC address es for a port It is not recommended you disable port securi...

Страница 172: ...r of the port s separated by a comma on which you want to enable port security and disable MAC address learning After you click MAC freeze all previously learned MAC addresses on the specified port s...

Страница 173: ...to occur on a port the port itself must be active with address learning enabled Limited Number of Learned MAC Address Use this field to limit the number of dynamic MAC addresses that may be learned on...

Страница 174: ...Chapter 19 Port Security GS2200 24 24P User s Guide 174...

Страница 175: ...dth Without QoS all traffic data is equally likely to be dropped when the network is congested This can cause a reduction in network performance and make the network inadequate for time critical appli...

Страница 176: ...efer to Chapter 21 on page 181 Click Advanced Application Classifier in the navigation panel to display the configuration screen as shown Figure 91 Advanced Application Classifier The following table...

Страница 177: ...to establish TCP connections Source IP Address Address Prefix Enter a source IP address in dotted decimal notation Specify the address prefix by entering the number of ones in the subnet mask A subne...

Страница 178: ...so use the Save link on the top navigation panel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields back to your previous configurati...

Страница 179: ...rs are See Appendix B on page 345 for information on commonly used port numbers NBS Internet 0802 ECMA Internet 0803 Chaosnet 0804 X 25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208...

Страница 180: ...reen shows an example where you configure a classifier that identifies all traffic from MAC address 00 50 ba ad 4f 81 on port 2 After you have configured a classifier you can configure a policy in the...

Страница 181: ...on page 175 for more information A policy rule ensures that a traffic flow gets the requested treatment in the network 21 1 1 What You Can Do Use the Policy screen Section 21 2 on page 181 to enable t...

Страница 182: ...this option to enable the policy Name Enter a descriptive name for identification purposes Classifier s This field displays the active classifier s you configure in the Classifier screen Select the c...

Страница 183: ...higher priority than the capitals such as A and B in the classifier name For example the classifier with the name of class 2 class a or class B takes priority over the classifier with the name of clas...

Страница 184: ...nel to save your changes to the non volatile memory when you are done configuring Cancel Click Cancel to reset the fields back to your previous configuration Clear Click Clear to set the above fields...

Страница 185: ...Guide 185 21 3 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth on a traffic flow classified using the Example classifier refer to Sectio...

Страница 186: ...Chapter 21 Policy Rule GS2200 24 24P User s Guide 186...

Страница 187: ...ndividual source or flow and prevent a source from monopolizing the bandwidth Strictly Priority Queuing Strictly Priority Queuing SPQ services queues based on priority only As traffic comes into the S...

Страница 188: ...equal amount of bandwidth and then moves to the end of the list and so on depending on the number of queues being used This works in a looping fashion until a queue is empty Weighted Round Robin Sche...

Страница 189: ...his screen Table 52 Advanced Application Queuing Method LABEL DESCRIPTION Port This label shows the port you are configuring Settings in this row apply to all ports Use this row only if you want to ma...

Страница 190: ...r weights get more service than queues with smaller weights Weight When you select WFQ or WRR enter the queue weight here Bandwidth is divided across the different traffic queues according to their we...

Страница 191: ...reen Section 23 2 on page 194 to view multicast group information Use the Multicast Setting screen Section 23 3 on page 195 to enable IGMP snooping to forward group multicast traffic only to ports tha...

Страница 192: ...e members of that group IGMP snooping generates no additional network traffic allowing you to significantly reduce multicast traffic passing through your Switch IGMP Snooping and VLANs The Switch can...

Страница 193: ...Modes You can set your Switch to operate in either dynamic or compatible mode In dynamic mode the Switch sends IGMP leave and join reports to the other multicast devices such as multicast routers or s...

Страница 194: ...the receiving port will still be on the list of forwarding destination for the multicast traffic Otherwise the Switch removes the receiver port from the forwarding table Figure 99 MVR Multicast Televi...

Страница 195: ...nced Application Multicast Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP Snooping Active Select Active to enable IGMP Snooping to forward group multicast traff...

Страница 196: ...n The layer 2 multicast MAC addresses used by Cisco layer 2 protocols 01 00 0C CC CC CC and 01 00 0C CC CC CD are also included in this group Specify the action to perform when the Switch receives a f...

Страница 197: ...rt IGMP Filtering Profile Select the name of the IGMP filtering profile to use for this port Otherwise select Default to prohibit the port from joining any multicast group You can create IGMP filterin...

Страница 198: ...of any VLANs automatically Select fixed to have the Switch only learn multicast group membership information of the VLAN s that you specify below In either auto or fixed mode the Switch can learn up t...

Страница 199: ...e ID of a static VLAN the valid range is between 1 and 4094 Note You cannot configure the same VLAN ID as in the MVR screen Add Click Add to insert the entry in the summary table below and save your c...

Страница 200: ...st IP address for a range of multicast IP addresses that you want to belong to the IGMP filter profile End Address Type the ending multicast IP address for a range of IP addresses that you want to bel...

Страница 201: ...st VLANs and up to 256 multicast rules on the Switch Delete To delete the profile s and all the accompanying rules select the profile s that you want to remove in the Delete Profile column then click...

Страница 202: ...AN to be shared among different subscriber VLANs on the network Name Enter a descriptive name up to 32 English keyboard characters for identification purposes Multicast VLAN ID Enter the VLAN ID 1 to...

Страница 203: ...ate in MVR No MVR multicast traffic is sent or received on this port Tagging Select this checkbox if you want the port to tag the VLAN ID in all outgoing frames transmitted Add Click Add to save your...

Страница 204: ...or more information on IP multicast addresses End Address Enter the ending IP multicast address of the multicast group in dotted decimal notation Enter the same IP address as the Start Address field i...

Страница 205: ...o receive multicast traffic the News and Movie channels from the remote streaming media server S Computers A B and C in VLAN 1 are able to receive the traffic Figure 106 MVR Configuration Example Dele...

Страница 206: ...on the Switch create a multicast group in the MVR screen and set the receiver and source ports Figure 107 MVR Configuration Example To set the Switch to forward the multicast group traffic to the sub...

Страница 207: ...24 24P User s Guide 207 following figure shows an example where two multicast groups News and Movie are configured for the multicast VLAN 200 Figure 108 MVR Group Configuration Example Figure 109 MVR...

Страница 208: ...Chapter 23 Multicast GS2200 24 24P User s Guide 208...

Страница 209: ...hat You Can Do Use the AAA screen Section 24 2 on page 210 to enable authentication and authorization or both of them on the Switch use the Radio Server Setup screen Section 24 3 on page 211 to config...

Страница 210: ...ers you may authenticate in this way See Chapter 31 on page 275 RADIUS and TACACS RADIUS and TACACS are security protocols used to authenticate users by means of an external server instead of or in ad...

Страница 211: ...Server Setup Use this screen to configure your RADIUS server settings See Section on page 210 for more information on RADIUS servers and Section 24 6 2 on page 219 for RADIUS attributes utilized by th...

Страница 212: ...ly number representing a RADIUS server entry IP Address Enter the IP address of an external RADIUS server in dotted decimal notation UDP Port The default port of a RADIUS server for authentication is...

Страница 213: ...the labels in this screen Table 61 Advanced Application AAA TACACS Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure your TACACS authentication settings Mode This fiel...

Страница 214: ...hanumeric characters as the key to be shared between the external TACACS server and the Switch This key is not sent over the network This key must be the same on the external TACACS server and the Swi...

Страница 215: ...s Guide 215 24 5 AAA Setup Use this screen to configure authentication and authorization settings on the Switch Click on the AAA Setup link in the AAA screen to view the screen as shown Figure 114 Ad...

Страница 216: ...xternal servers Login These fields specify which database the Switch should use first second and third to authenticate administrator accounts users for Switch management Configure the local user accou...

Страница 217: ...identification number assigned to the company by the IANA Internet Assigned Numbers Authority ZyXEL s vendor ID is 890 Vendor Type A vendor specified attribute identifying the setting you want to mod...

Страница 218: ...endor Id 890 Vendor Type 1 Vendor data ingress rate Kbps in decimal format Egress Bandwidth Assignment Vendor Id 890 Vendor Type 2 Vendor data egress rate Kbps in decimal format Privilege Assignment V...

Страница 219: ...n the Switch In cases where the attribute has a specific format associated with it the format is specified 24 6 3 Attributes Used for Authentication The following sections list the attributes sent fro...

Страница 220: ...Chapter 24 AAA GS2200 24 24P User s Guide 220 This value is set to Ethernet 15 on the Switch Calling Station Id Frame MTU EAP Message State Message Authenticator...

Страница 221: ...dings for DHCP snooping and ARP inspection Use the IP Source Guard Static Binding screen Section 25 3 on page 223 to manage static bindings for DHCP snooping and ARP inspection Use the DHCP Snooping s...

Страница 222: ...VLAN Configure screen Section 25 9 2 on page 240 to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN 25 1 2 What You N...

Страница 223: ...s field displays a sequential number for each binding MAC Address This field displays the source MAC address in the binding IP Address This field displays the IP address assigned to the MAC address in...

Страница 224: ...rt number in the field to the right If this binding applies to all ports select Any Add Click this to create the specified static binding or to update an existing one Cancel Click this to reset the va...

Страница 225: ...k Advanced Application IP Source Guard DHCP Snooping Figure 117 DHCP Snooping Port This field displays the port number in the binding If this field is blank the binding applies to all ports Delete Sel...

Страница 226: ...s field displays how much longer in seconds the Switch tries to complete the current update before it gives up It displays Not Running if the Switch is not updating the DHCP snooping database right no...

Страница 227: ...nce Guide Binding collisions This field displays the number of bindings the Switch ignored because the Switch already had a binding with the same MAC address and VLAN ID Invalid interfaces This field...

Страница 228: ...art To open this screen click Advanced Application IP Source Guard DHCP Snooping Configure Figure 118 DHCP Snooping Configure Parse failures This field displays the number of bindings the Switch has i...

Страница 229: ...to start the next update until it completes the current one Agent URL Enter the location of the DHCP snooping database The location should be expressed like this tftp domain name or IP address directo...

Страница 230: ...r untrusted can receive each second To open this screen click Advanced Application IP Source Guard DHCP Snooping Configure Port Figure 119 DHCP Snooping Port Configure Apply Click Apply to save your c...

Страница 231: ...ted ports are connected to subscribers and the Switch discards DHCP packets from untrusted ports in the following situations The packet is a DHCP server packet for example OFFER ACK or NACK The source...

Страница 232: ...g on the Switch and specify trusted ports Note If DHCP is enabled and there are no trusted ports DHCP requests will not succeed Option82 Select this to have the Switch add the slot number port number...

Страница 233: ...ss filters that were created because the Switch identified unauthorized ARP packets Index This field displays a sequential number for each MAC address filter MAC Address This field displays the source...

Страница 234: ...n VLAN Status LABEL DESCRIPTION Show VLAN range Use this section to specify the VLANs you want to look at in the section below Enabled VLAN Select this to look at all the VLANs on which ARP inspection...

Страница 235: ...VLAN since the Switch last restarted Table 72 ARP Inspection VLAN Status LABEL DESCRIPTION Table 73 ARP Inspection Log Status LABEL DESCRIPTION Clearing log status table Click Apply to remove all the...

Страница 236: ...generated dhcp deny An ARP packet was discarded because it violated a dynamic binding with the same MAC address and VLAN ID static deny An ARP packet was discarded because it violated a static bindin...

Страница 237: ...MAC address filter remains in the Switch after the Switch identifies an unauthorized ARP packet The Switch automatically deletes the MAC address filter afterwards Enter 0 if you want the MAC address f...

Страница 238: ...ing examples 4 invalid ARP packets per second Syslog rate is 5 Log interval is 1 the Switch sends 4 syslog messages every second 6 invalid ARP packets per second Syslog rate is 5 Log interval is 2 the...

Страница 239: ...his port is a trusted port Trusted or an untrusted port Untrusted The Switch does not discard ARP packets on trusted ports for any reason The Switch discards ARP packets on untrusted ports in the foll...

Страница 240: ...val is 5 seconds then the Switch accepts a maximum of 75 ARP packets in every five second interval Enter the length 1 15 seconds of the burst interval Apply Click Apply to save your changes to the Swi...

Страница 241: ...the VLAN the settings are applied to all VLANs Enabled Select Yes to enable ARP inspection on the VLAN Select No to disable ARP inspection on the VLAN Log Specify when the Switch generates log message...

Страница 242: ...stores the binding table in volatile memory If the Switch restarts it loads static bindings from permanent memory but loses the dynamic bindings in which case the devices in the network have to send...

Страница 243: ...on 82 field of the DHCP headers of client DHCP request frames See Chapter 30 on page 265 for more information about DHCP relay option 82 When the DHCP server responds the Switch removes the informatio...

Страница 244: ...ge to computer A As a result all the communication between computer A and computer B passes through computer X Computer X can read and alter the information passed between them 25 10 2 1 ARP Inspectio...

Страница 245: ...he rate at which ARP packets arrive is too high 25 10 2 3 Syslog The Switch can send syslog messages to the specified syslog server Chapter 34 on page 307 when it forwards or discards ARP packets The...

Страница 246: ...Chapter 25 IP Source Guard GS2200 24 24P User s Guide 246...

Страница 247: ...e of your network STP cannot prevent loops that occur on the edge of your network Figure 129 Loop Guard vs STP Refer to Section 26 1 2 on page 247 for more information 26 1 1 What You Can Do Use the L...

Страница 248: ...t N on A as they are rebroadcast from B Figure 130 Switch in Loop State The loop guard feature checks to see if a loop guard enabled port is connected to a switch in loop state This is accomplished by...

Страница 249: ...tch Figure 132 Loop Guard Network Loop Note After resolving the loop problem on your network you can re activate the disabled port via the web configurator see Section 8 7 on page 83 or via commands S...

Страница 250: ...hanges in this row are copied to all the ports as soon as you make them Active Select this check box to enable the loop guard feature on this port The Switch sends probe packets from this port to chec...

Страница 251: ...nation MAC address in the packets 27 1 2 What You Need to Know Layer 2 protocol tunneling L2PT is used on the service provider s edge devices L2PT allows edge switches 1 and 2 in the following figure...

Страница 252: ...UDLD UniDirectional Link Detection Figure 135 L2PT Network Example 27 1 2 1 Layer 2 Protocol Tunneling Mode Each port can have two layer 2 protocol tunneling modes Access and Tunnel The Access port i...

Страница 253: ...DESCRIPTION Active Select this to enable layer 2 protocol tunneling on the Switch Destination MAC Address Specify a MAC address with which the Switch uses to encapsulate the layer 2 protocol packets...

Страница 254: ...nk s physical status and detect a unidirectional link PAGP Select this option to have the Switch send PAgP packets to a peer to automatically negotiate and build a logical port aggregation LACP Select...

Страница 255: ...255 PART IV IP Application Static Route 257 Differentiated Services 261 DHCP 265...

Страница 256: ...256...

Страница 257: ...data to a server or device that is not reachable through the default gateway for example when sending SNMP traps or using ping to test IP connectivity This figure shows a Telnet session coming in from...

Страница 258: ...le host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID Gateway IP Address Enter the IP address of the gateway The gateway is a...

Страница 259: ...e for this route This is for identification purposes only Destination Address This field displays the IP network address of the final destination Subnet Mask This field displays the subnet mask for th...

Страница 260: ...Chapter 28 Static Route GS2200 24 24P User s Guide 260...

Страница 261: ...allows the intermediary DiffServ compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state information for every fl...

Страница 262: ...ing to the DSCP values and the configured policies DiffServ Network Example The following figure depicts a DiffServ network consisting of a group of directly connected DiffServ compliant network devic...

Страница 263: ...he incoming DSCP value according to the DiffServ to IEEE 802 1p mapping table The following table shows the default DSCP to IEEE802 1p mapping Table 80 IP Application DiffServ LABEL DESCRIPTION Active...

Страница 264: ...82 IP Application DiffServ DSCP Setting LABEL DESCRIPTION 0 63 This is the DSCP classification identification number To set the IEEE 802 1p priority mapping select the priority level from the drop dow...

Страница 265: ...he broadcast domain of the client computers or else the client computers must be configured manually 30 1 1 What You Can Do Use the DHCP Status screen Section 30 2 on page 267 to display the relay mod...

Страница 266: ...n connect to the network network information renewal is done between the DHCP client and the DHCP server without the help of the Switch The Switch can be configured as a global DHCP relay This means t...

Страница 267: ...ID 1 byte This value is always 0 for stand alone switches Port ID 1 byte This is the port that the DHCP client is connected to VLAN ID 2 bytes This is the VLAN that the port belongs to Information up...

Страница 268: ...n Relay Agent Information Select the Option 82 check box to have the Switch add information slot number port number and VLAN ID to client DHCP requests that it relays to a DHCP server Information This...

Страница 269: ...Make sure you select the Option 82 check box to set the Switch to send additional information such as the VLAN ID together with the DHCP requests to the DHCP server This allows the DHCP server to ass...

Страница 270: ...heck box to have the Switch add information slot number port number and VLAN ID to client DHCP requests that it relays to a DHCP server Information This read only field displays the system name you co...

Страница 271: ...ests from the academic buildings VLAN 2 are sent to the other DHCP server with an IP address of 172 23 10 100 Figure 148 DHCP Relay for Two VLANs Type This field displays the DHCP mode Relay DHCP Stat...

Страница 272: ...Chapter 30 DHCP GS2200 24 24P User s Guide 272 For the example network configure the VLAN Setting screen as shown Figure 149 DHCP Relay for Two VLANs Configuration Example...

Страница 273: ...273 PART V Management Maintenance 275 Access Control 283 Diagnostic 305 Syslog 307 Cluster Management 311 MAC Table 319 ARP Table 323 Configure Clone 325...

Страница 274: ...274...

Страница 275: ...mware Upgrade screen Section 31 3 on page 278 to upload the latest firmware Use the Restore Configuration screen Section 31 4 on page 278 to upload a stored device configuration file Use the Backup Co...

Страница 276: ...ly operating on the Switch Firmware Upgrade Click Click Here to go to the Firmware Upgrade screen Restore Configurati on Click Click Here to go to the Restore Configuration screen Backup Configurati o...

Страница 277: ...e configuration changes to the current configuration Note Clicking the Apply or Add button does NOT save the changes permanently All unsaved changes are erased after you reboot the Switch 31 2 3 Reboo...

Страница 278: ...nce Firmware Upgrade Type the path and file name of the firmware file you wish to upload to the Switch in the File Path text box or click Browse to locate it Select the Rebooting checkbox if you want...

Страница 279: ...vice settings Backing up your Switch configurations allows you to create various snap shots of your device from which you may restore at a later date Back up your current Switch configuration to a com...

Страница 280: ...name extension 31 6 2 1 Example FTP Commands ftp put firmware bin ras This is a sample FTP session showing the transfer of the computer file firmware bin to the Switch ftp get config config cfg This i...

Страница 281: ...Switch and renames it to config Likewise get config config cfg transfers the configuration file on the Switch to your computer and renames it to config cfg See Table 88 on page 280 for more informatio...

Страница 282: ...IP address es in the Remote Management screen does not match the client IP address If it does not match the Switch will disconnect the FTP session immediately Initial Remote Directory Specify the def...

Страница 283: ...to display the main screen Use the SNMP screen Section 32 3 on page 284 to configure your SNMP settings Use the Trap Group screen Section 32 4 on page 287 to specify the types of SNMP traps that shou...

Страница 284: ...he main screen Click Management Access Control in the navigation panel to display the main screen as shown Figure 156 Management Access Control 32 3 Configuring SNMP Use this screen to configure your...

Страница 285: ...using SNMP version 2c or lower Trap Community Enter the Trap Community string which is the password sent with each trap to the SNMP manager The Trap Community string is only used by SNMP managers usin...

Страница 286: ...e Digest 5 and SHA Secure Hash Algorithm are hash algorithms used to authenticate SNMP data SHA authentication is generally considered stronger than MD5 but is slower Privacy Specify the encryption me...

Страница 287: ...the categories of SNMP traps that the Switch is to send to the SNMP manager Options Select the individual SNMP traps that the Switch is to send to the SNMP station See Section on page 293 for individ...

Страница 288: ...one time An administrator is someone who can both view and configure Switch changes The username for the Administrator is always admin The default administrator password is 1234 Note It is highly rec...

Страница 289: ...ord Type the existing system password 1234 is the default password when shipped New Password Enter your new system password Retype to confirm Retype your new system password for confirmation Edit Logi...

Страница 290: ...vices that you want to allow to access the Switch Service Port For Telnet SSH FTP HTTP or HTTPS services you may change the default service port by typing the new port number in the Server Port field...

Страница 291: ...ch Active Select this check box to activate this secured client set Clear the check box if you wish to temporarily disable the set without deleting it Start Address End Address Configure the IP addres...

Страница 292: ...network consists of two main components agents and a manager An agent is a management software module that resides in a managed switch the Switch An agent translates the local management information...

Страница 293: ...nce The Switch supports the following MIBs SNMP MIB II RFC 1213 RFC 1157 SNMP v1 RFC 1493 Bridge MIBs RFC 1643 Ethernet MIBs RFC 1155 SMI RFC 2674 SNMPv2 SNMPv2c RFC 1757 RMON SNMPv2 SNMPv2c or later...

Страница 294: ...ntrolledResetEventOn 1 3 6 1 4 1 890 1 5 8 55 2 7 2 1 This trap is sent when the Switch automatically resets ControlledResetEventOn 1 3 6 1 4 1 890 1 5 8 55 2 7 2 1 This trap is sent when the Switch r...

Страница 295: ...s exceed normal temperature PsePwrFailedEventClear 1 3 6 1 4 1 890 1 5 8 56 2 7 2 2 This trap is sent when the power supply of PoE returns to the normal state Table 96 SNMP System Traps continued OPTI...

Страница 296: ...PTION authenticatio n authenticationFailure 1 3 6 1 6 3 1 1 5 5 This trap is sent when authentication fails due to incorrect user name and or password AuthenticationFailureEven tOn 1 3 6 1 4 1 890 1 5...

Страница 297: ...te test is completed Table 100 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION stp STPNewRoot 1 3 6 1 2 1 17 0 1 This trap is sent when the STP root switch changes MRSTPNewRoot 1 3 6 1 4 1...

Страница 298: ...two hosts over an unsecured network Figure 163 SSH Communication Example rmon RmonRisingAlarm 1 3 6 1 2 1 16 0 1 This trap is sent when a variable goes over the RMON rising threshold RmonFallingAlarm...

Страница 299: ...nds the result back to the server The client automatically saves any new server public keys In subsequent connections the server public key is checked against the saved version on the client computer...

Страница 300: ...ata by ensuring confidentiality an unauthorized party cannot read the transferred data authentication one party can identify the other party and data integrity you know if data has been changed It rel...

Страница 301: ...Switch IP Address as the web site address where Switch IP Address is the IP address or domain name of the Switch you wish to access Internet Explorer Warning Messages When you attempt to access the S...

Страница 302: ...st the server certificate Click Examine Certificate if you want to verify that the certificate is from the Switch If Accept this certificate temporarily for this session is selected then click OK to c...

Страница 303: ...ain Screen After you accept the certificate and enter the login username and password the Switch main screen appears The lock displayed in the bottom right of the browser status bar denotes a secure c...

Страница 304: ...Chapter 32 Access Control GS2200 24 24P User s Guide 304...

Страница 305: ...Use the Diagnostic screen Section 33 2 on page 305 to check system logs ping IP addresses or perform port tests 33 2 Diagnostic Click Management Diagnostic in the navigation panel to open this screen...

Страница 306: ...ay to display a log of events in the multi line text box Click Clear to empty the text box and reset the syslog entry IP Ping Type the IP address of a device that you want to ping in order to test a c...

Страница 307: ...entation of your syslog program for details The following table describes the syslog severity levels 34 1 1 What You Can Do Use the Syslog Setup screen Section 34 2 on page 308 to configure the device...

Страница 308: ...etting Logging Type This column displays the names of the categories of logs that the device can generate Active Select this option to set the device to generate logs for the corresponding category Fa...

Страница 309: ...mber the more critical the logs are Add Click Add to save your changes to the Switch s run time memory The Switch loses these changes if it is turned off or loses power so use the Save link on the top...

Страница 310: ...Chapter 34 Syslog GS2200 24 24P User s Guide 310...

Страница 311: ...be directly connected and be in the same VLAN group so as to be able to communicate with one another Table 105 ZyXEL Clustering Management Specifications Maximum number of cluster members 24 Cluster...

Страница 312: ...ment screen Section 35 2 on page 312 to view the role of the Switch within the cluster and to access a cluster member switch s web configurator Use the Clustering Management Configuration screen Secti...

Страница 313: ...displays the number of switches that make up this cluster The following fields describe the cluster member switches Index You can manage cluster member switches via the cluster manager switch Each num...

Страница 314: ...CRIPTION Clustering Manager Active Select Active to have this Switch become the cluster manager switch A cluster can only have one manager Other directly connected switches that are set to be cluster...

Страница 315: ...n the Clustering Candidate list and then enter its web configurator password If that switch administrator changes the web configurator password afterwards then it cannot be managed from the Cluster Ma...

Страница 316: ...gement Go to the Clustering Management Status screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch s web configurator ho...

Страница 317: ...a0 c5 01 23 46 rw rw rw 1 owner group 0 Jul 01 12 00 config 00 a0 c5 01 23 46 226 File sent OK ftp 297 bytes received in 0 00Seconds 297000 00Kbytes sec ftp bin 200 Type I OK ftp put 390BBA0 bin fw 00...

Страница 318: ...Chapter 35 Cluster Management GS2200 24 24P User s Guide 318...

Страница 319: ...MAC Table screen Section 36 2 on page 320 to check whether the MAC address is dynamic or static 36 1 2 What You Need to Know The Switch uses the MAC table to determine how to forward frames See the f...

Страница 320: ...destination port is the same as the port it came in on then it filters the frame Figure 178 MAC Table Flowchart 36 2 Viewing the MAC Table Use this screen to check whether the MAC address is dynamic o...

Страница 321: ...ct VID to display and arrange the data according to VLAN group Select PORT to display and arrange the data according to port number Transfer Type Select Dynamic to MAC forwarding and click the Transfe...

Страница 322: ...Chapter 36 MAC Table GS2200 24 24P User s Guide 322...

Страница 323: ...on a local area network arrives at the Switch the Switch s ARP program looks in the ARP Table and if it finds the address sends it to the device If no entry is found for the IP address ARP broadcasts...

Страница 324: ...Table The following table describes the labels in this screen Table 110 Management ARP Table LABEL DESCRIPTION Index This is the ARP Table entry number IP Address This is the learned IP address of a d...

Страница 325: ...figure Clone screen Section 38 2 on page 325 to copy the basic and advanced settings from a source port to a destination port or ports 38 2 Configure Clone Cloning allows you to copy the basic and adv...

Страница 326: ...2 4 6 indicates that ports 2 4 and 6 are the destination ports 2 6 indicates that ports 2 through 6 are the destination ports Basic Setting Select which port settings you configured in the Basic Setti...

Страница 327: ...327 PART VI Troubleshooting Product Specifications Troubleshooting 329 Product Specifications 333...

Страница 328: ...328...

Страница 329: ...on None of the LEDs turn on 1 Make sure you are using the power adaptor or cord included with the Switch 2 Make sure the power adaptor or cord is connected to the Switch and plugged in to an appropria...

Страница 330: ...got the IP address for the Switch 1 The default IP address is 192 168 1 1 2 Use the console port to log in to the Switch 3 If this does not work you have to reset the device to its factory defaults Se...

Страница 331: ...tions Try to access the Switch using another service such as Telnet If you can access the Switch check the remote management settings to find out why the Switch does not respond to HTTP I can see the...

Страница 332: ...ck the Display button in the System Log field in the Management Diagnostic screen to check for unauthorized access to your Switch To avoid unauthorized access configure the secured client setting in t...

Страница 333: ...h interface has one 1000Base T RJ 45 port and one Small Form Factor Pluggable SFP slot with one port active at a time Note The ports change to fiber mode directly when inserting the fiber module Auto...

Страница 334: ...rectly talk to or hear from devices that are not in the same group s the traffic must first go through a router MAC Address Filter Filter traffic based on the source and or destination MAC address and...

Страница 335: ...ks between switches bridges or routers It allows a Switch to interact with other M R STP compliant switches in your network to ensure that only one path exists between any two stations on the network...

Страница 336: ...ging 16K MAC addresses 4 way associative hashed Static MAC address filtering by source destination Broadcast storm control in 1 second interval 1 pps stepping Static MAC address forwarding port lock S...

Страница 337: ...Port mirroring Rule based port mirrorring Port based mirroring Support port mirroring per IP TCP UDP Bandwidth control Supports rate limiting at 64 Kb increments Broadcast Storm Control Broadcast Mult...

Страница 338: ...s Supported STANDARD DESCRIPTION RFC 826 Address Resolution Protocol ARP RFC 867 Daytime Protocol RFC 868 Time Protocol RFC 894 Ethernet II Encapsulation RFC 1112 IGMP v1 RFC 1155 SMI RFC 1157 SNMPv1...

Страница 339: ...02 1ab Link Layer Discovery Protocol LLDP IEEE 802 1ag Connectivity Fault Management CFM IEEE 802 1x Port Based Network Access Control IEEE 802 1D MAC Bridges IEEE 802 1p Traffic Types Packet Priority...

Страница 340: ...Chapter 40 Product Specifications GS2200 24 24P User s Guide 340...

Страница 341: ...341 PART VII Appendices and Index Changing a Fuse 343 Common Services 345 Legal Information 349 Index 353...

Страница 342: ...342...

Страница 343: ...fuse housing 3 A burnt out fuse is blackened darkened or cloudy inside its glass casing A working fuse has a completely clear glass casing Pull gently but firmly to remove the burnt out fuse from the...

Страница 344: ...Appendix A Changing a Fuse GS2200 24 24P User s Guide 344...

Страница 345: ...er information about port numbers If the Protocol is TCP UDP or TCP UDP this is the IP port number If the Protocol is USER this is the IP protocol number Description This is a brief explanation of the...

Страница 346: ...This is a popular Internet chat program IGMP MULTICAST User Defined 2 Internet Group Multicast Protocol is used when sending packets to a specific group of hosts IKE UDP 500 The Internet Key Exchange...

Страница 347: ...Time Streaming media control Protocol RTSP is a remote control for multimedia on the Internet SFTP TCP 115 Simple File Transfer Protocol SMTP TCP 25 Simple Mail Transfer Protocol is the message exchan...

Страница 348: ...IP networks Its primary function is to allow users to log into remote host systems TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP but uses the UDP User...

Страница 349: ...ising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the r...

Страница 350: ...vice in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a class A product In a...

Страница 351: ...nsist of a new or re manufactured functionally equivalent product of equal or higher value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product has been modified...

Страница 352: ...Appendix C Legal Information GS2200 24 24P User s Guide 352...

Страница 353: ...trusted ports 245 authentication 209 setup 215 Authentication and Authorization see AAA 209 authorization 210 privilege levels 216 setup 215 auto crossover 36 automatic VLAN registration 94 B back up...

Страница 354: ...266 overview 265 relay agent 265 relay agent information 266 relay example 271 setup 269 VLAN setting 269 DHCP relay 266 configuration 268 example 269 DHCP relay option 82 243 DHCP snooping 57 222 24...

Страница 355: ...102 and port assignment 102 GVRP GARP VLAN Registration Protocol 95 H hardware installation 29 hardware monitor 75 hardware overview 33 hello time 137 hops 137 HTTPS 300 certificates 300 implementati...

Страница 356: ...login 43 password 49 login account Administrator 288 non administrator 288 login accounts 288 configuring via web configurator 288 multiple 288 number of 288 login password 289 loop guard 247 examples...

Страница 357: ...Spanning Tree Protocol 125 Multiple RSTP 125 Multiple Spanning Tree Protocol See MSTP 123 126 Multiple STP 126 MVR 192 configuration 201 group configuration 203 network example 192 MVR Multicast VLAN...

Страница 358: ...weight 188 queuing 187 SPQ 188 WRR 188 queuing method 187 190 R rack mounting 29 RADIUS 209 210 advantages 210 and port authentication 210 and tunnel protocol attribute 218 Network example 209 server...

Страница 359: ...static VLAN control 100 tagging 100 status 44 68 link aggregation 159 MSTP 139 port 68 port details 70 power 75 STP 130 134 VLAN 97 STP 123 254 bridge ID 131 134 bridge priority 129 133 configuration...

Страница 360: ...possible VIDs 94 priority frame 94 VID VLAN Identifier 94 VLAN 78 acceptable frame type 102 automatic registration 94 ID 93 IGMP snooping 192 ingress filtering 101 introduction 78 93 number of VLANs 9...

Отзывы:

Нет отзывов