ES-3124 Intelligent Layer 3 Switch 24-port Fast Ethernet + 2 Gigabit Ethernet Ports 2 GbE Dual Personality Interfaces (Copper/SFP) User’s Guide Version 3.
ES-3124 User’s Guide Copyright Copyright © 2006 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
ES-3124 User’s Guide Certifications Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. FCC Warning This device has been tested and found to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules.
ES-3124 User’s Guide 2 Select your product from the drop-down list box on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page.
ES-3124 User’s Guide Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. • Connect ONLY suitable accessories to the device.
ES-3124 User’s Guide This product is recyclable. Dispose of it properly.
ES-3124 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
ES-3124 User’s Guide Customer Support Please have the following information ready when you contact customer support. • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. METHOD SUPPORT E-MAIL TELEPHONE WEB SITE FAX FTP SITE REGULAR MAIL LOCATION CORPORATE HEADQUARTERS (WORLDWIDE) COSTA RICA CZECH REPUBLIC DENMARK FINLAND SALES E-MAIL support@zyxel.com.
ES-3124 User’s Guide METHOD SUPPORT E-MAIL TELEPHONE WEB SITE SALES E-MAIL FAX FTP SITE support@zyxel.no +47-22-80-61-80 www.zyxel.no sales@zyxel.no +47-22-80-61-81 ZyXEL Communications A/S Nils Hansens vei 13 0667 Oslo Norway www.pl.zyxel.com ZyXEL Communications ul. Okrzei 1A 03-715 Warszawa Poland www.zyxel.ru ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279 Russia www.zyxel.es ZyXEL Communications Arte, 21 5ª planta 28033 Madrid Spain www.zyxel.
ES-3124 User’s Guide Table of Contents Copyright .................................................................................................................. 1 Certifications ............................................................................................................ 2 Safety Warnings ....................................................................................................... 4 ZyXEL Limited Warranty...........................................................................
ES-3124 User’s Guide Chapter 3 Hardware Overview ................................................................................................ 45 3.1 Panel Connections ............................................................................................45 3.1.1 Console Port ............................................................................................46 3.1.2 Ethernet Ports ...........................................................................................46 3.1.2.
ES-3124 User’s Guide Chapter 7 Basic Setting ......................................................................................................... 71 7.1 Overview ............................................................................................................71 7.2 System Information 7.3 General Setup ........................................................................................71 ...............................................................................................
ES-3124 User’s Guide 11.1.1 STP Terminology ..................................................................................107 11.1.2 How STP Works ...................................................................................108 11.1.3 STP Port States ...................................................................................108 11.1.4 Multiple RSTP .....................................................................................109 11.2 Spanning Tree Protocol Main Screen ..............
ES-3124 User’s Guide Chapter 17 Port Security......................................................................................................... 143 17.1 About Port Security .......................................................................................143 17.2 Port Security Setup ........................................................................................143 Chapter 18 Classifier ....................................................................................................
ES-3124 User’s Guide 22.1.3 IGMP Snooping ...................................................................................169 22.2 Multicast Status .............................................................................................170 22.3 Multicast Setting ............................................................................................170 22.4 IGMP Filtering Profile ....................................................................................173 22.5 MVR Overview ...........
ES-3124 User’s Guide Chapter 27 Access Control..................................................................................................... 199 27.1 Access Control Overview ...........................................................................199 27.2 The Access Control Main Screen ...................................................................199 27.3 About SNMP ................................................................................................200 27.3.1 Supported MIBs ..
ES-3124 User’s Guide Chapter 32 ARP Table.............................................................................................................. 229 32.1 ARP Table Overview .....................................................................................229 32.1.1 How ARP Works ...................................................................................229 32.2 Viewing the ARP Table ..................................................................................
ES-3124 User’s Guide 35.2.5 show mac address-table ......................................................................269 35.3 ping ...............................................................................................................270 35.4 traceroute .......................................................................................................270 35.5 Copy Port Attributes .......................................................................................271 35.
ES-3124 User’s Guide 37.2.11 qos priority ..........................................................................................294 37.2.12 name ...................................................................................................295 37.2.13 speed-duplex ......................................................................................295 37.2.14 test ......................................................................................................295 37.
ES-3124 User’s Guide Appendix A Product Specifications ........................................................................................ 317 Appendix B IP Addresses and Subnetting ............................................................................. 321 Index......................................................................................................................
ES-3124 User’s Guide 20 Table of Contents
ES-3124 User’s Guide List of Figures Figure 1 Backbone Application ............................................................................. 36 Figure 2 Bridging Application ............................................................................... 37 Figure 3 High Performance Switched Application ................................................. 37 Figure 4 Tag-based VLAN Application ..................................................................
ES-3124 User’s Guide Figure 39 Protocol Based VLAN ........................................................................... 96 Figure 40 Protocol Based VLAN Configuration Example ...................................... 97 Figure 41 Port Based VLAN Setup (All Connected) .............................................. 99 Figure 42 Port Based VLAN Setup (Port Isolation) ............................................... 100 Figure 43 Static MAC Forwarding .........................................................
ES-3124 User’s Guide Figure 82 DiffServ ................................................................................................. 188 Figure 83 DiffServ ................................................................................................. 190 Figure 84 Maintenance ........................................................................................ 191 Figure 85 Load Factory Default: Start ...................................................................
ES-3124 User’s Guide 24 List of Figures
ES-3124 User’s Guide List of Tables Table 1 Panel Connections ................................................................................... 45 Table 2 Front Panel LEDs ..................................................................................... 49 Table 3 Navigation Panel Sub-links Overview ....................................................... 53 Table 4 Web Configurator Screen Sub-links Details ............................................. 54 Table 5 Navigation Panel Links ...............
ES-3124 User’s Guide Table 39 Port Authentication: 802.1x .................................................................... 142 Table 40 Port Security ........................................................................................... 144 Table 41 Classifier ................................................................................................. 148 Table 42 Classifier: Summary Table ......................................................................
ES-3124 User’s Guide Table 82 Command Summary: User Mode .......................................................... 240 Table 83 Command Summary: Enable Mode ....................................................... 241 Table 84 Command Summary: Configuration Mode ............................................. 246 Table 85 interface port-channel Commands ......................................................... 259 Table 86 Command Summary: config-vlan Commands ........................................
ES-3124 User’s Guide 28 List of Tables
ES-3124 User’s Guide Preface Congratulations on your purchase of the ES-3124 Intelligent Layer 3 Switch. This preface introduces you to the ES-3124 and discusses the conventions of this User’s Guide. It also provides information on other related documentation. About This User's Guide This manual is designed to guide you through the installation and configuration of your ES-3124 for its various applications.
ES-3124 User’s Guide Graphics Icons Key ES-3124 Computer Server Computer DSLAM Gateway Central Office/ ISP Internet Hub/Switch User Guide Feedback Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
ES-3124 User’s Guide CHAPTER 1 Getting to Know Your Switch This chapter introduces the main features and applications of the switch. 1.1 Introduction The ES-3124 is a stand-alone layer 3 Ethernet switch with 24 10/100Mbps ports, two RJ-45 Gigabit ports for stacking and 2 dual personality interfaces for uplink as well as a console port and a management port for local management.
ES-3124 User’s Guide Queuing Queuing is used to help solve performance degradation when there is network congestion. Three scheduling services are supported: Strict Priority Queuing (SPQ), Weighted Round Robin (WRR) and Weighted Fair Schedule (WFS). This allows the switch to maintain separate queues for packets from each individual source or flow and prevent a source from monopolizing the bandwidth.
ES-3124 User’s Guide Port Authentication and Security For security, the switch allows authentication using IEEE 802.1x with an external RADIUS server and port security that allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the switch. VLAN Stacking Use VLAN stacking to add an outer VLAN tag to the inner IEEE 802.1Q tagged frames that enter the network.
ES-3124 User’s Guide IP Protocols • IP Host (No routing) • Telnet for configuration and monitoring • SNMP for management • SNMP MIB II (RFC 1213) • SNMP v1 RFC 1157 • SNMPv2, SNMPv2c or later version, compliant with RFC 2011 SNMPv2 MIB for IP, RFC 2012 SNMPv2 MIB for TCP, RFC 2013 SNMPv2 MIB for UDP • Ethernet MIBs RFC 1643 • Bridge MIBs RFC 1493 • SMI RFC 1155 • RMON RFC 1757 • SNMPv2, SNMPv2c RFC 2674 System Monitoring • • • • System status (link status, rates, statistics counters) SNMP Temperatures, v
ES-3124 User’s Guide 1.3 Hardware Features This section describes the hardware features of the ES-3124. 24 10/100 Mbps Fast Ethernet Ports Connect up to 24 computers or switches to the 10/100 Mbps auto-negotiating, automatic cable sensing (auto-MDIX) Ethernet RJ-45 ports. Mini-GBIC Slots Install SPF transceivers in these slots to connect to other Ethernet switches at longer distances than the Ethernet port.
ES-3124 User’s Guide 1.4.1 Backbone Application In this application, the switch is an ideal solution for small networks where rapid growth can be expected in the near future. The switch can be used standalone for a group of heavy traffic users. You can connect computers directly to the switch’s port or connect other switches to the switch. In this example, all computers can share high-speed applications on the server.
ES-3124 User’s Guide Figure 2 Bridging Application 1.4.3 High Performance Switched Example The switch is ideal for connecting two networks that need high bandwidth. In the following example, use trunking to connect these two networks. Switching to higher-speed LANs such as ATM (Asynchronous Transmission Mode) is not feasible for most people due to the expense of replacing all existing Ethernet cables and adapter cards, restructuring your network and complex maintenance.
ES-3124 User’s Guide A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network belong to one group. A station can belong to more than one group. With VLAN, a station cannot directly talk to or hear from stations that are not in the same group(s) unless such traffic first goes through a router. For more information on VLANs, refer to Chapter 8 on page 85. 1.4.4.
ES-3124 User’s Guide Figure 5 Shared Server Using VLAN Example Chapter 1 Getting to Know Your Switch 39
ES-3124 User’s Guide 40 Chapter 1 Getting to Know Your Switch
ES-3124 User’s Guide CHAPTER 2 Hardware Installation and Connection This chapter shows you how to install and connect the switch. 2.1 Freestanding Installation 1 Make sure the switch is clean and dry. 2 Set the switch on a smooth, level surface strong enough to support the weight of the switch and the connected cables. Make sure there is a power outlet nearby. 3 Make sure there is enough clearance around the switch to allow air circulation and the attachment of cables and the power cord.
ES-3124 User’s Guide 2.2 Mounting the Switch on a Rack This section lists the rack mounting requirements and precautions and describes the installation steps. 2.2.1 Rack-mounted Installation Requirements • Two mounting brackets. • Eight M3 flat head screws and a #2 Philips screwdriver. • Four M5 flat head screws and a #2 Philips screwdriver. Note: Failure to use the proper screws may damage the unit. 2.2.1.
ES-3124 User’s Guide Figure 8 Mounting the Switch on a Rack 2 Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. 3 Repeat steps 1 and 2 to attach the second mounting bracket on the other side of the rack.
ES-3124 User’s Guide 44 Chapter 2 Hardware Installation and Connection
ES-3124 User’s Guide CHAPTER 3 Hardware Overview This chapter describes the front panel and rear panel of the switch and shows you how to make the hardware connections. 3.1 Panel Connections The figure below shows the front panel of the switch. Figure 9 Front Panel RJ-45 Gigabit Ports for Stacking 10/100 Mbps Ethernet Ports LEDs Console Port Management Port RJ-45 Gigabit / Mini-GBIC Dual Personality Interfaces The following table describes the ports on the panels.
ES-3124 User’s Guide Table 1 Panel Connections (continued) CONNECTOR DESCRIPTION Console Port Only connect this port if you want to configure the switch using the command line interface (CLI) via the console port. Management Port Connect to a computer using an RJ-45 Ethernet cable for local configuration of the switch. 3.1.
ES-3124 User’s Guide 3.1.3 Mini-GBIC Slots These are slots for mini-GBIC (Gigabit Interface Converter) transceivers. A transceiver is a single unit that houses a transmitter and a receiver. The switch does not come with transceivers. You must use transceivers that comply with the SFP Transceiver MultiSource Agreement (MSA). See the SFF committee’s INF-8074i specification Rev 1.0 for details. There are two pairs of Gigabit Ethernet/mini-GBIC ports. The mini-GBIC ports have priority over the Gigabit ports.
ES-3124 User’s Guide Figure 11 Installed Transceiver 3.1.3.2 Transceiver Removal Use the following steps to remove a mini GBIC transceiver (SFP module). 1 Open the transceiver’s latch (latch styles vary). Figure 12 Opening the Transceiver’s Latch Example 2 Pull the transceiver out of the slot. Figure 13 Transceiver Removal Example 3.2 Rear Panel The following figure shows the rear panel of the ES-3124.
ES-3124 User’s Guide Figure 14 Rear Panel 3.2.1 Power Connector Make sure you are using the correct power source as shown on the panel. To connect the power to the switch, insert the female end of power cord to the power receptacle on the rear panel. Connect the other end of the supplied power cord to the power source. Make sure that no objects obstruct the airflow of the fans. 3.2.2 External Backup Power Supply Connector The switch supports external backup power supply (BPS).
ES-3124 User’s Guide Table 2 Front Panel LEDs (continued) LED COLOR STATUS DESCRIPTION LNK/ACT Green Blinking The system is transmitting/receiving to/from a 1000 Mbps Ethernet network. On The link to a 1000 Mbps Ethernet network is up. Blinking The system is transmitting/receiving to/from a 100 Mbps Ethernet network. On The link to a 100 Mbps Ethernet network is up. Off The link to an Ethernet network is down. On The Ethernet port is negotiating in full-duplex mode.
ES-3124 User’s Guide CHAPTER 4 The Web Configurator This section introduces the configuration and functions of the web configurator. 4.1 Introduction The web configurator is an HTML-based management interface that allows easy switch setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
ES-3124 User’s Guide 4 Click OK to view the first web configurator screen. 4.3 The Status Screen The Status screen is the first screen that displays when you access the web configurator. The following figure shows the navigating components of a web configurator screen. Figure 16 Web Configurator Home Screen (Status) B C D E A A - Click the menu items to open submenu links, and then click on a submenu link to open the screen in the main window.
ES-3124 User’s Guide 4.4 Menu Overview In the navigation panel, click a main link to reveal a list of submenu links.
ES-3124 User’s Guide The following table lists the various web configurator screens within the sub-links.
ES-3124 User’s Guide The following table describes the links in the navigation panel. Table 5 Navigation Panel Links LINK DESCRIPTION Basic Settings System Info This link takes you to a screen that displays general system and hardware monitoring information. General Setup This link takes you to a screen where you can configure general identification information about the switch.
ES-3124 User’s Guide Table 5 Navigation Panel Links (continued) LINK DESCRIPTION Routing Protocol Static Routing This link takes you to screens where you can configure static routes. A static route defines how the switch should forward traffic by configuring the TCP/IP parameters manually. DiffServ This link takes you to screens where you can configure DiffServ and DSCP settings.
ES-3124 User’s Guide Figure 17 Change Administrator Login Password 4.5 Saving Your Configuration When you are done modifying the settings in a screen, click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the ES-3124’s power is turned off. Click the Save link in the upper right hand corner of the web configurator to save your configuration to nonvolatile memory.
ES-3124 User’s Guide 6 Forgetting the password and/or IP address. 7 Preventing all services from accessing the switch. 8 Changing a service port number but forgetting it. Note: Be careful not to lock yourself and others out of the switch. Try using the out-of-band management port before resetting the switch. The default IP address is 192.168.0.1. 4.7 Resetting the Switch If you lock yourself (and others) out of the switch, you can try using out-of-band management.
ES-3124 User’s Guide Figure 18 Example Xmodem Upload Type the configuration file's location, or click Browse to search for it. Choose the 1K Xmodem protocol. Then click Send. 7 After a configuration file upload, type atgo to restart the switch. Figure 19 Reload the Configuration file: Via Console Port Bootbase Version: V0.6 | 03/06/2006 09:21:13 RAM:Size = 32 Mbytes DRAM POST: Testing: 32768K OK DRAM Test SUCCESS ! FLASH: Intel 32M ZyNOS Version: 3.70(AID.
ES-3124 User’s Guide 4 Type atbr after the "Enter Debug Mode" message. Figure 20 Resetting the Switch: Via the Console Port Bootbase Version: V0.6 | 03/06/2006 09:21:13 RAM:Size = 32 Mbytes DRAM POST: Testing: 32768K OK DRAM Test SUCCESS ! FLASH: Intel 32M ZyNOS Version: 3.70(AID.0)b0 | 4/28/2006 17:27:36 Press any key to enter debug mode within 3 seconds. ................................. Enter Debug Mode ES-3124> atbr Restore default Romfile......................................................... ......
ES-3124 User’s Guide CHAPTER 5 Initial Setup Example This chapter shows how to set up the switch for an example network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the switch IP management address 5.1.1 Creating a VLAN VLANs confine broadcast frames to the VLAN group in which the port(s) belongs. You can do this with port-based VLAN or tagged static VLAN with fixed port members.
ES-3124 User’s Guide 1 Click Advanced Application and VLAN in the navigation panel and click the Static VLAN link. 2 In the Static VLAN screen, select ACTIVE, enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network. Note: The VLAN Group ID field in this screen and the VID field in the IP Setup screen refer to the same VLAN ID.
ES-3124 User’s Guide 5.1.2 Setting Port VID Use PVID to add a tag to incoming untagged frames received on that port so that the frames are forwarded to the VLAN group that the tag defines. In the example network, configure 2 as the port VID on port 10 so that any untagged frames received on that port get sent to VLAN 2. Figure 23 Initial Setup Network Example: Port VID 1 Click Advanced Applications and VLAN in the navigation panel. Then click the VLAN Port Setting link.
ES-3124 User’s Guide 5.2 Configuring Switch Management IP Address The default management IP address of the switch is 192.168.1.1. You can configure another IP address in a different subnet for management purposes. The following figure shows an example. Figure 24 Initial Setup Example: Management IP Address 1 Connect your computer to any Ethernet port on the switch. Make sure your computer is in the same subnet as the switch. 2 Open your web browser and enter 192.168.1.
ES-3124 User’s Guide CHAPTER 6 System Status and Port Statistics This chapter describes the system status (web configurator home page) and port details screens. 6.1 Port Status Summary The home screen of the web configurator displays a port statistical summary table with links to each port showing statistical details. To view the port statistics, click Status in all web configurator screens to display the Status screen as shown next.
ES-3124 User’s Guide Figure 25 Status The following table describes the labels in this screen. Table 6 Status 66 LABEL DESCRIPTION Port This identifies the Ethernet port. Click a port number to display the Port Details screen (refer to Figure 26 on page 68). Name This is the name you assigned to this port in the Basic Setting, Port Setup screen. Link This field displays the speed (either 10M for 10Mbps, 100M for 100Mbps or 1000M for 1000Mbps) and the duplex (F for full duplex or H for half).
ES-3124 User’s Guide Table 6 Status (continued) LABEL DESCRIPTION Tx KB/s This field shows the number of kilobytes per second transmitted on this port. Rx KB/s This field shows the number of kilobytes per second received on this port. Up Time This field shows the total amount of time in hours, minutes and seconds the port has been up.
ES-3124 User’s Guide Figure 26 Status: Port Details The following table describes the labels in this screen. Table 7 Status: Port Details LABEL DESCRIPTION Port Info 68 Name This field shows the name of the port. Link This field shows whether the Ethernet connection is down, and the speed/duplex mode. It also shows the cable type (Copper or Fiber) for the combo ports. Status If STP (Spanning Tree Protocol) is enabled, this field displays the STP state of the port (see Section 11.1.
ES-3124 User’s Guide Table 7 Status: Port Details (continued) LABEL DESCRIPTION LACP This field shows if LACP is enabled on this port or not. TxPkts This field shows the number of transmitted frames on this port RxPkts This field shows the number of received frames on this port Errors This field shows the number of received errors on this port. Tx KB/s This field shows the number kilobytes per second transmitted on this port.
ES-3124 User’s Guide Table 7 Status: Port Details (continued) 70 LABEL DESCRIPTION 64 This field shows the number of packets (including bad packets) received that were 64 octets in length. 65-127 This field shows the number of packets (including bad packets) received that were between 65 and 127 octets in length. 128-255 This field shows the number of packets (including bad packets) received that were between 128 and 255 octets in length.
ES-3124 User’s Guide CHAPTER 7 Basic Setting This chapter describes how to configure the System Info, General Setup, Switch Setup, IP Setup and Port Setup screens. 7.1 Overview The System Info screen displays general switch information (such as firmware version number) and hardware polling information (such as fan speeds). The General Setup screen allows you to configure general switch identification information.
ES-3124 User’s Guide Figure 27 System Info The following table describes the labels in this screen. Table 8 System Info LABEL DESCRIPTION System Name This field displays the descriptive name of the switch for identification purposes. ZyNOS F/W Version This field displays the version number of the switch 's current firmware including the date created. Ethernet Address This field refers to the Ethernet MAC (Media Access Control) address of the switch.
ES-3124 User’s Guide Table 8 System Info (continued) LABEL DESCRIPTION Current This field displays this fan's current speed in Revolutions Per Minute (RPM). MAX This field displays this fan's maximum speed measured in Revolutions Per Minute (RPM). MIN This field displays this fan's minimum speed measured in Revolutions Per Minute (RPM). "<41" is displayed for speeds too small to measure (under 2000 RPM). Threshold This field displays the minimum speed at which a normal fan should work.
ES-3124 User’s Guide Figure 28 General Setup The following table describes the labels in this screen. Table 9 General Setup 74 LABEL DESCRIPTION System Name Choose a descriptive name for identification purposes. This name consists of up to 64 printable characters; spaces are allowed. Location Enter the geographic location of your switch. You can use up to 32 printable ASCII characters; spaces are not allowed. Contact Person's Name Enter the name of the person in charge of this switch.
ES-3124 User’s Guide Table 9 General Setup (continued) LABEL DESCRIPTION Use Time Server when Bootup Enter the time service protocol that your timeserver uses. Not all time servers support all protocols, so you may have to use trial and error to find a protocol that works. The main differences between them are the time format. When you select the Daytime (RFC 867) format, the switch displays the day, month, year and time with no time zone adjustment.
ES-3124 User’s Guide Note: VLAN is unidirectional; it only governs outgoing traffic. See Chapter 8 on page 85 for information on port-based and 802.1Q tagged VLANs. 7.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN.
ES-3124 User’s Guide Table 10 Switch Setup (continued) LABEL DESCRIPTION Aging Time Enter a time from 10 to 3000 seconds. This is how long all dynamically learned MAC addresses remain in the MAC address table before they age out (and must be relearned). GARP Timer: Switches join VLANs by making a declaration. A declaration is made by issuing a Join message using GARP. Declarations are withdrawn by issuing a Leave message. A Leave All message terminates all registrations.
ES-3124 User’s Guide 7.6 IP Setup Use the IP Setup screen to configure the default gateway device, the default domain name server and add switch IP address. 7.6.1 Management IP Addresses The switch needs an IP address for it to be managed over the network. The factory default IP address is 192.168.1.1. The subnet mask specifies the network number portion of an IP address. The factory default subnet mask is 255.255.255.0.
ES-3124 User’s Guide Figure 30 IP Setup Chapter 7 Basic Setting 79
ES-3124 User’s Guide The following table describes the labels in this screen. Table 11 IP Setup LABEL DESCRIPTION Domain DNS (Domain Name System) is for mapping a domain name to its corresponding IP Name Server address and vice versa. Enter a domain name server IP address in order to be able to use a domain name instead of an IP address.
ES-3124 User’s Guide Table 11 IP Setup (continued) LABEL DESCRIPTION IP Subnet Mask Enter the IP subnet mask in dotted decimal notation. VID Type the VLAN group identification number. Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation. Manageable Select this option to allow the switch to be managed using this specified IP address. Add Click Add to save the new rule to the switch’s run-time memory.
ES-3124 User’s Guide Figure 31 Port Setup The following table describes the labels in this screen. Table 12 Port Setup LABEL DESCRIPTION * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. Port 82 This is the port index number.
ES-3124 User’s Guide Table 12 Port Setup (continued) LABEL DESCRIPTION Active Select this check box to enable a port. The factory default for all ports is enabled. A port must be enabled for data transmission to occur. Name Enter a descriptive name that identifies this port. Type This field displays 10/100M for an Ethernet/Fast Ethernet connection and 10/100/ 1000M for Gigabit connections. Speed/Duplex Select the speed and the duplex mode of the Ethernet connection on this port.
ES-3124 User’s Guide 84 Chapter 7 Basic Setting
ES-3124 User’s Guide CHAPTER 8 VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-based VLANs. 8.1 Introduction to IEEE 802.1Q Tagged VLAN A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created.
ES-3124 User’s Guide 8.2 Automatic VLAN Registration GARP and GVRP are the protocols used to automatically register VLAN membership across switches. 8.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and deregister attribute values with other GARP participants within a bridged LAN. GARP is a protocol that provides a generic mechanism for protocols that serve a more specific application, for example, GVRP. 8.2.1.
ES-3124 User’s Guide Table 13 IEEE 802.1Q VLAN Terminology (continued) VLAN PARAMETER TERM DESCRIPTION VLAN Port Port VID This is the VLAN ID assigned to untagged frames that this port received. Acceptable Frame Type You may choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port. Ingress filtering If set, the switch discards incoming frames for VLANs that do not have this port as a member 8.
ES-3124 User’s Guide Figure 33 Switch Setup: Select VLAN Type 8.5 Static VLAN Use a static VLAN to decide whether an incoming frame on a port should be • sent to a VLAN group as normal depends on its VLAN tag. • sent to a group whether it has a VLAN tag or not. • blocked from a VLAN group regardless of its VLAN tag. You can also tag all outgoing frames (that were previously untagged) from a port with the specified VID. 8.5.1 Static VLAN Status See Section 8.
ES-3124 User’s Guide Table 14 VLAN: VLAN Status (continued) LABEL DESCRIPTION VID This is the VLAN identification number that was configured in the Static VLAN screen. Elapsed Time This field shows how long it has been since a normal VLAN was registered or a static VLAN was set up. Status This field shows how this VLAN was added to the switch; dynamic - using GVRP, static - added as a permanent entry or other - added using Multicast VLAN Registration (MVR).
ES-3124 User’s Guide 8.5.3 Configure a Static VLAN Use this screen to configure and view 802.1Q VLAN parameters for the switch. See Section 8.5 on page 88 for more information on static VLAN. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next.
ES-3124 User’s Guide Figure 36 VLAN: Static VLAN Chapter 8 VLAN 91
ES-3124 User’s Guide The following table describes the related labels in this screen. Table 16 VLAN: Static VLAN LABEL DESCRIPTION ACTIVE Select this check box to activate the VLAN settings. Name Enter a descriptive name for the VLAN group for identification purposes. VLAN Group ID Enter the VLAN ID for this static entry; the valid range is between 1 and 4094. Port The port number identifies the port you are configuring. * Settings in this row apply to all ports.
ES-3124 User’s Guide Figure 37 VLAN: VLAN Port Setting Chapter 8 VLAN 93
ES-3124 User’s Guide The following table describes the labels in this screen. Table 17 VLAN: VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Select this check box to permit VLAN groups beyond the local switch. Port Isolation Port Isolation allows each port to communicate only with the CPU management port but not communicate with each other.
ES-3124 User’s Guide 8.6 Protocol Based VLANs Protocol based VLANs allow you to group traffic into logical VLANs based on the protocol you specify. When an upstream frame is received on a port (configured for a protocol based VLAN), the switch checks if a tag is added already and its protocol. The untagged packets of the same protocol are then placed in the same protocol based VLAN. One advantage of using protocol based VLANs is that priority can be assigned to traffic of the same protocol.
ES-3124 User’s Guide Figure 39 Protocol Based VLAN The following table describes the labels in this screen. Table 18 Protocol Based VLAN Setup LABEL DESCRIPTION Active Check this box to activate this protocol based VLAN. Port Type a port to be included in this protocol based VLAN. This port must belong to a static VLAN in order to participate in a protocol based VLAN. See Chapter 8 on page 85 for more details on setting up VLANs.
ES-3124 User’s Guide Table 18 Protocol Based VLAN Setup (continued) LABEL DESCRIPTION Priority This field shows the priority which is assigned to frames belonging to this protocol based VLAN. Delete Click this to delete the protocol based VLANs which you marked for deletion. Cancel Click Cancel to reset the fields. 8.8 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 10 and 15. Follow these steps: 1 Activate this protocol based VLAN.
ES-3124 User’s Guide 8.9 Port-based VLAN Setup Port-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. Port-based VLANs require allowed outgoing ports to be defined for each port. Therefore, if you wish to allow two subscriber ports to talk to each other, for example, between conference rooms in a hotel, you must define the egress (an egress port is an outgoing port, that is, a port through which a data packet leaves) for both ports.
ES-3124 User’s Guide Figure 41 Port Based VLAN Setup (All Connected) Chapter 8 VLAN 99
ES-3124 User’s Guide Figure 42 Port Based VLAN Setup (Port Isolation) 100 Chapter 8 VLAN
ES-3124 User’s Guide The following table describes the labels in this screen. Table 19 Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation. All connected means all ports can communicate with each other, that is, there are no virtual LANs. All incoming and outgoing ports are selected. This option is the most flexible but also the least secure.
ES-3124 User’s Guide 102 Chapter 8 VLAN
ES-3124 User’s Guide CHAPTER 9 Static MAC Forwarding Use these screens to configure static MAC address forwarding. 9.1 Configuring Static MAC Forwarding A static MAC address is an address that has been manually entered in the MAC address table. Static MAC addresses do not age out. When you set up static MAC address rules, you are setting static MAC addresses for a port. This may reduce the need for broadcasting.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 20 Static MAC Forwarding LABEL DESCRIPTION Active Select this check box to activate your rule. You may temporarily deactivate a rule without deleting it by clearing this check box. Name Enter a descriptive name for identification purposes for this static MAC address forwarding rule. MAC Address Enter the MAC address in valid MAC address format, that is, six hexadecimal character pairs.
ES-3124 User’s Guide CHAPTER 10 Filtering This chapter discusses static IP and MAC address port filtering. 10.1 Configure a Filtering Rule Filtering means sifting traffic going through the switch based on the source and/or destination MAC addresses and VLAN group (ID). Click Advanced Application and Filtering in the navigation panel to display the screen as shown next. Figure 44 Filtering The following table describes the related labels in this screen.
ES-3124 User’s Guide Table 21 FIltering (continued) 106 LABEL DESCRIPTION Action Select Discard source to drop frame from the source MAC address (specified in the MAC field). The switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address). The switch can still receive frames originating from the MAC address.
ES-3124 User’s Guide C H A P T E R 11 Spanning Tree Protocol The switch supports Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) as defined in the following standards. • IEEE 802.1D Spanning Tree Protocol • IEEE 802.1w Rapid Spanning Tree Protocol The switch also allows you to set up multiple STP configurations (or trees). Ports can then be assigned to the trees. 11.
ES-3124 User’s Guide Table 22 STP Path Costs LINK SPEED RECOMMENDED VALUE RECOMMENDED RANGE ALLOWED RANGE Path Cost 16Mbps 62 40 to 400 1 to 65535 Path Cost 100Mbps 19 10 to 60 1 to 65535 Path Cost 1Gbps 4 3 to 10 1 to 65535 Path Cost 10Gbps 2 1 to 5 1 to 65535 On each bridge, the root port is the port through which this bridge communicates with the root. It is the port on this switch with the lowest path cost to the root (the root path cost).
ES-3124 User’s Guide Table 23 STP Port States PORT STATE DESCRIPTION Learning All BPDUs are received and processed. Information frames are submitted to the learning process but not forwarded. Forwarding All BPDUs are received and processed. All information frames are received and forwarded. 11.1.4 Multiple RSTP MRSTP (Multiple RSTP) is ZyXEL’s proprietary feature that is compatible with RSTP and STP. With MRSTP, you can have more than one spanning tree on your switch and assign port(s) to each tree.
ES-3124 User’s Guide Figure 46 Spanning Tree Protocol RSTP and MRSTP The following table describes the labels in this screen. Table 24 Spanning Tree Protocol: Status LABEL DESCRIPTION RSTP This link takes you to the Rapid Spanning Tree Protocol configuration screen. See Section 11.3 on page 110. MRSTP This link takes you to the Multiple Rapid Spanning Tree Protocol configuration screen. See Section 11.3 on page 110. 11.
ES-3124 User’s Guide Figure 47 RSTP: Configuration Chapter 11 Spanning Tree Protocol 111
ES-3124 User’s Guide The following table describes the labels in this screen. Table 25 RSTP: Configuration LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 48 on page 113). Active Select this check box to activate RSTP. Clear this checkbox to disable RSTP. Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch.
ES-3124 User’s Guide Table 25 RSTP: Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. 11.
ES-3124 User’s Guide Table 26 Rapid Spanning Tree Protocol: Status (continued) LABEL DESCRIPTION Max Age (second) This is the maximum time (in seconds) a switch can wait without receiving a configuration message before attempting to reconfigure. Forwarding Delay (second) This is the time (in seconds) the root switch will wait before changing states (that is, listening to learning to forwarding). Cost to Bridge This is the path cost from the root port on this switch to the root switch.
ES-3124 User’s Guide Figure 49 MRSTP: Configuration Chapter 11 Spanning Tree Protocol 115
ES-3124 User’s Guide The following table describes the labels in this screen. Table 27 MRSTP: Configuration LABEL DESCRIPTION Status Click Status to display the MRSTP Status screen (see Figure 48 on page 113). Tree This is a read only index number of the STP trees. Active Select this check box to activate an STP tree. Clear this checkbox to disable an STP tree. Bridge Priority Bridge priority is used in determining the root switch, root port and designated port.
ES-3124 User’s Guide Table 27 MRSTP: Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. 11.
ES-3124 User’s Guide Table 28 Spanning Tree Protocol: Status (continued) LABEL DESCRIPTION Max Age (second) This is the maximum time (in seconds) a switch can wait without receiving a configuration message before attempting to reconfigure. Forwarding Delay (second) This is the time (in seconds) the root switch will wait before changing states (that is, listening to learning to forwarding). Cost to Bridge This is the path cost from the root port on this switch to the root switch.
ES-3124 User’s Guide CHAPTER 12 Bandwidth Control This chapter shows you how you can cap the maximum bandwidth using the Bandwidth Control screen. 12.1 Bandwidth Control Overview Bandwidth control means defining a maximum allowable bandwidth for incoming and/or outgoing traffic flows on a port. 12.1.1 CIR and PIR The Committed Information Rate (CIR) is the guaranteed bandwidth for the incoming traffic flow on a port.
ES-3124 User’s Guide Figure 51 Bandwidth Control The following table describes the related labels in this screen. Table 29 Bandwidth Control 120 LABEL DESCRIPTION Active Select this check box to enable bandwidth control on the switch. Port This field displays the port number.
ES-3124 User’s Guide Table 29 Bandwidth Control (continued) LABEL DESCRIPTION * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. Ingress Rate Active Select this check box to activate commit rate limits on this port.
ES-3124 User’s Guide 122 Chapter 12 Bandwidth Control
ES-3124 User’s Guide CHAPTER 13 Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 13.1 Broadcast Storm Control Setup Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and/or DLF packets is reached per second, the subsequent packets are discarded.
ES-3124 User’s Guide Figure 52 Broadcast Storm Control 124 Chapter 13 Broadcast Storm Control
ES-3124 User’s Guide The following table describes the labels in this screen. Table 30 Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the switch. Clear this check box to disable this feature. Port This field displays a port number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports.
ES-3124 User’s Guide 126 Chapter 13 Broadcast Storm Control
ES-3124 User’s Guide CHAPTER 14 Mirroring This chapter discusses the Mirror setup screens. 14.1 Port Mirroring Setup Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffic to) in order that you can examine the traffic from the monitor port without interference. Click Advanced Application, Mirroring in the navigation panel to display the Mirroring screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port.
ES-3124 User’s Guide Figure 53 Mirroring 128 Chapter 14 Mirroring
ES-3124 User’s Guide The following table describes the labels in this screen. Table 31 Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the switch. Clear this check box to disable the feature. Monitor Port The monitor port is the port you copy the traffic to in order to examine it in more detail without interfering with the traffic flow on the original port(s). Enter the port number of the monitor port. Port This field displays the port number.
ES-3124 User’s Guide 130 Chapter 14 Mirroring
ES-3124 User’s Guide CHAPTER 15 Link Aggregation This chapter shows you how to logically aggregate physical links to form one logical, higherbandwidth link. 15.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link. You may want to trunk ports if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly, single-port link.
ES-3124 User’s Guide 15.2.1 Link Aggregation ID LACP aggregation ID consists of the following information1: Table 32 Link Aggregation ID: Local Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER 0000 0000 00 0000 00-00-00-00-00 Table 33 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS KEY PORT PRIORITY PORT NUMBER 0000 0000 00 0000 00-00-00-00-00 15.3 Link Aggregation Control Protocol Status Click Advanced Application, Link Aggregation in the navigation panel.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 34 Link Aggregation Control Protocol Status LABEL DESCRIPTION Index This field displays the trunk ID to identify a trunk group, that is, one logical link containing multiple ports. Aggregator ID Link Aggregator ID consists of the following: system priority, MAC address, key, port priority and port number. Refer to Section 15.2.1 on page 132 for more information on this field.
ES-3124 User’s Guide Figure 55 Link Aggregation: Configuration 134 Chapter 15 Link Aggregation
ES-3124 User’s Guide The following table describes the labels in this screen. Table 35 Link Aggregation Control Protocol: Configuration LABEL DESCRIPTION Link Aggregation Control Protocol Active Select this checkbox to enable Link Aggregation Control Protocol (LACP). System Priority LACP system priority is a number between 1 and 65,535. The switch with the lowest system priority (and lowest port number if system priority is the same) becomes the LACP “server”.
ES-3124 User’s Guide 136 Chapter 15 Link Aggregation
ES-3124 User’s Guide CHAPTER 16 Port Authentication This chapter describes the 802.1x authentication method and RADIUS server connection setup. See Section 36.9 on page 285 for information on how to use the commands to configure additional Radius server settings as well as multiple Radius server configuration. 16.1 Port Authentication Overview IEEE 802.
ES-3124 User’s Guide Note: Refer to the documentation that comes with your RADIUS server on how to configure a VSA. The following table describes the VSAs supported on the switch.
ES-3124 User’s Guide Click Advanced Application, Port Authentication in the navigation panel to display the screen as shown. Figure 57 Port Authentication 16.2.1 Configuring RADIUS Server Settings Use this screen to configure your RADIUS server settings. See Section 16.1.1 on page 137 for more information on RADIUS servers. From the Port Authentication screen, click RADIUS to display the configuration screen as shown.
ES-3124 User’s Guide 16.2.2 Activate IEEE 802.1x Security Use this screen to activate IEEE 802.1x security. From the Port Authentication screen, display the configuration screen as shown.
ES-3124 User’s Guide Figure 59 Port Authentication: 802.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 39 Port Authentication: 802.1x LABEL DESCRIPTION Active Select this check box to permit 802.1x authentication on the switch. Note: You must first enable 802.1x authentication on the switch before configuring it on each port. Port This field displays a port number. * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports.
ES-3124 User’s Guide CHAPTER 17 Port Security This chapter shows you how to set up port security. 17.1 About Port Security Port security allows only packets with dynamically learned MAC addresses and/or configured static MAC addresses to pass through a port on the switch. The switch can learn up to 16K MAC addresses in total with no limit on individual ports other than the sum cannot exceed 16K.
ES-3124 User’s Guide Figure 60 Port Security The following table describes the labels in this screen. Table 40 Port Security 144 LABEL DESCRIPTION Active Select this option to enable port security on the switch. Port This field displays a port number.
ES-3124 User’s Guide Table 40 Port Security (continued) LABEL DESCRIPTION * Settings in this row apply to all ports. Use this row only if you want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the ports as soon as you make them. Active Select this check box to enable the port security feature on this port.
ES-3124 User’s Guide 146 Chapter 17 Port Security
ES-3124 User’s Guide CHAPTER 18 Classifier This chapter introduces and shows you how to configure the packet classifier on the switch. 18.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested.
ES-3124 User’s Guide Figure 61 Classifier The following table describes the labels in this screen. Table 41 Classifier 148 LABEL DESCRIPTION Active Select this option to enable this rule. Name Enter a descriptive name for this rule for identifying purposes. Packet Format Specify the format of the packet. Choices are All, 802.3 tagged, 802.3 untagged, Ethernet II tagged and Ethernet II untagged. A value of 802.3 indicates that the packets are formatted according to the IEEE 802.3 standards.
ES-3124 User’s Guide Table 41 Classifier (continued) LABEL DESCRIPTION Layer 2 Specify the fields below to configure a layer 2 classifier. VLAN Select Any to classify traffic from any VLAN or select the second option and specify the source VLAN ID in the field provided. Priority Select Any to classify traffic from any priority level or select the second option and specify a priority level in the field provided.
ES-3124 User’s Guide Table 41 Classifier (continued) LABEL DESCRIPTION Add Click Add to insert the entry in the summary table below. Cancel Click Cancel to reset the fields back to your previous configuration. Clear Click Clear to set the above fields back to the factory defaults. 18.3 Viewing and Editing Classifier Configuration To view a summary of the classifier configuration, scroll down to the summary table at the bottom of the Classifier screen.
ES-3124 User’s Guide Table 43 Common Ethernet Types and Protocol Number ETHERNET TYPE PROTOCOL NUMBER ECMA Internet 0803 Chaosnet 0804 X.25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 Some of the most common IP ports are: Table 44 Common IP Ports PORT NUMBER PORT NAME 21 FTP 23 Telnet 25 SMTP 53 DNS 80 HTTP 110 POP3 18.
ES-3124 User’s Guide Figure 63 Classifier: Example 152 Chapter 18 Classifier
ES-3124 User’s Guide CHAPTER 19 Policy Rule This chapter shows you how to configure policy rules. 19.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria (refer to Chapter 18 on page 147 for more information). A policy rule ensures that a traffic flow gets the requested treatment in the network. 19.1.
ES-3124 User’s Guide 19.2 Configuring Policy Rules You must first configure a classifier in the Classifier screen. Refer to Section 18.2 on page 147 for more information. Click Advanced Applications and then Policy Rule in the navigation panel to display the screen as shown.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 45 Policy LABEL DESCRIPTION Active Select this option to enable the policy. Name Enter a descriptive name for identification purposes. Classifier(s) This field displays the active classifier(s) you configure in the Classifier screen. Select the classifier(s) to which this policy rule applies. To select more than one classifier, press [SHIFT] and select the choices at the same time.
ES-3124 User’s Guide Table 45 Policy (continued) LABEL DESCRIPTION Diffserv Select No change to keep the TOS and/or DSCP fields in the packets. Select Set the packet’s TOS field to set the TOS field with the value you configure in the TOS field. Select Replace the IP TOS with the 802.1 priority value to replace the TOS field with the value you configure in the Priority field. Select Set the Diffserv Codepoint field in the frame to set the DSCP field with the value you configure in the DSCP field.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 46 Policy: Summary Table LABEL DESCRIPTION Index This field displays the policy index number. Click an index number to edit the policy. Active This field displays Yes when policy is activated and No when is it deactivated. Name This field displays the descriptive name for this policy. This is for identification purposes only.
ES-3124 User’s Guide Figure 66 Policy Example 158 Chapter 19 Policy Rule
ES-3124 User’s Guide CHAPTER 20 Queuing Method This chapter introduces the queuing methods supported. 20.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffic. See also Priority Queue Assignment in Switch Setup and 802.1p Priority in Port Setup for related information.
ES-3124 User’s Guide 20.1.3 Weighted Round Robin Scheduling (WRR) Round Robin Scheduling services queues on a rotating basis and is activated only when a port has more traffic than it can handle. A queue is a given an amount of bandwidth irrespective of the incoming traffic on that port. This queue then moves to the back of the list. The next queue is given an equal amount of bandwidth, and then moves to the end of the list; and so on, depending on the number of queues being used.
ES-3124 User’s Guide Figure 67 Queuing Method Chapter 20 Queuing Method 161
ES-3124 User’s Guide The following table describes the labels in this screen. Table 47 Queuing Method LABEL DESCRIPTION Method Select SPQ (Strictly Priority Queuing), WFQ (Weighted Fair Scheduling) or WRR (Weighted Round Robin). Strictly Priority services queues based on priority only. When the highest priority queue empties, traffic on the next highest-priority queue begins. Q7 has the highest priority and Q0 the lowest.
ES-3124 User’s Guide CHAPTER 21 VLAN Stacking This chapter shows you how to configure VLAN stacking on your switch. See the chapter on VLANs for more background information on Virtual LAN 21.1 VLAN Stacking Overview A service provider can use VLAN stacking to allow it to distinguish multiple customers VLANs, even those with the same (customer-assigned) VLAN ID, within its network. Use VLAN stacking to add an outer VLAN tag to the inner IEEE 802.1Q tagged frames that enter the network.
ES-3124 User’s Guide Figure 68 VLAN Stacking Example 21.2 VLAN Stacking Port Roles Each port can have three VLAN stacking “roles”, Normal, Access Port and Tunnel (the latter is for Gigabit ports only). • Select Normal for “regular” (non-VLAN stacking) IEEE 802.1Q frame switching. • Select Access Port for ingress ports on the service provider's edge devices (1 and 2 in the VLAN stacking example figure). The incoming frame is treated as "untagged", so a second VLAN tag (outer VLAN tag) can be added.
ES-3124 User’s Guide Type is a standard Ethernet type code identifying the frame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provider Tag Protocol Identifier) is the service provider VLAN stacking tag type. Many vendors use 0x8100 or 0x9100. TPID (Tag Protocol Identifier) is the customer IEEE 802.1Q tag.
ES-3124 User’s Guide 21.4 Configuring VLAN Stacking Click Advanced Applications and then VLAN Stacking to display the screen as shown.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 51 VLAN Stacking LABEL DESCRIPTION Active Select this checkbox to enable VLAN stacking on the switch. SP TPID SP TPID is a standard Ethernet type code identifying the frame and indicates whether the frame carries IEEE 802.1Q tag information. Choose 0x8100 or 0x9100 from the drop-down list box or select Others and then enter a four-digit hexadecimal number from 0x0000 to 0xFFFF. 0x denotes a hexadecimal number.
ES-3124 User’s Guide 168 Chapter 21 VLAN Stacking
ES-3124 User’s Guide CHAPTER 22 Multicast This chapter shows you how to configure various multicast features. 22.1 Multicast Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network.
ES-3124 User’s Guide The switch forwards multicast traffic destined for multicast groups (that it has learned from IGMP snooping or that you have manually configured) to ports that are members of that group. IGMP snooping generates no additional network traffic, allowing you to significantly reduce multicast traffic passing through your switch. 22.2 Multicast Status Click Advanced Applications and Multicast to display the screen as shown. This screen shows the multicast group information. See Section 22.
ES-3124 User’s Guide Multicast Setting Chapter 22 Multicast 171
ES-3124 User’s Guide The following table describes the labels in this screen. Table 53 Multicast Setting LABEL DESCRIPTION IGMP Snooping Use thise settings to configure IGMP Snooping. Active Select Active to enable IGMP Snooping to forward group multicast traffic only to ports that are members of that group. Host Timeout Specify the time (from 1 to 16,711,450) in seconds that elapses before the switch removes an IGMP group membership entry if it does not receive report messages from the port.
ES-3124 User’s Guide Table 53 Multicast Setting (continued) LABEL DESCRIPTION IGMP Querier Mode The switch treats an IGMP query port as being connected to an IGMP multicast router (or server). The switch forwards IGMP join or leave packets to an IGMP query port. Select Auto to have the switch use the port as an IGMP query port if the port receives IGMP query packets. Select Fixed to have the switch always use the port as an IGMP query port.
ES-3124 User’s Guide Figure 71 Multicast: IGMP Filtering Profile The following table describes the labels in this screen. Table 54 Multicast: IGMP Filtering Profile 174 LABEL DESCRIPTION Profile Name Enter a descriptive name for the profile for identification purposes. To configure additional rule(s) for a profile that you have already added, enter the profile name and specify a different IP multicast address range.
ES-3124 User’s Guide 22.5 MVR Overview Multicast VLAN Registration (MVR) is designed for applications (such as Media-on-Demand (MoD)) that use multicast traffic across an Ethernet ring-based service provider network. MVR allows one single multicast VLAN to be shared among different subscriber VLANs on the network. While isolated in different subscriber VLANs, connected devices can subscribe to and unsubscribe from the multicast stream in the multicast VLAN.
ES-3124 User’s Guide 22.5.3 How MVR Works The following figure shows a multicast television example where a subscriber device (such as a computer) in VLAN 1 receives multicast traffic from the streaming media server, S, via the switch. Multiple subscriber devices can connect through a port configured as the receiver on the switch. When the subscriber selects a television channel, computer A sends an IGMP report to the switch to join the appropriate multicast group.
ES-3124 User’s Guide Figure 74 MVR Chapter 22 Multicast 177
ES-3124 User’s Guide The following table describes the related labels in this screen. Table 55 MVR LABEL DESCRIPTION Active Select this check box to enable MVR to allow one single multicast VLAN to be shared among different subscriber VLANs on the network. Name Enter a descriptive name (up to 32 printable ASCII characters) for identification purposes. Multicast VLAN ID Enter the VLAN ID (1 to 4094) of the multicast VLAN. 802.
ES-3124 User’s Guide 22.7 MVR Group Configuration All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group. Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. Note: A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap.
ES-3124 User’s Guide Table 56 MVR: Group Configuration LABEL DESCRIPTION MVLAN This field displays the multicast VLAN ID. Name This field displays the descriptive name for this setting. Start Address This field displays the starting IP address of the multicast group. End Address This field displays the ending IP address of the multicast group. Delete Select Delete Group and click Delete to remove the selected entry(ies) from the table.
ES-3124 User’s Guide Figure 77 MVR Configuration Example To set the switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200.
ES-3124 User’s Guide Figure 78 MVR Group Configuration Example Figure 79 MVR Group Configuration Example 182 Chapter 22 Multicast
ES-3124 User’s Guide CHAPTER 23 DHCP Relay This chapter shows you how to set up DHCP relay. 23.1 DHCP Relay Overview DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a DHCP server. You can configure the switch to relay client DHCP requests to a DHCP server and the server's responses back to the clients. 23.1.
ES-3124 User’s Guide Figure 80 DHCP Relay The following table describes the labels in this screen. Table 57 DHCP Relay 184 LABEL DESCRIPTION Active Select this check box to enable DHCP relay. Remote DHCP Server 1 .. 3 Enter the IP address of a DHCP server in dotted decimal notation. Relay Agent Information Select the Option 82 check box to have the switch add information (slot number, port number and VLAN ID) to client DHCP requests that it relays to a DHCP server.
ES-3124 User’s Guide CHAPTER 24 Static Route This chapter shows you how to configure static routes. 24.1 Configuring Static Route Static routes tell the switch how to forward IP traffic when you configure the TCP/IP parameters manually. Click IP Application, Static Routing in the navigation panel to display the screen as shown. Figure 81 Static Routing The following table describes the related labels you use to create a static route.
ES-3124 User’s Guide Table 58 Static Routing (continued) LABEL DESCRIPTION Destination IP Address This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID. IP Subnet Mask Enter the subnet mask for this destination. 186 Gateway IP Address Enter the IP address of the gateway.
ES-3124 User’s Guide CHAPTER 25 DiffServ Code Point This chapter shows you how to set up Diffserv Code Point (DSCP) on each port and how to convert DSCP values to IEEE 802.1p values. 25.1 DiffServ Overview DiffServ Code Point (DSCP) is a field used for packet classification on DiffServ networks. The higher the value, the higher the priority. Lower-priority packets may be dropped if the total traffic exceeds the capacity of the network. 25.
ES-3124 User’s Guide Figure 82 DiffServ 188 Chapter 25 DiffServ Code Point
ES-3124 User’s Guide The following table describes the related labels you use to create a static route. Table 59 Static Routing LABEL DESCRIPTION DSCP Setting Click DSCP Map to open the screen where you can set up the mapping between source DSCP priority and IEEE 802.1p priority. Active This field allows you to activate/deactivate DiffServ on the switch. Port This read-only index number indicates which port you are activating. * Settings in this row apply to all ports.
ES-3124 User’s Guide Figure 83 DiffServ The following table describes the related labels you use to create a static route. Table 60 Static Routing 190 LABEL DESCRIPTION Diffserv Click this to return to the main DiffServ screen. DSCP to 802.1p Mapping In this section you map each DSCP value with an 802.1p value in the drop down list box. 0-63 This field displays each DSCP value. 802.1p Priority Use the drop down list box to select the IEEE 802.
ES-3124 User’s Guide CHAPTER 26 Maintenance This chapter explains how to configure the maintenance screens that let you maintain the firmware and configuration files. 26.1 The Maintenance Screen Click Management, Maintenance in the navigation panel to open the following screen. Figure 84 Maintenance The following table describes the labels in this screen.
ES-3124 User’s Guide Table 61 Maintenance (continued) LABEL DESCRIPTION Save Click Config 1 to save the current configuration settings to Configuration 1 on the Configuration switch. Click Config 2 to save the current configuration settings to Configuration 2 on the switch. Reboot System Click Config 1 to reboot the system and load Configuration 1 on the switch. Click Config 2 to reboot the system and load Configuration 2 on the switch.
ES-3124 User’s Guide Note: Note: Clicking the Apply or Add button does NOT save the changes permanently. All unsaved changes are erased after you reboot the switch. 26.4 Reboot System Reboot System allows you to restart the switch without physically turning the power off. It also allows you to load configuration one (Config 1) or configuration two (Config 2) when you reboot. Follow the steps below to reboot the switch.
ES-3124 User’s Guide Figure 87 Firmware Upgrade Type the path and file name of the firmware file you wish to upload to the switch in the File Path text box or click Browse to locate it. After you have specified the file, click Upgrade. After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. 26.6 Restore a Configuration File Restore a previously saved configuration from your computer to the switch using the Restore Configuration screen.
ES-3124 User’s Guide Back up your current switch configuration to a computer using the Backup Configuration screen. Figure 89 Backup Configuration Follow the steps below to back up the current switch configuration to your computer in this screen. 1 Click Backup. 2 Click Save to display the Save As screen. 3 Choose a location to save the file on your computer from the Save in drop-down list box and type a descriptive name for it in the File name list box.
ES-3124 User’s Guide 26.8.1.1 Example FTP Commands ftp> put firmware.bin ras This is a sample FTP session showing the transfer of the computer file "firmware.bin" to the switch. ftp> get config config.cfg This is a sample FTP session saving the current configuration to a file called “config.cfg” on your computer. If your (T)FTP client does not allow you to have a destination filename different than the source, you will need to rename them as the switch only recognizes “config” and “ras”.
ES-3124 User’s Guide 26.8.3 GUI-based FTP Clients The following table describes some of the commands that you may see in GUI-based FTP clients. General Commands for GUI-based FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server. Login Type Anonymous. This is when a user I.D. and password is automatically supplied to the server for anonymous access. Anonymous logins will work only if your ISP or service administrator has enabled this option. Normal.
ES-3124 User’s Guide 198 Chapter 26 Maintenance
ES-3124 User’s Guide CHAPTER 27 Access Control This chapter describes how to control access to the switch. 27.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share four sessions, up to five Web sessions (five different usernames and passwords) and/or limitless SNMP access control sessions are allowed.
ES-3124 User’s Guide 27.3 About SNMP Simple Network Management Protocol (SNMP) is an application layer protocol used to manage and monitor TCP/IP-based devices. SNMP is used to exchange management information between the network management system (NMS) and a network element (NE). A manager station can manage and monitor the switch through the network via SNMP version one (SNMPv1) and/or SNMP version 2c. The next figure illustrates an SNMP management operation.
ES-3124 User’s Guide Table 64 SNMP Commands COMMAND DESCRIPTION Set Allows the manager to set values for object variables within an agent. Trap Used by the agent to inform the manager of some events. 27.3.1 Supported MIBs MIBs let administrators collect statistics and monitor status and performance.
ES-3124 User’s Guide 27.3.3 Configuring SNMP From the Access Control screen, display the SNMP screen. You can click Access Control to go back to the Access Control screen. Figure 92 Access Control: SNMP The following table describes the labels in this screen. Table 66 Access Control: SNMP LABEL DESCRIPTION Get Community Enter the get community, which is the password for the incoming Get- and GetNextrequests from the management station.
ES-3124 User’s Guide Note: It is highly recommended that you change the default administrator password (1234). • A non-administrator (username is something other than admin) is someone who can view but not configure switch settings. Click Access Control from the navigation panel and then click Logins from this screen. Figure 93 Access Control: Logins The following table describes the labels in this screen.
ES-3124 User’s Guide Table 67 Access Control: Logins (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. 27.
ES-3124 User’s Guide Figure 95 How SSH Works 1 Host Identification The SSH client sends a connection request to the SSH server. The server identifies itself with a host key. The client encrypts a randomly generated session key with the host key and server key and sends the result back to the server. The client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer.
ES-3124 User’s Guide 27.6.1 Requirements for Using SSH You must install an SSH client program on a client computer (Windows or Linux operating system) that is used to connect to the switch over SSH. 27.7 Introduction to HTTPS HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol that encrypts and decrypts web pages.
ES-3124 User’s Guide 27.8 HTTPS Example If you haven’t changed the default HTTPS port on the switch, then in your browser enter “https://switch IP Address/” as the web site address where “switch IP Address” is the IP address or domain name of the switch you wish to access. 27.8.1 Internet Explorer Warning Messages When you attempt to access the switch HTTPS server, a Windows dialog box pops up asking if you trust the server certificate.
ES-3124 User’s Guide Figure 98 Security Certificate 1 (Netscape) Figure 99 Security Certificate 2 (Netscape) 27.8.3 The Main Screen After you accept the certificate and enter the login username and password, the switch main screen appears. The lock displayed in the bottom right of the browser status bar denotes a secure connection.
ES-3124 User’s Guide Figure 100 Login Screen (Internet Explorer) Chapter 27 Access Control 209
ES-3124 User’s Guide Figure 101 Login Screen (Netscape) 27.9 Service Port Access Control Service Access Control allows you to decide what services you may use to access the switch. You may also change the default service port and configure “trusted computer(s)” for each service in the Remote Management screen (discussed later). Click Access Control to go back to the main Access Control screen.
ES-3124 User’s Guide Figure 102 Access Control: Service Access Control The following table describes the fields in this screen. Table 68 Access Control: Service Access Control LABEL DESCRIPTION Services Services you may use to access the switch are listed here. Active Select this option for the corresponding services that you want to allow to access the switch.
ES-3124 User’s Guide Figure 103 Access Control: Remote Management The following table describes the labels in this screen. Table 69 Access Control: Remote Management 212 LABEL DESCRIPTION Entry This is the client set index number. A “client set” is a group of one or more “trusted computers” from which an administrator may use a service to manage the switch. Active Select this check box to activate this secured client set.
ES-3124 User’s Guide CHAPTER 28 Diagnostic This chapter explains the Diagnostic screen. 28.1 Diagnostic Click Management, Diagnostic in the navigation panel to open this screen. Use this screen to check system logs, ping IP addresses or perform port tests. Figure 104 Diagnostic The following table describes the labels in this screen. Table 70 Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of events in the multi-line text box.
ES-3124 User’s Guide 214 Chapter 28 Diagnostic
ES-3124 User’s Guide CHAPTER 29 Syslog This chapter explains the syslog screens. 29.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate a syslog message and send it to a syslog server. Syslog is defined in RFC 3164. The RFC defines the packet format, content and system log related information of syslog messages.
ES-3124 User’s Guide Figure 105 Syslog The following table describes the labels in this screen. Table 72 Syslog LABEL DESCRIPTION Syslog Select Active to turn on syslog (system logging) and then configure the syslog setting Logging Type This column displays the names of the categories of logs that the device can generate. Active Select this option to set the device to generate logs for the corresponding category.
ES-3124 User’s Guide Figure 106 Syslog: Server Setup The following table describes the labels in this screen. Table 73 Syslog: Server Setup LABEL DESCRIPTION Active Select this check box to have the device send logs to this syslog server. Clear the check box if you want to create a syslog server entry but not have the device send logs to it (you can edit the entry later). Server Address Enter the IP address of the syslog server.
ES-3124 User’s Guide 218 Chapter 29 Syslog
ES-3124 User’s Guide CHAPTER 30 Cluster Management This chapter introduces cluster management. 30.1 Cluster Management Status Overview Cluster Management allows you to manage switches through one switch, called the cluster manager. The switches must be directly connected and be in the same VLAN group so as to be able to communicate with one another.
ES-3124 User’s Guide Figure 107 Clustering Application Example 30.2 Cluster Management Status Click Management, Cluster Management in the navigation panel to display the following screen. Note: A cluster can only have one manager.
ES-3124 User’s Guide Figure 108 Cluster Management: Status The following table describes the labels in this screen. Table 75 Cluster Management: Status LABEL DESCRIPTION Status This field displays the role of this switch within the cluster. Manager Member (you see this if you access this screen in the cluster member switch directly and not via the cluster manager) None (neither a manager nor a member of a cluster) Manager This field displays the cluster manager switch’s hardware MAC address.
ES-3124 User’s Guide Figure 109 Cluster Management: Cluster Member Web Configurator Screen 30.2.1.1 Uploading Firmware to a Cluster Member Switch You can use FTP to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example.
ES-3124 User’s Guide Figure 110 Example: Uploading Firmware to a Cluster Member Switch C:\>ftp 192.168.1.1 Connected to 192.168.1.1. 220 ES-3124 FTP version 1.0 ready at Thu Jan 1 00:58:46 1970 User (192.168.0.
ES-3124 User’s Guide Figure 111 Clustering Management Configuration The following table describes the labels in this screen. Table 77 Clustering Management Configuration LABEL DESCRIPTION Clustering Manager 224 Active Select Active to have this switch become the cluster manager switch. A cluster can only have one manager. Other (directly connected) switches that are set to be cluster managers will not be visible in the Clustering Candidates list.
ES-3124 User’s Guide Table 77 Clustering Management Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes to the switch’s run-time memory. The switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to reset the fields. Clustering Candidate The following fields relate to the switches that are potential cluster members.
ES-3124 User’s Guide 226 Chapter 30 Cluster Management
ES-3124 User’s Guide CHAPTER 31 MAC Table This chapter introduces the MAC Table screen. 31.1 MAC Table Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the switch’s ports. It shows what device MAC address, belonging to what VLAN group (if any) is forwarded to which port(s) and whether the MAC address is dynamic (learned by the switch) or static (manually entered in the Static MAC Forwarding screen).
ES-3124 User’s Guide 31.2 Viewing the MAC Table Click Management, MAC Table in the navigation panel to display the following screen. Figure 113 MAC Table The following table describes the labels in this screen. Table 78 MAC Table 228 LABEL DESCRIPTION Sort by Click one of the following buttons to display and arrange the data according to that button type. The information is then displayed in the summary table below. MAC Click this button to display and arrange the data according to MAC address.
ES-3124 User’s Guide CHAPTER 32 ARP Table This chapter introduces ARP Table. 32.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address.
ES-3124 User’s Guide Figure 114 ARP Table The following table describes the labels in this screen. Table 79 ARP Table 230 LABEL DESCRIPTION Index This is the ARP Table entry number. IP Address This is the learned IP address of a device connected to a switch port with corresponding MAC address below. MAC Address This is the MAC address of the device with corresponding IP address above.
ES-3124 User’s Guide CHAPTER 33 Configure Clone This chapter shows you how you can copy the settings of one port onto other ports. 33.1 Configure Clone Cloning allows you to copy the basic and advanced settings from a source port to a destination port or ports. Click Management, Configure Clone to open the following screen.
ES-3124 User’s Guide The following table describes the labels in this screen. Table 80 Configure Clone 232 LABEL DESCRIPTION Source/ Destination Port Enter the source port under the Source label. This port’s attributes are copied. Enter the destination port or ports under the Destination label. These are the ports which are going to have the same attributes as the source port. You can enter individual ports seperated by a comma or a range of ports by using a dash.
ES-3124 User’s Guide CHAPTER 34 Introducing Commands This chapter introduces commands and gives a summary of commands available. 34.1 Overview In addition to the web configurator, you can use commands to configure the switch. Use commands for advanced switch diagnosis and troubleshooting. If you have problems with your switch, customer support may request that you issue some of these commands to assist them in troubleshooting.
ES-3124 User’s Guide 34.2.1.1 Initial Screen When you turn on your switch, it performs several internal tests as well as line initialization. You can view the initialization information using the console port. After the initialization, the login screen displays (refer to Section 34.3 on page 234). Copyright (c) 1994 - 2006 ZyXEL Communications Corp. initialize mgmt, ethernet address: 00:13:49:00:00:01 initialize switch, ethernet address: 00:13:49:00:00:02 Initializing switch unit 0...
ES-3124 User’s Guide • • • • • • • means that the contact and location fields are optional. “Command” refers to a command used in the command line interface (CI command). The | symbol means “or”. The entry in the command lines refers to carriage return. Press [ENTER] or carriage return after a command to execute the command. Use the up or down arrow key to scroll through the command history list.
ES-3124 User’s Guide Syntax: logins username password logins username privilege <0-14> where username = Specifies a new user (up to 32 alphanumeric characters). Enter a user name to change the settings of an existing account. password = Specifies the new password (up to 32 alphanumeric characters) for this user. privilege <0-14> = Assigns a privilege level for the user. 34.
ES-3124 User’s Guide Table 81 Command Interpreter Mode Summary (continued) MODE .DESCRIPTION HOW TO LOGIN/ ACCESS PROMPT Config Commands available in this mode allow you to configure settings that affect the switch globally. Type config in enable mode. ras(config)# Command modes that follow are sub-modes of the config mode and can only be accessed from within the config mode.
ES-3124 User’s Guide 34.8.1 List of Available Commands Enter “help” to display a list of available commands and the corresponding sub commands. ras> help Commands available: help logout exit history enable show ip show hardware-monitor show system-information ping ping [vlan ][..] ping help traceroute traceroute [vlan ][..
ES-3124 User’s Guide Enter ? to display detailed help information about the sub commands and parameters. ras> ping ? help destination ip address Description of ping help ras> 34.9 Using Command History The switch keeps a list of recently used commands available to you for reuse. You can use any commands in the history again by pressing the up (y) or down (z) arrow key to scroll through the previously used commands and press [ENTER].
ES-3124 User’s Guide • Use the same configuration file to set all switches (of the same model) in your network to the same settings. Note: You may also edit a configuration file using a text editor. Make sure you use valid commands. The switch rejects configuration files with invalid or incomplete commands. 34.10.2 Logging Out In User or Enable mode, enter the exit or logout command to log out of the CLI.
ES-3124 User’s Guide Table 82 Command Summary: User Mode (continued) COMMAND DESCRIPTION PRIVILEGE [vlan ] [size <0-1472>] [-t] Sends Ping request to an Ethernet device in the specified VLAN(s) with the specified parameters. 0 help Displays command help information. 0 Determines the path a packet takes to a device. 0 [vlan ] [ttl <1-255>] [wait <1-60>] [queries <1-10>] Determines the path a packet takes to a device in a VLAN.
ES-3124 User’s Guide Table 83 Command Summary: Enable Mode (continued) COMMAND DESCRIPTION PRIVILEGE udp Displays UDP related information. 13 route Displays IP routing information. 13 route static Displays IP static route information. 13 hardware-monitor Displays current hardware monitor 13 information with the specified temperature unit (Celsius C or Fahrenheit F). systeminformation Displays general system information. 13 gvrp Displays GVRP settings.
ES-3124 User’s Guide Table 83 Command Summary: Enable Mode (continued) COMMAND DESCRIPTION PRIVILEGE Displays all classifier related information. 13 Displays the specified classifier related information. 13 Displays all policy related information. 13 Displays the specified policy related information. 13 interface Displays current interface status. 13 interfaces config Displays current interface configuration on the port(s).
ES-3124 User’s Guide Table 83 Command Summary: Enable Mode (continued) COMMAND DESCRIPTION PRIVILEGE loginPrecedence Displays login precedence settings. 13 logging Displays system logs. 13 vlan-stacking Displays VLAN stacking configuration. 13 ssh Displays general SSH settings. 13 known-hosts Displays known SSH hosts information. 13 key Displays internal SSH public and private key information. 13 session Displays current SSH session(s).
ES-3124 User’s Guide Table 83 Command Summary: Enable Mode (continued) COMMAND kick tcp DESCRIPTION Resets a TCP connection. Use the 13 show ip tcp command to get the Session ID. Clears the MAC address table. mac-flush erase PRIVILEGE 13 Removes all learned MAC address 13 on the specified port(s). running-config Resets to the factory default settings. 13 Resets to the factory default settings on a per port basis and optionally on a per feature configuration basis.
ES-3124 User’s Guide Table 83 Command Summary: Enable Mode (continued) COMMAND DESCRIPTION cable diagnosti cs Performs a basic connectivity test 13 on the ports. Displays “Ok” if connector is inserted in the port, “Open” if no connector is inserted in the port or “Unknown” if this test cannot determine the status. ping Sends Ping request to an Ethernet 13 device. [vlan ][..] Sends Ping request to an Ethernet 13 device in the specified VLAN(s).
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND no DESCRIPTION PRIVILEGE Sets the management IP address 13 to the default value. ip route Removes a specified IP static route. 13 route inactive Enables a specified IP static route. 13 Clears the IGMP filtering settings on the switch. 13 igmp-filtering profile Deletes the IGMP filtering profile.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE Disable bandwidth control on the switch. 13 gvrp Disables GVRP on the switch. 13 port-isolation Disables port isolation. 13 Disables STP. 13 Disables STP on listed ports. 13 mrstp Disables the specified STP configuration (tree 1-6). 13 mrstp interface Disables the STP assignment from the specified port(s). 13 Disables timeserver settings.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND remotemanagement classifier policy vlan DESCRIPTION PRIVILEGE snmp Disables SNMP management. 13 Clears a secure client set entry from the list of secure clients. 13 service <[telnet] [ftp] [http] [icmp] [snmp] [ssh] [https]> Disables a secure client set entry 13 number from using the selected remote management service(s). Disables the classifier. Each classifier has one rule.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE cluster member Removes the cluster member. 13 mvr Disables MVR on the switch. 13 fe-spq Disables Strict Priority Queuing on the switch. 13 syslog Disables syslog logging. 13 server Disables syslog logging to the specified syslog server. 13 server inactive Enables syslog logging to the specified syslog server.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE fe-spq Sets the switch to use SPQ to service the subsequent queue(s) after and including the specified queue for the 10/100 Mbps Ethernet ports. 13 Creates a static route. 13 [metric ] [name ] [inactive] Sets the metric of a static route or 13 deactivates a static route.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND cluster 252 DESCRIPTION PRIVILEGE interface Adds a port(s) to the specified trunk group. 13 interface timeout Defines the port number and LACP timeout period. 13 Sets the cluster management VLAN ID. 13 name Configures a name to identify the 13 cluster manager.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND classifier DESCRIPTION <[ packet-format <802.3untag|802.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE policy classifier < [ vlan ] [ egress-port ] [ priority <0-7> ] [ dscp <063>] [ tos <0-7> ] [ bandwidth ] [ outgoingpacket-format ] [ outof-profile-dscp <0-63> ] [ forward-action ] [ queue-action ] [ diffservaction ] [ outgoin
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND timeout <1-1000> mode DESCRIPTION PRIVILEGE Specifes the RADIUS server timeout value. 13 Specifies the mode for RADIUS server selection. 13 Enables 802.1x authentication on 13 the switch. portaccessauthentica tor Enables 802.1x authentication on 13 the specified port(s).
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE hello-time <110> maximum-age <6-40> forwarddelay <4-30> Sets Hello Time, Maximum Age and Forward Delay. 13 Enables STP on a specified port. 13 path-cost <165535> Sets the STP path cost for a specified port. 13 priority <0-255> Sets the priority for a specified port. 13 help Displays help information.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE stormcontrol Enables broadcast storm control on the switch. 13 bandwidthcontrol Enables bandwidth control. 13 mac-agingtime <10-3000> Sets learned MAC aging time. 13 snmpserver get-community Sets the get community. 13 set-community Sets the set community. 13 trap-community Sets the trap community.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE startaddr endaddr service <[telnet] [ftp] [http] [icmp] [snmp] [ssh] [https]> Specifies a group of trusted computer(s) from which an administrator may use a service to manage the switch. 13 Changes the administrator password. 14 Enables syslog logging on the switch. 13 Enables syslog logging to the specified syslog server.
ES-3124 User’s Guide Table 84 Command Summary: Configuration Mode (continued) COMMAND DESCRIPTION PRIVILEGE option Allows the switch to add DHCP relay agent information. 13 information Allows the switch to add system name to agent information. 13 Enables DiffServ on the switch. 13 diffserv dscp <0-63> priority <0-7> Maps DSCP value with an 802.1p 13 value. 34.11.4 interface port-channel Commands The following table lists the interface port-channel commands in configuration mode.
ES-3124 User’s Guide Table 85 interface port-channel Commands (continued) COMMAND DESCRIPTION pvid <1-4094> The default PVID is VLAN 1 for all 13 ports. Sets a PVID in the range 1 to 4094 for the specified interface. ingress-check Enables the device to discard incoming frames for VLANs that are not included in a port member set. 13 gvrp Enables this function to permit VLAN groups beyond the local switch.
ES-3124 User’s Guide Table 85 interface port-channel Commands (continued) COMMAND DESCRIPTION PRIVILEGE Enables the interface multicast limit. 13 Sets how many multicast packets the interface receives per second. 13 Enables the Destination Lookup Failure (DLF) limit. 13 Sets the interface DLF limit in packets per second (pps). 13 Enables DiffServ on the port(s). 13 Sets the quality of service priority for an interface. 13 Enables port mirroring in the interface.
ES-3124 User’s Guide Table 85 interface port-channel Commands (continued) COMMAND DESCRIPTION PRIVILEGE vlan-trunking Disables VLAN trunking on the port(s). 13 mirror Disables port mirroring on the port(s). 13 bandwidth-limit Disables bandwidth limit on the port(s). 13 broadcast-limit Disables broadcast storm control limit on the switch. 13 multicast-limit Disables multicast limit on the switch. 13 dlf-limit Disables destination lookup failure (DLF) limit on the switch.
ES-3124 User’s Guide 34.11.5 config-vlan Commands The following table lists the vlan commands in configuration mode. Table 86 Command Summary: config-vlan Commands COMMAND DESCRIPTION PRIVILEGE vlan <14094> Creates a new VLAN group. 13 name Specifies a name for identification purposes. 13 normal Specifies the port(s) to dynamically 13 join this VLAN group using GVRP fixed Specifies the port(s) to be a permanent member of this VLAN group.
ES-3124 User’s Guide Table 86 Command Summary: config-vlan Commands (continued) COMMAND DESCRIPTION PRIVILEGE inband-default dhcp-bootp release Releases the dynamic in-band IP address. 13 inband-default dhcp-bootp renew Updates the dynamic in-band IP address. 13 inband-default Sets a static in-band IP address and subnet mask. 13 manageable Sets the management IP address and subnet mask of the switch in the specified VLAN.
ES-3124 User’s Guide Table 87 mvr Commands (continued) COMMAND DESCRIPTION PRIVILEGE group start-address end-address Sets the multicast group range for the MVR. 13 exit Exist from the MVR configuration mode. 13 8021p-priority <0-7> Sets a priority level (0-7) to which the switch changes the priority in outgoing IGMP control packets. 13 no source-port Disables the source port(s). 13 An MVR source port can send and receive multicast traffic in a multicast VLAN.
ES-3124 User’s Guide 266 Chapter 34 Introducing Commands
ES-3124 User’s Guide CHAPTER 35 User and Enable Mode Commands This chapter describes some commands which you can perform in the User and Enable modes. 35.1 Overview The following command examples show how you can use User and Enable modes to diagnose and manage your switch. 35.2 show Commands These are the commonly used show commands. 35.2.1 show system-information Syntax: show system-information This command shows the general system information (such as the firmware version and system up time).
ES-3124 User’s Guide 35.2.2 show ip Syntax: show ip This command displays the IP related information (such as IP address and subnet mask) on all switch interfaces. The following figure shows the default interface settings. ras> show ip Out-of-band Management IP Address = 192.168.0.1 Management IP Address IP[192.168.0.1], Netmask[255.255.255.0], VID[0] IP Interface IP[192.168.1.1], Netmask[255.255.255.0], VID[1] ras> 35.2.3 show logging Syntax: show logging This command displays the system logs.
ES-3124 User’s Guide This command displays statistics of a port. The following example shows that port 2 is up and the related information. ras# show interface 2 Port Info Port NO.
ES-3124 User’s Guide This command displays the MAC address(es) stored in the switch. The following example shows the static MAC address table. ras# show mac address-table static Port VLAN ID MAC Address CPU 1 00:a0:c5:01:23:46 ras# Type Static 35.3 ping Syntax: ping < [in-band|out-of-band|vlan ] [ size <0-1472> ] [ -t ]> where = The IP address or host name of an Ethernet device.
ES-3124 User’s Guide where = The IP address or host name of an Ethernet device. [in-band|out-ofband|vlan ] = Specifies the network interface or the VLAN ID to which the Ethernet device belongs. [ttl <1-255>] = Specifies the Time To Live (TTL) period. [wait <1-60>] = Specifies the time period to wait. [queries <1-10>] = Specifies how many tries the switch performs the traceroute function. This command displays information about the route to an Ethernet device.
ES-3124 User’s Guide where copy running-config interface portchannel = Copies all of the possible attributes from one port to another port or ports. copy running-config interface portchannel from to = Copies only the specified port attributes from one port to another port or ports. [active ... ] An example is shown next.
ES-3124 User’s Guide Note: When you use the write memory command without specifying a configuration file index number, the switch saves the changes to the configuration file the switch is currently using. 35.6.2 Resetting to the Factory Default Follow the steps below to reset the switch back to the factory defaults. 1 Enter erase running config to reset the current running configuration. 2 Enter write memory to save the changes to the current configuration file.
ES-3124 User’s Guide 274 Chapter 35 User and Enable Mode Commands
ES-3124 User’s Guide CHAPTER 36 Configuration Mode Commands This chapter describes how to enable and configure your switch’s features using commands. For more background information, see the feature specific chapters which proceed the commands chapters. 36.1 Enabling IGMP Snooping To enable IGMP snooping on the switch. Enter igmp-snooping and press [ENTER]. You can also set how to treat traffic from an unknown multicast group by typing the unknownmulticast-frame parameter.
ES-3124 User’s Guide • Enable IGMP snooping on the switch. • Set the host-timeout and leave-timeout values to 30 seconds • Set the switch to drop packets from unknown multicast groups. ras(config)# ras(config)# ras(config)# ras(config)# igmp-snooping igmp-snooping host-timeout 30 igmp-snooping leave-timeout 30 igmp-snooping unknown-multicast-frame drop 36.2 Configure IGMP Filter Use the following commands in the config mode to configure IGMP filtering profiles.
ES-3124 User’s Guide 36.3 Enabling STP Use the spanning-tree or the mrstp commands to enable and configure STP on the switch. The difference between the commands is that spanning-tree only allows you to set up one spanning tree configuration and the mrstp command allows you to set up multiple ones.
ES-3124 User’s Guide maximum-age <6-40> = Specifies the maximum time (in seconds) a switch can wait without receiving a BPDU before attempting to reconfigure. All switch ports (except for designated ports) should receive BPDUs at regular intervals. Any port that ages out STP information (provided in the last BPDU) becomes the designated port for the attached LAN. If it is a root port, a new root port is selected from among the switch ports attached to the network.
ES-3124 User’s Guide 36.4 no Command Examples These are the commonly used command examples that belong to the no group of commands. The no group commands are commands which are preceded by keyword no. This command negates the intended action of the command. In most cases the no command disables, resets or clears settings. There are cases, however, where the no command can activate features. This section shows some uses of these commands. 36.4.
ES-3124 User’s Guide where inactive = Re-enables an ip route with the specified IP address and subnet mask. An example is shown next. • Enable the IP route with the IP address of 192.168.11.1 and subnet mask of 255.255.255.0. This ip route must have already been created and made inactive prior to re-enable command being applied. ras(config)# no ip route 192.168.11.1 255.255.255.0 inactive 36.4.
ES-3124 User’s Guide 36.4.4.2 no port-access-authenticator Syntax: no port-access-authenticator no port-access-authenticator reauthenticate no port-access-authenticator where = Disables port authentication on the switch. reauthenticate = Disables the re-authentication mechanism on the listed port(s). = Disables authentication on the listed ports. An example is shown next. • Disable authentication on the switch.
ES-3124 User’s Guide • Disable the secure shell RSA1 encryption key. • Remove the remote host with IP address 172.165.1.8 from the list of known hosts. • Remove the remote host with IP address 172.165.1.9 and with an SSH-RSA encryption key from the list of known hosts. ras(config)# no ssh key rsa1 ras(config)# no ssh known-hosts 172.165.1.8 ras(config)# no ssh known-hosts 172.165.1.9 ssh-rsa 36.
ES-3124 User’s Guide Syntax: ip route ip route [metric ][name ] [inactive] where = Specifies the network IP address of the final destination. = Specifies the subnet mask of this destination. = Specifies the IP address of the gateway. The gateway is an immediate neighbor of your switch that will forward the packet to the destination. The gateway must be a router on the same segment as your switch.
ES-3124 User’s Guide where name = Names the filtering rule. mac = Specifies the MAC address you want to filter. vlan = Specifies which VLAN this rule applies to. drop = Selects the behavior of the rule. • src - drop packets coming from the specified MAC address • dst- drop packets going to the specified MAC address • both - drop packets coming from or going to the specified MAC address An example is shown next.
ES-3124 User’s Guide • Place ports 5-10 in trunk 1. • Enable dynamic link aggregation (LACP) on trunk 1. ras(config)# trunk t1 ras(config)# trunk t1 interface 5-10 ras(config)# trunk t1 lacp 36.9 Enabling Port Authentication To enable a port authentication, you need to specify your RADIUS server details and select the ports which require external authentication. You can set up multiple RADIUS servers and specify how the switch will process authentication requests. 36.9.
ES-3124 User’s Guide radius-server timeout <11000> = Specifies the timout period (in seconds) the switch will wait for a response from a RADIUS server. If 2 RADIUS servers are configured, this is the total time the switch will wait for a response from either server. mode = Specifies the way the switch will process requests from the clients to the RADIUS server. (Only applicable with multiple RADIUS servers configured.
ES-3124 User’s Guide An example is shown next. • Specify RADIUS server 1 with IP address 10.10.10.1, port 1890 and the string secretKey as the password. See Section 36.9.1 on page 285 for more information on RADIUS server commands. • Specify the timeout period of 30 seconds that the switch will wait for a response from the RADIUS server. • Enable port authentication on ports 4 to12. • Activate reauthentication on the ports. • Specify 1800 seconds as the interval for client reauthentication.
ES-3124 User’s Guide 288 Chapter 36 Configuration Mode Commands
ES-3124 User’s Guide CHAPTER 37 Interface Commands These are some commonly used configuration commands that belong to the interface group of commands. 37.1 Overview The interface commands allow you to configure the switch on a port by port basis. 37.2 Interface Command Examples This section provides examples of some frequently used interface commands. 37.2.1 interface port-channel Use this command to enable the specified ports for configuration.
ES-3124 User’s Guide where = Type peer to process any BPDUs received on these ports. Type tunnel to forward BPDUs received on these ports. Type discard to drop any BPDUs received on these ports. Type network to process a BPDU with no VLAN tag and forward a tagged BPDU. An example is shown next. • Enable ports 1, 3, 4 and 5 for configuration. • Set the BPDU control to tunnel, to forward BPDUs received on ports one, three, four and five.
ES-3124 User’s Guide Syntax: bandwidth-limit bandwidth-limit pir bandwidth-limit cir bandwidth-limit egress where pir = Sets the maximum bandwidth allowed for incoming traffic. cir = Sets the guaranteed bandwidth allowed for incoming traffic. egress = Sets the maximum bandwidth allowed for outgoing traffic (egress) on the switch. An example is shown next. • • • • • Enable port one for configuration. Enable bandwidth control.
ES-3124 User’s Guide • • • • • Enable port mirroring. Enable the monitor port 3. Enable ports 1, 4, 5 and 6 for configuration. Enable port mirroring on the ports. Enable port mirroring for outgoing traffic. Traffic is copied from ports 1, 4, 5 and 6 to port three in order to examine it in more detail without interfering with the traffic flow on the original ports.
ES-3124 User’s Guide • Enable ingress checking on the interface. ras(config)# interface port-channel 1,3-5 ras(config-interface)# ingress-check 37.2.8 frame-type Syntax: frame-type where = Choose to accept both tagged and untagged incoming frames, just tagged incoming frames or just untagged incoming frames on a port. An example is shown next. • Enable ports one, three, four and five for configuration. • Enable ingress checking on the ports.
ES-3124 User’s Guide • Set the queue weights from Q0 to Q7. ras# configure ras(config)# wfq ras(config)# interface port-channel 2,6-12 ras(config-interface)# weight 8 7 6 5 4 3 2 1 37.2.10 egress set Syntax: egress set where = Sets the outgoing traffic port list for a port-based VLAN. An example is shown next. • Enable port-based VLAN tagging on the switch. • Enable ports one, three, four and five for configuration.
ES-3124 User’s Guide 37.2.12 name Syntax: name where = Sets a name for your port interface(s). An example is shown next. • Enable ports one, three, four and five for configuration. • Set a name for the ports. ras(config)# interface port-channel 1,3-5 ras(config-interface)# name Test 37.2.
ES-3124 User’s Guide An example is shown next. • Select ports 33-36 for internal loopback test. • Execute the test command. • View the results. ras(config)# interface port-channel 33-44 ras(config-interface)# test 33-36 Testing internal loopback on port 33 :Passed! Ethernet Port 33 Test ok. Testing internal loopback on port 34 :Passed! Ethernet Port 34 Test ok. Testing internal loopback on port 35 :Passed! Ethernet Port 35 Test ok. Testing internal loopback on port 36 :Passed! Ethernet Port 36 Test ok.
ES-3124 User’s Guide CHAPTER 38 IEEE 802.1Q Tagged VLAN Commands This chapter describes the IEEE 802.1Q Tagged VLAN and associated commands. 38.1 Configuring Tagged VLAN The following procedure shows you how to configure tagged VLAN. 1 Use the IEEE 802.1Q tagged VLAN commands to configure tagged VLAN for the switch. • Use the vlan command to configure or create a VLAN on the switch. The switch automatically enters the config-vlan mode.Use the inactive command to deactivate the VLAN(s).
ES-3124 User’s Guide 38.2 Global VLAN1Q Tagged VLAN Configuration Commands This section shows you how to configure and monitor the IEEE 802.1Q Tagged VLAN. 38.2.1 GARP Status Syntax: show garp This command shows the switch’s GARP timer settings, including the join, leave and leave all timers. An example is shown next. ras # show garp GARP Timer -----------------------Join Timer = 200 Leave Timer = 600 Leave All Timer = 10000 ras# 38.2.
ES-3124 User’s Guide Switches join VLANs by making a declaration. A declaration is made by issuing a Join message using GARP. Declarations are withdrawn by issuing a Leave message. A Leave All message terminates all registrations. GARP timers set declaration timeout values. The following example sets the Join Timer to 300 milliseconds, the Leave Timer to 800 milliseconds and the Leave All Timer to 11000 milliseconds. ras (config)# garp join 300 leave 800 leaveall 11000 38.2.
ES-3124 User’s Guide 38.3.1 Set Port VID Syntax: pvid where = Specifies the VLAN number between 1 and 4094. This command sets the default VLAN ID on the port(s). The following example sets the default VID to 200 on ports 1 to 5. ras (config)# interface port-channel 1-5 ras (config-interface)# pvid 200 38.3.
ES-3124 User’s Guide 38.3.4 Modify Static VLAN Use the following commands in the config-vlan mode to configure the static VLAN table. Syntax: vlan fixed forbidden name normal untagged no fixed no forbidden no untagged where = The VLAN ID [1 – 4094]. = A name to identify the SVLAN entry. = This is the switch port list.
ES-3124 User’s Guide 3 The switch notes what the SVLAN table says (that is, the SVLAN tells the switch whether or not to forward a frame and if the forwarded frames should have tags). 4 Then the switch applies the port filter to finish the forwarding decision. This means that frames may be dropped even if the SVLAN says to forward them. Frames might also be dropped if they are sent to a CPE (customer premises equipment) DSL device that does not accept tagged frames. 38.3.4.2.
ES-3124 User’s Guide 38.5 Disable VLAN Syntax: vlan inactive This command disables the specified VLAN ID in the SVLAN (Static VLAN) table. 38.6 Show VLAN Setting Syntax: show vlan This command shows the IEEE 802.1Q Tagged SVLAN (Static VLAN) table. An example is shown next. • • • • VID is the VLAN identification number. Status shows whether the VLAN is static or active. Elap-Time is the time since the VLAN was created on the switch.
ES-3124 User’s Guide 304 Chapter 38 IEEE 802.
ES-3124 User’s Guide CHAPTER 39 Multicast VLAN Registration Commands This chapter shows you how to use Multicast VLAN Registration (mvr) commands. 39.1 Overview Use the mvr commands in the configuration mode to create and configure multicast VLANs. Note: If you want to enable IGMP snooping see Section 36.1 on page 275. 39.2 Create Multicast VLAN Use the following commands in the config-mvr mode to configure a multicast VLAN group.
ES-3124 User’s Guide group name = A name to identify the MVR IP multicast group . start-address = Specifies the starting IP multicast address of the multicast group in dotted decimal notation. end-address = Specifies the ending IP multicast address of the multicast group in dotted decimal notation. Enter the same IP address as the startaddress if you want to configure only one IP address for the multicast group. • Enter MVR mode.
ES-3124 User’s Guide CHAPTER 40 Troubleshooting This chapter covers potential problems and possible remedies. 40.1 Problems Starting Up the Switch Table 88 Troubleshooting the Start-Up of Your Switch PROBLEM CORRECTIVE ACTION None of the LEDs Check the power connection and make sure the power source is turned on. turn on when you turn on the switch. If the error persists, you may have a hardware problem. In this case, you should contact your vendor. 40.
ES-3124 User’s Guide 40.2.1 Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. 40.2.1.1 Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
ES-3124 User’s Guide Figure 118 Internet Options 3 Click Apply to save this setting. 40.2.1.1.2 Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen.
ES-3124 User’s Guide Figure 119 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites.
ES-3124 User’s Guide Figure 120 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 40.2.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab.
ES-3124 User’s Guide Figure 121 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window.
ES-3124 User’s Guide Figure 122 Security Settings - Java Scripting 40.2.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
ES-3124 User’s Guide Figure 123 Security Settings - Java 40.2.1.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for
ES-3124 User’s Guide Figure 124 Java (Sun) 40.3 Problems with the Password Table 90 Troubleshooting the Password PROBLEM CORRECTIVE ACTION Cannot access the switch. The password field is case sensitive. Make sure that you enter the correct password using the proper casing. The administrator username is “admin”. The default administrator password is “1234”. The username and password are case-sensitive. Make sure that you enter the correct password and username using the proper casing.
ES-3124 User’s Guide 316 Chapter 40 Troubleshooting
ES-3124 User’s Guide APPENDIX A Product Specifications These are the switch product specifications. Table 91 General Product Specifications Ethernet Interface 24 10/100 Base-TX interfaces Auto-negotiation Auto-MDI/MDIX Compliant with IEEE 802.3/3u Back pressure flow control for half duplex Flow control for full duplex (IEEE 802.
ES-3124 User’s Guide Table 92 Management Specifications System Control Alarm/Status surveillance LED indication for alarm and system status Performance monitoring Line speed Four RMON groups (history, statistics, alarms, and events) Throughput monitoring CMP packet transmission Port mirroring and aggregation Spanning Tree Protocol IGMP snooping Firmware upgrade and download through FTP/TFTP Login authorization and security levels (read only and read/write) Self diagnostics FLASH memory Network Management
ES-3124 User’s Guide Table 93 Physical and Environmental Specifications (continued) Safety ANS/UL 60950-1 CSA 60950-1 EN 60950-1 IEC 60950-1 EMC FCC Part 15 (Class A) CE EMC (Class A) Appendix A Product Specifications 319
ES-3124 User’s Guide 320
ES-3124 User’s Guide APPENDIX B IP Addresses and Subnetting This appendix introduces IP addresses, IP address classes and subnet masks. You use subnet masks to subdivide a network into smaller logical networks. Introduction to IP Addresses An IP address has two parts: the network number and the host ID. Routers use the network number to send packets to the correct network, while the host ID identifies a single device on the network.
ES-3124 User’s Guide The following table shows the network number and host ID arrangement for classes A, B and C. Table 94 Classes of IP Addresses IP ADDRESS OCTET 1 OCTET 2 OCTET 3 OCTET 4 Class A Network number Host ID Host ID Host ID Class B Network number Network number Host ID Host ID Class C Network number Network number Network number Host ID An IP address with host IDs of all zeros is the IP address of the network (192.168.1.0 for example).
ES-3124 User’s Guide Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). A subnet mask has 32 bits. If a bit in the subnet mask is a “1” then the corresponding bit in the IP address is part of the network number. If a bit in the subnet mask is “0” then the corresponding bit in the IP address is part of the host ID. Subnet masks are expressed in dotted decimal notation just like IP addresses.
ES-3124 User’s Guide Table 97 Alternative Subnet Mask Notation (continued) SUBNET MASK SUBNET MASK “1” BITS LAST OCTET BIT VALUE DECIMAL 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.252 /30 1111 1100 252 The first mask shown is the class “C” natural mask. Normally if no mask is specified it is understood that the natural mask is being used. Example: Two Subnets As an example, you have a class “C” address 192.168.1.0 with subnet mask of 255.255.255.0.
ES-3124 User’s Guide Table 99 Subnet 1 (continued) IP/SUBNET MASK NETWORK NUMBER Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126 LAST OCTET BIT VALUE Table 100 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 128 IP Address (Binary) 11000000.10101000.00000001. 10000000 Subnet Mask 255.255.255. 128 Subnet Mask (Binary) 11111111.11111111.11111111. 10000000 Subnet Address: 192.168.1.
ES-3124 User’s Guide Table 101 Subnet 1 (continued) LAST OCTET BIT VALUE IP/SUBNET MASK NETWORK NUMBER Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 Table 102 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.64 Lowest Host ID: 192.168.1.
ES-3124 User’s Guide The following table shows class C IP address last octet values for each subnet. Table 105 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 1 0 1 30 31 2 32 33 62 63 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 The following table is a summary for class “C” subnet planning. Table 106 Class C Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO.
ES-3124 User’s Guide The following table is a summary for class “B” subnet planning. Table 107 Class B Subnet Planning 328 NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.128.0 (/17) 2 32766 2 255.255.192.0 (/18) 4 16382 3 255.255.224.0 (/19) 8 8190 4 255.255.240.0 (/20) 16 4094 5 255.255.248.0 (/21) 32 2046 6 255.255.252.0 (/22) 64 1022 7 255.255.254.0 (/23) 128 510 8 255.255.255.0 (/24) 256 254 9 255.255.255.
ES-3124 User’s Guide Index Symbols “standby” ports 131 Numerics 10/1000 Ethernet ports 45 802.1P priority 83 A access control limitation 199 login account 202 remote management 211 service port 210 SNMP 200 accounts and modes 236 address learning, MAC 95 Address Resolution Protocol (ARP) 229, 231, 232 administrator password 203 aggregation ID 133 aggregator ID 133 aging time 77 alternative subnet mask notation 323 applications 35 backbone 36 bridging 36 IEEE 802.
ES-3124 User’s Guide static VLAN table example 301 summary 240 syntax conventions 234 user mode details 240 using history 239 vlan mode details 263 commands interface mode details 259 configuration change running config 193 saving 239 configuration file 58, 239 and commands 239 backup 194 restore 58, 194 configuration, saving 57 connections hardware 45 Console port 35 console port commands 233 settings 46, 233 copying port settings See port cloning copyright 1 CPU management port 98 CRC (Cyclic Redundant C
ES-3124 User’s Guide GVRP 86, 94 GVRP (GARP VLAN Registration Protocol) 86, 292 gvrp disable 299 gvrp enable 299 gvrp status 299 H rubber feet 41 interfaces IP 78 IP interface 78 IP setup 78 iStacking 33 L hardware 35 connections console port 45 front panel 45 installation precautions 42 mounting brackets 42 overview 45 rack-mounting 42 transceivers 47, 48 hardware installation 41 help 60 in command interpreter 237 web configurator 60 history in command interpreter 239 HTTPS 206 certificates 206 imple
ES-3124 User’s Guide management port 45 Management Information Base (MIB) 200 management interface, See also CLI management port 101 MIB and SNMP 200 supported MIBs 201 MIB (Management Information Base) 200 mini GBIC ports 47 connection speed 47 connector types 47 transceiver installation 47 transceiver removal 48 mirroring ports 127 modes and accounts 236 in command interpreter 236 mounting brackets 42 MSA (MultiSource Agreement) 47 MTU (Multi-Tenant Unit) 75 multicast 169 multicast group 173 multicast se
ES-3124 User’s Guide WFQ 160 WRR 160 queuing algorithm 159, 162 queuing method 159, 162 R rack-mounting 42 RADIUS 137 advantages 137 network example 137 server 137 settings 139 RADIUS (Remote Authentication Dial In User Service) 137 Rapid Spanning Tree Protocol (RSTP).
ES-3124 User’s Guide path cost 107, 112, 116 port priority 112, 116 port state 108 root port 108 status 113, 117 terminology 107 STP (Spanning Tree Protocol) 32 subnet 321 subnet mask 323 subnetting 323 switch lockout 57 switch reset 58 switch setup 76 sys commands examples 267, 279 sys log disp 279 sys sw mac list 269 syslog 215 protocol 215 server setup 216 settings 215 setup 215 severity levels 215 system information 71 system log 213 system login 51 system reboot 193 T tagged VLAN 85 Telnet commands 2
ES-3124 User’s Guide W warning lights 49 warnings 4 warranty 6 note 6 web configurator getting help 60 help 60 home 52 logging out 60 login 51 navigation panel 53 screen summary 54 weight, queuing 160 Weighted Round Robin Scheduling (WRR) 160 WFQ (Weighted Fair Scheduling) 160 WRR (Weighted Round Robin Scheduling 160 Z ZyNOS (ZyXEL Network Operating System) 195 Index 335
