Manuel d'utilisation / d'entretien du produit metrogigabit switch du fabricant ZyXEL Communications
Aller à la page of 448
www .zyxel.com www .zyxel.com MGS3700-12C MetroGigabit Switch Copyright © 2012 ZyXEL Communications Corporation Firmware V ersion 3.90 Edition 15, 11/2012 Default Login Details IP Address http://192.
.
About This User's Guide MGS3700-12C User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who w ant to configure the Switch using the web configurator . Related Document ation •Q u i c k S t a r t G u i d e The Quick Start Guide is de signed to help you get your S witch up and running right away .
About This User's Guide MGS3700-12C User’s Guide 4 Need More Help? More help is av ailable at www.zyx el.com. • Download Library Search for the latest produc t updates an d documentation from this link.
Document Conventions MGS3700-12C User’s Guide 5 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide.
Document Conventions MGS3700-12C User’s Guide 6 Icons Used in Figures Figures in this User’ s Guide may use the following generic icons . The Switch icon is not an exact representation of y our device.
Safety Warnings MGS3700-12C User’s Guide 7 Safety Warnings • Do NO T use this product near water , for exam ple, in a wet basement or near a swimming pool. • Do NO T expose your device to dampness, dust or corrosive liquids. • Do NO T store things on the device.
Safety Warnings MGS3700-12C User’s Guide 8.
Contents Overview MGS3700-12C User’s Guide 9 Contents Overview Introduction and Hardware ................................................ ................................................... 23 Getting to Know Y our Switch . ............. ...........
Contents Overview MGS3700-12C User’s Guide 10 PPPoE ............... ................. ................................................................ ............. ............ . ........... 317 Private VLAN ......... ... ... ... .... ... ... .....
Table of Contents MGS3700-12C User’s Guide 11 Table of Contents About This User's Guide ................................................................ ........................................ .. 3 Document Conventions.........................
Table of Contents MGS3700-12C User’s Guide 12 3.1.4 Management Port ... ... ............. ... ... .... ... ... ............. ... .... ... ... ... ............. ... .... ... ... ... ... ....... 39 3.1.5 Power Connector ............. ... ... ... ... .
Table of Contents MGS3700-12C User’s Guide 13 6.6 How to Do Port I solation in a VLAN . ................ ............. ................ ................ ................ ....... 85 6.6.1 Creating a VLAN .............. ............ ................. .
Table of Contents MGS3700-12C User’s Guide 14 9.6 Subnet Based V LANs ........... ................ ............. ................. ................ ............. ................ . 126 9.7 Configuring Subnet Based VLAN ............... ... ... .... .
Table of Contents MGS3700-12C User’s Guide 15 14.2 Bandwidth Control Setup ............ ................ ................ ................ ................ ................ ..... 1 70 Chapter 15 Broadcast St orm Control .............................
Table of Contents MGS3700-12C User’s Guide 16 Chapter 20 Classifier .......................................................... ........................................................... ........... 21 1 20.1 About the Classifier and QoS ........ ..
Table of Contents MGS3700-12C User’s Guide 17 24.3 Multicast Setting ........ ... ... ... .... ... ............. ... ... ... .... ... ... ... .... ... ... ............. ... ... .... ... ... ... .. ..... . 241 24.4 IGMP Snooping VLAN .. .............
Table of Contents MGS3700-12C User’s Guide 18 Chapter 27 Loop Guard............................................ ............................................................... ................. 295 27.1 Loop Guard Overview ......... ............. ..
Table of Contents MGS3700-12C User’s Guide 19 32.6 PPPoE IA for VLAN ....... ............. ................ ................ ............. ................ ................ ....... .3 2 5 Chapter 33 Private VLAN .....................................
Table of Contents MGS3700-12C User’s Guide 20 37.3.3 Global DHCP Relay Co nfigurat ion Example ..... ................ ................ ............. ........ 352 37.4 Configuring DHCP VLAN Settings ........ ............. ............. ..............
Table of Contents MGS3700-12C User’s Guide 21 39.9 Service Port Access Control . ............ ................. ............. ............ ................. ............ ..... 38 5 39.10 Remote Management ....... ................ ................ ..
Table of Contents MGS3700-12C User’s Guide 22 46.3 Switch Configuration ...... .......... ............ ................. ............. ................ ............. ............ .. ... 418 Chapter 47 Product Sp ecifications ........................
23 P ART I Introduction and Hardware Getting to Know Y our Switch (25) Hardware Installation and Connecti on (31) Hardware Overview (35) Tu t o r i a l s ( 6 3 ) v3.
24.
MGS3700-12C User’s Guide 25 C HA PT ER 1 Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction The MGS3700-12C is a lay er 2 stand-alone Gigabit Ethernet (GbE) switch.
Chapter 1 Getting to Know Your Switch MGS3700-12C User’s Guide 26 In this example, all computers can share hi gh-speed applications on the server . T o expand the network, simply add more networking devi ces such as switches, routers, computers, print servers etc.
Chapter 1 Getting to Kn ow Your Switch MGS3700-12C User’s Guide 27 1.1.3 High Performance Switching Example The Switch is ideal for connecting two netw orks that need high b andwidth. In the following example, use trunking to connect these two networks.
Chapter 1 Getting to Know Your Switch MGS3700-12C User’s Guide 28 Shared resources such as a serv er can be used by al l ports in the same VLAN as the server . In the following figure only po rts that need access to the serv er need to be part of VLAN 1.
Chapter 1 Getting to Kn ow Your Switch MGS3700-12C User’s Guide 29 • W eb Configurator . This is recommend ed for everyd ay management of the S witch using a (supported) web browser .
Chapter 1 Getting to Know Your Switch MGS3700-12C User’s Guide 30.
MGS3700-12C User’s Guide 31 C HA PT ER 2 Hardware Installation and Connection This chapter shows you how t o install and connect the S witch. 2.1 Inst allation Scenarios The Switch can be placed on a desktop or r ack -mounted on a standard EIA r ack.
Chapter 2 Hardware Installation and Connection MGS3700-12C User’s Guide 32 5 Attach the rubber feet to each corner on the bottom of the Switch. These rubber feet help protect the Switch from shoc k or vibration and ensure space between devices when stacking.
Chapter 2 Har d war e In sta lla tion an d Conn ec tion MGS3700-12C User’s Guide 33 2.3.2 Att aching the Mounting Bracket s to the Switch 1 P osition a mounting br acket on one side of the Switch, lining up the four screw holes on the brack et with the screw ho les on the si de of the Switch.
Chapter 2 Hardware Installation and Connection MGS3700-12C User’s Guide 34 2.3.3 Mounting the Switch on a Rack 1 P osition a mounting br acket (that i s alread y attached to the Swit ch) on one side of the rack, lining up the two sc rew holes on the br acket with the screw holes on the side of the rack.
MGS3700-12C User’s Guide 35 C HA PT ER 3 Hardware Overview This chapter describes the front panel and rear p anel of the Sw itch and shows you how to make the hardware connections. 3.1 Front Panel The following figure shows the front panel of the Switch.
Chapter 3 Har d war e Ov er vie w MGS3700-12C User’s Guide 36 3.1.1 Console Port For local management, you can use a computer with terminal emulation software configured to the following par ameters.
Chapter 3 Hardware Overview MGS3700-12C User’s Guide 37 When auto-negotiation is turned on, a Et hernet port negotiates with the peer automatically to determine the connection speed and d uplex mode.
Chapter 3 Har d war e Ov er vie w MGS3700-12C User’s Guide 38 3.1.3.1 T ransceiver Inst allation Use the following steps to install a mini-GBIC transceiver (SFP module). 1 Insert the transceiv er into the slot with the exposed section of PCB board facing down.
Chapter 3 Hardware Overview MGS3700-12C User’s Guide 39 3 Pull the transceiver out of the slot. Figure 1 1 Removing the Fiber Optic Ca bles Figure 12 Opening the T ransceiver ’s Latch Example Figure 13 T ransceiver Removal Example 3.1.4 Management Port The MGMT ( management) port is used for local management .
Chapter 3 Har d war e Ov er vie w MGS3700-12C User’s Guide 40 Use only power wires of the required di ameter for connecting the Switch to a power supply . 3.1.5.1 AC Power Connection Connect the female end of the po wer cord to the power socket of your S witch.
Chapter 3 Hardware Overview MGS3700-12C User’s Guide 41 3.1.6 Signal Slot The Signal slot (fitted wit h the signal connector) allows you to connect devices to the Switch, such as sensors or other Z yXEL switches which support the external alarm feat ure.
Chapter 3 Har d war e Ov er vie w MGS3700-12C User’s Guide 42 3 Insert the alarm connector into the Signal slot. Figure 14 Connecting a Sensor to the Signal Slot 4 T o connect an output device, repeat the pr evious steps but this time connect to either pins (1,2) or (2,3) on the Signal connector .
Chapter 3 Hardware Overview MGS3700-12C User’s Guide 43 2 When daisy -chaining further S witches ensure that the sig nal output pins y ou use are the same as those you used when conne cting to the first switch, as shown i n the diagr am below . Figure 15 Daisy-chaining an External Alarm Sens or to Other Switches of the Same Model 3.
Chapter 3 Har d war e Ov er vie w MGS3700-12C User’s Guide 44 3.4 Configuring the Switch Y ou may use th e embedded web co nfigur ator or command lin e interface to configure the Switch. If you’re using th e web configurator , you need Inte rnet Explorer 5.
Chapter 3 Hardware Overview MGS3700-12C User’s Guide 45 Y ou can access the command line interface using a terminal emulation progr am on a computer connected t o the Switch console port (s ee Section 3.1.1 on page 3 6 ) or access the Switc h using T elnet.
Chapter 3 Har d war e Ov er vie w MGS3700-12C User’s Guide 46.
MGS3700-12C User’s Guide 47 C HA PT ER 4 The Web Configurator This section introduces the config uratio n and functions of the web configurator . 4.1 Introduction The web configurator is an HTML -based management interface that allows easy Switch setup an d managemen t via Internet br owser .
Chapter 4 The Web Con figurator MGS3700-12C User’s Guide 48 3 The login screen appears. The defa ult username is admin (case sensitive) and associated de fault passwo rd is 1234 . The date and time display as shown i f you have not configured a time server nor manually ent ered a time and date in the General Setup screen.
Chapter 4 T he Web Configurator MGS3700-12C User’s Guide 49 A - Click the menu items to open submenu li nks, and then click on a submenu link to open the screen in the main window ( F ). B , C , D , E - These are quick links which allo w y ou to perform certain tasks no matter which screen you are currently working in.
Chapter 4 The Web Con figurator MGS3700-12C User’s Guide 50 The following table descri bes the links in the na vigation panel. T able 4 Navigation Panel Links LINK DESCRIPTION Basic Settings System Info This link takes you to a screen that displays general system and hardware monitoring inform ation.
Chapter 4 T he Web Configurator MGS3700-12C User’s Guide 51 Queuing Method This link takes you to a screen wh ere you can con figure queui ng with associated queue weights for each port. VLAN Stacking This link takes yo u to screens where you can configure VLAN stacking which helps to distinguish multiple customers VLANs.
Chapter 4 The Web Con figurator MGS3700-12C User’s Guide 52 4.3.1 Change Y our Password After you log i n for the first time, it is recommended you change the default administr ator password. Click Man agement > Access Control > Logi ns to display the next screen.
Chapter 4 T he Web Configurator MGS3700-12C User’s Guide 53 Click the Save link in the upper right hand corner of the web configur ator to sav e your configur ation to nonvol atile memory . Nonvolatile memory refers to the Switch’ s stor age that remains even if the Switch’ s power is turned off .
Chapter 4 The Web Con figurator MGS3700-12C User’s Guide 54 previous configur ations and the speed of the c onsole port will be res et to the default of 9600bps with 8 data bit, no parity , one stop bit and flow control set to none. The password will also be rese t to “1234” and the IP address t o 192.
Chapter 4 T he Web Configurator MGS3700-12C User’s Guide 55 4.7 Logging Out of the W eb Configurator Click Logout in a screen to exit the web configurator . Y ou have to log in with your password again after you log out. This is recommended after you fini sh a management session for security reasons.
Chapter 4 The Web Con figurator MGS3700-12C User’s Guide 56.
MGS3700-12C User’s Guide 57 C HA PT ER 5 Initial Setup Example This chapter shows how to set up the S witch for an example network. 5.1 Overview The following lists the configur ation steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Swi tch IP management address 5.
Chapter 5 Initi al Set up Ex amp l e MGS3700-12C User’s Guide 58 1 Click Advanced Application > VLAN in the navigati on panel and click t he Static VLAN link. 2 In the Static VLAN screen, select ACTIVE , enter a descriptiv e name in the Name field and enter 2 in the VLAN Group ID field fo r the VLAN2 network.
Chapter 5 Initi al Set up Ex amp le MGS3700-12C User’s Guide 59 In the example network, configure 2 as the port VID on port 1 so that any untagged frames received on that port get sent to VLAN 2. Figure 23 Initia l Setup Network Example: Port VID 1 Click Advanced Applications > VLAN in the navigation panel.
Chapter 5 Initi al Set up Ex amp l e MGS3700-12C User’s Guide 60 5.2 Configuring Switch Management IP Address The default management IP address of the Switc h is 192.168.1.1. Y ou can configure another IP address in a differ ent subnet for management purposes.
Chapter 5 Initi al Set up Ex amp le MGS3700-12C User’s Guide 61 3 Click Basic Setting > IP Setup in the navigation panel. 4 Configure the related fields in the IP Setup screen. 5 For t h e VLAN2 network, enter 192.168.2.1 as the IP address and 255.
Chapter 5 Initi al Set up Ex amp l e MGS3700-12C User’s Guide 62.
MGS3700-12C User’s Guide 63 C HA PT ER 6 Tutorials This chapter provides some examples of using the web configur ator to set up and use the Switch. The tutorials include: • How to Use DHCP Snoopin.
Chapter 6 Tutorials MGS3700-12C User’s Guide 64 The settings in t his tutorial are as the following. 1 Access the Switch from t he MGMT port through http://192.168 .0.1 by def ault. Log into the Switch by entering the username (default: admin ) and password (default: 1234 ).
Chapter 6 Tutorials MGS3700-12C User’s Guide 65 3 Go to Advanced Application > VLAN > VLAN Port Setting , and set the PV ID of the ports 5, 6 and 7 to 100.
Chapter 6 Tutorials MGS3700-12C User’s Guide 66 5 Click the Port link at the top right corner . 6 The DHCP Snooping Port Configure screen appears. Select Trusted in the Server Trusted state field for port 5 because the DHCP server is connected to port 5.
Chapter 6 Tutorials MGS3700-12C User’s Guide 67 8 Click Save at the top right corner of the web configurator to sa ve the configurat ion permanently . 9 Connect your DHCP server to p ort 5 and a computer (as DHCP client) t o either port 6 or 7. The computer should be ab le to get an IP address from the DHCP server .
Chapter 6 Tutorials MGS3700-12C User’s Guide 68 the system name, VLAN ID and port nu mber in the DHCP request. Client A connects to the S witch’ s port 2 in VLAN 102. Figure 32 T utorial: DH CP Relay Scenario 6.2.2 Creating a VLAN Fol low the steps below to configure port 2 as a member of VLAN 102.
Chapter 6 Tutorials MGS3700-12C User’s Guide 69 2 Go to Basic Setting > Switch Setup and set the VLAN type to 802.1Q . Click Apply to save the settings to the run-time memory . Figure 33 T utorial: Set VLAN T ype to 802.1Q 3 Click Advanced Application > VLAN > Static VLAN .
Chapter 6 Tutorials MGS3700-12C User’s Guide 70 7 Click Add to sav e the settings to the run-time memory . Settings in the run-time memory are lost when the Switc h’ s power is turned off .
Chapter 6 Tutorials MGS3700-12C User’s Guide 71 10 Click Apply t o save y our changes back to the run-time memory . Figure 36 T utorial: Add T ag for Frames Received on Port 2 11 Click the Save link in the upper right c orner of the web configur ator to sav e your configu ration permane ntly .
Chapter 6 Tutorials MGS3700-12C User’s Guide 72 5 Click Apply t o save y our changes back to the run-time memory . Figure 37 T utorial: Set DHCP Server and Relay Information 6 Click the Save link in the upper right c orner of the web configur ator to sav e your configu ration permane ntly .
Chapter 6 Tutorials MGS3700-12C User’s Guide 73 Figure 38 T utorial: PPPoE Intermediate Agentt T utorial Overview Note: For related information about PPPoE I A, see Section 32.4 on p age 320 . The settings in this tutorial are as follows: 6.3.1 Configuring Switch A 1 Click Advanced Application > PPPo E > Intermediate Agent .
Chapter 6 Tutorials MGS3700-12C User’s Guide 74 2 Select Untrusted for port 5 and enter userC as Circuit-id and 00134900000A as Remote-id. Select Trusted for port 12 and then leave the other fields empty . Click Apply . Then Click Intermediate Agent on the top of the screen.
Chapter 6 Tutorials MGS3700-12C User’s Guide 75 4 Enter 1 for both Start VID and End VID since both the Switch and PPPoE server are in VLAN 1 in this example.
Chapter 6 Tutorials MGS3700-12C User’s Guide 76 1 Click Advanced Application > PPPo E > Intermediate Agent . Select Active then clic k Apply . Click Port on the top of the screen. 2 Select Trusted for ports 11 and 12 and then click Apply . Then Click Intermediate Agent on the top of the screen.
Chapter 6 Tutorials MGS3700-12C User’s Guide 77 3 The Intermediate Agent screen appears. Click VLAN on the top of the screen. 4 Enter 1 for both Start VID and End VID .
Chapter 6 Tutorials MGS3700-12C User’s Guide 78 6.4 How to Use Error Disable and Recovery on the Switch This tutorial shows y ou how to shut down a port when: • there is a loop occurred or • too.
Chapter 6 Tutorials MGS3700-12C User’s Guide 79 2 Click Advanced Application > Errdisable > CPU Protection , select ARP as the reason, enter 100 as the r ate limit (packets per second ) for the first entry (port *) to apply the s etting to all po rts.
Chapter 6 Tutorials MGS3700-12C User’s Guide 80 4 Click Advanced Application > Errdisable > Errdisable Recovery , select Active and Timer Status for loopguard and ARP entries. Also enter 180 (180 seconds = 3 minutes) in the Interval field for both entries.
Chapter 6 Tutorials MGS3700-12C User’s Guide 81 6.5.1 Creating a Guest VLAN Fol low the steps below to config ure port 1, 2, 3 and 10 as a member of VLAN 200. 1 Access th e web configurator throug h the Switch’s management port. 2 Go to Basic Setting > Switch Setup an d set the V LAN type to 802 .
Chapter 6 Tutorials MGS3700-12C User’s Guide 82 7 Click Add to sav e the settings to the run-time memory . Settings in the run-time memory are lost when the Switc h’ s power is turned off . 8 Click the VLAN St atus link in the Static VLAN screen a nd then the VLAN Port Setting link in the VLAN Status sc reen.
Chapter 6 Tutorials MGS3700-12C User’s Guide 83 10 Click Apply t o save y our changes back to the run-time memory . 11 Click the Save link in the upper right c orner of the web configur ator to sav e your configu ration permane ntly . 6.5.2 Enabling IEEE 802.
Chapter 6 Tutorials MGS3700-12C User’s Guide 84 2 Select the first Active checkbo x to enable 802.1x au thenti cation on the Switch. Select the Active checkbo xes for ports 1 to 8 to turn on 802.1x authenticat ion on the selected ports. Click Apply .
Chapter 6 Tutorials MGS3700-12C User’s Guide 85 2 Select Active and enter the guest VLAN ID (200 in this example) on ports 1, 2 and 3. The Switch puts unauthentic ate d clients i n the specified guest VLAN.
Chapter 6 Tutorials MGS3700-12C User’s Guide 86 Private VLAN to do port isolation in a VLAN instead of assi gning each port to a separate VL AN and creating a different IP routing domain for each individual port.
Chapter 6 Tutorials MGS3700-12C User’s Guide 87 4 In the Static VLAN screen, select ACTIVE , enter a descripti ve name (VLAN 123 for example) in the Name field and enter 123 in the VLAN Group ID field. 5 Select Fixed to configure ports 2, 3, 4 and 5 to be permanent members of this VLAN.
Chapter 6 Tutorials MGS3700-12C User’s Guide 88 8 Click the VLAN St atus link in the Static VLAN screen a nd then the VLAN Port Setting link in the VLAN Status sc reen.
Chapter 6 Tutorials MGS3700-12C User’s Guide 89 6.6.2 Creating a Private VLAN Rule Fol low the steps below to configure priv ate VLAN for VLAN 123. 1 Click Advanced Application > Private VLAN .
Chapter 6 Tutorials MGS3700-12C User’s Guide 90.
91 P ART II Basic Configuration System Status and P ort Statistics (93) Basic Setting (99).
92.
MGS3700-12C User’s Guide 93 C HA PT ER 7 1 1/2012 System Status and Port Statistics This chapter describes the system s tatus (web configur ator home page) and port details screens. 7.1 Overview The home screen of the web configurator di splays a port stat istical sum mary with links to each port showing s tatistical details.
Chapter 7 S ystem Status and Port Sta tistics MGS3700-12C User’s Guide 94 7.2 Port S t atus Summary T o view the port statistics, click Status in all web configurator screens to display the Status screen as sho wn next. Figure 39 S tatus The following table describes t he labels in this screen.
Chapter 7 System Status and Port Statistics MGS3700-12C User’s Guide 95 Up Time This field shows the total amount of time in hours, minutes and seconds the port has been up. Clear Counter Enter a port number and then click Clear Counter to er ase the recorded statistical information for that port, or select Any to clear statistics for all ports.
Chapter 7 S ystem Status and Port Sta tistics MGS3700-12C User’s Guide 96 7.2.1 S t atus: Port Det ails Click a number in the Port column in the Status screen to display individual p ort statistics. Use t his screen to check status and detailed performance data about an individual port on the S witch.
Chapter 7 System Status and Port Statistics MGS3700-12C User’s Guide 97 Name This field displays the name of the port. Link This field displays the speed (either 10 M for 10Mbps, 100M for 100Mbps or 1000M for 1000Mbps) and the duplex ( F for full duplex or H for half duplex).
Chapter 7 S ystem Status and Port Sta tistics MGS3700-12C User’s Guide 98 Control This field shows the number of con trol packets received (including those with CRC error) but it does not include the 802.3x Pause pack ets. TX Collision The following fields display informat ion on collisions while transmitting.
MGS3700-12C User’s Guide 99 C HA PT ER 8 Basic Setting This chapter describes how to configure the System Info, General Setup , Switch Setup , IP Setup and Port Setup screens. 8.1 Overview The System Info screen displays gener al Switch information (such as fi rmware version number) and hardware polling information (such as fan speeds).
Chapter 8 Basic Setting MGS3700-12C User’s Guide 100 8.2 System Information In the navigation panel, click Basic Setting > System Info to displ ay the screen as shown. Y ou can check the firmware version number and monitor the Switch’ s temperature, fan speed and voltage in this screen.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 101 AC Power This field displays On when the Switch is using AC power and Absent when AC power is not av ailable. DC Power This field displays On when the Switch is using DC power , Present when the Switch is connected to DC power but does not use it, and Absent when DC power is not av ailable.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 102 8.3 General Setup Use this screen to configure genera l sett ings such as the system name and time.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 103 Use Time Server when Bootup Enter the time service pro tocol that your timeserv er uses. Not all time servers support all protocols, so you may have to use trial and error to find a protocol that works.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 104 8.4 Introduction to VLANs A VLAN (Virtual Local Area Network) allo ws a physical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one grou p.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 105 8.4.1 Smart Isolation T o block tr affic between two specific ports withi n the Switch, y ou can use port isolation or private VLAN ( see Chapter 33 on page 327 for more information). However , it does not work across multiple switches.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 106 Note: The uplink port connecte d to the Internet should be the root po rt. Otherwise, with smart isolation enabled, the isolated port s cannot access the Internet. 8.5 Switch Setup Screen Click Basic Setting > Switch Setup in the navigation panel to display the screen as shown.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 107 Smart Isolation Select Active to enable smart isolation on the S witch. The designated port(s) then becomes the isolated port. Smart isolation allows you to prevent isolated ports on different switch es from transmitting tr affic to each other .
Chapter 8 Basic Setting MGS3700-12C User’s Guide 108 8.6 IP Setup Use the IP Setup screen to configure the Switch IP address, default gatew ay device, the default d omain name serv er and the management VLAN ID . The default gateway specifies the IP address of the default gateway (next hop ) for outgoing traffi c.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 109 Note: Y ou must configure a VLAN first. Figure 44 Basic Setting > IP Setup The following table describes t he labels in this screen.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 11 0 Default Management Specify which traffic flow ( In-Band or Ou t-of-band ) the S witch is to send packets originating from itself (such as SNMP traps) or pack ets with unknown source. Select Out-of-band to have the Switch send the packets to the out- of-band management port.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 111 In-band IP Addresses Y ou can create up to 64 IP addresses, which are used to access and manage the Switch from the ports belonging to the pre-defin ed VLAN(s).
Chapter 8 Basic Setting MGS3700-12C User’s Guide 11 2 8.7 Port Setup Use this screen to configure Switch port settings. Click Basic Setting > Port Setup in the navigation panel to display the conf iguration screen. Figure 45 Basic Setting > Port Setup The following table describes t he labels in this screen.
Chapter 8 Basic Setting MGS3700-12C User’s Guide 11 3 Speed/ Duplex Select the speed and the duplex mode of the Ethernet connection on this port. Choices are Auto , 10M/Half Duplex , 10M/Full Duplex , 100M/ Half Duplex , 100M/Full Duplex and 1000M/Full Duplex .
Chapter 8 Basic Setting MGS3700-12C User’s Guide 11 4.
11 5 P ART III Advanced VLAN (117) Static MAC F orward Setup (137) Static Multicast Forw ard Setup (141) Filtering (145) Spanning T ree Protocol (147) Bandwidth Control (169) Broadcast Storm Control (.
11 6.
MGS3700-12C User’s Guide 11 7 C HA PT ER 9 VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-bas ed VLANs. 9.1 Introduction to IEEE 802.
Chapter 9 VLAN MGS3700-12C User’s Guide 11 8 9.1.1 Forwarding T agged and Unt agged Frames Each port on the Swit ch is capable of passing tagged or unta gged frames. T o forward a fr ame from an 802.1Q VLAN- aware swit ch to an 802.1Q VLAN-unaware switch, the Swit ch first decides where to forw ard the frame and then strips off the VLAN tag.
Chapter 9 VLAN MGS3700-12C User’s Guide 11 9 Please refer to the following table fo r common IEEE 802.1Q VLAN terminology . 9.3 Port VLAN T runking Enable VLAN Trunking on a port to allow fr ames belonging to unknown VLAN groups to pass through that port.
Chapter 9 VLAN MGS3700-12C User’s Guide 120 VLAN group tags 1 and 2 (VLAN groups th at are unknown to those switches) to pass through their VLAN trunking port(s). Figure 46 Port VLAN T runking 9.4 Select the VLAN T ype Select a VLAN type in the Basic Setting > Switch Setup screen.
Chapter 9 VLAN MGS3700-12C User’s Guide 121 9.5.1 S t atic VLAN S t atus See Section 9.1 on page 117 for more information on Static VLAN. Cl ick Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown next.
Chapter 9 VLAN MGS3700-12C User’s Guide 122 9.5.2 VLAN Det ails Use this screen to view detai led port se ttings and status of the VLAN group . See Section 9.1 on page 117 for more information on static VLAN. Click on an index number in the VLAN Status screen to display VLAN det ails.
Chapter 9 VLAN MGS3700-12C User’s Guide 123 static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 50 Advanced Application > VLAN > S tatic VLAN The following table describes t he related labels in this screen.
Chapter 9 VLAN MGS3700-12C User’s Guide 124 * Settings in this row apply to all ports. Use this row only if y ou want to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port -by-port basis.
Chapter 9 VLAN MGS3700-12C User’s Guide 125 9.5.4 Configure VLAN Port Settings Use the VLAN Port Set ting screen to co nfigure the static VLAN (IEEE 802.1Q) settings on a port. See Section 9.1 on page 117 for more information on static VLAN. Click the VLAN Port Setting link in th e VLAN St atus screen.
Chapter 9 VLAN MGS3700-12C User’s Guide 126 9.6 Subnet Based VLANs Subnet based VLANs allow y ou to group tr affic into logical VLANs based on the source IP subnet you s pecify . When a fr ame is received on a port, the Switch checks if a tag is added already and the IP subnet it came from.
Chapter 9 VLAN MGS3700-12C User’s Guide 127 Y ou configure a subnet based VLAN with priority 6 and VID of 100 for tr affic received from IP subnet 172.16.1. 0/24 (voice services). Y ou also have a subnet based VLAN with priority 5 and VID of 200 for tr affic received from IP subnet 192.
Chapter 9 VLAN MGS3700-12C User’s Guide 128 Note: Subnet based VLAN applies to un-tagg ed packet s and is applicable only when you use IEEE 802.1Q t agged VLAN. Figure 53 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN The following table describes t he labels in this screen.
Chapter 9 VLAN MGS3700-12C User’s Guide 129 9.8 Protocol Based VLANs Protocol based VLANs allow y ou to group tr affic into logi cal VLANs based on the protocol you spec ify . When an ups tream fr ame is received on a port (configured for a protocol based VLAN), t he Switch checks if a tag is added already and its protocol.
Chapter 9 VLAN MGS3700-12C User’s Guide 130 for ARP traff ic received on port 1, 2 and 3. Y ou also have a protocol based VLAN B with priority 2 for Appl e T alk traffic receiv ed on port 6 and 7.
Chapter 9 VLAN MGS3700-12C User’s Guide 131 The following table describes t he labels in this screen. T able 20 Advanced Application > VLAN > VL AN Port Setting > Protocol Based VLAN Setup LABEL DESCRIPTION Active Check this bo x to activate this protocol based VLAN.
Chapter 9 VLAN MGS3700-12C User’s Guide 132 9.10 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 4 and 8. Fo llow these steps: 1 Activ ate this protocol based VLAN. 2 T ype the port number you w ant to include in this protocol based VLAN.
Chapter 9 VLAN MGS3700-12C User’s Guide 133 P ort-based VLANs require all owed outgoing ports to be defined for each port. Therefore, if y ou wish to allow t wo subscr iber ports to talk to each oth.
Chapter 9 VLAN MGS3700-12C User’s Guide 134 9.1 1.1 Configure a Port-based VLAN Select Port Based as the VLAN Type in the Basic Setting > Switch Setup screen and then click Advanced Application > VLAN from the navigation p anel to display the next screen.
Chapter 9 VLAN MGS3700-12C User’s Guide 135 The following table describes t he labels in this screen. T able 21 Port Based VLAN Setup label Description Setting Wizard Choose All connected or Port isolation . All connected means all ports can communicate with each other , that is, there are no virtual LANs.
Chapter 9 VLAN MGS3700-12C User’s Guide 136.
MGS3700-12C User’s Guide 137 C HA PT ER 10 Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 10.1 Overview This chapter discusses how to configure forw arding rules based on MAC addresses of devices on your network.
Chapter 10 St at ic MAC Fo rw ard Setup MGS3700-12C User’s Guide 138 Click Advanced Applications > Static MAC Forwarding in the na vigation panel to display the configur ation screen as shown. Figure 59 Advanced Application > S tatic MAC Forwarding The following table describes t he labels in this screen.
Chapter 10 Static MAC Fo rward Setup MGS3700-12C User’s Guide 139 VID This field displays the ID number of the VLAN group. P ort This field displa ys the port where the MAC address shown in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table.
Chapter 10 St at ic MAC Fo rw ard Setup MGS3700-12C User’s Guide 140.
MGS3700-12C User’s Guide 141 C HA PT ER 11 Static Multicast Forward Setup Use these screens to configure stat ic Multicast address forwarding. 1 1.1 S t atic Multicast Forwarding Overview A multicast MAC address is the MAC addres s of a member of a multicast group.
Chapter 11 St at ic Mu lt ica s t Fo rw ar d Set up MGS3700-12C User’s Guide 142 connected to port 3. Fi gure 62 shows fr ames being forwarded to ports 2 and 3 within VLAN group 4. Figure 60 No S tatic Multicast Forwardin g Figure 61 S tatic Mutlicast Forwardin g to A Single Port Figure 62 S tatic Mutlicast Forwardin g to Multiple Ports 1 1.
Chapter 11 Static Mu lticast Forward Setup MGS3700-12C User’s Guide 143 Click Advanced Applications > Static Multicast Forwarding to display the configurati on screen as shown. Figure 63 Advanced Application > S tat ic Multicast Forwarding The following table describes t he labels in this screen.
Chapter 11 St at ic Mu lt ica s t Fo rw ar d Set up MGS3700-12C User’s Guide 144 Active This field displays whether a static multicast MAC address forwarding rule is active ( Yes ) or not ( No ). Y ou may tempor arily deactivate a rule without deleting it.
MGS3700-12C User’s Guide 145 C HA PT ER 12 Filtering This chapter discusses MAC address port fil tering. 12.1 Configure a Filtering Rule Filtering means sifting tr affic going throug h the Switch based on the source and/or destination MAC addresse s and VLAN group (ID).
Chapter 12 Filtering MGS3700-12C User’s Guide 146 The following table describes t he related labels in this screen. T able 24 Advanced Application > FIltering LABEL DESCRIPTION Active Make sure to select this check box to activ ate your rule. Y ou may temporarily deactiv ate a rule without de leting it by deselecting this check box.
MGS3700-12C User’s Guide 147 C HA PT ER 13 Spanning Tree Protocol The Switch suppor ts Spanning T ree Protocol (STP), R apid Spanning T ree Protocol (RSTP) and Multiple Spanning T ree Protoc ol (MSTP) as defined in the following standards. • IEEE 802.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 148 P ath cost is the cost of tr ansmitting a frame onto a LAN through that port. The recommended cost is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 149 13.1.3 STP Port S t ates STP assigns fiv e port states to eliminate packet loopi ng. A bridge port is not allowed to go direct ly from blocking state to forw arding state so as to eliminate transient loops.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 150 Note: Each port can belong to one STP tree only . Figure 65 MRST P Network Exa mpl e 13.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 151 blocked as STP and RSTP allow only one link i n the network and block the redundant link. Figure 66 STP/RSTP Network Example With MSTP , VLANs 1 and 2 are mapped to di fferent spanni ng trees in the network.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 152 Devices that belong to the same MST re gion are configured to hav e the same MSTP configuration identificati on settings .
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 153 and single spanning tree devi ces. A ne t work may contain multiple MST regions and other network segments running RSTP .
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 154 13.3 S p anning T ree Configuration Use the Spanning Tree Configuration screen to activate one of the STP modes on the Switch. Click Configuration in t he Advanced Application > Spanning Tree Protocol .
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 155 13.4 Configure Rapid S p anning T ree Protocol Use this screen to configure RSTP settings, see Section 13.1 on page 147 for more informat ion on RS TP . Click RSTP in the Advanced Application > Spanning Tree Protocol screen.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 156 Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 157 13.5 Rapid S p anning T ree Protocol St atus Click Advanced Application > Spanning Tree Pro tocol in the navigation panel to display the status screen as shown next. See Section 13.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 158 The following table describes t he labels in this screen. T able 29 Advanced Application > Spanning Tree Protocol > Status: RSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you w ant to activate.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 159 13.6 Configure Multiple Rapid S p anning T ree Protocol T o configure MRSTP , click MRSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 13.1 on page 147 for more information on MRSTP .
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 160 Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 161 13.7 Multiple Rapid S p anning T ree Protocol S t atus Click Advanced Applicat ion > Spanning Tree Protoc ol in the navigation panel to display the status screen as shown next. See Section 13.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 162 The following table describes t he labels in this screen. T able 31 Advanced Application > Spanning Tree Protocol > Status: MRST P LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you w ant to activate.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 163 13.8 Configure Multiple S p anning T ree Protocol T o configure MSTP , click MSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 13.1.5 on page 150 for more information on MSTP .
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 164 The following table describes t he labels in this screen. T able 32 Advanced Application > S p anning T ree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 77 on page 166 ).
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 165 Bridge Priority Set the priority of the Switch for the specific spanning tree instance. The lower the number , the more li kely the Switch will be chosen as the root bridge within the spanning tree instance.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 166 13.9 Multiple S p anning T ree Protocol St atus Click Advanced Applicat ion > Spanning Tree Protoc ol in the navigation panel to display the status screen as shown next. See Section 13.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 167 The following table describes t he labels in this screen. T able 33 Advanced Application > Spanning Tree Protocol > Status: MSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you w ant to activate.
Chapter 13 Spanning T ree Protoc ol MGS3700-12C User’s Guide 168 Internal Cost This is the path cost from the root port in this MST instance to the regional root switch. P ort ID This is the priority and number of the port on the Sw itch through which this Switch must communicate with the root of th e MST instance.
MGS3700-12C User’s Guide 169 C HA PT ER 14 Bandwidth Control This chapter shows you how y ou can cap the maximum bandwidth using the Bandwidth Control screen. 14.1 Bandwid th Control Overview Bandwidth control means defining a maxi mum allowab le bandwidth for incoming and/or out-going tr affic flows on a port.
Chapter 14 Bandwidth Control MGS3700-12C User’s Guide 170 14.2 Bandwid th Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 78 Advanced Application > Bandwid th Control The following table describes t he related labels in this screen.
Chapter 14 Band wid th Contr ol MGS3700-12C User’s Guide 171 Active Select this check box to activ ate peak rate limits on this port. Pe a k Rat e Specify the maximum bandwidth allowed in kilobits per second (Kbps) for the incoming traffic flow on a port.
Chapter 14 Bandwidth Control MGS3700-12C User’s Guide 172.
MGS3700-12C User’s Guide 173 C HA PT ER 15 Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature.
Chapter 15 Broadcast Storm Control MGS3700-12C User’s Guide 174 The following table describes t he labels in this screen. T able 35 Advanced Application > Broadcast S torm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch.
MGS3700-12C User’s Guide 175 C HA PT ER 16 Mirroring This chapter discusses port mirroring s etup screens. 16.1 Port Mirroring Setup P o r t m i r r o r i n g a l l o w s y o u t o c o p y a t r a f.
Chapter 16 M irr or in g MGS3700-12C User’s Guide 176 The following table describes t he labels in this screen. T able 36 Advanced Application > Mirroring LABEL DESCRIPTION Active Select this check box to activ ate port mirroring on the Switch. Clear this check box to disable the feature.
Chapter 16 M irr or ing MGS3700-12C User’s Guide 177 16.2 RMirror RMirror lets you redirect data flows that you monitor on a source switch to a different destination switch, which all ows a centrali zed network analyzer or probe to capture packets for an entire LAN.
Chapter 16 M irr or in g MGS3700-12C User’s Guide 178 Figure 81 Rmirror Architecture 16.2.2 RMirror Configuration Click Advance d Application > Mirroring >RMirr o r on the up right of the navig ation panel to displa y the RMirro r screen.
Chapter 16 M irr or ing MGS3700-12C User’s Guide 179 Figure 82 Advanced Application > Mirroring> RMirro r The follo wing table describes the labels in this scr een. 16.2.3 Source It will mirror port traffic to intermediate switch or destination switch by RMirror VLAN.
Chapter 16 M irr or in g MGS3700-12C User’s Guide 180 Figure 83 Advanced Application > Mirroring> RMirro r > Source The follo wing table describes the labels in this scr een.
Chapter 16 M irr or ing MGS3700-12C User’s Guide 181 16.2.4 Destination It will monitor port tr affic from intermed iate switch or source switch by RMirror VLAN. The configuration contains: RMirror VLAN, monitor-port and connected- port. If the destination switch is other supplier switch device, i t needs to support 802.
Chapter 16 M irr or in g MGS3700-12C User’s Guide 182 Figure 84 Advanced Application > Mirrori ng> RMirror > Destination The following table describes t he labels in this screen.
Chapter 16 M irr or ing MGS3700-12C User’s Guide 183 16.2.5 Connected Port The connected-port is the physical port connected to other switch in the same RMirror VLAN, and it can't be Mirror port or Monitor P ort.
Chapter 16 M irr or in g MGS3700-12C User’s Guide 184 The follo wing table describes the labels in this scr een. T able 41 Advanced Application > Mirroring> RMi.
MGS3700-12C User’s Guide 185 C HA PT ER 17 Link Aggregation This chapter shows you how t o logically aggr egate phy sical links t o form one logical, higher-bandwid th link. 17.1 Link Aggregation Overview Link aggregation (trunking) is the groupi ng of physical por ts into one log ical higher-capacity link.
Chapter 17 Li nk Aggr eg a tion MGS3700-12C User’s Guide 186 When you enable LACP link aggregation on a port, the port can automatically negotiate with the ports at the remote en d of a li nk to establish trunk groups.
Chapter 17 L ink Aggr eg a tion MGS3700-12C User’s Guide 187 17.3 Link Aggregation S t atus Click Advanced Application > Link Aggregation in the navigation panel. The Link Aggregation Status screen d isplays by default. See Sect ion 17.1 on page 185 for more information.
Chapter 17 Li nk Aggr eg a tion MGS3700-12C User’s Guide 188 Criteria This shows the outgoing traffic distribution algorith m used in this trunk group. P ackets from the same source and/or to the same destination are sent over the same link within the trun k.
Chapter 17 L ink Aggr eg a tion MGS3700-12C User’s Guide 189 17.4 Link Aggregation Setting Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 17.1 on page 185 for more informat ion on link ag gregation.
Chapter 17 Li nk Aggr eg a tion MGS3700-12C User’s Guide 190 Criteria Select the outgoing traffic distribution type. P ackets from the same source and/or to the same destination are sent ov er the same link within the trunk. By default, the Switch uses the src-dst-mac distribution type.
Chapter 17 L ink Aggr eg a tion MGS3700-12C User’s Guide 191 17.5 Link Aggregation Control Protocol Click Advanced Application > Link Aggregation > Link A ggregation Setting > LACP to display the screen shown next. See Section 17.2 on page 185 for more information on d ynamic link aggregation.
Chapter 17 Li nk Aggr eg a tion MGS3700-12C User’s Guide 192 17.6 S t atic T runking Example This example shows you how to create a static port trunk group for ports 2-5.
Chapter 17 L ink Aggr eg a tion MGS3700-12C User’s Guide 193 1 Make your physical connections - make sure that the ports that you w ant to belong to the trunk group are connected to the same destinati on. The following figure shows ports 2-5 on swit ch A connected to switch B .
Chapter 17 Li nk Aggr eg a tion MGS3700-12C User’s Guide 194 Y our trunk group 1 ( T1 ) configur ation is now complete; you do not need to go to any additional screens.
MGS3700-12C User’s Guide 195 C HA PT ER 18 Port Authentication This chapter describes the IEEE 802. 1x and MAC authentication methods. 18.1 Port Authentication Overview P ort authentication is a w ay to v alidate access to ports on the Switch to clients based on an external server (authentic ation server).
Chapter 18 Port Authentication MGS3700-12C User’s Guide 196 request to a RADIUS server . The RADIUS se rver v alidates whether this client is allowed access to the port. Figure 91 IEEE 802.1x Authentication Process 18.1.2 MAC Authentication MAC authentication works in a very sim ilar way to IEEE 802.
Chapter 18 Port Authentication MGS3700-12C User’s Guide 197 client connecting to a port on the Switch along with a password configured specifically for MAC authenti cation on the Switc h.
Chapter 18 Port Authentication MGS3700-12C User’s Guide 198 18.2.1 Activate IEEE 802.1x Security Use this screen to activ ate IEEE 802.1x security . In the Port Authentication screen, click 802.1x to display the config uration s creen as shown. Figure 94 Advanced Application > Port Authentication > 802.
Chapter 18 Port Authentication MGS3700-12C User’s Guide 199 18.2.2 Guest VLAN When 802.1x port authentication is enable d on the Swit ch and its ports, client s that do not hav e the correct credentials are block ed from using the port(s). Y ou can configure your S witch to have one VLAN that acts as a guest VLAN.
Chapter 18 Port Authentication MGS3700-12C User’s Guide 200 rights gr anted to the Guest VLAN depe nds on how the network administrator configures switches or routers with the gu est network feature. Figure 95 Guest VLAN Example Use this screen to enable and as si gn a Guest VLAN to a port.
Chapter 18 Port Authentication MGS3700-12C User’s Guide 201 The following table describes t he labels in this screen. T able 48 Advanced Application > Port Authentication > 802.1 x > Guest VLAN LABEL DESCRIPTION P ort This field displays a port number .
Chapter 18 Port Authentication MGS3700-12C User’s Guide 202 18.2.3 Activate MAC Authentication Use this screen to activ ate MAC authentication. In t he Port Authentication screen click MAC Authentication to di splay the configur ation screen as shown.
Chapter 18 MGS3700-12C User’s Guide 203 Timeout Specify the amount of time before the Switch allows a client MAC address that fails authentication to try and authenticate again. Maximum time is 3000 seconds. When a client fails MAC authentication , its MAC address is learned by the MAC address table with a status of denied.
Chapter 18 MGS3700-12C User’s Guide 204.
MGS3700-12C User’s Guide 205 C HA PT ER 19 Port Security This chapter shows you how t o set up port securit y . 19.1 About Port Security P ort security allows only packet s with dynamically learned MAC addresses and/or configured static MAC ad dresses to pass th rough a port on the Sw itch.
Chapter 19 Port Secu rity MGS3700-12C User’s Guide 206 19.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. Figure 98 Advanced Application > Port Security The following table describes t he labels in this screen.
Chapter 19 Port Security MGS3700-12C User’s Guide 207 * Settings in this row apply to all ports. Use this row only if you w ant to make some settings the same for all ports. Use this row first to set the common settings and then make adjustments on a port -by-po rt basis.
Chapter 19 Port Secu rity MGS3700-12C User’s Guide 208 19.3 VLAN MAC Address Limit Use this screen to set t he MAC address le arning limit on per-port and per- VLAN basis. Click VLAN MAC Address Lim it in the Advanced Application > Port Security screen to display the screen as shown.
Chapter 19 Port Security MGS3700-12C User’s Guide 209 Active This field displays Yes when the rule is activated and No when is it deactivated. P ort This field displays the number of the port to which this rule is applied. VID This is the VLAN ID number to which the port belongs.
Chapter 19 Port Secu rity MGS3700-12C User’s Guide 210.
MGS3700-12C User’s Guide 21 1 C HA PT ER 20 Classifier This chapter introduces and shows you how to configure the packet classif ier on the Switch. 20.
Chapter 20 Classifier MGS3700-12C User’s Guide 212 Click Advanced Application > Classifier in the navigation panel to displa y the configurati on screen as shown. Figure 100 Advanced App lication > Classifier The following table describes t he labels in this screen.
Chapter 20 Classifier MGS3700-12C User’s Guide 213 Layer 2 Specify the fields below to configure a layer 2 classifier . VLAN Select Any to classify traffic from any VLAN or select the second option and specify the source VLAN ID in the field provided.
Chapter 20 Classifier MGS3700-12C User’s Guide 214 20.3 V iewing and Editing Classifier Configuration T o view a summary of t he classifier configur ation, scroll down to the s ummary table at the bottom of the Classifier screen. T o change the settings of a rule, cl ick a number in the Index field.
Chapter 20 Classifier MGS3700-12C User’s Guide 215 The following table describes t he labels in this screen. The following table shows some other common Ethernet types and the corresponding protocol number . In the Internet Protocol there is a field, called “Protocol” , to identify the next level protocol.
Chapter 20 Classifier MGS3700-12C User’s Guide 216 Some of the most common T C P and UDP port numbers are: See Append ix A on pa ge 431 for information on commonly used port numbers.
Chapter 20 Classifier MGS3700-12C User’s Guide 217 After you hav e configured a classifier , you can configure a poli cy (in the Policy screen) to def ine action(s) on the classified traffic f low.
Chapter 20 Classifier MGS3700-12C User’s Guide 218.
MGS3700-12C User’s Guide 219 C HA PT ER 21 Policy Rule This chapter shows you how t o configure policy rules. 21.1 Policy Rules Overview A classifier dist inguishes traf fic into flows based on the configured criteria (refer to Chapter 20 on page 211 for more information).
Chapter 21 Policy Rule MGS3700-12C User’s Guide 220 The DSCP value determines the forwarding behavior , the PHB (Per-Hop Behavior), that each pack et gets across the DiffSer v network. Based on the marking rule, different kinds of tr affic can be marked for different kinds of f orwarding.
Chapter 21 Policy Rule MGS3700-12C User’s Guide 221 Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown. Figure 103 Advanced App lication > Policy Rule The following table describes t he labels in this screen.
Chapter 21 Policy Rule MGS3700-12C User’s Guide 222 Classifier(s) This field dis plays the active classifier(s) you configure in th e Classifier screen. Select the classifier(s) to which this policy rule applies. T o select more than one classifier , press [SHIF T] and select the choices at the same time.
Chapter 21 Policy Rule MGS3700-12C User’s Guide 223 21.3 V iewing and Editin g Policy Configuration T o view a summary of t he classifier configur ation, scroll down to the s ummary table at the bottom of the Policy screen. T o change the settings of a rule, click a number in the Index field.
Chapter 21 Policy Rule MGS3700-12C User’s Guide 224 The following table describes t he labels in this screen. T able 58 Advanced Application > Policy Rule: Summary Table LABEL DESCRIPTION Index This field displays the policy index num ber . Click an index number to edit the policy .
Chapter 21 Policy Rule MGS3700-12C User’s Guide 225 21.4 Policy Example The figure below shows an example Policy screen where y ou configure a policy to limit bandwidth and discard out -of-profi le traffic on a tr affic flow classified using the Example classifier (r efer to Section 20.
Chapter 21 Policy Rule MGS3700-12C User’s Guide 226.
MGS3700-12C User’s Guide 227 C HA PT ER 22 Queuing Method This chapter introduces the queuing methods supported. 22.1 Queuing Method Overview Queuing is used to help s olve perform a nce degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffi c.
Chapter 22 Q ue u ing Me tho d MGS3700-12C User’s Guide 228 22.1.3 W eighted Round Robin Scheduling (WRR) Ro und Robi n Scheduling services queues on a rotating basis and is activ ated only when a port has more traffic than it can handle. A queue is a gi ven an amount of bandwidth irrespective of the incoming tr a ffic on t hat port.
Chapter 22 Queuing Method MGS3700-12C User’s Guide 229 22.2 Configuring Queuing Click Advanced Application > Queuing Method in the na vigation panel.
Chapter 22 Q ue u ing Me tho d MGS3700-12C User’s Guide 230 The following table describes t he labels in this screen. T able 59 Advanced Application > Queuing Method LABEL DESCRIPTION P ort This label shows the port you are configuring.
MGS3700-12C User’s Guide 231 C HA PT ER 23 VLAN Stacking This chapter shows you how t o configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN 23.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 232 distinguish customer A and tag 48 to disti nguish customer B at ed ge device 1 and then stripping those tags at edge device 2 as the data frames leav e the network. Figure 107 VLAN S tacking Examp le 23.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 233 23.3 VLAN T ag Format A VLAN tag (service pro vider VLAN stacki ng or customer IEEE 802.1Q) consists of the following three fields . TPID (T ag Protocol Identifier) is a standard Ethernet type code identify ing the frame and indicates that whether the fr ame carries IEEE 802.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 234 23.4 Configuring VLAN S t acking Click Advanced Applications > VLAN Stacking to disp lay the screen as shown.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 235 23.4.1 Port-based Q-in-Q Port -based Q-in-Q lets t he Switch treat a ll frames received on the same port as the same VLAN flows and add the same ou t er VLAN tag to them, ev en they have different customer VLAN IDs.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 236 Click Port-based QinQ in the Advanced Application > VLAN Stacking screen to display the screen as shown. Figure 109 Advanced App lication > VLAN S t acking > Port-based QinQ The following table describes t he labels in this screen.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 237 23.4.2 Selective Q-in-Q Selective Q-in-Q is VLAN-based. It allows the Switc h to add different outer VLAN tags to the incoming frames received on one port according to their inner VLAN tags. Note: Selective Q-in-Q rules are only ap plied to single-t agged frames received on th e access ports.
Chapter 23 VLAN Stacking MGS3700-12C User’s Guide 238 Priority Select a priority level (from 0 to 7). This is the service pro vider’s priority level that adds to the frames receiv ed on this port. "0" is the lowest priority level and "7" is the highest.
MGS3700-12C User’s Guide 239 C HA PT ER 24 Multicast This chapter shows you how t o configure various multicast features. 24.1 Multicast Overview T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network).
Chapter 24 Multicast MGS3700-12C User’s Guide 240 24.1.3 IGMP Snooping A Switch can passiv ely snoop on IGMP pack ets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership.
Chapter 24 Multicast MGS3700-12C User’s Guide 241 24.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown.
Chapter 24 Multicast MGS3700-12C User’s Guide 242 Host Timeout Specify the time (from 1 to 16,711,450) in second s that elapses before the Switch remov es an IGMP group membership entry if it does not receive report messages from the port.
Chapter 24 Multicast MGS3700-12C User’s Guide 243 F ast Leave Enter an IGMP fast leave timeout value (from 200 to 6,348,800) in miliseconds. Select this option to ha ve the Switch use this timeout to update the forwarding table for the port.
Chapter 24 Multicast MGS3700-12C User’s Guide 244 24.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See Section 24.
Chapter 24 Multicast MGS3700-12C User’s Guide 245 The following table describes t he labels in this screen. T able 68 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN LABEL DESCRIPTION Mode Select auto to have the S witch learn multicast group membership information of any VLANs automatically .
Chapter 24 Multicast MGS3700-12C User’s Guide 246 24.5 IGMP Filtering Profile An IGMP filter ing profile s pecifies a range of mul ticast grou ps that clie nts connected to the Switch are able to join. A profile contains a range of multicast IP addresses which you w ant clients to be able to join.
Chapter 24 Multicast MGS3700-12C User’s Guide 247 24.6 MVR Overview Multicast VLAN R egist ration (MVR) is designed for applications (such as Media-on- Demand (MoD)) that use multicast tr affic across an Ethernet ring-based service provider network.
Chapter 24 Multicast MGS3700-12C User’s Guide 248 24.6.1 T ypes of MVR Port s In MVR, a source port i s a port on the S witch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast tr affic.
Chapter 24 Multicast MGS3700-12C User’s Guide 249 for the multicast traffic. Otherwise, the Sw itch remov es the receiv er port from the forwarding tabl e.
Chapter 24 Multicast MGS3700-12C User’s Guide 250 Note: Y our Switch automatica lly creates a st atic VLAN (with the same VID) wh en you create a multicast VLAN in this screen. Figure 1 17 Advanced Application > Mu lticast > Multicast Setting > MVR The following table describes t he related labels in this screen.
Chapter 24 Multicast MGS3700-12C User’s Guide 251 24.8 MVR Group Configuration All source ports and receiver ports belo nging to a multicast group can receive multicast data sent to thi s multicast group. Configure MVR IP mul ticast group address(es) in the Group Configuration screen.
Chapter 24 Multicast MGS3700-12C User’s Guide 252 Note: A port can belong to more than one multicast VLAN. However , IP multicast group addresses in dif ferent multicast VLANs cannot overlap.
Chapter 24 Multicast MGS3700-12C User’s Guide 253 24.8.1 MVR Configuration Example The following figure shows a network ex ample where ports 1, 2 and 3 on the Switch bel ong to VLAN 1.
Chapter 24 Multicast MGS3700-12C User’s Guide 254 T o set the Switc h to forward the multicast group traffic to the subscribers, configure multicast group sett ings in the Group Configuration screen. The following figure shows an exa mpl e where two multicast groups ( News and Movie ) are configured for the multicast VLAN 200.
MGS3700-12C User’s Guide 255 C HA PT ER 25 AAA This chapter describes how to config ure authentication, authorization and accounting settings on th e Switch. 25.1 Authentication, Authorization and Accounting (AAA) Authentication is the process of determin ing who a user is and valid ating access to the Switch.
Chapter 25 AAA MGS3700-12C User’s Guide 256 25.1.2 on page 256 ) as external authentication, authorization and accounting servers. Figure 123 AAA Server 25.1.1 Local User Account s By storing user profiles locally on the S wit ch, your Swit ch is able to authenticate and authorize users without inter acting with a network AAA s erver .
Chapter 25 AAA MGS3700-12C User’s Guide 257 Click Advanced Application > AAA in the navigation panel to displa y the screen as shown. Figure 124 Advanced Application > AAA 25.2.1 RADIUS Server Setup Use this screen to configure yo ur RADIUS server settings.
Chapter 25 AAA MGS3700-12C User’s Guide 258 The following table describes t he labels in this screen. T able 73 Advanced Application > AAA > RADIUS Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure your RADIUS authentication settings.
Chapter 25 AAA MGS3700-12C User’s Guide 259 25.2.2 T ACACS+ Server Setup Use this screen to configure yo ur T ACACS+ server settings. See Section 25.1.2 on page 256 for more information on T ACACS+ se rvers. Click on the TACACS+ Server Setup link in the AAA screen to view the screen as shown.
Chapter 25 AAA MGS3700-12C User’s Guide 260 The following table describes t he labels in this screen. T able 74 Advanced Application > AAA > T ACACS+ Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure your T ACACS+ authentication settings.
Chapter 25 AAA MGS3700-12C User’s Guide 261 25.2.3 AAA Setup Use this screen to configure authentication , authorization and accounting settings on the Switch.
Chapter 25 AAA MGS3700-12C User’s Guide 262 The following table describes t he labels in this screen. T able 75 Advanced Application > AAA > AAA Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the Switch.
Chapter 25 AAA MGS3700-12C User’s Guide 263 Active Select this to activate authorization for a specified event types. Method Select whether you w ant to use RADIUS or T ACACS+ for authorization of specific types of events. RADIUS is the only method for IEEE 802.
Chapter 25 AAA MGS3700-12C User’s Guide 264 25.2.4 V endor Specific Attribute RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server and a network access d evice (for example, the Switch). A company can create V endor Specific Attributes (VSAs) to expand the function ality of a RADIUS serv er .
Chapter 25 AAA MGS3700-12C User’s Guide 265 25.2.4.1 T unnel Protocol Attribute Y ou can configure tunn el protocol attributes on the RADIUS serv er (refer to your RADIUS server documentation) to assign a port on the Switch to a VLAN based on IEEE 802.
Chapter 25 AAA MGS3700-12C User’s Guide 266 Refer t o RFC 2865 for more information about RADIUS attributes used for authentication. R efer to RFC 2866 and RFC 2869 for RADIUS attributes used for accounting. This section lists t he attributes used by authentication and accounting functions on the Switch.
Chapter 25 AAA MGS3700-12C User’s Guide 267 25.3.2 Attributes Used for Accounting The following sections list the attributes sent from the Switch to the RADIUS server when performi ng authenti cation.
Chapter 25 AAA MGS3700-12C User’s Guide 268 25.3.2.3 Attributes Used for Ac counting IEEE 802.1x Event s The attributes are listed in the following table along with the ti me of the session they are.
MGS3700-12C User’s Guide 269 C HA PT ER 26 IP Source Guard Us e I P s o ur ce g ua r d t o f i lt er unauthorized DHC P and AR P packets in your network. 26.1 IP Source Guard Overview IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in yo ur network.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 270 26.1.1 DHCP Snooping Overview Use DHCP s nooping t o filter u nauthorized DHCP packets on th e network and to build the binding tab le dynamically . This can prevent clients from getting IP addresses from unauthorized DHCP servers.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 271 Y ou can configure the nam e and location of the file on the external TFTP server . The file has the following format: Figure 128 DHCP Snoopin.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 272 3 Configure trusted and untrusted ports, an d specify the maximum number of DHCP packets t hat each port can receive per second. 4 Configure static bindings. 26.1.2 ARP Inspection Overview Use ARP inspection to filter unauthorized ARP packets on the network.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 273 • They ap pear only in the ARP Ins pection screens and commands, not in the MAC Address Filter screens and commands. 26.1.2.2 T rusted vs. Untrusted Port s Every port is either a trusted port or an untrusted p ort for ARP in spection.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 274 the bindings by snooping DHCP packets (dynami c bindings) and from informati on provided manually by administr ators (static bindings). T o open this screen, click Advanced Application > IP Source Guard .
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 275 new static binding replaces the origin al one. T o open this screen, click Advanced Application > IP Source Guard > Static Binding . Figure 131 IP Source Guar d S tatic Binding The following table describes t he labels in this screen.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 276 Delete Select this, and click Delete to remove the specified entry . Cancel Click this to clear the Delete check boxes abo ve.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 277 26.4 DHCP Snooping Use this scre en to look at various statis tics about the DHCP snooping database.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 278 The following table describes t he labels in this screen. T able 83 DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database. Y ou can con figure them in the DHCP Snooping Configure screen.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 279 Successful transfers This field displays the number of times the Switch read bindings from or updated the bindings in the DHC P snooping database successfully .
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 280 26.5 DHCP Snooping Configure Use this screen to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and conf igure the DHCP snooping database.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 281 The following table describes t he labels in this screen. T able 84 DHCP Snooping Configure LABEL DESCRIPTION Active Select this to en able DHCP snooping on th e Switch. Y ou still have to enable DHCP snooping on spec ific VLAN and specify trusted ports.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 282 26.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are trusted or untrusted ports for DHCP snooping. Note: If DHCP is enabled and there are no trusted ports, DHCP requests will not succeed.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 283 The following table describes t he labels in this screen. 26.5.2 DHCP Snooping VLAN Configure Use this screen to enable DHCP snooping on each .
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 284 open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN . Figure 135 DHCP Snooping VLAN Configure The following table describes t he labels in this screen.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 285 26.6 ARP Inspection S t atus Use this screen to look at the current list of MAC address filters that were created because the Switch identified an unau thorized ARP pack et.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 286 26.6.1 ARP Inspection VLAN St atus Use this screen to look at various statistics about ARP p ackets in each VL AN. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > VLAN Status .
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 287 26.6.2 ARP Inspection Log St atus Use this scre en to look at log mes sages that we re generated by ARP pac kets and that have not been sent to the syslog server yet. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status .
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 288 26.7 ARP Inspection Configure Use this screen to enable ARP inspection on the Swit ch. Y ou can also configure the length of time the Switch .
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 289 settings for the ARP inspection log. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure . Figure 139 ARP Inspection Co nfigure The following table describes t he labels in this screen.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 290 26.7.1 ARP Inspection Port Configure Use this screen to specify whether port s are trusted or untrusted ports for ARP inspection.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 291 ARP packets on each untrusted po rt. T o open this screen, click Advanc ed Application > IP Source Guard > ARP Inspection > Configure > Port . Figure 140 ARP Inspection Po rt Configure The following table describes t he labels in this screen.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 292 26.7.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specif y when the Switch gener ates log messages for receiv ing ARP packets from each VLAN.
Chapter 26 IP Source Guard MGS3700-12C User’s Guide 293 Apply Click this to display the specified range of VLANs in the section below . VID This field displays the VLAN ID of each VLAN in the r ange specified above. If y ou configure the * VLAN, the settings are applied to all VLANs.
Chapter 26 IP Source G uard MGS3700-12C User’s Guide 294.
MGS3700-12C User’s Guide 295 C HA PT ER 27 Loop Guard This chapter shows you how to config ure the Switch to guard against loops on the edge of your network. 27.1 Loop Guard Overview Loop guard allows you to configure the S witch to shut down a port if it detects that packets sent out on that port loop back to the Swit ch.
Chapter 27 Loop Guard MGS3700-12C User’s Guide 296 • It will receive its own broadcast messages that it sends out as t hey loop back. It will then re-broadcast those messages agai n. The following figure shows port N on switch A connected to switch B .
Chapter 27 Loop Guar d MGS3700-12C User’s Guide 297 port N . The Switch will shut down port N if it detects that the probe packet has returned to the Switch. Figure 145 Loop Guard - Network L oop Note: After resolving the loop problem on your network you can re-activate the disabled port via the web configurator (se e Section 8.
Chapter 27 Loop Guard MGS3700-12C User’s Guide 298 The following table describes t he labels in this screen. T able 93 Advanced Application > Loop Guard LABEL DESCRIPTION Active Select this option to enable loop guard on the Switch.
MGS3700-12C User’s Guide 299 C HA PT ER 28 VLAN Mapping This chapter shows you how t o conf igure VLAN mapping on the Switch. 28.1 VLAN Mapping Overview With VLAN mapping enabled, the S witch ca n map the VLAN ID and priority lev el of packets received from a priv ate network to those used in the service provider’ s network.
Chapter 28 VLAN Ma p ping MGS3700-12C User’s Guide 300 28.2 Enabling VLAN Mapping Click Advanced Application and then VLAN Mapping in the navigation panel to display the s creen as shown. Figure 148 VLAN Mapping The following table describes t he labels in this screen.
Chapter 28 VLAN Mapping MGS3700-12C User’s Guide 301 28.3 Configuring VLAN Mapping Click the VLAN Mapping Configure link in the VLA N Mapping screen to displa y the screen as shown. Use this screen to enable an d edit the VL AN mapping rule(s). Figure 149 VLAN Mapping Configuration The following table describes t he labels in this screen.
Chapter 28 VLAN Ma p ping MGS3700-12C User’s Guide 302 VID This is the cu stomer VLAN ID in the incoming packets. T ranslated VID This is the VLAN ID that re places the customer VLAN ID in the tagged packets. Priority This is the priority level that replaces the customer priority level in the tagged packets.
MGS3700-12C User’s Guide 303 C HA PT ER 29 Layer 2 Protocol Tunneling This chapter shows y ou how to configure la yer 2 protocol tunneli ng on the Switch. 29.1 Layer 2 Protocol T unneling Overview Layer 2 protocol tunneling (L2PT) is used on the service provid er's edge devi ces.
Chapter 29 Layer 2 Prot ocol Tunne ling MGS3700-12C User’s Guide 304 2 for P AgP (Port Aggreg ation Protocol), LACP or UDLD (UniDirecti onal Link Detection). Figure 151 L2PT Network Example 29.1.1 Layer 2 Protocol T unneling Mode Each port can have two lay er 2 protocol tunneling modes, Access and Tunnel .
Chapter 29 Layer 2 Protocol Tunn eling MGS3700-12C User’s Guide 305 29.2 Configuring Layer 2 Protocol T unneling Click Advanced Application > Layer 2 Protocol Tunneling in the navigation panel to display the screen as shown.
Chapter 29 Layer 2 Prot ocol Tunne ling MGS3700-12C User’s Guide 306 * Use this row to make the setting the same for all ports. Use this row first and then make adjustments on a port-by -port basis. Note: Changes in this row are copied to all the ports as soon as you make them.
MGS3700-12C User’s Guide 307 C HA PT ER 30 sFlow This chapter shows you how t o configure sFlow to have t he Switch monitor tr affic in a network and send information to an sFlow collector for analysis. 30.1 sFlow Overview sFlow (RFC 3176) is a standard technology for monitoring switched networks.
Chapter 30 sFlo w MGS3700-12C User’s Guide 308 30.2 sFlow Configuration Click Advanced Application > sFlow in the navigation panel to displ ay the screen as shown. Figure 154 Advanced App lication > sFlow The following table describes t he labels in this screen.
Chapter 30 sFlow MGS3700-12C User’s Guide 309 30.2.1 sFlow Collector Configuration Click the Collector link in th e sFlow screen to display the screen as shown.
Chapter 30 sFlo w MGS3700-12C User’s Guide 310 The following table describes t he labels in this screen. T able 98 Advanced Application > sFlow > Collector LABEL DESCRIPTION Collector Address Enter the IP address of the sFlow collector . UDP P ort Enter a UDP port number the Switch uses to send sFlow datagr am to the collector .
MGS3700-12C User’s Guide 31 1 C HA PT ER 31 Error Diable This chapter shows you how t o configure the r ate limit for control pack ets on a port, and set the Switch t o take an action (such as to shut down a port or stop sending packets) on a port when the Switc h detects a pre-configured error .
Chapter 31 Erro r Dia ble MGS3700-12C User’s Guide 312 31.3 The Error Disable Screen Use this screen to configure e rro r disable rel ated settings. Click Advanced Application > Errdisable in the na vigation panel to displa y the screen as shown.
Chapter 31 Error Diabl e MGS3700-12C User’s Guide 313 The following table describes t he labels in this screen. 31.5 Error-Disable Detect Configuration Use this screen to hav e the Switch detect whether the control pack ets exceed the rate l imit configured for a port and configure the acti on to take once t he limit is exceeded.
Chapter 31 Erro r Dia ble MGS3700-12C User’s Guide 314 The following table describes t he labels in this screen. T able 100 Advanced Application > Errd isable > Errdisable Detect LABEL DESCRIPTION Cause This field displays the types of control packet that may cause CPU overload.
Chapter 31 Error Diabl e MGS3700-12C User’s Guide 315 31.6 Error-Disable Recovery Configuration Use this screen to configure the Switch to automatica lly undo an action aft er the error is gone. Click the Click Here link next to Errdisable Recovery in the Advanced Application > Errdisable screen to display the screen as shown.
Chapter 31 Erro r Dia ble MGS3700-12C User’s Guide 316.
MGS3700-12C User’s Guide 317 C HA PT ER 32 PPPoE This chapter describes how the S witch gives a PPP oE termination server additional information that the server can use to id entify and authenticate a PPP oE client.
Chapter 32 PPP oE MGS3700-12C User’s Guide 318 32.2.1 Sub-Option Format There are two types of sub-option: “ Age nt Circuit ID Sub-option” and “ Agent Remote ID Sub-option” . They have the following formats. The 1 in the first field identifies this as an Agent Circuit ID sub-option and 2 identifies this as an Agent R emote ID sub-option.
Chapter 32 PPPoE MGS3700-12C User’s Guide 319 32.2.1.2 WT -101 Default Circuit ID Synt ax If you do not configure a Circuit ID string for a specif ic VLAN on a port or for a specific port, and di sa.
Chapter 32 PPP oE MGS3700-12C User’s Guide 320 32.3 PPPoE Use this screen to configure the PPP o E Intermediate Agent on the Switch. Click Advanced Application > PPPoE in the navigation panel to display the screen as shown. Click Click here to open the Intermediate Agent screen.
Chapter 32 PPPoE MGS3700-12C User’s Guide 321 The following table describes t he labels in this screen. 32.5 PPPoE IA Per-Port Use this screen to specif y whether individual ports are trusted or untrusted ports and have the S witch add extra information to PPPoE disco very packets from PPPoE clients on a per -port basis.
Chapter 32 PPP oE MGS3700-12C User’s Guide 322 Note: The Switch will drop all PPPoE pa cket s if you enable the PPPoE Intermediate Agent on the Switch and there are n o trusted ports. Click Advanced Applicatio n > PPPoE > Intermediate Agent > Port to display the screen as shown.
Chapter 32 PPPoE MGS3700-12C User’s Guide 323 Server Tr u s t e d S t a t e Select whether this port is a trusted port ( Trusted ) or an untrusted port ( Untrusted ).
Chapter 32 PPP oE MGS3700-12C User’s Guide 324 32.5.1 PPPoE IA Per-Port Per-VLAN Use this screen to configure PPP oE IA sett ings that apply to a specific VLAN on a port. Click Advanced Application > PPPoE > Intermediate Agent > Port > VLAN to display the scre en as shown.
Chapter 32 PPPoE MGS3700-12C User’s Guide 325 32.6 PPPoE IA for VLAN Use this screen to set whether the PPPoE In termedi ate Agent is enabled on a VLAN and whether the Switch appends the Circ uit ID and/or R emote ID to PPPo E discove ry packets from a specific VLAN.
Chapter 32 PPP oE MGS3700-12C User’s Guide 326 End VID Enter the highest VLAN ID you w ant to configure in the section below . Apply Click Apply to display the specified range of VLANs in the section below . VID This field displays the VLAN ID of each VLAN in the range specified above.
MGS3700-12C User’s Guide 327 C HA PT ER 33 Private VLAN This chapter shows you how t o configure the Switc h to prevent communications between ports in a VLAN. 33.1 Private VLAN Overview Private VLAN all ows you to do port isolati on within a VLAN in a simple way .
Chapter 33 Private VLAN MGS3700-12C User’s Guide 328 33.2 Configuring Private VLAN Click Advanced Application > Private VLAN in the navigati on panel to displa y the screen as shown. Figure 166 Advanced Applicatio n > Private VLAN The following table describes t he labels in this screen.
Chapter 33 Private VLAN MGS3700-12C User’s Guide 329 Delete Check the rule(s) that you want to remov e in the De lete column and then click the Delete button.
Chapter 33 Private VLAN MGS3700-12C User’s Guide 330.
MGS3700-12C User’s Guide 331 C HA PT ER 34 Green Ethernet This chapter shows you how t o configure the Switc h to reduce the ov erall power consumption of switch. 34.1 Green Ethernet Overview The purpose of Green Ethernet is to re duce the over all power consumption of switch.
Chapter 34 G re e n Ethe r ne t MGS3700-12C User’s Guide 332 34.2 Configuring Green Ethernet Click Advanced Application > Green Ethernet in the navigation panel to display the screen as shown. Figure 167 Advanced App lication > Green Ethernet The following table describes t he labels in this screen.
Chapter 34 Green E thernet MGS3700-12C User’s Guide 333 Apply Click Apply to sav e your changes to the Switch's run-time memory . The Switch loses these changes if it is turned off or loses power , so use the Save link on the top navigation panel to save y our changes to the non- volatile memory when you are done configuring.
Chapter 34 G re e n Ethe r ne t MGS3700-12C User’s Guide 334.
335 P ART IV IP Application Static R oute (337) Differentiated Services ( 341) DHCP (349).
336.
MGS3700-12C User’s Guide 337 C HA PT ER 35 Static Route This chapter shows you how t o configure static routes. 35.1 S t atic Routing Overview The Switch usually uses the default ga teway to route outbou nd traffic from computers on the LAN to the Internet.
Chapter 35 Stat ic Route MGS3700-12C User’s Guide 338 35.2 Configuring S t atic Routing Click IP Application > Static Routing in the navigati on panel to display t he screen as shown. Figure 169 IP Ap plication > S t atic Routing The following table describes t he related la bels you use to create a static route.
Chapter 35 Static Route MGS3700-12C User’s Guide 339 Index This field displays the index number of the route. Click a number to edit the static route entry . Active This field displays Yes when the static route is activated and NO when it is deactivated.
Chapter 35 Stat ic Route MGS3700-12C User’s Guide 340.
MGS3700-12C User’s Guide 341 C HA PT ER 36 Differentiated Services This chapter describes how Differentiated Se rvices (DiffServ) fits into a quality of service strat egy and shows you how to configure T wo R ate Three Color Marker traffic policing on the Switch.
Chapter 36 Differe ntiated Services MGS3700-12C User’s Guide 342 The DSCP v alue de termines the PH B (Per -Hop Beh avior), that each packet gets as it is forw arded across the DiffServ networ k. Based on the mark ing rule di fferent kinds of tr affic can be marked fo r different p riorities of forw arding.
Chapter 36 Differentiated Services MGS3700-12C User’s Guide 343 T wo Rate Three Color Marker (TR TCM, defi ned in RFC 2698) is a type of traffic policing that identi fies packets by compar ing them to two user -defined rates: the Committed Information R ate (CIR) and the Peak Informati on Rate (PIR).
Chapter 36 Differe ntiated Services MGS3700-12C User’s Guide 344 36.2.2 TRTCM-Color-aware Mode In color-a ware mode the ev aluation of th e packets uses the existing pack et loss priority . TR TCM can increase a p acket loss priority of a packet but it cannot decrease it.
Chapter 36 Differentiated Services MGS3700-12C User’s Guide 345 Click IP Application > DiffServ in the navigation panel to displa y the screen as shown. Figure 174 IP Ap plication > DiffServ The following table describes t he labels in this screen.
Chapter 36 Differe ntiated Services MGS3700-12C User’s Guide 346 36.3.1 Configuring 2-Rate 3 Color Marker Settings Use this screen to configure T RT CM settings. Click the 2-rat e 3 Color Marker link in the DiffServ screen to display the screen as shown next .
Chapter 36 Differentiated Services MGS3700-12C User’s Guide 347 36.4 DSCP-to-IEEE 802.1p Priority Settings Y ou can configure the DSCP to IEEE 802.1p mapping to allow the Swit ch to prioritize all traffic based on the incoming DSCP v alue according to the DiffServ to IEEE 802.
Chapter 36 Differe ntiated Services MGS3700-12C User’s Guide 348 36.4.1 Configuring DSCP Settings T o change the DSCP-IEEE 802. 1p mapping click the DSCP Setting link in the DiffServ screen to display the screen as shown next. Figure 176 IP Ap plication > DiffServ > DSCP Setting The following table describes t he labels in this screen.
MGS3700-12C User’s Guide 349 C HA PT ER 37 DHCP This chapter shows you how t o configure the DHCP feature. 37.1 DHCP Overview DHCP (Dynamic Host Configur ation Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP conf iguration at start-up from a server .
Chapter 37 DHCP MGS3700-12C User’s Guide 350 37.2 DHCP S t atus Click IP Application > DHCP in the na vigation panel. The DHCP Status screen displays. Figure 177 IP Application > DHCP S tatus The following table describes t he labels in this screen.
Chapter 37 DHCP MGS3700-12C User’s Guide 351 The DHCP Relay Agent Information feature adds an Agent Information field to the Option 82 field. The Option 82 fie ld is in the DHCP headers of clie nt DHCP request frames that the Switch relays t o a DHCP server .
Chapter 37 DHCP MGS3700-12C User’s Guide 352 The following table describes t he labels in this screen. 37.3.3 Global DHCP Relay Configuration Example The follow figure shows a network exampl e where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains.
Chapter 37 DHCP MGS3700-12C User’s Guide 353 together w ith the D HCP requests to the DH C P se rv er . T h is al lo w s t he D HC P se rv er to assign the appropriate IP ad dress according to the VLAN ID . Figure 180 DHCP Relay Configuration Example 37.
Chapter 37 DHCP MGS3700-12C User’s Guide 354 The following table describes t he labels in this screen. 37.4.1 Example: DHCP Relay for T wo VLANs The following example dis plays two VLANs (VIDs 1 and 2) for a campus network. T wo DHCP servers are installed to serve each VLAN.
Chapter 37 DHCP MGS3700-12C User’s Guide 355 with an IP address of 192.168.1.100. R equests from the academic buil dings (VLAN 2) are sent to the other DHCP server with an IP address of 172.23.10.100. Figure 182 DHCP Relay for T wo VLANs For the example netw ork, configure the VLAN Setting screen as shown.
Chapter 37 DHCP MGS3700-12C User’s Guide 356.
357 P ART V Management Maintenance (359) Access Control (367) Diagnostic (389) Syslog (391) Cluster Management (395) MAC T able (403) ARP T able (407) Configure Clone (409).
358.
MGS3700-12C User’s Guide 359 C HA PT ER 38 Maintenance This chapter explains how to confi gure the screens that let y ou maintain the firmware and configur ation files. 38.1 The Maintenance Screen Use this screen to manage firmware and yo ur configuration fil es.
Chapter 38 Maintenance MGS3700-12C User’s Guide 360 38.2 Load Factory Default Follow the steps below to rese t the Switch bac k to the fact ory defaults . 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear all Switch c onfiguration information y ou configured and return to the factory defaults.
Chapter 38 Maintenance MGS3700-12C User’s Guide 361 Alternativel y , click Save on the top right -hand corner in any screen to sa ve the configurati on changes to the current configur ation. Note: Clicking the Apply or Add button does NOT save the changes permane ntly .
Chapter 38 Maintenance MGS3700-12C User’s Guide 362 Click Management > Maintenance > Firmware Upgrade to view the screen as shown next. Figure 187 Management > Mainte nance > Firmware Upgrade T ype the path and file name of t he firmware fil e you wish to upload to the Switch in the File Path text box or click Browse to locate it.
Chapter 38 Maintenance MGS3700-12C User’s Guide 363 38.7 Backup a Configuration File Backing up your S witch configurations allows you to create v arious “snap shots” of your device from which you ma y restore at a later date. Back up your c urrent Switch confi guratio n to a computer using the Backup Configuration screen.
Chapter 38 Maintenance MGS3700-12C User’s Guide 364 Z yNOS (Z yXEL Network Oper ating System somet imes referred to as the “ras” file) is the system firmware and ha s a “bin” filename extension. 38.8.1.1 Example FTP Commands ftp> put firmware.
Chapter 38 Maintenance MGS3700-12C User’s Guide 365 6 Use put to tr ansfer files from the computer to the Swit ch, for example, pu t firmware.bin ras transf ers the firmware on your computer (firmw are.bin) to the Switch and renames it to “r as” .
Chapter 38 Maintenance MGS3700-12C User’s Guide 366.
MGS3700-12C User’s Guide 367 C HA PT ER 39 Access Control This chapter describes how to c ontrol access to the Sw itch. 39.1 Access Control Overview A console port and FTP are allowed one se ssion e.
Chapter 39 Access Control MGS3700-12C User’s Guide 368 39.3 About SNMP Simple Network Manageme nt Protocol (SNM P) is an application la yer protocol used to manage and monitor T CP/IP-based devices. SNMP is used to exchange management information between the network manage ment system (NMS) and a network element (NE).
Chapter 39 Access Control MGS3700-12C User’s Guide 369 SNMP itself is a simple request /respon se protocol based on the manager/agent model. The manager issues a request an d the agent returns responses using t he following protocol operations: 39.3.
Chapter 39 Access Control MGS3700-12C User’s Guide 370 39.3.3 SNMP T raps The Switch se nds traps to an SNMP mana ger when an e vent occurs. The following tables outline the SNMP traps by category . An OID (Object ID) that begins with “ 1.3.6.1.4.
Chapter 39 Access Control MGS3700-12C User’s Guide 371 intrusionloc k IntrusionLockEventOn 1.3.6.1.4.1.890. 1.5.8.55.2 5.2.1 This trap is sent when intrusion lock occurs on a port. loopguard LoopguardEventOn 1.3.6.1.4.1.890. 1.5.8.55.2 5.2.1 This trap is sent when loopguard shuts d own a port.
Chapter 39 Access Control MGS3700-12C User’s Guide 372 autonegotiati on AutonegotiationF ailedEve ntOn 1.3.6.1.4.1.8 90.1.5.8.55.2 5 .2.1 This trap is sent when an Ethernet interface fails to auto-negotiate with the peer Ethernet interface. AutonegotiationF ailedEve ntClear 1.
Chapter 39 Access Control MGS3700-12C User’s Guide 373 accounting RADIUSAccountingNotR ea chableEventOn 1.3.6.1.4.1. 890.1.5.8.55. 25.2.1 This trap is sent when there is no response message from the RADIUS accounting server . RADIUSAccountingNotR ea chableEventClear 1.
Chapter 39 Access Control MGS3700-12C User’s Guide 374 39.3.4 Configuring SNMP Click Manageme nt > Access Control > SNMP to view the screen as shown. Use this screen to configure y our SNMP settings. Figure 192 Management > Access Contro l > SNMP mactable MacT ableFullEventOn 1.
Chapter 39 Access Control MGS3700-12C User’s Guide 375 The following table describes t he labels in this screen. T able 131 Management > Access Control > SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) val ue s .
Chapter 39 Access Control MGS3700-12C User’s Guide 376 Security Level Select whether you w ant to implemen t authentication and/or encryption for SNMP communication from this user . Choose: • noauth -to use the username as the password string to send to the SNMP manager .
Chapter 39 Access Control MGS3700-12C User’s Guide 377 39.3.5 Configuring SNMP T rap Group Click Management > Access Control > SNMP > Trap Group to view the screen as shown. Use the Trap Group screen to sp ecify the t ypes of SNMP tr aps that should be sent to each SNMP manager .
Chapter 39 Access Control MGS3700-12C User’s Guide 378 39.3.6 Setting Up Login Account s Up t o f i ve p eo p l e (o n e a d m in i s t ra to r a n d four non-administr ators) may access the Switch via web configur ator at any one time. • An administr ator is someone who can both view and configure Switch c hanges.
Chapter 39 Access Control MGS3700-12C User’s Guide 379 39.4 SSH Overview Unlike T elnet or F TP , which transmit data in clear text, S SH (Secure Shell) is a secure communication protocol that combin es authentication and data encryption to provide secure encrypted communication between two hosts over an un secured network.
Chapter 39 Access Control MGS3700-12C User’s Guide 380 39.5 How SSH works The following table summarizes how a secure connection is established between two remot e hosts. Figure 196 How SSH W orks 1 Host Identificat ion The SSH client send s a connection request to the SSH server .
Chapter 39 Access Control MGS3700-12C User’s Guide 381 3 Authentication and Data T ransmission After the identification is verified and data encryption activated, a secure tunnel is established between the client and th e serv er .
Chapter 39 Access Control MGS3700-12C User’s Guide 382 1 HT TPS connection requests from an SSL - aware web browser go to port 443 (by default) on the Switch’ s WS (web server). 2 HT TP connection requests fr om a web brow ser go t o port 80 (by default) on the Switch’ s WS (web server).
Chapter 39 Access Control MGS3700-12C User’s Guide 383 Y ou see the following Security Al ert screen in Internet Explorer . Select Yes to proceed to the web configurator login screen; if you select No , then web configur ator access is block ed. Figure 198 Security Aler t Dialog Box (Internet Explorer) 39.
Chapter 39 Access Control MGS3700-12C User’s Guide 384 Select Accept this certificate permanently to import the S witch’ s certificate into the SSL client.
Chapter 39 Access Control MGS3700-12C User’s Guide 385 39.8.3 The Main Screen After you accept the certifi cate and ente r the login username and password, the Switch main screen appears. The l ock displayed i n the bottom right of the browser status bar denotes a secure connection.
Chapter 39 Access Control MGS3700-12C User’s Guide 386 later). Cl ick Management > Access Control > Service Access Control to view the screen as shown. Figure 202 Management > Access Contro l > Service Access Control The following table describes t he fields in this screen.
Chapter 39 Access Control MGS3700-12C User’s Guide 387 Y ou can specify a group of one or more “trusted computers” from which an administr ator may use a service to manage the Sw itch. Click Access Control to return to the Access Control screen.
Chapter 39 Access Control MGS3700-12C User’s Guide 388.
MGS3700-12C User’s Guide 389 C HA PT ER 40 Diagnostic This chapter explains the Diagnostic screen. 40.1 Diagnostic Click Management > Diagnostic in the naviga tion panel to open thi s screen. Us e this screen to check sys tem logs, ping IP addresses or perf orm port tests.
Chapter 40 Diagnostic MGS3700-12C User’s Guide 390 The following table describes t he labels in this screen. T able 136 Management > Diagnostic LABEL DESCRIPTION System Log Click Display to display a log of ev ents in the multi-line text box. Click Cl ear to empty the text box and reset the syslog entry .
MGS3700-12C User’s Guide 391 C HA PT ER 41 Syslog This chapter explains the syslog screens. 41.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to sy slog server s that colle ct the event messages.
Chapter 41 Sy slog MGS3700-12C User’s Guide 392 41.2 Syslog Setup Click Management > Syslog in the navigation panel to displa y this screen. The syslog feature sends logs to an external sy slog serv er . Use this screen to configure the device’ s system logging set tings.
Chapter 41 Syslog MGS3700-12C User’s Guide 393 41.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to vie w the screen as shown next. Use this screen to configure a list of external sysl og servers. Figure 206 Management > Syslog > Syslog Server Setup The following table describes t he labels in this screen.
Chapter 41 Sy slog MGS3700-12C User’s Guide 394.
MGS3700-12C User’s Guide 395 C HA PT ER 42 Cluster Management This chapter introduces cluster management. 42.1 Cluster Management S t atus Overview Cluster Management allows you to manage switc hes through one Switch, call ed the cluster manager .
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 396 In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are clust er members. Figure 207 Clustering App lication Example 42.
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 397 The following table describes t he labels in this screen. 42.2.1 Cluster Member Switch Management Go to the Clustering Management St atu.
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 398 configurator home page and the home pa ge that you'd see if y ou accessed it directly are different.
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 399 The following table explains some of the FTP paramet ers. T able 142 FTP Upload to Cluster Member Example FTP PARAMETER DESCRIPTION User Enter “admin” . Password The web configurator password default is 12 34.
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 400 42.3 Clustering Management Configuration Use this screen to configure clustering management.
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 401 VID This is the VLAN ID and is only applicable if the Switch is set to 802.1Q VLAN. All switches must be directly connected and in the same VLAN group to belong to the same cluster . Switches that are not in the same VLAN group are not visible in the Clustering Cand idates list.
Chapter 42 Clust er Managem en t MGS3700-12C User’s Guide 402.
MGS3700-12C User’s Guide 403 C HA PT ER 43 MAC Table This chapter introduces the MAC Table sc reen. 43.1 MAC T able Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered ac ross the Switch’ s ports.
Chapter 43 M AC Ta b le MGS3700-12C User’s Guide 404 • If the Switch has already learned the port for this MAC address , but the destination port is the same as the port it came in on, then it filters the fr ame. Figure 212 MAC T able Flowchart 43.
Chapter 43 MAC Table MGS3700-12C User’s Guide 405 The following table describes t he labels in this screen. T able 144 Management > MAC Table LABEL DESCRIPTION Condition Select one of the buttons and click Search to only displa y the data which matches the criteria you specified.
Chapter 43 M AC Ta b le MGS3700-12C User’s Guide 406.
MGS3700-12C User’s Guide 407 C HA PT ER 44 ARP Table This chapter introduces ARP T able. 44.1 ARP T able Overview Address Resolution Protocol (ARP) is a pr otocol for mapping an Internet Protocol address (IP address) to a physi cal machine address, also known as a Media Access Control or MAC address, on the local area network.
Chapter 44 ARP Tab le MGS3700-12C User’s Guide 408 44.2 V iewing the ARP T able Click Management > ARP Table in t he navigation panel to open the following screen. Use the ARP table to view IP-to-MAC address mapping(s). Figure 214 Management > ARP T able The following table describes t he labels in this screen.
MGS3700-12C User’s Guide 409 C HA PT ER 45 Configure Clone This chapter shows you how y ou can copy the settings of one port onto other ports. 45.1 Configure Clone Cloning allows yo u to copy the basic and adv anced settings from a source port to a destination port or ports.
Chapter 45 Con fig ur e Clo ne MGS3700-12C User’s Guide 410 The following table describes t he labels in this screen. T able 146 Management > Configure Clone LABEL DESCRIPTION Source/ Destination Po r t Enter the source port under the Sourc e label.
Chapter 45 Configure Clone MGS3700-12C User’s Guide 41 1.
Chapter 45 Con fig ur e Clo ne MGS3700-12C User’s Guide 412.
413 P ART VI T roubleshooting & Product S p ecifications T roubleshooting (415) Product Specifications (419).
414.
MGS3700-12C User’s Guide 415 C HA PT ER 46 Troubleshooting This chapter offers some suggesti ons to solve problems you mi ght encounter . The potential problems are divided into the following categories . • P ower , Hardware Connections, and LEDs • Switch Access and L ogin • Switch Configur ation 46.
Chapter 46 Tro u blesh oo tin g MGS3700-12C User’s Guide 416 1 Make sure you understand the n ormal behavior of the LED. See Section 3.3 on page 43 . 2 Check the hardware connections. See the Quick Start Guide and Section 46. 1 on page 415 . 3 Inspect your cables for damage.
Chapter 46 Troubleshooting MGS3700-12C User’s Guide 417 • The default IP address is 192.168.1.1 . • If you changed t he IP addre ss, use the new IP address. • If you c hanged the IP address and have f orgotten it, see the troubleshooti ng suggestions for I forgot the IP address for the Swit ch.
Chapter 46 Tro u blesh oo tin g MGS3700-12C User’s Guide 418 Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator yo u need to allow: • W eb browser pop-up wind ows from your device. • Jav aScripts (enabled by defaul t).
MGS3700-12C User’s Guide 419 C HA PT ER 47 Product Specifications The following tables summarize the Swit ch’ s hardware and firmw are feat ures. T able 147 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Standard 19” rack mountable 438 mm (W) x 225 mm (D) x 44.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 420 Storage Environment T emperature: -20ºC ~ 70ºC (-4ºF ~ 158ºF) Humidity: 5 ~ 90% (non-condensing) Ground Wire Gauge 18 A WG or large.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 421 Classifier and Policy Y ou can create a policy to define actions to be performed on a traffic flow grouped by a classifier according to specific criteria such as the IP address, port number or protocol type, etc.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 422 Link Aggregation Link aggregation (trunking) is the grouping of physical ports into one logical higher-capacity link. Y ou may want to trunk ports if for example, it is cheaper to use multiple lower-speed links than to under-utilize a high-speed, but more costly , single-port link.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 423 T able 149 Feature Specifications Layer 2 Fea t ur e s Bridging 16K MAC addresses Static MAC address filtering by source/destination Broadcast storm control Static MAC address forwarding Switching Switching fabric: 24 Gbps, non-blocking Max.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 424 Layer 3 Fea t ur e s IP Capability IPV4/IPv6 support 64 IPV4/IPV6 Management IPs Wire speed IP forwarding Ro ut i n g protocols Static .
Chapter 47 Product Specifications MGS3700-12C User’s Guide 425 The following list, which is not exhaust ive , illust rates the standards supported in the Switch. Security Static MAC address filtering Static MAC address forwarding MAC Freeze IEEE 802.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 426 RFC 2139 RADIUS Accounting RFC 2236 Internet Group Management Protocol, V ersion 2. RFC 2460 IPv6 Specification RFC 2461 Neighbor Disco.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 427 47.1 Fan Module Removal and Inst allation This section describes how to chan ge a fan module on the Switch. The hot-sw appable fan module is at the le ft on the S witch’ s front panel.
Chapter 47 Product Specifications MGS3700-12C User’s Guide 428.
429 P ART VII Appendices and Index Common Services (431) Legal Information (435) Index (417).
430.
MGS3700-12C User’s Guide 431 A PPENDIX A Common Services The following table lists some commonl y-used services and their associated protocols and port numbers. F or a comprehe ns ive list of port numbers, ICMP type/ code numbers and services , visit the IANA (Internet Assigned Number Authority) web site.
Appendix A Com mon Servic es MGS3700-12C User’s Guide 432 ESP (IPSEC_TUNNEL) User-Defined 50 The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service. FINGER TCP 79 Finge r is a UNIX or Internet related command that can be used to find out if a user is logged on.
Appendix A Common Services MGS3700-12C User’s Guide 433 PPTP_TUNNEL (GRE) User-Defined 47 PPTP (P oint-to-P oint T unneling Protocol) enables secure transfer of data ov er public networks. This is the data channel. RCMD TCP 512 Remote Command Service.
Appendix A Com mon Servic es MGS3700-12C User’s Guide 434.
MGS3700-12C User’s Guide 435 A PPENDIX B 1 1/2012 Legal Information Copyright Copyright © 2011 by Z yXEL Communications Corpor ation. The contents of this publication ma y not be reproduced in any .
Appendix B Leg al In fo rm at ion MGS3700-12C User’s Guide 436 • This device may not cause harmful interference. • This dev ice must acc ept any inte rference received, including interference that may cause undesired operations.
Appendix B Legal Information MGS3700-12C User’s Guide 437 Viewing Certifications 1 Go to http://www . zyxel.com . 2 Select your prod uct on the Z yXEL home page to go to that product's page. 3 Select the certification y ou wish to view from this page.
Appendix B Leg al In fo rm at ion MGS3700-12C User’s Guide 438.
Index MGS3700-12C User’s Guide 439 Index Numbers 802.1P priority 11 3 A AAA 255 AAA (Authent ication, Authorization and Accounting) 255 AC power status 101 AC prefer 100 AC prefer trap 371 access co.
Index MGS3700-12C User’s Guide 440 viewing 437 CFI (Canonical Format Indicator) 11 7 changing the password 52 CIR (Committed Information R ate) 169 Cisco Discovery Protocol, see CDP CIST 152 Class o.
Index MGS3700-12C User’s Guide 441 DSCP (DiffServ Code Point) 341 dynamic link aggregation 185 E egress port 135 egress rate, and bandwidth control 171 Error Disable 78 error disable recovery config.
Index MGS3700-12C User’s Guide 442 profiles 241 IGMP leave timeout fast 243 mormal 242 IGMP snooping 240 and VLANs 24 0 MVR 247 setup 244 IGMP throttling 243 ingress port 135 ingress rate, and bandw.
Index MGS3700-12C User’s Guide 443 maximum number per port 207 , 208 MAC address learning 107 , 127 , 130 , 137 , 207 specify limit 207 MAC authentication 195 aging time 203 example 196 setup 202 MA.
Index MGS3700-12C User’s Guide 444 P PAG P 306 password 52 administrator 378 Peak Information Rate (PIR) 169 PHB (Per-Hop Beha vior) 342 ping, test connection 390 PIR (Peak Information R ate) 169 po.
Index MGS3700-12C User’s Guide 445 Q QoS 423 and classifier 21 1 Queue weight 230 queue weight 228 queuing 227 SPQ 228 WRR 228 Queuing algorithm 230 Queuing method 230 queuing method 227 R rack -mou.
Index MGS3700-12C User’s Guide 446 static MAC address 137 static MAC forwarding 127 , 130 , 137 static multicast address 141 static multicast forwarding 141 static route overview 337 static routes 3.
Index MGS3700-12C User’s Guide 447 trunking 185 , 42 3 example 192 trusted ports ARP inspection 273 DHCP snooping 270 PPPoE IA 319 tunnel protocol attribute, and RADIUS 265 tutorials 63 DHCP relay 6.
Index MGS3700-12C User’s Guide 448 home 48 login 47 logout 55 navigation panel 49 weight, queuing 228 W eighted R ound R obin Scheduling (WRR) 228 WRR (W eighted R ound Robin Scheduling) 228 Z Z yNO.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté ZyXEL Communications metrogigabit switch c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du ZyXEL Communications metrogigabit switch - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation ZyXEL Communications metrogigabit switch, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le ZyXEL Communications metrogigabit switch va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le ZyXEL Communications metrogigabit switch, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du ZyXEL Communications metrogigabit switch.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le ZyXEL Communications metrogigabit switch. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei ZyXEL Communications metrogigabit switch ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.