ZyXEL Communications gs2200-48 Bedienungsanleitung
- Schauen Sie die Anleitung online durch oderladen Sie diese herunter
- 352 Seiten
- 6.95 mb
Zur Seite of
Ähnliche Gebrauchsanleitungen
-
Switch
ZyXEL Communications DIMENSION ES-4024
4 Seiten 0.26 mb -
Switch
ZyXEL Communications Version 1.03
242 Seiten 12.46 mb -
Switch
ZyXEL Communications ES-105A
2 Seiten 0.3 mb -
Switch
ZyXEL Communications XGS-4728F
2 Seiten 0.1 mb -
Switch
ZyXEL Communications PoE-80
23 Seiten 1.15 mb -
Switch
ZyXEL Communications ES-108P
23 Seiten 1.03 mb -
Switch
ZyXEL Communications GS-108B
48 Seiten 0.69 mb -
Switch
ZyXEL Communications GS1510-24
204 Seiten 3.25 mb
Richtige Gebrauchsanleitung
Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung ZyXEL Communications gs2200-48 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von ZyXEL Communications gs2200-48, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.
Was ist eine Gebrauchsanleitung?
Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung ZyXEL Communications gs2200-48 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.
Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung ZyXEL Communications gs2200-48. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.
Was sollte also eine ideale Gebrauchsanleitung beinhalten?
Die Gebrauchsanleitung ZyXEL Communications gs2200-48 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts ZyXEL Communications gs2200-48
- Den Namen des Produzenten und das Produktionsjahr des Geräts ZyXEL Communications gs2200-48
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts ZyXEL Communications gs2200-48
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen
Warum lesen wir keine Gebrauchsanleitungen?
Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von ZyXEL Communications gs2200-48 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von ZyXEL Communications gs2200-48 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service ZyXEL Communications finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von ZyXEL Communications gs2200-48 zu überspringen, wie es bei der Papierform passiert.
Warum sollte man Gebrauchsanleitungen lesen?
In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts ZyXEL Communications gs2200-48, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.
Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von ZyXEL Communications gs2200-48 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.
Inhaltsverzeichnis der Gebrauchsanleitungen
-
Seite 1
www .zyxel.com www .zyxel.com GS2200-48 Intelligent Layer 2 Switch Copyright © 2009 ZyXEL Communications Corporation Firmware V ersion 3.80 Edition 1, 7/2009 Default Login Details IP Address http://192.168.0.1 (Out-of -band MGMT port) http://192.168.1.1 (In-band ports) User Name admin Pa ss wo rd 12 34[...]
-
Seite 2
[...]
-
Seite 3
About This User's Guide GS2200-48 User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who w ant to configure the Switch using the web configurator or via commands. Related Document ation • W eb Configurator On line He lp Embedded web help for descriptions of individual screens and supplementary [...]
-
Seite 4
About This User's Guide GS2200-48 User’s Guide 4 Need More Help? More help is av ailable at www.zyx el.com. • Download Library Search for the latest produc t updates an d documentation from this link. Re ad the T ech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Int erface R eference Gui[...]
-
Seite 5
Document Conventions GS2200-48 User’s Guide 5 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide. W arnings tell you about things that could harm you or your device. Note: Notes tell you other import ant informat ion (for e xample, other things you may need to configure or help ful tips) or[...]
-
Seite 6
Document Conventions GS2200-48 User’s Guide 6 Icons Used in Figures Figures in this User’ s Guide may use the following generic icons. The Sw itch icon is not an exact representation of y our device. The Switch Computer Notebook computer Server DSLAM Firewa ll Te l e p h o n e Swi tch Ro u te r[...]
-
Seite 7
Safety Warnings GS2200-48 User’s Guide 7 Safety Warnings • Do NO T use this product near water , for exam ple, in a wet basement or n ear a swimming pool. • Do NO T expose your device to dampness, dust or corrosive liquids. • Do NO T store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is [...]
-
Seite 8
Safety Warnings GS2200-48 User’s Guide 8[...]
-
Seite 9
Contents Overview GS2200-48 User’s Guide 9 Contents Overview Introduction .......................................... ..................................................... ................... .......... 21 Getting to Know Y our Switch .............. ................ ............. ................ ................ ............. ........... .. 23 Ha[...]
-
Seite 10
Contents Overview GS2200-48 User’s Guide 10 Management ................................................... ..................................................... ............ ..... 269 Maintenance ................ ................ ............. ................ ................. ............ ................. ........ ......... 271 Access Control [...]
-
Seite 11
Table of Contents GS2200-48 User’s Guide 11 Table of Contents About This User's Guide ........................................... ..................................................... .......... 3 Document Conventions.................................................................. ......................................... .5 Safety Warning[...]
-
Seite 12
Table of Contents GS2200-48 User’s Guide 12 3.2.2 External Backup Power Supply Connecto r ............ ............. ................ ............. .......... 37 3.2.3 Console Port ............... .... ... ............. ... ... ... .... ... ... ... ............. ... .... ... ... ... .... ... ... ........... .. 37 3.3 LEDs ............... ........[...]
-
Seite 13
Table of Contents GS2200-48 User’s Guide 13 7.6 IP Setup .... ............. ................. ............ ................. ............. ................ ............. ...... ............. 71 7.6.1 IP Interfaces .................... ............ .... ... ... ... .... ... ............. ... ... ... .... ... ............. ... ... ... ... .... 71 7[...]
-
Seite 14
Table of Contents GS2200-48 User’s Guide 14 1 1.1.2 How STP Works ........ ................ ............. ................. ................ ............. ................ . 106 1 1.1.3 STP Port S tates ................... ............. ................ ................ ............. ................ ........ 10 7 1 1.1.4 Multiple STP ...........[...]
-
Seite 15
Table of Contents GS2200-48 User’s Guide 15 Chapter 17 Port Security............................................................... ................................................... ........ 145 17.1 About Port Security .......... ................ ............. ................ ................ ................. ............ . .... 145 17.2 Por[...]
-
Seite 16
Table of Contents GS2200-48 User’s Guide 16 22.1.3 IGMP Snooping ...................... ................ ................. ............ ................. ................ . 176 22.1.4 IGMP Snooping and VLANs ....... ................. ................ ................ ................ ........... 1 76 22.2 Multicast S tatus .. ............. ......[...]
-
Seite 17
Table of Contents GS2200-48 User’s Guide 17 24.7 ARP Inspection Configure ... ................ ............. ................. ................ ................ .............. 22 5 24.7.1 ARP Inspection Port Configure ......... ...... ................. ............ ................. ............ ..... 227 24.7.2 ARP Inspection VLAN Configure ... [...]
-
Seite 18
Table of Contents GS2200-48 User’s Guide 18 29.4.1 DHCP Relay Agent Info rmation .............. ................. ............ ................. ............ ..... 252 29.4.2 Configuring DHCP Glob al Relay ....... ................ ............. ................ ............. ........... 2 53 29.4.3 Global DHCP Relay Co nfigurat ion Example ......[...]
-
Seite 19
Table of Contents GS2200-48 User’s Guide 19 32.3.1 SNMP v3 and Security ......... ............. ................ ............. ................ ............. ........... 2 81 32.3.2 Supported MIBs ....... ................ ................. ............. ................ ................ .............. 281 32.3.3 SNMP Trap s ..... ................[...]
-
Seite 20
Table of Contents GS2200-48 User’s Guide 20 37.2 Viewing the IP T able ... ................... ...... ....... ................ ............. ................ ............. ........ ... 318 Chapter 38 ARP T able ........................................................ ..................................................... ........... ...... 321 38.[...]
-
Seite 21
21 P ART I Introduction Getting to Know Y our Switch (23) Hardware Installation and Connecti on (29) Hardware Overview (33)[...]
-
Seite 22
22[...]
-
Seite 23
GS2200-48 User’s Guide 23 C HAPTER 1 Getting to Know Your Switch This chapter introduces the main applications and features of the Switch. It al so introduces the wa ys you can manage the Switch. 1.1 Introduction The GS2200-48 is a stand- alone layer 2 Gigabit Ethernet (GbE) switch. It comes with 44 100/1000 Mbps Ethernet ports, 4 Dual P ersonali[...]
-
Seite 24
Chapter 1 Getting to Know Your Switch GS2200-48 User’s Guide 24 connect to high-speed department s ervers via the Switch. Y ou can provide a fast uplink connection by using t he Gi gabit uplink ports on the Switch. Figure 1 Bridging Ap plication 1.1.2 High Performance Switching Example The Switch is ideal for connecting two geogr aphically disper[...]
-
Seite 25
Chapter 1 Getting to Kn ow Your Switch GS2200-48 User’s Guide 25 1.1.3 Gigabit Ethernet to the Desktop The Switch is an i deal solution for small net works which demand high bandwidth for a group of heavy traffic users. Y ou ca n connect computers an d servers directly to the Switch’ s port or connect other switches to the Switch. Use the Gigab[...]
-
Seite 26
Chapter 1 Getting to Know Your Switch GS2200-48 User’s Guide 26 Shared resources such as a serv er can be used by al l ports in the same VLAN as the server . In the following figure only po rts that need access to the server need to be part of VLAN 1. P orts on the S wit ch can belong to other VLAN g roups too. Figure 4 Shared Serve r Using VLAN [...]
-
Seite 27
Chapter 1 Getting to Kn ow Your Switch GS2200-48 User’s Guide 27 • Back up the configur ation (and make sure you know how to restore it). Restoring an e arlier wo rking conf iguratio n may be usef ul if the device becomes unstable or even cr ashes. If you forget your password, you will have to reset the Switch to it s factory default set tings.[...]
-
Seite 28
Chapter 1 Getting to Know Your Switch GS2200-48 User’s Guide 28[...]
-
Seite 29
GS2200-48 User’s Guide 29 C HAPTER 2 Hardware Installation and Connection This chapter shows you how t o install and connect the S witch. 2.1 Freest anding Inst allation 1 Make sure the Switch is clean and dry . 2 Set the Swit ch on a smo oth, leve l surface strong enough to support the weight of the Switch and the c onnected cables. Make sure th[...]
-
Seite 30
Chapter 2 Hardware Installation and Connection GS2200-48 User’s Guide 30 Note: For proper ventilation, allow at le ast 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the Switch. This is especially imp ort ant for enclosed rack installations. 2.2 Mounting the Switch on a Rack This section lists the ra c k mounting [...]
-
Seite 31
Chapter 2 Har d war e In sta lla tion an d Conn ec tion GS2200-48 User’s Guide 31 3 Re peat steps 1 and 2 to install the second mounting br acket on the other side of the Switch. 4 Y ou may now mount the Switch on a r ack. Proceed to the next section. 2.2.3 Mounting the Switch on a Rack 1 P osition a mounting br acket (that is already att ached t[...]
-
Seite 32
Chapter 2 Hardware Installation and Connection GS2200-48 User’s Guide 32[...]
-
Seite 33
GS2200-48 User’s Guide 33 C HAPTER 3 Hardware Overview This chapter describes the front panel and rear p anel of the S w itch and shows you how to make the hardware connections. 3.1 Front Panel Connections The figure below shows the front panel of the S witch. Figure 8 Front Panel The following table describes t he ports. 100/1000 Mbps RJ-45 Ethe[...]
-
Seite 34
Chapter 3 Har d war e Ov er vie w GS2200-48 User’s Guide 34 3.1.1 1000Base-T Port s The Switch has 48 1000Base- T auto-negotiating, auto-crossover Ethernet ports (4 of which are part of the Dual P ersonality interfaces). In 100/10 00 Mbps Gigabit Ethernet, the speed can be 100 Mbps or 1000 Mbps. The duplex mode can be both half or full duplex at [...]
-
Seite 35
Chapter 3 Hardware Overview GS2200-48 User’s Guide 35 • T ype: SFP connection interface • Connection speed: 1 Gi gabit per second (Gbps) T o avoid possible eye injury , do not look into an operating fiber- optic module’ s connectors. 3.1.3.1 T ransceiver Inst allation Use the following steps to install a mini GBIC transceiver (SFP or XFP mo[...]
-
Seite 36
Chapter 3 Har d war e Ov er vie w GS2200-48 User’s Guide 36 1 Open the transceiv er’s latch (latch styles v ary). Figure 1 1 Opening the T ransceiver ’s Latch Example 2 Pull the transceiver out of the slot. Figure 12 T ransceiver Removal Example 3.2 Rear Panel The following figures show the rear panel of the switch. The r ear pa nel contain s[...]
-
Seite 37
Chapter 3 Hardware Overview GS2200-48 User’s Guide 37 The following table describes t he ports on the rear panel. 3.2.1 Power Connector Make sure you are using the correct po wer source as shown on the panel. T o connect the power to the Switch, insert the female end of power cord to the power receptacle on the rear panel. Co nnect the other end [...]
-
Seite 38
Chapter 3 Har d war e Ov er vie w GS2200-48 User’s Guide 38 Connect the male 9-pin end of the RS-232 console cable to the cons ole port of the Switch. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer . 3.3 LEDs The following table describes t he LEDs. T able 3 LEDs LED COLOR ST A TUS DESCRIPTION BPS Green Bl[...]
-
Seite 39
39 P ART II Basic Configuration The W eb Configur ator (41) Initial Setup Example (51) System Status and P ort Statistics (57) Basic Setting (63)[...]
-
Seite 40
40[...]
-
Seite 41
GS2200-48 User’s Guide 41 C HAPTER 4 The Web Configurator This section introduces the config uratio n and functions of the web configurator . 4.1 Introduction The web configurator is an HTML -based management interface that allows easy Switch setup an d m an agement v ia Inter net browser . Use Internet Explorer 6 .0 and later or Netscape Navigat[...]
-
Seite 42
Chapter 4 The Web Con figurator GS2200-48 User’s Guide 42 3 The login screen appears. The defa ult username is admin and associated default password is 1234 . The date and time displ ay as sh own if y ou have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 14 W eb Configurator: Login 4 Click O[...]
-
Seite 43
Chapter 4 T he Web Configurator GS2200-48 User’s Guide 43 A - Click the menu items to open submenu li nks, and then click on a submenu link to open the screen in the main w in d ow. B, C, D , E - These are quick lin ks whic h allow you to perform certain tasks no matter which s creen you are currently working in. B - Click t his link t o save you[...]
-
Seite 44
Chapter 4 The Web Con figurator GS2200-48 User’s Guide 44 The following table lists the v arious web configur ator screens within the sub-links. T able 5 Web Configurator Screen Sub-links Details BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT System Info Gener al Setup Swit ch S e tup IP Setu p Por t S e t u p VLAN (Status) VLAN P o[...]
-
Seite 45
Chapter 4 T he Web Configurator GS2200-48 User’s Guide 45 The following table descri bes the links in the na vigation panel. T able 6 Web Configurator Screen Sub-links Details BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT IP Source Guard IP Source Guard Static Binding DHCP Snooping - DHCP Snooping Configure -- DHCP Snooping Port Co[...]
-
Seite 46
Chapter 4 The Web Con figurator GS2200-48 User’s Guide 46 Bandwidth Control This link takes you to screens where you can cap the maximum bandwidth allowed from specified source(s) to specified destination(s). Broadcast Storm Control This link takes you to a screen to set up broadcast filters. Mirroring This link takes you to screens where you can[...]
-
Seite 47
Chapter 4 T he Web Configurator GS2200-48 User’s Guide 47 4.3.1 Change Y our Password After you log i n for the first time, it is recommended you change the default administr ator password. Click Man agement > Access Control > Logins to display the next screen. Figure 16 Change Administrator Login Password Maintenance This link takes you to[...]
-
Seite 48
Chapter 4 The Web Con figurator GS2200-48 User’s Guide 48 4.4 Saving Y our Configuration When you are done modifying th e s ettings in a screen, click Apply to save yo ur changes back to the run-time memory . Settings in the run-time memory are lost when the Switch’ s power is turned off . Click the Save link in the upper right hand corner of t[...]
-
Seite 49
Chapter 4 T he Web Configurator GS2200-48 User’s Guide 49 4.6.1 Reload the Configuration File Uploading the factory -default configur ation file replaces the current c onfiguration file with the factory -default confi gur ation file. This means that you will lose all previous configur ations and the speed of the c onsole port will be res et to th[...]
-
Seite 50
Chapter 4 The Web Con figurator GS2200-48 User’s Guide 50 The Switch i s now rein itialize d with a defau lt configu ration file in cludin g the de fault password of “1234” . 4.7 Logging Out of the W eb Configurator Click Logout in a screen to exit the web configurator . Y ou have to log in with your password again after you log out. This is [...]
-
Seite 51
GS2200-48 User’s Guide 51 C HAPTER 5 Initial Setup Example This chapter shows how to set up the S witch for an example network. 5.1 Overview The following lists the configur ation steps for the example network: • Configure an I P interfa ce • Configure DHCP server settings • Create a VLAN • Set port VLAN ID •E n a b l e R I P 5.1.1 Conf[...]
-
Seite 52
Chapter 5 Initi al Set up Ex amp l e GS2200-48 User’s Guide 52 new IP interface. Th is allows the Switch to route tr affic between the RD and Sales networks. Figure 19 Initia l Setup Network Example: IP Interface 1 Connect y our computer to t he MGMT port that i s used only for management. Make sure your computer is in the same subnet as the MGMT[...]
-
Seite 53
Chapter 5 Initi al Set up Ex amp le GS2200-48 User’s Guide 53 5 In the VID field, enter the ID of the VLAN group to which you want this IP interface to belong. This is the same as the VLAN ID you configure in the Static VLAN screen. 6 Click Add to sav e the settings to the run-ti me memory . Settings in the run-time memory are lost when the Switc[...]
-
Seite 54
Chapter 5 Initi al Set up Ex amp l e GS2200-48 User’s Guide 54 In this example, you want to configure port 1 as a member of VLAN 2. Figure 20 Initia l Setup Network Example: VLAN 1 Click Advanced Application > VLAN in the navigati on panel and click t he Static VLAN link. 2 In the Static VLAN screen, select ACTIVE , enter a descriptive name in[...]
-
Seite 55
Chapter 5 Initi al Set up Ex amp le GS2200-48 User’s Guide 55 3 Since the VLAN2 network is connected t o po rt 1 on the Switch, select Fixed to configure port 1 to be a perman ent member of the VLAN only . 4 T o ensure that VLAN-unawa re devices (such as computers and hubs) can receive frames properly , clea r the TX Tagging check bo x to set the[...]
-
Seite 56
Chapter 5 Initi al Set up Ex amp l e GS2200-48 User’s Guide 56 5.1.5 Enabling RIP T o exchange routing information with other routing devices across different routing domains, enable RIP (R outing Information Protocol) in the RIP screen. 1 Click IP Application and RIP in the na vigation panel. 2 Select Both in the Directi on field to set the Swit[...]
-
Seite 57
GS2200-48 User’s Guide 57 C HAPTER 6 System Status and Port Statistics This chapter describes the system s tatus (web configur ator home page) and port details screens. 6.1 Overview The home screen of the web configur ator displays a port s tatistical summary with links to each port showing s tatistical details.[...]
-
Seite 58
Chapter 6 S ystem Status and Port Sta tistics GS2200-48 User’s Guide 58 6.2 Port S t atus Summary T o view the port statistics, click Status in all web configurator screens to displa y the Status screen as sho wn next. Figure 22 S tatus The following table describes t he labels in this screen. T able 8 Status LABEL DESCRIPTION P ort This identifi[...]
-
Seite 59
Chapter 6 System Status and Port Statistics GS2200-48 User’s Guide 59 6.2.1 S t atus: Port Det ails Click a number in the Port column in the Status screen to display individual p ort statistics. Use t his screen to check status and detailed perf ormance data about an individual port on the S witch. Figure 23 S tatus: Port Det ails Tx KB/s This fi[...]
-
Seite 60
Chapter 6 S ystem Status and Port Sta tistics GS2200-48 User’s Guide 60 The following table describes t he labels in this screen. T able 9 Status > Port Details LABEL DESCRIPTION Po r t I n f o P ort NO. This field displays the port number y ou are viewing. Name This field displays the name of the port. Link This field displays the speed (eith[...]
-
Seite 61
Chapter 6 System Status and Port Statistics GS2200-48 User’s Guide 61 Single This is a count of successfully transmitted packets for which transmission is inhibited by exactly one collision. Multiple This is a count of successfully transmitted packets for which transmission was inhibited by more than one collision. Excessiv e This is a count of p[...]
-
Seite 62
Chapter 6 S ystem Status and Port Sta tistics GS2200-48 User’s Guide 62[...]
-
Seite 63
GS2200-48 User’s Guide 63 C HAPTER 7 Basic Setting This chapter describes how to configure the System Info, General Setup , Switch Setup , IP Setup and Port Setup screens. 7.1 Overview The System Info screen displays gener al Switch information (such as fi rmware version number) and hardware polling information (such as fan speeds). The General S[...]
-
Seite 64
Chapter 7 Basic Setting GS2200-48 User’s Guide 64 7.2 System Information In the navigation panel, click Basic Setting > System Info to displ ay the screen as shown. Y ou can check the firmware version number and monitor the Switch temperature, fan speeds an d voltag e in this screen. Figure 24 Basic Setting > System Info The following table[...]
-
Seite 65
Chapter 7 Basic Setting GS2200-48 User’s Guide 65 Te m p e r a t u r e MAC , CPU , and PHY refer to the location of the temperature sensors on the Switch printed circuit board. Current This shows the current temper ature at this sensor . MAX This field displays the maximum temperature measured at this sensor . MIN This field displays the minimum [...]
-
Seite 66
Chapter 7 Basic Setting GS2200-48 User’s Guide 66 7.3 General Setup Use this screen to configure genera l set t ings such as the system name and time. Click Basic Setting and Gener al Setup in the navigation panel to display the screen as shown. Figure 25 Basic Setting > General Setup The following table describes t he labels in this screen. T[...]
-
Seite 67
Chapter 7 Basic Setting GS2200-48 User’s Guide 67 Use Time Server when Bootup T ype the time service protocol that your timeserver uses. Not all time servers support all protocols, so you may have to use trial and error to find a protocol that works. The ma in differences between them are the time format. When you select the Daytime (RFC 867) for[...]
-
Seite 68
Chapter 7 Basic Setting GS2200-48 User’s Guide 68 7.4 Introduction to VLANs A VLAN (Virtual Local Area Network) allo ws a ph ysical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one grou p. With VLAN, a device cannot directly talk to or hear from device[...]
-
Seite 69
Chapter 7 Basic Setting GS2200-48 User’s Guide 69 7.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display t he screen as shown. The VLAN setup scre ens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. R efer to the chapter on VLAN. Figure 26 Basic Setti[...]
-
Seite 70
Chapter 7 Basic Setting GS2200-48 User’s Guide 70 Join Timer Join Timer sets the duration of the Join P eriod timer for GVRP in milliseconds. Each port has a Join Period timer . The allowed Join Time range is between 100 and 6 5535 milliseconds; the default is 200 milliseconds. See Section 8. 1 on pa ge 79 for more background information. Leave T[...]
-
Seite 71
Chapter 7 Basic Setting GS2200-48 User’s Guide 71 7.6 IP Setup Use the IP Setup screen to configure the default gateway d evice, the default domain name server and add IP domains. 7.6.1 IP Interfaces The Switch needs an IP address for it to be managed ov er the network. The factory default in-band IP address is 192. 168.1.1. The subnet mask speci[...]
-
Seite 72
Chapter 7 Basic Setting GS2200-48 User’s Guide 72 The following table describes t he labels in this screen. T able 13 Basic Setting > IP Setup LABEL DESCRIPTION Default Gateway T ype the IP address of the default outgoing gateway in dotted decimal notation, for example 192.168.1.254. Domain Name Server DNS (Domain Name S ystem) is for mapping [...]
-
Seite 73
Chapter 7 Basic Setting GS2200-48 User’s Guide 73 7.7 Port Setup Use this screen to configure Switch port setting s.Cli ck Basic Setting > Port Setup in the navigation panel to display the conf iguration screen. Figure 28 Basic Setting > Port Setup IP Subnet Mask This field displays the subnet mask of the Switch in the IP domain. VID This f[...]
-
Seite 74
Chapter 7 Basic Setting GS2200-48 User’s Guide 74 The following table describes t he labels in this screen. T able 14 Basic Setting > Port Setup LABEL DESCRIPTION P ort This is the port index number . * Settings in this row apply to all ports. Use this row only if y ou want to make some settings the same for all ports. Use this row first to se[...]
-
Seite 75
Chapter 7 Basic Setting GS2200-48 User’s Guide 75 802.1p Priority This priority value is added to incoming fr ames without a (802.1p) priority queue tag. See Pr iority Queue Assignment in T able 12 on page 69 for more information. BPDU Control Configure the way to treat BPDUs receiv ed on this port. Y ou must activate bridging control protocol tr[...]
-
Seite 76
Chapter 7 Basic Setting GS2200-48 User’s Guide 76[...]
-
Seite 77
77 P ART III Advanced Setup VLAN (79) Static MAC F orward Setup (99) Filtering (103) Spanning T ree Protocol (105) Bandwidth Control (123) Broadcast Storm Control (127) Mirroring (129) Link Aggregation (131) P ort Authentication (139) P ort Security (145) Classifier (149) P olicy Rule (157) Queuing Method (165) VLAN Stacking (16 9) Multicast (175) [...]
-
Seite 78
78[...]
-
Seite 79
GS2200-48 User’s Guide 79 C HAPTER 8 VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-bas ed VLANs. 8.1 Introduction to IEEE 802.1Q T agged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN m[...]
-
Seite 80
Chapter 8 VLAN GS2200-48 User’s Guide 80 switch, the Swit ch first decides where to forward the fr ame and then strips off the VLAN tag. T o forw ard a fr ame from an 802.1Q VLAN-una ware switch to an 802.1Q VLAN-aware switc h, the Switch first de cide s where to forward the fr ame, and then inserts a VLAN tag reflecting the ingress port's d[...]
-
Seite 81
Chapter 8 VLAN GS2200-48 User’s Guide 81 8.3 Port VLAN T runking Enable VLAN Trunking on a port to allow fr ames belonging to unknown VLAN groups to pass through that port. This is us eful if y ou w ant to set up VLAN grou ps on end devices without ha ving to co nfigure the same VLAN groups on intermediary devices. The following figure describes [...]
-
Seite 82
Chapter 8 VLAN GS2200-48 User’s Guide 82 allow fr ames with VLAN group tags 1 an d 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s). Figure 29 Port VLAN T runking 8.4 Select the VLAN T ype Select a VLAN type in the Basic Setting > Switch Setup screen. Figure 30 Switch Setup: Select VLAN T ype 8.5 S[...]
-
Seite 83
Chapter 8 VLAN GS2200-48 User’s Guide 83 8.5.1 S t atic VLAN S t atus See Section 8.1 on page 79 for more information on Static VLAN. Clic k Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown next. Figure 31 Advanced Application > VLAN: VLAN S t atus The following table describes t he labels in [...]
-
Seite 84
Chapter 8 VLAN GS2200-48 User’s Guide 84 8.5.2 S t atic VLAN Det ails Use this screen to view detai led port se ttings and status of the VLAN group . See Section 8.1 on page 79 for more information on stat ic VLAN. Click on an index number in the VLAN Status screen to display VLAN det ails. Figure 32 Advanced Application > VLAN > VLAN Detai[...]
-
Seite 85
Chapter 8 VLAN GS2200-48 User’s Guide 85 static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 33 Advanced Application > VLAN > S tatic VLAN The following table describes t he related labels in this screen. T able 18 Advanced Application > VLAN > S tatic VLAN LABEL DESCRIPTION ACTIVE Sele[...]
-
Seite 86
Chapter 8 VLAN GS2200-48 User’s Guide 86 Control Select Norma l for the port to dynamically join this VLAN group using GVRP . This is the default selection. Select Fixed for the port to be a permanent member of this VLAN group. Select Forbidden if you want to prohibit the port from joining this VLAN group. T agging Sel ect TX Tagging if you want [...]
-
Seite 87
Chapter 8 VLAN GS2200-48 User’s Guide 87 8.5.4 Configure VLAN Port Settings Use the VLAN Port Set ti ng screen to co nfigure the static VLAN (IEEE 802.1Q) settings on a port. See Section 8.1 on page 79 for more information on static VLAN. Click the VLAN Port Setting link in th e VLAN Status screen. Figure 34 Advanced Application > VLAN > VL[...]
-
Seite 88
Chapter 8 VLAN GS2200-48 User’s Guide 88 8.6 Subnet Based VLANs Subnet based VLANs allow y ou to group tr affic into logical VLANs based on the source IP subnet you s pecify . When a fr ame is received on a port, the Switch checks if a tag is added already and the IP subnet it came from. The untag ged packets fr om the same IP su bnet are then pl[...]
-
Seite 89
Chapter 8 VLAN GS2200-48 User’s Guide 89 services). All untagged i ncoming fr ames will be clas sified based on their source IP subnet and prioritiz ed accordingly . That is, video services receive the highest priority and data the lowest. Figure 35 Subnet Based VLAN Applicat ion Example 8.7 Configuring Subnet Based VLAN Click Subnet Based VLAN i[...]
-
Seite 90
Chapter 8 VLAN GS2200-48 User’s Guide 90 Note: Subnet based VLAN applies to un-tagg ed packet s and is applicable only when you use IEEE 802.1Q t agged VLAN. Figure 36 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN The following table describes t he labels in this screen. T able 20 Advanced Application > VLAN >[...]
-
Seite 91
Chapter 8 VLAN GS2200-48 User’s Guide 91 8.8 Protocol Based VLANs Protocol based VLANs allow y ou to group tr affic into logi cal VLANs based on the protocol you s pecify . When an u pstream f rame is received on a port (confi gured for a protocol based VLAN), t he Switch checks if a tag is added already and its protocol. The untagged packets of [...]
-
Seite 92
Chapter 8 VLAN GS2200-48 User’s Guide 92 T alk tr affic from port 6 and 7 will be in another group and ha ve higher priority than ARP traffic when they go through the upli nk port to a backbone switch C. Figure 37 Protocol Based VLAN Application Example 8.9 Configuring Protoc ol Based VLAN Click Protocol B ased VLAN in the VLAN Port Setting scree[...]
-
Seite 93
Chapter 8 VLAN GS2200-48 User’s Guide 93 The following table describes t he labels in this screen. T able 21 Advanced Application > VLAN > VL AN Port Setting > Protocol Based VLAN Setup LABEL DESCRIPTION Active Check this bo x to activate this protocol based VLAN. P ort T ype a port number to be inclu ded in this protocol based VLAN. Thi[...]
-
Seite 94
Chapter 8 VLAN GS2200-48 User’s Guide 94 8.10 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 4 and 8. Foll ow these steps using the screen below: 1 Activ ate this protocol based VLAN. 2 T ype the port number you w ant to include in this protocol based VLAN. T ype 1 . 3 Give this protocol-ba[...]
-
Seite 95
Chapter 8 VLAN GS2200-48 User’s Guide 95 8.1 1 Port-based VLAN Setup P or t-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. P ort-based VLANs require all owed outgoing ports to be defined for each port. Therefore, if y ou wish to allow t wo subscr iber ports to talk to ea[...]
-
Seite 96
Chapter 8 VLAN GS2200-48 User’s Guide 96 The following screen shows users on a port-based, all- connected VLAN configu ration. Figure 40 Advanced Application > VLAN > Po rt Based VLAN Setup (All Connected)[...]
-
Seite 97
Chapter 8 VLAN GS2200-48 User’s Guide 97 The following screen shows users on a port-based, port -isolated VLAN configu ration. Figure 41 Advanced Application > VLAN: Port Ba se d VLAN Setup (Port Isolation)[...]
-
Seite 98
Chapter 8 VLAN GS2200-48 User’s Guide 98 The following table describes t he labels in this screen. T able 22 Advanced Application > VLAN: Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation . All connected means all ports can communicate with each other , that is, there are no virtual LANs. All incomi [...]
-
Seite 99
GS2200-48 User’s Guide 99 C HAPTER 9 Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 9.1 Overview This chapter discusses how to configure forw arding rules based on MAC addresses of devices on your network. 9.2 Configuring S t atic MAC Forwarding A static MAC address is an address that has been manually ente[...]
-
Seite 100
Chapter 9 Static MAC Forward Setup GS2200-48 User’s Guide 100 Click Adv anced Applications > Static MAC Forwarding in the navigati on panel to display the configur ation screen as shown. Figure 42 Advanced Application > S tatic MAC Forwarding The following table describes t he labels in this screen. T able 23 Advanced Application > S t a[...]
-
Seite 101
Chapter 9 Static MAC Forward Setup GS2200-48 User’s Guide 101 P ort This field displays the port w here the MAC address sh own in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the Delete che ck boxes. T able 23 Advanced Application > S t atic MAC Forwardi[...]
-
Seite 102
Chapter 9 Static MAC Forward Setup GS2200-48 User’s Guide 102[...]
-
Seite 103
GS2200-48 User’s Guide 103 C HAPTER 10 Filtering This chapter discusses MAC address port fil tering. 10.1 Configure a Filtering Rule Configure the S witch to filter tr affic base d on the tr affic’ s source, destinat ion MAC addresses and/or VLAN group (ID). Click Advanced Application > Filtering in the navigation panel to display the screen[...]
-
Seite 104
Chapter 10 Filtering GS2200-48 User’s Guide 104 Action Select Discard source to drop frames from th e source MAC address (specified in the MAC field). The Switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address). The Switch can still receive frames ori[...]
-
Seite 105
GS2200-48 User’s Guide 105 C HAPTER 11 Spanning Tree Protocol The Switch suppor ts Spanning T ree Protocol (STP), R apid Spanning T ree Protocol (RSTP) and Multiple Spanning T ree Protoc ol (MSTP) as defined in the foll owing standards. • IEEE 802.1D Spanning T ree Protocol • IEEE 802.1w Rapid Spanning T ree Protocol • IEEE 802.1s Multiple [...]
-
Seite 106
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 106 P ath cost is the cost of tr ansmitting a frame onto a LAN through that port. The recommended cost is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost. On each bridge, the bridge communicates wi th the root throug h the[...]
-
Seite 107
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 107 1 1.1.3 STP Port St ates STP assigns fiv e port states to eliminate packet loopi ng. A bridge port is not allowed to go direct ly from blocking state to forw arding state so as to eliminate transient loops. 1 1.1.4 Multiple STP Multiple Spanning T ree Protocol (IEEE 802. 1s) is backwar[...]
-
Seite 108
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 108 blocked as STP and RSTP allow only one link i n the network and block the redundant link. Figure 44 STP/RSTP Network Example With MSTP , VLANs 1 and 2 are mapp ed to di fferent span ning trees in the network. Thus traf fic from the two VLANs tr avel on different paths. The following f[...]
-
Seite 109
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 109 Devices that belong to the same MST re gion are configured to hav e the same MSTP configuration identificati on settings . These include the following parameters: • Name of the MST region • Revision level as the uniqu e nu m be r for the MST regio n • VLAN-to-MST Instance mapping[...]
-
Seite 110
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 11 0 and single spanning tree devi ces. A ne t work may contain multiple MST regions and other network segments running RSTP . Figure 47 MSTP and Legacy RSTP Network Example 1 1.2 S p anning T ree Protocol St atus Screen The Spanning T ree Protocol status scree n changes depending on what[...]
-
Seite 111
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 111 1 1.3 S p anning T ree Configuration Use the Spanning Tree Configuration screen to activate one of the STP modes on the Switch. Click Configuration in t he Advanced Application > Spanning Tree Proto col . Figure 49 Advanced Application > S panning T ree Protocol > Configuratio[...]
-
Seite 112
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 11 2 1 1.4 Configure Rapid S p anning T ree Protocol Use this screen to configure RSTP settings, see Section 11.1 on page 105 for more informat ion on RS TP . C lick RSTP in the Advanced Application > Spanning Tree Proto col screen. Figure 50 Advanced Application > S panni ng T ree [...]
-
Seite 113
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 11 3 The following table describes t he labels in this screen. T able 28 Advanced Application > S p anning T ree Protocol > RSTP LABEL DESCRIPTION Status Click Status to display the RSTP Status screen (see Figure 51 on page 114 ). Active Select this check box to activ ate RSTP . Clea[...]
-
Seite 114
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 11 4 1 1.5 Rapid S p anning T ree Protocol St atus Click Advanced Application > Spanning Tree Pro tocol in the navigation panel to display the status screen as shown next. See Section 11.1 on page 105 for more information on RSTP . Note: This screen is only available af ter you activat[...]
-
Seite 115
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 11 5 The following table describes t he labels in this screen. T able 29 Advanced Application > S p anning T ree Protocol > S tatus: RSTP LABEL DESCRIPTION Configuration C lick Configuration to specify which STP mode you w ant to activate. Click RSTP to edit RSTP settings on the Swit[...]
-
Seite 116
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 11 6 1 1.6 Configure Multiple S p anning T ree Protocol T o configure MSTP , click MSTP in the Advanced Applicatio n > Spanning Tree Protocol screen. See Section 11.1.4 on page 107 for more information on MSTP . Figure 52 Advanced Application > S panni ng T ree Protocol > MSTP[...]
-
Seite 117
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 11 7 The following table describes t he labels in this screen. T able 30 Advanced Application > S p anning T ree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 53 on page 119 ). Active Select this check box to activ ate MSTP on the[...]
-
Seite 118
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 11 8 Bridge Priority Set the priority of the Switch for the specific spanning tree instance. The lower the number , the more likely the Switch will be chosen as the root bridge within the spanning tree instance. Enter priority values between 0 and 61440 in increments of 4096 (thus valid v[...]
-
Seite 119
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 11 9 1 1.7 Multiple S p anning T ree Protocol St atus Click Advanced Applicat ion > Spanning Tree Protoc ol in the navigation panel to display the status screen as shown next. See Section 11.1.4 on page 107 for more information on MSTP . Note: This screen is only available af ter you ac[...]
-
Seite 120
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 120 The following table describes t he labels in this screen. T able 31 Advanced Application > S p anning T ree Protocol > S tatus: MSTP LABEL DESCRIPTION Configuration C lick Configuration to specify which STP mode you w ant to activate. Click MSTP to edit MSTP settings on the S wi[...]
-
Seite 121
Chapter 11 Spanning Tr ee Protocol GS2200-48 User’s Guide 121 Internal Cost This is the path cost from the root port in this MST instance to the regional root switch. P ort ID This is the priority and number of the port on the Sw itch through which this Switch must communicate with the root of th e MST instance. T able 31 Advanced Application >[...]
-
Seite 122
Chapter 11 Spanning Tr ee Protoc ol GS2200-48 User’s Guide 122[...]
-
Seite 123
GS2200-48 User’s Guide 123 C HAPTER 12 Bandwidth Control This chapter shows you how y ou can cap the maximum bandwidth using the Bandwidth Control screen. 12.1 Bandwid th Control Overview Bandwidth control means defining a maxi mum allowab le bandwidth for incoming and/or out-going tr affic flows on a port. 12.1.1 CIR and PIR The Committed Inform[...]
-
Seite 124
Chapter 12 Bandwidth Control GS2200-48 User’s Guide 124 12.2 Bandwid th Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 54 Advanced Application > Bandwid th Control The following table describes t he related labels in this screen. T able 32 Advanced Applicatio[...]
-
Seite 125
Chapter 12 Band wid th Contr ol GS2200-48 User’s Guide 125 Pe a k Rat e Specify the maximum bandwidth allowed in kilobits per second (Kbps) for the incoming traffic flow on a port. Active Select this check bo x to activate egress r ate limits on this port. Egress Rate Specify the maximum bandwidth allowed in kilobits per second (Kbps) for the out[...]
-
Seite 126
Chapter 12 Bandwidth Control GS2200-48 User’s Guide 126[...]
-
Seite 127
GS2200-48 User’s Guide 127 C HAPTER 13 Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 13.1 Broadcast S torm Control Setup Broadcast storm control limits the number of broadcast, multicast and destinat ion lookup failure (DLF ) packets the S witch re ceives per second on the port[...]
-
Seite 128
Chapter 13 Broadcast Storm Control GS2200-48 User’s Guide 128 The following table describes t he labels in this screen. T able 33 Advanced Application > Broadcast S torm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature. P ort This field displays a[...]
-
Seite 129
GS2200-48 User’s Guide 129 C HAPTER 14 Mirroring This chapter discusses port mirroring s etup screens. 14.1 Port Mirroring Setup P o r t m i r r o r i n g a l l o w s y o u t o c o p y a t r a f f i c f l o w t o a m o n i t o r p o r t ( t h e p o r t y o u c o p y the traffic to) in order th at you ca n examine th e traffic f r om th e m o ni t[...]
-
Seite 130
Chapter 14 M irr or in g GS2200-48 User’s Guide 130 The following table describes t he labels in this screen. T able 34 Advanced Application > Mirroring LABEL DESCRIPTION Active Select this check box to activ ate port mirroring on the Switch. Clear this check box to disable the feature. Monitor Po r t The monitor port is the port you copy the [...]
-
Seite 131
GS2200-48 User’s Guide 131 C HAPTER 15 Link Aggregation This chapter shows you how t o logically aggr egate phy sical links t o form one logical, higher-bandwid th link. 15.1 Link Aggregation Overview Link aggregation (trunking) is the groupi ng of physical por ts into one log i ca l higher-capacity link. Y ou may want to trunk ports i f for exam[...]
-
Seite 132
Chapter 15 Li nk Aggr eg a tion GS2200-48 User’s Guide 132 LACP also allows port redundancy , that is, if an operational port fails, then one of the “standby” ports become operational wi thout user interv ention. Please note that: • Y ou must connect all ports point -to-point to the same Ethernet switch and configure the ports for LACP trun[...]
-
Seite 133
Chapter 15 L ink Aggr eg a tion GS2200-48 User’s Guide 133 The following table descri bes the labels in this screen. T able 37 Advanced Application > Link Aggregation S tatus LABEL DESCRIPTION Index This field displays the trunk ID to identify a trunk group , that is, one logical link containing multiple ports. Enabled Port These are the ports[...]
-
Seite 134
Chapter 15 Li nk Aggr eg a tion GS2200-48 User’s Guide 134 15.4 Link Aggregation Setting Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 15.1 on page 131 for more informat ion on link aggre gation. Figure 58 Advanced Application > Link Aggreg ation > Link Aggregati[...]
-
Seite 135
Chapter 15 L ink Aggr eg a tion GS2200-48 User’s Guide 135 15.5 Link Aggregation Control Protocol Click in the Advanced Application > Link Aggregation > Link Aggregation Setting > LACP to displa y the screen shown next. See Section 15.2 on page 131 for more infor mation on dynamic link aggregation. Figure 59 Advanced Application > Lin[...]
-
Seite 136
Chapter 15 Li nk Aggr eg a tion GS2200-48 User’s Guide 136 The following table describes t he labels in this screen. 15.6 S t atic T r unking Example This example shows you how to create a static port trunk group for ports 2-5. T able 39 Advanced Application > Link Aggregation > Link Aggregatio n Setting > LACP LABEL DESCRIPTION Link Agg[...]
-
Seite 137
Chapter 15 L ink Aggr eg a tion GS2200-48 User’s Guide 137 1 Make your physical connections - make sure that the ports that you w ant to belong to the trunk group are connected to the same destina tion. The followin g figure shows ports 2-5 on swit ch A connected to switch B . Figure 60 T runking Example - Physical Connections 2 Configure static [...]
-
Seite 138
Chapter 15 Li nk Aggr eg a tion GS2200-48 User’s Guide 138 Y our trunk group 1 ( T1 ) configur ation is now complete; you do not need to go to any additional screens.[...]
-
Seite 139
GS2200-48 User’s Guide 139 C HAPTER 16 Port Authentication This chapter describes the IEEE 802. 1x and MAC authentication methods. 16.1 Port Authentication Overview P ort authentication is a w ay to v alidate access to ports on the Switch to clients based on an external server (authentic ation server). The S witch supports the following methods f[...]
-
Seite 140
Chapter 16 Port Authentication GS2200-48 User’s Guide 140 request to a RADIUS server . The RADIUS se rver validat es whether this client is allowed access to the port. Figure 62 IEEE 802.1x Authentication Process 16.1.2 MAC Authentication MAC authentication works in a very sim ilar way to IEEE 802.1x authentication. The main difference is that th[...]
-
Seite 141
Chapter 16 Port Authentication GS2200-48 User’s Guide 141 client connecting to a port on the Switch along with a password configured specifically for MAC authenti cation on the Switc h. Figure 63 MAC Authentication Process 16.2 Port Authentication Configuration T o enable port authentication, first activ a te the port authentication method(s) y o[...]
-
Seite 142
Chapter 16 Port Authentication GS2200-48 User’s Guide 142 16.2.1 Activate IEEE 802.1x Security Use this screen to activ ate IEEE 802.1x security . In the Port Authentication screen click 802. 1x to displa y the configurat ion screen as shown. Figure 65 Advanced Application > Port Authentication > 802.1x The following table describes t he la[...]
-
Seite 143
Chapter 16 Port Authentication GS2200-48 User’s Guide 143 16.2.2 Activate MAC Authentication Use this screen to activ ate MAC authentication. In t he Port Authentication screen click MAC Authentication to di splay the configur ation screen as shown. Figure 66 Advanced Application > Port Authentication > MAC Authentication R eauthenticati on[...]
-
Seite 144
Chapter 16 Port Authentication GS2200-48 User’s Guide 144 The following table describes t he labels in this screen. T able 41 Advanced Application > Port Authentication > MAC Authen tication LABEL DESCRIPTION Active Select this check box to permit MAC authentication on the Switch. Note: Y ou must first enable MAC authentication on the Switc[...]
-
Seite 145
GS2200-48 User’s Guide 145 C HAPTER 17 Port Security This chapter shows you how t o set up port securit y . 17.1 About Port Security P ort security allows only packet s with dynamically learned MAC addresses and/or configured static MAC ad dresses to pass throug h a port on the S witch. Th e Switch can learn up to 16K MAC addresses in total with [...]
-
Seite 146
Chapter 17 Port Secu rity GS2200-48 User’s Guide 146 17.2 Port Security Setup Click Advanced Application > Port Security in the navigati on panel to displa y the screen as shown. Figure 67 Advanced Application > Port Security The following table describes t he labels in this screen. T able 42 Advanced Application > Port Security LABEL DE[...]
-
Seite 147
Chapter 17 Port Security GS2200-48 User’s Guide 147 Address Learning MAC address learning re duces outgoing broadcast traffic. For MAC address learning to occur on a port, the port itself must be activ e with address learning enabled. Limited Number of Learned MAC Address Use this field to limit the number of (dynamic) MAC addresses that may be l[...]
-
Seite 148
Chapter 17 Port Secu rity GS2200-48 User’s Guide 148[...]
-
Seite 149
GS2200-48 User’s Guide 149 C HAPTER 18 Classifier This chapter introduces and shows you how to configure the packet classif ier on the Switch. 18.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay , and the networking me thods used to control the use of bandwidth. Wit[...]
-
Seite 150
Chapter 18 Classifier GS2200-48 User’s Guide 150 Click Advanced Application > Classifier in the navigation panel to display the configurati on screen as shown. Figure 68 Advanced Applicatio n > Classifier The following table describes t he labels in this screen. T able 43 Advanced Application > Classifier LABEL DESCRIPTION Active Select [...]
-
Seite 151
Chapter 18 Classifier GS2200-48 User’s Guide 151 Layer 2 Specify the fields below to configure a layer 2 classifier . VLAN Select Any to classify traffic from any VLAN or select the second option and specify the source VLAN ID in the field provided. Priority Select Any to classify traffic from any priority lev el or select the second option and s[...]
-
Seite 152
Chapter 18 Classifier GS2200-48 User’s Guide 152 18.3 V iewing and Editing Classifier Configuration T o view a summary of t he classifier configur ation, scroll down to the s ummary table at the bottom of the Classifier screen. T o change the settings of a rule, click a number in the Index field. Note: When two rules conflict with each other , a [...]
-
Seite 153
Chapter 18 Classifier GS2200-48 User’s Guide 153 The following table describes t he labels in this screen. The following table shows some other common Ethernet types and the corresponding protocol number . In the Internet Protocol, there is a field called “Protocol” t o identify the IP protocol type. The following table s hows some common pro[...]
-
Seite 154
Chapter 18 Classifier GS2200-48 User’s Guide 154 Some of the most common IP ports are: T able 47 Common TCP and UDP Port Numbers PORT NUMBER PORT NAME 21 FTP 23 T elnet 25 SMTP 53 DNS 80 HT TP 110 POP3[...]
-
Seite 155
Chapter 18 Classifier GS2200-48 User’s Guide 155 18.4 Classifier Example The following screen shows an example of conf iguring a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. Figure 70 Classifier: Example After you hav e configured a classifier , you can conf igure a policy to define action(s) on the classif[...]
-
Seite 156
Chapter 18 Classifier GS2200-48 User’s Guide 156[...]
-
Seite 157
GS2200-48 User’s Guide 157 C HAPTER 19 Policy Rule This chapter shows you how t o configure policy rules. 19.1 Policy Rules Overview A classifier dist inguishes traffic into flows based on the configured criteria (refer to Chapter 18 on page 149 for more information). A policy rule ensures that a tr affic flow gets the requested treatment in the [...]
-
Seite 158
Chapter 19 Policy Rule GS2200-48 User’s Guide 158 The DSCP value determines the forwarding behavior , the PHB (Per-Hop Behavior), that each pack et gets across the DiffSer v network. Based on the marking rule, different kinds of tr affic can be marked for different kinds of forwarding. R esources can then be allocated according to the DS CP v alu[...]
-
Seite 159
Chapter 19 Policy Rule GS2200-48 User’s Guide 159 Click Advanced Applications > Policy Rule in the navigation panel t o display the screen as shown. Figure 71 Advanced Application > Policy Rule[...]
-
Seite 160
Chapter 19 Policy Rule GS2200-48 User’s Guide 160 The following table describes t he labels in this screen. T able 48 Advanced Application > Policy Rule LABEL DESCRIPTION Active Select this option to enable the policy . Name Enter a descriptive name for identification purposes. Classifier(s) This field dis plays the active classifier(s) you co[...]
-
Seite 161
Chapter 19 Policy Rule GS2200-48 User’s Guide 161 19.3 V iewing and Editin g Policy Configuration T o view a summary of t he classifier configur ation, scroll down to the s ummary table at the bottom of the Policy screen. T o change the settings of a rule, click a number in the Index field. Figure 72 Advanced Application > Policy Rule: Summary[...]
-
Seite 162
Chapter 19 Policy Rule GS2200-48 User’s Guide 162 The following table describes t he labels in this screen. T able 49 Policy: Summary Table LABEL DESCRIPTION Index This field displa ys the policy index num ber . Click an index number to edit the policy . Active This field displays Yes when policy is activated and No when is it deactivated. Name T[...]
-
Seite 163
Chapter 19 Policy Rule GS2200-48 User’s Guide 163 19.4 Policy Example The figure below shows an example Policy screen where y ou configure a policy to limit bandwidth and discard out -of-profi le traffic on a tr affic flow classified using the Example classifier (r efer to Section 18.4 on page 155 ). Figure 73 Policy Example example[...]
-
Seite 164
Chapter 19 Policy Rule GS2200-48 User’s Guide 164[...]
-
Seite 165
GS2200-48 User’s Guide 165 C HAPTER 20 Queuing Method This chapter introduces the queuing methods supported. 20.1 Queuing Method Overview Queuing is us ed to help solve performa nce degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffi c. See al so Priority Queue Assignment[...]
-
Seite 166
Chapter 20 Q ue u ing Me tho d GS2200-48 User’s Guide 166 different tr affic queues . By defaul t, the weight for Q0 is 1, for Q1 is 2, for Q2 is 3, and so on. Guar anteed bandwidth is calculated as follows: For example, usi ng the default setting, Q0 on P ort 1 gets a guar anteed bandwidth of: 20.1.3 W eighted Round Robin Scheduling (WRR) Ro u n[...]
-
Seite 167
Chapter 20 Queuing Me thod GS2200-48 User’s Guide 167 20.2 Configuring Queuing Click Advanced Application > Queuing Method in the na vigation panel. Figure 74 Advanced Application > Que uing Method The following table describes t he labels in this screen. T able 50 Advanced Application > Queuing Method LABEL DESCRIPTION P ort This label [...]
-
Seite 168
Chapter 20 Q ue u ing Me tho d GS2200-48 User’s Guide 168 Method Select SPQ (Strictly Prior ity Queuing), WFQ (Weighted Fair Queuing) or WRR (Weighted Round Robin) . Strictly Priority services queues based on priority only . When the highest priority queue empties, traffic on the next highest-priority queue begins. Q7 has the highest priority and[...]
-
Seite 169
GS2200-48 User’s Guide 169 C HAPTER 21 VLAN Stacking This chapter shows you how t o configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN 21.1 VLAN S t acking Overview A service provider c an use VLAN stacking to allow i t to distinguish multiple customers VLANs, even those with the sa me [...]
-
Seite 170
Chapter 21 VLAN Stacking GS2200-48 User’s Guide 170 distinguish customer A and tag 48 to disti nguish customer B at ed ge device 1 and then stripping those tags at edge device 2 as the data frames leav e the network. Figure 75 VLAN S tacking Example 21.2 VLAN S t acking Port Roles Each port can hav e one of the following VLAN stacking “roles”[...]
-
Seite 171
Chapter 21 VLAN Stacking GS2200-48 User’s Guide 171 21.3 VLAN T ag Format A VLAN tag (service pro vider VLAN st acki ng or customer IEEE 802.1Q) consists of the following th ree fields. Type is a standard Ethernet type code id entifying the fr ame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provider [...]
-
Seite 172
Chapter 21 VLAN Stacking GS2200-48 User’s Guide 172 Configure the fields as highlighted in the Switch VLAN Stacking screen. T able 52 Single and Double Tagged 802.11Q Frame Format DA SA Len/ Etype Dat a FCS Untagged Ethernet frame DA SA TPI D Priorit y VI D Len/ Etype Dat a FCS IEEE 802.1Q customer tagged frame D A SA SPTPI D Priori ty VI D TPI D[...]
-
Seite 173
Chapter 21 VLAN Stacking GS2200-48 User’s Guide 173 21.4 Configuring VLAN S t acking Click Advanced Applications > VLAN Stacking to disp l ay the sc re en as shown. Figure 76 Advanced Application > VLAN S t acking The following table describes t he labels in this screen. T able 54 Advanced Application > VLAN Stacking LABEL DESCRIPTION Ac[...]
-
Seite 174
Chapter 21 VLAN Stacking GS2200-48 User’s Guide 174 Role Select Access Port to have the S witch add the SP TPID tag to all incoming frames received on th is port. Select Access Port for ingress ports at the edge of the service provide r's netw ork. Select Tunnel Port (available for Gigabit ports only) for egress ports at the edge of the serv[...]
-
Seite 175
GS2200-48 User’s Guide 175 C HAPTER 22 Multicast This chapter shows you how t o configure various multicast features. 22.1 Multicast Overview T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast deliv ers IP packets to just a group [...]
-
Seite 176
Chapter 22 Multicast GS2200-48 User’s Guide 176 22.1.3 IGMP Snooping The Switch can passiv ely snoop on IGMP pack ets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP pack ets pa ssing through it, picks out the group registration informa t ion , and configu res mul[...]
-
Seite 177
Chapter 22 Multicast GS2200-48 User’s Guide 177 22.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 22.1 on page 175 for more i nformation on multicasting. Figure 78 Advanced Application > Mult icast > Multicast Sett ing P ort This field displays the port [...]
-
Seite 178
Chapter 22 Multicast GS2200-48 User’s Guide 178 The following table describes t he labels in this screen. T able 56 Advanced Application > Multicast > Multicast Setting LABEL DESCRIPTION IGMP Snooping Use these setting s to configure IGMP Snooping. Active Select Act ive to enable IGMP Snooping to forward group multicast traffic only to port[...]
-
Seite 179
Chapter 22 Multicast GS2200-48 User’s Guide 179 22.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the Max Group Num. Enter the number of multicast groups this port is allowed to join. Once a port is registered in the specifie[...]
-
Seite 180
Chapter 22 Multicast GS2200-48 User’s Guide 180 screen as shown. See Section 22.1.4 on page 176 for more information on IG MP Snooping VLAN. Figure 79 Advanced Application > Multicast > Multicast Setting > IGMP Snooping VLAN The following table describes t he labels in this screen. T able 57 Advanced Application > Multicast > Multi[...]
-
Seite 181
Chapter 22 Multicast GS2200-48 User’s Guide 181 22.5 IGMP Filtering Profile An IGMP filter in g profile sp ec if ies a range of multic as t groups th at cl ie nts connected to the Switch are able to join. A profile contains a r ange of multicast IP addresses which you w ant cli ents to be able to join. Profiles are assigned to ports (in the Multi[...]
-
Seite 182
Chapter 22 Multicast GS2200-48 User’s Guide 182 Click Advanced Applications > Multicast > Multicast Setting > IGMP Filtering Profile link to display th e sc re en as shown. Figure 80 Advanced Application > Multicast > Mu lticast Setting > IGMP Filtering Profile The following table describes t he labels in this screen. T able 58 [...]
-
Seite 183
Chapter 22 Multicast GS2200-48 User’s Guide 183 22.6 MVR Overview Multicast VLAN R egist ration (MVR) is designed for applications (such as Media-on- Demand ( MoD)) th at use mul ticast traffi c across an Ethernet ring-based ser vice provider network. MVR allows one single multicast VLAN t o be shared among different subscriber VLANs on the netwo[...]
-
Seite 184
Chapter 22 Multicast GS2200-48 User’s Guide 184 22.6.2 MVR Modes Y ou can set your Switch to operate in either dynamic or compatible mode. In dynamic mode, the Switc h sends IGMP leav e and join reports to the other multicast devices (s uch as multicast routers or serv ers) in the multicast VL AN. This allows the multicast devices to update the m[...]
-
Seite 185
Chapter 22 Multicast GS2200-48 User’s Guide 185 22.7 General MVR Configuration Use the MVR screen to create multicast VL ANs and select the receiv er port(s) and a source port for each multicast VLAN. Click Advanced Applications > Multicast > Multicast Setting > MVR link to disp l ay th e sc reen as shown next. Note: Y ou can create up t[...]
-
Seite 186
Chapter 22 Multicast GS2200-48 User’s Guide 186 Multicast VLAN ID Enter the VLAN ID (1 to 40 94) of the multicast VLAN. 802.1p Priority Select a priority level (0-7) with which the Switch replaces the priority in outgoing IGMP control packets (bel onging to this multicast VLAN). Mode Spe cify the MVR mode on the Switch. Choices are Dynamic and Co[...]
-
Seite 187
Chapter 22 Multicast GS2200-48 User’s Guide 187 22.8 MVR Group Configuration All source ports and receiv er ports belo nging to a multicast group can recei ve multicast data sent to thi s multicast group. Configure MVR IP mul ticast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. Note: A port can [...]
-
Seite 188
Chapter 22 Multicast GS2200-48 User’s Guide 188 22.8.1 MVR Configuration Example The following figure shows a network ex ample where ports 1, 2 and 3 on the Switch bel ong to VLAN 1. In addition, po rt 7 belongs to the mul ticast group with VID 200 to receive multi cast traffic ( the News and Movie channels) from the remote streaming media server[...]
-
Seite 189
Chapter 22 Multicast GS2200-48 User’s Guide 189 T o configure the MVR settings on the S w itch, create a mul ticast group in the MVR screen and set the receiv er and source ports. Figure 86 MVR Configu ration Example T o set the Switc h to forward the multicast group traffic to the subscribers, configure multicast group sett ings in the Group Con[...]
-
Seite 190
Chapter 22 Multicast GS2200-48 User’s Guide 190 following figure shows an exa mpl e where two multicast groups ( News and Movie ) are configured for the multicast VLAN 200. Figure 87 MVR Group Configuration Example Figure 88 MVR Group Configuration Example example example[...]
-
Seite 191
GS2200-48 User’s Guide 191 C HAPTER 23 Authentication & Accounting This chapter describes how to configure au thentication and acco unting settings on the Switch. 23.1 Authentication, Authorization and Accounting Authentication is the process of determin ing who a user is and validating access to the Switch. The Switch can authenticate users [...]
-
Seite 192
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 192 23.1.2 on page 192 ) as external authentication, authorization and accounting servers. Figure 89 AAA Server 23.1.1 Local User Account s By storing user profiles locally on the S wit ch, your Swit ch is able to authenticate and authorize users without inter acting wi th a n[...]
-
Seite 193
Chapter 23 Authentication & Accounting GS2200-48 User’s Guide 193 Click Advanced Application > Auth and Acct in the navigation panel to displa y the screen as shown. Figure 90 Advanced Application > Auth and Acct 23.2.1 RADIUS Server Setup Use this screen to configure yo ur RADIUS server settings. See Section 23.1.2 on page 192 for more[...]
-
Seite 194
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 194 The following table describes t he labels in this screen. T able 62 Advanced Application > Auth and Acct > RADIUS Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure your RADIUS authentication settings. Mode This field only applies if y[...]
-
Seite 195
Chapter 23 Authentication & Accounting GS2200-48 User’s Guide 195 23.2.2 T ACACS+ Server Setup Use this screen to configure yo ur T ACACS+ server settings. See Section 23.1. 2 on page 192 for more information on T ACACS+ se rvers. Click on the TACACS+ Server Setup link in the Authentication and Accountin g screen to view the screen as shown. [...]
-
Seite 196
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 196 The following table describes t he labels in this screen. T able 63 Advanced Application > Auth and Acct > T ACACS+ Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure your T ACACS+ authentication settings. Mode This field is only v ali[...]
-
Seite 197
Chapter 23 Authentication & Accounting GS2200-48 User’s Guide 197 23.2.3 Authentication and Accounting Setup Use this screen to configure authentication and accounting settings on the Swit ch. Click on the Auth and Acct S etup link in the Authentication and Accoun ting screen to view the screen as shown. Figure 93 Advanced Application > Au[...]
-
Seite 198
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 198 The following table describes t he labels in this screen. T able 64 Advanced Application > Auth and Acct > Auth an d Acct Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the Switch. Privilege Enable [...]
-
Seite 199
Chapter 23 Authentication & Accounting GS2200-48 User’s Guide 199 23.2.4 V endor Specific Attribute RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server and a network access d evice (for example, the Switch). A company can create V endor Specific Attributes (VSAs) to expand the function ality of[...]
-
Seite 200
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 200 The Switch supp orts VSAs that allow y ou to perform the following actions b ased on user authentication: • Limit bandwi dth on incoming or outgoing tr affic for the port the user connects to. • Assign acc o un t privile ge levels for the authen ticated u ser . The VSA[...]
-
Seite 201
Chapter 23 Authentication & Accounting GS2200-48 User’s Guide 201 IEEE 802.1x authentication. The port VLAN settings are fixed and untagged. This will also set the port’ s VID . The followin g table describes the values you need to configure. Note that the bolded values in the table are fix ed v alues as defined in RFC 3580. 23.3 Supported [...]
-
Seite 202
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 202 23.3.1.2 Attributes Used to Login Users User-Name User-P assword NAS-Identifier NAS-IP- Address 23.3.1.3 Attributes Used by the IEEE 802.1x Authentication User-Name NAS-Identifier NAS-IP- Address NAS-Port NAS-Port - T ype - This value is se t t o Ethernet(15) on the Switch[...]
-
Seite 203
Chapter 23 Authentication & Accounting GS2200-48 User’s Guide 203 23.3.2.2 Attributes Used for Accounting Exec Event s The attributes are listed in the following table along with the ti me that they are sent (the difference between Console and T elnet/SSH Exec events is that the T elnet/SSH ev ents utilize the Calling- Station-Id at tribute):[...]
-
Seite 204
Chapter 23 Auth en tic at ion & Accoun ting GS2200-48 User’s Guide 204 NAS-P ort DD D Class DD D Called-Station- Id DD D Calling-Station-Id DD D NAS-Identifier DD D NAS-P ort- T ype DD D Acct-S tatus- T ype DD D Acct-Delay - Time DD D Acct-S ession-Id DD D Acct- Authentic DD D Acct- Input-Octets DD Acct-Output -Octets DD Acct-Session- Time DD[...]
-
Seite 205
GS2200-48 User’s Guide 205 C HAPTER 24 IP Source Guard Us e I P s o ur ce g ua r d t o f i lt er unauthorized DHC P and AR P packets in your network. 24.1 IP Source Guard Overview IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in yo ur network. A binding contains these key attribut es:[...]
-
Seite 206
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 206 24.1.1 DHCP Snooping Overview Use DHCP s nooping t o filter u nau th orized DHCP packets on the netwo rk and to build the binding tab le dynamically . This can prevent clients from getting IP addresses from unauthorized DHCP servers. 24.1.1.1 T rusted vs. Untrusted Port s Every port is either[...]
-
Seite 207
Chapter 24 IP Source Guard GS2200-48 User’s Guide 207 Y ou can configure the nam e and location of the file on the external TF TP server . The file has the following format: Figure 94 DHCP Snooping Dat abase File Format The <initial-checksum> helps distinguis h between the bindings in the latest update and the bindings from previous upda te[...]
-
Seite 208
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 208 3 Configure trusted and untrusted ports, an d specify the maximum number of DHCP packets t hat each port can receive per second. 4 Configure static bindings. 24.1.2 ARP Inspection Overview Use ARP inspection to filter unauthorized ARP packets on the network. This can prevent many kinds of man[...]
-
Seite 209
Chapter 24 IP Source Guard GS2200-48 User’s Guide 209 • They ap pe ar only in the ARP Inspection screens and commands, not in the MAC Address Filter screens and commands. 24.1.2.2 T rusted vs. Untrusted Port s Every port is either a trusted port or an untrusted p o rt for A R P inspecti on. Th is setting is independent of the t rusted/untrusted[...]
-
Seite 210
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 210 the bindings by snooping DHCP packets (dynami c bindings) and from informati on provided manually by administr ators (static bindings). T o open this screen, click Advanced Application > IP Source Guard . Figure 96 IP Source Guard The following table describes t he labels in this screen. 2[...]
-
Seite 211
Chapter 24 IP Source Guard GS2200-48 User’s Guide 21 1 new static binding replaces the origin al one. T o open this screen, click Advanced Application > IP Source Guard > Static Binding . Figure 97 IP Source Guard S t atic Binding The following table describes t he labels in this screen. T able 71 IP Source Guard Static Binding LABEL DESCRI[...]
-
Seite 212
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 212 P ort This field displays the port number in the binding. If this field is blank, the binding applies to all ports. Delete Select this, and click Delete to remove the specified entry . Cancel Click this to clear the Delet e check boxes abo ve. T able 71 IP Source Guard Static Binding (continu[...]
-
Seite 213
Chapter 24 IP Source Guard GS2200-48 User’s Guide 213 24.4 DHCP Snooping Use this scre en to look at various statis tics about the DHCP snooping database. T o open this screen, click Advanced Application > IP Source Guard > DHCP Snooping .[...]
-
Seite 214
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 214 Figure 98 DHCP Snooping[...]
-
Seite 215
Chapter 24 IP Source Guard GS2200-48 User’s Guide 215 The following table describes t he labels in this screen. T able 72 DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database. Y ou can con figure them in the DHCP S nooping Configure screen. See Section 24.5 on page 217 . Agent U[...]
-
Seite 216
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 216 Successful transfers This field displays the number of times the Switch read bindings from or updated the bindings in the DHC P snooping database successfully . F ailed transfers This field displays the number of times the Switch was unable to read bindings from or update th e bindings in the[...]
-
Seite 217
Chapter 24 IP Source Guard GS2200-48 User’s Guide 217 24.5 DHCP Snooping Configure Use this screen to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and conf igure the DHCP snooping database. Th e DHCP snooping databa se stores the current bindings on a secure, external TFTP s[...]
-
Seite 218
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 218 The following table describes t he labels in this screen. T able 73 DHCP Snooping Configure LABEL DESCRIPTION Active Select this to enable DHCP snooping on the Switch. Y ou still have to enable DHCP snooping on spec ific VLAN and specify trusted ports. Note: The Switch will drop all DHCP requ[...]
-
Seite 219
Chapter 24 IP Source Guard GS2200-48 User’s Guide 219 24.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are trusted or untrusted ports for DHCP snooping. Note: The Switch will drop all DHCP requests if you enable DHCP snooping and there are no trusted ports. Y ou can also specify the maximum number for DHCP packets t ha[...]
-
Seite 220
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 220 The following table describes t he labels in this screen. 24.5.2 DHCP Snooping VLAN Configure Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP rela y agent option 82 informati on ( Chapt er 29 on page 249 ) to DHCP requ ests that the Swit[...]
-
Seite 221
Chapter 24 IP Source Guard GS2200-48 User’s Guide 221 open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN . Figure 101 DHCP Snooping VLAN Configure The following table describes t he labels in this screen. T able 75 DHCP Snooping VLAN Configure LABEL DESCRIPTION Show VLAN Use this section [...]
-
Seite 222
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 222 24.6 ARP Inspection S t atus Use this screen to look at the current list of MAC address filters that were c reated because the Switch identified an unau thorized ARP pack et. When the Switch identifies an unauthorized ARP packet, it automatically cr eates a MAC addres s filter to block tr aff[...]
-
Seite 223
Chapter 24 IP Source Guard GS2200-48 User’s Guide 223 24.6.1 ARP Inspection VLAN St atus Use this screen to look at various statistics about ARP p ackets in each VL AN. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > VLAN Status . Figure 103 ARP Inspection VL AN S t atus The following table describes[...]
-
Seite 224
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 224 24.6.2 ARP Inspection Log St atus Use this scre en t o look at lo g m es s a g e s th at we re generated by ARP pac kets and that have not been sent to the syslog server yet. T o op en this screen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status . Figure 10[...]
-
Seite 225
Chapter 24 IP Source Guard GS2200-48 User’s Guide 225 24.7 ARP Inspection Configure Use this screen to enable ARP inspection on the Swit ch. Y ou can also configure the length of time the Switch stores reco rds of discarded ARP pack ets and global Sender Mac This field displays the source MAC address of the ARP packet. Sender IP This field displa[...]
-
Seite 226
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 226 settings for the ARP inspection log. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure . Figure 105 ARP Inspection Co nfigure The following table describes t he labels in this screen. T able 79 ARP Inspection Configure LABEL DESCRIPTION A[...]
-
Seite 227
Chapter 24 IP Source Guard GS2200-48 User’s Guide 227 24.7.1 ARP Inspection Port Configure Use this screen to specify whether port s are trusted or untrusted ports for ARP inspection. Y ou can also specify the maximum rate at which the Sw itch receives Log buffer size Enter the maximum number (0-1024) of log messages that were generated by ARP pa[...]
-
Seite 228
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 228 ARP packets on each untrusted po rt. T o open this screen, click Advanc ed Application > IP Source Guard > ARP Inspection > Configure > Port . Figure 106 ARP Inspection Po rt Configure The following table describes t he labels in this screen. T able 80 ARP Inspection Port Configur[...]
-
Seite 229
Chapter 24 IP Source Guard GS2200-48 User’s Guide 229 24.7.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specif y when the Switch gener ates log messages for receiv ing ARP packets from each VLAN. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure[...]
-
Seite 230
Chapter 24 IP Source Gua rd GS2200-48 User’s Guide 230 End VID Enter the highest VLAN ID you w ant to manage in the section below . Apply Click this to display the specified range of VLANs in the section below . VID This field displays the VLAN ID of each VLAN in the r ange specified above. If y ou configure the * VLAN, the settings are applied t[...]
-
Seite 231
GS2200-48 User’s Guide 231 C HAPTER 25 Loop Guard This chapter shows you how to config ure the Swit ch to guard against loops on the edge of your network. 25.1 Loop Guard Overview Loop guard allows you to configure the S w itch to shut down a port if it detects that packets sent out on that port loop back to the Swit ch. While you can use Spannin[...]
-
Seite 232
Chapter 25 Loop Guard GS2200-48 User’s Guide 232 • It will receive its own broadcast messages that it sends out as they lo op back. It will then re-broadcast those messages agai n. The following figure shows port N on switch A connected to switch B . Switch B is in loop state. When broadcast or multi cast packets leav e port N and reach switch [...]
-
Seite 233
Chapter 25 Loop Guar d GS2200-48 User’s Guide 233 port N . The Switch will shut down port N if it detects that the probe packet has returned to the Switch. Figure 1 1 1 Loop Guard - Network Loop Note: After resolving the loop problem on your network you can re-activate the disabled port via the web configurator (se e Section 7.7 on page 73 ) or v[...]
-
Seite 234
Chapter 25 Loop Guard GS2200-48 User’s Guide 234 The following table describes t he labels in this screen. T able 82 Advanced Application > Loop Guard LABEL DESCRIPTION Active Select this option to enable loop guard on the Switch. The Switch generates syslog, internal log messages as well as SNMP traps when it shuts down a port via the loop gu[...]
-
Seite 235
235 P ART IV IP Application Static R outing (237) RIP (239) Differentiated Services ( 241) DHCP (249) VRRP (259)[...]
-
Seite 236
236[...]
-
Seite 237
GS2200-48 User’s Guide 237 C HAPTER 26 Static Routing This chapter shows you how t o configure static routes. 26.1 Configuring S t atic Routing Static routes tell the Switch how to forw ard IP traffic when you configure the TCP/ IP paramet ers manually . Click IP Application > Static Routing in the navigation p anel to display the screen as sh[...]
-
Seite 238
Chapter 26 Static Routing GS2200-48 User’s Guide 238 IP Subnet Mask Enter the subnet mask for this destination. Gateway IP Address Enter the IP address of the gateway . The gateway is an immediate neighbor of your S witch that will forward the pack et to the destination. The gateway must be a rou ter on the same segment as your Switch. Metric The[...]
-
Seite 239
GS2200-48 User’s Guide 239 C HAPTER 27 RIP This chapter shows you how t o configure RIP (R outing Information Protocol). 27.1 RIP Overview RIP (Routing Information Protocol) allows a routin g d ev ice to exchan ge routing information with other routers. The Direction f ield control s the se nding an d receiving of RIP pack ets. When set to: • B[...]
-
Seite 240
Chapter 27 RIP GS2200-48 User’s Guide 240 automatically created when you configure a new IP domain in the IP Setup screen (refer to Section 7.6 on page 71 ). Figure 1 14 IP Application > RIP The following table describes t he labels in this screen. T able 84 IP Application > RIP LABEL DESCRIPTION Active Select this check box to enable RIP o[...]
-
Seite 241
GS2200-48 User’s Guide 241 C HAPTER 28 Differentiated Services This chapter shows you how to conf igure Di fferentiated Services (DiffServ) on the Swit ch . 28.1 DiffServ Overview Quality of Service (QoS) is used to prioriti ze source-to-destination tr affic flows. All packets in t he flow are g ive n the same priori ty . Y ou can use CoS (class [...]
-
Seite 242
Chapter 28 Differe ntiated Services GS2200-48 User’s Guide 242 kinds of tr affic can be marked fo r di fferent p riorities of forw arding. Resources c an then be allocated according to the DSCP v alues and the configured policies. 28.1.2 DiffServ Network Example The following figure depicts a DiffServ netw ork consisting of a group of directly co[...]
-
Seite 243
Chapter 28 Differentiated Services GS2200-48 User’s Guide 243 specifies the a verag e rate at which packets are admitted to the network. The PIR is greater than or equal to the CIR. CIR and PIR v alues are based on the guaranteed and maximum bandwidth respectiv e ly as negotiated between a service provider and client. T wo Rate Three Color Marker[...]
-
Seite 244
Chapter 28 Differe ntiated Services GS2200-48 User’s Guide 244 decrease it. P ackets that have been previo usly marked red or yellow can only be marked with an equal or higher pack et loss priority . P a ck ets marked red (high packet loss priority) continue to be red without eval uation against the PIR or CIR . P ack et s marked yel low can only[...]
-
Seite 245
Chapter 28 Differentiated Services GS2200-48 User’s Guide 245 The following table describes t he labels in this screen. 28.3.1 Configuring 2-Rate 3 Color Marker Settings Use this screen to configur e TR TCM settings. Click the 2-rat e 3 Color Marker link in the DiffServ screen to display the screen as shown next . T able 85 IP Application > Di[...]
-
Seite 246
Chapter 28 Differe ntiated Services GS2200-48 User’s Guide 246 Note: Y ou cannot enable both TR TCM and Bandwid th Control at the same time. Figure 120 IP Ap plication > DiffServ > 2-rate 3 Color Marker The following table describes t he labels in this screen. T able 86 IP Application > DiffServ > 2-r ate 3 Color Marker LABEL DESCRIPT[...]
-
Seite 247
Chapter 28 Differentiated Services GS2200-48 User’s Guide 247 28.4 DSCP-to-IEEE 802.1p Priority Settings Y ou can configure the DSCP to IEEE 802.1p mapping to allow the Swit ch to prioritize all tr affi c based on the incoming DSCP v alue according to the DiffServ to IEEE 802.1p mapping table. The following table shows the de fault DSCP-to- IEEE8[...]
-
Seite 248
Chapter 28 Differe ntiated Services GS2200-48 User’s Guide 248 28.4.1 Configuring DSCP Settings T o change the DSCP-IEEE 802. 1p mapping, click the DSCP Setting link in the DiffServ screen to display the screen as shown next. Figure 121 IP Ap plication > DiffServ > DSCP Setting The following table describes t he labels in this screen. T abl[...]
-
Seite 249
GS2200-48 User’s Guide 249 C HAPTER 29 DHCP This chapter shows you how t o configure the DHCP feature. 29.1 DHCP Overview DHCP (Dynamic Host Configur ation Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP conf iguration at start-up from a server . Y ou can configure the Switch as a DHCP se rver or a DHCP rela y agent. [...]
-
Seite 250
Chapter 29 DHCP GS2200-48 User’s Guide 250 • VLAN - The Switch is configured on a VLAN by VLAN basis. The Switch can be configured as a DHCP server for one VLAN and at the same time the Switch can be configured to relay DHCP requests for clients in another VLAN. 29.2 DHCP S t atus Click IP Application > DHCP in the na vigation panel. The DHC[...]
-
Seite 251
Chapter 29 DHCP GS2200-48 User’s Guide 251 this screen to view detail s regarding DH CP server set tings conf igured on the Swit ch . Figure 123 IP Application > DHCP > DHCP Server S tatus Detail The following table describes t he labels in this screen. T able 90 IP Application > DHCP Server Status Detail LABEL DESCRIPTION Start IP Addre[...]
-
Seite 252
Chapter 29 DHCP GS2200-48 User’s Guide 252 29.4 DHCP Relay Configure DHCP relay on the Switch if the DHCP client s and the DHCP server are not in the same broadcast domain. During the initi al IP address leasing, the Switch helps to relay network information (such as t he IP address and subnet mask) between a DHCP client and a DHCP se rver . Once[...]
-
Seite 253
Chapter 29 DHCP GS2200-48 User’s Guide 253 29.4.2 Configuring DHCP Global Relay Configure global DHCP relay in the DHCP Relay screen. Click IP Application > DHCP in the navigation panel and click the Global link to display the scre en as shown. Figure 124 IP Application > DHCP > Global The following table describes t he labels in this sc[...]
-
Seite 254
Chapter 29 DHCP GS2200-48 User’s Guide 254 29.4.3 Global DHCP Relay Configuration Example The follow figure shows a network exampl e where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server that services the DHCP clients in both domains. Figure 125 Global DHCP Relay Network Example Configure t[...]
-
Seite 255
Chapter 29 DHCP GS2200-48 User’s Guide 255 29.5 Configuring DHCP VLAN Settings Use this screen to configure your DHCP se ttings based on the VLAN domain of the DHCP clients. Cl ick IP Application > DHCP in the navigation panel, then click the VLAN link In the DHCP Status screen that displays. Note: Y ou must set up a management IP address for [...]
-
Seite 256
Chapter 29 DHCP GS2200-48 User’s Guide 256 Server Use this section if you want to conf igure the Switch to function as a DHCP server for this VLAN. Client IP P ool Starting Address Specify the first of the contiguous addresses in the IP address pool. Size of Client IP P ool Specify the size, or count of the IP address pool. The S witch can issue [...]
-
Seite 257
Chapter 29 DHCP GS2200-48 User’s Guide 257 29.5.1 Example: DHCP Relay for T wo VLANs The following example dis plays two VLANs (VIDs 1 and 2) for a campus network. T wo DHCP servers are installed to serve each VLAN. The system is set up to forward DHCP request s from the dormitor y rooms (VLAN 1) to the DHCP server with an IP address of 192.168.1[...]
-
Seite 258
Chapter 29 DHCP GS2200-48 User’s Guide 258 For the example netw ork, configure the VLAN Setting screen as shown. Figure 129 DHCP Relay for T wo VLANs Configuration Example example[...]
-
Seite 259
GS2200-48 User’s Guide 259 C HAPTER 30 VRRP This chapter shows you how t o configure and monitor the Virtual R outer Redundancy Protocol (VRRP) on the S witch. 30.1 VRRP Overview Each host on a network is configured to send packets t o a statically configured default gateway (this S w i tch). The default gateway can become a s ingle point of fail[...]
-
Seite 260
Chapter 30 VRRP GS2200-48 User’s Guide 260 default gateway . If switch A has a higher priority , it is the master router . Switch B , having a lower priority , is the backup router . Figure 130 VRRP: Example 1 If switch A (the master router) is unav ailable, switch B takes ov er . T raffic is then processed by switch B . 30.2 VRRP S t atus Click [...]
-
Seite 261
Chapter 30 VR RP GS2200-48 User’s Guide 261 30.3 VRRP Configuration The following sections describe the different parts of the VRRP Configur ation screen. 30.3.1 IP Interface Setup Before configuring VRRP , first create an IP interface (or routing domain) in the IP Setup screen (see the Section 7.6 on page 71 for more in formation). Click IP Appl[...]
-
Seite 262
Chapter 30 VRRP GS2200-48 User’s Guide 262 Note: Routing domains with the sa me VLAN ID are not displayed in the t able indicated. Figure 132 IP Ap plication > VRRP Configuration > IP Interface The following table describes t he labels in this screen. T able 95 IP Application > VRRP Configuration > IP Interface LABEL DESCRIPTION Index[...]
-
Seite 263
Chapter 30 VR RP GS2200-48 User’s Guide 263 30.3.2 VRRP Parameters This section describes the VRRP parameters. 30.3.2.1 Advertisement Interval The master router sends out Hel lo message s to let the ot her backup routers know that it is still up and running. The time interv al between sending the Hello messages is the advertisement interv al. By [...]
-
Seite 264
Chapter 30 VRRP GS2200-48 User’s Guide 264 30.3.3 Configuring VRRP Parameters After you set up an IP interface, co nfigure the VRRP par ameters in the VRRP Configuration screen. Figure 133 IP Ap plication > VRRP Configuration > VRRP Parameters The following table describes t he labels in this screen. T able 96 IP Application > VRRP Confi[...]
-
Seite 265
Chapter 30 VR RP GS2200-48 User’s Guide 265 30.3.4 Configuring VRRP Parameters View the VRRP configur ation summary at the bottom of the screen. Figure 134 VRRP Configuration: Summary The following table describes t he labels in this screen. 30.4 VRRP Configuration Examples The following sections show two VRRP configuration examples on the Switch[...]
-
Seite 266
Chapter 30 VRRP GS2200-48 User’s Guide 266 30.4.1 One Subnet Network Example The figure below shows a simple VR RP network with only one virtual router VR1 (VRID =1) and tw o switches . The network is connected to the W AN via an uplink gatewa y G (172.21.1.100). The host computer X is set to use VR1 as the default gateway . Figure 135 VRRP Confi[...]
-
Seite 267
Chapter 30 VR RP GS2200-48 User’s Guide 267 After configuring and saving the VRRP config uration, the VRRP Status screens for both switches are shown next. Figure 138 VRRP Example 1: VRRP S tatus on Switch A Figure 139 VRRP Example 1: VRRP S tatus on Switch B 30.4.2 T wo Subnet s Example The following figure depicts an exampl e in which two swit [...]
-
Seite 268
Chapter 30 VRRP GS2200-48 User’s Guide 268 VR1 (refer to Section 30.4.2 on page 267 ). Configure the VRRP par ameters on the switches as shown in the fi gures below . Figure 141 VRRP Example 2: VRRP Paramet e r Settings for VR2 on Switch A Figure 142 VRRP Example 2: VRRP Paramet e r Settings for VR2 on Switch B After configuring and saving the VR[...]
-
Seite 269
269 P ART V Management Maintenance (271) Access Control (279) Diagnostic (299) Syslog (301) Cluster Management (305) MAC T able (313) IP T able (317) ARP T able (321) Routi ng T able (323) Configure Clone (325)[...]
-
Seite 270
270[...]
-
Seite 271
GS2200-48 User’s Guide 271 C HAPTER 31 Maintenance This chapter explains how to configure the mainte nance screens that let you maintain the firmware and configur ation files. 31.1 The Maintenance Screen Use this screen to manage firmware and yo ur confi gur ation files. Click Management > Maintenance in the navigation panel to open the follow[...]
-
Seite 272
Chapter 31 Maintenance GS2200-48 User’s Guide 272 31.2 Load Factory Default Follow the steps below to rese t the Switch bac k to th e fa ctory defau lts. 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear all Switch c onfigur ation i nformation y ou configured and return to the factory de faults. 2 Clic[...]
-
Seite 273
Chapter 31 Maintenance GS2200-48 User’s Guide 273 31.3 Save Configuration Click Config 1 to sav e the current configur ation settings permanently to Configuration 1 on the Switch. Click Config 2 to sav e the current configur ation settings to Configuration 2 on the Switch. Alternativel y , click Save on the top right-hand corner in any screen to [...]
-
Seite 274
Chapter 31 Maintenance GS2200-48 User’s Guide 274 Be sure to upload the correct m odel firmware as uploading the wrong model firmware m ay damage your device. From the Maintenance screen, display the Firmware Upgrade screen as shown next. Figure 148 Mana gement > Maintenance > Firmware Upgrade T ype the path and file name of t he firmware f[...]
-
Seite 275
Chapter 31 Maintenance GS2200-48 User’s Guide 275 31.7 Backup a Configuration File Backing up your S witch configur ations allo ws you to create various “snapshots” of your device from which you ma y restore at a later date. Back up your c urrent Switch confi guratio n to a computer using the Backup Configuration screen. Figure 150 Management[...]
-
Seite 276
Chapter 31 Maintenance GS2200-48 User’s Guide 276 Z yNOS (Z yXEL Network Operating System, so meti mes referred to as the “r as” file) is the system firmware and ha s a “bin” filename extension. 31.8.1.1 Example FTP Commands ftp> put firmware.bin ras This is a sample FTP session showing the tr ansfer of the computer file "firmware[...]
-
Seite 277
Chapter 31 Maintenance GS2200-48 User’s Guide 277 6 Use put to tr ansfer files from the computer to the Swit ch, for example, pu t firmware.bin ras transfers the firmware on your computer (firmware.bin) to the Switch and renames it to “r as” . Similarly , put config.cfg config tr ansfers the configuration fi le on your co mputer (con fi g.cfg[...]
-
Seite 278
Chapter 31 Maintenance GS2200-48 User’s Guide 278[...]
-
Seite 279
GS2200-48 User’s Guide 279 C HAPTER 32 Access Control This chapter describes how to c ontrol access to the Sw itch. 32.1 Access Control Overview A console port and FTP are allowed one se ssion ea ch , T elnet and SSH share nine sessions, up to fiv e W eb sessions (five di fferent usernames and passwords) and/or limitless SNMP access control sessi[...]
-
Seite 280
Chapter 32 Access Control GS2200-48 User’s Guide 280 32.3 About SNMP Simple Network Manageme nt Protocol (SNM P) is an application layer protocol used to manage and monitor T CP/IP-based devices. SNMP is used to exchange management information between the network manage ment system (NMS) and a network element (NE). A manager station can manage an[...]
-
Seite 281
Chapter 32 Access Control GS2200-48 User’s Guide 281 SNMP itself is a simple request /respon se protocol based on the manager/agent model. The manager issues a request an d the agent returns responses using t he following protocol operations: 32.3.1 SNMP v3 and Security SNMP v3 enhances security for SNMP management. SNMP managers can be required [...]
-
Seite 282
Chapter 32 Access Control GS2200-48 User’s Guide 282 32.3.3 SNMP T raps The Switch se nds traps to an SNMP mana ger when an e vent occurs. The following tables outline the SNMP traps by category . An OID (Object ID) th at begins with “ 1.3.6.1.4.1.890.1.5. 8. ” is defined in privat e MIBs. Otherwis e, it is a st and a rd MIB OID. T able 103 S[...]
-
Seite 283
Chapter 32 Access Control GS2200-48 User’s Guide 283 intrusionlo ck IntrusionLockEventOn 1.3.6.1.4.1.890.1.5.8. 53.3 7.2.1 This trap is sent when intrusion lock occurs on a port. loopguard LoopguardEventOn 1.3.6.1.4.1 .890.1.5.8.53.3 7.2.1 This tr ap is sent when loopguard shuts down a port. T able 103 SNMP System Traps (continued) OPTION OBJECT [...]
-
Seite 284
Chapter 32 Access Control GS2200-48 User’s Guide 284 accounting RADIUSAcctNotR eachable EventOn 1.3.6.1.4.1.890.1 .5.8.53.3 7.2.1 This trap is sent when there is no response message from the RADIUS accounting server . RADIUSAcctNotR eachable EventClear 1.3.6.1.4.1.890.1 .5.8.53.3 7.2.2 This trap is sent when the RADIUS accounting server can be re[...]
-
Seite 285
Chapter 32 Access Control GS2200-48 User’s Guide 285 32.3.4 Configuring SNMP From the Access Control screen, display the SNMP screen. Y ou can click Ac cess Control to go back to the Access Control screen. Figure 153 Management > Access Control > SNMP rmon RmonRisingAlarm 1.3.6.1.4.1.890. 1.5.1.1.16 .0.1 This trap is sent when a v ariable g[...]
-
Seite 286
Chapter 32 Access Control GS2200-48 User’s Guide 286 The following table describes t he labels in this screen. T able 108 Management > Access Control > SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) val ue s . V ersion Select the SNMP version for the Switch. The SNMP version on t[...]
-
Seite 287
Chapter 32 Access Control GS2200-48 User’s Guide 287 Security Level Select whether you w ant to implemen t authentication and/or encryption for SNMP communication from this user . Choose: • noauth -to use the username as the password string to send to the SNMP manager . This is equiv ale nt to the Get, Set and T rap Community in SNMP v2c. This [...]
-
Seite 288
Chapter 32 Access Control GS2200-48 User’s Guide 288 32.3.5 Configuring SNMP T rap Group From the SNMP screen, click Trap Group to view the screen as shown. Use the Trap Grou p screen to specify the t ypes of SNMP trap s that should be sent to each SNMP manager . Figure 154 Management > Access Control > SNMP > Trap Group The following ta[...]
-
Seite 289
Chapter 32 Access Control GS2200-48 User’s Guide 289 • An administr ator is someone who can both view and configure Switch c hanges. The username for the Administrator is alwa ys admin . The default administrator password is 1234 . Note: It is highly recommended t hat you change the default administrator p assword ( 1234 ). • A non-administr [...]
-
Seite 290
Chapter 32 Access Control GS2200-48 User’s Guide 290 32.4 SSH Overview Unlike T elnet or FTP , which transmi t data in clear text, SSH (Secure Shell) is a secure communication protocol that combin es authentication and data encryption to provide secure encrypted communication bet ween two hosts over an unsecured network. Figure 156 SSH Communicat[...]
-
Seite 291
Chapter 32 Access Control GS2200-48 User’s Guide 291 32.5 How SSH works The following table summarizes how a secure connection is established between two remot e hosts. Figure 157 How SSH W orks 1 Host Identificat io n The SSH client send s a connection request to the SSH server . The server identifies itself with a host k ey . The client encrypt[...]
-
Seite 292
Chapter 32 Access Control GS2200-48 User’s Guide 292 3 Authentication and Data T r ansmission After the identification is verified and data encrypt ion activ ated, a secure tunnel is established between the client and th e serv er . The client then sends its authentication information (u ser name and password) to th e server to log in to the serv[...]
-
Seite 293
Chapter 32 Access Control GS2200-48 User’s Guide 293 1 HT TPS connection requests from an SSL - aware web browser go to port 443 (by default) on the Switch’ s WS (web server). 2 HT TP connection requests fr om a web brow ser go t o port 80 (by default) on the Switch’ s WS (web server). Figure 158 HTTPS Implement ation Note: If you disable HTT[...]
-
Seite 294
Chapter 32 Access Control GS2200-48 User’s Guide 294 Y ou see the following Security Al ert screen in Internet Explorer . Select Yes to proceed to the web configurator login screen; if you select No , then web configur ator access is block ed. Figure 159 Security Aler t Dialog Box (Internet Explorer) 32.8.2 Net scape Navigator W arning Messages W[...]
-
Seite 295
Chapter 32 Access Control GS2200-48 User’s Guide 295 Select Accept this certificate permanently to import the S witch’ s certificate into the SSL client. Figure 160 Security Certificate 1 (Net scape) Figure 161 Security Certificate 2 (Net scape) example example[...]
-
Seite 296
Chapter 32 Access Control GS2200-48 User’s Guide 296 32.8.3 The Main Screen After you accept the certifi cate and ente r the login username and password, the Switch main screen appears. The l ock displayed in t he bottom right of the browser status bar denotes a secure connection. Figure 162 Example: Lock Denoting a Secure Conn ection 32.9 Servic[...]
-
Seite 297
Chapter 32 Access Control GS2200-48 User’s Guide 297 computer(s)” for each service in the Remote Management screen (discussed later). Cli c k Access Control to go back to the main Access Control scre en. Figure 163 Manageme nt > Access Control > Service Access Control The following table describes t he fields in this screen. 32.10 Remote [...]
-
Seite 298
Chapter 32 Access Control GS2200-48 User’s Guide 298 Y ou can specify a group of one or more “trusted computers” from which an administr ator may use a service to manage the Sw itch. Click Access Control to return to the Access Control screen. Figure 164 Management > Access Control > Remote Management The following table describes t he [...]
-
Seite 299
GS2200-48 User’s Guide 299 C HAPTER 33 Diagnostic This chapter explains the Diagnostic screen. 33.1 Diagnostic Click Management > Diagnostic in the naviga tion panel to open thi s screen. Us e this screen to check sys tem logs, ping IP addresses or perf orm port tests. Figure 165 Manageme nt > Diagnostic[...]
-
Seite 300
Chapter 33 Diagnostic GS2200-48 User’s Guide 300 The following table describes t he labels in this screen. T able 1 13 Management > Diag nostic LABEL DESCRIPTION System Log Click Display to display a log of ev ents in the multi-line text box. Click Cl ear to empty the text box and reset the syslog entry . IP Ping T ype the IP addre ss of a dev[...]
-
Seite 301
GS2200-48 User’s Guide 301 C HAPTER 34 Syslog This chapter explains the syslog screens. 34.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to sy s lo g servers that col l e ct the event messages. A sys log-enabled device can generate a syslog message and send it to a syslog server . Sy[...]
-
Seite 302
Chapter 34 Sy slog GS2200-48 User’s Guide 302 34.2 Syslog Setup Click Management > Syslog in the navigation panel to displa y this screen. The syslog feature sends logs to an external sy slog serv er . Use this screen to configure the device’ s system logging set tings. Figure 166 Manageme nt > Syslog The following table describes t he la[...]
-
Seite 303
Chapter 34 Syslog GS2200-48 User’s Guide 303 34.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to open the following screen. Use this s creen to configure a list of external syslog servers . Figure 167 Manageme nt > Syslog > Server Setup The following table describes t he labels in this screen. T able 1 16 Manag[...]
-
Seite 304
Chapter 34 Sy slog GS2200-48 User’s Guide 304[...]
-
Seite 305
GS2200-48 User’s Guide 305 C HAPTER 35 Cluster Management This chapter introduces cluster management. 35.1 Clustering Management S t atus Overview Cluster Management allows you to manage switc hes through one Switch, call ed the cluster manager . The switches must be directly connected and be in the same VLAN group so as to be able to communicate[...]
-
Seite 306
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 306 In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are clust er members. Figure 168 Clustering App lication Example 35.2 Cluster Management S t atus Click Management > Clus ter Management in the navigati[...]
-
Seite 307
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 307 The following table describes t he labels in this screen. 35.2.1 Cluster Member Switch Management Go to the Clustering Management St atus screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web config[...]
-
Seite 308
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 308 configurator home page and the home pa ge that you'd see if y ou accessed it directly are different. Figure 170 Cluster Management: Clu ster Mem ber Web Configurator Screen[...]
-
Seite 309
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 309 35.2.1.1 Uploading Firmware to a Cluster Member Switch Y ou can use F TP to upload firmware to a cluster member switch through the cluster manager swi tch as sh own in the following example. Figure 171 Example: Uploading Firmware to a Cluster Memb er Switch The following table explains s[...]
-
Seite 310
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 310 35.3 Clustering Management Configuration Use this screen to configure clustering management. Click Configuration from the Cluster Management screen t o display the next screen. Figure 172 Manageme nt > Clustering Management > Configuration The following table describes t he labels [...]
-
Seite 311
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 31 1 VID This is the VLAN ID and is only applicable if the Switch is set to 802.1Q VLAN. All switches must be directly connected and in the same VLAN group to belong to the same cluster . Switches that are not in the same VLAN group are not visible in the Clustering Cand idates list. This fi[...]
-
Seite 312
Chapter 35 Clust er Managem en t GS2200-48 User’s Guide 312[...]
-
Seite 313
GS2200-48 User’s Guide 313 C HAPTER 36 MAC Table This chapter introduces the MAC Table sc reen. 36.1 MAC T able Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forw arded or fil tered ac ross the Switch’ s ports. When a device (which may belong to a VLAN group) sends a packet which is forw [...]
-
Seite 314
Chapter 36 M AC Ta b le GS2200-48 User’s Guide 314 • If the Switch has already learned the port for this MAC address , but the destination port is the same as the port it came in on, then it filters the fr ame. Figure 173 MAC T able Flowchart 36.2 V iewing the MAC T able Click Management > MAC Table in the navigation panel to dis play the f [...]
-
Seite 315
Chapter 36 MAC Table GS2200-48 User’s Guide 315 MAC Address This is the MAC address of the device from which this incoming frame came. VID This is the VLAN group to which this frame belongs. P ort This is the port from which the above MAC address w as learned. T ype This shows whether the MAC address is dynamic (learned by the S witch) or static [...]
-
Seite 316
Chapter 36 M AC Ta b le GS2200-48 User’s Guide 316[...]
-
Seite 317
GS2200-48 User’s Guide 317 C HAPTER 37 IP Table This chapter introduces the IP ta ble. 37.1 IP T able Overview The IP Table screen shows how packet s are forwarded or f iltered across the Switch’ s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch , the IP address of the device is [...]
-
Seite 318
Chapter 37 IP Table GS2200-48 User’s Guide 318 • If the Switch has already learned the port for this IP address, but the destination port is the same as the port it came in on, then it fi lters the packet. Figure 175 IP T able Flowchart 37.2 V iewing the IP T able Click Management > IP Table i n the na vigation panel to display the followi n[...]
-
Seite 319
Chapter 37 IP Table GS2200-48 User’s Guide 319 VID This is the VLAN group to which the packet belongs. P ort This is the port from which the abov e IP address was learned. This field displays CPU to indicate the IP addre ss belongs to the Switch. T ype This shows whether the IP address is dynamic (learned by the Switch) or static (belonging to th[...]
-
Seite 320
Chapter 37 IP Table GS2200-48 User’s Guide 320[...]
-
Seite 321
GS2200-48 User’s Guide 321 C HAPTER 38 ARP Table This chapter introduces ARP T able. 38.1 ARP T able Overview Address Resolution Protocol (ARP) is a pr otocol for mapping an Internet Protocol address (IP address) to a physi c al machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) addr[...]
-
Seite 322
Chapter 38 ARP Tab le GS2200-48 User’s Guide 322 38.2 V iewing the ARP T able Click Management > ARP Table in t he navigation panel to open the following screen. Use the ARP table to view IP-to-MAC address mapping(s). Figure 177 Management > ARP T able The following table describes t he labels in this screen. T able 123 Management > ARP [...]
-
Seite 323
GS2200-48 User’s Guide 323 C HAPTER 39 Routing Table This chapter introduces the routing table. 39.1 Overview The routing table contains the rout e information to the network(s) that the Switch can reach. The Switch automatically u pdates the routing table with the RIP information received from other Ethernet devices. 39.2 V iewing the Routing T [...]
-
Seite 324
Chapter 39 Rou tin g Ta b l e GS2200-48 User’s Guide 324[...]
-
Seite 325
GS2200-48 User’s Guide 325 C HAPTER 40 Configure Clone This chapter shows you how y ou can copy the settings of one port onto other ports. 40.1 Configure Clone Cloning allows yo u to copy the basic and adv anced settings from a source port to a destination port or ports. Click Manage ment > Configure Clone to open the following screen. Figure [...]
-
Seite 326
Chapter 40 Con fig ur e Clo ne GS2200-48 User’s Guide 326 The following table describes t he labels in this screen. T able 125 Management > Configure Clone LABEL DESCRIPTION Source/ Destination Po r t Enter the source port under the Sourc e label. This port’s attributes are copied. Enter the destination port or ports under the Destination la[...]
-
Seite 327
327 P ART VI Product S p ecifications Product Specifications (329)[...]
-
Seite 328
328[...]
-
Seite 329
GS2200-48 User’s Guide 329 C HAPTER 41 Product Specifications The following tables summarize the Swit ch’ s hardware and firmw are feat ures. T able 126 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Standard 19” rack mountable 438 mm (W) x 310 mm (D) x 44.45 mm (H) W eight 4.9 Kg P ower Specification AC: 100 - 240 VAC 50/60 Hz [...]
-
Seite 330
Chapter 41 Product Specifications GS2200-48 User’s Guide 330 LEDs Main switch: BPS, PWR, SYS, ALM, Per Gigabit port: Green: 1000 Mbps Amber: 100 Mbps Per m ini-GBIC port: LNK, ACT Operating Environment T emperature: 0º C ~ 45º C (32º F ~ 113º F) Humidity: 10 ~ 90% (non-condensing) Storage Environment T emperature: -10º C ~ 70º C (14º F ~ 1[...]
-
Seite 331
Chapter 41 Product Specifications GS2200-48 User’s Guide 331 MAC Address Filter Filter tr affic based on the source and/or destination MAC address and VLAN group (ID). DHCP (Dynamic Host Configuration Protocol) Use this feature to have the S witch assign IP addresses, an IP default gateway and DNS servers to computers on your network. IGMP Snoopi[...]
-
Seite 332
Chapter 41 Product Specifications GS2200-48 User’s Guide 332 STP (Spanning T ree Protocol) / RSTP (R apid STP) (R)STP detects and breaks network loops and provides backup links between switches, bridges or route rs. It allows a Switch to interact with other (R)STP -compliant switches in you r network to ensure that only one path exists between an[...]
-
Seite 333
Chapter 41 Product Specifications GS2200-48 User’s Guide 333 T able 128 Switching Specifications Layer 2 Fea t ur e s Bridging 8K MA C addresses Static MAC address filtering by source/destination Broadcast storm control Static MAC address forwarding Switching Throughput: • 1488000 pps for 1000Base- T 64byte packet • 148800 pps for 100Base- TX[...]
-
Seite 334
Chapter 41 Product Specifications GS2200-48 User’s Guide 334 The following list, which is not exhaust ive , illust rates the standards supported in the Switch. Layer 3 Fea t ur e s IP Capability IPV4 support 64 IP routing domains 256 IP address table Wire speed IP forwarding Ro ut i n g protocols RIP-V1/V2 Static Routing VRRP IP services DHCP rel[...]
-
Seite 335
Chapter 41 Product Specifications GS2200-48 User’s Guide 335 RFC 2698 T wo Rate Three Color Marker (TR T CM) RFC 2865 RADIUS - V endor Specific Attribute RFC 2674 P-BRIDGE-MIB, Q-BRIDGE-MIB RFC 3046 DHCP Relay RFC 3164 Syslog RFC 3376 Internet Group Management Protocol, V ersion 3 RFC 3414 User-based Security Model (USM) for version 3 of the Simp[...]
-
Seite 336
Chapter 41 Product Specifications GS2200-48 User’s Guide 336[...]
-
Seite 337
337 P ART VII Appendices and Index Legal Information (339) Index (343)[...]
-
Seite 338
338[...]
-
Seite 339
GS2200-48 User’s Guide 339 A PPENDIX A Legal Information Copyright Copyright © 2009 by Z yXEL Communications Corpor ation. The contents of this publication ma y not be reproduced in any part or as a whole, transcrib ed, stored in a retriev al syst em, tr anslated into an y language , or transmitted in an y form or by any me ans, electronic, mech[...]
-
Seite 340
Appendix A Leg al In fo rm at ion GS2200-48 User’s Guide 340 • This dev ice m u st accept any in terferen ce received, including interference that may cause undesired operations. FCC W arning This device has been tested and found to comply with the limits for a Clas s A digital switch, pursuant to Part 15 of the FCC Rules . These limits are des[...]
-
Seite 341
Appendix A Legal Information GS2200-48 User’s Guide 341 Viewing Certifications 1 Go to http://www . zyxel.com . 2 Select your prod uct on the Z yXEL home page to go to that product's page. 3 Select the certification y ou wish to view from this page. ZyXEL Limited W arranty Z yXEL warr ants to the original end user (p urchaser) that this pr o[...]
-
Seite 342
Appendix A Leg al In fo rm at ion GS2200-48 User’s Guide 342[...]
-
Seite 343
Index GS2200-48 User’s Guide 343 Index Numerics 802.1P priority 75 A access control limitations 279 login account 288 remote management 297 service port 296 SNMP 280 accounting setup 197 address learning, MAC 89 , 92 Address R esolution Protocol (ARP) 321 , 325 , 326 administrator password 289 age 11 7 aggregator ID 134 , 135 aging time 69 applic[...]
-
Seite 344
Index GS2200-48 User’s Guide 344 switch models 305 VID 31 1 web config urator 307 cluster manager 305 cluster member 305 command interface 26 Common and Internal Spanning T ree (CIST) 107 Common and Internal Spanning T ree, See CIST 109 configuration 238 change running config 273 configuration file 49 backup 275 restore 49 , 274 saving 273 config[...]
-
Seite 345
Index GS2200-48 User’s Guide 345 file names 275 filtering 103 rules 103 filtering database, MAC table 313 firmware 64 upgrade 273 , 309 flow control 74 back pressure 74 IEEE802.3x 74 forwarding delay 11 7 frames tagged 88 untagged 88 front panel 33 FTP 26 , 275 file transfer procedure 276 restrictions over W AN 277 G GARP 80 GARP (Generic Attribu[...]
-
Seite 346
Index GS2200-48 User’s Guide 346 L LACP system priority 136 timeout 136 layer 2 features 333 layer 3 features 334 LEDs 38 limit MAC address learning 147 link aggregation 131 dynamic 131 ID information 132 setup 134 , 135 status 133 lockout 48 log 300 login 41 password 47 login account Administrator 289 non-administr ator 289 login accounts 288 co[...]
-
Seite 347
Index GS2200-48 User’s Guide 347 hello time 11 7 Max Age 120 max age 11 7 max hops 11 7 MST region 108 network example 107 path cost 11 8 port priority 11 8 revision level 11 7 MSTP (Multiple Spanning T ree Protocol) 105 MTU (Multi- T enant Unit) 68 multicast 175 802.1 priority 178 and IGMP 175 IP addresses 175 overview 175 setup 177 , 178 multic[...]
-
Seite 348
Index GS2200-48 User’s Guide 348 and IEEE 802.1Q tagging 91 example 94 hexadecimal notation for protocols 90 , 93 isolate traffic 91 priority 90 , 93 PVID 80 , 88 PVID (Priority Frame) 80 Q QoS 333 and classifier 149 queue weight 166 queuing 165 SPQ 166 WFQ 166 WRR 166 queuing method 165 , 168 R RADIUS 192 advantages 192 and authentication 192 Ne[...]
-
Seite 349
Index GS2200-48 User’s Guide 349 implementation 292 SSH (Secure Shell) 290 SSL (Secure Socket Layer) 292 standby ports 132 static bindings 205 static MAC address 99 static MAC forwarding 89 , 92 , 99 static routes 237 , 238 static trunking example 136 Static VLAN 84 static VLAN control 86 tagging 86 status 42 , 58 LED 38 link aggregation 133 port[...]
-
Seite 350
Index GS2200-48 User’s Guide 350 T unnel Protocol Attribute, and RADIUS 200 T wo Rate Three Color Marker (TR T CM) 242 T wo Rate Three Color Marker , see TR TCM 242 Ty p e o f S e r v i c e ( To S ) 241 U untrusted ports ARP inspection 209 DHCP snooping 206 user profiles 192 V V endor Specific Attribute See VSA ventilation holes 29 VID 72 , 79 , [...]
-
Seite 351
Index GS2200-48 User’s Guide 351 WRR (W eighted R ound Robin Scheduling 166 Z Z y NOS (Z yXEL Network Oper ating S ystem) 276[...]
-
Seite 352
Index GS2200-48 User’s Guide 352[...]