ZyXEL Communications GS-4012F manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of ZyXEL Communications GS-4012F, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of ZyXEL Communications GS-4012F one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of ZyXEL Communications GS-4012F. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of ZyXEL Communications GS-4012F should contain:
- informations concerning technical data of ZyXEL Communications GS-4012F
- name of the manufacturer and a year of construction of the ZyXEL Communications GS-4012F item
- rules of operation, control and maintenance of the ZyXEL Communications GS-4012F item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of ZyXEL Communications GS-4012F alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of ZyXEL Communications GS-4012F, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the ZyXEL Communications service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of ZyXEL Communications GS-4012F.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the ZyXEL Communications GS-4012F item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    www .zyxel.com GS-4012F/4024 Intelligent Layer 3+ Switch User ’ s Guide Ve r s i o n 3 . 8 6/2007 Edition 1 DEFAULT LOGIN IP Address http://1 92 .168.1.1 User Name admin Password 1234[...]

  • Page 2

    [...]

  • Page 3

    About This User's Guide GS-4012F/4024 User ’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who want to configure the GS-4024 o r GS-4012F using the web configurator or via comma nd s. Y ou should have at least a basic knowledge o f TCP/IP networking conce pts an d topology . Related Document ation[...]

  • Page 4

    Document Conventions GS-4012F/4024 User ’s Guide 4 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User ’ s Guide. 1 W arnings tell you about things that could harm you or your device. " Notes tell you other important informati on (for example, other things you may need to configure or helpful ti[...]

  • Page 5

    Document Conventions GS-4012F/4024 User ’s Guide 5 Icons Used in Figures Figures in this User ’ s Guide may use the followi ng generic icons. The Switch icon is n ot an exact representation of your device. Switch Computer Notebook computer Server DSLAM Firewall T elephone Switch Router[...]

  • Page 6

    Safety Warnings GS-4012F/4024 User ’s Guide 6 Safety Warnings 1 For your safety , be sure to read and follow all warni ng notices and instructions. • Do NOT use this product near water , for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store thin gs on the d[...]

  • Page 7

    Safety Warnings GS-4012F/4024 User ’s Guide 7[...]

  • Page 8

    Safety Warnings GS-4012F/4024 User ’s Guide 8[...]

  • Page 9

    Contents Overview GS-4012F/4024 User ’s Guide 9 Contents Overview Introduction and Hardware ................................................ ................................................... 35 Getting to Know Y our Sw itch ........... ................ ............. ................ ................ ................ ........... .. 37 Hardware I[...]

  • Page 10

    Contents Overview GS-4012F/4024 User ’s Guide 10 IP Multicast ..... ... .... ............. ... ... ... .... ... ... ... ... ............. .... ... ... ... .... ... ... ... ............. ... .... ... .. ....... ..... 249 Differentiated Services ................. .... ... ... ... ... .... ... ............. ... ... .... ... ... ... ... .... ... ... [...]

  • Page 11

    Table of Contents GS-4012F/4024 User ’s Guide 11 Table of Contents About This User's Guide ...................... .................................................................................. .. 3 Document Conventions.................................................................. ......................................... .4 Safety Wa[...]

  • Page 12

    Table of Contents GS-4012F/4024 User ’s Guide 12 3.3 Power Connections Overv iew ................... ................ ............. ................ ................ ............. 49 3.3.1 AC Power Connection .. .... ... ... ... ... .... ... ... ....... ................ ................ ............. ................ 49 3.3.2 DC P ower Connection[...]

  • Page 13

    Table of Contents GS-4012F/4024 User ’s Guide 13 7.3 General Setup ...... ............. .... ... ... ... ... .... ... ... ... .... ............. ... ... ... ... .... ... ... ... .... ... ........ ........ 79 7.4 Introduction to VLANs . ... ... ... .... ... ... ... ... .... ... ... ............. ... .... ... ... ... ... .... ... ... ... ..........[...]

  • Page 14

    Table of Contents GS-4012F/4024 User ’s Guide 14 1 1.1.2 How STP Works ........................ ................. ................ ................ ................ ............ 1 10 1 1.1.3 STP Port S tates ...................... ................ ................. ................ ................ ............... 1 11 1 1.1.4 Mult iple RSTP ....[...]

  • Page 15

    Table of Contents GS-4012F/4024 User ’s Guide 15 16.2.1 Activate IEEE 802.1x Security ... ............. ................ ............. ................ .............. 143 16.2.2 Activate MAC Authentica tion ..... ............. ................. ................ ............. ................ . 144 Chapter 17 Port Security.........................[...]

  • Page 16

    Table of Contents GS-4012F/4024 User ’s Guide 16 22.1.1 IP Multicast Addresses ......... ............. ................ ................ ................ ............. ........ 171 22.1.2 IGMP Filtering ............ ................ ....... .......... ................ ................ ................ ........... 1 71 22.1.3 IGMP Snooping ... ...[...]

  • Page 17

    Table of Contents GS-4012F/4024 User ’s Guide 17 24.6.2 ARP Inspection Log S tatus ............... .......... ............. ................ ................ ............. . 213 24.7 ARP Inspection Configure ................... ................. ................ ................ ................ ........... 21 5 24.7.1 ARP Inspection Port Configu[...]

  • Page 18

    Table of Contents GS-4012F/4024 User ’s Guide 18 29.3 Configuring IGMP .......................... .......... ......... ................. ............ ................. .............. ... 243 Chapter 30 DVMRP ........................................ .................................................................................. ......... 245 30[...]

  • Page 19

    Table of Contents GS-4012F/4024 User ’s Guide 19 Chapter 34 VRRP ...................................................... ..................................................................... ........... 267 34.1 VRRP Overview ..... ................. ................ ................ ................ ................ ................ ..... ... 2 67[...]

  • Page 20

    Table of Contents GS-4012F/4024 User ’s Guide 20 36.4 SSH Overview .................. ................ ................ ................. ................ ............. ............. .... 296 36.5 How SSH works ...... .... ... ... ... .... ... ... ... ... .... ............. ... ... ... .... ... ... ... ... .... ... ... ............. ... ... .. ..[...]

  • Page 21

    Table of Contents GS-4012F/4024 User ’s Guide 21 42.2 Viewing the ARP T able .................... ................ ................. ................ ................... ........... 319 Chapter 43 Routing T able ................... ............................................................................................... ...... 321 43.1 Over[...]

  • Page 22

    Table of Contents GS-4012F/4024 User ’s Guide 22 46.2.3 show logging ....... ................ ............. ... ................ ............. ................ ................ ..... 3 78 46.2.4 show interface ............... ............ ................. ................ ................ ............. .............. 3 78 46.2.5 show mac address[...]

  • Page 23

    Table of Contents GS-4012F/4024 User ’s Guide 23 48.2.12 name ........... ................. ................ ................ ............. ................ ................ ......... .. 400 48.2.13 speed-duplex ...... ................ ................ ................ ................ ................. ................ . 40 0 48.2.14 test ......[...]

  • Page 24

    Table of Contents GS-4012F/4024 User ’s Guide 24 Appendix A Product S pecifications ...................................................................... ................. 425 Appendix B IP Addresses and Subnetting .......................................................... ................. 431 Appendix C Common Services ........................[...]

  • Page 25

    List of Figures GS-4012F/4024 User ’s Guide 25 List of Figures Figure 1 Backbone Application ....................... ................ ................ ................ .................... ..... .............. 38 Figure 2 Bridging Application ......... ......... .... ................ ................ ............. ................ ............ ..[...]

  • Page 26

    List of Figure s GS-4012F/4024 User ’s Guide 26 Figure 39 Advanced Application > VL AN > VLAN Port Setting ... ... ... ................ ............. .... ... ... ... ... .... ... 97 Figure 40 Subnet Based VLAN App lication Example .................. ................ ................ ................ .......... 98 Figure 41 Advanced Applica[...]

  • Page 27

    List of Figures GS-4012F/4024 User ’s Guide 27 Figure 82 Advanced Application > Multicast ................ ................... ................ .................... ............ ..... 172 Figure 83 Advanced Application > Mu lticast > Multicast Setting ........................... ................ .............. 173 Figure 84 Advanced Appl[...]

  • Page 28

    List of Figure s GS-4012F/4024 User ’s Guide 28 Figure 125 OSPF Interface ... ................ ................ ................ ................. ................... ............. ......... ..... 237 Figure 126 OSPF Virtual Link ............... ................ ................ ................. ................ ................ . ............. [...]

  • Page 29

    List of Figures GS-4012F/4024 User ’s Guide 29 Figure 168 Maintenanc e ................... ... ... .... ... ... ... ... .... ............. ... ... ... .... ... ... ............. ... ... .... .. .......... ..... 279 Figure 169 Load Factory Default: S tart ........... ... ............. ................ ................ ................ ............[...]

  • Page 30

    List of Figure s GS-4012F/4024 User ’s Guide 30 Figure 21 1 Java (Sun) ........ ...... ................ ............. ................ ................. ................ ............. ......... ........ 421 Figure 212 Network Number and Host ID ............. ............. ................ ................ ............. ................ .. ... 4 3[...]

  • Page 31

    List of Tables GS-4012F/4024 User ’s Guide 31 List of Tables T able 1 Front Panel .................... ................. ................ ................ ................... ................ .. ..................... 45 T able 2 LEDs ........................ ................ ................ ................ ................. ................ ...[...]

  • Page 32

    List of Tables GS-4012F/4024 User ’s Guide 32 T able 39 Advanced Applicati on > Port Authenticat ion > 802.1x ..... ................ ................ ................ ..... 144 T able 40 Advanced Applicat ion > Port Authentication > MAC Authentication ............................. ........ 145 T able 41 Advanced Application > Port [...]

  • Page 33

    List of Tables GS-4012F/4024 User ’s Guide 33 T able 82 RIP ............ ... ... .... ............. ... ... ... .... ... ... ... ... .... ... ... ............. ... .... ... ... ... ... .... ... ... . ............... ........ 228 T able 83 OSP F vs. RIP ...... ................ ................ ............. ................ ................ ......[...]

  • Page 34

    List of Tables GS-4012F/4024 User ’s Guide 34 T able 125 Syslog ........ ................ ................. ................ ................ ................ ................ .... ................... . 306 T able 126 Syslog: Server Setup ..... ................ ................ ................ ................... ................. ...... .......[...]

  • Page 35

    35 P ART I Introduction and Hardware Getting to Know Y our Switch (37) Hardware Installation and Connectio n (41) Hardware Overview (45)[...]

  • Page 36

    36[...]

  • Page 37

    GS-4012F/4024 User ’s Guide 37 C HAPTER 1 Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction Y our Switch is a stand-alone layer-3 Gigabit Et hernet switch. By integrating route r functions, the Switch performs wire-speed layer -3 r outing in addition to layer-2 switching. The GS[...]

  • Page 38

    Chapter 1 Getting to Know Your Switch GS-4012F/4024 User ’s Guide 38 Figure 1 Backbone Application 1.1.2 Bridging Example In this example application the Switch co nnects dif ferent company de partments ( RD and Sales ) to the corpora te backbone. It can al levi ate bandwidth contention and eliminate server and network bottlenecks. All users that[...]

  • Page 39

    Chapter 1 Getting to Kn ow Your Switch GS-4012F/4024 User ’s Guide 39 Switching to higher-speed LANs such as A T M (Async hronous T ransmission Mode ) is not feasible for most people due to the expense of replacing all existing Ethernet cables and adapter cards, restructuring y our network and complex maintenance. The Switch can prov ide the same[...]

  • Page 40

    Chapter 1 Getting to Know Your Switch GS-4012F/4024 User ’s Guide 40 Figure 4 Shared Server Using VLAN Example[...]

  • Page 41

    GS-4012F/4024 User ’s Guide 41 C HAPTER 2 Hardware Installation and Connection This chapter shows you how to install th e hardware and make port connections. " Example graphics are shown. 2.1 Freest anding Inst allation 1 Make sure the Switch is clean and dry . 2 Set the Switch on a smooth, level surface stro ng enou gh to support the weight[...]

  • Page 42

    Chapter 2 Hardware Installation and Connection GS-4012F/4024 User ’s Guide 42 " Do NOT block the ventilation holes. Leave space between devices when stacking. " For proper ventilation, allow at least 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the Switch. This is especially important for enclosed rack[...]

  • Page 43

    Chapter 2 Har d war e In sta lla tion an d Conn ec tion GS-4012F/4024 User ’s Guide 43 Figure 6 Attaching the Mounting Brackets 2 Using a #2 Philips screwdriver , install the M3 flat head screws through the mounting bracket holes into the Switch. 3 Repeat steps 1 and 2 to install the second mounting br acket on the other side of the Switch. 4 Y o[...]

  • Page 44

    Chapter 2 Hardware Installation and Connection GS-4012F/4024 User ’s Guide 44[...]

  • Page 45

    GS-4012F/4024 User ’s Guide 45 C HAPTER 3 Hardware Overview This chapter describes the front panel and rear panel of the Switc h and shows you how to make the hardware conn ections. 3.1 Front Panel Connection The figure below shows the fro nt panel of the Switch. Figure 8 Front Panel: GS-4024 Figure 9 Front Panel: GS-4012F The following table des[...]

  • Page 46

    Chapter 3 Har d war e Ov er vie w GS-4012F/4024 User ’s Guide 46 3.1.1 Console Port For local management, you can use a computer w ith terminal emulation software configured to the following parameters: • VT100 terminal emulation • 9600 bps • No parity , 8 data bits, 1 stop bit • No flow control Connect the male 9-pin end of the co nsole [...]

  • Page 47

    Chapter 3 Hardware Overview GS-4012F/4024 User ’s Guide 47 • Flow control: on 3.1.3 SFP Slot s The Switch comes with SFP (Smal l Form-fact or Pluggable) slots for mini-GBIC (Gigabit Interface Converter) transceivers. A transceiver is a single unit that houses a transmitter and a receiver . The Switch does not come with transcei vers. Y ou must [...]

  • Page 48

    Chapter 3 Har d war e Ov er vie w GS-4012F/4024 User ’s Guide 48 Figure 1 1 Insta lled Transce iver 3.1.3.2 T ransceiver Removal Use the following steps to remove a mini-GBIC transceiver (SFP modul e). 1 Open the transceiver ’ s latch (latch styles vary). Figure 12 Opening the T ransceiver ’s Latch Example 2 Pull the transceiver out of the sl[...]

  • Page 49

    Chapter 3 Hardware Overview GS-4012F/4024 User ’s Guide 49 Figure 15 Rear Panel: GS- 4024 Figure 16 Rear Panel: GS-4012F (DC Mod el) Figure 17 Rear Panel: GS-4024 (DC Mode l) 3.3 Power Connections Overview Use the following procedures to connect the Switch to a power s ource after you ha ve installed it. Make sure that no objects obstruct the air[...]

  • Page 50

    Chapter 3 Har d war e Ov er vie w GS-4012F/4024 User ’s Guide 50 3.3.2 DC Power Connection " This is only for the DC model of the Switch. The DC-power ed unit uses a sing le terminal block with four terminals which allows you to connect two power supplies. If one power supply fails the system can operate on the remaining power supply . Use t[...]

  • Page 51

    Chapter 3 Hardware Overview GS-4012F/4024 User ’s Guide 51 3.3.3 External Backup Po wer Supply Connector The backup power supply co nstantly monit ors the status of the internal power supply . The backup power supply automatically provides po wer to the Switch in the event of a power failure. Once the Switch receives power from the backup power s[...]

  • Page 52

    Chapter 3 Har d war e Ov er vie w GS-4012F/4024 User ’s Guide 52 Mini-GBIC (SFP) Slots LNK Green On The port has a successful connection. Off No Ethernet device is connected to this port. ACT Green Blinking The po rt is sending or receiving data. Off The port is not sending or receiving data or there is no connection. GS-4012F Model Mini-GBIC (SF[...]

  • Page 53

    53 P ART II Basic Configuration The W eb Configurator (55 ) Initial Setup Example (65) System Status and Port S tatistics (71) Basic Setting (77)[...]

  • Page 54

    54[...]

  • Page 55

    GS-4012F/4024 User ’s Guide 55 C HAPTER 4 The Web Configurator This section introduces the con figuration and functions of the web config urator . 4.1 Introduction The web configurator is an HTML-based mana ge ment interf ace that a llows easy Switch setup and management via Interne t browser . Use In ternet Explorer 6.0 and later or Netscape Nav[...]

  • Page 56

    Chapter 4 The Web Con f igurator GS-4012F/4024 User ’s Guide 56 Figure 19 Web Configura t or: Login 4 Click OK to view the first w eb configurator screen. 4.3 The St atus Screen The St a t u s screen is the firs t screen tha t displa ys when you acces s the web configurator . The following figure shows the navigat ing co mponents of a web configu[...]

  • Page 57

    Chapter 4 The Web Co nfigurator GS-4012F/4024 User ’s Guide 57 C - Click this link to go to the status page of the Switch. D - Click this link to logout of the web configurator . E - Click this link to display web help pages. Th e help pages provide d escriptions for all of the configuration screens. In the navigation panel, click a main l ink to[...]

  • Page 58

    Chapter 4 The Web Con f igurator GS-4012F/4024 User ’s Guide 58 The following table lists the various web configurator screens within the sub-links. T able 4 W eb Configurat or Screen Sub -links Details BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT System Info General Setup Switch Setup IP Setup Port Setup VLAN VLAN Port Setting Su[...]

  • Page 59

    Chapter 4 The Web Co nfigurator GS-4012F/4024 User ’s Guide 59 The following table describes the links in the navigation panel. T able 5 Navigation Panel Links LINK DESCRIPTION Basic Settings System Info This link takes you to a scr een that displays general system and hardware monitoring information. General Setup This link takes you to a screen[...]

  • Page 60

    Chapter 4 The Web Con f igurator GS-4012F/4024 User ’s Guide 60 Auth and Acct This link takes you to a scr een where yo u can configure authentica tion and accounting services via external servers. The external servers can be either RADIUS (Remote Authentication Dial-In User Service) or T ACACS+ (T erminal Access Controller Access-Control System [...]

  • Page 61

    Chapter 4 The Web Co nfigurator GS-4012F/4024 User ’s Guide 61 4.3.1 Change Y our Password After you log in for the first time, it is reco mmended y ou change the default administrator password. Click Management , Access Control and then Logins to display the next screen. Figure 21 Change Administr ator Login Password 4.4 Saving Y our Configurati[...]

  • Page 62

    Chapter 4 The Web Con f igurator GS-4012F/4024 User ’s Guide 62 6 Forget the password and/or IP address. 7 Prevent all services from accessing the Switch. 8 Change a service port nu mber but forget it. " Be careful not to lock y ourself and others out of the Switch. If you do lock yourself out, try using out-of-band management (via the manag[...]

  • Page 63

    Chapter 4 The Web Co nfigurator GS-4012F/4024 User ’s Guide 63 Figure 22 Resetting the Switch: V ia the Console Port The Switch is now reinitialized wi th a defau lt configuration file including the default password of “1234”. 4.7 Logging Out of the W eb Configurator Click Logout in a screen to exit the web configurator . Y o u have to log in[...]

  • Page 64

    Chapter 4 The Web Con f igurator GS-4012F/4024 User ’s Guide 64[...]

  • Page 65

    GS-4012F/4024 User ’s Guide 65 C HAPTER 5 Initial Setup Example This chapter shows how to set up the Switch for an example network. 5.1 Overview The following lists the configura tion steps for the example network: • Configure an IP interface • Configure DHCP server settings • Create a V LAN • Set port VLAN ID • Enable RIP 5.1.1 Configu[...]

  • Page 66

    Chapter 5 Initi al Set up Ex amp l e GS-4012F/4024 User ’s Guide 66 2 Open your web browser and enter 19 2.168.0.1 (the default MGMT port IP address) in the address bar to access the web configurat or . See Sectio n 4.2 on page 55 for more information. 3 Click Basic Setting and IP Setup in the navigation panel. 4 Configure the related fields in t[...]

  • Page 67

    Chapter 5 Initi al Set up Ex amp le GS-4012F/4024 User ’s Guide 67 5.1.3 Creating a VLAN VLANs confine broadcast frames to the VLAN gr oup in which the port(s) belongs. Y ou can do this with port-based VLAN or tagged static VLAN with fixed port members. In this example, you want to con figure port 1 as a member of VLAN 2. Figure 25 Initial Setup [...]

  • Page 68

    Chapter 5 Initi al Set up Ex amp l e GS-4012F/4024 User ’s Guide 68 " The VLAN Group ID field in this screen and the VID field in the IP Se tup screen refer to t he same VLAN ID. 3 Since the VLAN2 network is connected to port 1 on the Switch, select Fixed to configure port 1 to be a permanent member of the VLAN only . 4 T o ensure that VLAN-[...]

  • Page 69

    Chapter 5 Initi al Set up Ex amp le GS-4012F/4024 User ’s Guide 69 5.1.5 Enabling RIP T o exchange routing information with other ro uting devices across different routing domains , enable RIP (Routing Inform ation Protocol) in the RIP screen. 1 Click IP Application > RIP in the navigation panel. 2 Select Both in the Direction field to set the[...]

  • Page 70

    Chapter 5 Initi al Set up Ex amp l e GS-4012F/4024 User ’s Guide 70[...]

  • Page 71

    GS-4012F/4024 User ’s Guide 71 C HAPTER 6 System Status and Port Statistics This chapter describes the system status (web configurator ho me page) and port details screens. 6.1 Overview The home screen of the web configurato r displays a port statistical summary with links to each port showing statistical details. 6.2 Port S t atus Summary T o vi[...]

  • Page 72

    Chapter 6 S ystem Status and Port Statist ics GS-4012F/4024 User ’s Guide 72 6.2.1 St atus: Port Det ails Click a number in the Port column in the St a t u s screen to display indivi dual port statistics. Use this screen to check status and detailed performance data about an individual port on the Switch. Link This field displays the speed (eithe[...]

  • Page 73

    Chapter 6 System Status and Port Statistics GS-4012F/4024 User ’s Guide 73 Figure 28 S tatus > Port Det ails The following table describes the labels in this screen. T able 7 S tatus: Port Details LABEL DESCRIPTION Port Info Port NO. T his field displays the port number you a re viewing. Name This field displays the name of the port. Link This[...]

  • Page 74

    Chapter 6 S ystem Status and Port Statist ics GS-4012F/4024 User ’s Guide 74 Up T ime This field shows the total amount of time the connection has been up. Tx Packet The following fields display detailed information about packets transmitted. TX Packet This field shows the number of good packets (unicast, multicast and broadcast) transmitted. Mul[...]

  • Page 75

    Chapter 6 System Status and Port Statistics GS-4012F/4024 User ’s Guide 75 512-1023 This field shows the number of packets (including bad packets) received that were between 512 and 1023 octets in length . 1024- 1518 This field shows the number of packets (including bad packet s) received tha t were between 1024 and 1518 octe ts in length. Giant [...]

  • Page 76

    Chapter 6 S ystem Status and Port Statist ics GS-4012F/4024 User ’s Guide 76[...]

  • Page 77

    GS-4012F/4024 User ’s Guide 77 C HAPTER 7 Basic Setting This chapter describes how to configure the System Info, General Setup , Switch Setup , IP Setup and Port Setup screens. 7.1 Overview The System Info screen displays general Switch inform ation (such as firmware version number) and hardware polling inform ation (such as fan speeds). The Gene[...]

  • Page 78

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 78 Figure 29 System Info The following table describes the labels in this screen. T able 8 S ystem Info LABEL DESCRIPTION System Name This field displays th e descriptive name of the Switch for identification purp oses. ZyNOS F/W Ve r s i o n This field displays the version number of the Switch [...]

  • Page 79

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 79 7.3 General Setup Use this screen to configure general settings such as the system name and time. Cl ick Basic Setting > General Setup in the navigation panel to di splay the screen as shown. Figure 30 Basic Setting > General Setup Current This field displays this fan's current spe[...]

  • Page 80

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 80 The following table describes the labels in this screen. T able 9 B asic Setting > General Setup LABEL DESCRIPTION System Name Choose a descriptive name fo r identifi cati on purposes. This name consists of up to 64 printable characters; spaces are allowed. Location Enter the geograph ic l[...]

  • Page 81

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 81 7.4 Introduction to VLANs A VLAN (V irtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Device s on a logical network belong to one group. A device can belong to more than one group. W ith VLAN, a device cannot directly talk to or hear from d[...]

  • Page 82

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 82 Figure 31 Basic Setting > Switch Setup The following table describes the labels in this screen. T able 10 Basic Setting > Switch Setup LABEL DESCRIPTION VLAN T ype Choose 802.1Q or Por t Based . The VLAN Setup screen changes de pending on whether you choose 802.1Q VLAN type or Port Base[...]

  • Page 83

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 83 7.6 IP Setup Use the IP Setup screen to configure the default gate way device, the default domain name server and add IP domains. 7.6.1 IP Interfaces The Switch needs an IP address for it to be mana ged over the network. The factory default IP address is 192.168.1.1. The subnet mask sp ecifie[...]

  • Page 84

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 84 Figure 32 Basic Setting > IP Setup The following table describes the labels in this screen. Ta b l e 1 1 Basic Setting > IP Setup LABEL DESCRIPTION Default Gateway Enter the IP a ddress of the default outgoi ng gateway in dotted decimal notation, for example 192.168.1.2 54. Domain Name [...]

  • Page 85

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 85 7.7 Port Setup Use this screen to configure Switch port settings.Click Basic Setting and then Port Setup in the navigation panel to display the configuration screen. Apply Click Apply to save your changes to the Switch ’s run-time memory . The Switch loses these changes if it is turned off [...]

  • Page 86

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 86 Figure 33 Basic Setting > Port Setup The following table describes the labels in this screen. T able 12 Basic Setting > Port Setup LABEL DESCRIPTION Port This is the port index numbe r . * Settings in this row apply to all port s. Use this row only if you want to make some settings the [...]

  • Page 87

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 87 Flow Control A concentration o f traffic on a port decreases port bandwidth and overflows buffer memory causing packet discards and frame losses. Flow Control is used to regulate transmission of signals to match the bandwidth of the receiving port. The Switch uses IEEE802.3x flow control in f[...]

  • Page 88

    Chapter 7 Basic Setting GS-4012F/4024 User ’s Guide 88[...]

  • Page 89

    89 P ART III Advanced VLAN (91) Stat ic MAC Forward Setup (105) Filtering (107) Spanning T ree Protocol (109) Bandwidth Control (127) Broadcast Storm Control (129) Mirroring (131) Link Aggregation (133) Port Authentication (141) Port Security (147) Classifier (151) Policy Rule (157) Queuing Method (163) VLAN Stacking (165) Multicast (171) Authentic[...]

  • Page 90

    90[...]

  • Page 91

    GS-4012F/4024 User ’s Guide 91 C HAPTER 8 VLAN The type of screen you see here depends o n the VLAN T ype you selected in the Switch Setup screen. This chapter shows you how to conf igure 802.1Q tagge d and port-based VLANs. 8.1 Introduction to IEEE 802.1Q T agged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify th[...]

  • Page 92

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 92 8.2 Automatic VLAN Registration GARP and GVRP are the protocols used to auto matically register VLAN membership acros s switches. 8.2.1 GARP GARP (Generic Attribute Registration Protocol) allows network switches to register and de- register attribute values with other GARP par ticipants within a brid [...]

  • Page 93

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 93 8.3 Port VLAN T runking Enable VLAN T runking on a port to allow frames belong ing to unknown VLAN groups to pass through that port. This is useful if yo u want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices. Refer to the following figure.[...]

  • Page 94

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 94 8.5.1 St atic VLAN S tatus See Section 8.1 on page 9 1 for more information on Stat ic VL AN. Click Advanced Application > VLAN from the navigation panel to display the VLAN S tatus screen as shown next. Figure 36 Advanced Application > VLAN: VLAN S tatus The following table describes the labels[...]

  • Page 95

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 95 The following table describes the labels in this screen. 8.5.3 Configure a St atic VLAN Use this screen to configure and view 80 2.1Q VLAN parameters for the Switch. See Section 8.1 on page 91 for more information on static VLAN. T o configure a static VLAN, click St a t i c VLAN in the VLA N S tatus [...]

  • Page 96

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 96 The following table describes the rela ted labels in this screen. 8.5.4 Configure VLAN Port Settings Use the VLAN Port Setting screen to configure the static VLAN (IEEE 802.1Q) settings on a port. See Section 8.1 on page 91 for more information on static VLAN. Click the VLAN Port Setting link in the V[...]

  • Page 97

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 97 Figure 39 Advanced Application > VL AN > VLAN Port Setting The following table describes the labels in this screen. T able 17 Advanc ed Application > VL AN > VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registra tion Protocol) is a registra tion protocol tha t defines a way for[...]

  • Page 98

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 98 8.6 Subnet Based VLANs Subnet based VLANs allow yo u to group traffi c into logical VLANs based on the source IP subnet you specify . When a frame is received on a port, the Switch checks if a tag is added already and the IP subnet it came from. The unta gged packets from the same IP subnet ar e then [...]

  • Page 99

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 99 8.7 Configuring Subnet Based VLAN Click Subnet Based VLAN in the VLAN Port Setting screen to display the configuration screen as shown. " Subnet based VLAN applie s to un-tagged p ackets and is applicable only when you use IEEE 802.1Q tagged VLAN. Figure 41 Advanced Application > VLAN > VLA[...]

  • Page 100

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 100 8.8 Port-based VLAN Setup Port-based VLANs are VLANs where the packet forwarding de cision is based on the destination MAC address and its associated port. Port-based VLANs require allowed outgoing ports to be defined for each port. Therefore, if you wish to allow two subscriber ports to talk to each[...]

  • Page 101

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 101 " In screens (such as IP Setup and Filtering ) that require a VID, you must enter 1 as the VID. The port-based VLAN setup sc reen is shown next. The CPU management port forms a VLAN with all Ethernet ports. 8.8.1 Configure a Port-based VLAN Select Port Based as the VLAN T ype in the Switch Setup[...]

  • Page 102

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 102 Figure 43 Port Based VLAN Setu p (Port Isola tio n) The following table describes the labels in this screen. T able 19 Port Based VLAN Setup label Description Setting Wizard Choo se All connected or Po rt isolation . All connected means all p orts can communicate with each other , that is, there are [...]

  • Page 103

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 103 Outgoing These are the egress ports; an egress port is an outgoing port, that is, a port through which a data packet leaves. If you wish to allow two subscriber p orts to talk to each other , you must define the eg ress port for both ports. CPU refers to the Switch management port. By defaul t it for[...]

  • Page 104

    Chapter 8 VLAN GS-4012F/4024 User ’s Guide 104[...]

  • Page 105

    GS-4012F/4024 User ’s Guide 105 C HAPTER 9 Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 9.1 Overview This chapter discusses how to configure forwarding rules based on MAC addresses of device s on your network. 9.2 Configuring S t atic MAC Forwarding A static MAC address is an address that has been ma nual[...]

  • Page 106

    Chapter 9 Static MAC Forward Setup GS-4012F/4024 User ’s Guide 106 The following table describes the labels in this screen. T able 20 Advanced Application > S tatic MAC Forwardin g LABEL DESCRIPTION Active Select this check box to activate your rule. Y ou may temporarily deactivate a rule without deleting it by clearing this check box. Name En[...]

  • Page 107

    GS-4012F/4024 User ’s Guide 107 C HAPTER 10 Filtering This chapter discusses MAC address port filtering. 10.1 Configure a Filtering Rule Filtering means sifting traffic going through the Switch based on the sour ce and/or destination MAC addresses and VLAN group (ID). Click Advanced App lication > Filtering in the navigation panel to display t[...]

  • Page 108

    Chapter 10 Filtering GS-4012F/4024 User ’s Guide 108 Action Select Discard source to drop frame from the source MAC address (specified in the MAC field). The Switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address). The Switch can still receive frames [...]

  • Page 109

    GS-4012F/4024 User ’s Guide 109 C HAPTER 11 Spanning Tree Protocol The Switch supports Spanning T ree Protocol (STP), Rapid Spanning T ree Protocol (RSTP) and Multiple Spanning T ree Protocol (MSTP) as defined in the followi ng st andards. • IEEE 802.1D Span ning Tree P rotocol • IEEE 802.1w Rap id Spanning T ree Protocol • IEEE 802.1s Mult[...]

  • Page 110

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 0 Path cost is the cost of tr ansmitting a frame onto a LAN thro ugh that port. The recommended cost is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost. On each bridge, the root port is the port thro ugh which this[...]

  • Page 111

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 111 1 1.1.3 STP Port St ates STP assigns five port states to eliminate packet looping. A bridge port is not allowed to go directly from blocking state to forwarding st ate so as to eliminate transient loops. 1 1.1.4 Multiple RSTP MRSTP (Multiple RSTP) is ZyXEL ’ s proprietary featu[...]

  • Page 112

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 2 1 1.1.5 Multiple STP Multiple Spanning T ree Protocol (IEEE 802.1s ) is backward compatible with STP/RSTP and addresses the limitations of existing spanning tree protocols (S TP and RSTP) in networks to include the following features: • One Common and Internal S panning Tree ([...]

  • Page 113

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 3 Figure 48 MSTP Network Example 1 1.1.5.2 MST Regio n An MST region is a logical grouping of multiple network devices that appears as a single device to the rest of the network. Each MS TP-enabled device can only belong to one MST region. When BPDUs enter an MST region, external [...]

  • Page 114

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 4 Figure 49 MSTIs in Different Regions 1 1.1.5.4 Co mmon and Internal Sp anning T ree (CIST) A CIST represents the connectivity of the entire ne twork and it is equivalent to a spanning tree in an STP/RSTP . The CIST is the default MS T instance (MSTID 0). Any VLANs that are not m[...]

  • Page 115

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 5 Figure 51 Advanced Application > S pa nn ing Tree Protocol This screen differs depending on which STP mode (RSTP , MRSTP or MSTP) y ou co nfigure on the Switch. This screen is described in detail in the sectio n that follows the configuration section for each STP mode. Click [...]

  • Page 116

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 6 1 1.4 Configure Rapid Sp a nning T ree Protocol Use this screen to configure RSTP settings, see Section 11.1 on page 109 for more information on RSTP . Click RSTP in the Advanced Application > Spanning T ree Pr otocol screen. Figure 53 Advanced Application > S pann ing Tre[...]

  • Page 117

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 7 1 1.5 Rapid Sp anning T r ee Protocol St atus Click Advanced App lication > Spanning T ree Protocol in the navigation panel to display the status screen as shown next. See Section 1 1.1 on page 109 for more information on RSTP . Hello T ime This is the time interval in se con[...]

  • Page 118

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 8 " This screen is only available afte r you activate RS TP on the Switch. Figure 54 Advanced Application > S pann ing Tree Protocol > S t atus: RSTP The following table describes the labels in this screen. T able 26 Advanc ed Application > S panning T r ee Protocol [...]

  • Page 119

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 11 9 1 1.6 Configure Multiple Rapid Sp anning T ree Protocol T o configure MRSTP , click MRSTP in the Advanced Application > Spanning T ree Pro tocol screen. Se e Section 1 1.1 on page 109 for more information on MRSTP . Figure 55 Advanced Application > S pan n ing Tree Protoco[...]

  • Page 120

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 120 1 1.7 Multiple Rapid Sp anning T r ee Protocol St atus Click Advanced App lication > Spanning T ree Protocol in the navigation panel t o display the status screen as shown next. See Section 1 1.1 on page 109 for more information on MRSTP . Max Age This is the maximu m time (in[...]

  • Page 121

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 121 " This screen is only available afte r you activate MR STP on the Switch. Figure 56 Advanced Application > S pa nn ing Tree Protocol > S t atus: MRSTP The following table describes the labels in this screen. T able 28 Advanc ed Application > S panning T r ee Protoco[...]

  • Page 122

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 122 1 1.8 Configure Multiple Sp anning T ree Protocol T o configure MSTP , click MSTP in the Advanced Application > Spanning T ree Pr otocol screen. See Section 1 1.1.5 on page 1 12 for mor e information on MSTP . Figure 57 Advanced Application > S pann ing Tree Protocol > M[...]

  • Page 123

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 123 The following table describes the labels in this screen. T able 29 Advanc ed Application > S panning T ree Protocol > MSTP LABEL DESCRIPTION S tatus Click St atus to display the MSTP Status screen (see Figure 58 on page 125 ). Active Select this check box to activate MS TP [...]

  • Page 124

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 124 1 1.9 Multiple Sp anning T ree Protocol St atus Click Advanced App lication > Spanning T ree Protocol in the navigation panel t o display the status screen as shown next. See Section 1 1.1.5 on pa ge 1 12 for more information on MSTP . VLAN Range Enter the start of the VLAN ID[...]

  • Page 125

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 125 " This screen is only available afte r you activate MSTP on the Switch. Figure 58 Advanced Application > S pa nn ing Tree Protocol > S t atus: MSTP The following table describes the labels in this screen. T able 30 Advanc ed Application > S panning Tree Protocol >[...]

  • Page 126

    Chapter 11 Spanning T ree Protoc ol GS-4012F/4024 User ’s Guide 126 Forwarding Delay (secon d) This is the time (in seconds) the root swit ch will wait before changing states (that is, listening to learning to forwarding ). Cost to Bridge This is the p ath cost from the root port on this Switch to the root switch. Port ID This is the priority and[...]

  • Page 127

    GS-4012F/4024 User ’s Guide 127 C HAPTER 12 Bandwidth Control This chapter shows you h ow you can cap the maximum bandwi dth using the Bandwidth Control screen. 12.1 Bandwid th Control Overview Bandwidth control mean s defining a maximum allowable bandwidth for incoming and/or out- going traf fic flows on a port. 12.1.1 CIR and PIR The Committed [...]

  • Page 128

    Chapter 12 Bandwidth Control GS-4012F/4024 User ’s Guide 128 Figure 59 Advanced Application > Bandwidth Control The following table describes the re lated labels in this screen. T able 31 Advanc ed Application > Bandwidth Control LABEL DESCRIPTION Active Select this check box to enable bandwidth control on th e Sw itch. Port This field disp[...]

  • Page 129

    GS-4012F/4024 User ’s Guide 129 C HAPTER 13 Broadcast Storm Control This chapter introduces and sh ows you how to configure the broadcast storm co ntrol feature. 13.1 Broadcast S torm Control Setup Broadcast storm control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the Swit ch receives per second on the [...]

  • Page 130

    Chapter 13 Broadcast Storm Control GS-4012F/4024 User ’s Guide 130 The following table describes the labels in this screen. T able 32 Advanc ed Application > Broadcast Storm Control LABEL DESCRIPTION Active Select this check box to enable traf fic storm control on the Switch. Clear this check box to disable this feature. Port This field displa[...]

  • Page 131

    GS-4012F/4024 User ’s Guide 131 C HAPTER 14 Mirroring This chapter discusses port mirroring setup screens. 14.1 Port Mirroring Setup Port mirroring allows you to copy a traffic flow to a monitor port (the port you copy the traffi c to) in order that you can examine the traffi c from the monitor port without interference. Click Advanced App licati[...]

  • Page 132

    Chapter 14 M irr or in g GS-4012F/4024 User ’s Guide 132 The following table describes the labels in this screen. T able 33 Advanc ed Application > Mirroring LABEL DESCRIPTION Active Select this chec k box to activate port mirroring on the Switch. Clear this check box to disable the featu r e. Monitor Port The monito r port is the port you cop[...]

  • Page 133

    GS-4012F/4024 User ’s Guide 133 C HAPTER 15 Link Aggregation This chapter shows you how to logically aggreg ate physical links to form one logical, high er- bandwidth link. 15.1 Link Aggregation Overview Link aggregation (trunking) is the grouping of physical ports into one logical higher -c apa city link. Y ou may want to trunk ports if for exam[...]

  • Page 134

    Chapter 15 Li nk Aggr eg a tion GS-4012F/4024 User ’s Guide 134 • Y ou must connect all ports point-to-point to the same Ethernet sw itch and configure the ports for LACP trunking. • LACP only works on full-duplex links. • All ports in the same trunk group must have the same media type, speed, duplex mode and flow control settings. Configur[...]

  • Page 135

    Chapter 15 L ink Aggr eg a tion GS-4012F/4024 User ’s Guide 135 15.4 Link Aggregation Setting Click Advanced App lication > Link Aggregation > Link Aggr egation Setting to display the screen shown next. See Section 15.1 on p age 133 for more information on link aggregation. Figure 63 Advanced Application > Link Aggre gation > Link Agg[...]

  • Page 136

    Chapter 15 Li nk Aggr eg a tion GS-4012F/4024 User ’s Guide 136 The following table describes the labels in this screen. 15.5 Link Aggregation Control Protocol Click Advanced App lication > Link Aggregation > Link Aggr egation Setting > LACP to display the screen shown next. See Section 15.2 on page 133 for more information on dynamic li[...]

  • Page 137

    Chapter 15 L ink Aggr eg a tion GS-4012F/4024 User ’s Guide 137 Figure 64 Advanced Application > Link Aggregatio n > Link Aggre gation Setting > LACP The following table describes the labels in this screen. T able 38 Advanced Application > Link Aggregation > Link Aggregatio n Setting > LACP LABEL DESCRIPTION Link Aggregation Con[...]

  • Page 138

    Chapter 15 Li nk Aggr eg a tion GS-4012F/4024 User ’s Guide 138 15.6 S t atic T runking Example This example shows you how to create a static port trunk group for ports 2-5. 1 Make your physi cal conn ections - make sure that the ports that you want to belong to the trunk group are connected to the same de stination. The followi ng figure shows p[...]

  • Page 139

    Chapter 15 L ink Aggr eg a tion GS-4012F/4024 User ’s Guide 139 Figure 66 T runking Example - Configuration Screen Y our trunk group 1 ( T1 ) configuration is now complete; you do not need to go to any additional screens.[...]

  • Page 140

    Chapter 15 Li nk Aggr eg a tion GS-4012F/4024 User ’s Guide 140[...]

  • Page 141

    GS-4012F/4024 User ’s Guide 141 C HAPTER 16 Port Authentication This chapter describes the IEEE 802. 1x and MAC authentication methods. 16.1 Port Authentication Overview Port authentication is a way to validate access to ports on the Switch to clients based on an external server (authentication server). The Switch supports the followi ng methods [...]

  • Page 142

    Chapter 16 Port Authentication GS-4012F/4024 User ’s Guide 142 Figure 67 IEEE 802.1x Authentic ation Process 16.1.2 MAC Authentication MAC authentication works in a very similar wa y to IEEE 802.1x authentication. The main difference is that the Switch does not prompt the client for login credentials. The login credentials are based on the source[...]

  • Page 143

    Chapter 16 Port Au thentication GS-4012F/4024 User ’s Guide 143 16.2 Port Authentication Configuration T o enable port authentication, first activate the port authentica tion method(s) you want to use (both on the Switch and the port(s)) then co nfigure the RADIUS server settings in the Auth and Acct > Radius Server Setup screen. Click Advance[...]

  • Page 144

    Chapter 16 Port Authentication GS-4012F/4024 User ’s Guide 144 The following table describes the labels in this screen. 16.2.2 Activate MAC Authentication Use this screen to activate MAC authentication. In the Port Authentication screen click MAC Authentication to display the configuratio n screen as shown. T able 39 Advanced Application > Por[...]

  • Page 145

    Chapter 16 Port Au thentication GS-4012F/4024 User ’s Guide 145 Figure 71 Advanced Application > Port Au thentication > MAC Authentication The following table describes the labels in this screen. T able 40 Advanced Application > Port Au thentication > MAC Authentication LABEL DESCRIPTION Active Select this check box to perm it MAC aut[...]

  • Page 146

    Chapter 16 Port Authentication GS-4012F/4024 User ’s Guide 146 * Use this row to make the setting the same for al l ports. Use this row first and then make adjustments on a port-by-port basis. Note: Changes in this row are copied to all the port s as soon as you make them. Active Select this checkbox to permit MAC aut hentication on this port. Y [...]

  • Page 147

    GS-4012F/4024 User ’s Guide 147 C HAPTER 17 Port Security This chapter shows you how to set up port security . 17.1 About Port Security Port security allows only packets w ith dynami cally learned MAC addresses and/or configured static MAC addresses to pass through a port on the Switch. The Switch can learn up to 16K MAC addresses in total with n[...]

  • Page 148

    Chapter 17 Port Secu rity GS-4012F/4024 User ’s Guide 148 Figure 72 Advanced Application > Port Security The following table describes the labels in this screen. T able 41 Advanced Application > Port Security LABEL DESCRIPTION Active Select this option to enable port security on the Switch. Port Thi s field displays the port number . * Sett[...]

  • Page 149

    Chapter 17 Port Security GS-4012F/4024 User ’s Guide 149 Apply Click Apply to save your changes to the Switch’s run-time memory . The Switch loses these changes if it i s turned off or loses powe r , so use the Save link on th e top navigation panel to save your changes to the non-volatile memory whe n you are done configuring. Cancel Click Can[...]

  • Page 150

    Chapter 17 Port Secu rity GS-4012F/4024 User ’s Guide 150[...]

  • Page 151

    GS-4012F/4024 User ’s Guide 151 C HAPTER 18 Classifier This chapter introduces and shows you how to configure the packet cl assifier on the Switch. 18.1 About the Classifier and QoS Quality of Service (QoS) refers to both a networ k's ability to deliver data with minimum delay , and the networking methods used to control the us e of bandwidt[...]

  • Page 152

    Chapter 18 Classifier GS-4012F/4024 User ’s Guide 152 Figure 73 Advanced Application > Classifier The following table describes the labels in this screen. T able 42 Advanc ed Applicat ion > Classifier LABEL DESCRIPTION Active Select this optio n to enable this rule. Name Enter a descriptive name for th is rule for identifying purposes. Pack[...]

  • Page 153

    Chapter 18 Classifier GS-4012F/4024 User ’s Guide 153 Ethernet Ty p e Select an Ethernet type or select Othe r and enter the Ethernet type number in hexadecimal value. Refer to T able 44 on page 154 for information. Source MAC Address Select Any to apply the rule to all MAC addresses. T o specify a source, select the second choi ce and type a MAC[...]

  • Page 154

    Chapter 18 Classifier GS-4012F/4024 User ’s Guide 154 18.3 V iewing and Editing Classifier Configuration T o view a summary of the classifier configuration, scroll down to th e summar y tab le at the bottom of the Clas sifier screen. T o change the settings of a rule, click a number in the Index field. " When two rules conflict with eac h ot[...]

  • Page 155

    Chapter 18 Classifier GS-4012F/4024 User ’s Guide 155 Some of the most common IP ports are: 18.4 Classifier Example The following screen shows an example where yo u configure a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. After you have configured a classifier , you can configure a policy (in the Policy scr[...]

  • Page 156

    Chapter 18 Classifier GS-4012F/4024 User ’s Guide 156 Figure 75 Classifier: Example[...]

  • Page 157

    GS-4012F/4024 User ’s Guide 157 C HAPTER 19 Policy Rule This chapter shows you how to configure policy rules. 19.1 Policy Rules Overview A classifier distinguishes traffic into flows based on the configured criteria (refer to Chapter 18 on page 151 for more information). A policy rule ensures that a traffic flow gets the requested treatment in th[...]

  • Page 158

    Chapter 19 Policy Rule GS-4012F/4024 User ’s Guide 158 19.2 Configuring Policy Rules Y ou must first configure a classifier in the Classifier screen. Refer to Section 18.2 on page 151 for more information. Click Advanced App lications > Policy Rule in the navigation panel to display the screen as shown. Figure 76 Advanced Application > Poli[...]

  • Page 159

    Chapter 19 Policy Rule GS-4012F/4024 User ’s Guide 159 The following table describes the labels in this screen. T able 46 Advanc ed Applicat ion > Policy Rule LABEL DESCRIPTION Active Select this option to enable the policy . Name Enter a descriptive name for identification purposes. Classifier(s) This field di splays the acti ve classifier(s)[...]

  • Page 160

    Chapter 19 Policy Rule GS-4012F/4024 User ’s Guide 160 19.3 V iewing and Editing Policy Configuration T o view a summary of the classifier configuration, scroll down to th e summar y tab le at the bottom of the Policy screen. T o change the settings of a rule, click a number in the Index field. Figure 77 Advanced Application > Policy Rule: Sum[...]

  • Page 161

    Chapter 19 Policy Rule GS-4012F/4024 User ’s Guide 161 19.4 Policy Example The figure below shows an example Policy screen where you configure a policy to limit bandwidth and discard ou t-of-profile traffi c on a traf fic flow cla ssified using the Example classifier (refer to Section 18.4 on page 155 ). Figure 78 Policy Example[...]

  • Page 162

    Chapter 19 Policy Rule GS-4012F/4024 User ’s Guide 162[...]

  • Page 163

    GS-4012F/4024 User ’s Guide 163 C HAPTER 20 Queuing Method This chapter introduces th e queuing methods sup ported. 20.1 Queuing Method Overview Queuing is used to help solve performance degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traf fic. See also Priority Queu e Assig[...]

  • Page 164

    Chapter 20 Q ue u ing Me tho d GS-4012F/4024 User ’s Guide 164 20.2 Configuring Queuing Click Advanced App lication , Queuing Method in the navigation panel. Figure 79 Queuing M ethod The following table describes the labels in this screen. T able 48 Queuing Method LABEL DESCRIPTION Port This label shows the port you are co nfiguring. Method Sele[...]

  • Page 165

    GS-4012F/4024 User ’s Guide 165 C HAPTER 21 VLAN Stacking This chapter shows you h o w to configure VLAN stacking on your Switch. See th e chapter on VLANs for more background informatio n on V irtual LAN 21.1 VLAN S tacking Overview A service provider can use VLAN stacking to allow it to distinguis h multiple customers VLANs, even those with the[...]

  • Page 166

    Chapter 21 VLAN Stacking GS-4012F/4024 User ’s Guide 166 Figure 80 VLAN S tacking Exam ple 21.2 VLAN S tacking Port Roles Each port can have three VLAN stacking “roles”, Normal , Access Port and T unnel (the latter is for Gigabit ports only). • Select Normal for “regular” (non-VLAN stacking) IEEE 802.1Q frame switching. • Select Acces[...]

  • Page 167

    Chapter 21 VLAN Stacking GS-4012F/4024 User ’s Guide 167 21.3 VLAN T ag Format A VLAN tag (service provider VLAN stacking or customer IEEE 802.1Q) consists of the following three fields. Ty p e is a standard Ethernet type code identifyi ng the frame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provide[...]

  • Page 168

    Chapter 21 VLAN Stacking GS-4012F/4024 User ’s Guide 168 21.4 Configuring VLAN S t acking Click Advanced App lications > VLAN S tacking to display the screen as show n. Figure 81 Advanced Application > VLAN S tacking The following table describes the labels in this screen. (SP)TPID (Service Provider) T ag Pr otocol IDentifier Data Frame dat[...]

  • Page 169

    Chapter 21 VLAN Stacking GS-4012F/4024 User ’s Guide 169 Role Select Normal to have th e Switch ignore frames received (or transmitted) on this port with VLAN stacking tags. Anything you configure in SPVID and Priority are ignored. Note: The Normal option is only sup ported on the GS-4012F model. Select Access Port to have the Switch add the SP T[...]

  • Page 170

    Chapter 21 VLAN Stacking GS-4012F/4024 User ’s Guide 170[...]

  • Page 171

    GS-4012F/4024 User ’s Guide 171 C HAPTER 22 Multicast This chapter shows you how to conf igure various multicast features. 22.1 Multicast Overview T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybod y on the network). Multicast delivers IP packets to just a g[...]

  • Page 172

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 172 The Switch forwards multicast tr affic destined for multicast gr oups (that it has learned from IGMP snooping or that you have manually configured) to ports that ar e mem bers of that group. IGMP snooping generates no additional ne twork traf fic, allowing you to significantly reduce multicast [...]

  • Page 173

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 173 Figure 83 Advanced Application > Mult icast > Multicast Setting The following table describes the labels in this screen. T able 54 Advanced Application > Mult icast > Multicast S etting LABEL DESCRIPTION IGMP Snooping Use these settings to configure IGMP Snooping. Active Select Acti[...]

  • Page 174

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 174 22.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See Section 22.1.4 on page 1 7 2 for more information on IGMP Snooping VLAN. Reserved Multicast Group[...]

  • Page 175

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 175 Figure 84 Advanced Application > Multicast > Mult icast Setting > IGMP Snooping VLAN The following table describes the labels in this screen. T able 55 Advanced Application > Multicas t > Mu lticast Setting > IGMP Snooping VLAN LABEL DESCRIPTION Mode Select auto to have the Sw[...]

  • Page 176

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 176 22.5 IGMP Filtering Profile An IGMP filtering profile specif ies a range of multicas t groups that clients connected to the Switch are able to join. A profile contains a range of multicast IP addresses which you want clients to be able to join. Prof iles are assigned to ports (in the Multicast [...]

  • Page 177

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 177 22.6 MVR Overview Multicast VLAN Registration (MVR) is designed for applications (such as M edia-on-Demand (MoD)) that use multicast traffi c across an Ethe rnet ring-based servic e provider network. MVR allows one single multicast VLAN to be shared among dif ferent subscriber VLANs on the netw[...]

  • Page 178

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 178 22.6.2 MVR Modes Y ou can set your Switch to operate in either dynamic or compatible mode. In dynamic mo de, the Switch send s IGMP leave and join reports to the other multicas t devices (such as multicast routers or servers) in the mu lticast VLAN. This allows the multicast devic es to update [...]

  • Page 179

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 179 " Y our Switch automatically creates a static VLAN (wit h the same VID) when you create a multicast VLAN in this screen. Figure 88 Advanced Application > Multic ast > Multicast Setting > MVR The following table describes the re lated labels in this screen. T able 57 Advanced Appli[...]

  • Page 180

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 180 22.8 MVR Group Configuration All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group. Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. " A port can[...]

  • Page 181

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 181 Figure 89 Advanced Application > Multicast > Multic ast Setting > MVR: Group Configuration The following table describes the labels in this screen. 22.8.1 MVR Conf iguration Example The following figure shows a n etwork example where ports 1, 2 and 3 on the Switch belong to VLAN 1. In [...]

  • Page 182

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 182 Figure 90 MVR Configuration Example T o configure the MVR settings on the Switch, create a multic ast group in the MVR screen and set the receiver and source ports. Figure 91 MVR Configuration Example T o set the Switch to forward the multicast group tra ffic to the subscriber s, configure mult[...]

  • Page 183

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 183 Figure 93 MVR Group Configuration Exampl e[...]

  • Page 184

    Chapter 22 Multicast GS-4012F/4024 User ’s Guide 184[...]

  • Page 185

    GS-4012F/4024 User ’s Guide 185 C HAPTER 23 Authentication & Accounting This chapter describes how to configure authen tication and accounting settings on the Switch. 23.1 Authentication, Auth orization and Accounting Authentication is the process of determining who a user is and validating access to the Switch. The Switch can authenticate us[...]

  • Page 186

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 186 23.1.2 RADIUS and T ACACS+ RADIUS and T ACACS+ are security protocols used to authenticate users by means of an external server instead of (or in addition to) an internal device user data base that is limited to the memory capacity of the device. In es sence, RADIUS a[...]

  • Page 187

    Chapter 23 Authentication & Accounting GS-4012F/4024 User ’s Guide 187 Figure 96 Advanced Application > Auth an d Acct > RADIUS Server Setup The following table describes the labels in this screen. T able 60 Advanc ed Application > Auth a nd Acct > RADIUS Server Setup LABEL DESCRIPTION Authentication Serve r Use this section to co[...]

  • Page 188

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 188 23.2.2 T ACACS+ Server Setup Use this screen to configure your T ACACS+ server settings. See Section 23.1.2 on page 186 for more information on T ACACS+ servers. Click on the T ACACS+ Server Setup link in the Authentication and Accounting screen to view the screen as [...]

  • Page 189

    Chapter 23 Authentication & Accounting GS-4012F/4024 User ’s Guide 189 Figure 97 Advanced Application > Auth an d Acct > T ACACS+ Server Setup The following table describes the labels in this screen. T able 61 Advanc ed Application > Auth a nd Acct > T ACACS+ Serv er Setup LABEL DESCRIPTION Authentication Serve r Use this section [...]

  • Page 190

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 190 23.2.3 Authentication an d Accounting Setup Use this screen to configure authentication a nd accounting settings on th e Switch. Click on the Auth and Acct Setup link in the Authentication and Accounting screen to view the screen as shown. Shared Secret Specify a p as[...]

  • Page 191

    Chapter 23 Authentication & Accounting GS-4012F/4024 User ’s Guide 191 Figure 98 Advanced Application > Auth and Acct > Auth and Acct Setup The following table describes the labels in this screen. T able 62 Advanc ed Application > Auth a nd Acct > Auth and Acct Setup LABEL DESCRIPTION Authentication Use thi s section to specify th[...]

  • Page 192

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 192 Login The se fields specify which database the S witch sho uld use (first, second and th ird) to authenticate administrator accounts (users for Switch management). Configure the local user accounts in the Access Control > Logins screen . The T ACACS+ and RADIUS are[...]

  • Page 193

    Chapter 23 Authentication & Accounting GS-4012F/4024 User ’s Guide 193 23.2.4 V endor Specific Attribute RFC 2865 standard specifies a method for sending vendor -sp ecific information between a RADIUS server and a network acce ss device (for example, the Switch). A company can create V endor Specific Attributes (VSAs) to expa nd the functiona[...]

  • Page 194

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 194 23.2.4.1 T unnel Protocol Attribute Y ou can configure tunnel protocol attributes on the RADIUS server (refer to your RADIUS server documentation) to assign a port on the Switch to a VLAN based on IEEE 802.1x authentication. The port VLAN settings are fixed and untagg[...]

  • Page 195

    Chapter 23 Authentication & Accounting GS-4012F/4024 User ’s Guide 195 23.3.1 Attributes U sed for Authentication The following sections list the attributes sent from the Switch to the RADIUS server when performing authentication. 23.3.1.1 Attributes Used for Authe nticating Privilege Access User-Name - the format of the User-Name attribute i[...]

  • Page 196

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 196 23.3.2.2 Attributes Used for Acc ounting Exec Events The attributes are listed in th e following table along with the time that they are sent (the difference between Console and T elnet/SSH Exec events is that the T elnet/SSH events utilize the Calling-Station -Id att[...]

  • Page 197

    Chapter 23 Authentication & Accounting GS-4012F/4024 User ’s Guide 197 NAS-Port-T ype Y Y Y Acct-S tatus-T ype Y Y Y Acct-Delay-T ime Y Y Y Acct-Session-Id Y Y Y Acct-Authentic Y Y Y Acct-Input-Octets Y Y Acct-Output -Octets Y Y Acct-Session-T ime Y Y Acct-Input-Packets Y Y Acct-Output -Packets Y Y Acct-T erminate-Cause Y Acct-Input-Gigawords[...]

  • Page 198

    Chapter 23 Auth en tic at ion & Accoun ting GS-4012F/4024 User ’s Guide 198[...]

  • Page 199

    GS-4012F/4024 User ’s Guide 199 C HAPTER 24 IP Source Guard Use IP source guard to filter unauthorized DHCP and ARP packets in your network. 24.1 IP Source Guard Overview IP source guard u s es a binding tabl e to distinguish between authorized and unauthorized DHCP and ARP packets in your network. A b i nd ing contains these key attrib utes: •[...]

  • Page 200

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 200 T rusted ports are connected to DHCP servers or other sw itc hes. The Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high. The Switch learns dynamic bindings from trusted ports. " The Switch will drop al l DHCP requests if you en[...]

  • Page 201

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 201 24.1.1.3 DHCP Relay Option 82 Informa tion The Switch can add information to DHCP requests that it does not discard. This provides the DHCP server more information about the source of the requests. The Switc h ca n add the following information: • Slot ID (1 byte), port ID (1 by te), an[...]

  • Page 202

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 202 24.1.2.1 ARP Inspection and MAC Address Filters When the Switch identifies an unauthorized ARP packet, it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet. Y ou can configure ho w long the MAC addres[...]

  • Page 203

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 203 24.2 IP Source Guard Use this screen to look at the current bi ndings for DHCP snooping and ARP inspection. Bindings are used by DHCP snoo ping and ARP inspection to distinguis h between authorized and unauthorized packets in the network. The Switch learns th e bin dings by snooping DHCP [...]

  • Page 204

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 204 Figure 102 IP Source Guard S tatic Binding The following table describes the labels in this screen. T able 69 IP Source Guard Static Binding LABEL DESCRIPTION MAC Address Enter the source MAC add ress in the binding. IP Address Enter the IP address assigned to the MAC add ress in the bin[...]

  • Page 205

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 205 24.4 DHCP Snooping Use this screen to look at various statistics ab ou t the DHCP snooping da tabase. T o open this screen, click Advanced Application > IP Sour ce Guard > DHCP Snooping . Figure 103 DHCP Snooping[...]

  • Page 206

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 206 The following table describes the labels in this screen. T able 70 DHCP Snooping LABEL DESCRIPTION Dat abase S tatus This section displays the current settings for the DHCP snoo pin g database. Y ou can co nfigure them in the DHCP Snooping Configure screen. See Secti on 24.5 on page 208 [...]

  • Page 207

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 207 Successful writes Thi s field displays the nu mber of times the Switch updated the bindings in the DHCP snooping da tabase successfully . Failed writes This field displays the numb er of times the Sw itch was unable to update the bindings in the DHCP snooping database. Database detail Fir[...]

  • Page 208

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 208 24.5 DHCP Snooping Configure Use this scr een to enable DHCP snoo ping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and configure the DHCP snooping database. The DHCP snooping database stores the current bi ndings on a secure, external [...]

  • Page 209

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 209 24.5.1 DHCP Snoopi ng Port Configure Use this screen to specify whether ports are tr usted or untrusted ports for DHCP snoopin g . " The Switch will drop al l DHCP requests if you enable DHCP sn ooping and there are no trusted ports. Y ou can also specify the maximum number for DHCP [...]

  • Page 210

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 210 Figure 105 DHCP Snooping Port Configure The following table describes the labels in this screen. T able 72 DHCP Snooping Port Configure LABEL DESCRIPTION Port This field displays the port number . If you configure the * port, the settings are applied to all of the ports. Server Trusted s[...]

  • Page 211

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 21 1 24.5.2 DHCP Snoo ping VLAN Configure Use this scr een to enable DHCP snoo ping on each VLAN and to specify whether or not the Switch adds DHCP relay agen t option 82 informat ion ( Chap ter 33 on page 259 ) to DHCP requests that the Switch relays to a DHCP serve r for each VLAN. T o open[...]

  • Page 212

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 212 24.6 ARP Inspection St atus Use this screen to look at the current list of MAC address f ilters that were cr eated because the Switch identified an unauthoriz ed A RP packet. When the Switc h identifies an unauthorized ARP packet, it automatically creates a MAC ad dress filter to block t[...]

  • Page 213

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 213 Figure 108 ARP Inspection VLAN S tatus The following table describes the labels in this screen. 24.6.2 ARP Inspection Log St atus Use this screen to look at log messages that we re generated by ARP packets and th at have not been sent to the syslog server ye t. T o open this screen, click[...]

  • Page 214

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 214 Figure 109 ARP Inspection Log S tatus The following table describes the labels in this screen. T able 76 ARP Inspection Log Status LABEL DESCRIPTION Clearing log status table Click Apply to remove all the log messages that were generated by ARP packets and that have not been sent to the [...]

  • Page 215

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 215 24.7 ARP Inspection Configure Use this screen to enable ARP in spection on the Switch. Y ou can also configure the length of time the Switch stores records of discarded AR P packets and global settings for the ARP inspection log. T o open this screen, click Advanced Application > IP So[...]

  • Page 216

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 216 24.7.1 ARP Inspection Port Configure Use this screen to specify whether ports are trus ted or untrusted ports for ARP inspection. Y ou can also specify the maximum rate at whic h the Switch receives ARP packets on each untrusted port. T o open this screen, click Advanced Application >[...]

  • Page 217

    Chapter 24 IP Source Guard GS-4012F/4024 User ’s Guide 217 The following table describes the labels in this screen. 24.7.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packet s from each VLAN. T o open this screen, click Advanced Applica[...]

  • Page 218

    Chapter 24 IP Source G uard GS-4012F/4024 User ’s Guide 218 The following table describes the labels in this screen. T able 79 ARP Inspec tion VLAN Configure LABEL DESCRIPTION VLAN Use this section to specify the VLANs you want to manage in the section below . S tart VID Enter the lowest VLAN ID you want to manage in the section be l ow . End VID[...]

  • Page 219

    GS-4012F/4024 User ’s Guide 219 C HAPTER 25 Loop Guard This chapter shows you how to configure the Switch to guard against loops on the edge of your network. 25.1 Loop Guard Overview Loop guard allows you to config ure the Switch to shut down a port if it detects that packets sent out on that port loop back to the Switch. W hile you can use Spann[...]

  • Page 220

    Chapter 25 Loop Guard GS-4012F/4024 User ’s Guide 220 The following figure shows port N on switch A connected to switch B . Switch B is in loop state. When broadcast or multicast packets leave port N and reach switch B , they are sent back to port N on A as they are rebroadcast from B. Figure 1 14 Switch in Loop S tate The loop guard feature chec[...]

  • Page 221

    Chapter 25 Loop Guar d GS-4012F/4024 User ’s Guide 221 " After resolving the loop problem on your network you can re-activate the disabled port via the w eb configurator (see Section 7.7 on page 85 ) or via commands (see Section 45.12.4 on p age 368 ) . 25.2 Loop Guard Setup Click Advanced App lication > Loop Guard in the navigation panel[...]

  • Page 222

    Chapter 25 Loop Guard GS-4012F/4024 User ’s Guide 222 Active Select this check box to enable the loop guard feature on this port. The Switch sends probe packets from this port to check if the sw itch it is conn ected to is in loop state. If the switch that th is port is connected is in loop state the Switch will shut down this port. Clear this ch[...]

  • Page 223

    223 P ART IV IP Application S tat ic Route (225) RIP (227) OSPF (229) IGMP (241) DVMRP (245) IP Multicast (249) Differentiated Services (251) DHCP (259) VRRP (267)[...]

  • Page 224

    224[...]

  • Page 225

    GS-4012F/4024 User ’s Guide 225 C HAPTER 26 Static Route This chapter shows you how to configure static routes. 26.1 Configuring S tatic Routing Stat ic routes tell the Switch how to forward IP traffic when yo u configure the TCP/IP parameters manually . Click IP Application , S tatic Routing in the navigation panel to di splay the screen as show[...]

  • Page 226

    Chapter 26 Stat ic Route GS-4012F/4024 User ’s Guide 226 Metric The metric represents the “cost” of transmission for rout ing purposes. IP routing uses hop count as the measurement of cost, wi th a minimum o f 1 for directly connected networks. Enter a number that approximates the cost for this link. The number need not be precise, but it mus[...]

  • Page 227

    GS-4012F/4024 User ’s Guide 227 C HAPTER 27 RIP This chapter shows you h o w to configure RIP (Routing Information Protocol). 27.1 RIP Overview RIP (Routing Information Protocol) allows a rou ting device to exchange routing information with other routers. The Direction field controls the sending an d receiving of RIP packets. When set to: • Bot[...]

  • Page 228

    Chapter 27 RIP GS-4012F/4024 User ’s Guide 228 Figure 1 19 RIP The following table describes the labels in this screen. T able 82 RIP LABEL DESCRIPTION Active Select this check box to enabl e RIP on the Switch. Index This field disp lays the index number of an IP interface. Network This field displays th e IP in terface configured on the Switch. [...]

  • Page 229

    GS-4012F/4024 User ’s Guide 229 C HAPTER 28 OSPF This chapter describes the OSPF (Open Shortest Path First) routing protocol and shows you how to configure OSPF . 28.1 OSPF Overview OSPF (Open Shortest Path First) i s a link-state protocol designed to distribut e routing information within an autonomo us system (AS). An autonomous system is a col[...]

  • Page 230

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 230 The following figure depicts an OSPF networ k example. The backbone is area 0 with a backbone router . The internal routers are in a r ea 1 and 2. The area border routers connect area 1 and 2 to the backbone. Figure 120 OSPF Network Example 28.1.2 How OSPF Wo rks Layer 3 devices exchange routin g in[...]

  • Page 231

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 231 Figure 121 OSPF Router Election Example Y ou can assign a priority to an interface which determines whether this router will be elected to be a DR or BDR. The router with the highes t priority becomes the DR , while a router with a priority of 0 does not particip ate in router elections. In Figure 1[...]

  • Page 232

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 232 Figure 122 OSPF S tatus The following table describes the labels in this screen. The following table describes some common output fields. T able 85 OSPF S tatus LABEL DESCRIPTION OSPF This field displays whether OSPF is activate d ( Running ) or not ( Down ). Interface The text box displays the OSPF[...]

  • Page 233

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 233 28.3 OSPF Configuration Use this scree n to activate OSPF an d set general settings. Click IP Ap plication , OSPF and the Configuration link to display the OSPF Configurati on screen. S ee Section 28. 1 on page 229 for more information on OSPF . S tate This fi eld displays the state of the Switch ( [...]

  • Page 234

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 234 OSPF Configuration: Activ at ing and General Settings The follow table describes the related labels in this screen. T able 87 OSPF Configuration: Activating and General Settings LABEL DESCRIPTION Active OSPF is disabled by default. Select this option to enable it. Router ID Router ID uniquely identi[...]

  • Page 235

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 235 28.4 Configure OSPF Areas T o ensure that the Switch receives only routin g information from a trusted layer 3 devices, activate authentication. The OSPF sup ports three authentication methods: • None – no authentication is used. • Simple – authenticate link state upda tes usi ng an 8 printa[...]

  • Page 236

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 236 28.4.1 V iew OSPF Area Information T able The bottom of the OSPF Configuration screen displays a summary table of all the OSPF areas you have configured. Figure 124 OSPF Configuration: Summary T able The following table describes the re lated labels in this screen. 28.5 Configuring OSPF Interfaces T[...]

  • Page 237

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 237 In the OSPF Configuration screen, click Interface to display the OSPF Interface screen. Figure 125 OSPF Interface The following table describes the labels in this screen. T able 90 OSPF Interfac e LABEL DESCRIPTION Network Select an IP interface. Area ID Select the area ID (that us e s the format of[...]

  • Page 238

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 238 28.6 OSPF V irtual-Links Configure and view virtual link settings in this screen. See Section 28.1 on page 229 for more information on OSPF . In the OSPF Configuration screen, click V irtual-Link to display the sc reen as shown ne xt. Figure 126 OSPF Vi r tual Link Priority The priority you assign t[...]

  • Page 239

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 239 The following table describes the re lated labels in this screen. T able 91 OSPF Virtual-Link LABEL DESCRIPTION Name Enter a descriptive name (up to 32 prin table ASCII characters) for identification purposes. Area ID Select the area ID (that uses the format of an IP address in dotted decimal notati[...]

  • Page 240

    Chapter 28 OSPF GS-4012F/4024 User ’s Guide 240[...]

  • Page 241

    GS-4012F/4024 User ’s Guide 241 C HAPTER 29 IGMP This chapter shows you how to conf igure the Switch as a multicast router . 29.1 IGMP Overview IP multicast is an IETF standard for distributi ng data to multiple recipients. The following figure shows a multicast session and the rela tionship between a multicast se rver , multicast routers and mul[...]

  • Page 242

    Chapter 29 IG M P GS-4012F/4024 User ’s Guide 242 The Switch supports IGMP version 1 ( IGMP-v1 ), version 2 ( IGMP-v2 ) and IGMP version 3 ( IGMP-v3 ). Refer to RFC 1 1 12, RFC 2236 and RFC 3376 for informa tion on IGMP versions 1, 2 and 3 respectively . At start up, the Switc h queries all directly connected networks to gather group memb ersh ip[...]

  • Page 243

    Chapter 29 IGMP GS-4012F/4024 User ’s Guide 243 IGMP version 3 allows a multicast host to join a multicast group and specify from which source (multicast server) it wants to receive multi cast packets. Alternatively , a multicast host can specify from which multicast servers it does not want to receive multic ast packets. In the following figure [...]

  • Page 244

    Chapter 29 IG M P GS-4012F/4024 User ’s Guide 244 The following table describes the labels in this screen. T able 92 IP Application > IGMP LABEL DESCRIPTION Active Select this check box to enable IGMP on the Switch. Note: Y ou cannot enable both IGMP snooping and IGMP at the same time. Refer to Section 22.3 on p age 172 for more information on[...]

  • Page 245

    GS-4012F/4024 User ’s Guide 245 C HAPTER 30 DVMRP This chapter introduces DVMRP an d tells you how to configure it. 30.1 DVMRP Overview DVMRP (Distance V ector Multicast Routing Protoc ol) is a protocol used for routing multicast data within an autonomous system (AS). This DVMRP implementation is based on draft-ietf- idmr-dvmrp-v3-10. DVMRP provi[...]

  • Page 246

    Chapter 30 DV MR P GS-4012F/4024 User ’s Guide 246 Figure 132 How DVMRP Works 30.2.1 DVMRP T erminology DVMRP probes are used to discover other DVMRP Neighbors on a network. DVMRP reports are used to exch ange DVMRP source routing in formation. These packets are used to build the DVMRP multicast routing table that is used to build source trees an[...]

  • Page 247

    Chapter 30 DVMRP GS-4012F/4024 User ’s Guide 247 30.3.1 DVMRP Configuration Error Messages Y ou must have IGMP/RIP enabled when you en able DVMRP; otherwise you see the screen as in the next figure. Figure 134 DVMRP: IGMP/RIP Not Set Error When you disable IGMP , but DVMRP is still active you also see another warning screen. Figure 135 DVMRP: Una[...]

  • Page 248

    Chapter 30 DV MR P GS-4012F/4024 User ’s Guide 248 30.4 Default DVMRP T imer V alues The following are some default DVMRP timer values. T able 94 DVMRP: Default Timer Values DVMRP FIELD DEFAULT V ALUE Probe interval 10 sec Report interval 35 sec Route expiration ti me 140 sec Prune lifetime V ariable (less than tw o hours) Prune retransmission ti[...]

  • Page 249

    GS-4012F/4024 User ’s Guide 249 C HAPTER 31 IP Multicast This chapter shows you how to configure the IP Multicast screen. 31.1 IP Multicast Overview T raditionally , IP pack ets are transmitted in one of either tw o ways - Unicast (one sender to one recipient) or Broadcast (one sender to every body on the network). IP Multicast is a third way to [...]

  • Page 250

    Chapter 31 IP Multicast GS-4012F/4024 User ’s Guide 250 The following table describes the labels in this screen. T able 95 IP Mult icast LABEL DESCRIPTION Port This read-only field displays the port number . * S ettings in this row apply to all ports. Use this row only if you want to make some se ttings the same for all ports. Use this row first [...]

  • Page 251

    GS-4012F/4024 User ’s Guide 251 C HAPTER 32 Differentiated Services This chapter shows you how to configure Dif fe rentiated Services (DiffServ) on the Switch. 32.1 DiffServ Overview Quality of Service (QoS) is used to prioritize so urce-to-destination traffic flows. All packets in the flow are given the same priority . Y ou can use CoS (class of[...]

  • Page 252

    Chapter 32 Differe ntiated Services GS-4012F/4024 User ’s Guide 252 32.1.2 DiffServ Network Example The following figure depicts a DiffServ networ k consisting of a group of directly connected DiffServ-compliant network devices. The boundary node ( A in Figure 139 ) in a Dif fServ network classifies (marks with a DSCP value) th e incoming packets[...]

  • Page 253

    Chapter 32 Differentiated Se rvices GS-4012F/4024 User ’s Guide 253 • Green (low loss priority level) packets are forwarded. TR TCM operates in one of two modes: color-bl ind or color-aware. In color-blind mode, packets are marked based on evaluating against the PIR and CIR regardless of if they have previously been marked or not. In the color-[...]

  • Page 254

    Chapter 32 Differe ntiated Services GS-4012F/4024 User ’s Guide 254 32.3 Activating DiffServ Activate DiffServ to apply marking rules or I EEE 802.1p pri o rity mapping on the selected port(s). Click IP Application > DiffServ in th e navigation panel to display the screen as sho w n. Figure 142 IP Application > Dif fServ The following table[...]

  • Page 255

    Chapter 32 Differentiated Se rvices GS-4012F/4024 User ’s Guide 255 " Y ou cannot enable both TRTCM and Bandwid th Control at the same time. Figure 143 IP Application > Dif fServ > 2-rate 3 Colo r Marker The following table describes the labels in this screen. T able 97 IP Application > DiffServ > 2-rate 3 Colo r Marker LABEL DES[...]

  • Page 256

    Chapter 32 Differe ntiated Services GS-4012F/4024 User ’s Guide 256 32.4 DSCP-to-IEEE 802.1p Priority Settings Y ou can configure the DSCP to IEEE 80 2.1p ma pping to allow the Switch to prioritize all traffic based on the in coming DSCP value according to th e DiffServ to IEEE 802.1p mapping table. The following table shows t he default DSCP-to-[...]

  • Page 257

    Chapter 32 Differentiated Se rvices GS-4012F/4024 User ’s Guide 257 The following table describes the labels in this screen. T able 99 IP Application > DiffServ > DSCP Setting LABEL DESCRIPTION 0 … 63 This is the DSCP classi fi cation identification numb er . T o set the IEEE 802.1p priority mapping, select the priority level from the dro[...]

  • Page 258

    Chapter 32 Differe ntiated Services GS-4012F/4024 User ’s Guide 258[...]

  • Page 259

    GS-4012F/4024 User ’s Guide 259 C HAPTER 33 DHCP This chapter shows you how to configure the DHCP feature. 33.1 DHCP Overview DHCP (Dynamic Host Configuration Protocol RFC 2131 and RFC 2132) allows individual computers to obtain TCP/IP configuration at start-up from a server . Y ou can configure the Switch as a DHCP server or a DHCP relay agen t.[...]

  • Page 260

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 260 33.2 DHCP S tatus Click IP Application > DHCP in the navigation panel. The DHCP S tatus screen displays. Figure 145 IP Application > DHCP S tatus The following table describes the labels in this screen. 33.3 DHCP Server S t atus Detail Click IP Application > DHCP in the navig ation panel an[...]

  • Page 261

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 261 The following table describes the labels in this screen. 33.4 DHCP Relay Configure DHCP relay on the Switch if the DH CP clients and the DHCP server are not in the same broadcast domain. During the initial IP address leasing, the Switch helps to relay network information (such as the IP address an d[...]

  • Page 262

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 262 The DHCP Relay Agent Information feature adds an Agent Information field to the Option 82 field. The Option 82 field is in the DHCP headers of client DHCP request frames that the Switch relays to a DHCP server . Relay Agent Information can include the System Name of the Switch if you select this opt[...]

  • Page 263

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 263 33.4.3 Global DHCP Re lay Configuration Example The follow figure shows a network exam ple where the Switch is us ed to relay DHCP reque sts for the VLAN1 and VLAN2 domains. There is only one DHCP server that s ervices the DHCP clients in both domains. Figure 148 Global DHCP Relay Network Exam ple C[...]

  • Page 264

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 264 33.5 Configuring DHCP VLAN Settings Use this screen to configure your DHCP settin gs based on the VLAN domain of the DHCP clients. Click IP Application > DHCP in the navigation panel, then click the VLAN link In the DHCP S tatus screen that displays. " Y ou must set up a management IP addres[...]

  • Page 265

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 265 The following table describes the labels in this screen. T able 104 IP Application > DH CP > VLAN LABEL DESCRIPTION VID Enter the ID number of the VLAN to which these DHCP setting s apply . DHCP S tatus Select whether the Swit ch should fun ction as a DHCP Server or Relay for the specified VID[...]

  • Page 266

    Chapter 33 DHCP GS-4012F/4024 User ’s Guide 266 33.5.1 Example: DHCP Relay for T wo VLANs The following examp le displays two VLANs (VIDs 1 and 2) for a campus network . T wo DHCP servers are installed to serve each VLAN. The system is set up to forw ard DHCP requests from the dormitory rooms (VLAN 1) to the DHCP server with an IP address of 192.[...]

  • Page 267

    GS-4012F/4024 User ’s Guide 267 C HAPTER 34 VRRP This chapter shows you how to configure and monitor the V irtual Router Redundan c y Protocol (VRRP) on the Switch. 34.1 VRRP Overview Each host on a network is configur ed to send pa ckets to a statically co nfigured default gateway (this Switch). The default gateway ca n become a single point of [...]

  • Page 268

    Chapter 34 VRRP GS-4012F/4024 User ’s Guide 268 If switch A (the master router) is unavailable, switch B takes over . T raf fic is then processed by switch B . 34.2 VRRP S tatus Click IP Application , VRRP in the navigation panel to display the VRRP S tatus screen as shown next. Figure 154 VRRP S tatus The following table describes the labels in [...]

  • Page 269

    Chapter 34 VR RP GS-4012F/4024 User ’s Guide 269 34.3 VRRP Configuration The following sections describe the differen t parts of the VRR P Configuration screen. 34.3.1 IP Interface Setup Before configuring VRRP , first create an IP interface (or routing domain) in the IP Setup screen (see the Sectio n 7.6 on page 83 for more information). Click I[...]

  • Page 270

    Chapter 34 VRRP GS-4012F/4024 User ’s Guide 270 34.3.2 VRRP Parameters This section describes the VRRP parameters. 34.3.2.1 Advertisement Interval The master router sends out Hello messages to le t the other backup routers know that it is still up and running. The time inte rval between sending the Hello messages is the advertise ment interval. B[...]

  • Page 271

    Chapter 34 VR RP GS-4012F/4024 User ’s Guide 271 34.3.3 Configuring VRRP Parameters After you set up an IP interface, co nfigure the VRRP parameters in the VRRP Configuration screen. Figure 156 VRRP Configuration: VRRP Parameters The following table describes the labels in this screen. T able 107 VRRP Configuration: VRR P Parameters LABEL DESCRIP[...]

  • Page 272

    Chapter 34 VRRP GS-4012F/4024 User ’s Guide 272 34.4 VRRP Configuration Summary T o view a summary of all VRRP configurations on the Switch, scroll down to the bottom of the VRRP Configuration screen. Figure 157 VRRP Configuration: Summary The following table describes the labels in this screen. 34.5 VRRP Configuration Examples The following sect[...]

  • Page 273

    Chapter 34 VR RP GS-4012F/4024 User ’s Guide 273 Figure 158 VRRP Configuration Example: One V irtual Router Network Y ou want to set switch A as the master r outer . Configure the VRRP parameters in t h e VRRP Configuration screens on the switches as shown in the figures below . Figure 159 VRRP Example 1: VRRP Parame ter Settings on Switch A Figu[...]

  • Page 274

    Chapter 34 VRRP GS-4012F/4024 User ’s Guide 274 Figure 162 VRRP Example 1: VRRP S tatus on Switch B 34.5.2 T wo Subn et s Example The following figure depicts an example in which two switches share the network traffic. Hosts in the two network g roups use different de faul t gateways. Each switch is configured to backup a virtual router using VRR[...]

  • Page 275

    Chapter 34 VR RP GS-4012F/4024 User ’s Guide 275 Figure 165 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch B After configuring and saving the VRRP config ura tion, the VRRP S tatus screens for both switches are shown next. Figure 166 VRRP Example 2: VRRP S tatus on Switch A Figure 167 VRRP Example 2: VRRP S tatus on Switch B[...]

  • Page 276

    Chapter 34 VRRP GS-4012F/4024 User ’s Guide 276[...]

  • Page 277

    277 P ART V Management, CLI, T roubleshooting Maintenance (279) Access Control (285) Diagnostic (303) Syslog (305) Cluster Managemen t (309) MAC T able (315) IP T able (317) ARP T able (319) Routing T able (321) Configure Clone (323) Introducing Commands (325) User and Enable Mode Comman ds (377) Configuration Mode Comman ds (38 3) Interface Comman[...]

  • Page 278

    278[...]

  • Page 279

    GS-4012F/4024 User ’s Guide 279 C HAPTER 35 Maintenance This chapter explains how to configure the sc reens that let you maintain the firmware and configuration files. 35.1 The Maintenance Screen Use this screen to manage firmware and you r configuration files. Click Management , Maintenance in the navigation panel to open the followi ng screen. [...]

  • Page 280

    Chapter 35 Maintenance GS-4012F/4024 User ’s Guide 280 35.2 Load Factory Default Follow the steps below to reset the Switch back to the factory defaults. 1 In the Maintenance screen, click the Click Here button next to Load Fact or y Default to clear all Switch configuration informatio n y ou configured and return t o the factory defaults. 2 Clic[...]

  • Page 281

    Chapter 35 Maintenance GS-4012F/4024 User ’s Guide 281 35.4 Reboot System Reboot System allows you to restart the Switch withou t physically turning the power off. It also allows you to lo ad configuration o ne ( Config 1 ) or configuration two ( Config 2 ) when you reboot. Follow the steps be low to reboot the Switch. 1 In the Maintenance screen[...]

  • Page 282

    Chapter 35 Maintenance GS-4012F/4024 User ’s Guide 282 35.6 Restore a Configuration File Restore a previously saved configuration fro m your computer to the Switc h using the Restore Configuration screen. Figure 172 Restore Configuration T ype the path and file name of the config uration file you wish to restore in the File Path text box or click[...]

  • Page 283

    Chapter 35 Maintenance GS-4012F/4024 User ’s Guide 283 35.8 FTP Command Line This section shows some examples of uploadin g to or downloading files from the Switch using FTP commands. First, understan d the filename conventions. 35.8.1 Filename Conventions The configuration file (also known as the romf ile or ROM) contains t he factory default se[...]

  • Page 284

    Chapter 35 Maintenance GS-4012F/4024 User ’s Guide 284 5 Enter bin to set transfer mode to binary . 6 Use put to transfer files from the comput er to the Switch, for example, put firmware.bin ras transfers the firmware on your computer (firmware.bin) to the Switch and renames it to “ras”. Similarly , put config.cfg c onfig transfers the confi[...]

  • Page 285

    GS-4012F/4024 User ’s Guide 285 C HAPTER 36 Access Control This chapter describes how to control access to the Switch. 36.1 Access Control Overview A console port and FTP are allowe d one session each, T elnet and SSH share nine sessions, up to five W eb sessions (five di fferent usernames and passwords ) and/or limitless SNMP access control sess[...]

  • Page 286

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 286 36.3 About SNMP Simple Network Management Protocol (SNMP) is an application layer protocol us ed to manage and monitor TCP/IP-based devices. SNMP is used to exchange management information between th e network manageme nt system (NMS) and a network element (NE). A manager station can m ana[...]

  • Page 287

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 287 36.3.1 SNMP v3 and Security SNMP v3 enhances security for SNMP manage ment. SNMP managers can be required to authenticate with agents before co nducting SNMP mana gement sessions. Security can be further enhanced by encryp ting the SNMP mes sages sent from the managers. Encryption protects[...]

  • Page 288

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 288 temperature T emperatu reEventOn GS-4012F: 1.3.6.1.4.1.890. 1.5.8.20.37.2.1 GS-4024: 1.3.6.1.4.1.890. 1.5.8.13.37.2.1 This trap is sent when the temperature goes above or below the normal operating rang e. T emperatur eEventClear GS-4012F: 1.3.6.1.4.1.890. 1.5.8.20.37.2.2 GS-4024: 1.3.6.1.[...]

  • Page 289

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 289 T able 1 14 SNMP InterfaceTraps OPTION OBJECT LABEL OBJECT ID DESCRIPTION linkup linkU p 1.3.6.1.6 .3.1.1.5. 4 This trap is sent when the Ethernet link is up. LinkDownEventClear GS-4012F: 1.3.6.1.4.1.890. 1.5.8.20.37.2.2 GS-4024: 1.3.6.1.4.1.890. 1.5.8.13.37.2.2 This trap is sent when the [...]

  • Page 290

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 290 accounting RADIUSAccountingNo tReach ableEventOn GS-4012F: 1.3.6.1.4.1. 890.1.5.8. 20.37.2.1 GS-4024: 1.3.6.1.4.1. 890.1.5.8. 13.37.2.1 This trap is sent when there is no response message from the RADIUS accounting server . RADIUSAccountingNotReach ableEventClear GS-4012F: 1.3.6.1.4.1. 890[...]

  • Page 291

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 291 36.3.4 Configuring SNMP From the Access Control screen, display the SNMP screen. Y ou can click Acce ss Control to go back to the Access C ontro l screen. Use this screen to configure your SNMP settings. T able 1 17 SNMP Switch Traps OPTION OBJECT LABEL OBJECT ID DESCRIPTION stp STPNewRoot[...]

  • Page 292

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 292 Figure 176 Access Cont rol: SNMP The following table describes the labels in this screen. T able 1 18 Access Control: SNMP LABEL DESCRIPTION General Setting Use this s e ction to sp ecify the SNMP version and community (password) values. V ersion Select the SNMP version for the Swit ch. Th[...]

  • Page 293

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 293 36.3.5 Configuring SNMP T rap Group From the SNMP sc reen, click Tr a p G r o u p to view the screen as shown. Use the Tr a p Gr oup screen to specify the types of SNMP traps that should be sent to each SNMP manager . Port Enter the port number upon which the manager listens fo r SNMP trap[...]

  • Page 294

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 294 Figure 177 Access Control: SNMP: T r ap Group The following table describes the labels in this screen. 36.3.6 Setting Up Login Account s Up to five people (one ad ministrator and four non-administrators) may access the Switch via web configurator at any one time. • An administrator is so[...]

  • Page 295

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 295 • A non-administrato r (username is something o ther than admin ) is some one who can view but not configure Switch settings. Click Access Control from the navigation panel and then click Logins from this screen. Figure 178 Access Control: Logins The following table describes the labels [...]

  • Page 296

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 296 36.4 SSH Overview Unlike T elnet or FTP , which transmit data in clear text, SSH (Secure Shell) is a secure communication protoc ol that combines authenticatio n and data encryption to provide secure encrypted communication bet w een two hosts over an un secured network. Figure 179 SSH Com[...]

  • Page 297

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 297 2 Encryption Method Once the identification is verified, both the c lient and server must agree on the type of encryption method to use. 3 Authentication and Data T ransmission After the identification is verified and data encryption activated, a secure tunnel is established between the cl[...]

  • Page 298

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 298 Figure 181 HTTPS Implement ation " If you disable HTTP in the Service Access Control screen, then the Switch blocks all HTTP connection attempts. 36.8 HTTPS Example If you haven’t changed the default HTTPS port on the Switch, then in your browser enter “https://Switch IP Address/?[...]

  • Page 299

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 299 36.8.2 Net scape Navigator W arning Messages When you attempt to access the Switch HTTPS server , a W ebsite Certified by an Unknown Authority screen pops up asking if you trus t the server certificate. Click Examine Certificate if you want to verify that th e certificate is from the Switc[...]

  • Page 300

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 300 Figure 185 Example: Lock Denotin g a Sec ur e Conn ec tio n 36.9 Service Port Access Control Service Access Control allows you to decide wh at service s you ma y use to access the Switch. Y ou may also change the defau lt service port an d configure “truste d co mputer(s)” for each ser[...]

  • Page 301

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 301 The following table describes th e fields in this screen. 36.10 Remote Management From the Access Control screen, display the Remote Management screen as shown next. Y ou can specify a group of one or more “trust ed computers” from which an administrator may use a service to manage the[...]

  • Page 302

    Chapter 36 Access Control GS-4012F/4024 User ’s Guide 302 Te l n e t / F T P / HTTP/ICMP/ SNMP/SSH/ HTTPS Select services that may be used for managi ng the Switch from the specified tru sted computers. Apply Cli ck Apply to save your changes to the Switch ’ s run-time memory . The Switch loses these changes if it is turned off or loses power ,[...]

  • Page 303

    GS-4012F/4024 User ’s Guide 303 C HAPTER 37 Diagnostic This chapter explains the Diagnostic screen. 37.1 Diagnostic Click Management , Diagnostic in the naviga tion panel to open th is screen. U se this screen to check system logs, ping IP addresses or perform port tests. Figure 188 Diagnostic The following table describes the labels in this scre[...]

  • Page 304

    Chapter 37 Diagnostic GS-4012F/4024 User ’s Guide 304[...]

  • Page 305

    GS-4012F/4024 User ’s Guide 305 C HAPTER 38 Syslog This chapter explains the syslog screens. 38.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event mes sages. A syslog-enabled device can generate a syslog message and send it to a syslog server . Sys[...]

  • Page 306

    Chapter 38 Sy slog GS-4012F/4024 User ’s Guide 306 Figure 189 Syslog The following table describes the labels in this screen. 38.3 Syslog Server Setup Click Management and then Syslog in the navigation panel to display the Syslog Setup screen. Click the Syslog Server Setup link to open the following screen. Use this screen to configure a list of [...]

  • Page 307

    Chapter 38 Syslog GS-4012F/4024 User ’s Guide 307 Figure 190 Syslog: Server Se tup The following table describes the labels in this screen. T able 126 Syslog: Server Setup LABEL DESCRIPTION Active Select this check box to have the devic e send logs to this syslog server . Clear the check box if you want to create a syslog server entry but not hav[...]

  • Page 308

    Chapter 38 Sy slog GS-4012F/4024 User ’s Guide 308[...]

  • Page 309

    GS-4012F/4024 User ’s Guide 309 C HAPTER 39 Cluster Management This chapter introduces cluster management. 39.1 Cluster Management S tatus Overview Cluster Managemen t allows you to manage s w itches through one Switch, called the cluster manager . The switches must be directly connec ted and be in the same VLAN group so as to be able to communic[...]

  • Page 310

    Chapter 39 Clust er Managem ent GS-4012F/4024 User ’s Guide 310 Figure 191 Clustering Application Example 39.2 Cluster Management S tatus Click Management , Cluster Management in the navigation panel to display the following screen. " A cluster can only have one manager . Figure 192 Cluster Management: S ta tus[...]

  • Page 311

    Chapter 39 Clust er Managem ent GS-4012F/4024 User ’s Guide 31 1 The following table describes the labels in this screen. 39.2.1 Cluster Member Switch Management Go to the Clustering Management S tatus screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web co[...]

  • Page 312

    Chapter 39 Clust er Managem ent GS-4012F/4024 User ’s Guide 312 Figure 194 Example: Uploading Firmware to a Clu ster Member Switch The following table explains some of the FTP parameters. 39.3 Clustering Management Configuration Use this screen to configure clustering management. Click Configuration from the Cluster Management screen to display t[...]

  • Page 313

    Chapter 39 Clust er Managem ent GS-4012F/4024 User ’s Guide 313 Figure 195 Clustering Manageme nt Configuration The following table describes the labels in this screen. T able 130 Clustering Management Configuration LABEL DESCRIPTION Clustering Manager Active Select Active to have this Switch b ecome the cluster manager switch. A cluster can only[...]

  • Page 314

    Chapter 39 Clust er Managem ent GS-4012F/4024 User ’s Guide 314 Apply Click Apply to save your changes to the Switch’s run-ti me memory . The Swi tch loses these changes if it is turned off or loses power , so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Clic[...]

  • Page 315

    GS-4012F/4024 User ’s Guide 315 C HAPTER 40 MAC Table This chapter introduces the MAC T able screen. 40.1 MAC T able Overview The MAC T able screen (a MAC table is also known as a filtering database) shows how frames are forwarded or filtered across the Switch’ s ports. It shows what device MAC address, belonging to what VLAN group (if any) is [...]

  • Page 316

    Chapter 40 M AC Ta b le GS-4012F/4024 User ’s Guide 316 40.2 V iewing the MAC T able Click Management , MAC T able in the navigation panel to di splay the following screen. Figure 197 MAC T able The following table describes the labels in this screen. T able 131 MAC T able LABEL DESCRIPTION Sort by Click one of the foll owing buttons to display a[...]

  • Page 317

    GS-4012F/4024 User ’s Guide 317 C HAPTER 41 IP Table This chapter introduces the IP table. 41.1 IP T able Overview The IP T able screen shows how packets are forwarded or filtered across the Switch’ s port s. It shows what de vice IP address, belo nging to wh at VLAN group (if any) is forwarded to which port(s) and whether the IP addres s is dy[...]

  • Page 318

    Chapter 41 IP Table GS-4012F/4024 User ’s Guide 318 41.2 V iewing the IP T able Click Management , IP T able in the navigation panel to display the following screen. Figure 199 IP T able The following table describes the labels in this screen. T able 132 IP Table LABEL DESCRIPTION Sort by Click one of the following buttons to display and arrange [...]

  • Page 319

    GS-4012F/4024 User ’s Guide 319 C HAPTER 42 ARP Table This chapter introduces ARP T able. 42.1 ARP T able Overview Address Resolution Protocol (ARP) is a prot ocol for mapping an Internet Protocol address (IP address) to a physical machine address, al so known as a Media Access Control or MAC address, on the local area network. An IP (version 4) [...]

  • Page 320

    Chapter 42 ARP Tab le GS-4012F/4024 User ’s Guide 320 Figure 200 ARP T able The following table describes the labels in this screen. T able 133 ARP Table LABEL DESCRIPTION Index This is the ARP T able entry number . IP Address This is the learned IP address of a device connected to a Switch port with corresponding MAC address below . MAC Address [...]

  • Page 321

    GS-4012F/4024 User ’s Guide 321 C HAPTER 43 Routing Table This chapter introduces the routing table. 43.1 Overview The routing table contains the route information to the networ k(s) that the Switch can reach. The Switch automatically updates the routing table with the RIP information received from other Ethernet devices. 43.2 V iewing the Routin[...]

  • Page 322

    Chapter 43 Rou tin g Ta b l e GS-4012F/4024 User ’s Guide 322[...]

  • Page 323

    GS-4012F/4024 User ’s Guide 323 C HAPTER 44 Configure Clone This chapter shows you how you can copy the settings of one port onto other ports. 44.1 Configure Clone Cloning allows you to co py the basic and advanced settings fro m a sour ce port to a destination port or ports. Click Management , Configure Clon e to open the following screen. Figur[...]

  • Page 324

    Chapter 44 Con fig ur e Clo ne GS-4012F/4024 User ’s Guide 324 The following table describes the labels in this screen. T able 135 Configure Clone LABEL DESCRIPTION Source/ Destination Port Enter the source port under the Source label. This port’s attributes are copied. Enter the destination port or ports under the Destination label. Thes e ar [...]

  • Page 325

    GS-4012F/4024 User ’s Guide 325 C HAPTER 45 Introducing Commands This chapter introduces commands and gives a summary of commands available. 45.1 Overview In addition to the web con figurator, you can use commands to conf igure the Switch. Use commands for advanced Switch diagnosis and troubleshooting. If you have problems with your Switch, custo[...]

  • Page 326

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 326 • 9600 bps • No parity • 8 data bits • 1 stop bit • No flow control 45.2.1.1 Initial Screen When you turn on your Switch, it performs severa l internal tests as well as line initialization. Y ou can view the initialization in formation using the console port . After[...]

  • Page 327

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 327 • The required fields in a command are enclose d in angle brackets <>, for instance, ping <ip> means that you must specify an IP number for this command. • The optional fields in a command are enclosed in square brackets [], for instance, configure snmp-server [...]

  • Page 328

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 328 45.7 Privilege Levels Y ou can use a command whose privilege level is equal to or less than that of your login account. For example, if you r login account has a privilege level of 12, you can use all commands with privilege levels from 0 to 12. 0 privilege level commands are[...]

  • Page 329

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 329 The following table describ es command interpreter mode s and how to access them. Enter exit to quit from the current mo de or enter logout to exit the comm and interpreter . 45.9 Getting Help The system includes a help faci l ity to provide you with the following information [...]

  • Page 330

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 330 45.9.1 List of A vailable Commands Enter “ help ” to displa y a list of available comma nds and the correspon ding sub commands. Enter “ ? ” to display a list of comman ds you can use. sysname> help Commands available: help logout exit history enable show ip <cr[...]

  • Page 331

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 331 Enter <command> help to display detailed su b commands and para mete rs. Enter <command> ? to display detailed help inform ation about the sub commands and parameters. 45.10 Using Command History The Switch keeps a list of re cently used commands available to you f[...]

  • Page 332

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 332 " Y ou must save your changes after eac h CLI session. All unsaved configuration changes are lost once you restart the Switch. 45.1 1.1 Switch Configuration File When you config ure the Switch using either the CLI (Command Line Interface) or web configurator , the settin[...]

  • Page 333

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 333 45.12.1 User Mode The following table describes the co mmands available for User mode. T able 137 Command Summary: User Mode COMMAND DESCRIPTION PRIVILEG E help Displays help information. 0 logout Exits f rom the CLI. 0 exit Logs out from the CLI. 0 history Displays a list of [...]

  • Page 334

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 334 45.12.2 Enable Mode The following table describes the co mmands available for Enable mode. T able 138 Command Summary: Enable Mode COMMAND DESCRIPTION PRIVILEGE baudrate <1|2|3|4|5> Changes the console po rt speed. Choices are 1 (9600), 2 (19200), 3(38400), 4 (57600) an[...]

  • Page 335

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 335 <0-14> Accesses Enable mode commands up to the pri vilege level specified. 0 erase running-config Reset s to th e factory default settings. 13 help Displays help information for this command. 13 interface port- channel <port- list> [bandwidth- limit...] Resets to t[...]

  • Page 336

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 336 renew dhcp snooping database <tftp://host/ filename> Loads dynamic bindings from the specified DHCP snoopin g database. 13 show aaa authentication Displays whether authenticatio n and privilege checki ng is ena bled on the Switch and what methods are used fo r authentic[...]

  • Page 337

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 337 statistics Displays statistics regarding the total number of ARP packet s received on the Switch. 3 statistics vlan <vlan-list> Displays statistics regarding the total number of ARP packet s received on the Switch based on the VLAN(s) specified. 3 vlan <vlan-list> [...]

  • Page 338

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 338 ethernet oam summary Displays the configu ration details of each OAM activa te d po rt . 3 garp Di splays GARP in formation. 3 hardware-monitor <C|F> Displays current hardware monitor information with th e specifie d temperature unit (Celsius C or Fahrenheit F). 0 https[...]

  • Page 339

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 339 dvmrp neighbor Displays DVMRP neighbor informat ion. 3 dvmrp prune Displays the DVMRP prune informat ion. 3 dvmrp route Displays the DVMRP routes. 3 igmp group Displays multicast group details for each port(s). 3 igmp interface Displays IGMP settings for each IP interface. 3 i[...]

  • Page 340

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 340 logins Displays login account informat ion. 3 loopguard Displays which port s have loopguard enabled as well as their status. 3 mac address-table <all [mac|vid|port]> Displays MAC address table. Y ou can sort by MAC address, VID or port. 3 address-table count Displays t[...]

  • Page 341

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 341 <vlan-id> Displays the specified MVR group settings. 3 policy Displays all policy related informat ion. 3 [name] Displays the specified policy related information. 3 port-access- authenticator Displays all port authentication settings. 3 [port-list] Displays port authent[...]

  • Page 342

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 342 known-hosts Displays known SSH hosts informat ion. 3 key <rsa1|rsa|dsa> Displays intern al SSH publi c and private key informa tion. 3 session Displays current SSH session(s). 3 subnet-vlan Displays subnet based VLAN settings on the Switch. 3 system- information Display[...]

  • Page 343

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 343 45.12.3 General Configuration Mode The following table lists the commands in Configuration (or Config) mode. write memory Saves current configuration to the configuration file the Switch is currently using. 13 <index> Saves current configuration to the specified configur[...]

  • Page 344

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 344 update periodic <1-2147483647> Sets the update period for accounting sessions. This is the time the Switch waits to send an update to an accounting server after a session st arts. 13 authentication enable <method1> [<method2> [<method3>]] Enables autho[...]

  • Page 345

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 345 logging [all|none|permi t|deny] Enables logging of ARP inspection events on the specified VLAN(s). Optionally specifies which types of events to log. 13 bandwidth- control Enables bandwidth control. 13 bcp- transparenc y Enables Bridge Con trol Protocol (BCP) transparency . 13[...]

  • Page 346

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 346 member <mac- address> password <password-str> Sets the cluster member . 13 name <cluster name> Sets a descriptive name for the cluster . 13 rcommand <mac- address> Logs into the CLI of the specified cluster member . 13 default- management <in-band|o[...]

  • Page 347

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 347 helper-address <remote-dhcp- server1> [<remote-dhcp- server2>] [<remote-dhcp- server3>] Sets the IP addresses of up to 3 DHCP servers. 13 information Allows the Switch to add system name to agent information. 13 option Allows the Switch to add DHCP relay agen[...]

  • Page 348

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 348 help Displays help information . 0 history Displays a list of previous command(s) that you have executed. 0 hostname <name_string> Se ts the Switch’s name for identification purposes. 13 https cert-regeneration <rsa|dsa> Re-generates a certificate. 13 timeout &l[...]

  • Page 349

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 349 default-gateway <ip> Sets the default gateway’s IP address for the ou t -of-band management port. 13 name-server <ip> Sets the IP address of a domain name server . 13 route <ip> <mask> <next-hop-ip> Creates a static route. 13 <ip> <mask[...]

  • Page 350

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 350 mac-filter name <name> mac <mac-addr> vlan <vlan-id> drop <src/dst/both> Configures a static MAC address port filtering rule. 13 inactive Disables a static MAC address port filtering rule. 13 mac-forward name <name> mac <mac-addr> vlan <[...]

  • Page 351

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 351 interface port- channel <port- list> path-cost <1-65535> Assigns the path cost to the specified ports. 13 interface port- channel <port- list> priority <1-255> Assigns priority to the specified ports. 13 max-hop <1-255> Sets the maximum hop value [...]

  • Page 352

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 352 log-buffer logs Resets the maximum number of syslog messages the Switch can send to the syslog server in one batch to the default value (4). 13 vlan <vlan- list> Disables ARP inspection on the specified VLAN(s). 13 vlan <vlan- list> logging Disabl es logg ing of m[...]

  • Page 353

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 353 vlan <vlan- list> S pecifies the VL AN IDs fo r VLANs you want to di sable DHCP snooping on . 13 vlan <vlan- list> information Sets the Switch to not add the system name to DHCP requests that it broadcasts t o the DHCP VLAN, if specified, or VLAN. 13 vlan <vlan-[...]

  • Page 354

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 354 route <ip> <mask> inactive Enables a specified IP static route. 13 lacp Disables the link aggregation control protocol (dynamic trunking) on the Switch. 13 logins <name> Disables login a ccess to the specified name. 14 loopguard Disables loopguard o n the Sw[...]

  • Page 355

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 355 instance <0-16> interface port- channel <port- list> Disables the assignmen t of specific ports from an MST instance. 13 multi-login Disables another ad ministrator from logging into T e lnet or the CLI. 14 mvr <vlan-id> Removes an MVR configuration from the [...]

  • Page 356

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 356 service-control ftp Disables FTP access to the Switch. 13 http Disables web browser control to the Switch. 13 https Disables secure web browser access to the Switch. 13 icmp Disables ICMP access to the Switch such as pi nging and tracerouting. 13 snmp Disables SNMP management[...]

  • Page 357

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 357 spanning-tree Disables STP . 13 <port-list> Disables STP on listed ports. 13 ssh key <rsa1|rsa|dsa> Disables the secure shell server encryption key . Y our Switch supports SSH versions 1 and 2 using RSA and DSA authentication. 13 known-hosts <host-ip> Removes[...]

  • Page 358

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 358 <T1|T2|T3|T4|T5 |T6> interface <port-list> Removes ports from the specified trunk group. 13 <T1|T2|T3|T4|T5 |T6> lacp D isables LACP in the specified trunk group. 13 vlan < vlan-id> Deletes the static VLAN entry . 13 vlan1q gvrp Disables GVRP on the Sw[...]

  • Page 359

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 359 policy <name> classifier <classifier-list> < [vlan<vlan-id>] [egress-port <port-num>] [priority <0-7>] [dscp <0-63>] [tos <0-7>] [bandwidth <bandwidth>] [outgoing-packet- format <tagged|untagged>] [out-of-profile- dscp &[...]

  • Page 360

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 360 port- security Enables port security on the device. 13 <port-list> Enables port security on the specified port(s). 13 learn inactive Disables MAC address learni ng on the spec ified port(s). 13 address-limit <number> Limits the number of (dynamic) MAC addresses th[...]

  • Page 361

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 361 igmp Enables and enters the IGMP configuration mode. 13 exit Leaves the IGMP configuration mode. 13 non-querier Sets the Switch to Non-Querier mode. (If a multic ast ro uter with a lower IP address, it wil l stop sending Query messages on that network.) 13 no non-querier Disab[...]

  • Page 362

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 362 area <area-id> virtual-link <router-id> message-digest- key <keyid> md5 <key> Enables MD5 authentication and sets the key ID and key for the virtual link in the area. 13 area <area-id> virtual-link <router-id> name <name> Sets a descr[...]

  • Page 363

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 363 no network <ip- addr/bits> Deletes the OSPF network. 13 no redistribute rip Sets the Switch not to learn RIP routing information. 13 no redistribute static Sets the Switch not to learn st atic routing information. 13 redistribute rip metric-type <1|2> metric <0-[...]

  • Page 364

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 364 priority <1- 254> Sets the priority of the uplink- gateway . 13 secondary- virtual-ip < ip> Sets the secondary VRRP virtual gateway IP address. 13 service- control ftp <socket- number> Allows FTP access on the specified service port. 13 http <socket- numb[...]

  • Page 365

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 365 interface Enables sending all interface type traps to a manager . 13 interface <options> Enables sending all interface type traps to a manager . The options are “linkup”, “l inkdown” and “autonegotiati on”. 13 ip Enables sending all IP type traps to a manager[...]

  • Page 366

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 366 priority <0-61440> Sets the bridge priority of the Switch. 13 ssh known-hosts <host- ip> <1024|ssh- rsa|ssh-dsa> <key> Adds a remote host to which the Switch can access using SSH service. 13 storm- control Enables broadcast storm control on the S witch[...]

  • Page 367

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 367 mode <index- priority|round- robin> S pe cifies the mode for T ACACS+ server selection. 13 time <Hour:Min:Sec> Sets the time in hour , minute and second format. 13 date <month/day/ year> Sets the date in year , month and day format. 13 daylight-saving- time E[...]

  • Page 368

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 368 45.12.4 interface port-channel Commands The following table lists the interface port-channel commands in configuration mode. Use these commands to configure the ports. <SPTPID> Sets the SP TPID (Service Provider T ag Protocol Iden tifier). 13 vlan-type <802.1q|port- [...]

  • Page 369

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 369 egress <Kbps> Sets the maxi mum bandwidth allowed for outgoin g traffic on the port(s). 13 bpdu-control <peer|tunnel|disc ard|network> Sets h ow Bridge Protoc ol Data Units (BPDUs) are used in STP port st ates. 13 broadcast-limit Enables broadcast storm control lim[...]

  • Page 370

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 370 ge-spq <q0|q1|...|q7> Enables strict priority queuin g starting with the specified queue and subsequent higher queu es on the Gigabit ports. 13 gvrp Enables this function to permit VLAN groups beyond the local Switch. 13 help Displays a description of the interface port[...]

  • Page 371

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 371 name <port-name- string> Sets a name for th e port(s). Enter a descriptive name (up to nine printa b l e ASC II ch ara c t ers ). 13 no arp inspection trust Disables this port from being a trusted port for ARP inspection. 13 arp inspection limit Resets the ARP inspection[...]

  • Page 372

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 372 ingress-check Disables ingress checking o n the port(s). 13 intrusion-lock Disables intrusion-lock on a port so that a port can be connected again after you disconnected the cable. 13 ipmc egress- untag-vlan <vlan- id> Disables the port(s) from removing specified VLAN t[...]

  • Page 373

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 373 45.12.5 interface route-domain Commands The following table lists the interface route-domain commands in configuration mo de. Use these comm an ds to con f ig ure the IP routing domains. vlan-stacking priority <0-7> Sets the priority of the specified port(s) in VLAN stac[...]

  • Page 374

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 374 igmp query-max- response-time <1-25> Sets the maximum time that the router waits for a response to an general query message. 13 igmp last-member- query-interval <1-25> Sets the amount of time in seconds that the router wa its for a response to a group specific que[...]

  • Page 375

    Chapter 45 Introd u c in g Com m and s GS-4012F/4024 User ’s Guide 375 45.12.6 config-vlan Commands The following table lists the vlan commands in configuration mode. T able 142 Command Summary: config-vlan Commands COMMAND DESCRIPTION PRIVILEGE vlan <vlan-id> Creates a new VLAN group. 13 exit Leaves the VLAN configuration mode. 13 fixed &l[...]

  • Page 376

    Chapter 45 In tr o duc ing Com m a nd s GS-4012F/4024 User ’s Guide 376 45.13 mvr Commands The following table lists the mvr commands in configuration mode. T able 143 Command Summary: mvr Commands COMMAND DESCRIPTION PRIVILEG E mvr <vlan- id> Enters the MVR (Multicast VLAN Registration) configuration mode. 13 exit Exist from the MVR config[...]

  • Page 377

    GS-4012F/4024 User ’s Guide 377 C HAPTER 46 User and Enable Mode Commands This chapter describes some commands which yo u can perform in the User and Ena ble modes. 46.1 Overview The following command examples show how you can use User and Enab le mode s to diagnose and manage your Switch . 46.2 show Commands These are the commonly used show comm[...]

  • Page 378

    Chapter 46 User and Enable Mode Comma nds GS-4012F/4024 User ’s Guide 378 46.2.2 show ip Syntax: show ip This command displays the IP re lated information (such as IP address and subnet mask) on all Switch interfaces. The following figure shows th e default interface settings. 46.2.3 show logging Syntax: show logging This command displays the sys[...]

  • Page 379

    Chapter 46 User and Enable Mode Commands GS-4012F/4024 User ’s Guide 379 This command displays statistics of a port. The following ex ample shows th at port 2 is up and the related information. 46.2.5 show mac address-table Syntax: show mac address-table <all <sort>|s tatic> Where <sort> = Specifies the sorting criteria (MAC, VI[...]

  • Page 380

    Chapter 46 User and Enable Mode Comma nds GS-4012F/4024 User ’s Guide 380 46.3 ping Syntax: ping <ip|host-name> < [in-band|out-o f-band|vlan <vlan-id> ] [size -> <0-1472>] [-t]> where This command sends Ping packets to an Ethe rnet device. The following examp le send s Ping requests to and displays th e replies from an [...]

  • Page 381

    Chapter 46 User and Enable Mode Commands GS-4012F/4024 User ’s Guide 381 This command displays information about the route to an Ethernet device. The following example displays route information to an Ethernet device with an IP address of 192.168.1.100 . 46.5 Copy Port Attributes Use the copy running-config command to copy attributes of one port [...]

  • Page 382

    Chapter 46 User and Enable Mode Comma nds GS-4012F/4024 User ’s Guide 382 46.6.1 Using a Different Configuration File Y ou can store up to two configuration files on th e Switch. Only one configuration file is used at a time. By default the Switch uses the first co nfiguration file (with an index number of 1). Y ou can set the Switch to use a dif[...]

  • Page 383

    GS-4012F/4024 User ’s Guide 383 C HAPTER 47 Configuration Mode Commands This chapter describes how to enable and conf igure your Switch’ s features using commands. For more background information, see the f eature specific chapters which proceed the commands chapters. 47.1 Change the Out of Band Management IP Address Use the ip address command [...]

  • Page 384

    Chapter 47 Configurat ion Mode Com mands GS-4012F/4024 User ’s Guide 384 Syntax: igmp-snooping igmp-snooping 8021p-priority <0-7> igmp-snooping host-timeout <1-167114 50> igmp-snooping leave-timeout <1-16711 450> igmp-snooping unknown-multicast-fram e <drop|flooding> igmp-snooping reserved-multicast-gro up <drop|floodin[...]

  • Page 385

    Chapter 47 Conf igur ation Mode Commands GS-4012F/4024 User ’s Guide 385 where An example is shown next. • Enable IGMP filtering on the Switch. • Create an IGMP filtering profile filter1 and specify the mu lticast IP addresses in the range 224.255.255 .0 to 22 5.255.255.255 to belong to this profile. 47.4 Enabling STP Use the spanning-tree or[...]

  • Page 386

    Chapter 47 Configurat ion Mode Com mands GS-4012F/4024 User ’s Guide 386 where An exampl e us ing spanning-tree c ommand is shown next. • Enable STP on the Switch. • Set the bridge priority of the Switch to 0. • Set the Hello T ime to 4, Maximum Age to 20 and Forward Delay to 15 on the Switch. spanning-tree = Enables STP on the Switch . mrs[...]

  • Page 387

    Chapter 47 Conf igur ation Mode Commands GS-4012F/4024 User ’s Guide 387 • Enable STP on port 5 with a path cost of 150. • Set the priority for port 5 to 20. 47.5 no Command Examples These are the commonly used comm and examples that belong to the no group of co mmands. The no group commands are commands which are preceded by keyword no . Thi[...]

  • Page 388

    Chapter 47 Configurat ion Mode Com mands GS-4012F/4024 User ’s Guide 388 where An example is shown next. • Enable the IP route with the IP add ress of 192.168.1 1.1 and subne t mask of 255.255.255.0. This ip route must have alread y been cr eated and made inactive prior to re-enable command being applied. 47.5.4 Other Examples of no Commands In[...]

  • Page 389

    Chapter 47 Conf igur ation Mode Commands GS-4012F/4024 User ’s Guide 389 where An example is shown next. • Disable authentication on the Switch. • Disable re-authentication on port s one, three, four and five. • Disable authentication on ports one, six and seven. Figure 203 no port-access-authenticato r Command Example 47.5.4.3 no ssh Synta[...]

  • Page 390

    Chapter 47 Configurat ion Mode Com mands GS-4012F/4024 User ’s Guide 390 47.6 S t atic Route Commands Y ou can create and configure static routes on the Switch by using the ip route command. Syntax: ip route <ip> <mask> <next-hop-ip> ip route <ip> <mask> <next-hop-ip> [ metric <metric>][name <name>][...]

  • Page 391

    Chapter 47 Conf igur ation Mode Commands GS-4012F/4024 User ’s Guide 391 where An example is shown next. • Create a filtering rule cal led “filter1”. • Drop packets coming from an d going to MAC address 00:12: 00:12:00:12 on VLAN. 47.8 Enabling T runking T o create and e nable a trunk, enter trunk followed by the ports which you want to g[...]

  • Page 392

    Chapter 47 Configurat ion Mode Com mands GS-4012F/4024 User ’s Guide 392 • Enable dynamic l ink aggregation (LACP) on trunk 1. 47.9 Enabling Port Authentication T o enable a port authentication, you need to specify yo ur RADIUS server details and select the ports which require external authentication. Y o u can set up multiple RADIUS servers an[...]

  • Page 393

    Chapter 47 Conf igur ation Mode Commands GS-4012F/4024 User ’s Guide 393 See Section 47.9.2 on page 3 93 for an example. 47.9.2 Port Authentication Settings Use the port-access-authenticator command to configure po rt security on the Switch. Syntax: port-access-authenticator port-access-authenticator <port-list > port-access-authenticator &[...]

  • Page 394

    Chapter 47 Configurat ion Mode Com mands GS-4012F/4024 User ’s Guide 394 • Specify RADIUS server 1 with IP address 10.10.10.1, port 1890 an d the string secretKey as the password. See Section 47.9.1 on page 392 for more information on RADIUS server commands. • Specify the timeout period of 30 seconds that the Switch w ill wait for a response [...]

  • Page 395

    GS-4012F/4024 User ’s Guide 395 C HAPTER 48 Interface Commands These are some commonly used configur ation commands that belong to the interface group of commands . 48.1 Overview The interface commands allow you to configure the Switch on a port by port basis. 48.2 Interface Command Examples This section provides examples of some frequently used [...]

  • Page 396

    Chapter 48 In te r fac e Co mm a nd s GS-4012F/4024 User ’s Guide 396 where An example is shown next. • Enable ports 1, 3, 4 and 5 for configuration. • Set the BPDU control to tunnel , to forward BPDUs received on ports one, three, four and five. 48.2.3 broadcast-limit Syntax: broadcast-limit broadcast-limit <pkt/s> where An example is [...]

  • Page 397

    Chapter 48 In te rf ac e Com m a nd s GS-4012F/4024 User ’s Guide 397 where An example is shown next. • Enable port one for config uration. • Enable bandwidth contro l. • Set the outgoing traffic bandwidth limit to 5000Kbps. • Set the guaranteed bandwidth allowe d for incoming traffic to 4000Kbps. • Set the maximum bandwidth allo wed fo[...]

  • Page 398

    Chapter 48 In te r fac e Co mm a nd s GS-4012F/4024 User ’s Guide 398 • Enable port mirroring for outgoing traf fic. T raffic is co pied from ports 1, 4, 5 and 6 to port three in order to examine it in more detail without interfering with the traf fic flow on the original ports. 48.2.6 gvrp Syntax: gvrp GVRP (GARP VLAN Registratio n Protocol) i[...]

  • Page 399

    Chapter 48 In te rf ac e Com m a nd s GS-4012F/4024 User ’s Guide 399 where An example is shown next. • Enable ports one, three, four an d five for configuration. • Enable ingress checking on the ports. • Enable tagged frame-types on the interface. 48.2.9 weight Syntax: weight <wt1> <wt2> ... <wt8> where An example is show[...]

  • Page 400

    Chapter 48 In te r fac e Co mm a nd s GS-4012F/4024 User ’s Guide 400 • Set the outgoing traffic ports as th e CPU (0), seven (7) and eight (8). 48.2.1 1 qos priority Syntax: qos priority <0 .. 7> where An example is shown next. • Enable ports one, three, four an d five for configuration. • Set the IEEE 802.1p quality of service prior[...]

  • Page 401

    Chapter 48 In te rf ac e Com m a nd s GS-4012F/4024 User ’s Guide 401 where An example is shown next. • Enable ports one, three, four an d five for configuration. • Set the speed to 100 Mbps i n half duplex mode. 48.2.14 test Y ou can perform an interface loopback test on specified ports. The test returns Passed! or Failed! An example is show[...]

  • Page 402

    Chapter 48 In te r fac e Co mm a nd s GS-4012F/4024 User ’s Guide 402 Syntax: no bandwidth-limit An example is shown next: • Disable bandwidth limit on po rt1 sysname(config)# interface port-chan nel 1 sysname(config-interface)# no bandwi dth-limit[...]

  • Page 403

    GS-4012F/4024 User ’s Guide 403 C HAPTER 49 IEEE 802.1Q Tagged VLAN Commands This chapter describes the IEEE 802.1Q T agged VLAN and associated commands. 49.1 Configuring T agged VLAN The following procedur e shows you how to configure tagged VLAN. 1 Use the IEEE 802.1Q tagged VLAN comman ds to configure tagged VLAN for the Switch. • Use the vl[...]

  • Page 404

    Chapter 49 IEEE 802.1Q Tagged VLAN Co mmands GS-4012F/4024 User ’s Guide 404 49.2 Global VLAN1Q T agged VLAN Configuration Commands This section shows you how to configure and monitor the IEEE 802.1Q T agged VLAN. 49.2.1 GARP St atus Syntax: show garp This command shows the Switch’ s GARP timer settin gs, including the join, leave and leave all[...]

  • Page 405

    Chapter 49 IEEE 802.1Q Tagged VLAN Commands GS-4012F/4024 User ’s Guide 405 The following example sets th e Join T imer to 300 millisecon ds, the Leave T imer to 800 milliseconds and the Leave All T imer to 1 1000 milliseconds. 49.2.3 GVRP T imer Syntax: show vlan1q gvrp This command shows the Switch’ s GVRP settings. An example is shown next. [...]

  • Page 406

    Chapter 49 IEEE 802.1Q Tagged VLAN Co mmands GS-4012F/4024 User ’s Guide 406 The following ex ample sets the default VID to 200 on port s 1 to 5. 49.3.2 Set Accept able Frame T ype Syntax: frame-type <all|tagged|untagged> where This command sets the specified port to accept all Ethernet frames or only those with an IEEE 802.1Q VLAN tag. The[...]

  • Page 407

    Chapter 49 IEEE 802.1Q Tagged VLAN Commands GS-4012F/4024 User ’s Guide 407 where •E n t e r fixed to register the <port-list> to the static VLAN table with <vlan-id> . •E n t e r normal to confirm registration of the <port-list> to the static VLAN table with <vlan-id> . •E n t e r forbidden to block a < port-list[...]

  • Page 408

    Chapter 49 IEEE 802.1Q Tagged VLAN Co mmands GS-4012F/4024 User ’s Guide 408 49.3.5 Delete VLAN ID Syntax: no vlan <vlan-id> where This command deletes the specified VLAN ID entry from the static VLAN table. The following example deletes entry 2 in the static VLAN table. 49.4 Enable VLAN Syntax: vlan <vlan-id> This command enables the[...]

  • Page 409

    Chapter 49 IEEE 802.1Q Tagged VLAN Commands GS-4012F/4024 User ’s Guide 409 •T h e TagCtl section of the last column shows wh ich ports are tagged and which are untagged. sysname# show vlan The Number of VLAN: 3 Idx. VID Status Elap-Time TagCtl ---- ---- -------- ------------ - ----------------------- 1 1 Static 0:12:13 Untagged :1-2 T agged : [...]

  • Page 410

    Chapter 49 IEEE 802.1Q Tagged VLAN Co mmands GS-4012F/4024 User ’s Guide 410[...]

  • Page 411

    GS-4012F/4024 User ’s Guide 41 1 C HAPTER 50 Multicast VLAN Registration Commands This chapter shows you how to use Mu lticast VLAN Registration (mvr) commands. 50.1 Overview Use the mvr commands in the co nfiguration mode to create and configure multicast VLANs. " If you want to enabl e IGMP snooping see Section 47.2 on page 383 . 50.2 Crea[...]

  • Page 412

    Chapter 50 Multicast VLAN Registration Commands GS-4012F/4024 User ’s Guide 412 • Enter MVR mode. Create a multicast VLAN with the name multiV lan and the VLAN ID of 3. • Specify source ports 2, 3, 5 and receiv er ports 6-8. • Specify dynamic mode for the multicast group. • Configure MVR multicast group addresses by the name of ipgroup . [...]

  • Page 413

    GS-4012F/4024 User ’s Guide 413 C HAPTER 51 Routing Domain Command Examples 51.0.1 interface route-domain Syntax: interface route-domain <ip-address>/ <mask-bits> where Use this command to enable/create the spec ified routing domain for configuration. An example is shown next. • Enter the configuration mode. • Enable default routi[...]

  • Page 414

    Chapter 51 Routing Doma in Command Examples GS-4012F/4024 User ’s Guide 414[...]

  • Page 415

    GS-4012F/4024 User ’s Guide 415 C HAPTER 52 Troubleshooting This chapter covers potential problems and possible remedies. 52.1 Problems St arting Up the Switch 52.2 Problems Accessing the Switch T able 144 Troubleshooting the Start-Up of Your Switch PROBLEM CORRECTIVE ACTION None of the LEDs turn on when you turn on the Switch. Check the power co[...]

  • Page 416

    Chapter 52 Tro u blesh oo tin g GS-4012F/4024 User ’s Guide 416 52.2.1 Pop-up Windows, Ja vaScript s and Java Permissions In order to use the web configurator yo u need to allow: • W eb browser pop-up windows fro m your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens ar[...]

  • Page 417

    Chapter 52 Trou bleshooting GS-4012F/4024 User ’s Guide 417 Figure 205 Intern et Options 3 Click Apply to save this setting. 52.2.1.1.2 Enable pop-up Blockers with Exceptions Alternatively , if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer , select To o l s , Internet Options and then the [...]

  • Page 418

    Chapter 52 Tro u blesh oo tin g GS-4012F/4024 User ’s Guide 418 Figure 206 Internet Options 3 T ype the IP address of your device (the web page that you do not want to have blocke d) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites . Figure 207 Pop-up Blocker Settings [...]

  • Page 419

    Chapter 52 Trou bleshooting GS-4012F/4024 User ’s Guide 419 6 Click Apply to save this setting. 52.2.1.2 JavaScript s If pages of the web configura tor do not display properly in Inte rnet Explorer , check that JavaScripts are allowed. 1 In Internet Explorer , click T ools , Internet Options and then the Security tab. Figure 208 Internet Options [...]

  • Page 420

    Chapter 52 Tro u blesh oo tin g GS-4012F/4024 User ’s Guide 420 Figure 209 Security Settings - Java Scripting 52.2.1.3 Java Permissions 1 From Internet Explorer , click To o l s , Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM . 4 Under Java permissions make sure that a safety leve l [...]

  • Page 421

    Chapter 52 Trou bleshooting GS-4012F/4024 User ’s Guide 421 52.2.1.3.1 JA V A (Sun) 1 From Internet Explorer , click To o l s , Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is sele cted. 3 Click OK to clos e the wind ow . Figure 21 1 Java (Sun) 52.3 Problems with the Password T able 1[...]

  • Page 422

    Chapter 52 Tro u blesh oo tin g GS-4012F/4024 User ’s Guide 422[...]

  • Page 423

    423 P ART VI Appendices and Index Product Specification s (425) IP Addresses and Subnetting (431) Common Services (441) Legal Information (445) Customer Support (449) Index (453)[...]

  • Page 424

    424[...]

  • Page 425

    GS-4012F/4024 User ’s Guide 425 A PPENDIX A Product S pecifications The following tables summarize the Switc h’ s hardware and firmware features. T able 147 Hardware Specifications SPECIFICATIO N DESCRIPTION Dimensions S tandard 19” rack mountable GS-4012F : 438 mm (W) x 225 mm (D) x 44.45 m m (H) GS-4024 : 438 mm (W) x 300 mm (D) x 44.45 mm [...]

  • Page 426

    Appendix A Product Specifica tions GS-4012F/4024 User ’s Guide 426 Power Wire Gauge 18 AWG or larger Fuse S pe cification 250 V AC, T2A T able 148 Firmware Specifications FEATURE DESCRIPTION Default IP Address In band: 192.168.1.1 Out of band (Management port): 192.168.0.1 Default Subnet Mask 255.255.255.0 (24 bits) Administrator User Name admin [...]

  • Page 427

    Appendix A Product Specifications GS-4012F/4024 User ’s Guide 427 Multicast VLAN Registration (MVR) Multica st VLAN Registration (MVR) is designed for applicatio ns (such as Media-on-Demand (MoD)) using multicast traffic across a network. MVR allows one single multi cast VLAN to be shared among different subscriber VLANs on the network. This impr[...]

  • Page 428

    Appendix A Product Specifica tions GS-4012F/4024 User ’s Guide 428 Firmware Upgrade Download new firmware (when available) from the ZyXEL web site and use the web configu rator , CLI or an FTP/TFTP tool to put it on the Switch. Note: Only upload firmware for your spe cific model! Configuration Backup & Restoration Make a copy of the Switch’[...]

  • Page 429

    Appendix A Product Specifications GS-4012F/4024 User ’s Guide 429 The following list, which is not exhaustive, i llustrates the standards su pported in the Switch. Layer 3 Features IP Cap abil ity IPV4 support 64 IP routing do mains 8K IP address table Wire speed IP forwarding Routing protocols Unicast: RIP-V1/V2, OSPF V2 Multicast: DVMRP , IGMP [...]

  • Page 430

    Appendix A Product Specifica tions GS-4012F/4024 User ’s Guide 430 RFC 3164 Syslog RFC 3376 Internet Group Man agement Protocol, Ve rsion 3 RFC 3414 User-ba sed Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMP v3) RFC 3580 RADIUS - T unnel Protocol Attribute IEEE 802.1x Port Based Network Access Control IEEE 802.[...]

  • Page 431

    GS-4012F/4024 User ’s Guide 431 A PPENDIX B IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify ind ividual devices on a network. Every networking device (includin g computers, servers, routers, printe rs, etc.) ne eds an IP address to communicate across the network. These networking devices a[...]

  • Page 432

    Appendix B IP Addres ses and Subnetting GS-4012F/4024 User ’s Guide 432 Figure 212 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the s ubnet mask. Subnet Masks A subnet mask is used to dete rmine which bits are part of th e network number , and which bits are part of th[...]

  • Page 433

    Appendix B IP Addresses and Subnetting GS-4012F/4024 User ’s Guide 433 Subnet masks are expressed in dotted decimal no tation just like IP addresses. The follow ing examples show the binary and decimal not ation for 8-bit, 16-bit, 24-bit an d 29-bit subnet masks. Network Size The size of the network number determines the max imum number of possib[...]

  • Page 434

    Appendix B IP Addres ses and Subnetting GS-4012F/4024 User ’s Guide 434 Subnetting Y ou can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the c ompany network for security reasons. In this example, the compan[...]

  • Page 435

    Appendix B IP Addresses and Subnetting GS-4012F/4024 User ’s Guide 435 Figure 214 Subnetting Example: Af ter Subnetting In a 25-bit subnet the host ID has 7 bits , so each sub-network has a maximum of 2 7 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’ s address itself, all ones is the subnet’ s broadcast address). 192.168[...]

  • Page 436

    Appendix B IP Addres ses and Subnetting GS-4012F/4024 User ’s Guide 436 Example: Eight Subnet s Similarly , use a 27-bit mask to create eight subnets (000, 001, 010, 01 1, 100, 101, 1 10 and 111 ) . The following table shows IP address last octet values for each subnet. T able 156 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VA L U E IP [...]

  • Page 437

    Appendix B IP Addresses and Subnetting GS-4012F/4024 User ’s Guide 437 Subnet Planning The following table is a summary for su bnet planning on a network with a 24-bit network number . The following table is a summary for su bnet planning on a network with a 16-bit network number . 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 2[...]

  • Page 438

    Appendix B IP Addres ses and Subnetting GS-4012F/4024 User ’s Guide 438 Configuring IP Addresses Where you obtain your netwo rk number depends on yo ur particular situation. If the ISP or your network administrator assigns yo u a bloc k of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the[...]

  • Page 439

    Appendix B IP Addresses and Subnetting GS-4012F/4024 User ’s Guide 439 IP Address Conflict s Each device on a network must have a unique IP address. Devices with duplicate IP addresses on the same network will not be ab le to access the Internet or ot her resources. The devices may also be unreachable through the network. Conflicting Computer IP [...]

  • Page 440

    Appendix B IP Addres ses and Subnetting GS-4012F/4024 User ’s Guide 440 Conflicting Computer and R outer IP Addresses Example More than one device can not use the same IP addr ess. In the following example, the computer and the router ’ s LAN port both use 192.168.1.1 as the IP ad dress. The computer cannot access the Internet. This problem can[...]

  • Page 441

    GS-4012F/4024 User ’s Guide 441 A PPENDIX C Common Services The following table l ists some commonly-used se rvices and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. • Name : This is a short, descrip tive n[...]

  • Page 442

    Appendix C Common Ser vices GS-4012F/4024 User ’s Guide 442 FTP TCP TCP 20 21 File Tr ansfer Program, a program to enable fast transfer of files, including large fil es that may not be possible by e-mail. H.323 TCP 1720 NetMeeting uses this proto c ol. HTTP TCP 80 Hyper T ext Tr ansfer Protocol - a client/ server protocol for the world wide web. [...]

  • Page 443

    Appendix C Common Services GS-4012F/4024 User ’s Guide 443 RTE L NE T TCP 10 7 Remote T elnet. RTS P TCP/UDP 554 The Real T ime S treaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. SFTP TCP 11 5 Simple File T ransfe r Protocol. SMTP TCP 25 Simple Mail Transfer Protocol is the message-exchange standard for[...]

  • Page 444

    Appendix C Common Ser vices GS-4012F/4024 User ’s Guide 444[...]

  • Page 445

    GS-4012F/4024 User ’s Guide 445 A PPENDIX D Legal Information Copyright Copyright © 2007 by ZyXEL Communications Corporation. The contents of this publication may not be reprod uced in any part or as a whole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mechani[...]

  • Page 446

    Appendix D Lega l Inform a tio n GS-4012F/4024 User ’s Guide 446 FCC W arning This device has been tested and foun d to comply with the limits for a Class A digital switch, pursuant to Part 15 of the FCC Rules. Thes e limits are designed to provide reasonable protection against harmful interference in a co mmercial environment. Thi s device gener[...]

  • Page 447

    Appendix D Legal Information GS-4012F/4024 User ’s Guide 447 condition. Any replacement will consist of a ne w or re-manufactured f unctionally equivalent product of equal or higher value, and will be so lely at the discretion of ZyXE L. This warranty shall not apply if the product has been modified, misused, tamp ered with, damaged by an act of [...]

  • Page 448

    Appendix D Lega l Inform a tio n GS-4012F/4024 User ’s Guide 448[...]

  • Page 449

    GS-4012F/4024 User ’s Guide 449 A PPENDIX E Customer Support Please have the following information r eady when you contact customer support. Required Information • Product model and serial number . • W arranty Information. • Date that you received your de vice. • Brief description of the problem and the steps you took to solv e it. Corpor[...]

  • Page 450

    Appendix E Customer Support GS-4012F/4024 User ’s Guide 450 Denmark • Support E-mail: support@zyxel.dk • Sales E-mail: sales@zyxel.dk • T elephone: +45-39-55-07-00 • Fax: +45-39-55-07-07 • W eb Site: www .zyxel.dk • Re g u l a r M a i l: ZyXEL Communications A/ S, Columbusvej, 2860 Soebor g, Denmark Finland • Support E-mail: support[...]

  • Page 451

    Appendix E Customer Support GS-4012F/4024 User ’s Guide 451 • T elephone: +7-3272-590-698 • Fax: +7-327 2-5 90-689 • W eb Site: www .zyxel.kz • Re g u l ar M ai l : ZyXEL Kaza khstan, 43, Dostyk ave.,O ffice 414, Dost yk Business Centre, 050010, Almaty , Republic of Kazakhstan North America • Support E-mail: support@zyxel.com • Sales [...]

  • Page 452

    Appendix E Customer Support GS-4012F/4024 User ’s Guide 452 • W eb Site: www .zyxel.es • Re g ul a r M a i l : ZyXEL Communications, Arte, 21 5ª plan ta, 28033 Madrid, Spain Sweden • Support E-mail: support@zyxel.se • Sales E-mail: sales@zyxel.se • T elephone: +46-31-744-7700 • Fax: +46-31-744-7701 • W eb Site: www .zyxel.se • Re[...]

  • Page 453

    Index GS-4012F/4024 User ’s Guide 453 Index Numerics 802.1P priority 87 A AAA 185 AAA (Authentication, Author ization and Accounting) 185 access control limitations 285 login account 294 remote management 301 service port 300 SNMP 286 accounting 185 setup 190 accounts and modes 328 address learning, MAC 99 Address Resolution Protocol (ARP) 319 , [...]

  • Page 454

    Index GS-4012F/4024 User ’s Guide 454 classifier 151 , 153 and QoS 151 editing 154 example 155 overview 151 setup 151 , 153 , 154 viewing 154 CLI syntax conventions 326 cloning a port See port cloning cluster management 309 and switch passwords 314 cluster manager 309 , 313 cluster me mber 309 , 314 cluster member firmware upgrade 311 network exa[...]

  • Page 455

    Index GS-4012F/4024 User ’s Guide 455 disclaimer 445 double-tagged frames 165 DR (Designated Router) 230 DS (Differentiated Services) 251 DSCP DSCP-to-IEEE802.1p mapping 256 service level 251 what it does 251 DSCP (DiffServ Code Point) 251 DVMRP Autonomous System 245 default timer setting 248 error message 247 graft 246 how it works 245 implem en[...]

  • Page 456

    Index GS-4012F/4024 User ’s Guide 456 humidity 425 I IANA 438 IEEE 802.1p, priority 83 IEEE 802.1x activate 143 , 144 , 18 8 , 190 reauthentication 144 IEEE 802.1x, por t authentication 141 IGMP 241 , 245 how it works 242 port based 243 setup 243 version 171 , 242 version 3 243 IGMP (Internet Group Management Protocol) 171 IGMP filtering 171 prof[...]

  • Page 457

    Index GS-4012F/4024 User ’s Guide 457 maintanence configuration backup 282 firmware 281 restoring configuration 282 maintenance 279 current configuration 279 main screen 279 Management Information Base (MIB) 286 management port 103 managementmanagement inte rface, See also CLI man-in-the-middle a ttacks 201 max age 123 hops 123 metric 234 MIB and[...]

  • Page 458

    Index GS-4012F/4024 User ’s Guide 458 router types 229 status 231 stub area 229 , 236 virtual link 230 virtual links 238 vs RIP 229 OSPF (Open Shortest Path First) 229 P passwor d 61 administrator 295 Peak Information Rate (PIR) 127 PHB (Per-Hop Behavior) 251 ping, test connection 303 PIR (Peak Information Rate) 127 policy 159 , 160 and classifie[...]

  • Page 459

    Index GS-4012F/4024 User ’s Guide 459 server 186 settings 186 setup 186 Rapid S panning Tree Protocol, See RSTP . 109 rear panel 48 reboot load c onfiguration 281 reboot system 281 redistribute route 234 registration product 447 related documentation 3 remote management 301 service 302 trusted comp uters 301 resetting 62 , 280 to factory default [...]

  • Page 460

    Index GS-4012F/4024 User ’s Guide 460 how it works 11 0 Max Age 11 7 , 11 8 , 120 , 121 path cost 11 0 , 11 7 , 120 port priority 11 7 , 120 port state 111 root port 11 0 status 11 7 , 120 terminology 109 vs loop guard 219 stub area 229 , 236 stub area, See also OSPF 236 subnet 431 subnet based VLAN and DHCP VLAN 99 setup 99 subnet based VLANs 98[...]

  • Page 461

    Index GS-4012F/4024 User ’s Guide 461 Virtual Router (VR) 267 Virtual Router Redundan cy Protocol (VRRP) 267 VLAN 81 , 91 , 428 acceptable frame type 97 and DHCP 264 automatic registration 92 ID 91 IGMP snooping 172 ingress filtering 97 introduction 81 number of VLANs 94 port isolation 97 port number 95 port settings 96 port-based VLAN 100 port-b[...]

  • Page 462

    Index GS-4012F/4024 User ’s Guide 462[...]