Go to page of
Similar user manuals
-
Switch
ZyXEL Communications Ethernet Switch
2 pages 0.34 mb -
Switch
ZyXEL Communications GS-4024
462 pages 8.43 mb -
Switch
ZyXEL Communications es-105e
2 pages 10.4 mb -
Switch
ZyXEL Communications IES-1248-51
2 pages 0.07 mb -
Switch
ZyXEL Communications IES-5005
100 pages 4.96 mb -
Switch
ZyXEL Communications VES-1616F-3X
310 pages 7.72 mb -
Switch
ZyXEL Communications MP-7203
6 pages 0.88 mb -
Switch
ZyXEL Communications 4528F
491 pages 11.32 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of ZyXEL Communications XGS4700-48F, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of ZyXEL Communications XGS4700-48F one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of ZyXEL Communications XGS4700-48F. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of ZyXEL Communications XGS4700-48F should contain:
- informations concerning technical data of ZyXEL Communications XGS4700-48F
- name of the manufacturer and a year of construction of the ZyXEL Communications XGS4700-48F item
- rules of operation, control and maintenance of the ZyXEL Communications XGS4700-48F item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of ZyXEL Communications XGS4700-48F alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of ZyXEL Communications XGS4700-48F, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the ZyXEL Communications service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of ZyXEL Communications XGS4700-48F.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the ZyXEL Communications XGS4700-48F item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
www .zyxel.com www .zyxel.com XGS4700-48F Layer 3 Managed S t ackabl e Gigabit Ethernet Switch Copyright © 201 1 ZyXEL Communications Corporation Firmware V ersion 4.00 Edition 1, 04/2011 Default Login Details IP Address http://192.168.0.1 (Out-of -band MGMT port) http://192.168.1.1 (In-band ports) User Name admin Pa ss wo rd 12 34[...]
-
Page 2
[...]
-
Page 3
About This User's Guide XGS4700-48F User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who w ant to configure the Switch using the web configurator . Related Document ation • W eb Configurator On line He lp The embedded W eb Help contains descriptions of individual screens and supplementary inf[...]
-
Page 4
About This User's Guide XGS4700-48F User’s Guide 4 • Download Library Search for the latest produc t updates an d documentation from this link. Re ad the T ech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Int erface R eference Guide in order to better understand how to use your product [...]
-
Page 5
Document Conventions XGS4700-48F User’s Guide 5 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide. W arnings tell you about things that could harm you or your device. Note: Notes tell you other import ant informat ion (for example, other things you may need to configure or help ful tips) o[...]
-
Page 6
Document Conventions XGS4700-48F User’s Guide 6 Icons Used in Figures Figures in this User’ s Guide may use the following generic icons. The Sw itch icon is not an exact representation of y our device. The Switch Computer Notebook computer Server DSLAM Firewa ll Te l e p h o n e Swi tch Ro u te r[...]
-
Page 7
Safety Warnings XGS4700-48F User’s Guide 7 Safety Warnings • Do NO T use this product near water , for exam ple, in a wet basement or near a swimming pool. • Do NO T expose your device to dampness, dust or corrosive liquids. • Do NO T store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is[...]
-
Page 8
Safety Warnings XGS4700-48F User’s Guide 8[...]
-
Page 9
Contents Overview XGS4700-48F User’s Guide 9 Contents Overview User ’ s Guide ................................................... ..................................................... .......... ......... 25 Getting to Know Y our Switch .............. ................ ............. ................ ................ ............. ........... .. [...]
-
Page 10
Contents Overview XGS4700-48F User’s Guide 10 OSPF ........ ................ ............. ................ ............. ................ ............. ................ ........... ............. 3 29 IGMP ..... ................ ............. ................ ............. ................ ............. ................ ............. . ..........[...]
-
Page 11
Table of Contents XGS4700-48F User’s Guide 11 Table of Contents About This User's Guide ..................................................................................... ................... .. 3 Document Conventions.................................................................. ......................................... .5 Safety Warni[...]
-
Page 12
Table of Contents XGS4700-48F User’s Guide 12 3.1.1 Mini-GBIC Slots ............... ............ ................. ............. ................ ............. ................ .. .4 1 3.1.2 Console Port ............... .... ... ............. ... ... ... .... ... ... ... ............. ... .... ... ... ... .... ... ... ........... .. 43 3.1.3 Sign[...]
-
Page 13
Table of Contents XGS4700-48F User’s Guide 13 6.2.2 Creating a VLAN . ............. ................ ................ ............. ................ ................ ............. 7 6 6.2.3 Configuring DHCP Relay . ... ... ... ... .... ... ... ............. ... .... ... ... ... ... .... ............. ... ... ... ... .... ... 79 6.2.4 T roubleshoo[...]
-
Page 14
Table of Contents XGS4700-48F User’s Guide 14 9.3 Port VLAN Tr unking ..................... ... ... ... .... ... ... ... ............. .... ... ... ... ... ............. .... ... ... ... ... .. ... 121 9.4 Select the VLAN T ype ................. ... ... ... .... ... ... ... ............. .... ... ... ... ... .... ... ............. ... ... ... ...[...]
-
Page 15
Table of Contents XGS4700-48F User’s Guide 15 13.8 Configure Multiple S panning T ree Protoc ol ................ ............. ................ ................ ..... 164 13.8.1 Multiple S panning T ree Protocol Port Configuration ............... ................ .............. 167 13.9 Multiple S panning T ree Protoc ol S tatus ...... ..........[...]
-
Page 16
Table of Contents XGS4700-48F User’s Guide 16 Chapter 20 Classifier .......................................................... ........................................................... ........... 203 20.1 About the Classifier and QoS ........... .......... ... ............. ................ ............. ................ ........ 203 20.2 Conf[...]
-
Page 17
Table of Contents XGS4700-48F User’s Guide 17 24.3 Multicast Setting ........... ... ... .... ... ... ............. ... ... .... ... ... ... .... ... ... ... ............. ... .... ... ... ... .. ..... . 231 24.4 IGMP Snooping VLAN ............... ................ ................ ............. ................ ................ ........ 23 4 24.5[...]
-
Page 18
Table of Contents XGS4700-48F User’s Guide 18 Chapter 27 Loop Guard............................................ ............................................................... ................. 285 27.1 Loop Guard Overview ......... ............. ................ ................. ............ ................. ................ . 285 27.2 Loop Gu[...]
-
Page 19
Table of Contents XGS4700-48F User’s Guide 19 32.6 Error-Disable Recovery Conf iguration .............................. ................ ............. ................ . 3 15 Chapter 33 St atic Route ..................................................... .............................................................. ........ 317 33.1 S tatic Routi[...]
-
Page 20
Table of Contents XGS4700-48F User’s Guide 20 Chapter 38 DVMRP ................... ............................................................... ........................................ ......... 347 38.1 DVMRP Overview ....... ................ ............. ................ ............. ................ ................ .......... .3 4 7 38.2[...]
-
Page 21
Table of Contents XGS4700-48F User’s Guide 21 41.3.3 Configuring VRRP Para meters ............ ............. ................ ............. ................ ........ 374 41.3.4 Configuring VRRP Para meters ............ ............. ................ ............. ................ ........ 375 41.4 VRRP Configuration Examples .......... .... .....[...]
-
Page 22
Table of Contents XGS4700-48F User’s Guide 22 45.3.6 Configuring SNMP User .......... ................. ............. ............ ................. ............ ..... 405 45.4 Setting Up Login Accounts .......... .......... ...... ............. ................ ............. ................ ........ 40 7 45.5 SSH Overview ........ .............[...]
-
Page 23
Table of Contents XGS4700-48F User’s Guide 23 51.1 ARP T able Overview ........... ................ ................. ............. ................ ................ ............. .4 4 3 51.1.1 How ARP Works ............... ............. ... ... ... .... ... ... ... ............. ... .... ... ... ... .... ... ............. . 443 51.2 The ARP T ab[...]
-
Page 24
Table of Contents XGS4700-48F User’s Guide 24[...]
-
Page 25
25 P ART I User ’ s Guide[...]
-
Page 26
26[...]
-
Page 27
XGS4700-48F User’s Guide 27 C HAPTER 1 Getting to Know Your Switch This chapter introduces the main features and applications of the Switch. 1.1 Introduction Y our Switch is a s tackabke, la yer-3, Giga bit Ethernet (GbE) switch with two slots for two optional 2-port 10 Gi gabit uplink module. It can also operate together with other stackable swi[...]
-
Page 28
Chapter 1 Getting to Know Your Switch XGS4700-48F User’s Guide 28 super-fast uplink connection by using the optional 10 Gigabit uplink module on the Swit ch . Figure 1 Bridging Ap plication 1.1.2 High Performance Switching Example The Switch is ideal for connecting two geogr aphically dispersed networks that need high bandwidth. In the following [...]
-
Page 29
Chapter 1 Getting to Kn ow Your Switch XGS4700-48F User’s Guide 29 1.1.3 Gigabit Ethernet to the Desktop The Switch is an i deal solution for small net works which demand high bandwidth for a group of heavy traffic users. Y ou ca n conn ect computers an d servers directly to the Switch’ s port or connect other sw itches to the Switch. Use the o[...]
-
Page 30
Chapter 1 Getting to Know Your Switch XGS4700-48F User’s Guide 30 Shared resources such as a serv er can be used by al l ports in the same VLAN as the server . In the following figure only po rts that need access to the serv er need to be part of VLAN 1. P orts can belong to other VLA N groups too. Figure 4 Shared Serve r Using VLAN Example 1.1.5[...]
-
Page 31
Chapter 1 Getting to Kn ow Your Switch XGS4700-48F User’s Guide 31 • W eb Configur ator . This is recommended f or everyda y management of the S witch using a (supported) web browser . See Chapter 4 on page 55 . • Command Line Interface. Line comman ds offer an alternativ e to the W eb Configurator and may be necessary to configure advanced f[...]
-
Page 32
Chapter 1 Getting to Know Your Switch XGS4700-48F User’s Guide 32[...]
-
Page 33
XGS4700-48F User’s Guide 33 C HAPTER 2 Hardware Installation and Connection This chapter shows you how t o install and connect the S witch. 2.1 Freest anding Inst allation 1 Make sure the Switch is clean and dry . 2 Set the Swit ch on a smo oth, leve l surface strong enough to support the weight of the Switch and the c onnected cables. Make sure [...]
-
Page 34
Chapter 2 Hardware Installation and Connection XGS4700-48F User’s Guide 34 Note: Do NOT block the ventilation ho les. Leave space between devices when stackin g. Note: For proper ventilation, allow at le ast 4 inches (10 cm) of clearance at the front and 3.4 inches (8 cm) at the back of the Switch. This is especially imp ort ant for enclosed rack[...]
-
Page 35
Chapter 2 Har d war e In sta lla tion an d Conn ec tion XGS4700-48F User’s Guide 35 2 Using a #2 Philips s crewdriver , install the M3 flat head screws through the mounting br acket holes into t he Switch. 3 Re peat steps 1 and 2 to install the second mounting br acket on the other side of the Switch. 4 Y ou may now mount the Switch on a rack. Pr[...]
-
Page 36
Chapter 2 Hardware Installation and Connection XGS4700-48F User’s Guide 36 • The Switc h frame ground is on th e upper- middle of the rear panel. • Connect the fr ame grounds to a buildi ng’ s protective earthing terminal s using a green-and- yellow fr ame ground wire. W arning! Connect the frame grou nd before you connect any other cables [...]
-
Page 37
Chapter 2 Har d war e In sta lla tion an d Conn ec tion XGS4700-48F User’s Guide 37 3 Insert the power module halfw ay into the slot and push the lever leftw ard. 4 Slide the power module into the slot unti l it makes contact with the backp lane. 5 Push the lever right ward until it is perpendicular to the ground. 6 Tighten the screw .[...]
-
Page 38
Chapter 2 Hardware Installation and Connection XGS4700-48F User’s Guide 38 2.4.1.2 DC Power Module (DCP4700-48F) 1 Use a screwdriver to loosen the screw on the power slot cover and remo ve it. 2 Grab the handle of the front panel of th e power module with one hand and place the other hand under the power module to support it. 3 Slide the power mo[...]
-
Page 39
Chapter 2 Har d war e In sta lla tion an d Conn ec tion XGS4700-48F User’s Guide 39 3 Push the le ver le ftward. 4 Grab the handle and slide the power module out. 2.4.2.2 DC Power Module 1 Ref e r t o Section 3.3.4 on page 51 to disconnect the power before you begin. 2 Use a screwdriver to loosen the screw on the front panel of the power module.[...]
-
Page 40
Chapter 2 Hardware Installation and Connection XGS4700-48F User’s Guide 40 3 Grab the handle and slide the power module out.[...]
-
Page 41
XGS4700-48F User’s Guide 41 C HAPTER 3 Hardware Overview This chapter describes the front panel and rear p anel of the S w itch and shows you how to make the hardware connections. 3.1 Front Panel Connections The figure below shows the front panel of the S witch. Figure 9 Front Panel The following table describes t he ports. 3.1.1 Mini-GBIC Slot s[...]
-
Page 42
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 42 F actor Pluggable (SFP) T ransceiver Mult iSource Agreement (MSA). See the SFF committee’ s INF-8074i specification R ev 1.0 for details. Y ou can change transcei v ers while the Swit ch is oper ating. Y ou can use different transceiv ers to connect to Ethernet switch es with differe[...]
-
Page 43
Chapter 3 Hardware Overview XGS4700-48F User’s Guide 43 1 Open the transceiv er’s latch (latch styles v ary). Figure 12 Opening the T ransceiver ’s Latch Example 2 Pull the transceiver out of the slot. Figure 13 T ransceiver Removal Example 3.1.2 Console Port For local management, you can use a computer with terminal emulation software config[...]
-
Page 44
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 44 •T h e ALM LED shows an alert. •T h e Signal slot can send an external alar m on to another device. By dais y- chaining the signal sensor cables from one Switch to another Z yXEL switch which supports this feature, the external alarm alert (b ut not the system alarm) is received on[...]
-
Page 45
Chapter 3 Hardware Overview XGS4700-48F User’s Guide 45 3 Insert the alarm connector into the Signal slot. Figure 14 Connecting a Sensor to the Signal Slot 4 T o connect an output devicel, repeat the previous st eps but this t ime connect to either pins (1,2) or (2,3) on the Signal connector . Y ou can also daisy -chain the exter nal alarm to ano[...]
-
Page 46
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 46 2 When daisy -chaining further S witches ensure that the sig nal output pins y ou use are the same as those you used when conne cting to the first switch, as shown i n the diagr am below . Figure 15 Daisy-chaining an External Alarm Sens or to Other Switches of the Same Model 3.2 Rear P[...]
-
Page 47
Chapter 3 Hardware Overview XGS4700-48F User’s Guide 47 3.2.1 Removing and Inst alling the Fan Module The Switch fan module (F AN4700- 48F) is at th e left on the rear panel. P erform the following procedure to remove the fan module in order t o replace the entire fan module. Return any malfunctioning fan module s to the manu facture. 1 Loosen th[...]
-
Page 48
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 48 4 Slide the fan module into the fan module slot. Figure 21 Inst alling the Fan Module 5 Tighten the thumbscrew . 3.2.2 Uplink Module The following figure shows the front pa nel of the EM-422 and EM-412 modules. Figure 22 The Front Panel of the EM-422 and EM-412 Modules 3.2.3 Rear Panel[...]
-
Page 49
Chapter 3 Hardware Overview XGS4700-48F User’s Guide 49 3.2.4 Management Port The 100Base- T Ethernet MGMT (management) port is used for local management. Connect directly to this port using an Ethernet cable. Y ou can configure t he Switch via T elnet or the web configurator . The default IP address of the management port is 192. 168.0.1 with a [...]
-
Page 50
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 50 • K eep the power supply switch in the OFF position until you come to the procedure for turning on the power . Note: Use the included power cord for the AC power connection. Note: Use only power wires of the required diame ter for connecting the Switch DC power input to a power suppl[...]
-
Page 51
Chapter 3 Hardware Overview XGS4700-48F User’s Guide 51 5 Connect the other end of the power wire to the negative term inal on th e power supply . 6 Insert the terminal block plug in the Swi tch’ s terminal block header . Figure 23 Connecting th e power wires to the DC power terminals 3.3.3 Procedure to T urn on the Switch Power 1 Put the power[...]
-
Page 52
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 52 3.4 LEDs The following table describes t he LEDs. T able 3 LEDs LED COLO R ST A TUS DESCRIPTION Displays Stack ID number The LED is showing the Stac k ID number of the Switch. PWR1 (P ower 1) Green On The system is receiving power from the power module in the first power slot. Off The [...]
-
Page 53
Chapter 3 Hardware Overview XGS4700-48F User’s Guide 53 1-48 Green Blinking The port is receiving or transmitting data at 1000 Mbps. On The port has a successful 1000 Mbps connection. Amber Blinking The port is receiving or transmitting data 100 Mbps. On The port has a successful 100 Mbps connection. Off This link is disconnected. 10G 49-50 Blue [...]
-
Page 54
Chapter 3 Har d war e Ov er vie w XGS4700-48F User’s Guide 54[...]
-
Page 55
XGS4700-48F User’s Guide 55 C HAPTER 4 The Web Configurator This section introduces the config uratio n and functions of the web configurat or . 4.1 Introduction The web configurator is an HTML -based management interface that allows easy Switch setup an d m an agement v ia Inter net browser . U se Int e rne t Explorer 6.0 and later or Firefox 2.[...]
-
Page 56
Chapter 4 The Web Con figurator XGS4700-48F User’s Guide 56 3 The login screen appears. The defa ult username is admin and associated default password is 1234 . The date and time displ ay as sh own if y ou have not configured a time server nor manually entered a time and date in the General Setup screen. Figure 24 W eb Configurator: Login 4 Click[...]
-
Page 57
Chapter 4 T he Web Configurator XGS4700-48F User’s Guide 57 The following figure shows the navigati ng components of a web configur ator screen. Figure 25 The W eb Configurator Layout A - Click the menu items to open submenu li nks, and then click on a submenu link to open the screen in the main w in d ow. B , C , D , E - These are quick links wh[...]
-
Page 58
Chapter 4 The Web Con figurator XGS4700-48F User’s Guide 58 In the navigation panel, clic k a main link to rev eal a list of sub menu links. The following table descri bes the links in the na vigation panel. T able 4 Navigation Panel Sub-links Overview BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT T able 5 Navigation Panel Links LI[...]
-
Page 59
Chapter 4 T he Web Configurator XGS4700-48F User’s Guide 59 VLAN This link takes yo u to screens where you can configure port -based or 802.1Q VLAN (depending on what you configured in the Switch Setup menu). Y ou can also configure a protocol based VLAN or a subnet based VLAN in these screens. Static MAC For w a r d i n g This link takes you to [...]
-
Page 60
Chapter 4 The Web Con figurator XGS4700-48F User’s Guide 60 VLAN Mapping This link takes you to screens where you can configure VLAN mapping settings on the Switch. Layer 2 Protocol T unneling This link takes you to a screen wher e y o u can configure L2PT (Layer 2 Protocol T unneling) settings on the Switch. sFlow This link takes you to screens [...]
-
Page 61
Chapter 4 T he Web Configurator XGS4700-48F User’s Guide 61 4.3.1 Change Y our Password After you log i n for the first time, it is recommended you change the default administr ator password. Click Man agement > Access Control > Logins to display the next screen. Figure 26 Change Administrator Login Password Cluster Management This link tak[...]
-
Page 62
Chapter 4 The Web Con figurator XGS4700-48F User’s Guide 62 4.4 Saving Y our Configuration When you are done modifying th e s ettings in a screen, click Apply to save yo ur changes back to the run-time memory . Settings in the run-time memory are lost when the Switch’ s power is turne d off . Click the Save link in the upper right hand corner o[...]
-
Page 63
Chapter 4 T he Web Configurator XGS4700-48F User’s Guide 63 4.6.1 Reload the Configuration File Uploading the factory -default configur ation file replaces the current c onfiguration file with the factory -default configurati o n file. This means that you will lose all previous configur ations and the speed of the console port will b e reset to t[...]
-
Page 64
Chapter 4 The Web Con figurator XGS4700-48F User’s Guide 64 4.7 Logging Out of the W eb Configurator Click Logout in a screen to exit the web configurator . Y ou have to log in with your password again after you log out. This is recommended after you fini sh a management session for security reasons. Figure 28 W eb Configurator: Logout Screen 4.8[...]
-
Page 65
XGS4700-48F User’s Guide 65 C HAPTER 5 Initial Setup Example This chapter shows how to set up the S witch for an example network. 5.1 Overview The following lists the configur ation steps for the example network: • Configure an I P interfa ce • Configure DHCP server settings • Create a VLAN • Set port VLAN ID •E n a b l e R I P 5.1.1 Co[...]
-
Page 66
Chapter 5 Initi al Set up Ex amp l e XGS4700-48F User’s Guide 66 new IP interface. Th is allows the Switch to route tr affic between the RD and Sales networks. Figure 29 Initia l Setup Network Example: IP Interface 1 Connect your computer to the MGMT port that is used only for management . Make sure your computer is in the same subnet as the MGMT[...]
-
Page 67
Chapter 5 Initi al Set up Ex amp le XGS4700-48F User’s Guide 67 5 In the VID field, enter the ID of the VLAN group to which you want this IP interface to belong. This is the same as the VLAN ID you configure in the Static VLAN screen. 6 Click Add to sav e the settings to the run-ti me memory . Settings in the run-time memory are lost when the Swi[...]
-
Page 68
Chapter 5 Initi al Set up Ex amp l e XGS4700-48F User’s Guide 68 In this example, you want to configure port 1 as a member of VLAN 2. Figure 30 Initia l Setup Network Example: VLAN 1 Click A dvanced Application > VLAN in the navigati on panel and click t he Static VLAN link. 2 In the Static VLAN screen, select ACTIVE , enter a descriptive name[...]
-
Page 69
Chapter 5 Initi al Set up Ex amp le XGS4700-48F User’s Guide 69 3 Since the VLAN2 network is connected t o po rt 1 on the Switch, select Fixed to configure port 1 to be a perman ent member of the VLAN only . 4 T o ensure that VLAN-unawa re devices (such as computers and hubs) can receive frames properly , clea r the TX Tagging check bo x to set t[...]
-
Page 70
Chapter 5 Initi al Set up Ex amp l e XGS4700-48F User’s Guide 70 5.1.5 Enabling RIP T o exchange routing information with other routing devices across different routing domains, enable RIP (R outing Information Protocol) i n the RIP screen. 1 Click IP Application and RIP in the na vigation panel. 2 Select Both in the Directio n field to set the S[...]
-
Page 71
XGS4700-48F User’s Guide 71 C HAPTER 6 Tutorials This chapter provides some examples of using the web configur ator to set up and use the Switch. The tutorials include: • How to Use DHCP Snooping on the Switch • How to Use DHCP Rela y on the Switch • How to Use PPPoE IA on the Switch • How to Use Error Disable and R ecovery on the Swit ch[...]
-
Page 72
Chapter 6 Tutorials XGS4700-48F User’s Guide 72 The settings in t his tutorial are as the following. 1 Access the Switch from t he MGMT port through http://192.168 .0.1 by default. Log into the Switch by entering the username (default: admin ) and password (default: 1234 ). 2 Go to Advanced Application > VLAN > Static VLAN , and create a VL[...]
-
Page 73
Chapter 6 Tutorials XGS4700-48F User’s Guide 73 3 Go to Advanced Application > VLAN > VLAN Port Setting , and set the PVID of the ports 5, 6 and 7 to 100. This tags untagged incoming frames on ports 5, 6 and 7 with the tag 100. 4 Go to Advanced Application > IP Source Guard > DHCP snooping > Configure , activate and specify VLAN 10[...]
-
Page 74
Chapter 6 Tutorials XGS4700-48F User’s Guide 74 6 The DHCP Snooping Port Configure screen appears. Select Trusted in the Server Trusted state field for port 5 because the DHCP server is connected to port 5. K eep ports 6 and 7 Untrusted because they are connected to DHCP clients. Click Apply . 7 Go to Advanced Application > IP Source Guard >[...]
-
Page 75
Chapter 6 Tutorials XGS4700-48F User’s Guide 75 9 Connect your DHCP server to p ort 5 and a computer (as DHCP client) t o either port 6 or 7. The computer should be ab le to get an IP address from the DHCP server . If you put the DHCP server on port 6 or 7, the computer will not able to get an IP address. 10 T o check if DHCP snooping works, go t[...]
-
Page 76
Chapter 6 Tutorials XGS4700-48F User’s Guide 76 DHCP client A based on the system name, VLAN ID and port number i n the DHCP request. Client A connects to the Switch’s port 2 in VLAN 102. Figure 33 T utorial: DHCP Relay Scenario 6.2.2 Creating a VLAN Fol low the steps below to configure port 2 as a member of VLAN 102. 1 Access th e web c onf ig[...]
-
Page 77
Chapter 6 Tutorials XGS4700-48F User’s Guide 77 3 Click Advanced Application > VLAN > Static VLAN . 4 In the Static VLAN screen, select ACTIVE , enter a descripti ve name (V ALN 102 for example) in the Name field and enter 102 in the VLAN Group ID field. 5 Select Fixed to configure port 2 to be a permanent member of this VLAN. 6 Clear the T[...]
-
Page 78
Chapter 6 Tutorials XGS4700-48F User’s Guide 78 8 Click the VLAN St atus link in the Static VLAN screen and then the VLAN Port Setting link in the VLAN Status sc reen. 9 Enter 102 in the PVID f ield for port 2 to add a tag to incoming untagged frames received on that port s o that the frames are forwarded to the VLAN group that the tag def in es.[...]
-
Page 79
Chapter 6 Tutorials XGS4700-48F User’s Guide 79 6.2.3 Configuring DHCP Relay Fol low the steps below to enable DHCP relay on the Switch and allow the Switch to add relay agent information (such as the VLAN ID) to DHCP request s. 1 Click IP Application > DHCP and then the Global link to open the DHCP Rela y screen. 2 Select the Active check box[...]
-
Page 80
Chapter 6 Tutorials XGS4700-48F User’s Guide 80 3 Yo u c l i c k e d t h e Save link on the Switch t o have yo ur settings take effect. 6.3 How to Use PPPoE IA on the Switch Y ou want to configure PPPoE Inte rmediate Agent on the Switch ( A ) to pass a subscriber’s information to a PPPoE server ( S ). There is another switch ( B ) between switc[...]
-
Page 81
Chapter 6 Tutorials XGS4700-48F User’s Guide 81 6.3.1 Configuring Switch A 1 Click Advanced Application > PPPo E > Intermediate Agent . Select Active then clic k Apply . Click Port on the top of the screen. 2 Select Untrusted for port 5 and enter userC as Circuit-id and 00134900000A as Remote-id . Select Trusted for port 12 and then leave t[...]
-
Page 82
Chapter 6 Tutorials XGS4700-48F User’s Guide 82 3 The Intermediate Agent screen appears. Click VLAN on the top of the screen. 4 Enter 1 for both Start VID and End VID since both the Switch and PPPoE server are in VLAN 1 in this example. Click Apply .[...]
-
Page 83
Chapter 6 Tutorials XGS4700-48F User’s Guide 83 5 Then select Yes to enable PPP oE IA in VLAN 1 and also select Circuit-id and Remote-id to allow the Sw itch to add these two string s to frames t agged with VLAN 1 and pass to the PPPoE server . Click Apply . 6.3.2 Configuring Switch B The example uses another X GS4700-48F as switch B . 1 Click Ad[...]
-
Page 84
Chapter 6 Tutorials XGS4700-48F User’s Guide 84 2 Select Trusted for ports 11 and 12 and then click Apply . Then Click Intermediate Agent on the top of the screen. 3 The Intermediate Agent screen appears. Click VLAN on the top of the screen.[...]
-
Page 85
Chapter 6 Tutorials XGS4700-48F User’s Guide 85 4 Enter 1 for both Start VID and End VID . Click Apply . 5 Then select Yes to enable PPP oE IA in VLAN 1 and also select Circuit-id and Remote-id to allow the Sw itch to add these two string s to frames t agged with VLAN 1 and pass to the PPPoE server . Click Apply . The settings are completed now .[...]
-
Page 86
Chapter 6 Tutorials XGS4700-48F User’s Guide 86 Y ou also want the Switch to wait for a period of time (10 minutes) before resuming the port automatically , after the proble m(s) are gone. Loop guard and Errdiable features are helpful for this demand. Note: Refer to Section 27.2 on page 287 and Section 32 .3 on page 312 for more information about[...]
-
Page 87
Chapter 6 Tutorials XGS4700-48F User’s Guide 87 2 Click Advanced Application > Errdisable > CPU Protection , select ARP as the reason, enter 100 as the r ate limit (packet s per second) for the first entry (port *) to apply the s ett i n g to al l p o rt s . Th en click Apply . 3 Click Advanced Application > Errd isable > Errdisable D[...]
-
Page 88
Chapter 6 Tutorials XGS4700-48F User’s Guide 88 4 Click Advanced Application > Errdisable > Errdisable Recovery , select Active and Timer Status for loopguard and ARP entries. Also enter 180 (180 seconds = 3 minutes) in the Interval field for both entries. Then click Apply . 6.5 How to Set Up a Guest VLAN All ports on the Switch are i n VLA[...]
-
Page 89
Chapter 6 Tutorials XGS4700-48F User’s Guide 89 6.5.1 Creating a Guest VLAN Fol low the steps belo w to config ure port 1, 2, 3 and 10 as a member of V LAN 200. 1 Access th e web c onf ig u rator throug h the Switch’ s manage ment po rt. 2 Go to Basic Setting > Switch Setup an d se t the VLAN type to 802.1Q . Click Apply to save the settings[...]
-
Page 90
Chapter 6 Tutorials XGS4700-48F User’s Guide 90 7 Click Add to sav e the settings to the run-ti me memory . Settings in the run-time memory are lost when the Switc h’ s power is turned off . 8 Click the VLAN St atus link in the Static VLAN screen and then the VLAN Port Setting link in the VLAN Status sc reen. 9 Enter 200 in the PVID f ield for [...]
-
Page 91
Chapter 6 Tutorials XGS4700-48F User’s Guide 91 10 Click Apply t o save y our changes back to the run-time memory . 11 Click the Save link in the upper right c orner of the web configur ator to save your configu ration permane ntly . 6.5.2 Enabling IEEE 802.1x Port Authentication Fol low the steps below to enable port au thentication to v alidate[...]
-
Page 92
Chapter 6 Tutorials XGS4700-48F User’s Guide 92 2 Select the first Active checkbo x to enable 802.1x au thentication on the Switch. Select the Active checkbo xes for ports 1 to 8 to turn on 802.1x aut hentication on the selected ports. Click Apply . 6.5.3 Enabling Guest VLAN 1 Click the Guest Vl an link in the 802.1x scr een.[...]
-
Page 93
Chapter 6 Tutorials XGS4700-48F User’s Guide 93 2 Select Active and enter the guest VLAN ID (200 in this example) on ports 1, 2 and 3. The Switch puts unauthentic ate d clients i n the specified guest VLAN. Set Host-mode to Multi-Secure to have the Switch auth enticate each client that connects to one of these ports, and spec ify the maximum numb[...]
-
Page 94
Chapter 6 Tutorials XGS4700-48F User’s Guide 94 6.6.1 Create a Layer-3 Classifier Fol low the steps below to configure a classi fier that sorts traffic with DSCP v alue 58 into a data flow . 1 Access th e web c onf ig u rator throug h the Switch’ s manage ment po rt. 2 Go to Advanced Application > Classifier and select Active . Enter a descr[...]
-
Page 95
Chapter 6 Tutorials XGS4700-48F User’s Guide 95 3 Click Add to sav e the settings to the run-time memory . 6.6.2 Create a Policy Routing Rule Fol low the steps below to set up a policy routing profile fi rst and then a rule to forward traffic of classifier DSCP58 to gateway R2 . 1 Click IP Application > Policy Routing . 2 Select Active and ent[...]
-
Page 96
Chapter 6 Tutorials XGS4700-48F User’s Guide 96 3 Click the Rule Configuration link in the Policy Route screen to create a rule in this profile. 4 Select the name of the profile with which the rule associates. Set the rule’ s index number to 1 in the Sequence field. Select Permit to hav e the Switch send matched tr affic to the specified gatewa[...]
-
Page 97
97 P ART II T echnical Reference[...]
-
Page 98
98[...]
-
Page 99
XGS4700-48F User’s Guide 99 C HAPTER 7 System Status and Port Statistics This chapter describes the system s tatus (web configur ator home page) and port details screens. 7.1 Overview The home screen of the web configur ator displays a port statistical summary with links to each port showing s tatistical details. 7.2 Port S t atus Summary T o vie[...]
-
Page 100
Chapter 7 S ystem Status and Port Sta tistics XGS4700-48F User’s Guide 100 The following table describes t he labels in this screen. T able 8 Status LABEL DESCRIPTION P ort This identifies the Ethernet port. Click a port number to display the Port Details screen (refer to Figure 36 on pag e 101 ). Name This is the name you assigned to this port i[...]
-
Page 101
Chapter 7 System Status and Port Statistics XGS4700-48F User’s Guide 101 7.2.1 S t atus: Port Det ails Click a number in the Port column in the Status screen to display individual p ort statistics. Use t his screen to check status and detailed perf ormance data about an individual port on the S witch. Figure 36 S t atus: Port Details The followin[...]
-
Page 102
Chapter 7 S ystem Status and Port Sta tistics XGS4700-48F User’s Guide 102 LACP This field shows if LACP is enabled on this port or not. TxPkts This field shows the number of tr ansmitted frames on this port RxPkts This field shows the number of received fr ames on this port Errors This field shows the number of received errors on this port. Tx K[...]
-
Page 103
Chapter 7 System Status and Port Statistics XGS4700-48F User’s Guide 103 Runt This field shows the number of packets received that were too short (shorter than 64 octets), including the ones with CRC errors. Distribution 64 This field shows the number of pack ets (including bad packets) received that were 64 octets in length. 65-127 This field sh[...]
-
Page 104
Chapter 7 S ystem Status and Port Sta tistics XGS4700-48F User’s Guide 104[...]
-
Page 105
XGS4700-48F User’s Guide 105 C HAPTER 8 Basic Setting This chapter describes how to configure the System Info, General Setup , Switch Setup , IP Setup and Port Setup screens. 8.1 Overview The System Info screen displays gener al Switch information (such as fi rmware version number) and hardware polling information (such as fan speeds). The Genera[...]
-
Page 106
Chapter 8 Basic Setting XGS4700-48F User’s Guide 106 8.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. Y ou can check the firmware version number and monitor the Switch temperature, fan speeds an d voltag e in this screen. Figure 37 Basic Setting > System Info The following tab[...]
-
Page 107
Chapter 8 Basic Setting XGS4700-48F User’s Guide 107 Ethernet Address This field refers to the Ethernet MAC (Media Access Control) address of the Switc h. Hardware Monitor Te m p e r a t u r e Unit The Switch has temper ature sensors that are capable of detecting and reporting if the temper ature rises above the threshold. Y ou may choose the tem[...]
-
Page 108
Chapter 8 Basic Setting XGS4700-48F User’s Guide 108 8.3 General Setup Use this screen to configure genera l set t ings such as the system name and time. Click Basic Setting and Gener al Setup in the navigation panel to display the screen as shown. Figure 38 Basic Setting > General Setup The following table describes t he labels in this screen[...]
-
Page 109
Chapter 8 Basic Setting XGS4700-48F User’s Guide 109 Use Time Server when Bootup T ype the time service protocol that your timeserver uses. Not all time servers support all protocols, so you may have to use trial and error to find a protocol that works. The ma in differences between them are the time format. When you select the Daytime (RFC 867) [...]
-
Page 110
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 0 8.4 Introduction to VLANs A VLAN (Virtual Local Area Network) allo ws a ph ysical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one grou p. With VLAN, a device cannot directly talk to or hear from de[...]
-
Page 111
Chapter 8 Basic Setting XGS4700-48F User’s Guide 111 8.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display t he screen as shown. The VLAN setup scre ens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. R efer to the chapter on VLAN. Figure 39 Basic Se[...]
-
Page 112
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 2 Join Timer Join Timer sets the duration of the Join Period timer for GVRP in milliseconds. Each port has a Join Period timer . The allowed Join Time range is between 100 and 6 5535 milliseconds; the default is 200 milliseconds. See Chapter 9 on page 119 for more background information. Leave T[...]
-
Page 113
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 3 8.6 IP Setup Use the IP Setup screen to configure the default gateway d evice, the default domain name server and add IP domains. 8.6.1 IP Interfaces The Switch needs an IP address for it to be managed ov er the network. The factory default IP address is 192.168. 1.1. The subnet mask specifies[...]
-
Page 114
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 4 The following table describes t he labels in this screen. T able 13 Basic Setting > IP Setup LABEL DESCRIPTION Default Gateway T ype the IP address of the default outgoing gateway in dotted decimal notation, for example 192.168.1.254. Domain Name Server DNS (Domain Name S ystem) is for mapp[...]
-
Page 115
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 5 8.7 Port Setup Use this screen to configure Switch port settings. Click Basic Setting > Port Setup in the navigation panel to display the conf iguration screen. Figure 41 Basic Setting > Port Setup IP Subnet Mask This field displays the subnet mask of the Switch in the IP domain. VID Thi[...]
-
Page 116
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 6 The following table describes t he labels in this screen. T able 14 Basic Setting > Port Setup LABEL DESCRIPTION P ort This is the port index number . * Settings in this row apply to all ports. Use this row only if y ou want to make some settings the same for all ports. Use this row first t[...]
-
Page 117
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 7 802.1p Priority This priority value is added to incoming fr ames without a (802.1p) priority queue tag. See Pr iority Queue Assignment in T able 12 on page 111 for more information. BPDU Control Configure the way to treat BPDUs receiv ed on this port. Y ou must activate bridging control protoc[...]
-
Page 118
Chapter 8 Basic Setting XGS4700-48F User’s Guide 11 8[...]
-
Page 119
XGS4700-48F User’s Guide 11 9 C HAPTER 9 VLAN The type of screen you see here depends on the VLAN Type you selected in the Switch Setup screen. This chapter shows you how to configure 802.1Q tagged and port-bas ed VLANs. 9.1 Introduction to IEEE 802.1Q T agged VLANs A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VL[...]
-
Page 120
Chapter 9 VLAN XGS4700-48F User’s Guide 120 switch, the Swit ch first decides where to forward the fr ame and then strips off the VLAN tag. T o forward a fr ame from an 802.1Q VLAN-unaw are switch to an 802.1Q VLAN-aware switc h, the Switch first de cide s where to forward the fr ame, and then inserts a VLAN tag reflecting the ingress port's[...]
-
Page 121
Chapter 9 VLAN XGS4700-48F User’s Guide 121 9.3 Port VLAN T runking Enable VLAN Trunking on a port to allow fr ames belonging to unknown VLAN groups to pass through that port. This is us eful if y ou w ant to set up VLAN grou ps on end devices without ha ving to co nfigure the same VLAN groups on intermediary devices. The following figure describ[...]
-
Page 122
Chapter 9 VLAN XGS4700-48F User’s Guide 122 allow fr ames with VLAN group tags 1 an d 2 (VLAN groups that are unknown to those switches) to pass through their VLAN trunking port(s). Figure 42 Port VLAN T runking 9.4 Select the VLAN T ype Select a VLAN type in the Basic Setting > Switch Setup screen. Figure 43 Switch Setup: Select VLAN T ype 9.[...]
-
Page 123
Chapter 9 VLAN XGS4700-48F User’s Guide 123 9.5.1 VLAN St atus See Section 9.1 on page 119 for more information on Static VLAN. Click Advanced Application > VLAN from the navigation panel to display the VLAN Status screen as shown nex t. Figure 44 Advanced Application > VLAN: VLAN S tatus The following table describes t he labels in this sc[...]
-
Page 124
Chapter 9 VLAN XGS4700-48F User’s Guide 124 9.5.2 VLAN Det ails Use this screen to view detai led port se ttings and status of the VLAN group . See Section 9.1 on page 119 for more information on static VLAN. Click on an index number in the VLAN Status screen to display VLAN det ails. Figure 45 Advanced Application > VLAN > VLAN Detail The [...]
-
Page 125
Chapter 9 VLAN XGS4700-48F User’s Guide 125 static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 46 Advanced Application > VLAN > S tatic VLAN The following table describes t he related labels in this screen. T able 18 Advanced Application > VLAN > S tatic VLAN LABEL DESCRIPTION ACTIVE S[...]
-
Page 126
Chapter 9 VLAN XGS4700-48F User’s Guide 126 9.5.4 Configure VLAN Port Settings Use the VLAN Port Set ti ng screen to co nfigure the static VLAN (IEEE 802.1Q) settings on a port. See Section 9.1 on page 119 for more information on static VLAN. Click the VLAN Port Setting link in th e VLAN Status screen. Figure 47 Advanced Application > VLAN >[...]
-
Page 127
Chapter 9 VLAN XGS4700-48F User’s Guide 127 The following table describes t he labels in this screen. T able 19 Advanced Application > VLAN > VLAN Port Setting LABEL DESCRIPTION GVRP GVRP (GARP VLAN Registr ation Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the netwo[...]
-
Page 128
Chapter 9 VLAN XGS4700-48F User’s Guide 128 9.6 Subnet Based VLANs Subnet based VLANs allow y ou to group tr affic into logical VLANs based on the source IP subnet you s pecify . When a fr ame is received on a port, the Switch checks if a tag is added already and the IP subnet it came from. The untag ged packets fr om the same IP su bnet are then[...]
-
Page 129
Chapter 9 VLAN XGS4700-48F User’s Guide 129 9.7 Configuring Subnet Based VLAN Click Subnet Based VLAN in the VLAN Port Setting screen to display the configurati on screen as shown. Figure 49 Advanced Application > VLAN > VLAN Port Setting > Subnet Based VLAN The following table describes t he labels in this screen. T able 20 Advanced App[...]
-
Page 130
Chapter 9 VLAN XGS4700-48F User’s Guide 130 9.8 Protocol Based VLANs Protocol based VLANs allow y ou to group tr affic into logical VLANs based on the protocol you s pecify . When an u pstream f rame is received on a port (confi gured for a protocol based VLAN), t he Switch checks if a tag is added already and its protocol. The untagged packets o[...]
-
Page 131
Chapter 9 VLAN XGS4700-48F User’s Guide 131 2 for ARP traf fic received on port 1, 2 and 3. Y ou can also ha ve a protocol based VLAN B with priority 3 for Apple T alk traffic receiv ed on port 6 and 7. All upstream ARP traf fic from port 1, 2 and 3 will be grouped together , and all upstream Apple T alk traffic from port 6 and 7 will be i n anot[...]
-
Page 132
Chapter 9 VLAN XGS4700-48F User’s Guide 132 The following table describes t he labels in this screen. T able 21 Advanced Application > VLAN > VL AN Port Setting > Protocol Based VLAN Setup LABEL DESCRIPTION Active Select this check box to activ ate this protocol based VLAN. P ort T ype a port num ber to be included in this protocol based[...]
-
Page 133
Chapter 9 VLAN XGS4700-48F User’s Guide 133 9.10 Create an IP-based VLAN Example This example shows you how to create an IP VLAN which includes ports 1, 4 and 8. Foll ow these steps using the screen below: 1 Activ ate this protocol based VLAN. 2 T ype the port number you w ant to include in this protocol based VLAN. T ype 1 . 3 Give this protocol[...]
-
Page 134
Chapter 9 VLAN XGS4700-48F User’s Guide 134 9.1 1 Port-based VLAN Setup P or t-based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port. P ort-based VLANs require all owed outgoing ports to be defined for each port. Therefore, if y ou wish to allow t wo subscr iber ports to talk to[...]
-
Page 135
Chapter 9 VLAN XGS4700-48F User’s Guide 135 The following screen shows users on a port-based, all- connected VLAN configu ration. Figure 53 Advanced Application > VLAN > Po rt Based VLAN Setup (All Connected)[...]
-
Page 136
Chapter 9 VLAN XGS4700-48F User’s Guide 136 The following screen shows users on a port-based, port -isolated VLAN configu ration. Figure 54 Advanced Application > VLAN: Port Ba se d VLAN Setup (Port Isolation)[...]
-
Page 137
Chapter 9 VLAN XGS4700-48F User’s Guide 137 The following table describes t he labels in this screen. T able 22 Advanced Application > VLAN: Port Based VLAN Setup LABEL DESCRIPTION Setting Wizard Choose All connected or Port isolation . All connected means all ports can communicate with each other , that is, there are no virtual LANs. All inco[...]
-
Page 138
Chapter 9 VLAN XGS4700-48F User’s Guide 138[...]
-
Page 139
XGS4700-48F User’s Guide 139 C HAPTER 10 Static MAC Forward Setup Use these screens to configure static MAC address forwarding. 10.1 Overview This chapter discusses how to configure forw arding rules based on MAC addresses of devices on your network. 10.2 Configuring S t atic MAC Forwarding A static MAC address is an address that has been manuall[...]
-
Page 140
Chapter 10 St at ic MAC Fo rw ard Setup XGS4700-48F User’s Guide 140 Click Advanced Applications > Static MAC Forwarding in the navigation panel to display the configur ation screen as shown. Figure 55 Advanced Application > S t atic MAC Forwarding The following table describes t he labels in this screen. T able 23 Advanced Application >[...]
-
Page 141
Chapter 10 Static MAC For ward Setup XGS4700-48F User’s Guide 141 P ort This fie ld displays the port where the MAC address shown in the next field will be forwarded. Delete Click Delete to remove the selected entry from the summary table. Cancel Click Cancel to clear the De lete check box es. T able 23 Advanced Application > S tatic MAC Forwa[...]
-
Page 142
Chapter 10 St at ic MAC Fo rw ard Setup XGS4700-48F User’s Guide 142[...]
-
Page 143
XGS4700-48F User’s Guide 143 C HAPTER 11 Static Multicast Forward Setup Use these screens to configure stat ic multicast add ress forwarding . 1 1.1 S t atic Multicast Forwarding Overview A multicast MAC address is the MAC addres s of a member of a multicast group. A static multicast address is a multicas t MAC address that has been manually ente[...]
-
Page 144
Chapter 11 St at ic Mu lt ica s t Fo rw ar d Set up XGS4700-48F User’s Guide 144 connected to port 3. Fi gure 58 shows fr ames being forwarded to ports 2 and 3 within VLAN group 4. Figure 56 No S t atic Multicast Forwarding Figure 57 S t atic Multicast Forwarding to A Single Port Figure 58 S t atic Multicast Forwarding to Multiple Po rts 1 1.2 Co[...]
-
Page 145
Chapter 11 Static Mu lticast Forward Setup XGS4700-48F User’s Guide 145 Click Advanced Application > Static Multicast Forwarding to display the configurati on screen as shown. Figure 59 Advanced Application > S t at ic Multicast Forwarding The following table describes t he labels in this screen. T able 24 Advanced Application > S tatic [...]
-
Page 146
Chapter 11 St at ic Mu lt ica s t Fo rw ar d Set up XGS4700-48F User’s Guide 146 Active This field displays whether a static multicast MAC address forwarding rule is active ( Yes ) or not ( No ). Y ou may temporarily deactivate a rule without deleting it. Name This field displays the descriptive name for identification purposes f or a static mult[...]
-
Page 147
XGS4700-48F User’s Guide 147 C HAPTER 12 Filtering This chapter discusses MAC address port fil tering. 12.1 Configure a Filtering Rule Configure the S witch to filter tr affic base d on the tr affic’s sourc e, destination MAC addresses and/or VLAN group (ID). Click Advanced Application > Filtering in the navigation panel to display the scree[...]
-
Page 148
Chapter 12 Filtering XGS4700-48F User’s Guide 148 Action Select Discard source to drop frames from th e source MAC address (specified in the MAC field). The Switch can still send frames to the MAC address. Select Discard destination to drop frames to the destination MAC address (specified in the MAC address). The Switch can still receive frames o[...]
-
Page 149
XGS4700-48F User’s Guide 149 C HAPTER 13 Spanning Tree Protocol The Switch suppor ts Spanning T ree Protocol (STP), R apid Spanning T ree Pro tocol (RSTP) and Multiple Spanning T ree Protoc ol (MSTP) as defined in the following standards. • IEEE 802.1D Spanning T ree Protocol • IEEE 802.1w Rapid Spanning T ree Protocol • IEEE 802.1s Multipl[...]
-
Page 150
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 150 P ath cost is the cost of tr ansmitting a frame onto a LAN through that port. The recommended cost is assigned according to the speed of the link to which a port is attached. The slower the media, the higher the cost. On each bridge, the bridge communicates wi th the root throug h th[...]
-
Page 151
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 151 13.1.3 STP Port S t ates STP assigns fiv e port states to eliminate packet loopi ng. A bridge port is not allowed to go direct ly from blocking state to forw arding state so as to eliminate transient loops. 13.1.4 Multiple RSTP MRSTP (Multiple RSTP) is Z yXEL ’s propri etar y featur[...]
-
Page 152
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 152 Note: Each port can belong to one STP tree only . 13.1.5 Multiple STP Multiple Spanning T ree Protocol (IEEE 802.1s) is backwards c ompatible with STP/ RSTP and addresses the limit ations of existing spanning tree prot ocols (STP and RSTP) in networks to include the following feature[...]
-
Page 153
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 153 With MSTP , VLANs 1 and 2 are mapped to di fferent spanning t rees in the network. Thus traf fic from the two VLANs tr avel on different paths. The following figure shows the network example using MSTP . Figure 63 MSTP Network Example 13.1.5.2 MST Region An MST region is a logic al gr[...]
-
Page 154
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 154 The following figure shows an example wh ere there are two MST regions. R egions 1 and 2 hav e 2 spanning tree instances. Figure 64 MSTIs in Dif ferent Regions 13.1.5.4 Common and Inter nal Sp anning T ree (CIST) A CIST represents the connecti vit y of the entire network and it is eq[...]
-
Page 155
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 155 13.2 S p anning T ree Protocol S t atus Screen The Spanning T ree Protocol status scree n changes depending on what standard you choose to implement on your network. Click Advanced Application > Spanning Tree Protocol to see the screen as shown. Figure 66 Advanced Application > [...]
-
Page 156
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 156 The following table describes t he labels in this screen. 13.4 Configure Rapid S p anning T ree Protocol Use this screen to configure RSTP settings, see Section 13.1 on page 149 for more informat ion on RS TP . Click RSTP in the Advanced Application > Spanning Tree Proto col scree[...]
-
Page 157
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 157 The following table describes t he labels in this screen. T able 29 Advanced Application > S panning T ree Protocol > RSTP LABEL DESCRIPTION Status Click Status to dis play the RSTP Status screen (see Figure 69 on page 159 ). Active Select this check box to activ ate RSTP . Clea[...]
-
Page 158
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 158 13.5 Rapid S p anning T ree Protocol S t atus Click Advanced Application > Spanning Tree Pro tocol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 149 for more information on RSTP . Active Select this check box to activ ate RSTP on this[...]
-
Page 159
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 159 Note: This screen is only available af ter you activate RSTP on the Switch. Figure 69 Advanced Application > S p anning T r ee Protocol > S tatus: RSTP The following table describes t he labels in this screen. T able 30 Advanced Application > S panning T ree Protocol > S t[...]
-
Page 160
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 160 13.6 Configure Multiple Rapid S p anning T ree Protocol T o configure MRSTP , click MRSTP in the Advanced Application > Spanning Tree Proto col screen. Se e Section 13.1 on page 149 for more information on MRSTP . Figure 70 Advanced Application > S p anning T ree Protocol > [...]
-
Page 161
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 161 Bridge Priority Bridge priority is used in determining the root switch, root port and designated port. The switch with the highest priority (lowest numeric value) becomes the STP root switch. If all switches have the same priority , the switch with the lowest MAC address will the n be[...]
-
Page 162
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 162 13.7 Multiple Rapid S p anning T ree Protocol S t atus Click Advanced Applicat ion > Spanning Tree Protoc ol in the navigation panel to display the status screen as shown next. See Section 13.1 on page 149 for more information on MRSTP . Note: This screen is only available af ter [...]
-
Page 163
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 163 The following table describes t he labels in this screen. T able 32 Advanced Application > S panning T ree Protocol > S tatus: MRSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you w ant to activate. Click MRSTP to edit MRSTP settings on the S w[...]
-
Page 164
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 164 13.8 Configure Multiple S p anning T ree Protocol T o configure MSTP , click MSTP in the Advanced Application > Spanning Tree Protocol screen. See Section 13.1.5 on page 152 for more information on MSTP . Figure 72 Advanced Application > S pan ni ng T ree Protocol > MSTP[...]
-
Page 165
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 165 The following table describes t he labels in this screen. T able 33 Advanced Application > S panning T ree Protocol > MSTP LABEL DESCRIPTION Status Click Status to display the MSTP Status screen (see Figure 74 on page 168 ). Active Select this check box to activ ate MSTP on the [...]
-
Page 166
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 166 Bridge Priority Set the priority of the Switch for the specific spanning tree instance. The lower the number , t he more likely the Switch will be chosen as the root bridge within the spanning tree instance. Enter priority values between 0 and 61440 in increments of 4096 (thus valid [...]
-
Page 167
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 167 13.8.1 Multiple S p anning T ree Protocol Port Configuration T o configure MSTP ports, click Port in t he Advanced Application > Spanning Tree Protoc ol > MSTP screen. Figure 73 Advanced Application > S p anning T r ee Protocol > MSTP > Port The following table describe[...]
-
Page 168
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 168 13.9 Multiple S p anning T ree Protocol S t atus Click Advanced Applicat ion > Spanning Tree Protoc ol in the navigation panel to display the status screen as shown next. See Section 13.1.5 on page 152 for more information on MSTP . Note: This screen is only available af ter you a[...]
-
Page 169
Chapter 13 Spanning Tree Protocol XGS4700-48F User’s Guide 169 The following table describes t he labels in this screen. T able 35 Advanced Application > S panning T ree Protocol > S tatus: MSTP LABEL DESCRIPTION Configuration Click Configuration to specify which STP mode you w ant to activate. Click MSTP to edit MSTP settings on the S witc[...]
-
Page 170
Chapter 13 Spanning Tr ee Protocol XGS4700-48F User’s Guide 170 Internal Cost This is the path cost from the root port in this MST instance to the regional root switch. P ort ID This is the priority and number of the port on the Sw itch through which this Switch must communicate with the root of th e MST instance. T able 35 Advanced Application &[...]
-
Page 171
XGS4700-48F User’s Guide 171 C HAPTER 14 Bandwidth Control This chapter shows you how y ou can cap the maximum bandwidth using the Bandwidth Control screen. 14.1 Bandwid th Control Overview Bandwidth control means defining a maxi mum allowab le bandwidth for incoming and/or out-going tr affic flows on a port. 14.1.1 CIR and PIR The Committed Info[...]
-
Page 172
Chapter 14 Bandwidth Control XGS4700-48F User’s Guide 172 14.2 Bandwid th Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. Figure 75 Advanced Application > Bandwid th Control The following table describes t he related labels in this screen. T able 36 Advanced Applicat[...]
-
Page 173
Chapter 14 Band wid th Contr ol XGS4700-48F User’s Guide 173 Active Select this check bo x to activate egress r ate limits on this port. Egress Rate Specify the maximum bandwidth allowed in kilobits per second (Kbps) for the out -going traffic flow on a port. Apply Click Apply to save your changes to the Switch’ s run-time memory . The Switch l[...]
-
Page 174
Chapter 14 Bandwidth Control XGS4700-48F User’s Guide 174[...]
-
Page 175
XGS4700-48F User’s Guide 175 C HAPTER 15 Broadcast Storm Control This chapter introduces and shows you how to configure the broadcast storm control feature. 15.1 Broadcast S torm Control Setup Broadcast storm control limits the number of broadcast, multicast and destinat ion lookup failure (DLF ) packets the S witch re ceives per second on the po[...]
-
Page 176
Chapter 15 Broadcast Storm Control XGS4700-48F User’s Guide 176 The following table describes t he labels in this screen. T able 37 Advanced Application > Broadcast S torm Control LABEL DESCRIPTION Active Select this check box to enable traffic storm control on the Switch. Clear this check box to disable this feature. P ort This field displays[...]
-
Page 177
XGS4700-48F User’s Guide 177 C HAPTER 16 Mirroring This chapter discusses port mirroring s etup screens. 16.1 Port Mirroring Setup P o r t m i r r o r i n g a l l o w s y o u t o c o p y a t r a f f i c f l o w t o a m o n i t o r p o r t ( t h e p o r t y o u c o p y the traffic to) in order th at you ca n examine th e traffic f r om th e m o ni[...]
-
Page 178
Chapter 16 M irr or in g XGS4700-48F User’s Guide 178 The following table describes t he labels in this screen. T able 38 Advanced Application > Mirroring LABEL DESCRIPTION Active Select this check box to activate port mirroring on the S witch. Clear this check box to disable the feature. Monitor Po r t The monitor port is the port you copy th[...]
-
Page 179
XGS4700-48F User’s Guide 179 C HAPTER 17 Link Aggregation This chapter shows you how t o logically aggr egate phy sical links t o form one logical, higher-bandwid th link. 17.1 Link Aggregation Overview Link aggregation (trunking) is the groupi ng of physical por ts into one log i ca l higher-capacity link. Y ou may want to trunk ports if for exa[...]
-
Page 180
Chapter 17 Li nk Aggr eg a tion XGS4700-48F User’s Guide 180 When you enable LACP link aggregation on a port, the port can automatically negotiate with the ports at the remote en d of a li nk to establish trunk groups. LACP also allows port redundancy , that is, if an operational port fails, then one of the “standby” ports become operational [...]
-
Page 181
Chapter 17 L ink Aggr eg a tion XGS4700-48F User’s Guide 181 17.3 Link Aggregation S t atus Click Advanced Application > Link Aggregation in the navigation panel. The Link Aggregation Status screen d isplays by default. See Sect ion 17.1 on pa ge 179 for more information. Figure 78 Advanced Application > Link Aggregation S tatus The followi[...]
-
Page 182
Chapter 17 Li nk Aggr eg a tion XGS4700-48F User’s Guide 182 Criteria This shows the outgoing tr affic distribution algorithm used in this trunk group. P ackets from the same source and/or to the same destination are sent over the same link within the trun k. src-mac means the Switch distributes traffic based on the packet’ s source MAC address[...]
-
Page 183
Chapter 17 L ink Aggr eg a tion XGS4700-48F User’s Guide 183 17.4 Link Aggregation Setting Click Advanced Application > Link Aggregation > Link Aggregation Setting to display the screen shown next. See Section 17.1 on page 179 for more informat ion on link aggre gation. Figure 79 Advanced Application > Link Aggreg ation > Link Aggrega[...]
-
Page 184
Chapter 17 Li nk Aggr eg a tion XGS4700-48F User’s Guide 184 Criteria Select the outgoing traffic distribution type. Pack ets from the same source and/or to the same destination are sent ov er the same link within the trunk. By default, the Switch uses the src-dst-mac distribution type. If the Switch is behind a router , the packet’s destinatio[...]
-
Page 185
Chapter 17 L ink Aggr eg a tion XGS4700-48F User’s Guide 185 17.5 Link Aggregation Control Protocol Click in the Advanced Application > Link Aggregation > Link Aggregation Setting > LACP to displa y the screen shown next. See Section 17.2 on page 179 for more infor mation on dynamic link aggregation. Figure 80 Advanced Application > L[...]
-
Page 186
Chapter 17 Li nk Aggr eg a tion XGS4700-48F User’s Guide 186 The following table describes t he labels in this screen. 17.6 S t atic T runking Example This example shows you how to create a static port trunk group for ports 2-5. T able 43 Advanced Application > Link Aggregation > Link Aggregatio n Setting > LACP LABEL DESCRIPTION Link Ag[...]
-
Page 187
Chapter 17 L ink Aggr eg a tion XGS4700-48F User’s Guide 187 1 Make your physical connections - make sure that the ports that you w ant to belong to the trunk group are connected to the same destina tion. The followin g figure shows ports 2-5 on swit ch A connected to switch B . Figure 81 T runking Example - Physical Connections 2 Configure stati[...]
-
Page 188
Chapter 17 Li nk Aggr eg a tion XGS4700-48F User’s Guide 188[...]
-
Page 189
XGS4700-48F User’s Guide 189 C HAPTER 18 Port Authentication This chapter describes the IEEE 802. 1x and MAC authentication methods. 18.1 Port Authentication Overview P ort authentication is a w ay to v alidate access to ports on the Switch to clients based on an external server (authentic ation server). The S witch supports the following methods[...]
-
Page 190
Chapter 18 Port Authentication XGS4700-48F User’s Guide 190 credentials, the Switch send s an authentication reques t to a RADIUS server . The RADIUS server v alidates whether this client is allowed access to the port. Figure 83 IEEE 802.1x Authentication Process 18.1.2 MAC Authentication MAC authentication works in a very sim ilar way to IEEE 80[...]
-
Page 191
Chapter 18 Port Authentication XGS4700-48F User’s Guide 191 client connecting to a port on the Switch along with a password configured specifically for MAC authenti cation on the Switc h. Figure 84 MAC Authentication Process 18.2 Port Authentication Configuration T o enable port authentication, first activ a te the port authentication method(s) y[...]
-
Page 192
Chapter 18 Port Authentication XGS4700-48F User’s Guide 192 18.2.1 Activate IEEE 802.1x Security Use this screen to activ ate IEEE 802.1x security . In the Port Authentication screen click 802. 1x to displa y the configurat ion screen as shown. Figure 86 Advanced Application > Port Authentication > 802.1x The following table describes t he [...]
-
Page 193
Chapter 18 Port Authentication XGS4700-48F User’s Guide 193 18.2.2 Guest VLAN When 802.1x port authentication is enable d on the Swit ch and its ports, client s that do not hav e the correct credentials are block ed from using the port(s). Y ou can configure your S witch to have one VLAN that acts as a guest VLAN. If you enable the guest VLAN ( 1[...]
-
Page 194
Chapter 18 Port Authentication XGS4700-48F User’s Guide 194 rights gr anted to the Guest VLAN depe nds on how the network administrator configures switches or routers with the gu est network feature. Figure 87 Guest VLAN Example Use this screen to enable and as si gn a guest VLAN to a port. In the Port Authentication > 802.1x screen click Gues[...]
-
Page 195
Chapter 18 Port Authentication XGS4700-48F User’s Guide 195 The following table describes t he labels in this screen. T able 45 Advanced Application > Port Authentication > 802.1 x > Guest VLAN LABEL DESCRIPTION P ort This field displays a port number . * Settings in this row apply to all ports. Use this row only if you w ant to make som[...]
-
Page 196
Chapter 18 Port Authentication XGS4700-48F User’s Guide 196 18.2.3 Activate MAC Authentication Use this screen to activ ate MAC authentication. In the Port Authentication screen click MAC Authentication to di splay the configur ation screen as shown. Figure 89 Advanced Application > Port Authentication > MAC Authentication The following tab[...]
-
Page 197
Chapter 18 Port Authentication XGS4700-48F User’s Guide 197 Timeout Specify the amount of time before the Switch allows a client MAC address that fails authentication to try and authenticate again. Maximum time is 3000 seconds. When a client fails MAC authentication , its MAC address is learned by the MAC address table with a status of denied. Th[...]
-
Page 198
Chapter 18 Port Authentication XGS4700-48F User’s Guide 198[...]
-
Page 199
XGS4700-48F User’s Guide 199 C HAPTER 19 Port Security This chapter shows you how t o set up port securit y . 19.1 About Port Security P ort security allows only packet s with dynamically learned MAC addresses and/or configured static MAC ad dresses to pass throug h a port on the S witch. Th e Switch can learn up to 32K MAC addresses in total wit[...]
-
Page 200
Chapter 19 Port Secu rity XGS4700-48F User’s Guide 200 19.2 Port Security Setup Click Advanced Application > Port Security in the navigati on panel to displa y the screen as shown. Figure 90 Advanced Application > Port Security The following table describes t he labels in this screen. T able 47 Advanced Application > Port Security LABEL [...]
-
Page 201
Chapter 19 Port Security XGS4700-48F User’s Guide 201 19.3 VLAN MAC Address Limit Use this screen to set t he MAC address le arning limit on per-port and per- VLAN basis. Click VLAN MAC Address Lim it in the Advanced Application > Port Security screen to display the screen as shown. Figure 91 Advanced Application > Port Secu rity > VLAN [...]
-
Page 202
Chapter 19 Port Secu rity XGS4700-48F User’s Guide 202 The following table describes t he labels in this screen. T able 48 Advanced Application > Port Secu rity > VLAN MAC Address Limit LABEL DESCRIPTION Active Select this option to activ ate this rule. P ort Enter the num ber of the port to which this rule is applied. VID Enter the VLAN id[...]
-
Page 203
XGS4700-48F User’s Guide 203 C HAPTER 20 Classifier This chapter introduces and shows you how to configure the packet classif ier on the Switch. 20.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay , and the networking me thods used to control the use of bandwidth. W[...]
-
Page 204
Chapter 20 Classifier XGS4700-48F User’s Guide 204 20.2 Configuring the Classifier Use the Classifier screen to define the c lassifiers. After you define the classifier , you can specif y actions (or policy) to act upon the traffic that matches the rules. T o configure policy rules, refer to Chapter 21 on p age 209 . Click Advanced Application &g[...]
-
Page 205
Chapter 20 Classifier XGS4700-48F User’s Guide 205 Pa c ke t For m a t Specify the format of the packet. Choices are All , 802.3 tagged , 802.3 untagged , Ethern et II tagged and Ethernet II untagged . A value of 802.3 indicates that the packets are formatted according to the IEEE 802.3 standards. A value of Ethernet II indicates that the packets[...]
-
Page 206
Chapter 20 Classifier XGS4700-48F User’s Guide 206 20.3 V iewing and Editing Classifier Configuration T o view a summary of t he classifier configur ation, scroll down to the s ummary table at the bottom of the Classifier screen. T o change the settings of a rule, cl ick a number in the Index field. Note: When two rules conflict with each other ,[...]
-
Page 207
Chapter 20 Classifier XGS4700-48F User’s Guide 207 The following table describes t he labels in this screen. The following table shows some other common Ethernet types and the corresponding protocol number . Some of the most common IP ports are: T able 50 Classifier: Summary T able LABEL DESCRIPTION Index This field displays the index number of t[...]
-
Page 208
Chapter 20 Classifier XGS4700-48F User’s Guide 208 20.4 Classifier Example The following screen shows an example of conf iguring a classifier that identifies all traffic from MAC address 00:50:ba:ad:4f:81 on port 2. Figure 94 Classifier: Example After you hav e configured a classifier , you can configure a poli cy to define action(s) on the class[...]
-
Page 209
XGS4700-48F User’s Guide 209 C HAPTER 21 Policy Rule This chapter shows you how t o configure policy rules. 21.1 Policy Rules Overview A classifier dist inguishes traffic into flows based on the configured criteria (refer to Chapter 20 on page 203 for more information). A policy rule ensures that a tr affic flow gets the requested treatment in th[...]
-
Page 210
Chapter 21 Policy Rule XGS4700-48F User’s Guide 210 The DSCP value determines the forwarding behavior , the PHB (Per-Hop Behavior), that each pack et gets across the DiffSer v network. Based on the marking rule, different kinds of tr affic can be marked for different kinds of forwarding. R esources can then be allocated according to the DS CP v a[...]
-
Page 211
Chapter 21 Policy Rule XGS4700-48F User’s Guide 21 1 Click Advanced Applications > Policy Rule in the navigation panel t o display the screen as shown. Figure 95 Advanced Application > Policy Rule The following table describes t he labels in this screen. T able 53 Advanced Application > Policy Rule LABEL DESCRIPTION Active Select this op[...]
-
Page 212
Chapter 21 Policy Rule XGS4700-48F User’s Guide 212 Classifier(s) This field dis plays the active classifier(s) you configure in the Classifier screen. Select the classifier(s) to which this policy rule applies. T o select more than one classifier , press [SHIF T] and select the choices at the same time. Pa ra m e t e r s Set the fields below for[...]
-
Page 213
Chapter 21 Policy Rule XGS4700-48F User’s Guide 213 21.3 V iewing and Editin g Policy Configuration T o view a summary of t he classifier configur ation, scroll down to the s ummary table at the bottom of the Policy screen. T o change the settings of a rule, click a number in the Index field. Figure 96 Advanced Application > Policy Rule: Summa[...]
-
Page 214
Chapter 21 Policy Rule XGS4700-48F User’s Guide 214 The following table describes t he labels in this screen. T able 54 Policy: Summary Table LABEL DESCRIPTION Index This field displays the policy index number . Click an index number to edit the policy . Active This field displays Yes when policy is activated and No when is it deactivated. Name T[...]
-
Page 215
Chapter 21 Policy Rule XGS4700-48F User’s Guide 215 21.4 Policy Example The figure below shows an example Policy screen where y ou configure a policy to limit bandwidth and discard out -of-profi le traffic on a tr affic flow classified using the Example classifier (r efer to Section 20.4 on page 208 ). Figure 97 Policy Example EXAMPLE[...]
-
Page 216
Chapter 21 Policy Rule XGS4700-48F User’s Guide 216[...]
-
Page 217
XGS4700-48F User’s Guide 217 C HAPTER 22 Queuing Method This chapter introduces the queuing methods supported. 22.1 Queuing Method Overview Queuing is us ed to help solve performa nce degradation when there is network congestion. Use the Queuing Method screen to configure queuing algorithms for outgoing traffi c. See al so Priority Queue Assignme[...]
-
Page 218
Chapter 22 Q ue u ing Me tho d XGS4700-48F User’s Guide 218 2 ( Weight -1) x 10 KB If the weight setting is 5, the actual quantum guaranteed to the associated queue would be as fol lows: 2 4 x 10KB = 160 KB 22.1.3 W eighted Round Robin Scheduling (WRR) Ro u nd Robin Scheduli ng services queues on a rotating basi s and is activ ated only when a po[...]
-
Page 219
Chapter 22 Queuing Meth od XGS4700-48F User’s Guide 219 22.2 Configuring Queuing Click Advanced Application > Queuing Method in the na vigation panel. Figure 98 Advanced Application > Que uing Method The following table describes t he labels in this screen. T able 55 Advanced Application > Queuing Method LABEL DESCRIPTION P ort This labe[...]
-
Page 220
Chapter 22 Q ue u ing Me tho d XGS4700-48F User’s Guide 220 Method Select SPQ (Strictly Priority Queuing), WFQ (W eig hted F air Queuing) or WRR (W eighted Round R obin). Strictly Priority services queues based on priority only . When the highest priority queue empties, traffic on the next highest-priority queue begins. Q7 has the highest priorit[...]
-
Page 221
XGS4700-48F User’s Guide 221 C HAPTER 23 VLAN Stacking This chapter shows you how t o configure VLAN stacking on your Switch. See the chapter on VLANs for more background information on Virtual LAN 23.1 VLAN S t acking Overview A service provider c an use VLAN stacking to allow i t to distinguish multiple customers VLANs, even those with the sa m[...]
-
Page 222
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 222 distinguish customer A and tag 48 to disti nguish customer B at ed ge device 1 and then stripping those tags at edge device 2 as the data frames leav e the network. Figure 99 VLAN S ta cking Example 23.2 VLAN S t acking Port Roles Each port can hav e three VLAN stacking “roles” , Nor mal ,[...]
-
Page 223
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 223 23.3 VLAN T ag Format A VLAN tag (service pro vider VLAN st acki ng or customer IEEE 802.1Q) consists of the following th ree fields. Type is a standard Ethernet type code id entifying the fr ame and indicates that whether the frame carries IEEE 802.1Q tag information. SP TPID (Service Provide[...]
-
Page 224
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 224 Configure the fields as highlighted in the Switch VLAN Stacking screen. 23.4 Configuring VLAN S t acking Click Advanced Applications > VLAN Stacking to disp l ay the sc re en as shown. Figure 100 Advanced App lication > VLAN S tacking T able 57 Single and Double Tagged 802.11Q Frame Form[...]
-
Page 225
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 225 The following table describes t he labels in this screen. 23.4.1 Port-based Q-in-Q Port -based Q-in-Q lets t he Switc h tre at a ll frames receiv ed on the same port as the same VLAN flows and add the same ou ter VLAN tag to them, even they have different customer VLAN IDs. T able 59 Advanced [...]
-
Page 226
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 226 Click Port-based QinQ in the Advanced Application > VLAN Stacking screen to display the screen as shown. Figure 101 Advanced App lication > VLAN S tacking > Port-based QinQ The following table describes t he labels in this screen. 23.4.2 Selective Q-in-Q Selective Q-in-Q is VLAN-based[...]
-
Page 227
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 227 Note: Selective Q-in-Q rules are only ap plied to single-t agged frames received on th e access ports. If the incoming fra mes are untagged or sin gle-tagged but received on a tunnel port or cannot match any selective Q-in-Q rules, the Switch applies the port-based Q-in-Q rules to them. Click [...]
-
Page 228
Chapter 23 VLAN Stacking XGS4700-48F User’s Guide 228 P ort This is the port number to which this rule is applied. CVID This is the customer VLAN ID in the incoming packets. SPVID This is the service provider’s VLAN ID that adds to the packets from the subscribers. Priority This is the service provider ’s priority level in the packets. Delete[...]
-
Page 229
XGS4700-48F User’s Guide 229 C HAPTER 24 Multicast This chapter shows you how t o configure various multicast features. 24.1 Multicast Overview T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast deliv ers IP packets to just a grou[...]
-
Page 230
Chapter 24 Multicast XGS4700-48F User’s Guide 230 24.1.3 IGMP Snooping The Switch can passively snoop on IGMP pack ets transferred between IP multicast routers/switches and IP multicast hosts to learn the IP multicast group membership. It checks IGMP pack ets pa ssing through it, picks out the group registration informa t ion , and configu res mu[...]
-
Page 231
Chapter 24 Multicast XGS4700-48F User’s Guide 231 24.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 24.1 on page 229 for more i nformation on multicasting. Figure 104 Advanced App lication > Multicast > Multicast Setting The following table describes t h[...]
-
Page 232
Chapter 24 Multicast XGS4700-48F User’s Guide 232 IGMP Filtering Select Active to enable IGMP filtering to control w hich IGMP gr o ups a subscriber on a port can join. Note: If you enable IGMP filterin g, you must create a nd assign IGMP filtering profiles for the port s that you want to allow to join multicast group s. Unknown Multicast Frame S[...]
-
Page 233
Chapter 24 Multicast XGS4700-48F User’s Guide 233 F ast Leave Enter an IGMP fast leave timeout value (from 200 to 6,348,800) in miliseconds. Select this option to ha ve the Switch use this timeout to update the forwarding table for the port. In fast leave mode, right after receiving an IGMP lea ve message from a host on a port, the Switch itself [...]
-
Page 234
Chapter 24 Multicast XGS4700-48F User’s Guide 234 24.4 IGMP Snooping VLAN Click Advanced Applications > Multicast in the navigation panel. Click the Multicast Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See Section 24.1.4 on page 230 for more information on IG MP Snooping VLAN. Figure 105 Advanced App lica[...]
-
Page 235
Chapter 24 Multicast XGS4700-48F User’s Guide 235 24.5 IGMP Filtering Profile An IGMP filter in g profile sp ec if ies a range of multic as t groups th at cl ie nts connected to the Switch are able to join. A profile contains a r ange of multicast IP addresses which you w ant cli ents to be able to join. Profiles are assigned to ports (in the Mul[...]
-
Page 236
Chapter 24 Multicast XGS4700-48F User’s Guide 236 Click Advanced Applications > Multicast > Multicast Setting > IGMP Filtering Profile link to display th e sc re en as shown. Figure 106 Advanced App lication > Multicast > Multicast Setting > IGMP Filtering Profile The following table describes t he labels in this screen. T able [...]
-
Page 237
Chapter 24 Multicast XGS4700-48F User’s Guide 237 24.6 MVR Overview Multicast VLAN R egistration (MVR) is designed for applicatio ns (such as Media-on- Demand (MoD)) that use multicast tr affic across an Ethernet ring-based service provider network. MVR allows one single multicast VLAN t o be shared among different subscriber VLANs on the network[...]
-
Page 238
Chapter 24 Multicast XGS4700-48F User’s Guide 238 Once configured, the Switch maintains a forwarding table that matches the multicast stream to the associated multicast group . 24.6.2 MVR Modes Y ou can set your Switch to oper ate in either dyna mic or com patible mode. In dynamic mode, the Switc h sends IGMP leav e and join reports to the other [...]
-
Page 239
Chapter 24 Multicast XGS4700-48F User’s Guide 239 24.7 General MVR Configuration Use the MVR screen to create multicast VL ANs and select the receiv er port(s) and a source port for each multicast VLAN. Click Advanced Applications > Multicast > Multicast Setting > MVR link to disp l ay th e sc reen as shown next. Note: Y ou can create up[...]
-
Page 240
Chapter 24 Multicast XGS4700-48F User’s Guide 240 802.1p Priority Select a priority level (0 -7) with which the Switch replaces the priority in outgoing IGMP control packets (bel onging to this multicast VLAN). Mode Spe cify the MVR mode on the Switch. Choices are Dynamic and Compa tible . Select Dynamic to send IGMP reports to all MVR source por[...]
-
Page 241
Chapter 24 Multicast XGS4700-48F User’s Guide 241 24.8 MVR Group Configuration All source ports and receiv er ports belo nging to a multicast group can recei ve multicast data sent to thi s multicast group. Configure MVR IP mul ticast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. Note: A port ca[...]
-
Page 242
Chapter 24 Multicast XGS4700-48F User’s Guide 242 24.8.1 MVR Configuration Example The following figure shows a network ex ample where ports 1, 2 and 3 on the Switch bel ong to VLAN 1. In addition, po rt 7 belongs to the multicast group wi th VID 200 to receive multi cast traffic ( the News and Movie channels) from the remote streaming media serv[...]
-
Page 243
Chapter 24 Multicast XGS4700-48F User’s Guide 243 T o configure the MVR settings on the S w itch, create a mul ticast group in the MVR screen and set the receiv er and source ports. Figure 1 12 MVR Config uration Example T o set the Switc h to forward the multicast group traffic to the subscribers, configure multicast group sett ings in the Group[...]
-
Page 244
Chapter 24 Multicast XGS4700-48F User’s Guide 244 following figure shows an exa mpl e where two multicast groups ( News and Movie ) are configured for the multicast VLAN 200. Figure 1 13 MVR Gro up Configuration Example Figure 1 14 MVR Gro up Configuration Example EXAMPLE EXAMPLE[...]
-
Page 245
XGS4700-48F User’s Guide 245 C HAPTER 25 AAA This chapter describes how to config ure authentication, authorization and accounting se ttings on th e Switch . 25.1 Authentication, Authorization and Accounting (AAA) Authentication is the process of determin ing who a user is and validating access to the Switch. The Switch can authenticate users who[...]
-
Page 246
Chapter 25 AAA XGS4700-48F User’s Guide 246 25.1.2 on page 246 ) as external authentication, authorization and accounting servers. Figure 1 15 AAA Server 25.1.1 Local User Account s By storing user profiles locally on the S wit ch, your Swit ch is able to authenticate and authorize users without inter acting wi th a network AAA server . However ,[...]
-
Page 247
Chapter 25 AAA XGS4700-48F User’s Guide 247 Click Advanced Application > AAA in the navigation panel to displa y the screen as shown. Figure 1 16 Ad vanced Application > AAA 25.2.1 RADIUS Server Setup Use this screen to configure yo ur RADIUS server settings. See Section 25.1.2 on page 246 for more information on RADIUS servers and Sec tion[...]
-
Page 248
Chapter 25 AAA XGS4700-48F User’s Guide 248 The following table describes t he labels in this screen. T able 69 Advanced Application > AAA > RADIUS Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure your RADIUS authentication settings. Mode This field only applies if you configure multiple RADIUS servers. Sel[...]
-
Page 249
Chapter 25 AAA XGS4700-48F User’s Guide 249 25.2.2 T ACACS+ Server Setup Use this screen to configure yo ur T ACACS+ server settings. See Section 25.1. 2 on page 246 for more information on T ACACS+ servers. Click on the TACACS+ Server Setup link in the Authentication and Accountin g screen to view the screen as shown. Figure 1 18 Advanced Applic[...]
-
Page 250
Chapter 25 AAA XGS4700-48F User’s Guide 250 The following table describes t he labels in this screen. T able 70 Advanced Application > AAA > T ACACS+ Server Setup LABEL DESCRIPTION Authentication Server Use this section to configure y our T ACACS+ authentication settings. Mode This field is only v alid if you configure multiple T ACACS+ ser[...]
-
Page 251
Chapter 25 AAA XGS4700-48F User’s Guide 251 25.2.3 AAA Setup Use this screen to configure authentication , authorization and accounting settings on the Switch. Click on the AAA Setup link in the AAA screen to view the screen as shown. Figure 1 19 Advanced Application > AAA > AAA Setup Shared Secret Specify a password (up to 32 alphanumeric [...]
-
Page 252
Chapter 25 AAA XGS4700-48F User’s Guide 252 The following table describes t he labels in this screen. T able 71 Advanced Application > AAA > AAA Setup LABEL DESCRIPTION Authentication Use this section to specify the methods used to authenticate users accessing the Switch. Privilege Enable These fields specify which database the Switch shoul[...]
-
Page 253
Chapter 25 AAA XGS4700-48F User’s Guide 253 T ype Set whether the Switch provides the following services to a user . • Exec : Allow an administrator which logs in the S witch through T e lnet or SSH to hav e different access privilege level assigned via the external server . • Dot1x : Allow an IEEE 802.1x client to have differe nt bandwidth l[...]
-
Page 254
Chapter 25 AAA XGS4700-48F User’s Guide 254 25.2.4 V endor Specific Attribute RFC 2865 standard specifies a method for sending vendor-specific information between a RADIUS server and a network access d evice (for example, the Switch). A company can create V endor Specific At tributes (VS As) to expand the function ality of a RADIUS serv er . The [...]
-
Page 255
Chapter 25 AAA XGS4700-48F User’s Guide 255 25.2.5 T unnel Protocol Attribute Y ou can configure tunn el protocol attributes on the RADIUS server (refer to your RADIUS server documentation) to assign a port on the Switch to a VLAN based on IEEE 802.1x authentication. The port VLAN settings are fixed and untagged. This will also set the port’ s [...]
-
Page 256
Chapter 25 AAA XGS4700-48F User’s Guide 256 25.3 Supported RADIUS Attributes Remote A uthentication Dial- In User Servic e (RADIUS) attributes are data used to define specific authenticati on, and accounti ng elements in a user profile, which is stored on the RADIUS server . This section lists the RADIUS attributes supported by the Switch. Refer [...]
-
Page 257
Chapter 25 AAA XGS4700-48F User’s Guide 257 - This value is se t t o Ethernet(15) on the Switch. Calling-Stati on-Id Frame-MTU EAP-Message State Message-Authenticator 25.3.2 Attributes Used for Accounting The following sections list the attributes sent from the Switch to the RADIUS server when performi ng authenti ca tion. 25.3.2.1 Attributes Use[...]
-
Page 258
Chapter 25 AAA XGS4700-48F User’s Guide 258 25.3.2.3 Attributes Used for Ac counting IEEE 802.1x Event s The attributes are listed in the following table along with the ti me of the session they are sent: T able 75 RADIUS Attributes - Exec Events via Telnet/SSH ATTRIBUTE START INTERIM-UP DATE STOP User-Name NAS-Identifier NA[...]
-
Page 259
Chapter 25 AAA XGS4700-48F User’s Guide 259 Acct- Input-Gigawords Acct-Output - Gigawords T able 76 RADIUS Attributes - Exec Events via Console ATTRIBUTE START INTERIM-UP DATE STOP[...]
-
Page 260
Chapter 25 AAA XGS4700-48F User’s Guide 260[...]
-
Page 261
XGS4700-48F User’s Guide 261 C HAPTER 26 IP Source Guard Us e I P s o ur ce g ua r d t o f i lt er unauthorized DHC P and AR P packets in your network. 26.1 IP Source Guard Overview IP source guard uses a binding table to distinguish between authorized and unauthorized DHCP and ARP packets in yo ur network. A binding contains these key attribut e[...]
-
Page 262
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 262 26.1.1 DHCP Snooping Overview Use DHCP s nooping t o filter u nau th orized DHCP packets on the netwo rk and to build the binding tab le dynamically . This can prevent clients from getting IP addresses from unauthorized DHCP servers. 26.1.1.1 T rusted vs. Untrusted Port s Every port is eithe[...]
-
Page 263
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 263 Y ou can configure the name and location of the file on the external TFTP server . The file has the following format: Figure 120 DHCP Snooping Dat abase File Format The <initial-checksum> helps distinguis h between the bindings in the latest update and the bindings from previous upda t[...]
-
Page 264
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 264 3 Configure trusted and untrusted ports, an d specify the maximum number of DHCP packets t hat each port can receive per second. 4 Configure static bindings. 26.1.2 ARP Inspection Overview Use ARP inspection to filter unauthorized ARP packets on the network. This can prevent many kinds of ma[...]
-
Page 265
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 265 • They ap pe ar only in the ARP Inspection screens and commands, not in the MAC Address Filter screens and commands. 26.1.2.2 T rusted vs. Untrusted Port s Every port is either a trusted port or an untrusted p o rt for A R P inspecti on. Th is setting is independent of the t rusted/untrust[...]
-
Page 266
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 266 the bindings by snooping DHCP packets (dynami c bindings) and from informati on provided manually by administr ators (static bindings). T o open this screen, click Advanced Application > IP Source Guard . Figure 122 IP Source Guar d The following table describes t he labels in this screen[...]
-
Page 267
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 267 new static binding replaces the origin al one. T o open this screen, click Advanced Application > IP Source Guard > Static Binding . Figure 123 IP Source Guar d S t atic Binding The following table describes t he labels in this screen. T able 78 IP Source Guard Static Binding LABEL DES[...]
-
Page 268
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 268 26.4 DHCP Snooping Use this scre en to look at various statis tics about the DHCP snooping database. T o open this screen, click Advanced Application > IP Source Guard > DHCP Snooping . Figure 124 DHCP Snooping Delete Select this, and click Delete to remove the specified entry . Cancel[...]
-
Page 269
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 269 The following table describes t he labels in this screen. T able 79 DHCP Snooping LABEL DESCRIPTION Database Status This section displays the current settings for the DHCP snooping database. Y ou can configure them in the DHCP Snooping Configure screen. See Section 26.5 on page 271 . Agent U[...]
-
Page 270
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 270 Successful transfers This field displays the number of times the Switch read bindings from or updated the bindings in the DHC P snooping database successfully . F ailed transfers This field displays the number of times the Switch was unable to read bindings from or update th e bindings in th[...]
-
Page 271
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 271 26.5 DHCP Snooping Configure Use this screen to enable DHCP snooping on the Switch (not on specific VLAN), specify the VLAN where the default DHCP server is located, and conf igure the DHCP snooping database. Th e DHCP snooping databa se stores the current bindings on a secure, external TFTP[...]
-
Page 272
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 272 The following table describes t he labels in this screen. T able 80 DHCP Snooping Configure LABEL DESCRIPTION Active Sele ct this to enable DHCP snooping on the Switch. Y ou still have to enable DHCP snooping on specific VLAN and specif y trusted ports. Note: The Switch will drop all DHCP re[...]
-
Page 273
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 273 26.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are trusted or untrusted ports for DHCP snooping. Note: The Switch will drop all DHCP requests if you enable DHCP snooping and there are no trusted ports. Y ou can also specify the maximum number for DHCP packets th[...]
-
Page 274
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 274 The following table describes t he labels in this screen. 26.5.2 DHCP Snooping VLAN Configure Use this screen to enable DHCP snooping on each VLAN and to specify whether or not the Switch adds DHCP rela y agent option 82 informati on ( Chapt er 40 on page 359 ) to DHCP requ ests that the Swi[...]
-
Page 275
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 275 open this screen, click Advanced Application > IP Source Guard > DHCP Snooping > Configure > VLAN . Figure 127 DHCP Snooping VLAN Configure The following table describes t he labels in this screen. T able 82 DHCP Snooping VLAN Configure LABEL DESCRIPTION Show VLAN Use this sectio[...]
-
Page 276
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 276 26.6 ARP Inspection S t atus Use this screen to look at the current list of MAC address filters that were c reated because the Switch identified an unau thorized ARP pack et. When the Switch identifies an unauthorized ARP packet, it automatically cr eates a MAC addres s filter to block tr af[...]
-
Page 277
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 277 26.6.1 ARP Inspection VLAN St atus Use this screen to look at various statistics about ARP p ackets in each VL AN. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > VLAN Status . Figure 129 ARP Inspection VL AN S tatus The following table describe[...]
-
Page 278
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 278 26.6.2 ARP Inspection Log St atus Use this scre en t o look at lo g m es s a g e s th at we re generated by ARP pac kets and that have not been sent to the syslog server yet. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status . Figure 13[...]
-
Page 279
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 279 26.7 ARP Inspection Configure Use this screen to enable ARP inspection on the Swit ch. Y ou can also configure the length of time the Switch stores reco rds of discarded ARP pack ets and global settings for the ARP inspection log. T o open this screen, click Advanced Application > IP Sour[...]
-
Page 280
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 280 The following table describes t he labels in this screen. T able 86 ARP Inspection Configure LABEL DESCRIPTION Active Select this to enable ARP inspection on the Switch. Y ou still have to enable ARP inspection on specific VLAN and specify trusted ports. Filter Aging Time Filter aging time T[...]
-
Page 281
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 281 26.7.1 ARP Inspection Port Configure Use this screen to specify whether port s are trusted or untrusted ports for ARP inspection. Y ou can also speci fy the maximum rate at which the Switch rec eives ARP packets on each untrusted po rt. T o open this screen, click Advanc ed Application > [...]
-
Page 282
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 282 26.7.2 ARP Inspection VLAN Configure Use this screen to enable ARP inspection on each VLAN and to specif y when the Switch gener a tes log messages for receiv ing ARP pack ets from each VLAN. T o open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Confi[...]
-
Page 283
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 283 Enabled Select Yes to enable ARP inspection on the VLAN. Select No to disable ARP inspection on the VLAN. Log Specify when the Switch generates log messages for receiving ARP packets from the VLAN. None : The Switch does not generate any log messages when it receives an ARP packet from the V[...]
-
Page 284
Chapter 26 IP Source Guard XGS4700-48F User’s Guide 284[...]
-
Page 285
XGS4700-48F User’s Guide 285 C HAPTER 27 Loop Guard This chapter shows you how to config ure the Swit ch to guard against loops on the edge of your network. 27.1 Loop Guard Overview Loop guard allows you to configure the S w itch to shut down a port if it detects that packets sent out on that port loop back to the Swit ch. While you can use Spann[...]
-
Page 286
Chapter 27 Loop Guard XGS4700-48F User’s Guide 286 • It will receive its own broadcast messages that it sends out as they lo op back. It will then re-broadcast those messages agai n. The following figure shows port N on switch A connected to switch B . Switch B is in loop state. When broadcast or multi cast packets leav e port N and reach switc[...]
-
Page 287
Chapter 27 Loop Guar d XGS4700-48F User’s Guide 287 port N . The Switch will shut down port N if it detects that the probe packet has returned to the Switch. Figure 137 Loop Guard - Network L oop Note: After resolving the loop problem on your network you can re-activate the disabled port via the web configurator (se e Section 8.7 on page 1 15 ) o[...]
-
Page 288
Chapter 27 Loop Guard XGS4700-48F User’s Guide 288 The following table describes t he labels in this screen. T able 89 Advanced Application > Loop Guard LABEL DESCRIPTION Active Select this option to enable loop guard on the Switch. The Switch generates syslog, internal log messages as well as SNMP traps when it shuts down a port via the loop [...]
-
Page 289
XGS4700-48F User’s Guide 289 C HAPTER 28 VLAN Mapping This chapter shows you how t o conf igure VLAN mapping on the Switch. 28.1 VLAN Mapping Overview With VLAN mapping enabled, the S witch ca n map the VLAN ID and priority leve l of packets received from a priv ate network to those used in the service provider ’ s network. The Switch checks in[...]
-
Page 290
Chapter 28 VLAN Ma p ping XGS4700-48F User’s Guide 290 28.2 Enabling VLAN Mapping Click Advanced Application and then VLAN Mapping in the navigation panel to display the s creen as shown. Figure 140 VLAN Mapping The following table describes t he labels in this screen. T able 90 VLAN Mapping LABEL DESCRIPTION Active Select this option to enable V[...]
-
Page 291
Chapter 28 VLAN Mapping XGS4700-48F User’s Guide 291 28.3 Configuring VLAN Mapping Click the VLAN Mapping Configure link in the VLA N Mapping screen to displa y the screen as shown. Use this screen to enable an d edit the VLAN mapping rule(s). Figure 141 VLAN Mapping Configuration The following table describes t he labels in this screen. T able 9[...]
-
Page 292
Chapter 28 VLAN Ma p ping XGS4700-48F User’s Guide 292 P ort This is the port numbe r to which this rule is applied. VID This is the customer VLAN ID in the incoming packets. T ranslated VID This is the VLAN ID that repl aces the customer VLAN ID in the tagged packets. Priority This is the priority level that replaces the customer priority level [...]
-
Page 293
XGS4700-48F User’s Guide 293 C HAPTER 29 Layer 2 Protocol Tunneling This chapter shows you how to confi gure l ay er-2 protocol tunnel ing on the S wit ch. 29.1 Layer 2 Protocol T unneling Overview Layer-2 protocol tunneling (L2PT) is used on the service provider's edge devices. L2PT allows edge switches ( 1 and 2 in the following figure) to[...]
-
Page 294
Chapter 29 Layer 2 Protoco l Tunneling XGS4700-48F User’s Guide 294 2 for P AgP (Port Aggreg ation Protocol), LACP or UDLD (UniDirecti onal Link Detection). Figure 143 L2P T Network Example 29.1.1 Layer-2 Protocol T unneling Mode Each port can hav e two laye r-2 protocol tunneli ng modes, Access and Tunne l . •T h e Access port is an ingress po[...]
-
Page 295
Chapter 29 Layer 2 Protocol Tunneling XGS4700-48F User’s Guide 295 29.2 Configuring Layer 2 Protocol T unneling Click Advanced Application > Layer 2 Protocol Tunneling in the navigation panel to display the screen as shown. Figure 144 Advanced Applicatio n > Lay er 2 Protocol T unneling The following table describes t he labels in this scre[...]
-
Page 296
Chapter 29 Layer 2 Protoco l Tunneling XGS4700-48F User’s Guide 296 * Use this row to make the setting th e same for all ports. Use this row first and then make adjustments on a port-by -port basis. Note: Changes in this row are copied to all the ports as soon as you make them. CDP Select this option to have th e Switch tunnel CDP (Cisco Discover[...]
-
Page 297
XGS4700-48F User’s Guide 297 C HAPTER 30 sFlow This chapter shows you how t o configure sFlow to have t he Switch monitor tr affic in a network and send information to an sFlow collector for analysis. 30.1 sFlow Overview sFlow (RFC 3176) is a standard technology for monitoring switched networks. An sFlow agent embedded on a switch or ro uter gets[...]
-
Page 298
Chapter 30 sFlo w XGS4700-48F User’s Guide 298 30.2 sFlow Port Configuration Click Advanced Application > sFlow in the navigation panel to displ ay the screen as shown. Figure 146 Advanced App lication > sFlow The following table describes t he labels in this screen. T able 93 Advanced Application > sFlow LABEL DESCRIPTION Active Select [...]
-
Page 299
Chapter 30 sFlow XGS4700-48F User’s Guide 299 30.2.1 sFlow Collector Configuration Click the Collector link in th e sFlow screen to display the screen as shown. Y ou can configure up to four sFlow collectors in this screen. Y ou may want to configure Active Select this to allow the Switch to monitor tr affic on this port and generate and send sFl[...]
-
Page 300
Chapter 30 sFlo w XGS4700-48F User’s Guide 300 more than one collector if the tr affic load to be monitored is more than one collector can manage. Figure 147 Advanced App lication > sFlow > Collector The following table describes t he labels in this screen. T able 94 Advanced Application > sFlow > Collector LABEL DESCRIPTION Collector[...]
-
Page 301
XGS4700-48F User’s Guide 301 C HAPTER 31 PPPoE This chapter describes how the S witch gives a PPP oE termination server additional information that the server can use to id enti fy and authentica te a PPPoE client. 31.1 PPPoE Intermediate Agent Overview A PPP oE Intermediate Agent (PPPoE IA) is deployed between a PPP oE server and PPP oE clients.[...]
-
Page 302
Chapter 31 PPP oE XGS4700-48F User’s Guide 302 31.1.2 Sub-Option Format There are two types of sub-option: “ Age nt Circuit ID Sub-option” and “ Agent Remote ID Sub-option” . They have the following formats. The 1 in the first field identifies this as an Agent Circuit ID sub-option and 2 identifies this as an Agent R emote ID sub-option. [...]
-
Page 303
Chapter 31 PPPoE XGS4700-48F User’s Guide 303 31.1.2.2 WT -101 Default Circuit ID Synt ax If you do not configure a Circuit ID string for a specif ic VLAN on a port or for a specific port, and di sable the flex i ble Circuit ID syntax in the PPPoE > Intermediate Agent screen, the Switch automati cally generates a Ci rcui t ID string according [...]
-
Page 304
Chapter 31 PPP oE XGS4700-48F User’s Guide 304 31.2 The PPPoE Screen Use this screen to configure the PPP o E Intermediate Agent on the Switch. Click Advanced Application > PPPoE in the navigation panel to display the screen as shown. Click Click Here to go to the Intermediate Agent screen. Figure 148 Advanced Application > PPPoE Intermedia[...]
-
Page 305
Chapter 31 PPPoE XGS4700-48F User’s Guide 305 The following table describes t he labels in this screen. 31.3.1 PPPoE IA Per-Port Use this screen to specif y whether individual ports are trusted or untrusted ports and have the S witch add extra information to PPP oE discov ery packets from PPP oE clients on a per -port basis. T able 100 Advanced A[...]
-
Page 306
Chapter 31 PPP oE XGS4700-48F User’s Guide 306 Note: The Switch will drop all PPPoE pa cket s if you enable the PPPoE Intermediate Agent on the Switch and there are n o trusted ports. Click the Port link in the Intermediate Agent screen to display the screen as shown. Figure 150 Advanced Application > PPPoE > Intermediate Agent > Port Th[...]
-
Page 307
Chapter 31 PPPoE XGS4700-48F User’s Guide 307 31.3.2 PPPoE IA Per-Port Per-VLAN Use this screen to configure PPP oE IA setti ngs that apply to a specific VLAN on a port. Server Tr u s t e d S t a t e Select whether this port is a trusted port ( Trusted ) or an un trusted port ( Untrusted ). T rusted ports are uplink ports connected to PPP oE serv[...]
-
Page 308
Chapter 31 PPP oE XGS4700-48F User’s Guide 308 Click the VLAN link in the Intermediate Agent > Port screen to display the screen as shown. Figure 151 Advanced Application > PPPoE > Inte rmediate Agent > Port > VLAN The following table describes t he labels in this screen. T able 102 Advanced Application > PPPoE > Intermediate[...]
-
Page 309
Chapter 31 PPPoE XGS4700-48F User’s Guide 309 31.3.3 PPPoE IA for VLAN Use this screen to set whether the PPPoE In termedi ate Agent is enabled on a VLAN and whether the Switch appends the Circ uit ID and/or Remote ID to PPPoE discove ry packets from a speci fic VLAN. Click the VLAN link in the Intermediate Agent screen to display the screen as s[...]
-
Page 310
Chapter 31 PPP oE XGS4700-48F User’s Guide 310 The following table describes t he labels in this screen. T able 103 Advanced Application > PPPoE > Intermediate Agent > VLAN LABEL DESCRIPTION Show VL AN Use this section to sp ecify the VLANs you want to configure in the section below . Start VID Enter the lowest VLAN ID you want to config[...]
-
Page 311
XGS4700-48F User’s Guide 31 1 C HAPTER 32 Error Disable This chapter shows you how t o configure the rate limit for contro l p a c kets on a port, and set the Switch t o take an action (such as to shut down a port or stop sending packets) on a port when the Switc h detects a pre-configured error . It also shows you how to confi gu re t he Switc h[...]
-
Page 312
Chapter 32 Error Disable XGS4700-48F User’s Guide 312 32.3 The Error Disable Screen Use this screen to configure error disable related settings. Click Advanced Application > Errdisable in the navigation p anel to open the following screen. Figure 153 Ad vanced Application > Errdisable 32.4 CPU Protection Configuration Use this screen to lim[...]
-
Page 313
Chapter 32 Error Disa b le XGS4700-48F User’s Guide 313 The following table describes t he labels in this screen. 32.5 Error-Disable Detect Configuration Use this screen to hav e the Switch detect whether the control pack ets exceed the rate l imit configured for a port and configure the acti on to take once t he limit is exceeded. Click the Clic[...]
-
Page 314
Chapter 32 Error Disable XGS4700-48F User’s Guide 314 The following table describes t he labels in this screen. T able 105 Advanced Application > Errd isable > Errdisable Detect LABEL DESCRIPTION Cause This field displays the types of control packet that may cause CPU overload. * Use this row to make the setting th e same for all entries. U[...]
-
Page 315
Chapter 32 Error Disa b le XGS4700-48F User’s Guide 315 32.6 Error-Disable Recovery Configuration Use this screen to to configure the Switch to automatically undo an action after the error is gone. Click the Click Here link next to Errdisable Recovery in the Advanced Application > Errdisable screen to display the screen as shown. Figure 156 Ad[...]
-
Page 316
Chapter 32 Error Disable XGS4700-48F User’s Guide 316[...]
-
Page 317
XGS4700-48F User’s Guide 317 C HAPTER 33 Static Route This chapter shows you how t o configure static routes. 33.1 S t atic Routing Overview The Switch usually uses the default ga teway to route outbou nd traffic from computers on the LAN to the Internet. T o ha ve the S witch send data to devices not reachable through the default gat eway , use [...]
-
Page 318
Chapter 33 Stat ic Route XGS4700-48F User’s Guide 318 33.2 Configuring S t atic Routing Click IP Application > Static Routing in the navigation p anel to display the screen as shown. Figure 158 IP Ap plication > S tatic Routing The following table describes t he related labe ls you use to create a static route. T able 107 IP Application >[...]
-
Page 319
Chapter 33 Static Route XGS4700-48F User’s Guide 319 Index This field displays the index number of the route. Click a number to edit the static route entry . Active This field displays Yes when the static route is activated and NO when it is deactivated. Name This field displays the descriptive name for this route. This is for identification purp[...]
-
Page 320
Chapter 33 Stat ic Route XGS4700-48F User’s Guide 320[...]
-
Page 321
XGS4700-48F User’s Guide 321 C HAPTER 34 Policy Routing This chapter shows you how t o configure policy routing rul es. 34.1 Policy Route Overview T raditionally , routing is based on the destination address only and the Switch t akes the shortest path to forward a packet. P o licy routing provides a mechanism to override the default rout ing beh[...]
-
Page 322
Chapter 34 Po licy Routing XGS4700-48F User’s Guide 322 34.2 Configuring Policy Routing Profile Click IP Application > Policy Routing in the navigation panel to display the screen as shown. Use this screen to conf igure a policy routin g profile, which can consist of multiple policy rout ing rules. Figure 159 IP Ap plication > Policy Routin[...]
-
Page 323
Chapter 34 Policy Routing XGS4700-48F User’s Guide 323 34.2.1 Policy Routing Rule Configuration Y ou must first configure a layer-3 classifier in the Classifier screen (see Section 20.2 on page 204 ) and a policy routing profile in the Policy Routing screen (see Section 34.2 on page 322 ). Use this screen to configure a policy rout e to ov erride[...]
-
Page 324
Chapter 34 Po licy Routing XGS4700-48F User’s Guide 324 The following table describes t he labels in this screen. T able 109 IP Application > Policy Routing > Rule Configuration LABEL DESCRIPTION Profile Name This field displays the policy routing profile(s) you configure in the IP Application > Policy Routing scree n. Select a profile f[...]
-
Page 325
XGS4700-48F User’s Guide 325 C HAPTER 35 RIP This chapter shows you how t o configure RIP (R outing Information Protocol). 35.1 RIP Overview RIP (Routing Information Protocol) allows a routin g d ev ice to exchan ge routing information with other routers. The Direction f ield control s the se nding an d receiving of RIP pack ets. When set to: •[...]
-
Page 326
Chapter 35 RI P XGS4700-48F User’s Guide 326 uses the route that has the lowest metr ic v alue. The following table lists the default administr ative distance v alue of the route sources supported on the Swit ch . 35.2 Configuring RIP Click IP Application > RIP in the navigation panel to display the screen as shown. Y ou cannot manually config[...]
-
Page 327
Chapter 35 RIP XGS4700-48F User’s Guide 327 Network This field displays the IP in terface configured on the Switch. R efer to the section on IP Setup for more information on configuring IP domains. Direction Select the RIP direction from the drop-down list box. Choices are Outgoin g , Incoming , Both and None . V ersion Select the RIP version fro[...]
-
Page 328
Chapter 35 RI P XGS4700-48F User’s Guide 328[...]
-
Page 329
XGS4700-48F User’s Guide 329 C HAPTER 36 OSPF This chapter describes the OSPF ( Open Shor test P ath First) routing protocol and shows you how to config ure OSPF . 36.1 OSPF Overview OSPF (Open Shortest P ath First) is a link -state protocol designed to distribute routing information within an autonomous system (AS). An autonomous system is a col[...]
-
Page 330
Chapter 36 OSPF XGS4700-48F User’s Guide 330 The following table describes t he four classes of OSPF routers. The following figure depicts an OSPF ne twork example. The backbone is area 0 with a backbone router . The internal route r s ar e in area 1 and 2. The area border routers connect area 1 and 2 to the backbone. Figure 162 OSPF Network Exam[...]
-
Page 331
Chapter 36 OSPF XGS4700-48F User’s Guide 331 When you configu re an OSPF interface, y ou first set an interfa ce to transmit OSP F traffic and add the interface to an area. Y ou can configure a virtual link to estab lish/maintain connectivity between a non- backbone area and the backbone. The virt ual link must be configured on both layer -3 devi[...]
-
Page 332
Chapter 36 OSPF XGS4700-48F User’s Guide 332 2 Create OSPF areas 3 Create and associate interface(s) to an area 4 Create virt ual links to maintain backbone connec tivity . 36.2 OSPF S t atus Use this screen to view cu rrent OSPF status. Click IP Application > OSPF in the navigation panel to display the screen as s hown next. See Section 36.1 [...]
-
Page 333
Chapter 36 OSPF XGS4700-48F User’s Guide 333 The following table describes some c ommon output fields. Link State Database The text box displays information in the link state database which contains data in the LSAs. P oll Interval(s) The text bo x displays how often (in seconds) this screen refreshes. Y ou may change the refresh interv al by typ[...]
-
Page 334
Chapter 36 OSPF XGS4700-48F User’s Guide 334 36.3 OSPF Configuration Use this screen to ac tiv ate OSPF and s et gener al setting s. Cl ick IP Application > OSPF and the Configuration link to display the OSPF Configuration screen. See Section 36.1 on page 329 for more information on OSPF . Figure 165 IP Ap plication > OSPF Configuratio n: A[...]
-
Page 335
Chapter 36 OSPF XGS4700-48F User’s Guide 335 36.4 Configure OSPF Areas T o ensure that the Switch receives only routing informati on from a tr usted la yer -3 devices, activ ate authentication. The OSPF supports three levels of authentication: • None – no authentication is used. • Simple – authenticate link s tate update s using an 8 prin[...]
-
Page 336
Chapter 36 OSPF XGS4700-48F User’s Guide 336 T o configure an area, set the related fields in the OSPF Configuration screen. Figure 166 IP Ap plication > OSPF Configuration: Area Setup The following table describes t he related labels in this screen. T able 1 17 IP Application > OSPF Configuration: Area Setup LABEL DESCRIPTION Name Enter a [...]
-
Page 337
Chapter 36 OSPF XGS4700-48F User’s Guide 337 36.4.1 V iew OSPF Area Information T able The bottom of the OSPF Configuration screen displays a summary table of all the OSPF areas you hav e configured. Figure 167 IP Ap plication > OSPF Configuration: Summary T able The following table describes t he related labels in this screen. 36.5 Configurin[...]
-
Page 338
Chapter 36 OSPF XGS4700-48F User’s Guide 338 In the OSPF Configuration screen, click Redistribu te to displ ay the OSPF Redistribution screen. Figure 168 IP Ap plication > OSPF Configuration > Redistribute The following table describes t he labels in this screen. T able 1 19 IP Application > OSPF Configuration > Redistribute LABEL DES[...]
-
Page 339
Chapter 36 OSPF XGS4700-48F User’s Guide 339 36.6 Configuring OSPF Interfaces T o configure an OSPF interface, first create an IP routing domain in the IP Setup screen (see Section 8.6 on page 113 f o r m o r e i n f o r m a t i o n ) . O n c e y o u c r e a t e a n I P routing domain, an OSPF interface en try is automati cally created. See Sec t[...]
-
Page 340
Chapter 36 OSPF XGS4700-48F User’s Guide 340 The following table describes t he labels in this screen. T able 120 IP Application > OSPF Configuration > OSPF In terface LABEL DESCRIPTION Network Select an IP interface. Area ID Se lect the area ID (in an IP ad dress format with dotted decimal notation) of an area to associate the interface to[...]
-
Page 341
Chapter 36 OSPF XGS4700-48F User’s Guide 341 36.7 OSPF V i rtual-Links Configure and view virtual link s ettings in this screen. See Section 36.1 on page 329 for more information on OSPF . In the OSPF Configuration screen, click Virtual-Link to display the screen as shown next. Figure 170 IP Ap plication > OSPF Configuration > OSPF V irtual[...]
-
Page 342
Chapter 36 OSPF XGS4700-48F User’s Guide 342 Authenticatio n Note: Vi rtual interface(s) must use the same authentication method within the same area. Select an authentication method. The choices are Same-as-Area , None (default), Simple and MD5 . T o exchange OSPF packets with a peer border router , you must make the authentication method and/or[...]
-
Page 343
XGS4700-48F User’s Guide 343 C HAPTER 37 IGMP This chapter shows y ou how to configure the Switch as a multicast rout er . See also Section 24.4 on page 234 for information on IGMP snooping. 37.1 IGMP Overview IP multicast is an IETF standard for dist ributi ng data to multiple recipients. The following figure shows a mul ticast se ssion and the [...]
-
Page 344
Chapter 37 IG M P XGS4700-48F User’s Guide 344 IGMP (Internet Group Management Protocol) is used b y multicast hosts to indicate their multicast group membership to mul tic ast routers. Multicast routers can also use IGMP to periodical ly chec k if multic as t hosts still want t o receive tr ansmission from a mult i c ast serv er . In other words[...]
-
Page 345
Chapter 37 IGMP XGS4700-48F User’s Guide 345 on a particular network. This in turn he lps reduce the amount of multicast tr affic going through the multicast router . Figure 173 IGMP V ersion 2 Example IGMP version 3 allows a mul ticast host to join a multicast group and speci fy from which source (multicast server) it wants to receive multicast [...]
-
Page 346
Chapter 37 IG M P XGS4700-48F User’s Guide 346 37.3 Configuring IGMP Click IP Application > IGMP in the navigation panel to di splay the screen as shown next. Ea ch entry in the table is automa tically cre ated when you configure a new IP dom a in in the IP Setup screen (refer to Section 8.6 on page 113 ). Figure 175 IP Ap plication > IGMP [...]
-
Page 347
XGS4700-48F User’s Guide 347 C HAPTER 38 DVMRP This chapter introduces DVMRP and tells you how to configure i t. 38.1 DVMRP Overview DVMRP (Distance V ector Multicast R outing Pr otocol) is a protocol used for routing multicast data within an aut onomous system (AS). This DVMRP implementation is based on draft -ietf-idmr - dvmrp-v3-10. DVMRP pro [...]
-
Page 348
Chapter 38 DV MR P XGS4700-48F User’s Guide 348 4 The final m ulticas t (“ M ”) after pruning and gr afting is shown in the next figure. Figure 176 How DVMRP Works 38.2.1 DVMRP T erminology DVMRP probes are used to discover other DVMRP Neighbors on a network. DVMRP repor ts are used to exchange DVMRP source ro uting informati on. These packet[...]
-
Page 349
Chapter 38 DVMRP XGS4700-48F User’s Guide 349 The following table describes t he labels in this screen. 38.3.1 DVMRP Configuration Error Messages Y ou must have IGMP enabled when you enable DVMRP; otherwise you see the screen as in the next figure. Figure 178 DVMRP: IGMP No t Set Error When you disable IGMP , but DVMRP is still active you also se[...]
-
Page 350
Chapter 38 DV MR P XGS4700-48F User’s Guide 350 Each IP routing domain DVMRP configuratio n must be in a different VLAN group; otherwise you see the following screen. Figure 180 DVMRP: Duplicate VID Error Message 38.4 Default DVMRP T i mer V alues The following are some default DVMRP timer values. T able 124 DVMRP: Default Timer Values DVMRP FIEL[...]
-
Page 351
XGS4700-48F User’s Guide 351 C HAPTER 39 Differentiated Services This chapter shows you how to conf igure Di fferentiated Services (DiffServ) on the Swit ch . 39.1 DiffServ Overview Quality of Service (QoS) is used to prioriti ze source-to-destination tr affic flows. All packets in t he flow are g ive n the same priori ty . Y ou can use CoS (clas[...]
-
Page 352
Chapter 39 Differe ntiated Services XGS4700-48F User’s Guide 352 kinds of tr affic can be marked fo r di fferent p riorities of forw arding. Resources c an then be allocated according to the DSCP v alues and the configured policies. 39.1.2 DiffServ Network Example The following figure depicts a DiffServ netw ork consisting of a group of directly [...]
-
Page 353
Chapter 39 Differentiated Services XGS4700-48F User’s Guide 353 specifies the a verag e rate at which packets are admitted to the network. The PIR is greater than or equal to the CIR. CIR and PIR v alues are based on the guaranteed and maximum bandwidth respectiv e ly as negotiated between a service provider and client. T wo Rate Three Color Mark[...]
-
Page 354
Chapter 39 Differe ntiated Services XGS4700-48F User’s Guide 354 decrease it. P ackets that have been previo usly marked red or yellow can only be marked with an equal or higher pack et loss priority . P a ck ets marked red (high packet loss priority) continue to be red without eval uation against the PIR or CIR . P ack et s marked yel low can on[...]
-
Page 355
Chapter 39 Differentiated Services XGS4700-48F User’s Guide 355 The following table describes t he labels in this screen. 39.3.1 Configuring 2-Rate 3 Color Marker Settings Use this screen to configur e TR TCM settings. Click the 2-rat e 3 Color Marker link in the DiffServ screen to display the screen as shown next . T able 125 IP Application >[...]
-
Page 356
Chapter 39 Differe ntiated Services XGS4700-48F User’s Guide 356 Note: Y ou cannot enable both TR TCM and Bandwidth Control at the same time. Figure 186 IP Ap plication > DiffServ > 2-rate 3 Color Marker The following table describes t he labels in this screen. T able 126 IP Application > DiffServ > 2-rate 3 Color Marker LABEL DESCRIP[...]
-
Page 357
Chapter 39 Differentiated Services XGS4700-48F User’s Guide 357 39.4 DSCP-to-IEEE 802.1p Priority Settings Y ou can configure the DSCP to IEEE 802.1p mapping t o allow the Switch to prioritize all tr affi c based on the incoming DSCP v alue according to the DiffServ to IEEE 802.1p mapping table. The following table shows the de fault DSCP-to- IEE[...]
-
Page 358
Chapter 39 Differe ntiated Services XGS4700-48F User’s Guide 358 39.4.1 Configuring DSCP Settings T o change the DSCP-IEEE 802. 1p mapping, click the DSCP Setting link in the DiffServ screen to display the screen as shown next. Figure 187 IP Ap plication > DiffServ > DSCP Setting The following table describes t he labels in this screen. T a[...]
-
Page 359
XGS4700-48F User’s Guide 359 C HAPTER 40 DHCP This chapter shows you how t o configure the DHCP feature. 40.1 DHCP Overview DHCP (Dynamic Host Configur ation Protocol RFC 2131 and RFC 2132) al lows individual computers to obtain TCP/IP conf iguration at start-up from a server . Y ou can configure the Switch as a DHCP se rver or a DHCP rela y agen[...]
-
Page 360
Chapter 40 DHCP XGS4700-48F User’s Guide 360 • VLAN - The Switch is configured on a VLAN by VLAN basis. The Switch can be configured as a DHCP server for one VLAN and at the same time the Switch can be configured to relay DHCP requests for clients in another VLAN. 40.2 DHCP S t atus Click IP Application > DHCP in the na vigation panel. The D[...]
-
Page 361
Chapter 40 DHCP XGS4700-48F User’s Guide 361 this screen to view detail s regarding DH CP server set tings conf igured on the Swit ch . Figure 189 IP Application > DHCP > DHCP Server S tatus Det ail The following table describes t he labels in this screen. T able 130 IP Application > DHCP Server Status Detail LABEL DESCRIPTION Start IP A[...]
-
Page 362
Chapter 40 DHCP XGS4700-48F User’s Guide 362 40.4 DHCP Relay Configure DHCP relay on the Switch if the DHCP client s and the DHCP server are not in the same broadcast domain. During the initi al IP address leasing, the Switch helps to relay network information (such as t he IP address and subnet mask) between a DHCP client and a DHCP se rver . On[...]
-
Page 363
Chapter 40 DHCP XGS4700-48F User’s Guide 363 40.4.2 Configuring DHCP Global Relay Configure global DHCP relay in the DHCP Relay screen. Click IP Application > DHCP in the navigation panel and click the Global li nk to d is p lay th e sc re en as shown. Figure 190 IP Application > DHCP > Global The following table describes t he labels in[...]
-
Page 364
Chapter 40 DHCP XGS4700-48F User’s Guide 364 40.4.3 Global DHCP Relay Configuration Example The follow figure shows a network exampl e where the Switch is used to relay DHCP requests for the VLAN1 and VLAN2 domains. There is only one DHCP server that services the DHCP clients in both domains. Figure 191 Global DHCP Relay Network Example Configure[...]
-
Page 365
Chapter 40 DHCP XGS4700-48F User’s Guide 365 40.5 Configuring DHCP VLAN Settings Use this screen to configure your DHCP se ttings based on the VLAN domain of the DHCP clients. Cl ick IP Application > DHCP in the navigation panel, then click the VLAN link In the DHCP Status screen that displays. Note: Y ou must set up a management IP address fo[...]
-
Page 366
Chapter 40 DHCP XGS4700-48F User’s Guide 366 Server Use this section if you want to conf igure the Switch to function as a DHCP server for this VLAN. Client IP P ool Starting Address Specify the first of the contiguous addresses in the IP address pool. Size of Client IP P ool Specify the size, or count of the IP address pool. The S witch can issu[...]
-
Page 367
Chapter 40 DHCP XGS4700-48F User’s Guide 367 40.5.1 Example: DHCP Relay for T wo VLANs The following example dis plays two VLANs (VIDs 1 and 2) for a campus network. T wo DHCP servers are installed to serve each VLAN. The system is set up to forward DHCP request s from the dormitor y rooms (VLAN 1) to the DHCP server with an IP address of 192.168[...]
-
Page 368
Chapter 40 DHCP XGS4700-48F User’s Guide 368 For the example netw ork, configure the VLAN Setting screen as shown. Figure 195 DHCP Relay for T wo VL ANs Configuration Example EXAMPLE[...]
-
Page 369
XGS4700-48F User’s Guide 369 C HAPTER 41 VRRP This chapter shows you how t o configure and monitor the Virtual R outer Redundancy Protocol (VRRP) on the S witch. 41.1 VRRP Overview Each host on a network is configured to send packets to a statically conf igured default gateway (this S w i tch). The default gateway can become a s ingle point of fa[...]
-
Page 370
Chapter 41 VRRP XGS4700-48F User’s Guide 370 default gateway . If switch A has a higher priority , it is the master router . Switch B , having a lower priority , is the backup router . Figure 196 VRRP: Example 1 If switch A (the master router) is unav ailable, switch B takes ov er . T r affic is then processed by switch B . 41.2 VRRP S t atus Cli[...]
-
Page 371
Chapter 41 VR RP XGS4700-48F User’s Guide 371 41.3 VRRP Configuration The following sections describe the different parts of the VRRP Configur ation screen. 41.3.1 IP Interface Setup Before configuring VRRP , first create an IP interface (or routing domain) i n the IP Setup screen (see the Section 8.6 on page 113 for more information). Click IP A[...]
-
Page 372
Chapter 41 VRRP XGS4700-48F User’s Guide 372 Note: Routing domains with the sa me VLAN ID are not displayed in the t able indicated. Figure 198 IP Ap plication > VRRP Configuration > IP Interface The following table describes t he labels in this screen. T able 135 IP Application > VRRP Configuration > IP Interface LABEL DESCRIPTION In[...]
-
Page 373
Chapter 41 VR RP XGS4700-48F User’s Guide 373 41.3.2 VRRP Parameters This section describes the VRRP parameters. 41.3.2.1 Advertisement Interval The master router sends out Hel lo message s to let the ot her backup routers know that it is still up and running. The time interv al between sending the Hello messages is the advertisement interv al. B[...]
-
Page 374
Chapter 41 VRRP XGS4700-48F User’s Guide 374 41.3.3 Configuring VRRP Parameters After you set up an IP interface, co nfigure the VRRP par ameters in the VRRP Configuration screen. Figure 199 IP Ap plication > VRRP Configuration > VRRP Parameters The following table describes t he labels in this screen. T able 136 IP Application > VRRP Co[...]
-
Page 375
Chapter 41 VR RP XGS4700-48F User’s Guide 375 41.3.4 Configuring VRRP Parameters View the VRRP configur ation summary at the bottom of the screen. Figure 200 VRRP Configuration: Summary The following table describes t he labels in this screen. 41.4 VRRP Configuration Examples The following sections show two VRRP configuration examples on the Swit[...]
-
Page 376
Chapter 41 VRRP XGS4700-48F User’s Guide 376 41.4.1 One Subnet Network Example The figure below shows a simple VR RP network with only one virtual router VR1 (VRID =1) and tw o switches . The network is connected to the W AN via an uplink gatewa y G (172.21.1.100). The host computer X is set to use VR1 as the default gateway . Figure 201 VRRP Con[...]
-
Page 377
Chapter 41 VR RP XGS4700-48F User’s Guide 377 After configuring and saving the VRRP config uration, the VRRP Status screens for both switches are shown next. Figure 204 VRRP Example 1: VRRP S t atus on Switch A Figure 205 VRRP Example 1: VRRP S t atus on Switch B 41.4.2 T wo Subnet s Example The following figure depicts an exampl e in which two s[...]
-
Page 378
Chapter 41 VRRP XGS4700-48F User’s Guide 378 VR1 (refer to Section 41.4.2 on page 377 ). Configure the VRRP par ameters on the switches as shown in the fi gures below . Figure 207 VRRP Example 2: VRRP Paramet e r Settings for VR2 on Switch A Figure 208 VRRP Example 2: VRRP Paramet e r Settings for VR2 on Switch B After configuring and saving the [...]
-
Page 379
XGS4700-48F User’s Guide 379 C HAPTER 42 ARP Learning 42.1 ARP Overview Address Resolution Protocol (ARP) is a pr otocol for mapping an Internet Protocol address (IP address) to a physi c al machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long . In an Ethernet L[...]
-
Page 380
Chapter 42 ARP Learning XGS4700-48F User’s Guide 380 42.1.2.1 ARP-Reply By default, the Switch is in ARP-R eply learning mode and updates the ARP table only with the ARP replies to the ARP requ ests sent by the Switch. This can help prevent ARP spoofing. In the following example, the S witch do es not have IP address and MAC address mapping infor[...]
-
Page 381
Chapter 42 ARP Learning XGS4700-48F User’s Guide 381 other devices in the same network to update their ARP table with the new mapping information. In Gratuitous- ARP lea rning mode, the Swit ch updates its ARP ta ble with eith er an ARP reply or a gr atuitous ARP request. 42.1.2.3 ARP-Request When the Switch is in ARP-R equest learni ng mode, it [...]
-
Page 382
Chapter 42 ARP Learning XGS4700-48F User’s Guide 382 42.2 Configuring ARP Learning Click IP Application > ARP Learning in the navigation panel to displa y the screen as shown next. Figure 21 1 IP Application > ARP Learning The following table describes t he labels in this screen. T able 138 IP Application > ARP Learning LABEL DESCRIPTION[...]
-
Page 383
Chapter 42 ARP Learning XGS4700-48F User’s Guide 383 Apply Click Apply to save your changes to the Switch’ s run-time memory . The Switch loses these changes if it is turned off or loses power , so use the Save link on the top navigation panel to save your changes to the non- volatile memory when you are done configuring. Cancel Click Cancel to[...]
-
Page 384
Chapter 42 ARP Learning XGS4700-48F User’s Guide 384[...]
-
Page 385
XGS4700-48F User’s Guide 385 C HAPTER 43 Load Sharing 43.1 Load Sharing Overview The Switch learns the ne xt-hop(s) using ARP and determines routing path(s) for a destination. The Switch supports Equal- Cost MultiP ath (ECMP) to forward packets destined to the same device ( A for example) through different routing paths ( 1 , 2 and 3 ) of equal p[...]
-
Page 386
Chapter 43 Loa d Shar ing XGS4700-48F User’s Guide 386 The following table describes t he labels in this screen. T able 139 IP Application > Load Sharing LABEL DESCRIPTION Active Select this option to enable Equal-Cost MultiPath (ECMP) routing on the Swit ch. Criteria Select the criteria the Switch uses to determine the routing path for a pack[...]
-
Page 387
XGS4700-48F User’s Guide 387 C HAPTER 44 Maintenance This chapter explains how to configure the mainte nance screens that let you maintain the firmware and configur ation files. 44.1 The Maintenance Screen Use this screen to manage firmware and yo ur confi gur ation files. Click Management > Maintenance in the navigation panel to open the foll[...]
-
Page 388
Chapter 44 Maintenance XGS4700-48F User’s Guide 388 44.2 Load Factory Default Follow the steps below to rese t the Switch bac k to th e fa ctory defau lts. 1 In the Maintenance screen, click the Click Here button next to Load Factory Default to clear all Switch c onfigur ation i nformation y ou configured and return to the factory de faults. 2 Cl[...]
-
Page 389
Chapter 44 Maintenance XGS4700-48F User’s Guide 389 Click Config 2 to sav e the current configur ation settings to configur ation two on the Switch. Alternativel y , click Save on the top right-hand corner in any screen to save the configurati on changes to the current configur ation. Note: Clicking the Apply or Add button does NOT save the chang[...]
-
Page 390
Chapter 44 Maintenance XGS4700-48F User’s Guide 390 From the Maintenance screen, display the Firmware Upgrade screen as shown next. Figure 216 Mana gement > Maintenance > Firmware Upgrade T ype the path and file name of t he firmware fil e you wish to upload to the Swit ch in the File Path text box or click Browse to locate it. Select the R[...]
-
Page 391
Chapter 44 Maintenance XGS4700-48F User’s Guide 391 44.7 Backup a Configuration File Backing up your S witch configur ations allo ws you to create various “snapshots” of your device from which you ma y restore at a later date. Back up your c urrent Switch confi guratio n to a computer using the Backup Configuration screen. Figure 218 Manageme[...]
-
Page 392
Chapter 44 Maintenance XGS4700-48F User’s Guide 392 Z yNOS (Z yXEL Network Operating System, so meti mes referred to as the “r as” file) is the system firmware and ha s a “bin” filename extension. Y ou can store up to two images, or firmware files of t he same device model, on the Switch. Only one imag e is used at a time. •R u n t h e [...]
-
Page 393
Chapter 44 Maintenance XGS4700-48F User’s Guide 393 44.8.2 FTP Command Line Procedure 1 Launch the F TP client on your computer . 2 Enter open , followed by a space and the IP address of your Sw it ch. 3 Press [ENTER] when prompted for a username (the default is “admin”). 4 Enter y our password as requ ested (the defaul t is “1234”). 5 En[...]
-
Page 394
Chapter 44 Maintenance XGS4700-48F User’s Guide 394 44.8.4 FTP Restrictions FTP will no t work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) i n the Remo te Management screen does not match the client IP address. If it do es not match, the Switch wi ll disconnect the FTP session immediat ely .[...]
-
Page 395
XGS4700-48F User’s Guide 395 C HAPTER 45 Access Control This chapter describes how to c ontrol access to the Sw itch. 45.1 Access Control Overview A console port and FTP are allowed one se ssion ea ch , T elnet and SSH share nine sessions, up to fiv e W eb sessions (five di fferent usernames and passwords) and/or limitless SNMP access control ses[...]
-
Page 396
Chapter 45 Access Control XGS4700-48F User’s Guide 396 45.3 About SNMP Simple Network Manageme nt Protocol (SNM P) is an application layer protocol used to manage and monitor T CP/IP-based devices. SNMP is used to exchange management information between the network manage ment system (NMS) and a network element (NE). A manager station can manage [...]
-
Page 397
Chapter 45 Access Control XGS4700-48F User’s Guide 397 SNMP itself is a simple request /respon se protocol based on the manager/agent model. The manager issues a request an d the agent returns responses using the following protocol operations: 45.3.1 SNMP v3 and Security SNMP v3 enhances security for SNMP management. SNMP managers can be required[...]
-
Page 398
Chapter 45 Access Control XGS4700-48F User’s Guide 398 45.3.3 SNMP T raps The Switch se nds traps to an SNMP mana ger when an e vent occurs. The following tables outline the SNMP traps by category . An OID (Object ID) that begins with “ 1.3.6.1.4.1.890.1.5.8 ” is de fined in pri vate MIBs. Otherwis e, it is a st and a rd MIB OID. The OIDs beg[...]
-
Page 399
Chapter 45 Access Control XGS4700-48F User’s Guide 399 timesync RT CNotUpdate dEventOn 1.3.6.1.4.1.890.1 .5.8.54.3 1.2.1 This trap is sent when the Switch fails to get the time and date from a time server . RT CNotU pdatedEventClear 1.3.6.1.4.1 .890.1.5.8.54. 3 1.2.2 This trap is sent when the Switch gets the time and date from a time se rver . i[...]
-
Page 400
Chapter 45 Access Control XGS4700-48F User’s Guide 400 lldp lldpRemT ablesChange 1.0.8802.1.1.2.0 .0.1 The tr ap is sent when entries in the remote database have any updates. Link Layer Discov ery Protocol (LLDP), defined as IEEE 802.1ab, enables LAN devices that support LLDP to exchange their configured settings. This helps eliminate configurati[...]
-
Page 401
Chapter 45 Access Control XGS4700-48F User’s Guide 401 accounting RADIUSAcctNotR eachable EventOn 1.3.6.1.4.1.890.1.5.8. 54.3 1.2.1 This trap is sent when there is no response message from the RADIUS accounting server . RADIUSAcctNotReachable EventClear 1.3.6.1.4.1.890.1.5.8. 54.3 1.2.2 This trap is sent when the RADIUS accounting server can be r[...]
-
Page 402
Chapter 45 Access Control XGS4700-48F User’s Guide 402 45.3.4 Configuring SNMP From the Access Control screen, display the SNMP screen. Y ou can click Access Control to go back to the Access Control screen. Figure 221 Management > Access Control > SNMP mactable MacT ableFullEventOn 1.3.6. 1.4.1.890.1.5. 8.54.3 1.2.1 This trap is sent when m[...]
-
Page 403
Chapter 45 Access Control XGS4700-48F User’s Guide 403 The following table describes t he labels in this screen. T able 150 Management > Access Control > SNMP LABEL DESCRIPTION General Setting Use this section to specify the SNMP version and community (password) val ue s . V ersion Select the SNMP version for the Switch. The SNMP version on[...]
-
Page 404
Chapter 45 Access Control XGS4700-48F User’s Guide 404 45.3.5 Configuring SNMP T rap Group From the SNMP screen, click Trap Group to view the screen as shown. Use the Trap Group screen to specif y the types of SNMP tr aps that should be sent to each SNMP manager . Figure 222 Management > Access Control > SNMP > Trap Group The following t[...]
-
Page 405
Chapter 45 Access Control XGS4700-48F User’s Guide 405 45.3.6 Configuring SNMP User From the SNMP screen, click User to view the screen as shown. Use the User screen to create SNMP users for authenti cati on with managers using SNMP v3 and associate them to SNMP groups . An SNMP user is an SNMP manager . Figure 223 Management > Access Control [...]
-
Page 406
Chapter 45 Access Control XGS4700-48F User’s Guide 406 P assword Enter the password of up to 32 ASCII char acters for SNMP user authentication. Privacy Specify the encryption method fo r SNMP communication from this user . Y ou can choose one of the following: • DES - Data Encryption Standard is a widely used (but breakable) method of data encr[...]
-
Page 407
Chapter 45 Access Control XGS4700-48F User’s Guide 407 45.4 Setting Up Login Account s Up t o f i ve p eo p l e (o n e a d m in i s t ra to r a n d four non-administr ators) may access the Switch via web configur ator at any one time. • An administr ator is someone who can both view and configure Switch c hanges. The username for the Administra[...]
-
Page 408
Chapter 45 Access Control XGS4700-48F User’s Guide 408 45.5 SSH Overview Unlike T elnet or F TP , which transmit data in clear text, SSH (Secure Shell) is a secure communication protocol that combin es authentication and data encryption to provide secure encrypted communication bet ween two hosts over an unsecured network. Figure 225 SSH Communic[...]
-
Page 409
Chapter 45 Access Control XGS4700-48F User’s Guide 409 45.6 How SSH works The following table summarizes how a secure connection is established between two remot e hosts. Figure 226 How SSH W orks 1 Host Identificat io n The SSH client send s a connection request to the SSH server . The server identifies itself with a host k ey . The client encry[...]
-
Page 410
Chapter 45 Access Control XGS4700-48F User’s Guide 410 3 Authentication and Data T ransmission After the identification is verified and data encrypt ion activ ated, a secure tunnel is established between the client and th e serv er . The client then sends its authentication information (u ser name and password) to th e server to log in to the ser[...]
-
Page 411
Chapter 45 Access Control XGS4700-48F User’s Guide 41 1 1 HT TPS connection requests from an SSL - aware web browser go to port 443 (by default) on the Switch’ s WS (web server). 2 HT TP connection requests fr om a web brow ser go t o port 80 (by default) on the Switch’ s WS (w eb server). Figure 227 HTTPS Implement ation Note: If you disable[...]
-
Page 412
Chapter 45 Access Control XGS4700-48F User’s Guide 412 Y ou see the following Security Alert screen in Internet Explorer . Select Yes to proceed to the web configurator login screen; if you select No , then web configur ator access is block ed. Figure 228 Security Ale rt Dialog Box (Internet Explorer 6) 45.9.1.2 Internet Explorer 7 or 8 When you [...]
-
Page 413
Chapter 45 Access Control XGS4700-48F User’s Guide 413 After you log i n, you will see the red address bar with the message Certificate Error . Click on Certificate Error next to the address bar and click Vie w certificates . Figure 230 Certificate Erro r (Internet Explorer 7 or 8) Click Install Certificate... and follow the on-screen i nstructio[...]
-
Page 414
Chapter 45 Access Control XGS4700-48F User’s Guide 414 45.9.2 Mozilla Firefox W arning Messages When you attempt to access the S witch HT TPS server , a This Connection is Unstructed screen may display . If that is the case, click I Understand the Risks and then the Add Exception... button. Figure 232 Security Aler t (Mozilla Firefox)[...]
-
Page 415
Chapter 45 Access Control XGS4700-48F User’s Guide 415 Confirm the HT TPS server URL matches. Click Confirm Security Exception to proceed to the web configurator login screen. Figure 233 Security Alert ( Mozilla Firefox) 45.9.3 The Main Screen After you accept the certifi cate and ente r the login username and password, the Switch main screen app[...]
-
Page 416
Chapter 45 Access Control XGS4700-48F User’s Guide 416 status bar (in Internet Explorer 6 or Mozilla Firefo x) or next to the address bar (i n Internet Explorer 7 or 8) denotes a sec ure connection. Figure 234 Example: Lock Denoting a Secure Conn ection 45.10 Service Port Access Control Service Access Control allows you to decide what services yo[...]
-
Page 417
Chapter 45 Access Control XGS4700-48F User’s Guide 417 computer(s)” for each service in the Remote Management screen (discussed later). Cli c k Access Control to go back to the main Access Control scre en. Figure 235 Manageme nt > Access Control > Service Access Control The following table describes t he fields in this screen. 45.1 1 Remo[...]
-
Page 418
Chapter 45 Access Control XGS4700-48F User’s Guide 418 Y ou can specify a group of one or more “trusted computers” from which an administr ator may use a service to manage the Sw itch. Click Access Control to return to the Access Control screen. Figure 236 Management > Access Control > Remote Management The following table describes t h[...]
-
Page 419
Chapter 45 Access Control XGS4700-48F User’s Guide 419 Apply Click Apply to save your changes to the Switch’ s run-time memory . The Switch loses these changes if it is turned off or loses power , so use the Save link on the top navigation panel to sa ve your changes to the non- volatile memory when you are done configuring. Cancel Click Cance [...]
-
Page 420
Chapter 45 Access Control XGS4700-48F User’s Guide 420[...]
-
Page 421
XGS4700-48F User’s Guide 421 C HAPTER 46 Diagnostic This chapter explains the Diagnostic screen. 46.1 Diagnostic Click Management > Diagnostic in the navigation pan el to open this screen. Use this screen to check sys tem logs, ping IP addresses or perf orm port tests. Figure 237 Manageme nt > Diagnostic The following table describes t he l[...]
-
Page 422
Chapter 46 Diagnostic XGS4700-48F User’s Guide 422 IP Ping T ype the IP address of a device that you want to ping in order to test a connection. Click Ping to have the Switch ping the IP address (in the field to the left). Ethernet P ort Te s t Enter a port number and click Port Test to perform an internal loopback test. T able 156 Management >[...]
-
Page 423
XGS4700-48F User’s Guide 423 C HAPTER 47 Syslog This chapter explains the syslog screens. 47.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to sy s lo g servers that col l e ct the event messages. A sys log-enabled device can generate a syslog message and send it to a syslog server . [...]
-
Page 424
Chapter 47 Sy slog XGS4700-48F User’s Guide 424 47.2 Syslog Setup Click Management > Syslog in the navigation panel to displa y this screen. The syslog feature sends logs to an external sy slog serv er . Use this screen to configure the device’ s system logging settings. Figure 238 Manageme nt > Syslog The following table describes t he l[...]
-
Page 425
Chapter 47 Syslog XGS4700-48F User’s Guide 425 47.3 Syslog Server Setup Click Management > Syslog > Syslog Server Setup to open the following screen. Use this s creen to configure a list of external syslog servers . Figure 239 Manageme nt > Syslog > Server Setup The following table describes t he labels in this screen. T able 159 Mana[...]
-
Page 426
Chapter 47 Sy slog XGS4700-48F User’s Guide 426[...]
-
Page 427
XGS4700-48F User’s Guide 427 C HAPTER 48 Cluster Management This chapter introduces cluster management. 48.1 Clustering Management S t atus Overview Cluster Management allows you to manage switc hes through one Switch, call ed the cluster manager . The switches must be directly connected and be in the same VLAN group so as to be able to communica[...]
-
Page 428
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 428 In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are clust er members. Figure 240 Clustering App lication Example 48.2 Cluster Management S t atus Click Management > Clus ter Management in the naviga[...]
-
Page 429
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 429 The following table describes t he labels in this screen. 48.2.1 Cluster Member Switch Management Go to the Clustering Management St atus screen of the cluster manager switch and then select an Index hyperlink from the list of members to go to that cluster member switch's web conf[...]
-
Page 430
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 430 configurator home page and the home pa ge that you'd see if y ou accessed it directly are different. Figure 242 Cluster Management: Clu ster Mem ber Web Configurator Screen EXAMPLE EXAMPLE[...]
-
Page 431
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 431 48.2.1.1 Uploading Firmware to a Cluster Member Switch Y ou can use FTP to upload firmware to a cluster member switch through the cluster manager swi tch as sh own in the following example. Figure 243 Example: Uploading Firmware to a Cluster Memb er Switch The following table explains [...]
-
Page 432
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 432 48.3 Clustering Management Configuration Use this screen to configure clustering management. Click Configuration from the Cluster Management screen t o display the next screen. Figure 244 Manageme nt > Clustering Management > Configuration The following table describes t he label[...]
-
Page 433
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 433 Apply Click Apply to save y our changes to the Switch’ s run-time memory . The Switch loses these changes if it is turned off or loses power , so use the Save link on the top navigation panel to save your changes to the non- volatile memory when y ou are done configuring. Cancel Clic[...]
-
Page 434
Chapter 48 Clust er Managem en t XGS4700-48F User’s Guide 434[...]
-
Page 435
XGS4700-48F User’s Guide 435 C HAPTER 49 MAC Table This chapter introduces the MAC Table sc reen. 49.1 MAC T able Overview The MAC Table screen (a MAC table is also known as a filtering database) shows how frames are forw arded or fil tered ac ross the Switch’ s ports. When a device (which may belong to a VLAN group) sends a packet which is for[...]
-
Page 436
Chapter 49 M AC Ta b le XGS4700-48F User’s Guide 436 • If the Switch has already learned the port for this MAC address , but the destination port is the same as the port it came in on, then it filters the fr ame. Figure 245 MAC T able Flowchart 49.2 V iewing the MAC T able Click Management > MAC Table in the navigation panel to dis play the [...]
-
Page 437
Chapter 49 MAC Table XGS4700-48F User’s Guide 437 The following table describes t he labels in this screen. T able 164 Management > MAC Table LABEL DESCRIPTION Condition S elect All to display all MAC addresses in the MAC table. Select Static to only display static MAC address(es) in this screen. Select MAC and enter a valid MAC address (six h[...]
-
Page 438
Chapter 49 M AC Ta b le XGS4700-48F User’s Guide 438[...]
-
Page 439
XGS4700-48F User’s Guide 439 C HAPTER 50 IP Table This chapter introduces the IP ta ble. 50.1 IP T able Overview The IP Table screen shows how packet s are forwarded or f iltered across the Switch’ s ports. When a device (which may belong to a VLAN group) sends a packet which is forwarded to a port on the Switch , the IP address of the device i[...]
-
Page 440
Chapter 50 IP Table XGS4700-48F User’s Guide 440 • If the Switch has already learned the port for this IP address, but the destination port is the same as the port it came in on, then it fi lters the packet. Figure 247 IP T able Flowchart 50.2 V iewing the IP T able Click Management > IP Table i n the na vigation panel to display the followi[...]
-
Page 441
Chapter 50 IP Table XGS4700-48F User’s Guide 441 VID This is the VLAN group to which the packet belongs. P ort This is the port from which the abov e IP address was learned. This field displays CPU to indicate the IP addre ss belongs to the Switch. T ype This shows whether the IP address is dynamic (learned by the Switch) or static (belonging to [...]
-
Page 442
Chapter 50 IP Table XGS4700-48F User’s Guide 442[...]
-
Page 443
XGS4700-48F User’s Guide 443 C HAPTER 51 ARP Table This chapter introduces ARP T able. 51.1 ARP T able Overview Address Resolution Protocol (ARP) is a pr otocol for mapping an Internet Protocol address (IP address) to a physi c al machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) ad[...]
-
Page 444
Chapter 51 ARP Tab le XGS4700-48F User’s Guide 444 51.2 The ARP T able Screen Click Management > ARP Table in t he navigation panel to open the following screen. Use the ARP table to view IP-t o-MAC address mapping(s) and remov e specific dynamic ARP entries. Figure 249 Management > ARP T able The following table describes t he labels in th[...]
-
Page 445
XGS4700-48F User’s Guide 445 C HAPTER 52 Routing Table This chapter introduces the routing table. 52.1 Overview The routing table contains the rout e information to the network(s) that the Switch can reach. The Switch automatically u pdates the routing table with the RIP information received from other Ethernet devices. 52.2 V iewing the Routing [...]
-
Page 446
Chapter 52 Rou tin g Ta b l e XGS4700-48F User’s Guide 446[...]
-
Page 447
XGS4700-48F User’s Guide 447 C HAPTER 53 Configure Clone This chapter shows you how y ou can copy the settings of one port onto other ports. 53.1 Configure Clone Cloning allows yo u to copy the basic and adv anced settings from a source port to a destination port or ports. Click Manage ment > Configure Clone to open the following screen. Figur[...]
-
Page 448
Chapter 53 Con fig ur e Clo ne XGS4700-48F User’s Guide 448 The following table describes t he labels in this screen. T able 168 Management > Configure Clone LABEL DESCRIPTION Source/ Destination Po r t Enter the source port under the Sourc e label. This port’s attributes are copied. Enter the destination port or ports under the Destination [...]
-
Page 449
XGS4700-48F User’s Guide 449 C HAPTER 54 Troubleshooting This chapter offers some suggesti ons to solv e problems y ou might encounter . The potential problems are divided into the following categories. • P ower , Hardware Connections, and LEDs • Switch Access and L ogin • Switch Configur ation 54.1 Power , Hardware Connections, and LEDs Th[...]
-
Page 450
Chapter 54 Tro u blesh oo tin g XGS4700-48F User’s Guide 450 1 T urn the Switch off and on (in DC models or if the DC power su pply is co nnected in AC/DC models). 2 Disconnect and re-connect the power adapto r or cord to the Switch (in AC models or if the AC power supply is connected in AC/DC models). 3 If the problem continues, contac t the ven[...]
-
Page 451
Chapter 54 Troubleshooting XGS4700-48F User’s Guide 451 I forgot the usernam e and/or password. 1 The default username is admin and the default password is 1234 . 2 If this does not work, you have to reset the device to its fact ory defaults. See Section 4.6 on page 62 . I cannot see or access the Login screen in the web configurator . 1 Make sur[...]
-
Page 452
Chapter 54 Tro u blesh oo tin g XGS4700-48F User’s Guide 452 1 Make sure you ha ve entered the user name and password correctly . The default user name is admin , and the default password is 1234 . These fie lds are case- sensitive, so make sure [Caps Lock] is not on. 2 Y ou may hav e exceeded the maximum nu mber of concurrent T elnet sessions. C[...]
-
Page 453
Chapter 54 Troubleshooting XGS4700-48F User’s Guide 453 54.3 Switch Configuration I lost my configuration setti ngs after I rest art the Switch. Make sure you sa ve your configur ation into the Switch’ s nonvolat ile memory each time you mak e changes. Click Save at the top right corner of the web configurator to sa v e the configur ation perma[...]
-
Page 454
Chapter 54 Tro u blesh oo tin g XGS4700-48F User’s Guide 454[...]
-
Page 455
XGS4700-48F User’s Guide 455 C HAPTER 55 Product Specifications The following tables summarize the Swit ch’ s hardw are and fi rmwar e feature s. T able 169 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Standard 19” rack mountable 438 mm (W) x 425 mm (D) x 44.45 mm (H) W eight 5.4 Kg P ower Specification AC: 100 - 240 VAC 50/60[...]
-
Page 456
Chapter 55 Product Specifications XGS4700-48F User’s Guide 456 Fuse Specification 250 VAC, T4 A. For DC v ersion switchboard. Approv als Safety UL 60950-1, CSA 60950-1, EN 60950-1, IEC 60950-1 EMC FCC Part 15 (Class A), CE EMC (Class A) T able 170 Firmware Specifications FEATUR E DESCRIPTION Default IP Address In band: 192. 168. 1.1 Out of band ([...]
-
Page 457
Chapter 55 Product Specifications XGS4700-48F User’s Guide 457 Differentiated Services (DiffServ) With DiffServ , the Switch marks packets so that they receive specific per-hop treatment at DiffServ-compliant network devices along the route based on the application types and traffic flow . Classifier and Policy Y ou can create a policy to define [...]
-
Page 458
Chapter 55 Product Specifications XGS4700-48F User’s Guide 458 STP (Spanning T ree Protocol) / RSTP (R apid STP) (R)STP detects and breaks network loops and provides backup links between switches, bridges or route rs. It allows a Switch to interact with other (R)STP -compliant switches in you r network to ensure that only one path exists between [...]
-
Page 459
Chapter 55 Product Specifications XGS4700-48F User’s Guide 459 CPU Protection Y ou can limit the rate of protocol control packets (such as ARP , BPDU and/or IGMP) to be delivered to the CPU on a port. Error Disable Y ou can set the Switch to take an action (such as to shut down a port or stop sending packets) on a port when the Switch detects a p[...]
-
Page 460
Chapter 55 Product Specifications XGS4700-48F User’s Guide 460 T able 171 Switching Specifications Layer 2 Fea t ur e s Bridging 32K MAC addresses Static MAC address filtering by source/destination Broadcast storm control Static MAC address forwarding Switching Switching fabric: 192 Gbps, non-blocking Maximum frame size: 9 kbytes Forw arding fram[...]
-
Page 461
Chapter 55 Product Specifications XGS4700-48F User’s Guide 461 Layer 3 Fea t ur e s IP Capability IPV4 support 128 IP routing domains 8K IP address table 12K routing paths Wire speed IP forwarding IPv6 MLD snooping proxy DHCPv6: client and relay ICMPv6 IPv6 Path MTU NDP: host and router IPv6 address stateless auto-configuration: host and router I[...]
-
Page 462
Chapter 55 Product Specifications XGS4700-48F User’s Guide 462 The following list, which is not exhaust ive , illust rates the standards supported in the Switch. Security IEEE 802.1x port-based authentication Static MAC address filtering Static MAC address forwarding MAC Freeze Limiting number of dynamic addresses per port Intrusion lock IP sourc[...]
-
Page 463
Chapter 55 Product Specifications XGS4700-48F User’s Guide 463 RFC 1441 SNMPv2 Simple Network Management Protocol version 2 RFC 1493 Bridge MIBs RFC 1643 Ethernet MIBs RFC 1723 RIP-2 (R outing Information Protocol) RFC 1757 RMON RFC 1901 SNMPv2c Simple Network Management Protocol version 2c RFC 2131, RFC 2132 Dynamic Host Configur ation Protocol [...]
-
Page 464
Chapter 55 Product Specifications XGS4700-48F User’s Guide 464[...]
-
Page 465
XGS4700-48F User’s Guide 465 A PPENDIX A Common Services The following table lists some commonl y-used services and their associated protocols and port numbers. F or a comprehe nsiv e list of port numbers, ICMP type/ code numbers and services , visit the IANA (Internet Assigned Number Authority) web site. • Name : This is a short, descrip tive [...]
-
Page 466
Appendix A Com mon Servic es XGS4700-48F User’s Guide 466 ESP (IPSEC_TUNNEL) User-Defined 50 The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service. FINGER TCP 79 Finge r is a UNIX or Internet related command that can be used to find out if a user is logged on. FTP TCP TCP 20 21 File T ransfer Program, a progr am to [...]
-
Page 467
Appendix A Common Services XGS4700-48F User’s Guide 467 POP3 TCP 11 0 Post Office Protocol v ersion 3 lets a client computer get e-mail from a POP3 server through a tempor ary connection (TCP/IP or other). PPTP TC P 1723 Point -to-Point T unneling Protocol enables secure transfer of data ov er public networks. This is the control channel. PPTP_TU[...]
-
Page 468
Appendix A Com mon Servic es XGS4700-48F User’s Guide 468 TELNET TCP 23 T elnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over T CP/IP networks. Its primary function is to allow users to log into remote host systems. TFTP UDP 69 T rivial File T ransfer Protocol is an Internet file tr[...]
-
Page 469
XGS4700-48F User’s Guide 469 A PPENDIX B Legal Information Copyright Copyright © 2011 by Z yXEL Communications Corporation. The contents of this publication ma y not be reproduced in any part or as a whole, transcrib ed, stored in a retriev al syst em, tr anslated into any la nguage, or transmitted in an y form or by any me ans, electronic, mech[...]
-
Page 470
Appendix B Leg al In fo rm at ion XGS4700-48F User’s Guide 470 • This dev ice m u st accept any in terferen ce received, including interference that may cause undesired operations. FCC W arning This device has been tested and found to comply with the limits for a Clas s A digital switch, pursuant to Part 15 of the FCC Rules . These limits are d[...]
-
Page 471
Appendix B Legal Information XGS4700-48F User’s Guide 471 Viewing Certifications 1 Go to http://www .zyxel.com . 2 Select your prod uct on the Z yXEL home page to go to that product's page. 3 Select the certification y ou wish to view from this page. ZyXEL Limited W arranty Z yXEL warr ants to the original end user (p urchaser) that this pr [...]
-
Page 472
Appendix B Leg al In fo rm at ion XGS4700-48F User’s Guide 472 ENGLISH DEUTSCH ESP AÑOL Green Product Declaration RoHS Directive 2002/95/EC Green Product Declaration RoHS Directive 2002/95/EC Declaración de Producto Ecológico Directiva RoHS 2002/95/EC WEEE Directiv e 2002 /9 6/E C (WEEE: W ast e Electric al and E lectron ic Equipment) 2008/34/[...]
-
Page 473
Appendix B Legal Information XGS4700-48F User’s Guide 473[...]
-
Page 474
Appendix B Leg al In fo rm at ion XGS4700-48F User’s Guide 474[...]
-
Page 475
Index XGS4700-48F User’s Guide 475 Index Numerics 802.1P priority 11 7 A access control limitations 395 login account 407 remote management 417 service port 416 SNMP 396 accounting setup 251 address learning, MAC 129 , 131 Address Resolution Protocol (ARP) 37 9 , 44 3 , 447 , 448 administrator password 407 age 165 aggregator ID 183 , 185 aging ti[...]
-
Page 476
Index XGS4700-48F User’s Guide 476 CIST (Common and Internal Spanning T ree) 152 Class of Service (CoS) 351 classifier 203 , 206 and QoS 203 editing 206 example 208 overview 203 setup 204 , 206 viewing 206 cloning a port See port cloning cluster management 427 and switch passwords 433 cluster manager 427 , 432 cluster member 427 , 433 cluster mem[...]
-
Page 477
Index XGS4700-48F User’s Guide 477 DVMRP Autonomous System 347 default timer setting 350 error message 349 graft 348 how it works 347 implementation 347 probe 348 prune 348 report 348 setup 348 terminology 348 threshold 349 DVMRP (Distance V ector Multicast Routing Protocol) 347 dynamic link aggregation 179 E Earthing T erminal 36 egress port 137[...]
-
Page 478
Index XGS4700-48F User’s Guide 478 HT TPS 410 certificates 410 implementation 410 public keys, private k eys 410 HT TPS example 41 1 humidity 455 I IEEE 802.1p, priority 11 2 IEEE 802.1x activate 192 , 196 , 249 reauthentication 193 IEEE 802.1x, port authentication 189 IGMP 347 how it works 344 overview 343 port based 345 setup 346 vers ion 229 v[...]
-
Page 479
Index XGS4700-48F User’s Guide 479 ID information 180 setup 183 , 185 status 181 traffic distribution algorithm 182 traffic distribution type 184 link state database 330 , 333 lockout 62 log 421 login 55 password 61 login account Administrator 407 non-administr ator 407 login accounts 407 configuring via web configu rator 407 multiple 407 number [...]
-
Page 480
Index XGS4700-48F User’s Guide 480 max hops 165 MST region 153 network example 152 path cost 166 port priority 166 revision level 165 MSTP (Multiple Spanning T ree Protocol) 149 MTU (Multi- T enant Unit) 11 0 multicast 229 802.1 priority 231 and IGMP 229 IGMP throttling 233 IP addresses 229 overview 229 setup 231 multicast delivery tree 348 multi[...]
-
Page 481
Index XGS4700-48F User’s Guide 481 IEEE802.1x 192 , 19 6 , 249 MAC authentication 190 port based IGMP 345 port based VLAN type 111 port cloning 447 , 448 advanced settings 44 7 , 448 basic settings 447 , 44 8 port details 101 port isolation 137 port mirroring 177 , 178 , 460 direction 178 egress 178 ingress 178 port redundancy 180 port security 1[...]
-
Page 482
Index XGS4700-48F User’s Guide 482 service 418 trusted computers 418 R emoving the F an Module 47 resetting 62 , 388 to factory default settings 388 restoring configuration 62 , 390 R everse Path F orwarding (RPF) 348 R everse Path Multicasting (RPM) 347 RFC 3164 423 RIP 338 configuration 326 direction 325 overview 325 vers ion 325 vs OSPF 329 RI[...]
-
Page 483
Index XGS4700-48F User’s Guide 483 link aggregation 181 OSPF 332 port 99 port details 101 power 107 STP 158 , 162 , 168 VLAN 123 VRRP 370 STP 149 , 296 , 460 bridge ID 159 , 163 bridge priority 157 , 161 configuration 156 , 160 , 164 designated bridge 150 forwarding delay 157 , 161 Hello BPDU 150 Hello Time 157 , 159 , 161 , 163 how it works 150 [...]
-
Page 484
Index XGS4700-48F User’s Guide 484 U UDLD 296 UniDirectional Link Detection, see UDLD untrusted ports ARP inspection 265 DHCP snooping 262 PPPoE IA 303 user profiles 246 V V endor Specific Attribute See VSA ventilation holes 34 VID 11 4 , 11 9 , 123 , 124 , 223 number of possible VIDs 11 9 priority frame 11 9 VID (VLAN Identifier) 11 9 virtual li[...]
-
Page 485
Index XGS4700-48F User’s Guide 485 web config urator 31 , 55 getting help 64 layout 56 login 55 logout 64 navigation panel 58 weight, queuing 218 W eighted Round R obin Scheduling (WRR) 218 WFQ (W eighted F air Queuing) 218 WRR (W eighted Round Robin Scheduling 218 Z Z y NOS (Z yXEL Network Operating System) 392[...]