![Zyxel GS-2024 EE [128/266] Igmp snooping vlan](/img/pdf.png)
Zyxel GS-2024 EE [128/266] Igmp snooping vlan
![Zyxel GS-2024 EE [128/266] Igmp snooping vlan](/views2/1010653/page128/bg80.png)
Chapter 18 Multicast
GS-2024 User’s Guide
128
18.4 IGMP Snooping VLAN
Click Advanced Applications > Multicast in the navigation panel. Click the Multicast
Setting link and then the IGMP Snooping VLAN link to display the screen as shown. See
Section 18.1.4 on page 126 for more information on IGMP Snooping VLAN.
* Settings in this row apply to all ports.
Use this row only if you want to make some settings the same for all ports. Use
this row first to set the common settings and then make adjustments on a port-by-
port basis.
Note: Changes in this row are copied to all the ports as soon as
you make them.
Immed. Leave Select this option to set the Switch to remove this port from the multicast tree
when an IGMP version 2 leave message is received on this port.
Select this option if there is only one host connected to this port.
Group Limited Select this option to limit the number of multicast groups this port is allowed to join.
Max Group Num. Enter the number of multicast groups this port is allowed to join. Once a port is
registered in the specified number of multicast groups, any new IGMP join report
frame(s) is dropped on this port.
IGMP Filtering
Profile
Select the name of the IGMP filtering profile to use for this port. Otherwise, select
Default to prohibit the port from joining any multicast group.
You can create IGMP filtering profiles in the Multicast > Multicast Setting >
IGMP Filtering Profile screen.
IGMP Querier
Mode
The Switch treats an IGMP query port as being connected to an IGMP multicast
router (or server). The Switch forwards IGMP join or leave packets to an IGMP
query port.
Select Auto to have the Switch use the port as an IGMP query port if the port
receives IGMP query packets.
Select Fixed to have the Switch always use the port as an IGMP query port.
Select this when you connect an IGMP multicast server to the port.
Select Edge to stop the Switch from using the port as an IGMP query port. The
Switch will not keep any record of an IGMP router being connected to this port.
The Switch does not forward IGMP join or leave packets to this port.
Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch
loses these changes if it is turned off or loses power, so use the Save link on the
top navigation panel to save your changes to the non-volatile memory when you
are done configuring.
Cancel Click Cancel to begin configuring this screen afresh.
Table 39 Advanced Application > Multicast > Multicast Setting (continued)
LABEL DESCRIPTION
Содержание
- Gs 2024 1
- Layer 2 ethernet switch 1
- User s guide 1
- Www zyxel com 1
- About this user s guide 3
- It is recommended you use the web configurator to configure the switch 3
- Document conventions 4
- Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations 4
- Warnings tell you about things that could harm you or your device 4
- Document conventions 5
- Figures in this user s guide may use the following generic icons the switch icon is not an exact representation of your device 5
- Gs 2024 user s guide 5
- Icons used in figures 5
- For your safety be sure to read and follow all warning notices and instructions 6
- Safety warnings 6
- This product is recyclable dispose of it properly 7
- Advanced setup 5 9
- Basic configuration 3 9
- Contents overview 9
- Introduction 7 9
- Ip application 57 9
- Management 73 9
- Appendices and index 31 10
- Troubleshooting product specifications 17 10
- About this user s guide 11
- Chapter 1 getting to know your switch 9 11
- Chapter 2 hardware installation and connection 3 11
- Chapter 3 hardware overview 7 11
- Contents overview 11
- Document conventions 11
- List of figures 9 11
- List of tables 3 11
- Part i introduction 27 11
- Safety warnings 11
- Table of contents 11
- Table of contents 1 11
- Chapter 4 the web configurator 5 12
- Chapter 5 initial setup example 3 12
- Chapter 6 system status and port statistics 7 12
- Chapter 7 basic setting 3 12
- Part ii basic configuration 43 12
- Chapter 10 spanning tree protocol 1 13
- Chapter 8 vlan 7 13
- Chapter 9 static mac forward setup 9 13
- Part iii advanced setup 75 13
- Chapter 11 bandwidth control 05 14
- Chapter 12 broadcast storm control 07 14
- Chapter 13 mirroring 09 14
- Chapter 14 link aggregation 111 14
- Chapter 15 port authentication 117 14
- Chapter 16 port security 21 14
- Chapter 17 queuing method 23 14
- Chapter 18 multicast 25 15
- Chapter 19 authentication accounting 39 15
- Chapter 20 loop guard 53 15
- Part iv ip application 157 15
- Chapter 21 static route 59 16
- Chapter 22 differentiated services 63 16
- Chapter 23 dhcp 67 16
- Chapter 24 maintenance 75 16
- Part v management 173 16
- Chapter 25 access control 81 17
- Chapter 26 diagnostic 99 17
- Chapter 27 syslog 01 17
- Chapter 28 cluster management 05 17
- Chapter 29 mac table 211 17
- Part vi troubleshooting product specifications 217 18
- Part vii appendices and index 231 18
- List of figures 19
- List of tables 23
- Introduction 27
- Backbone application 29
- Getting to know your switch 29
- Hapter 29
- Introduction 29
- Bridging example 30
- High performance switching example 30
- Ieee 802 q vlan application examples 31
- Ways to manage the switch 31
- Good habits for managing the switch 32
- Freestanding installation 33
- Hapter 33
- Hardware installation and connection 33
- Attaching the mounting brackets to the switch 34
- Failure to use the proper screws may damage the unit 34
- For proper ventilation allow at least 4 inches 10 cm of clearance at the front and 3 inches 8 cm at the back of the switch this is especially important for enclosed rack installations 34
- Mounting the switch on a rack 34
- Rack mounted installation requirements 34
- Mounting the switch on a rack 35
- Front panel connections 37
- Hapter 37
- Hardware overview 37
- Base t ports 38
- Dual personality interfaces 38
- To avoid possible eye injury do not look into an operating fiber optic module s connectors 39
- Console port 40
- Management port 40
- Rear panel 40
- Make sure you are using the correct power source as shown on the panel 41
- Power connector 41
- Chapter 3 hardware overview 42
- Gs 2024 user s guide 42
- Table 2 led descriptions continued 42
- Basic configuration 43
- Hapter 45
- Introduction 45
- System login 45
- The web configurator 45
- B d c e 46
- The status screen 46
- Chapter 4 the web configurator 48
- Gs 2024 user s guide 48
- Table 4 web configurator screen sub links details 48
- Table 5 navigation panel links 48
- The following table describes the links in the navigation panel 48
- The following table lists the various web configurator screens within the sub links 48
- Chapter 4 the web configurator 49
- Gs 2024 user s guide 49
- Table 5 navigation panel links continued 49
- Change your password 50
- Saving your configuration 50
- Use the save link when you are done with a configuration session 50
- Be careful not to lock yourself and others out of the switch if you do lock yourself out try using out of band management via the management port to configure the switch 51
- Reload the configuration file 51
- Resetting the switch 51
- Switch lockout 51
- Chapter 4 the web configurator 52
- Click logout in a screen to exit the web configurator you have to log in with your password again after you log out this is recommended after you finish a management session for security reasons 52
- Click the help link from a web configurator screen to view an online help description of that screen 52
- Figure 17 resetting the switch via the console port 52
- Figure 18 web configurator logout screen 52
- Gs 2024 user s guide 52
- Logging out of the web configurator 52
- The switch is now reinitialized with a default configuration file including the default password of 1234 52
- The web configurator s online help has descriptions of individual screens and some supplementary information 52
- Creating a vlan 53
- Hapter 53
- Initial setup example 53
- Overview 53
- Setting port vid 54
- The vlan group id field in this screen and the vid field in the ip setup screen refer to the same vlan id 54
- Configuring switch management ip address 55
- Hapter 57
- Overview 57
- Port status summary 57
- System status and port statistics 57
- Chapter 6 system status and port statistics 58
- Click a number in the port column in the status screen to display individual port statistics use this screen to check status and detailed performance data about an individual port on the switch 58
- Gs 2024 user s guide 58
- Status port details 58
- Table 6 status continued 58
- Chapter 6 system status and port statistics 59
- Figure 23 status port details 59
- Gs 2024 user s guide 59
- Port details 59
- The following table describes the labels in this screen 59
- Chapter 6 system status and port statistics 60
- Gs 2024 user s guide 60
- Port details continued 60
- Chapter 6 system status and port statistics 61
- Gs 2024 user s guide 61
- Port details continued 61
- Basic setting 63
- Hapter 63
- Overview 63
- System information 63
- Chapter 7 basic setting 64
- Gs 2024 user s guide 64
- System info 64
- The following table describes the labels in this screen 64
- Chapter 7 basic setting 65
- General setup 65
- Gs 2024 user s guide 65
- System info continued 65
- Use this screen to configure general settings such as the system name and time click basic setting and general setup in the navigation panel to display the screen as shown 65
- Chapter 7 basic setting 66
- General setup 66
- Gs 2024 user s guide 66
- The following table describes the labels in this screen 66
- A vlan virtual local area network allows a physical network to be partitioned into multiple logical networks devices on a logical network belong to one group a device can belong to more than one group with vlan a device cannot directly talk to or hear from devices that are not in the same group s the traffic must first go through a router 67
- Click basic setting and then switch setup in the navigation panel to display the screen as shown the vlan setup screens change depending on whether you choose 802 q or port based in the vlan type field in this screen refer to the chapter on vlan 67
- In mtu multi tenant unit applications vlan is vital in providing isolation and security among the subscribers when properly configured vlan prevents one subscriber from accessing the network resources of another on the same lan thus a user will not see the printers and hard disks of another user on the same network 67
- Introduction to vlans 67
- See chapter 8 on page 77 for information on port based and 802 q tagged vlans 67
- Switch setup screen 67
- Vlan also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain in traditional switched environments all broadcast packets go to each and every individual port with vlan all broadcasts are confined to a specific broadcast domain 67
- Vlan is unidirectional it only governs outgoing traffic 67
- Chapter 7 basic setting 68
- Gs 2024 user s guide 68
- Switch setup 68
- The following table describes the labels in this screen 68
- Ip interfaces 69
- Ip setup 69
- You must configure the vlan first 69
- Chapter 7 basic setting 71
- Gs 2024 user s guide 71
- Ip setup 71
- The following table describes the labels in this screen 71
- Chapter 7 basic setting 72
- Gs 2024 user s guide 72
- Ip setup continued 72
- Port setup 72
- Port setup in the navigation panel to display the configuration screen 72
- Chapter 7 basic setting 73
- Gs 2024 user s guide 73
- Note changes in this row are copied to all the ports as soon as you make them 73
- Note due to space limitations the port name may be truncated in some web configurator screens 73
- Port setup 73
- The following table describes the labels in this screen 73
- Advanced setup 75
- Forwarding tagged and untagged frames 77
- Hapter 77
- Introduction to ieee 802 q tagged vlans 77
- Automatic vlan registration 78
- Chapter 8 vlan 78
- Garp and gvrp are the protocols used to automatically register vlan membership across switches 78
- Garp generic attribute registration protocol allows network switches to register and de register attribute values with other garp participants within a bridged lan garp is a protocol that provides a generic mechanism for protocols that serve a more specific application for example gvrp 78
- Garp timers 78
- Gs 2024 user s guide 78
- Gvrp garp vlan registration protocol is a registration protocol that defines a way for switches to register necessary vlan members on ports across the network enable this function to permit vlan groups beyond the local switch 78
- Please refer to the following table for common ieee 802 q vlan terminology 78
- Switches join vlans by making a declaration a declaration is made by issuing a join message using garp declarations are withdrawn by issuing a leave message a leave all message terminates all registrations garp timers set declaration timeout values 78
- Table 13 ieee 802 q vlan terminology 78
- Port vlan trunking 79
- Select the vlan type 79
- Static vlan 79
- Chapter 8 vlan 80
- Gs 2024 user s guide 80
- Static vlan details 80
- Static vlan status 80
- The following table describes the labels in this screen 80
- Use this screen to view detailed port settings and status of the vlan group see section 8 on page 77 for more information on static vlan click on an index number in the vlan status screen to display vlan details 80
- Vlan detail 80
- Vlan from the navigation panel to display the vlan status screen as shown next 80
- Vlan vlan status 80
- Chapter 8 vlan 81
- Configure a static vlan 81
- Gs 2024 user s guide 81
- Static vlan 81
- The following table describes the labels in this screen 81
- Use this screen to configure and view 802 q vlan parameters for the switch see section 8 on page 77 for more information on static vlan to configure a static vlan click static vlan in the vlan status screen to display the screen as shown next 81
- Vlan detail 81
- Chapter 8 vlan 82
- Configure vlan port settings 82
- Gs 2024 user s guide 82
- Note changes in this row are copied to all the ports as soon as you make them 82
- Static vlan 82
- The following table describes the related labels in this screen 82
- Use the vlan port setting screen to configure the static vlan ieee 802 q settings on a port see section 8 on page 77 for more information on static vlan click the vlan port setting link in the vlan status screen 82
- Chapter 8 vlan 83
- Gs 2024 user s guide 83
- Note changes in this row are copied to all the ports as soon as you make them 83
- The following table describes the labels in this screen 83
- Vlan port setting 83
- Configure a port based vlan 84
- In screens such as ip setup that require a vid you must enter 1 as the vid 84
- Port based vlan setup 84
- When you activate port based vlan the switch uses a default vlan id of 1 you cannot change it 84
- The following screen shows users on a port based port isolated vlan configuration 85
- Chapter 8 vlan 86
- Gs 2024 user s guide 86
- The following table describes the labels in this screen 86
- Vlan port based vlan setup 86
- Vlan port based vlan setup port isolation 86
- Chapter 8 vlan 87
- Gs 2024 user s guide 87
- Vlan port based vlan setup continued 87
- Configuring static mac forwarding 89
- Hapter 89
- Overview 89
- Static mac forward setup 89
- Chapter 9 static mac forward setup 90
- Gs 2024 user s guide 90
- Note static mac addresses do not age out 90
- Static mac forwarding 90
- The following table describes the labels in this screen 90
- Hapter 91
- Spanning tree protocol 91
- Stp rstp overview 91
- Stp terminology 91
- After a bridge determines the lowest cost spanning tree with stp it enables the root port and the ports that are the designated ports for connected lans and disables all other ports that participate in stp network packets are therefore only forwarded between enabled ports eliminating any possible network loops 92
- Chapter 10 spanning tree protocol 92
- For each lan segment a designated bridge is selected this bridge has the lowest cost to the root among the bridges connected to the lan 92
- Gs 2024 user s guide 92
- How stp works 92
- On each bridge the bridge communicates with the root through the root port the root port is the port on this switch with the lowest path cost to the root the root path cost if there is no root port then this switch has been accepted as the root bridge of the spanning tree network 92
- Once a stable network topology has been established all bridges listen for hello bpdus bridge protocol data units transmitted from the root bridge if a bridge does not get a hello bpdu after a predefined interval max age the bridge assumes that the link to the root bridge is down this bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology 92
- Path cost is the cost of transmitting a frame onto a lan through that port the recommended cost is assigned according to the speed of the link to which a port is attached the slower the media the higher the cost 92
- Stp assigns five port states to eliminate packet looping a bridge port is not allowed to go directly from blocking state to forwarding state so as to eliminate transient loops 92
- Stp aware switches exchange bridge protocol data units bpdus periodically when the bridged lan topology changes a new spanning tree is constructed 92
- Stp port states 92
- Table 20 stp path costs 92
- Table 21 stp port states 92
- Multiple stp 93
- Vlan 1 vlan 2 93
- Vlan 1 vlan 2 94
- Spanning tree protocol status screen 95
- Configure rapid spanning tree protocol 96
- Spanning tree configuration 96
- Chapter 10 spanning tree protocol 97
- Configuration screen to enable rstp on the switch 97
- Gs 2024 user s guide 97
- The following table describes the labels in this screen 97
- 2 hello time 1 98
- Note changes in this row are copied to all the ports as soon as you make them 98
- Rapid spanning tree protocol status 98
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 10 on page 91 for more information on rstp 98
- This screen is only available after you activate rstp on the switch 98
- Chapter 10 spanning tree protocol 99
- Configure multiple spanning tree protocol 99
- Gs 2024 user s guide 99
- Note the listening state does not exist in rstp 99
- Spanning tree protocol screen see section 10 on page 93 for more information on mstp 99
- Status rstp 99
- The following table describes the labels in this screen 99
- 2 hello time 1 101
- Chapter 10 spanning tree protocol 101
- Configuration screen to enable mstp on the switch 101
- Gs 2024 user s guide 101
- The following table describes the labels in this screen 101
- Multiple spanning tree protocol status 102
- Note changes in this row are copied to all the ports as soon as you make them 102
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 10 on page 93 for more information on mstp 102
- This screen is only available after you activate mstp on the switch 102
- Chapter 10 spanning tree protocol 103
- Gs 2024 user s guide 103
- Status mstp 103
- The following table describes the labels in this screen 103
- Chapter 10 spanning tree protocol 104
- Gs 2024 user s guide 104
- Status mstp continued 104
- Bandwidth control 105
- Bandwidth control overview 105
- Bandwidth control setup 105
- Hapter 105
- Bandwidth control 106
- Chapter 11 bandwidth control 106
- Gs 2024 user s guide 106
- Note changes in this row are copied to all the ports as soon as you make them 106
- The following table describes the related labels in this screen 106
- Broadcast storm control 107
- Broadcast storm control setup 107
- Hapter 107
- Broadcast storm control 108
- Chapter 12 broadcast storm control 108
- Gs 2024 user s guide 108
- Note changes in this row are copied to all the ports as soon as you make them 108
- The following table describes the labels in this screen 108
- Hapter 109
- Mirroring 109
- Port mirroring setup 109
- Dynamic link aggregation 111
- Hapter 111
- Link aggregation 111
- Link aggregation overview 111
- Chapter 14 link aggregation 112
- Configure trunk groups or lacp before you connect the ethernet switch to avoid causing network topology loops 112
- Gs 2024 user s guide 112
- Lacp aggregation id consists of the following informatio 112
- Lacp only works on full duplex links all ports in the same trunk group must have the same media type speed duplex mode and flow control settings 112
- Link aggregation id 112
- Link aggregation in the navigation panel the link aggregation status screen displays by default see section 14 on page 111 for more information 112
- Link aggregation status 112
- Table 30 link aggregation id local switch 112
- Table 31 link aggregation id peer switch 112
- The following table describes the labels in this screen 112
- Chapter 14 link aggregation 113
- Gs 2024 user s guide 113
- Link aggregation setting 113
- Link aggregation setting to display the screen shown next see section 14 on page 111 for more information on link aggregation 113
- Link aggregation status continued 113
- The following table describes the labels in this screen 113
- Chapter 14 link aggregation 114
- Gs 2024 user s guide 114
- Lacp to display the screen shown next see section 14 on page 111 for more information on dynamic link aggregation 114
- Link aggregation control protocol 114
- Link aggregation setting continued 114
- Chapter 14 link aggregation 115
- Gs 2024 user s guide 115
- Make your physical connections make sure that the ports that you want to belong to the trunk group are connected to the same destination the following figure shows ports 2 5 on switch a connected to switch b 115
- Note changes in this row are copied to all the ports as soon as you make them 115
- Note do not configure this screen unless you want to enable dynamic link aggregation 115
- Static trunking example 115
- The following table describes the labels in this screen 115
- This example shows you how to create a static port trunk group for ports 2 5 115
- Hapter 117
- Ieee 802 x authentication 117
- Port authentication 117
- Port authentication overview 117
- Activate ieee 802 x security 118
- Port authentication configuration 118
- Chapter 15 port authentication 119
- Gs 2024 user s guide 119
- Note changes in this row are copied to all the ports as soon as you make them 119
- Note you must first enable 802 x authentication on the switch before configuring it on each port 119
- The following table describes the labels in this screen 119
- About port security 121
- Hapter 121
- Port security 121
- Port security setup 121
- Chapter 16 port security 122
- Gs 2024 user s guide 122
- Note changes in this row are copied to all the ports as soon as you make them 122
- Port security 122
- The following table describes the labels in this screen 122
- Hapter 123
- Queuing method 123
- Queuing method overview 123
- Strictly priority 123
- Weighted round robin scheduling wrr 123
- Chapter 17 queuing method 124
- Configuring queuing 124
- Gs 2024 user s guide 124
- Queuing method 124
- Queuing method in the navigation panel 124
- The following table describes the labels in this screen 124
- Hapter 125
- Igmp filtering 125
- Igmp snooping 125
- Ip multicast addresses 125
- Multicast 125
- Multicast overview 125
- Igmp snooping and vlans 126
- Multicast setting 126
- Multicast status 126
- Chapter 18 multicast 127
- Gs 2024 user s guide 127
- Multicast setting 127
- Note if you enable igmp filtering you must create and assign igmp filtering profiles for the ports that you want to allow to join multicast groups 127
- The following table describes the labels in this screen 127
- Chapter 18 multicast 128
- Gs 2024 user s guide 128
- Igmp snooping vlan 128
- Multicast in the navigation panel click the multicast setting link and then the igmp snooping vlan link to display the screen as shown see section 18 on page 126 for more information on igmp snooping vlan 128
- Multicast setting continued 128
- Note changes in this row are copied to all the ports as soon as you make them 128
- Chapter 18 multicast 129
- Gs 2024 user s guide 129
- Igmp snooping vlan 129
- Note you cannot configure the same vlan id as in the mvr screen 129
- Note you must also enable igmp snooping in the multicast setting screen first 129
- The following table describes the labels in this screen 129
- An igmp filtering profile specifies a range of multicast groups that clients connected to the switch are able to join a profile contains a range of multicast ip addresses which you want clients to be able to join profiles are assigned to ports in the multicast setting screen clients connected to those ports are then able to join the multicast groups specified in the profile each port can be assigned a single profile a profile can be assigned to multiple ports 130
- Chapter 18 multicast 130
- Gs 2024 user s guide 130
- Igmp filtering profile 130
- Igmp filtering profile link to display the screen as shown 130
- Igmp snooping vlan 130
- The following table describes the labels in this screen 130
- Chapter 18 multicast 131
- Figure 65 mvr network example 131
- Gs 2024 user s guide 131
- Igmp filtering profile 131
- In mvr a source port is a port on the switch that can send and receive multicast traffic in a multicast vlan while a receiver port can only receive multicast traffic once configured the switch maintains a forwarding table that matches the multicast stream to the associated multicast group 131
- Multicast vlan registration mvr is designed for applications such as media on demand mod that use multicast traffic across an ethernet ring based service provider network 131
- Mvr allows one single multicast vlan to be shared among different subscriber vlans on the network while isolated in different subscriber vlans connected devices can subscribe to and unsubscribe from the multicast stream in the multicast vlan this improves bandwidth utilization with reduced multicast traffic in the subscriber vlans and simplifies multicast group management 131
- Mvr only responds to igmp join and leave control messages from multicast groups that are configured under mvr join and leave reports from other multicast groups are managed by igmp snooping 131
- Mvr overview 131
- The following figure shows a network example the subscriber vlan 1 2 and 3 information is hidden from the streaming media server s in addition the multicast vlan information is only visible to the switch and s 131
- Types of mvr ports 131
- General mvr configuration 132
- How mvr works 132
- Mvr modes 132
- You can create up to three multicast vlans and up to 256 multicast rules on the switch 132
- The following table describes the related labels in this screen 133
- Your switch automatically creates a static vlan with the same vid when you create a multicast vlan in this screen 133
- A port can belong to more than one multicast vlan however ip multicast group addresses in different multicast vlans cannot overlap 134
- All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group 134
- Configure mvr ip multicast group address es in the group configuration screen click group configuration in the mvr screen 134
- Mvr group configuration 134
- Note changes in this row are copied to all the ports as soon as you make them 134
- Chapter 18 multicast 135
- Gs 2024 user s guide 135
- Mvr configuration example 135
- Mvr group configuration 135
- The following figure shows a network example where ports 1 2 and 3 on the switch belong to vlan 1 in addition port 7 belongs to the multicast group with vid 200 to receive multicast traffic the news and movie channels from the remote streaming media server s computers a b and c in vlan 1 are able to receive the traffic 135
- The following table describes the labels in this screen 135
- Example 137
- Authentication accounting 139
- Authentication authorization and accounting 139
- Hapter 139
- Local user accounts 139
- Authentication and accounting screens 140
- Radius and tacacs 140
- Radius server setup 140
- Chapter 19 authentication accounting 141
- Gs 2024 user s guide 141
- Radius server setup 141
- The following table describes the labels in this screen 141
- Chapter 19 authentication accounting 142
- Gs 2024 user s guide 142
- Radius server setup continued 142
- Tacacs server setup 142
- Use this screen to configure your tacacs server settings see section 19 on page 140 for more information on tacacs servers click on the tacacs server setup link in the authentication and accounting screen to view the screen as shown 142
- Chapter 19 authentication accounting 143
- Gs 2024 user s guide 143
- Tacacs server setup 143
- The following table describes the labels in this screen 143
- Authentication and accounting setup 144
- Chapter 19 authentication accounting 144
- Gs 2024 user s guide 144
- Tacacs server setup continued 144
- Use this screen to configure authentication and accounting settings on the switch click on the auth and acct setup link in the authentication and accounting screen to view the screen as shown 144
- Auth and acct setup 145
- Chapter 19 authentication accounting 145
- Gs 2024 user s guide 145
- The following table describes the labels in this screen 145
- Auth and acct setup continued 146
- Chapter 19 authentication accounting 146
- Gs 2024 user s guide 146
- Refer to the documentation that comes with your radius server on how to configure vsas for users authenticating via the radius server 147
- Vendor specific attribute 147
- Chapter 19 authentication accounting 148
- Gs 2024 user s guide 148
- Note if you set the privilege level of a login account differently on the radius server s and the switch the user is assigned a privilege level from the database radius or local the switch uses first for user authentication 148
- Note you must also create a vlan with the specified vid on the switch 148
- Refer to rfc 2865 for more information about radius attributes used for authentication refer to rfc 2866 and rfc 2869 for radius attributes used for accounting 148
- Remote authentication dial in user service radius attributes are data used to define specific authentication and accounting elements in a user profile which is stored on the radius server this section lists the radius attributes supported by the switch 148
- Supported radius attributes 148
- Table 48 supported vsas 148
- Table 49 supported tunnel protocol attribute 148
- This section lists the attributes used by authentication and accounting functions on the switch in cases where the attribute has a specific format associated with it the format is specified 148
- Tunnel protocol attribute 148
- You can configure tunnel protocol attributes on the radius server refer to your radius server documentation to assign a port on the switch to a vlan based on ieee 802 x authentication the port vlan settings are fixed and untagged this will also set the port s vid the following table describes the values you need to configure note that the bolded values in the table are fixed values as defined in rfc 3580 148
- Attributes used for accounting 149
- Attributes used for authentication 149
- Attributes used for accounting exec events 150
- Attributes used for accounting ieee 802 x events 150
- Chapter 19 authentication accounting 150
- Gs 2024 user s guide 150
- Table 50 radius attributes exec events via console 150
- Table 51 radius attributes exec events via telnet ssh 150
- Table 52 radius attributes exec events via console 150
- The attributes are listed in the following table along with the time of the session they are sent 150
- The attributes are listed in the following table along with the time that they are sent the difference between console and telnet ssh exec events is that the telnet ssh events utilize the calling station id attribute 150
- Chapter 19 authentication accounting 151
- Gs 2024 user s guide 151
- Table 52 radius attributes exec events via console 151
- Hapter 153
- Loop guard 153
- Loop guard overview 153
- After resolving the loop problem on your network you can re activate the disabled port via the web configurator see section 7 on page 72 or via commands see the cli reference guid 155
- Loop guard in the navigation panel to display the screen as shown 155
- Loop guard setup 155
- Note changes in this row are copied to all the ports as soon as you make them 155
- The following table describes the labels in this screen 155
- The loop guard feature can not be enabled on the ports that have spanning tree protocol rstp mrstp or mstp enabled 155
- Chapter 20 loop guard 156
- Gs 2024 user s guide 156
- Loop guard continued 156
- Ip application 157
- Configuring static routing 159
- Hapter 159
- Static route 159
- Static routing overview 159
- Chapter 21 static route 160
- Gs 2024 user s guide 160
- Static routing 160
- The following table describes the related labels you use to create a static route 160
- Chapter 21 static route 161
- Gs 2024 user s guide 161
- Static routing continued 161
- Differentiated services 163
- Diffserv overview 163
- Dscp and per hop behavior 163
- Hapter 163
- Activating diffserv 164
- Diffserv network example 164
- Dscp to ieee 802 p priority settings 164
- Chapter 22 differentiated services 165
- Diffserv 165
- Gs 2024 user s guide 165
- The following table describes the labels in this screen 165
- Dhcp configuration options 167
- Dhcp modes 167
- Dhcp overview 167
- Dhcp status 167
- Hapter 167
- Dhcp relay 168
- Dhcp relay agent information 168
- Chapter 23 dhcp 169
- Configuring dhcp global relay 169
- Dhcp in the navigation panel and click the global link to display the screen as shown 169
- Global 169
- Gs 2024 user s guide 169
- Table 58 relay agent information 169
- The following table describes the labels in this screen 169
- Configuring dhcp vlan settings 170
- Global dhcp relay configuration example 170
- The following table describes the labels in this screen 171
- You must set up a management ip address for each vlan that you want to configure dhcp settings for on the switch see section 7 on page 69 for information on how to do this 171
- Example 172
- Example dhcp relay for two vlans 172
- For the example network configure the vlan setting screen as shown 172
- The following example displays two vlans vids 1 and 2 for a campus network two dhcp servers are installed to serve each vlan the system is set up to forward dhcp requests from the dormitory rooms vlan 1 to the dhcp server with an ip address of 192 68 00 requests from the academic buildings vlan 2 are sent to the other dhcp server with an ip address of 172 3 0 00 172
- Management 173
- Hapter 175
- Maintenance 175
- The maintenance screen 175
- Clicking the apply or add button does not save the changes permanently all unsaved changes are erased after you reboot the switch 176
- Load factory default 176
- Save configuration 176
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 177
- Firmware upgrade 177
- Reboot system 177
- Backup a configuration file 178
- Restore a configuration file 178
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 179
- Filename conventions 179
- Ftp command line 179
- Ftp command line procedure 179
- Ftp restrictions 180
- Gui based ftp clients 180
- Access control 181
- Access control overview 181
- Hapter 181
- The access control main screen 181
- About snmp 182
- An oid object id that begins with 1 90 is defined in private mibs otherwise it is a standard mib oid 183
- Chapter 25 access control 183
- Gs 2024 user s guide 183
- Mibs let administrators collect statistics and monitor status and performance 183
- Security can be further enhanced by encrypting the snmp messages sent from the managers encryption protects the contents of the snmp messages when the contents of the snmp messages are encrypted only the intended recipients can read them 183
- Snmp mib ii rfc 1213 rfc 1157 snmp v1 rfc 1493 bridge mibs rfc 1643 ethernet mibs rfc 1155 smi rfc 2674 snmpv2 snmpv2c rfc 1757 rmon snmpv2 snmpv2c or later version compliant with rfc 2011 snmpv2 mib for ip rfc 2012 snmpv2 mib for tcp rfc 2013 snmpv2 mib for udp 183
- Snmp traps 183
- Snmp v3 and security 183
- Snmp v3 enhances security for snmp management snmp managers can be required to authenticate with agents before conducting snmp management sessions 183
- Supported mibs 183
- Table 66 snmp system traps 183
- The switch sends traps to an snmp manager when an event occurs the following tables outline the snmp traps by category 183
- The switch supports the following mibs 183
- Chapter 25 access control 184
- Gs 2024 user s guide 184
- Table 66 snmp system traps continued 184
- Table 67 snmp interface traps 184
- Chapter 25 access control 185
- Gs 2024 user s guide 185
- Table 68 aaa traps 185
- Table 69 snmp ip traps 185
- Table 70 snmp switch traps 185
- Chapter 25 access control 186
- Configuring snmp 186
- From the access control screen display the snmp screen you can click access control to go back to the access control screen 186
- Gs 2024 user s guide 186
- Table 70 snmp switch traps continued 186
- Chapter 25 access control 187
- Gs 2024 user s guide 187
- Logins screen 187
- Note snmp version 2c is backwards compatible with snmp version 1 187
- Note use the username and password of the login accounts you specify in this section to create accounts on the snmp v3 manager 187
- The following table describes the labels in this screen 187
- Chapter 25 access control 188
- Configuring snmp trap group 188
- From the snmp screen click trap group to view the screen as shown use the trap group screen to specify the types of snmp traps that should be sent to each snmp manager 188
- Gs 2024 user s guide 188
- Note the settings on the snmp manager must be set at the same security level or higher than the security level settings on the switch 188
- Snmp continued 188
- Trap group 188
- It is highly recommended that you change the default administrator password 1234 189
- Setting up login accounts 189
- Chapter 25 access control 190
- Gs 2024 user s guide 190
- Logins 190
- The following table describes the labels in this screen 190
- How ssh works 191
- Ssh overview 191
- Introduction to https 192
- Requirements for using ssh 192
- Ssh implementation on the switch 192
- Example 193
- Https example 193
- Internet explorer warning messages 193
- Example 194
- Netscape navigator warning messages 194
- The main screen 194
- Service port access control 195
- Chapter 25 access control 196
- From the access control screen display the remote management screen as shown next 196
- Gs 2024 user s guide 196
- Remote management 196
- Service access control 196
- The following table describes the fields in this screen 196
- The following table describes the labels in this screen 196
- You can specify a group of one or more trusted computers from which an administrator may use a service to manage the switch click access control to return to the access control screen 196
- Chapter 25 access control 197
- Gs 2024 user s guide 197
- Remote management continued 197
- Diagnostic 199
- Hapter 199
- Hapter 201
- Syslog 201
- Syslog overview 201
- Syslog setup 201
- Chapter 27 syslog 202
- Gs 2024 user s guide 202
- Syslog 202
- Syslog server setup 202
- Syslog server setup to open the following screen use this screen to configure a list of external syslog servers 202
- The following table describes the labels in this screen 202
- Chapter 27 syslog 203
- Gs 2024 user s guide 203
- Server setup 203
- The following table describes the labels in this screen 203
- Cluster management 205
- Clustering management status overview 205
- Hapter 205
- A cluster can only have one manager 206
- Cluster management in the navigation panel to display the following screen 206
- Cluster management status 206
- Chapter 28 cluster management 207
- Cluster management 207
- Cluster member switch management 207
- Figure 120 cluster management cluster member web configurator screen 207
- Go to the clustering management status screen of the cluster manager switch and then select an index hyperlink from the list of members to go to that cluster member switch s web configurator home page this cluster member web configurator home page and the home page that you d see if you accessed it directly are different 207
- Gs 2024 user s guide 207
- The following table describes the labels in this screen 207
- Chapter 28 cluster management 208
- Clustering management configuration 208
- Figure 121 example uploading firmware to a cluster member switch 208
- Gs 2024 user s guide 208
- Table 82 ftp upload to cluster member example 208
- The following table explains some of the ftp parameters 208
- Uploading firmware to a cluster member switch 208
- Use this screen to configure clustering management click configuration from the cluster management screen to display the next screen 208
- You can use ftp to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example 208
- Chapter 28 cluster management 209
- Configuration 209
- Gs 2024 user s guide 209
- The following table describes the labels in this screen 209
- Chapter 28 cluster management 210
- Configuration continued 210
- Gs 2024 user s guide 210
- Hapter 211
- Mac table 211
- Mac table overview 211
- Chapter 29 mac table 212
- Figure 123 mac table flowchart 212
- Gs 2024 user s guide 212
- Mac table 212
- Mac table in the navigation panel to display the following screen 212
- The following table describes the labels in this screen 212
- Viewing the mac table 212
- Arp table 213
- Arp table overview 213
- Hapter 213
- How arp works 213
- Viewing the arp table 213
- Arp table 214
- Chapter 30 arp table 214
- Gs 2024 user s guide 214
- The following table describes the labels in this screen 214
- Configure clone 215
- Hapter 215
- Chapter 31 configure clone 216
- Configure clone 216
- Gs 2024 user s guide 216
- The following table describes the labels in this screen 216
- Troubleshooting product specifications 217
- Hapter 219
- Power hardware connections and leds 219
- Troubleshooting 219
- I cannot see or access the login screen in the web configurator 220
- I forgot the ip address for the switch 220
- I forgot the password 220
- Switch access and login 220
- I can see the login screen but i cannot log in to the switch 221
- I cannot access the smt i cannot telnet to the switch 221
- I cannot use ftp to upload download the configuration file i cannot use ftp to upload new firmware 221
- Hapter 223
- Product specifications 223
- Chapter 33 product specifications 224
- Gs 2024 user s guide 224
- Table 87 hardware specifications 224
- Table 88 firmware specifications 224
- Chapter 33 product specifications 225
- Gs 2024 user s guide 225
- Note only upload firmware for your specific model 225
- Table 88 firmware specifications 225
- Chapter 33 product specifications 226
- Gs 2024 user s guide 226
- Table 89 switching specifications 226
- Chapter 33 product specifications 227
- Gs 2024 user s guide 227
- Table 89 switching specifications continued 227
- Table 90 standards supported 227
- The following list which is not exhaustive illustrates the standards supported in the switch 227
- Cable pin assignments 228
- Chapter 33 product specifications 228
- Figure 127 console dial backup port pin layout 228
- Gs 2024 user s guide 228
- In a serial communications connection generally a computer is dte data terminal equipment and a modem is dce data circuit terminating equipment the switch is dce when you connect a computer to the console port the switch is dte when you connect a modem to the dial backup port 228
- Table 90 standards supported continued 228
- Chapter 33 product specifications 229
- Gs 2024 user s guide 229
- Table 91 console dial backup port pin assignments 229
- Table 92 ethernet cable pin assignments 229
- Appendices and 231
- Appendices and index 231
- Pop up windows javascripts and java permissions 233
- Ppendix 233
- Enable pop up blockers with exceptions 234
- Javascripts 236
- Java permissions 237
- Java sun 238
- Mozilla firefox 238
- Click content to show the screen below select the check boxes as shown in the following screen 239
- Introduction to ip addresses 241
- Ip addresses and subnetting 241
- Ppendix 241
- Structure 241
- A subnet mask has 32 bits if a bit in the subnet mask is a 1 then the corresponding bit in the ip address is part of the network number if a bit in the subnet mask is 0 then the corresponding bit in the ip address is part of the host id 242
- A subnet mask is used to determine which bits are part of the network number and which bits are part of the host id using a logical and operation the term subnet is short for sub network 242
- Appendix b ip addresses and subnetting 242
- By convention subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask followed by a continuous sequence of zeros for a total number of 32 bits 242
- Figure 138 network number and host id 242
- Gs 2024 user s guide 242
- How much of the ip address is the network number and how much is the host id varies according to the subnet mask 242
- Subnet masks 242
- Subnet masks can be referred to by the size of the network number part the bits with a 1 value for example an 8 bit mask means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes 242
- Table 93 ip address network number and host id example 242
- The following example shows a subnet mask identifying the network number in bold text and host id of an ip address 192 68 in decimal 242
- An ip address with host ids of all zeros is the ip address of the network 192 68 with a 24 bit subnet mask for example an ip address with host ids of all ones is the broadcast address for that network 192 68 55 with a 24 bit subnet mask for example 243
- Appendix b ip addresses and subnetting 243
- As these two ip addresses cannot be used for individual hosts calculate the maximum number of possible hosts in a network as follows 243
- For example 192 25 is equivalent to saying 192 with subnet mask 255 55 55 28 243
- Gs 2024 user s guide 243
- Network size 243
- Notation 243
- Since the mask is always a continuous number of ones beginning from the left followed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet this is usually specified by writing a followed by the number of bits in the mask after the address 243
- Subnet masks are expressed in dotted decimal notation just like ip addresses the following examples show the binary and decimal notation for 8 bit 16 bit 24 bit and 29 bit subnet masks 243
- Table 94 subnet masks 243
- Table 95 maximum host numbers 243
- Table 96 alternative subnet mask notation 243
- The following table shows some possible subnet masks using both notations 243
- The size of the network number determines the maximum number of possible hosts you can have on your network the larger the number of network number bits the smaller the number of remaining host id bits 243
- 2 or 254 possible hosts 244
- Appendix b ip addresses and subnetting 244
- Figure 139 subnetting example before subnetting 244
- Gs 2024 user s guide 244
- In this example the company network address is 192 68 the first three octets of the address 192 68 are the network number and the remaining octet is the host id allowing a maximum of 244
- Subnetting 244
- Table 96 alternative subnet mask notation continued 244
- The borrowed host id bit can have a value of either 0 or 1 allowing two subnets 192 68 25 and 192 68 28 25 244
- The following figure shows the company network after subnetting there are now two sub networks a and b 244
- The following figure shows the company network before subnetting 244
- You can borrow one of the host id bits to divide the network 192 68 into two separate sub networks the subnet mask is now 25 bits 255 55 55 28 or 25 244
- You can use subnetting to divide one network into multiple sub networks in the following example a network administrator creates two sub networks to isolate a group of servers from the rest of the company network for security reasons 244
- Example four subnets 245
- Appendix b ip addresses and subnetting 246
- Example eight subnets 246
- Gs 2024 user s guide 246
- Similarly use a 27 bit mask to create eight subnets 000 001 010 011 100 101 110 and 111 246
- Table 100 subnet 4 246
- Table 101 eight subnets 246
- Table 98 subnet 2 246
- Table 99 subnet 3 246
- The following table shows ip address last octet values for each subnet 246
- Appendix b ip addresses and subnetting 247
- Gs 2024 user s guide 247
- Subnet planning 247
- Table 101 eight subnets continued 247
- Table 102 24 bit network number subnet planning 247
- Table 103 16 bit network number subnet planning 247
- The following table is a summary for subnet planning on a network with a 16 bit network number 247
- The following table is a summary for subnet planning on a network with a 24 bit network number 247
- Configuring ip addresses 248
- Private ip addresses 248
- Certifications 249
- Copyright 249
- Legal information 249
- Ppendix 249
- Zyxel limited warranty 250
- Customer support 253
- Ppendix 253
- Gs 2024 user s guide 259
- Numerics 259
- Gs 2024 user s guide 260
- Gs 2024 user s guide 261
- Gs 2024 user s guide 262
- Gs 2024 user s guide 263
- Gs 2024 user s guide 264
- Gs 2024 user s guide 265
Похожие устройства
- Zanussi BMS 641 Инструкция по эксплуатации
- Shure 55SH SERIESII Инструкция по эксплуатации
- Whirlpool AKZ 489 Инструкция по эксплуатации
- Canon JX210 Инструкция по эксплуатации
- Zyxel ES-108A Инструкция по эксплуатации
- Explay PN-900 Инструкция по эксплуатации
- Echo CS-8002-20" Инструкция по эксплуатации
- Shure 565SD-LC Инструкция по эксплуатации
- Whirlpool AKZ 471 Инструкция по эксплуатации
- Shure BETA 57 A Инструкция по эксплуатации
- Shindaiwa 305S Инструкция по эксплуатации
- Timberk AC TIM 12H S2/S2-O1 Инструкция по эксплуатации
- Zyxel GS-105B Инструкция по эксплуатации
- Whirlpool AKP 285 Инструкция по эксплуатации
- Shure BETA 58 A Инструкция по эксплуатации
- Zyxel ES-2108 Инструкция по эксплуатации
- Shindaiwa 377 Инструкция по эксплуатации
- Shure BETA87 A Инструкция по эксплуатации
- Whirlpool AKP 237 Инструкция по эксплуатации
- Jet BD-8 50000085M Инструкция по эксплуатации