![Zyxel MES-3728 [275/388] Hapter](/img/pdf.png)
Zyxel MES-3728 [275/388] Hapter
![Zyxel MES-3728 [275/388] Hapter](/views2/1010861/page275/bg113.png)
MES-3728 User’s Guide
275
CHAPTER 30
Static Route
This chapter shows you how to configure static routes.
30.1 Static Routing Overview
The Switch uses IP for communication with management computers, for example
using HTTP, Telnet, SSH, or SNMP. Use IP static routes to have the Switch respond
to remote management stations that are not reachable through the default
gateway. The Switch can also use static routes to send data to a server or device
that is not reachable through the default gateway, for example when sending
SNMP traps or using ping to test IP connectivity.
This figure shows a Telnet session coming in from network N1. The Switch sends
reply traffic to default gateway R1 which routes it back to the manager’s
computer. The Switch needs a static route to tell it to use router R2 to send traffic
to an SNMP trap server on network N2.
Figure 145 Static Routing Overview
R1
R2
N1
N2
SNMP
Telnet
Содержание
- Default login details 1
- Firmware version 3 0 edition 1 10 2008 1
- Layer 2 metro ethernet switch 1
- Mes 3728 1
- Www zyxel com 1
- About this user s guide 3
- Documentation feedback 3
- Intended audience 3
- Need more help 3
- Note it is recommended you use the web configurator to configure the switch 3
- Related documentation 3
- Customer support 4
- Document conventions 5
- Note notes tell you other important information for example other things you may need to configure or helpful tips or recommendations 5
- Syntax conventions 5
- Warnings and notes 5
- Warnings tell you about things that could harm you or your device 5
- Document conventions 6
- Figures in this user s guide may use the following generic icons the switch icon is not an exact representation of your device 6
- Icons used in figures 6
- Mes 3728 user s guide 6
- Mes 3728 user s guide 7
- Safety warnings 7
- Advanced 3 9
- Basic configuration 5 9
- Contents overview 9
- Introduction and hardware 1 9
- Ip application 73 9
- Appendices and index 69 10
- Management 95 10
- Troubleshooting product specifications 51 10
- About this user s guide 11
- Chapter 1 getting to know your switch 3 11
- Chapter 2 hardware installation and connection 9 11
- Chapter 3 hardware overview 3 11
- Contents overview 11
- Document conventions 11
- Part i introduction and hardware 21 11
- Safety warnings 11
- Table of contents 11
- Table of contents 1 11
- Chapter 4 the web configurator 7 12
- Chapter 5 initial setup example 7 12
- Chapter 6 tutorials 3 12
- Chapter 7 system status and port statistics 3 12
- Part ii basic configuration 45 12
- Chapter 10 static mac forward setup 115 13
- Chapter 8 basic setting 9 13
- Chapter 9 vlan 5 13
- Part iii advanced 93 13
- Chapter 11 static multicast forward setup 119 14
- Chapter 12 filtering 23 14
- Chapter 13 spanning tree protocol 25 14
- Chapter 14 bandwidth control 47 14
- Chapter 15 broadcast storm control 51 14
- Chapter 16 mirroring 53 14
- Chapter 17 link aggregation 55 14
- Chapter 18 port authentication 65 15
- Chapter 19 port security 71 15
- Chapter 20 classifier 77 15
- Chapter 21 policy rule 85 15
- Chapter 22 queuing method 93 15
- Chapter 23 vlan stacking 97 16
- Chapter 24 multicast 05 16
- Chapter 25 aaa 21 16
- Chapter 26 ip source guard 35 17
- Chapter 27 loop guard 61 17
- Chapter 28 vlan mapping 65 17
- Chapter 29 layer 2 protocol tunneling 69 17
- Part iv ip application 273 17
- Chapter 30 static route 75 18
- Chapter 31 differentiated services 79 18
- Chapter 32 dhcp 87 18
- Chapter 33 maintenance 97 18
- Part v management 295 18
- Chapter 34 access control 05 19
- Chapter 35 diagnostic 27 19
- Chapter 36 syslog 29 19
- Chapter 37 cluster management 33 19
- Appendix a changing a fuse 71 20
- Appendix b common services 73 20
- Appendix c legal information 77 20
- Chapter 38 mac table 41 20
- Chapter 39 arp table 45 20
- Chapter 40 configure clone 47 20
- Chapter 41 troubleshooting 53 20
- Chapter 42 product specifications 59 20
- Index 81 20
- Part vi troubleshooting product specifications 351 20
- Part vii appendices and index 369 20
- Hardware 21
- Introduction and 21
- Introduction and hardware 21
- Backbone application 23
- Getting to know your switch 23
- Hapter 23
- Introduction 23
- Bridging example 24
- Figure 1 backbone application 24
- Figure 2 bridging application 24
- Figure 3 high performance switched workgroup application 25
- High performance switching example 25
- Ieee 802 q vlan application examples 25
- Tag based vlan example 25
- Figure 4 shared server using vlan example 26
- Metro ethernet 26
- Figure 5 metro ethernet 27
- Ways to manage the switch 27
- Good habits for managing the switch 28
- Desktop installation procedure 29
- Hapter 29
- Hardware installation and connection 29
- Installation scenarios 29
- Mounting the switch on a rack 29
- Attaching the mounting brackets to the switch 30
- Failure to use the proper screws may damage the unit 30
- Figure 6 attaching the mounting brackets 30
- Precautions 30
- Rack mounted installation requirements 30
- Figure 7 mounting the switch on a rack 31
- Mounting the switch on a rack 31
- Front panel 33
- Hapter 33
- Hardware overview 33
- 9600 bps 34
- An auto negotiating port can detect and adjust to the optimum ethernet speed 10 100 1000 mbps and duplex mode full duplex or half duplex of the connected device 34
- Chapter 3 hardware overview 34
- Connect the male 9 pin end of the console cable to the console port of the switch connect the female end to a serial port com1 com2 or other com port of your computer 34
- Console port 34
- For local management you can use a computer with terminal emulation software configured to the following parameters 34
- Gigabit ethernet ports 34
- Label description 34
- Mes 3728 user s guide 34
- No flow control 34
- No parity 8 data bits 1 stop bit 34
- Table 1 front panel connections continued 34
- Terminal emulation 34
- The switch has 1000base t auto negotiating auto crossover ethernet ports in 10 100 1000 mbps fast ethernet the speed can be 10 mbps 100 mbps or 1000 mbps and the duplex mode can be half duplex or full duplex 34
- Auto crossover 35
- Default ethernet negotiation settings 35
- Mini gbic slots 35
- Figure 10 connecting the fiber optic cables 36
- Figure 9 transceiver installation example 36
- To avoid possible eye injury do not look into an operating fiber optic module s connectors 36
- Transceiver installation 36
- Transceiver removal 36
- Figure 11 removing the fiber optic cables 37
- Figure 12 opening the transceiver s latch example 37
- Figure 13 transceiver removal example 37
- Keep the power supply switch and the switch s power switch in the off position until you come to the procedure for turning on the power 37
- Management port 37
- Note check the power supply requirements in chapter 42 on page 359 and make sure you are using an appropriate power source 37
- Power connector 37
- Ac power connection 38
- Dc power connection 38
- Exposed power wire is dangerous use extreme care when connecting a dc power source to the device 38
- Note the current rating of the power wires must be greater than 20 amps the power supply to which the switch connects must have a built in circuit breaker or switch to toggle the power 38
- Note when installing the power wire push it wire firmly into the terminal as deep as possible and make sure that no exposed bare wire can be seen or touched 38
- Connect a sensor to the signal slot 39
- Signal slot 39
- 2 3 11 10 4 5 6 9 8 7 10 40
- Door open sensor spring clip 40
- Dry contact 40
- Figure 14 connecting a sensor to the signal slot 40
- Normal open only 40
- Output pins 40
- Signal connector 40
- Signal input pins signal 40
- 2 3 11 10 41
- External backup power supply connector 41
- Pin assignments 41
- Rear panel 41
- After you connect the power to the switch view the leds to ensure proper functioning of the switch and as an aid in troubleshooting 42
- Chapter 3 hardware overview 42
- Led color status description 42
- Mes 3728 user s guide 42
- Table 2 led descriptions 42
- Chapter 3 hardware overview 43
- Led color status description 43
- Mes 3728 user s guide 43
- Table 2 led descriptions continued 43
- Basic configuration 45
- Hapter 47
- Introduction 47
- System login 47
- The web configurator 47
- Figure 17 web configurator login 48
- The status screen 48
- Figure 18 web configurator home screen status 49
- Basic setting advanced application ip application management 50
- Chapter 4 the web configurator 50
- In the navigation panel click a main link to reveal a list of submenu links 50
- Link description 50
- Mes 3728 user s guide 50
- Table 3 navigation panel sub links overview 50
- Table 4 navigation panel links 50
- The following table describes the links in the navigation panel 50
- Chapter 4 the web configurator 51
- Link description 51
- Mes 3728 user s guide 51
- Table 4 navigation panel links continued 51
- Chapter 4 the web configurator 52
- Link description 52
- Mes 3728 user s guide 52
- Table 4 navigation panel links continued 52
- Change your password 53
- Figure 19 change administrator login password 53
- Note use the save link when you are done with a configuration session 53
- Saving your configuration 53
- Note be careful not to lock yourself and others out of the switch if you do lock yourself out try using out of band management via the management port to configure the switch 54
- Reload the configuration file 54
- Resetting the switch 54
- Switch lockout 54
- Figure 20 resetting the switch via the console port 55
- Figure 21 web configurator logout screen 56
- Logging out of the web configurator 56
- Creating a vlan 57
- Hapter 57
- Initial setup example 57
- Overview 57
- Note the vlan group id field in this screen and the vid field in the ip setup screen refer to the same vlan id 58
- Figure 23 initial setup network example port vid 59
- Setting port vid 59
- Configuring switch management ip address 60
- Figure 24 initial setup example management ip address 60
- Hapter 63
- How to use dhcp snooping on the switch 63
- Tutorials 63
- Figure 26 tutorial create a vlan and add ports to it 64
- Table 5 tutorial settings in this tutorial 64
- Figure 27 tutorial tag untagged frames 65
- Figure 28 tutorial specify dhcp vlan 65
- Figure 29 tutorial set the dhcp server port to trusted 66
- Figure 30 tutorial enable dhcp snooping on this vlan 66
- Dhcp relay tutorial introduction 67
- Figure 31 tutorial check the binding if dhcp snooping works 67
- How to use dhcp relay on the switch 67
- Creating a vlan 68
- Dhcp server port 2 pvid 102 68
- Figure 32 tutorial dhcp relay scenario 68
- Vlan 102 68
- Figure 33 tutorial set vlan type to 802 q 69
- Figure 34 tutorial create a static vlan 70
- Figure 35 tutorial click the vlan port setting link 70
- Configuring dhcp relay 71
- Figure 36 tutorial add tag for frames received on port 2 71
- Figure 37 tutorial set dhcp server and relay information 72
- Troubleshooting 72
- Hapter 73
- Overview 73
- System status and port statistics 73
- Chapter 7 system status and port statistics 74
- Figure 38 status 74
- Label description 74
- Mes 3728 user s guide 74
- Port status summary 74
- Table 6 status 74
- The following table describes the labels in this screen 74
- To view the port statistics click status in all web configurator screens to display the status screen as shown next 74
- Chapter 7 system status and port statistics 75
- Click a number in the port column in the status screen to display individual port statistics use this screen to check status and detailed performance data about an individual port on the switch 75
- Label description 75
- Mes 3728 user s guide 75
- Port details 75
- Status port details 75
- Table 6 status continued 75
- Chapter 7 system status and port statistics 76
- Label description 76
- Mes 3728 user s guide 76
- Table 7 status port details 76
- The following table describes the labels in this screen 76
- Chapter 7 system status and port statistics 77
- Label description 77
- Mes 3728 user s guide 77
- Table 7 status port details continued 77
- Basic setting 79
- Hapter 79
- Overview 79
- Chapter 8 basic setting 80
- Label description 80
- Mes 3728 user s guide 80
- System info 80
- System info to display the screen as shown you can check the firmware version number and monitor the switch temperature fan speeds and voltage in this screen 80
- System information 80
- The following table describes the labels in this screen 80
- Chapter 8 basic setting 81
- Label description 81
- Mes 3728 user s guide 81
- System info continued 81
- General setup 82
- Chapter 8 basic setting 83
- General setup continued 83
- Label description 83
- Mes 3728 user s guide 83
- A vlan virtual local area network allows a physical network to be partitioned into multiple logical networks devices on a logical network belong to one group a device can belong to more than one group with vlan a device cannot directly talk to or hear from devices that are not in the same group s the traffic must first go through a router 84
- Chapter 8 basic setting 84
- General setup continued 84
- In mtu multi tenant unit applications vlan is vital in providing isolation and security among the subscribers when properly configured vlan prevents one subscriber from accessing the network resources of another on the same lan thus a user will not see the printers and hard disks of another user in the same building 84
- Introduction to vlans 84
- Label description 84
- Mes 3728 user s guide 84
- Note vlan is unidirectional it only governs outgoing traffic 84
- See chapter 9 on page 95 for information on port based and 802 q tagged vlans 84
- Vlan also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain in traditional switched environments all broadcast packets go to each and every individual port with vlan all broadcasts are confined to a specific broadcast domain 84
- Chapter 8 basic setting 85
- Label description 85
- Mes 3728 user s guide 85
- Switch setup 85
- Switch setup in the navigation panel to display the screen as shown the vlan setup screens change depending on whether you choose 802 q or port based in the vlan type field in this screen refer to the chapter on vlan 85
- Switch setup screen 85
- The following table describes the labels in this screen 85
- Chapter 8 basic setting 86
- Label description 86
- Mes 3728 user s guide 86
- Switch setup continued 86
- Ip setup 87
- Management ip addresses 87
- Note you must configure a vlan first 87
- Chapter 8 basic setting 88
- Ip setup 88
- Label description 88
- Mes 3728 user s guide 88
- The following table describes the labels in this screen 88
- Chapter 8 basic setting 89
- Ip setup continued 89
- Label description 89
- Mes 3728 user s guide 89
- Chapter 8 basic setting 90
- Label description 90
- Mes 3728 user s guide 90
- Note changes in this row are copied to all the ports as soon as you make them 90
- Note due to space limitation the port name may be truncated in some web configurator screens 90
- Port setup 90
- Port setup in the navigation panel to display the configuration screen 90
- The following table describes the labels in this screen 90
- Chapter 8 basic setting 91
- Label description 91
- Mes 3728 user s guide 91
- Port setup continued 91
- Advanced 93
- Forwarding tagged and untagged frames 95
- Hapter 95
- Introduction to ieee 802 q tagged vlans 95
- Automatic vlan registration 96
- Garp timers 96
- Table 13 ieee 802 q vlan terminology 96
- Chapter 9 vlan 97
- Enable vlan trunking on a port to allow frames belonging to unknown vlan groups to pass through that port this is useful if you want to set up vlan groups on end devices without having to configure the same vlan groups on intermediary devices 97
- Mes 3728 user s guide 97
- Port vlan trunking 97
- Refer to the following figure suppose you want to create vlan groups 1 and 2 v1 and v2 on devices a and b without vlan trunking you must configure vlan groups 1 and 2 on all intermediary switches c d and e otherwise they will drop frames with unknown vlan group tags however with vlan trunking enabled on a port s in each intermediary switch you only need to create vlan groups in the end devices a and b c d and e automatically allow frames with 97
- Table 13 ieee 802 q vlan terminology continued 97
- Vlan parameter term description 97
- Figure 45 port vlan trunking 98
- Select the vlan type 98
- Select vlan type 98
- Static vlan 98
- Chapter 9 vlan 99
- Label description 99
- Mes 3728 user s guide 99
- The following table describes the labels in this screen 99
- Vlan from the navigation panel to display the vlan status screen as shown next 99
- Vlan status 99
- Vlan vlan status 99
- Chapter 9 vlan 100
- Label description 100
- Mes 3728 user s guide 100
- The following table describes the labels in this screen 100
- Use this screen to view detailed port settings and status of the vlan group see section 9 on page 95 for more information on static vlan click on an index number in the vlan status screen to display vlan details 100
- Vlan detail 100
- Vlan details 100
- Vlan vlan status continued 100
- Configure a static vlan 101
- Static vlan 101
- Chapter 9 vlan 102
- Label description 102
- Mes 3728 user s guide 102
- Note changes in this row are copied to all the ports as soon as you make them 102
- Static vlan continued 102
- Configure vlan port settings 103
- Vlan port setting 103
- Chapter 9 vlan 104
- Label description 104
- Mes 3728 user s guide 104
- Note changes in this row are copied to all the ports as soon as you make them 104
- The following table describes the labels in this screen 104
- Vlan port setting 104
- Figure 51 subnet based vlan application example 105
- Subnet based vlans 105
- Chapter 9 vlan 106
- Click subnet based vlan in the vlan port setting screen to display the configuration screen as shown 106
- Configuring subnet based vlan 106
- Label description 106
- Mes 3728 user s guide 106
- Note subnet based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 106
- Subnet based vlan 106
- Subnet based vlan setup 106
- The following table describes the labels in this screen 106
- Chapter 9 vlan 107
- Label description 107
- Mes 3728 user s guide 107
- Note protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 107
- Protocol based vlans 107
- Protocol based vlans allow you to group traffic into logical vlans based on the protocol you specify when an upstream frame is received on a port configured for a protocol based vlan the switch checks if a tag is added already and its protocol the untagged packets of the same protocol are then placed in the same protocol based vlan one advantage of using protocol based vlans is that priority can be assigned to traffic of the same protocol 107
- Subnet based vlan setup continued 107
- Configuring protocol based vlan 108
- Figure 53 protocol based vlan application example 108
- Chapter 9 vlan 109
- Label description 109
- Mes 3728 user s guide 109
- Note protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 109
- Note protocols in the hexadecimal number range of 0x0000 to 0x05ff are not allowed to be used for protocol based vlans 109
- Protocol based vlan 109
- Protocol based vlan setup 109
- The following table describes the labels in this screen 109
- Activate this protocol based vlan 110
- Chapter 9 vlan 110
- Create an ip based vlan example 110
- Give this protocol based vlan a descriptive name type ip vlan 110
- Label description 110
- Mes 3728 user s guide 110
- Protocol based vlan setup continued 110
- Select the protocol leave the default value ip 110
- This example shows you how to create an ip vlan which includes ports 1 4 and 8 follow these steps 110
- Type the port number you want to include in this protocol based vlan type 1 110
- Type the vlan id of an existing vlan in our example we already created a static vlan with an id of 5 type 5 110
- Figure 55 protocol based vlan configuration example 111
- Note in screens such as ip setup and filtering that require a vid you must enter 1 as the vid 111
- Note when you activate port based vlan the switch uses a default vlan id of 1 you cannot change it 111
- Port based vlan setup 111
- Configure a port based vlan 112
- Figure 56 port based vlan setup all connected 112
- Figure 57 port based vlan setup port isolation 113
- Chapter 9 vlan 114
- Label description 114
- Mes 3728 user s guide 114
- Table 20 port based vlan setup 114
- The following table describes the labels in this screen 114
- Configuring static mac forwarding 115
- Hapter 115
- Overview 115
- Static mac forward setup 115
- Chapter 10 static mac forward setup 116
- Label description 116
- Mes 3728 user s guide 116
- Note static mac addresses do not age out 116
- Static mac forwarding 116
- Static mac forwarding in the navigation panel to display the configuration screen as shown 116
- The following table describes the labels in this screen 116
- Chapter 10 static mac forward setup 117
- Label description 117
- Mes 3728 user s guide 117
- Static mac forwarding continued 117
- Hapter 119
- Static multicast forward setup 119
- Static multicast forwarding overview 119
- Configuring static multicast forwarding 120
- Figure 60 static multicast forwarding to a single port 120
- Figure 61 static multicast forwarding to multiple ports 120
- Static multicast forwarding 120
- Chapter 11 static multicast forward setup 121
- Label description 121
- Mes 3728 user s guide 121
- Static multicast forwarding 121
- The following table describes the labels in this screen 121
- Configure a filtering rule 123
- Filtering 123
- Hapter 123
- Chapter 12 filtering 124
- Filtering continued 124
- Label description 124
- Mes 3728 user s guide 124
- Hapter 125
- Spanning tree protocol 125
- Stp rstp overview 125
- Stp terminology 125
- After a bridge determines the lowest cost spanning tree with stp it enables the root port and the ports that are the designated ports for connected lans and disables all other ports that participate in stp network packets are therefore only forwarded between enabled ports eliminating any possible network loops 126
- Allowed range 126
- Chapter 13 spanning tree protocol 126
- For each lan segment a designated bridge is selected this bridge has the lowest cost to the root among the bridges connected to the lan 126
- How stp works 126
- Link speed 126
- Mes 3728 user s guide 126
- On each bridge the root port is the port through which this bridge communicates with the root it is the port on this switch with the lowest path cost to the root the root path cost if there is no root port then this switch has been accepted as the root bridge of the spanning tree network 126
- Once a stable network topology has been established all bridges listen for hello bpdus bridge protocol data units transmitted from the root bridge if a bridge does not get a hello bpdu after a predefined interval max age the bridge assumes that the link to the root bridge is down this bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology 126
- Path cost is the cost of transmitting a frame onto a lan through that port the recommended cost is assigned according to the speed of the link to which a port is attached the slower the media the higher the cost 126
- Recommended range 126
- Recommended value 126
- Stp aware switches exchange bridge protocol data units bpdus periodically when the bridged lan topology changes a new spanning tree is constructed 126
- Table 24 stp path costs 126
- Multiple rstp 127
- Note the listening state does not exist in rstp 127
- Stp port states 127
- Table 25 stp port states 127
- Figure 64 mrstp network example 128
- Mstp network example 128
- Multiple stp 128
- Note each port can belong to one stp tree only 128
- Figure 65 stp rstp network example 129
- Figure 66 mstp network example 129
- Mst region 129
- Vlan 1 vlan 2 129
- Common and internal spanning tree cist 130
- Figure 67 mstis in different regions 130
- Mst instance 130
- Figure 68 mstp and legacy rstp network example 131
- Spanning tree protocol 131
- Spanning tree protocol status screen 131
- Chapter 13 spanning tree protocol 132
- Configuration 132
- Label description 132
- Mes 3728 user s guide 132
- Spanning tree configuration 132
- Spanning tree protocol 132
- The following table describes the labels in this screen 132
- Configuration screen to enable rstp on the switch 133
- Configure rapid spanning tree protocol 133
- 2 hello time 1 134
- Chapter 13 spanning tree protocol 134
- Label description 134
- Mes 3728 user s guide 134
- Note changes in this row are copied to all the ports as soon as you make them 134
- Rstp continued 134
- Chapter 13 spanning tree protocol 135
- Label description 135
- Mes 3728 user s guide 135
- Note this screen is only available after you activate rstp on the switch 135
- Rapid spanning tree protocol status 135
- Rstp continued 135
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 13 on page 125 for more information on rstp 135
- Status rstp 135
- The following table describes the labels in this screen 135
- Chapter 13 spanning tree protocol 136
- Label description 136
- Mes 3728 user s guide 136
- Note the listening state does not exist in rstp 136
- Status rstp 136
- Configuration screen to enable mrstp on the switch 137
- Configure multiple rapid spanning tree protocol 137
- 2 hello time 1 138
- Chapter 13 spanning tree protocol 138
- Label description 138
- Mes 3728 user s guide 138
- Mrstp continued 138
- Note changes in this row are copied to all the ports as soon as you make them 138
- Chapter 13 spanning tree protocol 139
- Label description 139
- Mes 3728 user s guide 139
- Mrstp continued 139
- Multiple rapid spanning tree protocol status 139
- Note this screen is only available after you activate mrstp on the switch 139
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 13 on page 125 for more information on mrstp 139
- Status mrstp 139
- The following table describes the labels in this screen 139
- Chapter 13 spanning tree protocol 140
- Label description 140
- Mes 3728 user s guide 140
- Note the listening state does not exist in rstp 140
- Status mrstp 140
- Configure multiple spanning tree protocol 141
- 2 hello time 1 142
- Chapter 13 spanning tree protocol 142
- Configuration screen to enable mstp on the switch 142
- Label description 142
- Mes 3728 user s guide 142
- The following table describes the labels in this screen 142
- Chapter 13 spanning tree protocol 143
- Label description 143
- Mes 3728 user s guide 143
- Mstp continued 143
- Note changes in this row are copied to all the ports as soon as you make them 143
- Mstp continued 144
- Multiple spanning tree protocol status 144
- Note this screen is only available after you activate mstp on the switch 144
- Status mstp 144
- Chapter 13 spanning tree protocol 145
- Label description 145
- Mes 3728 user s guide 145
- Status mstp 145
- The following table describes the labels in this screen 145
- Chapter 13 spanning tree protocol 146
- Label description 146
- Mes 3728 user s guide 146
- Status mstp 146
- Bandwidth control 147
- Bandwidth control overview 147
- Cir and pir 147
- Hapter 147
- Bandwidth control 148
- Bandwidth control in the navigation panel to bring up the screen as shown next 148
- Bandwidth control setup 148
- Chapter 14 bandwidth control 148
- Label description 148
- Mes 3728 user s guide 148
- Note changes in this row are copied to all the ports as soon as you make them 148
- The following table describes the related labels in this screen 148
- Bandwidth control continued 149
- Chapter 14 bandwidth control 149
- Label description 149
- Mes 3728 user s guide 149
- Broadcast storm control 151
- Broadcast storm control setup 151
- Hapter 151
- Broadcast storm control 152
- Chapter 15 broadcast storm control 152
- Label description 152
- Mes 3728 user s guide 152
- Note changes in this row are copied to all the ports as soon as you make them 152
- The following table describes the labels in this screen 152
- Hapter 153
- Mirroring 153
- Port mirroring setup 153
- Chapter 16 mirroring 154
- Label description 154
- Mes 3728 user s guide 154
- Mirroring 154
- Note changes in this row are copied to all the ports as soon as you make them 154
- The following table describes the labels in this screen 154
- Dynamic link aggregation 155
- Hapter 155
- Link aggregation 155
- Link aggregation overview 155
- Link aggregation id 156
- Table 36 link aggregation id local switch 156
- Table 37 link aggregation id peer switch 156
- Chapter 17 link aggregation 157
- Label description 157
- Link aggregation in the navigation panel the link aggregation status screen displays by default see section 17 on page 155 for more information 157
- Link aggregation status 157
- Mes 3728 user s guide 157
- The following table describes the labels in this screen 157
- Chapter 17 link aggregation 158
- Label description 158
- Link aggregation status continued 158
- Mes 3728 user s guide 158
- Link aggregation setting 159
- Chapter 17 link aggregation 160
- Label description 160
- Link aggregation setting 160
- Mes 3728 user s guide 160
- Note when you enable the port security feature on the switch and configure port security settings for a port you cannot include the port in an active trunk group 160
- Link aggregation control protocol 161
- Note do not configure this screen unless you want to enable dynamic link aggregation 161
- Chapter 17 link aggregation 162
- Label description 162
- Lacp continued 162
- Mes 3728 user s guide 162
- Note changes in this row are copied to all the ports as soon as you make them 162
- Static trunking example 162
- This example shows you how to create a static port trunk group for ports 2 5 162
- Figure 83 trunking example physical connections 163
- Figure 84 trunking example configuration screen 163
- Hapter 165
- Ieee 802 x authentication 165
- Port authentication 165
- Port authentication overview 165
- Mac authentication 166
- Authentication reply 167
- Authentication request authentication request 167
- Figure 86 mac authentication process 167
- New connection 167
- Port authentication 167
- Port authentication configuration 167
- Session granted denied 167
- Activate ieee 802 x security 168
- Chapter 18 port authentication 168
- Label description 168
- Mes 3728 user s guide 168
- Note changes in this row are copied to all the ports as soon as you make them 168
- Note you must first enable 802 x authentication on the switch before configuring it on each port 168
- The following table describes the labels in this screen 168
- Use this screen to activate ieee 802 x security in the port authentication screen click 802 x to display the configuration screen as shown 168
- Activate mac authentication 169
- Chapter 18 port authentication 169
- Label description 169
- Mac authentication 169
- Mes 3728 user s guide 169
- Use this screen to activate mac authentication in the port authentication screen click mac authentication to display the configuration screen as shown 169
- X continued 169
- Chapter 18 port authentication 170
- Label description 170
- Mac authentication 170
- Mes 3728 user s guide 170
- Note changes in this row are copied to all the ports as soon as you make them 170
- Note if the aging time in the switch setup screen is set to a lower value then it supersedes this setting see section 8 on page 85 170
- Note you must first enable mac authentication on the switch before configuring it on each port 170
- The following table describes the labels in this screen 170
- About port security 171
- Hapter 171
- Port security 171
- Chapter 19 port security 172
- Label description 172
- Mes 3728 user s guide 172
- Port security 172
- Port security in the navigation panel to display the screen as shown 172
- Port security setup 172
- The following table describes the labels in this screen 172
- Chapter 19 port security 173
- Label description 173
- Mes 3728 user s guide 173
- Note changes in this row are copied to all the ports as soon as you make them 173
- Port security continued 173
- Chapter 19 port security 174
- Label description 174
- Mes 3728 user s guide 174
- Port security screen to display the screen as shown 174
- The following table describes the labels in this screen 174
- Vlan mac address limit 174
- Chapter 19 port security 175
- Label description 175
- Mes 3728 user s guide 175
- Vlan mac address limit 175
- About the classifier and qos 177
- Classifier 177
- Configuring the classifier 177
- Hapter 177
- Classifier 178
- Chapter 20 classifier 179
- Classifier continued 179
- Label description 179
- Mes 3728 user s guide 179
- Chapter 20 classifier 180
- Classifier continued 180
- Label description 180
- Mes 3728 user s guide 180
- Note you must select either udp or tcp in the ip protocol field before you configure the socket numbers 180
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the classifier screen to change the settings of a rule click a number in the index field 180
- Viewing and editing classifier configuration 180
- Chapter 20 classifier 181
- Classifier summary table 181
- Ethernet type protocol number 181
- In the internet protocol there is a field called protocol to identify the ip protocol type the following table shows some common protocol types and the 181
- Label description 181
- Mes 3728 user s guide 181
- Note when two rules conflict with each other a higher layer rule has priority over lower layer rule 181
- Table 46 classifier summary table 181
- Table 47 common ethernet types and protocol numbers 181
- The following table describes the labels in this screen 181
- The following table shows some other common ethernet types and the corresponding protocol number 181
- Chapter 20 classifier 182
- Classifier example 182
- Corresponding protocol number refer to http www iana org assignments protocol numbers for a complete list 182
- Mes 3728 user s guide 182
- Protocol name tcp udp port number 182
- Protocol type protocol number 182
- See appendix b on page 373 for information on commonly used port numbers 182
- Some of the most common tcp and udp port numbers are 182
- Table 48 common ip protocol types and protocol numbers 182
- Table 49 common tcp and udp port numbers 182
- The following screen shows an example where you configure a classifier that identifies all traffic from mac address 00 50 ba ad 4f 81 on port 2 182
- Figure 94 classifier example 183
- Diffserv 185
- Dscp and per hop behavior 185
- Hapter 185
- Policy rule 185
- Policy rules overview 185
- Configuring policy rules 186
- Policy rule 187
- Chapter 21 policy rule 188
- Label description 188
- Mes 3728 user s guide 188
- Policy rule continued 188
- Chapter 21 policy rule 189
- Label description 189
- Mes 3728 user s guide 189
- Policy rule continued 189
- Policy rule summary table 189
- The following table describes the labels in this screen 189
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the policy screen to change the settings of a rule click a number in the index field 189
- Viewing and editing policy configuration 189
- Chapter 21 policy rule 190
- Label description 190
- Mes 3728 user s guide 190
- Policy rule summary table continued 190
- Figure 97 policy example 191
- Policy example 191
- Hapter 193
- Queuing method 193
- Queuing method overview 193
- Strictly priority queuing 193
- Weighted fair queuing 193
- Weighted round robin scheduling wrr 194
- Configuring queuing 195
- Queuing method 195
- Chapter 22 queuing method 196
- Label description 196
- Mes 3728 user s guide 196
- Note changes in this row are copied to all the ports as soon as you make them 196
- Queuing method 196
- The following table describes the labels in this screen 196
- Hapter 197
- Vlan stacking 197
- Vlan stacking example 197
- Vlan stacking overview 197
- Figure 99 vlan stacking example 198
- Note static vlan tx tagging must be disabled on a port where you choose normal or access port 198
- Note static vlan tx tagging must be enabled on a port where you choose tunnel port 198
- Vlan stacking port roles 198
- 0 is the lowest priority level and 7 is the highest 199
- A vlan tag service provider vlan stacking or customer ieee 802 q consists of the following three fields 199
- Chapter 23 vlan stacking 199
- Configure the fields as highlighted in the switch vlan stacking screen 199
- Frame format 199
- Mes 3728 user s guide 199
- On the switch configure priority level of inner ieee 802 q tag in the port setup screen 199
- Priority refers to the ieee 802 p standard that allows the service provider to prioritize traffic based on the class of service cos the customer has paid for 199
- Table 53 vlan tag format 199
- Table 54 single and double tagged 802 1q frame format 199
- The frame format for an untagged ethernet frame a single tagged 802 q frame customer and a double tagged 802 q frame service provider is shown next 199
- Tpid tag protocol identifier is a standard ethernet type code identifying the frame and indicates whether the frame carries ieee 802 q tag information the value of this field is 0x8100 as defined in ieee 802 q other vendors may use a different value such as 0x9100 199
- Tunnel tpid is the vlan stacking tag type the switch adds to the outgoing frames sent through a tunnel port of the service provider s edge devices 1 and 2 in the vlan stacking example figure 199
- Vid is the vlan id sp vid is the vid for the second service provider s vlan tag 199
- Vlan tag format 199
- Chapter 23 vlan stacking 200
- Configuring vlan stacking 200
- Mes 3728 user s guide 200
- Note you can not enable vlan mapping and vlan stacking at the same time 200
- Table 55 802 q frame 200
- Vlan stacking 200
- Vlan stacking to display the screen as shown 200
- Chapter 23 vlan stacking 201
- Label description 201
- Mes 3728 user s guide 201
- Note changes in this row are copied to all the ports as soon as you make them 201
- Note you can define up to four different tunnel tpids including 8100 in this screen at a time 201
- Port based q in q 201
- Port based q in q lets the switch treat all frames received on the same port as the same vlan flows and add the same outer vlan tag to them even they have different customer vlan ids 201
- The following table describes the labels in this screen 201
- Vlan stacking 201
- Chapter 23 vlan stacking 202
- Label description 202
- Mes 3728 user s guide 202
- Port based qinq 202
- Selective q in q 202
- Selective q in q is vlan based it allows the switch to add different outer vlan tags to the incoming frames received on one port according to their inner vlan tags 202
- The following table describes the labels in this screen 202
- Vlan stacking screen to display the screen as shown 202
- Chapter 23 vlan stacking 203
- Label description 203
- Mes 3728 user s guide 203
- Note selective q in q rules are only applied to single tagged frames received on the access ports if the incoming frames are untagged or single tagged but received on a tunnel port or cannot match any selective q in q rules the switch applies the port based q in q rules to them 203
- Selective qinq 203
- The following table describes the labels in this screen 203
- Vlan stacking screen to display the screen as shown 203
- Chapter 23 vlan stacking 204
- Label description 204
- Mes 3728 user s guide 204
- Selective qinq continued 204
- Hapter 205
- Igmp filtering 205
- Ip multicast addresses 205
- Multicast 205
- Multicast overview 205
- Igmp snooping 206
- Igmp snooping and vlans 206
- Multicast 206
- Multicast status 206
- Multicast setting 207
- Multicast status continued 207
- Chapter 24 multicast 208
- Label description 208
- Mes 3728 user s guide 208
- Multicast setting 208
- Note changes in this row are copied to all the ports as soon as you make them 208
- Note if you enable igmp filtering you must create and assign igmp filtering profiles for the ports that you want to allow to join multicast groups 208
- The following table describes the labels in this screen 208
- Chapter 24 multicast 209
- Label description 209
- Mes 3728 user s guide 209
- Multicast setting continued 209
- Chapter 24 multicast 210
- Igmp snooping vlan 210
- Label description 210
- Mes 3728 user s guide 210
- Multicast in the navigation panel click the multicast setting link and then the igmp snooping vlan link to display the screen as shown see section 24 on page 206 for more information on igmp snooping vlan 210
- Note you must also enable igmp snooping in the multicast setting screen first 210
- The following table describes the labels in this screen 210
- An igmp filtering profile specifies a range of multicast groups that clients connected to the switch are able to join a profile contains a range of multicast ip addresses which you want clients to be able to join profiles are assigned to ports in the multicast setting screen clients connected to those ports are then able to join the multicast groups specified in the profile each port can be assigned a single profile a profile can be assigned to multiple ports 211
- Chapter 24 multicast 211
- Igmp filtering profile 211
- Igmp snooping vlan continued 211
- Label description 211
- Mes 3728 user s guide 211
- Note you cannot configure the same vlan id as in the mvr screen 211
- Chapter 24 multicast 212
- Igmp filtering profile 212
- Igmp filtering profile link to display the screen as shown 212
- Label description 212
- Mes 3728 user s guide 212
- The following table describes the labels in this screen 212
- Figure 107 mvr network example 213
- Igmp filtering profile continued 213
- Mvr overview 213
- Types of mvr ports 213
- Figure 108 mvr multicast television example 214
- How mvr works 214
- Mvr modes 214
- General mvr configuration 215
- Note you can create up to five multicast vlans and up to 256 multicast rules on the switch 215
- Note your switch automatically creates a static vlan with the same vid when you create a multicast vlan in this screen 215
- Chapter 24 multicast 216
- Label description 216
- Mes 3728 user s guide 216
- Mvr continued 216
- Note changes in this row are copied to all the ports as soon as you make them 216
- All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group 217
- Chapter 24 multicast 217
- Configure mvr ip multicast group address es in the group configuration screen click group configuration in the mvr screen 217
- Label description 217
- Mes 3728 user s guide 217
- Mvr group configuration 217
- Note a port can belong to more than one multicast vlan however ip multicast group addresses in different multicast vlans cannot overlap 217
- The following table describes the labels in this screen 217
- Chapter 24 multicast 218
- Figure 111 mvr configuration example 218
- Label description 218
- Mes 3728 user s guide 218
- Multicast vid 200 vlan 1 218
- Mvr configuration example 218
- Mvr group configuration 218
- The following figure shows a network example where ports 1 2 and 3 on the switch belong to vlan 1 in addition port 7 belongs to the multicast group with vid 200 to receive multicast traffic the news and movie channels from the remote streaming media server s computers a b and c in vlan are able to receive the traffic 218
- Figure 112 mvr configuration example 219
- Figure 113 mvr group configuration example 220
- Figure 114 mvr group configuration example 220
- Authentication authorization and accounting aaa 221
- Hapter 221
- Aaa screens 222
- Client aaa server 222
- Figure 115 aaa server 222
- Local user accounts 222
- Radius and tacacs 222
- Table 65 radius vs tacacs 222
- Radius server setup 223
- Chapter 25 aaa 224
- Label description 224
- Mes 3728 user s guide 224
- Radius server setup 224
- The following table describes the labels in this screen 224
- Chapter 25 aaa 225
- Label description 225
- Mes 3728 user s guide 225
- Radius server setup continued 225
- Tacacs server setup 225
- Use this screen to configure your tacacs server settings see section 25 on page 222 for more information on tacacs servers click on the tacacs server setup link in the aaa screen to view the screen as shown 225
- Chapter 25 aaa 226
- Label description 226
- Mes 3728 user s guide 226
- Tacacs server setup 226
- The following table describes the labels in this screen 226
- Aaa setup 227
- Chapter 25 aaa 227
- Label description 227
- Mes 3728 user s guide 227
- Tacacs server setup continued 227
- Use this screen to configure authentication authorization and accounting settings on the switch click on the aaa setup link in the aaa screen to view the screen as shown 227
- Aaa setup 228
- Chapter 25 aaa 228
- Label description 228
- Mes 3728 user s guide 228
- The following table describes the labels in this screen 228
- Aaa setup continued 229
- Chapter 25 aaa 229
- Label description 229
- Mes 3728 user s guide 229
- Note refer to the documentation that comes with your radius server on how to configure vsas for users authenticating via the radius server 230
- Table 69 supported vsas 230
- Vendor specific attribute 230
- Note if you set the privilege level of a login account differently on the radius server s and the switch the user is assigned a privilege level from the database radius or local the switch uses first for user authentication 231
- Note you must also create a vlan with the specified vid on the switch 231
- Supported radius attributes 231
- Table 69 supported vsas 231
- Table 70 supported tunnel protocol attribute 231
- Tunnel protocol attribute 231
- Attributes used by the ieee 802 x authentication 232
- Attributes used for authenticating privilege access 232
- Attributes used for authentication 232
- Attributes used to login users 232
- Acct delay time 233
- Acct session id 233
- Acct status type 233
- Attribute start interim update stop 233
- Attributes used for accounting 233
- Attributes used for accounting exec events 233
- Attributes used for accounting system events 233
- Chapter 25 aaa 233
- Mes 3728 user s guide 233
- Nas identifier 233
- Nas ip address 233
- Table 71 radius attributes exec events via console 233
- Table 72 radius attributes exec events via telnet ssh 233
- The attributes are listed in the following table along with the time that they are sent the difference between console and telnet ssh exec events is that the telnet ssh events utilize the calling station id attribute 233
- The following sections list the attributes sent from the switch to the radius server when performing authentication 233
- The format of acct session id is date time 8 digit sequential number for example 2007041917210300000001 date 2007 04 19 time 17 21 03 serial number 00000001 233
- Attribute start interim update stop 234
- Attributes used for accounting ieee 802 x events 234
- Chapter 25 aaa 234
- Mes 3728 user s guide 234
- Table 72 radius attributes exec events via telnet ssh 234
- Table 73 radius attributes exec events via 802 x 234
- The attributes are listed in the following table along with the time of the session they are sent 234
- Hapter 235
- Ip source guard 235
- Ip source guard overview 235
- Dhcp snooping database 236
- Dhcp snooping overview 236
- Note if dhcp is enabled and there are no trusted ports dhcp requests will not succeed 236
- Trusted vs untrusted ports 236
- Configuring dhcp snooping 237
- Dhcp relay option 82 information 237
- Figure 120 dhcp snooping database file format 237
- Arp inspection and mac address filters 238
- Arp inspection overview 238
- Figure 121 example man in the middle attack 238
- Configuring arp inspection 239
- Ip source guard 239
- Note it is recommended you enable dhcp snooping at least one day before you enable arp inspection so that the switch has enough time to build the binding table 239
- Syslog 239
- Trusted vs untrusted ports 239
- Chapter 26 ip source guard 240
- Figure 122 ip source guard 240
- Ip source guard 240
- Ip source guard static binding 240
- Label description 240
- Mes 3728 user s guide 240
- Table 74 ip source guard 240
- The following table describes the labels in this screen 240
- Use this screen to manage static bindings for dhcp snooping and arp inspection static bindings are uniquely identified by the mac address and vlan id each mac address and vlan id can only be in one static binding if you try to create a static binding with the same mac address and vlan id as an existing static binding the 240
- Chapter 26 ip source guard 241
- Figure 123 ip source guard static binding 241
- Label description 241
- Mes 3728 user s guide 241
- Static binding 241
- Table 75 ip source guard static binding 241
- The following table describes the labels in this screen 241
- Chapter 26 ip source guard 242
- Label description 242
- Mes 3728 user s guide 242
- Table 75 ip source guard static binding continued 242
- Dhcp snooping 243
- Figure 124 dhcp snooping 244
- Chapter 26 ip source guard 245
- Label description 245
- Mes 3728 user s guide 245
- Table 76 dhcp snooping 245
- The following table describes the labels in this screen 245
- Chapter 26 ip source guard 246
- Label description 246
- Mes 3728 user s guide 246
- Table 76 dhcp snooping continued 246
- Dhcp snooping configure 247
- Figure 125 dhcp snooping configure 247
- Table 76 dhcp snooping continued 247
- Chapter 26 ip source guard 248
- Label description 248
- Mes 3728 user s guide 248
- Note if dhcp is enabled and there are no trusted ports dhcp requests will not succeed 248
- Note you have to enable dhcp snooping on the dhcp vlan too 248
- Table 77 dhcp snooping configure 248
- The following table describes the labels in this screen 248
- Chapter 26 ip source guard 249
- Dhcp snooping port configure 249
- Figure 126 dhcp snooping port configure 249
- Label description 249
- Mes 3728 user s guide 249
- Note if dhcp snooping is enabled but there are no trusted ports dhcp requests cannot reach the dhcp server 249
- Table 77 dhcp snooping configure continued 249
- Use this screen to specify whether ports are trusted or untrusted ports for dhcp snooping 249
- Chapter 26 ip source guard 250
- Dhcp snooping vlan configure 250
- Label description 250
- Mes 3728 user s guide 250
- Table 78 dhcp snooping port configure 250
- The following table describes the labels in this screen 250
- Use this screen to enable dhcp snooping on each vlan and to specify whether or not the switch adds dhcp relay agent option 82 information chapter 32 on page 287 to dhcp requests that the switch relays to a dhcp server for each vlan to 250
- Chapter 26 ip source guard 251
- Figure 127 dhcp snooping vlan configure 251
- Label description 251
- Mes 3728 user s guide 251
- Note if dhcp is enabled and there are no trusted ports dhcp requests will not succeed 251
- Table 79 dhcp snooping vlan configure 251
- The following table describes the labels in this screen 251
- Arp inspection 252
- Arp inspection status 252
- Chapter 26 ip source guard 252
- Figure 128 arp inspection status 252
- Label description 252
- Mes 3728 user s guide 252
- Table 80 arp inspection status 252
- The following table describes the labels in this screen 252
- Arp inspection vlan status 253
- Chapter 26 ip source guard 253
- Figure 129 arp inspection vlan status 253
- Label description 253
- Mes 3728 user s guide 253
- Table 80 arp inspection status continued 253
- Table 81 arp inspection vlan status 253
- The following table describes the labels in this screen 253
- Vlan status 253
- Arp inspection log status 254
- Chapter 26 ip source guard 254
- Figure 130 arp inspection log status 254
- Label description 254
- Log status 254
- Mes 3728 user s guide 254
- Table 81 arp inspection vlan status 254
- Table 82 arp inspection log status 254
- The following table describes the labels in this screen 254
- Arp inspection configure 255
- Chapter 26 ip source guard 255
- Label description 255
- Mes 3728 user s guide 255
- Table 82 arp inspection log status continued 255
- Use this screen to enable arp inspection on the switch you can also configure the length of time the switch stores records of discarded arp packets and global 255
- Chapter 26 ip source guard 256
- Configure 256
- Figure 131 arp inspection configure 256
- Label description 256
- Mes 3728 user s guide 256
- Table 83 arp inspection configure 256
- The following table describes the labels in this screen 256
- Arp inspection port configure 257
- Chapter 26 ip source guard 257
- Label description 257
- Mes 3728 user s guide 257
- Table 83 arp inspection configure continued 257
- Use this screen to specify whether ports are trusted or untrusted ports for arp inspection you can also specify the maximum rate at which the switch receives 257
- Chapter 26 ip source guard 258
- Figure 132 arp inspection port configure 258
- Label description 258
- Mes 3728 user s guide 258
- Table 84 arp inspection port configure 258
- The following table describes the labels in this screen 258
- Arp inspection vlan configure 259
- Chapter 26 ip source guard 259
- Figure 133 arp inspection vlan configure 259
- Label description 259
- Mes 3728 user s guide 259
- Table 84 arp inspection port configure continued 259
- Table 85 arp inspection vlan configure 259
- The following table describes the labels in this screen 259
- Chapter 26 ip source guard 260
- Label description 260
- Mes 3728 user s guide 260
- Table 85 arp inspection vlan configure continued 260
- Hapter 261
- Loop guard 261
- Loop guard overview 261
- Figure 135 switch in loop state 262
- Figure 136 loop guard probe packet 262
- Loop guard setup 263
- Chapter 27 loop guard 264
- Label description 264
- Loop guard 264
- Mes 3728 user s guide 264
- Note changes in this row are copied to all the ports as soon as you make them 264
- The following table describes the labels in this screen 264
- Hapter 265
- Vlan mapping 265
- Vlan mapping example 265
- Vlan mapping overview 265
- Chapter 28 vlan mapping 266
- Click advanced application and then vlan mapping in the navigation panel to display the screen as shown 266
- Enabling vlan mapping 266
- Figure 140 vlan mapping 266
- Label description 266
- Mes 3728 user s guide 266
- Table 87 vlan mapping 266
- The following table describes the labels in this screen 266
- Chapter 28 vlan mapping 267
- Click the vlan mapping configure link in the vlan mapping screen to display the screen as shown use this screen to enable and edit the vlan mapping rule s 267
- Configuring vlan mapping 267
- Figure 141 vlan mapping configuration 267
- Label description 267
- Mes 3728 user s guide 267
- Table 88 vlan mapping configuration 267
- The following table describes the labels in this screen 267
- Chapter 28 vlan mapping 268
- Label description 268
- Mes 3728 user s guide 268
- Table 88 vlan mapping configuration continued 268
- Hapter 269
- Layer 2 protocol tunneling 269
- Layer 2 protocol tunneling overview 269
- Figure 143 l2pt network example 270
- Layer 2 protocol tunneling mode 270
- Configuring layer 2 protocol tunneling 271
- Layer 2 protocol tunneling 271
- Note all the edge switches in the service provider s network should be set to use the same mac address for encapsulation 271
- Note the mac address can be either a unicast mac address or multicast mac address if you use a unicast mac address make sure the mac address does not exist in the address table of a switch on the service provider s network 271
- Chapter 29 layer 2 protocol tunneling 272
- Label description 272
- Layer 2 protocol tunneling continued 272
- Mes 3728 user s guide 272
- Note changes in this row are copied to all the ports as soon as you make them 272
- Note you can enable l2pt services for stp lacp vtp cdp udld and pagp on the access port s only 272
- Ip application 273
- Hapter 275
- Static route 275
- Static routing overview 275
- Chapter 30 static route 276
- Configuring static routing 276
- Label description 276
- Mes 3728 user s guide 276
- Static routing 276
- Static routing in the navigation panel to display the screen as shown 276
- The following table describes the related labels you use to create a static route 276
- Chapter 30 static route 277
- Label description 277
- Mes 3728 user s guide 277
- Static routing continued 277
- Differentiated services 279
- Diffserv overview 279
- Dscp and per hop behavior 279
- Hapter 279
- Diffserv network example 280
- Figure 148 diffserv network 280
- Two rate three color marker traffic policing 280
- Figure 149 trtcm color blind mode 281
- Trtcm color aware mode 281
- Trtcm color blind mode 281
- Activating diffserv 282
- Diffserv 282
- Figure 150 trtcm color aware mode 282
- Chapter 31 differentiated services 283
- Configuring 2 rate 3 color marker settings 283
- Diffserv 283
- Label description 283
- Mes 3728 user s guide 283
- Note changes in this row are copied to all the ports as soon as you make them 283
- Note you cannot enable both trtcm and bandwidth control at the same time 283
- Rate 3 color marker 283
- The following table describes the labels in this screen 283
- Use this screen to configure trtcm settings click the 2 rate 3 color marker link in the diffserv screen to display the screen as shown next 283
- Dscp to ieee 802 p priority settings 284
- Note changes in this row are copied to all the ports as soon as you make them 284
- Note you must also activate diffserv on the switch and the individual ports for the switch to drop red high loss priority colored packets 284
- Rate 3 color marker 284
- Chapter 31 differentiated services 285
- Configuring dscp settings 285
- Dscp setting 285
- Label description 285
- Mes 3728 user s guide 285
- Table 93 default dscp ieee 802 p mapping 285
- The following table describes the labels in this screen 285
- The following table shows the default dscp to ieee802 p mapping 285
- To change the dscp ieee 802 p mapping click the dscp setting link in the diffserv screen to display the screen as shown next 285
- Dhcp configuration options 287
- Dhcp modes 287
- Dhcp overview 287
- Hapter 287
- Dhcp relay 288
- Dhcp relay agent information 288
- Dhcp status 288
- Configuring dhcp global relay 289
- Global 289
- Table 96 relay agent information 289
- Chapter 32 dhcp 290
- Configure the dhcp relay screen as shown make sure you select the option 82 check box to set the switch to send additional information such as the vlan id 290
- Figure 156 global dhcp relay network example 290
- Global 290
- Global dhcp relay configuration example 290
- Label description 290
- Mes 3728 user s guide 290
- The follow figure shows a network example where the switch is used to relay dhcp requests for the vlan1 and vlan2 domains there is only one dhcp server that services the dhcp clients in both domains 290
- The following table describes the labels in this screen 290
- Vlan1 vlan2 290
- Configuring dhcp vlan settings 291
- Figure 157 dhcp relay configuration example 291
- Note you must set up a management ip address for each vlan that you want to configure dhcp settings for on the switch 291
- Chapter 32 dhcp 292
- Label description 292
- Mes 3728 user s guide 292
- See section 8 on page 87 for information on how to set up management ip addresses for vlans 292
- The following table describes the labels in this screen 292
- Example dhcp relay for two vlans 293
- Figure 159 dhcp relay for two vlans 293
- Figure 160 dhcp relay for two vlans configuration example 293
- Vlan continued 293
- Management 295
- Hapter 297
- Maintenance 297
- The maintenance screen 297
- Figure 162 load factory default start 298
- Load factory default 298
- Maintenance continued 298
- Note make sure to click the save button in any screen to save your settings to the current configuration on the switch 298
- Save configuration 298
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 299
- Figure 163 reboot system confirmation 299
- Firmware upgrade 299
- Note clicking the apply or add button does not save the changes permanently all unsaved changes are erased after you reboot the switch 299
- Reboot system 299
- Firmware upgrade 300
- Restore a configuration file 300
- Restore configuration 300
- Backup a configuration file 301
- Backup configuration 301
- Filename conventions 301
- Ftp command line 301
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 302
- Example ftp commands 302
- Table 100 filename conventions 302
- Ftp command line procedure 303
- Gui based ftp clients 303
- Ftp restrictions 304
- Access control 305
- Access control overview 305
- Hapter 305
- The access control main screen 305
- About snmp 306
- Figure 168 snmp management model 306
- Snmp v3 and security 307
- Supported mibs 307
- Table 102 snmp commands 307
- An oid object id that begins with 1 90 is defined in private mibs otherwise it is a standard mib oid 308
- Chapter 34 access control 308
- Mes 3728 user s guide 308
- Option object label object id description 308
- Snmp traps 308
- Table 103 snmp system traps 308
- The switch sends traps to an snmp manager when an event occurs the following tables outline the snmp traps by category 308
- Chapter 34 access control 309
- Mes 3728 user s guide 309
- Option object label object id description 309
- Table 103 snmp system traps continued 309
- Table 104 snmp interface traps 309
- Chapter 34 access control 310
- Mes 3728 user s guide 310
- Option object label object id description 310
- Table 105 aaa traps 310
- Table 106 snmp ip traps 310
- Chapter 34 access control 311
- Mes 3728 user s guide 311
- Option object label object id description 311
- Table 107 snmp switch traps 311
- Chapter 34 access control 312
- Configuring snmp 312
- Label description 312
- Mes 3728 user s guide 312
- Note snmp version 2c is backwards compatible with snmp version 1 312
- Snmp to view the screen as shown use this screen to configure your snmp settings 312
- The following table describes the labels in this screen 312
- Chapter 34 access control 313
- Label description 313
- Logins screen 313
- Mes 3728 user s guide 313
- Note the settings on the snmp manager must be set at the same security level or higher than the security level settings on the switch 313
- Note use the username and password of the login accounts you specify in this section to create accounts on the snmp v3 manager 313
- Snmp continued 313
- Chapter 34 access control 314
- Configuring snmp trap group 314
- Label description 314
- Mes 3728 user s guide 314
- Snmp continued 314
- Trap group 314
- Trap group to view the screen as shown use the trap group screen to specify the types of snmp traps that should be sent to each snmp manager 314
- A non administrator username is something other than admin is someone who can view but not configure switch settings 315
- An administrator is someone who can both view and configure switch changes the username for the administrator is always admin the default administrator password is 1234 315
- Chapter 34 access control 315
- Label description 315
- Mes 3728 user s guide 315
- Note it is highly recommended that you change the default administrator password 1234 315
- Setting up login accounts 315
- The following table describes the labels in this screen 315
- Trap group 315
- Up to five people one administrator and four non administrators may access the switch via web configurator at any one time 315
- Chapter 34 access control 316
- Label description 316
- Logins 316
- Logins to view the screen as shown next 316
- Mes 3728 user s guide 316
- The following table describes the labels in this screen 316
- Chapter 34 access control 317
- Figure 172 ssh communication example 317
- Label description 317
- Logins continued 317
- Mes 3728 user s guide 317
- Ssh overview 317
- Unlike telnet or ftp which transmit data in clear text ssh secure shell is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network 317
- Figure 173 how ssh works 318
- How ssh works 318
- Introduction to https 319
- Requirements for using ssh 319
- Ssh implementation on the switch 319
- Figure 174 https implementation 320
- Https example 320
- Internet explorer warning messages 320
- Note if you disable http in the service access control screen then the switch blocks all http connection attempts 320
- Example 321
- Figure 175 security alert dialog box internet explorer 321
- Netscape navigator warning messages 321
- Example 322
- Figure 176 security certificate 1 netscape 322
- Figure 177 security certificate 2 netscape 322
- Example 323
- Figure 178 example lock denoting a secure connection 323
- Service port access control 323
- The main screen 323
- Chapter 34 access control 324
- Label description 324
- Mes 3728 user s guide 324
- Remote management 324
- Remote management to view the screen as shown next 324
- Service access control 324
- Service access control to view the screen as shown 324
- The following table describes the fields in this screen 324
- Chapter 34 access control 325
- Label description 325
- Mes 3728 user s guide 325
- Remote management 325
- The following table describes the labels in this screen 325
- You can specify a group of one or more trusted computers from which an administrator may use a service to manage the switch click access control to return to the access control screen 325
- Diagnostic 327
- Hapter 327
- Chapter 35 diagnostic 328
- Diagnostic 328
- Label description 328
- Mes 3728 user s guide 328
- The following table describes the labels in this screen 328
- Hapter 329
- Syslog 329
- Syslog overview 329
- Chapter 36 syslog 330
- Label description 330
- Mes 3728 user s guide 330
- Syslog 330
- Syslog in the navigation panel to display this screen the syslog feature sends logs to an external syslog server use this screen to configure the device s system logging settings 330
- Syslog setup 330
- The following table describes the labels in this screen 330
- Chapter 36 syslog 331
- Label description 331
- Mes 3728 user s guide 331
- Syslog server setup 331
- Syslog server setup to view the screen as shown next use this screen to configure a list of external syslog servers 331
- The following table describes the labels in this screen 331
- Cluster management 333
- Cluster management status overview 333
- Hapter 333
- Cluster management status 334
- Figure 184 clustering application example 334
- Note a cluster can only have one manager 334
- Chapter 37 cluster management 335
- Cluster management status 335
- Cluster member switch management 335
- Go to the clustering management status screen of the cluster manager switch and then select an index hyperlink from the list of members to go to that cluster member switch s web configurator home page this cluster member web 335
- Label description 335
- Mes 3728 user s guide 335
- The following table describes the labels in this screen 335
- Example 336
- Figure 186 cluster management cluster member web configurator screen 336
- Figure 187 example uploading firmware to a cluster member switch 336
- Uploading firmware to a cluster member switch 336
- Chapter 37 cluster management 337
- Ftp parameter description 337
- Mes 3728 user s guide 337
- Table 119 ftp upload to cluster member example 337
- The following table explains some of the ftp parameters 337
- Chapter 37 cluster management 338
- Clustering management configuration 338
- Configuration 338
- Configuration to display the next screen 338
- Label description 338
- Mes 3728 user s guide 338
- The following table describes the labels in this screen 338
- Chapter 37 cluster management 339
- Configuration continued 339
- Label description 339
- Mes 3728 user s guide 339
- Hapter 341
- Mac table 341
- Mac table overview 341
- Figure 189 mac table flowchart 342
- Mac table 342
- Viewing the mac table 342
- Chapter 38 mac table 343
- Label description 343
- Mac table 343
- Mes 3728 user s guide 343
- The following table describes the labels in this screen 343
- Arp table 345
- Arp table overview 345
- Hapter 345
- How arp works 345
- Arp table 346
- Viewing the arp table 346
- Configure clone 347
- Hapter 347
- Configure clone 348
- Chapter 40 configure clone 349
- Configure clone 349
- Label description 349
- Mes 3728 user s guide 349
- The following table describes the labels in this screen 349
- Troubleshooting product specifications 351
- Hapter 353
- Power hardware connections and leds 353
- Troubleshooting 353
- I forgot the ip address for the switch 354
- One of the leds does not behave as expected 354
- Switch access and login 354
- I can see the login screen but i cannot log in to the switch 355
- I cannot see or access the login screen in the web configurator 355
- I forgot the username and or password 355
- I cannot see some of advanced application submenus at the bottom of the navigation panel 356
- Pop up windows javascripts and java permissions 356
- There is unauthorized access to my switch via telnet http and ssh 356
- I lost my configuration settings after i restart the switch 357
- Switch configuration 357
- Hapter 359
- Product specifications 359
- Chapter 42 product specifications 360
- Feature description 360
- Mes 3728 user s guide 360
- Table 124 hardware specifications 360
- Table 125 firmware specifications 360
- Chapter 42 product specifications 361
- Feature description 361
- Mes 3728 user s guide 361
- Table 125 firmware specifications 361
- Chapter 42 product specifications 362
- Feature description 362
- Mes 3728 user s guide 362
- Note only upload firmware for your specific model 362
- Table 125 firmware specifications 362
- Chapter 42 product specifications 363
- Feature description 363
- Mes 3728 user s guide 363
- Table 125 firmware specifications 363
- Table 126 feature specifications 363
- Chapter 42 product specifications 364
- Mes 3728 user s guide 364
- Table 126 feature specifications continued 364
- Chapter 42 product specifications 365
- Mes 3728 user s guide 365
- Standard description 365
- Table 126 feature specifications continued 365
- Table 127 standards supported 365
- The following list which is not exhaustive illustrates the standards supported in the switch 365
- Chapter 42 product specifications 366
- Mes 3728 user s guide 366
- Standard description 366
- Table 127 standards supported continued 366
- Chapter 42 product specifications 367
- Mes 3728 user s guide 367
- Standard description 367
- Table 127 standards supported continued 367
- Appendices and 369
- Appendices and index 369
- Changing a fuse 371
- Installing a fuse 371
- Ppendix 371
- Removing a fuse 371
- Common services 373
- Ppendix 373
- Appendix b common services 374
- Mes 3728 user s guide 374
- Name protocol port s description 374
- Table 128 commonly used services continued 374
- Appendix b common services 375
- Mes 3728 user s guide 375
- Name protocol port s description 375
- Table 128 commonly used services continued 375
- Appendix b common services 376
- Mes 3728 user s guide 376
- Name protocol port s description 376
- Table 128 commonly used services continued 376
- Certifications 377
- Copyright 377
- Legal information 377
- Ppendix 377
- Ce mark warning 378
- Fcc warning 378
- Notices 378
- Taiwanese bsmi bureau of standards metrology and inspection a warning 378
- Registration 379
- Viewing certifications 379
- Zyxel limited warranty 379
- Mes 3728 user s guide 381
- Numerics 381
- Mes 3728 user s guide 382
- Mes 3728 user s guide 383
- Mes 3728 user s guide 384
- Mes 3728 user s guide 385
- Mes 3728 user s guide 386
- Mes 3728 user s guide 387
- Mes 3728 user s guide 388
Похожие устройства
- Shure SM58 Инструкция по эксплуатации
- Siemens HB 565.60 Инструкция по эксплуатации
- Prology DATV-870XSC Инструкция по эксплуатации
- Shure SM58 40TH ANNIVERSARY Инструкция по эксплуатации
- Siemens HB 38R.60 Инструкция по эксплуатации
- Prology VXD-100 Инструкция по эксплуатации
- Shure SM58S Инструкция по эксплуатации
- Jet JMD-X1 (50000025M) Инструкция по эксплуатации
- Siemens HB 38L.60 Инструкция по эксплуатации
- Prology TX-1023 Инструкция по эксплуатации
- Sturm GC99466 Инструкция по эксплуатации
- Shure SM63L Инструкция по эксплуатации
- Prology NX-1022 MkIII Инструкция по эксплуатации
- Siemens HB 380.60 Инструкция по эксплуатации
- Shure SM7B Инструкция по эксплуатации
- Sturm GC99468 Инструкция по эксплуатации
- Siemens HB 33R.50 Инструкция по эксплуатации
- Prology NX-1322 MkIII Инструкция по эксплуатации
- Champion 138-16" Инструкция по эксплуатации
- Shure SM86 Инструкция по эксплуатации