Zyxel ES-3148 Инструкция по эксплуатации онлайн
www.zyxel.com
ES-3148 Series
Intelligent Layer 2+ Switch
User’s Guide
Version 3.80
8/2007
Edition 1
DEFAULT LOGIN
IP Address http://192.168.1.1
User Name admin
Password 1234
Содержание
- Es 3148 series 1
- Intelligent layer 2 switch 1
- User s guide 1
- Www zyxel com 1
- About this user s guide 3
- It is recommended you use the web configurator to configure the switch 3
- Document conventions 4
- Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations 4
- Warnings tell you about things that could harm you or your device 4
- Document conventions 5
- Es 3148 user s guide 5
- Figures in this user s guide may use the following generic icons the switch icon is not an exact representation of your device 5
- Icons used in figures 5
- For your safety be sure to read and follow all warning notices and instructions 6
- Safety warnings 6
- Contents overview 9
- Hardware 7 9
- Introduction 1 9
- Web configurator 9 9
- Appendices and index 93 10
- Troubleshooting and specifications 81 10
- About this user s guide 11
- Chapter 1 introducing the switch 3 11
- Chapter 2 hardware installation and connection 9 11
- Chapter 3 hardware overview 3 11
- Contents overview 11
- Document conventions 11
- List of figures 1 11
- List of tables 7 11
- Part i introduction 31 11
- Part ii hardware 37 11
- Safety warnings 11
- Table of contents 11
- Table of contents 1 11
- Chapter 4 the web configurator 1 12
- Chapter 5 initial setup example 3 12
- Chapter 6 system status and port statistics 7 12
- Chapter 7 basic setting 3 12
- Part iii web configurator 49 12
- Chapter 10 filtering 05 13
- Chapter 11 spanning tree protocol 07 13
- Chapter 8 vlan 5 13
- Chapter 9 static mac forward setup 03 13
- Chapter 12 bandwidth control 25 14
- Chapter 13 broadcast storm control 27 14
- Chapter 14 mirroring 29 14
- Chapter 15 link aggregation 31 14
- Chapter 16 port authentication 39 14
- Chapter 17 port security 45 15
- Chapter 18 classifier 49 15
- Chapter 19 policy rule 55 15
- Chapter 20 queuing method 61 15
- Chapter 21 vlan stacking 65 15
- Chapter 22 multicast 71 15
- Chapter 23 authentication accounting 85 16
- Chapter 24 ip source guard 99 16
- Chapter 25 loop guard 19 17
- Chapter 26 static routing 23 17
- Chapter 27 differentiated services 25 17
- Chapter 28 dhcp 33 17
- Chapter 29 maintenance 39 17
- Chapter 30 access control 45 18
- Chapter 31 diagnostic 63 18
- Chapter 32 syslog 65 18
- Appendix a setting up your computer s ip address 95 19
- Appendix b pop up windows javascripts and java permissions 17 19
- Chapter 33 cluster management 69 19
- Chapter 34 mac table 75 19
- Chapter 35 arp table 77 19
- Chapter 36 configure clone 79 19
- Chapter 37 troubleshooting 83 19
- Chapter 38 product specifications 87 19
- Part iv troubleshooting and specifications 281 19
- Part v appendices and index 293 19
- List of figures 21
- List of tables 27
- Introduction 31
- Backbone application 33
- Hapter 33
- Introducing the switch 33
- Overview 33
- Bridging example 34
- High performance switched example 34
- Ieee 802 q vlan application examples 35
- Good habits for managing the switch 36
- Ways to manage the switch 36
- Hardware 37
- Freestanding installation 39
- Hapter 39
- Hardware installation and connection 39
- Attaching the mounting brackets to the switch 40
- Do not block the ventilation holes leave space between devices when stacking for proper ventilation allow at least 4 inches 10 cm of clearance at the front and 3 inches 8 cm at the back of the switch this is especially important for enclosed rack installations 40
- Failure to use the proper screws may damage the unit 40
- Mounting the switch on a rack 40
- Rack mounted installation requirements 40
- Mounting the switch on a rack 41
- Ethernet ports 43
- Hapter 43
- Hardware overview 43
- Panel connections 43
- Mini gbic slots 44
- To avoid possible eye injury do not look into an operating fiber optic module s connectors 44
- Rear panel 45
- Chapter 3 hardware overview 46
- Connect the male 9 pin end of the console cable to the console port of the switch connect the female end to a serial port com1 com2 or other com port of your computer 46
- Console port 46
- Es 3148 user s guide 46
- External backup power supply connector 46
- Figure 14 rear panel 46
- For local management you can use a computer with terminal emulation software configured to the following parameters 46
- Table 2 rear panel 46
- The following table describes the ports on the panels 46
- The switch supports external backup power supply bps 46
- Vt100 terminal emulation 9600 bps no parity 8 data bits 1 stop bit no flow control 46
- Chapter 3 hardware overview 47
- Es 3148 user s guide 47
- Make sure you are using the correct power source as shown on the panel 47
- Power connector 47
- Table 3 leds 47
- The backup power supply constantly monitors the status of the internal power supply the backup power supply automatically provides power to the switch in the event of a power failure once the switch receives power from the backup power supply it will not automatically switch back to using the internal power supply even when the power is resumed 47
- The following table describes the leds on the switch 47
- To connect the power to the switch insert the female end of power cord to the power receptacle on the rear panel connect the other end of the supplied power cord to the power source make sure that no objects obstruct the airflow of the fans 47
- Chapter 3 hardware overview 48
- Es 3148 user s guide 48
- Table 3 leds continued 48
- Web configurator 49
- Hapter 51
- Introduction 51
- System login 51
- The web configurator 51
- The status screen 52
- The following table lists the various web configurator screens within the sub links 54
- Chapter 4 the web configurator 55
- Es 3148 user s guide 55
- Table 5 web configurator screen sub links details 55
- Chapter 4 the web configurator 56
- Es 3148 user s guide 56
- Table 5 web configurator screen sub links details continued 56
- Table 6 navigation panel links 56
- The following table describes the links in the navigation panel 56
- Chapter 4 the web configurator 57
- Es 3148 user s guide 57
- Table 6 navigation panel links continued 57
- Change your password 58
- Chapter 4 the web configurator 58
- Click the save link in the upper right hand corner of the web configurator to save your configuration to nonvolatile memory nonvolatile memory refers to the switch s storage that remains even if the switch s power is turned off 58
- Es 3148 user s guide 58
- Figure 17 change administrator login password 58
- Logins to display the next screen 58
- Saving your configuration 58
- Table 6 navigation panel links continued 58
- When you are done modifying the settings in a screen click apply to save your changes back to the run time memory settings in the run time memory are lost when the switch s power is turned off 58
- Be careful not to lock yourself and others out of the switch if you do lock yourself out try using out of band management via the management port to configure the switch 59
- Reload the configuration file 59
- Resetting the switch 59
- Switch lockout 59
- Use the save link when you are done with a configuration session 59
- Logging out of the web configurator 60
- Creating a vlan 63
- Hapter 63
- Initial setup example 63
- Overview 63
- Example 64
- Setting port vid 64
- Configuring switch management ip address 65
- Example 65
- Example 66
- Hapter 67
- Overview 67
- Port status summary 67
- System status and port statistics 67
- Chapter 6 system status and port statistics 68
- Click a number in the port column in the status screen to display individual port statistics use this screen to check status and detailed performance data about an individual port on the switch 68
- Es 3148 user s guide 68
- Status port details 68
- Table 7 status continued 68
- Chapter 6 system status and port statistics 69
- Es 3148 user s guide 69
- Figure 24 status port details 69
- Port details 69
- The following table describes the labels in this screen 69
- Chapter 6 system status and port statistics 70
- Es 3148 user s guide 70
- Port details continued 70
- Chapter 6 system status and port statistics 71
- Es 3148 user s guide 71
- Port details continued 71
- Basic setting 73
- Hapter 73
- Overview 73
- System information 73
- Chapter 7 basic setting 74
- Es 3148 user s guide 74
- System info 74
- The following table describes the labels in this screen 74
- Chapter 7 basic setting 75
- Es 3148 user s guide 75
- General setup 75
- System info continued 75
- Use this screen to configure general settings such as the system name and time click basic setting and general setup in the navigation panel to display the screen as shown 75
- Chapter 7 basic setting 76
- Es 3148 user s guide 76
- General setup 76
- The following table describes the labels in this screen 76
- A vlan virtual local area network allows a physical network to be partitioned into multiple logical networks devices on a logical network belong to one group a device can belong to more than one group with vlan a device cannot directly talk to or hear from devices that are not in the same group s the traffic must first go through a router 77
- Click basic setting and then switch setup in the navigation panel to display the screen as shown the vlan setup screens change depending on whether you choose 802 q or port based in the vlan type field in this screen refer to the chapter on vlan 77
- In mtu multi tenant unit applications vlan is vital in providing isolation and security among the subscribers when properly configured vlan prevents one subscriber from accessing the network resources of another on the same lan thus a user will not see the printers and hard disks of another user in the same building 77
- Introduction to vlans 77
- See chapter 8 on page 85 for information on port based and 802 q tagged vlans 77
- Switch setup screen 77
- Vlan also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain in traditional switched environments all broadcast packets go to each and every individual port with vlan all broadcasts are confined to a specific broadcast domain 77
- Vlan is unidirectional it only governs outgoing traffic 77
- Chapter 7 basic setting 78
- Es 3148 user s guide 78
- Switch setup 78
- The following table describes the labels in this screen 78
- Ip interfaces 79
- Ip setup 79
- You must configure the vlan first 79
- Chapter 7 basic setting 80
- Es 3148 user s guide 80
- Ip setup 80
- The following table describes the labels in this screen 80
- Chapter 7 basic setting 81
- Es 3148 user s guide 81
- Ip setup continued 81
- Chapter 7 basic setting 82
- Es 3148 user s guide 82
- Ip setup continued 82
- Note changes in this row are copied to all the ports as soon as you make them 82
- Note due to space limitation the port name may be truncated in some web configurator screens 82
- Port setup 82
- Port setup in the navigation panel to display the configuration screen 82
- The following table describes the labels in this screen 82
- Chapter 7 basic setting 83
- Es 3148 user s guide 83
- Port setup continued 83
- Forwarding tagged and untagged frames 85
- Hapter 85
- Introduction to ieee 802 q tagged vlans 85
- Automatic vlan registration 86
- Chapter 8 vlan 86
- Es 3148 user s guide 86
- Garp and gvrp are the protocols used to automatically register vlan membership across switches 86
- Garp generic attribute registration protocol allows network switches to register and de register attribute values with other garp participants within a bridged lan garp is a protocol that provides a generic mechanism for protocols that serve a more specific application for example gvrp 86
- Garp timers 86
- Gvrp garp vlan registration protocol is a registration protocol that defines a way for switches to register necessary vlan members on ports across the network enable this function to permit vlan groups beyond the local switch 86
- Please refer to the following table for common ieee 802 q vlan terminology 86
- Switches join vlans by making a declaration a declaration is made by issuing a join message using garp declarations are withdrawn by issuing a leave message a leave all message terminates all registrations garp timers set declaration timeout values 86
- Table 14 ieee 802 q vlan terminology 86
- Port vlan trunking 87
- Select the vlan type 87
- Static vlan 87
- Chapter 8 vlan 88
- Es 3148 user s guide 88
- Static vlan details 88
- Static vlan status 88
- The following table describes the labels in this screen 88
- Use this screen to view detailed port settings and status of the vlan group see section 8 on page 85 for more information on static vlan click on an index number in the vlan status screen to display vlan details 88
- Vlan detail 88
- Vlan from the navigation panel to display the vlan status screen as shown next 88
- Vlan vlan status 88
- Chapter 8 vlan 89
- Configure a static vlan 89
- Es 3148 user s guide 89
- Static vlan 89
- The following table describes the labels in this screen 89
- Use this screen to configure and view 802 q vlan parameters for the switch see section 8 on page 85 for more information on static vlan to configure a static vlan click static vlan in the vlan status screen to display the screen as shown next 89
- Vlan detail 89
- Chapter 8 vlan 90
- Configure vlan port settings 90
- Es 3148 user s guide 90
- Note changes in this row are copied to all the ports as soon as you make them 90
- Static vlan 90
- The following table describes the related labels in this screen 90
- Use the vlan port setting screen to configure the static vlan ieee 802 q settings on a port see section 8 on page 85 for more information on static vlan click the vlan port setting link in the vlan status screen 90
- Chapter 8 vlan 91
- Es 3148 user s guide 91
- Note changes in this row are copied to all the ports as soon as you make them 91
- The following table describes the labels in this screen 91
- Vlan port setting 91
- Chapter 8 vlan 92
- Es 3148 user s guide 92
- Figure 36 subnet based vlan application example 92
- For example an isp internet services provider may divide different types of services it provides to customers into different ip subnets traffic for voice services is designated for ip subnet 172 6 24 video for 192 68 24 and data for 10 24 the switch can then be configured to group incoming traffic based on the source ip subnet of incoming frames 92
- Internet 92
- Subnet based vlans 92
- Subnet based vlans allow you to group traffic into logical vlans based on the source ip subnet you specify when a frame is received on a port the switch checks if a tag is added already and the ip subnet it came from the untagged packets from the same ip subnet are then placed in the same subnet based vlan one advantage of using subnet based vlans is that priority can be assigned to traffic from the same ip subnet 92
- Vlan port setting continued 92
- You configure a subnet based vlan with priority 6 and vid of 100 for traffic received from ip subnet 172 6 24 voice services you also have a subnet based vlan with priority 5 and vid of 200 for traffic received from ip subnet 192 68 24 video services lastly you configure vlan with priority 3 and vid of 300 for traffic received from ip subnet 10 24 data services all untagged incoming frames will be classified based on their source ip subnet and prioritized accordingly that is video services receive the highest priority and data the lowest 92
- Click subnet based vlan in the vlan port setting screen to display the configuration screen as shown 93
- Configuring subnet based vlan 93
- Subnet based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 93
- The following table describes the labels in this screen 93
- Protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 94
- Protocol based vlans 94
- Protocol based vlans allow you to group traffic into logical vlans based on the protocol you specify when an upstream frame is received on a port configured for a protocol based vlan the switch checks if a tag is added already and its protocol the untagged packets of the same protocol are then placed in the same protocol based vlan one advantage of using protocol based vlans is that priority can be assigned to traffic of the same protocol 94
- Configuring protocol based vlan 95
- Protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 95
- Chapter 8 vlan 96
- Es 3148 user s guide 96
- Note protocols in the hexadecimal number range of 0x0000 to 0x05ff are not allowed to be used for protocol based vlans 96
- Protocol based vlan 96
- Protocol based vlan setup 96
- The following table describes the labels in this screen 96
- Create an ip based vlan example 97
- Example 97
- Configure a port based vlan 98
- In screens such as ip setup and filtering that require a vid you must enter 1 as the vid 98
- Port based vlan setup 98
- When you activate port based vlan the switch uses a default vlan id of 1 you cannot change it 98
- Chapter 8 vlan 101
- Es 3148 user s guide 101
- The following table describes the labels in this screen 101
- Vlan port based vlan setup 101
- Configuring static mac forwarding 103
- Hapter 103
- Overview 103
- Static mac forward setup 103
- Chapter 9 static mac forward setup 104
- Es 3148 user s guide 104
- Note static mac addresses do not age out 104
- Static mac forwarding 104
- The following table describes the labels in this screen 104
- Configure a filtering rule 105
- Filtering 105
- Hapter 105
- Chapter 10 filtering 106
- Es 3148 user s guide 106
- Filtering continued 106
- Hapter 107
- Spanning tree protocol 107
- Stp rstp overview 107
- Stp terminology 107
- After a bridge determines the lowest cost spanning tree with stp it enables the root port and the ports that are the designated ports for connected lans and disables all other ports that participate in stp network packets are therefore only forwarded between enabled ports eliminating any possible network loops 108
- Chapter 11 spanning tree protocol 108
- Es 3148 user s guide 108
- For each lan segment a designated bridge is selected this bridge has the lowest cost to the root among the bridges connected to the lan 108
- How stp works 108
- On each bridge the root port is the port through which this bridge communicates with the root it is the port on this switch with the lowest path cost to the root the root path cost if there is no root port then this switch has been accepted as the root bridge of the spanning tree network 108
- Once a stable network topology has been established all bridges listen for hello bpdus bridge protocol data units transmitted from the root bridge if a bridge does not get a hello bpdu after a predefined interval max age the bridge assumes that the link to the root bridge is down this bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology 108
- Path cost is the cost of transmitting a frame onto a lan through that port the recommended cost is assigned according to the speed of the link to which a port is attached the slower the media the higher the cost 108
- Stp aware switches exchange bridge protocol data units bpdus periodically when the bridged lan topology changes a new spanning tree is constructed 108
- Table 24 stp path costs 108
- Each port can belong to one stp tree only 109
- Multiple rstp 109
- Stp port states 109
- Multiple stp 110
- Vlan 1 vlan 2 110
- Vlan 1 vlan 2 111
- Spanning tree protocol status screen 112
- Chapter 11 spanning tree protocol 113
- Configuration 113
- Es 3148 user s guide 113
- Spanning tree configuration 113
- Spanning tree protocol 113
- The following table describes the labels in this screen 113
- This screen differs depending on which stp mode rstp mrstp or mstp you configure on the switch this screen is described in detail in the section that follows the configuration section for each stp mode click configuration to activate one of the stp standards on the switch 113
- Chapter 11 spanning tree protocol 114
- Configuration screen to enable rstp on the switch 114
- Configure rapid spanning tree protocol 114
- Es 3148 user s guide 114
- Spanning tree protocol screen 114
- The following table describes the labels in this screen 114
- 2 hello time 1 115
- Chapter 11 spanning tree protocol 115
- Es 3148 user s guide 115
- Note changes in this row are copied to all the ports as soon as you make them 115
- Rapid spanning tree protocol status 115
- Rstp continued 115
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 11 on page 107 for more information on rstp 115
- Note the listening state does not exist in rstp 116
- The following table describes the labels in this screen 116
- This screen is only available after you activate rstp on the switch 116
- Chapter 11 spanning tree protocol 117
- Configuration screen to enable mrstp on the switch 117
- Configure multiple rapid spanning tree protocol 117
- Es 3148 user s guide 117
- Spanning tree protocol screen see section 11 on page 107 for more information on mrstp 117
- The following table describes the labels in this screen 117
- 2 hello time 1 118
- Chapter 11 spanning tree protocol 118
- Es 3148 user s guide 118
- Mrstp continued 118
- Multiple rapid spanning tree protocol status 118
- Note changes in this row are copied to all the ports as soon as you make them 118
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 11 on page 107 for more information on mrstp 118
- Note the listening state does not exist in rstp 119
- The following table describes the labels in this screen 119
- This screen is only available after you activate mrstp on the switch 119
- Configure multiple spanning tree protocol 120
- 2 hello time 1 121
- Chapter 11 spanning tree protocol 121
- Configuration screen to enable mstp on the switch 121
- Es 3148 user s guide 121
- The following table describes the labels in this screen 121
- Chapter 11 spanning tree protocol 122
- Es 3148 user s guide 122
- Mstp continued 122
- Multiple spanning tree protocol status 122
- Note changes in this row are copied to all the ports as soon as you make them 122
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 11 on page 110 for more information on mstp 122
- The following table describes the labels in this screen 123
- This screen is only available after you activate mstp on the switch 123
- Chapter 11 spanning tree protocol 124
- Es 3148 user s guide 124
- Status mstp continued 124
- Bandwidth control 125
- Bandwidth control overview 125
- Bandwidth control setup 125
- Cir and pir 125
- Hapter 125
- Bandwidth control 126
- Chapter 12 bandwidth control 126
- Es 3148 user s guide 126
- Note changes in this row are copied to all the ports as soon as you make them 126
- The following table describes the related labels in this screen 126
- Broadcast storm control 127
- Broadcast storm control setup 127
- Hapter 127
- Broadcast storm control 128
- Chapter 13 broadcast storm control 128
- Es 3148 user s guide 128
- Note changes in this row are copied to all the ports as soon as you make them 128
- The following table describes the labels in this screen 128
- Hapter 129
- Mirroring 129
- Port mirroring setup 129
- Chapter 14 mirroring 130
- Es 3148 user s guide 130
- Mirroring 130
- Note changes in this row are copied to all the ports as soon as you make them 130
- The following table describes the labels in this screen 130
- Dynamic link aggregation 131
- Hapter 131
- Link aggregation 131
- Link aggregation overview 131
- Chapter 15 link aggregation 132
- Configure trunk groups or lacp before you connect the ethernet switch to avoid causing network topology loops 132
- Es 3148 user s guide 132
- Lacp aggregation id consists of the following informatio 132
- Lacp only works on full duplex links all ports in the same trunk group must have the same media type speed duplex mode and flow control settings 132
- Link aggregation id 132
- Link aggregation in the navigation panel the link aggregation status screen displays by default see section 15 on page 131 for more information 132
- Link aggregation status 132
- Table 36 link aggregation id local switch 132
- Table 37 link aggregation id peer switch 132
- The following table describes the labels in this screen 132
- Chapter 15 link aggregation 133
- Es 3148 user s guide 133
- Link aggregation setting 133
- Link aggregation setting to display the screen shown next see section 15 on page 131 for more information on link aggregation 133
- Link aggregation status continued 133
- Chapter 15 link aggregation 134
- Es 3148 user s guide 134
- Lacp to display the screen shown next see section 15 on page 131 for more information on dynamic link aggregation 134
- Link aggregation control protocol 134
- Link aggregation setting 134
- The following table describes the labels in this screen 134
- Chapter 15 link aggregation 135
- Es 3148 user s guide 135
- Note do not configure this screen unless you want to enable dynamic link aggregation 135
- The following table describes the labels in this screen 135
- Static trunking example 136
- Example 137
- Your trunk group 1 t1 configuration is now complete you do not need to go to any additional screens 137
- Hapter 139
- Ieee 802 x authentication 139
- Port authentication 139
- Port authentication overview 139
- Mac authentication 140
- Activate ieee 802 x security 141
- Port authentication configuration 141
- Activate mac authentication 142
- Chapter 16 port authentication 142
- Es 3148 user s guide 142
- Note changes in this row are copied to all the ports as soon as you make them 142
- Note you must first enable 802 x authentication on the switch before configuring it on each port 142
- The following table describes the labels in this screen 142
- Use this screen to activate mac authentication in the port authentication screen click mac authentication to display the configuration screen as shown 142
- Chapter 16 port authentication 143
- Es 3148 user s guide 143
- Mac authentication 143
- Note if the aging time in the switch setup screen is set to a lower value then it supersedes this setting see section 7 on page 81 143
- Note you must first enable mac authentication on the switch before configuring it on each port 143
- The following table describes the labels in this screen 143
- Chapter 16 port authentication 144
- Es 3148 user s guide 144
- Mac authentication continued 144
- Note changes in this row are copied to all the ports as soon as you make them 144
- About port security 145
- Hapter 145
- Port security 145
- Port security setup 145
- Chapter 17 port security 146
- Es 3148 user s guide 146
- Note changes in this row are copied to all the ports as soon as you make them 146
- Port security 146
- The following table describes the labels in this screen 146
- Chapter 17 port security 147
- Es 3148 user s guide 147
- Port security continued 147
- About the classifier and qos 149
- Classifier 149
- Configuring the classifier 149
- Hapter 149
- Chapter 18 classifier 150
- Classifier 150
- Es 3148 user s guide 150
- The following table describes the labels in this screen 150
- Chapter 18 classifier 151
- Classifier continued 151
- Es 3148 user s guide 151
- Note you must select either udp or tcp in the ip protocol field before you configure the socket numbers 151
- The following table describes the labels in this screen 152
- The following table shows some other common ethernet types and the corresponding protocol number 152
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the classifier screen to change the settings of a rule click a number in the index field 152
- Viewing and editing classifier configuration 152
- When two rules conflict with each other a higher layer rule has priority over lower layer rule 152
- After you have configured a classifier you can configure a policy in the policy screen to define action s on the classified traffic flow 153
- Chapter 18 classifier 153
- Classifier example 153
- Es 3148 user s guide 153
- In the internet protocol there is a field called protocol to identify the ip protocol type the following table shows some common protocol types and the corresponding protocol number refer to http www iana org assignments protocol numbers for a complete list 153
- Some of the most common ip ports are 153
- Table 46 common ethernet types and protocol number continued 153
- Table 47 common ip protocol types and protocol numbers 153
- Table 48 common tcp and udp port numbers 153
- The following screen shows an example where you configure a classifier that identifies all traffic from mac address 00 50 ba ad 4f 81 on port 2 153
- Example 154
- Diffserv 155
- Dscp and per hop behavior 155
- Hapter 155
- Policy rule 155
- Policy rules overview 155
- Configuring policy rules 156
- Chapter 19 policy rule 157
- Es 3148 user s guide 157
- Policy rule 157
- The following table describes the labels in this screen 157
- Chapter 19 policy rule 158
- Es 3148 user s guide 158
- Policy rule continued 158
- Policy rule summary table 158
- Table 50 policy summary table 158
- The following table describes the labels in this screen 158
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the policy screen to change the settings of a rule click a number in the index field 158
- Viewing and editing policy configuration 158
- Example 159
- Policy example 159
- Hapter 161
- Queuing method 161
- Queuing method overview 161
- Strictly priority 161
- Weighted fair queuing 161
- Configuring queuing 162
- Weighted round robin scheduling wrr 162
- Chapter 20 queuing method 163
- Es 3148 user s guide 163
- Note changes in this row are copied to all the ports as soon as you make them 163
- Queuing method 163
- The following table describes the labels in this screen 163
- Hapter 165
- Vlan stacking 165
- Vlan stacking example 165
- Vlan stacking overview 165
- Static vlan tx tagging must be disabled on a port where you choose normal or access port 166
- Static vlan tx tagging must be enabled on a port where you choose tunnel port 166
- Vlan stacking port roles 166
- Frame format 167
- Vlan tag format 167
- Chapter 21 vlan stacking 168
- Configuring vlan stacking 168
- Es 3148 user s guide 168
- Note changes in this row are copied to all the ports as soon as you make them 168
- Table 54 802 q frame 168
- The following table describes the labels in this screen 168
- Vlan stacking 168
- Vlan stacking to display the screen as shown 168
- Chapter 21 vlan stacking 169
- Es 3148 user s guide 169
- Vlan stacking continued 169
- Hapter 171
- Igmp filtering 171
- Igmp snooping 171
- Ip multicast addresses 171
- Multicast 171
- Multicast overview 171
- Igmp snooping and vlans 172
- Multicast setting 172
- Multicast status 172
- Chapter 22 multicast 173
- Es 3148 user s guide 173
- Multicast setting 173
- Note if you enable igmp filtering you must create and assign igmp filtering profiles for the ports that you want to allow to join multicast groups 173
- The following table describes the labels in this screen 173
- Chapter 22 multicast 174
- Es 3148 user s guide 174
- Igmp snooping vlan 174
- Multicast in the navigation panel click the multicast setting link and then the igmp snooping vlan link to display the screen as shown see section 22 on page 172 for more information on igmp snooping vlan 174
- Multicast setting continued 174
- Note changes in this row are copied to all the ports as soon as you make them 174
- Chapter 22 multicast 175
- Es 3148 user s guide 175
- Igmp snooping vlan 175
- Note you cannot configure the same vlan id as in the mvr screen 175
- Note you must also enable igmp snooping in the multicast setting screen first 175
- The following table describes the labels in this screen 175
- An igmp filtering profile specifies a range of multicast groups that clients connected to the switch are able to join a profile contains a range of multicast ip addresses which you want clients to be able to join profiles are assigned to ports in the multicast setting screen clients connected to those ports are then able to join the multicast groups specified in the profile each port can be assigned a single profile a profile can be assigned to multiple ports 176
- Chapter 22 multicast 176
- Es 3148 user s guide 176
- Igmp filtering profile 176
- Igmp filtering profile link to display the screen as shown 176
- Igmp snooping vlan 176
- The following table describes the labels in this screen 176
- Chapter 22 multicast 177
- Es 3148 user s guide 177
- Figure 85 mvr network example 177
- Igmp filtering profile 177
- In mvr a source port is a port on the switch that can send and receive multicast traffic in a multicast vlan while a receiver port can only receive multicast traffic once configured the switch maintains a forwarding table that matches the multicast stream to the associated multicast group 177
- Multicast vlan registration mvr is designed for applications such as media on demand mod that use multicast traffic across an ethernet ring based service provider network 177
- Mvr allows one single multicast vlan to be shared among different subscriber vlans on the network while isolated in different subscriber vlans connected devices can subscribe to and unsubscribe from the multicast stream in the multicast vlan this improves bandwidth utilization with reduced multicast traffic in the subscriber vlans and simplifies multicast group management 177
- Mvr only responds to igmp join and leave control messages from multicast groups that are configured under mvr join and leave reports from other multicast groups are managed by igmp snooping 177
- Mvr overview 177
- The following figure shows a network example the subscriber vlan 1 2 and 3 information is hidden from the streaming media server s in addition the multicast vlan information is only visible to the switch and s 177
- Types of mvr ports 177
- General mvr configuration 178
- How mvr works 178
- Mvr modes 178
- You can create up to three multicast vlans and up to 256 multicast rules on the switch 178
- The following table describes the related labels in this screen 179
- Your switch automatically creates a static vlan with the same vid when you create a multicast vlan in this screen 179
- A port can belong to more than one multicast vlan however ip multicast group addresses in different multicast vlans cannot overlap 180
- All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group 180
- Configure mvr ip multicast group address es in the group configuration screen click group configuration in the mvr screen 180
- Mvr group configuration 180
- Note changes in this row are copied to all the ports as soon as you make them 180
- Chapter 22 multicast 181
- Es 3148 user s guide 181
- Mvr configuration example 181
- Mvr group configuration 181
- The following figure shows a network example where ports 1 2 and 3 on the switch belong to vlan 1 in addition port 7 belongs to the multicast group with vid 200 to receive multicast traffic the news and movie channels from the remote streaming media server s computers a b and c in vlan 1 are able to receive the traffic 181
- The following table describes the labels in this screen 181
- Example 182
- Example 183
- Authentication accounting 185
- Authentication authorization and accounting 185
- Hapter 185
- Local user accounts 185
- Authentication and accounting screens 186
- Radius and tacacs 186
- Radius server setup 186
- Chapter 23 authentication accounting 187
- Es 3148 user s guide 187
- Radius server setup 187
- The following table describes the labels in this screen 187
- Chapter 23 authentication accounting 188
- Es 3148 user s guide 188
- Radius server setup continued 188
- Tacacs server setup 188
- Use this screen to configure your tacacs server settings see section 23 on page 186 for more information on tacacs servers click on the tacacs server setup link in the authentication and accounting screen to view the screen as shown 188
- Chapter 23 authentication accounting 189
- Es 3148 user s guide 189
- Tacacs server setup 189
- The following table describes the labels in this screen 189
- Authentication and accounting setup 190
- Chapter 23 authentication accounting 190
- Es 3148 user s guide 190
- Tacacs server setup continued 190
- Use this screen to configure authentication and accounting settings on the switch click on the auth and acct setup link in the authentication and accounting screen to view the screen as shown 190
- Auth and acct setup 191
- Chapter 23 authentication accounting 191
- Es 3148 user s guide 191
- The following table describes the labels in this screen 191
- Auth and acct setup continued 192
- Chapter 23 authentication accounting 192
- Es 3148 user s guide 192
- Refer to the documentation that comes with your radius server on how to configure vsas for users authenticating via the radius server 193
- Vendor specific attribute 193
- Chapter 23 authentication accounting 194
- Es 3148 user s guide 194
- Note if you set the privilege level of a login account differently on the radius server s and the switch the user is assigned a privilege level from the database radius or local the switch uses first for user authentication 194
- Note you must also create a vlan with the specified vid on the switch 194
- Refer to rfc 2865 for more information about radius attributes used for authentication refer to rfc 2866 and rfc 2869 for radius attributes used for accounting 194
- Remote authentication dial in user service radius attributes are data used to define specific authentication and accounting elements in a user profile which is stored on the radius server this appendix lists the radius attributes supported by the switch 194
- Supported radius attributes 194
- Table 66 supported vsas 194
- Table 67 supported tunnel protocol attribute 194
- This appendix lists the attributes used by authentication and accounting functions on the switch in cases where the attribute has a specific format associated with it the format is specified 194
- Tunnel protocol attribute 194
- You can configure tunnel protocol attributes on the radius server refer to your radius server documentation to assign a port on the switch to a vlan based on ieee 802 x authentication the port vlan settings are fixed and untagged this will also set the port s vid the following table describes the values you need to configure note that the bolded values in the table are fixed values as defined in rfc 3580 194
- Attributes used for accounting 195
- Attributes used for authentication 195
- Attributes used for accounting exec events 196
- Attributes used for accounting ieee 802 x events 196
- Chapter 23 authentication accounting 196
- Es 3148 user s guide 196
- Table 68 radius attributes exec events via console 196
- Table 69 radius attributes exec events via telnet ssh 196
- Table 70 radius attributes exec events via console 196
- The attributes are listed in the following table along with the time of the session they are sent 196
- The attributes are listed in the following table along with the time that they are sent the difference between console and telnet ssh exec events is that the telnet ssh events utilize the calling station id attribute 196
- Chapter 23 authentication accounting 197
- Es 3148 user s guide 197
- Table 70 radius attributes exec events via console 197
- Dhcp snooping overview 199
- Hapter 199
- Ip source guard 199
- Ip source guard overview 199
- The switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 200
- Arp inspection overview 201
- It is recommended you enable dhcp snooping at least one day before you enable arp inspection so that the switch has enough time to build the binding table 202
- Chapter 24 ip source guard 203
- Es 3148 user s guide 203
- Ip source guard 203
- Ip source guard static binding 203
- Static binding 203
- The following table describes the labels in this screen 203
- Chapter 24 ip source guard 204
- Es 3148 user s guide 204
- Static binding 204
- The following table describes the labels in this screen 204
- Dhcp snooping 205
- Chapter 24 ip source guard 206
- Dhcp snooping 206
- Es 3148 user s guide 206
- The following table describes the labels in this screen 206
- Chapter 24 ip source guard 207
- Dhcp snooping continued 207
- Es 3148 user s guide 207
- Chapter 24 ip source guard 208
- Configure 208
- Dhcp snooping configure 208
- Es 3148 user s guide 208
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 208
- Note you have to enable dhcp snooping on the dhcp vlan too 208
- The following table describes the labels in this screen 208
- Dhcp snooping port configure 209
- The switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 209
- Chapter 24 ip source guard 210
- Es 3148 user s guide 210
- The following table describes the labels in this screen 210
- Chapter 24 ip source guard 211
- Dhcp snooping vlan configure 211
- Es 3148 user s guide 211
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 211
- The following table describes the labels in this screen 211
- Arp inspection 212
- Arp inspection status 212
- Arp inspection vlan status 212
- Chapter 24 ip source guard 212
- Es 3148 user s guide 212
- The following table describes the labels in this screen 212
- Vlan status 212
- Arp inspection log status 213
- Chapter 24 ip source guard 213
- Es 3148 user s guide 213
- Log status 213
- The following table describes the labels in this screen 213
- Vlan status 213
- Chapter 24 ip source guard 214
- Es 3148 user s guide 214
- Log status 214
- The following table describes the labels in this screen 214
- Arp inspection configure 215
- Chapter 24 ip source guard 215
- Configure 215
- Es 3148 user s guide 215
- The following table describes the labels in this screen 215
- Arp inspection port configure 216
- Chapter 24 ip source guard 216
- Configure continued 216
- Es 3148 user s guide 216
- Arp inspection vlan configure 217
- Chapter 24 ip source guard 217
- Es 3148 user s guide 217
- The following table describes the labels in this screen 217
- Chapter 24 ip source guard 218
- Es 3148 user s guide 218
- The following table describes the labels in this screen 218
- Hapter 219
- Loop guard 219
- Loop guard overview 219
- After resolving the loop problem on your network you can re activate the disabled port via the web configurator see section 7 on page 82 or via commands see the cli reference guid 221
- Loop guard in the navigation panel to display the screen as shown 221
- Loop guard setup 221
- Note changes in this row are copied to all the ports as soon as you make them 221
- The following table describes the labels in this screen 221
- The loop guard feature can not be enabled on the ports that have spanning tree protocol rstp mrstp or mstp enabled 221
- Chapter 25 loop guard 222
- Es 3148 user s guide 222
- Loop guard continued 222
- Configuring static routing 223
- Hapter 223
- Static routing 223
- Chapter 26 static routing 224
- Es 3148 user s guide 224
- Static routing continued 224
- Differentiated services 225
- Diffserv overview 225
- Dscp and per hop behavior 225
- Hapter 225
- Diffserv network example 226
- Two rate three color marker traffic policing 226
- All packets are evaluated against the pir if a packet exceeds the pir it is marked red otherwise it is evaluated against the cir if it exceeds the cir then it is marked yellow finally if it is below the cir then it is marked green 227
- Green low loss priority level packets are forwarded 227
- In color aware mode the evaluation of the packets uses the existing packet loss priority trtcm can increase a packet loss priority of a packet but it cannot decrease it packets that have been previously marked red or yellow can only be marked with an equal or higher packet loss priority 227
- Packets marked red high packet loss priority continue to be red without evaluation against the pir or cir packets marked yellow can only be marked red or remain yellow so they are only evaluated against the pir only the packets marked green are first evaluated against the pir and then if they don t exceed the pir level are they evaluated against the cir 227
- Trtcm color aware mode 227
- Trtcm color blind mode 227
- Trtcm operates in one of two modes color blind or color aware in color blind mode packets are marked based on evaluating against the pir and cir regardless of if they have previously been marked or not in the color aware mode packets are marked based on both existing color and evaluation against the pir and cir if the packets do not match any of colors then the packets proceed unchanged 227
- Activate diffserv to apply marking rules or ieee 802 p priority mapping on the selected port s 228
- Activating diffserv 228
- Chapter 27 differentiated services 228
- Configuring 2 rate 3 color marker settings 228
- Diffserv 228
- Diffserv in the navigation panel to display the screen as shown 228
- Es 3148 user s guide 228
- Note changes in this row are copied to all the ports as soon as you make them 228
- The following table describes the labels in this screen 228
- Use this screen to configure trtcm settings click the 2 rate 3 color marker link in the diffserv screen to display the screen as shown next 228
- Note changes in this row are copied to all the ports as soon as you make them 229
- Note you must also activate diffserv on the switch and the individual ports for the switch to drop red high loss priority colored packets 229
- The following table describes the labels in this screen 229
- You cannot enable both trtcm and bandwidth control at the same time 229
- Chapter 27 differentiated services 230
- Configuring dscp settings 230
- Dscp setting 230
- Dscp to ieee 802 p priority settings 230
- Es 3148 user s guide 230
- Rate 3 color marker continued 230
- Table 87 default dscp ieee 802 p mapping 230
- The following table shows the default dscp to ieee802 p mapping 230
- To change the dscp ieee 802 p mapping click the dscp setting link in the diffserv screen to display the screen as shown next 230
- You can configure the dscp to ieee 802 p mapping to allow the switch to prioritize all traffic based on the incoming dscp value according to the diffserv to ieee 802 p mapping table 230
- Chapter 27 differentiated services 231
- Dscp setting 231
- Es 3148 user s guide 231
- The following table describes the labels in this screen 231
- Dhcp configuration options 233
- Dhcp modes 233
- Dhcp overview 233
- Dhcp status 233
- Hapter 233
- Dhcp relay 234
- Dhcp relay agent information 234
- Chapter 28 dhcp 235
- Configuring dhcp global relay 235
- Dhcp in the navigation panel and click the global link to display the screen as shown 235
- Es 3148 user s guide 235
- Global 235
- Table 90 relay agent information 235
- The following describes the dhcp relay information that the switch sends to the dhcp server 235
- The following table describes the labels in this screen 235
- Configuring dhcp vlan settings 236
- Example 236
- Global dhcp relay configuration example 236
- The following table describes the labels in this screen 237
- You must set up a management ip address for each vlan that you want to configure dhcp settings for on the switch see section 7 on page 79 for information on how to do this 237
- Example 238
- Example dhcp relay for two vlans 238
- For the example network configure the vlan setting screen as shown 238
- The following example displays two vlans vids 1 and 2 for a campus network two dhcp servers are installed to serve each vlan the system is set up to forward dhcp requests from the dormitory rooms vlan 1 to the dhcp server with an ip address of 192 68 00 requests from the academic buildings vlan 2 are sent to the other dhcp server with an ip address of 172 3 0 00 238
- Hapter 239
- Maintenance 239
- The maintenance screen 239
- Clicking the apply or add button does not save the changes permanently all unsaved changes are erased after you reboot the switch 240
- Load factory default 240
- Save configuration 240
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 241
- Firmware upgrade 241
- Reboot system 241
- Backup a configuration file 242
- Restore a configuration file 242
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 243
- Filename conventions 243
- Ftp command line 243
- Ftp command line procedure 243
- Ftp restrictions 244
- Gui based ftp clients 244
- Access control 245
- Access control overview 245
- Hapter 245
- The access control main screen 245
- About snmp 246
- An oid object id that begins with 1 90 is defined in private mibs otherwise it is a standard mib oid 247
- Chapter 30 access control 247
- Es 3148 user s guide 247
- Mibs let administrators collect statistics and monitor status and performance 247
- Security can be further enhanced by encrypting the snmp messages sent from the managers encryption protects the contents of the snmp messages when the contents of the snmp messages are encrypted only the intended recipients can read them 247
- Snmp mib ii rfc 1213 rfc 1157 snmp v1 rfc 1493 bridge mibs rfc 1643 ethernet mibs rfc 1155 smi rfc 2674 snmpv2 snmpv2c rfc 1757 rmon snmpv2 snmpv2c or later version compliant with rfc 2011 snmpv2 mib for ip rfc 2012 snmpv2 mib for tcp rfc 2013 snmpv2 mib for udp 247
- Snmp traps 247
- Snmp v3 and security 247
- Snmp v3 enhances security for snmp management snmp managers can be required to authenticate with agents before conducting snmp management sessions 247
- Supported mibs 247
- Table 98 snmp system traps 247
- The switch sends traps to an snmp manager when an event occurs the following tables outline the snmp traps by category 247
- The switch supports the following mibs 247
- Chapter 30 access control 248
- Es 3148 user s guide 248
- Table 98 snmp system traps continued 248
- Table 99 snmp interface traps 248
- Chapter 30 access control 249
- Es 3148 user s guide 249
- Table 100 aaa traps 249
- Table 101 snmp ip traps 249
- Chapter 30 access control 250
- Configuring snmp 250
- Es 3148 user s guide 250
- From the access control screen display the snmp screen you can click access control to go back to the access control screen 250
- Table 102 snmp switch traps 250
- Chapter 30 access control 251
- Es 3148 user s guide 251
- Note snmp version 2c is backwards compatible with snmp version 1 251
- The following table describes the labels in this screen 251
- Chapter 30 access control 252
- Configuring snmp trap group 252
- Es 3148 user s guide 252
- From the snmp screen click trap group to view the screen as shown use the trap group screen to specify the types of snmp traps that should be sent to each snmp manager 252
- Logins screen 252
- Note the settings on the snmp manager must be set at the same security level or higher than the security level settings on the switch 252
- Note use the username and password of the login accounts you specify in this section to create accounts on the snmp v3 manager 252
- Snmp continued 252
- It is highly recommended that you change the default administrator password 1234 253
- Setting up login accounts 253
- A non administrator username is something other than admin is someone who can view but not configure switch settings 254
- Chapter 30 access control 254
- Es 3148 user s guide 254
- Logins 254
- Logins to view the screen as shown 254
- The following table describes the labels in this screen 254
- How ssh works 255
- Ssh overview 255
- Introduction to https 256
- Requirements for using ssh 256
- Ssh implementation on the switch 256
- Example 257
- Https example 257
- Internet explorer warning messages 257
- Example 258
- Netscape navigator warning messages 258
- The main screen 258
- Example 259
- Service port access control 259
- Chapter 30 access control 260
- Es 3148 user s guide 260
- From the access control screen display the remote management screen as shown next 260
- Remote management 260
- Service access control 260
- The following table describes the fields in this screen 260
- The following table describes the labels in this screen 260
- You can specify a group of one or more trusted computers from which an administrator may use a service to manage the switch click access control to return to the access control screen 260
- Chapter 30 access control 261
- Es 3148 user s guide 261
- Remote management continued 261
- Diagnostic 263
- Hapter 263
- Hapter 265
- Syslog 265
- Syslog overview 265
- Syslog setup 265
- Chapter 32 syslog 266
- Es 3148 user s guide 266
- Syslog 266
- Syslog server setup 266
- Syslog server setup to open the following screen use this screen to configure a list of external syslog servers 266
- The following table describes the labels in this screen 266
- Chapter 32 syslog 267
- Es 3148 user s guide 267
- Server setup 267
- The following table describes the labels in this screen 267
- Cluster management 269
- Clustering management status overview 269
- Hapter 269
- A cluster can only have one manager 270
- Cluster management in the navigation panel to display the following screen 270
- Cluster management status 270
- Cluster member switch management 271
- Example 271
- Go to the clustering management status screen of the cluster manager switch and then select an index hyperlink from the list of members to go to that cluster member switch s web configurator home page this cluster member web configurator home page and the home page that you d see if you accessed it directly are different 271
- The following table describes the labels in this screen 271
- Chapter 33 cluster management 272
- Clustering management configuration 272
- Es 3148 user s guide 272
- Figure 158 example uploading firmware to a cluster member switch 272
- Table 114 ftp upload to cluster member example 272
- The following table explains some of the ftp parameters 272
- Uploading firmware to a cluster member switch 272
- Use this screen to configure clustering management click configuration from the cluster management screen to display the next screen 272
- You can use ftp to upload firmware to a cluster member switch through the cluster manager switch as shown in the following example 272
- Chapter 33 cluster management 273
- Configuration 273
- Es 3148 user s guide 273
- The following table describes the labels in this screen 273
- Chapter 33 cluster management 274
- Configuration continued 274
- Es 3148 user s guide 274
- Hapter 275
- Mac table 275
- Mac table overview 275
- Chapter 34 mac table 276
- Es 3148 user s guide 276
- Mac table 276
- Mac table in the navigation panel to display the following screen 276
- The following table describes the labels in this screen 276
- Viewing the mac table 276
- Arp table 277
- Arp table overview 277
- Hapter 277
- How arp works 277
- Viewing the arp table 277
- Arp table 278
- Chapter 35 arp table 278
- Es 3148 user s guide 278
- The following table describes the labels in this screen 278
- Configure clone 279
- Hapter 279
- Chapter 36 configure clone 280
- Configure clone 280
- Es 3148 user s guide 280
- The following table describes the labels in this screen 280
- Troubleshooting and specifications 281
- Hapter 283
- Power hardware connections and leds 283
- Troubleshooting 283
- I cannot see or access the login screen in the web configurator 284
- I forgot the ip address for the switch 284
- I forgot the user name or password 284
- Switch access and login 284
- I can see the login screen but i cannot log in to the switch 285
- I cannot telnet to the switch 285
- I cannot use ftp to upload download the configuration file i cannot use ftp to upload new firmware 285
- General switch specifications 287
- Hapter 287
- Product specifications 287
- Chapter 38 product specifications 288
- Es 3148 user s guide 288
- Table 120 feature specifications 288
- Chapter 38 product specifications 289
- Es 3148 user s guide 289
- Table 120 feature specifications continued 289
- Table 121 standards supported 289
- The following list which is not exhaustive illustrates the standards supported in the switch 289
- Chapter 38 product specifications 290
- Es 3148 user s guide 290
- Table 121 standards supported continued 290
- Cable pin assignments 291
- Chapter 38 product specifications 291
- Es 3148 user s guide 291
- Figure 164 console dial backup port pin layout 291
- In a serial communications connection generally a computer is dte data terminal equipment and a modem is dce data circuit terminating equipment the switch is dce when you connect a computer to the console port the switch is dte when you connect a modem to the dial backup port 291
- Pin 1 pin 5 291
- Pin 6 pin 9 291
- Table 122 console dial backup port pin assignments 291
- Table 123 ethernet cable pin assignments 291
- Chapter 38 product specifications 292
- Es 3148 user s guide 292
- Table 123 ethernet cable pin assignments 292
- Appendices and 293
- Appendices and index 293
- Ppendix 295
- Setting up your computer s ip address 295
- Windows 95 98 me 295
- Installing components 296
- Configuring 297
- Verifying settings 298
- Windows 2000 nt xp 298
- Verifying settings 303
- Windows vista 303
- During this procedure click continue whenever windows displays a screen saying that it needs your permission to continue 305
- Macintosh os 8 9 308
- Verifying settings 308
- Macintosh os x 310
- Verifying settings 310
- Verifying settings 311
- Make sure you are logged in as the root administrator 312
- Using the k desktop environment kde 312
- Using configuration files 313
- After you edit and save the configuration files you must restart the network card enter 314
- Appendix a setting up your computer s ip address 314
- Bootproto 314
- Directory the following figure shows an example 314
- Directory the following figure shows an example where two dns server ip addresses are specified 314
- Es 3148 user s guide 314
- Etc rc d init d 314
- Field type 314
- Figure 192 red hat 9 dynamic ip address setting in ifconfig eth0 314
- Figure 193 red hat 9 static ip address setting in ifconfig eth0 314
- Figure 194 red hat 9 dns settings in resolv conf 314
- Figure 195 red hat 9 restart ethernet card 314
- File in the 314
- Followed by the ip address in dotted decimal notation and type 314
- Followed by the subnet mask the following example shows an example where the static ip address is 192 68 0 and the subnet mask is 255 55 55 314
- If you have a static ip address enter 314
- If you know your dns server ip address es enter the dns server information in the 314
- In the 314
- Netmas 314
- Network restar 314
- Resolv con 314
- Appendix a setting up your computer s ip address 315
- Es 3148 user s guide 315
- Figure 196 red hat 9 checking tcp ip properties 315
- Ifconfi 315
- In a terminal screen to check your tcp ip properties 315
- Verifying settings 315
- Pop up windows javascripts and java permissions 317
- Ppendix 317
- Enable pop up blockers with exceptions 318
- Javascripts 320
- Java permissions 321
- Java sun 322
- Mozilla firefox 322
- Click content to show the screen below select the check boxes as shown in the following screen 323
- Introduction to ip addresses 325
- Ip addresses and subnetting 325
- Ppendix 325
- Structure 325
- A subnet mask has 32 bits if a bit in the subnet mask is a 1 then the corresponding bit in the ip address is part of the network number if a bit in the subnet mask is 0 then the corresponding bit in the ip address is part of the host id 326
- A subnet mask is used to determine which bits are part of the network number and which bits are part of the host id using a logical and operation the term subnet is short for sub network 326
- Appendix c ip addresses and subnetting 326
- By convention subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask followed by a continuous sequence of zeros for a total number of 32 bits 326
- Es 3148 user s guide 326
- Figure 207 network number and host id 326
- How much of the ip address is the network number and how much is the host id varies according to the subnet mask 326
- Subnet masks 326
- Subnet masks can be referred to by the size of the network number part the bits with a 1 value for example an 8 bit mask means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes 326
- Table 124 ip address network number and host id example 326
- The following example shows a subnet mask identifying the network number in bold text and host id of an ip address 192 68 in decimal 326
- An ip address with host ids of all zeros is the ip address of the network 192 68 with a 24 bit subnet mask for example an ip address with host ids of all ones is the broadcast address for that network 192 68 55 with a 24 bit subnet mask for example 327
- Appendix c ip addresses and subnetting 327
- As these two ip addresses cannot be used for individual hosts calculate the maximum number of possible hosts in a network as follows 327
- Es 3148 user s guide 327
- For example 192 25 is equivalent to saying 192 with subnet mask 255 55 55 28 327
- Network size 327
- Notation 327
- Since the mask is always a continuous number of ones beginning from the left followed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet this is usually specified by writing a followed by the number of bits in the mask after the address 327
- Subnet masks are expressed in dotted decimal notation just like ip addresses the following examples show the binary and decimal notation for 8 bit 16 bit 24 bit and 29 bit subnet masks 327
- Table 125 subnet masks 327
- Table 126 maximum host numbers 327
- Table 127 alternative subnet mask notation 327
- The following table shows some possible subnet masks using both notations 327
- The size of the network number determines the maximum number of possible hosts you can have on your network the larger the number of network number bits the smaller the number of remaining host id bits 327
- 2 or 254 possible hosts 328
- Appendix c ip addresses and subnetting 328
- Es 3148 user s guide 328
- Figure 208 subnetting example before subnetting 328
- In this example the company network address is 192 68 the first three octets of the address 192 68 are the network number and the remaining octet is the host id allowing a maximum of 328
- Subnetting 328
- Table 127 alternative subnet mask notation continued 328
- The borrowed host id bit can have a value of either 0 or 1 allowing two subnets 192 68 25 and 192 68 28 25 328
- The following figure shows the company network after subnetting there are now two sub networks a and b 328
- The following figure shows the company network before subnetting 328
- You can borrow one of the host id bits to divide the network 192 68 into two separate sub networks the subnet mask is now 25 bits 255 55 55 28 or 25 328
- You can use subnetting to divide one network into multiple sub networks in the following example a network administrator creates two sub networks to isolate a group of servers from the rest of the company network for security reasons 328
- Example four subnets 329
- Appendix c ip addresses and subnetting 330
- Es 3148 user s guide 330
- Example eight subnets 330
- Similarly use a 27 bit mask to create eight subnets 000 001 010 011 100 101 110 and 111 330
- Table 129 subnet 2 330
- Table 130 subnet 3 330
- Table 131 subnet 4 330
- Table 132 eight subnets 330
- The following table shows ip address last octet values for each subnet 330
- Appendix c ip addresses and subnetting 331
- Es 3148 user s guide 331
- Subnet planning 331
- Table 132 eight subnets continued 331
- Table 133 24 bit network number subnet planning 331
- Table 134 16 bit network number subnet planning 331
- The following table is a summary for subnet planning on a network with a 16 bit network number 331
- The following table is a summary for subnet planning on a network with a 24 bit network number 331
- Configuring ip addresses 332
- Private ip addresses 332
- Conflicting computer ip addresses example 333
- Conflicting router ip addresses example 333
- Ip address conflicts 333
- Conflicting computer and router ip addresses example 334
- More than one device can not use the same ip address in the following example the computer and the router s lan port both use 192 68 as the ip address the computer cannot access the internet this problem can be solved by assigning a different ip address to the computer or the router s lan port 334
- Common services 335
- Ppendix 335
- Appendix d common services 336
- Es 3148 user s guide 336
- Table 135 commonly used services continued 336
- Appendix d common services 337
- Es 3148 user s guide 337
- Table 135 commonly used services continued 337
- Import switch certificates into netscape navigator 339
- Importing certificates 339
- Importing the switch s certificate into internet explorer 339
- Ppendix 339
- Click yes to add the switch certificate to the root store 342
- Certifications 345
- Copyright 345
- Legal information 345
- Ppendix 345
- Zyxel limited warranty 346
- Customer support 349
- Ppendix 349
- Es 3148 user s guide 355
- Numerics 355
- Es 3148 user s guide 356
- Es 3148 user s guide 357
- Es 3148 user s guide 358
- Es 3148 user s guide 359
- Es 3148 user s guide 360
- Es 3148 user s guide 361
Похожие устройства
- Gals et-190t 220v/12v 250вт Инструкция по эксплуатации
- Zyxel ES-3148 Справочник командного интерфейса
- Zyxel ES-3148 Технические характеристики
- Zyxel ES-3148 Сводная таблица функций управляемых коммутаторов
- Gals et-190l 220v/12v 150вт Инструкция по эксплуатации
- Gals et-190k 220v/12v 105вт Инструкция по эксплуатации
- Gals et-190e 220v/12v 60вт Инструкция по эксплуатации
- Gametrix kw-908 jet seat turbojet Инструкция по эксплуатации
- Gametrix kw-901 air Инструкция по эксплуатации
- Gardena powermax 42 e Инструкция по эксплуатации
- Gardena easycut 42 (08870-20.000.00) Инструкция по эксплуатации
- Gardena powermax 34 e Инструкция по эксплуатации
- Gardena 3000/4 classic Инструкция по эксплуатации
- Gardena powermax 37 e Инструкция по эксплуатации
- Garmin swim, black Инструкция по эксплуатации
- Garmin gpsmap 64 Инструкция по эксплуатации
- Garmin striker 4 Инструкция по эксплуатации
- Garmin striker 4dv Инструкция по эксплуатации
- Garmin striker 5dv Инструкция по эксплуатации
- Garmin echomap 42dv chirp с датчиком Инструкция по эксплуатации