![Zyxel XGS3700-24HP [295/548] Dhcp snooping overview](/img/pdf.png)
Zyxel XGS3700-24HP [295/548] Dhcp snooping overview
![Zyxel XGS3700-24HP [295/548] Dhcp snooping overview](/views2/1168831/page295/bg127.png)
Chapter 25 IP Source Guard
GS3700/XGS3700 Series User’s Guide
295
The following table describes the labels in this screen.
25.17 Technical Reference
This section provides technical background information on the topics discussed in this chapter.
25.17.1 DHCP Snooping Overview
Use DHCP snooping to filter unauthorized DHCP packets on the network and to build the binding
table dynamically. This can prevent clients from getting IP addresses from unauthorized DHCP
servers.
25.17.1.1 Trusted vs. Untrusted Ports
Every port is either a trusted port or an untrusted port for DHCP snooping. This setting is
independent of the trusted/untrusted setting for ARP inspection. You can also specify the maximum
number for DHCP packets that each port (trusted or untrusted) can receive each second.
Trusted ports are connected to DHCP servers or other switches. The Switch discards DHCP packets
from trusted ports only if the rate at which DHCP packets arrive is too high. The Switch learns
dynamic bindings from trusted ports.
Note: The Switch will drop all DHCP requests if you enable DHCP snooping and there are
no trusted ports.
Untrusted ports are connected to subscribers. The Switch discards DHCP packets from untrusted
ports in the following situations:
• The packet is a DHCP server packet (for example, OFFER, ACK, or NACK).
Table 141 Advanced Application > IP Source Guard > IPv6 DHCP Trust Setup (Standalone mode)
LABEL DESCRIPTION
Active Select this to specify whether ports are trusted or untrusted ports for DHCP snooping. If
you do not select this then IPv6 DHCP Trust is not used and all ports are automatically
trusted.
Port This field displays the port number. If you configure the * port, the settings are applied to
all of the ports.
Trusted state Select whether this port is a trusted port (Trusted) or an untrusted port (Untrusted).
Trusted ports are connected to DHCPv6 servers or other switches.
Untrusted ports are connected to subscribers, and the Switch discards DHCPv6 packets
from untrusted ports in the following situations:
• The packet is a DHCPv6 server packet (for example, ADVERTISE, REPLY, or RELAY-
REPLY).
• The source MAC address and source IP address in the packet do not match any of the
current bindings.
Apply Click Apply to save your changes to the Switch’s run-time memory. The Switch loses
these changes if it is turned off or loses power, so use the Save link on the top navigation
panel to save your changes to the non-volatile memory when you are done configuring.
Cancel Click this to reset the values in this screen to their last-saved values.
Содержание
- Default login details 1
- Gbe l2 switch 1
- Gs3700 xgs3700 series 1
- Quick start guide 1
- User s guide 1
- Important 2
- Keep this guide for future reference 2
- Note it is recommended you use the web configurator to configure the switch 2
- Note this guide is a reference for a series of products therefore some features or options in this guide may not be available in your product 2
- Read carefully before use 2
- Related documentation 2
- Contents overview 3
- Technical reference 6 3
- User s guide 0 3
- Chapter 1 getting to know your switch 1 5
- Chapter 2 hardware installation and connection 6 5
- Chapter 3 hardware overview 0 5
- Contents overview 5
- Part i user s guide 20 5
- Table of contents 5
- Chapter 4 the web configurator 7 6
- Chapter 5 zon utility zon neighbor management and port status 7 6
- Chapter 6 basic setting 6 6
- Part ii technical reference 46 6
- Chapter 7 vlan 01 7
- Chapter 8 static mac forward setup 24 7
- Chapter 10 filtering 30 8
- Chapter 11 spanning tree protocol 32 8
- Chapter 12 bandwidth control 57 8
- Chapter 13 broadcast storm control 60 8
- Chapter 14 mirroring 62 8
- Chapter 9 static multicast forward setup 27 8
- Chapter 15 link aggregation 75 9
- Chapter 16 port authentication 85 9
- Chapter 17 port security 95 9
- Chapter 18 time range 99 9
- Chapter 19 classifier 01 9
- Chapter 20 policy rule 10 10
- Chapter 21 queuing method 15 10
- Chapter 22 vlan stacking 19 10
- Chapter 23 multicast 27 10
- Chapter 24 aaa 53 11
- Chapter 25 ip source guard 65 11
- Chapter 26 loop guard 99 12
- Chapter 27 vlan mapping 03 12
- Chapter 28 layer 2 protocol tunneling 07 12
- Chapter 29 sflow 12 12
- Chapter 30 pppoe 16 12
- Chapter 31 error disable 25 13
- Chapter 32 mac pinning 33 13
- Chapter 33 private vlan 36 13
- Chapter 34 green ethernet 40 13
- Chapter 35 link layer discovery protocol lldp 43 13
- Chapter 36 anti arpscan 72 14
- Chapter 37 bpdu guard 78 14
- Chapter 38 oam 81 14
- Chapter 39 zuld 90 14
- Chapter 40 static route 96 15
- Chapter 41 policy routing 00 15
- Chapter 42 differentiated services 04 15
- Chapter 43 dhcp 13 15
- Chapter 44 vrrp 30 16
- Chapter 45 load sharing 39 16
- Chapter 46 arp setup 41 16
- Chapter 47 maintenance 47 16
- Chapter 48 access control 58 17
- Chapter 49 diagnostic 82 17
- Chapter 50 system log 85 17
- Chapter 51 syslog setup 86 18
- Chapter 52 cluster management 89 18
- Chapter 53 mac table 95 18
- Chapter 54 ip table 98 18
- Chapter 55 arp table 00 18
- Chapter 56 routing table 02 18
- Chapter 57 path mtu table 03 18
- Chapter 58 configure clone 04 18
- User s guide 20
- Getting to know your switch 21
- Introduction 21
- Backbone 22
- Bridging example 22
- High performance switching example 22
- Rd sales 22
- Branch 23
- Gigabit ethernet to the desktop 23
- Ieee 802 q vlan application example 23
- Internet 23
- Ipv6 support 24
- Tag based vlan example 24
- Ways to manage the switch 24
- Good habits for managing the switch 25
- Freestanding installation 26
- Hardware installation and connection 26
- Attaching the brackets to the switch 27
- Installation requirements 27
- Mounting the switch on a rack 27
- Note failure to use the proper screws may damage the unit 27
- Note zyxel provides extensible rear mounting brackets rm400 to install the switch in a 21 inch 23 inch or 24 inch rack see the rm400 hardware installation guide 27
- Precautions 27
- Mounting the switch on a rack 28
- Power module installation 29
- Front panel connections 30
- Hardware overview 30
- An auto crossover auto mdi mdi x port automatically works with a straight through or crossover ethernet cable 31
- An auto negotiating port can detect and adjust to the optimum ethernet speed 10 100 1000 mbps and duplex mode full duplex or half duplex of the connected device 31
- Chapter 3 hardware overview 31
- Connector description 31
- Default ethernet settings 31
- Ethernet ports 31
- Figure 7 front panel xgs3700 series 31
- Gs3700 xgs3700 series user s guide 31
- Table 2 panel connections 31
- The factory default negotiation settings for the ethernet ports on the switch are 31
- The following table describes the ports 31
- The switch has 1000base t auto negotiating auto crossover ethernet ports in 10 100 1000 mbps gigabit ethernet the speed can be 10mbps 100 mbps or 1000 mbps the duplex mode can be both half or full duplex at 100 mbps and full duplex only at 1000 mbps 31
- Sfp sfp slots 32
- To avoid possible eye injury do not look into an operating fiber optic module s connectors 32
- Transceiver installation 32
- Console port 33
- Management port 33
- Transceiver removal 33
- Connecting the power 34
- Disconnecting the power 34
- Note use the included power cord for the ac power connection 34
- Power connection 34
- Rear panel 34
- Removing and installing the fan module 34
- Chapter 3 hardware overview 35
- Disconnect the power cord from the ac power socket 35
- Disconnect the power cord from the power outlet 35
- Gs3700 xgs3700 series user s guide 35
- Led color status description 35
- Table 3 leds 35
- The following table describes the leds 35
- Chapter 3 hardware overview 36
- Gs3700 xgs3700 series user s guide 36
- Led color status description 36
- Table 3 leds continued 36
- Introduction 37
- System login 37
- The web configurator 37
- B c d e f 38
- The web configurator layout 38
- Chapter 4 the web configurator 40
- Gs3700 xgs3700 series user s guide 40
- Link description 40
- Table 5 navigation panel links 40
- The following table describes the links in the navigation panel 40
- Chapter 4 the web configurator 41
- Gs3700 xgs3700 series user s guide 41
- Link description 41
- Table 5 navigation panel links continued 41
- Change your password 42
- Chapter 4 the web configurator 42
- Gs3700 xgs3700 series user s guide 42
- Link description 42
- Logins to display the next screen 42
- Table 5 navigation panel links continued 42
- Note use the save link when you are done with a configuration session 43
- Saving your configuration 43
- Switch lockout 43
- Note be careful not to lock yourself and others out of the switch if you do lock yourself out try using out of band management via the management port to configure the switch 44
- Reload the configuration file 44
- Resetting the switch 44
- Logging out of the web configurator 45
- Technical reference 46
- Overview 47
- Status 47
- Zon utility zon neighbor management and port status 47
- Chapter 5 zon utility zon neighbor management and port status 48
- Gs3700 xgs3700 series user s guide 48
- Label description 48
- Note the stacking status field is displayed only on the switch with stacking support 48
- Table 6 status 48
- The following table describes the fields in the above screen 48
- Zon neighbor management screen 49
- Zyxel one network zon utility screen 49
- Chapter 5 zon utility zon neighbor management and port status 50
- Gs3700 xgs3700 series user s guide 50
- Label description 50
- Neighbor 50
- Note if multiple neighbor devices use the same port the cycle button is displayed only on the first device others will show instead 50
- Note if multiple neighbor devices use the same port the reset button is not available and will show instead 50
- Note the switch must support power sourcing pse or the network device is a powered device pd 50
- Note you can only reset zyxel products 50
- The following table describes the fields in the above screen 50
- Port status 51
- Chapter 5 zon utility zon neighbor management and port status 52
- Click a number in the port column in the port status screen to display individual port statistics use this screen to check status and detailed performance data about an individual port on the switch 52
- Gs3700 xgs3700 series user s guide 52
- Label description 52
- Port details 52
- Table 8 port status 52
- Chapter 5 zon utility zon neighbor management and port status 53
- Figure 23 port status port details 53
- Gs3700 xgs3700 series user s guide 53
- Label description 53
- Table 9 port status port details 53
- The following table describes the labels in this screen 53
- Chapter 5 zon utility zon neighbor management and port status 54
- Gs3700 xgs3700 series user s guide 54
- Label description 54
- Table 9 port status port details continued 54
- Chapter 5 zon utility zon neighbor management and port status 55
- Gs3700 xgs3700 series user s guide 55
- Label description 55
- Table 9 port status port details continued 55
- Basic setting 56
- System information 56
- Chapter 6 basic setting 58
- Gs3700 xgs3700 series user s guide 58
- Label description 58
- System info stacking mode 58
- System info standalone and stacking modes 58
- The following table describes the labels in these screens 58
- Chapter 6 basic setting 59
- Click a slot number in the system information screen to display more detailed hardware information on a switch 59
- Gs3700 xgs3700 series user s guide 59
- Label description 59
- System info standalone and stacking modes continued 59
- System information stacking hardware monitor 59
- Chapter 6 basic setting 60
- Gs3700 xgs3700 series user s guide 60
- Hardware monitor stacking mode 60
- Label description 60
- The following table describes the labels in this screen 60
- Chapter 6 basic setting 61
- General setup 61
- General setup in the navigation panel to display the screen as shown 61
- Gs3700 xgs3700 series user s guide 61
- Hardware monitor stacking mode continued 61
- Label description 61
- The following table describes the labels in this screen 61
- Chapter 6 basic setting 62
- General setup continued 62
- Gs3700 xgs3700 series user s guide 62
- Label description 62
- Introduction to vlans 63
- Note vlan is unidirectional it only governs outgoing traffic 63
- Switch setup 63
- Chapter 6 basic setting 64
- Gs3700 xgs3700 series user s guide 64
- Label description 64
- Switch setup 64
- The following table describes the labels in this screen 64
- Chapter 6 basic setting 65
- Gs3700 xgs3700 series user s guide 65
- Ip interfaces 65
- Ip setup 65
- Label description 65
- On the switch an ip address is not bound to any physical ports since each ip address on the switch must be in a separate subnet the configured ip address is also known as ip interface or routing domain in addition this allows routing between subnets based on the ip address without additional routers 65
- Switch setup continued 65
- The switch needs an ip address for it to be managed over the network the factory default ip address is 192 68 the subnet mask specifies the network number portion of an ip address the factory default subnet mask is 255 55 55 65
- Use the ip setup screen to configure the default gateway device the default domain name server and add ip domains 65
- You can configure multiple routing domains on the same vlan as long as the ip address ranges for the domains do not overlap to change the ip address of the switch in a routing domain simply add a new routing domain entry with a different ip address in the same subnet 65
- Chapter 6 basic setting 66
- Gs3700 xgs3700 series user s guide 66
- Ip setup 66
- Ip status details 66
- Ip status details static 66
- Label description 66
- Note you must configure a vlan first each vlan can only have one management ip address 66
- The following table describes the labels in this screen 66
- Use this screen to view ip status details click a number in the index column in the ip status screen to display the screen as shown next 66
- You can configure up to 128 ip domains which are used to access and manage the switch from the ports belonging to the pre defined vlan s 66
- Chapter 6 basic setting 67
- Gs3700 xgs3700 series user s guide 67
- Ip configuration 67
- Ip status details dhcp 67
- Label description 67
- The following table describes the labels in this screen 67
- Use this screen to configure the default gateway device the default domain name server and add ip domains 67
- Chapter 6 basic setting 68
- Gs3700 xgs3700 series user s guide 68
- Ip configuration 68
- Label description 68
- The following table describes the labels in this screen 68
- Chapter 6 basic setting 69
- Gs3700 xgs3700 series user s guide 69
- Ip configuration continued 69
- Label description 69
- Note deleting all ip subnets locks you out of the switch 69
- Port setup 69
- Port setup in the navigation panel to display the configuration screen 69
- Chapter 6 basic setting 71
- Gs3700 xgs3700 series user s guide 71
- Label description 71
- Note changes in this row are copied to all the ports as soon as you make them 71
- Note due to space limitations the port name may be truncated in some web configurator screens 71
- Port setup 71
- Port setup xgs3700 series stacking mode 71
- The following table describes the labels in this screen 71
- Chapter 6 basic setting 72
- Gs3700 xgs3700 series user s guide 72
- Label description 72
- Note the poe function and the following screens are available for models ending in hp only 72
- Port setup continued 72
- Note the poe devices that supply or receive power and their connected ethernet cables must all be completely indoors 73
- Chapter 6 basic setting 74
- Gs3700 xgs3700 series user s guide 74
- Label description 74
- Note the switch must have at least 16 w of remaining power in order to supply power to a poe device even if the poe device needs less than 16 w 74
- Poe setup 74
- Poe setup stacking mode 74
- The following table describes the labels in this screen 74
- Chapter 6 basic setting 75
- Gs3700 xgs3700 series user s guide 75
- Label description 75
- Poe setup 75
- Poe status screen the following screen opens 75
- Poe time range status 75
- Poe setup 76
- Chapter 6 basic setting 77
- Gs3700 xgs3700 series user s guide 77
- Label description 77
- Poe setup 77
- Poe setup stacking mode 77
- The following table describes the labels in this screen 77
- Chapter 6 basic setting 78
- Gs3700 xgs3700 series user s guide 78
- Label description 78
- Note if the priority settings for two or more poe ports are the same and the power budget is not enough the ports will shut down randomly we strongly recommend you set the priority for each poe port to make sure the high priority ports get power 78
- Poe setup continued 78
- Interface setup 79
- Note the total power available varies by switch use the show pwr command to see the total power available for your switch the number of ports that can be powered by poe is the total power available maximum power available per port 79
- Poe setup 79
- Ipv6 interface status 80
- Chapter 6 basic setting 81
- Gs3700 xgs3700 series user s guide 81
- Ipv6 interface status 81
- Label description 81
- The following table describes the labels in this screen 81
- Chapter 6 basic setting 82
- Gs3700 xgs3700 series user s guide 82
- Ipv6 interface status continued 82
- Label description 82
- Chapter 6 basic setting 83
- Gs3700 xgs3700 series user s guide 83
- Ipv6 configuration 83
- Ipv6 global setup 83
- Ipv6 screen the following screen opens 83
- Label description 83
- The following table describes the labels in this screen 83
- Use this screen to configure the global ipv6 settings click the link next to ipv6 global setup in the ipv6 configuration screen to display the screen as shown next 83
- Chapter 6 basic setting 84
- Gs3700 xgs3700 series user s guide 84
- Ipv6 global setup 84
- Ipv6 interface setup 84
- Label description 84
- The following table describes the labels in this screen 84
- Use this screen to turn on or off an ipv6 interface and enable stateless autoconfiguration on it click the link next to ipv6 interface setup in the ipv6 configuration screen to display the screen as shown next 84
- A link local address uniquely identifies a device on the local network the lan it is similar to a private ip address in ipv4 you can have the same link local address on multiple interfaces on a device a link local unicast address has a predefined prefix of fe80 10 85
- Chapter 6 basic setting 85
- Gs3700 xgs3700 series user s guide 85
- Ipv6 interface setup 85
- Ipv6 link local address setup 85
- Label description 85
- The following table describes the labels in this screen 85
- Use this screen to configure the interface s link local address and default gateway click the link next to ipv6 link local address setup in the ipv6 configuration screen to display the screen as shown next 85
- Chapter 6 basic setting 86
- Gs3700 xgs3700 series user s guide 86
- Ipv6 global address setup 86
- Ipv6 link local address setup continued 86
- Label description 86
- The following table describes the labels in this screen 86
- Use this screen to configure the interface s ipv6 global address click the link next to ipv6 global address setup in the ipv6 configuration screen to display the screen as shown next 86
- Chapter 6 basic setting 87
- Gs3700 xgs3700 series user s guide 87
- Ipv6 global address setup continued 87
- Ipv6 neighbor discovery setup 87
- Label description 87
- The following table describes the labels in this screen 87
- Use this screen to configure neighbor discovery settings for each interface click the link next to ipv6 neighbor discovery setup in the ipv6 configuration screen to display the screen as shown next 87
- Chapter 6 basic setting 88
- Gs3700 xgs3700 series user s guide 88
- Ipv6 neighbor discovery setup continued 88
- Ipv6 router discovery setup 88
- Label description 88
- Use this screen to configure router discovery settings for each interface click the link next to ipv6 router discovery setup in the ipv6 configuration screen to display the screen as shown next 88
- Chapter 6 basic setting 89
- Gs3700 xgs3700 series user s guide 89
- Ipv6 prefix setup 89
- Ipv6 router discovery setup 89
- Label description 89
- Note the minimum time interval cannot be greater than three quarters of the maximum time interval 89
- The following table describes the labels in this screen 89
- Use this screen to configure the switch s ipv6 prefix list for each interface click the link next to ipv6 prefix setup in the ipv6 configuration screen to display the screen as shown next 89
- Chapter 6 basic setting 90
- Gs3700 xgs3700 series user s guide 90
- Ipv6 prefix setup 90
- Label description 90
- The following table describes the labels in this screen 90
- Chapter 6 basic setting 91
- Gs3700 xgs3700 series user s guide 91
- Interface setup screen 91
- Ipv6 neighbor setup 91
- Ipv6 prefix setup continued 91
- Label description 91
- The following table describes the labels in this screen 91
- Use this screen to create a static ipv6 neighbor entry in the switch s ipv6 neighbor table to store the neighbor information permanently click the link next to ipv6 neighbor setup in the ipv6 configuration screen to display the screen as shown next 91
- Vlan screens 91
- Chapter 6 basic setting 92
- Dhcpv6 client setup 92
- Gs3700 xgs3700 series user s guide 92
- Ipv6 neighbor setup continued 92
- Label description 92
- The following table describes the labels in this screen 92
- Use this screen to configure the switch s dhcp settings when it is acting as a dhcpv6 client click the link next to ipv6 neighbor setup in the ipv6 configuration screen to display the screen as shown next 92
- Chapter 6 basic setting 93
- Dhcpv6 client setup continued 93
- Figure 55 switch stacking concept 93
- Gs3700 xgs3700 series user s guide 93
- Label description 93
- Models with stacking support 93
- Stacking 93
- Stacking is directly connecting switches to form a larger system that behaves as a single switch or a virtual chassis with increased port density 93
- Table 35 switch stacking 93
- The last two sfp ports of your switch are dedicated for switch stacking these are the switches that support stacking at the time of writing 93
- Note up to 8 switches per stack are allowed 94
- Stacking status 94
- Chapter 6 basic setting 95
- Gs3700 xgs3700 series user s guide 95
- Label description 95
- Slot number in the navigation panel to display the stacking slot status screen as shown next 95
- Stacking slot 95
- Stacking status 95
- The following table describes the labels in this screen 95
- Chapter 6 basic setting 96
- Gs3700 xgs3700 series user s guide 96
- Label description 96
- Slot number 96
- The following table describes the labels in this screen 96
- A stacking port cable is disconnected 97
- A switch in the stack reboots as happens after you change stacking mode to standalone 97
- A switch in the stack shuts down 97
- Note master election occurs when a stacking port link status changes up down the link status changes when for example 97
- Note when you change modes all configurations except user accounts but including running configuration config01 and config02 will be erased and the switch will reboot with a new config01 therefore you should back up previous configurations if you want to reload them later 97
- Stacking configuration 97
- You add a switch to the stack or 97
- Chapter 6 basic setting 99
- Configuration 99
- Dns domain name system is for mapping a domain name to its corresponding ip address and vice versa use the dns screen to configure and view the default dns servers on the switch 99
- Gs3700 xgs3700 series user s guide 99
- Label description 99
- The following table describes the labels in this screen 99
- Chapter 6 basic setting 100
- Dns continued 100
- Gs3700 xgs3700 series user s guide 100
- Label description 100
- Forwarding tagged and untagged frames 101
- Introduction to ieee 802 q tagged vlans 101
- Automatic vlan registration 102
- Chapter 7 vlan 102
- Garp and gvrp are the protocols used to automatically register vlan membership across switches 102
- Garp generic attribute registration protocol allows network switches to register and de register attribute values with other garp participants within a bridged lan garp is a protocol that provides a generic mechanism for protocols that serve a more specific application for example gvrp 102
- Garp timers 102
- Gs3700 xgs3700 series user s guide 102
- Gvrp garp vlan registration protocol is a registration protocol that defines a way for switches to register necessary vlan members on ports across the network enable this function to permit vlan groups beyond the local switch 102
- Please refer to the following table for common ieee 802 q vlan terminology 102
- Switches join vlans by making a declaration a declaration is made by issuing a join message using garp declarations are withdrawn by issuing a leave message a leave all message terminates all registrations garp timers set declaration timeout values 102
- Table 40 ieee 802 q vlan terminology 102
- Vlan parameter term description 102
- Port vlan trunking 103
- Q static vlan 103
- Select the vlan type 103
- Chapter 7 vlan 104
- Gs3700 xgs3700 series user s guide 104
- Label description 104
- The following table describes the labels in this screen 104
- Vlan from the navigation panel to display the vlan status screen as shown next 104
- Vlan status 104
- Vlan vlan status 104
- Chapter 7 vlan 105
- Gs3700 xgs3700 series user s guide 105
- Label description 105
- The following table describes the labels in this screen 105
- Use this screen to view detailed port settings and status of the vlan group see section 7 on page 101 for more information on 802 q vlan click on an index number in the vlan status screen to display vlan details 105
- Vlan detail 105
- Vlan details 105
- Chapter 7 vlan 106
- Gs3700 xgs3700 series user s guide 106
- Label description 106
- Private vlan status 106
- Private vlan status to see the following screen 106
- The following table describes the labels in this screen 106
- Vlan configuration 106
- Vlan configuration to see the following screen 106
- Vlan detail continued 106
- Chapter 7 vlan 107
- Configure a static vlan 107
- Gs3700 xgs3700 series user s guide 107
- Label description 107
- The following table describes the labels in the above screen 107
- Use this screen to configure a static vlan for the switch click the static vlan setup link in the vlan configuration screen to display the screen as shown next 107
- Vlan configuration 107
- Chapter 7 vlan 108
- Gs3700 xgs3700 series user s guide 108
- Label description 108
- Static vlan setup 108
- The following table describes the related labels in this screen 108
- Chapter 7 vlan 109
- Configure vlan port settings 109
- Gs3700 xgs3700 series user s guide 109
- Label description 109
- Note changes in this row are copied to all the ports as soon as you make them 109
- Static vlan setup continued 109
- Use the vlan port setting screen to configure the static vlan ieee 802 q settings on a port see section 7 on page 101 for more information on 802 q vlan click the vlan port setup link in the vlan configuration screen 109
- Chapter 7 vlan 111
- Gs3700 xgs3700 series user s guide 111
- Label description 111
- Note changes in this row are copied to all the ports as soon as you make them 111
- Subnet based vlans 111
- Subnet based vlans allow you to group traffic into logical vlans based on the source ip subnet you specify when a frame is received on a port the switch checks if a tag is added already and the ip 111
- The following table describes the labels in this screen 111
- Vlan port setup standalone stacking mode 111
- Configuring subnet based vlan 112
- Internet 112
- Note subnet based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 112
- Chapter 7 vlan 113
- Gs3700 xgs3700 series user s guide 113
- Label description 113
- Subnet based vlan setup 113
- The following table describes the labels in this screen 113
- Configuring protocol based vlan 114
- Note protocol based vlan applies to un tagged packets and is applicable only when you use ieee 802 q tagged vlan 114
- Protocol based vlans 114
- Chapter 7 vlan 115
- Gs3700 xgs3700 series user s guide 115
- Label description 115
- Note protocols in the hexadecimal number range of 0x0000 to 0x05ff are not allowed to be used for protocol based vlans 115
- Protocol based vlan setup 115
- The following table describes the labels in this screen 115
- Create an ip based vlan example 116
- Example 116
- Configure a port based vlan 117
- Note in screens such as ip setup and filtering that require a vid you must enter 1 as the vid 117
- Note when you activate port based vlan the switch uses a default vlan id of 1 you cannot change it 117
- Port based vlan setup standalone mode 117
- Chapter 7 vlan 120
- Click the voice vlan setup link in the vlan configuration screen to display the configuration screen as shown 120
- Gs3700 xgs3700 series user s guide 120
- Label description 120
- The following table describes the labels in this screen 120
- Vlan port based vlan setup 120
- Voice vlan 120
- Voice vlan ensures that the sound quality of an ip phone is preserved from deteriorating when the data traffic on the switch ports is high it groups the voice traffic with defined priority into an assigned vlan which enables the separation of voice and data traffic coming onto the switch port 120
- You can set priority level to the voice vlan and add mac address of ip phones from specific manufacturers by using its id from the organizationally unique identifiers oui 120
- Chapter 7 vlan 121
- Gs3700 xgs3700 series user s guide 121
- Label description 121
- The following table describes the fields in the above screen 121
- Voice vlan setup 121
- Label description 122
- Mac based vlan 122
- Chapter 7 vlan 123
- Gs3700 xgs3700 series user s guide 123
- Label description 123
- Mac based vlan setup 123
- Configuring static mac forwarding 124
- Overview 124
- Static mac forward setup 124
- Chapter 8 static mac forward setup 125
- Gs3700 xgs3700 series user s guide 125
- Label description 125
- Note static mac addresses do not age out 125
- Static mac forwarding 125
- Static mac forwarding stacking mode 125
- The following table describes the labels in this screen 125
- Chapter 8 static mac forward setup 126
- Gs3700 xgs3700 series user s guide 126
- Label description 126
- Static mac forwarding continued 126
- Static multicast forward setup 127
- Static multicast forwarding overview 127
- Configuring static multicast forwarding 128
- Chapter 9 static multicast forward setup 129
- Gs3700 xgs3700 series user s guide 129
- Label description 129
- Static multicast forwarding continued 129
- Configure a filtering rule 130
- Filtering 130
- Chapter 10 filtering 131
- Filtering continued 131
- Gs3700 xgs3700 series user s guide 131
- Label description 131
- Spanning tree protocol 132
- Stp rstp overview 132
- Stp terminology 132
- How stp works 133
- Multiple rstp 133
- Stp port states 133
- Mstp network example 134
- Multiple stp 134
- Note each port can belong to one stp tree only 134
- Mst region 135
- Vlan 1 vlan 2 135
- Common and internal spanning tree cist 136
- Mst instance 136
- Spanning tree protocol status screen 136
- Spanning tree configuration 137
- Chapter 11 spanning tree protocol 138
- Configuration 138
- Configure rapid spanning tree protocol 138
- Gs3700 xgs3700 series user s guide 138
- Label description 138
- Rstp standalone mode 138
- Spanning tree protocol screen 138
- The following table describes the labels in this screen 138
- Chapter 11 spanning tree protocol 139
- Configuration screen to enable rstp on the switch 139
- Gs3700 xgs3700 series user s guide 139
- Label description 139
- Rstp stacking mode 139
- The following table describes the labels in this screen 139
- 2 hello time 1 140
- Chapter 11 spanning tree protocol 140
- Gs3700 xgs3700 series user s guide 140
- Label description 140
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data unit bpdu 140
- Note changes in this row are copied to all the ports as soon as you make them 140
- Rstp continued 140
- Chapter 11 spanning tree protocol 141
- Gs3700 xgs3700 series user s guide 141
- Label description 141
- Note the listening state does not exist in rstp 141
- Note this screen is only available after you activate rstp on the switch 141
- Rapid spanning tree protocol status 141
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 11 on page 132 for more information on rstp 141
- Status rstp 141
- The following table describes the labels in this screen 141
- Chapter 11 spanning tree protocol 142
- Configure multiple rapid spanning tree protocol 142
- Gs3700 xgs3700 series user s guide 142
- Label description 142
- Spanning tree protocol screen see section 11 on page 132 for more information on mrstp 142
- Status rstp continued 142
- 2 hello time 1 144
- Chapter 11 spanning tree protocol 144
- Configuration screen to enable mrstp on the switch 144
- Gs3700 xgs3700 series user s guide 144
- Label description 144
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data unit bpdu 144
- Note changes in this row are copied to all the ports as soon as you make them 144
- The following table describes the labels in this screen 144
- Chapter 11 spanning tree protocol 145
- Gs3700 xgs3700 series user s guide 145
- Label description 145
- Mrstp continued 145
- Multiple rapid spanning tree protocol status 145
- Note this screen is only available after you activate mrstp on the switch 145
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 11 on page 132 for more information on mrstp 145
- Status mrstp 145
- Chapter 11 spanning tree protocol 146
- Gs3700 xgs3700 series user s guide 146
- Label description 146
- Note the listening state does not exist in rstp 146
- Status mrstp 146
- The following table describes the labels in this screen 146
- Configure multiple spanning tree protocol 147
- 2 hello time 1 150
- Chapter 11 spanning tree protocol 150
- Gs3700 xgs3700 series user s guide 150
- Label description 150
- Mstp continued 150
- Note changes in this row are copied to all the ports as soon as you make them 150
- Chapter 11 spanning tree protocol 151
- Gs3700 xgs3700 series user s guide 151
- Label description 151
- Mstp continued 151
- Mstp screen 151
- Multiple spanning tree protocol port configuration 151
- Chapter 11 spanning tree protocol 153
- Gs3700 xgs3700 series user s guide 153
- Label description 153
- Note an edge port becomes a non edge port as soon as it receives a bridge protocol data unit bpdu 153
- Note changes in this row are copied to all the ports as soon as you make them 153
- Port stacking mode 153
- The following table describes the labels in this screen 153
- Chapter 11 spanning tree protocol 154
- Gs3700 xgs3700 series user s guide 154
- Label description 154
- Multiple spanning tree protocol status 154
- Note this screen is only available after you activate mstp on the switch 154
- Port continued 154
- Spanning tree protocol in the navigation panel to display the status screen as shown next see section 11 on page 134 for more information on mstp 154
- Status mstp 154
- Chapter 11 spanning tree protocol 155
- Gs3700 xgs3700 series user s guide 155
- Label description 155
- Status mstp 155
- The following table describes the labels in this screen 155
- Chapter 11 spanning tree protocol 156
- Gs3700 xgs3700 series user s guide 156
- Label description 156
- Status mstp continued 156
- Bandwidth control 157
- Bandwidth control overview 157
- Bandwidth control setup 157
- Cir and pir 157
- Bandwidth control continued 159
- Chapter 12 bandwidth control 159
- Gs3700 xgs3700 series user s guide 159
- Label description 159
- Note changes in this row are copied to all the ports as soon as you make them 159
- Broadcast storm control 160
- Broadcast storm control setup 160
- Broadcast storm control 161
- Broadcast storm control stacking mode 161
- Chapter 13 broadcast storm control 161
- Gs3700 xgs3700 series user s guide 161
- Label description 161
- Note changes in this row are copied to all the ports as soon as you make them 161
- The following table describes the labels in this screen 161
- Mirroring 162
- Port mirroring 162
- Destination b 163
- Destination c 163
- Intermediate a destination a 163
- Intermediate b 163
- Multi destination rmirror 163
- Remote port mirroring rmirror vlan 163
- Single destination rmirror 163
- Source 163
- Source intermediate destination 163
- Port rules in port mirroring 164
- Table 67 port rules between different remote port mirroring vlans 164
- Table 68 port rules between remote and local port mirroring 164
- Local port mirroring 165
- Chapter 14 mirroring 166
- Gs3700 xgs3700 series user s guide 166
- Label description 166
- Mirroring 166
- Mirroring stacking mode 166
- Note changes in this row are copied to all the ports as soon as you make them 166
- The following table describes the labels in this screen 166
- Chapter 14 mirroring 167
- Gs3700 xgs3700 series user s guide 167
- Label description 167
- Mirroring continued 167
- Mirroring screen the following screen opens 167
- Remote port mirroring 167
- Rmirror 167
- The following table describes the labels in this screen 167
- Use this screen to create a remote port mirroring rmirror vlan through which the mirrored traffic is forwarded 167
- Source 168
- Chapter 14 mirroring 169
- Gs3700 xgs3700 series user s guide 169
- Label description 169
- Source 169
- Source stacking mode 169
- The following table describes the labels in this screen 169
- Chapter 14 mirroring 170
- Click the destination link in the rmirror screen the following screen opens 170
- Destination 170
- Gs3700 xgs3700 series user s guide 170
- Label description 170
- Note changes in this row are copied to all the ports as soon as you make them 170
- Source continued 170
- Use this screen to specify the rmirror vlan and configure the monitor port when the switch is the destination device in remote port mirroring 170
- Chapter 14 mirroring 171
- Click the connected port link in the rmirror screen the following screen opens 171
- Connected port 171
- Destination 171
- Gs3700 xgs3700 series user s guide 171
- Label description 171
- The following table describes the labels in this screen 171
- Use this screen to select the rmirror vlan and specify the port s that helps forward mirrored traffic to other connected switches and or receive mirrored traffic from other connected port in the same rmirror vlan 171
- Chapter 14 mirroring 173
- Connected port 173
- Connected port stacking mode 173
- Gs3700 xgs3700 series user s guide 173
- Label description 173
- Note changes in this row are copied to all the ports as soon as you make them 173
- The following table describes the labels in this screen 173
- Chapter 14 mirroring 174
- Connected port continued 174
- Gs3700 xgs3700 series user s guide 174
- Label description 174
- Dynamic link aggregation 175
- Link aggregation 175
- Link aggregation overview 175
- Link aggregation id 176
- Link aggregation status 176
- Chapter 15 link aggregation 177
- Gs3700 xgs3700 series user s guide 177
- Label description 177
- Link aggregation setting 177
- Link aggregation setting to display the screen shown next see section 15 on page 175 for more information on link aggregation 177
- Link aggregation status 177
- The following table describes the labels in this screen 177
- Chapter 15 link aggregation 180
- Gs3700 xgs3700 series user s guide 180
- Label description 180
- Lacp to display the screen shown next see section 15 on page 175 for more information on dynamic link aggregation 180
- Link aggregation control protocol 180
- Link aggregation setting continued 180
- Note when you enable the port security feature on the switch and configure port security settings for a port you cannot include the port in an active trunk group 180
- Chapter 15 link aggregation 182
- Gs3700 xgs3700 series user s guide 182
- Label description 182
- Lacp stacking mode 182
- Note do not configure this screen unless you want to enable dynamic link aggregation 182
- The following table describes the labels in this screen 182
- Static trunking example 183
- Example 184
- Ieee 802 x authentication 185
- Port authentication 185
- Port authentication overview 185
- Mac authentication 186
- Activate ieee 802 x security 187
- Authentication reply 187
- Authentication request authentication request 187
- New connection 187
- Port authentication configuration 187
- Session granted denied 187
- Chapter 16 port authentication 189
- Gs3700 xgs3700 series user s guide 189
- Guest vlan 189
- Label description 189
- Note changes in this row are copied to all the ports as soon as you make them 189
- Note you must first enable 802 x authentication on the switch before configuring it on each port 189
- The following table describes the labels in this screen 189
- When 802 x port authentication is enabled on the switch and its ports clients that do not have the correct credentials are blocked from using the port s you can configure your switch to have one vlan that acts as a guest vlan if you enable the guest vlan 102 in the example on a port 2 in the example the user a in the example that is not ieee 802 x capable or fails to enter the correct username and password can still access the port but traffic from the user is forwarded to the guest vlan that is unauthenticated users can have access to limited network resources in the same guest vlan such as the internet the rights granted to the guest vlan depends on how the network administrator configures switches or routers with the guest network feature 189
- Internet 190
- Vlan 100 190
- Vlan 102 190
- Chapter 16 port authentication 191
- Gs3700 xgs3700 series user s guide 191
- Guest vlan 191
- Guest vlan stacking mode 191
- Label description 191
- Note changes in this row are copied to all the ports as soon as you make them 191
- The following table describes the labels in this screen 191
- Activate mac authentication 192
- Chapter 16 port authentication 193
- Gs3700 xgs3700 series user s guide 193
- Label description 193
- Mac authentication 193
- Mac authentication stacking mode 193
- Note if the aging time in the switch setup screen is set to a lower value then it supersedes this setting see section 6 on page 63 193
- Note you must first enable mac authentication on the switch before configuring it on each port 193
- The following table describes the labels in this screen 193
- Chapter 16 port authentication 194
- Gs3700 xgs3700 series user s guide 194
- Label description 194
- Mac authentication continued 194
- Note changes in this row are copied to all the ports as soon as you make them 194
- About port security 195
- Port security 195
- Port security setup 195
- Chapter 17 port security 197
- Gs3700 xgs3700 series user s guide 197
- Label description 197
- Note changes in this row are copied to all the ports as soon as you make them 197
- Port security 197
- Port security screen to display the screen as shown 197
- The following table describes the labels in this screen 197
- Vlan mac address limit 197
- Chapter 17 port security 198
- Gs3700 xgs3700 series user s guide 198
- Label description 198
- The following table describes the labels in this screen 198
- Vlan mac address limit 198
- About time range 199
- Time range 199
- Time range setup 199
- Chapter 18 time range 200
- Gs3700 xgs3700 series user s guide 200
- Label description 200
- The following table describes the labels in this screen 200
- Time range 200
- About the classifier and qos 201
- Classifier 201
- Classifier status 201
- Chapter 19 classifier 202
- Classifier configuration 202
- Classifier status 202
- Gs3700 xgs3700 series user s guide 202
- Label description 202
- The following table describes the labels in this screen 202
- Use the classifier configuration screen to define the classifiers after you define the classifier you can specify actions or policy to act upon the traffic that matches the rules in the classifier status screen click classifier configuration to display the configuration screen as shown 202
- Chapter 19 classifier 204
- Classifier configuration continued 204
- Gs3700 xgs3700 series user s guide 204
- Label description 204
- Chapter 19 classifier 205
- Classifier configuration continued 205
- Gs3700 xgs3700 series user s guide 205
- Label description 205
- Note you must select either udp or tcp in the ip protocol field before you configure the socket numbers 205
- Chapter 19 classifier 206
- Classifier configuration continued 206
- Classifier configuration summary table 206
- Ethernet type protocol number 206
- Gs3700 xgs3700 series user s guide 206
- Label description 206
- Note when two rules conflict with each other a higher layer rule has priority over a lower layer rule 206
- Table 88 common ethernet types and protocol number 206
- The following table describes the labels in this screen 206
- The following table shows some other common ethernet types and the corresponding protocol number 206
- To view a summary of the classifier configuration scroll down to the summary table at the bottom of the classifier screen to change the settings of a rule click a number in the index field 206
- Viewing and editing classifier configuration 206
- Chapter 19 classifier 207
- Classifier global setting 207
- Classifier global setting configuration 207
- Ethernet type protocol number 207
- Gs3700 xgs3700 series user s guide 207
- Label description 207
- Port number port name 207
- Some of the most common ip ports are 207
- Table 88 common ethernet types and protocol number 207
- Table 89 common ip ports 207
- The following table describes the labels in this screen 207
- Use this screen to configure the match order and enable logging on the switch in the classifier configuration screen click classifier global setting to display the configuration screen as shown 207
- Chapter 19 classifier 208
- Classifier example 208
- Classifier global setting 208
- Gs3700 xgs3700 series user s guide 208
- Label description 208
- The following screen shows an example of configuring a classifier that identifies all traffic from mac address 00 50 ba ad 4f 81 on port 2 208
- Example 209
- Configuring policy rules 210
- Diffserv 210
- Dscp and per hop behavior 210
- Policy rule 210
- Policy rules overview 210
- Chapter 20 policy rule 212
- Gs3700 xgs3700 series user s guide 212
- Label description 212
- Policy rule continued 212
- Chapter 20 policy rule 213
- Gs3700 xgs3700 series user s guide 213
- Label description 213
- Policy example 213
- Policy rule continued 213
- The figure below shows an example policy screen where you configure a policy to limit bandwidth and discard out of profile traffic on a traffic flow classified using the example classifier refer to section 19 on page 208 213
- Example 214
- Queuing method 215
- Queuing method overview 215
- Strictly priority 215
- Weighted fair queuing 215
- Configuring queuing 216
- Weighted round robin scheduling wrr 216
- Chapter 21 queuing method 217
- Gs3700 xgs3700 series user s guide 217
- Label description 217
- Note changes in this row are copied to all the ports as soon as you make them 217
- Queuing method 217
- Queuing method stacking mode 217
- The following table describes the labels in this screen 217
- Chapter 21 queuing method 218
- Gs3700 xgs3700 series user s guide 218
- Label description 218
- Queuing method continued 218
- Vlan stacking 219
- Vlan stacking example 219
- Vlan stacking overview 219
- Note static vlan tx tagging must be disabled on a port where you choose normal or access port 220
- Note static vlan tx tagging must be enabled on a port where you choose tunnel port 220
- Vlan stacking port roles 220
- Vlan tag format 220
- Configuring vlan stacking 221
- Frame format 221
- Chapter 22 vlan stacking 223
- Gs3700 xgs3700 series user s guide 223
- Label description 223
- Note changes in this row are copied to all the ports as soon as you make them 223
- Note you can define up to four different tunnel tpids including 8100 in this screen at a time 223
- Port based q in q 223
- Port based q in q lets the switch treat all frames received on the same port as the same vlan flows and add the same outer vlan tag to them even they have different customer vlan ids 223
- The following table describes the labels in this screen 223
- Vlan stacking 223
- Vlan stacking screen to display the screen as shown 223
- Chapter 22 vlan stacking 225
- Gs3700 xgs3700 series user s guide 225
- Label description 225
- Note selective q in q rules are only applied to single tagged frames received on the access ports if the incoming frames are untagged or single tagged but received on a tunnel port or cannot match any selective q in q rules the switch applies the port based q in q rules to them 225
- Port based qinq 225
- Selective q in q 225
- Selective q in q is vlan based it allows the switch to add different outer vlan tags to the incoming frames received on one port according to their inner vlan tags 225
- Selective qinq 225
- The following table describes the labels in this screen 225
- Vlan stacking screen to display the screen as shown 225
- Chapter 22 vlan stacking 226
- Gs3700 xgs3700 series user s guide 226
- Label description 226
- Selective qinq 226
- The following table describes the labels in this screen 226
- Igmp filtering 227
- Ip multicast addresses 227
- Multicast 227
- Multicast overview 227
- Igmp snooping 228
- Igmp snooping and vlans 228
- Mld snooping proxy 228
- Mld messages 229
- Multicast setup 229
- Report 229
- Igmp snooping 230
- Ipv4 multicast status 230
- Chapter 23 multicast 232
- Gs3700 xgs3700 series user s guide 232
- Igmp snooping 232
- Label description 232
- Note changes in this row are copied to all the ports as soon as you make them 232
- Note if you enable igmp filtering you must create and assign igmp filtering profiles for the ports that you want to allow to join multicast groups 232
- The following table describes the labels in this screen 232
- Chapter 23 multicast 233
- Gs3700 xgs3700 series user s guide 233
- Igmp snooping continued 233
- Label description 233
- Chapter 23 multicast 234
- Gs3700 xgs3700 series user s guide 234
- Igmp snooping screen first 234
- Igmp snooping vlan 234
- Ipv4 multicast in the navigation panel click the igmp snooping link and then the igmp snooping vlan link to display the screen as shown see section 23 on page 228 for more information on igmp snooping vlan 234
- Label description 234
- Note you cannot configure the same vlan id as in the mvr screen 234
- The following table describes the labels in this screen 234
- An igmp filtering profile specifies a range of multicast groups that clients connected to the switch are able to join a profile contains a range of multicast ip addresses which you want clients to be able to join profiles are assigned to ports in the igmp snooping screen clients connected to those ports are then able to join the multicast groups specified in the profile each port can be assigned a single profile a profile can be assigned to multiple ports 235
- Chapter 23 multicast 235
- Gs3700 xgs3700 series user s guide 235
- Igmp filtering profile 235
- Igmp snooping vlan continued 235
- Ipv4 multicast in the navigation panel click the igmp snooping link and then the igmp filtering profile link to display the screen as shown 235
- Label description 235
- Chapter 23 multicast 236
- Gs3700 xgs3700 series user s guide 236
- Igmp filtering profile 236
- Ipv6 multicast 236
- Ipv6 multicast status 236
- Ipv6 multicast to display the screen as shown this screen shows the ipv6 multicast group information see section 23 on page 227 for more information on multicasting 236
- Label description 236
- The following table describes the labels in this screen 236
- Mld snooping proxy 237
- Mld snooping proxy vlan 237
- Chapter 23 multicast 238
- Gs3700 xgs3700 series user s guide 238
- Label description 238
- The following table describes the labels in this screen 238
- Chapter 23 multicast 239
- Gs3700 xgs3700 series user s guide 239
- Label description 239
- Mld snooping proxy vlan port role setting 239
- Vlan screen to display the screen as shown see section 23 on page 227 for more information on multicasting 239
- Chapter 23 multicast 241
- Gs3700 xgs3700 series user s guide 241
- Ipv6 multicast screen to display the screen as shown see section 23 on page 227 for more information on multicasting 241
- Label description 241
- Mld snooping proxy filtering 241
- Note changes in this row are copied to all the ports as soon as you make them 241
- Port role setting 241
- The following table describes the labels in this screen 241
- Chapter 23 multicast 243
- Filtering 243
- Filtering profile 243
- Filtering screen to display the screen as shown 243
- Gs3700 xgs3700 series user s guide 243
- Label description 243
- Mld snooping proxy filtering profile 243
- Note changes in this row are copied to all the ports as soon as you make them 243
- The following table describes the labels in this screen 243
- Chapter 23 multicast 244
- Filtering profile 244
- Gs3700 xgs3700 series user s guide 244
- Label description 244
- Multicast vlan registration mvr is designed for applications such as media on demand mod that use multicast traffic across an ethernet ring based service provider network 244
- Mvr allows one single multicast vlan to be shared among different subscriber vlans on the network while isolated in different subscriber vlans connected devices can subscribe to and unsubscribe from the multicast stream in the multicast vlan this improves bandwidth utilization with reduced multicast traffic in the subscriber vlans and simplifies multicast group management 244
- Mvr only responds to igmp join and leave control messages from multicast groups that are configured under mvr join and leave reports from other multicast groups are managed by igmp snooping 244
- Mvr overview 244
- The following figure shows a network example the subscriber vlan 1 2 and 3 information is hidden from the streaming media server s in addition the multicast vlan information is only visible to the switch and s 244
- The following table describes the labels in this screen 244
- How mvr works 245
- Multicast vlan vlan 1 245
- Mvr modes 245
- Types of mvr ports 245
- Vlan 2 245
- Vlan 3 245
- General mvr configuration 246
- Multicast vlan vlan 1 246
- Note you can create up to five multicast vlans and up to 256 multicast rules on the switch 246
- Note your switch automatically creates a static vlan with the same vid when you create a multicast vlan in this screen 246
- Chapter 23 multicast 247
- Gs3700 xgs3700 series user s guide 247
- Label description 247
- Mvr stacking mode 247
- The following table describes the related labels in this screen 247
- All source ports and receiver ports belonging to a multicast group can receive multicast data sent to this multicast group 248
- Chapter 23 multicast 248
- Gs3700 xgs3700 series user s guide 248
- Label description 248
- Mvr continued 248
- Mvr group configuration 248
- Note a port can belong to more than one multicast vlan however ip multicast group addresses in different multicast vlans cannot overlap 248
- Note changes in this row are copied to all the ports as soon as you make them 248
- Use this screen to configure mvr ip multicast group address es click the group configuration link in the mvr screen 248
- Chapter 23 multicast 249
- Group configuration 249
- Gs3700 xgs3700 series user s guide 249
- Label description 249
- The following table describes the labels in this screen 249
- Multicast vid 200 vlan 1 250
- Mvr configuration example 250
- Example 251
- Example 252
- Authentication authorization and accounting aaa 253
- Local user accounts 253
- Aaa screens 254
- Radius and tacacs 254
- Radius server setup 254
- Chapter 24 aaa 255
- Gs3700 xgs3700 series user s guide 255
- Label description 255
- Radius server setup 255
- The following table describes the labels in this screen 255
- Chapter 24 aaa 256
- Gs3700 xgs3700 series user s guide 256
- Label description 256
- Radius server setup continued 256
- Tacacs server setup 256
- Use this screen to configure your tacacs server settings see section 24 on page 254 for more information on tacacs servers click on the tacacs server setup link in the authentication and accounting screen to view the screen as shown 256
- Aaa setup 257
- Chapter 24 aaa 257
- Gs3700 xgs3700 series user s guide 257
- Label description 257
- Tacacs server setup 257
- The following table describes the labels in this screen 257
- Use this screen to configure authentication authorization and accounting settings on the switch click on the aaa setup link in the aaa screen to view the screen as shown 257
- Aaa setup 258
- Chapter 24 aaa 258
- Gs3700 xgs3700 series user s guide 258
- Label description 258
- The following table describes the labels in this screen 258
- Aaa setup continued 259
- Chapter 24 aaa 259
- Gs3700 xgs3700 series user s guide 259
- Label description 259
- Aaa setup continued 260
- Assign account privilege levels see the cli reference guide for more information on account privilege levels for the authenticated user 260
- Chapter 24 aaa 260
- Gs3700 xgs3700 series user s guide 260
- Label description 260
- Limit bandwidth on incoming or outgoing traffic for the port the user connects to 260
- Note refer to the documentation that comes with your radius server on how to configure vsas for users authenticating via the radius server 260
- Rfc 2865 standard specifies a method for sending vendor specific information between a radius server and a network access device for example the switch a company can create vendor specific attributes vsas to expand the functionality of a radius server 260
- The switch supports vsas that allow you to perform the following actions based on user authentication 260
- The vsas are composed of the following 260
- Vendor data a value you want to assign to the setting 260
- Vendor id an identification number assigned to the company by the iana internet assigned numbers authority zyxel s vendor id is 890 260
- Vendor specific attribute 260
- Vendor type a vendor specified attribute identifying the setting you want to modify 260
- Supported radius attributes 261
- Tunnel protocol attribute 261
- Attributes used by the ieee 802 x authentication 262
- Attributes used for accounting 262
- Attributes used for authenticating privilege access 262
- Attributes used for authentication 262
- Attributes used to login users 262
- Attributes used for accounting exec events 263
- Attributes used for accounting system events 263
- Attributes used for accounting ieee 802 x events 264
- Ip source guard 265
- Ip source guard overview 265
- What you can do 265
- What you need to know 266
- Ip source guard 267
- Chapter 25 ip source guard 268
- Gs3700 xgs3700 series user s guide 268
- Ipv4 source guard setup 268
- Label description 268
- Table 121 ip source guard continued 268
- The following table describes the labels in this screen 268
- Ipv4 source guard static binding 269
- Arp learning screen before you use the arp freeze feature 270
- Chapter 25 ip source guard 270
- Gs3700 xgs3700 series user s guide 270
- Label description 270
- Static binding 270
- The following table describes the labels in this screen 270
- Dhcp snooping 271
- Chapter 25 ip source guard 272
- Dhcp snooping 272
- Gs3700 xgs3700 series user s guide 272
- Label description 272
- The following table describes the labels in this screen 272
- Chapter 25 ip source guard 273
- Configure 273
- Dhcp snooping configure 273
- Dhcp snooping continued 273
- Gs3700 xgs3700 series user s guide 273
- Label description 273
- Chapter 25 ip source guard 274
- Configure 274
- Gs3700 xgs3700 series user s guide 274
- Label description 274
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 274
- Note you have to enable dhcp snooping on the dhcp vlan too 274
- The following table describes the labels in this screen 274
- Chapter 25 ip source guard 275
- Configure continued 275
- Dhcp snooping port configure 275
- Gs3700 xgs3700 series user s guide 275
- Label description 275
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 275
- Use this screen to specify whether ports are trusted or untrusted ports for dhcp snooping 275
- Chapter 25 ip source guard 277
- Dhcp snooping vlan configure 277
- Gs3700 xgs3700 series user s guide 277
- Label description 277
- The following table describes the labels in this screen 277
- Chapter 25 ip source guard 278
- Dhcp snooping vlan port configure 278
- Gs3700 xgs3700 series user s guide 278
- Label description 278
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 278
- The following table describes the labels in this screen 278
- Arp inspection 279
- Arp inspection status 279
- Chapter 25 ip source guard 279
- Gs3700 xgs3700 series user s guide 279
- Label description 279
- The following table describes the labels in this screen 279
- Vlan screen 279
- Arp inspection status 280
- Arp inspection vlan status 280
- Chapter 25 ip source guard 280
- Gs3700 xgs3700 series user s guide 280
- Label description 280
- The following table describes the labels in this screen 280
- Vlan status 280
- Arp inspection log status 281
- Chapter 25 ip source guard 281
- Gs3700 xgs3700 series user s guide 281
- Label description 281
- Log status 281
- The following table describes the labels in this screen 281
- Vlan status 281
- Arp inspection configure 282
- Chapter 25 ip source guard 282
- Configure 282
- Gs3700 xgs3700 series user s guide 282
- Label description 282
- Log status 282
- The following table describes the labels in this screen 282
- Chapter 25 ip source guard 283
- Configure 283
- Gs3700 xgs3700 series user s guide 283
- Label description 283
- The following table describes the labels in this screen 283
- Arp inspection port configure 284
- Chapter 25 ip source guard 285
- Gs3700 xgs3700 series user s guide 285
- Label description 285
- Port stacking mode 285
- The following table describes the labels in this screen 285
- Arp inspection vlan configure 286
- Chapter 25 ip source guard 286
- Gs3700 xgs3700 series user s guide 286
- Label description 286
- The following table describes the labels in this screen 286
- Ipv6 source binding status 287
- Ipv6 source guard overview 287
- Chapter 25 ip source guard 288
- Gs3700 xgs3700 series user s guide 288
- Ipv6 source binding status standalone mode 288
- Ipv6 static binding setup 288
- Label description 288
- The following table describes the labels in this screen 288
- Chapter 25 ip source guard 289
- Gs3700 xgs3700 series user s guide 289
- Ipv6 static binding setup standalone mode 289
- Label description 289
- The following table describes the labels in this screen 289
- Ipv6 source guard policy setup 290
- Ipv6 source guard port setup 291
- Chapter 25 ip source guard 292
- Gs3700 xgs3700 series user s guide 292
- Ipv6 snooping policy setup 292
- Ipv6 snooping policy setup standalone mode 292
- Ipv6 source guard port setup standalone mode 292
- Label description 292
- Note if you do not select protocol and prefix glean then the switch cannot perform dhcpv6 snooping 292
- The following table describes the labels in this screen 292
- Chapter 25 ip source guard 293
- Gs3700 xgs3700 series user s guide 293
- Ipv6 snooping policy setup standalone mode 293
- Ipv6 snooping vlan setup 293
- Ipv6 snooping vlan setup standalone mode 293
- Label description 293
- The following table describes the labels in this screen 293
- Ipv6 dhcp trust setup 294
- Note dhcpv6 solicit packets are sent from a dhcpv6 client to a dhcpv6 server reply packets from a dhcpv6 server connected to an untrusted port are discarded 294
- Dhcp snooping overview 295
- Note the switch will drop all dhcp requests if you enable dhcp snooping and there are no trusted ports 295
- Technical reference 295
- Trusted vs untrusted ports 295
- Dhcp relay option 82 information 296
- Dhcp snooping database 296
- Arp inspection and mac address filters 297
- Arp inspection overview 297
- Configuring dhcp snooping 297
- Configuring arp inspection 298
- Note it is recommended you enable dhcp snooping at least one day before you enable arp inspection so that the switch has enough time to build the binding table 298
- Syslog 298
- Trusted vs untrusted ports 298
- Loop guard 299
- Loop guard overview 299
- Note after resolving the loop problem on your network you can re activate the disabled port via the web configurator see section 6 on page 69 or via commands see the ethernet switch cli reference guide 300
- Loop guard setup 301
- Note the loop guard feature can not be enabled on the ports that have spanning tree protocol rstp mrstp or mstp enabled 301
- Chapter 26 loop guard 302
- Gs3700 xgs3700 series user s guide 302
- Label description 302
- Loop guard 302
- Note changes in this row are copied to all the ports as soon as you make them 302
- The following table describes the labels in this screen 302
- Enabling vlan mapping 303
- Vlan mapping 303
- Vlan mapping example 303
- Vlan mapping overview 303
- Chapter 27 vlan mapping 304
- Figure 215 vlan mapping standalone mode 304
- Figure 216 vlan mapping stacking mode 304
- Gs3700 xgs3700 series user s guide 304
- Label description 304
- Table 143 vlan mapping 304
- The following table describes the labels in this screen 304
- Configuring vlan mapping 305
- Chapter 27 vlan mapping 306
- Gs3700 xgs3700 series user s guide 306
- Label description 306
- Table 144 vlan mapping configuration 306
- The following table describes the labels in this screen 306
- Layer 2 protocol tunneling 307
- Layer 2 protocol tunneling overview 307
- Configuring layer 2 protocol tunneling 308
- Layer 2 protocol tunneling mode 308
- Service provider s network c 308
- Chapter 28 layer 2 protocol tunneling 310
- Gs3700 xgs3700 series user s guide 310
- Label description 310
- Layer 2 protocol tunneling 310
- Note all the edge switches in the service provider s network should be set to use the same mac address for encapsulation 310
- Note changes in this row are copied to all the ports as soon as you make them 310
- Note the mac address can be either a unicast mac address or multicast mac address if you use a unicast mac address make sure the mac address does not exist in the address table of a switch on the service provider s network 310
- Note you can enable l2pt services for stp lacp vtp cdp udld and pagp on the access port s only 310
- The following table describes the labels in this screen 310
- Chapter 28 layer 2 protocol tunneling 311
- Gs3700 xgs3700 series user s guide 311
- Label description 311
- Layer 2 protocol tunneling continued 311
- Sflow overview 312
- Sflow port configuration 312
- Chapter 29 sflow 314
- Click the collector link in the sflow screen to display the screen as shown you can configure up to four sflow collectors in this screen you may want to configure more than one collector if the traffic load to be monitored is more than one collector can manage 314
- Collector screen the sflow collector does not need to be in the same subnet as the switch but it must be accessible from the switch 314
- Gs3700 xgs3700 series user s guide 314
- Label description 314
- Note changes in this row are copied to all the ports as soon as you make them 314
- Note configure udp port 6343 the default on a nat router to allow port forwarding if the collector is behind a nat router configure a firewall rule for udp port 6343 the default to allow incoming traffic if the collector is behind a firewall 314
- Sflow collector configuration 314
- The following table describes the labels in this screen 314
- Chapter 29 sflow 315
- Collector 315
- Gs3700 xgs3700 series user s guide 315
- Label description 315
- The following table describes the labels in this screen 315
- Pppoe intermediate agent overview 316
- Pppoe intermediate agent tag format 316
- Sub option format 316
- Chapter 30 pppoe 317
- Every port is either a trusted port or an untrusted port for the pppoe intermediate agent this setting is independent of the trusted untrusted setting for dhcp snooping or arp inspection you can also specify the agent sub options circuit id and remote id that the switch adds to padi and padr packets from pppoe clients 317
- Flexible circuit id syntax with identifier string and variables 317
- Gs3700 xgs3700 series user s guide 317
- If you do not configure a circuit id string for a vlan on a specific port or for a specific port the switch adds the user defined identifier string and variables into the agent circuit id sub option the variables can be the slot id of the pppoe client the port number of the pppoe client and or the vlan id on the pppoe packet 317
- Intermediate agent screen the switch automatically generates a circuit id string according to the default circuit id syntax which is defined in the dsl forum working text wt 101 the default access node identifier is the host name of the pppoe intermediate agent and the eth indicates ethernet 317
- Port state 317
- Table 150 pppoe ia remote id sub option format 317
- Table 151 pppoe ia circuit id sub option format using identifier string and variables 317
- Table 152 pppoe ia circuit id sub option format defined in wt 101 317
- The 1 in the first field identifies this as an agent circuit id sub option and 2 identifies this as an agent remote id sub option the next field specifies the length of the field the switch takes the circuit id string you manually configure for a vlan on a port as the highest priority and the circuit id string for a port as the second priority in addition the switch puts the pppoe client s mac address into the agent remote id sub option if you do not specify any user defined string 317
- The identifier string slot id port number and vlan id are separated from each other by a pound key semi colon period comma forward slash or space an agent circuit id sub option example is switch 07 0123 and indicates the pppoe packets come from a pppoe client which is connected to the switch s port 7 and belong to vlan 123 317
- Wt 101 default circuit id syntax 317
- Note the switch will drop all pppoe discovery packets if you enable the pppoe intermediate agent and there are no trusted ports 318
- Pppoe intermediate agent 318
- The pppoe screen 318
- Chapter 30 pppoe 319
- Gs3700 xgs3700 series user s guide 319
- Intermediate agent 319
- Label description 319
- The following table describes the labels in this screen 319
- Note the switch will drop all pppoe packets if you enable the pppoe intermediate agent on the switch and there are no trusted ports 320
- Pppoe ia per port 320
- Chapter 30 pppoe 321
- Gs3700 xgs3700 series user s guide 321
- Label description 321
- Note changes in this row are copied to all the ports as soon as you make them 321
- Port stacking mode 321
- The following table describes the labels in this screen 321
- Chapter 30 pppoe 322
- Gs3700 xgs3700 series user s guide 322
- Label description 322
- Port continued 322
- Port screen to display the screen as shown 322
- Pppoe ia per port per vlan 322
- Use this screen to configure pppoe ia settings that apply to a specific vlan on a port 322
- Vlan stacking mode 322
- Vlan standalone mode 322
- Chapter 30 pppoe 323
- Click the vlan link in the intermediate agent screen to display the screen as shown 323
- Gs3700 xgs3700 series user s guide 323
- Label description 323
- Note changes in this row are copied to all the vlans as soon as you make them 323
- Pppoe ia for vlan 323
- The following table describes the labels in this screen 323
- Use this screen to set whether the pppoe intermediate agent is enabled on a vlan and whether the switch appends the circuit id and or remote id to pppoe discovery packets from a specific vlan 323
- Chapter 30 pppoe 324
- Gs3700 xgs3700 series user s guide 324
- Label description 324
- Note changes in this row are copied to all the vlans as soon as you make them 324
- The following table describes the labels in this screen 324
- Cpu protection overview 325
- Error disable 325
- Error disable overview 325
- Error disable recovery overview 325
- What you can do 325
- Error disable status 326
- The error disable screen 326
- Chapter 31 error disable 328
- Cpu protection configuration 328
- Errdisable screen to display the screen as shown 328
- Errdisable status 328
- Gs3700 xgs3700 series user s guide 328
- Label description 328
- The following table describes the labels in this screen 328
- Chapter 31 error disable 330
- Cpu protection 330
- Errdisable detect 330
- Errdisable screen to display the screen as shown 330
- Error disable detect configuration 330
- Gs3700 xgs3700 series user s guide 330
- Label description 330
- Note changes in this row are copied to all the ports as soon as you make them 330
- The following table describes the labels in this screen 330
- Chapter 31 error disable 331
- Errdisable detect 331
- Errdisable recovery standalone mode 331
- Errdisable screen to display the screen as shown 331
- Error disable recovery configuration 331
- Gs3700 xgs3700 series user s guide 331
- Label description 331
- Note changes in this row are copied to all the entries as soon as you make them 331
- The following table describes the labels in this screen 331
- Chapter 31 error disable 332
- Errdisable recovery 332
- Errdisable recovery stacking mode 332
- Gs3700 xgs3700 series user s guide 332
- Label description 332
- Note changes in this row are copied to all the entries as soon as you make them 332
- The following table describes the labels in this screen 332
- Mac pinning 333
- Mac pinning configuration 333
- Mac pinning overview 333
- Chapter 32 mac pinning 335
- Gs3700 xgs3700 series user s guide 335
- Label description 335
- Mac pinning 335
- Note changes in this row are copied to all the ports as soon as you make them 335
- The following table describes the labels in this screen 335
- Private vlan 336
- Private vlan overview 336
- Configuration 337
- Label description 337
- Table 164 spanning pvlan graphic key 337
- Vlan port setting enabled will not be able to communicate with each other 337
- Chapter 33 private vlan 339
- Gs3700 xgs3700 series user s guide 339
- Label description 339
- Note the vlan id and mode selected here must be the same as the vlan id and vlan typ 339
- Private vlan 339
- The following table describes the labels in this screen 339
- Configuring green ethernet 340
- Green ethernet 340
- Green ethernet overview 340
- Chapter 34 green ethernet 342
- Green ethernet 342
- Gs3700 xgs3700 series user s guide 342
- Label description 342
- Note changes in this row are copied to all the ports as soon as you make them 342
- The following table describes the labels in this screen 342
- Link layer discovery protocol lldp 343
- Lldp overview 343
- Lldp med overview 344
- Lldp screens 345
- Lldp local status 346
- Chapter 35 link layer discovery protocol lldp 347
- Gs3700 xgs3700 series user s guide 347
- Label description 347
- Lldp local status 347
- Lldp local status stacking mode 347
- The following table describes the labels in this screen 347
- Chapter 35 link layer discovery protocol lldp 348
- Gs3700 xgs3700 series user s guide 348
- Label description 348
- Lldp local port status detail 348
- Lldp local status 348
- Lldp local status and then click a port number for example 1 in the local port column to display the screen as shown next 348
- Chapter 35 link layer discovery protocol lldp 350
- Gs3700 xgs3700 series user s guide 350
- Label description 350
- Lldp local port status detail 350
- Lldp local port status detail med tlv 350
- The following table describes the labels in this screen 350
- Chapter 35 link layer discovery protocol lldp 351
- Gs3700 xgs3700 series user s guide 351
- Label description 351
- Lldp local port status detail 351
- Lldp remote port status detail 352
- Lldp remote status 352
- Chapter 35 link layer discovery protocol lldp 353
- Gs3700 xgs3700 series user s guide 353
- Label description 353
- Lldp remote port status detail basic tlv 353
- The following table describes the labels in basic tlv part of the screen 353
- Chapter 35 link layer discovery protocol lldp 354
- Dot 1 and dot3 tlv 354
- Gs3700 xgs3700 series user s guide 354
- Label description 354
- Lldp remote port status detail basic tlv 354
- Chapter 35 link layer discovery protocol lldp 355
- Gs3700 xgs3700 series user s guide 355
- Label description 355
- Lldp remote port status detail dot1 and dot3 tlv 355
- The following table describes the labels in the dot1 and dot3 parts of the screen 355
- Chapter 35 link layer discovery protocol lldp 357
- Gs3700 xgs3700 series user s guide 357
- Label description 357
- Lldp remote port status detail med tlv 357
- The following table describes the labels in the med tlv part of the screen 357
- Chapter 35 link layer discovery protocol lldp 358
- Gs3700 xgs3700 series user s guide 358
- Label description 358
- Lldp configuration 358
- Lldp configuration to display the screen as shown next 358
- Lldp remote port status detail med tlv continued 358
- Chapter 35 link layer discovery protocol lldp 360
- Gs3700 xgs3700 series user s guide 360
- Label description 360
- Lldp configuration 360
- Lldp configuration stacking mode 360
- The following table describes the labels in this screen 360
- Basic tlv setting standalone mode 361
- Basic tlv setting to display the screen as shown next 361
- Chapter 35 link layer discovery protocol lldp 361
- Gs3700 xgs3700 series user s guide 361
- Label description 361
- Lldp configuration 361
- Lldp configuration basic tlv setting 361
- Basic tlv setting 362
- Basic tlv setting stacking mode 362
- Chapter 35 link layer discovery protocol lldp 362
- Gs3700 xgs3700 series user s guide 362
- Label description 362
- Lldp configuration basic org specific tlv setting 362
- Org specific tlv setting to display the screen as shown next 362
- The following table describes the labels in this screen 362
- Chapter 35 link layer discovery protocol lldp 364
- Gs3700 xgs3700 series user s guide 364
- Label description 364
- Lldp med configuration 364
- Lldp med configuration to display the screen as shown next 364
- Note for poe models only 364
- Org specific tlv setting 364
- Chapter 35 link layer discovery protocol lldp 366
- Gs3700 xgs3700 series user s guide 366
- Label description 366
- Lldp med configuration 366
- Lldp med network policy 366
- Lldp med network policy standalone mode 366
- Lldp med network policy to display the screen as shown next 366
- The following table describes the labels in this screen 366
- Chapter 35 link layer discovery protocol lldp 367
- Gs3700 xgs3700 series user s guide 367
- Label description 367
- Lldp med network policy 367
- Lldp med network policy stacking mode 367
- The following table describes the labels in this screen 367
- Lldp med location 368
- Chapter 35 link layer discovery protocol lldp 369
- Gs3700 xgs3700 series user s guide 369
- Label description 369
- Lldp med location 369
- Lldp med location stacking mode 369
- The following table describes the labels in this screen 369
- Chapter 35 link layer discovery protocol lldp 370
- Gs3700 xgs3700 series user s guide 370
- Label description 370
- Lldp med location 370
- Chapter 35 link layer discovery protocol lldp 371
- Gs3700 xgs3700 series user s guide 371
- Label description 371
- Lldp med location 371
- Anti arpscan 372
- Anti arpscan overview 372
- What you can do 372
- What you need to know 372
- Anti arpscan status 373
- Anti arpscan host status 374
- Anti arpscan trust host 374
- Chapter 36 anti arpscan 374
- Gs3700 xgs3700 series user s guide 374
- Host status 374
- Label description 374
- The following table describes the fields in the above screen 374
- Trust host 374
- Anti arpscan configure 375
- Chapter 36 anti arpscan 375
- Configure 375
- Gs3700 xgs3700 series user s guide 375
- Label description 375
- The following table describes the fields in the above screen 375
- Trust host 375
- Chapter 36 anti arpscan 376
- Configure 376
- Gs3700 xgs3700 series user s guide 376
- Label description 376
- The following table describes the fields in the above screen 376
- Chapter 36 anti arpscan 377
- Configure 377
- Gs3700 xgs3700 series user s guide 377
- Label description 377
- Bpdu guard 378
- Bpdu guard overview 378
- Bpdu guard status 378
- What you can do 378
- Bpdu guard configuration 379
- Bpdu guard configuration 380
- Chapter 37 bpdu guard 380
- Gs3700 xgs3700 series user s guide 380
- Label description 380
- The following table describes the fields in the above screen 380
- Oam overview 381
- Oam status 381
- What you can do 381
- Chapter 38 oam 383
- Gs3700 xgs3700 series user s guide 383
- Label description 383
- Oam details 383
- Oam status 383
- The following table describes the fields in the above screen 383
- Use this screen to view oam configuration details and operational status of a specific port click a number in the port column in the oam status screen to display the screen as shown next 383
- Chapter 38 oam 385
- Gs3700 xgs3700 series user s guide 385
- Label description 385
- Oam details 385
- Chapter 38 oam 386
- Gs3700 xgs3700 series user s guide 386
- Label description 386
- Oam details 386
- Oam configuration 387
- Chapter 38 oam 388
- Gs3700 xgs3700 series user s guide 388
- Label description 388
- Oam configuration 388
- Oam configuration stacking mode 388
- The following table describes the fields in the above screen 388
- Chapter 38 oam 389
- Gs3700 xgs3700 series user s guide 389
- Label description 389
- Oam configuration 389
- Oam remote loopback 389
- The following table describes the fields in the above screen 389
- Use this screen to perform a remote loopback test in the oam status screen click remote loopback to display the screen as shown 389
- What you can do 390
- What you need to know 390
- Zuld overview 390
- Zuld status 391
- Chapter 39 zuld 392
- Gs3700 xgs3700 series user s guide 392
- Label description 392
- The following table describes the fields in the above screen 392
- Zuld status 392
- Chapter 39 zuld 393
- Configuration 393
- Gs3700 xgs3700 series user s guide 393
- Label description 393
- Zuld configuration 393
- Zuld status 393
- Chapter 39 zuld 394
- Configuration 394
- Gs3700 xgs3700 series user s guide 394
- Label description 394
- The following table describes the fields in the above screen 394
- Chapter 39 zuld 395
- Configuration 395
- Gs3700 xgs3700 series user s guide 395
- Label description 395
- Static route 396
- Static routing 396
- Static routing overview 396
- Chapter 40 static route 397
- Configuring ipv4 static routing 397
- Gs3700 xgs3700 series user s guide 397
- Ipv4 static route 397
- Label description 397
- Static routing 397
- Static routing screen to display the screen as shown 397
- The following table describes the related labels you use to create a static route 397
- Chapter 40 static route 398
- Configuring ipv6 static routing 398
- Gs3700 xgs3700 series user s guide 398
- Ipv4 static route continued 398
- Ipv6 static route 398
- Label description 398
- Static routing screen to display the screen as shown 398
- Chapter 40 static route 399
- Gs3700 xgs3700 series user s guide 399
- Ipv6 static route 399
- Label description 399
- The following table describes the related labels you use to create a static route 399
- Benefits 400
- Configuring policy routing profile 400
- Policy route overview 400
- Policy routing 400
- Chapter 41 policy routing 401
- Gs3700 xgs3700 series user s guide 401
- Label description 401
- Policy routing 401
- Policy routing rule configuration 401
- Policy routing screen to display the screen as shown 401
- The following table describes the labels in this screen 401
- Use this screen to configure a policy route to override the default shortest path routing behavior and forward packets based on the classifier and action you specify a policy route rule defines the matching classifier and the action to take when a packet meets the criteria in the classifier the action is taken only when all the criteria are met policy based routing is applied to incoming packets on a per interface basis before normal routing the switch does not perform normal routing on packets that match any of the policy routes 401
- You must first configure a layer 3 classifier in the classifier screen see section 19 on page 201 and a policy routing profile in the policy routing screen see section 41 on page 400 401
- Chapter 41 policy routing 402
- Gs3700 xgs3700 series user s guide 402
- Label description 402
- Rule configuration 402
- The following table describes the labels in this screen 402
- Chapter 41 policy routing 403
- Gs3700 xgs3700 series user s guide 403
- Label description 403
- Rule configuration continued 403
- Differentiated services 404
- Diffserv network example 404
- Diffserv overview 404
- Dscp and per hop behavior 404
- P platinum g gold s silver b bronze 405
- Two rate three color marker traffic policing 405
- Activating diffserv 406
- Exceed cir 406
- Exceed pir 406
- Red yellow 406
- Trtcm color aware mode 406
- Trtcm color blind mode 406
- Chapter 42 differentiated services 408
- Configuring 2 rate 3 color marker settings 408
- Diffserv 408
- Gs3700 xgs3700 series user s guide 408
- Label description 408
- Note changes in this row are copied to all the ports as soon as you make them 408
- Note you cannot enable both trtcm and bandwidth control at the same time 408
- The following table describes the labels in this screen 408
- Use this screen to configure trtcm settings click the 2 rate 3 color marker link in the diffserv screen to display the screen as shown next 408
- Chapter 42 differentiated services 410
- Dscp profile 410
- Gs3700 xgs3700 series user s guide 410
- Label description 410
- Note changes in this row are copied to all the ports as soon as you make them 410
- Note you must also activate diffserv on the switch and the individual ports for the switch to drop red high loss priority colored packets 410
- Rate 3 color marker 410
- Rate 3 color marker screen 410
- The following table describes the labels in this screen 410
- Chapter 42 differentiated services 411
- Dscp profile 411
- Dscp to ieee 802 p priority settings 411
- Gs3700 xgs3700 series user s guide 411
- Label description 411
- The following table describes the labels in this screen 411
- You can configure the dscp to ieee 802 p mapping to allow the switch to prioritize all traffic based on the incoming dscp value according to the diffserv to ieee 802 p mapping table 411
- Chapter 42 differentiated services 412
- Configuring dscp settings 412
- Dscp setting 412
- Gs3700 xgs3700 series user s guide 412
- Label description 412
- Table 199 default dscp ieee 802 p mapping 412
- The following table describes the labels in this screen 412
- The following table shows the default dscp to ieee802 p mapping 412
- To change the dscp ieee 802 p mapping click the dscp setting link in the diffserv screen to display the screen as shown next 412
- Dhcp configuration 413
- Dhcp configuration options 413
- Dhcp modes 413
- Dhcp overview 413
- Dhcpv4 server status detail 414
- Dhcpv4 status 414
- Chapter 43 dhcp 415
- Configure dhcp relay on the switch if the dhcp clients and the dhcp server are not in the same broadcast domain during the initial ip address leasing the switch helps to relay network information such as the ip address and subnet mask between a dhcp client and a dhcp server once the dhcp client obtains an ip address and can connect to the network network information renewal is done between the dhcp client and the dhcp server without the help of the switch 415
- Dhcpv4 relay 415
- Gs3700 xgs3700 series user s guide 415
- Label description 415
- Server status detail 415
- The following table describes the labels in this screen 415
- Dhcpv4 option 82 profile 416
- Dhcpv4 relay agent information 416
- Dhcpv4 relay agent information format 416
- Sub option format 416
- Chapter 43 dhcp 417
- Gs3700 xgs3700 series user s guide 417
- Label description 417
- Option 82 profile 417
- The following table describes the labels in this screen 417
- Chapter 43 dhcp 418
- Configuring dhcpv4 global relay 418
- Dhcpv4 global relay port configure 418
- Dhcpv4 in the navigation panel and click the global link to display the screen as shown 418
- Global 418
- Gs3700 xgs3700 series user s guide 418
- Label description 418
- Option 82 profile continued 418
- The following table describes the labels in this screen 418
- Chapter 43 dhcp 419
- Global screen 419
- Gs3700 xgs3700 series user s guide 419
- Label description 419
- The following table describes the labels in this screen 419
- Configuring dhcp vlan settings 420
- Example 420
- Global dhcp relay configuration example 420
- Note you must set up a management ip address for each vlan that you want to configure dhcp settings for on the switch see section 6 on page 65 for information on how to do this 420
- Vlan1 vlan2 420
- Chapter 43 dhcp 421
- Gs3700 xgs3700 series user s guide 421
- Label description 421
- The following table describes the labels in this screen 421
- Chapter 43 dhcp 422
- Dhcpv4 vlan port configure 422
- Gs3700 xgs3700 series user s guide 422
- Label description 422
- Vlan continued 422
- Chapter 43 dhcp 423
- Example dhcp relay for two vlans 423
- Gs3700 xgs3700 series user s guide 423
- Label description 423
- The following example displays two vlans vids 1 and 2 for a campus network two dhcp servers are installed to serve each vlan the system is set up to forward dhcp requests from the dormitory rooms vlan 1 to the dhcp server with an ip address of 192 68 00 requests from the academic buildings vlan 2 are sent to the other dhcp server with an ip address of 172 6 0 00 423
- The following table describes the labels in this screen 423
- Vlan screen 423
- 6 0 00 424
- Dhcpv6 status 424
- Example 424
- Chapter 43 dhcp 425
- Dhcpv6 425
- Dhcpv6 information 425
- Gs3700 xgs3700 series user s guide 425
- Information 425
- Information in the navigation panel to display the screen as shown 425
- Label description 425
- The following table describes the labels in this screen 425
- Chapter 43 dhcp 426
- Dhcpv6 prefix delegation 426
- Gs3700 xgs3700 series user s guide 426
- Information 426
- Label description 426
- Prefix delegation enables an ipv6 device to use the received ipv6 prefix for example 2001 db2 48 to generate its ip address the switch passes the the ipv6 prefix information to its connected hosts according to vlan so that they can generate their ipv6 addresses 426
- Prefix delegation in the navigation panel to display the screen as shown 426
- The following table describes the labels in this screen 426
- Chapter 43 dhcp 427
- Gs3700 xgs3700 series user s guide 427
- Label description 427
- Prefix delegation 427
- The following table describes the labels in this screen 427
- Dhcpv6 relay 428
- Chapter 43 dhcp 429
- Dhcpv6 relay continued 429
- Gs3700 xgs3700 series user s guide 429
- Label description 429
- Vrrp overview 430
- Before configuring vrrp first create an ip interface or routing domain in the ip setup screen see the section 6 on page 65 for more information 431
- Chapter 44 vrrp 431
- Gs3700 xgs3700 series user s guide 431
- Ip interface setup 431
- Label description 431
- The following sections describe the different parts of the vrrp configuration screen 431
- The following table describes the labels in this screen 431
- Vrrp configuration 431
- Vrrp in the navigation panel to display the vrrp status screen as shown next 431
- Vrrp status 431
- Chapter 44 vrrp 432
- Click ip application vrrp and click the configuration link to display the vrrp configuration screen as shown next 432
- Gs3700 xgs3700 series user s guide 432
- Label description 432
- Note routing domains with the same vlan id are not displayed in the table indicated 432
- Note you can only configure vrrp on interfaces with unique vlan ids 432
- The following table describes the labels in this screen 432
- Vrrp configuration ip interface 432
- Advertisement interval 433
- Configuring vrrp parameters 433
- Note all routers participating in the virtual router must use the same advertisement interval 433
- Preempt mode 433
- Priority 433
- Vrrp parameters 433
- Chapter 44 vrrp 434
- Gs3700 xgs3700 series user s guide 434
- Label description 434
- The following table describes the labels in this screen 434
- View the vrrp configuration summary at the bottom of the screen 434
- Viewing vrrp summary 434
- Vrrp configuration summary 434
- Vrrp configuration vrrp parameters 434
- One subnet network example 435
- Vrrp configuration examples 435
- Example 436
- Two subnets example 436
- Example 437
- Example 438
- Configuring load sharing 439
- Load sharing 439
- Load sharing overview 439
- Chapter 45 load sharing 440
- Gs3700 xgs3700 series user s guide 440
- Label description 440
- Load sharing 440
- The following table describes the labels in this screen 440
- Arp learning mode 441
- Arp overview 441
- Arp setup 441
- How arp works 441
- Arp request 442
- Gratuitous arp 442
- Arp learning 443
- Arp setup 443
- Arp learning 444
- Chapter 46 arp setup 444
- Gs3700 xgs3700 series user s guide 444
- Label description 444
- Note changes in this row are copied to all the ports as soon as you make them 444
- The following table describes the labels in this screen 444
- Arp setup screen to display the screen as shown 445
- Chapter 46 arp setup 445
- Gs3700 xgs3700 series user s guide 445
- Label description 445
- Static arp 445
- The following table describes the related labels in this screen 445
- Chapter 46 arp setup 446
- Gs3700 xgs3700 series user s guide 446
- Label description 446
- Static arp continued 446
- Maintenance 447
- The maintenance screen 447
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 448
- Firmware upgrade 448
- Chapter 47 maintenance 450
- Click the choose file button to upload the path and file name of the configuration file you wish to restore in the file path text box after you have specified the file click restore config is the name of the configuration file on the switch so your backup configuration file is automatically renamed when you restore using this screen 450
- Firmware upgrade continued 450
- Gs3700 xgs3700 series user s guide 450
- Label description 450
- Restore a configuration file 450
- Restore a previously saved configuration from your computer to the switch using the restore configuration screen 450
- Restore configuration 450
- Backup a configuration file 451
- Erase running configuration 451
- Load stacking default 452
- Note clicking the apply or add button does not save the changes permanently all unsaved changes are erased after you reboot the switch 452
- Reboot system 452
- Save configuration 452
- Load factory default 453
- Tech support 453
- Chapter 47 maintenance 454
- Gs3700 xgs3700 series user s guide 454
- Label description 454
- Tech support 454
- You may need wordpad or similar software to see the log report correctly the table below describes the fields in the above screen 454
- Example ftp commands 455
- Filename conventions 455
- Ftp command line 455
- Be sure to upload the correct model firmware as uploading the wrong model firmware may damage your device 456
- Ftp command line procedure 456
- Gui based ftp clients 456
- Ftp restrictions 457
- Access control 458
- Access control overview 458
- The access control main screen 458
- What you can do 458
- About snmp 459
- Snmp v3 and security 460
- Supported mibs 460
- An oid object id that begins with 1 90 5 is defined in private mibs otherwise it is a standard mib oid 461
- Chapter 48 access control 461
- Gs3700 xgs3700 series user s guide 461
- Option object label object id description 461
- Snmp traps 461
- Table 230 snmp system traps 461
- The switch sends traps to an snmp manager when an event occurs the following tables outline the snmp traps by category 461
- Chapter 48 access control 462
- Gs3700 xgs3700 series user s guide 462
- Option object label object id description 462
- Table 230 snmp system traps continued 462
- Table 231 snmp stacking traps 462
- Chapter 48 access control 463
- Gs3700 xgs3700 series user s guide 463
- Option object label object id description 463
- Table 231 snmp stacking traps 463
- Table 232 snmp interfacetraps 463
- Chapter 48 access control 464
- Gs3700 xgs3700 series user s guide 464
- Option object label object id description 464
- Table 232 snmp interfacetraps continued 464
- Table 233 aaa traps 464
- Table 234 snmp ip traps 464
- Chapter 48 access control 465
- Configuring snmp 465
- From the access control screen display the snmp screen you can click access control to go back to the access control screen 465
- Gs3700 xgs3700 series user s guide 465
- Option object label object id description 465
- Table 235 snmp switch traps 465
- Chapter 48 access control 466
- Configuring snmp trap group 466
- From the snmp screen click trap group to view the screen as shown use the trap group screen to specify the types of snmp traps that should be sent to each snmp manager 466
- Gs3700 xgs3700 series user s guide 466
- Label description 466
- Note snmp version 2c is backwards compatible with snmp version 1 466
- The following table describes the labels in this screen 466
- User screen 466
- Chapter 48 access control 467
- Enabling disabling sending of snmp traps on a port 467
- Gs3700 xgs3700 series user s guide 467
- Label description 467
- The following table describes the labels in this screen 467
- Trap group 467
- Trap group screen click port to view the screen as shown use this screen to set whether a trap received on the port s would be sent to the snmp manager 467
- Chapter 48 access control 469
- Configuring snmp user 469
- From the snmp screen click user to view the screen as shown use the user screen to create snmp users for authentication with managers using snmp v3 and associate them to snmp groups an snmp user is an snmp manager 469
- Gs3700 xgs3700 series user s guide 469
- Label description 469
- Note changes in this row are copied to all the ports as soon as you make them 469
- Note use the username and password of the login accounts you specify in this screen to create accounts on the snmp v3 manager 469
- Port continued 469
- The following table describes the labels in this screen 469
- Chapter 48 access control 470
- Gs3700 xgs3700 series user s guide 470
- Label description 470
- Note the settings on the snmp manager must be set at the same security level or higher than the security level settings on the switch 470
- User continued 470
- Note it is highly recommended that you change the default administrator password 1234 471
- Setting up login accounts 471
- Chapter 48 access control 472
- Figure 356 ssh communication example 472
- Gs3700 xgs3700 series user s guide 472
- Label description 472
- Logins continued 472
- Ssh overview 472
- Unlike telnet or ftp which transmit data in clear text ssh secure shell is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network 472
- How ssh works 473
- Introduction to https 474
- Requirements for using ssh 474
- Ssh implementation on the switch 474
- Https example 475
- Internet explorer 6 475
- Internet explorer 7 or 8 475
- Internet explorer warning messages 475
- Note if you disable http in the service access control screen then the switch blocks all http connection attempts 475
- Example 476
- Mozilla firefox warning messages 477
- Example 478
- The main screen 478
- Example 479
- Service access control 479
- Chapter 48 access control 480
- From the access control screen display the remote management screen as shown next 480
- Gs3700 xgs3700 series user s guide 480
- Label description 480
- Remote management 480
- Service access control 480
- The following table describes the fields in this screen 480
- You can specify a group of one or more trusted computers from which an administrator may use a service to manage the switch click access control to return to the access control screen 480
- Chapter 48 access control 481
- Gs3700 xgs3700 series user s guide 481
- Label description 481
- Remote management 481
- The following table describes the labels in this screen 481
- Diagnostic 482
- Chapter 49 diagnostic 483
- Diagnostic 483
- Gs3700 xgs3700 series user s guide 483
- Label description 483
- The following table describes the labels in this screen 483
- Chapter 49 diagnostic 484
- Diagnostic continued 484
- Gs3700 xgs3700 series user s guide 484
- Label description 484
- Overview 485
- System log 485
- Syslog overview 486
- Syslog setup 486
- Chapter 51 syslog setup 487
- Gs3700 xgs3700 series user s guide 487
- Label description 487
- Syslog setup 487
- The following table describes the labels in this screen 487
- Chapter 51 syslog setup 488
- Gs3700 xgs3700 series user s guide 488
- Label description 488
- Syslog setup 488
- Cluster management 489
- Clustering management status overview 489
- Cluster management status 490
- Note a cluster can only have one manager 490
- Chapter 52 cluster management 491
- Cluster management 491
- Cluster member switch management 491
- Go to the clustering management status screen of the cluster manager switch and then select an index hyperlink from the list of members to go to that cluster member switch s web configurator home page this cluster member web configurator home page and the home page that you d see if you accessed it directly are different 491
- Gs3700 xgs3700 series user s guide 491
- Label description 491
- The following table describes the labels in this screen 491
- Example 492
- Uploading firmware to a cluster member switch 492
- Clustering management configuration 493
- Example 493
- Chapter 52 cluster management 494
- Configuration 494
- Gs3700 xgs3700 series user s guide 494
- Label description 494
- The following table describes the labels in this screen 494
- Mac table 495
- Mac table overview 495
- Chapter 53 mac table 496
- Gs3700 xgs3700 series user s guide 496
- Label description 496
- Mac table 496
- Mac table in the navigation panel to display the following screen use this screen to search specific mac addresses you can also directly add dynamic mac address es into the static mac forwarding table or mac filtering table from the mac table using this screen 496
- The following table describes the labels in this screen 496
- Viewing the mac table 496
- Chapter 53 mac table 497
- Gs3700 xgs3700 series user s guide 497
- Label description 497
- Mac table continued 497
- Ip table 498
- Ip table overview 498
- Chapter 54 ip table 499
- Gs3700 xgs3700 series user s guide 499
- Ip table 499
- Ip table in the navigation panel to display the following screen 499
- Label description 499
- The following table describes the labels in this screen 499
- Viewing the ip table 499
- Arp table 500
- Arp table overview 500
- How arp works 500
- The arp table screen 500
- Arp table 501
- Chapter 55 arp table 501
- Gs3700 xgs3700 series user s guide 501
- Label description 501
- The following table describes the labels in this screen 501
- Overview 502
- Routing table 502
- Viewing the routing table status 502
- Path mtu overview 503
- Path mtu table 503
- Viewing the path mtu table 503
- Configure clone 504
- Chapter 58 configure clone 506
- Configure clone 506
- Configure clone stacking 506
- Gs3700 xgs3700 series user s guide 506
- Label description 506
- The following table describes the labels in this screen 506
- Chapter 58 configure clone 507
- Configure clone continued 507
- Gs3700 xgs3700 series user s guide 507
- Label description 507
- Ipv6 neighbor table 508
- Ipv6 neighbor table overview 508
- Viewing the ipv6 neighbor table 508
- Chapter 59 ipv6 neighbor table 509
- Gs3700 xgs3700 series user s guide 509
- Ipv6 neighbor table continued 509
- Label description 509
- Power hardware connections and leds 510
- Troubleshooting 510
- I cannot see or access the login screen in the web configurator 511
- I forgot the ip address for the switch 511
- I forgot the username and or password 511
- One of the leds does not behave as expected 511
- Switch access and login 511
- I can see the login screen but i cannot log in to the switch 512
- Pop up windows javascripts and java permissions 512
- I cannot see some of advanced application submenus at the bottom of the navigation panel 513
- I lost my configuration settings after i restart the switch 513
- Switch configuration 513
- There is unauthorized access to my switch via telnet http and ssh 513
- Common services 514
- Ppendi 514
- Appendix a common services 515
- Gs3700 xgs3700 series user s guide 515
- Name protocol port s description 515
- Table 257 commonly used services continued 515
- Appendix a common services 516
- Gs3700 xgs3700 series user s guide 516
- Name protocol port s description 516
- Table 257 commonly used services continued 516
- Ppendi 517
- Global address 518
- Loopback address 518
- Multicast address 518
- Unspecified address 518
- Eui 64 519
- Interface id 519
- Stateless autoconfiguration 519
- Subnet masking 519
- Dhcp relay agent 520
- Dhcpv6 520
- Identity association 520
- Rebind 520
- Renew rebind 520
- Renew to s1 520
- Icmpv6 521
- Ipv6 cache 521
- Neighbor discovery protocol ndp 521
- Prefix delegation 521
- Mld messages 522
- Multicast listener discovery 522
- Example enabling dhcpv6 on windows xp 523
- Example enabling ipv6 on windows xp 2003 vista 523
- Example enabling ipv6 on windows 7 524
- Customer support 526
- Ppendi 526
- Austria 527
- Europe 527
- Malaysia 527
- Pakistan 527
- Philippines 527
- Singapore 527
- Taiwan 527
- Thailand 527
- Vietnam 527
- Belarus 528
- Belgium 528
- Bulgaria 528
- Czech republic 528
- Denmark 528
- Estonia 528
- Finland 528
- France 528
- Germany 528
- Hungary 528
- Latvia 529
- Lithuania 529
- Netherlands 529
- Norway 529
- Poland 529
- Romania 529
- Russia 529
- Slovakia 529
- Sweden 529
- Argentina 530
- Brazil 530
- Ecuador 530
- Israel 530
- Latin america 530
- Middle east 530
- Switzerland 530
- Turkey 530
- Ukraine 530
- Africa 531
- Australia 531
- North america 531
- Oceania 531
- South africa 531
- Legal information 533
- Ppendi 533
- Appendix d legal information 534
- Gs3700 xgs3700 series user s guide 534
- List of national codes 534
- Safety warnings 534
- Appendix d legal information 535
- Environment statment 535
- European union disposal and recycling information 535
- Gs3700 xgs3700 series user s guide 535
- Weee directive 535
- Environmental product declaration 536
- Appendix d legal information 537
- Gs3700 xgs3700 series user s guide 537
- Registration 537
- Trademarks 537
- Viewing certifications 537
- Zyxel limited warranty 537
- 台灣 537
- Appendix d legal information 538
- Gs3700 xgs3700 series user s guide 538
- Open source licenses 538
- Numbers 539
Похожие устройства
- Zyxel XGS3700-24HP Технические характеристики
- Zyxel XGS3700-24HP Справочник командного интерфейса
- Gorenje gcm 512 x Инструкция по эксплуатации
- Zyxel XGS3700-24HP Сводная таблица функций управляемых коммутаторов
- Zyxel XGS3700-24HP Рекомендации по настройке
- Gorenje gcm 712 b Инструкция по эксплуатации
- Zyxel XGS3700-48HP Инструкция по эксплуатации
- Gorenje gcs 773 b Инструкция по эксплуатации
- Zyxel XGS3700-48HP Технические характеристики
- Zyxel XGS3700-48HP Справочник командного интерфейса
- Zyxel XGS3700-48HP Сводная таблица функций управляемых коммутаторов
- Zyxel XGS3700-48HP Рекомендации по настройке
- Gorenje ght 64 xc Инструкция по эксплуатации
- Zyxel GS1900-8 Инструкция по эксплуатации
- Zyxel GS1900-8 Технические характеристики
- Zyxel GS1900-8 Рекомендации по настройке
- Zyxel GS1900-8 Рекомендации по настройке
- Zyxel GS1900-8 Рекомендации по настройке
- Zyxel GS1900-8 Рекомендации по настройке
- Zyxel GS1900-16 Инструкция по эксплуатации