ZyXEL ES-2024A User's Manual
Contents
1. Device List Panel View devices in a tree structure The colors of the device indicate the status of the devices Green is working and Rd is no response from the device System message Panel View the alarm Status and port status of the selected switch Figure 3 Overview of EMS 65 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes ZyXEL NetAtlas Enterprise EMS lap Template 5b Performance Faut PMantenance Tool Menu Shortcut Descriptions Tee Device List Panel Alarm Status Port Status a g 1 m ALARM FAN TEMP VOL System Message Panel Configuration of adding a new device via SNMPc In the following example we will illustrate how to get started with SNMPc and Netatlas with adding a new device Follow the procedures from Step 1 to Step 11 Step 1 In the edit button bar shown in the Figure 4 where you may select the icon to insert a new element Figure 4 Adding a new Device 66 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 25 SNMPc Management Console Root Subnet 2 File Edit View Insert Manage Tools Config Window Help ulalla e s Bl Ol P S el lsalall gt PotldstpfortEnty gt x Em Root Subnet 2 4 192 168 1 192 168 1 1 ES 2108 G5 4024 Step 2 In the map object properties give the label name and enter the IP2. For more information reference the user guide of NetAtlas Port 02 Fort z Part 04 Fart z Fort DE Part r Fort 08 Fort 04 Fart 10 Port11 00 Part 01 m Port z Port 03 Port 04 Part DS Port DE Port oy Port 08 Port n Port 10 All contents copyright c 2006 ZyXEL Communications Corporation 76 ZyXEL ES 2000 Series Switch Support Notes Cluster Management Overview Cluster Management allows you to manage up to 24 switches through a single IP to manage up to 24 switches simultaneously in the same broadcast domain and the same VLAN group ID The cluster manager which can manage other switches is called the master device The other terminology we use for cluster management is istacking e How Cluster Management works otep 1 1 HDAP Discover REO Cluster manager Cluster member Master device Slave device To discover the clustering members the clustering Manager broadcasts a HDAP Host Discovery and Address assignment Protocol Discover request Step 2 2 HDAP Discover RSP Cluster manager Cluster member Master device Slave device 77 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes A clustering member listens on UDP port 263 When a clustering member recelves a request with the matching signature it answers with a HDAP Discover Response In the response the clustering member provides identity infor
3. 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Map Object Properties General Access Attributes Dependencies Name Read Write Access Mode Value SNMP Athib Read Access Mode NMP 2 Read Write Access Mode SNMP 2 Read Community public Reads Mrite Community public Trap Community public 3 Engineid sauto gt Y 5 Context Name snot set Y 5 Nao Auth Security Name enot set va Autl Priv Security Name lt not set Y 5 Auth Pasewd snot set Y 3 Priv Passwd snot set Step 6 In the map object properties select Access tab to set the parameters of Read community to public as shown in Figure 8 Figure 8 Read Community Map Object Properties General Access Attributes Dependencies Name Read Comm muty Value Attrib Read Access Mode NMP V2c Read Write Access Mode SNMP Yc Read Community public Read M rite Community public Trap Community public Y 3 Engineid 2100 gt Y 3 Contest Name znnt set Y 5 No Luth Security Name lt not set va Security Name lt not set Y 3 Auth Pasewd aot set Y 3 Priv Pasewd znnt set 69 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Step 7 In the map object propeies select Access tab to set the parameters of Read community to public in Figure 9 Change the value of Read write Community to Public Figure 9 Read write Commu
4. 50 Backup Configuration Click Here Load Factory Default Click Here Reboot System Chek Here 2 Click on the Click Here link of the Restore Configuration to bring up the following screen a Mestore Configuration Maintenance To restore the devices configuration form a file browse to the location ofthe configuration file and click Restore button 3 Browse to locate the file with the file name or type in the path and the file name into the File Path field 4 Click on the Restore button From Console Port 1 Connect to the console port and open the Terminal Emulation Software All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Restarting the Switch to enter the debug mode via the terminal Enter ATLC Use X modem protocol to transfer Send File the firmware Enter ATGO to restart the Switch after done uploading the configuration file 0 From Command Line FTP 1 Download and unzipped the correct model firmware to your computer 2 Launch the FTP client on your PC to login to Svvitch From the command prompt type ftp Switch IP gt Press Enter for the User name Enter password to get the ftp prompt Enter bin to set transfer mode to binary XL ecce Use put to transfer the the configuration file from the computer to the switch for example put comfig rom rom transfers the firmware on your computer co
5. 7 Yas a a4 13 143 a a4 14 143 1 E El 8 Yes 00 00 60 215 96 61 00 00 60 15 986 61 1 B s ort Notes After you enabled MAC freeze on port 6 using the CLI command the switch automatically disables MAC address learning on that port Display the Port Security screen to verify this Figure 3 Disabled Automatic MAC Address Learning After MAC Freeze 61 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Port Securi b Active Iv Port Active Address Learning Limited Number of Learned MAC Address xl l 62 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Centralized Management Introduction of SNMPc and NetAtlas With the number of network device increase the demand to detect and respond to the network failure or external event in a very short time posts a great challenge to network administrator How to easily manage and monitor network devices across networks becomes more and more important in network management Figure 1 presents main elements of the system architecture Element Management System EMS NetAtlas provides a centralized remote management platform and acts as SNMPc manager to perform network configuration system management event alarm management performance management and security for all yXEL s Ethernet Switch solutions SNMPc is netwo
6. 03 The Humber Of Member 2 Index Hw Addr Hame Model Status 1 n all c5 3c 48 43 ES 3 024 slave 5 3024 Offline 2 n ald c5 ab 03 08 ES 4024 5 4024 Online Enter Management gt Cluster Management gt Clustering Management Status In Clustering Management Status pages you can check the status for each member Step 6 Clustering Candidate Hwaddr Hame Model 0 ad c5 3c 48 43 ES 3024 slave 5 3024 Enter Management gt Cluster Management gt Clustering Management Configuration In Clustering Management Configuration pages by 82 All contents copyright c 2006 ZyXEL Communications Corporation XEL Zy ES 2000 Series Switch Support Notes checking the remove checkbox and then click on the Remove button to remove a cluster member FAQ What is the default setting of the IP parameters IP address 192 168 1 1 Subnet 255 255 255 0 What is the default login Name and Password of the Web Configurator ID admin Password 1234 How to access my SWITCH through the console port Connect the male 9 pin end of the console cable to the console port of the Switch Connect the female end to a serial port COM1 COM2 or other COM port of your computer which has terminal emulation software configured to the follow parameters Terminal emulation VT100O Baud rate 9600 bps Data bits 8 Parity none otop bit 1 Flow control none What is default login password of the console telnet
7. 12 VLANs Of the 4096 possible VIDs a VID of O is used to identify priority frames and value 4095 FFF is reserved so the maximum possible VLAN configurations are 4 094 Note that user priority and VLAN ID are independent of each other Aframe with VID VLAN Identifier of null 0 is called a priority frame meaning that only the priority level is significant and the default VID of the ingress port is given as the VID of the frame 42 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes How 802 1Q VLAN works According to the VID information in the tag the switch forward and filter the frames among ports These ports with same VID can communicate with each other IEEE 802 1Q VLAN function contains the following three tasks Ingress Process Forwarding Process and Egress Process 1 Ingress Process Each port is capable of passing tagged or untagged frames Ingress Process identifies if the incoming frames contain tag and classifies the incoming frames belonging to a VLAN Each port has its own Ingress rule If Ingress rule accept tagged frames only the switch port will drop all incoming non tagged frames If Ingress rule accept all frame type the switch port simultaneously allow the incoming tagged and untagged frames e When a tagged frame is received on a port it carries a tag header that has a explicit VID Ingress Process directly pass the tagged frame to Forwar
8. Incognito s DNS Commander Management Static Addresse In order to enable automatic DNS Commander updates you must specify the IP Client Classes address of the Domain Name Server 5 Hardware Active IP Addre Anti Roaming D View Audits 9 Enable automatic DNS updates Statistics DDNS amp TFTPI Ww 1 Microsoft Word Incognito Managemen LM 3 30 La FF 03 44 The rule creation has been finished 28 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Incognito Management Console configuring IP Commander on 192 168 1 99 1 8 0H6MB QQ9 xx IP Commander 2 192 168 1 99 lt ONL Service Configuration for 192 168 1 99 ONLINE Stand alone gt Service Configu Administrator AC jp Commander Administrator Configuration Utility Network Views Client revisiguied Rules Copyright R ule Fiizard for 192 168 1 99 El Templates Policies Access Control Tree View Management Static Addresse Rules Client Classes i 5 Global Management You are finished The rule wizard now has all of the required information to create and link the rule and Hardware Mapr i b pe Global Access Control List i template for you Active IP Addre i fl Global Template Anti Roaming D El Incognito 0 0 0 0 View Audits Statistics G DDNS amp TFTPI Select a component in the tree to view or modify
9. Template for Incognito 1 it s properties Once the rule is created it will immediately Components are linked together become active in the rules container 1 Microsoft Word Incognito Managemen After finishing all above procedures your PC will get the IP address 192 168 1 201 when you send a DHCP request 29 All contents copyright c 2006 ZyXEL Communications Corporation XEL Zy ES 2000 Series Switch Support Notes Separating a physical network into many virtual networks What is Virtual LAN VLAN Overview A VLAN Virtual Local Area Network allows a physical network to be partitioned into multiple logical networks Stations on a logical network belong to one group called VLAN Group A station can belong to more than one group The stations on the same VLAN group can communicate with each other With VLAN a station cannot directly talk to or hear from stations that are not in the same VLAN group s the traffic must first go through a router In MTU or IP DSLAM applications VLAN is vital in providing isolation and security among the subscribers When properly configured VLAN prevents one subscriber from accessing the network resources of another on the same LAN thus a user will not see the printers and hard disks of another user in the same building VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain A VLAN group is a broadcast
10. ZyXEL ES 2000 Series Switch Support Notes VID 102 port 6 7 8 9 10 25 TAG VID 103 port 11 12 13 14 25 TAG VID 104 port 15 16 17 18 25 TAG VID 105 port 19 20 21 23 22 25 TAG Clients in same VLAN on both switches can communicate each other PVID Set PVID on switch 1 Port 1 2 3 101 Port 4 5 6 102 Port 7 8 9 10 103 Port 23 24 104 Port 11 12 13 14 105 Port 15 16 17 106 Port 18 19 20 21 107 port 25 PVID any Set PVID on switch 2 Port 1 2 3 4 101 Port 6 7 8 9 10 102 Port 11 12 13 14 103 Port 15 16 17 18 104 Port 19 20 21 22 23 105 Port 25 PVID any 48 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes IP Multicasting How to setup IGMP snooping in your switch Figure 1 IGMP and IGMP snooping Multicast rs Traffic ga Se Media server IGMP Router IGMP snooping is designed for application with deployment of multicast traffic It operates on the underlying IGMP mechanism where a layer two switch passively listens to the IGMP Query Report and Leave IGMP version 2 packets transmitted between the IGMP router and clients and collects passing IGMP messages After that the switch records the messages group registration information and configures multicasting information accordingly If the multicast group information is unknown not recorded on the switch t
11. group but these two groups cannot talk with each others Here we also logically defined Port 9 and Port 10 as the uplink ports Therefore both groups can pass data to Port 9 and Port 10 In another word these two ports belong to both of the groups on the same time Please confirm if your setting looks similar to below 37 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes ZyXEL MENU A Status El Logout E Help Setting Wizard Portisolation w 7 9 IEEE CERE IER atic MAC Forwarding Filtering Spanning Tree Protocol Bandwidth Control Broadcast Storm Control Mirroring Link Aggregation Port Authentication Port Security Queuing Method 66 amn o o AAAA vi Tiel LI wi p e w di Tl II LI wi wT e gt HEGRE oc ARAD a a n sHSBBBassss sHSBBBassss SOC JSC sossoof Copyright 1995 2005 by ZyXEL Communic 9 Finally you can now verify your result If everything works fine PC A can ping PC B and PC Z But it cannot ping PC C or PC D On the same time this should work vice versa 10 For example PC A 192 168 1 4 24 PC B 192 168 1 5 24 PC C 192 168 1 6 24 PC D 192 168 1 7 24 PC Z 192 168 1 99 24 11 PING PC B from PC A Should work 38 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Gi pinu 192 168
12. limited More precise and Bandwidth KA self done rate limiting implemented packet implemented by flow control mechanism Control dropping once over mechanism threshold value Static MAC filtering None Excellent tools to MAC Freeze implement security Port security MAC number control protection which realizes extreme security to the edge Supported None Encrypt the management connection Single lP can 8 units can be Single IP can manage as System manage 24 unites managed by one IP many as 24 devices to Control iStacking support save investment 87 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Su ort Notes Cisco like ZyXEL Style CLI Text mode Binary mode Configuration File Multiple management IP Reduce the learning curve and hands on immediately Text editing eases the network management especially for large scale switch setup Enable flexiblity for network management How much PoE Power can ES 2024PWR supply concurrently It supports 180W in total which means that not every Fast Ethernet Switch port on ES 2024PWR can provide PoE Power on the same time 88 All contents copyright c 2006 ZyXEL Communications Corporation
13. member port port 3 and port 4 How to configure Port Based VLAN Port based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port 34 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Scenario E5 2108 LC E 174 Port 5 8 Illy LL rs rs Iw In this scenario Port Based VLAN is used to separate one physical Switch into two smaller logical Switches Port 1 4 and 9 10 are in one group And Port 5 10 are in another group Port based VLANs are specific only to the switch on which they were created 35 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Configuring your Switch to fulfill this scenario GUI Connect port 1 with a PC or Notebook via the RJ45 Cable By default the MGMT IP on every port is 192 168 1 1 24 Set your NIC to 192 168 1 2 24 Open an Internet browser such as IE and give http 192 168 1 1 on the URL 5 By default you will need to put admin as the username and 1234 as 570755 the passvvord 6 After you login successfully you vvill see a similar screen like belovv ZyXEL MENU hn q D Status System Up Time 22 35 08 Port Link State LACP TxPkts Errors Tx KB s RxKBis Up Ti 100M F FORWARDING Disabled 3313 0 0 0 Down STOP Disabled Down STOP Disabled Down STOP Disabled Down STOP Disabled Down STOP D
14. of data Reply from 192 168 1 5 bytes 32 time 18ms TTL 254 Reply from 192 168 1 5 hytes 32 time 5ms TTL 254 Reply from 192 168 1 5 bytes 32 time bms TTL 254 Reply from 192 168 1 5 bytes 32 time bms TTL 254 Ping statistics for 192 168 1 5 Packets Sent 4 Received 4 Lost Hx loss Approximate round trip times in milli seconds Minimum Sms Maximum ims Average bms 10 From PC Delta PING PC Alpha at 192 168 1 4 Cz gt ping 172 168 1 4 Pinging 192 168 1 4 with 32 bytes of data Reply from 192 168 1 4 bytes 32 time 5ms TTL 254 Reply from 192 168 1 4 bytes 32 time ms TTL 254 Reply from 172 168 1 4 bytes 32 time 5ms TTL 254 Reply from 172 168 1 4 bytes 32 time 8ms TTL 254 Ping statistics for 172 168 1 4 Packets Sent 4 Received 4 Lost Hz loss gt Approximate round trip times in milli seconds Minimum Sms Maximum 28 5 Average iims 11 Now you can confirm that the network connection between ES 2108 LC and GS 4024 is up and running 16 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes General Networking DHCP Relay Option 82 Application This feature is only available on ES 2048 ISP may want to limit the number of IP address or deliver some specific IP addresses according to certain Switch port VLAN ID and option 82 string They can easily to achieve this with DHCP Relay Option 82 feature and a DHCP s
15. them using operators Client Classes in the operators list Use parantheses to specify the order of preference Hardware Mapp M Active IP Addre Keywords Operators Anti Roaming D View Audits Statistics E DDNS amp TFTPI ption number Sub option optional Data type Enter the data the client must match 82 h Binary Data idi 82 Relay Agent Information EH k Rules Rule Wizard for 192 168 1 99 Add DHCP Option Rule lt Back Cancel Created Last modified Search 2 Windows czy Doct Micro Incognito Ma 2 2 Ethereal cx A SIEnhTJL y ARTS configuring IP Commander on 192 168 1 99 lt ONLINE Stand alone gt File Edit Service View Import Export xXxo 8 ons Mizards Tools Reports Help mB 4Q 9 IP Commander 132 168 1 99 lt ONL P Create Rule Et Service Configu Administrator General Rule Criteria High Water Marks Rule Options Network Views 1 Rules Rule Wizard for 192 168 1 99 Templates Policies Access Control Create the rule criteria Management Static Addresse ower limit Select rule criteria from the keywords list and link them using operators Client Classes in the operators list Use parantheses to specify the order of preference Hardware Active IP Addre Keywords Operators AniRoamngD Delo HCP Opon vi vl View Audits Statistics Lease time P DDNS amp TFTPI Rule criteria OPTIONBINARY 82 1 0019000131323438 lt
16. 1 5 Pinging 172 168 1 5 with 32 bytes of data Reply from 192 168 1 5 hytes 32 time l ms TTL 254 Reply from 192 168 1 5 hytes 32 time 6ms TTL 254 Reply from 192 168 1 5 hytes 32 time ms TTL 254 Reply from 192 168 1 5 hytes 32 time bmz TTL 254 Ping statistics for 192 168 1 5 Packets Sent 4 Received 4 Lost H Hz loss Approximate round trip times in milli seconds Minimum 6ms Maximum 12ms Average Yms 12 PING PC Z from PC A Should work pinq 172 168 1 77 inging 172 168 1 77 with 32 bytes of data eply from 172 168 1 77 bytes 32 time 15ms TTL 254 eply from 192 168 1 979 bhytes 32 time bms TTL 254 eply from 192 168 1 99 hutes 32 time bms TTL 254 eply from 192 168 1199 hutes 32 time ms TTL 254 ing statistics for 192 168 1 99 Packets Sent 4 Received 4 Lost H loss gt pproximate round trip times in milli seconds Minimum Maximum 15ms Average 8ms 13 PING PC C from PC A Should NOT work pinyg 192 168 1 6 172 168 1 6 with 32 bytes of data timed out timed out timed out timed out ing statistics for 192 168 1 6 Packets Sent 4 Received 4 iH z loss gt 39 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Configuring your Switch to fulfill this scenario CLI 1 Connect the Switch Console port with your PC or Notebook 2 Open your Terminal program Ex Hyper Terminal in
17. 2 16 3 1000 255 0 End of Apr 2005 Copy type Demo DDNS TFTP Product number 7101 Service category 1002 Product key 04x 1PC100 8F44 78D2 3B3C 5CA3 Operating system Windows XP Service Pack 1 22 Doel Microsoft Word Incognito Managemen Incognito Management Console configuring IP Commander on 192 168 1 99 lt ONLINE Stand alone gt pu ly enort H Xxs G om mn as99 IP Commander B 192 153 1 39 ONL Create Rule Service Configu Administrator Ac General Rule Criteria High Water Marks Rule Options Network Views k Rules Rule Wizard for 192 168 1 99 Templates Policies Access Control Management Static Addresse limit A rule consists of an address range and a set of criteria Client Classes DHCP options are specified in a template which is linked Hardware Mapr to the rule Active IP Addre Ant RoamingD D Default gate View Audits Statistics Lease time G DDNS amp TFTPI Creating a rule Name the rule IES1248 port25 Enter a description of the rule optional Demo Cancel Created Last modified Lint Search 2 Ethereal fen 2 Windows Gy Doel Micro Incognito Ma All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Assign a range of IP addresses or just one IP address to this rule In our case we set the IP pool from 192 168 1 201 to 192 168 1 203 Incognito Mana
18. Back Cancel Created Last modified fm 2 Windows M Ww 1 Micro Incognito Ma 2 Ethereal All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Then pop up the following screen and you can just press Next button Incognito Management Console configuring IP Commander on 192 168 1 99 Ixxe 8 oBoumb ao El IP Commander 2 192 168 1 99 lt ONL Service Configuration for 192 168 1 99 ONLINE Stand alone gt Service Configu Administrator Commander Administrator Configuration Utility ES Client revisiqi zi T k Pies Copyright Eana 720 for 192 168 1 99 Network Views Templates Policies Access Control Rule options Management Static Addresse F 1 Client Classes Hardware Active IP Addre Rule is disabled Anti Roaming D View Audits Ping before allocation Statistics G DDNS amp TFTPI T Require legal hostname RFC 1123 You may specify the rule options for Rule is reserved every rule that you create Do not send Host Domain Shuffle IP addresses allocated from this rule temp k l 1 Microsoft Word Incognito Managemen 4 LM 3 10 s FF 03 43 Then you can add DHCP template option such as gateway DNS server and SO on 26 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Incognito Managemen
19. Click on the Upgrade button From Console Port Download and unzipped the correct model firmware to your computer Connect to the console port and open the Terminal Emulation Software Restarting the switch to enter the debug mode via the terminal Enter ATUR Use X modem protocol to transfer Send File the firmvvare Enter ATGO to restart the switch after done uploading the firmware ot SS From Command Line FTP 1 Download and unzipped the correct model firmware to your computer 2 Launch the FTP client on your PC to login to Switch From the command prompt type ftp Switch IP gt Press Enter for the User name Enter password to get the ftp prompt Enter bin to set transfer mode to binary az r Use put to transfer the firmvvare from the computer to the svvitch for example put firmvvare bin ras transfers the firmvvare on your computer firmvvare bin to the svvitch and renames it ras 7 Enter quit to exit the ftp prompt All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Restore a Configuration File From Web GUI 1 Click Management and then Maintenance in the navigator panel to bring up the following screen q OLANTA o Firmware Upgrade n Restore Configuration ClickHere
20. VLAN 2 member port port 2 and port 4 Switch 2 VLAN 3 member port port 3 and port 4 For Switch 3 port 2 port 3 and port 4 are allowed to communicate back and forth with uplink port 1 but not with other ports Switch 3 VLAN 1 member port port 2 and port 1 Switch 3 VLAN 2 member port port 3 and port 1 Switch 2 VLAN 3 member port port 4 and port 1 Host A can t talk to Host B due to the port based VLAN in Switch 2 and Host C can t talk to Host D due to the port based VLAN in Switch 3 But both Switch 2 and Switch 3 uplink to the none VLAN Switch 1 Host A and Host B will talk to Host C and Host D via the none VLAN switch because port based VLAN can t across different switches To achieve the security between different switches you must put another port based VLAN switch for the uplink Each port on the uplink switch also should be separated into different VLAN except for the port to the gateway So subscribers only can talk to the gateway for Internet access but not communicate with each other 33 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Gateway Switch 1 EL Switch 2 Switch 3 13 A For Switch 1 port 1 port2 and port 3 are allowed to communicate back and forth with uplink port 4 but not with other ports Switch 1 VLAN 1 member port port 1 and port 4 Switch 1 VLAN 2 member port port 2 and port 4 Switch 1 VLAN 3
21. Windows system 3 Make sure that your port settings are bps 9600 Data bits 8 Parity None Stop bits 1 Flow control None 4 After you connected successfully give the correct user name and password 5 Put en or enable to go into the privileged mode Then put config to go into the configuration mode 6 Put the following commands to setup Port Based VLAN on your Switch in this 40 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes scenario vlan type port based interface port channel egress get 5 3 exit interface port channel 2 egress get 5 3 exit interface port channel 3 egress get 5 3 exit interface port channel 4 egress get 5 3 exit interface port channel 5 egress get 1 4 exit interface port channel 6 no egress get 1 4 exit interface port channel 7 egress get 1 4 exit interface port channel amp egress get 1 4 exit 7 When all of the above are done do not forget to give the write memory command under the enable mode to save your configuration What is IEEE 802 1Q Tag based VLAN Tag based VLAN Overview Regarding IEEE 802 1Q standard Tag based VLAN uses an extra tag in the MAC header to identify the VLAN membership of a frame across bridges This tag is used for VLAN and QoS Quality of Service priority identification The VLANs can be created statically by hand or dynamically t
22. ZyXEL ES 2000 Series ES 2024A ES 2024PWR 5 2048 Ethernet Switch oupport Notes Version 3 60 September 2006 ZyXEL Unleash Networking Power XEL zy ES 2000 Series Switch Support Notes INDEX How to manage amp maintain your Switch Firmware Upgrade Restore a Configuration File Backing Up a Configuration File Load Factory Defaults Physical Switch connection Connecting two switches via Fiber Channel General Networking DHCP option 82 Relay Agent Information Option Separating a physical network into many virtual networks Introduction to Virtual LAN Port Based Virtual LAN Setting up Port Based VLAN IEEE 802 1Q Tag based VLAN Setting up Tag based VLAN IP Multicasting IGMP Snooping To ring a network by building reducdent links and connections between Switch Introduction to Spanning Tree Protocol How does Spanning Tree Protocol Work switching security MAC freeze Centralized Management Introduction of SNMPc and NetAtlas NetAtlas v1 02 supports ES 2024A NetAtlas v1 03 supports ES 2048 ES 2024PWR Cluster Management iStacking FAQ What is the default setting of the IP parameters What is the default login Name and Password of the Web Configuration How to access the Switch through the console port What is default login password of the console telnet and FTP How to change the password How to access the Command Line Interface If forgot the Switch password how can reset the pa
23. ZyXEL ES 2000 Series Switch Support Notes segment B Switch B Router 2 Filtering Database Instability When multiple copies of a frame arrive at different ports of a switch the MAC entry instability in Filtering Database will occur 1 Host sends an unicast frame to Router source MAC address is Host s MAC destination MAC address is Router s MAC Both owitch A and Switch B will receive this frame and learn MAC address of Host on Port 2 2 Switch A has not yet learned the MAC address of Router So Switch A will flood a copy of the received frame to Segment B 3 When the copy of the frame from Switch A arrives at Switch B owitch B will remove the first entry Host MAC address on Port 2 in Filtering Database and add a new mapping of Host MAC address on Port 1 Switch B incorrectly learn Host MAC address on Port 1 owitch B can t forward frames properly because the instability of mapping MAC address to Port 55 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Segment B switch A switch B Segment A Host Router How STP Works Spanning Tree provide a loop free network When a switch supported STP recognize a loop in the network topology it blocks one or more redundant ports Spanning Tree Protocol continually explore the network so when the network topology changes STP automatically reconfigure switch ports to avoid the failure by blocking cer
24. address of the selected device In this example we configure 172 23 3 11 as its IP address of your Switch as shown in Figure 5 Figure 5 Map Object Properties Map Object Properties reneral Access Attributes Dependencies Label ES 2108 Type Device m Address 172 23311 eem fautoico 1 Group J000 Unknown s Dieser mm mm Step 4 In the map object properties select Access tab to set the parameters of Read Access Mode to SNMP V2c shown in Figure 6 Change the value of 67 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Read Access Mode to SNMP V2c Figure 6 Read Access mode Map Object Properties General Access Attributes Dependencies Name Read Access Mode Value SNMP sr A tirih Read Access Mode NMP Vac Read Mrite Access Mode NMP Vae Read Community public Read Witte Community netman Trap Community public 773 Engineid santo Y 5 Context Name snot t Y3 No Muth Security Name snot set gt AuthPrv secuniby Name lt not set VS Auth Faswd snot t VS Priv Faswd snot set gt BLA 2 Step 5 In the map object properties select Access tab to set the parameters of Read Write Access Mode to SNMP V2c shown in Figure 7 Change the value of Read write Access Mode to SNMP V2c Figure 7 Read Write Access Mode 68 All contents copyright c
25. and FTP 83 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Password 1234 How to change the password Web Configurator is the only place you can change the password After you log in for the first time it is recommended you change the default administrator password From Web Configurator Click Advanced Application Access Control and then Logins to display the next screen q Imi Access Control Administrator Old Password Mew Password Please record your new password whenever you change it The system will lock you out if you have forgotten your password From there you can change a new password How to access the Command Line Interface There are two ways to access the Command Line Interface One is Telnet to the switch and another is Connect a computer to the console port and use the terminal emulation software Please check How to access the Switch through the console port to set up the parameters If you forget the password how to reset the password to default If you forget the password you will need to reload the factory default configuration Please be aware that you will lose all previous configurations 1 Connect the console cable to your computer and open the terminal 84 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes emulation software 2 Power off and th
26. c H d t fsir BB1 mac 66 60 6682 ch 3b b5 1 mac H d td cehsTa 8B51 mac SISE I fied ii b 43 4 1 mac SISHI ZB 6f a97 3c1 mac BB Bf 28 75 89 dh1 mac H rr 28 75 89 Ffc1 mac H SBF fe H9 c9 9 7 mac HB 11 2f B 2c 731 13 49 17 450 17 1 8 50 84 36 3 261 0 5 84 41 5 1 23 461 view the copied MAC addresses static static static static static static static static static static static static static static static static static static static static static static static static ES 2000 Series Switch Su Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Forwarding Figure 2 Displaying MAC Addresses From MAC Freeze Static MAC Forwarding NN Active r Name MAC Address VID Port Port 1 Add Cancel Clear Index Active Name MAC Address VID Port Delete 1 Yas 00 02 32671 00 02 32671 1 B C 2 Yas 00 02 8e3 4a af 3c 0 02 83 4a af 3c 1 B 1 A Yes 00 04 80 96 78 00 0 04 80 35 78 00 1 B Hi 4 Yas n 08 02 1fda fe O0 08 02 1fda fe 1 B m 5 Yes 00 08 24 15 70 04 0 0a e4 13 7d 04 1 B El Yes d 0a 8e4 13 78fa d 03 e4 13 78 fa 1 B r
27. ding Process An untagged frame doesn t carry any VID to which it belongs When a 43 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes untagged frame is received Ingress Process insert a tag contained the PVID into the untagged frame Each physical port has a default VID called PVID Port VID PVID is assigned to untagged frames or priority tagged frames frames with null 0 VID received on this port Tagged frame Tagged frame VID Untagged frame Ingress Rule Tagged frame After Ingress Process all frames have 4 bytes tag and VID information and then go to Forwarding Process 2 Forwarding Process The Forwarding Process decides to forward the received frames according to the Filtering Database If you want to allow the tagged frames can be forwarded to certain port this port must be the egress port of this VID The egress port is an outgoing port for the specified VLAN that is frames with specified VID tag can go through this port The Filtering Database stores and organizes VLAN registration information useful for switching frames to and from switch ports It consists of static registration entries Static VLAN or SVLAN table and dynamic registration entries Dynamic VLAN or DVLAN table SVLAN table is manually added and maintained by the administrator DVLAN table is automatically learned via GVRP protocol and can t be created and upgraded by the administ
28. domain In traditional Layer 2 switched environments all broadcast packets go to each and every individual port With VLAN all broadcasts are confined to a specific broadcast domain There are two most popular VLAN implementations Port based VLAN and IEEE 802 1q Tagged VLAN ES 2000 series supports both VLAN implementations The most difference between both VLAN implementations is Tagged VLAN can across Layer 2 switch but Port based VLAN cannot Port based VLAN 30 All contents copyright c 2006 ZyXEL Communications Corporation XEL Zy ES 2000 Series Switch Support Notes Port based VLANs are VLANs where the packet forwarding decision is based on the destination MAC address and its associated port You must define outgoing ports allowed for each port when using port based VLANs Note that VLAN only governs the outgoing traffic in the other word it is unidirectional Therefore if you wish to allow two subscriber ports to talk to each other e g between conference rooms in a hotel you must define the egress outgoing port for both ports An egress port is an outgoing port that is a port through which a data packet leaves There are 5 hosts Host A B C D and E connected to a 5 port layer 2 switch which supported port based VLAN Case 1 Host A and Host B can talk to each other because they are in the same VLAN group But Host A and Host B can t talk to Host C D and E Port based VLAN definition e Egress port
29. e panel list shown in Figure 12 right click Configuration Switch Configuration and then Switch Setup tab as shown in Figure 12 and Figure 13 Step 2 Define the VLAN type there are two types of VLAN one is 802 1Q and the other is Port based VLAN Select 802 1Q as the VLAN type and click Apply in the Figure 14 Figure 12 Device panel list Ge ZyXEL Net tlas Enterprise EMS Map View Template Provisioning Performance Fault Maintenance Tool Help Sx OB Ww E A Device IPAddress Descriptions E 4 Rootmap Rootmap E vit 172 23 15 115 Switch 4504 172 23 3 11 Alarm Status Port Status ALARM TEMP FAN VOL Figure 13 Switch Configuration 73 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes ZyXEL NetAtlas Enterprise EMS Map View Template Provisioning Performance Fault Maintenance Tool Help S x A ES Ww B fa Device IPAddress Descriptions z E Rootmap Rootmap M US Ez CY Egg Switch 4504 Properties Configuration 4 System Configuration Configuration Save Switch Configuration FLAN Configuration Ethemet Port Configuration Multicast Configuration IP Configuration Dimension JM T 1 GS 404 y Alarm Status Port Status VOL Figure 14 Selecting a VLAN Type Switch Configuration Device Name Copy to Timeout feo i seconds 5 Filtering Mac Forwarding Mirroring Switch Setup Priority Qusus STPCon Linkaggr
30. egation GARPTimer MAC Address Aging Time seconds Queuing Method Method STP Configuration Link Aggregation Bandwidth control Broadcast storm control Mirroring 8021x Port Security GVRP 802 1q Ingress Check 802 1q Port Isolation After the VLAN type selection a pop up window indicates that you have finished the configuration Then after we have defined the VLAN type to be the 802 1Q go back to click the Configuration and then VLAN configuration in 74 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Figure 15 Figure 15 VLAN Configuration ZyXEL NetAtlas Enterprise EMS xA ES ix BG IPAddress Descriptions B4 Rootmap Rootmap 2 Configuration Configuration Save ZyXEL Dimension N GS 40M Alarm Status Port Status Click the New button to create a new VLAN ID in Figure 16 Figure 16 Creating a new VLAN ID VLAN C WLAN ID Active Active now Delete Modify Load Template 1 slslalselselzi sil fiofaifia is is is is iaz is 18 20 m 22 23 24 25 26 27 sal Port List Selecting Egress ports and defines them to be tagged or untagged in Figure 17 Figure 17 Selecting the ports 75 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Modify VLAN Dialog Switch 6267 172 23 3 44 WLAN ID 2
31. en power on the Switch and press any key to enter the debug mode when the screen shows Press any key to enter Debug Mode within 3 seconds 3 Type atlc and press the enter key 4 When the message starting XMODEM upload appears do XMODEM upload of the default rom file to the Switch 5 After it is done uploading the rom file successfully type atgo to leave the debug mode 6 The system will be restarted automatically After the system is up you should be able to log in with the default password 1234 and the IP address is now 192 168 1 1 How do I configure an IP address From Web Configurator Click Basic Setting and then IP Setup to display the next screen ES 2000 series does NOT have the Out of band Management interface ES 2048 is an exception it has an Out of Band Management interface da MEO aD Domain Mame Server 0 0 0 0 In band Management IP DHCP Client Static IP Address IP Address 192 1 hB8 1 1 IP Subnet Mask 255 255 255 0 Address Default Gateway 0 0 0 0 Qut ar band Management IF IP Address 182 168 0 1 Address IP Subnet Mask 255 255 255 0 Default Gateway 0 0 0 0 85 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes is Online Help available on the Web Configurator Yes the Web Configurator s Online Help is available Clicking on the Help link will bring up a description of the online help of that screen How
32. erv DHCP s VRRP Step two In the L2 Switch click Basic Setting and then Switch Setup where we can enable IGMP snooping function with WEB GUI Figure 4 IGMP Snooping Setup ZyXEL MEN Status El Logout H Help q Nin Advanced Application 802 10 VLAN Type 7577 gt e IGMP Snooping Active 080 00 MAC Address Leaming Aging Time 300 seconds System Info GARP Timer Join Timer 200 milliseconds TACITO m 727 5 Switch Setup 7 7 FP rr milliseconds IP Setup 0 LiBaeAlTimer 2X9 milliseconds Port Setup Priority Queue Assignment level7 Jw levelb 3 v levels 2v level4 2 v level3 1 v level2 0 v level1 0 SJ Configuration of IGMP and IGMP snooping by CLI otep one Enable IGMP function In the configure mode GS 4024 config router igmp Step two Enable IGMP snooping 52 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes In the configure mode of CLI L2Switch contig igmp snooping Step three Display the IGMP Status In the exec mode of CLI GS 4024 show router igmp Step Four Display the IGMP snooping Status In the exec mode of CLI L2Switch show igmp snooping Note One thing needs to be mentioned is that in the IGMP router we do not need to enable IGMP snooping function 53 All contents copyright c 2006 ZyXEL Communications Corporation XEL Zy ES 2000 Series Switc
33. erver supporting Option 82 function 17 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes How to set up DHCP Relay Option 82 Environment Here we will set up an environment to allow a PC to get DHCP IP address in specific IP pool according to its Switch port VLAN ID and the option 82 string In this case we are using GS 3012 for the demonstration PC is behind 25 Switch port and the option 82 string is a string GS 3012 We use the IP Commander as DHCP server Its IP is 192 168 1 99 and the IP pool is between 192 168 1 201 and 192 168 1 203 for VID 1 Switch port 25 and the option 82 string is GS 3012 1 Switch GS 3012 settings Click IP Application DHCP Relay in the navigation panel to display configuration screen as shown You will see the DHCP Relay setup page Active the DHCP relay and Option 82 function Also click Information to make GS 3012 as the Option 82 string Information is READ ONLY here and it is the same as the host name of the Switch ZyXEL Static Routing Pee a PRISED ROT ra ruri ia PRISE DU RT PEE Ud ELD RTE EMD WE Wawa PPT RET TEEN WEM Fin pie tii wale Ka prime mE r paszowa patria priis ri Du EREMO a a Ra R e c me ere Ama dd YE OE E OE EEOAE ENTER nas EEIE EE Information i cr RR 3012 T Now we can connect PC to the 25 SWITCH port Please see former applications for detailed settings 3 IP Commander settin
34. for port 1 port 2 e Egress port for port 2 port 1 Case 2 There are 3 VLAN groups in the physical network Host A and Host B can talk to each other they are in the same VLAN group 1 Host B and Host C are in VLAN group 2 Host A Host D and Host E are in VLAN group 3 31 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Port based VLAN definition e Egress port for port 1 port 2 port 4 port 5 e Egress port for port 2 port 1 port 3 e Egress port for port 3 port 2 e Egress port for port 4 port 1 port 5 e Egress port for port 5 port 1 port 4 Port based VLAN across different switch Port based VLAN is specific only to the switch on which it was created Definitely Port based VLAN can t across different switches As the following network diagram shown in most MTU case for the sake of security subscribers are isolated with each other except for the gateway There are two switches Switch 2 and Switch 3 supported port based VLAN and uplink to a none port based VLAN switch Switch 1 32 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Switch 1 Gateway d c Switch 2 ra Switch 3 1 2 I For Switch 2 port 1 port 2 and port 3 are allowed to communicate back and forth with uplink port 4 but not with other ports Switch 2 VLAN 1 member port port 1 and port 4 Switch 2
35. gement Console configuring IP Commander on 192 168 1 99 ONLINE Stand alone gt XXS G oH mB QOQ 9 2 IP Commander 2 192 168 1 99 ONL Create Rule Service Configu Administrator General Rule Criteria High Water Marks Rule Options Network Views H k Rules Rule Wizard for 192 168 1 99 Templates Policies i Access Control Address Range Limits Management Static Addresse Now you must specify the upper and lower limits Client Classes of the IP addresses for the rule Hardware M Active IP Addre Anti Roaming D View Audits Statistics df DDNS amp TFTPI Enter the lower limit Enter the upper limit 192 168 1 203 Unlimite lt Back Cancel Created Last modified Link Delete Search fim 2 Windows M Ww Doct Micro GB ARTs m w 3 RZ r 04 32 After input IP pool we select DHCP Option in Keywords combobox 23 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Incognito Management Console configuring IP Commander on 192 168_1 99 EFA b Xas S oHsusB qo o El IP Commander 2 2 192 168 1 99 lt ONL gt Service Configuration for 192 168 1 99 ONLINE Stand alone gt Service Configu Administrator Ac IP Commander Administrator Configuration Utility Network Views ie r r Rules Copyright ca B OT CP LT RIS Templates Policies Access Control A 4 Crea
36. gement System Window Admin mu uu c Switch Manager Step 10 In the EMS mapping it display a logical hierarchy for the device In the device list you may see the devices are added in the Rootmap shown in 71 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Figure 12 Figure 12 Rootmap ZyXEL Neta tlas Enterprise EMS Map View Template Provisioning Performance Fault Maintenance Tool Help SXxXSBR EG Device IPAddress Descriptions ERI HE MAT RE zo Rootmap Rootmap Switch 4406 172 23 15 115 mni Switch 4504 172 23 3 11 Alarm Status Port Status Step 11 Click the your Switch to configure the device shown in Figure 13 Figure 13 Device mapping fa ZyXEL Net tlas Enterprise EMS p View Template Provisioning Performance Fault Maintenance Tool Help Sx Ooh P f Device IPAddress Descriptions sla Rootmap Rootmap AR Switch 4406 172 23 15 115 Switch 4504 Port Status nas View Port Status LinkSpeed ___ State LACP PD STOP Disabled 0 Mbps STOP Disabled 100 Mbps FORWARDING Disabled STOP Disabled 72 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes VLAN Configuration via EMS In this section we will give an example to illustrate how to use EMS to create a VLAN2 in GS 4024 Here are the procedures Step 1 In the devic
37. gs Open IP Commander Right click IP commander and then click connect new 18 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes server Incognito Management Console File Edit Service View Import x xia a 4 IP Common Connect New Service z P Commander IP Commander Administrator Configuration Utility Client Revision 4 2 11 1 Copyright c 1998 2004 Incognito Software Inc TEL fr temp G li Doci Microsoft Word Incognito Managemen RIE or E J 2 FF 03 38 Input the DHCP IP address or domain name and click ok Our IP is 192 168 1 99 19 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Incognito Management Console l1izG 8 586mE Q 9 IP Commander IP Commander IP Commander Administrator Configuration Utility Client Revision 4 2 11 1 Copyright c 1938 2004 Incognito Software Inc Select Server Please enter the name of the server with the IP Commander service you would like to manage Cancel wj 2181 Microsoft Word Input user name and password The default user name is administrator and password is incognito 20 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Incognito Management Console Ixx le5smms aoe IP Commander IP Commander IP Com
38. h Support Notes To ring a network by building reducdent links and connections between Switch What is Spanning Tree Protocol Spanning Tree Overview Spanning Tree Protocol STP is a Layer 2 protocol designed to run on bridges and switches The specification for STP is defined in IEEE 802 1d The main purpose of STP is to ensure that you do not run into a loop situation when you have redundant paths in your network STP detects disables network loops and provides backup links between switches or bridges It allows the device to interact with other STP compliant devices in your network to ensure that only one path exists between any two stations on the network The redundant topology without STP will cause the following problem 1 Broadcast storm Without Spanning Tree loop avoidance mechanism each switch will endlessly flood broadcast packets to all ports This situation is called broadcast storm 1 When Host sends a broadcast frame like an ARP request to Router the frame will be received by Switch A 2 Switch A identify the destination MAC address field broadcast FF FF FF FF FF FF in the frame and determine to flood it onto Segment B 3 When the broadcast frame arrives at Switch B Switch will repeat above process flood it to Segment A 4 The broadcast frame will endlessly travel around the loop network even Router has already received this frame 54 All contents copyright c 2006 ZyXEL Communications Corporation
39. he switch discards that multicast traffic Only the registered clients that join the group will receive multicast stream from the IGMP router Thus this significantly reduces the multicast traffic forwarded down to the clients Another advantage of IGMP snooping is to allow the intermediate switch to learn multicast group information without manually configuring switches 49 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 50 All contents copyright c 2006 ZyXEL Communications Corporation XEL Zy ES 2000 Series Switch Support Notes Configuration of IGMP snooping by web In this example we enable the IGMP function on the GS 4024 an IGMP router to connect to a multimedia server Also we enable IGMP snooping function on the ES 3124 or other ZyXEL L2 Switch to connect to the multimedia clients Figure 2 IGMP snooping Example b 433 04 Ae Hot a member Group Mieraber Lu Step one In the GS 4024 click the IP Application select IGMP where IGMP function can be enabled and we can select either IGMP v1 or IGMP v2 Figure 3 IGMP Setup 51 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes ZyXEL Status El Logout EH Help nu ke ipi gn ursi m yib ul eel Active Vv Index Network Version 1 192 158 1 1 24 None IP Multicast DiffS
40. hrough GVRP The VLAN ID associates a frame with a specific VLAN and provides the information that switches need to 41 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes process the frame across the network A tagged frame is four bytes longer than an untagged frame and contains two bytes of TPID Tag Protocol Identifier residing within the type length field of the Ethernet frame and two bytes of TCI Tag Control Information starts after the source address field of the Ethernet frame 6 bytes 6 bytes 2 bytes variable i Type Standard frame TPID L T Tagged frame 2 bytes 3 lbt 12 hits TPID TPID has a defined value of 8100 in hex When a frame has the EtherType equal to 8100 this frame carries the tag IEEE 802 1Q 802 1P e Priority The first three bits of the TCI define user priority giving eight 2 3 priority levels IEEE 802 1P defines the operation for these 3 user priority bits e CFI Canonical Format Indicator is a single bit flag always set to zero for Ethernet switches CFI is used for compatibility reason between Ethernet type network and Token Ring type network If a frame received at an Ethernet port has a CFI set to 1 then that frame should not be forwarded as it is to an untagged port e VID VLAN ID is the identification of the VLAN which is basically used by the standard 802 1Q It has 12 bits and allows the identification of 4096 2
41. ight cP an OR Fre for 192 168 1 99 Templates 2 Policies Incognito 5 Access Control Management Static Addresse Server Client Classes Service Hardware Ma Active IP d i Available Options Selected Options Anti Roaming D 1 Subnet Mask 3 3 Gateways 7 aca Gar Ye 5 Name Server DDNS amp TFTPI 6 Domain Server i 7 Log Server 8 Quotes Server 3 LPR Server 10 Impress Server 11 RLP Server 12 Hostname 13 Boot File Size 14 Merit Dump File 15 Domain Name 46 m NATU Selecting DHCP Options for the Template When a client satisfies a rule it will receive it s IP address along with the DHCP options in the linked template or in the global template Add Edit Delete lt Back Cancel w Doc1 Microsoft Word Incognito Managemen All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes You can apply DDNS service to DHCP server or not Incognito Management Console configuring IP Commander on 192 168 1 99 i I ort Hely E mport Export Wizard lools e 22 Q 1 3216 E IP Commander 2 192 168 1 99 lt ONL Service Configuration for 192 168 1 99 ONLINE Stand alone gt Service Configu Administrator ip Commander Administrator Configuration Utility Network Views Client revisiquis Rules Copyright Ba B Peete Ges CRIT Bc Templates Policies Access Control Enabling Updates for
42. isabled Down STOP Disabled Down STOP Disabled Down STOP Disabled Down STOP Disabled Status El Logout H Help 2 3 4 5 5 i 8 3 W oc Ses LG vC c o Cyr em BS me eH m Poll Interval s 40 pot AL 7 First we need to tell the Switch to run VLAN as port based instead of 802 1q based In order to do so we first click on the Basic Setting then Switch Setup on your right screen the VLAN Type choose Port Based instead of 802 1 and click Apply to save your changes 36 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes ZyXEL MENU Status El Logout H Help q ms WD 802 10 Port Based IGMP Snooping Active VLAN Type MAC Address Learning Aging Time seconds System Info Join Timer _ milliseconds General Setup 2 GARP Timer Leave Timer 600 milliseconds IP Setup Leave All Timer milliseconds Port Setup Priority Queue Assignment level7 levelb level5 level4 level3 level2 level1 level k 8 Now you need to tell the Switch how you are going to separate the physical Switch into some logical small Switches Thus we click Advanced Application then VLAN On the right screen check the boxes to suit your need In this case we need to make port 1 4 and port 9 10 in a group in order for them to communicate in both ways And port 5 10 in another
43. learns the computers MAC address and stores that to the MAC address table Activate the MAC freeze function on a port by entering the port security port number MAC freeze command in the CLI The following figure shows an example where the MAC freeze feature is enabled on port 6 The switch automatically copies all dynamically learnt MAC address on port 6 to the static MAC address Figure 1 Enable MAC Freeze Example 60 All contents copyright c 2006 ZyXEL Communications Corporation om Telnet 172 23 3 75 mdr port amp port amp port 6 port amp port amp port amp port amp Lport amp port amp port 6 amp port amp port 6 port 6 part amp port amp port amp port 6 Lport amp port amp port 6 port 6 port 6 port 6 port 6 You can display the Static MAC Address screen in the web configurator to IB ERI ui i ui i wid 1 wid 1 uid 1 uid 1 uid 1 uid 1 uid 1 IB ERI ui i ui i wid 1 wid 1 ui i uid 1 uid 1 uid 1 uid 1 IB ERI ui i wid 1 wid 1 Set WFQ method 45 3124Ctunfiq oll port securitu 6 mac freeze mac HB BH2 3f 67 17 he 1l mac iBil BH2 e3 4a af 3c 1 0 804 88 9 8 8 2 12 mac H Ha ed 13 T7d 4H41 mac HHu Ha ed 1i43 V7e fal mac H Ha eq 1i43 Yf 341 mac H ud tH i3 588R 811 mac HUN EAE EF mac HlB BHBd 6BH 78 d5 e7 mac 7 H 26d 66280221 228 ma
44. mander Administrator Configuration Utility Client Revision 4 2 11 1 Copyright c 1998 2004 Incognito Software Inc IP Commander You must login using an IP Commander service administrator account on 132 168 1 33 not a winnt or Unix user account Login name Password Save Password Cancel L l 1 Microsoft Word en n 3 iz cL 14 03 38 It will bring up the following screen please make sure that your DHCP is in online status Then click wizard in the top tool bars and select rule wizard 21 All contents copyright c 2006 ZyXEL Communications Corporation ES 2000 Series Switch Support Notes Kak Incognito Management Console configuring IP Commander on 192 168 1 99 File Edit Service View Import Export Mrene Tools Reports Help IXI SE B SB Global Settings Wizard Subnet Configuration Wizard IP Commander Rule Wizard 9 99 ONLINE Stand alone gt b Service Configu 7 Administrator Ac IP Commander Administrator Configuration Utility Network Views Client revision 4 2 11 1 Rules Copyright c 1338 2004 T STEK Incognito Software Inc Policies Access Control Management Static Addresse Server C501 Service Information Client Classes Hardware Mapr Active IP Addre Anti Roaming D View Audits Service Service revision Serial number of users in license Current of users Subscription expiry date Incognito IP Commander for NT 4
45. mation about itself Step 3 3 HDAP_SET_ADDR_REQ Address set Password NE challenge gt gt Cluster manager Master device Cluster member Slave device HDAP SET ADDR REQ Master device packet request is used for a clustering manager to assign an IP address and subnet mask to a clustering member Step 4 N 277 Cluster manager 4 HDAP SET ADDR RSP Cluster member Slave device LL Master device HDPA SET ADDR_RSP Slave device packet response is for a clustering member to acknowledge a Set Address request The hardware address uniquely identifies the sender of this response After the processes are done the cluster master will be able to manage the 78 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes slave switch e How to set up Cluster Management in switch Step 1 a ustering Management Configuration Clustering Manager Active Clustering Candidate DCEaCECS Scd ecd ES 3024 JR 30024 20 80 25 2 03 06 5 4024 85 4024 Hw A ddr Go to menu Management gt Cluster Management gt Clustering Management Configuration In Clustering Management Configuration pages check the Active check box to enable Cluster Manager In the middle of this page there is a table shows all the clustering candidates which can be selected and added as the clustering members otep 2 79 All contents c
46. nfig rom to the switch and renames it rom O 7 Enter quit to exit the ftp prompt All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Backing Up a Configuration File From Web GUI 1 Click Management and then Maintenance in the navigator panel to bring up the following screen Firmware Upgrade Slick Here Restore Configuration ClickHere Backup Configuratian Glick Here Load Factory Default Click Here Reboot System Chek Here 2 Click on the Click Here link of the Backup Configuration to bring up the following screen Maintenance This page allows you ta back up the devices current configuration ta your workstation Mow click the Backup button 3 Click on the Backup button to bring up the File Download dialog Then clicking on the Save button to backup the configuration rom file to a proper location From Console Port 1 Connect to the console port and open the Terminal Emulation Software 2 Restarting the Switch to enter the debug mode via the terminal 3 Enter ATTD All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 4 Use X modem protocol to transfer Receive File the firmware 5 Enter ATGO to restart the Switch after done uploading the configuration file From Command Line FTP 1 Download and unzipped the correct model firmware to your compu
47. ng tree it enables all root ports and designated ports and disables all other ports Network packets are therefore only forwarded between root ports and designated ports eliminating any possible network loops STP aware devices exchange Bridge Protocol Data Units BPDUs periodically When the bridged LAN topology changes a new spanning tree is constructed Once a stable network topology has been established all bridges listen for Hello BPDUs Bridge Protocol Data Units transmitted from the root bridge If a bridge does not get a Hello BPDU after a predefined interval Max Age the bridge assumes that the link to the root bridge is down This bridge then initiates negotiations with other bridges to reconfigure the network to re establish a valid network topology For example Switch A Switch B Switch C MAC MAC 00A0C5111111 MAC 00A0C5222222 00A0C5333333 Priority 32768 Priority 32768 Priority 1 Portt Pot2 Pot Port2 Poti Cost 19 100 Cost 19 100 Cost 19 Priority 128 128 Priority 128 128 Priority 128 58 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Segment B 100Base T Switch A Switch B SegmentA 1OBase T 1 Switch A bridge ID 8000 00A0 C511 1111 Switch B bridge ID 8000 00A0 C522 2222 Switch C bridge ID 0001 00A0 C533 3333 Switch C has the lowest bridge ID so Switch C is the root bridge All ports of the root bridge are de
48. nity Map Object Properties General Access Attributes Dependencies Name Read Write Community Value Athib Read Access Mode SNMP 2 Read rite Access Mode SNMP vac Read Community public ead Write Conanmitv public Trap Community public Y 5 Engineid ato gt Y 5 Context Mame snot s t Y3 No vth Security Name znat zet va AuthPrv Security Name enot zet V3 Auth Pazewd enot zet Y 5 Priv Passwd snot s t Step 8 In the Selection tool menu Click the name of your Switch to manage the device Figure 10 Device Selection 70 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 5 SNMPc Management Console Root Subnet 46 File Edit View Insert Manage Tools Config Window Help A S SJ 8 SIS ELAH 2 9 eere rm a m Ez Root Subnet f Discovered Objects 192 168 1 6 192 168 1 1 ZyXEL ES 2108 65 4024 65 4024 Discovered Objects 192 168 1 GS 4024 Tob oa BB G D Trend Event Menu Major 12 27 2805 13 53 44 192 168 1 5H No Response to Device Poll Major 12 27 2885 13 53 44 192 168 1 1 No Response to Device Poll Major 12 27 2885 13 53 44 192 168 1 66 No Response to Device Poll Step 9 After the selection a pop up menu will display the NetAtlas switch manager diagram Click the Switch Manager to enter the EMS Mapping shown in Figure 11 Figure 11 Device Selection ZvXEL Neta tlaz Element Mana
49. nsceiver amp the LC LC Fiber Cable Steps to complete this scenario 1 First pick up your ES 2108 LC and GS 4024Switch and power them up 12 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Photo of the ES 2108 LC Switch ZyXEL es 2108 10 CONSOLE 2 Find both Mini GB Port on ES 2108 LC and GS 4024 2 Zi FEE ge d ZIE i ror 3 Get one transceiver and plug it into the Mini GB Port of ES 2108 LC 13 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 14 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 5 Remove both side of the protection cap from the LC LC Fiber Cable 6 Plug the LC LC Fiber Cable into the transceivers on both ES 2108 LC and GS 4024 Switch If you connected the cable correctly the LED of the LINK will light up 15 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 7 Now connect the first PC Alpha to ES 2108 LC and the second PC Delta to the GS 4024 via the regular Ethernet cable 8 Set the NICs in both computers to the same IP Domain ex PC Alpha 192 168 1 4 24 PC Delta 192 168 1 5 24 9 From PC Alpha PING PC Delta at 192 168 1 5 Gi pinu 192 168 1 5 Pinging 192 168 1 5 with 32 bytes
50. opyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Clustering Candidate Select a device in the Clustering Candidate table and enter the password which is the admin password for the candidate device to add the clustering member Step 3 qz EHDSTEREUEFENCINEJENE Configuration Status Manager The Number Of Member 2 Hw Addr Name Model Status 00 80 25 3 46 43 ES 3024 5 3024 Online 80 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Click on the index number to manage the selected clustering member Step 4 E5 3024 E5 0024 5lave Member Menu Basic Setting Advanced Applications Routing Protocol Management System Info VLAN Static Route Setup Maintenance General Setup Static MAC Forward Diagnostic Switch Setup Filtering Filtering Database IP Setup Spanning Tree Protocol ARP Table Port Setup Bandwidth Control Port Status Broadcast Storm Control Mirroring Link Aggregation Port Authentication Port Security Access Contral Queuing Method In Member Menu pages you can change any setting of the clustering member except Cluster Management Firmware Upgrade and Restore Configuration Step 5 81 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Clustering Management Status Configuration Status Manager Manager 0 ad c5 ab n0 3
51. rator The VLAN entries in Filtering Database have the following information 1 VID VLAN ID 2 Port The switch port number 3 Ad Control Registration administration control There are 3 type of ad control including forbidden registration fixed registration and normal registration 44 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes e Forbidden registration This port is forbidden to be the egress port of specified VID e Fixed registration While ad control is fixed registration it means this is a static registration entry This port is the egress port of the specified VID a member port of the specified VLAN The frames with specified VID tag can go through this port e Normal registration While ad control is normal registration it means this is a dynamic registration entry The forwarding decision is depended on Dynamic VLAN table 4 Egress tag Control This information is used for Egress Process The value may be tagged or untagged If the value is tagged the outgoing frame on the egress port is tagged If the value is untagged the tag will be removed before frame leaves the egress port 10 1 Forbidden Tag 10 2 Fixed Tag 10 3 Normal UnTag 20 1 Fixed Tag 20 5 Fixed UnTag Filtering Database 10 1 10 2 20 3 Dynamic VLAN DVLAN table 3 Egress Process The Egress Process decides if the outgoing frames but be sent tagged or untagged The Eg
52. ress Process refers to the egress tag control information in 45 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Filtering Database If the value is tagged the outgoing frame on the egress port is tagged If the value is untagged the tag will be removed before frame leaves the egress port How to connect two switches using VLAN want to make VLAN on two layer 2 switches and want to connect first switch to second switch with trunk port There will be 5 VLAN on first Switch and there will be 7 VLAN on second switch Trunk port will be port 25 on both switches as well made VLAN s on both switch but I did not find trunk options on both switches How can I use Port 25 as trunk port The scenario is described as below Uses port 25 to connect this two switches Layer 2 Loyer 2 W EEEE witch s m m mo M HNUHMHMHMH EF VLAN 101 LAN 105 VLAN 101 LAN 105 Where the configurations of VLAN in this two switches are VLAN 2 3 4 5 6 7 8 on switch A VLAN 2 3 4 5 6 on switch B Configuration of VLAN on switch A 46 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Index VID lalsla 10 412 14 15 12 20 22 24 26 Elapsed Time Status 2 1137617 ls 41 13 16 17 19 21 33 25 1 1 ARCE JE JAJCA DUM SANI BE 0 01 49 Static ulululululululululululu a
53. rk management software produced by Castle Rock that constantly probe the network element NE and collect information of those NE for EMS Underneath the EMS is Postgres SQL the enterprise relational database system provides query for EMS Figure 1 System Architecture 63 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Postgre SQL Overview of SNMPc The following diagram shows the main elements of SNMPc SNMPc includes the following function Main Button Bar Button and controls to execute commands quickly Edit Button Bar Button to quickly insert map element Event Log Tool Button display filtered event log entries View Window Area Map View Mib Tables and Mib Graph windows are displayed here View Window Area Map View Mib Tables and Mib Graph windows Figure 2 Main elements of SNMPc 64 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes SNMPc Management Console Root Subnet ota Ae Edt Yew Insert Manage Took _ Earfig Moor Hep Al sil aj Ta al ssl mj sal Al e EJ frets Systeminta zi si 2 Root Subnet e 132 155 0 1 Overview of EMS The following diagram illustrates the main elements in EMS EMS contains the four main functions Menu Shortcut Bar The buttons execute common commands Device Panel This is a graphical device display
54. s 2 101 0 01 49 Static KJ RER ETER ES ER EZR ESEZEZE 3 102 U 0 01 49 Static W ET ES E EZ ES IESU een 4 103 T T 0 01 44 Static 5 104 i 0 01 49 Static B 105 i i i i 0 01 49 Static 7 106 l l l Y l l 0 01 49 Static 3 107 2 Y 0 01 48 Static O gilli 2 Configuration of VLAN on svvitch B Mrmber Of VLAM 6 Fart Number Index VID la ls 8 1 l12 14 15 18 20 22 24 26 Elapsed Time Status 1l3slslr a 389 21 23 25 1 1 a LA DA RAZER PARA AA PA BA BA SE NES 0 02 25 Static ululululululululululululu urn Sse eal aes E 101 U U U 0 02 25 atatic s oru popula fea Sa j 102 T T i 0 02 25 static 17 ESSE ESSEN EE PRETI ERE ESI ER E 4 103 i T T 0 02 25 static 5 104 i A i i r 0 02 25 Static B 105 i i l i i A s 0 02 25 Static Answer In switch A add port 25 in each VLAN VID 101 port 1 2 3 25 TAG VID 102 port 4 5 6 25 TAG VID 103 port 7 8 9 10 25 TAG VID 104 port 23 24 25 TAG VID 105 port 11 12 13 14 25 TAG VID 106 port 15 16 17 25 TAG VID 107 port 18 19 20 21 25 TAG In switch B add port 25 in each VLAN VID 101 port 1 2 3 4 25 TAG 47 All contents copyright c 2006 ZyXEL Communications Corporation
55. signated ports so Port 1 is designated port 2 Por non root bridge Switch A Port 1 path cost to root bridge is 19 Port 2 path cost is 119 100 Switch A Port 2 19 Switch B Port 1 For Switch B Port 1 path cost is 19 Port 2 path costis 119 Root port Port 1 of Switch A and Switch B because it has the lowest path cost to the root bridge Switch C 3 On Segment A both Port 2 of Switch A and Switch B have the same path cost to root bridge Since Switch A has lower bridge ID than Switch B the designated port is selected on Switch A So Port 2 of Switch A is designated port Blocking Port 2 of Switch B the non designated port on the segment Forwarding All designated ports and root ports 59 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Switching security MAC freeze As an added protection against network intrusion attacks ZyXEL has implemented the MAC Freeze feature on all ZyXEL Management Switches with firmware version 3 6 or above Security has been the focus of our Ethernet switch design With the MAC freeze feature enabled dynamic MAC addresses on specified ports are stored in the static MAC address table At the same time MAC address learning is disabled on these ports thus denying network access for computers within unknown MAC addresses Without the MAC freeze function any computer can access the network through a switch port The port automatically
56. ssword to default How do I configure an IP address is Online Help available on the Web GUI All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes How to restart device from Web How to check the current running firmware version Is the mini GBIC transceiver hot swappable What are the differences between ES 2024 and ES 2024A How much PoE Power can ES 2024PWR supply concurrently Remaining Some demonstration in this support note may not use the exact model that you are using However their functions and settings work the same way How to manage amp maintain your Switch Firmware Upgrade From Web GUI 1 Download and unzipped the correct model firmware to your computer 2 Click Management and then Maintenance in the navigator panel to bring up the following screen q OKANI Firrmware Upgrade Click Here Restore Canfiguratian Click Here Backup Configuration Click Here Load Factory Default Click Here Reboot System Click Here 3 Click on the Click Here link of the Firmware Upgrade to bring up the following screen All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Du ee TID Maintenance To Upgrade the internal switch firmware browse to the location of the binary c BI file and click Apply huttan 4 Browse the firmware located or type in the path into the File Path field 5
57. t Console configuring IP Commander on 192 168 1 99 Hil RA T M I 4 Hp T le Edi ine ew im 1 Hel Tas Es GBE QQ 9 IP Commander 2 1921681 93 lt ONL Service Configuration for 192 168 1 99 ONLINE Stand alone gt 2 Service Configu Administrator Ac IP Commander Administrator Configuration Utility Network Views Ciient Er o Rules Copyright Ea ER za E cya CS 7 8 ES Templates Policies Access Control Specifying a Template for the rule Management Static Addresse Server Client Classes Service Hardware Active IP Addre Anti Roaming D View Audits Statistics df DDNS amp TFTPI Create a new template If a rule does not have a template it is still functional Requesting clients may still be allocated IP addresses and receive DHCP option data inherited from a parent rule or from the global template You may use an existing template or you may create a new template Link an existing template to the rule C Leave the rule without a template 1 Cancel b l 1 Microsoft Word Incognito Managemen Incognito Management Console configuring IP Commander on 192 168 1 99 x6 8 6860B 40 9 x El IP Commander 2 192 168 1 99 lt ONL Service Configuration for 192 168 1 99 ONLINE Stand alone gt e Service Configu ee Ac Commander Administrator Configuration Utility A Network Views Cjient revisiggy T k Fuer Copyr
58. tain port Spanning tree algorithm aware switches bridges exchange configuration messages periodically The configuration message is a multicast frame called BPDU Bridge Protocol Data Unit or Hello message According to BPDU these STP aware will construct a loop free network with tree architecture STP operation is listed as the following 1 Select a root bridge Only one switch bridge can be selected as the root bridge in a given network All other decisions in the network such as which port is blocked and which port is put in forwarding mode are made regarding this root bridge The root bridge is the root of the constructed tree 1 One of the important field included in the BPDU is the bridge ID Each bridge has unique bridge ID The root bridge is the bridge with the lowest bridge ID in the spanning tree network 56 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes 2 The bridge ID includes two parts bridge priority 2 bytes and bridge MAC address 6 bytes The 802 1d default bridge priority is 32 68 For example a switch with default priority 32768 8000 hex MAC address is 00 A0 C5 12 34 56 its bridge ID is 8000 00A0 C512 3456 3 On the root bridge all its ports are designated ports Designated ports are always in the forwarding state While in forwarding state a port can receive and send traffic 2 Select a root port for the non root bridge For
59. te the rule criteria Management Static Addresse Select rule criteria from the keywords list and link them using operators Client Classes i in the operators list Use parantheses to specify the order of preference Hardware Mapp i Active IP Addre i Keywords Operators Anti Roaming D View Audits Statistics DDNS amp TFTPI lt Back Cancel Doel Microsoft Word en M 3 P I x PF 0342 After select the DHCP Option it will pop up Add DHCP Option Rule dialog Select option 82 Relay Agent Information sub option 1 binary data For port 25 VLAN 1 GS 3012 please key in 0019000147532d333303132 as the key value and click OK Please note that the first 2 bytes define port number the second 2 bytes is VLAN ID and the other bytes are the Option 82 string 24 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Incognito Management Console configuring IP Commander on 192 168 _1 99 ONLINE Stand alone gt File Edit Service View Import E Wizards Tools Reports Help Xx6 8 oB9 IP Commander 192 168 1 99 ONL o Create Rule QQ El Service Configu Administrator General Rule Criteria High Water Marks Rule Options Network Views Templates Policies HH Access Control Create the rule criteria Management Static Addresse ower limit Select rule criteria from the keywords list and link
60. ter 2 Launch the FTP client on your PC to login Switch From the command prompt type ftp Switch IP Press Enter for the User name Enter password to get the ftp prompt Enter bin to set transfer mode to binary 5 91 o 109 Use get to transfer the firmware from the computer to the switch for example get rom 0 config rom transfers the firmware on your computer config rom to the switch and renames it config rom 7 Enter quit to exit the ftp prompt All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Load Factory Defaults From Web GUI 1 Click Management and then Maintenance in the navigator panel to bring up the following screen Firmware Upgrade Click Here Restore Configuration Click Here Reboot System 2 Click on the Click Here button of the Load Factory Defaults to bring up the following screen 3 Adialog pops up with the message Are you sure you want to load factory defaults Microsoft nternet Explorer v Are you sure you want to load Factory default E Cancel 4 Click OK to go to the following dialog 5 Click on the OK button Now all switch configurations has been reset to the factory defaults and the system will be restarted 6 Please note that the switch IP address is now 192 168 1 1 From Console Port 1 Connect to the console port and open the Terminal Emulation Software 2 Type in the correct pass
61. the non root switch bridge there will be one root port The root port is the port through which this non root switch bridge communicates with the root bridge the leaf side of the tree 1 The root port is the port on the non root bridge with the lowest path cost to the root bridge The root port is normally in forwarding State 2 Path cost is the total cost of transmitting a frame on to a LAN through that port to bridge root It is assigned according to the bandwidth of the link The slower the media the higher the cost Some of the path costs specified in the IEEE 802 1d specification are listed below 4Mbps 250 100 to 1000 10Mbps 100 50 to 600 16Mbps 62 40 to 400 100Mbps 19 10 to 60 1Gbps 4 3 to 10 10Gbps 2 1 to 5 3 When multiple ports have the same path cost to root bridge the port with lowest port priority is selected as root port 3 Select a designated port on each segment 57 All contents copyright c 2006 ZyXEL Communications Corporation XEL zy ES 2000 Series Switch Support Notes For each LAN segment collision domain there is a designated port The designated port has the lovvest cost to the root bridge Designated ports are normally in the forwarding state to forward and receive traffic to the segment If more than one port in the segment have the same path cost the port on which bridge has lowest bridge ID is selected as a designated port 1 How STP works After STP determines the lowest cost spanni
62. to restart device from Web 1 Click Management and then Maintenance in the navigation panel to display the following screen q LANTE Firmware Upgrade Click Here Restore Configuration Click Here Backup Configuration Click Here Load Factory Default Click Here Reboot System Click Here 2 Click on the Click Here button next to the Reboot System will restart the Switch How to check the current running firmware version From console issuing a command show system information will return the information of the firmware version installed on the switch Is the mini GBIC transceiver hot swappable Yes it is hot swappable You can change transceivers while the switch is 86 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes operating What are the differences between ES 2024 and ES 2024A 8K MAC addresses 10K MAC addresses 8K MAC uplifts system capabiltity and boosts Bridging performance PVID 1 255 Full range VLAN support Support up to 3 Support up to 7 groups 2 FE 1GbE maximum links up to Aggregation 4 ports GbE 2 ports per group groups each can include 4 port maximum 4 priority queues 2priority queues Double queues acconmondate more ranking options to optimize traffic of critical missions Supported DSCP None DSCP suppoted to enable DiffServ 802 1P mapping ingress rate limiting ingress rate
63. word to bring up the prompt Type erase run to load the factory default configurations 10 All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes Physical Switch connection How to connect two switches via Fiber Channel Your Switch may come with one or many mini GB ports ZyXEL offers Small Form factor Pluggable SFP transceivers for Gigabit Ethernet and Fiber Channel applications These small modular optical interface transceivers offer a convenient and cost effective solution for the adoption of Gigabit Ethernet and Fiber Channel in data center campus metropolitan area access ring networks and storage area networks It supports full duplex Gigabit speeds and hot pluggable feature Scenario Fiber Cable LC LC ES 2108 L G5 4024 b lt gt Fast Ethemet a4 PC Alpha PC Delta In this scenario ES 2108 LC is connected to GS 4024 via the mini GB Port with a LC LC Fiber cable 62 5 125MM PC Alpha is connected to ES 2108 LC and another PC Delta is connected to the GS 4024 Switch via the RJ45 Port What you need here to complete this scenario All contents copyright c 2006 ZyXEL Communications Corporation ZyXEL ES 2000 Series Switch Support Notes ZyXEL Switch with Mini GB port x2 note ES 2024A ES 2024PWR ES 2048 comes with 2 Mini GB Port e SFP SX Transceiver x2 e LC LC Fiber Cable 62 5 125MM x1 Here is the photo of the SFP SX Tra
Download Pdf Manuals
Related Search