ZyXEL ES-4124 User Guide
ZyXEL ES-4124 Manual
 |
View all ZyXEL ES-4124 manuals
Add to My Manuals
Save this manual to your list of manuals |
ZyXEL ES-4124 manual content summary:
- ZyXEL ES-4124 | User Guide - Page 1
ES-4124 Intelligent Layer 3+ Switch User's Guide Version 3.8 4/2007 Edition 1 DEFAULT LOGIN IP Address http://192.168.1.1 User Name admin Password 1234 www.zyxel.com - ZyXEL ES-4124 | User Guide - Page 2
- ZyXEL ES-4124 | User Guide - Page 3
User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ES-4124 using the web configurator or via commands. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation • Quick Start Guide - ZyXEL ES-4124 | User Guide - Page 4
, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The ES-4124 may be referred to as the "Switch", the "device", the "system" or the "product" in this User's Guide. • Product labels, screen names, field labels and field choices are all in bold font - ZyXEL ES-4124 | User Guide - Page 5
Document Conventions Icons Used in Figures Figures in this User's Guide may use the following generic icons. The Switch icon is not an exact representation of your device. The Switch Computer Notebook computer Server DSLAM Firewall Telephone Switch Router ES-4124 User's Guide 5 - ZyXEL ES-4124 | User Guide - Page 6
, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example stumble over them. • Always disconnect all cables from this device before servicing or disassembling. • Use ONLY an appropriate power adaptor or cord for . 6 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 7
This product is recyclable. Dispose of it properly. Safety Warnings ES-4124 User's Guide 7 - ZyXEL ES-4124 | User Guide - Page 8
Safety Warnings 8 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 9
Contents Overview Introduction ...35 Getting to Know Your Switch ...37 Hardware Installation and Connection 41 Hardware Overview ...191 IP Source Guard ...205 Loop Guard ...225 IP Application ...229 Static Route ...231 RIP ...233 OSPF ...235 IGMP ...247 DVMRP ...251 ES-4124 User's Guide 9 - ZyXEL ES-4124 | User Guide - Page 10
...333 User and Enable Mode Commands 387 Configuration Mode Commands 393 Interface Commands ...405 IEEE 802.1Q Tagged VLAN Commands 415 Multicast VLAN Registration Commands 423 Routing Domain Command Examples 425 Troubleshooting ...427 Appendices and Index ...435 10 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 11
Switch on a Rack 42 2.2.1 Rack-mounted Installation Requirements 42 2.2.2 Attaching the Mounting Brackets to the Switch 42 2.2.3 Mounting the Switch on a Rack 43 Chapter 3 Hardware Overview...45 3.1 Panel Connections ...45 3.1.1 Console Port ...46 3.1.2 Ethernet Ports ...46 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 12
4.3 The Status Screen ...56 4.3.1 Change Your Password 61 4.4 Saving Your Configuration 61 4.5 Switch Lockout ...61 4.6 Resetting the Switch ...62 4.6.1 Reload the Configuration File 62 4.7 Status Summary ...71 6.2.1 Status: Port Details 72 Chapter 7 Basic Setting ...77 12 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 13
an IP-based VLAN Example 102 8.11 Port-based VLAN Setup 103 8.11.1 Configure a Port-based VLAN 104 Chapter 9 Static MAC Forward Setup 107 9.1 Overview ...107 9.2 Configuring Static MAC Forwarding 107 Chapter 10 Filtering...109 10.1 Configure a Filtering Rule 109 ES-4124 User's Guide 13 - ZyXEL ES-4124 | User Guide - Page 14
Aggregation Status 138 15.4 Link Aggregation Setting 139 15.5 Link Aggregation Control Protocol 140 15.6 Static Trunking Example 142 Chapter 16 Port Authentication...145 14 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 15
21.1 VLAN Stacking Overview 171 21.1.1 VLAN Stacking Example 171 21.2 VLAN Stacking Port Roles 172 21.3 VLAN Tag Format ...173 21.3.1 Frame Format ...173 ES-4124 User's Guide 15 - ZyXEL ES-4124 | User Guide - Page 16
Attribute 199 23.3 Supported RADIUS Attributes 200 IP Source Guard...205 24.1 IP Source Guard Overview 205 24.1.1 DHCP Snooping Overview 205 24.1.2 ARP Inspection Overview 207 24.2 IP Source Guard ...209 24.3 IP Source Guard Static Binding 209 24.4 DHCP Snooping ...211 16 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 17
Loop Guard...225 25.1 Loop Guard Overview ...225 25.2 Loop Guard Setup ...227 Part IV: IP Application 229 Chapter 26 Static Route ...231 26.1 Configuring Static Routing 231 Chapter 27 RIP ...233 27 242 28.5 Configuring OSPF Interfaces 242 28.6 OSPF Virtual-Links ...244 ES-4124 User's Guide 17 - ZyXEL ES-4124 | User Guide - Page 18
Messages 253 30.4 Default DVMRP Timer Values 254 Chapter 31 IP Multicast ...255 31.1 IP Multicast Overview ...255 31.2 Configuring Multicast ...255 Chapter 32 Differentiated Services ...257 32.1 DiffServ 266 33.4 DHCP Relay ...267 33.4.1 DHCP Relay Agent Information 267 18 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 19
.2 VRRP Status ...274 34.3 VRRP Configuration ...275 34.3.1 IP Interface Setup 275 34.3.2 VRRP Parameters 276 34.3.3 Configuring VRRP 285 35.2 Load Factory Default ...286 35.3 Save Configuration ...286 35.4 Reboot System ...287 35.5 Firmware Upgrade ...287 35.6 Restore 293 ES-4124 User's Guide 19 - ZyXEL ES-4124 | User Guide - Page 20
316 39.2.1 Cluster Member Switch Management 317 39.3 Clustering Management Configuration 318 Chapter 40 MAC Table...321 40.1 MAC Table Overview ...321 40.2 Viewing the MAC Table 322 Chapter 41 IP Table ...323 41.1 IP Table Overview ...323 41.2 Viewing the IP Table ...324 20 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 21
and Troubleshooting 331 Chapter Password 335 45.6 Creating a New IP User Mode ...340 45.12.2 Enable Mode ...341 45.12.3 General Configuration Mode 351 45.12.4 interface port-channel Commands 377 45.12.5 interface route-domain Commands 382 45.12.6 config-vlan Commands 384 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 22
46 User and Enable Mode Commands 387 46.1 Overview ...387 46.2 show Commands ...387 46.2.1 show system-information 387 46.2.2 show ip ...388 Using a Different Configuration File 392 46.6.2 Resetting to the Factory Default 392 Chapter 47 Configuration Mode Commands 393 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 23
Multicast VLAN Registration Commands 423 50.1 Overview ...423 50.2 Create Multicast VLAN 423 Chapter 51 Routing Domain Command Examples 425 51.0.1 interface route-domain 425 ES-4124 User's Guide 23 - ZyXEL ES-4124 | User Guide - Page 24
the Switch 427 52.2.1 Pop-up Windows, JavaScripts and Java Permissions 428 52.3 Problems with the Password 433 Part VII: Appendices and Index 435 Appendix A Product Specifications 437 Appendix B Legal Information 443 Appendix C Customer Support 447 Index...451 24 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 25
56 Figure 18 Change Administrator Login Password 61 Figure 19 Resetting the Switch: Via the Console Port 63 Figure Setting > General Setup 79 Figure 28 Basic Setting > Switch Setup 82 Figure 29 Basic Setting > IP Setup ...84 Figure 30 Basic Setting > Port Setup 99 ES-4124 User's Guide 25 - ZyXEL ES-4124 | User Guide - Page 26
78 Policy Example ...165 Figure 79 Advanced Application > Queuing Method 169 Figure 80 VLAN Stacking Example ...172 Figure 81 Advanced Application > VLAN Stacking 174 26 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 27
113 Loop Guard vs STP ...225 Figure 114 Switch in Loop State ...226 Figure 115 Loop Guard IP Application > OSPF Status 238 Figure 123 IP Application > OSPF Configuration: Activating and General Settings 240 Figure 124 IP Application > OSPF Configuration: Area Setup 241 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 28
Message 254 Figure 138 IP Application > IP Multicast 255 Figure 139 DiffServ: Differentiated Service Field 257 Figure 140 Switch A 280 Figure 166 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch B 281 Figure 167 VRRP Example 2: VRRP Status on Switch A 281 28 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 29
Switch B 281 Figure 169 Management > Maintenance 285 Figure 170 Load Factory Default: Start 286 Figure 171 Reboot System: Confirmation 287 Figure 172 Management > Maintenance > Firmware 187 Management > Access Control > Service Access Control 305 Figure 188 Management ES-4124 User's Guide 29 - ZyXEL ES-4124 | User Guide - Page 30
List of Figures Figure 211 Security Settings - Java ...432 Figure 212 Java (Sun) ...433 30 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 31
Basic Setting > Switch Setup 82 Table 11 Basic Setting > IP Setup ...84 Table Switch 138 Table 36 Link Aggregation ID: Peer Switch 138 Table 37 Advanced Application > Link Aggregation Status 138 Table 38 Advanced Application > Link Aggregation > Link Aggregation Setting 140 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 32
Supported Tunnel Protocol Attribute 200 Table 66 RADIUS Attributes - Exec Events via Console 202 Table 67 RADIUS Attributes - Exec Events via Telnet/SSH 202 Table 68 RADIUS Attributes - Exec Events via Console 202 Table 69 IP Source Guard ...209 Table 70 IP Guard 227 32 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 33
...294 Table 117 AAA Traps ...295 Table 118 SNMP IP Traps ...295 Table 119 SNMP Switch Traps ...296 Table 120 Management > Access Control > SNMP Table 123 Management > Access Control > Service Access Control 306 Table 124 Management > Access Control > Remote Management 306 ES-4124 User's Guide 33 - ZyXEL ES-4124 | User Guide - Page 34
ZyXEL Switch 427 Table 147 Troubleshooting Accessing the Switch 427 Table 148 Troubleshooting the Password 433 Table 149 Hardware Specifications ...437 Table 150 Firmware Specifications ...438 Table 151 Switching Specifications ...440 Table 152 Standards Supported ...441 34 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 35
PART I Introduction Getting to Know Your Switch (37) Hardware Installation and Connection (41) Hardware Overview (45) 35 - ZyXEL ES-4124 | User Guide - Page 36
36 - ZyXEL ES-4124 | User Guide - Page 37
's port or connect other switches to the Switch. In this example, all computers can share high-speed applications on the server. To expand the network, simply add more networking devices such as switches, routers, computers, print servers etc. Figure 1 Backbone Application ES-4124 User's Guide 37 - ZyXEL ES-4124 | User Guide - Page 38
your network and complex maintenance. The Switch can provide the same bandwidth as ATM at much lower cost while still being able to use existing adapters and switches. Moreover, the current LAN structure can be retained as all ports can freely communicate with each other. 38 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 39
Chapter 1 Getting to Know Your Switch Figure 3 High Performance Switched Workgroup Application 1.1.4 IEEE 802.1Q VLAN Application Examples A VLAN (Virtual 4 Shared Server Using VLAN Example 1.2 Ways to Manage the Switch Use any of the following methods to manage the Switch. ES-4124 User's Guide 39 - ZyXEL ES-4124 | User Guide - Page 40
unstable or even crashes. If you forget your password, you will have to reset the Switch to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Switch. You could simply restore your last configuration. 40 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 41
to each corner on the bottom of the Switch. These rubber feet help protect the Switch from shock or vibration and ensure space between devices when stacking. Figure 5 Attaching Rubber Feet " Do NOT block the ventilation holes. Leave space between devices when stacking. ES-4124 User's Guide 41 - ZyXEL ES-4124 | User Guide - Page 42
side of the Switch, lining up the four screw holes on the bracket with the screw holes on the side of the Switch. Figure 6 Attaching the Mounting Brackets 2 Using a #2 Philips screwdriver, install the M3 flat head screws through the mounting bracket holes into the Switch. 42 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 43
on the side of the rack. Figure 7 Mounting the Switch on a Rack 2 Using a #2 Philips screwdriver, install the M5 flat head screws through the mounting bracket holes into the rack. 3 Repeat steps 1 and 2 to attach the second mounting bracket on the other side of the rack. ES-4124 User's Guide 43 - ZyXEL ES-4124 | User Guide - Page 44
Chapter 2 Hardware Installation and Connection 44 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 45
active at a time. • 2 100/1000 Mbps RJ-45 Gigabit Ports: Connect these Gigabit Ethernet ports to high-bandwidth backbone network Ethernet switches. • 2 Mini-GBIC Ports: Use mini-GBIC transceivers in these slots for fiber-optic connections to backbone Ethernet switches. ES-4124 User's Guide 45 - ZyXEL ES-4124 | User Guide - Page 46
is a single unit that houses a transmitter and a receiver. The Switch does not come with transceivers. You must use transceivers that comply with the SFP Transceiver MultiSource Agreement (MSA). See the SFF committee's INF-8074i specification Rev 1.0 for details. 46 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 47
Example 2 Press the transceiver firmly until it clicks into place. 3 The Switch automatically detects the installed transceiver. Check the LEDs to verify that it is functioning mini GBIC transceiver (SFP module). 1 Open the transceiver's latch (latch styles vary). ES-4124 User's Guide 47 - ZyXEL ES-4124 | User Guide - Page 48
power receptacle. For the DC power input model, it also contains a power switch. Figure 13 Rear Panel - AC Model Figure 14 Rear Panel - DC Model 3.3 Power Connections Overview Use the following procedures to connect the Switch to a power source after you have installed it. 48 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 49
437, and make sure you are using an appropriate power source. 1 Keep the power supply switch and the Switch's power switch in the OFF position until you come to the procedure for turning on the power. " Use . Make sure that no objects obstruct the airflow of the fans. ES-4124 User's Guide 49 - ZyXEL ES-4124 | User Guide - Page 50
supply. The backup power supply automatically provides power to the Switch in the event of a power failure. Once the Switch receives power from the backup power supply, it will not automatically switch back to using the internal power supply even when the power is resumed. 50 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 51
1 Turn on the power supply first. 2 Move the Switch power switch to the ON position. Chapter 3 Hardware Overview 3.4 LEDs The following table describes the LEDs. Table 2 LEDs full-duplex mode. Off The Ethernet port is negotiating in half-duplex mode. Mini-GBIC Slots ES-4124 User's Guide 51 - ZyXEL ES-4124 | User Guide - Page 52
/from an Ethernet device. The port is connected at 100 Mbps. The port is not connected at 100 Mbps or to an Ethernet device. 52 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 53
PART II Basic Configuration The Web Configurator (55) Initial Setup Example (65) System Status and Port Statistics (71) Basic Setting (77) 53 - ZyXEL ES-4124 | User Guide - Page 54
54 - ZyXEL ES-4124 | User Guide - Page 55
or Address field. Press [ENTER]. 3 The login screen appears. The default username is admin and associated default password is 1234. The date and time display as shown if you have not configured a time server nor manually entered a time and date in the General Setup screen. ES-4124 User's Guide 55 - ZyXEL ES-4124 | User Guide - Page 56
in the main window. B, C, D, E - These are quick links which allow you to perform certain tasks no matter which screen you are currently working in. 56 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 57
to a specific configuration file. C - Click this link to go to the status page of the Switch. D - Click this link to logout of the web configurator. E - Click this link to display Panel Sub-links Overview BASIC SETTING ADVANCED APPLICATION IP APPLICATION MANAGEMENT ES-4124 User's Guide 57 - ZyXEL ES-4124 | User Guide - Page 58
Load Factory Default Save Configuration Reboot System Access Control SNMP Logins Service Access Control Remote Management Diagnostic Syslog Syslog Setup Server Setup Cluster Management Status Configuration MAC Table IP Table ARP Table Routing Table Configure Clone 58 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 59
queues. IP Setup This link takes you to a screen where you can configure the IP address, subnet mask (necessary for Switch management) and DNS (domain name server) and set up to 64 IP routing domains you can configure various multicast features and create multicast VLANs. ES-4124 User's Guide 59 - ZyXEL ES-4124 | User Guide - Page 60
to a screen where you can view the MAC addresses - IP address resolution table. Routing Table This link takes you to a screen where you can view the routing table. Configure Clone This link takes you to a screen where you can copy attributes of one port to other ports. 60 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 61
: 1 Delete the management VLAN (default is VLAN 1). 2 Delete all port-based VLANs with the CPU port as a member. The "CPU port" is the management port of the Switch. 3 Filter all traffic to the CPU port. 4 Disable all ports. 5 Misconfigure the text configuration file. ES-4124 User's Guide 61 - ZyXEL ES-4124 | User Guide - Page 62
port will be reset to the default of 9600bps with 8 data bit, no parity, one stop bit and flow control set to none. The password will also be reset to "1234" and the IP address to 192.168 your terminal. 6 After a configuration file upload, type atgo to restart the Switch. 62 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 63
Chapter 4 The Web Configurator Figure 19 Resetting the Switch: Via the Console Port Bootbase Version: bytes received. Erasing OK ES-4124> atgo The Switch is now reinitialized with a default configuration file including the default password of "1234". 4.7 of that screen. ES-4124 User's Guide 63 - ZyXEL ES-4124 | User Guide - Page 64
Chapter 4 The Web Configurator 64 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 65
. This allows the Switch to route traffic between the RD and Sales networks. Figure 21 Initial Setup Network Example: IP Interface 1 Connect your computer to the MGMT port that is used only for management. Make sure your computer is in the same subnet as the MGMT port. ES-4124 User's Guide 65 - ZyXEL ES-4124 | User Guide - Page 66
VLAN to which the DHCP clients belong, the starting IP address pool, subnet mask, default gateway address and the DNS server address(es). 3 Click Add to save the settings to the run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. 66 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 67
the Static VLAN screen, select ACTIVE, enter a descriptive name in the Name field and enter 2 in the VLAN Group ID field for the VLAN2 network. ES-4124 User's Guide 67 - ZyXEL ES-4124 | User Guide - Page 68
field in this screen and the VID field in the IP Setup screen refer to the same VLAN ID. 3 Since the VLAN2 network is connected to port 1 on the Switch, select Fixed to configure port 1 to be a Settings in the run-time memory are lost when the Switch's power is turned off. 68 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 69
1 Click IP Application and RIP in the navigation panel. 2 Select Both in the Direction field to set the Switch to broadcast supported. 4 Click Apply to save your changes back to the run-time memory. Settings in the run-time memory are lost when the Switch's power is turned off. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 70
Chapter 5 Initial Setup Example 70 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 71
screen (refer to Figure 25 on page 73). Name This is the name you assigned to this port in the Basic Setting, Port Setup screen. ES-4124 User's Guide 71 - ZyXEL ES-4124 | User Guide - Page 72
in the Status screen to display individual port statistics. Use this screen to check status and detailed performance data about an individual port on the Switch. 72 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 73
shows the number kilobytes per second transmitted on this port. Rx KB/s This field shows the number of kilobytes per second received on this port. ES-4124 User's Guide 73 - ZyXEL ES-4124 | User Guide - Page 74
excessive collisions. Excessive collision is defined as the number of maximum collisions before the retransmission count is reset. Late This is the number of times a late collision is detected, that is, after ) received that were between 256 and 511 octets in length. 74 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 75
between 1024 and 1518 octets in length. Giant This field shows the number of packets dropped because they were bigger than the maximum frame size. ES-4124 User's Guide 75 - ZyXEL ES-4124 | User Guide - Page 76
Chapter 6 System Status and Port Statistics 76 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 77
server) for management purposes. 7.2 System Information In the navigation panel, click Basic Setting > System Info to display the screen as shown. You can check the firmware version number and monitor the Switch temperature, fan speeds and voltage in this screen. ES-4124 User's Guide 77 - ZyXEL ES-4124 | User Guide - Page 78
the Switch for identification purposes. ZyNOS F/W Version This field displays the version number of the Switch 's current firmware including the threshold. Each fan has a sensor that is capable of detecting and reporting if the fan speed falls below the threshold shown. 78 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 79
normal fan should work. Status Normal indicates that this fan is functioning above the minimum speed. Error indicates that this fan is displays the percentage tolerance of the voltage with which the Switch still works. Status Normal indicates that the voltage is Setup ES-4124 User's Guide 79 - ZyXEL ES-4124 | User Guide - Page 80
None is the default value. Enter the time manually. Each time you turn on the Switch, the time and date will be reset to 1970-1-1 0:0. Time Server IP Address Enter the IP address of your timeserver. The Switch searches for the zone is one hour ahead of GMT or UTC (GMT+1). 80 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 81
7.5 Switch Setup Screen Click Basic Setting and then Switch Setup in the navigation panel to display the screen as shown. The VLAN setup screens change depending on whether you choose 802.1Q or Port Based in the VLAN Type field in this screen. Refer to the chapter on VLAN. ES-4124 User's Guide 81 - ZyXEL ES-4124 | User Guide - Page 82
to allow the Switch to handle bridging default is 600 milliseconds. Leave All Timer Leave All Timer sets the duration of the Leave All Period timer for GVRP in milliseconds. Each port has a single Leave All Period timer. Leave All Timer must be larger than Leave Timer. 82 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 83
. You can configure multiple routing domains on the same VLAN as long as the IP address ranges for the domains do not overlap. To change the IP address of the Switch in a routing domain, simply add a new routing domain entry with a different IP address in the same subnet. ES-4124 User's Guide 83 - ZyXEL ES-4124 | User Guide - Page 84
notation. For example, 192.168.0.1. IP Subnet Enter the IP subnet mask of your Switch in dotted decimal notation for example Mask 255.255.255.0. Default Gateway Enter the IP address of the default outgoing gateway in dotted decimal notation, for example 192.168.0.254 84 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 85
Cancel Note: Deleting all IP subnets locks you out from the Switch. Click Cancel to clear the Delete check boxes. 7.7 Port Setup Use this screen to configure Switch port settings.Click Basic Setting > Port Setup in the navigation panel to display the configuration screen. ES-4124 User's Guide 85 - ZyXEL ES-4124 | User Guide - Page 86
a port. The factory default for all ports is enabled Switch's auto-negotiation is turned off, a port uses the preconfigured speed and duplex mode when making a connection, thus requiring you to make sure that the settings of the peer port are the same in order to connect. 86 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 87
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide 87 - ZyXEL ES-4124 | User Guide - Page 88
Chapter 7 Basic Setting 88 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 89
) Link Aggregation (137) Port Authentication (145) Port Security (151) Classifier (155) Policy Rule (161) Queuing Method (167) VLAN Stacking (171) Multicast (177) Authentication & Accounting (191) IP Source Guard (205) Loop Guard (225) 89 - ZyXEL ES-4124 | User Guide - Page 90
90 - ZyXEL ES-4124 | User Guide - Page 91
802.1Q VLAN-unaware switch to an 802.1Q VLAN-aware switch, the Switch first decides where to forward the frame, and then inserts a VLAN tag reflecting the ingress port's default VID. The default PVID is VLAN 1 for itself), thus confining the broadcast to a specific domain. ES-4124 User's Guide 91 - ZyXEL ES-4124 | User Guide - Page 92
TERM DESCRIPTION VLAN Type Permanent VLAN This is a static VLAN created manually. Dynamic VLAN This is a VLAN configured by a GVRP registration/ on a port. Ingress filtering If set, the Switch discards incoming frames for VLANs that do not have this port as a member 92 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 93
VLAN Trunking 8.4 Select the VLAN Type Select a VLAN type in the Basic Setting > Switch Setup screen. Figure 32 Switch Setup: Select VLAN Type 8.5 Static VLAN Use a static VLAN to decide whether an incoming that were previously untagged) from a port with the specified VID. ES-4124 User's Guide 93 - ZyXEL ES-4124 | User Guide - Page 94
was registered or a static VLAN was set up. Status This field shows how this VLAN was added to the Switch; dynamic - using GVRP, static - added as a permanent entry or other - added in another way such as VLAN details. Figure 34 Advanced Application > VLAN > VLAN Detail 94 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 95
and view 802.1Q VLAN parameters for the Switch. See Section 8.1 on page 91 for more information on static VLAN. To configure a static VLAN, click Static VLAN in the VLAN Status screen to display the screen as shown next. Figure 35 Advanced Application > VLAN > Static VLAN ES-4124 User's Guide 95 - ZyXEL ES-4124 | User Guide - Page 96
the port to dynamically join this VLAN group using GVRP. This is the default selection. Select Fixed for the port to be a permanent member of ID. Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses . 96 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 97
all untagged or tagged frames on this port. This is the default setting. Select Tag Only to accept only tagged frames on this port switches or routers (but not ports directly connected to end users) to allow frames belonging to unknown VLAN groups to pass through the Switch. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 98
subnet and prioritized accordingly. That is video services receive the highest priority and data the lowest. Figure 37 Subnet Based VLAN Application Example Tagged Frames Internet Untagged Frames 172.16.1.0/24 VID = 100 192.168.1.0/24 VID = 200 10.1.1.0/24 VID = 300 98 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 99
. Active Check this box to activate the IP subnet VLAN you are creating or editing. Name Enter up to 32 alpha numeric characters to identify this subnet based VLAN. IP Enter the IP address of the subnet for which you want to configure this subnet based VLAN. ES-4124 User's Guide 99 - ZyXEL ES-4124 | User Guide - Page 100
Enter the ID of a VLAN with which the untagged frames from the IP subnet specified in this subnet based VLAN are tagged. This must be is received on a port (configured for a protocol based VLAN), the Switch checks if a tag is added already and its protocol. The untagged packets ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 101
have higher priority than ARP traffic, when they go through the uplink port to a backbone switch C. Figure 39 Protocol Based VLAN Application Example 8.9 Configuring Protocol Based VLAN Click Protocol Based VLAN Application > VLAN > VLAN Port Setting > Protocol Based VLAN ES-4124 User's Guide 101 - ZyXEL ES-4124 | User Guide - Page 102
in this protocol based VLAN. Type 1. 3 Give this protocol-based VLAN a descriptive name. Type IP-VLAN. 4 Select the protocol. Leave the default value IP. 5 Type the VLAN ID of an existing VLAN. In our example we already created a static VLAN with an ID of 5. Type 5. 102 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 103
-based VLANs are specific only to the Switch on which they were created. " When you activate port-based VLAN, the Switch uses a default VLAN ID of 1. You cannot change it. " In screens (such as IP Setup and Filtering) that require a VID, you must enter 1 as the VID. ES-4124 User's Guide 103 - ZyXEL ES-4124 | User Guide - Page 104
with all Ethernet ports. 8.11.1 Configure a Port-based VLAN Select Port Based as the VLAN Type in the Switch Setup screen and then click VLAN from the navigation panel to display the next screen. Figure 42 Advanced Application > VLAN: Port Based VLAN Setup (All Connected) 104 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 105
Chapter 8 VLAN Figure 43 Advanced Application > VLAN: Port Based VLAN Setup (Port Isolation) ES-4124 User's Guide 105 - ZyXEL ES-4124 | User Guide - Page 106
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 106 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 107
has been manually entered in Switch. See Chapter 17 on page 151 for more information on port security. Click Advanced Applications > Static MAC Forwarding in the navigation panel to display the configuration screen as shown. Figure 44 Advanced Application > Static MAC Forwarding ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 108
the previous field will be automatically forwarded. Add Click Add to save your rule to the Switch's run-time memory. The Switch loses this rule if it is turned off or loses power, so use the Save link summary table. Cancel Click Cancel to clear the Delete check boxes. 108 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 109
address port filtering. 10.1 Configure a Filtering Rule Filtering means sifting traffic going through the Switch based on the source and/or destination MAC addresses and VLAN group (ID). Click 32 printable ASCII characters) for this rule. This is for identification only. ES-4124 User's Guide 109 - ZyXEL ES-4124 | User Guide - Page 110
Add Click Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses Clear Click Clear to clear the fields to the factory defaults. Index This field displays the index number of the es) in the Delete column. 110 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 111
CHAPTER 11 Spanning Tree Protocol The Switch supports Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol ( Learning, and Forwarding. " In this user's guide, "STP" refers to both STP and RSTP. 11.1.1 STP Terminology The root bridge is the base of the spanning tree. ES-4124 User's Guide 111 - ZyXEL ES-4124 | User Guide - Page 112
are therefore only forwarded between enabled ports, eliminating any possible network loops. STP-aware switches exchange Bridge Protocol Data Units (BPDUs) periodically. When the bridged LAN topology changes, reconfigure the network to re-establish a valid network topology. 112 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 113
(default). Blocking MRSTP (Multiple RSTP) is ZyXEL's proprietary feature that is switch A. To set up MRSTP, activate MRSTP on the Switch and specify which port(s) belong to which spanning tree. " Each port can belong to one STP tree only. Figure 46 MRSTP Network Example ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 114
MSTP Network Example The following figure shows a network example where two VLANs are configured on the two switches. If the switches are using STP or RSTP, the link for VLAN 2 will be blocked as STP and RSTP allow The following figure shows the network example using MSTP. 114 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 115
MSTI does not span across MST regions. The following figure shows an example where there are two MST regions. Regions 1 and 2 have 2 spanning tree instances. ES-4124 User's Guide 115 - ZyXEL ES-4124 | User Guide - Page 116
of the entire network and it is equivalent to a spanning tree in an STP/RSTP. The CIST is the default MST instance (MSTID 0). Any VLANs that are not members of an MST instance are members of the CIST. In Application > Spanning Tree Protocol to see the screen as shown. 116 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 117
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide 117 - ZyXEL ES-4124 | User Guide - Page 118
to disable RSTP. Note: You must also activate Rapid Spanning Tree in the Advanced Application > Spanning Tree Protocol > Configuration screen to enable RSTP on the Switch. 118 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 119
the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 120
Port ID Note: The listening state does not exist in RSTP. This is the path cost from the root port on this Switch to the root switch. This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. 120 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 121
Click Status to display the MRSTP Status screen (see Figure 54 on page 120). Tree This is a read only index number of the STP trees. ES-4124 User's Guide 121 - ZyXEL ES-4124 | User Guide - Page 122
more than one port forms a loop in the Switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. Path cost is the cost of Select which STP tree configuration this port should participate in. 122 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 123
. This ID is the same for Root and Our Bridge if the Switch is the root switch. Hello Time (second) This is the time interval (in seconds) at which the root switch transmits a configuration message. The root bridge determines Hello Time, Max Age and Forwarding Delay. ES-4124 User's Guide 123 - ZyXEL ES-4124 | User Guide - Page 124
is the path cost from the root port on this Switch to the root switch. This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the Spanning Tree. . See Section 11.1.5 on page 114 for more information on MSTP. 124 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 125
Chapter 11 Spanning Tree Protocol Figure 57 Advanced Application > Spanning Tree Protocol > MSTP ES-4124 User's Guide 125 - ZyXEL ES-4124 | User Guide - Page 126
the Switch will be chosen as the root bridge within the spanning tree instance. Enter priority values between 0 and 61440 in increments of 4096 (thus valid values are 4096, 8192, 12288, 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344 and 61440). 126 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 127
when more than one port forms a loop in the Switch. Ports with a higher priority numeric value are disabled first. The allowed range is between 0 and 255 and the default value is 128. Path cost is the cost of See Section 11.1.5 on page 114 for more information on MSTP. ES-4124 User's Guide 127 - ZyXEL ES-4124 | User Guide - Page 128
switch. Hello Time (second) This is the time interval (in seconds) at which the root switch transmits a configuration message. Max Age (second) This is the maximum time (in seconds) a switch can wait without receiving a configuration message before attempting to reconfigure. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 129
Our Bridge if the Switch is the root switch. This is the path cost from the root port in this MST instance to the regional root switch. This is the priority and number of the port on the Switch through which this Switch must communicate with the root of the MST instance. ES-4124 User's Guide 129 - ZyXEL ES-4124 | User Guide - Page 130
Chapter 11 Spanning Tree Protocol 130 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 131
to the uplink bandwidth. 12.2 Bandwidth Control Setup Click Advanced Application > Bandwidth Control in the navigation panel to bring up the screen as shown next. ES-4124 User's Guide 131 - ZyXEL ES-4124 | User Guide - Page 132
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 132 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 133
control limits the number of broadcast, multicast and destination lookup failure (DLF) packets the Switch receives per second on the ports. When the maximum number of allowable broadcast, multicast and as shown next. Figure 60 Advanced Application > Broadcast Storm Control ES-4124 User's Guide 133 - ZyXEL ES-4124 | User Guide - Page 134
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 134 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 135
screen. Use this screen to select a monitor port and specify the traffic flow to be copied to the monitor port. Figure 61 Advanced Application > Mirroring ES-4124 User's Guide 135 - ZyXEL ES-4124 | User Guide - Page 136
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 136 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 137
of each trunk group must be physically connected to form a trunk group. The Switch supports both static and dynamic link aggregation. " In a properly planned network, it is then one of the "standby" ports become operational without user intervention. Please note that: ES-4124 User's Guide 137 - ZyXEL ES-4124 | User Guide - Page 138
00 0000 00 PORT NUMBER 0000 Table 36 Link Aggregation ID: Peer Switch SYSTEM PRIORITY MAC ADDRESS KEY 0000 00-00-00-00-00 0000 PORT navigation panel. The Link Aggregation Status screen displays by default. See Section 15.1 on page 137 for more information individual port. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 139
the screen shown next. See Section 15.1 on page 137 for more information on link aggregation. Figure 63 Advanced Application > Link Aggregation > Link Aggregation Setting ES-4124 User's Guide 139 - ZyXEL ES-4124 | User Guide - Page 140
trunk group to which a port belongs. Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link Section 15.2 on page 137 for more information on dynamic link aggregation. 140 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 141
Protocol (LACP). System Priority LACP system priority is a number between 1 and 65,535. The switch with the lowest system priority (and lowest port number if system priority is the same) becomes the enable LACP for a trunk. Port This field displays the port number. ES-4124 User's Guide 141 - ZyXEL ES-4124 | User Guide - Page 142
possible. Select either 1 second or 30 seconds. Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on as shown in the figure below. Click Apply when you are done. 142 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 143
Figure 66 Trunking Example - Configuration Screen Chapter 15 Link Aggregation Your trunk group 1 (T1) configuration is now complete; you do not need to go to any additional screens. ES-4124 User's Guide 143 - ZyXEL ES-4124 | User Guide - Page 144
Chapter 15 Link Aggregation 144 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 145
this client is allowed access to the port. 2. At the time of writing, IEEE 802.1x is not supported by all operating systems. See your operating system documentation. If your operating system does not support 802.1x, then you may need to install 802.1x client software. ES-4124 User's Guide 145 - ZyXEL ES-4124 | User Guide - Page 146
MAC address of the client connecting to a port on the Switch along with a password configured specifically for MAC authentication on the Switch. Figure 68 MAC Authentication Process 146 1 New Connection 2 Authentication Request 3 Authentication Reply Session Granted/Denied ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 147
authentication, first activate the port authentication method(s) you want to use (both on the Switch and the port(s)) then configure the RADIUS server settings in the Auth and Acct > screen as shown. Figure 70 Advanced Application > Port Authentication > 802.1x ES-4124 User's Guide 147 - ZyXEL ES-4124 | User Guide - Page 148
to re-enter his or her username and password to stay Timer connected to the port. Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off MAC Authentication to display the configuration screen as shown. 148 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 149
the client is forwarded to the RADIUS server. Type the password the Switch sends along with the MAC address of a client for Switch Setup screen is set to a lower value, then it supersedes this setting. See Section 7.5 on page 81. Port This field displays a port number. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 150
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 150 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 151
through a port on the Switch. The Switch can learn up to 16K default, MAC address learning is still enabled even though the port security is not activated. 17.2 Port Security Setup Click Advanced Application > Port Security in the navigation panel to display the screen as shown. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 152
device would have to wait until one of the five learned MAC addresses aged out. MAC address aging out time can be set in the Switch Setup screen. The valid range is from "0" to "16384". "0" means this feature is disabled. 152 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 153
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide 153 - ZyXEL ES-4124 | User Guide - Page 154
Chapter 17 Port Security 154 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 155
chapter introduces and shows you how to configure the packet classifier on the Switch. 18.1 About the Classifier and QoS Quality of Service (QoS) refers to both a network's ability to deliver data with in the navigation panel to display the configuration screen as shown. ES-4124 User's Guide 155 - ZyXEL ES-4124 | User Guide - Page 156
field provided. Priority Select Any to classify traffic from any priority level or select the second option and specify a priority level in the field provided. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 157
protocol type. This means that the Switch will pick out the packets that are sent to establish TCP connections. Source IP Address/ Address Prefix Enter a source IP address in dotted decimal notation. Specify Clear to set the above fields back to the factory defaults. ES-4124 User's Guide 157 - ZyXEL ES-4124 | User Guide - Page 158
Types and Protocol Number ETHERNET TYPE PROTOCOL NUMBER IP ETHII 0800 X.75 Internet 0801 NBS Internet 0802 ECMA Internet 0803 Chaosnet 0804 X.25 Level 3 0805 XNS Compat 0807 Banyan Systems 0BAD BBN Simnet 5208 IBM SNA 80D5 AppleTalk AARP 80F3 158 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 159
Some of the most common IP ports are: Table 46 Common IP Ports PORT NUMBER PORT NAME 21 FTP 23 Telnet 25 SMTP 53 DNS 80 HTTP 110 POP3 configured a classifier, you can configure a policy (in the Policy screen) to define action(s) on the classified traffic flow. ES-4124 User's Guide 159 - ZyXEL ES-4124 | User Guide - Page 160
Chapter 18 Classifier Figure 75 Classifier: Example 160 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 161
going. 19.1.2 DSCP and Per-Hop Behavior DiffServ defines a new DS (Differentiated Services) field to replace the Type of Service (TOS) field in the IP header. The DS field contains a 2-bit unused field and a 6-bit according to the DSCP values and the configured policies. ES-4124 User's Guide 161 - ZyXEL ES-4124 | User Guide - Page 162
for more information. Click Advanced Applications > Policy Rule in the navigation panel to display the screen as shown. Figure 76 Advanced Application > Policy Rule 162 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 163
of service ( action(s) the Switch takes on IP TOS with the 802.1 priority value to replace the TOS field with the value you configure in the Priority field. Select Set the Diffserv Codepoint field in the frame to set the DSCP field with the value you configure in the DSCP field. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 164
to the summary table below and save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses Click Clear to set the above fields back to the factory defaults. 19.3 Viewing and Editing Policy Configuration To view a summary 164 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 165
and discard out-of-profile traffic on a traffic flow classified using the Example classifier (refer to Section 18.4 on page 159). Figure 78 Policy Example ES-4124 User's Guide 165 - ZyXEL ES-4124 | User Guide - Page 166
Chapter 19 Policy Rule 166 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 167
Strictly Priority Strictly Priority (SP) services queues based on priority only. As traffic comes into the Switch, traffic on the highest priority queue example, using the default setting, Q0 on Port 1 gets a guaranteed bandwidth of: 1 1+2+3+4+5+6+7+8 x 100 Mbps = 3 Mbps ES-4124 User's Guide 167 - ZyXEL ES-4124 | User Guide - Page 168
is empty. Weighted Round Robin Scheduling (WRR) uses the same algorithm as round robin scheduling, but services queues based on their priority and queue weight (the number you configure in the queue Weight field Advanced Application > Queuing Method in the navigation panel. 168 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 169
queue for the 10/100 Mbps Ethernet ports. For example, if you select Q5, the Switch services traffic on Q5, Q6 and Q7 using Strictly Priority. Select None to always use WFQ or WRR for the 10/100 Mbps Ethernet ports. Port This label shows the port you are configuring. ES-4124 User's Guide 169 - ZyXEL ES-4124 | User Guide - Page 170
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 170 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 171
for their VLAN group. The service provider can separate these two VLANs within its network by adding tag 37 to distinguish customer A and tag 48 to distinguish customer B at edge device 1 and then stripping those tags at edge device 2 as the data frames leave the network. ES-4124 User's Guide 171 - ZyXEL ES-4124 | User Guide - Page 172
ports at the edge of the service provider's network. All VLANs belonging to a customer can be aggregated into a single service provider's VLAN (using the outer VLAN tag defined by SP VID). " Static VLAN Tx Tagging MUST be enabled on a port where you choose Tunnel Port. 172 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 173
.1Q tag. • If the VLAN stacking port role is Access Port, then the Switch adds the SP TPID tag to all incoming frames on the service provider's edge devices (1 and 2 in the VLAN stacking example figure). • If the Len/ Etype 802.1p Priority Length and type of Ethernet frame ES-4124 User's Guide 173 - ZyXEL ES-4124 | User Guide - Page 174
Table 52 802.1Q Frame (SP)TPID (Service Provider) Tag Protocol IDentifier VID VLAN ID Data Stacking LABEL DESCRIPTION Active Select this checkbox to enable VLAN stacking on the Switch. SP TPID SP TPID is a standard Ethernet type code identifying the as you make them. 174 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 175
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide 175 - ZyXEL ES-4124 | User Guide - Page 176
Chapter 21 VLAN Stacking 176 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 177
the IP multicast group membership. It checks IGMP packets passing through it, picks out the group registration information, and configures multicasting accordingly. IGMP snooping allows the Switch to learn multicast groups without you having to manually configure them. ES-4124 User's Guide 177 - ZyXEL ES-4124 | User Guide - Page 178
multicast group. Multicast Group This field displays IP multicast group addresses. 22.3 Multicast Setting Click Advanced Applications > Multicast > Multicast Setting link to display the screen as shown. See Section 22.1 on page 177 for more information on multicasting. 178 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 179
and assign IGMP filtering profiles for the ports that you want to allow to join multicast groups. Specify the action to perform when the Switch receives an unknown multicast frame. Select Drop to discard the frame(s). Select Flooding to send the frame(s) to all ports. ES-4124 User's Guide 179 - ZyXEL ES-4124 | User Guide - Page 180
the destination IP address within this range. See the IANA web site for more information. Specify the action to perform when the Switch receives a IGMP filtering profile to use for this port. Otherwise, select Default to prohibit the port from joining any multicast group. You can ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 181
screen afresh. Use this section of the screen to add VLANs upon which the Switch is to perform IGMP snooping. Enter the descriptive name of the VLAN for identification purposes Click Cancel to reset the fields to your previous configuration. Click this to clear the fields. ES-4124 User's Guide 181 - ZyXEL ES-4124 | User Guide - Page 182
the Switch are able to join. A profile contains a range of multicast IP IP address for a range of IP addresses that you want to belong to the IGMP filter profile. If you want to add a single multicast IP address, enter it in both the Start Address and End Address fields. 182 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 183
-based service provider Switch that can send and receive multicast traffic in a multicast VLAN while a receiver port can only receive multicast traffic. Once configured, the Switch maintains a forwarding table that matches the multicast stream to the associated multicast group. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 184
multicast traffic to the receiver ports. In compatible mode, the Switch does not send any IGMP reports. In this case, you must manually configure the forwarding settings on the multicast devices in the to three multicast VLANs and up to 256 multicast rules on the Switch. 184 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 185
which the Switch replaces the Switch. Choices are Dynamic and Compatible. Select Dynamic to send IGMP reports to all MVR source ports in the multicast VLAN. Select Compatible to set the Switch not to send IGMP reports. Port This field displays the port number on the Switch. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 186
group. Configure MVR IP multicast group address(es) in the Group Configuration screen. Click Group Configuration in the MVR screen. " A port can belong to more than one multicast VLAN. However, IP multicast group addresses in different multicast VLANs cannot overlap. 186 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 187
starting IP multicast Switch belong to VLAN 1. In addition, port 7 belongs to the multicast group with VID 200 to receive multicast traffic (the News and Movie channels) from the remote streaming media server, S. Computers A, B and C in VLAN 1 are able to receive the traffic. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 188
To set the Switch to forward the multicast group traffic to the subscribers, configure multicast group settings in the Group Configuration screen. The following figure shows an example where two multicast groups (News and Movie) are configured for the multicast VLAN 200. 188 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 189
Figure 92 MVR Group Configuration Example Chapter 22 Multicast Figure 93 MVR Group Configuration Example ES-4124 User's Guide 189 - ZyXEL ES-4124 | User Guide - Page 190
Chapter 22 Multicast 190 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 191
User Accounts By storing user profiles locally on the Switch, your Switch is able to authenticate and authorize users without interacting with a network AAA server. However, there is a limit on the number of users you may authenticate in this way (See Chapter 36 on page 291). ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 192
for more information on RADIUS servers and Section 23.3 on page 200 for RADIUS attributes utilized by the authentication and accounting features on the Switch. Click on the RADIUS Server Setup link in the Authentication and Accounting screen to view the screen as shown. 192 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 193
instructs you to do so. Shared Secret Specify a password (up to 32 alphanumeric characters) as the key to be shared between the external RADIUS server and the Switch. This key is not sent over the network. This key must be the same on the external RADIUS server and the Switch. ES-4124 User - ZyXEL ES-4124 | User Guide - Page 194
more information on TACACS+ servers. Click on the TACACS+ Server Setup link in the Authentication and Accounting screen to view the screen as shown. 194 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 195
the Switch waits for IP Address Enter the IP address of an external TACACS+ server in dotted decimal notation. TCP Port The default port of a TACACS+ server for authentication is 49. You need not change this value unless your network administrator instructs you to do so. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 196
configuring this screen afresh. 23.2.3 Authentication and Accounting Setup Use this screen to configure authentication and accounting settings on the Switch. Click on the Auth and Acct Setup link in the Authentication and Accounting screen to view the screen as shown. 196 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 197
sources for access privilege level specify them in Method 2 and Method 3 fields. Select local to have the Switch check the access privilege configured for local authentication. Select radius or tacacs+ to have the Switch check the access privilege via the external servers. ES-4124 User's Guide 197 - ZyXEL ES-4124 | User Guide - Page 198
is only configurable for Commands type of event. Select the threshold command privilege level for which the Switch should send accounting information. The Switch will send accounting information when commands at the level you specify and higher are executed on the Switch. 198 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 199
). ZyXEL's users authenticating via the RADIUS server. The following table describes the VSAs supported on the Switch. Table 64 Supported VSAs FUNCTION Ingress Bandwidth Assignment ATTRIBUTE Vendor-Id = 890 Vendor-Type = 1 Vendor-data = ingress rate (Kbps in decimal format) ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 200
VLAN with the specified VID on the Switch. 23.3 Supported RADIUS Attributes Remote Authentication Dial-In User Service (RADIUS) attributes are data used to on the Switch. In cases where the attribute has a specific format associated with it, the format is specified. 200 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 201
Accounting System Events NAS-IP-Address NAS-Identifier Acct-Status-Type Acct-Session-ID - The format of Acct-Session-Id is date+time+8-digit sequential number, for example, 2007041917210300000001. (date: 2007/04/19, time: 17:21:03, serial number: 00000001) Acct-Delay-Time ES-4124 User's Guide 201 - ZyXEL ES-4124 | User Guide - Page 202
START INTERIM-UPDATE User-Name Y Y NAS-Identifier Y Y NAS-IP-Address Y Y Service-Type Y Y Calling User-Name Y Y Y NAS-IP-Address Y Y Y NAS-Port Y Y Y Class Y Y Y Called-Station-Id Y Y Y Calling-Station-Id Y Y Y NAS-Identifier Y Y Y 202 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 203
Y Y Acct-Input-Octets Y Acct-Output-Octets Y Acct-Session-Time Y Acct-Input-Packets Y Acct-Output-Packets Y Acct-Terminate-Cause Acct-Input-Gigawords Y Acct-Output-Gigawords Y STOP Y Y Y Y Y Y Y Y Y Y Y Y Y ES-4124 User's Guide 203 - ZyXEL ES-4124 | User Guide - Page 204
Chapter 23 Authentication & Accounting 204 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 205
binding, the Switch discards the packet. The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). IP source guard each port (trusted or untrusted) can receive each second. ES-4124 User's Guide 205 - ZyXEL ES-4124 | User Guide - Page 206
IP Source Guard Trusted ports are connected to DHCP servers or other switches. The Switch discards DHCP packets from trusted ports only if the rate at which DHCP packets arrive is too high. The Switch learns dynamic bindings from trusted ports. " The Switch are ignored. 206 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 207
IP Source Guard 24.1.1.3 DHCP Relay Option 82 Information The Switch can add information to DHCP requests that it does not discard. This provides the DHCP server more information about the source of the requests. The Switch and alter the information passed between them. ES-4124 User's Guide 207 - ZyXEL ES-4124 | User Guide - Page 208
one day before you enable ARP inspection so that the Switch has enough time to build the binding table. 2 Enable ARP inspection on each VLAN. 3 Configure trusted and untrusted ports, and specify the maximum number of ARP packets that each port can receive per second. 208 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 209
binding). Type This field displays how the Switch learned the binding. static: This binding was learned from information provided manually by an administrator. dhcp-snooping: This binding open this screen, click Advanced Application > IP Source Guard > Static Binding. ES-4124 User's Guide 209 - ZyXEL ES-4124 | User Guide - Page 210
Click this to reset the values above IP address assigned to the MAC address in the binding. Lease This field displays how long the binding is valid. Type This field displays how the Switch learned the binding. static: This binding was learned from information provided manually ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 211
Chapter 24 IP Source Guard 24.4 DHCP Snooping Use this screen to look at various statistics about the DHCP snooping database. To open this screen, click Advanced Application > IP Source Guard > DHCP Snooping. Figure 103 DHCP Snooping ES-4124 User's Guide 211 - ZyXEL ES-4124 | User Guide - Page 212
Chapter 24 IP Source Guard The following table describes the labels in this Switch read bindings from the DHCP snooping database successfully. Failed reads This field displays the number of times the Switch was unable to read bindings from the DHCP snooping database. 212 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 213
database. Expired leases This field displays the number of bindings the Switch has ignored because the lease time had already expired. Unsupported vlans This field displays the number of bindings the Switch has ignored because the VLAN ID does not exist anymore. ES-4124 User's Guide 213 - ZyXEL ES-4124 | User Guide - Page 214
(Section 24.5.2 on page 217) to help the DHCP servers distinguish between DHCP requests from different VLAN. Select Disable if you do not want the Switch to forward DHCP packets to a specific VLAN. 214 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 215
reset the values in this screen to their last-saved values. 24.5.1 DHCP Snooping Port Configure Use this screen to specify whether ports are trusted or untrusted ports for DHCP snooping. " The Switch Application > IP Source Guard > DHCP Snooping > Configure > Port. ES-4124 User's Guide 215 - ZyXEL ES-4124 | User Guide - Page 216
Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. 216 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 217
. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring. Click this to reset the values in this screen to their last-saved values. ES-4124 User's Guide 217 - ZyXEL ES-4124 | User Guide - Page 218
how long (in seconds) the MAC address filter remains in the Switch. You can also delete the record manually (Delete). Reason This field displays the reason the ARP packet was discarded screen, click Advanced Application > IP Source Guard > ARP Inspection > VLAN Status. 218 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 219
the Switch last restarted. 24.6.2 ARP Inspection Log Status Use this screen to look at log messages that were generated by ARP packets and that have not been sent to the syslog server yet. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Log Status. ES-4124 User - ZyXEL ES-4124 | User Guide - Page 220
. Sender IP This field displays the source IP address of Switch to generate log messages when ARP packets are discarded or forwarded based on the VLAN ID of the ARP packet. See Section 24.7.2 on page 223. Time This field displays when the log message was generated. 220 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 221
the Switch stops recording log messages and simply starts counting the number of entries that were dropped due to unavailable buffer. Click Clearing log status table in the ARP Inspection Log Status screen to clear the log and reset this counter. See Section 24.6.2 on page 219. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 222
ports for ARP inspection. You can also specify the maximum rate at which the Switch receives ARP packets on each untrusted port. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure > Port. Figure 111 ARP Inspection Port Configure 222 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 223
ARP inspection on each VLAN and to specify when the Switch generates log messages for receiving ARP packets from each VLAN. To open this screen, click Advanced Application > IP Source Guard > ARP Inspection > Configure > VLAN. Figure 112 ARP Inspection VLAN Configure ES-4124 User's Guide 223 - ZyXEL ES-4124 | User Guide - Page 224
Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the nonvolatile memory when you are done configuring. Cancel Click this to reset the values in this screen to their last-saved values. 224 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 225
will be affected by the switch in loop state in the following way: • It will receive broadcast messages sent out from the switch in loop state. • It will receive its own broadcast messages that it sends out as they loop back. It will then re-broadcast those messages again. ES-4124 User's Guide 225 - ZyXEL ES-4124 | User Guide - Page 226
this example, the probe packet is sent from port N and returns on another port. As long as loop guard is enabled on port N. The Switch will shut down port N if it detects that the probe packet has returned to the Switch. Figure 116 Loop Guard - Network Loop A P P N P 226 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 227
Guard " After resolving the loop problem on your network you can re-activate Guard LABEL DESCRIPTION Active Select this option to enable loop guard on the Switch. The Switch generates syslog, internal log messages as well as SNMP traps when it shuts as you make them. ES-4124 User's Guide 227 - ZyXEL ES-4124 | User Guide - Page 228
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 228 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 229
PART IV IP Application Static Route (231) RIP (233) OSPF (235) IGMP (247) DVMRP (251) IP Multicast (255) Differentiated Services (257) DHCP (265) VRRP (273) 229 - ZyXEL ES-4124 | User Guide - Page 230
230 - ZyXEL ES-4124 | User Guide - Page 231
Mask Enter the subnet mask for this destination. Gateway IP Address Enter the IP address of the gateway. The gateway is an immediate neighbor of your Switch that will forward the packet to the destination. The gateway must be a router on the same segment as your Switch. ES-4124 User's Guide 231 - ZyXEL ES-4124 | User Guide - Page 232
to the factory defaults. Index This IP Switch that will forward the packet to the destination. This field displays the cost of transmission for routing purposes. Click Delete to remove the selected entry from the summary table. Click Cancel to clear the Delete check boxes. 232 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 233
RIP Click IP Application > RIP in the navigation panel to display the screen as shown. You cannot manually configure a new entry. Each entry in the table is automatically created when you configure a new IP domain in the IP Setup screen (refer to Section 7.6 on page 83). ES-4124 User's Guide 233 - ZyXEL ES-4124 | User Guide - Page 234
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 234 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 235
Router (BR) A backbone router has an interface to the backbone. AS Boundary Router An AS boundary router exchanges routing information with routers in other ASes. ES-4124 User's Guide 235 - ZyXEL ES-4124 | User Guide - Page 236
3 device and an OSPF network. An interface has state information, an IP address and subnet mask associated with it. When you configure an OSPF interface are sent to the rest of the network. In most cases the default DR/BDR election is fine, but in some situations it must be 236 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 237
does become the DR. 28.1.5 Configuring OSPF To configure OSPF on the Switch, do the following tasks 1 Enable OSPF 2 Create OSPF areas 3 IP Application > OSPF in the navigation panel to display the screen as shown next. See Section 28.1 on page 235 for more information on OSPF. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 238
Internet Address This field displays the IP address and subnet bits of an IP routing domain. Area This field displays the area ID. Router ID This field displays the unique ID of the Switch. Transmit Delay This field displays the transmission delay in seconds. 238 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 239
the number of neighbor router(s) that is adjacent to the Switch. Neighbor Count Neighbor Neighbor ID This field displays the IP Application > OSPF and the Configuration link to display the OSPF Configuration screen. See Section 28.1 on page 235 for more information on OSPF. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 240
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 240 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 241
Switch receives only routing information from a trusted layer 3 devices, activate authentication. The OSPF supports three authentication methods: • None - no authentication is used. • Simple - authenticate link state updates using an 8 printable ASCII character password IP ES-4124 User's Guide 241 - ZyXEL ES-4124 | User Guide - Page 242
an OSPF interface, first create an IP routing domain in the IP Setup screen (see Section 7.6 on page 83 for more information). Once you create an IP routing domain, an OSPF interface entry is automatically created. See Section 28.1 on page 235 for more information on OSPF. 242 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 243
. Characters after the eighth character will be ignored. When you select MD5 in the Authentication field, enter a password 16-character long. The interface cost is used for calculating the routing table. Enter a number between 0 and 65535. The default interface cost is 15. ES-4124 User's Guide 243 - ZyXEL ES-4124 | User Guide - Page 244
Add to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned defaults. Index This field displays the index number for an interface. Network This field displays the IP IP Application > OSPF Configuration > OSPF Virtual Link 244 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 245
format of an IP address in dotted default), Simple and MD5. To exchange OSPF packets with peer border router, you must set the authentication method and/or password password 16-character long. Add Click Add to save your changes to the Switch's run-time memory. The Switch ES-4124 User's Guide 245 - ZyXEL ES-4124 | User Guide - Page 246
Chapter 28 OSPF 246 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 247
any time. A host can also be a member of more than one multicast group. Multicast groups are identified by IP addresses in the Class D range (224.0.0.0 to 239.255.255.255). A multicast server sends packets addressed to a particular multicast group (multicast IP address). ES-4124 User's Guide 247 - ZyXEL ES-4124 | User Guide - Page 248
, multicast routers check if any hosts on their network are still members of a specific multicast group. The Switch supports IGMP version 1 (IGMP-v1), version 2 (IGMP-v2) and IGMP version 3 (IGMP-v3). Refer amount of multicast traffic going through the multicast router. 248 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 249
a multicast group. 29.3 Configuring IGMP Click IP Application > IGMP in the navigation panel to display the screen as shown next. Each entry in the table is automatically created when you configure a new IP domain in the IP Setup screen (refer to Section 7.6 on page 83). ES-4124 User's Guide 249 - ZyXEL ES-4124 | User Guide - Page 250
's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Click Cancel to begin configuring this screen afresh. 250 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 251
-dvmrp-v3-10. DVMRP provides multicast forwarding capability to a layer 3 switch that runs both the IPv4 protocol (with IP Multicast support) and the IGMP protocol. The DVMRP metric is a hop count of multicast ("M") after pruning and grafting is shown in the next figure. ES-4124 User's Guide 251 - ZyXEL ES-4124 | User Guide - Page 252
DVMRP Configure DVMRP on the Switch when you wish it to act as a multicast router ("mrouter"). Click IP Application > DVMRP in the navigation panel to display the screen as shown. Figure 134 IP Application > DVMRP The following table describes the labels in this screen. 252 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 253
to enable DVMRP on this IP routing domain. Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it Each IP routing domain DVMRP configuration must be in a different VLAN group; otherwise you see the following screen. ES-4124 User's Guide 253 - ZyXEL ES-4124 | User Guide - Page 254
DVMRP FIELD DEFAULT VALUE Probe interval 10 sec Report interval 35 sec Route expiration time 140 sec Prune lifetime Variable (less than two hours) Prune retransmission time 3 sec with exponential back off Graft retransmission time 5 sec with exponential back off 254 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 255
to Ethernet devices that are not VLAN-aware. 31.2 Configuring Multicast Click IP Application > IP Multicast in the navigation panel to display the screen as shown next. Figure 138 IP Application > IP Multicast The following table describes the labels in this screen. ES-4124 User's Guide 255 - ZyXEL ES-4124 | User Guide - Page 256
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 256 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 257
a new DS (Differentiated Services) field to replace the Type of Service (ToS) field in the IP header. The DS field contains a 6-bit DSCP field which can define up to 64 service levels and the remaining 2 allocated according to the DSCP values and the configured policies. ES-4124 User's Guide 257 - ZyXEL ES-4124 | User Guide - Page 258
and PIR values are based on the guaranteed and maximum bandwidth respectively as negotiated between a service provider and client. Two Rate Three Color Marker evaluates incoming packets and marks them with one ) packets are dropped if there is congestion on the network. 258 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 259
Chapter 32 Differentiated Services • Green (low loss priority level) packets are forwarded. TRTCM operates in one of two modes: color-blind or color- YES Exceed NO Low Packet CIR? Loss YES High Packet Loss High Packet Loss Medium Packet Medium Packet Loss Loss ES-4124 User's Guide 259 - ZyXEL ES-4124 | User Guide - Page 260
screen. Table 97 IP Application > DiffServ LABEL DESCRIPTION Active Select this option to enable DiffServ on the Switch. Port This field displays the index number of a port on the Switch. * Settings in in the DiffServ screen to display the screen as shown next. 260 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 261
screen. Table 98 IP Application > DiffServ > 2-rate 3 Color Marker LABEL DESCRIPTION Active Select this to activate TRTCM (Two Rate Three Color Marker) on the Switch. The Switch evaluates and marks the this port. Specify the Peak Information Rate (PIR) for this port. ES-4124 User's Guide 261 - ZyXEL ES-4124 | User Guide - Page 262
Services Table 98 IP 802.1p mapping to allow the Switch to prioritize all traffic based on mapping table. The following table shows the default DSCP-to-IEEE802.1p mapping. Table 99 Default DSCP-IEEE 802.1p Mapping DSCP VALUE 0 IP Application > DiffServ > DSCP Setting 262 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 263
run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide 263 - ZyXEL ES-4124 | User Guide - Page 264
Chapter 32 Differentiated Services 264 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 265
Switch forwards all DHCP requests to the same DHCP server. • VLAN - The Switch is configured on a VLAN by VLAN basis. The Switch can be configured as a DHCP server for one VLAN and at the same time the Switch can be configured to relay DHCP requests for clients in another VLAN. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 266
index number of a DHCP server configuration to view the screen as shown. Use this screen to view details regarding DHCP server settings configured on the Switch. Figure 147 IP Application > DHCP > DHCP Server Status Detail 266 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 267
DHCP server without the help of the Switch. The Switch can be configured as a global DHCP relay. This means that the Switch forwards all DHCP requests from all domains can then provide an IP address based on this information. Please refer to RFC 3046 for more details. ES-4124 User's Guide 267 - ZyXEL ES-4124 | User Guide - Page 268
Configure global DHCP relay in the DHCP Relay screen. Click IP Application > DHCP in the navigation panel and click the Global link to display the screen Select the check box for the Switch to add the system name to the client DHCP requests that it relays to a DHCP server. 268 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 269
82 check box to set the Switch to send additional information (such as the VLAN ID) together with the DHCP requests to the DHCP server. This allows the DHCP server to assign the appropriate IP address according to the VLAN ID. Figure 150 DHCP Relay Configuration Example ES-4124 User's Guide 269 - ZyXEL ES-4124 | User Guide - Page 270
VLAN link In the DHCP Status screen that displays. " You must set up a management IP address for each VLAN that you want to configure DHCP settings for on the Switch. See Section 7.6 on page 83 for information on how to do this. Figure 151 IP Application > DHCP > VLAN 270 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 271
the size of the IP address pool. For DHCP relay configuration, this field displays the first remote DHCP server IP address. Delete Select the configuration entries you want to remove and click Delete to remove them. Cancel Click Cancel to clear the Delete check boxes. ES-4124 User's Guide 271 - ZyXEL ES-4124 | User Guide - Page 272
DHCP server with an IP address of 172.23.10.100. Figure 152 DHCP Relay for Two VLANs DHCP:192.168.1.100 VLAN 1 VLAN 2 DHCP:172.23.10.100 For the example network, configure the VLAN Setting screen as shown. Figure 153 DHCP Relay for Two VLANs Configuration Example 272 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 273
the uplink gateway G. Host X is configured to use VR1 (192.168.1.20) as the default gateway. If switch A has a higher priority, it is the master router. Switch B, having a lower priority, is the backup router. Figure 154 VRRP: Example 1 172.21.1.1 172.21.1.10 172.21.1.10 ES-4124 User's Guide 273 - ZyXEL ES-4124 | User Guide - Page 274
Switch is check for the link state. Poll Interval(s) The text box displays how often (in seconds) this screen refreshes. You may change the refresh interval by typing a new number in the text box and then clicking Set Interval. Stop Click Stop to halt system statistic polling. 274 ES-4124 User - ZyXEL ES-4124 | User Guide - Page 275
only configure VRRP on interfaces with unique VLAN IDs. " Routing domains with the same VLAN ID are not displayed in the table indicated. Figure 156 IP Application > VRRP Configuration > IP Interface The following table describes the labels in this screen. ES-4124 User's Guide 275 - ZyXEL ES-4124 | User Guide - Page 276
the network, it will preempt the lower priority backup router that is the master. Disable preempt mode to prevent this from happening. By default, a layer 3 device with the same IP address as the virtual router will become the master router regardless of the preempt mode. 276 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 277
is 100 by default. Uplink Gateway Enter the IP address of the uplink gateway in dotted decimal notation. The Switch checks the link to the uplink gateway. Primary Virtual IP Enter the IP address of the Click Clear to set the above fields back to the factory defaults. ES-4124 User's Guide 277 - ZyXEL ES-4124 | User Guide - Page 278
descriptive name of an entry. Network This field displays the IP address and subnet mask of an interface. VRID This field switches. The network is connected to the WAN via an uplink gateway G (172.21.1.100). The host computer X is set to use VR1 as the default gateway. 278 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 279
Example 1: VRRP Parameter Settings on Switch A Figure 161 VRRP Example 1: VRRP Parameter Settings on Switch B After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next. Figure 162 VRRP Example 1: VRRP Status on Switch A ES-4124 User's Guide 279 - ZyXEL ES-4124 | User Guide - Page 280
to Section 34.4.2 on page 280), you need to configure the VRRP Configuration screen for virtual router VR2 on each switch. Configure the VRRP parameters on the switches as shown in the figures below. Figure 165 VRRP Example 2: VRRP Parameter Settings for VR2 on Switch A 280 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 281
VRRP Example 2: VRRP Parameter Settings for VR2 on Switch B After configuring and saving the VRRP configuration, the VRRP Status screens for both switches are shown next. Figure 167 VRRP Example 2: VRRP Status on Switch A Figure 168 VRRP Example 2: VRRP Status on Switch B ES-4124 User's Guide 281 - ZyXEL ES-4124 | User Guide - Page 282
Chapter 34 VRRP 282 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 283
PART V Management Maintenance (285) Access Control (291) Diagnostic (309) Syslog (311) Cluster Management (315) MAC Table (321) IP Table (323) ARP Table (325) Routing Table (327) Configure Clone (329) 283 - ZyXEL ES-4124 | User Guide - Page 284
284 - ZyXEL ES-4124 | User Guide - Page 285
Configuration 2) is currently operating on the Switch. Firmware Upgrade Click Click Here to go to the Firmware Upgrade screen. Restore Click Click Here to Configuration Load Factory Click Click Here to reset the configuration to the factory default settings. Default ES-4124 User's Guide 285 - ZyXEL ES-4124 | User Guide - Page 286
reset all Switch configurations to the factory defaults. Figure 170 Load Factory Default: Start 3 In the web configurator, click the Save button to make the changes take effect. If you want to access the Switch web configurator again, you may need to change the IP Switch. 286 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 287
reboot the Switch and apply the new firmware immediately. (Firmware upgrades are only applied after a reboot). Click Upgrade to load the new firmware. After the firmware upgrade process is complete, see the System Info screen to verify your current firmware version number. ES-4124 User's Guide 287 - ZyXEL ES-4124 | User Guide - Page 288
of your device from which you may restore at a later date. Back up your current Switch configuration to a computer using the Backup Configuration screen. Figure 174 Management > Maintenance > Backup Configuration Click Save to save the configuration file to your computer. 288 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 289
firmware may damage your device. 35.8.2 FTP Command Line Procedure 1 Launch the FTP client on your computer. 2 Enter open, followed by a space and the IP address of your Switch. 3 Press [ENTER] when prompted for a username. 4 Enter your password as requested (the default is "1234"). ES-4124 User - ZyXEL ES-4124 | User Guide - Page 290
Restrictions FTP will not work when: • FTP service is disabled in the Service Access Control screen. • The IP address(es) in the Remote Management screen does not match the client IP address. If it does not match, the Switch will disconnect the Telnet session immediately. 290 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 291
the Switch. 36.1 Access Control Overview A console port and FTP are allowed one session each, Telnet and SSH share nine sessions, up to five Web sessions (five different usernames and passwords) and display the main screen as shown. Figure 175 Management > Access Control ES-4124 User's Guide 291 - ZyXEL ES-4124 | User Guide - Page 292
is an application layer protocol used to manage and monitor TCP/IP-based devices. SNMP is used to exchange management information between the network element (NE). A manager station can manage and monitor the Switch through the network via SNMP version one (SNMPv1), SNMP version ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 293
This trap is sent when the Switch restarts. 1.3.6.1.4.1.890.1.5.8.24.31.2.1 This trap is sent when the fan speed goes above or below the normal operating range. 1.3.6.1.4.1.890.1.5.8.24.31.2.2 This trap is sent when the fan speed returns to the normal operating range. ES-4124 User's Guide 293 - ZyXEL ES-4124 | User Guide - Page 294
.1.5.8.24.31.2.1 This trap is sent when the Switch automatically resets. 1.3.6.1.4.1.890.1.5.8.24.31.2.1 This trap is sent when the Switch resets by an administrator through a management interface. 1.3.6.1.4.1.890 is down. This trap is sent when the Ethernet link is down. 294 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 295
authentication fails due to incorrect user name and/or password. AuthenticationFailureEventOn 1.3.6.1.4.1.890.1.5.8.24.31.2.1 can be reached. Table 118 SNMP IP Traps OPTION ping OBJECT LABEL pingProbeFailed pingTestFailed is sent when a traceroute test is completed. ES-4124 User's Guide 295 - ZyXEL ES-4124 | User Guide - Page 296
when the MRSTP topology changes. 1.3.6.1.4.1.890.1.5.8.24.107.7 This trap is sent when the MSTP root 0.2 switch changes. 1.3.6.1.4.1.890.1.5.8.24.31.2.1 This trap is sent when more than 99% of the MAC table click Access Control to go back to the Access Control screen. 296 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 297
the Trap Community string, which is the password sent with each trap to the SNMP Switch. Specify the version of the SNMP trap messages. Enter the IP addresses of up to four managers to send your SNMP traps to. Enter the port number upon which the manager listens for SNMP traps. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 298
account on the Switch (configured in Management > Access Control > Logins screen). Use this section to configure users for authentication with managers using SNMP v3. Note: Use the username and password of the login of SNMP traps that should be sent to each SNMP manager. 298 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 299
one time. • An administrator is someone who can both view and configure Switch changes. The username for the Administrator is always admin. The default administrator password is 1234. " It is highly recommended that you change the default administrator password (1234). ES-4124 User's Guide 299 - ZyXEL ES-4124 | User Guide - Page 300
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 300 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 301
client automatically saves any new server public keys. In subsequent connections, the server public key is checked against the saved version on the client computer. ES-4124 User's Guide 301 - ZyXEL ES-4124 | User Guide - Page 302
Switch. Please refer to the following figure. 1 HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the Switch's WS (web server). 2 HTTP connection requests from a web browser go to port 80 (by default) on the Switch's WS (web server). 302 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 303
certificate is from the Switch. You see the following Security Alert screen in Internet Explorer. Select Yes to proceed to the web configurator login screen; if you select No, then web configurator access is blocked. Figure 183 Security Alert Dialog Box (Internet Explorer) ES-4124 User's Guide 303 - ZyXEL ES-4124 | User Guide - Page 304
) Figure 185 Security Certificate 2 (Netscape) 36.8.3 The Main Screen After you accept the certificate and enter the login username and password, the Switch main screen appears. The lock displayed in the bottom right of the browser status bar denotes a secure connection. 304 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 305
also change the default service port and configure "trusted computer(s)" for each service in the Remote Management screen (discussed later). Click Access Control to go back to the main Access Control screen. Figure 187 Management > Access Control > Service Access Control ES-4124 User's Guide 305 - ZyXEL ES-4124 | User Guide - Page 306
Configure the IP address range of trusted computers from which you can manage this Switch. The Switch checks if the client IP address of a computer requesting a service or protocol matches the range set here. The Switch immediately disconnects the session if it does not match. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 307
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. ES-4124 User's Guide 307 - ZyXEL ES-4124 | User Guide - Page 308
Chapter 36 Access Control 308 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 309
. IP Ping Type the IP address of a device that you want to ping in order to test a connection. Click Ping to have the Switch ping the IP address (in the field to the left). Ethernet Port Test Enter a port number and click Port Test to perform an internal loopback test. ES-4124 User's Guide 309 - ZyXEL ES-4124 | User Guide - Page 310
Chapter 37 Diagnostic 310 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 311
. 38.1 Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages. A syslog-enabled device can generate . Use this screen to configure the device's system logging settings. ES-4124 User's Guide 311 - ZyXEL ES-4124 | User Guide - Page 312
your syslog program for more details. Apply Click Apply to save your changes to the Switch's run-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link screen. Use this screen to configure a list of external syslog servers. 312 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 313
edit the entry later). Server Address Enter the IP address of the syslog server. Log Level to save your changes to the Switch's run-time memory. The Switch loses these changes if it is Clear to return the fields to the factory defaults. Index This is the index number of ES-4124 User's Guide 313 - ZyXEL ES-4124 | User Guide - Page 314
Chapter 38 Syslog 314 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 315
you manage the cluster member switches. Cluster Members The switches being managed by the cluster manager switch. In the following example, switch A in the basement is the cluster manager and the other switches on the upper floors of the building are cluster members. ES-4124 User's Guide 315 - ZyXEL ES-4124 | User Guide - Page 316
Click Management > Cluster Management in the navigation panel to display the following screen. " A cluster can only have one manager. Figure 193 Management > Cluster Management 316 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 317
of members to go to that cluster member switch's web configurator home page. This cluster member web configurator home page and the home page that you'd see if you accessed it directly are different. Figure 194 Cluster Management: Cluster Member Web Configurator Screen ES-4124 User's Guide 317 - ZyXEL ES-4124 | User Guide - Page 318
. Table 131 FTP Upload to Cluster Member Example FTP PARAMETER DESCRIPTION User Enter "admin". Password The web configurator password default is 1234. ls Enter this command to list the name of cluster member switch's firmware and configuration file. 360lt0.bin This is the name of the - ZyXEL ES-4124 | User Guide - Page 319
. All switches must be directly connected and in the same VLAN group to belong to the same cluster. Switches that are not in the same VLAN group are not visible in the Clustering Candidates list. This field is ignored if the Clustering Manager is using Port-based VLAN. ES-4124 User's Guide 319 - ZyXEL ES-4124 | User Guide - Page 320
cluster member switch's System Name. Model This is the cluster member switch's model name. Remove Select this checkbox and then click the Remove button to remove a cluster member switch from the cluster. Cancel Click Cancel to begin configuring this screen afresh. 320 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 321
the Switch) or static (manually entered in the Static MAC Forwarding screen). The Switch uses the Switch has already learned the port for this MAC address, but the destination port is the same as the port it came in on, then it filters the frame. Figure 197 MAC Table Flowchart ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 322
frame belongs. This is the port from which the above MAC address was learned. This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). 322 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 323
packet is flooded to all ports. Too much port flooding leads to network congestion. • If the Switch has already learned the port for this IP address, but the destination port is the same as the port it came in on, then it filters the packet. Figure 199 IP Table Flowchart ES-4124 User's Guide 323 - ZyXEL ES-4124 | User Guide - Page 324
packet belongs. Port This is the port from which the above IP address was learned. This field displays CPU to indicate the IP address belongs to the Switch. Type This shows whether the IP address is dynamic (learned by the Switch) or static (belonging to the Switch). 324 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 325
LAN. The Switch fills in its own MAC and IP address in the sender address fields, and puts the known IP address of the target in the target IP address field. In addition, the Switch puts all ones the following screen. Use the ARP table to view IP-to-MAC address mapping(s). ES-4124 User's Guide 325 - ZyXEL ES-4124 | User Guide - Page 326
port with corresponding MAC address below. MAC Address This is the MAC address of the device with corresponding IP address above. Type This shows whether the MAC address is dynamic (learned by the Switch) or static (manually entered in the Static MAC Forwarding screen). 326 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 327
displays the IP address of the Interface. Metric This field displays the cost of the route. Type This field displays the method used to learn the route; OSPF - added as an OSPF interface, RIP - learned from incoming RIP packets or STATIC - added as a static entry. ES-4124 User's Guide 327 - ZyXEL ES-4124 | User Guide - Page 328
Chapter 43 Routing Table 328 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 329
and advanced settings from a source port to a destination port or ports. Click Management > Configure Clone to open the following screen. Figure 203 Management > Configure Clone ES-4124 User's Guide 329 - ZyXEL ES-4124 | User Guide - Page 330
-time memory. The Switch loses these changes if it is turned off or loses power, so use the Save link on the top navigation panel to save your changes to the non-volatile memory when you are done configuring. Cancel Click Cancel to begin configuring this screen afresh. 330 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 331
VI Commands and Troubleshooting Introducing Commands (333) User and Enable Mode Commands (387) Configuration Mode Commands (393) Interface Commands (405) IEEE 802.1Q Tagged VLAN Commands (415) Multicast VLAN Registration Commands (423) Routing Domain Command Examples (425) Troubleshooting (427) 331 - ZyXEL ES-4124 | User Guide - Page 332
332 - ZyXEL ES-4124 | User Guide - Page 333
to configure the Switch. Use commands for advanced Switch diagnosis and troubleshooting. If you have problems with your Switch, customer support may request that you issue some of these commands to assist them in troubleshooting. " See the web configurator parts of this User's Guide for background - ZyXEL ES-4124 | User Guide - Page 334
below. For your first login, enter the default administrator login username "admin" and password "1234". Enter User Name : admin Enter Password : XXXX 45.4 Command Syntax Conventions The rules of the commands are listed next. • The command keywords are in courier new font. 334 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 335
can use this IP address for Switch management. The following example shows you how to create an IP interface for the IP address 172.23.0.1 with the subnet mask 255.255.255.0: sysname# config sysname(config)# vlan 1 sysname(config-vlan)# ip address 172.23.0.1 255.255.255.0 ES-4124 User's Guide 335 - ZyXEL ES-4124 | User Guide - Page 336
Enable mode, type enable and enter the administrator password when prompted (the default is 1234). When you enter Enable mode, the command prompt changes to the pound sign (#). If you log into the command interpreter as an administrator you automatically enter Enable mode. 336 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 337
the enable command and enter enable mode password. sysname# Config Commands available in this mode allow you to configure settings that affect the Switch globally. Type config in enable mode. commands under a command group. • Detailed descriptions of the commands. ES-4124 User's Guide 337 - ZyXEL ES-4124 | User Guide - Page 338
Exec ping Show system information SSH client Exec traceroute Enter help to display detailed sub commands and parameters. sysname> ping help Commands available: ping < [ in-band|out-of-band|vlan ] [ size ] [ -t ] > sysname> 338 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 339
enable exit show ip history sysname> 45.11 Saving Your Configuration After you set the Switch settings with the User mode. " You must save your changes after each CLI session. All unsaved configuration changes are lost once you restart the Switch. sysname# write memory ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 340
: User Mode COMMAND DESCRIPTION help Displays help information. logout Exits from the CLI. exit Logs out from the CLI. history Displays a list of previously command(s) that you have executed. The Switch stores up to 256 commands in history. PRIVILEGE 0 0 0 0 340 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 341
> Display the version of the currently running 0 firmware on the Switch. ping Sends Ping request to an Ethernet device. 0 [vlan ] [size ). boot config Restarts the system with the 13 specified configuration file. ES-4124 User's Guide 341 - ZyXEL ES-4124 | User Guide - Page 342
13 from the Switch. arp inspection log Delete all ARP inspection log 13 entries from the Switch. arp inspection the specified configuration file on the router. flash Restores firmware via TFTP. 13 disable Exits Enable (or privileged) page 341. 342 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 343
Resets to the factory default settings on a per port basis and optionally on a per feature configuration basis. PRIVILEGE 13 13 13 13 ethernet oam exit help history igmp-flush kick logout mac-flush no ping - ZyXEL ES-4124 | User Guide - Page 344
snooping database Loads dynamic bindings from the 13 default DHCP snooping database. renew dhcp snooping database - ZyXEL ES-4124 | User Guide - Page 345
the cluster 3 addr> member(s). cpu-utilization Displays the CPU utilization 0 statistics on the Switch. dhcp relay Displays DHCP relay settings. 3 server Displays DHCP server in full detail form. diffserv Displays general DiffServ 3 settings. ES-4124 User's Guide 345 - ZyXEL ES-4124 | User Guide - Page 346
IGMP group limit. 3 igmp-immediate- Displays the IGMP Immediate 3 leave Leave setting. igmp-query-mode Displays the IGMP query mode 3 for the specified port(s). 346 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 347
protocol-based- Displays protocol based VLAN 3 vlan settings on the port(s). route Displays IP routing information. 3 route static Displays IP static route 3 information. source binding Displays the static bindings (IP to 3 MAC address) configured on the Switch. ES-4124 User's Guide 347 - ZyXEL ES-4124 | User Guide - Page 348
-addr>] [...] Displays the static bindings 3 configured on the Switch based on MAC address or VLAN ID of the static binding 3 source binding command. tcp Displays IP TCP information. 3 udp Displays IP UDP information. 3 lacp Displays LACP the specified tree. 348 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 349
port number, vlan ID and multicast group number of multicast group members on the Switch. vlan Displays multicast VLAN status. 3 multi-login Displays multi-login information 3 3 settings. rip Displays global RIP settings. 3 vrrp Displays VRRP settings. 3 ES-4124 User's Guide 349 - ZyXEL ES-4124 | User Guide - Page 350
for 3 this command. service-control Displays service control settings. 3 snmp- firmware version 0 running on the Switch. flash Displays the firmware version on 0 the flash memory of the Switch user@]dest-ip> Connects to an SSH server with 0 the specified SSH version. 350 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 351
Performs an internal loopback 13 test on the specified ports. traceroute [in-band|out-ofband|vlan ][ttl ] Saves current configuration to the 13 configuration file the Switch is currently using. Saves current configuration to . ES-4124 User's Guide 351 - ZyXEL ES-4124 | User Guide - Page 352
14 password. arp inspection Enables ARP inspection on the 13 Switch. You Switch after the Switch identifies an unauthorized ARP packet. The Switch automatically deletes the MAC address filter afterwards. none Specifies the MAC address filter 13 to be permanent. 352 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 353
that can be sent to the syslog server in one batch and how often (1-86400 seconds) the Switch sends a batch of syslog messages to the syslog server. vlan Enables ARP inspection . 13 bcptransparenc y Enables Bridge Control Protocol 13 (BCP) transparency. ES-4124 User's Guide 353 - ZyXEL ES-4124 | User Guide - Page 354
vlan ][ethernet-type - ZyXEL ES-4124 | User Guide - Page 355
DHCP relay for all 13 broadcast domains on the Switch. Sets the IP addresses of up to 3 13 DHCP servers. Allows the Switch to add system 13 name to agent information. Allows the Switch to add DHCP 13 relay agent information. Enables DHCP Snooping on the 13 Switch. ES-4124 User's Guide 355 - ZyXEL ES-4124 | User Guide - Page 356
be expressed like this: tftp://{domain name or IP address}/directory, if applicable/file name; for example 13 Switch. exit Exits from the CLI. 13 fe-spq Sets the Switch to use SPQ to 13 service the the Switch's name for 13 identification purposes. 356 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 357
. ip address Sets the IP address and subnet 13 mask of the out-of-band management port. default-gateway Sets the default gateway's IP 13 address for the out-of-band management port. name-server Sets the IP address of a domain 13 name server. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 358
source binding vlan Creates a static binding for 13 DHCP snooping and password Sets the password sent to the 13 RADIUS server for clients using MAC authentication. timeout Specifies the amount of time 13 before the Switch ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 359
the ports. help Displays the detailed help for the 13 mrstp command. mstp Activates MSTP on the Switch. 13 configuration name Sets a name for an MSTP 13 region. hello-time maximum-age priority to the specified 13 channel priority ES-4124 User's Guide 359 - ZyXEL ES-4124 | User Guide - Page 360
not sent to the syslog server to the default value (3). log-buffer logs Resets the maximum number of 13 syslog messages the Switch can send to the syslog server in one batch to the default value (4). vlan Disables ARP inspection on the 13 specified VLAN(s). 360 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 361
on 13 the Switch. vlan Specifies the VLAN IDs for 13 VLANs you want to disable DHCP snooping on. vlan information Sets the Switch to not add the 13 system name to DHCP requests that it broadcasts to the DHCP VLAN, if specified, or VLAN. ES-4124 User's Guide 361 - ZyXEL ES-4124 | User Guide - Page 362
vlan Removes IGMP snooping 13 configuration on the specified VLAN. ip Sets the management IP 13 address to the default value. route Removes a specified IP static 13 route. route Enables a specified IP static 13 inactive route. 362 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 363
the STP assignment 13 from the specified port(s). mstp Disables MSTP on the Switch. 13 instance on the Switch. vlan instance. ES-4124 User's Guide 363 - ZyXEL ES-4124 | User Guide - Page 364
service. https> router dvmrp Disables DVMRP on the Switch. 13 igmp Disables IGMP on the Switch. 13 ospf Disables OSPF on the Switch. 13 rip Disable RIP on the Switch. 13 vrrp network Deletes VRRP settings. 13 / vr- id 364 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 365
switch Disables sending all Switch type 13 traps to a manager. enable traps switch Disables sending all Switch type 13 traps to a manager. The options are "stp", "mactable" or "rmon". enable traps system Disables sending all system 13 type traps to a manager. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 366
13 encryption key. Your Switch supports SSH versions 1 and 2 using RSA and DSA authentication. known-hosts Removes the specified remote 13 hosts from the Disables daylight saving on the 13 Switch. timesync Disables timeserver settings. 13 366 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 367
Rate Three Color Marker feature on the Switch. trunk - ZyXEL ES-4124 | User Guide - Page 368
802.1x authentication 13 on the Switch. Enables 802.1x password to stay connected to a specified port. reauth-period Specifies how often a client has 13 to re-enter the username and password to stay connected to the specified port(s). 368 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 369
use a service to manage the Switch. router dvmrp Enables and enters the DVMRP 13 configuration mode. exit Leaves the DVMRP 13 configuration mode. threshold value. igmp Enables and enters the IGMP 13 configuration mode. ES-4124 User's Guide 369 - ZyXEL ES-4124 | User Guide - Page 370
. non-querier Sets the Switch to Non-Querier 13 mode. (If a multicast router with a lower IP address, it will stop sending 13 the area. area Sets the cost to the area. 13 default-cost area name Sets a descriptive name area. 370 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 371
the area to use the default 13 cost (15). no area- Resets the ip- Deletes the OSPF network. 13 addr/bits> no redistribute Sets the Switch not to learn RIP 13 rip routing information. no redistribute Sets the Switch not to learn 13 static static routing information. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 372
-ip gateway IP address. priority Sets the priority of the uplink- 13 gateway. secondary- Sets the secondary VRRP 13 virtual-ip virtual gateway IP address. servicecontrol ftp Allows FTP access on the 13 specified service port. 372 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 373
service port. snmp-server [contact ] [location ] Sets the geographic location 13 and the name of the person in charge of this Switch "linkup", "linkdown" and "autonegotiation". ip Enables sending all IP type 13 traps to a manager. ES-4124 User's Guide 373 - ZyXEL ES-4124 | User Guide - Page 374
The options are "coldstart", "warmstart", "fanspeed", "temperature", "voltage", "reset", "timesync", "intrusionlock" or "loopguard". username sec-level Sets the the bridge priority of the 13 Switch. spq Sets the Switch to use Strict 13 Priority Queuing (SPQ). 374 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 375
- ip> Adds a remote host to which the 13 Switch can access using SSH service. stormcontrol Enables broadcast storm control 13 on the Switch. subnetbased index- Specifies the mode for 13 priority|round- TACACS+ server selection. robin> ES-4124 User's Guide 375 - ZyXEL ES-4124 | User Guide - Page 376
time server protocol. 13 server Sets the IP address of your time 13 server. trtcm Enables Two Rate Three Color 13 Marker on the Switch. mode on the 13 Switch. Sets the SP TPID (Service 13 Provider Tag Protocol Identifier). 376 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 377
13 configuration. arp inspection trust Sets the port to be a trusted port 13 for arp inspection. The Switch does not discard ARP packets on trusted ports for any reason. limit rate Specifies the maximum rate limits allowed 13 for outgoing traffic on the port(s). ES-4124 User's Guide 377 - ZyXEL ES-4124 | User Guide - Page 378
mode exit flow-control remote-loopback supported DESCRIPTION PRIVILEGE Sets the maximum bandwidth 13 allowed for STP port states. Enables broadcast storm control 13 limit on the Switch. Specifies the maximum number 13 of broadcast packets allowed to ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 379
for 13 the port. Disables the specified port(s) on 13 the Switch. Enables the device to discard 13 incoming frames for VLANs that are Enables the port(s) to remove 13 specified VLAN tag from IP multicasting packets before forwarding. Enables the loopguard feature on 13 ES-4124 User's Guide 379 - ZyXEL ES-4124 | User Guide - Page 380
Switch. egress-set ethernet oam Disables Ethernet OAM on the 13 port(s). ethernet oam mode Resets Ethernet OAM mode to 13 the default setting (active) on the ports. ethernet oam remote-loopback supported limitation. 13 380 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 381
Enables the port(s) on the 13 Switch. ingress-check Disables ingress checking on default PVID is VLAN 1 for 13 all ports. Sets a PVID in the range 1 to 4094 for the specified interface. qos priority Sets the quality of service priority 13 for an interface. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 382
both ends support. trtcm Switch. weight ... A weight value of one to eight is 13 given to each variable from wt 1 to wt 8. 45.12.5 interface route-domain Commands The following table lists the interface route-domain commands in configuration mode. 382 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 383
exit Exits from the interface routing- 13 domain command mode. ip dvmrp Enables this function to permit 13 VLAN groups beyond the local Switch. igmp Enables IGMP in this routing 13 - Sets the VRRP authentication 13 key key in the routing domain. ES-4124 User's Guide 383 - ZyXEL ES-4124 | User Guide - Page 384
> Sets the IP address of the 13 Switch in the VLAN. Sets the IP address of the 13 manageable Switch in the VLAN and allow remote management to this IP address. default gateway address in this VLAN. 384 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 385
Enables the specified VLAN. 13 ip address Deletes the IP address and 13 subnet mask from this VLAN. ip address default- Deletes the default gateway from 13 gateway this identification purposes. no group Disables all MVR group 13 settings. ES-4124 User's Guide 385 - ZyXEL ES-4124 | User Guide - Page 386
(s).An 13 MVR source port can send and receive multicast traffic in a multicast VLAN. tagged Sets the port(s) to tag VLAN 13 tags. 386 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 387
User and Enable modes to diagnose and manage your Switch. 46.2 show Commands These are the commonly used show commands. 46.2.1 show system-information Syntax: show system-information This command shows the general system information (such as the firmware Model : ES-4124 ES-4124 User's Guide 387 - ZyXEL ES-4124 | User Guide - Page 388
User and Enable Mode Commands 46.2.2 show ip Syntax: show ip This command displays the IP related information (such as IP address and subnet mask) on all Switch interfaces. The following figure shows the default interface settings. sysname> show ip Management IP Address IP 388 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 389
Chapter 46 User and Enable Mode Commands This command displays statistics of es) stored in the Switch. The following example shows the static MAC address table. sysname# show mac address-table static Port VLAN ID MAC Address CPU 1 00:a0:c5:01:23:46 sysname# Type Static ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 390
example sends Ping requests to and displays the replies from an Ethernet device with an IP address of 192.168.1.100. sysname# ping 192.168.1.100 sent rcvd rate rtt avg wait. [queries ] = Specifies how many times the Switch performs the traceroute function. 390 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 391
Chapter 46 User and Enable Mode Commands This command displays information about the route to an Ethernet device. The following example displays route information to an Ethernet device with an IP address of The following sections show how to manage the configuration files. ES-4124 User's Guide 391 - ZyXEL ES-4124 | User Guide - Page 392
to reset the second configuration file, use the write memory command again with the specified index number. The following example resets both configuration files to the factory default settings. sysname# erase running-config sysname# write memory sysname# write memory 2 392 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 393
chapters which proceed the commands chapters. 47.1 Enabling IGMP Snooping To enable IGMP snooping on the Switch. Enter igmp-snooping and press [ENTER]. You can also set how to treat traffic from an multicast groups or whether you want to forward them to all ports. ES-4124 User's Guide 393 - ZyXEL ES-4124 | User Guide - Page 394
profile filter1 and specify the multicast IP addresses in the range 224.255.255.0 to 225.255.255.255 to belong to this profile. sysname(config)# igmp-filtering sysname(config)# igmp-filtering profile filter1 start-address 224.255.255.0 end-address 225.255.255.255 394 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 395
STP Use the spanning-tree or the mrstp commands to enable and configure STP on the Switch. The difference between the commands is that spanning-tree only allows you to set up one a root port, a new root port is selected from among the Switch ports attached to the network. ES-4124 User's Guide 395 - ZyXEL ES-4124 | User Guide - Page 396
negates the intended action of the command. In most cases the no command disables, resets or clears settings. There are cases, however, where the no command can activate to disable features on the Switch. Syntax: no spanning-tree no mirror-port Disables STP on the Switch. 396 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 397
Switch. 47.4.2 Resetting Commands Use the no command to reset Switch settings to their default values. Syntax: no https timeout Resets the https session timeout to default. An example is shown next. The session timeout is reset interface ES-4124 User's Guide 397 - ZyXEL ES-4124 | User Guide - Page 398
on the listed ports. An example is shown next. • Disable authentication on the Switch. • Disable re-authentication on ports one, three, four and five. • Disable authentication no ssh known-hosts no ssh known-hosts [1024|ssh-rsa|ssh-dsa] 398 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 399
= known-hosts = known-hosts = [1024|ssh-rsa|ssh-dsa] Disables the secure shell server encryption key. Your Switch supports SSH versions 1 and 2 using RSA and example is shown next. • Set the queueing method to SPQ. sysname(config)# spq ES-4124 User's Guide 399 - ZyXEL ES-4124 | User Guide - Page 400
)# ip route 172.21.1.104 255.255.0.0 192.168.1.2 name route1 47.7 Enabling MAC Filtering You can create a filter to drop packets based on the MAC address of the source or the destination. Syntax: mac-filter name mac vlan drop 400 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 401
|T5|T6> lacp = Enables the trunk. Places ports in the trunk. Enables LACP in the trunk. An example is shown next. • Create trunk 1 on the Switch. • Place ports 5-8 in trunk 1. ES-4124 User's Guide 401 - ZyXEL ES-4124 | User Guide - Page 402
-number>] = [key ] = Specifies the IP address of the RADIUS server. Changes the UDP port of the RADIUS server from the default (1812). Specifies a password (up to 32 alphanumeric characters) as the key to be shared between the RADIUS server and the Switch. 402 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 403
and the Switch forwards the password to stay connected to the port. An example is shown next. • Specify RADIUS server 1 with IP address 10.10.10.1, port 1890 and the string secretKey as the password. See Section 47.9.1 on page 402 for more information on RADIUS server commands. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 404
Chapter 47 Configuration Mode Commands • Specify the timeout period of 30 seconds that the Switch will wait for a response from the RADIUS server. • Enable port authentication on 4-8 reauthenticate sysname(config)# port-access-authenticator 4-8 reauth-period 1800 404 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 405
allow you to configure the Switch on a port by support IEEE 802.3ah. Because link layer Ethernet OAM operates at layer two of the OSI (Open Systems Interconnection Basic Reference) model, neither IP or SNMP are necessary to monitor or troubleshoot network connection problems. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 406
(s). Displays the status of all the enabled Ethernet OAM ports on the Switch. A configuration example is shown next. • Enable port 7 for configuration supported The next few examples show how to use the Ethernet OAM features. • Perform Ethernet OAM discovery from port 7. 406 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 407
OAM configurations: Mode : Active Unidirectional : Not supported Remote loopback : Supported Link events : Not supported Variable retrieval: Not supported Max. OAMPDU size : 1518 Operational status: Info process a BPDU with no VLAN tag and forward a tagged BPDU. ES-4124 User's Guide 407 - ZyXEL ES-4124 | User Guide - Page 408
-limit where broadcast- = Enables broadcast storm control limit on the Switch. limit = Limits how many broadcast packet the interface receives per second the maximum bandwidth allowed for outgoing traffic (egress) on the Switch. An example is shown next. 408 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 409
gvrp Syntax: gvrp GVRP (GARP VLAN Registration Protocol) is a registration protocol that defines a way for switches to register necessary VLAN members on ports across the network. Enable this function to permit VLAN groups beyond the local switch. An example is shown next. ES-4124 User's Guide 409 - ZyXEL ES-4124 | User Guide - Page 410
Interface Commands • Enable the IEEE 802.1Q tagged VLAN command to configure tagged VLAN for the Switch. • Enable ports one, three, four and five for configuration. • Enable GVRP on the interface )# frame-type tagged 48.2.10 weight Syntax: weight ... 410 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 411
wt 1 to wt 8. An example is shown next. • Enable WFQ queuing on the Switch. • Enable port 2 and ports 6 to 8 for configuration. • Set the queue quality of service priority for a port. An example is shown next. • Enable ports one, three, four and five for configuration. ES-4124 User's Guide 411 - ZyXEL ES-4124 | User Guide - Page 412
Commands • Set the IEEE 802.1p quality of service priority as four (4). sysname(config)# interface port-channel a peer automatically to obtain the connection speed and duplex mode that both ends support. An example is shown next. • Enable ports one, three, four and . 412 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 413
: no bandwidth-limit An example is shown next: • Disable bandwidth limit on port1 sysname(config)# interface port-channel 1 sysname(config-interface)# no bandwidth-limit cir ES-4124 User's Guide 413 - ZyXEL ES-4124 | User Guide - Page 414
Chapter 48 Interface Commands 414 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 415
• Use the vlan command to create a VLAN (VID 3 in this example) for managing the Switch, and the Switch will activate the new management VLAN. • Use the inactive command to disable the new management VLAN. sysname (config)# vlan 3 sysname (config-vlan)# inactive ES-4124 User's Guide 415 - ZyXEL ES-4124 | User Guide - Page 416
; the default is 600 Switches join VLANs by making a declaration. A declaration is made by issuing a Join message using GARP. Declarations are withdrawn by issuing a Leave message. A Leave All message terminates all registrations. GARP timers set declaration timeout values. 416 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 417
other switches. 49.3 Port VLAN Commands You must configure the Switch port VLAN settings in config-interface mode. 49.3.1 Set Port VID Syntax: pvid where = Specifies the VLAN number between 1 and 4094. This command sets the default VLAN ID on the port(s). ES-4124 User's Guide 417 - ZyXEL ES-4124 | User Guide - Page 418
Chapter 49 IEEE 802.1Q Tagged VLAN Commands The following example sets the default VID to 200 on ports 1 to 5. sysname (config)# interface port-channel 1-5 sysname (config-interface untagged no fixed no forbidden no untagged 418 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 419
came, because the Switch does not send a frame to the port from which it came. The Switch also does not forward frames to "forbidden" ports. 4 If after looking at the SVLAN, the Switch does not have any ports to which it will send the frame, it won't check the port filter. ES-4124 User's Guide 419 - ZyXEL ES-4124 | User Guide - Page 420
the VLAN identification number. • Status shows whether the VLAN is static or active. • Elap-Time is the time since the VLAN was created on the Switch. 420 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 421
of VLAN: 3 Idx. VID Status Elap-Time TagCtl 1 1 Static 0:12:13 Untagged :1-2 Tagged : 1 100 Static 0:00:17 Untagged : Tagged :1-4 1 200 Static 0:00:07 Untagged :1-2 Tagged :3-8 ES-4124 User's Guide 421 - ZyXEL ES-4124 | User Guide - Page 422
Chapter 49 IEEE 802.1Q Tagged VLAN Commands 422 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 423
name mvr tagged mvr group start-address end-address mvr exit where = The VLAN ID [1 - 4094]. source-port = . name = A name to identify the multicast VLAN group. ES-4124 User's Guide 423 - ZyXEL ES-4124 | User Guide - Page 424
Commands mode = group name = start-address = end-address = Specifies dynamic (sends IGMP reports to all source ports in the multicast VLAN) or -address 224.0.0.1 end-address --> 224.0.0.255 sysname(config-mvr)# exit 424 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 425
mode. • Enable default routing domain (the 192.168.1.1 subnet) for configuration. • Begin configuring for this domain. sysname# config sysname(config)# interface route-domain 192.168.1.1/24 cmd interface route domain 192.168.1.1 255.255.255.0 sysname(config-if)# ES-4124 User's Guide 425 - ZyXEL ES-4124 | User Guide - Page 426
Chapter 51 Routing Domain Command Examples 426 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 427
, your computer's IP address must match it. Refer to the chapter on access control for details. Your computer's and the Switch's IP addresses must be on the same subnet. See the following section to check that pop-up windows, JavaScripts and Java permissions are allowed. ES-4124 User's Guide 427 - ZyXEL ES-4124 | User Guide - Page 428
your device. Either disable pop-up blocking (enabled by default in Windows XP SP (Service Pack) 2) or allow pop-up blocking and create an exception for your device's IP address. 52.2.1.1.1 Disable pop-up Blockers 1 In disables any web pop-up blockers you may have enabled. 428 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 429
Figure 206 Internet Options Chapter 52 Troubleshooting 3 Click Apply to save this setting. 52.2.1.1.2 Enable pop-up Blockers with Exceptions Alternatively, if , Internet Options and then the Privacy tab. 2 Select Settings...to open the Pop-up Blocker Settings screen. ES-4124 User's Guide 429 - ZyXEL ES-4124 | User Guide - Page 430
(the web page that you do not want to have blocked) with the prefix "http://". For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 208 Pop-up Blocker Settings 430 5 Click Close to return to the Privacy screen. ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 431
Chapter 52 Troubleshooting 6 Click Apply to save this setting. 52.2.1.2 JavaScripts If Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window. ES-4124 User's Guide 431 - ZyXEL ES-4124 | User Guide - Page 432
Chapter 52 Troubleshooting Figure 210 Security Settings - Java Scripting 52.2.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the sure that a safety level is selected. 5 Click OK to close the window. Figure 211 Security Settings - Java 432 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 433
. Make sure that you enter the correct password and username using the proper casing. If you have changed the password and have now forgotten it, you will need to upload the default configuration file. This restores all of the factory defaults including the password. ES-4124 User's Guide 433 - ZyXEL ES-4124 | User Guide - Page 434
Chapter 52 Troubleshooting 434 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 435
PART VII Appendices and Index Product Specifications (355) Legal Information (443) Customer Support (447) Index (451) 435 - ZyXEL ES-4124 | User Guide - Page 436
436 - ZyXEL ES-4124 | User Guide - Page 437
The following tables summarize the Switch's hardware and firmware features. Table 149 Hardware Specifications SPECIFICATION DESCRIPTION Dimensions Standard 19" rack mountable 438 F) Humidity: 10 ~ 90% (non-condensing) 18 AWG or larger 18 AWG or larger 250 VAC, T2A ES-4124 User's Guide 437 - ZyXEL ES-4124 | User Guide - Page 438
that you can examine the traffic from the mirror port (the port you copy the traffic to) without interference. Static Route Static routes tell the Switch how to forward IP traffic when you configure the TCP/IP parameters manually. 438 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 439
or commands to easily configure the rich range of features on the Switch. Port Cloning Use the port cloning feature to copy the settings you configure on one port to another port or ports. Syslog The Switch can generate syslog messages and send it to a syslog server. ES-4124 User's Guide 439 - ZyXEL ES-4124 | User Guide - Page 440
Based VLAN Port Aggregation Supports IEEE 802.3ad; static and dynamic (LACP) port trunking Six groups (up to 8 ports each) Port mirroring All ports support port mirroring Support port mirroring per IP/TCP/UDP Bandwidth control Supports rate limiting at 64K increment 440 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 441
Switching Specifications (continued) IP Capability IPV4 support 64 IP routing domains 4K IP address table Wire speed IP forwarding Routing protocols Unicast: RIP-V1/V2, OSPF V2 Multicast: DVMRP, IGMP V1/V2/V3 Static Routing VRRP IP services -MIB RFC 3046 DHCP Relay ES-4124 User's Guide 441 - ZyXEL ES-4124 | User Guide - Page 442
Product Specifications Table 152 Standards Supported (continued) STANDARD DESCRIPTION RFC 3164 Syslog RFC 3376 Internet Group Management Protocol, Version 3 RFC 3414 User-based Security Model (USM) 60950-1 IEC 60950-1 EMC FCC Part 15 (Class A) CE EMC (Class A) 442 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 443
manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL any interference received, including interference that may cause undesired operations. ES-4124 User's Guide 443 - ZyXEL ES-4124 | User Guide - Page 444
digital switch, pursuant instruction manual ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating 444 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 445
any kind to the purchaser. To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. ES-4124 User's Guide 445 - ZyXEL ES-4124 | User Guide - Page 446
Appendix B Legal Information 446 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 447
El Patio, Tercer Piso, San José, Costa Rica Czech Republic • E-mail: [email protected] • Telephone: +420-241-091-350 • Fax: +420-241-091-359 • Web Site: www.zyxel.cz • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 Modrany, Ceská Republika ES-4124 User's Guide 447 - ZyXEL ES-4124 | User Guide - Page 448
[email protected] • Sales E-mail: [email protected] • Telephone: +36-1-3361649 • Fax: +36-1-3259100 • Web Site: www.zyxel.hu • Regular Mail: ZyXEL Hungary, 48, Zoldlomb Str., H-1025, Budapest, Hungary Kazakhstan • Support: http://zyxel.kz/support • Sales E-mail: [email protected] 448 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 449
: +7-095-542-89-29 • Fax: +7-095-542-89-25 • Web Site: www.zyxel.ru • Regular Mail: ZyXEL Russia, Ostrovityanova 37a Str., Moscow, 117279, Russia Spain • Support E-mail: [email protected] • Sales E-mail: [email protected] • Telephone: +34-902-195-420 • Fax: +34-913-005-345 ES-4124 User's Guide 449 - ZyXEL ES-4124 | User Guide - Page 450
303034 • Web Site: www.zyxel.co.uk • FTP Site: ftp.zyxel.co.uk • Regular Mail: ZyXEL Communications UK, Ltd.,11 The Courtyard, Eastern Road, Bracknell, Berkshire, RG12 2XB, United Kingdom (UK) "+" is the (prefix) number you dial to make an international telephone call. 450 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 451
notices 444 viewing 444 CFI (Canonical Format Indicator) 91 changing the password 61 CIST 116 CIST (Common and Internal Spanning Tree) 114 Class of Service (CoS) 257 classifier 155, 157 and QoS 155 editing 158 example 159 overview 155 setup 155, 157, 158 viewing 158 CLI ES-4124 User's Guide 451 - ZyXEL ES-4124 | User Guide - Page 452
261 DS field 257 DSCP 257 DSCP-to-IEEE802.1p mapping 262 network example 258 PHB 257 dimensions 437 disclaimer 443 double-tagged frames 171 DR (Designated Router) 236 DS (Differentiated Services) 257 DSCP DSCP-to-IEEE802.1p mapping 262 service level 257 what it does 257 452 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 453
broadcast address 325 Ethernet port test 309 Ethernet ports 46 default settings 46 external authentication server 192 F fan speed 78 FCC interference statement 443 feature summary 58 file transfer priority 83 IEEE 802.1x activate 147, 148, 194, 196 reauthentication 148 ES-4124 User's Guide 453 - ZyXEL ES-4124 | User Guide - Page 454
249 version 177 version 3 249 versions supported 248 IGMP (Internet Group Management Protocol) IP capability 441 interface 83, 275 routing domain 83 services 441 setup 83 IP multicast example 247 IP lockout 61 log 309 login 55 password 61 login account Administrator 299 non-administrator ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 455
firmware 287 max age 126 hops 126 metric 240 MIB and SNMP 292 supported MIBs 293 MIB (Management Information Base) 292 mini GBIC ports 255 802.1 priority 179 and IGMP 177 and VLAN 255 configuration 255 IP addresses 177 overview 177, 255 setup 178, 179 vs. unicast 255 242 ES-4124 User's Guide 455 - ZyXEL ES-4124 | User Guide - Page 456
244 vs RIP 235 OSPF (Open Shortest Path First) 235 P password 61 administrator 300 problems 433 PHB (Per-Hop Behavior) 257 ping, test connection 309 151 setup 151, 227 port setup 85 port status 71 port VID default for all ports 381 port VLAN trunking 93 port-based VLAN 103 , 169 ES-4124 User's Guide - ZyXEL ES-4124 | User Guide - Page 457
3 remote management 306 service 307 trusted computers 306 resetting 62, 286 to factory default settings 286 restoring configuration summary 58 Secure Shell See SSH security 441 service access control 305 ES-4124 User's Guide Index service port 306 show commands examples 387 Simple Network - ZyXEL ES-4124 | User Guide - Page 458
RFC-868) 80 time server 80 458 time service protocol 80 format 80 Time To Live (TTL) 253 trademarks 443 transceiver installation 47 removal 47 traps destination 297 troubleshooting 427 accessing the switch 427 accessing the web configurator 427 password problems 433 start-up 427 TRTCM and bandwidth - ZyXEL ES-4124 | User Guide - Page 459
57 screen summary 58 weight, queuing 168 Weighted Round Robin Scheduling (WRR) 168 WFQ (Weighted Fair Queuing) 168 WRR (Weighted Round Robin Scheduling 168 Z ZyNOS (ZyXEL Network Operating System) 289 ES-4124 User's Guide 459 - ZyXEL ES-4124 | User Guide - Page 460
Index 460 ES-4124 User's Guide
-
1 -
2 -
3 -
4 -
5 -
6 -
7 -
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
45
-
46
-
47
-
48
-
49
-
50
-
51
-
52
-
53
-
54
-
55
-
56
-
57
-
58
-
59
-
60
-
61
-
62
-
63
-
64
-
65
-
66
-
67
-
68
-
69
-
70
-
71
-
72
-
73
-
74
-
75
-
76
-
77
-
78
-
79
-
80
-
81
-
82
-
83
-
84
-
85
-
86
-
87
-
88
-
89
-
90
-
91
-
92
-
93
-
94
-
95
-
96
-
97
-
98
-
99
-
100
-
101
-
102
-
103
-
104
-
105
-
106
-
107
-
108
-
109
-
110
-
111
-
112
-
113
-
114
-
115
-
116
-
117
-
118
-
119
-
120
-
121
-
122
-
123
-
124
-
125
-
126
-
127
-
128
-
129
-
130
-
131
-
132
-
133
-
134
-
135
-
136
-
137
-
138
-
139
-
140
-
141
-
142
-
143
-
144
-
145
-
146
-
147
-
148
-
149
-
150
-
151
-
152
-
153
-
154
-
155
-
156
-
157
-
158
-
159
-
160
-
161
-
162
-
163
-
164
-
165
-
166
-
167
-
168
-
169
-
170
-
171
-
172
-
173
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
233
-
234
-
235
-
236
-
237
-
238
-
239
-
240
-
241
-
242
-
243
-
244
-
245
-
246
-
247
-
248
-
249
-
250
-
251
-
252
-
253
-
254
-
255
-
256
-
257
-
258
-
259
-
260
-
261
-
262
-
263
-
264
-
265
-
266
-
267
-
268
-
269
-
270
-
271
-
272
-
273
-
274
-
275
-
276
-
277
-
278
-
279
-
280
-
281
-
282
-
283
-
284
-
285
-
286
-
287
-
288
-
289
-
290
-
291
-
292
-
293
-
294
-
295
-
296
-
297
-
298
-
299
-
300
-
301
-
302
-
303
-
304
-
305
-
306
-
307
-
308
-
309
-
310
-
311
-
312
-
313
-
314
-
315
-
316
-
317
-
318
-
319
-
320
-
321
-
322
-
323
-
324
-
325
-
326
-
327
-
328
-
329
-
330
-
331
-
332
-
333
-
334
-
335
-
336
-
337
-
338
-
339
-
340
-
341
-
342
-
343
-
344
-
345
-
346
-
347
-
348
-
349
-
350
-
351
-
352
-
353
-
354
-
355
-
356
-
357
-
358
-
359
-
360
-
361
-
362
-
363
-
364
-
365
-
366
-
367
-
368
-
369
-
370
-
371
-
372
-
373
-
374
-
375
-
376
-
377
-
378
-
379
-
380
-
381
-
382
-
383
-
384
-
385
-
386
-
387
-
388
-
389
-
390
-
391
-
392
-
393
-
394
-
395
-
396
-
397
-
398
-
399
-
400
-
401
-
402
-
403
-
404
-
405
-
406
-
407
-
408
-
409
-
410
-
411
-
412
-
413
-
414
-
415
-
416
-
417
-
418
-
419
-
420
-
421
-
422
-
423
-
424
-
425
-
426
-
427
-
428
-
429
-
430
-
431
-
432
-
433
-
434
-
435
-
436
-
437
-
438
-
439
-
440
-
441
-
442
-
443
-
444
-
445
-
446
-
447
-
448
-
449
-
450
-
451
-
452
-
453
-
454
-
455
-
456
-
457
-
458
-
459
-
460
 |
 |
www.zyxel.com
ES-4124
Intelligent Layer 3+ Switch
User’s Guide
Version 3.8
4/2007
Edition 1
DEFAULT LOGIN
IP Address
User Name
admin
Password
1234