Home » ZyXEL Manuals » Networking » ZyXEL GS1510-24 » Manual Viewer

ZyXEL GS1510-24 User Guide - Page 103

IP Source Guard

Get ZyXEL GS1510-24 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 103 highlights

CHAPTER 18 IP Source Guard 18.1 Overview Use the IP source guard screens to filter unauthorized DHCP and ARP packets in your network. IP source guard uses a binding table to distinguish between the authorized and unauthorized DHCP and ARP packets in your network. 18.2 What You Can Do • Use the DHCP Snooping screens (Section 18.4 on page 107) to filter unauthorized DHCP packets on the network and to build the binding table dynamically. • Use the ARP Inspection screens (Section 18.6 on page 110) to filter unauthorized ARP packets on the network. • Use the Binding Table screens (Section 18.7 on page 112) to manually enter static bindings and to convert dynamic bindings to static. 18.3 What You Need To Know A binding in the IP source guard binding table contains these key attributes: • MAC address • VLAN ID • IP address • Port number When the Switch receives an ARP packet, it looks up the appropriate MAC address, VLAN ID, IP address, and port number in the binding table. If there is a binding, the Switch forwards the packet. If there is not a binding, the Switch discards the packet. The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). GS1510 Series User's Guide 103

Section	Page
GS1510-16/GS1510-24	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
Introduction and Hardware Overview	17
Getting to Know Your Switch	19
1.1 Introduction	19
1.1.1 Backbone Application	19
1.1.2 Bridging Example	20
1.1.3 High Performance Switching Example	21
1.1.4 IEEE 802.1Q VLAN Application Examples	21
1.2 Good Habits for Managing the Switch	22
Hardware Installation and Connection	23
2.1 Freestanding Installation	23
2.2 Mounting the Switch on a Rack	24
2.2.1 Rack-mounted Installation Requirements	24
2.2.2 Attaching the Mounting Brackets to the Switch	24
2.2.3 Mounting the Switch on a Rack	25
Hardware Overview	27
3.1 Front Panel	27
3.1.1 Ethernet Ports	28
3.1.2 Mini-GBIC Slots	28
3.1.3 The RESET Button	30
3.2 LEDs	30
3.3 Rear Panel	31
3.3.1 Power Connector	31
Basic Settings	33
The Web Configurator	35
4.1 Introduction	35
4.2 Device Auto Discovery Utility	35
4.3 System Login	35
4.3.1 Smart Mode	36
4.3.2 The Advanced Main Screen	40
4.3.3 The Navigation Panel	40
4.3.4 Change Your Password	42
4.4 Saving Your Configuration	43
4.5 Switch Lockout	43
4.6 Resetting the Switch	43
4.7 Logging Out of the Web Configurator	44
System	45
5.1 System Screen	45
General Settings	47
6.1 What You Can Do	47
6.2 System	47
6.3 Jumbo Frame	48
6.4 SNTP	49
MAC Management	51
7.1 Overview	51
7.2 What You Can Do	51
7.3 What You Need to Know	51
7.4 Static MAC Settings	52
7.5 MAC Table	53
Port Mirroring	55
8.1 Port Mirroring Settings	55
Port Settings	57
9.1 Port Settings	57
9.1.1 Auto Negotiation	57
9.1.2 Flow Control	57
Advanced Settings	61
VLAN	63
10.1 Overview	63
10.2 What You Can Do	63
10.3 What You Need to Know	63
10.3.1 Introduction to IEEE 802.1Q Tagged VLANs	63
10.3.2 Forwarding Tagged and Untagged Frames	64
10.4 Port Isolation	64
10.5 VLAN Settings	67
10.6 Tag Settings	68
10.7 Port Settings	69
EEE	71
11.1 Overview	71
11.1.1 EEE Screen	71
IGMP Snooping	73
12.1 Overview	73
12.2 What You Can Do	73
12.3 What You Need to Know	73
12.3.1 IGMP Snooping and VLANs	74
12.4 General Settings	74
12.5 Port Settings	75
Link Aggregation	77
13.1 Overview	77
13.2 What You Can Do	77
13.3 What You Need to Know	77
13.3.1 Dynamic Link Aggregation	77
13.4 Static Trunk	78
13.5 LACP	79
Loop Guard	81
14.1 Overview	81
14.2 What You Need to Know	81
14.3 Loop Guard	83
QoS	85
15.1 Overview	85
15.2 What You Can Do	85
15.3 What You Need to Know	85
15.3.1 Queuing algorithms	85
15.3.2 QoS Enhancement	86
15.4 Port Priority	86
15.5 IP DiffServ (DSCP)	87
15.5.1 Differentiated Services Code Point (DSCP)	88
15.6 Priority/Queue Mapping	89
15.7 Queuing Method	90
Storm Control	93
16.0.1 Broadcast Storm Control Setup	93
Spanning Tree Protocol	95
17.1 Overview	95
17.2 What You Can DO	95
17.3 What You Need to Know	95
17.3.1 STP Terminology	96
17.3.2 How STP Works	96
17.4 General Settings	97
17.5 STP Status Screen	98
Security and Management	101
IP Source Guard	103
18.1 Overview	103
18.2 What You Can Do	103
18.3 What You Need To Know	103
18.3.1 DHCP Snooping Overview	104
18.3.2 ARP Inspection Overview	105
18.4 DHCP Snooping	107
18.5 Port Settings	108
18.6 ARP Inspection	110
18.6.1 Filter Table	111
18.7 Binding Table	112
18.7.1 Static Entry Settings	112
18.7.2 Binding Table	114
802.1x	117
19.1 Overview	117
19.2 What You Can Do	117
19.3 What You Need to Know	118
19.3.1 IEEE 802.1x Authentication	118
19.3.2 Local User Accounts	118
19.4 Global Settings	118
19.5 Port Settings	120
Web Authentication	123
20.1 Overview	123
20.2 What You Can Do	123
20.3 What You Need to Know	123
20.3.1 User Authentication Experience	124
20.4 Configuration	125
20.5 Customization	126
Maintenance	129
21.1 Overview	129
21.2 What You Can Do	129
21.3 Configuration	130
21.3.1 Backup Settings	130
21.3.2 Upgrade Configuration	131
21.3.3 Restore Factory Default Settings	131
21.4 Firmware	132
21.5 Reboot	132
21.6 System Log	133
21.6.1 Syslog	133
SNMP	135
22.1 Overview	135
22.2 What You Can Do	135
22.3 What You Need to Know	135
22.3.1 About SNMP	135
22.3.2 Supported MIBs	137
22.3.3 SNMP Traps	137
22.4 SNMP Settings	137
22.5 Community Name	138
22.6 Trap Receiver	140
User Account	143
23.1 Overview	143
23.2 User Account Screen	143
Troubleshooting & Product Specifications	145
Troubleshooting	147
24.1 Power, Hardware Connections, and LEDs	147
24.2 Switch Access and Login	148
Product Specifications	151
25.1 General Switch Specifications	151
Appendices and Index	157
Device Auto Discovery	159
IP Addresses and Subnetting	165
Legal Information	175
Open Software Announcements	179