User ManualTable of ContentsXGS-4526/4528F/4728F1About This User's Guide3Document Conventions5Safety Warnings7Contents Overview9Table of Contents11User’s Guide25Getting to Know Your Switch271.1 Introduction271.1.1 Bridging Example271.1.2 High Performance Switching Example281.1.3 Gigabit Ethernet to the Desktop291.1.4 IEEE 802.1Q VLAN Application Example291.1.5 IPv6 Support301.2 Ways to Manage the Switch301.3 Good Habits for Managing the Switch31Hardware Installation and Connection332.1 Freestanding Installation332.2 Mounting the Switch on a Rack342.2.1 Rack-mounted Installation Requirements342.2.2 Attaching the Mounting Brackets to the Switch342.2.3 Mounting the Switch on a Rack35Hardware Overview373.1 Front Panel Connections373.1.1 Dual Personality Interfaces383.1.2 1000Base-T Ports383.1.3 Mini-GBIC Slots393.2 Rear Panel413.2.1 XGS-4526413.2.2 XGS-4528F or XGS-4728F413.2.3 Uplink Module423.2.4 Rear Panel Connections423.2.5 Power Connector433.2.6 External Backup Power Supply Connector443.2.7 Console Port443.3 LEDs45The Web Configurator474.1 Introduction474.2 System Login474.3 The Web Configurator Layout484.3.1 Change Your Password534.4 Saving Your Configuration544.5 Switch Lockout544.6 Resetting the Switch544.6.1 Reload the Configuration File554.7 Logging Out of the Web Configurator564.8 Help56Initial Setup Example575.1 Overview575.1.1 Configuring an IP Interface575.1.2 Configuring DHCP Server Settings595.1.3 Creating a VLAN595.1.4 Setting Port VID615.1.5 Enabling RIP62Tutorials636.1 How to Use DHCP Snooping on the Switch636.2 How to Use DHCP Relay on the Switch676.2.1 DHCP Relay Tutorial Introduction676.2.2 Creating a VLAN686.2.3 Configuring DHCP Relay716.2.4 Troubleshooting716.3 How to Use PPPoE IA on the Switch726.3.1 Configuring Switch A736.3.2 Configuring Switch B756.4 How to Use Error Disable and Recovery on the Switch776.5 How to Set Up a Guest VLAN806.5.1 Creating a Guest VLAN816.5.2 Enabling IEEE 802.1x Port Authentication836.5.3 Enabling Guest VLAN846.6 How to Do Port Isolation in a VLAN856.6.1 Creating a VLAN866.6.2 Creating a Private VLAN Rule896.7 How to Configure Routing Policy906.7.1 Create a Layer-3 Classifier906.7.2 Create a Policy Routing Rule91Technical Reference93System Status and Port Statistics957.1 Overview957.2 Port Status Summary957.2.1 Status: Port Details97Basic Setting1018.1 Overview1018.2 System Information1028.3 General Setup1048.4 Introduction to VLANs1068.4.1 Smart Isolation1078.5 Switch Setup Screen1088.6 IP Setup1108.6.1 IP Interfaces1108.7 Port Setup113VLAN1179.1 Introduction to IEEE 802.1Q Tagged VLANs1179.1.1 Forwarding Tagged and Untagged Frames1179.2 Automatic VLAN Registration1189.2.1 GARP1189.2.2 GVRP1189.3 Port VLAN Trunking1199.4 Select the VLAN Type1209.5 Static VLAN1209.5.1 VLAN Status1219.5.2 VLAN Details1229.5.3 Configure a Static VLAN1229.5.4 Configure VLAN Port Settings1249.6 Subnet Based VLANs1269.7 Configuring Subnet Based VLAN1279.8 Protocol Based VLANs1289.9 Configuring Protocol Based VLAN1299.10 Create an IP-based VLAN Example1319.11 Port-based VLAN Setup1329.11.1 Configure a Port-based VLAN132Static MAC Forward Setup13710.1 Overview13710.2 Configuring Static MAC Forwarding137Static Multicast Forward Setup14111.1 Static Multicast Forwarding Overview14111.2 Configuring Static Multicast Forwarding142Filtering14512.1 Configure a Filtering Rule145Spanning Tree Protocol14713.1 STP/RSTP Overview14713.1.1 STP Terminology14713.1.2 How STP Works14813.1.3 STP Port States14913.1.4 Multiple RSTP14913.1.5 Multiple STP15013.2 Spanning Tree Protocol Status Screen15313.3 Spanning Tree Configuration15313.4 Configure Rapid Spanning Tree Protocol15413.5 Rapid Spanning Tree Protocol Status15613.6 Configure Multiple Rapid Spanning Tree Protocol15813.7 Multiple Rapid Spanning Tree Protocol Status16013.8 Configure Multiple Spanning Tree Protocol16213.8.1 Multiple Spanning Tree Protocol Port Configuration16513.9 Multiple Spanning Tree Protocol Status166Bandwidth Control16914.1 Bandwidth Control Overview16914.1.1 CIR and PIR16914.2 Bandwidth Control Setup170Broadcast Storm Control17315.1 Broadcast Storm Control Setup173Mirroring17516.1 Port Mirroring Setup175Link Aggregation17717.1 Link Aggregation Overview17717.2 Dynamic Link Aggregation17717.2.1 Link Aggregation ID17817.3 Link Aggregation Status17917.4 Link Aggregation Setting18117.5 Link Aggregation Control Protocol18317.6 Static Trunking Example184Port Authentication18718.1 Port Authentication Overview18718.1.1 IEEE 802.1x Authentication18718.1.2 MAC Authentication18818.2 Port Authentication Configuration18918.2.1 Activate IEEE 802.1x Security19018.2.2 Guest VLAN19118.2.3 Activate MAC Authentication194Port Security19719.1 About Port Security19719.2 Port Security Setup19819.3 VLAN MAC Address Limit199Classifier20120.1 About the Classifier and QoS20120.2 Configuring the Classifier20120.3 Viewing and Editing Classifier Configuration20420.4 Classifier Example206Policy Rule20721.1 Policy Rules Overview20721.1.1 DiffServ20721.1.2 DSCP and Per-Hop Behavior20721.2 Configuring Policy Rules20821.3 Viewing and Editing Policy Configuration21121.4 Policy Example213Queuing Method21522.1 Queuing Method Overview21522.1.1 Strictly Priority21522.1.2 Weighted Fair Queuing21522.1.3 Weighted Round Robin Scheduling (WRR)21622.2 Configuring Queuing217VLAN Stacking21923.1 VLAN Stacking Overview21923.1.1 VLAN Stacking Example21923.2 VLAN Stacking Port Roles22023.3 VLAN Tag Format22123.3.1 Frame Format22123.4 Configuring VLAN Stacking22223.4.1 Port-based Q-in-Q22323.4.2 Selective Q-in-Q224Multicast22724.1 Multicast Overview22724.1.1 IP Multicast Addresses22724.1.2 IGMP Filtering22724.1.3 IGMP Snooping22824.1.4 IGMP Snooping and VLANs22824.2 Multicast Status22824.3 Multicast Setting22924.4 IGMP Snooping VLAN23224.5 IGMP Filtering Profile23324.6 MVR Overview23524.6.1 Types of MVR Ports23524.6.2 MVR Modes23624.6.3 How MVR Works23624.7 General MVR Configuration23724.8 MVR Group Configuration23924.8.1 MVR Configuration Example240AAA24325.1 Authentication, Authorization and Accounting (AAA)24325.1.1 Local User Accounts24425.1.2 RADIUS and TACACS+24425.2 AAA Screens24425.2.1 RADIUS Server Setup24525.2.2 TACACS+ Server Setup24725.2.3 AAA Setup24925.2.4 Vendor Specific Attribute25225.2.5 Tunnel Protocol Attribute25325.3 Supported RADIUS Attributes25425.3.1 Attributes Used for Authentication25425.3.2 Attributes Used for Accounting255IP Source Guard25926.1 IP Source Guard Overview25926.1.1 DHCP Snooping Overview26026.1.2 ARP Inspection Overview26226.2 IP Source Guard26326.3 IP Source Guard Static Binding26426.4 DHCP Snooping26626.5 DHCP Snooping Configure26926.5.1 DHCP Snooping Port Configure27126.5.2 DHCP Snooping VLAN Configure27226.6 ARP Inspection Status27426.6.1 ARP Inspection VLAN Status27526.6.2 ARP Inspection Log Status27626.7 ARP Inspection Configure27726.7.1 ARP Inspection Port Configure27926.7.2 ARP Inspection VLAN Configure280Loop Guard28327.1 Loop Guard Overview28327.2 Loop Guard Setup285VLAN Mapping28728.1 VLAN Mapping Overview28728.1.1 VLAN Mapping Example28728.2 Enabling VLAN Mapping28828.3 Configuring VLAN Mapping289Layer 2 Protocol Tunneling29129.1 Layer 2 Protocol Tunneling Overview29129.1.1 Layer-2 Protocol Tunneling Mode29229.2 Configuring Layer 2 Protocol Tunneling293sFlow29530.1 sFlow Overview29530.2 sFlow Port Configuration29630.2.1 sFlow Collector Configuration297PPPoE29931.1 PPPoE Intermediate Agent Overview29931.1.1 PPPoE Intermediate Agent Tag Format29931.1.2 Sub-Option Format30031.1.3 Port State30131.2 The PPPoE Screen30231.3 PPPoE Intermediate Agent30231.3.1 PPPoE IA Per-Port30331.3.2 PPPoE IA Per-Port Per-VLAN30531.3.3 PPPoE IA for VLAN307Error Disable30932.1 CPU Protection Overview30932.2 Error-Disable Recovery Overview30932.3 The Error Disable Screen31032.4 CPU Protection Configuration31032.5 Error-Disable Detect Configuration31132.6 Error-Disable Recovery Configuration313Private VLAN31533.1 Private VLAN Overview31533.2 Configuring Private VLAN316Static Route31934.1 Static Routing Overview31934.2 Configuring Static Routing320Policy Routing32335.1 Policy Route Overview32335.1.1 Benefits32335.2 Configuring Policy Routing Profile32435.2.1 Policy Routing Rule Configuration325RIP32736.1 RIP Overview32736.1.1 Administrative Distance32736.2 Configuring RIP328OSPF33137.1 OSPF Overview33137.1.1 OSPF Autonomous Systems and Areas33137.1.2 How OSPF Works33237.1.3 Interfaces and Virtual Links33237.1.4 OSPF and Router Elections33337.1.5 Configuring OSPF33337.2 OSPF Status33437.3 OSPF Configuration33637.4 Configure OSPF Areas33737.4.1 View OSPF Area Information Table33937.5 Configuring OSPF Redistribution33937.6 Configuring OSPF Interfaces34137.7 OSPF Virtual-Links343IGMP34538.1 IGMP Overview34538.1.1 How IGMP Works34638.2 Port-based IGMP34738.3 Configuring IGMP348DVMRP34939.1 DVMRP Overview34939.2 How DVMRP Works34939.2.1 DVMRP Terminology35039.3 Configuring DVMRP35039.3.1 DVMRP Configuration Error Messages35139.4 Default DVMRP Timer Values352Differentiated Services35340.1 DiffServ Overview35340.1.1 DSCP and Per-Hop Behavior35340.1.2 DiffServ Network Example35440.2 Two Rate Three Color Marker Traffic Policing35440.2.1 TRTCM - Color-blind Mode35540.2.2 TRTCM - Color-aware Mode35540.3 Activating DiffServ35640.3.1 Configuring 2-Rate 3 Color Marker Settings35740.4 DSCP-to-IEEE 802.1p Priority Settings35940.4.1 Configuring DSCP Settings360DHCP36141.1 DHCP Overview36141.1.1 DHCP Modes36141.1.2 DHCP Configuration Options36141.2 DHCP Status36241.3 DHCP Server Status Detail36241.4 DHCP Relay36441.4.1 DHCP Relay Agent Information36441.4.2 Configuring DHCP Global Relay36541.4.3 Global DHCP Relay Configuration Example36641.5 Configuring DHCP VLAN Settings36741.5.1 Example: DHCP Relay for Two VLANs369VRRP37142.1 VRRP Overview37142.2 VRRP Status37242.3 VRRP Configuration37342.3.1 IP Interface Setup37342.3.2 VRRP Parameters37542.3.3 Configuring VRRP Parameters37642.3.4 Configuring VRRP Parameters37742.4 VRRP Configuration Examples37742.4.1 One Subnet Network Example37842.4.2 Two Subnets Example379ARP Learning38143.1 ARP Overview38143.1.1 How ARP Works38143.1.2 ARP Learning Mode38143.2 Configuring ARP Learning384Load Sharing38744.1 Load Sharing Overview38744.2 Configuring Load Sharing387Maintenance38945.1 The Maintenance Screen38945.2 Load Factory Default39045.3 Save Configuration39045.4 Reboot System39145.5 Firmware Upgrade39145.6 Restore a Configuration File39245.7 Backup a Configuration File39345.8 FTP Command Line39345.8.1 Filename Conventions39345.8.2 FTP Command Line Procedure39445.8.3 GUI-based FTP Clients39545.8.4 FTP Restrictions395Access Control39746.1 Access Control Overview39746.2 The Access Control Main Screen39746.3 About SNMP39846.3.1 SNMP v3 and Security39946.3.2 Supported MIBs39946.3.3 SNMP Traps40046.3.4 Configuring SNMP40746.3.5 Configuring SNMP Trap Group40946.3.6 Configuring SNMP User41046.4 Setting Up Login Accounts41246.5 SSH Overview41346.6 How SSH works41446.7 SSH Implementation on the Switch41546.7.1 Requirements for Using SSH41546.8 Introduction to HTTPS41546.9 HTTPS Example41646.9.1 Internet Explorer Warning Messages41646.9.2 Netscape Navigator Warning Messages41746.9.3 The Main Screen41946.10 Service Port Access Control41946.11 Remote Management420Diagnostic42347.1 Diagnostic423Syslog42548.1 Syslog Overview42548.2 Syslog Setup42648.3 Syslog Server Setup42748.4 Syslog Messages428Cluster Management43549.1 Clustering Management Status Overview43549.2 Cluster Management Status43649.2.1 Cluster Member Switch Management43749.3 Clustering Management Configuration440MAC Table44350.1 MAC Table Overview44350.2 Viewing the MAC Table444IP Table44751.1 IP Table Overview44751.2 Viewing the IP Table448ARP Table45152.1 ARP Table Overview45152.1.1 How ARP Works45152.2 The ARP Table Screen452Routing Table45353.1 Overview45353.2 Viewing the Routing Table Status453Configure Clone45554.1 Configure Clone455Troubleshooting45755.1 Power, Hardware Connections, and LEDs45755.2 Switch Access and Login45855.3 Switch Configuration461Product Specifications463Common Services473Legal Information477Index481Size: 11.2 MBPages: 491Language: EnglishOpen manual