Вы находитесь на странице: 1из 176

ZES

ZES-22xx

1998 2015 Zelax. .


01 22.05.2015 .
1.100
, 124681 , . , . , 1, 2
: +7 (495) 748-71-78 () http://www.zelax.ru
: tech@zelax.ru : sales@zelax.ru

2015 Zelax

ZES-22xx

.................................................................................................................. 5
1.1
................................................................................................................ 5
1.1.1
...................................................................................................... 5
1.1.2
................................................................................................ 6
1.2
(CLI) .......................................................................................... 8
1.2.1
.................................................................................................. 8
1.2.2
.............................................................................................................10
1.2.3
............................................................................................................10
1.2.4
................................................................................................11
1.2.5
...................................................................................11
2 ....................................................................................................12
2.1
() ..................................................................................................12
2.1.1
..................................................................................................................12
2.1.2
.............................................................................................................12
2.1.3
..................................................................................................................12
2.1.4
.............................................................................................................13
2.2
System ............................................................................................................................13
2.3
Green Ethernet ( Ethernet) ...........................................................................22
2.4
Ports ().............................................................................................................................26
2.5
Security ()............................................................................................................34
2.5.1
Switch ().............................................................................................................34
2.5.2
Access Management ( ) ....................................................................39
2.5.3
SNMP ....................................................................................................................................40
2.5.4
RMON ....................................................................................................................................48
2.6
Network () ..........................................................................................................................53
2.6.1
Port Security ( ) .....................................................................................53
2.6.2
NAS........................................................................................................................................57
2.6.3
ACL ( ) ..........................................................................................................63
2.6.4
DHCP .....................................................................................................................................69
2.6.5
IP Source Guard ( IP- ) ................................................................72
2.6.6
ARP inspection ( ARP) ........................................................................................74
2.7
RADIUS ......................................................................................................................................76
2.7.2
TACACS+ ..............................................................................................................................81
2.8
Aggregation () ...................................................................................................82
2.8.1
Static ( ) ...................................................................................82
2.8.2
LACP .....................................................................................................................................83
2.9
Redundancy () ...............................................................................................86
2.9.1
Z-Ring................................................................................................................86
2.9.2
Loop Protection ( ) ....................................................................................90
2.9.3
Spanning Tree .......................................................................................................................91
2.9.4
MEP (Maintenance Entity Point) ..........................................................................................101
2.9.5
ERPS ...................................................................................................................................109
2.10
IPMC Profile ( IPMC) ................................................................................................111
2.11
MVR .........................................................................................................................................113
2.12
IPMC ........................................................................................................................................116
2.12.1 IGMP Snooping ...................................................................................................................116
2.12.2 MLD Snooping .....................................................................................................................121
2.13
LLDP ........................................................................................................................................126
2.14
PoE ( PoE) ............................................................133
2.15
MAC Table ( -) .....................................................................................138
2.16
VLAN Translation ( VLAN) ...................................................................................140
2.17
VLANs ......................................................................................................................................141
2.18
Private VLANs ( VLAN) .............................................................................................146
2.19
GVRP .......................................................................................................................................147
2.20
VCL ..........................................................................................................................................148
2.20.1 MAC-based ( MAC-) .............................................................................148
2.20.2 Protocol-based VLAN (VLAN ) .........................................................149
2.21
QoS ( ) ..............................................................................................151
2.21.2 Storm Control ( ) .........................................166
2.22
Mirroring () ....................................................................................................166
ZES-22xx

2015 Zelax

2.23
UPnP ....................................................................................................................................... 167
2.24
PTP (IEEE1588) ...................................................................................................................... 168
2.25
Diagnostics () ...................................................................................................... 171
2.26
Maintenance () ............................................................................................... 172
2.26.2 Software ( ) ............................................................................. 173
2.26.3 Configuration () .................................................................................................. 174

2015 Zelax

ZES-22xx

1
1.1
.
: (out-of-band) (in-band).
- :

1.1.1

admin;
admin.

.
, ,
. ,
IP- Telnet.
:
1: (. 1):

. 1.
RS-232 , ,
.
RS-232
, , HyperTerminal,
Windows 9x/NT/2000/XP.
2: HyperTerminal.
1. HyperTerminal.
2. :
115200 /;
8 ;
;
1;
.
3: (CLI) .
. HyperTerminal
CLI-.
Boot> fi lo -d managed
Image loaded from 0x80040000-0x80ac4e4c
Boot> go
Press ENTER to get started
Username:

ZES-22xx

2015 Zelax

1.1.2

Telnet,
SSH HTTP SNMP. ,
- ,
,
.

. 2.

1.1.2.1

Telnet SSH

Telnet SSH
. 2 :
1. IP- ;
2. IP- ( Telnet) VLAN
IP-;
3. 2 , Telnet IP-
, , .

1.1.2.2

Web-

Web-
:
1. IP- ;
2. IP- ( HTTP) VLAN
;
3. 2 , ( HTTP)
IP- , , .
Telnet, ping
IP- , Web .
Web- . Web-
,
. .
Web- ZES . 3:

2015 Zelax

ZES-22xx

. 3. Web-
Web-. , Web-
(. . 4).

. 4. Web-

ZES-22xx

2015 Zelax

1.1.2.3

SNMP

SNMP
:
1. IP- ;
2. IP- ( SNMP-) VLAN
;
3. 2 , IP-
, , ;
4. SNMP (
2.5.3).

1.2 (CLI)
CLI . ,
Telnet SSH
CLI.
CLI .

. .
:

1.2.1


VLAN


VLAN

. 5 .

. 5.

1.2.1.1

CLI .
. Switch>,
> , .
exit (), .
.
8

2015 Zelax

ZES-22xx

1.2.1.2

Switch#.
, enable,
. (Global Mode) exit
(), .
"Ctrl+z (
) .

, ;
,
.
,
.

1.2.1.3

config terminal
, Switch(Config)#
exit ( ,
VLAN), .
,
, MAC-, , VLAN,
GVRP, STP . .
, , .

1.2.1.4


interface. :
1. VLAN;
2. FastEthernet;
3. GigabitEthernet.
.

VLAN

IP-

. .

interface vlan

<vlan_list>
exit
FastEthernet


,

interface
Ethernet-
fastethernet
. .

<port_type_list>
exit
GigabitEthernet

,

interface
Ethernet-
gigabitethernet
. .

<port_type_list>
exit

1.2.1.5


line.
.

1.2.1.6

.
, .
:
cmdtxt <variable> {enum1 | | enumN } [option1 | | optionN]
ZES-22xx

2015 Zelax

cmdtxt ,
.
<variable> ;
{enum1 | | enumN} ,
enum1 enumN;
([ ]) [option] .
, < >, { } [ ].
[<variable>] , {enum1 <variable>| enum2}, [option1 [option2]], . .
:
show version, .
. .
vlan <vlan-id>, .
hostname <string>, .
snmp-server community {v2c | v3} <string> {ro | rw},
:
snmp-server community v2c <string>ro snmp-server community v3 <string> rw

1.2.2

, ,
(,
(, , , ) .
Up () Down (), ctrl+p
ctrl+n.


Up
. 10

Down
. Up
, Down

Left

Left Right

Right


Ctrl+p
, Up
Ctrl+n
, Down
Ctrl+b
, Left
Ctrl+f
, Right
Ctrl+z
(
)
Ctrl+c
, , ping

Ctrl+a

, Tab

(Tab)
( )

1.2.3


: help ?.

help Enter.
Help

?
1. ?.
.
2. ? ( ).
, ,
. . ,
10

2015 Zelax

ZES-22xx

.
<cr>, Enter
.
3. ? ( )
,

1.2.4

.
,
, .
.
,


ZES-2220S(config)# snmpserver community v2c

% Incomplete command.
ZES-2220S(config)# snmpserver community v1
^
,
% Invalid word detected at '^'
marker.
ZES-2220S# show r
^

% Ambiguous word detected at
'^' marker.

1.2.5

.
,
, . :
show interface FastEthernet 1/1 status sh int fa 1/1 status
. , sh r show runningconfig, > Ambiguous command! (
!), . show r
show rmon show running-config.
, sh ru.

ZES-22xx

2015 Zelax

11

2

. web-
CLI .
web- -
; ,
. web- web, Internet Explorer ( 9.0 ), Firefox
Google Chrome. web-
, IP-
, . .

2.1 ()
web- ,
, IP- 192.168.0.24 ,
web-. ,
. Firefox.

. 6. web-
, -, admin
admin. , Port State
( ).

2.1.1

, ,
( ). ,
LAN 100M/.
1000M/.

Ports>State (>).

2.1.2

"Refresh" ( ).
, "Auto-refresh" ( ).
3 .

. 7.
, LAN,
, .

2.1.3

,
.
12

2015 Zelax

ZES-22xx

, .
, "help" ().

. 8.

2.1.4

, web-.
.

. 9.
,
. "OK" , "Cancel" (),
web .

. 10.
,
( ), "System".

2.2 System
, "System" , IP, ..

. 11. System

2.2.1.1

System Configuration ( )

, , 'sysContact'
(OID 1.3.6.1.2.1.1.4), 'sysName' (OID 1.3.6.1.2.1.1.5) 'sysLocation' (OID 1.3.6.1.2.1.1.6) MIB2
SNMP. Save
().

ZES-22xx

2015 Zelax

13

. 12. System - Configuration ( )


System Contact ( ):
. , ,
(email) . 0~255 ASCII
32~126.
System Name ( ): .
(A-Z; a-z), (0-9) (-). ,
. ( ).
. 0~255.
System Location ( ):
. 0~255.
CLI:
snmp-server contact tech@zelax.ru
hostname ZES-2220S
snmp-server location Russia, 124681, Moscow, Zelenograd, Zavodskaya st., 1B, bldg 2

2.2.1.2

System Information ( )

,
, MAC-, , ,
.

. 13. System - Information ( )

2.2.1.3

System IP ( IP)

IP- .

14

2015 Zelax

ZES-22xx

. 14. System - IP ( IP)


IP Configuration ( IP).
Mode ( ): ,
IP . Host () IP
. Router (),
.
VLAN, Router. Host .
DNS Server (DNS-):
(DNS) , .
:
From any DHCP interfaces ( DHCP): IP DNS-, DHCP,
DHCP .
No DNS server ( DNS-): DNS- .
Configured ( IP-): IP- DNS-,
.
From this DHCP interface ( DHCP):
DHCP- DNS.
DNS Proxy (- ): - DNS,
DNS DNS-,
, DNS- .

IP Interface (IP )
, "Add Interface" ( ).
8 .
VLAN ( VLAN): VLAN, IP-.
IP- VLAN.
.
DHCP: , IPv4-
DHCP. DHCP-
DNS.
IPv4 Address (IPv4-): IPv4-
. DHCP, . IPv4
, .
IPv4 Mask ( IPv4): IPv4
( ). IPv4- 0 30 .
DHCP, . IPv4 ,
.
ZES-22xx

2015 Zelax

15

IPv4 Current Lease ( IPv4-): DHCP


IP-, ,
DHCP .
IPv6 Address (IPv6-): IPv6- 128- ,
, (:).
. , fe80::215:c5ff:fe03:4dc7. ::
,
16- , .
. IPv4-. ,
::192.1.2.34. IPv6 ,
.
IPv6 Mask ( IPv6): IPv6
( ). IPv6- 1 128 .
IPv6 , .
IP Routes (IP- )
Network ( ): IP- IP-
IP- .
IPv6. ,
0.0.0.0 IPv6 ::
Mask Length ( ): IP-
, ( ).
, ,
. IPv4- 0 32 ; IPv6 0 128 . ,
, 0 ( ).
Gateway (): IP- .
IP- IPv6.
.
CLI:
vlan 1
!
interface vlan 1
ip address 192.168.0.24 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.0.254

2.2.1.4

System IP Status ( IP- )

IP- .

16

2015 Zelax

ZES-22xx

. 15. System - IP Status ( IP- )


System IP.
.

2.2.1.5

System NTP ( )

NTP ,
.

. 16. System - NTP ( )


Mode ( ): NTP.
:
Enabled (): NTP-.
Disabled (): NTP-.
Server #: IPv4- IPv6- NTP-.
NTP- . 'Server 1' ,
NTP- 'Server 2'.

ZES-22xx

2015 Zelax

17

CLI:
ntp
ntp server 1 ip-address 192.168.0.105

2.2.1.6

System Time ( )

. 17. System - Time ( )


Time Zone Configuration ( )
Time Zone ( ):
. Save (),
.
Acronym ( ):
.
Daylight Saving Time Configuration ( / )
Daylight Saving Time ( / ):
,
. /
Disable (). , ,
Recurring ( ).
, NonRecurring ( ). Disable (.
, , :

18

2015 Zelax

ZES-22xx

Start time settings ( ): , , , ,


, .
End time settings ( ): , , , ,
, .
Offset settings ( ): ,
. : 1 1440.
CLI:
clock timezone MSK 3

2.2.1.7

. 18. System - Log Configuration


Server Mode ( ):
. , Syslog- (
IP- ). UDP
UDP 514. ,
.
Server Address ( ): IPv4- syslog-.
DNS-,
.
Syslog Level ( ): ,
. :

Info (): ,
.
Warning ():
.
Error (): .

CLI:
logging on
logging host 192.168.0.105
logging level warning

2.2.1.8

System Log Information ( )

, .

ZES-22xx

2015 Zelax

19

. 19. System - Log Information


Level (): : All (
), ,
.
Clear Level ( ):
.
Browsing buttons ( ):
, .
CLI:
ZES-2220S# show logging
Switch logging host mode is enabled
Switch logging host address is 192.168.0.105
Switch logging level is warning
Number of entries on Switch 1:
Info
: 28
Warning: 0
Error : 0
All
: 28
ID
---1
2

Level
-----Info
Info

Time
------------------------2013-01-01T02:59:59+03:00
2013-01-01T03:00:01+03:00

2.2.1.9

Message
----------------------------Switch just made a cool boot.
Link up on port 3

System Detailed Log ( )

. 20. System - Detailed Log ( )


, .

20

2015 Zelax

ZES-22xx

2.2.1.10

System CPU Load ( CPU)

(CPU)
SVG.

. 21. System - CPU Load ( CPU)


100 , 1
10 . 120 , ,
. SVG ,
SVG. 3 .

2.2.1.11

System SMTP (
)

ZES-22xx

2015 Zelax

21

. 22. System - SMTP


SMTP Configuration ( SMTP)
SMTP Mode ( SMTP): SMTP.
:

Enabled (): SMTP- .


Disabled (): SMTP- .

SMTP Server (SMTP-): IP- SMTP- (


email).
SMTP Port ( SMTP): SMTP. SMTP
25.
Server requires authentication ( ):
, .
, :
Username ( ):
SMTP-.
Password ():
username SMTP-.
Recipient mail address ( ):
, .

SMTP Mail Event ( SMTP-)


, , , email
.
System (): / .
:
Warm Start ( ): / warm
restart.
Cold Start ( ): / cold
restart.
Power (): /
. :

Power 1 Status ( 1): /


1.
Power 2 Status ( 2): /
2.
Interface (): / .
:

Port Link Up ( ): /
.
Port Link Down ( ): /
.

CLI:
smtp
smtp
smtp
smtp
smtp
smtp

server ip-address 192.168.0.1


recipient 1 ip-address test@zelax.ru
event system warmstart coldstart
event system warmstart coldstart power power1 power2
event system warmstart coldstart power power1 power2 interface linkup linkdown

2.3 Green Ethernet ( Ethernet)


"Green Ethernet" ( Ethernet)
.
22

2015 Zelax

ZES-22xx

. 23. Green Ethernet ( Ethernet)

2.3.1.1

,
, .

. 24. Green Ethernet - LED



. ,
,
50% - , 10%
.
maintenance (),
100% 10
(, link down).
CLI:
green-ethernet led on-event error
green-ethernet led interval 9-18 intensity 50
green-ethernet led interval 18-9 intensity 10

2.3.1.2

Green Ethernet


Ethernet () Ethernet.

ZES-22xx

2015 Zelax

23

. 25. Green Ethernet - Configuration


Port Power Savings Configuration ( )
Optimize EEE for ( ): /
. :

Power (): .
.
Latency ( ): EEE .
.
.

Port Configuration ( )
ActiPHY: ActiPHY ,
. , ,
Ethernet . , ,
PHY , .
PerfectReach ( PerfectReach): PerfectReach
.
.
EEE ( Ethernet): EEE ,
, . EEE
IEEE802.3az
(IEEE). EEE , .
, , .
, , .
, 17 , 1 /
30 .
, ,
.
24

2015 Zelax

ZES-22xx

LLDP (Link Layer Discovery Protocol


).
, 1 /
100 / . , ,
.
,
, .
, /
, ,
, .
. ,
, , ,
.
EEE Urgent Queues ( ):
, ( QOS),
. ,
,
.
,
. ,
.
CLI:
green-ethernet eee optimize-for-power
!
interface FastEthernet 1/1
green-ethernet eee
green-ethernet energy-detect
green-ethernet short-reach

2.3.1.3

Green Ethernet

. 26. Green Ethernet - Status


Green Ethernet
. , Ethernet
, LAN.
ZES-22xx

2015 Zelax

25

2.4 Ports ()
Ports () ,
.

. 27. Ports

2.4.1.1

Ports Configuration ( )

,
.

. 28. Ports - Configuration


Port (): 16
LAN 1~16 4 ( SFP-)
17~20. . ,
"*" .
Link ( ):
. , ,
.
Current Speed ( ):
(10 /, 100 /, 1 /) (fdx= ,
hdx=).
Configured Speed ( ):
, . ,
.
26

2015 Zelax

ZES-22xx

Disabled (): .
Auto ():
, ,
, .
10Mbps HDX: 10 /,
.
10Mbps FDX: 10 /,
.
100Mbps HDX: 100 /,
.
100Mbps FDX: 100 /,
.

Disabled (): .
Auto ():
, ,
, .
100Mbps FDX: 100 /,
.
1Gbps FDX: 1 /,
.

Flow Control ( ): Current Rx ,


. Current Tx ,
. Rx Tx
. ,
. Configured Speed (. ).
Maximum Frame Size ( ):
, , FCS.
9600 .
Excessive Collision Mode (
):
: "Discard" ( 16 ),
"Restart" ( (backoff algorithm) 16 ).
CLI:
interface GigabitEthernet 1/4
speed 1000
flowcontrol on
duplex full

2.4.1.2

Ports State ( )

ZES-22xx

2015 Zelax

27

. 29. Ports - State


, ,
. "" , 100
/. "" 1 /. ""
. , "Refresh"
(). "Auto-refresh" ( ) ,
3 .

2.4.1.3

Ports Traffic Overview ( )

. 30. Ports - Traffic Overview


Port (): (1~20), ,
.
Packets (): .
Bytes (): .
Errors (): , ,
.
Drops (): ,
.
Filtered (): ,
().
28

2015 Zelax

ZES-22xx

, "Refresh" (). "Autorefresh" ( ) ,


3 . ,
"Clear" ().

2.4.1.4

Ports QoS Statistics ( QoS )

. 31. Ports - QoS Statistics


Port (): , ,
.
Qn (): 8 QoS. Q0
.
Rx/Tx: .

2.4.1.5

Ports QCL Status ( QCL)

QCL (QoS Control List)


QCL.

. 32. Ports - QCL Status


QCE (QoS Control Entry), .
QCE - , .
QCE 256.
User (): QCL.
ZES-22xx

2015 Zelax

29

QCE#: QCE.
Frame Type ( ): ,
. :
Any (): QCE .
Ethernet: Ethernet ( EtherType 0x600-0xFFFF)
LLC: LLC.
SNAP: SNAP.
IPv4: QCE IPV4.
IPv6: QCE IPV6.
Port (): , QCE.
Action (): ,
, .
: Class (), DPL DSCP.
Class (): QoS; QCE,
.
DPL: (Drop Precedence Level);
QCE, DP ,
DPL.
DSCP: QCE, DSCP
, DSCP.
Conflict (): QCL.
, ,
, QCE, .
'Yes' (), 'No' ().
, , , ;
QCL, 'Resolve Conflict' ( ).

2.4.1.6

Ports Detailed Statistics ( )


. : ( );
( ); ( ). ,
, port
select ( ).

30

2015 Zelax

ZES-22xx

. 33. Ports - Detailed Statistics


Receive Total ( ) Transmit Total ( ):

Rx Tx Packets: ( ) .
Rx Tx Octets: ( ) .
FCS, .
Rx Tx Unicast: ( )
.
Rx Tx Multicast: ( )
.
Rx Tx Broadcast: ( )
.
Rx Tx Pause: MAC-,
, , .

Receive Transmit Size: (


) , .
Receive Transmit Queue:
.
Receive Error ( ):

ZES-22xx

Rx Drops (): ,
.
Rx CRC/Alignment: ,
.
1
Rx Undersize: , .
2
Rx Oversize: , .
1
Rx Fragments: ,
.
2
Rx Jabber: , .
Rx Filtered: ,
().

2015 Zelax

31

64 .
, , ,
.
2

Transmit Error ( ):

Tx Drops: ,
.
Tx Late/Exc. Coll.: ,
.

2.4.1.7

Ports VeriPHY(
)

VeriPHY
, 10 /, 100 / 1 /.
All ( ).
Start ().

. 34. Ports - VeriPHY


5 . ,
15 . ,
.
. , VeriPHY 7 140
.
VeriPHY , 10 / 100 /
. , VeriPHY , 10
/ 100 /, ,
, VeriPHY .
Port (): .
Pair (): :
32

2015 Zelax

ZES-22xx

OK: .
Open (): .
Short (): .
Short A: - .
Short B: - .
Short C: - .
Short D: - D.
Cross A: -
Cross B: -
Cross C: -
Cross D: - D

Length (): . 3 .
CLI:
ZES-2220S# show interface FastEthernet 1/8 veriphy
Starting VeriPHY - Please wait
Interface
Pair A Length Pair B, Length
---------------------- ------ ------ -------------FastEthernet 1/8
OK
3
OK
3

2.4.1.8

Pair C
-----OK

Length
-----3

Pair D
-----Open

Length
-----0

Ports SFP ( SFP )

SFP .

. 35. Ports - SFP


Vendor Name ( ): SFP.
Vendor Part ( ):
( SFP).
Fiber Type ( ):
.
Wave Length ( ): (Tx).
Wave Length 2 ( 2): (Rx). ( SFP
).
ZES-22xx

2015 Zelax

33

Link Length ( ): . ( SFP ,


.)
TX Power ( ): ;
SFP, DDMI (
).
RX Power ( ): ,
SFP, DDMI.
RX Sensitivity ( ): ,
SFP, DDMI.
Temperature (): , SFP,
DDMI.
CLI:
ZES-2220S# show sfp
17
---------Vendor Name
:
Vendor Part Number:
Fiber Type
:
Wave Length
:
Link Length
:
TX Power
:
RX Power
:
RX Sensitivity
:
Temperature
:

Zelax
SFP-G-S1310/20-D
Single
1310 nm
20 km
-6 dBm
-40 dBm
0 dBm
59 degree C

2.5 Security ()
Security () switch (), network
() RADIUS.

. 36. Security

2.5.1
34

2015 Zelax

Switch ()
ZES-22xx

2.5.1.1

Users ()

.
web-
.

. 37. Security Switch - Users


'admin',
(15).

User Name ( ) Add New User
( ), .
Add User ( )

. 38. Security Switch Users (Add User)


User Name ( ): .
Password (): .
Password (again) ( ):
.
Privilege Level ( ):
. : 1 15.
15, ,
.
.
, .
, 5;
10 /.
( , . .)
, 15.
, 15 ;
10 ;
5 .
CLI:
username zelax privilege 10 password unencrypted <password>

ZES-22xx

2015 Zelax

35

2.5.1.2

. 39. Security Switch Privilege Levels

36

2015 Zelax

ZES-22xx

Group Name ( ): , .
(, LACP, RSTP QoS),
.
.
System (): Contact ( ), Name (), Location (),
Timezone ( ), Daylight Saving Time ( ), Log (
).
Security (): Authentication (), System Access Management
( ), Port () ( Dot1x port ( Dot1x), MAC
based ( MAC-), MAC Address Limit ( MAC-), ACL, HTTPS,
SSH, ARP Inspection ( ARP), IP source guard ( IP- ).
IP: , 'ping'.
Port (): , 'VeriPHY'.
Diagnostics (): 'ping' 'VeriPHY'.
Maintenance (): CLI System Reboot (
), System Restore Default ( ), System
Password ( ), Configuration Save ( ), Configuration Load
( ), Firmware Load ( ). Web Users ( Web), Privilege Levels ( ) Maintenance.
Debug (): CLI.
Privilege Levels ( ):
:
configuration read-only (, )
configuration/execute read-write (/, -)
status/statistics read-only (/, )
status/statistics read-write (e.g. for clearing of statistics) (/, , ).
,
.

CLI:
web privilege group Z-Ring level cro 1 crw 15 sro 5 srw 10

2.5.1.3

Auth Method ( )

. 40. Security Switch Auth Method


Client (): ,
.
Methods (): :

ZES-22xx

no (): , .

2015 Zelax

37

local ():
.
radius: RADIUS-.
tacacs+: TACACS+-.

: , , ,
.
. ,
, , , ,
.
, 'local'
().
, .
CLI:
aaa authentication login telnet radius tacacs local

2.5.1.4

SSH

SSH.

. 41. Security Switch SSH


Mode ( ): SSH. :

Enabled (): SSH . , - .


Disabled (): SSH .

: SSH, , 2
SSH.
CLI:
no ip ssh

2.5.1.5

HTTPS

HTTPS.

. 42. Security Switch HTTPS


Mode ( ): HTTPS.
HTTPS, HTTPS , web-
HTTP. :

38

Enabled (): HTTPS .


Disabled (): HTTPS .

2015 Zelax

ZES-22xx

Automatic Redirect ( ):
HTTPS. , HTTPS
"Enabled" (). HTTP web- HTTPS,
HTTPS Automatic Redirect.
:

Enabled (): HTTPS .


Disabled (): HTTPS .

CLI:
ip http secure-server
ip http secure-redirect

2.5.2

Access Management ( )

2.5.2.1

Access Management Configuration (


)

.
16. ,
, .

. 43. Security Switch Access Management - Configuration


Mode ( ): .
:
Enabled (): .
Disabled (): .
VLAN ID: VLAN .
Start IP address ( IP-): IP-
.
End IP address ( IP-): IP-
.
HTTP/HTTPS: , , IP-
HTTP/HTTPS.
SNMP: , , IP-
SNMP.
TELNET/SSH: , , IP-
TELNET/SSH .
, Add New Entry (
). Delete ()
,
.
Save (), .
Reset (), , .
CLI:
access management 1 10 172.16.1.1 to 172.16.1.254 web telnet

ZES-22xx

2015 Zelax

39

2.5.2.2

Access Management Statistics (


)

. 44. Security Switch Access Management - Statistics


Interface (): ,
.
Received Packets ( ):
, .
Allowed Packets ( ):
, .
Discarded Packets ( ): ,
, .
CLI:
ZES-2220S# show access management statistics
Access Management Statistics:
----------------------------HTTP
Receive:
12
Allow:
HTTPS
Receive:
0
Allow:
SNMP
Receive:
0
Allow:
TELNET
Receive:
3
Allow:
SSH
Receive:
0
Allow:

2.5.3

0
0
0
0
0

Discard:
Discard:
Discard:
Discard:
Discard:

12
0
0
3
0

SNMP

SNMP System Configuration ( SNMP )


SNMP.

. 45. Security Switch SNMP - System Configuration


Mode ( ): SNMP. :
40

2015 Zelax

ZES-22xx

Enabled (): SNMP .


Disabled (): SNMP .
Version (): SNMP. :
SNMP v1: 1 SNMP.
SNMP v2c: 2c SNMP.
SNMP v3: 3 SNMP.
Read Community ( Community ): community, ,
SNMP-. 0~255 ASCII
0x21 0x7E.
Write Community ( Community ): community, ,
SNMP-. 0~255 ASCII
0x21 0x7E. SNMP v1 v2c.
SNMP v3, community community SNMPv3. SNMPv3
, SNMPv1 SNMPv2c.
community,
.
Engine ID: engine ID SNMPv3.
( ), 10 64; ,
F . Engine ID
.
CLI:
snmp-server community v2c zelax_public RO
snmp-server community v2c zelax_private RW

2.5.3.1

Alarm Configuration ( )

SNMP trap.

. 46. Security Switch SNMP - Alarm Configuration


Global Settings ( )
Mode ( ): SNMP trap
.
SNMP trap, Add New Entry (
).

ZES-22xx

2015 Zelax

41

. 47. Security Switch SNMP - Trap Configuration


SNMP Trap Configuration ( SNMP Trap)
Config Name ( ):
SNMP trap.
Trap Mode ( Trap): SNMP trap.
Enabled (): SNMP trap .
Disabled (): SNMP trap .
Trap Version ( Trap): SNMP trap.
:
SNMP v1: 1 SNMP trap.
SNMP v2c: 2c SNMP trap.
SNMP v3: 3 SNMP trap.
Trap Community ( Community SNMP trap): community
SNMP trap. 0~255 ASCII
0x21 0x7E.
Trap Destination Address (IP- Trap): IP-
SNMP trap. IP- ('x.y.z.w').
. -
( A-Z; a-z, 0-9, (.) (-)).
. ;
.
Trap Destination port ( Trap): SNMP trap. SNMP-
SNMP ; 1~65535.
SNMP trap 162.
Trap Inform Mode ( Trap Inform): SNMP trap inform.
:

42

Enabled (): SNMP trap inform .


Disabled (): SNMP trap inform .

2015 Zelax

ZES-22xx

Trap Inform Timeout (seconds) ( Trap Inform ():


SNMP trap inform. : 0 2147.
Trap Inform Retry imes ( Trap Inform):
SNMP trap inform. : 0 255.
Trap Probe Security Engine ID: SNMP trap probe security engine ID.
:
Enabled (): SNMP trap probe security engine ID .
Disabled (): SNMP trap probe security engine ID .
Trap Security Engine ID: SNMP trap security engine ID.
SNMPv3 trap inform, USM
.
engine ID . "Trap Probe Security
Engine ID", (ID) . ,
ID, . (
), 10 64; ,
F .
Trap Security Name: SNMP trap security name. SNMP trap inform SNMPv3
USM .
trap inform, .
SNMP Trap Event ( SNMP Trap)
System (): (system trap events)
:
Warm Start (): ,
.
Cold Start ( ):
(
).
AAA: , . trap
.
Switch (): traps .
traps:

STP: ,
STP trap. , STP trap.
RMON: ,
RMON trap. , RMON
trap.
Power (): traps, .
trap :

Power 1 Status ( 1): ,


trap 1.
, trap
1.
Power 2 Status ( 2): ,
trap 2.
, trap
2.
Interface (): traps, .
traps:

Link Up ( ): none ()/specific ( )/all ports (


).
Link Down ( ): none ()/specific ( )/all ports
( ).
LLDP: none ()/specific ( )/all ports ( ).

PoE: none ()/specific ( )/all ports ( ).


PoE.
ZES-22xx

2015 Zelax

43

"specific" ( ), ,
.
"Save" ().
Alarm Relay ( )
Power (): , .
:
Power 1 Status ( 1): ,
1.
1 ,
. ,
1.
Power 2 Status ( 2): ,
2.
2 ,
. ,
2.
Interface (): , .
:

Link Down ( ): none ()/specific ( )/all ports


( ). ,
,
. , .

PoE: none ()/specific ( )/all ports ( ).


PoE. PoE ,
, .
, .
"specific" ( ), ,
.
CLI:
snmp-server host Test trap
no shutdown
host 192.168.0.105 162 traps
traps system warmstart coldstart
traps system warmstart coldstart
traps system warmstart coldstart
alarm power power1 power2
!
snmp-server trap
!
interface FastEthernet 1/1
snmp-server host Test trap traps
snmp-server host Test trap alarm

2.5.3.2

aaa authentication
aaa authentication power power1 power2

linkup linkdown
linkdown

SNMPv3 Community Configuration ( SNMPv3


Community)

SNMPv3 community.

44

2015 Zelax

ZES-22xx

. 48. Security Switch SNMP - Communities


Delete (): , ,
. .
Community: community, SNMP-.
1~32 ASCII 0x21 0x7E. community
, community SNMPv1
SNMPv2c. .
Source IP (IP- ): IP- SNMP.
Source Mask ( ): IP- SNMP.
CLI:
snmp-server community v3 public 192.168.0.0 255.255.255.0

2.5.3.3

SNMPv3 User Configuration (


SNMPv3)

SNMPv3.
Engine ID User Name ( ).

. 49. Security Switch SNMP - SNMPv3 User


Engine ID: , engine ID,
. ( ),
10 64; , F .
SNMPv3 USM (Userbased Security Model)
VACM (View-based Access Control Model) . USM
usmUserEngineID usmUserName. usmUserEngineID
snmpEngineID .
snmpEngineID (SNMP engine),
. , engine ID
engine ID , ,
.
User Name ( ): , ,
. 1~32 ASCII
0x21 0x7E.
Security Level ( ): ,
. :

ZES-22xx

NoAuth, NoPriv: .
Auth, NoPriv: , .
2015 Zelax

45

Auth, Priv: , .
, .
, , .
Authentication Protocol ( ): ,
. :
None (): .
MD5: , ,
MD5.
SHA: , ,
SHA.
, .
, , .
Authentication Password ( ): ,
. MD5: 8 32
. SHA: 8 40 .
ASCII
0x21 0x7E.
Privacy Protocol ( ): ,
. :

None (): .
DES: , ,
DES.
AES: , ,
AES.
Privacy Password ( ): ,
. 8~32 ASCII
0x21 0x7E.
, Add New Entry (
). , Delete (),
,
.
Save (), .
Reset (), ,
.

2.5.3.4

SNMPv3 Group Configuration ( SNMPv3)

SNMPv3.
Security Model ( ) Security Name ( ).

. 50. Security Switch SNMP - SNMPv3 Group


Security Model ( ): ,
. :

46

v1: SNMPv1.

2015 Zelax

ZES-22xx

v2c: SNMPv2.
usm: USM (User-based Security
Model) SNMPv3.
Security Name ( ): , ,
. 1~32 ASCII
0x21 0x7E.
Group Name ( ): , ,
. 1~32 ASCII 0x21
0x7E.

2.5.3.5

SNMPv3 View Configuration ( SNMPv3)

SNMPv3.
View Name ( ) OID Subtree ( OID).

. 51. Security Switch SNMP - SNMPv3 View


View Name ( ): , ,
. 1~32 ASCII 0x21
0x7E.
View Type ( ): , .
:
included ( ): , ,
.
excluded ( ): , ,
. , 'excluded'
( ), 'included'
( ) OID
'excluded' ( ).
OID Subtree ( OID): OID ,
. OID: 1 128.
, , (*).

2.5.3.6

SNMPv3 Access Configuration ( SNMPv3)

SNMPv3.
: Group Name ( ), Security Model ( )
Security Level ( ).

. 52. Security Switch SNMP - SNMPv3 Access


Delete (): , ,
. .
ZES-22xx

2015 Zelax

47

Group Name ( ): , ,
. 1~32 ASCII 0x21
0x7E.
Security Model ( ): ,
. :
ny (): (v1|v2c|usm).
v1: SNMPv1.
v2c: SNMPv2.
usm: USM (User-based Security
Model) SNMPv3.
Security Level ( ): ,
. :

NoAuth, NoPriv: .
Auth, NoPriv: , .
Auth, Priv: , .
Read View Name ( ): MIB, MIB,
. 1~32
ASCII 0x21 0x7E.
Write View Name ( ): MIB, MIB,
.
1~32 ASCII 0x21 0x7E.

2.5.4

RMON

2.5.4.1

RMON Statistics Configuration ( RMON)

RMON. ID.

. 53. Security Switch RMON - Statistics Configuration


Delete (): , ,
. .
ID: . 1 65535.
Data Source ( ): ID , .

2.5.4.2

RMON History Configuration ( RMON)

RMON History Configuration


, . RMON
.

. 54. Security Switch RMON - History Configuration

48

2015 Zelax

ZES-22xx

ID: . 1 65535.
Data Source ( ): ID , .
Interval (): . 1800 .
: 1 3600 .
Buckets ( ): , .
50. : 1 3600.
Buckets Granted ( ): .
, Add New Entry (
). , Delete (),
,
.
Save (), .
Reset (), , .

2.5.4.3

RMON Alarm Configuration ( RMON)

,
. ,
.
. ,
.

. 55. Security Switch RMON - Alarm Configuration


ID: . 1 65535.
Interval ():
. 1 2^31 .
Variable (): MIB, .
ifEntry.n.n . :
InOctets, InUcastPkts, InNUcastPkts, InDiscards, InErrors, InUnknownProtos, OutOctets, OutUcastPkts,
OutNUcastPkts, OutDiscards, OutErrors OutQLen.
Sample Type ( ):
.
Absolute ( ):
.
Delta ():
.
Value (): .
Startup Alarm ( ): ,
,
.
Rising or Falling ( ): ,
, .
Rising (): ,
.
Falling (): , ,
.
Rising Threshold ( ):
, ,
, . ,
,
ZES-22xx

2015 Zelax

49

, .
: -2147483647 2147483647.
Rising Index ( ): . 1~65535.
Falling Threshold ( ):
, ,
, . ,
,
, .
(: -2147483647 2147483647)
Falling Index ( ): . 1~65535.
, Add New Entry (
). , Delete (),
,
.
Save (), .
Reset (), , .

2.5.4.4

RMON Event Configuration ( RMON)

RMON Event Configuration ( RMON)


, .

. 56. Security Switch RMON - Event Configuration


Delete (): , ,
. .
ID: ID. 1~65535.
Desc: .
Type (): ,
:
None (): .
Log (): , RMON.
snmptrap: trap
trap.
logandtrap: , trap.
Community: trap community, .
community ,
SNMP trap configuration ( SNMP trap) .
0~127.
Event Last Time ( ): sysUpTime,
.

2.5.4.5

RMON Statistics Overview ( RMON)

RMON statistics overview .


,
.
. , 60 .

50

2015 Zelax

ZES-22xx

. 57. Security Switch RMON - Statistics Overview


ID: ID.
Data Source ( ): ID .
Drop ( ): -
.
Octets (): .
Pkts: ( ,
).
Broadcast ( ): ,
.
Multicast ( ): ,
.
CRC Errors ( ):
64 1518 ( , FCS).
Undersize ( ):
64 .
Oversize ( ):
1518 .
Frag.: 64 ,
CRC.
Jabb.: 64 ,
CRC.
Coll.: Ethernet.
64 Bytes ( 64 ): 64
( ).
X~Y (65~127, 128~255, 256~511, 512~1023, 1024~1588): ,
X Y .

2.5.4.6

History Overview ( )

. 58. Security Switch RMON - History Overview


History Index ( ): .
Sample Index ( ): ,
.
Sample Start ( ): , ( ,
).
Drop ( ): -
.
Octets (): .
Pkts: ( ,
).
Broadcast ( ): ,
.
ZES-22xx

2015 Zelax

51

Multicast ( ): ,
.
CRC Errors ( ):
64 1518 ( , FCS).
Undersize ( ):
64 .
Oversize ( ):
1518 .
Frag.: 64 ,
CRC.
Jabb.: 64 ,
CRC.
Coll.: Ethernet.
Utilization ():
,
.

2.5.4.7

Alarm Overview ( )

. 59. Security Switch RMON - Alarm Overview


ID: .
Interval (): ( )
.
Variable (): MIB, .
Sample Type ( ):
, .
Value (): .
Startup Alarm ( ): , ,
, .
Rising Threshold ( ):
, ,
, .
Rising Index ( ): , ,
, .
Falling Threshold ( ):
, ,
, .
Falling Index ( ): , ,
, .

2.5.4.8

52

2015 Zelax

Event Overview ( )

ZES-22xx

. 60. Security Switch RMON - Event Overview


Event Index ( ): .
Log Index ( ): .
Log Time ( ):
.
Log Description ( ): .

2.6 Network ()
2.6.1

Port Security ( )

(Port Security Limit Control)


, - VLAN ID
( ). ,
, , .

2.6.1.1

Limit Control ( )

. 61. Security Network - Port Security - Limit Control

ZES-22xx

2015 Zelax

53

System Configuration ( )
Mode ( ): ()
, . (),
,
.
Aging Enabled ( ): ,
MAC- ,
Aging Period ( ). , ,
, . ,
,
(Aging Period), ,
.
Aging Period ( ): Aging Enabled ( )
, .
3600 . 10
10 000 000 .
Port Configuration ( )
Port (): . Port *
.
Mode ( ):
( ). ,
, .
Limit (): MAC-,
. 1024. ,
.
Action (): , :
None (): MAC-,
. .
Trap (): MAC-
, SNMP trap.
(Aging) , SNMP trap.
, SNMP trap
, .
Shutdown ( ): MAC-
, . ,
MAC- , MAC-
. ,
,
( / ).
:
;
Limit Control (
) ;
Reopen ().
Trap & Shutdown ( ):
MAC- , - Trap
() Shutdown ( ), .
State ():
.
:

54

Disabled (): ( , ).
Ready (): .
Limit Reached ( ): .
, Action () None
() Trap ().
Shutdown ( ):
. , Action

2015 Zelax

ZES-22xx

() Shutdown () Trap & Shutdown


( ).
Re-open Button ( ): ,
, , ,
. . Shutdown ( ) Action
(). , Reopen ( ),
, .
CLI:
port-security aging
port-security aging time 600
port-security
!
interface FastEthernet 1/1
port-security
port-security maximum 2
port-security violation trap-shutdown

2.6.1.2

Switch Status ( )

. 62. Security Network - Port Security - Switch Status


User Module Legend ( )
User Module Name ( ): ,
.

ZES-22xx

2015 Zelax

55

Abbr: ,
Users () Port Status ( ).
Port Status ( )
Port (): .
.
Users (): ,
, . '-' ,
. , ,
, .
State (): .
:
Disabled (): ,
, .
Ready ():
; -.
Limit Reached ( ): ,
, ; ,
MAC- .
Shutdown ( ): ,

, .
MAC- ,
.
MAC Count (Current/Limit) ( MAC- ( //
)): -, (,
) -,
. ,
(-).
, Limit ( ) (-).

CLI:
ZES-2220S# show port-security switch
Users:
L = Limit Control
8 = 802.1X
Interface
Users State
----------------------- ----- ------------FastEthernet 1/1
LReady
FastEthernet 1/2
-No users
FastEthernet 1/3
-No users
FastEthernet 1/4
-No users
FastEthernet 1/5
-No users
FastEthernet 1/6
-No users
FastEthernet 1/7
-No users
FastEthernet 1/8
-No users
FastEthernet 1/9
-No users
FastEthernet 1/10
-No users
FastEthernet 1/11
-No users
FastEthernet 1/12
-No users
FastEthernet 1/13
-No users
FastEthernet 1/14
-No users
FastEthernet 1/15
-No users
FastEthernet 1/16
-No users
GigabitEthernet 1/1
-No users
GigabitEthernet 1/2
-No users

56

2015 Zelax

MAC Cnt
------0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0

ZES-22xx

GigabitEthernet 1/3
GigabitEthernet 1/4

2.6.1.3

---

No users
No users

0
0

Port Statistics ( )

MAC-, .

. 63. Security Network - Port Security - Port Statistics


MAC Address (-): Port Security Limit Control
, MAC-, .
VLAN ID: VLAN ID, .
State (): ,
MAC- .
- .
Time of Addition ( ): ,
MAC- .
Age/Hold (/ ):
MAC-, MAC-
( ).
MAC-
, ,
MAC-. ( )
, MAC- MAC-. ,
.
MAC- , (-).

2.6.2

NAS

(Network Access Server)


, (supplicants) ,
.
, IEEE 802.1X,
, ,
.
, radius-, .
RADIUS-,
, EAPOL
( ).
.
, ,
RADIUS.

ZES-22xx

2015 Zelax

57

2.6.2.1

Configuration ()

. 64. Security Network NAS - Configuration


System Configuration ( )
Mode ( ): 802.1X
-. ,
.
Reauthentication Enabled ( ):
, ,
"Reauthentication Period" ( ).
,
.
Reauthentication Period ( ): ,
.
3600 .
1 3600 .
EAPOL Timeout ( EAPOL): ,

, Request Identify ( ) EAPOL.
30 . 1 65535 .
Aging Period ( ): ,
802.1X -.
300 . 10 1 000 000 .
Hold Time ( ): , EAP,
RADIUS, - .
, Single 802.1X, Multi 802.1X
-. 10 .
10 1 000 000 .
Radius-Assigned QoS Enabled ( QoS, Radius):
, QoS, RADIUS.
Radius-Assigned VLAN Enabled ( VLAN, Radius): VLAN,
RADIUS, VLAN,
, . VLAN,
58

2015 Zelax

ZES-22xx

RADIUS,
. RADIUS- RADIUS
.
"RADIUS-Assigned VLAN Enabled" ()
/ RADIUS- VLAN. ,
,
VLAN RADIUS. , VLAN
RADIUS .
Guest VLAN Enabled ( VLAN): VLAN
VLAN, .
, ,
VLAN. ,
VLAN .
Guest VLAN ID ( VLAN): VLAN ID ,
VLAN . VLAN ID , ,
VLAN. : 1 4095.
Max. Reauth. Count ( ):
EAPOL,
, VLAN.
, VLAN . 1~255.
Allow Guest VLAN if EAPOL Seen ( VLAN, EAPOL):
, EAPOL .
VLAN, ,
. ( ),
VLAN , EAPOL
. ( ), VLAN,
EAPOL .
, VLAN .
Port Configuration ( )
Port (): . Port * .
Admin State ( ): .
, NAS.
:

ZES-22xx

Force Authorized ( ):
() EAPOL,
,
.
Force Unauthorized ( ):
() EAPOL,
,
.
Port-Based 802.1X (802.1X ): ,
dot1x- .
, dot1x-, .
Single 802.1X ( 802.1X):
Single 802.1X,
,
.
EAPOL.
, ,
, .

, .
,
.
. Port Security (
) ( , ).

2015 Zelax

59

Multi Single 802.1X ( 802.1X):


Multi 802.1X,
.
; -
Port Security ( ).
MAC-based Auth. ( -):
802.1X, -
EAPOL. , , ,
. ( ),
, , , ,
-
RADIUS- EAP. 6- -
"xx-xx-xx-xx-xx-xx", (-)
-
( ).
MD5-Challenge, RADIUS .
Radius-Assigned QoS Enabled ( QoS, Radius):
, RADIUS-Assigned QoS .
Radius-Assigned VLAN Enabled ( VLAN, Radius):
, RADIUS-Assigned VLAN .
Guest VLAN Enabled ( VLAN): ,
VLAN .
Port State ( ): (
802.1X). :

Globally Disabled ( ): 802.1X


MAC- .
Link Down ( ): 802.1X MAC , .
Authorized ():
.
Unauthorized ( ):
, RADIUS .
X Auth/Y Unauth ( /Y ):
. , Y
.
Restart ():
, . ,
, ( System
Configuration ( ), Admin State ( )
EAPOL-based ( EAPOL) MAC-Based ( MAC-).
.
Reauthenticate ( ):
, ( EAPOL).
-,
. , ,
, .
Reinitialize ( ):
, .
, .

CLI:
dot1x re-authentication
dot1x system-auth-control
!
interface FastEthernet 1/1
dot1x port-control auto

60

2015 Zelax

ZES-22xx

!
interface FastEthernet 1/2
dot1x port-control mac-based

2.6.2.2

Switch Status ( )

. 65. Security Network NAS - Switch Status


Port (): . NAS
.
Admin State ( ):
.
Port Status ( ): .
Last Source ( ): -,
EAPOL EAPOL.
Last ID ( ID ): (
), EAPOL
EAPOL.
QoS Class ( QoS): QoS, NAS . QoS
NAS, .
Port VLAN ID (VLAN-ID ): VLAN ID , NAS.
VLAN ID NAS, .
CLI:
ZES-2220S# show dot1x status
Inf
Admin Port State
-------- ----- ---------Fa 1/1
Port
Down
Fa 1/2
MAC
Down
Fa 1/3
Auth
Down
Fa 1/4
Auth
Down
Fa 1/5
Auth
Auth
Fa 1/6
Auth
Down

ZES-22xx

brief
Last Src
-----------------

Last ID
-----------------

QOS
----

VLAN
----

Guest
-----

2015 Zelax

61

Fa
Fa
Gi
Gi
Gi
Gi

1/7
1/8
1/1
1/2
1/3
1/4

Auth
Auth
Auth
Auth
Auth
Auth

2.6.2.3

Down
Down
Down
Down
Down
Down

Port Statistics ( )

. 66. Security Network NAS - Port Statistics


Port State ( )
Admin State ( ):
.
Port Status ( ): .
Receive EAPOL Counters ( EAPOL)
Total ( ): EAPOL ,
.
Response ID ( ): EAPOL
, .
Responses ( ): EAPOL (
), .
Start (): EAPOL, .
Logoff (): EAPOL,
.
Invalid Type ( ): EAPOL,
, .
Invalid Length ( ): EAPOL,
, Packet Body Length ( ).
Transmit EAPOL Counters ( EAPOL)
Total (): EAPOL , .
Request ID (ID ): EAPOL ,
.
Requests (): EAPOL (
), .

62

2015 Zelax

ZES-22xx

2.6.3

ACL ( )

ACL ,
.
,
.

2.6.3.1

Ports ()

. 67. Security Network ACL Ports


Port (): .
Policy ID ( ):
.
, , .
0. 0~255.
Action (): ,
.
Rate Limiter ID ( ):
, .
Rate Limiters ( ).
Port Redirect ( ): ,
.
Mirror (): .
, ,
Mirror ().
ACL, ,
. ACL
Mirror () ACL Ports Configuration ( ACL).
Mirror Configuration ( ), Port to mirror on (,
) , Mode (
) Disabled ().
Logging ( ):
. , System
(), System Log Information (
).
Shutdown ( ): , ,
.
State (): ^

ZES-22xx

Enabled (): .
2015 Zelax

63

Disabled (): .
Counters (): , ,
.

2.6.3.2

Rate Limiters ( )

. 68. Security Network ACL Rate Limiters


Rate Limiter ID ( ):
.
Rate (): ,
. 0~3276700 pps (/.) 1, 100, 200,
3001000000 /.
Unit ( ): .
CLI:
access-list rate-limiter 1 100kbps 10
access-list rate-limiter 2 100kbps 5

2.6.3.3

Access Control List ( )


. , , .

. 69. Security Network ACL Configuration


64

2015 Zelax

ZES-22xx

Ingress Port ( ): . All


(), ( ) .
Policy Bitmask ( ): ACE.
Frame Type ( ): , .
Action (): - permit () deny ().
Rate Limiter ( ): ,
, .
Port Redirect ( ): ,
.
Mirror (): , .
Counter (): , -
, .
.

. 70. Security Network ACL ACE


ACE Configuration ( ACE)
Ingress Port ( ): .
All (),
.
Policy Filter (): . Any () ,
. Specific (),
ACE.
Frame Type ( ): .
: Any (), Ethernet, ARP, IPv4. .
Action (): - permit () deny ().
Rate Limiter ( ):
, .
Mirror (): .
Logging ( ):
.

ZES-22xx

2015 Zelax

65

Shutdown ( ):
.
Counter (): , -
, .
VLAN Parameters ( VLAN)
802.1Q Tagged (802.1Q ): ,
( ).
VLAN ID Filter ( VLAN ID): VLAN ID ACE.
Any (): VLAN ID .
Specific (): VLAN ID.
VLAN ID, ACE.
Tag Priority ( ): User Priority (
), VLAN .

MAC Parameter (-)


SMAC Filter ( SMAC): - . Any (),
- Specific (),
- . ( Any ()
Ethernet.
DMAC Filter ( DMAC): - .

Any (): - .
MC: -.
BC: -.
UC: -.
Specific (): , -
. ( Ethernet.)

Ethernet Type Parameter ( Ethernet )


EtherType Filter ( Ether):
Ethernet II. EtherType ( Ether)
Specific ().
ARP Parameter ( ARP)
ARP/RARP: ARP.
Any (): ARP/RARP .
ARP: ARP/RARP ARP.
RARP: ARP/RARP RARP.
Other (): ARP/RARP.
Request/Reply (/): , ARP, ARP
.
Any (): ARP/RARP .
Request (): ARP
Request ( ARP) RARP Request ( RARP).
Reply (): ARP Reply
( ARP) RARP Request ( RARP).
Sender IP Filter ( IP- ): IP-
.

Any (): IP- .


Host (): IP- .
Network (): IP- IP- .
Target IP Filter ( IP-): IP- .

66

Any (): IP- .


Host (): IP-.
Network (): IP- IP- .

2015 Zelax

ZES-22xx

ARP Sender SMAC Match ( SMAC- ARP): 0,


, SHA (Sender Hardware Address
) ARP/RARP - . 1, ,
SHA ARP/RARP - . Any (),
.
RARP Target MAC Match ( MAC- RARP):
0, , THA (Target Hardware Address
) ARP/RARP - . 1, ,
THA ARP/RARP - . Any
(), .
IP/Ethernet Length ( IP-/Ethernet): 0, ,
HLN (Hardware Address Length ) ARP/RARP
Ethernet (0x6) Protocol Address Length ( )
IPv4 (0x4). 1, , HLN ARP/RARP
Ethernet (0x6) Protocol Address Length ( ) IPv4
(0x4). Any (), .
IP: 0, , Protocol Address Space (
) ARP/RARP IP (0x800). 1, ,
Protocol Address Space ( ) IP (0x800).
Any (), .
Ethernet: 0, , Hardware Address Space
( ) ARP/RARP Ethernet (1).
1, , Hardware Address Space ( )
Ethernet (1). Any (), .
IP Parameters ( IP)
IP Protocol Filter ( IP): IP
, : Any (), ICMP, UDP,
TCP Other ().
IP TTL: Zero (), , TTL IPv4 0.
TTL 0, Non-Zero ( ). ,
any ( ).
IP Fragment ( IP): , Any (
). Yes () , IPv4, MF,
FRAG OFFSET 0 . No () ,
IPv4, MF, FRAG OFFSET 0
.
IP Option ( IP): .
, Any ( ). Yes () ,
IPv4 ,
. No () , IPv4 ,
.
SIP Filter ( SIP): IP- :
Any (), Host () Network (). Host (),
IP- . Network (),
, .
SIP Address ( SIP): IP- .
SIP Mask ( SIP): .
DIP Filter ( DIP): IP- :
Any (), Host () Network (). Host (),
IP- . Network (),
, .
DIP Address ( DIP): IP- .
DIP Mask ( DIP): .
IPv6 Parameters ( IPv6)

ZES-22xx

2015 Zelax

67

Next Header Filter ( ):


. : ICMP, UDP, TCP, Other ( ).
SIP Filter ( SIP): IP- . Any () ,
SIP-. Specific (), SIP
.
Hop Limit (. ):
, Any ( ). 0, IPv6,
hop limit . 1,
IPv6, hop limit
.
CLI:
access-list ace 1 ingress interface FastEthernet 1/2 vid 10 rate-limiter 1 logging

2.6.3.4

ACL Status ( )

. 71. Security Network ACL Status


ACL ACL.
CE, . CE
- , .
CE 256.
User (/): ACL.
Ingress Port ( ): ACE.
, .
Frame Type ( ): ACE. :
Any (): CE .
EType: CE Ethernet. ,
Ethernet ACE IP ARP.
ARP: CE ARP/RARP.
IPv4: CE IPv4.
IPv4/ICMP: ACE IPv4 ICMP.
IPv4/UDP: ACE IPv4 UDP.
IPv4/TCP CE IPv4 CP.
IPv4/Other ( IPv4): IPv4,
ICMP/UDP/TCP.
IPv6: CE IPv6.
Action (): () ACE.
Permit (): , ACE,
.
Deny (): , ACE, .
Filtered (): , .
Rate Limiter ( ):
. : 1 16. Disabled
(), .
Port Redirect ( ): .
, .
: Disabled (), . Disabled
(), .

68

2015 Zelax

ZES-22xx

Mirror (): .
:
Enabled (): , , .
Disabled (): , , .
"Disabled" ().
CPU: , ACE CPU.
CPU Once ( CPU): ,
ACE CPU.
Counter (): .
Conflict (): .
.

CLI:
ZES-2220S# show access-list ace-status
User
---S
: Static
IPSG: IP Source Guard
IPMC: IPMC
MEP : MEP
ARPI: ARP Inspection
UPnP: UPnP
PTP : PTP
DHCP: DHCP
LOOP: Loop Protect
?
: Z-Ring
User ID
Frame Action Rate L.
---- ------ ------ -------S
1
Any
Permit 1
Switch 1 access-list ace number:

2.6.4

Mirror
CPU
Counter Conflict
-------- ------ ------- ------Disabled No
0 No
1

DHCP

DHCP Snooping
DHCP. DHCP Snooping ,
IP- () ,
DHCP Snooping. ,
, ,
, DHCP Snooping, ,
IP Source Guard.

2.6.4.1

ZES-22xx

Snooping Configuration ( DHCP Snooping)

2015 Zelax

69

. 72. Security DHCP Snooping Configuration


DHCP Snooping Configuration ( DHCP Snooping)
Snooping Mode ( Snooping): DHCP
Snooping . DHCP snooping, DHCP
,
.
Port Mode Configuration ( )
Port (): . Port * .
Mode ( ): DCHP Snooping.
Trusted () Untrusted ().
CLI:
ip dhcp snooping
!
interface FastEthernet 1/1
no ip dhcp snooping trust

2.6.4.2

DHCP Relay

. 73. Security DHCP Relay configuration


70

2015 Zelax

ZES-22xx

Relay Mode ( DHCP Relay): DHCP relay.


Relay Server ( DHCP Relay): IP- DHCP-,
DHCP relay .
Relay Mode ( DHCP Relay):
DHCP Relay option 82. , , ,
, Relay Mode Enabled
().
Relay Information Policy ( DHCP Relay):
DHCP Relay DHCP-,
option 82.

Replace (): DHCP- DHCP Relay


. .
Keep (): DHCP-.
Drop (): , DHCP,
DHCP Relay.

CLI:
ip dhcp relay
ip helper-address 192.168.0.254
ip dhcp relay information option

2.6.4.3

Relay Statistics ( DHCP Relay)

. 74. Security DHCP Relay Statistics


DHCP Relay Statistics ( DHCP Relay)
Transmit to Server ( ): ,
.
Transmit Error ( ): ,
.
Receive from Client ( ): , .
Receive Missing Agent Option ( ): ,
.
Receive Missing Circuit ID ( ): ,
Circuit ID ( ).
Receive Missing Remote ID ( ):
, Remote ID ( ).
Receive Bad Circuit ID ( ): ,
Circuit ID ( ) circuit ID.
Receive Bad Remote ID ( ):
, Remote ID ( )
Remote ID.
Client Statistics ( )
Transmit to Client ( ):
.
ZES-22xx

2015 Zelax

71

Transmit Error ( ): ,
.
Receive from Client ( ): , .
Receive Missing Agent Option ( ): ,
.
Replace Agent Option ( ): ,
.
Keep Agent Option ( ): ,
.
Drop Agent Option ( ): ,
, .

2.6.5
2.6.5.1

IP Source Guard ( IP- )


Configuration ()

. 75. Security IP Source Guard Configuration


IP Source Guard Configuration ( IP- )
Mode ( ): IP-
().
Translate dynamic to static ( ):
, .
Port Mode Configuration ( )
Port (): . Port * .
Mode ( ): IP- .
, , , IP- ,
, .
Max Dynamic Clients (. ):
, . : 0,
1, 2, unlimited ( ).
72

2015 Zelax

ZES-22xx

0, IP-,
(IP-) .
CLI:
ip verify source
!
interface FastEthernet 1/2
ip verify source
ip verify source limit 1

2.6.5.2

Static Table ( )

. 76. Security IP Source Guard Static Table


Port (): .
VLAN ID: VLAN ID.
IP Address (IP-): IP-.
MAC Address (-): MAC-.
, Add New Entry (
). Delete (),
.
Save (), .
Reset (), , ,
.
CLI:
ip source binding interface FastEthernet 1/2 2 192.168.0.105 00-1b-21-21-9f-fb

2.6.5.3

Dynamic Table ( )

IP- ,
, VLAN ID, IP- MAC-. ,
20 .
999 ; ,
entries per page ( ).

. 77. Security IP Source Guard Dynamic Table


ZES-22xx

2015 Zelax

73

2.6.6

ARP inspection ( ARP)

2.6.6.1

Port Configuration ( )

. 78. Security ARP inspection Port Configuration


ARP Inspection Configuration ( ARP)
Mode ( ): ARP .
Port Mode Configuration ( )
Port (): . Port * .
Mode ( ): ARP .
, , , ARP ,
, .
Check VLAN ( VLAN): (Enable) (disable) VLAN.
Log Type ( ): .

None (): .
Deny (): .
Permit (): .
All (): .

CLI:
ip arp inspection
!
interface FastEthernet 1/2
no ip arp inspection trust
ip arp inspection check-vlan
ip arp inspection logging all

74

2015 Zelax

ZES-22xx

2.6.6.2

VLAN Configuration ( VLAN)

. 79. Security ARP inspection VLAN Configuration


VLAN ID: VLAN ARP. , web- Port mode configuration
( ). , Global Mode
( ) Port Mode ( ), ARP Inspection
. -, web- VLAN mode configuration ( VLAN)
, VLAN .
VLAN.
Log Type ( ): .

None (): .
Deny (): .
Permit (): .
All (): .

, Add New Entry (


). Delete (),
.
Save (), .
Reset (), , ,
.
CLI:
ip arp inspection vlan 10
ip arp inspection vlan 10 logging all

2.6.6.3

Static Table ( )

. 80. Security ARP inspection Static Table


Port (): .
VLAN ID: VLAN ID.

ZES-22xx

2015 Zelax

75

MAC Address (-): -


ARP.
IP Address (IP-): IP- ARP.
, Add New Entry (
). Delete (),
.
Save (), .
Reset (), , ,
.
CLI:
ip arp inspection entry interface FastEthernet 1/1 2 00-1b-21-21-9f-fb 192.168.0.105

2.6.6.4

Dynamic Table Status ( )

. 81. Security ARP inspection Dynamic Table Status


Port (): .
VLAN ID: VLAN ID, ARP.
MAC Address (-): - .
IP Address (IP-): IP- .

2.7 RADIUS
2.7.1.1

Configuration ()

. 82. Security Radius Configuration


Global Configuration ( )
Timeout ( ): ,
, .
Retransmit ( ):
, .
, , .
76

2015 Zelax

ZES-22xx

Deadtime ( ): Deadtime ( ) ,
,
. ,
, , . Deadtime ,
(0), , ,
. Deadtime: 0 1440 .
Key (): 64 .
RADIUS- .
NAS-IP-Address: IPv4, 4
RADIUS. , IP-
.
NAS-IPv6-Address: IPv6, 95
RADIUS. , IP-
.
NAS Identifier ( NAS): 256 ,
32 RADIUS.
, NAS .
Server Configuration ( )
Hostname ( ): RADIUS- IP-.
Auth Port ( ): UDP, RADIUS-
.
Acct Port ( ): UDP, RADIUS-
.
Timeout ( ): ,
.
, .
Retransmit ( ):
, .
, .
Key (): ,
.
, .
CLI:
radius-server host 192.168.0.105

2.7.1.2

RADIUS Overview ( RADIUS)

. 83. Security Radius Overview


ZES-22xx

2015 Zelax

77

#: Radius. .
, #.
IP Address (IP-): IP- UPD.
Status (): RADIUS.
, , :

Disabled (): .
Not Ready ( ): , IP
.
Ready (): , IP .
RADIUS- .

2.7.1.3

RADIUS Details ( RADIUS)

. 84. Security Radius Details


RADIUS Authentication Statistics for Server ( RADIUS
)
Access Accepts ( ): RADIUS Access-Accept (
) , .
Access Rejects ( ): RADIUS Access-Reject ( )
, .
Access Challenges ( ): RADIUS Access-Challenge
( ) , .
Malformed Access Responses ( ):
RADIUS Access-Response ( ),
.
. Bad authenticators ( )
Message Authenticator ( ),
.

78

2015 Zelax

ZES-22xx

Bad Authenticators ( ): RADIUS,


Message
Authenticator ( ).
Unknown Types ( ): RADIUS,
.
Packets Dropped ( ): RADIUS,
.
Access Requests ( ): RADIUS Access-Request (
), . .
Access Retransmissions ( ):
RADIUS Access-Request ( ), RADIUS-
.
Pending Requests ( ): RADIUS Access-Request (
), , , .
Access-Request ( )
Access-Accept ( ), Access-Reject (
), Access-Challenge ( ), .
Timeouts ( ): .
, ,
.
( ).
( ).
IP Address (IP-): IP- UDP
.
State (): .
:
Disabled (): .
Not Ready ( ): , IP
.
Ready (): , IP ; RADIUS
.
Dead (X seconds left) ( ,
): ,
.
(),
. ,
, .
, .
Round-Trip Time ( ): (
) Access-Reply/Access-Challenge AccessRequest RADIUS- . ()
100 . 0 ,
.

RADIUS Accounting Statistics for Server ( RADIUS )


Responses ( ): RADIUS ( ),
.
Malformed Responses ( ):
RADIUS, .
.
.
Bad Authenticators ( ): RADIUS,
, .
Unknown Types ( ): RADIUS ,
.
Packets Dropped ( ): RADIUS,
.

ZES-22xx

2015 Zelax

79

Requests (): RADIUS, .


.
Retransmissions ( ): RADIUS,
RADIUS.
Pending Requests ( ): RADIUS, ,
, .
, , ;
.
Timeouts ( ): .
, ,
.
( ).
( ).
IP Address (IP-): IP- UDP .
State (): .
:
Disabled (): .
Not Ready ( ): , IP
.
Ready (): , IP ; RADIUS
.
Dead (X seconds left) ( ,
): ,
.
(),
. ,
, .
, .
Round-Trip Time ( ): (
)
RADIUS- . 100 .
0 , .

CLI:
ZES-2220S# show radius-server statistics
Global RADIUS Server Timeout
: 5 seconds
Global RADIUS Server Retransmit
: 3 times
Global RADIUS Server Deadtime
: 0 minutes
Global RADIUS Server Key
:
Global RADIUS Server Attribute 4 :
Global RADIUS Server Attribute 95 :
Global RADIUS Server Attribute 32 :
RADIUS Server #1:
Host name : 192.168.0.105
Auth port : 1812
Acct port : 1813
Timeout
:
Retransmit :
Key
:
RADIUS Server #1 (192.168.0.105:1812) Authentication Statistics:
Rx Access Accepts:
0
Tx Access Requests:
Rx Access Rejects:
0
Tx Access Retransmissions:
Rx Access Challenges:
0
Tx Pending Requests:
Rx Malformed Acc. Responses:
0
Tx Timeouts:
Rx Bad Authenticators:
0
Rx Unknown Types:
0

80

2015 Zelax

0
0
0
0

ZES-22xx

Rx Packets Dropped:
State:
Round-Trip Time:

0
Ready
0 ms

RADIUS Server #1 (192.168.0.105:1813) Accounting Statistics:


Rx Responses:
0
Tx Requests:
Rx Malformed Responses:
0
Tx Retransmissions:
Rx Bad Authenticators:
0
Tx Pending Requests:
Rx Unknown Types:
0
Tx Timeouts:
Rx Packets Dropped:
0
State:
Ready
Round-Trip Time:
0 ms

2.7.2

0
0
0
0

TACACS+

Tacacs+ .

. 85. Security Tacacs+


Global Configuration ( )
Timeout ( ): ,
TACACS+ , .
Deadtime ( ): Deadtime ( ) ,
,
. ,
, , . Deadtime ,
( 0 ), , ,
. Deadtime: 0 1440 .
Key (): 63 .
TACACS+ .
Server Configuration ( )
Hostname ( ): TACACS+ IP-.
Port (): TCP, TACACS+ .
Timeout ( ): ,
.
, .
Key (): ,
.
, .
CLI:
tacacs-server key 123456
tacacs-server host 192.168.0.110 timeout 20

ZES-22xx

2015 Zelax

81

2.8 Aggregation ()
,
,
,
,
. ,
.
: LACP.
Aggregation () static (
) LACP.

. 86. Aggregation

2.8.1

Static ( )

. 87. Aggregation Static


Aggregation Mode Configuration ( )
Source MAC Address (- ): MAC-
, .
Destination MAC Address (- ): MAC-
, .
IP Address (IP-): IP- ,
.
TCP/UDP Port Number ( TCP/UDP): TCP/UDP
, .
Aggregation Group Configuration ( )

82

2015 Zelax

ZES-22xx

Group ID ( ): , . Normal
( ) , .
2 10 (). , ,
.
Port Members (- ): ,
.
CLI:
interface FastEthernet 1/1
aggregation group 1
!
interface FastEthernet 1/2
aggregation group 1

2.8.2

LACP

LACP (Link Aggregation Control Protocol


), IEEE 802.3ad.
. ,
, LACP,
, LACP.
LACP,
. ,
LACP,
.

2.8.2.1

Port Configuration ( )

LACP.

. 88. Aggregation LACP


Port (): . Port * .
LACP Enabled ( LACP): LACP .
Key (): Auto () ,
. , ,
Specific (). : 1 65535.
LACP .

ZES-22xx

2015 Zelax

83

, (
).
Role (): Active ( ), Passive
( ),
LACP. , , Active
LACP. , LACP-
,
, . ,
- .
, LACP, , ,
LACP. , LACP
LACP, ,
LACP.
Timeout ( ): Timeout ( )
BPDU. Fast (), LACP
; Slow (),
LACP 30 .
Prio ( ): , .
, , .
CLI:
interface FastEthernet 1/10
lacp
!
interface FastEthernet 1/11
lacp

2.8.2.2

System Status ( )

. 89. Aggregation System Status


Aggr ID ( ):
, LAG (Link Aggregation Group).
Partner System ID ( ):
LAG (MAC-).
Partner Key ( ): , LAG.
Partner Prio ( ): .
Last Changed ( ): ,
LAG.
Local Ports ( ): , LAG.

84

2015 Zelax

ZES-22xx

2.8.2.3

Port Status ( )

. 90. Aggregation Port Status


Port (): .
LACP: LACP .
Yes (): LACP , .
No (): LACP , .
Backup ( ): .
LAG, LAG.
Key (): .
Aggr ID ( ): ,
.
Partner System ID ( ): LAG
.
Partner Port ( ): ,
.
Partner Prio ( ): .

2.8.2.4

Port Statistics ( )

. 91. Aggregation Port Statistics

ZES-22xx

2015 Zelax

85

Port (): .
LACP Received ( LACP): LACP, .
LACP Transmitted ( LACP): LACP,
.
Discarded (): ,
.

2.9 Redundancy ()

.

. ,
- .
, ,
, , .
STP (802.1d), RSTP (802.1w) MSTP (802.1s).

Z-Ring ERPS (G.8032),
, STP-.
, . ,
Redundancy ().

. 92. Redundancy

2.9.1

Z-Ring

Z-Ring . 250
,
, 10 .
STP, Z-Ring ,
. Z-Ring
(
), ,
.

2.9.1.1

86

2015 Zelax

Configuration ()

ZES-22xx

. 93. Aggregation Z-Ring Configuration


, Add New Instance (
).
Instance (): . 5.
Type (): Z-Ring 3 . .

Z-Ring: Z-Ring . Z-Ring.

. 94. Z-Ring

Z-Chain: Z-Chain , , Z-Ring


,
Z-Ring.

. 95. Z-Ring

ZES-22xx

Sub-Ring: Sub-Ring
. Sub-Ring Z-Ring
Z-Chain. .

2015 Zelax

87

Z-Ring

Sub-Ring

Z-Ring

Z-Ring

Sub-Ring

Z-Ring

Sub-Ring

Z-Ring

Z-Ring

Z-Ring

Sub-Ring

Z-Ring

Z-Ring

. 96. Z-Ring Sub-Ring


Master ( ): Master ( ) ,
, .
,
, (Master). , Master
, Z-Ring
-. ,
(Master) .
Port (): .
Edge (): , Z-Chain.
, , Z-Chain.
(Master) .
1.

88

2015 Zelax

Z-Ring


.

,
ZRing


-
.



.


,

ZRing


-
.

Z-Chain


.



-

.


,
,

ZRing

.
:
Z-Chain,


(
)

.

Sub-Ring


.

,
ZRing


-
.



.


,

ZRing


-
.



ZES-22xx

2.




.



,

CLI:
ring 1 ring

2.9.1.2

east interface FastEthernet 1/1 west interface FastEthernet 1/2

Status ()

. 97. Aggregation Z-Ring Status


Instance (): .
Type (): .
Role (): Master ( )
Slave ( ). .
East & West Port Number ( () ): ,
.
East & West Port State ( () ):
. :
Forwarding (): .
Blocking (): .
Down (): .
East & West Port Edge ( () ):
, .
Healthy ( ):
.
: .
o: , .
.

ZES-22xx

2015 Zelax

89

o: .
blocked () forwarding (),
.
CLI:
ZES-2220S#show ring 1
|-------East-------| |-------West-------|
Inst Type Role Interface State Edge Interface State Edge Healthy
----+-----+-----+---------+-----+----+---------+-----+----+------1 Ring
Fa 1/1
Down Fa 1/2
Down -

2.9.2

Loop Protection ( )

, ,
, .
, .
Loop Protection ( ), ,
.
.
, , ,
.

2.9.2.1

Configuration ()

. 98. Loop Protection Configuration


General Settings ( )
Enable Loop Protection ( ):
.
Transmission Time ( ):
PDU . : 1 10 .
Shutdown Time ( ): , .
: 0 604800 . 0 ,
, .
Port Configuration ( )

90

2015 Zelax

ZES-22xx

Port (): . Port *


.
Enable ():
.
Action (): ,
. : Shutdown
Port ( ), Shutdown Port and Log ( ,
) Log Only ( ).
Shutdown Port ( ): , ,
, Shutdown Time (
).
Shutdown Port and Log ( , ): ,
, ,
Shutdown Time ( ),
.
Log Only ( ): ,
.
Tx Mode ( ):
PDU PDU, .

CLI:
loop-protect
loop-protect shutdown-time 60
!
interface FastEthernet 1/1
no loop-protect
!
interface FastEthernet 1/4
loop-protect action shutdown log

2.9.2.2

Status ()

. 99. Loop Protection Status


Port (): .
Action (): ,
.
Transmit (): (Tx).
Loops (): , .
Status (): , .
Loops (): , .
Time of Last Loop ( ): ,
.

2.9.3

Spanning Tree

, ,

,
. ,
. ,
ZES-22xx

2015 Zelax

91

(),
, . ,
-, , ,
- ( )
. -, .
.
CPU .
, , STP ,
, ,
,
.
STP (Spanning Tree Protocol) IEEE Standard 802.1s.
2- (
- Ethernet-) , ,
.
, ,
IEEE Standard 802.1s - RSTP (Rapid Spanning Tree Protocol (IEEE 802.1w)).
RSTP STP,
. ,
, ()
. ,
RSTP STP.
RSTP IEEE 802.1s MSTP (Multiple Spanning Tree protocol),
VLAN .
STP RSTP, MSTP STP VLAN.
, VLAN, MSTP
, STP.

2.9.3.1

Bridge Settings ( )

. 100. Spanning Tree Bridge Settings


Basic Settings ( )
Protocol Version ( ): .
: STP, RSTP MSTP.
Bridge Priority ( ):
,
. (
) , .
92

2015 Zelax

ZES-22xx

,
. MSTP CIST.
STP/RSTP.
Forward Delay ( ): STP, Forward Delay
, Listening () Learning ()
Forwarding ( ). ,
. : 4 30 .
Max Age (. ): hello
, .
: 6 40 , Max Age (Forward Delay1)*2.
Maximum Hop Count ( ):
, BPDU
. BPDU,
. , BPDU .
20. 6 40.
Transmit Hold Count ( BPDU ): BPDU,
. ,
BPDU . 6 . :
1 10.
, ,
CPU; .
Transmit Hold Count , .
Advanced Settings ( )
Edge Port BPDU Filtering ( BPDU ):
BPDU BPDU ,
.
Edge Port BPDU Guard ( BPDU ):
, - .
, .
, BPDU. ,
, ,
.
BPDU,

STP.
, BPDU
guard. BPDU, ,
STP , BPDU.
.
Port Error Recovery ( ): , ,
- ,
.
Port Error Recovery Timeout ( ): ,
, , - , .
30 86400 .
CLI:
spanning-tree
spanning-tree
spanning-tree
spanning-tree

ZES-22xx

mode rstp
edge bpdu-filter
edge bpdu-guard
mst 0 priority 4096

2015 Zelax

93

2.9.3.2

MSTI Mapping ( MSTI)

. 101. Spanning Tree MSTI Mapping


Configuration Identification ( )
Configuration Name ( ): MSTI.
- . 32 . ,
STP MSTI,
.
Configuration Revision ( ): MSTI.
: 1 65535.
MSTI Mapping ( MSTI)
MSTI: MSTI.
VLAN Mapped ( VLAN): VLAN,
MSTI. VLAN, VLAN.
VLAN VLAN. (:
2,5,20-40). MSTI .
CLI:
spanning-tree mst name 00-1a-81-00-c0-a9 revision 0
spanning-tree mst 1 vlan 3-5

2.9.3.3

94

2015 Zelax

MSTI Priorities ( MSTI)

ZES-22xx

. 102. Spanning Tree MSTI Priorities


MSTI: MSTI . MSTI *
.
Priority (): MSTI.
,
. . ,
,
-. , , .
:
MSTI, 6- - .
CLI:
spanning-tree mst 1 priority 16384

ZES-22xx

2015 Zelax

95

2.9.3.4

CIST Ports ( CIST)

. 103. Spanning Tree CIST Ports


CIST Aggregated Port Configuration ( CIST)
Port (): .
STP Enabled ( STP): STP.
Path Cost ( ):
. Auto (),

. , , Specific
(). : 1 200000000.
, , ,
.
Priority (): .
Admin Edge ( ):
, Edge ().
Auto Edge ( ): ,
. ,
BPDU.
Restricted Role ( ): ,
CIST MSTI , STP.
Restricted TCN ( TCN): ,
.
BPDU Guard ( BPDU): BPDU.
BPDU
discarding. , ,
BPDU.
Point-to-Point (-): , .

Auto (): ,
- - .
Forced True ( -):
-.
Forced False ( ):
.

CLI:
interface FastEthernet 1/4
spanning-tree
spanning-tree bpdu-guard

96

2015 Zelax

ZES-22xx

spanning-tree mst 0 port-priority 16

2.9.3.5

MSTI Ports ( MSTI)

. 104. Spanning Tree MSTI Ports


MSTI, , Get
().

. 105. Spanning Tree MSTI Port Configuration


Port (): .
Path Cost ( ):
. Auto (),

. , , Specific
(). : 1 200000000.
, , ,
.
Priority (): .

2.9.3.6

ZES-22xx

Bridge Status ( )

2015 Zelax

97

. 106. Spanning Tree Bridge Status


STP Bridge ( STP)
MSTI: .
.
Bridge ID ( ): ,
- .
Root ID ( ):
-.
Root Port ( ): ,
.
. , .
Root Cost ( ):
. .

.
Topology Flag ( ):
.
Topology Change Last ( ): ,
.
STP
MSTI .

. 107. Spanning Tree STP Detailed Bridge Status


STP Detailed Bridge Status ( STP )
Bridge Instance ( ): .
Bridge ID ( ): ,
- .
Root ID ( ):
-.

98

2015 Zelax

ZES-22xx

Root Cost ( ):
. .

.
Root Port ( ): ,
.
. , .
Regional Root ( ): Bridge ID ( )
, MSTP . (
CIST.)
Internal Root Cost ( ):
. .
CIST MSTP,
. (
CIST.)
Topology Flag ( ):
.
Topology Change Last ( ): ,
.
CIST Ports & Aggregations State ( CIST )
Port (): .
Port ID ( ): , RSTP.
ID .
Role (): , STP. :
Designated Port ( ), Backup Port ( ), Root Port ( ).
State (): .
Blocking (): BPDU,
.
Learning (): ,
Forward Delay, .
, .
Forwarding (): .
Edge ( ): , .
Point-to-Point (-): , -
. .
Uptime ( ): , ,
.

CLI:
ZES-2220S# show spanning-tree active
CIST Bridge STP Status
Bridge ID
: 32768.00-1A-81-00-C0-A9
Root ID
: 32768.00-1A-81-00-C0-A9
Root Port
: Root PathCost: 0
Regional Root: 32768.00-1A-81-00-C0-A9
Int. PathCost: 0
Max Hops
: 20
TC Flag
: Steady
TC Count
: 0
TC Last
: Port
Port Role
State
Pri
--------- -------------- ---------- --Fa 1/5
DesignatedPort Forwarding 128

ZES-22xx

PathCost
-------200000

Edge
---Yes

P2P
--Yes

Uptime
------------0d 00:18:26

2015 Zelax

99

Fa 1/7

DesignatedPort

2.9.3.7

Forwarding

128

200000

Yes

Yes

0d 00:18:26

Port Status ( )

. 108. Spanning Tree Port Status


Port (): .
CIST Role ( CIST): , STP. :
Designated Port ( ), Backup Port ( ), Root Port ( )
Non-STP (, STP).
CIST State ( CIST): .
CIST :
Discarding (): BPDU,
.
Learning (): ,
Forward Delay, .
, .
Forwarding (): .
Uptime ( ): , ,
.

2.9.3.8

Port Statistics ( )

. 109. Spanning Tree Port Statistics


Port (): .

100

2015 Zelax

ZES-22xx

Transmitted & Received MSTP/RSTP/STP ( () BPDU):


() BPDU MSTP/RSTP/STP.
Transmitted & Received TCN ( () TCN): TCN
() .
Discarded Unknown/Illegal ( / ):
, .

2.9.4

MEP (Maintenance Entity Point)

. 110. MEP (Maintenance Entity Point)


Instance (): MEP.
,
MEP.
MEP.
Domain ()
Port (): MEP . 'Flow Instance' ( ) . (
.)
MEP: MEP EVC. 'Flow Instance' ( ) EVC.
EVC.
Mode ( ): Mep (Maintenance Entity End Point
) Mip (Maintenance Entity Intermediate Point
).
Direction (): Down/Ingress (),
Up/Egress () .
Residence Port ( ): ,
.
Level (): MGP MEP.
Flow Instance ( ): MEP, .
Tagged VID ( VLAN): VLAN VID C-tag Stag ( VLAN). , 0.
This MAC (- ): - (
MEP).
Alarm (): MEP .
, MEP.

ZES-22xx

2015 Zelax

101

. 111. MEP Configuration


Instance Data ( ) MEP.
Instance Configuration ( )
Level (): MEP. : 0~7.
Format (): .
ITU ICC: ITU Y.1731 A3.
. MEG id 13 .
IEEE String ( IEEE): IEEE 802.1ag 21.6.5.
16 .
MEG id - 16 .
ITU CC ICC: ITU Y.1731 5.
. MEG id 15 .
ICC/Domain Name ( ICC / ):
, ITU ICC (IEEE Maintenance
Domain Name).
MEG id: ITU UMC (MEG ID [7-13]), IEEE Short MA.
MEP id: CCM MEP
ID.
Tagged VID ( VLAN): OAM PDU C-
( MEP.

MEP STATE ( MEP)


cLevel: , CCM
MEP.
cMEG: , CCM MEG ID,
MEP.
cMEP: , CCM MEP ID,
'Peer MEP ID' , MEP.
cAIS: , AIS PDU.
cLCK: , LCK PDU.
cSSF: , .
aBLK: ,
.
aTSF: - .
Peer MEP Configuration ( MEP)
102

2015 Zelax

ZES-22xx

, Add New Peer MEP (


MEP). Delete
().
Peer MEP ID: MEP MEP. ,
MAC- .
Unicast Peer MAC (- ):
- . -
xx-xx-xx-xx-xx-xx, xx.xx.xx.xx.xx.xx xxxxxxxxxxxx,
.
: Peer MEP ID (
MEP),
( -). ,
Unicast Peer MAC ( - )
, 00-00-00-00-00-00.
cLOC: , MEP, CCM
( 3,5 ).
cRDI: , MEP CCM
( Remote Defect Indication).
cPeriod: , MEP CCM
, , MEP .
cPriority: , MEP CCM
, , MEP.
Functional Configuration ( )
Continuity Check ( )
Enable (): , ,
CCM PDU . CCM PDU ,
Multicast Class 1 ( 1).
Priority (): TAG ( ) ( PCP).
Frame rate ( ): CCM PDU.
APS
Enable (): , APS (Automatic
Protection Switching ).
Priority (): TAG ( ) ( PCP).
Cast ( ): , APS PDU
. -
Unicast Peer MAC ( - ).
L-APS PDU. R-APS PDU
MAC-, G.8032.
Type (): :
R-APS: APS PDU, R-APS ( ERPS).
L-APS: APS PDU, L-APS ( ELPS).
Last Octet ( ): RAPS
-. G.8031 (03/2010) RAPS MAC-
01-19-A7-00-00-XX. '01';
.
Fault Management ( ).

ZES-22xx

2015 Zelax

103

. 112. MEP Fault Management


Loop Back ( )
Enable (): , (Loop
Back) LBM/LBR PDU. ,
LBM PDU, To Send ( ).
Dei: TAG ( ) DEI ( PCP).
Priority (): TAG ( ) ( PCP).
Cast ( -): LBM PDU
. -

104

2015 Zelax

ZES-22xx

'Peer MEP' ( MEP) 'Unicast Peer MAC' ( MAC). MIP .


Peer MEP ( MEP): , the Unicast MAC
( -) . - LBM
Unicast Peer MAC ( - )
.
Unicast MAC ( -): ,
. - LBM PDU.
MIP.
To Send ( ): LBM PDU,
. 0, ( ).
; LBM/LBR, VOE.
Size (): LBM PDU Data Pattern TLV.
Interval (): LBM PDU. 10
, 'To Send' ( ) , 0 (. 100 - '0'
. ). 1 , 'To Send' == 0 (.
10.000).
Loop Back State ( )
Transaction ID ( ): ID
LBM. ID PDU LBM.
Transmitted (): LBM PDU.
Reply MAC ( -): - MEP/MIP.
LBM, MEP .
To Send= 0, - .
Received (): LBR PDU, Reply MAC
( -).
Out of Order ( ): LBR PDU,
Reply MAC ( -) Transaction ID (
).
Link Trace ( )
Enable (): , (Link
Trace) LBM/LBR PDU.
, 5 5 5
LTR . LTM PDU , Multicast Class 2
( 2).
Priority (): TAG ( ) ( PCP).
Peer MEP ( MEP): , Unicast MAC
( -) . -
Unicast Peer MAC ( - )
.
Unicast MAC ( -): ,
. -
. MIP
-.
Time To Live ( ): LTM PDU TTL, Y.1731. ,
MIP (), .
TTL , PDU .
Link Trace State ( )
Transaction ID ( ):
, LTM. LTM PDU, ,
LTR PDU. LTR, , .
.
Time To Live ( ): TTL LTM, MIP/MEP,
LTR , .
ZES-22xx

2015 Zelax

105

Mode ( ): , MEP/MIP,
LTR.
Direction (): , MEP/MIP,
LTR, .
Relayed (): , MEP/MIP,
LTR, LTM.
Last MAC ( -): -,
LBM, , LTR ( MEP
MIP).
Next MAC ( -): -,
LBM, , LTR ( MIP
MEP).
Test Signal ( )
Tx/Rx: , TST PDU.
Dei: TAG ( ) DEI ( PCP).
Priority (): TAG ( ) ( PCP).
Peer MEP ( MEP): - TST
Unicast Peer MAC ( - )
.
Rate (): TST /.
Caracal: 400 /. Serval: 1 /.
Size (): TST. , ( )
, TST OAM PDU,
CRC.
Pattern (): '' TST PDU 12 .
, TLV.
All Zero ( ): 00000000
All One ( ): 11111111
10101010: 10101010
Sequence Number ( ):
.
Test Signal State ( )
TX frame count ( ): TST
.
RX frame count ( ): TST
.
RX rate ( ): TST, 100
/. 1 ,
TST .
, .
Test time ( ): , TST
.
Clear (): . TST
. , , 'Rx frame
count' ( ), 'RX rate' ( ) 'Test time' ( ).
Client Configuration ( )
Domain (): . EVC.
Level (): , , PDU,
, .
Flow (): .
MEP.
AIS
106

2015 Zelax

ZES-22xx

Enable (): AIS- ( AIS PDU)


.
Priority (): Caracal
( ). Serval EVC COS-ID (
ECE).
Frame rate ( ): AIS PDU.
(. Y.1731).
Protection (): , . ,
3 AIS PDU
.
Lock
Enable (): LOCK- (
LCK PDU) .
Priority (): MEP . Caracal
( ). Serval
EVC COS-ID ( ECE).
Frame rate ( ): LCK PDU.
(. Y.1731).
Performance Monitoring ( ).

. 113. MEP Performance Monitoring


Loss Measurement/Loss Measurement State ( /
)
Enable (): / CCM
LMM/LMR PDU, ( ) ( ) .
'Ended' ( ).
, .
Priority (): TAG ( ) ( PCP).
, Continuity Check ( )
CCM , .
Frame rate ( ): CCM/LMM
PDU. (. Y.1731). 300 /
100 / . , Continuity Check (
) CCM,
.

ZES-22xx

2015 Zelax

107

Cast ( -): , CCM LMM PDU


. -
Unicast Peer MAC ( - ).
, Continuity Check ( )
CCM, -
.
Ended ( ):
Single ( ): ,
LMM/LMR.
Dual ( ):
.
FLR Interval ( FLR): ,
(Frame Loss Ratio).

Loss Measurement State ( )


Near End Loss Count ( , ):
, (
).
Far End Loss Count ( , ):
, (
).
Near End Loss Ratio ( , ):
,
, ,
FLR. .
Far End Loss Ratio ( , ):
,
, ,
FLR. .
Clear (): ,
,
.
Delay Measurement ( )
Enable (): ,
1DM/DMM PDU. ,
1DM/DMR PDU .
Priority (): TAG ( ) ( PCP).
Cast ( -): , 1DM/DMM PDU
. MAC-
'Peer MEP' ( ).
Peer MEP ( MEP): , 'Cast' ( )
Uni. - 1DM/DMR Unicast
Peer MAC ( - ) .
Way ( ):
1 DM DMM/DMR , .
Tx Mode ( ):
Standardize (): 1 DM/DMR Y.1731.
Proprietary (): 1
DM/DMR.
Calc: , 'Way' ( ) Two-way (
).

108

Round trip ( ): ,
. = RxTimebTxTimeStampf

2015 Zelax

ZES-22xx

Flow (): ,
. = (RxTimeb-TxTimeStampf)(TxTimeStampb-RxTimeStampf)
Gap (): 1 DM/DMM PDU 10 .
: 10 65535.
Count (): , . :
10 2000.
Unit ( ): .
D2forD1: DMM/DMR
. , .
DMR, ( , ),
near-end-to-far-end ( ) farend-to-near-end ( ). DMM 1DM,
far-end-to-near-end (
).
Counter Overflow Action ( ): ,
.

Delay Measurement State ( )


Tx: ( ).
Rx Timeout ( ):
( ).
Rx: ( ).
Rx Error ( ): (
). 1 ( ).
Average Total ( ):
. : .
Average last N ( N ):
n . : .
AverageVariation Total ( ):
. : .
Average Variation last N ( N ):
n . :
.
Min.: . :
.
Max.: . :
.
Overflow (): .
Clear ():
.

2.9.5

ERPS

Ethernet ERPS (Ethernet Ring Protection Switching),


ITU-T G.8032, Ethernet
. ERPS
RPL (ring protection link).
, ERPS, ( )
RPL (RPL-owner), ,
. , RPL-owner RPL-
(neighbor) RPL .
, RPL-owner
, RPL- .

(Ring Automatic Protection Switching message), ,
. RPL-owner
, SF (signal failure) ( ).
ZES-22xx

2015 Zelax

109

, RPL-owner RPL,
VLAN.
ERPS, STP, ,
. , , ERPS ,

.
, ERPS ( 50 )
.

. 114. ERPS
ERPS ID: ID .
Port 0 ( 0): Port 0 - E ( ).
.
.
Port 1 ( 1): Port 1 - W ( ).
.
-, 0 , ,
. .
Port 0 APS MEP: MEP, (East APS PDU).
Port 1 APS MEP: MEP, (West APS PDU).
-, 0 ,
APS MEP, .
Port 0 SF MEP: : East Signal Fail APS MEP.
MEP, East Signal Fail ( ).
Port 1 SF MEP: : West Signal Fail APS MEP.
-, 0 ,
SF MEP, . MEP,
West Signal Fail ( ).
Ring Type ( ): , major
(), sub (-).
Interconnected Node ( ): , ,
interconnection node.
Virtual Channel ( ): (interconnected) -
. ,
. -
, , .
Major Ring ID ( ):
-
. , ID
.
Alarm (): ,
ERPS.
, Add New Protection Group
( ).
Delete (). Save (), .
Reset (), ,
, .
Refresh (), ERPS.

110

2015 Zelax

ZES-22xx

2.10 IPMC Profile ( IPMC)


IPMC IP- .
64 128 .
"IPMC Profile" , .

. 115. IPMC Profile

2.10.1.1

Profile Table ( )

. 116. IPMC Profile Profile Table


IPMC Profile Configuration ( IPMC)
Global Profile Mode ( ): (Enable)
(disable) IPMC Profile .
IPMC Profile Table Setting ( IPMC)
Profile Name ( ): .
Profile Description ( ): .
, Add New IPMC Profile (
IPMC). , "Delete"
(). , "e".

. 117. IPMC Profile Rule Settings


Profile Name & Index ( ): .
Entry Name ( ): , .
.
ZES-22xx

2015 Zelax

111

Address Range ( ): IP-.


IP-: 224.0.0.0 239.255.255.255
Action (): ,
Join/Report (/), ,
.
Permit (): ,
, .
Deny (): ,
, .
Log (): Join/Report
( / ), ,
.

Enable ():
, ,
.
Disable:
, , .


:
+: .
: .
: .
: .
CLI:
ipmc profile basic
description IPTV
range test deny log
!
ipmc profile

2.10.1.2

Address entry ( )

. 118. IPMC Profile Address Entry


Entry Name ( ): ,
.
Start Address ( ):
(IPv4 IPv6).
End Address ( ):
(IPv4 IPv6).
, "Add new Address (Range) Entry" (
( )). Delete (),
.

112

2015 Zelax

ZES-22xx

CLI:
ipmc range test 239.0.0.1 239.0.0.5

2.11 MVR
MVR - VLAN (Multicast VLAN Registration)
VLAN, ,
VLAN, VLAN.
VLAN, ,
IGMP Join ( ) IGMP Leave
( ). , ,
.
, MVR ,
, VLAN,
VLAN,
. , MVR VLAN VLAN
, VLAN IEEE 802.1Q VLAN
- ( ).
MVR , .

. 119. MVR

2.11.1.1

Configuration ()

. 120. MVR Configurations


MVR Configurations ( MVR)
MVR Mode ( MVR): (Enable) (disable)
MVR .
,
. , MVR .
VLAN Interface Setting ( VLAN)
MVR ID: VLAN ID VLAN.
, , MVR
VLAN. MVR , MVR
VLAN, MVR ,
VLAN.
MVR Name ( MVR): ,
VLAN. MVR 32.
, .
IGMP Address ( IGMP): IPv4-
, IP IGMP.
ZES-22xx

2015 Zelax

113

Mode ( ): MVR.
Dynamic (): MVR
. ( .)
Compatible (): MVR
.
Tagging (): , MVR VID
IGMP/MLD .
Priority (): IGMP/MLD.
, 0. : 0 -7.
LLQI: LLQI Last Listener Query Interval (
); LLQI
IGMP/MLD .
LLQI 0,5 . : 0-31744
.
Interface Channel Profile ( ): IPMC
. (*),
IPMC.
Port Role ( ): , .

Inactive (I) (): , .


MVR.
Source (S) (): ( ) .
.
. ,
, .
Receiver (R) (): .
, ,
IGMP/MLD .

Immediate Leave Setting ( ( ))


Port (): . Port * .
Immediate Leave ( ):
, (Enable) (disable)
. , ,
leave ( ) .
, , MVR.
CLI:
mvr
mvr vlan 20 name MVR_vlan
mvr name MVR_vlan channel 123
ip igmp snooping vlan 1
!
interface FastEthernet 1/1
mvr immediate-leave
mvr name MVR_vlan type receiver
!
interface GigabitEthernet 1/4
mvr name MVR_vlan type source

2.11.1.2

MVR Statistics ( MVR)

MVR ,
, .

114

2015 Zelax

ZES-22xx

. 121. MVR Statistics


VLAN ID: VLAN,
.
IGMP/MLD Queries Received ( IGMP/MLD):
IGMP MLD.
IGMP/MLD Queries Transmitted ( IGMP/MLD):
IGMP/MLD.
IGMPv1 Joins Received ( IGMPv1) :
IGMPv1.
IGMPv2/MLDv1 Reports Received ( IGMPv2/MLDv1):
IGMPv2 MLDv1.
IGMPv3/MLDv2 Reports Received ( IGMPv3/MLDv2 ):
IGMPv3 MLDv2.
IGMPv2/MLDv1 Reports Received ( IGMPv2/MLDv1):
(IGMPv2 MLDv1).

2.11.1.3

MVR Channel Groups ( MVR)

() MVR,
VLAN ID.

. 122. MVR Channel Groups


Start from VLAN ( VLAN)____ and Group Address ( ) ______ with 20
entries per page ( 20 ).
VLAN ID: VLAN .
Groups (): Group ID ( ).
Port Members (- ): , .

2.11.1.4

MVR SFM Information ( MVR SFM)

. 123. MVR SFM Information


VLAN ID: VLAN .
Group (): .
Port (): .
Mode ( ): (VLAN ID, , ).
Include () Exclude ().
ZES-22xx

2015 Zelax

115

Source Address ( ): IP- .


128 IP- .
Type (): . Allow () Deny
().
Hardware Filter/Switch ( /): ,
, IPv4/IPv6-
.

2.12 IPMC
IPMC IGMP Snooping MLD Snooping,
. .

. 124. IPMC

2.12.1

IGMP Snooping

IGMP (Internet Group Management Protocol)


IP-. IGMP IP-

.
, - .
IGMP Snooping IGMP. , IGMP
snooping ,
, 3- ( IGMP,
).
IGMP snooping, ,
, .
IGMP ,
.
IGMP Leave ( IGMP),
.
IGMP snooping
IP-. ,
IGMP snooping, .
,
(
) , (
) , .

2.12.1.1

116

Basic Configuration ( )

2015 Zelax

ZES-22xx

. 125. IPMC - IGMP Snooping - Basic Configuration


IGMP Snooping Configuration
Global Configuration ( IGMP Snooping ( ))
Snooping Enabled ( ): ,
IGMP Snooping . ,
,
.
IGMP Query ( IGMP) IGMP Report ( IGMP),
IP- IP-
. IGMP-,

.
Unregistered IPMCv4 Flooding Enabled (
IPMCv4): ,
( ) IP-.
, .
IGMP SSM Range ( IGMP SSM):
SSM (Source-Specific Multicast), SSM
SSM .
Leave Proxy Enabled ( - ):
, , -
. -
IGMP , ,
querier, ,
- .
Proxy Enabled (- ): - ,
, IGMP Snooping with Proxy Reporting
(IGMP Snooping - ) - DSL Forum TR-101, April 2006 (DSL
, TR-101, 2006).
Port Related Configuration (, )
Port (): .
ZES-22xx

2015 Zelax

117

Router Port ( ): ,
. IGMP snooping
IGMP querier, ,
IGMP querier (, ).
,
/, ,
.
Fast Leave ( ): ,
. ,
, IGMP GS
.
Throttling ():
, .
, IGMP
. (unlimited).
1 10.
CLI:
ip igmp host-proxy leave-proxy
ip igmp snooping
!
interface GigabitEthernet 1/2
ip igmp snooping max-groups 5
ip igmp snooping mrouter
ip igmp snooping immediate-leave

2.12.1.2

VLAN Configuration ( VLAN)

IGMP Snooping .

. 126. IPMC - IGMP Snooping - VLAN Configuration


, Add New IGMP VLAN (
IGMP VLAN).
VLAN ID: VLAN, IGMP snooping.
Snooping Enabled ( ): ,
. ,
, ,
. IGMP snooping IGMP snooping
, IGMP snooping .
, .
, IGMP snooping .
Querier Election ( ): ,
VLAN. , IGMP,
.
Querier Address ( querier): IPv4-,
IP - IGMP. ,
IPv4- IP-,
VLAN.
Compatibility (): ,
( IGMP).
: IGMP-Auto ( IGMP), Forced IGMPv1 (
IGMPv1), Forced IGMPv2 ( IGMPv2), Forced
118

2015 Zelax

ZES-22xx

IGMPv3 ( IGMPv3). IGMP-Auto


( IGMP).
PRI: .
IGMP, ,
. : 0 ( ) 7
( ). , 0.
RV: RV (robustness variable)
. , ,
. RV 1. 2 .
2.
QI (sec): Query Interval ( )
IGMP (IGMP General Query).
125 .
QRI: Query Response Interval IGMP
IGMP General Query. QRI ,
,
, .
RQI 10 . : 0-31744
.
LLQI: Last Listener Query Interval ,
, .
URI: Unsolicited Report Interval
IGMP, . URI 1 . : 0
-31744 .
CLI:
interface vlan 20
no ip address
ip igmp snooping
ip igmp snooping
ip igmp snooping
ip igmp snooping
ip igmp snooping
ip igmp snooping
ip igmp snooping
ip igmp snooping
ip igmp snooping

2.12.1.3

querier election
compatibility auto
priority 0
robustness-variable 2
query-max-response-time 100
query-interval 125
last-member-query-interval 10
unsolicited-report-interval 1

Port Filtering Profile ( )


. ,
, IPMC Profile ( IPMC).

ZES-22xx

2015 Zelax

119

. 127. IPMC - IGMP Snooping - Port Filtering Profile


Port (): .
Filtering Profile ( ): ,
. ,
IGMP join reports ( ) .
(*),
IPMC.

2.12.1.4

Status ()

. 128. IPMC - IGMP Snooping - Status


Statistics ()
VLAN ID: VLAN .
Querier Version ( ): .
Host Version ( ): .
Querier Status ( ): .
: "ACTIVE" () "IDLE" (). "DISABLE"
() , .
Queries Transmitted ( ): .
Queries Received ( ): .
V1 Reports Received ( V1): V1.
V2 Reports Received ( V2): V2.
V3 Reports Received ( V3): V3.
V2 Leaves Received ( V2):
V2.

120

2015 Zelax

ZES-22xx

Router Port ( )
Port (): .
Status (): ,
.

2.12.1.5

Groups Information ( )

. 129. IPMC - IGMP Snooping - Groups Information


VLAN ID: VLAN .
Groups (): .
Port Members (- ): , .
: IGMP Snooping,
, 32.

2.12.1.6

IPv4 SFM Information ( IPv4 SFM)

. 130. IPMC - IGMP Snooping - IPv4 SFM Information


VLAN ID: VLAN .
Groups (): IP- .
Port (): .
Mode ( ): VLAN ID,
.
Source Address ( ): IP- , .
Type (): : Allow () Deny ().
Hardware Filter/Switch ( /): ,
, IPv4-
.

2.12.2

MLD Snooping

MLD (Multicast Listener Discovery snooping) IGMP snooping


IPv4 IPv6. , MLD snooping
IPv6
, ( ),
. , MLD snooping
IPV6 VLAN. , , IGMP Snooping MLD Snooping
. .
ZES-22xx

2015 Zelax

121

2.12.2.1

Basic Configuration ( )

. 131. IPMC - MLD Snooping - IPv4 SFM Information


MLD Snooping Configuration
Global Configuration ( MLD Snooping ( ))
Snooping Enabled ( ): ,
MLD Snooping . ,
,
.
MLD Listener Query ( MLD) MLD Report ( MLD),
IP- IP-
.
IGMP-,
.
Unregistered IPMCv6 Flooding Enabled (
IPMCv6): ,
( ) IP-.
, .
MLD SSM Range ( MLD SSM):
SSM (Source-Specific Multicast), SSM
SSM .
Leave Proxy Enabled ( - ):
,
MLD snooping , -
. , , -
.
Proxy Enabled (- ): - MLD ,
MLD
MLD :

122

, .
, ,
.

2015 Zelax

ZES-22xx

,
,
(FF02::2) MLDv1.

Port Related Configuration (, )


Port (): .
Router Port ( ): ,
. MLD snooping
MLD querier, ,
IGMP querier (, ).
,
/, ,
.
Fast Leave ( ): ,
. ,
, MLD GS
.
Throttling ():
, .
, MLD
. (unlimited).
1 10.

2.12.2.2

VLAN Configuration ( VLAN)

MLD Snooping .

. 132. IPMC - MLD Snooping - VLAN Configuration


VLAN ID: VLAN, MLD snooping.
Snooping Enabled ( ): ,
. ,
, ,
.
Querier Election ( ): ,
VLAN. , ,
MLDv2, .
,
, . ,
IGMP, .
Compatibility (): ,
( MLD).
: MLD-Auto ( MLD), Forced MLDv1 (
MLDv1) Forced MLDv2 ( MLDv2).
MLD-Auto ( MLD).
PRI: .
MLD, ,
. : 0 ( ) 7
( ). , 0.
RV: RV (robustness variable)
. , ,
. RV 1. 2 .
2. : 1~255.
ZES-22xx

2015 Zelax

123

QI (sec): Query Interval ( )


IGMP (IGMP General Query).
125 . 1 31744 .
QRI: Query Response Interval IGMP
IGMP General Query. QRI ,
,
, .
RQI 10 . : 0-31744
.
LLQI: Last Listener Query Interval ,
, .
URI: Unsolicited Report Interval
IGMP, . URI 1 . : 0
31744 .
, Add New MLD VLAN (
MLD VLAN).

2.12.2.3

Port Filtering Profile ( )


. ,
, IPMC Profile ( IPMC).

. 133. IPMC - MLD Snooping - Port Filtering Profile


Port (): .
Filtering Profile ( ): ,
. ,
MLD join reports ( ) .
(*),
IPMC.

2.12.2.4

124

Status ()

2015 Zelax

ZES-22xx

. 134. IPMC - MLD Snooping - Status


Statistics ()
VLAN ID: VLAN .
Querier Version ( ): .
Host Version ( ): .
Querier Status ( ): .
: "ACTIVE" () "IDLE" (). "DISABLE"
() , .
Queries Transmitted ( ): .
Queries Received ( ): .
V1 Reports Received ( V1): V1.
V2 Reports Received ( V2): V2.
V1 Leaves Received ( V2):
V2.
Router Port ( )
Port (): .
Status (): ,
.

2.12.2.5

Groups Information ( )

. 135. IPMC - MLD Snooping - Groups Information


VLAN ID: VLAN .
Groups (): .
Port Members (- ): , .
: MLD Snooping,
, 32.

ZES-22xx

2015 Zelax

125

2.12.2.6

IPv6 SFM Information ( IPv6 SFM)

. 136. IPMC - MLD Snooping Ipv6 SFM Information


VLAN ID: VLAN .
Groups (): IP- .
Port (): .
Mode ( ): VLAN ID,
.
Source Address ( ): IP- , .
Type (): : Allow () Deny ().
Hardware Filter/Switch ( /): ,
, IPv6-
.

2.13 LLDP
LLDP (Link Layer Discovery Protocol) ,
,
. LLDP, ,
, .
, TLV.
, ,
, .
LLDP , .
.

. 137. LLDP

126

2015 Zelax

ZES-22xx

2.13.1.1

Configuration ()

. 138. LLDP - Configuration


LLDP Parameters ( LLDP)
Tx Interval ( ):
LLDP,
. : 5 32768 . 30 .
Tx Hold ( ): ,
LLDP TTL.
: 2~10 . 4.
Tx Delay ( ): LLDP,
. Tx Delay 1/4 Tx.
: 1 8192 .
Tx Reinit ( ):
LLDP. : 1 10 .
LLDP Port Configuration ( LLDP)
Port (): . Port * .
Mode ( ): LLDP.
Disabled (): LLDP , LLDP,
.
Enabled (): LLDP , LLDP,
.
Rx Only ( ): LLDP,
.
Tx Only ( ): LLDP,
LLDP, .
CDP Aware ( CDP): CDP aware ( CDP)
CDP (Cisco Discovery Protocol).
, CDP TLVs,
LLDP , . CDP TLVs
LLDP , .
Optional TLVs ( TLVs): , LLDP
. ,

ZES-22xx

2015 Zelax

127

TLVs. ,
, , .
, ,
.
CLI:
interface FastEthernet 1/1
lldp receive
lldp transmit

2.13.1.2

LLDP-MED

LLDP - LLDP-MED (LLDP for Media Endpoint


Devices) LLDP , IP (, ). LLDP-MED
IP (VoIP) TLVs
, , Power over Ethernet,
.

. 139. LLDP - LLDP-MED


Fast Start Repeat Count ( ):
(Emergency Call Service Location
Identification Discovery) VoIP-.
, ,
(,
, ).
LLDPU
, - ,
.
128

2015 Zelax

ZES-22xx

, LLDP-MED
LLDP-MED Fast Start ( LLDP-MED)
. Fast start repeat count (
) , .
(4 ) , 1 4 LLDP,
LLDP . , LLDP-MED LLDP-MED
Fast Start ,
LLDP-MED
LAN,
.
Coordinates Location ( )
Latitude (): 0-90
4 . (North)
(South) .
Longitude (): 0-180
4 .
(East) (West).
Altitude (): -32767 32767
4 . ,
.
Meters (): , ( )
.
Floors (): , ,
. = 0.0
( ) . 0.0 ,
.
Map Datum ( ): Map Datum
:

WGS84: (, ) 1984,
CRS Code 4327, : .
NAD83/NAVD88: 1983, CRS Code 4269,
: ;
- North American Vertical Datum of 1988 (NAVD88).
, ,
(
NAD83/MLLW).
NAD83/MLLW: 1983, CRS Code 4269,
: ;
- Mean Lower Low Water (MLLW).
,
.

Civic Address Location ( )


(IETF Geopriv Civic Address)
(Location Configuration Information)
Civic Address LCI.
Country Code ( ): ISO 3166,
ASCII. : DK, DE US.
State (): - (, , ,
, ).
County (): .
City (): , .
City District ( ): , , .
Block (Neighbourhood) ( ()): , .
Street (): . : .
Leading street direction ( ): : N.
Trailing street suffix ( ): : SW.
ZES-22xx

2015 Zelax

129

Street suffix ( ): : .
House no. ( ): : 21.
House no. suffix ( ): : A, 1/2.
Landmark ( ): - . :
.
Additional location info ( ): :
.
Name (): Name (residence and office occupant) ( ,
): : .
Zip code ( ): : 2791.
Building (): . : .
Apartment (): , . : Apt 42.
Floor (): : 4.
Room no. ( ): : 450F.
Place type ( ): : .
Postal community name ( ): : .
P.O. Box ( ): : 123456.
Additional code ( ): : 1320300003.
Emergency Call Service ( )
Emergency Call Service ( ): (, E911 ),
, TIA NENA.
Policies ()
Policy Id ( ): ID .
Application Type ( ): , : Voice (
), Voice Signalling ( ), Guest Voice (
), Guest Voice Signalling ( ), Softphone Voice
( ), Video Conferencing (), Streaming
( ), Video Signalling ( ).
Tag (): , ,
VLAN VLAN.
VLAN ID: VLAN ID .
L2 Priority ( L2 ): (0-7),
802.1D-2004.
DSCP: 64- (0-63), . IETF RFC 2474.
CLI:
lldp med media-vlan-policy 0 voice tagged 1 l2-priority 6 dscp 0
!
interface FastEthernet 1/2
lldp med media-vlan policy-list 0

2.13.1.3

Neighbours ( )

. 140. LLDP - Neighbours

130

2015 Zelax

ZES-22xx

Local Port ( ): ,
, LLDP.
Chassis ID ( ): ID .
Port ID ( ): ID ,
LDPDU.
Port Description ( ): .
System Name ( ): , .
System Capabilities ( ):
. ,
(+). , (-).
Management Address ( ): IPv4- .
, - CPU ,
. ,
, web-
.
CLI:
ZES-2206PS# show lldp
Local Interface
:
Chassis ID
:
Port ID
:
Port Description
:
System Name
:
System Description :
System Capabilities :
Management Address :
Power Over Ethernet :

2.13.1.4

neighbors
FastEthernet 1/3
00-1A-81-00-C0-A9
10
Port #10
ZES-2220S
"1.100" 2015-01-20T10:28:26+08:00
Bridge(+)
192.168.0.24 (IPv4)

LLDP-MED Neighbours ( ,
LLDP-MED)

LLDP-MED,
.

. 141. LLDP - LLDP-MED Neighbours

2.13.1.5

LLDP PoE

LLDP-MED,
PoE.

. 142. LLDP LLDP PoE


Local Port ( ): , LLDP.
Power Type ( ): - PSE
(Power Sourcing Entity ) PD (Powered Device -
). , Reserved
().
ZES-22xx

2015 Zelax

131

Power Source ( ): ,
PSE PD.
Power Priority ( ): Power Priority PD
PSE, .
- Critical (), High () Low ().
, Unknown ().
Maximum Power ( ): ,
PD PSE PSE,
(
).

2.13.1.6

LLDP EEE

(EEE) .
,
. " ".
, LLDP
TX RX " ",
.

. 143. LLDP LLDP EEE


Local Port ( ): , LLDP.
Tx Tw: ,
LPI.
Rx Tw: ,
, .
Fallback Receive Tw ( ):
Tw.
Echo Tx Tw ( ): Echo Tx Tw .

.
, ,
(
). , ,
MIB, ,
.
Echo Rx Tw: Echo Rx Tw .
Resolved Tx Tw (Tx Tw, ): Tx Tw
.
Resolved Rx Tw (Rx Tw, ): Rx Tw
.
EEE in Sync ( ): ,

.

2.13.1.7

132

Red ( ):
.
Green ( ):
.

Port Statistics ( )

2015 Zelax

ZES-22xx

. 144. LLDP Port Statistics


Global Counters ( )
Total Neighbours Entries Added ( ):
,
TTL .
Total Neighbours Entries Deleted ( ):
LLDP-, MIB LLDP-
.
Total Neighbours Entries Dropped ( ):
LLDPDU
.
Total Neighbors Entries Aged Out ( ):
MIB LLDP-,
TTL .
LLDP Statistics Local Counters ( LLDP)
Local Port ( ): .
Tx Frames ( ): LLDP PDU.
Rx Frames ( ): LLDP PDU.
Rx Errors ( ): LLDP .
Frames Discarded ( ): , -
, ,
TLV (Type Length Value).
TLVs Discarded ( TLV): LLDP
, , TLV. TLV ,
.
TLVs Unrecognized ( TLV): TLV,
.
Org. Discarded ( TLV):
TLV.
Age-Outs ( ): LLDP ,
LLDP ( ).
, LLDP , Age-Out (
) .

2.14 PoE ( PoE)


Power over Ethernet (PoE)
PoE, , ,
( , RJ-45), PoE
, , , .
, , ,
, ,
.
ZES-22xx

2015 Zelax

133

PoE , .
.

. 145. PoE

2.14.1.1

PoE Configuration ( PoE)

. 146. PoE - PoE Configuration


Power Over Ethernet Configuration ( Ethernet-)
Power Management Mode ( ): ,
.
Actual Consumption ( ): ,
:
1. ,
.
2. ,
.
.
, .
Reserved Power ( ): ,
,
, . ,
PD ,
, .
Reserved Power determined by ( , ):
, PD
:

134

2015 Zelax

ZES-22xx

Class (): ,
,
PD. : 4 ;
7 ; 15,4 30 .
Allocation ( ): ,
Maximum Power [W] ( , ).
LLDP-MED: class, ,
, PoE
LLDP .
LLDP , ,
class.
: , ,
.

PoE Power Supply Configuration ( PoE)


Primary Power Supply [W] ( []):
. PD , ,
.
PoE Port Configuration ( PoE )
Port (): . Port * .
PoE Mode ( PoE): PoE :
Disabled (): PoE (
).
PoE: PoE , IEEE 802.3af ( PD 4,
15,4 ).
PoE+: PoE , IEEE 802.3at ( PD 4,
30 ).
Priority (): PD
, ,
. , ,
.
Maximum Power ( []): ,
.

CLI:
poe management mode allocation-consumption
!
interface FastEthernet 1/1
poe mode standard
poe priority high
!
interface FastEthernet 1/2
poe mode plus
poe priority critical
poe power limit 30.0

2.14.1.2

PoE Check

PoE Check
.

ZES-22xx

2015 Zelax

135

. 147. PoE - PoE Check


Port (): . Port * .
PoE Check ( PoE): (Enable) (Disable)
PoE. PD,
IP-. PD)
, , PD .
PD, (PSE) ,
No Response Action (, ).
Ping IP Address ( IP-): IP- PD
(ping). IPv4- IPv6-.
No Response Timeout (Cycles 1~10) ( ( 1~10)):
IP-.
Check Interval (10~300 Seconds) ( ( 10 300 )):
.
No Response Action ( ): PD
ping, (PSE), (PSE)
, :

No Action ( ): (PSE)
PD.
Reboot PD ( PD): (PSE)
PD .
Power Off PD ( PD): (PSE)
PD .

CLI:
interface FastEthernet 1/1
poe check
poe check ip-address 192.168.0.200
poe check timeout 5
poe check interval 60
poe check no-response-action reboot

2.14.1.3

PoE Schedule ( PoE)

, PD .
PSE PoE,
PoE .

136

2015 Zelax

ZES-22xx

. 148. PoE - PoE Schedule


Configure Port# ( ): ,
PoE.
Schedule Mode ( ): (Enable) (Disable)
PoE ).
Weeks ( ): .
Day Enable ( ): , ,
PD PSE.
Start Time ( ): PSE
PD.
End Time ( ): PSE
PD.
CLI:
interface FastEthernet 1/2
poe schedule
poe schedule monday
poe schedule monday start-time 8
poe schedule monday end-time 18

2.14.1.4

Status ()

. 149. PoE - PoE Status


Local Port ( ): ,
PoE.
PD class ( PD): PD
. PD:

ZES-22xx

0: . 15,4 .
2015 Zelax

137

1: . 4,0 .
2: . 7,0 .
3: . 15,4 .
4: . 30,0 .
Power Requested ( ): ,
PD.
Power Allocated ( ): ,
PD.
Power Used ( ): ,
PD.
Current Used ( ): ,
PD.
Priority (): .
Port Status ( ): PoE .
CLI:
ZES-2206PS# show poe interface FastEthernet 1/2
Interface
----------------------

PD Class
--------

Port Status
--------------------------

FastEthernet 1/2

No PD detected

Power Used [W]


--------------0.0

Current Used [mA]


-------------0

2.15 MAC Table ( -)


MAC Table ( MAC-)
. .

. 150. MAC Table

2.15.1.1

MAC Address Table Configuration ( )

. 151. MAC Table - Configuration

138

2015 Zelax

ZES-22xx

Disable Automatic Aging ( ): -,


.
Aging Time ( ): -,
, -.
: 10 1000000 .
MAC Learning Table ( -, ):
:
Auto (): ,
SMAC-.
Disable (): - .
Secure ( -):
MAC-, Static MAC Table Configuration.
- .
: , ,
-
.

.

Static MAC Table Configuration ( -):


- .
, , 64.
Delete (): - .
VLAN ID: VLAN ID -.
Port Members (- ): ( )
. MAC- ,
VID, , .
CLI:
mac address-table static 00:1b:21:21:9f:fb vlan 1 interface FastEthernet 1/3
!
interface FastEthernet 1/2
no mac address-table learning
!
interface FastEthernet 1/4
mac address-table learning secure

2.15.1.2

MAC Address Table ( -)

- -,
CPU .
VLAN ID -.

ZES-22xx

2015 Zelax

139

. 152. MAC Table - MAC Address Table


Type (): , -,
, .
VLAN: VLAN .
MAC Address (-): -, CPU
.
Port Members (- ): , .
CLI:
ZES-2206PS# show mac address-table
Type
VID MAC Address
Ports
Static 1
00:1a:81:00:b0:40
CPU
Dynamic 1
00:1b:21:21:9f:fb FastEthernet
Static 1
33:33:00:00:00:01 FastEthernet
Static 1
33:33:00:00:00:02 FastEthernet
Static 1
33:33:ff:00:b0:40 FastEthernet
Static 1
ff:ff:ff:ff:ff:ff FastEthernet

1/3
1/1-4
1/1-4
1/1-4
1/1-4

GigabitEthernet
GigabitEthernet
GigabitEthernet
GigabitEthernet

1/1-2
1/1-2
1/1-2
1/1-2

CPU
CPU
CPU
CPU

2.16 VLAN Translation ( VLAN)


VLAN ,
VLAN ID VLAN ID VLAN
VLAN. VLAN C-VLAN
S-VLAN ( ). VLAN
. ,
C-VLAN S-VLAN,
S-VLAN C-VLAN. , VLAN
. VLAN .
VLAN Translation ( VLAN) ,
. .

. 153. VLAN Translation

2.16.1.1

140

Port to Group Mapping ( )

2015 Zelax

ZES-22xx

. 154. VLAN Translation - Port to Group Mapping


Group ID ( ): VLAN,
, 11. Port to Group Mapping (
) 11 . .
.
: , ID,
. , 2 ID, 2.
Port Number ( ): ,
.

2.16.1.2

Translation Mapping ( VID)

. 155. VLAN Translation - Translation Mapping


Group ID ( ): Group ID,
.
VLAN ID: VLAN ID, VID.
Translated to VID ( VID): VID, VID
.
VLAN, Add New Entry
( ).
CLI:
switchport vlan mapping 2 15 20

2.17 VLANs
IEEE 802.1Q VLAN (Virtual Local Area
Network)
.
VLAN ,
VLAN, .
VLAN :
VLAN . ,
VLAN. VLAN

ZES-22xx

2015 Zelax

141

VLAN,
3- .
VLAN . ,
VLAN, , ,
.
, VLAN ,
VLAN .
VLAN .
, (, 2
4 ), IP-
. , VLAN, ,
.
VLANs , .
.

. 156. VLANs

2.17.1.1

Configuration ()

VLAN .

. 157. VLANs - Configuration


Allowed Access VLANs ( Access VLAN):
Access VLAN, , , access.
VLAN, Allowed Access VLANs.
, VLAN 1 .
Ethertype for Custom S-ports ( Ethertype S-):
ethertype/TPID, s-.
Port VLAN Configuration ( VLAN)
Port (): . Port *
.
Mode (): ( access)
. , :

142

Access (): , ,
. , Voice VLAN
VLAN.
:
VLAN (port VLAN), 1.

2015 Zelax

ZES-22xx

- .
, access VLAN.
, Access VLAN,
. ( VLAN) .
Trunk ():
, ,
.
:
, trunk- VLAN (1-4095).
VLAN, ,
Allowed VLAN.
VLAN, ,
.
, , , port VLAN,
. , port VLAN
-
,
.
Hybrid (): Trunk
, . ,
trunk-, :
VLAN unaware, -tag, S-tag S-custom tag.
C .

.
Port VLAN ( VLAN): VLAN ID . : 1
4095. 1.
Port Type ( ): .
.

Unaware

C-port

S-port

S-Custom-Port

,
,
port VLAN (PVID).

VLAN

1.
TPID=0x8100, .
2.

port VLAN.

TIPID=0x8100 0x88A8, .

port
VLAN.


-tag.

1.
TIPID=0x8100 Ethertype for Custom Sports .
2.

port VLAN.


Custom S-tag.


S-tag.

Ingress Filtering ( ):
VLAN, ,
.

ZES-22xx

2015 Zelax

143

VLAN .
access trunk.
Ingress Acceptance ( ):
.
Tagged and Untagged: .
Tagged Only: . .
Untagged Only: . .
Egress Tagging ( ): Trunk Hybrid
.

Untag Port VLAN: VLAN port VLAN


. .
Tag All: .
Untag All: .
Hybrid.
Allowed VLANs ( VLAN): Trunk Hybrid
VLAN . Access
VLAN, access VLAN. . ,
VLAN.
Forbidden VLANs ( VLAN): ,
VLAN.
, VLAN, GVRP. ,
.

CLI:
interface FastEthernet 1/2
switchport trunk allowed vlan 1-10
switchport mode trunk
!
interface FastEthernet 1/3
switchport hybrid acceptable-frame-type tagged
switchport hybrid egress-tag none
switchport hybrid port-type s-port
switchport mode hybrid

2.17.1.2

Membership ( VLAN)

VLAN.
20 VLAN. , VLAN
, VLAN. ,
VLAN , VLAN ID=1.

144

2015 Zelax

ZES-22xx

. 158. VLANs - Membership


VLAN ID: VLAN -.
Port Members (- VLAN): .

2.17.1.3

Ports

VLAN ( ),
).

. 159. VLANs - Ports


Port (): .
Port Type ( ): .
Ingress Filtering ( ): , (enabled)
(disabled) .
Frame Type ( ): .
Port VLAN ID: VLAN ID, .
Tx Tag: , .
Untagged VLAN ID: VLAN ID VLAN. Untagged VLAN ID
.
Conflicts (): , .
VLAN
VLAN, :

ZES-22xx

().
, .
.

2015 Zelax

145

2.18 Private VLANs ( VLAN)

. 160. Private VLANs


Private VLANs , .
.

2.18.1.1

PVLAN Membership ( Private VLAN)

VLAN.
VLAN VLAN. VLAN
VLAN. , VLAN ID VLAN
VLAN ID VLAN .
, , VLAN. , VLAN
VLAN 1, VLAN 1.
VLAN VLAN,
VLAN.

. 161. Private VLANs - PVLAN Membership


PVLAN ID: PVLAN ID. : 1 11.
Port Members (- PVLAN): , ,
VLAN. VLAN,
.
Delete (): VLAN.
Add New VLAN ( VLAN): ,
VLAN.
Save (): Save, VLAN
VLAN.
Reset (): Reset,
VLAN .

2.18.1.2

Port Isolation ( )

VLAN
PVLAN.
VLAN VLAN. ,
- ,
VLAN PVLAN.

146

2015 Zelax

ZES-22xx

. 162. Private VLANs - Port Isolation


Port Number ( ): , ,
.
CLI:
interface GigabitEthernet 1/1
pvlan isolation
!
interface GigabitEthernet 1/2
pvlan isolation

2.19 GVRP
GVRP.

. 163. GVRP

2.19.1.1

Global Configuration

. 164. GVRP - Global Configuration


Enable GVRP ( GVRP): GVRP .
Join-time: 1-20, ( ).
, 20.
Leave-time: 60-300, ( ).
, 60.
LeaveAll-time: 1000-5000, (
). , 1000.
Max VLANs: VLAN, GVRP.
CLI:
gvrp max-vlans 20
gvrp time join-time 20 leave-time 60 leave-all-time 1000

ZES-22xx

2015 Zelax

147

2.19.1.2

Port Configuration

GVRP .

. 165. GVRP - Port Configuration


Port (): .
Mode ( ): GVRP .
:

Enabled (): GVRP.


Disabled (): GVRP.

CLI:
interface GigabitEthernet 1/1
gvrp

2.20 VCL
VCL , .

. 166. VCL

2.20.1

MAC-based ( MAC-)

VLAN MAC-
VLAN MAC- . ,
- , VLAN
. - ,
VLAN PVID,
.

2.20.1.1

148

Membership Configuration (
VLAN -)

2015 Zelax

ZES-22xx

. 167. VCL - MAC-based - Membership Configuration


MAC Address (-): - . , -
VLAN ID.
VLAN ID: - VLAN ID.
Port Members (-): , VLAN.
CLI:
interface FastEthernet 1/1
switchport vlan mac 00-1b-21-21-9f-fb vlan 2

2.20.1.2

Membership Status ( VLAN)

VCL.

. 168. VCL - MAC-based - Membership Status


MAC Address (-): -.
VLAN ID: VLAN ID .
Port Members (-): ,
-.

2.20.2

Protocol-based VLAN (VLAN )

,
VLAN. VLAN,
, , .
VLAN,
.
VLAN
, VLAN
. , VLAN
, .

2.20.2.1

ZES-22xx

Protocol to Group ( )

2015 Zelax

149

. 169. VCL - Protocol-based VLAN - Protocol to Group


Frame Type ( ): : Ethernet, SNAP,
LLC. (value) .
Value (): .
.
Ethernet: Ether (Etype). 0x0800.
: 0x0600 0xffff.
SNAP: SNAP OUI (Organizationally
Unique Identifier ) PID
(Protocol ID).
OUI: xx-xx-xx, (xx)
0x00-0xff.
PID: OUI 000000, protocol ID
Ethernet , SNAP. OUI
, protocol ID ,
, SNAP. , OUI
00-00-00, PID etherType (0x0600-0xffff). OUI
00-00-00, PID 0x0000 0xffff.
LLC ( ): DSAP (Destination Service
Access Point ) SSAP (Source Service Access Point -
). 0xff. : 0x00
0xff.
Group Name ( ): .
16 - (a-z; A-Z) (0-9).
CLI:
vlan protocol eth2 0x8848 group test

2.20.2.2

Group to VLAN ( VLAN)

. 170. VCL - Protocol-based VLAN - Group to VLAN


Group Name ( ): .
16 - (a-z; A-Z) (0-9).
VLAN ID: VLAN ID.
Port Members (-): , .
CLI:
150

2015 Zelax

ZES-22xx

interface GigabitEthernet 1/2


switchport vlan protocol group test vlan 11

2.20.2.3

IP Subnet-based VLAN (VLAN IP-)

IP Subnet-based VLAN configuration


VLAN, IP-
VLAN IP- . VLAN IP-,
IP VLAN. , VLAN,
. IP- ,
, VLAN,
( PVID).

. 171. VCL - IP Subnet-based VLAN


VCE ID: . 0-128.
IP Address (IP-): IP- .
Mask Length ( ): .
VLAN ID: VLAN ID.
Port Members (-): , .
CLI:
interface FastEthernet 1/1
switchport vlan ip-subnet id 1 192.168.0.0/255.255.255.0 vlan 1

2.21 QoS ( )
,
.
(Quality of Service (QoS)) .
,
.
QoS ,
, , , ,
, .
, Port Classification ( ).
QoS , .

. 172. QoS
ZES-22xx

2015 Zelax

151

2.21.1.1

Port Classification ( )

. 173. QoS - Port Classification


Port (): . Port *
.
CoS ( ): QoS, . QoS
0 . 0.
DP Level ( DP): .
0: .
1: , .
PCP: (Priority Code
Point) .
DEI: (Drop
Eligible Indicator) .
Tag Class ( ):
:

152

Disabled (): QoS


DP .
Enabled (): PCP DEI
(PCP, DEI) to (QoS class, DP level) Mapping.

2015 Zelax

ZES-22xx

DSCP Based ( DSCP): , QoS


DSCP ( ).
Address Mode ( ):
(SMAC/SIP)
(DMAC/DIP):

Source (): (SMAC/SIP).


Destination ():
(DMAC/DIP).

CLI:
interface FastEthernet 1/1
qos cos 5
qos dpl 1

2.21.1.2

Port Policing ( )

, .

. 174. QoS - Port Policing


Port (): . Port * .
Enabled (): ,
.
Rate (): , .
500 /. kbps (/) fps (/): 100
1000000. Mbps (/) kfps (/): 1 3300 /.
ZES-22xx

2015 Zelax

153

Unit ( ): .
Flow Control ( ):
, pause,
.
CLI:
interface FastEthernet 1/1
qos policer 1024 flowcontrol

2.21.1.3

Queue Policing ( )

. 175. QoS - Queue Policing 1


Port (): . Port * .
Queue 0~7 Enable ( 0~7):
,
.
:

. 176. QoS - Queue Policing 2


Rate (): , .
500 /. kbps (/): 100
1000000. Mbps (/): 1 3300 /.
Unit ( ):
.
Save (): , .
Reset (): .
CLI:
interface FastEthernet 1/1

154

2015 Zelax

ZES-22xx

qos queue-policer queue 0 500

2.21.1.4

Port Scheduler


( ).

. 177. QoS - Port Scheduler


Port (): ,
.
Mode ( ): .
Weight (): , Q0~Q5.

. 178. QoS - Port Scheduler (Strict priority)

ZES-22xx

2015 Zelax

155

. 179. QoS - Port Scheduler (Weighted)


Scheduler Mode ( ):
.

Strict mode ( ):
(
, ).
Weight mode ( ): DWRR
(Deficit Weighted Round-Robin )
. DWRR
WRR, ,
(Deficit Counter)
.

Queue Shaper/Port Shaper/Queue Shaper ( )


Enable (): ,
.
Rate (): ,
. 500 /. kbps
(/): 100 1000000. Mbps (/): 1 3300
/.
Unit ( ): ,
.
Excess ( ): ,
.

156

2015 Zelax

ZES-22xx

Queue Schedule ( )
Queue Scheduler ( ): Weighted (c
), . DWRR
,
.
,
.
Weight (): .

, .
Percent (): , .
Port Shaper ( ): ,
.
Enable (): ,
.
Rate (): ,
. 500 /.
kbps (/): 100 1000000. Mbps (/): 1
3300 /.
Unit ( ): .
CLI:
interface FastEthernet 1/2
qos shaper 2048
qos queue-shaper queue 0 500 excess
qos queue-shaper queue 1 1024
!
interface FastEthernet 1/3
qos wrr 30 17 17 17 17 17

2.21.1.5

Port Shaping ( )

,
.

. 180. QoS - Port Shaping


,
, , .

2.21.1.6

Port Tag Remarking ( )

ZES-22xx

2015 Zelax

157

. 181. QoS - QoS Egress Port Tag Remarking (Classified)


Tag Remarking Mode ( ):
.

Classified ():
PCP/DEI.
Default ( ): PCP/DEI,
- PCP:0; DEI:0).
Mapped (): QoS
DP PCP/DEI.

. 182. QoS - QoS Egress Port Tag Remarking (Default)


PCP/DEI Configuration ( PCP/DEI): PCP/DEI
Default.

158

2015 Zelax

ZES-22xx

. 183. QoS - QoS Egress Port Tag Remarking (Mapped)


QoS class/DP level ( QoS / DP):
QoS DP ( ).
PCP:
Priority Code Point . (:
0~7; : 0)
DEI:
(Drop Eligible Indicator). (: 0~1;
: 0)

2.21.1.7

Port DSCP ( DSCP )

. 184. QoS - Port DSCP


Port (): . Port * .

ZES-22xx

2015 Zelax

159

Ingress Translate ( ): ,
DSCP .
Ingress Classify ( ):
:
Disable (): DSCP .
DSCP=0: , DSCP 0.
Selected (): DSCP,
DSCP.
All (): DSCP.
Egress Rewrite ( ): DSCP
.

Disable (): DSCP .


Enable (): DSCP ,
.
Remap DP aware ( DP ): DSCP,
,
DSCP. DP , DSCP
DSCP Egress Remap DP0 DP1.
Remap DP aware ( DP ): DSCP,

DSCP. DSCP DSCP
Egress Remap DP0.

CLI:
interface FastEthernet 1/1
qos dscp-translate
qos dscp-classify zero
qos dscp-remark rewrite

160

2015 Zelax

ZES-22xx

2.21.1.8

DSCP-Based QoS (
DSCP)

. 185. QoS - DSCP-Based QoS


DSCP: DSCP . DSCP: 0
63.
Trust (): , , DSCP
. DSCP
QoS DPL (drop precedence level).
DSCP -IP .
QoS Class ( QoS): QoS DSCP
. 0. : 0 7.
DPL: DPL DSCP
. 0. 1
.
CLI:
qos map dscp-cos 63 cos 7 dpl 0

ZES-22xx

2015 Zelax

161

2.21.1.9

DSCP Translation ( DSCP)

. 186. QoS - DSCP Translation


DSCP: DSCP . DSCP: 0 63.
Ingress Translate ( ): DSCP
.
Ingress Classify ( ):
, DSCP QoS .
Egress Remap DP0 ( DP0 ):
DP0 DSCP. DP0
.
Egress Remap DP1 ( DP1 ):
DP1 DSCP. DP1
.

2.21.1.10 DSCP Classification ( DSCP)


DSCP QoS DPL.

162

2015 Zelax

ZES-22xx

. 187. QoS - DSCP Classification


QoS Class ( QoS): QoS.
DPL: DPL.
DSCP: DSCP QoS DPL.
DSCP, * QoS DPL.
CLI:
qos map cos-dscp 6 dpl 0 dscp 38

2.21.1.11 QoS Control List ( QoS)



, -, VID, PCP, DEI.
QCE , QoS,
QoS, DSCP. ,
QCE, QoS,
.

. 188. QoS - QoS Control List


, QoS
(QCL). QCL 256. +,
QCL.
ZES-22xx

2015 Zelax

163

QCE#: QCL.
Port (): , QCL
Frame Type ( ): ,
. : Any (), Ethernet, LLC SNAP, IPv4, IPv6.
SMAC: - .
DMAC: - . : Any (), Broadcast
(), Multicast (), Unicast ().
VID: VLAN ID (1-4095)
PCP: PCP.
DEI: DEI.
Action (): ,
, .
QCL, :

CoS: QCL, .
DPL: .
DSCP: DSCP, .

, , QCE (
QoS) :

+: QCE .
: QCE.
: QCE .
: QCE .
: QCE.

. 189. QoS - QoS Configuration


QCE Configuration ( QCE)
Port Members (-): , .
Key Parameters ( )
SMAC: - . any ().
Specific (), - ( OUI).

164

2015 Zelax

ZES-22xx

DMAC ( DMAC): - .
any (). : Unicast , Multicast
, Broadcast .
Tag (): VLAN: Tagged () Untagged ().
.
VID: VID. VID (any).
VID QCL, Specific ().
VID QCL, Range (), .
PCP: PCP ( , ).
any ().
DEI: DEI . any ().
Frame Type ( ): , , .
Any (): any (). ,
.
Ethertype:
Ethernet II. : Any (), Specific () 600-ffff
( ); : ffff). , 800 (IPv4) 86DD (IPv6)
. Ethernet . RFC 1060.
: 0800 (IP), 0806 (ARP), 8137 (IPX).
LLC: LLC Link Logical Control ( )
, .
SSAP: SSAP Source Service Access Point address
.. any ().
(0x00 - 0xFF), specific ().
DSAP: DSAP Destination Service Access Point address
. any ().
( 0x00 0xFF), specific ().
Control (): ,
, LLC
Unnumbered (), Supervisory () Information
(). any ().
( 0x00 0xFF), specific ().
SNAP: (SubNetwork Access Protocol) OUI
Protocol ID. ( PID: Any (), Specific () (0x00-0xffff);
: Any ()). OUI 000000,
protocol ID Ethernet ( Ether) ,
SNAP. OUI , protocol ID
, , SNAP.
, OUI 00-00-00, PID etherType (0x0600-0xffff).
OUI 00-00-00, PID
0x0000 0xffff.
IPv4: Protocol (): IPv4 : Any (), TCP,
UDP, Other (). TCP UDP, Sport (Source
port number ) Dport (Destination port number ).
Source IP (IP- ): IP- .
any (). IP- , Specific
() .
IP Fragment ( IP): any ().
, ,
, ,
.
DSCP: any (). DSCP,
Specific (). DSCP, Range ().
IPv6: Protocol (): IPv6 : Any (), TCP, UDP,
Other (). TCP UDP, Sport (Source
port number ) Dport (Destination port number ).

ZES-22xx

2015 Zelax

165

Source IP (IP- ): IP- .


any (). IP- , Specific
() .
DSCP: any (). DSCP,
Specific (). DSCP, Range ().
Action Parameters ( )
, ,
. :

Class (): QCE, ,


QoS,
.
DPL: QCE,
( ), .
DSCP: QCE, DSCP.

CLI:
qos qce 1 interface FastEthernet 1/1-16 GigabitEthernet 1/1-2 tag type tagged vid 10
dmac multicast action cos 6 dscp 38

2.21.2

Storm Control (
)


.
, ,
.
,
.
. ,
, .

. 190. QoS - Storm Control


Enable (): Unicast
(), Multicast (), Broadcast ().
Rate (pps): . ,
, .
: 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1K, 2K, 4K, 8K, 16K, 32K, 64K,
128K, 256K, 512K 1024K.
CLI:
qos storm broadcast 256 kfps

2.22 Mirroring ()
,
, .

166

2015 Zelax

ZES-22xx

, ,
:

, ();
, ().

. 191. Mirroring
Port to mirror (, ): ,

.
Mirror Port Configuration ( )
Mode ( ): ,
.

Disabled (): .
Rx only ( ):
, .
Tx only ( ): ,
.
Enable (): ,
.

CLI:
monitor destination interface FastEthernet 1/6
monitor source interface FastEthernet 1/4 both

2.23 UPnP
UPnP.

. 192. UPnP

ZES-22xx

2015 Zelax

167

Mode ( ): UPnP.
(ACE)
UPnP .
.
TTL: TTL (Time to live ) ,
UPnP (SSDP) .
Advertising Duration ( ): ,
UPnP. SSDP
(Simple Service Discover Protocol), ,
SSDP .
100 . ,
UDP , ,
UPnP.
CLI:
upnp
upnp ttl 5

2.24 PTP (IEEE1588)


PTP (IEEE1588) PTP (IEEE1588)
.

. 193. PTP (IEEE1588)

2.24.1.1

PTP Clock Configuration

PTP.

. 194. PTP (IEEE1588) - Configuration


Clock Instance ( ): Clock Instance.
0 3.
Device Type ( ): Clock Instance. :
Ord-Bound: Ordinary-Boundary Clock ( ).
P2p Transp: Peer to Peer Transparent Clock ( Peer to).
E2e Transp: End to End Transparent Clock ( End to End).
Master Only: Master.
Slave Only: Slave.
2 Step Flag ( 2 Step): True, Sync Pdelay_Resp.
Clock Identity ( ): .
One Way ( ): true,
. Slave.
, , ,
. .
Protocol (): , PTP.

168

Ethernet: PTP Ethernet.


ip4multi: PTP IPv4.
ip4uni: PTP IPv4.

2015 Zelax

ZES-22xx

: IPv4 unicast Master Slave.


VLAN Tag Enable ( VLAN): VLAN PTP.
VID ( VLAN): VLAN
PTP.
PCP: Priority Code Point PTP.

. 195. PTP (IEEE1588) Clocks Configuration


Local Clock Current Time ( ):
.
PTP Time ( PTP): PTP .
Clock Adjustment Method ( ):
.
Synchronize to System Clock ( ):
PTP.
Ports Configuration ( ): .
Clock Default Dataset ( ): ,
IEEE 1588. ,
, ,
.
ClockId (): (0~3).
Device Type ( ): .
2 Step Flag ( 2 step): True False.
Ports (): .
Clock Identity ( ): .
Dom (): (0~127).
Clock Quality ( ): , .
, .
Pri1 (1): 1 , BMC master
(0~255).
Pri2 (2): 2 , BMC master
(0~255).
Protocol (): , PTP.

ZES-22xx

2015 Zelax

169

One-Way (): true,


. Slave.
, , ,
. .
VLAN Tag Enable (): PTP.
VID ( VLAN): VLAN
PTP.
PCP: Priority Code Point PTP.
Clock current Data Set ( ):
, IEEE 1588.
stpRm: Steps Removed.
PTP , grandmaster .
Offset from master ( ):
Master Slave. .
Mean Path Delay ( ):
Master Slave.
Filter Parameters ( )
DelayFilter, Period, Dist ( , , ):

2**DelayFilter*DelayRequestRate.
, .. Period
. Dist.
Clock Parent Data Set ( ):
, IEEE 1588.
Parent Port Identity ( ):
. ,
Slave.
Port (): master.
PStat ( ): . false.
Var (): .
Change Rate ( ):
.
Grand Master Identity ( Grand Master): grand master.
,
Slave.
Grand Master Clock Quality ( Grand Master): Grand Master.
, grand master.
Pri1 (1): 1 , grand master.
Pri2 (2): 1 , grand master.
Clock Time Properties Data Set ( ): ,
IEEE 1588.
grandmaster.
Unicast Slave Configuration ( Slave): IPv4
Unicast 5 IP- Master-. ,
slave Announce Master-.
Duration (): ,
Master Announce/Sync.
Slave Duration/4 .
ip_address: IPv4- Master.
grant: sync.
CommState: master. :
170

2015 Zelax

ZES-22xx

2.24.1.2

IDLE: .
INIT: Announce Master ( ).
CONN: Master .
SELL: Master .
SYNC: Master Sync.

Status ()

PTP.

. 196. PTP (IEEE1588) Status


Clock Instance ( ): Clock Instance (0~3).
Device Type ( ): .
Port List ( ): , .

2.25 Diagnostics ()
Diagnostics () ping traceroute
IP-.

. 197. Diagnostics

2.25.1.1

Ping

Ping ICMPv4.

. 198. Diagnostics - Ping


IP Address (IP-): IP-, .
Ping Length ( Ping): -.
Ping Count ( -): ping -.
Ping Interval ( ): .

2.25.1.2

Ping6

Ping ICMPv6.

ZES-22xx

2015 Zelax

171

. 199. Diagnostics Pingv6


IP Address (IP-): IPv6-, .
Ping Length ( Ping): -.
Ping Count ( -): ping -.
Ping Interval ( ): .
Egress Interface ( ): .

2.25.1.3

Traceroute

traceroute
IP-.

. 200. Diagnostics - Traceroute


IP Address (IP-): IP-, .
TTL: TTL (Time to live ) ,
.
Wait Time ( ): .

2.26 Maintenance ()
Maintenance () , .
, ,
.

172

2015 Zelax

ZES-22xx

. 201. Maintenance

2.26.1.1

Reboot ()

. 202. Maintenance - Reboot


, Yes.

2.26.1.2

Factory Defaults ( )

. 203. Maintenance - Factory Defaults


Keep IP ( IP-): Keep IP ( IP),
IP .
, Continue
(). , .
.
CLI:
reload defaults keep-ip

2.26.2
2.26.2.1

Software ( )
Upload ()

. 204. Maintenance Software - Upload


( .dat )
, Upload (). 5 .
, ,
. , .
CLI:
firmware upgrade 192.168.0.131 ZES-2220_v1.100.dat

ZES-22xx

2015 Zelax

173

2.26.2.2

Image Select ( )

. 205. Maintenance Software - Image Select


, .
CLI:
firmware swap

2.26.3

Configuration ()

2.26.3.1

Save startup-config ( )

. 206. Maintenance Configuration - Save startup-config

2.26.3.2

Backup ( )

. 207. Maintenance Configuration Backup


Running-config ( ): .
Default-config ( ): .
174

2015 Zelax

ZES-22xx

Startup-config ( ): ,
.

2.26.3.3

Restore ( )

. 208. Maintenance Configuration Restore


File To Restore ( ): ,
.
Replace running-config With IP ( IP):
IP, Configuration ()
, Restore With IP ( IP).
Running-config ( ):
.
Startup-config ( ):
.
Create new file ( ): .
Replace (): ,
.
Merge (): ,
.

2.26.3.4

Activate ( )

, .

. 209. Maintenance Configuration Activate


Default-config ( ): .
Startup-config ( ): ,
.
ZES-22xx

2015 Zelax

175

2.26.3.5

Delete ( )

, .

. 210. Maintenance Configuration Delete


Startup-config ( ): ,
.

176

2015 Zelax

ZES-22xx

Оценить