User Guide
Page 7
...Getting to Know Your Switch ...23 Hardware Installation and Connection 27 Hardware Overview ...30 The Web Configurator ...39 Initial Setup Example ...49 Tutorials ...53 Technical Reference ...79 System Status and Port Statistics 81 Basic Setting...Port Security ...164 Classifier ...166 Policy Rule ...171 Queuing Method ...176 VLAN Stacking ...179 Multicast ...186 AAA ...201 IP Source Guard ...214 Loop Guard ...233 VLAN Mapping ...237 Layer 2 Protocol Tunneling ...241 sFlow ...245 PPPoE ...249 Error Disable ...257 Private VLAN ...262 Static Route ...265 Differentiated Services ...268 MES3500-24...
...Getting to Know Your Switch ...23 Hardware Installation and Connection 27 Hardware Overview ...30 The Web Configurator ...39 Initial Setup Example ...49 Tutorials ...53 Technical Reference ...79 System Status and Port Statistics 81 Basic Setting...Port Security ...164 Classifier ...166 Policy Rule ...171 Queuing Method ...176 VLAN Stacking ...179 Multicast ...186 AAA ...201 IP Source Guard ...214 Loop Guard ...233 VLAN Mapping ...237 Layer 2 Protocol Tunneling ...241 sFlow ...245 PPPoE ...249 Error Disable ...257 Private VLAN ...262 Static Route ...265 Differentiated Services ...268 MES3500-24...
User Guide
Page 9
... I: User's Guide 21 Chapter 1 Getting to Know Your Switch 23 1.1 Introduction ...23 1.1.1 Backbone Application 23 1.1.2 Bridging Example ...24 1.1.3 High Performance Switching Example 24 1.1.4 IEEE 802.1Q VLAN Application Examples 25 1.1.5 IPv6 Support...Switch on a Rack 27 2.3.1 Rack-mounted Installation Requirements 27 2.3.2 Attaching the Mounting Brackets to the Switch 28 2.3.3 Mounting the Switch on a Rack 29 Chapter 3 Hardware Overview ...30 3.1 Front Panel ...30 3.1.1 Console Port ...31 3.1.2 Ethernet Ports ...32 3.1.3 Transceiver Slots ...32 3.1.4 Power Connector ...34 MES3500-24...
... I: User's Guide 21 Chapter 1 Getting to Know Your Switch 23 1.1 Introduction ...23 1.1.1 Backbone Application 23 1.1.2 Bridging Example ...24 1.1.3 High Performance Switching Example 24 1.1.4 IEEE 802.1Q VLAN Application Examples 25 1.1.5 IPv6 Support...Switch on a Rack 27 2.3.1 Rack-mounted Installation Requirements 27 2.3.2 Attaching the Mounting Brackets to the Switch 28 2.3.3 Mounting the Switch on a Rack 29 Chapter 3 Hardware Overview ...30 3.1 Front Panel ...30 3.1.1 Console Port ...31 3.1.2 Ethernet Ports ...32 3.1.3 Transceiver Slots ...32 3.1.4 Power Connector ...34 MES3500-24...
User Guide
Page 10
...VLAN ...49 5.1.2 Setting Port VID ...50 5.2 Configuring Switch Management IP Address 51 Chapter 6 Tutorials ...53 6.1 How to Use DHCP Snooping on the Switch 53 6.2 How to Use DHCP Relay on the Switch 56 6.2.1 DHCP Relay ...Switch A 61 6.3.2 Configuring Switch B 63 6.4 How to Use Error Disable and Recovery on the Switch 66 6.5 How to Set Up a Guest VLAN 68 6.5.1 Creating a Guest VLAN 68 6.5.2 Enabling IEEE 802.1x Port Authentication 71 6.5.3 Enabling Guest VLAN 72 6.6 How to Do Port Isolation in a VLAN 73 6.6.1 Creating a VLAN ...74 6.6.2 Creating a Private VLAN Rule 76 10 MES3500-24...
...VLAN ...49 5.1.2 Setting Port VID ...50 5.2 Configuring Switch Management IP Address 51 Chapter 6 Tutorials ...53 6.1 How to Use DHCP Snooping on the Switch 53 6.2 How to Use DHCP Relay on the Switch 56 6.2.1 DHCP Relay ...Switch A 61 6.3.2 Configuring Switch B 63 6.4 How to Use Error Disable and Recovery on the Switch 66 6.5 How to Set Up a Guest VLAN 68 6.5.1 Creating a Guest VLAN 68 6.5.2 Enabling IEEE 802.1x Port Authentication 71 6.5.3 Enabling Guest VLAN 72 6.6 How to Do Port Isolation in a VLAN 73 6.6.1 Creating a VLAN ...74 6.6.2 Creating a Private VLAN Rule 76 10 MES3500-24...
User Guide
Page 11
...88 8.4 Introduction to VLANs ...89 8.4.1 Smart Isolation ...90 8.5 Switch Setup ...91 8.6 IP Setup ...93 8.6.1 Management IP Addresses 93 8.7 Port Setup ...95 Chapter 9 VLAN ...97 9.1 Introduction to IEEE ...802.1Q Tagged VLANs 97 9.1.1 Forwarding Tagged and Untagged Frames 97 9.2 Automatic VLAN Registration 98 9.2.1 GARP ...98 9.2.2 GVRP ...98 9.3 Port......100 9.5.2 VLAN Details ...101 9.5.3 Configure a Static VLAN 102 9.5.4 Configure VLAN Port Settings 103 9.6 Subnet Based VLANs ...104 9.7 Configuring Subnet Based VLAN 105 9.8 ...
...88 8.4 Introduction to VLANs ...89 8.4.1 Smart Isolation ...90 8.5 Switch Setup ...91 8.6 IP Setup ...93 8.6.1 Management IP Addresses 93 8.7 Port Setup ...95 Chapter 9 VLAN ...97 9.1 Introduction to IEEE ...802.1Q Tagged VLANs 97 9.1.1 Forwarding Tagged and Untagged Frames 97 9.2 Automatic VLAN Registration 98 9.2.1 GARP ...98 9.2.2 GVRP ...98 9.3 Port......100 9.5.2 VLAN Details ...101 9.5.3 Configure a Static VLAN 102 9.5.4 Configure VLAN Port Settings 103 9.6 Subnet Based VLANs ...104 9.7 Configuring Subnet Based VLAN 105 9.8 ...
User Guide
Page 18
... 38.5 SSH Overview ...301 38.6 How SSH works ...302 38.7 SSH Implementation on the Switch 303 38.7.1 Requirements for Using SSH 303 38.8 Introduction to HTTPS ...303 38.9 HTTPS Example... 304 38.9.2 Mozilla Firefox Warning Messages 307 38.9.3 The Main Screen ...308 38.10 Service Port Access Control 309 38.11 Remote Management 310 Chapter 39 Diagnostic ...312 39.1 Diagnostic ...312 ...41.1 Cluster Management Status Overview 316 41.2 Cluster Management Status 317 41.2.1 Cluster Member Switch Management 318 41.3 Clustering Management Configuration 320 Chapter 42 MAC Table ...322 42.1 MAC Table...
... 38.5 SSH Overview ...301 38.6 How SSH works ...302 38.7 SSH Implementation on the Switch 303 38.7.1 Requirements for Using SSH 303 38.8 Introduction to HTTPS ...303 38.9 HTTPS Example... 304 38.9.2 Mozilla Firefox Warning Messages 307 38.9.3 The Main Screen ...308 38.10 Service Port Access Control 309 38.11 Remote Management 310 Chapter 39 Diagnostic ...312 39.1 Diagnostic ...312 ...41.1 Cluster Management Status Overview 316 41.2 Cluster Management Status 317 41.2.1 Cluster Member Switch Management 318 41.3 Clustering Management Configuration 320 Chapter 42 MAC Table ...322 42.1 MAC Table...
User Guide
Page 23
... on page 333 for a group of heavy traffic users. The MES3500-24F has 24 100 Mbps fast Ethernet SFP slots. In addition, the Switch can be expected in web configurator, managing and configuring the Switch is a layer-2 standalone Ethernet switch. See Chapter 46 on the console port, or third-party SNMP management. In this example, all...
... on page 333 for a group of heavy traffic users. The MES3500-24F has 24 100 Mbps fast Ethernet SFP slots. In addition, the Switch can be expected in web configurator, managing and configuring the Switch is a layer-2 standalone Ethernet switch. See Chapter 46 on the console port, or third-party SNMP management. In this example, all...
User Guide
Page 24
...It can connect to the expense of replacing all ports can provide a super-fast uplink connection by allowing network managers to the corporate backbone. Figure 3 High Performance Switched Workgroup Application 24 MES3500-24/24F User's Guide Switching to higher-speed LANs such as ATM (Asynchronous ...Transmission Mode) is ideal for most people due to high-speed department servers via the Switch. All users that need high...
...It can connect to the expense of replacing all ports can provide a super-fast uplink connection by allowing network managers to the corporate backbone. Figure 3 High Performance Switched Workgroup Application 24 MES3500-24/24F User's Guide Switching to higher-speed LANs such as ATM (Asynchronous ...Transmission Mode) is ideal for most people due to high-speed department servers via the Switch. All users that need high...
User Guide
Page 25
... (from stations that need access to the server need to enhance IP address size and features. MES3500-24/24F User's Guide 25 For more information on a logical network belong to one group. Ports can be used to or hear from the 32-bit IPv4 address) allows up to Chapter 9... same group(s) unless such traffic first goes through reduced broadcast traffic. Shared resources such as the server. At the time of VLAN 1. the Switch can be modified at the same time • DHCPv6 client and relay • Multicast Listener Discovery (MLD) snooping and proxy For more information...
... (from stations that need access to the server need to enhance IP address size and features. MES3500-24/24F User's Guide 25 For more information on a logical network belong to one group. Ports can be used to or hear from the 32-bit IPv4 address) allows up to Chapter 9... same group(s) unless such traffic first goes through reduced broadcast traffic. Shared resources such as the server. At the time of VLAN 1. the Switch can be modified at the same time • DHCPv6 client and relay • Multicast Listener Discovery (MLD) snooping and proxy For more information...
User Guide
Page 30
...: AC Model LEDs Dual Personality Interfaces Console Port Power Connection Fast Ethernet Ports Figure 8 MES3500-24 Front Panel: DC Model Power Switch LEDs Signal slot Dual Personality Interfaces Console Port Power Connection Fast Ethernet Ports Figure 9 MES3500-24F Front Panel: AC Model LEDs Signal slot Dual Personality Interfaces Console Port Power Connection MES3500-24/24F User's Guide Fast SFP Slots Signal...
...: AC Model LEDs Dual Personality Interfaces Console Port Power Connection Fast Ethernet Ports Figure 8 MES3500-24 Front Panel: DC Model Power Switch LEDs Signal slot Dual Personality Interfaces Console Port Power Connection Fast Ethernet Ports Figure 9 MES3500-24F Front Panel: AC Model LEDs Signal slot Dual Personality Interfaces Console Port Power Connection MES3500-24/24F User's Guide Fast SFP Slots Signal...
User Guide
Page 31
.... Connect these slots for local configuration of the Switch. Use transceivers in the ON position to this port. Table 1 Front Panel Connections LABEL Power Switch Power Connection 24 10/100 Mbps RJ-45 Fast Ethernet Ports (MES3500-24) 24 100 Mbps Fast SFP Slots (MES3500-24F) Four Dual Personality Interfaces Console Port Signal slot DESCRIPTION This is for fiber-optic...
.... Connect these slots for local configuration of the Switch. Use transceivers in the ON position to this port. Table 1 Front Panel Connections LABEL Power Switch Power Connection 24 10/100 Mbps RJ-45 Fast Ethernet Ports (MES3500-24) 24 100 Mbps Fast SFP Slots (MES3500-24F) Four Dual Personality Interfaces Console Port Signal slot DESCRIPTION This is for fiber-optic...
User Guide
Page 32
...that the settings of the connected device. The Switch does not come with a mini-GBIC slot to create a dual personality interface. The Switch uses up to one connection for details. 32 MES3500-24/24F User's Guide If the peer Ethernet port does not support autonegotiation or turns off , ...an Ethernet port uses the pre-configured speed and duplex mode when making a ...
...that the settings of the connected device. The Switch does not come with a mini-GBIC slot to create a dual personality interface. The Switch uses up to one connection for details. 32 MES3500-24/24F User's Guide If the peer Ethernet port does not support autonegotiation or turns off , ...an Ethernet port uses the pre-configured speed and duplex mode when making a ...
User Guide
Page 37
... 10 ......... 3 2 1 11 10 ......... 3 2 1 11 10 ......... 3 2 1 Pin Assignments 3.2 LEDs After you used when connecting to the first switch, as an aid in the diagram below. Off The system is functioning normally. 10/100 Mbps Fast Ethernet Ports (MES3500-24) 1 ~ 24 Green Blinking The system is active. ALM Red On A hardware failure is detected, or an external...
... 10 ......... 3 2 1 11 10 ......... 3 2 1 11 10 ......... 3 2 1 Pin Assignments 3.2 LEDs After you used when connecting to the first switch, as an aid in the diagram below. Off The system is functioning normally. 10/100 Mbps Fast Ethernet Ports (MES3500-24) 1 ~ 24 Green Blinking The system is active. ALM Red On A hardware failure is detected, or an external...
User Guide
Page 42
...you to screens where you to a screen to set up global Switch parameters such as MAC authentication for each port. Filtering This link takes you can configure various multicast features, IGMP snooping and create multicast VLANs. 42 MES3500-24/24F User's Guide Broadcast Storm This link takes you to a... screen to set the maximum number of MAC addresses to a screen where you to learn on a port. Queuing Method This link takes you can configure port-based or 802.1Q VLAN (...
...you to screens where you to a screen to set up global Switch parameters such as MAC authentication for each port. Filtering This link takes you can configure various multicast features, IGMP snooping and create multicast VLANs. 42 MES3500-24/24F User's Guide Broadcast Storm This link takes you to a... screen to set the maximum number of MAC addresses to a screen where you to learn on a port. Queuing Method This link takes you can configure port-based or 802.1Q VLAN (...
User Guide
Page 43
...This link takes you to a screen where you can block traffic between ports in your network. Cluster Management This link takes you to screens where you can setup system logs and a system log server. MES3500-24/24F User's Guide 43 Syslog This link takes you to a screen ...to screens where you can perform firmware and configuration file maintenance as well as reboot the system. A static route defines how the Switch should forward traffic by configuring the TCP/IP parameters manually. Management Maintenance This link takes you to a screen where you can configure...
...This link takes you to a screen where you can block traffic between ports in your network. Cluster Management This link takes you to screens where you can setup system logs and a system log server. MES3500-24/24F User's Guide 43 Syslog This link takes you to a screen ...to screens where you can perform firmware and configuration file maintenance as well as reboot the system. A static route defines how the Switch should forward traffic by configuring the TCP/IP parameters manually. Management Maintenance This link takes you to a screen where you can configure...
User Guide
Page 44
.... Click the Save link in the upper right hand corner of the web configurator to save your configuration to the Switch's storage that remains even if the Switch's power is turned off . Chapter 4 The Web Configurator 4.3.1 Change Your Password After you log in for the ...when you are done with the CPU port as a member. Figure 20 Change Administrator Login Password 4.4 Saving Your Configuration When you change the default administrator password. Settings in a screen, click Apply to save your changes back to the CPU port. 44 MES3500-24/24F User's Guide Click Management > Access...
.... Click the Save link in the upper right hand corner of the web configurator to save your configuration to the Switch's storage that remains even if the Switch's power is turned off . Chapter 4 The Web Configurator 4.3.1 Change Your Password After you log in for the ...when you are done with the CPU port as a member. Figure 20 Change Administrator Login Password 4.4 Saving Your Configuration When you change the default administrator password. Settings in a screen, click Apply to save your changes back to the CPU port. 44 MES3500-24/24F User's Guide Click Management > Access...
User Guide
Page 45
MES3500-24/24F User's Guide 45 If you do the following: 1 Connect to the console port using out-of-band management (via the management port) to configure the Switch. 4.6 Resetting the Switch If you lock yourself (and others out of 9600bps with 8 data bit, no parity, one stop bit and flow control... The password will also be reset to the default of the Switch. press any key to enter Debug Mode within 3 seconds ..." Note: Be careful not to lock yourself and others ) from accessing the Switch. 8 Change a service port number but forget it. To upload the configuration file, do ...
MES3500-24/24F User's Guide 45 If you do the following: 1 Connect to the console port using out-of-band management (via the management port) to configure the Switch. 4.6 Resetting the Switch If you lock yourself (and others out of 9600bps with 8 data bit, no parity, one stop bit and flow control... The password will also be reset to the default of the Switch. press any key to enter Debug Mode within 3 seconds ..." Note: Be careful not to lock yourself and others ) from accessing the Switch. 8 Change a service port number but forget it. To upload the configuration file, do ...
User Guide
Page 46
... Total 393216 bytes received. Erasing OK ras> atgo The Switch is recommended after you finish a management session for security reasons. Figure 22 Web Configurator: Logout Screen 4.8 Help The web configurator's online help description of that screen. 46 MES3500-24/24F User's Guide You have to log in a screen...information. ZyNOS Version: VMES3500-24_4.00(AABB.0)b1 | 11/04/2011 17:32:28 Press any key to restart the Switch. Figure 21 Resetting the Switch: Via the Console Port Bootbase Version: V1.00 | 11/02/2011 11:09:37 RAM: Size = 65536 Kbytes DRAM POST: Testing: 65536K...
... Total 393216 bytes received. Erasing OK ras> atgo The Switch is recommended after you finish a management session for security reasons. Figure 22 Web Configurator: Logout Screen 4.8 Help The web configurator's online help description of that screen. 46 MES3500-24/24F User's Guide You have to log in a screen...information. ZyNOS Version: VMES3500-24_4.00(AABB.0)b1 | 11/04/2011 17:32:28 Press any key to restart the Switch. Figure 21 Resetting the Switch: Via the Console Port Bootbase Version: V1.00 | 11/02/2011 11:09:37 RAM: Size = 65536 Kbytes DRAM POST: Testing: 65536K...
User Guide
Page 49
...VLAN with fixed port members. Figure 23 Initial Setup Network Example: VLAN MES3500-24/24F User's Guide 49 You can do this example, you want to the VLAN group in which the port(s) belongs. CHAPTER 5 Initial Setup Example This chapter shows how to set up the Switch for an example ...network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Switch IP management address ...
...VLAN with fixed port members. Figure 23 Initial Setup Network Example: VLAN MES3500-24/24F User's Guide 49 You can do this example, you want to the VLAN group in which the port(s) belongs. CHAPTER 5 Initial Setup Example This chapter shows how to set up the Switch for an example ...network. 5.1 Overview The following lists the configuration steps for the initial setup: • Create a VLAN • Set port VLAN ID • Configure the Switch IP management address ...
User Guide
Page 50
...VLAN ID. 3 Since the VLAN2 network is connected to port 1 on that port so that the frames are lost when the Switch's power is turned off. 5.1.2 Setting Port VID Use PVID to add a tag to incoming untagged frames received on the Switch, select Fixed to configure port 1 to be a permanent member of the VLAN only.... To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the Switch to remove VLAN tags before sending. 5 Click Add to save the settings to the VLAN group that the tag defines. 50 MES3500-24/24F User's Guide
...VLAN ID. 3 Since the VLAN2 network is connected to port 1 on that port so that the frames are lost when the Switch's power is turned off. 5.1.2 Setting Port VID Use PVID to add a tag to incoming untagged frames received on the Switch, select Fixed to configure port 1 to be a permanent member of the VLAN only.... To ensure that VLAN-unaware devices (such as computers and hubs) can receive frames properly, clear the TX Tagging check box to set the Switch to remove VLAN tags before sending. 5 Click Add to save the settings to the VLAN group that the tag defines. 50 MES3500-24/24F User's Guide
User Guide
Page 104
... box is selected for a port, the Switch discards incoming frames for traffic received from IP subnet 10.1.1.0/24 (data 104 MES3500-24/24F User's Guide This is designated for IP subnet 172.16.1.0/24, video for 192.168.1.0/24 and data for all ports. Select Tag Only to traffic from IP subnet 172.16.1.0/24 (voice services). All untagged...
... box is selected for a port, the Switch discards incoming frames for traffic received from IP subnet 10.1.1.0/24 (data 104 MES3500-24/24F User's Guide This is designated for IP subnet 172.16.1.0/24, video for 192.168.1.0/24 and data for all ports. Select Tag Only to traffic from IP subnet 172.16.1.0/24 (voice services). All untagged...