OLT-1308S-22: Support Notes

OLT-1308S-22
8-ports Layer-2 GEPON switch
SupportNotes
FirmwareVersion3.80 March2009 Edition1.0
ZyXEL
OLT-1308S-22 Support Notes
INDEX Switch Management & Maintenance .............................................................................. 4 Firmware Upgrade ...................................................................................................... 4 Using the Web Configurator ............................................................................... 4 Using the Console Port ....................................................................................... 5 Using FTP ........................................................................................................... 5 Restore a Configuration File ....................................................................................... 5 Using the Web Configurator ............................................................................... 5 Using the Console Port ....................................................................................... 6 Using FTP ........................................................................................................... 7 Backing Up a Configuration File ................................................................................ 7 Using the Web Configurator ............................................................................... 7 Using the Console Port ....................................................................................... 8 Using FTP ........................................................................................................... 8 Load Factory Defaults................................................................................................. 8 Using the Web Configurator ............................................................................... 8 Using the Console Port ....................................................................................... 9 PON port service VLAN ................................................................................................. 10 Scenario..................................................................................................................... 10 OLT Port Setup Configuration .................................................................................. 11 Configuring the downstream rule ..................................................................... 11 Configuring the upstream rule .......................................................................... 12 Applying the upstream rule............................................................................... 12 Applying the upstream rule............................................................................... 14 VLAN Configuration ................................................................................................ 15 Configuring the switch VLAN table ................................................................. 15 Configuring the switch VLAN port settings ..................................................... 18 ONU customer service VLAN ........................................................................................ 20 Scenario................................................................................................................... 20 ONU Rule Profile Configuration ............................................................................ 21 Configuring the ONU upstream policy rules on CVLAN=10 .......................... 21 Configuring the ONU upstream policy rules on CVLAN=20 .......................... 21 Configuring the ONU downstream default policy rules ................................... 22 Configuring the ONU upstream default policy rules ........................................ 23 Configuring the ONU Rule Profile for VLAN=10 ........................................... 24 Configuring the ONU Rule Profile for VLAN=20 ........................................... 25 ONU Setup ................................................................................................................ 27 Configuring the EPON ONU Setup for the ONU on VLAN10........................ 27 Configuring the EPON ONU Setup for the ONU on VLAN20........................ 28 VLAN Configuration ................................................................................................ 28 Configuring the switch VLAN table ................................................................. 28 Configuring the switch VLAN port settings ..................................................... 30 DHCP Relay ..................................................................................................................... 31 What is DHCP Relay?............................................................................................... 31 What is DHCP Relay Agent Information Option 82? ............................................... 31
All contents copyright
2009 ZyXEL Communications Corporation.
ZyXEL
Notes ......................................................................................................................... 31 How does DHCP Replay (and Option 82) work? ..................................................... 32 Private Format ........................................................................................................... 33 DHCP Relay Option 82 Application ......................................................................... 34 Setting up a DHCP Relay Option 82 Environment........................................... 34 VLAN ............................................................................................................................... 36 What is Virtual LAN? ............................................................................................... 36 VLAN Overview ............................................................................................... 36 Port-based VLAN ............................................................................................. 36 Port-based VLAN across multiple switches ..................................................... 38 How to configure Port-Based VLAN ....................................................................... 39 Configuring the Switch Using the Web Configurator ....................................... 40 Configuring the Switch Using the CLI ............................................................. 43 What is IEEE 802.1Q Tag-based VLAN?................................................................. 44 How 802.1Q VLAN works ....................................................................................... 45 Setting up VLAN Trunking .............................................................................. 48 IP Multicasting ................................................................................................................ 51 Configuring IGMP snooping in your switch............................................................. 51 Configuration of IGMP snooping by web......................................................... 51 Configuration of IGMP and IGMP snooping by CLI ....................................... 53 Overview of MVR .................................................................................................... 54 MVR Mode ....................................................................................................... 55 Operation Mode ................................................................................................ 55 Scenario of MVR .............................................................................................. 56 Configuration via Web ...................................................................................... 56 Configuration via CLI ....................................................................................... 61 Spanning Tree Protocol .................................................................................................. 68 What is Spanning Tree Protocol? .............................................................................. 68 How STP Works ........................................................................................................ 69 Overview of MSTP ................................................................................................... 72 Scenario&Benefits ............................................................................................ 73 Configuration using the Web GUI Switch A ................................................. 76 Configuration using the Web GUI Switch B OLT-1308S-22...................... 83 Configuration using the Web GUI Switch C ................................................. 91 Configuration using the Web GUI Switch D ............................................... 100 Switching security ......................................................................................................... 109 MAC freeze............................................................................................................. 109 trTCM ............................................................................................................................. 111 Overview of trTCM ................................................................................................. 111 Scenario................................................................................................................... 112 Configuration using the Web GUI .................................................................. 113 Configuration using the CLI ........................................................................... 114 SNMPv3 ......................................................................................................................... 115 Introduction to SNMP ............................................................................................. 115 Difference between SNMPv3 and others (SNMPv1 and SNMPv2c) ............. 115 Scenario................................................................................................................... 117
ZyXEL
Configuration ZyXEL switch using the Web GUI .......................................... 118 Adding a new device via SNMPc ................................................................... 121 Configuration ZyXEL switch using the CLI................................................... 128 Loop Guard ................................................................................................................... 129 Loop Guard Overview ............................................................................................ 129 Scenario................................................................................................................... 130 Configuration using the CLI (Switch A)......................................................... 132 IPSubnetting VLAN...................................................................................................... 133 IPSubnetting VLAN Overview ............................................................................... 133 Scenario................................................................................................................... 133 Configuration using the Web GUI .................................................................. 135 Configuration using the CLI ........................................................................... 141 IP Source Guard ............................................................................................................ 142 Overview of IP Source Guard ................................................................................. 142 Classifier & Policy rule setup on your Switch ............................................................ 154 Classifier Configuration .......................................................................................... 155 Policy Rule Configuration .............................................................................. 156 Cluster Management Overview ...................................................................... 158 How Cluster Management works.................................................................... 158 Configuring Cluster Management................................................................... 159 FAQ ................................................................................................................................ 163 What are the default IP parameter settings?.............................................................. 163 What is the default login Name and Password to log into the Web Configurator? .. 163 How to access my SWITCH through the console port? ........................................... 163 What is default login password for console, telnet, and FTP login? ........................ 163 How to change the password?................................................................................... 163 How to access the Command Line Interface (CLI)? ................................................ 164 If I have forgotten the password, how to reset the password to the default setting? 164 How to configure the IP address? ............................................................................. 164 Is Online Help available on the Web Configurator? ................................................. 165 How to restart device from the Web Configurator? .................................................. 165 How to check the current running firmware version? .............................................. 166 Is the mini GBIC transceiver hot-swappable? .......................................................... 166 What is "Dual-Personality interface"? ...................................................................... 166 Can I enable IGMP snooping on the Switch which is acting as an IGMP Router? .. 166 Can I enable MVR and IGMP snooping at the same time? ...................................... 166
ZyXEL
SwitchManagement&Maintenance
FirmwareUpgrade
UsingtheWebConfigurator 1. Download(andunzipped)thecorrectmodelfirmwaretoyourcomputer. 2. ClickManagement>Maintenanceinthenavigatorpaneltodisplaythefollowing screen.
3. ClicktheClickHerelinkforFirmwareUpgradetodisplaythefollowingscreen.
4. IntheFilePathfield,clickBrowsetolocatethefirmwarefile. 5. ChecktheRebootingbox. 6. ClickUpgradetostartthefirmwareupgradeprocess.
ZyXEL
UsingtheConsolePort 1. 2. 3. 4. 5. 6. Download(andunzipped)thecorrectmodelfirmwaretoyourcomputer. ConnecttotheconsoleportandlaunchaTerminalEmulationsoftware Restarttheswitchtoenterthedebugmodeviatheterminal. EnterATUR. UsetheXmodemprotocoltotransfer(SendFile)thefirmware. EnterATGOtorestarttheswitchafterthefiletransferiscompleteandthe firmwareupgradeprocessisdone.
UsingFTP 1. Download(andunzipped)thecorrectmodelfirmwaretoyourcomputer. 2. LaunchtheFTPclientonyourcomputertologintoswitch.(Fromthecommand prompt,typeftp<DeviceIP>). 3. Press[ENTER]whenpromptedforausername. 4. EntertheadministratorloginpasswordtoaccesstheswitchanddisplayFTPprompt. 5. Enterbintosetthetransfermodetobinary. 6. Useputtotransferthefirmwarefromthecomputertotheswitch,forexample: putfirmware.binras0transfersthefirmwareonyourcomputer(firmware.bin)to theswitch. 7. Enterbyetologoutfromtheswitch.
RestoreaConfigurationFile
UsingtheWebConfigurator 1. ClickManagement>Maintenanceinthenavigatorpaneltodisplaythefollowing screen.
ZyXEL
2. ClicktheClickHerelinkforRestoreConfigurationtodisplaythefollowingscreen.
3. IntheFilePathfield,clickBrowsetolocatethefirmwarefile. 4. ClickRestoretostartrestoringconfiguration. UsingtheConsolePort ConnecttotheconsoleportandlaunchTerminalEmulationsoftware. Restarttheswitchtoenterthedebugmodeviatheterminal. EnterATLC UseXmodemprotocoltotransfer(SendFile)theconfigurationfile(witha.romfile extension). 5. EnterATGOtorestarttheswitchafterfiletransferandtheconfigurationrestore processesarecomplete. 1. 2. 3. 4.
ZyXEL
UsingFTP 1. Download(andunzipped)thecorrectmodelfirmwaretoyourcomputer. 2. LaunchtheFTPclientonyourcomputertologintotheswitch.(Fromthecommand prompt,typeftp<SwitchIP>. 3. Press[ENTER]whenpromptedforausername 4. EntertheadministratorloginpasswordtoaccesstheswitchanddisplayFTPprompt. 5. Enterbintosetthetransfermodetobinary. 6. Useputtotransfertheconfigurationfilefromthecomputertotheswitch,for example:putcomfig.romrom0transferstheconfigurationfileonyourcomputer (config.rom)totheswitchandrenamesittorom0. 7. Enterbyetologoutfromtheswitch.
BackingUpaConfigurationFile
UsingtheWebConfigurator 1. ClickManagement>Maintenanceinthenavigatorpaneltodisplaythefollowing screen.
2. ClicktheClickHerelinkforBackupConfigurationtodisplaythefollowingscreen.
ZyXEL
3. ClickBackuptodisplaytheFileDownloaddialog.Then,clickSavetobackupthe configurationtextfiletoalocationyouspecifyonyourcomputer. UsingtheConsolePort ConnecttotheconsoleportandlaunchaTerminalEmulationsoftware. Restarttheswitchtoenterthedebugmodeviatheterminal. EnterATTD. UseXmodemprotocoltotransfer(ReceiveFile)theconfigurationfile(witha.rom fileextension). 5. EnterATGOtorestarttheswitchafterfiletransferandtheconfigurationbackup processesarecomplete. UsingFTP 1. 2. 3. 4.
1. Download(andunzipped)thecorrectmodelfirmwaretoyourcomputer. 2. LaunchtheFTPclientonyourPCtologintotheswitch.(Fromthecommandprompt, typeftp<SwitchIP> 3. Press[ENTER]whenpromptedforausername 4. EntertheadministratorloginpasswordtoaccesstheswitchanddisplayFTPprompt. 5. Enterbintosetthetransfermodetobinary. 6. Usegettotransfertheconfigurationfilefromtheswitchtoyourcomputer,for example:getrom0config.romtransferstheconfigurationfileontheswitch (rom0)toyourcomputerandrenamesitconfig.rom. 7. Enterbyetologoutfromtheswitch.
LoadFactoryDefaults
UsingtheWebConfigurator 1. ClickManagement>Maintenanceinthenavigationpaneltodisplaythefollowing screen.
ZyXEL
2. ClickClickHerelinkforLoadFactoryDefault. 3. AdialogboxpopsupwiththeAreyousureyouwanttoloadfactorydefaults? prompt.
4. ClickOK. 5. ClickOKagaintostarttheconfigurationresetprocess.Afteritiscomplete,the deviceautomaticallyrestarts. 6. PleasenotethattheIPaddressoftheswitchisnow192.168.1.1. UsingtheConsolePort 1. ConnecttotheconsoleportandopentheTerminalEmulationSoftware. 2. EntertheadministratorloginpasswordtologintotheCLI.Entereraseruntoload thefactorydefaultconfiguration.
ZyXEL
PONportserviceVLAN
Scenario
TheNetworkstructureofCentralOfficedependsonthedeploymentofdifferentISP (InternetServiceProvider)indifferentenvironmentsindifferentcountries.Oneofthe commonlyknownmethodsforseparatingdifferenttypesoftrafficisbyclassifyingtheir VLANID.Inthecaseoftheaforementioneddiagram,thetrafficcomingfromthePON port1oftheOLT1308S22isclassifiedtobeinVLAN=200.ThisappliestoONU1and ONU2sincetheyarebothconnectedtothePONport1.Theclassifiedtrafficof VLAN=200hastobeuntaggedintheegressuplinkport11.Sohowshouldweconfigure theOLT1308S22tofittheaforementionedscenario?Thefollowingstepbystep procedureinstructsusthemethod.
10
ZyXEL
OLTPortSetupConfiguration
Configuringthedownstreamrule 1. GotoBasicSetting>OLTPortSetup>OLTpolicyPortRuleProfile
2. 3. 4. 5. 6. 7. 8. 9.
ChecktheActivebox Enterthename,e.g.PON1_DS SelectthePrecedence,e.g.7 ChecktheActiveboxforClause1 SelectAlwaysmatchfortheOperatorinClause1 ChecktheActiveboxforIndex1 SelectDeleteVLANtagforActioninIndex1 SelectServiceVLANforVLANLayerinIndex1
10. Clickadd
11
ZyXEL
Configuringtheupstreamrule 1. GotoBasicSetting>OLTPortSetup>OLTpolicyPortRuleProfile
2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13.
ChecktheActivebox Enterthename,e.g.PON1_US SelectthePrecedence,e.g.7 ChecktheActiveboxforClause1 SelectAlwaysmatchfortheOperatorinClause1 ChecktheActiveboxforIndex1 SelectAddVLANtagforActioninIndex1 SelectServiceVLANforVLANLayerinIndex1 Input0x8100forTPIDinIndex1 SelecttheCoSinIndex1,e.g.0 InputtheVIDinIndex1,e.g.200 ClickAdd
Applyingtheupstreamrule 1. 2. GotoBasicSetting>OLTPortSetup ClickonClickhereforport01
12
ZyXEL
3.
ClickUpstreamOLTPortRules
4.
SelectPON1_USfortheUpstreamOLTPolicyPortRuleProfile
13
ZyXEL
5.
ClickAdd
Applyingtheupstreamrule 1. 2. 3. GotoBasicSetting>OLTPortSetup ClickonClickhereforport01 ClickDownstreamOLTPortRules
4.
SelectPON1_DSfortheUpstreamOLTPolicyPortRuleProfile
14
ZyXEL
5.
ClickAdd
VLANConfiguration
ConfiguringtheswitchVLANtable 1. 2. GotoAdvancedApplication>SwitchAdvance>VLAN ClickStaticVLAN
3. 4.
ClickVID=1tochoosetheVLAN1 UnchecktheActiveboxtodeactivate
15
ZyXEL
5. 6. 7. 8. 9. 10. 11. 12.
ClickAdd ChecktheActivebox EntertheName,e.g.200 EntertheVLANGroupID,e.g.200 SelectFixedforPort1 ChecktheTxTaggingboxforPort1 SelectFixedforPort11 UnchecktheTxTaggingboxforPort11
16
ZyXEL
13. ClickAdd 14. ClickVLANStatus 15. ClickIndex1
16. CheckiftheVLANissetcorrectly
17
ZyXEL
ConfiguringtheswitchVLANportsettings 1. 2. GotoAdvancedApplication>SwitchAdvance>VLAN ClickVLANPortSetting
3. 4. 5.
Input200intothePVIDboxofPort11 SelectTagOnlyfortheAcceptableFrameTypeofPort11 ChecktheVLANTrunkingboxofPort11
18
ZyXEL
6.
ClickAdd
19
ZyXEL
ONUcustomerserviceVLAN
Scenario
ThistopologyisthecontinuanceoftheexampleshowninPONportservice VLAN;pleaserefertotheabovechapterformoredetails.Asitwasmentionedearlier, oneofthemainpurposeofusingVLANistoseparatethetrafficflowfordifferent registeredISPs.Inthecaseoftheaforementioneddiagram,ONU1isregisteredtoISPA withCVLAN=10andONU1isregisteredtoISPBforCVLAN=20.TheCVLANshavetobe taggedattheegressbytheONUs.TheL2switchuntagstheCVLANswheninjecting traffictotheOLT1308S22.TherulesofVLAN200havetoremainunchanged.Sohow shouldweconfiguretheOLT1308S22tofittheaforementionedscenario?Thefollowing stepbystepprocedureinstructsusthemethod.
20
ZyXEL
ONURuleProfileConfiguration
ConfiguringtheONUupstreampolicyrulesonCVLAN=10 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. GotoBasicSetting>ONURuleProfile>ONUPolicyRuleProfile ChecktheActivebox EntertheName,e.g.CVLAN10US SelectthePrecedence,e.g.3 ChecktheActiveboxinClause1 SelectL2DestAddrtobetheFieldinClause1 SelectAlwaysmatchtobetheOperatorinClause1 EntertheValuetobe00:00:00:00:00:00inClause1 ChecktheActiveboxinIndex1 SelectSetVID;AddTag;ForwardtobetheActioninIndex1 EntertheVIDtobe10inIndex1
12. ClickAdd
ConfiguringtheONUupstreampolicyrulesonCVLAN=20 1. 2. 3. 4. 5. 6. 7. 8. GotoBasicSetting>ONURuleProfile>ONUPolicyRuleProfile ChecktheActivebox EntertheName,e.g.CVLAN20US SelectthePrecedence,e.g.3 ChecktheActiveboxinClause1 SelectL2DestAddrtobetheFieldinClause1 SelectAlwaysmatchtobetheOperatorinClause1 EntertheValuetobe00:00:00:00:00:00inClause1

All contents copyright 2009 ZyXEL Communications Corporation. 21
ZyXEL
9. ChecktheActiveboxinIndex1 10. SelectSetVID;AddTag;ForwardtobetheActioninIndex1 11. EntertheVIDtobe20inIndex1
12. ClickAdd
ConfiguringtheONUdownstreamdefaultpolicyrules 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. GotoBasicSetting>ONURuleProfile>ONUPolicyRuleProfile ChecktheActivebox EntertheName,e.g.DSDef01 SelectthePrecedence,e.g.3 ChecktheActiveboxinClause1 SelectL2DestAddrtobetheFieldinClause1 SelectAlwaysmatchtobetheOperatorinClause1 EntertheValuetobe00:00:00:00:00:00inClause1 ChecktheActiveboxinIndex1 SelectSetPath;ForwardtobetheActioninIndex1
22
ZyXEL
11. ClickAdd
ConfiguringtheONUupstreamdefaultpolicyrules 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. GotoBasicSetting>ONURuleProfile>ONUPolicyRuleProfile ChecktheActivebox EntertheName,e.g.USDef01 SelectthePrecedence,e.g.3 ChecktheActiveboxinClause1 SelectL2DestAddrtobetheFieldinClause1 SelectAlwaysmatchtobetheOperatorinClause1 EntertheValuetobe00:00:00:00:00:00inClause1 ChecktheActiveboxinIndex1 SelectSetPath;ForwardtobetheActioninIndex1
23
ZyXEL
12. ClickAdd
ConfiguringtheONURuleProfileforVLAN=10 1. 2. 3. 4. 5. 6. 7. 8. 9. GotoBasicSetting>ONURuleProfile ChecktheActiveboxatthetop EntertheName,e.g.10profile ChecktheActiveboxforIndex1inDownstreamONUPolicyRules SelectDSDef01forIndex1inDownstreamONUPolicyRules ChecktheActiveboxforIndex1inUpstreamONUPolicyRules SelectUSDef01forIndex1inUpstreamONUPolicyRules ChecktheActiveboxforIndex2inUpstreamONUPolicyRules SelectCVLAN10DSforIndex2inUpstreamONUPolicyRules
24
ZyXEL
10. ClickAdd
ConfiguringtheONURuleProfileforVLAN=20 1. 2. 3. 4. GotoBasicSetting>ONURuleProfile ChecktheActiveboxatthetop EntertheName,e.g.20profile ChecktheActiveboxforIndex1inDownstreamONUPolicyRules
25
ZyXEL
5. 6. 7. 8. 9.
SelectDSDef01forIndex1inDownstreamONUPolicyRules ChecktheActiveboxforIndex1inUpstreamONUPolicyRules SelectUSDef01forIndex1inUpstreamONUPolicyRules ChecktheActiveboxforIndex2inUpstreamONUPolicyRules SelectCVLAN20DSforIndex2inUpstreamONUPolicyRules
26
ZyXEL
ONUSetup
ConfiguringtheEPONONUSetupfortheONUonVLAN10 1. 2. GotoBasicSetting>ONUSetup ClickthePort01onClickhere
3. 4. 5. 6.
ChecktheActivebox EntertheONUName,e.g.ONU1 EntertheBaseMACAddressoftheONU,e.g.00:19:cd:b7:d2:b2 Select10profilefortheONURuleProfile
7.
ClickAdd
27
ZyXEL
ConfiguringtheEPONONUSetupfortheONUonVLAN20 1. 2. 3. 4. 5. 6. GotoBasicSetting>ONUSetup ClickthePort01onClickhere ChecktheActivebox EntertheONUName,e.g.ONU2 EntertheBaseMACAddressoftheONU,e.g.00:19:cd:ce:fd:c0 Select20profilefortheONURuleProfile
7.
ClickAdd
VLANConfiguration
ConfiguringtheswitchVLANtable 1. 2. GotoAdvancedApplication>SwitchAdvance>VLAN ClickStaticVLAN
28
ZyXEL
3. 4. 5. 6. 7. 8. 9.
ChecktheActivebox EntertheName,e.g.200 EntertheVLANGroupID,e.g.200 SelectFixedforPort1 ChecktheTxTaggingboxforPort1 SelectFixedforPort11 UnchecktheTxTaggingboxforPort11
10. ClickAdd 11. ClickVLANStatus 12. CheckiftheVLANtableissetcorrectly
29
ZyXEL
ConfiguringtheswitchVLANportsettings 1. 2. GotoAdvancedApplication>SwitchAdvance>VLAN ClickVLANPortSetting
3.
Enter200forthePVIDinPort11
4.
ClickAdd
30
ZyXEL
DHCPRelay
WhatisDHCPRelay?
DHCP(DynamicHostConfigurationProtocol,RFC2131andRFC2132)allows individualclientstoobtainTCP/IPconfigurationatstartupfromaDHCPserver.Youcan configuretheIPDSLAMtorelayDHCPrequeststooneormoreDHCPserversandthe serversresponsesbacktotheclients.YoucanspecifydefaultDHCPserversforallVLAN, andyoucanspecifyDHCPserversforeachVLAN.
WhatisDHCPRelayAgentInformationOption82?
TheIPDSLAMcanaddinformationtoDHCPrequeststhatitrelaystoaDHCPserver. Thishelpsprovideauthenticationaboutthesourceoftherequests.Youcanalsospecify additionalinformationfortheIPDSLAMtoaddtotheDHCPrequeststhatitrelaysto theDHCPserver. TheDHCPrelayagentinformationfeatureaddsanAgentInformationfieldtothe option82fieldoftheDHCPheadersofclientTCP/IPconfigurationrequestframesthat theIPDSLAMrelaystoaDHCPserver.TheIPDSLAMsupportstwoformatsfortheDHCP relayagentinformation:PrivateandTR101.
Notes
DHCPRelayisusedforpassingmessagesbetweenDHCPclientandserver RelayAgentInformationOption(Option82)isanoptioninsertedandremovedbyDHCP relayagent TheoptionisusedforDHCPservertoprovidedifferentservicestoDHCPclients
31
ZyXEL
HowdoesDHCPReplay(andOption82)work?
Router DHCP Client DHCP Relay Agent DHCP Server
DHCP Request
DHCP Request
Option
DHCP Request
Option
DHCPReply
DHCPReply
Option
DHCPReply
Option
HereistheprocessofhowtheDHCPRelayAgentInformationOptionworks. First,theclientsendsouttheDHCPrequesttotheDHCPRelayAgent.ThentheDHCP RelayAgentwilladdtheoptionintothepacketandsendittotheDHCPserver. TheDHCPserverwillprovidedifferentservicesfordifferentusersbasedontheoption andgiveaDHCPreplytotheclientthroughtheDHCPRelayAgent.TheDHCPRelay AgentwillremovetheoptionandsendtheDHCPreplytotheclient.
32
ZyXEL
PrivateFormat
Code Len AgentInformationField
82
i1
i2
i3
i4
iN
SubOpt
Len
SuboptionValue
Suboption1standsforAgentCircuitIDSuboption Suboption2standsforAgentRemoteIDSuboption
Thisaboveisprivateformat;itisveryeasytounderstandwhyitiscalledDHCP RelayAgentInformationOption82.Itusesnumber82asanoptioncodenumberinthe headoftheDHCPOptionpacketfield.Eachoption82packetcarriesmanysuboption fieldswithmanysubvalues.ThesubvalueisusedforprovidinginformationtoDHCP server. TheinitialassignmentofDHCPRelayAgentSuboptionsincludestwosuboption codes.Thatis1standsforAgentCircuitIDSuboptionand2forAgentRemoteID Suboption.AgentCircuitIDSuboptionencodesanagentlocalidentifierofthecircuit fromwhichaDHCPclienttoserverpacketwasreceived.Itisintendedtobeusedby agentsinrelayingDHCPresponsesbacktothepropercircuit.SincetheCircuitIDisonly toaparticularrelayagentlocal,acircuitIDshouldbequalifiedwiththegateway addressvaluethatidentifiestherelayagent.IPDSLAMusesthisSuboption.
33
ZyXEL
DHCPRelayOption82Application
ISPmaywanttolimitthenumberofIPaddressorprovidesomespecificclientIP addressesbasedontheswitchports,VLANIDandoption82string.Theycaneasily achievethiswiththeDHCPRelayOption82featureandaDHCPserverthatsupports Option82. Thefollowingfigureshowsanetworkexample:
SettingupaDHCPRelayOption82Environment Inthisexample,wewillshowyouhowtoconfigureDHCPrelaysettingstoallowa computertoobtainaspecificIPaddressfromaDHCPserverbasedontheOption82 string. Inthisnetworkenvironment,wewilluseanOLT1308S22withacomputerconnected toanONUtothefirstPONport.TheOption82stringissettoOLT1308S22. 6. GotoIPApplication>DHCP>Global 7. ChecktheActivebox 8. TypetheIPaddressofRemoteDHCPServer1,e.g.192.168.1.50: 9. ChecktheOption82box 10. ChecktheInformationbox
34
ZyXEL
11. TypetheInformationstring,e.g.OLT1308S22
NextconnectacomputertotheEthernetportoftheONUlaunchedtothe1stPONport, andletthecomputersendtheDHCPrequestforIP. TheDHCPserverwillthendecidetooffertheIPornot,basedontheDHCPrequestinfo. IfwecapturetheDHCPrequestpacket,theformatwilllooklikethediagrambelow.
Aswecanseefromtheselectedregionmarkedinred,theoption82isaddedonwith thecorrectstring,i.e.OLT1308S22.
35
ZyXEL
VLAN
WhatisVirtualLAN?
VLANOverview AVLAN(VirtualLocalAreaNetwork)allowsaphysicalnetworktobepartitioned intomultiplelogicalnetworks.Stationsonalogicalnetworkbelongtoagroupknownas theVLANGroup.Astationcanbelongtomorethanonegroup.Stationsinthesame VLANgroupcancommunicatewitheachother.WithVLAN,astationcannotdirectly communicatewithstationsthatarenotinthesameVLANgroup(s);thetrafficmustfirst gothrougharouter.InGEPONapplications,VLANisvitalinprovidingisolationand securityamongsubscribers.Whenproperlyconfigured,VLANpreventsonesubscriber fromaccessingthenetworkresourcesofanotheronthesameLAN.Thusauserwillnot seetheprintersandharddisksofanotheruserinthesamebuilding.VLANalsoincreases networkperformancebylimitingbroadcaststoasmallerandmoremanageablelogical broadcastdomain.AVLANgroupisabroadcastdomain.IntraditionalLayer2switched environments,allbroadcastpacketsgotoeachandeveryindividualport.WithVLAN,all broadcastsareconfinedtoaspecificbroadcastdomain.TherearetwoVLAN implementations:PortbasedVLANandIEEE802.1qTaggedVLAN.OLT1308S22 supportsbothVLANimplementations.ThemajordifferencebetweenbothVLAN implementationsisthatTaggedVLANcancrossLayer2switchesbutPortbasedVLAN cannot. PortbasedVLAN PortbasedVLANsareVLANswherethepacketforwardingdecisionisbasedonthe destinationMACaddressanditsassociatedport.Youmustdefineoutgoingportsallowed foreachportwhenusingportbasedVLANs.NotethatVLANonlygovernstheoutgoing traffic.Intheotherword,itisunidirectional. Therefore,ifyouwishtoallowtwosubscriberportstotalktoeachother,e.g.,between conferenceroomsinahotel,youmustdefinetheegress(outgoingport)forbothports. Anegressportisanoutgoingport,thatis,aportthroughwhichadatapacketleaves. Inthefollowingfigure,fivehosts(A,B,C,DandE)areconnectedtoa5portlayer2 switchwhichsupportedportbasedVLAN. Case1: HostsAandBcancommunicatewitheachother,becausetheyareinthesameVLAN group.ButHostsAandBcannotcommunicatewithHostsC,D,andE.
36
ZyXEL
PortbasedVLANdefinition: Egressportforport1:port2 Egressportforport2:port1 Case2: Inthisnetworkexample,therearethreeVLANgroupsinthephysicalnetwork.HostsA andBcancommunicatewitheachothersincetheyareinthesameVLANgroup(VLAN 1).HostsBandCareinVLANgroup2.HostsA,DandEareinVLANgroup3.
PortbasedVLANdefinition: Egressportforport1:port2,port4,port5 Egressportforport2:port1,port3 Egressportforport3:port2 Egressportforport4:port1,port5 Egressportforport5:port1,port4
37
ZyXEL
PortbasedVLANacrossmultipleswitches PortbasedVLANisspecificonlytotheswitchonwhichitwascreated.Thus,portbased VLANcannotcrossmultipleswitches.ThefollowingfigureshowsanMTUnetwork example.Fornetworksecurity,subscribersareisolatedfromeachotherexceptforthe gateway.Therearetwoswitches,Switch2andSwitch3,thatsupportportbasedVLAN andanuplinktoanonportbasedVLANswitch,Switch1.
ForSwitch2,ports1,2,and3areallowedtocommunicatewithuplinkport4,butnot withotherports. Switch2VLAN1memberport:port1andport4 Switch2VLAN2memberport:port2andport4 Switch2VLAN3memberport:port3andport4 ForSwitch3,ports2,3,and4areallowedtocommunicatewithuplinkport1,butnot withotherports. Switch3VLAN1memberport:port2andport1 Switch3VLAN2memberport:port3andport1 Switch2VLAN3memberport:port4andport1 HostAcannotcommunicatewithHostBduetotheportbasedVLANimplementation onSwitch2.HostCcannotcommunicatewithHostDduetotheportbasedVLAN implementationonSwitch3.However,theuplinkportsonbothSwitch2andSwitch3 connecttothenonVLANSwitch1.HostsAandBisabletocommunicatewithHostsC andDthroughthenonVLANswitchbecauseportbasedVLANcannotcrossmultiple switches. Toprovidesecuritybetweenswitches,youmustinstallanotherportbasedVLANswitch fortheuplink.Eachportontheuplinkswitchalsoshouldbeseparatedintodifferent VLANs,exceptfortheportconnectiontothegateway.Sosubscriberscanonlyconnect tothegatewayforInternetaccessbutnotcommunicatewitheachother.
38
ZyXEL

ForSwitch1,ports1,2,and3areallowedtocommunicatewithuplinkport4,butnotwith otherports. Switch1VLAN1memberport:port1andport4 Switch1VLAN2memberport:port2andport4 Switch1VLAN3memberport:port3andport4
HowtoconfigurePortBasedVLAN
PortbasedVLANsareVLANswherethepacketforwardingdecisionisbasedonthe destinationMACaddressanditsassociatedport.
39
ZyXEL
Inthisscenario,PortBasedVLANisusedtoseparateonephysicalswitchintotwo smallerlogicalswitches.Ports1~4and17,18belongtothesameVLANgroup,andports 5~8areinanothergroup.PortbasedVLANsarespecificonlytotheswitchonwhich theywerecreated. ConfiguringtheSwitchUsingtheWebConfigurator 1. UseanRJ45Ethernetcabletoconnectacomputertothemanagementportonthe switch. 2. BydefaultthemanagementIPaddressoftheswitchis192.168.0.1/24 3. SettheIPsettingsonyourcomputerto192.168.0.2/24 4. OpenawebbrowsersuchasIEandenterhttp://192.168.0.1astheURL. 5. Whenprompted,enteradminastheusernameand1234asthepassword. 6. Afteryouhaveloggedinsuccessfully,themainwebconfiguratorscreendisplays.
40
ZyXEL
7. First,settheswitchtouseportbasedVLAN.ClickBasicSetting>SwitchSetupinthe navigationpanelandselectPortBasedintheVLANTypefield. ClickApplyto saveyourchanges.
8. Nextcreatelogicalpartitionsontheswitch.ClickAdvancedApplication>Switch Advance>VLANinthenavigationpanelandselecttheportstobelongtotheVLAN. Forthisexample,selectports1~4and9~12tobelongtoaVLANsotheycan communicatewitheachother. Althoughports5~8areinanothergroup,bothgroupscannotcommunicatewith
41
ZyXEL
eachother.Herewealsodefinedports9~12astheuplinkports.Therefore,both groupscanpassdatatoports9~12.Inanotherword,theuplinkportsbelongtoboth VLANgroupsatthesametime.Theconfigurationscreenshouldlooksimilartothe screenasshown.
9. Finally,verifythesettings.IfyouhaveconfiguredtheVLANsettingsproperly,PCA canpingPCBandPCZbutnotPCCorPCDandviceversa. 10. Forexample, PCA:192.168.1.4/24 PCB:192.168.1.5/24 PCC:192.168.1.6/24 PCD:192.168.1.7/24 PCZ:192.168.1.99/24 11. PINGPCBfromPCA(successfulreplymessages)
42
ZyXEL
12. PINGPCZfromPCA(successfulreplymessages)
13. PINGPCCfromPCA(notsuccessfulwithrequesttimedoutmessage)
ConfiguringtheSwitchUsingtheCLI 1. Connecttheyourcomputertotheconsoleportontheswitch 2. OpenyourTerminalprogram(forexample,HyperTerminalinWindowsSystem). 3. Makesuretheconsoleconnectionsettingsareconfiguredaslistedbelow. Bps:9600
43
ZyXEL
Databits:8 Parity:None Stopbits:1 Flowcontrol:None: 4. Afteryoucanconnectsuccessfully,entertheusernameandpassword. 5. Enterenorenabletogointotheprivilegedmode.Enterconfigtogointothe configurationmode. 6. EnterthefollowingcommandstoconfigurePortBasedVLANonyourSwitchinthis networkexample.
7.
Afterenteringthecommands,usethewritememorycommandundertheenable modetosaveyourconfiguration.
WhatisIEEE802.1QTagbasedVLAN?
IntheIEEE802.1Qstandard,TagbasedVLANusesanextratagintheMACheader toidentifytheVLANmembershipofaframeacrossbridges.ThistagisusedforVLAN andQoS(QualityofService)priorityidentification.TheVLANscanbecreatedstatically byanadministratorordynamicallythroughGVRP.TheVLANIDassociatesaframewith aspecificVLANandprovidestheinformationthatswitchesneedtoprocesstheframe acrossthenetwork.Ataggedframeisfourbyteslongerthananuntaggedframeand containstwobytesofTPID(TagProtocolIdentifier,residingwithinthetype/lengthfield oftheEthernetframe)andtwobytesofTCI(TagControlInformation,startsafterthe sourceaddressfieldoftheEthernetframe).
44
ZyXEL
TPID:TPIDhasadefinedvalueof8100inhex.Whenaframehasthe EtherTypeequalto8100,thisframecarriestheIEEE802.1Q/802.1Ptag. Priority:ThefirstthreebitsoftheTCIdefineuserpriority,givingeight(2^3) prioritylevels.IEEE802.1Pdefinestheoperationforthese3userprioritybits. CFI:CanonicalFormatIndicatorisasinglebitflag,alwayssettozerofor Ethernetswitches.CFIisusedforcompatibilityreasonbetweenEthernettype networkandTokenRingtypenetwork.IfaframereceivedatanEthernetport hasaCFIsetto1,thenthatframeshouldnotbeforwardedasitistoan untaggedport. VID:VLANIDistheidentificationoftheVLAN,whichisusedbythestandard 802.1Q.Itis12bitslongandallowstheidentificationof4096(2^12)VLANs.Of the4096possibleVIDs,aVIDof0isusedtoidentifypriorityframesandvalue 4095(FFF)isreserved,sothemaximumpossibleVLANconfigurationsare 4,094. NotethatuserpriorityandVLANIDareindependentofeachother.Aframe withVID(VLANIdentifier)ofnull(0)iscalledapriorityframe,meaningthat onlytheprioritylevelissignificantandthedefaultVIDoftheingressportis givenastheVIDoftheframe.
How802.1QVLANworks
BasedontheVIDinformationinthetag,theswitchforwardsandfiltersframeson theports.PortswiththesameVIDcancommunicatewitheachother.IEEE802.1QVLAN functiondefinesthreetasks:IngressProcess,ForwardingProcessandEgressProcess.
45
ZyXEL
1.IngressProcess: Eachportiscapableofpassingtaggedoruntaggedframes.IngressProcessidentifiesif theincomingframescontainatag,andclassifiestheincomingframesbelongingtoa VLAN.EachporthasitsownIngressrule.IfanIngressruleacceptstaggedframesonly, theswitchwilldropallincomingnontaggedframesontheport.IfanIngressrule acceptsallframetypes,theswitchallowbothincomingtaggedanduntaggedframeson theport. Whenataggedframeisreceivedonaport,itcarriesatagheaderthathasanexplicit VID.IngressProcessdirectlypassesthetaggedframetoForwardingProcess. AnuntaggedframedoesnotcarryanyVIDtowhichitbelongs.Whenanuntaggedframe isreceived,IngressProcessinsertsatagcontainedthePVIDintotheuntaggedframe. EachphysicalporthasadefaultVIDcalledPVID(PortVID).PVIDisassignedtountagged framesorprioritytaggedframes(frameswithnull(0)VID)receivedonthisport.
AfterIngressProcess,allframeshavea4bytestagandVIDinformation,andtheyare transitionedintoForwardingProcess. 2.ForwardingProcess: TheForwardingProcessmakesforwardingdecisionsonthereceivedframesbasedon theFilteringDatabase.Ifyouwanttoallowtaggedframestobeforwardedtoacertain
46
ZyXEL
port,thisportmustbetheegressportofthisVID.Theegressportisanoutgoingport forthespecifiedVLAN,thatis,frameswithaspecifiedVIDtagcangothroughthisport. FilteringDatabasestoresandorganizesVLANregistrationinformationusefulfor switchingframestoandfromswitchports.Itconsistsofstaticregistrationentries(Static VLANorSVLANtable)anddynamicregistrationentries(DynamicVLANorDVLANtable). SVLANtableismanuallyaddedandmaintainedbytheadministrator. DVLANtableisautomaticallylearnedviaGVRPprotocol,andcan'tbecreatedor updatedbytheadministrator. VLANentriesinFilteringDatabasehavethefollowinginformation: 1.VID:VLANID 2.Port:Theswitchportnumber 3.AdControl:Registrationadministrationcontrol.Thereare3typesofadcontrol, includingforbiddenregistration,fixedregistrationandnormalregistration. Forbiddenregistration:Thisportisforbiddentobetheegressportofthe specifiedVID. Fixedregistration:Whileadcontrolisfixedregistration,itmeansthisisa staticregistrationentry.ThisportistheegressportofthespecifiedVID(a memberportofthespecifiedVLAN).FrameswiththespecifiedVIDtagcango throughthisport. Normalregistration:Whileadcontrolisnormalregistration,itmeansthisisa dynamicregistrationentry.Theforwardingdecisionisdependedonthe DynamicVLANtable. 4.EgresstagControl:ThisinformationisusedforEgressProcess.Thevaluemaybe taggedoruntagged.Ifthevalueistagged,outgoingframesontheegressportistagged. Ifthevalueisuntagged,thetagwillberemovedbeforeaframeleavestheegressport.
47
ZyXEL
3.EgressProcess: TheEgressProcessdecidesiftheoutgoingframesistobesenttaggedoruntagged.The EgressProcessreferstotheegresstagcontrolinformationinFilteringDatabase.Ifthe valueistagged,outgoingframesontheegressportistagged.Ifthevalueisuntagged, thetagwillberemovedbeforeaframeleavestheegressport. SettingupVLANTrunking WiththebenefitofdeployingVLANtrunking,youcanconnecttwoswitches throughaportthatisconfiguredastheVLANtrunkingport.VLANtaggedframesfrom PC1connectedtoswitch1canreachPC2connectedtoswitch2throughtheVLAN trunkingport.Inthisexample,port5onswitch1isconfiguredastheVLANTrunking portwhileonswitch2,port10istheVLANTrunkingport. Thefollowingfigureshowsthenetworkexample.
48
ZyXEL
Theconfigurationscreenforswitch1isshownasfollows.
Theconfigurationscreenforswitch2isshownasfollows.
49
ZyXEL
Intheswitch1,wesetport2asVLAN2untag Intheswitch2,wesetport6asVLAN2untag. Theswitch1IPaddress:192.168.1.31 Theswitch2IPaddress:192.168.1.21 Aftertheconfiguration,youcanseethatPC1connectedtoport2onswitch1canstill pingPC2connectedtoport6onswitch2.
50
ZyXEL
IPMulticasting
ConfiguringIGMPsnoopinginyourswitch
IGMPsnoopingisdesignedforscenarioswithmulticasttraffic.Itoperatesonthe underlyingIGMPmechanismwherealayertwoswitchpassivelylistenstotheIGMP Query,ReportandLeave(IGMPversion2)packetstransmittedbetweentheIGMP routerandclientsandcollectspassingIGMPmessages.Afterthat,theswitchrecords themessagesgroupregistrationinformation,andconfiguresthemulticasting informationaccordingly.Ifthemulticastgroupinformationisunknown(notrecordedon theswitch),theswitchdiscardsthatmulticasttraffic.Onlytheregisteredclientsthat jointhegroupwillreceivemulticaststreamfromtheIGMProuter.Thusthissignificantly reducesthemulticasttrafficforwardeddowntotheclients.AnotheradvantageofIGMP snoopingistoallowtheintermediateswitchtolearnmulticastgroupinformation withoutmanuallyconfiguringswitches. ConfigurationofIGMPsnoopingbyweb Inthisexample,weenabletheIGMPfunctionontheGS4024(anIGMProuter)to connecttoamultimediaserver.Also,weenableIGMPsnoopingfunctiononthe OLT1308S22themultimediaclientsareconnectto.
51
ZyXEL
1. InGS4024,clicktheIPApplication,selectIGMPwhere,IGMPfunctioncanbe enabledandwecanselecteitherIGMPv1orIGMPv2.
52
ZyXEL
2. InOLT1308S22,clickAdvancedApplication>SwitchAdvanced>Multicast> MulticastSettingandthenIGMPSnoopingwherewecanenableIGMPsnooping functionwithWEBGUI.
ConfigurationofIGMPandIGMPsnoopingbyCLI 1.EnableIGMPfunctioninGS4024 Intheconfiguremode GS4024(config)#routerigmp 2.EnableIGMPsnoopingintheOLT1308S22 IntheconfiguremodeofCLI, OLT1308S22(config)#igmpsnooping 3.DisplaytheIGMPStatus IntheexecmodeofCLI OLT1308S22#showmulticast 4.DisplaytheIGMPsnoopingStatus IntheexecmodeofCLI OLT1308S22#showigmpsnooping ______________________________________________________________ Note:OnethingneedstobementionedisthatintheIGMProuter,wedonotneedto enableIGMPsnoopingfunction. ______________________________________________________________
53
ZyXEL
OverviewofMVR
MVRreferstoMulticastVLANRegistrationthatenablesamediaservertotransmit multicaststreaminasinglemulticastVLANwhileclientsreceivingmulticastVLAN streamcanresideindifferentVLANs.ClientsindifferentVLANsintendingtojoinor leavethemulticastgroupsimplysendtheIGMPJoin/leavemessagetoareceiverport. Thereceiverportbelongingtooneofthemulticastgroupscanreceivemulticaststream frommediaserver.IntheFigure1,withoutsupportofMVR,theMulticaststreamfrom themediaserverandthesubscribermustresideinthesameVLAN.ForeachVLAN,A mediaserverisrequiredtotransmitmulticaststreamonceandtotally,mediaserver transmits6times.IntheFigure2,onthecontrary,withMVR,amediaserverisrequired totransmitmulticasttraffictoclientsindifferentVLANsatonce.
54
ZyXEL
MVRMode
DynamicMode IfweselectthedynamicmodeinMVRsetting,IGMPreportmessagetransmittedfrom thereceiverportwillbeforwardedtoamulticastrouterthroughitssourceport. Multicastrouterknowswhichmulticastgroupsexistonwhichinterfacedynamically. Compatiblemode IfweselectthedynamicmodeinMVRsetting,IGMPreportmessagetransmittedfrom thereceiverportwillnotbetransmittedtoamulticastrouter.Multicastroutermustbe staticallyconfigured.
OperationMode JoinOperation AsubscribersendsanIGMPreportmessagetotheswitchtojointheappropriate multicast.IttestswhethertheIGMPreportmatchestheswitchconfiguredmulticast MACaddress.Ifmatches,theswitchCPUmodifiesthehardwareaddresstableto includethisreceiverportandVLANasaforwardingdestinationoftheMVLAN LeaveOperation SubscribersendsanIGMPleavemessagetotheswitchtoleavethemulticast.The switchCPUsendsanIGMPgroupspecificquerythroughthereceiverportVLAN.Ifthere
55
ZyXEL
isanothersubscriberintheVLAN,subscribermustrespondwithinthemaxresponse time.Ifthereisnosubscriber,theswitcheliminatesthisreceiverport. ImmediateLeaveOperation SubscribersendsanIGMPleavemessagetotheswitchtoleavethemulticast. SubscribersdonotneedtowaitfortheswitchCPUtosendanIGMPgroupspecific querythroughthereceiverportVLAN.Theswitchwillimmediatelyeliminatethis receiverport. ScenarioofMVR Inthefollowingsection,wewillprovideanexampletoillustratehowtoconfigureMVR. Inthisscenario,themainjobofmediaserveristotransmitthemediastreamviaport10 toGS4024.ThemulticasttrafficflowingintotheGS4024willbetaggedwithPVID=100. IntheOLT1308,weenabletheMVRfunctiontoallocatethemulticasttrafficfrom GS4024toseparateVLANhosts.
ConfigurationviaWeb
1. WeneedtocreateaVLANformulticasttrafficinGS4024.InGS4024,clickthe AdvancedApplicationandthenselecttheVLAN.IntheVLANConfiguration,createa newVLAN100. Figure4VLANConfiguration
56
ZyXEL
2. IntheGS4024,clicktheAdvancedApplicationandthenselecttheVLAN.Inthe VLANportSetting,setthePVIDoftheport10to100asthemulticasttrafficthat flowsfrommediaservertoport10mustbetaggedwithPVID=100tocommunicate withtheportinMVRVLAN100inOLT1308S22.
3. WeneedtocreateseparateVLANsfordifferentclients.InOLT1308S22,inthe AdvancedApplication>SwitchAdvance>Multicast>Multicastsetting>MVR configuretheMVRVLAN=100.Defineport1,port2andport3asthereceiverports forforwardingthemulticaststreamtotheclientsindifferentVLANs;setport12asa sourceporttoreceivetrafficfromthemediaserver.Also,selectmodeasdynamic mode.TheswitchsendsIGMPreportmessagetomulticastrouterthroughitssource port.
57
ZyXEL
4. InOLT1308S22,aftertheMVRconfiguration,clicktheAdvancedApplication,VLAN StatusandcheckwhetherthereisthenewVLAN100addedintheVLANlist.Wealso createthreeseparateVLANs,30,40,50andassigntheirPVIDas30,40and50 respectively.
OpenAdvancedApplication>VLAN>StaticVLANtoaddanewVLAN.TicktheActive box,typeVLANName30andVLANID30inthecolumns.ChangePort1andPort12 tofixedandkeepport12txtagging.
58
ZyXEL
59
ZyXEL
OpenAdvancedApplication>VLAN>VLANPortSettingtochangePVIDfortheports1, 2and3.
5. BeforewestarttousetheMVR,itisfundamentaltoenabletheIGMPSnoopingfirst. IntheOLT1308S22Menu,clicktheMulticast,gototheMulticastSetting,and activatetheIGMPSnooping.
60
ZyXEL
6. IntheOLT1308S22,gotoAdvancedApplication>SwitchAdvance>Multicast, andthentotheMulticastsetting.ChooseMVRandclicktheGroupconfiguration. Set233.1.1.1~233.1.1.100astherangeofmulticastaddresssothatonlytheclients belongingtothatrangeofmulticastgroupwillreceivethemulticasttraffic.
ConfigurationviaCLI
61
ZyXEL
1. OntheOLT1308S22,intheconfiguremode,createMVLAN100
2. IntheMVLAN100,settheport1,2,3,12tobefixedport,andtaggedatport12.
62
ZyXEL
3. OntheOLT1308S22,intheconfiguremode,createVLAN30,andsettheport1,12 tobefixedport,anduntaggedatport1.
63
ZyXEL
6. OntheOLT1308S22,setthePVIDofspecificVLAN30
ZyXEL
65
ZyXEL
9. OntheOLT1308S22,intheconfiguremode,enableIGMPsnooping
10. DefinetheDynamicmode
66
ZyXEL
11. OntheOLT1308S22,intheMVR100,setupthemulticastgroupaddress.
14. Inexecmode,inputwritememorytosavealloftheabovechanges.
67
ZyXEL
SpanningTreeProtocol
WhatisSpanningTreeProtocol?
SpanningTreeProtocol(STP)isaLayer2protocoldesignedtorunonthebridges andtheswitches.ThespecificationforSTPisdefinedinIEEE802.1d.Themainpurpose ofSTPistoensurethatyoudonotrunintoaloopsituationwhenyouhaveredundant pathsinyournetwork.STPdetects/disablesnetworkloopsandprovidesbackuplinks betweenswitchesorbridges.ItallowsthedevicetointeractwithotherSTPcompliant devicesinyournetworktoensurethatonlyonepathexistsbetweenanytwostations onthenetwork. TheredundanttopologywithoutSTPwillcausethefollowingproblem: 1.Broadcaststorm: WithoutSpanningTreeloopavoidancemechanism,eachswitchwillendlesslyflood broadcastpacketstoallports.Thissituationiscalledbroadcaststorm. WhenHostsendsabroadcastframe,likeanARPrequesttoRouter,theframewill bereceivedbySwitchA. SwitchAidentifiesthedestinationMACaddressfield(broadcastFF:FF:FF:FF:FF:FF) intheframeanddeterminetoflooditontoSegmentB. WhenthebroadcastframearrivesatSwitchB,theswitchwillrepeataboveprocess, floodittoSegmentA. Thebroadcastframewillendlesslytravelaroundtheloopnetworkevenidthe routerhasalreadyreceivedthisframe.
2.FilteringDatabaseInstability: Whenmultiplecopiesofaframearriveatdifferentportsofaswitch,theMACentry instabilityinFilteringDatabasewilloccur. Hostsendsaunicastframetoarouter(sourceMACaddressishost'sMAC, destinationMACaddressisRouter'sMAC).BothSwitchAandSwitchBwillreceive
68
ZyXEL
thisframeandlearntheMACaddressofthehostonPort2. SwitchAhasnotyetlearnedtheMACaddressofRouter.SoSwitchAwillflooda copyofthereceivedframetoSegmentB. WhenthecopyoftheframefromSwitchAarrivesatSwitchB,SwitchBwill removethefirstentry(HostMACaddressonPort2)inFilteringDatabaseandadda newmappingofHostMACaddressonPort1.SwitchBincorrectlylearnHostMAC addressonPort1. SwitchBcan'tforwardtheframesproperlybecausetheinstabilityofmappingMAC addresstoPort.
HowSTPWorks
SpanningTreeprovidesaloopfreenetwork.WhenaswitchsupportingSTP recognizesaloopinthenetworktopology,itblocksoneormoreredundantports. SpanningTreeProtocolcontinuallyexploresthenetwork,sowhenthenetworktopology changes,STPautomaticallyreconfigurestheswitchportsinordertoavoidthefailureby blockingcertainport. Spanningtreealgorithmawareswitches(bridges)exchangeconfiguration messagesperiodically.TheconfigurationmessageisamulticastframecalledBPDU (BridgeProtocolDataUnit)orHellomessage.AccordingtoBPDU,theseSTPaware switches(bridges)willconstructaloopfreenetworkwitha"tree"architecture. STPoperationisdescribedbelow: 1.Selectarootbridge Onlyoneswitch/bridgecanbeselectedastherootbridgeinagivennetwork. Allotherdecisionsinthenetwork,suchaswhichportisblockedandwhichportisputin forwardingmode,aremaderegardingthisrootbridge.Therootbridgeisthe"root"of theconstructed"tree". OneoftheimportantfieldsincludedintheBPDUisthebridgeID. EachbridgehasuniquebridgeID.Therootbridgeisthebridgewiththelowest bridgeIDinthespanningtreenetwork. ThebridgeIDincludestwoparts,bridgepriority(2bytes)andbridgeMACaddress
ZyXEL
(6bytes).The802.1ddefaultbridgepriorityis32768.E.g.foraswitchwithdefault priority32768(8000hex),MACaddressis00:A0:C5:12:34:56,itsbridgeIDis 8000:00A0:C512:3456. Ontherootbridge,allitsportsaredesignatedports.Designatedportsarealways intheforwardingstate.Whileinforwardingstate,portcanreceiveandsend traffic. 2.Selectarootportforthenonrootbridge Forthenonrootswitch/bridge,therewillbeonerootport.Therootportistheport throughwhichthisnonrootswitch/bridgecommunicateswiththerootbridge(the "leaf"sideofthe"tree"). Therootportistheportonthenonrootbridgewiththelowestpathcosttothe rootbridge.Therootportisnormallyinforwardingstate. PathcostisthetotalcostoftransmittingaframeontoaLANthroughthatportto bridgeroot.Itisassignedaccordingtothebandwidthofthelink.Theslowerthe media,thehigherthecost. SomeofthepathcostsspecifiedintheIEEE802.1dspecificationarelistedbelow.
3.Whenmultipleportshavethesamepathcosttorootbridge,theportwith lowestportpriorityisselectedasrootport. 3.Selectadesignatedportoneachsegment ForeachLANsegment(collisiondomain),thereisadesignatedport.Thedesignated porthasthelowestcosttotherootbridge.Designatedportsarenormallyinthe forwardingstatetoforwardandreceivetraffictothesegment.Ifmorethanoneportin thesegmenthavethesamepathcost,theportonwhichbridgehasthelowestbridgeID isselectedasadesignatedport. AfterSTPdeterminesthelowestcostspanningtree,itenablesallrootportsand designatedports,anddisablesallotherports.Networkpacketsarethereforeonly forwardedbetweenrootportsanddesignatedports,eliminatinganypossiblenetwork loops.STPawaredevicesexchangeBridgeProtocolDataUnits(BPDUs)periodically. WheneverthebridgedLANtopologychanges,anewspanningtreeisconstructed.
70
ZyXEL
Onceastablenetworktopologyhasbeenestablished,allbridgeslistenforHelloBPDUs (BridgeProtocolDataUnits)transmittedfromtherootbridge.Ifabridgedoesnotgeta HelloBPDUafterapredefinedinterval(MaxAge),thebridgeassumesthatthelinkto therootbridgeisdown.Thisbridgetheninitiatesnegotiationswithotherbridgesto reconfigurethenetworktoreestablishavalidnetworktopology. Forexample:
1. SwitchAbridgeID=8000:00A0:C511:1111,SwitchBbridgeID= 8000:00A0:C522:2222,SwitchCbridgeID=0001:00A0:C533:3333.SwitchChasthe lowestbridgeID,soSwitchCistherootbridge.Allportsoftherootbridgeare designatedports,soPort1isdesignatedport. 2. FornonrootbridgeSwitchA,Port1pathcosttorootbridgeis19,Port2pathcostis 119,100(SwitchAPort2)+19(SwitchBPort1).ForSwitchB,Port1pathcostis19, Port2pathcostis119.Rootport=Port1ofSwitchAandSwitchBbecauseithas thelowestpathcosttotherootbridgeSwitchC. 3. OnSegmentA,bothPort2ofSwitchAandSwitchBhavethesamepathcosttoroot bridge.SinceSwitchAhaslowerbridgeIDthanSwitchB,thedesignatedportis selectedonSwitchA.SoPort2ofSwitchAisdesignatedport.Blocking=Port2of SwitchB,thenondesignatedportonthesegment.Forwarding=Alldesignated portsandrootports.
71
ZyXEL
OverviewofMSTP
MultipleSpanningTreeProtocol(IEEE802.1s)isbackwardcompatiblewithSTP/RSTP and addresses the limitations of existing spanning tree protocols (STP and RSTP) in networkstoincludethefollowingfeatures:

One Common and Internal Spanning Tree (CIST) that represents the entire network'sconnectivity. Grouping of multiple bridges (or switching devices) into regions that appear as onesinglebridgeonthenetwork. A VLAN can be mapped to a specific Multiple Spanning Tree Instance (MSTI). MSTIallowsmultipleVLANstousethesamespanningtree. LoadbalancingispossibleastrafficfromdifferentVLANscanusedistinctpathsin aregion.
MSTRegion: An MST region is a logical grouping of multiple network devices that appears as a singledevicetotherestofthenetwork.EachMSTPenableddevicecanonlybelongto oneMSTregion.
MSTInstance: AnMSTInstance(MSTI)isaspanningtreeinstance.VLANscanbeconfiguredtorun on a specific MSTI. Each created MSTI is identified by a unique number (known as an MSTID)knowninternallytoaregion.ThusanMSTIdoesnotspanacrossMSTregions.
72
ZyXEL
ThisMSTRegioncanbedecomposedintotwoMSTIs.Oneforvlan2,3,andanother forvlan4,5.DifferentMSTIshavedifferenttopologies. Scenario&Benefits Considerthefollowingtopology:
If we use STP/RSTP in this topology, all traffics from D to hosts connected to other switcheswillgothroughtherootport.
ZyXEL
TrafficonSTP/RSTPenabledtopology.
NowwhatifweappliedMSTPinthesametopology?
When therere traffics belong to VLAN2 and VLAN3. Each of them can go through differentuplinks.
74
ZyXEL
Withmultipleuplinkportsbe enabled. Thetraffic loadingwillbebalancedbetween twouplinkports,whichalsoincreasethenetworkthroughputandusage. Now,AssumingthatSwitchBistheOLT1308S22,andtheotherswitchesA,CandD areallZyXELEthernetswitch(3.80).Thetopologywouldlooklikethis:
75
ZyXEL
ConfigurationusingtheWebGUISwitchA 1. 2. 3. 4. 5. ConnectMGMTportwithaPCorNotebookviatheRJ45Cable. Bydefault,theMGMTIPoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intheURLfield. By default, the username for the administrator is admin and the corresponding passwordis1234. 6. After successful login you will see a screen similar to the one on the screenshot below.
7. First of all, you need to enable the switchs MSTP function. To do so, click items depictedbelow.AdvancedApplication>SpanningTreeProtocol>Configuration
76
ZyXEL
8. After step 7. It will direct you to a Spanning Tree Configuration page, choose MultipleSpanningTreethenclicktheApplybutton.
9. ClickSpanningTreeProtocolbuttonandbacktoSpanningTreeProtocolStatuspage. ClickMSTPandgototheMultipleSpanningTreeProtocolpage,youcandodetail MSTPconfigurationfromhere.
77
ZyXEL
10. At the Multiple Spanning Tree Protocol page, create a MSTI 0 setting by following steps.AllportswanttojoinMSTPmustbeincludedintoMSTI0 A. ConfiguretheMSTPbridgeparameters.(Allswitchesinthesameregionmust have the same Configuration Name, Revision Number and vlanMSTI mapping.) i. CheckActive ii. ConfiguretheHelloTime iii. ConfiguretheMaxAgetime iv. ConfiguretheForwardingDelaytime v. ConfiguretheMaxhops vi. ConfiguretheConfigurationName vii. ConfiguretheRevisionNumber viii. ClickApplybottom
78
ZyXEL
B. Configure the MSTI parameters and choose which vlan should join this MSTI andclickAdd.BecauseswitchAistherootofthisregion,wemustsetthe BridgePriorityofMSTI0to0
C. ChoosewhichportshouldbeincludedinthisMSTI.ClickAdd
11. At the Multiple Spanning Tree Protocol page, create a MSTI 1 setting by following steps. A.ConfiguretheMSTIparametersandchoosewhichvlanshouldjointhisMSTI andclickAdd
79
ZyXEL
B.ChoosewhichportshouldbeincludedinthisMSTI.ClickAdd
12. At the Multiple Spanning Tree Protocol page, create a MSTI 1 setting by following steps. A.ConfiguretheMSTIparametersandchoosewhichvlanshouldjoin thisMSTIandclickAdd
80
ZyXEL
13. CreatevlanscorrespondingtoMSTinstances. A.GotoStaticVLANpagebyclickingAdvancedApplication>VLAN>Static VLAN
81
ZyXEL
B.Createvlan2forMSTI1andclickAdd
C.Createvlan3forMSTI2andclickAdd
82
ZyXEL
ConfigurationusingtheWebGUISwitchBOLT1308S22 1. 2. 3. 4. 5. ConnecttheMGMTporttoaPCorNotebookwiththeRJ45Cable. Bydefault,theMGMTIPaddressoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intotheURLfield. By default, the username for the administrator is admin and the password is 1234. 6. Aftersuccessfullylogginginyouwillseeascreensimilartotheonebelow.
83
ZyXEL
7. First of all, you need to enable the switchs MSTP function. To do so, click items depictedbelow.AdvancedApplication>SwitchAdvance>SpanningTreeProtocol> Configuration
84
ZyXEL
10. At the Multiple Spanning Tree Protocol page, create a MSTI 0 setting by following steps.AllportswanttojoinMSTPmustbeincludedintoMSTI0
85
ZyXEL
A.ConfiguretheMSTPbridgeparameters.(Allswitchesinthesameregion MusthavethesameConfigurationName,RevisionNumberand vlanMSTImapping.) i. CheckActive ii. ConfiguretheHelloTime iii. ConfiguretheMaxAgetime iv. ConfiguretheForwardingDelaytime v. ConfiguretheMaxhops vi. ConfiguretheConfigurationName vii. ConfiguretheRevisionNumber viii. ClickApplybottom
B.ConfiguretheMSTIparametersandchoosewhichvlanshouldjointhisMSTI andclickAdd
C.ChoosewhichportshouldbeincludedinthisMSTI.ClickAdd
86
ZyXEL
11. At the Multiple Spanning Tree Protocol page, create a MSTI 1 setting by following steps. A.ConfiguretheMSTIparametersandchoosewhichvlanshouldjointhisMSTI andclickAdd.BecauseSwitchBistherootofMSTI1,weneedtoconfigure theBridgePriorityofthisinstanceto0
87
ZyXEL
13. CreatevlanscorrespondingtoMSTinstances. A.GotoStaticVLANpagebyclickingAdvancedApplication>SwitchAdvance> VLAN>StaticVLAN
ZyXEL
89
ZyXEL
14. CreatethePVIDforthedownlinkportconnectedtotheHost.
90
ZyXEL
ConfigurationusingtheWebGUISwitchC 1. 2. 3. 4. 5. ConnectMGMTportwithaPCorNotebookviatheRJ45Cable. Bydefault,theMGMTIPoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intheURLfield. By default, the username for the administrator is admin and the corresponding passwordis1234. 6. After successful login you will see a screen similar to the one on the screenshot below.
91
ZyXEL
92
ZyXEL
10. At the Multiple Spanning Tree Protocol page, create a MSTI 0 setting by following steps.AllportswanttojoinMSTPmustbeincludedintoMSTI0
A.ConfiguretheMSTPbridgeparameters.(Allswitchesinthesameregion MusthavethesameConfigurationName,RevisionNumberand vlanMSTImapping.) i. CheckActive ii. ConfiguretheHelloTime iii. ConfiguretheMaxAgetime iv. ConfiguretheForwardingDelaytime v. ConfiguretheMaxhops vi. ConfiguretheConfigurationName vii. ConfiguretheRevisionNumber viii. ClickApplybottom
93
ZyXEL
94
ZyXEL
11. At the Multiple Spanning Tree Protocol page, create a MSTI 1 setting by following steps. A.ConfiguretheMSTIparametersandchoosewhichvlanshouldjointhisMSTI andclickAdd.
95
ZyXEL
12. At the Multiple Spanning Tree Protocol page, create a MSTI 1 setting by following steps. A.ConfiguretheMSTIparametersandchoosewhichvlanshouldjointhisMSTI andclickAdd.BecauseSwitchCistherootofMSTI2,weneedtoconfigure theBridgePriorityofthisinstanceto0
96
ZyXEL
97
ZyXEL
98
ZyXEL
99
ZyXEL
ConfigurationusingtheWebGUISwitchD 1. 2. 3. 4. 5. ConnectMGMTportwithaPCorNotebookviatheRJ45Cable. Bydefault,theMGMTIPoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intheURLfield. By default, the username for the administrator is admin and the corresponding passwordis1234. 6. After successful login you will see a screen similar to the one on the screenshot below.
100
ZyXEL
101
ZyXEL
10. At the Multiple Spanning Tree Protocol page, create a MSTI 0 setting by following steps.AllportswanttojoinMSTPmustbeincludedintoMSTI0 A.ConfiguretheMSTPbridgeparameters.(Allswitchesinthesameregion MusthavethesameConfigurationName,RevisionNumberand vlanMSTImapping.) i. CheckActive ii. ConfiguretheHelloTime iii. ConfiguretheMaxAgetime iv. ConfiguretheForwardingDelaytime v. ConfiguretheMaxhops vi. ConfiguretheConfigurationName vii. ConfiguretheRevisionNumber viii. ClickApplybottom
102
ZyXEL
103
ZyXEL
104
ZyXEL
105
ZyXEL
106
ZyXEL
107
ZyXEL
108
ZyXEL
Switchingsecurity
MACfreeze
Asanaddedprotectionagainstnetworkintrusionattacks,ZyXELhasimplemented theMACFreezefeatureonOLT1308S22.Securityhasbeenthemainfocusofour Ethernetswitchdesign.WiththeMACfreezefeatureenabled,dynamicMACaddresses onspecifiedportsarestoredinthestaticMACaddresstable.Atthesametime,MAC addresslearningisdisabledontheseportsthusdenyingnetworkaccessforcomputers withinunknownMACaddresses.WithouttheMACfreezefunction,anycomputercan accessthenetworkthroughaswitchport.Theportautomaticallylearnsthecomputers MACaddressandstoresittotheMACaddresstable. ActivatetheMACfreezefunctiononaportbyenteringtheportsecurity[portnumber] MACfreezecommandintheCLI.ThefollowingfigureshowsanexamplewheretheMAC freezefeatureisenabledonport11.Theswitchautomaticallycopiesalldynamically learntMACaddressontheport11tothestaticMACaddress.
YoucandisplaytheStaticMACAddressscreeninthewebconfiguratortoviewthe copiedMACaddresses.
109
ZyXEL
Figure2:DisplayingMACAddressesfromMACFreeze
AfteryouenabledMACfreezeontheport11usingtheCLIcommand,theswitch automaticallydisablesMACaddresslearningonthatport.DisplaythePortSecurity screentoverifythis. Figure3:DisabledAutomaticMACAddressLearningAfterMACFreeze
110
ZyXEL
trTCM
OverviewoftrTCM
Two Rate Three Color Marker (TRTCM, defined in RFC 2698) is a type of traffic policing that identifies packets by comparing them to two userdefined rates: the CommittedInformationRate(CIR)andthePeakInformationRate(PIR).TheCIRspecifies the average rate at which packets are admitted to the network. The PIR should be greater than or equal to the CIR. CIR and PIR values are based on theguaranteedand maximumbandwidthrespectivelyasnegotiatedbetweenaserviceproviderandclient. A packet is marked red if it exceeds the Peak Information Rate (PIR). Otherwise it is markedeitheryelloworgreendependingonwhetheritexceedsordoesn'texceedthe CommittedInformationRate(CIR).
TheMeteroperatesinoneoftwomodes.IntheColorBlindmode,theMeterassumes thatthepacketstreamisuncolored.IntheColorAwaremodetheMeterassumesthat someprecedingentityhasprecoloredtheincomingpacketstreamsothateachpacket iseithergreen,yellow,orred. TheMarker(re)colorsanIPpacketaccordingtotheresultsoftheMeter
111
ZyXEL
Scenario
Considerthefollowingtopology:
Forpolicyreason,wewanttolettheCIRfromHostAtoHostBbe10MbpsandthePIR is 60Mbps. However, the link speed between Host A and port 1 is negotiated at 100Mbps. What we have to do is to implement traffic policing on the port 1s ingress queue.Thus,aggregatedtrafficfromHostAwillbelimitedattheconfiguredspeedand packetswillbecolored(whichmeanstheDSCPvaluewillberesetaftergoingthrough theswitch)accordingtotheCIRandPIRvaluesetontheswitch.
112
ZyXEL
ConfigurationusingtheWebGUI 1. 2. 3. 4. 5. ConnecttheMGMTporttoaPCorNotebookwiththeRJ45Cable. Bydefault,theMGMTIPaddressoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intotheURLfield. By default, the username for the administrator is admin and the password is 1234. 6. Aftersuccessfullylogginginyouwillseeascreensimilartotheonebelow.
7. ClickAdvancedApplication>SwitchAdvance>trTCM
113
ZyXEL
8. In the 2Rate 3 Color Marker page, check the Active checkbox. Select colorblind modeinthemodeselection.
9. ChecktheActivecheckboxonport1,settheCommitRate(CIRvlaue)ofport1to 10000Kbps (10Mbps). Set the Peak Rate(PIR value) of port 1 to 60000Kbps (60Mbps). 10. SettheDSCPofgreento56,yellowto32,redto16.
ConfigurationusingtheCLI OLT1308S22#config OLT1308S22(config)# interfaceportchannel1 trtcm trtcmcir10000 trtcmpir60000 trtcmdscpgreen56 trtcmdscpyellow32 trtcmdscpred16
114
ZyXEL
SNMPv3
IntroductiontoSNMP
SNMPisasetofoperationsthatallowtheadministratortochangethestateofthe SNMPbaseddevices,suchasUNIXsystems,Windowssystems, Switches,Routersetc. TheSNMPsystemconsistsofthreeparts:SNMPmanager,SNMPagent,andMIB.SNMP agents are the controlled devices where SNMP manager is playing the role of the managingdevice.TheMIB(ManagementInformationBase)isadatabaseofthemanaged devicesthatwillbetracked.
DifferencebetweenSNMPv3andothers(SNMPv1andSNMPv2c) SNMPv3 (Simple Network Management Protocol version 3) can be thought of as SNMPv2 with additional security and administration capabilities. In SNMPv1 and SNMPv2, the authentication method amounts to nothing more than a password (the communitystring),whichwassentinplaintext.InSNMPv3,securitycanbeenhancedby encrypting the SNMP messages, only the authenticated receivers can decrypt the message.
115
ZyXEL
InZyXELswitches,therearethreesecuritylevels: 1. noauth:TousetheusernameasthepasswordstringtosendtotheSNMPmanager. 2. auth: To implement an authentication algorithm for SNMP messages sent by this user. 3. priv: To implement authentication and encryption for SNMP messages sent by this user. TherearetwoauthenticationmethodsimplementedonZyXELswitches,(i)MD5(ii)SHA andtwoencryptionmethods(i)DES(ii)AES
116
ZyXEL
Scenario
BelowisasimpletopologywhichcouldgiveusacommonviewaboutSNMP.
There are three SNMP components in this topology: Manager, Agent, and MIB. In this sample,weuseSNMPcasthemanagerserver.SNMPccouldbeinstalledonaWindows system.
117
ZyXEL
ConfigurationZyXELswitchusingtheWebGUI 1. 2. 3. 4. 5. ConnecttheMGMTporttoaPCorNotebookwiththeRJ45Cable. Bydefault,theMGMTIPaddressoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intotheURLfield. By default, the username for the administrator is admin and the password is 1234. 6. Aftersuccessfullylogginginyouwillseeascreensimilartotheonebelow.
7. ToentertheSNMPpage,clickManagement>AccessControl>SNMP
8. IntheSNMPpage,wecanchoosewhatSNMPversion,SNMPv2c,SNMPv3orboth. Here we choose to use SNMPv3. Then configure the Get Community, Set Community, and Trap Community values. The term Community is nothing more than password. Get Community means: The password to get the SNMP messages andsoon.Hereweusethedefaultcommunitiestoletuserseasiertounderstand.By default,thecommunitiesarepublic.
118
ZyXEL
9. WecanconfigurewhichkindofeventsshouldtriggertheSNMPtrapmessage.Inthe TrapDestinationsection,wecanchoosetheSNMPversionofthetrapmessage,the destinationwewanttotriggerto,destinationport,andtheusername.
10. ConfiguretheUserinformation.TherewecanchooseSecurityLevel,Authentication methods, and encryption methods. Here we use noauth for no authentication. ClickApply.
119
ZyXEL
OverviewofSNMPc
The following diagram shows the main elements of SNMPc. SNMPc includes the followingfunctions: MainButtonBar:Buttonandcontrolstoexecutecommandsquickly EditButtonBar:Buttontoquicklyinsertmapelement EventLogTool:Buttontodisplayfilteredeventlogentries ViewWindowArea:MapView,MibTablesandMibGraphwindowsaredisplayed here. ViewWindowArea:MapView,MibTablesandMibGraphwindows. Figure2MainelementsofSNMPc
120
ZyXEL
AddinganewdeviceviaSNMPc Inthefollowingexample,wewillillustratehowtogetstartedwithaddinganewdevice withSNMPcandNetAtlas.FollowtheproceduresfromStep1toStep8. Step 1: In the edit button bar shown in the Figure 4, click the icon to insert a new element. Figure4AddinganewDevice
121
ZyXEL
Step 2: In the map object properties, insert the label name and the IP address of the selecteddevice.Inthisexample,weset192.168.1.1astheIPaddressofyourSwitchas shownonFigure5 Figure5MapObjectProperties
122
ZyXEL
Step 3: In the map object properties, select Access tab to set the parameters of Read AccessModetoSNMPV3NoAuthshownonFigure6. Figure6ReadAccessmode
123
ZyXEL
Step 4: In the map object properties, select Access tab to set the parameters of Read /WriteAccessModetoSNMPV3NoAuthshownonFigure7. Figure7Read/WriteAccessMode
124
ZyXEL
Step 5: In the map object properties, select Access tab to set the parameters of Read communitytopublicasshownonFigure8. Figure8ReadCommunity
125
ZyXEL
Step 6: In the map object properties, select Access tab to set the parameters of Read /writecommunitytopublicasonFigure9. Figure9Read/writeCommunity
126
ZyXEL
Step7:Inthemapobjectproperties,selectAccesstabChangethevalueofV3NoAuth SecurityNametoAdminasonFigure10.ClickOK Figure10V3NoAuthSecurityName
Step 8: After successfully created a SNMP management entry, the link is up when the iconshowsgreen.TheSNMPsessionisdistributedandtheSNMPmanagercancontrol thedevicefromthesessionfromnowon.
127
ZyXEL
ConfigurationZyXELswitchusingtheCLI OLT1308S22#config OLT1308S22(config)# snmpserverversionv3 /*Using the default communities, thus, no more SNMPv3 related configuration needed*/
128
ZyXEL
LoopGuard
LoopGuardOverview
Loopguardallowsyoutoconfiguretheswitchtoshutdownaportifitdetectsthat packetssentoutonthatportloopbacktotheswitch. Loop guard is designed to handle loop problems on the edge of your network. This canoccurwhenaportisconnectedtoaswitchthatisinaloopstate.Loopstateoccurs asaresultofhumanerror.Ithappenswhentwoportsonaswitchareconnectedwith the same cable. When a switch in loop state sends out broadcast messages the messages loop back to the switch and are rebroadcast again and again causing a broadcaststorm. BelowdescribeshowloopguardworksonSwitchA.
129
ZyXEL
Scenario
Considerthetopologydepicted.WhenSwitchBwaslooped,itwillcausethe broadcaststormandeffectsuponSwitchA.Toavoidthis,wecanconfigureloopguard onport1ofSwitchA.WhenSwitchAdetectstheloop,thenitshutdowntheportwhich receivesthelooppacketimmediately.
130
ZyXEL
ConfigurationusingtheWebGUI(SwitchA) 1. 2. 3. 4. 5. ConnecttheMGMTporttoaPCorNotebookwiththeRJ45Cable. Bydefault,theMGMTIPaddressoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intotheURLfield. By default, the username for the administrator is admin and the password is 1234. 6. Aftersuccessfullylogginginyouwillseeascreensimilartotheonebelow.
7. Firstofall,wegototheLoopGuardpagebyclickingAdvancedApplication>Switch Advance>LoopGuard 8. ChecktheActivecheckbox. 9. ChoosetheActivecheckboxofport1andclickApply.
131
ZyXEL
10. Nowtheloopguardfunctionisenabledonport1.
ConfigurationusingtheCLI(SwitchA) OLT1308S22#config OLT1308S22(config)# loopguard //enableloopguardglobally interfaceportchannel1 OLT1308S22(configinterface)# loopguard //enableloopguardonport1
132
ZyXEL
IPSubnettingVLAN
IPSubnettingVLANOverview
Subnet based VLANs allow users to group traffic into logical VLANs based on the sourceIPaddressandIPsubnet.Whenaframeisreceivedonaport,theswitchchecks where the IP subnet it came from and what the source IP address is. The untagged packetsfromthesameIPsubnetarethenplacedinthesamesubnetbasedVLAN.The most significant advantage of using subnet based VLANs is that the priority can be dividedandtunedbaseonwhatVLANthetrafficbelongsto.
Scenario
Consideringthefollowingtopology: Purpose: TrafficfromVoIPphone(sourceIP:192.168.1.10)willbecategorizedintoVLAN3. TrafficfromIPTV(sourceIP:192.168.5.10)willbecategorizedintoVLAN4. TrafficfromthePC(sourceIP:192.168.10.10)willbecategorizedintoVLAN5.
133
ZyXEL
WhentherearedifferentIPservicesrequirementbehindamodem(e.g.VoIP,IPTV,and Commondatanetworking).ToseparatetheIPservicesintheedgesite,wecanclassify differentVLANsforeachIPservice. By distinguishing each service, Service Providers can do further policy controlling for eachVLAN. In this topology, three IP services are needed by customer, VoIP, IPTV, and general networkaccess.EachclientbelongstodifferentIPsubnets.Wecanachievethispurpose usingtheswitchwithIPSubnettingVLANfunction.
134
ZyXEL
ConfigurationusingtheWebGUI 15. ConnecttheMGMTporttoaPCorNotebookwiththeRJ45Cable. 16. Bydefault,theMGMTIPaddressoftheoutbandportis192.168.0.1/24 17. SetyourNICto192.168.0.100/24 18. OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intotheURLfield. 19. By default, the username for the administrator is admin and the password is 1234. 20. Aftersuccessfullylogginginyouwillseeascreensimilartotheonebelow.
21. GotoStaticVLANpagebyclickingAdvancedApplication>SwitchAdvance>VLAN >StaticVLAN
135
ZyXEL
22. CreateVLAN3,includeport1andport2.Port1connectstothemodemandpackets goinginandoutthisportshouldnthaveVLANtag.Port2connectstotherouterin the CO, and packets going in and out port 2 should have different VLAN tags accordingtoitsIPaddress.ClickAdd.
136
ZyXEL
137
ZyXEL
25. GotoVLANPortSettingpagebyclickingAdvancedApplication>SwitchAdvance> VLAN>VLANPortSetting
26. GotoSubnetBasedVLANpage.
138
ZyXEL
27. In the Subnet Based VLAN page, first we have to activate this function. Check the Activecheckboxtoenableit.ClickApply
28. CreatetheSubnetBasedVLANentryfortheVoIPphone.
Here we see that packets from 192.168.1.10/24 will be attached a VLAN tag 3 and its prioritywillbesetto2.ClickAdd
139
ZyXEL
29. CreatetheSubnetBasedVLANentryfortheIPTVdevice.
Here we see that packets from 192.168.5.10/24 will be attached a VLAN tag 4 and its prioritywillbesetto5.ClickAdd 16.CreatetheSubnetBasedVLANentryforthePC.
Hereweseethatpacketsfrom192.168.10.10/24willbeattachedaVLANtag5andits prioritywillbesetto7.ClickAdd
140
ZyXEL
ConfigurationusingtheCLI OLT1308S22#config OLT1308S22(config)# vlan3 nameVLAN3 normal312 fixed12 untagged1 exit vlan4 name"VLAN4" normal312 fixed12 untagged1 exit vlan5 name"VLAN5" normal312 fixed12 untagged1 exit subnetbasedvlan subnetbasedvlannameVoIPsourceip192.168.1.10maskbits24vlan3priority2 subnetbasedvlannameIPTVsourceip192.168.5.10maskbits24vlan4priority5 subnetbasedvlannamePCsourceip192.168.10.10maskbits24vlan5priority7
141
ZyXEL
IPSourceGuard
OverviewofIPSourceGuard
IPSourceGuardisanewfeatureinZyNOS3.80.Itallowstheswitchtoidentifywho hasthepermissiontoaccessthenetwork.Furthermore,devicecancheckthebindingof MACaddress,IPaddress,VLANtag,andingressportofpackets.Hadanyparameterbe mismatching,thepacketwillbedropped.Thebelowscenarioisanexample:
HostAhasitsownstaticIPaddress,MACaddress,andtheswitchknowswhichHostA hasconnectedandwhatVLANthisportbelongsto. IPSourceGuardcanfilterpacketsinthebelowscenarios:
142
ZyXEL
1. If unauthorized user connects to an external switch, IP Source Guard will drop packetscomingfromtheuser.IPorMACaddressmismatching.
2. IfHostAchangestheconnectingport,theswitchwilldroppacketscomingfromHost A.portmismatching.
143
ZyXEL
3. IftheVLANtagisdifferentfromthetableofswitch.ThepacketsfromHostAwillbe droppedbecauseofthemismatchingofVLAN.
144
ZyXEL
Scenario
Herewedliketodemonstrateasituationwithaportchanging.Considerthescenario below: Figure 1
145
ZyXEL
Figure 2
Inthisexample,HostAandGatewayareconnectedtoport1andport12(Figure1). AdministratorbuildsastaticbindingofHostAandGateway.Ifanyofthetwodevices changesitsconnectingport,thepacketswillbedroppedbytheswitch.
146
ZyXEL
ConfigurationusingtheWebGUI 1. 2. 3. 4. 5. ConnecttheMGMTporttoaPCorNotebookusingtheRJ45Cable. Bydefault,theMGMTIPaddressoftheoutbandportis192.168.0.1/24 SetyourNICto192.168.0.100/24 OpenanInternetbrowser(e.g.IE)andenterhttp://192.168.0.1intotheURLfield. By default, the username for the administrator is admin and the password is 1234. 6. Aftersuccessfullyloggingin,youwillseeascreensimilartotheonebelow.
7. ClickAdvancedApplication>SwitchAdvance>IPSourceGuard>StaticBindingto gototheIPSourceGuardStaticBindingpage.
147
ZyXEL
8. IntheIPSourceGuardStaticBindingpage,settheMAC,IP,VLAN,andPortbinding thenclickAdd.BelowisanexampleofbindingtheGatewaytoport12.
9. ThenwecontinuetoaddanewbindingofHostA.
148
ZyXEL
10. Aftercreatingthestaticbinding,weneedtoconfiguretheARPinspection.Because IPSourceGuardfilterspacketsbasedontheARPpacketsbeforeasessionwas established.AftertheARPwasinspected,thentheswitchdecidesifitwillforward thefollowingpacketslikeICMP,TCP.ClickAdvancedApplication>SwitchAdvance >IPSourceGuard>ARPInspectionthenclickConfiguretoentertheARP InspectionConfigurepage.
149
ZyXEL
11. ChecktheActivecheckbox,entertheFilterAgingTimeandLogProfilevalueonthe ARPInspectionConfigurepage.YoucanleaveFilterAgingTimeandLogProfile valuebydefault.ClickApply
12. ClickVLANtoopentheARPInspectionVLANConfigurepage.
150
ZyXEL
13. TherearetwopartsintheARPInspectionVLANConfigurepage.Theupperpartis usedtoshowthelistofVLANsettingandthelowerpartisusedtoconfigurewhich VLANtheARPInspectionwasimplemented.Hereweenter1astheStartVIDand 5astheEndVID.ClickApply
ThenthelowerpartwillshoweachVLANsconfiguration.SinceweuseVLAN1asHost AsVLAN,weneedtoenableitonVLAN1.
151
ZyXEL
14. Afterstep13,theStaticBindingissuccessfullyconfigured.
152
ZyXEL
ConfigurationusingtheCLI OLT1308S22#config OLT1308S22(config)# ipsourcebinding00:16:01:44:19:12vlan1192.168.1.11interfaceportchannel1 ipsourcebinding00:16:32:42:3e:66vlan1192.168.1.254interfaceportchannel12 arpinspectionvlan1loggingall arpinspectionvlan1 arpinspection
153
ZyXEL
Classifier&Policyrulesetuponyour Switch
ThissectionshowsyouhowtoallowtrafficfromcertainIPaddressesanddeny others.Thiscanbedoneeasilyusingclassifierandpolicyrules. First,youneedtocreateaclassifierruletogrouptrafficintodataflowsbasedon informationsuchasthesourceaddress,destinationaddress,portnumberandpacket format.Inthisexample,wegrouptrafficbasedonthepacketformatandsetthe OLT1308S22toapplyitspolicyrules.Thefollowingliststhethreeclassifierrulesthat wewilldefineinthisexample: 1. PacketwithasourceIPaddressof192.168.1.20 2. Packetsonport2 3. ARPtrafficfortesting Oncepacketclassificationsettingsaredone,wecreatepolicyrulestospecifytheactions onthematchedpacketssotheygetthedeservedtreatmentinthenetwork.Here,we alsodefinethreepolicyrules. 1. Forwardtrafficfrom192.168.1.20only(onthefirstclassifier) 2. Discardallthetrafficfromport2(onthesecondclassifier) 3. ForwardARPpackets(onthethirdclassifier) Thefollowingfiguresshowthescreensettingsforeachclassifierrule.
154
ZyXEL
ClassifierConfiguration
Classifier1
Classifier2
155
ZyXEL
Classifier3
PolicyRuleConfiguration Thefollowingfiguresshowthescreensettingsforeachpolicyrule. 1. PolicyruleonClassifier1
156
ZyXEL
2. Policyruleonclassifier2
3. Policyruleonclassifier3
157
ZyXEL
ClusterManagementOverview
ClusterManagement(alsoknownasistacking)allowsyoutomanageupto8 switchesthroughasingleIP.Thisallowsyoutomanageupto8switchessimultaneously inthesamebroadcastdomainandusingthesameVLANgroupID.Theclustermanager whichcanmanageotherswitchesiscalledthemasterdevice.
HowClusterManagementworks
Step1:
Todiscovertheclustermembers,theclustermanagerbroadcastsanHDAP(Host DiscoveryandAddressassignmentProtocol)Discoverrequest. Step2:
AclustermemberlistensonUDPport263.Whenaclustermemberreceivesarequest withthematchingsignature,itanswerswithanHDAPDiscoverResponse.Inresponse, theclustermemberreturnswithitsidentityinformation. Step3:
158
ZyXEL
HDAP_SET_ADDR_REQ(Masterdevice)packetrequestisusedforaclustermanagerto assignanIPaddressandsubnetmasktoaclustermember. Step4:
AclustermemberusesanHDPA_SET_ADDR_RSP(Slavedevice)packettoacknowledgea "SetAddress"request.Thehardwareaddressuniquelyidentifiesthesenderofthis response. Aftertheprocessisdone,theclustermasterwillbeabletomanagetheslaveswitch.
ConfiguringClusterManagement Forthisexample,anOLT1308S22andOLT1308seriesswitchareusedtoshowyou howtoconfigureclustermanagementintheswitch. Step1:
159
ZyXEL
1. AccessthewebconfiguratorontheswitchandclickManagement>Cluster Management>ClusteringManagementConfigurationinthenavigationpanel. IntheClusteringManagementConfigurationscreen,selecttheActivecheckboxto enablethisfeature.IntheClusteringMemberList,selectaswitchtoaddthatswitch asaclustermember.
2. Youmustthenentertheadministratorloginaccountpasswordfortheselected switch.ClickAdd.
160
ZyXEL
3. IntheClusteringManagementStatusscreen,clicktheindexnumberforacluster membertoaccesstheconfigurationscreenforthatdevice.
4. InMemberMenuscreen,youcanclicktochangethesettingsoftheclustermember, exceptClusterManagement,FirmwareUpgradeandRestoreConfiguration.
161
ZyXEL
5. Tocheckthestatusofeachclustermember,clickManagementCluster ManagementClusteringManagementStatus.
162
ZyXEL
FAQ
WhatarethedefaultIPparametersettings? IPaddress:192.168.1.1 Subnet:255.255.255.0 WhatisthedefaultloginNameandPasswordtologintotheWebConfigurator? ID:admin Password:1234 HowtoaccessmySWITCHthroughtheconsoleport? Connectthemale9pinendoftheconsolecabletotheconsoleportoftheswitch. Connectthefemaleendtoaserialport(COM1,COM2orotherCOMport)ofyour computer.Launchaterminalemulationsoftwareconfiguredtothefollowsettings: Terminalemulation:VT100 Baudrate:115200bps Databits:8 Parity:none Stopbit:1 Flowcontrol:none Whatisdefaultloginpasswordforconsole,telnet,andFTPlogin? Password:1234
Howtochangethepassword? Youcanonlychangetheadministratorloginpasswordinthewebconfigurator..After youloginforthefirsttime,itisrecommendedyouchangethedefaultadministrator password. IntheWebConfigurator:ClickManagement>AccessControl>Loginstodisplaythe configurationscreenasshown.Thenchangethepasswordbysettingsthepassword fields.
163
ZyXEL
HowtoaccesstheCommandLineInterface(CLI)? TherearetwowaystoaccesstheCommandLineInterface:throughtheconsoleportor Telnet.Ifyouwanttoaccessthroughtheconsoleport,RefertotheHowtoaccessthe Switchthroughtheconsoleport?sectionformoreinformation. IfIhaveforgottenthepassword,howtoresetthepasswordtothedefaultsetting? Ifyouhavechangedandforgottenthepassword,youwillneedtoreloadthefactory defaultconfiguration.Notethatallyourpreviousconfigurationwillbelost. 1. Connecttheconsolecabletoyourcomputerandlaunchaterminalemulation software. 2. Restarttheswitch,andpressanykeytoenterthedebugmodeatthePressanykey toenterDebugModewithin3secondsprompt. 3. Enteratlc. 4. WhenthestartingXMODEMuploadmessagedisplays,startXMODEMuploadof thedefaultconfiguration(rom)filetotheswitch. 5. Afterthefileuploadprocessiscomplete,enteratgotoexitfromthedebugmode. 6. Thesystemwillautomaticallyrestart.Waituntilthesystemhasrestartedbeforeyou loginagain.ThedefaultIPaddressis192.168.1.1andthedefaultpasswordis1234.
HowtoconfiguretheIPaddress? UsingtheWebConfigurator ClickBasicSetting>IPSetupinthenavigationpaneltodisplaytheconfigurationscreen.
164
ZyXEL
IsOnlineHelpavailableontheWebConfigurator? Yes.YoucanclickontheHelplinkinanywebconfiguratorscreentodisplaythehelp contentforthatscreen. HowtorestartdevicefromtheWebConfigurator? 1. ClickManagement>Maintenanceinthenavigationpaneltodisplaythescreenas shown.
2. ClickConfig1orConfig2(dependingonwhichconfigurationyouwanttoload)button nexttoRebootSystemwillrestarttheswitch.
165
ZyXEL
Howtocheckthecurrentrunningfirmwareversion? Accesstheconsoleandentertheshowsysteminformationcommand.Thiswilldisplay thefirmwareversiontheswitchiscurrentlyusing.
IstheminiGBICtransceiverhotswappable? Yes,itishotswappable.Youcanchangetransceiverswhiletheswitchisoperating. Whatis"DualPersonalityinterface"? DualPersonalityGbEinterfacemeansthatone1000BaseTCopperportandoneSFP portsharesthesamephysicalinterface.Onlyoneofthemcanbeusedatatime. DualPersonalityinterfaceisalsoknownasa"ComboPort". CanIenableIGMPsnoopingontheSwitchwhichisactingasanIGMPRouter? No.YoudonotneedtoenableIGMPSnoopingonanIGMPRouter.IGMPSnooping shouldbeenabledontheaccesslayerdevice,whichisnormallyaL2switch. CanIenableMVRandIGMPsnoopingatthesametime? Yes.
166

OLT-1308S-22: Support Notes

Enviado por

Dados do documento

Descrição original:

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

OLT-1308S-22: Support Notes

Enviado por

Direitos autorais:

Formatos disponíveis

OLT-1308S-22

8-ports Layer-2 GEPON switch

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

4. IntheFilePathfield,clickBrowsetolocatethefirmwarefile. 5. ChecktheRebootingbox. 6. ClickUpgradetostartthefirmwareupgradeprocess.

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

2. ClickClickHerelinkforLoadFactoryDefault. 3. AdialogboxpopsupwiththeAreyousureyouwanttoloadfactorydefaults? prompt.

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

ChecktheActivebox Enterthename,e.g.PON1_DS SelectthePrecedence,e.g.7 ChecktheActiveboxforClause1 SelectAlwaysmatchfortheOperatorinClause1 ChecktheActiveboxforIndex1 SelectDeleteVLANtagforActioninIndex1 SelectServiceVLANforVLANLayerinIndex1

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13.

Applyingtheupstreamrule 1. 2. GotoBasicSetting>OLTPortSetup ClickonClickhereforport01

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

Applyingtheupstreamrule 1. 2. 3. GotoBasicSetting>OLTPortSetup ClickonClickhereforport01 ClickDownstreamOLTPortRules

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

5. 6. 7. 8. 9. 10. 11. 12.

ClickAdd ChecktheActivebox EntertheName,e.g.200 EntertheVLANGroupID,e.g.200 SelectFixedforPort1 ChecktheTxTaggingboxforPort1 SelectFixedforPort11 UnchecktheTxTaggingboxforPort11

All contents copyright

2009 ZyXEL Communications Corporation.

OLT-1308S-22 Support Notes

13. ClickAdd 14. ClickVLANStatus 15. ClickIndex1

All contents copyright

2009 ZyXEL Communications Corporation.